Age | Commit message (Collapse) | Author |
|
According to 41c6d7adfcad4ed4fc6f22140ab6c4285348d89c and
https://github.com/NixOS/nixpkgs/issues/63533 having backslashes
prevents systemd from successfully parsing the unit file and therefore
results in prometheus-node-exporter not starting.
This patch removes the backslashes from the ExecStart script.
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
|
|
[21.11] python3Packages.twisted: fix CVE-2022-21712
|
|
|
|
https://gitlab.nic.cz/knot/knot-resolver/-/tags/v5.5.0
(cherry picked from commit a1a2ae2955ba2a97f4680491cee37975c82c92ac)
|
|
|
|
Twisted versions before 22.1 would leak cookie and authorization headers
when following cross-origin redirects in
`twisted.web.client.RedirectAgent` and
`twisted.web.client.BrowserLikeRedirectAgent`.
Fixes: #CVE-2022-21712
|
|
|
|
Fixes race conditions like this:
> systemd[1]: Started prometheus-kea-exporter.service.
> kea-exporter[927]: Listening on http://0.0.0.0:9547
> kea-exporter[927]: Socket at /run/kea/dhcp4.sock does not exist. Is Kea running?
> systemd[1]: prometheus-kea-exporter.service: Main process exited, code=exited, status=1/FAILURE
(cherry picked from commit 8b7ca8bdcb949333c5b64839b660d3d0af68565a)
|
|
[21.11] Prepare for backporting Chromium M100
|
|
This commit exposes that support for compilation without systemd,
controlled by the global systemdSupport argument. This argument is
understood by many other nixpkgs expressions and can be set globally
in ~/.config/nixpkgs/config.nix.
(cherry picked from commit 5f9ce130b2f99f6cc818428913b1929519757089)
|
|
(cherry picked from commit a29f5a2eb3c6fecbbf743391e130ef6ebe910863)
|
|
(cherry picked from commit ab49a71ae0d7f5d7e4bb5128f6e16ea84f2d6759)
|
|
(cherry picked from commit 93edc87eac3ba3599ddf0314ac0a05014a8d2045)
|
|
(cherry picked from commit 3e7268af67af97ee109b96f0ddba652c08854d99)
|
|
(cherry picked from commit 7d5373b0bab22db3e708fe9dc3cfbdf5d9b0982e)
|
|
(cherry picked from commit 7d5e470e1fdd564d725f1b8db82fe126efcd649f)
|
|
This ensures that our build flags for ungoogled-chromium will remain
up-to-date with upstream's defaults (also important for avoiding build
errors).
Co-authored-by: Michael Weiss <dev.primeos@gmail.com>
(cherry picked from commit 1122130c6f5b1bd388334ba02f06383ab4ceffa6)
|
|
(cherry picked from commit e1185bdd8ffe0e376cb43ab21652a2bc23246042)
|
|
(cherry picked from commit 691919bf0003817a02fa0c4bb3210a6aa633f03a)
|
|
(cherry picked from commit 05aa1711fd50a5fec1eb8397b7616f1cad622e15)
|
|
[21.11] nixos/default.nix: Use extendModules
|
|
[Backport release-21.11] sops: 3.7.1 -> 3.7.2
|
|
(cherry picked from commit 1a0517507818f0ca726f8daf3708e732e8511ccd)
|
|
[Backport release-21.11] warzone2100: 4.2.6 -> 4.2.7
|
|
(cherry picked from commit 8fd49c116bcd256263c7aad8ca5d4b7fa10d4ca2)
|
|
|
|
Fix some CVEs: https://saltproject.io/security_announcements/salt-security-advisory-release/
|
|
|
|
(cherry picked from commit 58ae11758e853ac307b4cd1032d2f0436a77bc50)
|
|
(cherry picked from commit 3a06e285c9ec97a32c8f3fc93cc6dfe0c902f8ed)
|
|
(cherry picked from commit 2f9822b6593444ad55c255068e0f11f673fcd346)
|
|
(cherry picked from commit 6d43305b8987fea18a0c2fe7a5625acd63a57278)
|
|
This package is slightly out of date, but 6.1.32 doesn't fix 5.17
compatibility either.
(cherry picked from commit 69af0d17174ee60f75e6e9f4d74c2152f4e7968e)
|
|
[21.11] pdns-recursor: 4.5.7 -> 4.5.8
|
|
corresponds to e501354c13f89ac0671883ade1459b3353c39121 on master
|
|
|
|
The PowerDNS version we ship on release-21.11 went EOL in january, so
there are no explicit patches for 4.3.1, however the patches for 4.4.2
apply cleanly and the tests are still passing.
https://blog.powerdns.com/2022/03/25/security-advisory-2022-01-for-powerdns-authoritative-server-4-4-2-4-5-3-4-6-0-and-powerdns-recursor-4-4-7-4-5-7-4-6-0/
Fixes: CVE-2022-27227
|
|
[Backport release-21.11] strace: 5.16 -> 5.17
|
|
[21.11] nix_2_7: init
|
|
ChangeLog: https://github.com/strace/strace/releases/tag/v5.17
(cherry picked from commit df698858835ebd614d15773267fc4071c8da1139)
|
|
[Backport release-21.11] ungoogled-chromium: 99.0.4844.82 -> 99.0.4844.84
|
|
[Backport release-21.11] Linux kernels 2022-03-23
|
|
(cherry picked from commit d037e72af94319c963d09f793ea5a9a2878c2d7f)
|
|
|
|
(cherry picked from commit 00e6bef2a6c0ef03e288d99ba61d3827d16edbc5)
|
|
(cherry picked from commit bc04900afa1eef46fbfc1b1cef8ca0194b269c39)
|
|
(cherry picked from commit 0cbdca520de04ca16a6c2b5b76ce0ee72f2ba970)
|
|
(cherry picked from commit a8443f0ce49e841b1c6f06c6fd42646263abca50)
|
|
(cherry picked from commit 7bfe0eec2b7abae215b55604852852865e2fb1e5)
|
|
(cherry picked from commit 2dec7aec6d5f5837276f6638c3da5e55df95993c)
|