From 1712366bac9fabd51543545615b1ba3bccdc8776 Mon Sep 17 00:00:00 2001 From: Anthony Cowley Date: Fri, 11 Nov 2016 17:29:50 -0500 Subject: apple-sdk: Include system cups libraries The SDK includes cups header files, but not the libraries. The `nixpkgs.cups` definition doesn't build on darwin due to the SDK being too old. This change symlinks the system cups libraries into the old SDK. --- pkgs/os-specific/darwin/apple-sdk/default.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'pkgs') diff --git a/pkgs/os-specific/darwin/apple-sdk/default.nix b/pkgs/os-specific/darwin/apple-sdk/default.nix index c1e09c201114..1148fe5c4a16 100644 --- a/pkgs/os-specific/darwin/apple-sdk/default.nix +++ b/pkgs/os-specific/darwin/apple-sdk/default.nix @@ -31,6 +31,10 @@ let mv System/* . rmdir System + pushd lib + ln -s -L /usr/lib/libcups*.dylib . + popd + cd Library/Frameworks/QuartzCore.framework/Versions/A/Headers for file in CI*.h; do rm $file -- cgit 1.4.1 From 4ea9f4e325fcea0d6f7c5045d1e58443b688f07b Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Thu, 8 Dec 2016 17:28:52 +0100 Subject: gnugrep: 2.25 -> 2.27 See http://lists.gnu.org/archive/html/info-gnu/2016-12/msg00004.html for release announcement. --- pkgs/tools/text/gnugrep/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/tools/text/gnugrep/default.nix b/pkgs/tools/text/gnugrep/default.nix index 3e714871827d..b9dca2e8709a 100644 --- a/pkgs/tools/text/gnugrep/default.nix +++ b/pkgs/tools/text/gnugrep/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, pcre, libiconv, perl }: -let version = "2.25"; in +let version = "2.27"; in stdenv.mkDerivation { name = "gnugrep-${version}"; src = fetchurl { url = "mirror://gnu/grep/grep-${version}.tar.xz"; - sha256 = "0c38b67cnwchwzv4wq2gpz6smkhdxrac2hhssv8f0l04qnx867p2"; + sha256 = "1syadppgpxpfhpwhhqcsibrn131azypzps5aicx1qjh74d6w8k5d"; }; # Perl is needed for testing -- cgit 1.4.1 From ff62e8a72e20b641bd7006c9cb1966d63b656735 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Fri, 9 Dec 2016 18:53:39 +0100 Subject: glib: avoid runtime reference from gtk3 Fixes #21022. Related: #15931. --- pkgs/development/libraries/glib/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/glib/default.nix b/pkgs/development/libraries/glib/default.nix index 87c511f00ddf..c7c704c641f8 100644 --- a/pkgs/development/libraries/glib/default.nix +++ b/pkgs/development/libraries/glib/default.nix @@ -99,7 +99,12 @@ stdenv.mkDerivation rec { moveToOutput "share/glib-2.0" "$dev" substituteInPlace "$dev/bin/gdbus-codegen" --replace "$out" "$dev" sed -i "$dev/bin/glib-gettextize" -e "s|^gettext_dir=.*|gettext_dir=$dev/share/glib-2.0/gettext|" - ''; + '' + # This file is *included* in gtk3 and would introduce runtime reference via __FILE__. + + '' + sed '1i#line 1 "${name}/include/glib-2.0/gobject/gobjectnotifyqueue.c"' \ + -i "$dev"/include/glib-2.0/gobject/gobjectnotifyqueue.c + ''; inherit doCheck; preCheck = optionalString doCheck -- cgit 1.4.1 From 10d9845a1a4a49f56aec3d473349511f9d95937a Mon Sep 17 00:00:00 2001 From: c0bw3b Date: Sat, 10 Dec 2016 00:36:28 +0100 Subject: nghttp2: 1.16.1 -> 1.17.0 See release notes : https://github.com/nghttp2/nghttp2/releases/tag/v1.17.0 --- pkgs/development/libraries/nghttp2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix index 080a3e35138e..a035cccda7f7 100644 --- a/pkgs/development/libraries/nghttp2/default.nix +++ b/pkgs/development/libraries/nghttp2/default.nix @@ -7,12 +7,12 @@ stdenv.mkDerivation rec { name = "nghttp2-${version}"; - version = "1.16.1"; + version = "1.17.0"; # Don't use fetchFromGitHub since this needs a bootstrap curl src = fetchurl { url = "https://github.com/nghttp2/nghttp2/releases/download/v${version}/nghttp2-${version}.tar.bz2"; - sha256 = "069pw84f8gg21npapn7y1sizwn6w35692zaq5g45gy8hdbmcl8yc"; + sha256 = "7685b6717d205d3a251b7dd5e73a7ca5e643bc5c01f928b82bfeed30c243f28a"; }; # Configure script searches for a symbol which does not exist in jemalloc on Darwin -- cgit 1.4.1 From 879a98bf27f6de6cfdc4270ac35f93e0ebdec4a7 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Sat, 10 Dec 2016 14:37:20 +0100 Subject: pythonPackages.pycairo: fix name --- pkgs/development/python-modules/pycairo/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkgs') diff --git a/pkgs/development/python-modules/pycairo/default.nix b/pkgs/development/python-modules/pycairo/default.nix index 23e06ff4cb4e..e7cf3b4c4489 100644 --- a/pkgs/development/python-modules/pycairo/default.nix +++ b/pkgs/development/python-modules/pycairo/default.nix @@ -2,7 +2,7 @@ if (isPyPy) then throw "pycairo not supported for interpreter ${python.executable}" else mkPythonDerivation rec { version = "1.10.0"; - name = "${python.libPrefix}-pycairo-${version}"; + name = "pycairo-${version}"; src = if isPy3k then fetchurl { url = "http://cairographics.org/releases/pycairo-${version}.tar.bz2"; -- cgit 1.4.1 From af220f2a7a14e804885150e1a62cd29efc87498e Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Sat, 10 Dec 2016 15:22:52 +0100 Subject: cairo: maintenance 1.14.6 -> 1.14.8 --- pkgs/development/libraries/cairo/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/cairo/default.nix b/pkgs/development/libraries/cairo/default.nix index 71aa1874951f..5d201c52312f 100644 --- a/pkgs/development/libraries/cairo/default.nix +++ b/pkgs/development/libraries/cairo/default.nix @@ -12,11 +12,11 @@ assert glSupport -> mesa_noglu != null; with { inherit (stdenv.lib) optional optionals; }; stdenv.mkDerivation rec { - name = "cairo-1.14.6"; + name = "cairo-1.14.8"; src = fetchurl { url = "http://cairographics.org/releases/${name}.tar.xz"; - sha256 = "0lmjlzmghmr27y615px9hkm552x7ap6pmq9mfbzr6smp8y2b6g31"; + sha1 = "c6f7b99986f93c9df78653c3e6a3b5043f65145e"; }; infinality = fetchFromGitHub { -- cgit 1.4.1 From c3d20b2e43467fa669b51ca596d538fb0a613936 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Sat, 10 Dec 2016 15:28:51 +0100 Subject: gtk3: maintenance 3.22.4 -> 3.22.5 --- pkgs/development/libraries/gtk+/3.x.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/gtk+/3.x.nix b/pkgs/development/libraries/gtk+/3.x.nix index b50264f3a02a..1b938215d176 100644 --- a/pkgs/development/libraries/gtk+/3.x.nix +++ b/pkgs/development/libraries/gtk+/3.x.nix @@ -13,7 +13,7 @@ with stdenv.lib; let ver_maj = "3.22"; - ver_min = "4"; + ver_min = "5"; version = "${ver_maj}.${ver_min}"; in stdenv.mkDerivation rec { @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/gtk+/${ver_maj}/gtk+-${version}.tar.xz"; - sha256 = "0zrq3wq4x0vcrzapps0608d5ywcrwk9xb2rmg32h2g8kzvyad53h"; + sha256 = "693fa0ac643c59ccd51db99cabe476b4e0a41fd4f0c3c8b3e3ef38f94b2e7334"; }; outputs = [ "out" "dev" ]; -- cgit 1.4.1 From a3dbada1077fc124928e13dcddd4f4f2fcac66d4 Mon Sep 17 00:00:00 2001 From: Daiderd Jordan Date: Sat, 10 Dec 2016 18:57:09 +0100 Subject: wxmac: fix build with clang-3.8 --- pkgs/development/libraries/wxmac/default.nix | 47 +++++++++++++++++++--- pkgs/development/libraries/wxmac/wx.patch | 59 ---------------------------- pkgs/top-level/all-packages.nix | 2 +- 3 files changed, 42 insertions(+), 66 deletions(-) delete mode 100644 pkgs/development/libraries/wxmac/wx.patch (limited to 'pkgs') diff --git a/pkgs/development/libraries/wxmac/default.nix b/pkgs/development/libraries/wxmac/default.nix index e5d680501f00..f4e714248338 100644 --- a/pkgs/development/libraries/wxmac/default.nix +++ b/pkgs/development/libraries/wxmac/default.nix @@ -1,7 +1,7 @@ -{ stdenv, fetchurl -, expat, libiconv, libjpeg, libpng, libtiff, zlib -, setfile, rez, derez -, AGL, Cocoa, Kernel, QuickTime +{ stdenv, fetchurl, fetchpatch, expat, libiconv, libjpeg, libpng, libtiff, zlib +# darwin only attributes +, derez, rez, setfile +, AGL, Cocoa, Kernel }: with stdenv.lib; @@ -15,11 +15,46 @@ stdenv.mkDerivation rec { sha256 = "346879dc554f3ab8d6da2704f651ecb504a22e9d31c17ef5449b129ed711585d"; }; - patches = [ ./wx.patch ]; + patches = + [ # Use std::abs() from instead of abs() from to avoid problems + # with abiguous overloads for clang-3.8 and gcc6. + (fetchpatch { + name = "patch-stc-abs.diff"; + url = https://github.com/wxWidgets/wxWidgets/commit/73e9e18ea09ffffcaac50237def0d9728a213c02.patch; + sha256 = "0w5whmfzm8waw62jmippming0zffa9064m5b3aw5nixph21rlcvq"; + }) + + # Various fixes related to Yosemite. Revisit in next stable release. + # Please keep an eye on http://trac.wxwidgets.org/ticket/16329 as well + # Theoretically the above linked patch should still be needed, but it isn't. + # Try to find out why. + (fetchpatch { + name = "patch-yosemite.diff"; + url = https://raw.githubusercontent.com/Homebrew/formula-patches/bbf4995/wxmac/patch-yosemite.diff; + sha256 = "0ss66z2a79v976mvlrskyj1zmkyaz8hbwm98p29bscfvcx5845jb"; + }) + + # Remove uncenessary includes + # http://trac.wxwidgets.org/changeset/f6a2d1caef5c6d412c84aa900cb0d3990b350938/git-wxWidgets + (fetchpatch { + name = "patch-quicktime-removal.diff"; + url = https://raw.githubusercontent.com/Homebrew/formula-patches/bbf4995/wxmac/patch-quicktime-removal.diff; + sha256 = "0mzvdk8r70p9s1wj7qzdsqmdrlxlf2dalh9gqs8xjkqq2666yp0y"; + }) + + # Patch for wxOSXPrintData, custom paper not applied + # http://trac.wxwidgets.org/ticket/16959 + (fetchpatch { + name = "wxPaperCustomPatch.patch"; + url = http://trac.wxwidgets.org/raw-attachment/ticket/16959/wxPaperCustomPatch.patch; + sha256 = "0xgscv86f8dhggn9n8bhlq9wlj3ydsicgy9v35sraxyma18cbjvl"; + }) + ]; buildInputs = [ expat libiconv libjpeg libpng libtiff zlib - Cocoa Kernel QuickTime setfile rez derez + derez rez setfile + Cocoa Kernel ]; propagatedBuildInputs = [ AGL ]; diff --git a/pkgs/development/libraries/wxmac/wx.patch b/pkgs/development/libraries/wxmac/wx.patch deleted file mode 100644 index 622e22d1fdb4..000000000000 --- a/pkgs/development/libraries/wxmac/wx.patch +++ /dev/null @@ -1,59 +0,0 @@ -diff --git a/include/wx/defs.h b/include/wx/defs.h -index 397ddd7..d128083 100644 ---- a/include/wx/defs.h -+++ b/include/wx/defs.h -@@ -3169,12 +3169,20 @@ DECLARE_WXCOCOA_OBJC_CLASS(UIImage); - DECLARE_WXCOCOA_OBJC_CLASS(UIEvent); - DECLARE_WXCOCOA_OBJC_CLASS(NSSet); - DECLARE_WXCOCOA_OBJC_CLASS(EAGLContext); -+DECLARE_WXCOCOA_OBJC_CLASS(UIWebView); - - typedef WX_UIWindow WXWindow; - typedef WX_UIView WXWidget; - typedef WX_EAGLContext WXGLContext; - typedef WX_NSString* WXGLPixelFormat; - -+typedef WX_UIWebView OSXWebViewPtr; -+ -+#endif -+ -+#if wxOSX_USE_COCOA_OR_CARBON -+DECLARE_WXCOCOA_OBJC_CLASS(WebView); -+typedef WX_WebView OSXWebViewPtr; - #endif - - #endif /* __WXMAC__ */ -diff --git a/include/wx/html/webkit.h b/include/wx/html/webkit.h -index 8700367..f805099 100644 ---- a/include/wx/html/webkit.h -+++ b/include/wx/html/webkit.h -@@ -18,7 +18,6 @@ - #endif - - #include "wx/control.h" --DECLARE_WXCOCOA_OBJC_CLASS(WebView); - - // ---------------------------------------------------------------------------- - // Web Kit Control -@@ -107,7 +106,7 @@ private: - wxString m_currentURL; - wxString m_pageTitle; - -- WX_WebView m_webView; -+ OSXWebViewPtr m_webView; - - // we may use this later to setup our own mouse events, - // so leave it in for now. -diff --git a/include/wx/osx/webview_webkit.h b/include/wx/osx/webview_webkit.h -index 803f8b0..438e532 100644 ---- a/include/wx/osx/webview_webkit.h -+++ b/include/wx/osx/webview_webkit.h -@@ -158,7 +158,7 @@ private: - wxWindowID m_windowID; - wxString m_pageTitle; - -- wxObjCID m_webView; -+ OSXWebViewPtr m_webView; - - // we may use this later to setup our own mouse events, - // so leave it in for now. diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e8b7341cd399..c18b2f4539d2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9612,7 +9612,7 @@ in }; wxmac = callPackage ../development/libraries/wxmac { - inherit (darwin.apple_sdk.frameworks) AGL Cocoa Kernel QuickTime; + inherit (darwin.apple_sdk.frameworks) AGL Cocoa Kernel; inherit (darwin.stubs) setfile rez derez; }; -- cgit 1.4.1 From 105fead2aab8e4bfcd84dbf456667751f83f07d4 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Sun, 11 Dec 2016 17:50:28 +0100 Subject: nghttp2 cleanup: unneeded patching, unused inputs Suggested on https://github.com/NixOS/nixpkgs/pull/21029#issuecomment-266290756 --- pkgs/development/libraries/nghttp2/default.nix | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix index a035cccda7f7..f7a026c52d46 100644 --- a/pkgs/development/libraries/nghttp2/default.nix +++ b/pkgs/development/libraries/nghttp2/default.nix @@ -1,8 +1,8 @@ { stdenv, fetchurl, pkgconfig # Optional Dependencies -, openssl ? null, libev ? null, zlib ? null, jansson ? null, boost ? null -, libxml2 ? null, jemalloc ? null +, openssl ? null, libev ? null, zlib ? null +#, jansson ? null, boost ? null, libxml2 ? null, jemalloc ? null }: stdenv.mkDerivation rec { @@ -15,12 +15,6 @@ stdenv.mkDerivation rec { sha256 = "7685b6717d205d3a251b7dd5e73a7ca5e643bc5c01f928b82bfeed30c243f28a"; }; - # Configure script searches for a symbol which does not exist in jemalloc on Darwin - # Reported upstream in https://github.com/tatsuhiro-t/nghttp2/issues/233 - postPatch = if stdenv.isDarwin && jemalloc != null then '' - substituteInPlace configure --replace "malloc_stats_print" "je_malloc_stats_print" - '' else null; - outputs = [ "out" "dev" "lib" ]; nativeBuildInputs = [ pkgconfig ]; -- cgit 1.4.1 From 1626b1b652982363c9102343ee4100b513bb3cbf Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Fri, 9 Dec 2016 15:47:12 +0100 Subject: json_glib: use multiple outputs --- pkgs/development/libraries/json-glib/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pkgs') diff --git a/pkgs/development/libraries/json-glib/default.nix b/pkgs/development/libraries/json-glib/default.nix index 9505192ef8ab..9d434c088bad 100644 --- a/pkgs/development/libraries/json-glib/default.nix +++ b/pkgs/development/libraries/json-glib/default.nix @@ -17,6 +17,8 @@ stdenv.mkDerivation rec { NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isDarwin "-lintl"; + outputs = [ "out" "dev" ]; + meta = with stdenv.lib; { homepage = http://live.gnome.org/JsonGlib; description = "A library providing (de)serialization support for the JavaScript Object Notation (JSON) format"; -- cgit 1.4.1 From 8a43550e9008644b503a1cb985e0e991cd9044b2 Mon Sep 17 00:00:00 2001 From: Daiderd Jordan Date: Thu, 15 Dec 2016 15:35:17 +0100 Subject: aws-sdk-cpp: Enable on Darwin systems This (re)reverts commit ef65353c73bccbedb60603725ca230fd1d4fc2ae. --- pkgs/development/libraries/aws-sdk-cpp/default.nix | 2 +- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/aws-sdk-cpp/default.nix b/pkgs/development/libraries/aws-sdk-cpp/default.nix index d5d7371aebf3..755b98ad32d7 100644 --- a/pkgs/development/libraries/aws-sdk-cpp/default.nix +++ b/pkgs/development/libraries/aws-sdk-cpp/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation rec { description = "A C++ interface for Amazon Web Services"; homepage = https://github.com/awslabs/aws-sdk-cpp; license = lib.licenses.asl20; - platforms = lib.platforms.linux; + platforms = lib.platforms.unix; maintainers = [ lib.maintainers.eelco ]; }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c18b2f4539d2..f2560d778ce4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10748,7 +10748,7 @@ in }) else if stdenv.isLinux then utillinuxMinimal - else null; + else libossp_uuid; light = callPackage ../os-specific/linux/light { }; -- cgit 1.4.1 From 0e64be20b7734d49a2aa4db0617febcf81da25a4 Mon Sep 17 00:00:00 2001 From: Daiderd Jordan Date: Thu, 15 Dec 2016 21:10:08 +0100 Subject: Revert "aws-sdk-cpp: Enable on Darwin systems" This reverts commit 8a43550e9008644b503a1cb985e0e991cd9044b2. --- pkgs/development/libraries/aws-sdk-cpp/default.nix | 2 +- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/aws-sdk-cpp/default.nix b/pkgs/development/libraries/aws-sdk-cpp/default.nix index 755b98ad32d7..d5d7371aebf3 100644 --- a/pkgs/development/libraries/aws-sdk-cpp/default.nix +++ b/pkgs/development/libraries/aws-sdk-cpp/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation rec { description = "A C++ interface for Amazon Web Services"; homepage = https://github.com/awslabs/aws-sdk-cpp; license = lib.licenses.asl20; - platforms = lib.platforms.unix; + platforms = lib.platforms.linux; maintainers = [ lib.maintainers.eelco ]; }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f2560d778ce4..c18b2f4539d2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10748,7 +10748,7 @@ in }) else if stdenv.isLinux then utillinuxMinimal - else libossp_uuid; + else null; light = callPackage ../os-specific/linux/light { }; -- cgit 1.4.1 From a01a5ed925552fcd7df113ce043d936f11f418b3 Mon Sep 17 00:00:00 2001 From: Daiderd Jordan Date: Thu, 15 Dec 2016 10:54:44 +0100 Subject: darwin.libunwind: fix source Fixes #20977 since this was the same sha as the linux package nix just used that instead. --- pkgs/os-specific/darwin/apple-source-releases/default.nix | 2 +- pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'pkgs') diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 69dc22836453..c245a790695c 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -220,7 +220,7 @@ let libresolv = applePackage "libresolv" "osx-10.11.6" "09flfdi3dlzq0yap32sxidacpc4nn4va7z12a6viip21ix2xb2gf" {}; Libsystem = applePackage "Libsystem" "osx-10.11.6" "1nfkmbqml587v2s1d1y2s2v8nmr577jvk51y6vqrfvsrhdhc2w94" {}; libutil = applePackage "libutil" "osx-10.11.6" "1gmgmcyqdyc684ih7dimdmxdljnq7mzjy5iqbf589wc0pa8h5abm" {}; - libunwind = applePackage "libunwind" "osx-10.11.6" "16nhx2pahh9d62mvszc88q226q5lwjankij276fxwrm8wb50zzlx" {}; + libunwind = applePackage "libunwind" "osx-10.11.6" "0miffaa41cv0lzf8az5k1j1ng8jvqvxcr4qrlkf3xyj479arbk1b" {}; mDNSResponder = applePackage "mDNSResponder" "osx-10.11.6" "069incq28a78yh1bnr17h9cd5if5mwqpq8ahnkyxxx25fkaxgzcf" {}; objc4 = applePackage "objc4" "osx-10.11.6" "00b7vbgxni8frrqyi69b4njjihlwydzjd9zj9x4z5dbx8jabkvrj" {}; ppp = applePackage "ppp" "osx-10.11.6" "1dql6r1v0vbcs04958nn2i6p31yfsxyy51jca63bm5mf0gxalk3f" {}; diff --git a/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix index 81a45d99a86e..b4b2b6858952 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix @@ -1,15 +1,16 @@ { stdenv, appleDerivation, dyld, osx_private_sdk }: appleDerivation { - phases = [ "unpackPhase" "installPhase" ]; + buildPhase = ":"; + # install headers only installPhase = '' mkdir -p $out/lib cp -R include $out/include ''; meta = with stdenv.lib; { - maintainers = with maintainers; [ copumpkin ]; + maintainers = with maintainers; [ copumpkin lnl7 ]; platforms = platforms.darwin; license = licenses.apsl20; }; -- cgit 1.4.1 From d12e540739a773319bbedf7714f3c482dedf39a1 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Fri, 16 Dec 2016 07:26:00 -0200 Subject: pythonPackages.docutils: 0.12 -> 0.13.1 --- pkgs/top-level/python-packages.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'pkgs') diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 31745e5380ac..e0bc4f1c2bff 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -10631,11 +10631,12 @@ in { docutils = buildPythonPackage rec { - name = "docutils-0.12"; + name = "docutils-${version}"; + version = "0.13.1"; src = pkgs.fetchurl { url = "mirror://sourceforge/docutils/${name}.tar.gz"; - sha256 = "c7db717810ab6965f66c8cf0398a98c9d8df982da39b4cd7f162911eb89596fa"; + sha256 = "1gkma47i609jfs7dssxn4y9vsz06qi0l5q41nws0zgkpnrghz33i"; }; # error: invalid command 'test' @@ -10644,7 +10645,7 @@ in { meta = { description = "An open-source text processing system for processing plaintext documentation into useful formats, such as HTML or LaTeX"; homepage = http://docutils.sourceforge.net/; - maintainers = with maintainers; [ garbas ]; + maintainers = with maintainers; [ garbas AndersonTorres ]; }; }; -- cgit 1.4.1 From 3a0f1975b09c4e0c7c68e4231b5c988a34af1ac5 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Sat, 17 Dec 2016 20:29:40 +0100 Subject: Revert "Revert "Merge pull request #21234 from l2dy/coreutils-up"" This reverts commit ffb90e8c4fc0c8ed2d0fb817e5dafbded1c5a6c8. This moves the coreutils update from master. --- pkgs/tools/misc/coreutils/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index 8f09a677b8e9..ec6be06ede37 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -13,11 +13,11 @@ with lib; let self = stdenv.mkDerivation rec { - name = "coreutils-8.25"; + name = "coreutils-8.26"; src = fetchurl { url = "mirror://gnu/coreutils/${name}.tar.xz"; - sha256 = "11yfrnb94xzmvi4lhclkcmkqsbhww64wf234ya1aacjvg82prrii"; + sha256 = "13lspazc7xkviy93qz7ks9jv4sldvgmwpq36ghrbrqpq93br8phm"; }; # FIXME needs gcc 4.9 in bootstrap tools -- cgit 1.4.1 From ec4d73573ae944611346bef8d769994b3bc1ec41 Mon Sep 17 00:00:00 2001 From: Aristid Breitkreuz Date: Tue, 20 Dec 2016 14:16:27 +0100 Subject: boost: default version 1.62.0 --- pkgs/top-level/all-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkgs') diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d6e770ac4044..34431f8de6ea 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6732,7 +6732,7 @@ in boost159 = callPackage ../development/libraries/boost/1.59.nix { }; boost160 = callPackage ../development/libraries/boost/1.60.nix { }; boost162 = callPackage ../development/libraries/boost/1.62.nix { }; - boost = boost160; + boost = boost162; boost_process = callPackage ../development/libraries/boost-process { }; -- cgit 1.4.1 From 76c4b5fcca06441e00e1d27d44f3a601915f8d66 Mon Sep 17 00:00:00 2001 From: Aristid Breitkreuz Date: Tue, 20 Dec 2016 16:20:08 +0100 Subject: cmake: 3.6.2 -> 3.7.1 --- pkgs/development/tools/build-managers/cmake/default.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/tools/build-managers/cmake/default.nix b/pkgs/development/tools/build-managers/cmake/default.nix index 1e4bacb07254..fbc6f5be5ca8 100644 --- a/pkgs/development/tools/build-managers/cmake/default.nix +++ b/pkgs/development/tools/build-managers/cmake/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig -, bzip2, curl, expat, libarchive, xz, zlib +, bzip2, curl, expat, libarchive, xz, zlib, libuv , useNcurses ? false, ncurses, useQt4 ? false, qt4 , wantPS ? false, ps ? null }: @@ -12,8 +12,8 @@ assert stdenv.cc ? libc; let os = stdenv.lib.optionalString; - majorVersion = "3.6"; - minorVersion = "2"; + majorVersion = "3.7"; + minorVersion = "1"; version = "${majorVersion}.${minorVersion}"; in @@ -24,7 +24,8 @@ stdenv.mkDerivation rec { src = fetchurl { url = "${meta.homepage}files/v${majorVersion}/cmake-${version}.tar.gz"; - sha256 = "0imkz04ncz6cv5659qfd4scm99k3siq7zrrsa8pvp663d8mf76hq"; + # from https://cmake.org/files/v3.7/cmake-3.7.1-SHA-256.txt + sha256 = "449a5bce64dbd4d5b9517ebd1a1248ed197add6ad27934478976fd5f1f9330e1"; }; # Don't search in non-Nix locations such as /usr, but do search in our libc. @@ -37,7 +38,7 @@ stdenv.mkDerivation rec { setupHook = ./setup-hook.sh; buildInputs = - [ setupHook pkgconfig bzip2 curl expat libarchive xz zlib ] + [ setupHook pkgconfig bzip2 curl expat libarchive xz zlib libuv ] ++ optional useNcurses ncurses ++ optional useQt4 qt4; -- cgit 1.4.1 From 8a5fb68b0cdd235f7cd930a25075c96fd356976c Mon Sep 17 00:00:00 2001 From: Aristid Breitkreuz Date: Tue, 20 Dec 2016 16:53:32 +0100 Subject: mariadb: use latest boost --- pkgs/top-level/all-packages.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'pkgs') diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 34431f8de6ea..72355e8a7e42 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10289,7 +10289,6 @@ in mariadb = callPackage ../servers/sql/mariadb { inherit (darwin) cctools; inherit (pkgs.darwin.apple_sdk.frameworks) CoreServices; - boost = boost159; }; mongodb = callPackage ../servers/nosql/mongodb { -- cgit 1.4.1 From a60500ce7028a1888aa2e367cf69c53dd93e01b6 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 20 Dec 2016 17:59:33 +0300 Subject: cyrus_sasl: 2.1.26 -> 2.5.10 --- pkgs/development/libraries/cyrus-sasl/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/cyrus-sasl/default.nix b/pkgs/development/libraries/cyrus-sasl/default.nix index 5bbfd6e375ef..05eb575547d2 100644 --- a/pkgs/development/libraries/cyrus-sasl/default.nix +++ b/pkgs/development/libraries/cyrus-sasl/default.nix @@ -2,7 +2,8 @@ with stdenv.lib; stdenv.mkDerivation rec { - name = "cyrus-sasl-2.1.26${optionalString (kerberos == null) "-without-kerberos"}"; + name = "cyrus-sasl-${version}${optionalString (kerberos == null) "-without-kerberos"}"; + version = "2.5.10"; src = fetchurl { url = "ftp://ftp.cyrusimap.org/cyrus-sasl/${name}.tar.gz"; -- cgit 1.4.1 From f84344ed41ec43319d08a396b42c7a35d9154544 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 20 Dec 2016 17:59:51 +0300 Subject: libkrb5: 1.14.3 -> 1.15 --- pkgs/development/libraries/kerberos/krb5.nix | 9 +++-- .../libraries/kerberos/path_char_fix.patch | 38 ---------------------- 2 files changed, 4 insertions(+), 43 deletions(-) delete mode 100644 pkgs/development/libraries/kerberos/path_char_fix.patch (limited to 'pkgs') diff --git a/pkgs/development/libraries/kerberos/krb5.nix b/pkgs/development/libraries/kerberos/krb5.nix index 8fda2b7e5843..1b8c274c4574 100644 --- a/pkgs/development/libraries/kerberos/krb5.nix +++ b/pkgs/development/libraries/kerberos/krb5.nix @@ -11,11 +11,12 @@ in with stdenv.lib; stdenv.mkDerivation rec { name = "${type}krb5-${version}"; - version = "1.14.3"; + majorVersion = "1.15"; + version = "${majorVersion}"; src = fetchurl { - url = "${meta.homepage}dist/krb5/1.14/krb5-${version}.tar.gz"; - sha256 = "1jgjiyh1sp72lkxvk437lz5hzcibvw99jc4ihzfz03fg43aj0ind"; + url = "${meta.homepage}dist/krb5/${majorVersion}/krb5-${version}.tar.gz"; + sha256 = "0z0jxm6ppbxi9anv2h12nrb5lpwl95f96kw6dx7sn268fhkpad7x"; }; configureFlags = optional stdenv.isFreeBSD ''WARN_CFLAGS=""''; @@ -26,8 +27,6 @@ stdenv.mkDerivation rec { buildInputs = [ openssl ] ++ optionals (!libOnly) [ openldap libedit ]; - patches = [ ./path_char_fix.patch ]; - preConfigure = "cd ./src"; buildPhase = optionalString libOnly '' diff --git a/pkgs/development/libraries/kerberos/path_char_fix.patch b/pkgs/development/libraries/kerberos/path_char_fix.patch deleted file mode 100644 index 2a6dc4c11c37..000000000000 --- a/pkgs/development/libraries/kerberos/path_char_fix.patch +++ /dev/null @@ -1,38 +0,0 @@ -See https://github.com/krb5/krb5/pull/467 -diff --git a/src/include/Makefile.in b/src/include/Makefile.in -index 4bb11e4..cb4b44b 100644 ---- a/src/include/Makefile.in -+++ b/src/include/Makefile.in -@@ -57,19 +57,19 @@ SBINDIR = @sbindir@ - LIBDIR = @libdir@ - SYSCONFCONF = @SYSCONFCONF@ - --PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(KRB5RCTMPDIR)+" \ -- -e "s+@PREFIX+$(INSTALL_PREFIX)+" \ -- -e "s+@EXEC_PREFIX+$(INSTALL_EXEC_PREFIX)+" \ -- -e "s+@BINDIR+$(BINDIR)+" \ -- -e "s+@LIBDIR+$(LIBDIR)+" \ -- -e "s+@SBINDIR+$(SBINDIR)+" \ -- -e "s+@MODULEDIR+$(MODULE_DIR)+" \ -- -e "s+@GSSMODULEDIR+$(GSS_MODULE_DIR)+" \ -- -e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \ -- -e 's+@RUNSTATEDIR+$(RUNSTATEDIR)+' \ -- -e 's+@SYSCONFDIR+$(SYSCONFDIR)+' \ -- -e 's+@DYNOBJEXT+$(DYNOBJEXT)+' \ -- -e 's+@SYSCONFCONF+$(SYSCONFCONF)+' -+PROCESS_REPLACE = -e "s\"@KRB5RCTMPDIR\"$(KRB5RCTMPDIR)\"" \ -+ -e "s\"@PREFIX\"$(INSTALL_PREFIX)\"" \ -+ -e "s\"@EXEC_PREFIX\"$(INSTALL_EXEC_PREFIX)\"" \ -+ -e "s\"@BINDIR\"$(BINDIR)\"" \ -+ -e "s\"@LIBDIR\"$(LIBDIR)\"" \ -+ -e "s\"@SBINDIR\"$(SBINDIR)\"" \ -+ -e "s\"@MODULEDIR\"$(MODULE_DIR)\"" \ -+ -e "s\"@GSSMODULEDIR\"$(GSS_MODULE_DIR)\"" \ -+ -e "s\"@LOCALSTATEDIR\"$(LOCALSTATEDIR)\"" \ -+ -e "s\"@RUNSTATEDIR\"$(RUNSTATEDIR)\"" \ -+ -e "s\"@SYSCONFDIR\"$(SYSCONFDIR)\"" \ -+ -e "s\"@DYNOBJEXT\"$(DYNOBJEXT)\"" \ -+ -e "s\"@SYSCONFCONF\"$(SYSCONFCONF)\"" - - OSCONFSRC = $(srcdir)/osconf.hin - -- cgit 1.4.1 From b0a1028a1a18932aced53f36f0a80a3a213f91e4 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 20 Dec 2016 18:00:04 +0300 Subject: samba4: 4.4.6 -> 4.5.3 --- pkgs/servers/samba/4.x.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs') diff --git a/pkgs/servers/samba/4.x.nix b/pkgs/servers/samba/4.x.nix index 2dfdf3709ee5..51bee4f0b4c9 100644 --- a/pkgs/servers/samba/4.x.nix +++ b/pkgs/servers/samba/4.x.nix @@ -19,11 +19,11 @@ with lib; stdenv.mkDerivation rec { name = "samba-${version}"; - version = "4.4.6"; + version = "4.5.3"; src = fetchurl { url = "mirror://samba/pub/samba/stable/${name}.tar.gz"; - sha256 = "1361ijz7vpgf66w3j9z7qb37rnlrydxw01ibjnfhjqqcb7fj7i1p"; + sha256 = "1jif95684swssqwp9v3i2r08cn3r2iddf6ly68db4wmvl5ac8vgh"; }; outputs = [ "out" "dev" "man" ]; -- cgit 1.4.1 From 41f55691a96ca4f37a87c8659884edf19b2c8446 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 21 Dec 2016 17:12:05 -0500 Subject: zlib: patch for CVE-2016-9840, CVE-2016-9841, CVE-9842, CVE-9843 --- .../development/libraries/zlib/CVE-2016-9840.patch | 71 +++++++ .../development/libraries/zlib/CVE-2016-9841.patch | 224 +++++++++++++++++++++ .../development/libraries/zlib/CVE-2016-9842.patch | 29 +++ .../development/libraries/zlib/CVE-2016-9843.patch | 49 +++++ pkgs/development/libraries/zlib/default.nix | 8 +- 5 files changed, 380 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/libraries/zlib/CVE-2016-9840.patch create mode 100644 pkgs/development/libraries/zlib/CVE-2016-9841.patch create mode 100644 pkgs/development/libraries/zlib/CVE-2016-9842.patch create mode 100644 pkgs/development/libraries/zlib/CVE-2016-9843.patch (limited to 'pkgs') diff --git a/pkgs/development/libraries/zlib/CVE-2016-9840.patch b/pkgs/development/libraries/zlib/CVE-2016-9840.patch new file mode 100644 index 000000000000..a8b84ff84132 --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9840.patch @@ -0,0 +1,71 @@ +From 6a043145ca6e9c55184013841a67b2fef87e44c0 Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Wed, 21 Sep 2016 23:35:50 -0700 +Subject: [PATCH] Remove offset pointer optimization in inftrees.c. + +inftrees.c was subtracting an offset from a pointer to an array, +in order to provide a pointer that allowed indexing starting at +the offset. This is not compliant with the C standard, for which +the behavior of a pointer decremented before its allocated memory +is undefined. Per the recommendation of a security audit of the +zlib code by Trail of Bits and TrustInSoft, in support of the +Mozilla Foundation, this tiny optimization was removed, in order +to avoid the possibility of undefined behavior. +--- + inftrees.c | 18 ++++++++---------- + 1 file changed, 8 insertions(+), 10 deletions(-) + +diff --git a/inftrees.c b/inftrees.c +index 22fcd66..0d2670d 100644 +--- a/inftrees.c ++++ b/inftrees.c +@@ -54,7 +54,7 @@ unsigned short FAR *work; + code FAR *next; /* next available space in table */ + const unsigned short FAR *base; /* base value table to use */ + const unsigned short FAR *extra; /* extra bits table to use */ +- int end; /* use base and extra for symbol > end */ ++ unsigned match; /* use base and extra for symbol >= match */ + unsigned short count[MAXBITS+1]; /* number of codes of each length */ + unsigned short offs[MAXBITS+1]; /* offsets in table for each length */ + static const unsigned short lbase[31] = { /* Length codes 257..285 base */ +@@ -181,19 +181,17 @@ unsigned short FAR *work; + switch (type) { + case CODES: + base = extra = work; /* dummy value--not used */ +- end = 19; ++ match = 20; + break; + case LENS: + base = lbase; +- base -= 257; + extra = lext; +- extra -= 257; +- end = 256; ++ match = 257; + break; + default: /* DISTS */ + base = dbase; + extra = dext; +- end = -1; ++ match = 0; + } + + /* initialize state for loop */ +@@ -216,13 +214,13 @@ unsigned short FAR *work; + for (;;) { + /* create table entry */ + here.bits = (unsigned char)(len - drop); +- if ((int)(work[sym]) < end) { ++ if (work[sym] + 1 < match) { + here.op = (unsigned char)0; + here.val = work[sym]; + } +- else if ((int)(work[sym]) > end) { +- here.op = (unsigned char)(extra[work[sym]]); +- here.val = base[work[sym]]; ++ else if (work[sym] >= match) { ++ here.op = (unsigned char)(extra[work[sym] - match]); ++ here.val = base[work[sym] - match]; + } + else { + here.op = (unsigned char)(32 + 64); /* end of block */ diff --git a/pkgs/development/libraries/zlib/CVE-2016-9841.patch b/pkgs/development/libraries/zlib/CVE-2016-9841.patch new file mode 100644 index 000000000000..e350b3d96423 --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9841.patch @@ -0,0 +1,224 @@ +From 9aaec95e82117c1cb0f9624264c3618fc380cecb Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Wed, 21 Sep 2016 22:25:21 -0700 +Subject: [PATCH] Use post-increment only in inffast.c. + +An old inffast.c optimization turns out to not be optimal anymore +with modern compilers, and furthermore was not compliant with the +C standard, for which decrementing a pointer before its allocated +memory is undefined. Per the recommendation of a security audit of +the zlib code by Trail of Bits and TrustInSoft, in support of the +Mozilla Foundation, this "optimization" was removed, in order to +avoid the possibility of undefined behavior. +--- + inffast.c | 81 ++++++++++++++++++++++++--------------------------------------- + 1 file changed, 31 insertions(+), 50 deletions(-) + +diff --git a/inffast.c b/inffast.c +index bda59ce..f0d163d 100644 +--- a/inffast.c ++++ b/inffast.c +@@ -10,25 +10,6 @@ + + #ifndef ASMINF + +-/* Allow machine dependent optimization for post-increment or pre-increment. +- Based on testing to date, +- Pre-increment preferred for: +- - PowerPC G3 (Adler) +- - MIPS R5000 (Randers-Pehrson) +- Post-increment preferred for: +- - none +- No measurable difference: +- - Pentium III (Anderson) +- - M68060 (Nikl) +- */ +-#ifdef POSTINC +-# define OFF 0 +-# define PUP(a) *(a)++ +-#else +-# define OFF 1 +-# define PUP(a) *++(a) +-#endif +- + /* + Decode literal, length, and distance codes and write out the resulting + literal and match bytes until either not enough input or output is +@@ -96,9 +77,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + + /* copy state to local variables */ + state = (struct inflate_state FAR *)strm->state; +- in = strm->next_in - OFF; ++ in = strm->next_in; + last = in + (strm->avail_in - 5); +- out = strm->next_out - OFF; ++ out = strm->next_out; + beg = out - (start - strm->avail_out); + end = out + (strm->avail_out - 257); + #ifdef INFLATE_STRICT +@@ -119,9 +100,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + input data or output space */ + do { + if (bits < 15) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + here = lcode[hold & lmask]; +@@ -134,14 +115,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ? + "inflate: literal '%c'\n" : + "inflate: literal 0x%02x\n", here.val)); +- PUP(out) = (unsigned char)(here.val); ++ *out++ = (unsigned char)(here.val); + } + else if (op & 16) { /* length base */ + len = (unsigned)(here.val); + op &= 15; /* number of extra bits */ + if (op) { + if (bits < op) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + len += (unsigned)hold & ((1U << op) - 1); +@@ -150,9 +131,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + } + Tracevv((stderr, "inflate: length %u\n", len)); + if (bits < 15) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + here = dcode[hold & dmask]; +@@ -165,10 +146,10 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + dist = (unsigned)(here.val); + op &= 15; /* number of extra bits */ + if (bits < op) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + if (bits < op) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + } +@@ -196,30 +177,30 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + #ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR + if (len <= op - whave) { + do { +- PUP(out) = 0; ++ *out++ = 0; + } while (--len); + continue; + } + len -= op - whave; + do { +- PUP(out) = 0; ++ *out++ = 0; + } while (--op > whave); + if (op == 0) { + from = out - dist; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--len); + continue; + } + #endif + } +- from = window - OFF; ++ from = window; + if (wnext == 0) { /* very common case */ + from += wsize - op; + if (op < len) { /* some from window */ + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); + from = out - dist; /* rest from output */ + } +@@ -230,14 +211,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + if (op < len) { /* some from end of window */ + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); +- from = window - OFF; ++ from = window; + if (wnext < len) { /* some from start of window */ + op = wnext; + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); + from = out - dist; /* rest from output */ + } +@@ -248,35 +229,35 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + if (op < len) { /* some from window */ + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); + from = out - dist; /* rest from output */ + } + } + while (len > 2) { +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); ++ *out++ = *from++; ++ *out++ = *from++; ++ *out++ = *from++; + len -= 3; + } + if (len) { +- PUP(out) = PUP(from); ++ *out++ = *from++; + if (len > 1) +- PUP(out) = PUP(from); ++ *out++ = *from++; + } + } + else { + from = out - dist; /* copy direct from output */ + do { /* minimum length is three */ +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); ++ *out++ = *from++; ++ *out++ = *from++; ++ *out++ = *from++; + len -= 3; + } while (len > 2); + if (len) { +- PUP(out) = PUP(from); ++ *out++ = *from++; + if (len > 1) +- PUP(out) = PUP(from); ++ *out++ = *from++; + } + } + } +@@ -313,8 +294,8 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + hold &= (1U << bits) - 1; + + /* update state and return */ +- strm->next_in = in + OFF; +- strm->next_out = out + OFF; ++ strm->next_in = in; ++ strm->next_out = out; + strm->avail_in = (unsigned)(in < last ? 5 + (last - in) : 5 - (in - last)); + strm->avail_out = (unsigned)(out < end ? + 257 + (end - out) : 257 - (out - end)); diff --git a/pkgs/development/libraries/zlib/CVE-2016-9842.patch b/pkgs/development/libraries/zlib/CVE-2016-9842.patch new file mode 100644 index 000000000000..e729f7e162cb --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9842.patch @@ -0,0 +1,29 @@ +From e54e1299404101a5a9d0cf5e45512b543967f958 Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Sat, 5 Sep 2015 17:45:55 -0700 +Subject: [PATCH] Avoid shifts of negative values inflateMark(). + +The C standard says that bit shifts of negative integers is +undefined. This casts to unsigned values to assure a known +result. +--- + inflate.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index 2889e3a..a718416 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -1506,9 +1506,10 @@ z_streamp strm; + { + struct inflate_state FAR *state; + +- if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16; ++ if (strm == Z_NULL || strm->state == Z_NULL) ++ return (long)(((unsigned long)0 - 1) << 16); + state = (struct inflate_state FAR *)strm->state; +- return ((long)(state->back) << 16) + ++ return (long)(((unsigned long)((long)state->back)) << 16) + + (state->mode == COPY ? state->length : + (state->mode == MATCH ? state->was - state->length : 0)); + } diff --git a/pkgs/development/libraries/zlib/CVE-2016-9843.patch b/pkgs/development/libraries/zlib/CVE-2016-9843.patch new file mode 100644 index 000000000000..1fe4c4daa03c --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9843.patch @@ -0,0 +1,49 @@ +From d1d577490c15a0c6862473d7576352a9f18ef811 Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Wed, 28 Sep 2016 20:20:25 -0700 +Subject: [PATCH] Avoid pre-decrement of pointer in big-endian CRC calculation. + +There was a small optimization for PowerPCs to pre-increment a +pointer when accessing a word, instead of post-incrementing. This +required prefacing the loop with a decrement of the pointer, +possibly pointing before the object passed. This is not compliant +with the C standard, for which decrementing a pointer before its +allocated memory is undefined. When tested on a modern PowerPC +with a modern compiler, the optimization no longer has any effect. +Due to all that, and per the recommendation of a security audit of +the zlib code by Trail of Bits and TrustInSoft, in support of the +Mozilla Foundation, this "optimization" was removed, in order to +avoid the possibility of undefined behavior. +--- + crc32.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/crc32.c b/crc32.c +index 979a719..05733f4 100644 +--- a/crc32.c ++++ b/crc32.c +@@ -278,7 +278,7 @@ local unsigned long crc32_little(crc, buf, len) + } + + /* ========================================================================= */ +-#define DOBIG4 c ^= *++buf4; \ ++#define DOBIG4 c ^= *buf4++; \ + c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \ + crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24] + #define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4 +@@ -300,7 +300,6 @@ local unsigned long crc32_big(crc, buf, len) + } + + buf4 = (const z_crc_t FAR *)(const void FAR *)buf; +- buf4--; + while (len >= 32) { + DOBIG32; + len -= 32; +@@ -309,7 +308,6 @@ local unsigned long crc32_big(crc, buf, len) + DOBIG4; + len -= 4; + } +- buf4++; + buf = (const unsigned char FAR *)buf4; + + if (len) do { diff --git a/pkgs/development/libraries/zlib/default.nix b/pkgs/development/libraries/zlib/default.nix index e61001e7d6db..21a7e81ce3ed 100644 --- a/pkgs/development/libraries/zlib/default.nix +++ b/pkgs/development/libraries/zlib/default.nix @@ -13,6 +13,13 @@ stdenv.mkDerivation rec { sha256 = "039agw5rqvqny92cpkrfn243x2gd4xn13hs3xi6isk55d2vqqr9n"; }; + patches = [ + ./CVE-2016-9840.patch + ./CVE-2016-9841.patch + ./CVE-2016-9842.patch + ./CVE-2016-9843.patch + ]; + postPatch = stdenv.lib.optionalString stdenv.isDarwin '' substituteInPlace configure \ --replace '/usr/bin/libtool' 'ar' \ @@ -81,4 +88,3 @@ stdenv.mkDerivation rec { platforms = platforms.all; }; } - -- cgit 1.4.1 From 2b883c6f564202a32169d3bf762aa8c40156c8fb Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Thu, 22 Dec 2016 11:29:13 +0100 Subject: Revert "Revert "Merge pull request #21350 from spacekitteh/patch-23"" This reverts commit 0c1382085b2969ce38359bcb28fc5dfe67cca7eb. Moved to staging. --- pkgs/development/libraries/ncurses/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'pkgs') diff --git a/pkgs/development/libraries/ncurses/default.nix b/pkgs/development/libraries/ncurses/default.nix index 3eff1f3d5bbd..bbf7d7108dd0 100644 --- a/pkgs/development/libraries/ncurses/default.nix +++ b/pkgs/development/libraries/ncurses/default.nix @@ -102,6 +102,9 @@ stdenv.mkDerivation rec { done done + # create libtinfo symlink + ln -svf $out/lib/libncurses.$dylibtype $out/libtinfo.$dylibtype + # move some utilities to $bin # these programs are used at runtime and don't really belong in $dev moveToOutput "bin/clear" "$out" -- cgit 1.4.1 From 39e4d93649ce8cbe5f3ad6467c545df0125fb816 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Thu, 22 Dec 2016 11:30:03 +0100 Subject: libuv: disable tests broken on Hydra They were broken by nix starting to use user namespaces. --- pkgs/development/libraries/libuv/default.nix | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'pkgs') diff --git a/pkgs/development/libraries/libuv/default.nix b/pkgs/development/libraries/libuv/default.nix index db77a6fefc3a..f9e7cf389bbb 100644 --- a/pkgs/development/libraries/libuv/default.nix +++ b/pkgs/development/libraries/libuv/default.nix @@ -1,5 +1,4 @@ { stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, pkgconfig - , ApplicationServices, CoreServices }: stdenv.mkDerivation rec { @@ -13,10 +12,15 @@ stdenv.mkDerivation rec { sha256 = "0gna53fgsjjs38kv1g20xfaalv0fk3xncb6abga3saswrv283hx0"; }; - # these checks are probably network-dependent - postPatch = lib.optionalString doCheck '' - sed '/getnameinfo_basic/d' -i test/test-list.h - ''; + postPatch = let + toDisable = [ + "getnameinfo_basic" # probably network-dependent + "spawn_setuid_fails" "spawn_setgid_fails" "fs_chown" # user namespaces + ]; + tdRegexp = lib.concatStringsSep "\\|" toDisable; + in lib.optionalString doCheck '' + sed '/${tdRegexp}/d' -i test/test-list.h + ''; buildInputs = [ automake autoconf libtool pkgconfig ] ++ stdenv.lib.optionals stdenv.isDarwin [ ApplicationServices CoreServices ]; -- cgit 1.4.1 From 2fe61cb9dfd3062282d5f264d2d22920e4f48cdb Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Fri, 23 Dec 2016 15:31:24 +0100 Subject: pythonPackages.lockfile: 0.10.2 -> 0.12.2 --- pkgs/top-level/python-packages.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'pkgs') diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 53d27af0dd26..a1601ee2d465 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -13898,16 +13898,16 @@ in { llvmlite = callPackage ../development/python-modules/llvmlite {llvm=pkgs.llvm_38;}; lockfile = buildPythonPackage rec { - name = "lockfile-${version}"; - version = "0.10.2"; + pname = "lockfile"; + version = "0.12.2"; + name = "${pname}-${version}"; src = pkgs.fetchurl { - sha256 = "0zi7amj3y55lp6339w217zksn1a0ssfvscmv059g2wvnyjqi6f95"; - url = "https://github.com/openstack/pylockfile/archive/${version}.tar.gz"; + url = "mirror://pypi/${builtins.substring 0 1 pname}/${pname}/${name}.tar.gz"; + sha256 = "6aed02de03cba24efabcd600b30540140634fc06cfa603822d508d5361e9f799"; }; - OSLO_PACKAGE_VERSION = "${version}"; buildInputs = with self; [ - pbr nose sphinx_1_2 + pbr nose ]; checkPhase = '' -- cgit 1.4.1 From fd23914961b7e258a7040af9b10416fe651acb82 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Fri, 23 Dec 2016 15:31:36 +0100 Subject: pythonPackages.sphinx: 1.4.6 -> 1.5.1 --- pkgs/top-level/python-packages.nix | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'pkgs') diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index a1601ee2d465..9a6b30772136 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -24436,20 +24436,25 @@ in { sphinx = buildPythonPackage (rec { name = "${pname}-${version}"; pname = "Sphinx"; - version = "1.4.6"; + version = "1.5.1"; src = pkgs.fetchurl { - url = "mirror://pypi/S/${pname}/${name}.tar.gz"; - sha256 = "1lvr39ab5sjp894jshk39xidlxw9vc735882cgcfr4dlm4546hwy"; + url = "mirror://pypi/${builtins.substring 0 1 pname}/${pname}/${name}.tar.gz"; + sha256 = "8e6a77a20b2df950de322fc32f3b508697d9d654fe984e3cc88f446a5b4c17c5"; }; LC_ALL = "en_US.UTF-8"; - buildInputs = with self; [ nose simplejson mock pkgs.glibcLocales ]; - patchPhase = '' sed -i '$ d' tests/test_setup_command.py ''; - checkPhase = '' PYTHON=${python.executable} make test ''; + buildInputs = with self; [ nose simplejson mock pkgs.glibcLocales html5lib ] ++ optional (pythonOlder "3.4") self.enum34; + # Disable two tests that require network access. + postPatch = '' + substituteInPlace tests/test_build_linkcheck.py --replace test_defaults dont_test_defaults + substituteInPlace tests/test_build_linkcheck.py --replace test_anchors_ignored dont_test_anchors_ignored + ''; + checkPhase = '' + make test + ''; propagatedBuildInputs = with self; [ docutils jinja2 pygments - sphinx_rtd_theme alabaster Babel snowballstemmer @@ -24457,6 +24462,7 @@ in { sqlalchemy whoosh imagesize + requests2 ]; meta = { description = "A tool that makes it easy to create intelligent and beautiful documentation for Python projects"; @@ -24473,7 +24479,7 @@ in { url = "mirror://pypi/s/sphinx/sphinx-1.2.3.tar.gz"; sha256 = "94933b64e2fe0807da0612c574a021c0dac28c7bd3c4a23723ae5a39ea8f3d04"; }; - patches = []; + postPatch = ''''; # Tests requires Pygments >=2.0.2 which isn't worth keeping around for this: doCheck = false; }; -- cgit 1.4.1 From 0e2f1af5e748df1eacf8c92785a68dde8d03c779 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Sat, 24 Dec 2016 10:48:09 +0100 Subject: switch packages back to boost-1.60 They don't build with 1.62. --- pkgs/top-level/all-packages.nix | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'pkgs') diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d5f1791f355e..d7db015d1f77 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2559,7 +2559,9 @@ in leafpad = callPackage ../applications/editors/leafpad { }; - leatherman = callPackage ../development/libraries/leatherman {}; + leatherman = callPackage ../development/libraries/leatherman { + boost = boost160; + }; leela = callPackage ../tools/graphics/leela { }; @@ -10299,6 +10301,7 @@ in mongodb = callPackage ../servers/nosql/mongodb { sasl = cyrus_sasl; + boost = boost160; inherit (darwin.apple_sdk.frameworks) Security; }; @@ -15038,7 +15041,9 @@ in tuxguitar = callPackage ../applications/editors/music/tuxguitar { }; - twister = callPackage ../applications/networking/p2p/twister { }; + twister = callPackage ../applications/networking/p2p/twister { + boost = boost160; + }; twmn = qt5.callPackage ../applications/misc/twmn { }; @@ -15713,7 +15718,9 @@ in dhewm3 = callPackage ../games/dhewm3 {}; - digikam5 = kde5.callPackage ../applications/graphics/digikam/5.nix {}; + digikam5 = kde5.callPackage ../applications/graphics/digikam/5.nix { + boost = boost160; + }; drumkv1 = callPackage ../applications/audio/drumkv1 { }; @@ -15772,7 +15779,9 @@ in freedink = callPackage ../games/freedink { }; - freeorion = callPackage ../games/freeorion { }; + freeorion = callPackage ../games/freeorion { + boost = boost160; + }; frotz = callPackage ../games/frotz { }; -- cgit 1.4.1