diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2017-02-18 08:59:29 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2017-02-18 08:59:29 +0100 |
commit | 432dba859e45f10df826bb9e0f09e0a1bf847d2e (patch) | |
tree | bcd95022c7ad759cc4919db6044c9c1059df1d16 /pkgs/tools | |
parent | 170039ace5cc74a04c41aacbbd82613c0e1481b2 (diff) | |
parent | 714eabc5af342f81fc36481486b4b388ebefb8c7 (diff) |
Merge branch 'staging'
A security update of libxml2 is within.
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/X11/xbindkeys/default.nix | 3 | ||||
-rw-r--r-- | pkgs/tools/admin/certbot/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/filesystems/s3backer/default.nix | 8 | ||||
-rw-r--r-- | pkgs/tools/misc/findutils/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/misc/findutils/memory-leak.patch | 21 | ||||
-rw-r--r-- | pkgs/tools/misc/kronometer/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/networking/aircrack-ng/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/networking/openfortivpn/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/networking/socat/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/networking/socat/enable-ecdhe.patch | 19 | ||||
-rw-r--r-- | pkgs/tools/security/lastpass-cli/default.nix | 10 | ||||
-rw-r--r-- | pkgs/tools/security/tcpcrypt/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/yara/default.nix | 12 | ||||
-rw-r--r-- | pkgs/tools/system/facter/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/system/ipmitool/default.nix | 4 |
15 files changed, 58 insertions, 57 deletions
diff --git a/pkgs/tools/X11/xbindkeys/default.nix b/pkgs/tools/X11/xbindkeys/default.nix index 0d63c190b054..1c23593bd141 100644 --- a/pkgs/tools/X11/xbindkeys/default.nix +++ b/pkgs/tools/X11/xbindkeys/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, libX11, guile }: +{ stdenv, fetchurl, pkgconfig, libX11, guile }: let version = "1.8.6"; in stdenv.mkDerivation { @@ -8,6 +8,7 @@ stdenv.mkDerivation { sha256 = "060df6d8y727jp1inp7blp44cs8a7jig7vcm8ndsn6gw36z1h3bc"; }; + nativeBuildInputs = [ pkgconfig ]; buildInputs = [ libX11 guile ]; meta = { diff --git a/pkgs/tools/admin/certbot/default.nix b/pkgs/tools/admin/certbot/default.nix index 3648cb2c1360..9ac6ed17f66a 100644 --- a/pkgs/tools/admin/certbot/default.nix +++ b/pkgs/tools/admin/certbot/default.nix @@ -4,13 +4,13 @@ python2Packages.buildPythonApplication rec { name = "certbot-${version}"; - version = "0.9.3"; + version = "0.11.1"; src = fetchFromGitHub { owner = "certbot"; repo = "certbot"; rev = "v${version}"; - sha256 = "03yfr8vlq62l0h14qk03flrkbvbv9mc5cf6rmh37naj8jwpl8cic"; + sha256 = "0f8s6wzj69gnqld6iaskmmwyg5zy5v3zwhp1n1izxixm0vhkzgrq"; }; propagatedBuildInputs = with python2Packages; [ diff --git a/pkgs/tools/filesystems/s3backer/default.nix b/pkgs/tools/filesystems/s3backer/default.nix index d7e9c02d1ab3..cc31a6680597 100644 --- a/pkgs/tools/filesystems/s3backer/default.nix +++ b/pkgs/tools/filesystems/s3backer/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchFromGitHub , autoreconfHook, pkgconfig , fuse, curl, expat }: - + stdenv.mkDerivation rec { name = "s3backer-${version}"; - version = "1.4.2"; - + version = "1.4.3"; + src = fetchFromGitHub { - sha256 = "0b9vmykrfpzs9is31pqb8xvgjraghnax1ph2jkbib1ya0vhxm8dj"; + sha256 = "0fhkha5kap8dji3iy48cbszhq83b2anssscgjj9d5dsl5dj57zak"; rev = version; repo = "s3backer"; owner = "archiecobbs"; diff --git a/pkgs/tools/misc/findutils/default.nix b/pkgs/tools/misc/findutils/default.nix index 1271aa8c9863..086c72bdbb22 100644 --- a/pkgs/tools/misc/findutils/default.nix +++ b/pkgs/tools/misc/findutils/default.nix @@ -8,7 +8,9 @@ stdenv.mkDerivation rec { sha256 = "178nn4dl7wbcw499czikirnkniwnx36argdnqgz4ik9i6zvwkm6y"; }; - nativeBuildInputs = [ coreutils ]; + patches = [ ./memory-leak.patch ]; + + buildInputs = [ coreutils ]; # bin/updatedb script needs to call sort doCheck = !stdenv.isDarwin; diff --git a/pkgs/tools/misc/findutils/memory-leak.patch b/pkgs/tools/misc/findutils/memory-leak.patch new file mode 100644 index 000000000000..56f65f856224 --- /dev/null +++ b/pkgs/tools/misc/findutils/memory-leak.patch @@ -0,0 +1,21 @@ +http://git.savannah.gnu.org/cgit/findutils.git/patch/?id=c1556892a +diff --git a/find/fstype.c b/find/fstype.c +index 535f920..a0ac8bc 100644 +--- a/find/fstype.c ++++ b/find/fstype.c +@@ -75,14 +75,7 @@ free_file_system_list (struct mount_entry *p) + while (p) + { + struct mount_entry *pnext = p->me_next; +- +- free (p->me_devname); +- free (p->me_mountdir); +- +- if (p->me_type_malloced) +- free (p->me_type); +- p->me_next = NULL; +- free (p); ++ free_mount_entry (p); + p = pnext; + } + } diff --git a/pkgs/tools/misc/kronometer/default.nix b/pkgs/tools/misc/kronometer/default.nix index 37399a1a4184..598d01266233 100644 --- a/pkgs/tools/misc/kronometer/default.nix +++ b/pkgs/tools/misc/kronometer/default.nix @@ -6,13 +6,13 @@ let pname = "kronometer"; - version = "2.1.0"; + version = "2.1.3"; unwrapped = kdeDerivation rec { name = "${pname}-${version}"; src = fetchurl { url = "mirror://kde/stable/${pname}/${version}/src/${name}.tar.xz"; - sha256 = "1nh7y4c13rscy55f5n8s2v8jij27b55rwkxh9g8r0p7mdwmw8vri"; + sha256 = "1z06gvaacm3d3a9smlmgg2vf0jdab5kqxx24r6v7iprqzgdpsn4i"; }; meta = with lib; { diff --git a/pkgs/tools/networking/aircrack-ng/default.nix b/pkgs/tools/networking/aircrack-ng/default.nix index 21f03f27ab70..3b7c2926bd49 100644 --- a/pkgs/tools/networking/aircrack-ng/default.nix +++ b/pkgs/tools/networking/aircrack-ng/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, libpcap, openssl, zlib, wirelesstools, libnl, pkgconfig }: stdenv.mkDerivation rec { - name = "aircrack-ng-1.2-rc3"; + name = "aircrack-ng-1.2-rc4"; src = fetchurl { url = "http://download.aircrack-ng.org/${name}.tar.gz"; - sha256 = "11a53acln0fpar6v75qlybzdg8hdwc9ssd06fxygr47yp755qncf"; + sha256 = "0dpzx9kddxpgzmgvdpl3rxn0jdaqhm5wxxndp1xd7d75mmmc2fnr"; }; buildInputs = [ libpcap openssl zlib libnl pkgconfig ]; diff --git a/pkgs/tools/networking/openfortivpn/default.nix b/pkgs/tools/networking/openfortivpn/default.nix index e3e2053e2ce6..3854d94f9093 100644 --- a/pkgs/tools/networking/openfortivpn/default.nix +++ b/pkgs/tools/networking/openfortivpn/default.nix @@ -3,7 +3,7 @@ with stdenv.lib; let repo = "openfortivpn"; - version = "1.1.4"; + version = "1.2.0"; in stdenv.mkDerivation { name = "${repo}-${version}"; @@ -12,12 +12,12 @@ in stdenv.mkDerivation { owner = "adrienverge"; inherit repo; rev = "v${version}"; - sha256 = "08ycz053wa29ckgr93132hr3vrd84r3bks9q807qanri0n35y256"; + sha256 = "1a1l9f6zivfyxg9g2x7kzkvcyh84s7l6v0kimihhrd19zl0m41jn"; }; buildInputs = [ openssl ppp autoreconfHook ]; - hardeningDisable = [ "format" ]; + NIX_CFLAGS_COMPILE = "-Wno-error=unused-function"; preConfigure = '' substituteInPlace src/tunnel.c --replace "/usr/sbin/pppd" "${ppp}/bin/pppd" diff --git a/pkgs/tools/networking/socat/default.nix b/pkgs/tools/networking/socat/default.nix index 19cdb884bd1a..0e9efb028ba8 100644 --- a/pkgs/tools/networking/socat/default.nix +++ b/pkgs/tools/networking/socat/default.nix @@ -1,17 +1,15 @@ { stdenv, fetchurl, openssl, readline }: stdenv.mkDerivation rec { - name = "socat-1.7.3.1"; + name = "socat-1.7.3.2"; src = fetchurl { url = "http://www.dest-unreach.org/socat/download/${name}.tar.bz2"; - sha256 = "1apvi7sahcl44arnq1ad2y6lbfqnmvx7nhz9i3rkk0f382anbnnj"; + sha256 = "0lcj6zpra33xhgvhmz9l3cqz10v8ybafb8dd1yqkwf1rhy01ymp3"; }; buildInputs = [ openssl readline ]; - patches = [ ./enable-ecdhe.patch ./libressl-fixes.patch ]; - hardeningEnable = [ "pie" ]; meta = { diff --git a/pkgs/tools/networking/socat/enable-ecdhe.patch b/pkgs/tools/networking/socat/enable-ecdhe.patch deleted file mode 100644 index ad63ec287bcf..000000000000 --- a/pkgs/tools/networking/socat/enable-ecdhe.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- socat-1.7.3.0/xio-openssl.c 2015-01-24 15:33:42.000000000 +0100 -+++ socat-1.7.3.0-ecdhe/xio-openssl.c 2015-01-25 13:38:54.353641097 +0100 -@@ -960,7 +960,6 @@ - } - } - --#if defined(EC_KEY) /* not on Openindiana 5.11 */ - { - /* see http://openssl.6102.n7.nabble.com/Problem-with-cipher-suite-ECDHE-ECDSA-AES256-SHA384-td42229.html */ - int nid; -@@ -982,7 +981,6 @@ - - SSL_CTX_set_tmp_ecdh(*ctx, ecdh); - } --#endif /* !defined(EC_KEY) */ - - #if OPENSSL_VERSION_NUMBER >= 0x00908000L - if (opt_compress) { - diff --git a/pkgs/tools/security/lastpass-cli/default.nix b/pkgs/tools/security/lastpass-cli/default.nix index 7b6720a2139b..e40422399056 100644 --- a/pkgs/tools/security/lastpass-cli/default.nix +++ b/pkgs/tools/security/lastpass-cli/default.nix @@ -1,19 +1,21 @@ -{ stdenv, lib, fetchFromGitHub, pkgconfig, openssl, curl, libxml2, libxslt, asciidoc, docbook_xsl }: +{ stdenv, lib, fetchFromGitHub, cmake, pkgconfig +, openssl, curl, libxml2, libxslt, asciidoc, docbook_xsl }: stdenv.mkDerivation rec { name = "lastpass-cli-${version}"; - version = "1.0.0"; + version = "1.1.1"; src = fetchFromGitHub { owner = "lastpass"; repo = "lastpass-cli"; rev = "v${version}"; - sha256 = "0hidx2qfr52bwjb6as4fbfa34jqh3zwvrcx590vbsji3bq4g7avb"; + sha256 = "1slqrv877c1bhivgd2i9cr1lsd72371dpz6a3h6s56l3qbyk28sa"; }; + nativeBuildInputs = [ cmake pkgconfig ]; buildInputs = [ - openssl curl libxml2 pkgconfig asciidoc docbook_xsl libxslt + openssl curl libxml2 asciidoc docbook_xsl libxslt ]; makeFlags = "PREFIX=$(out)"; diff --git a/pkgs/tools/security/tcpcrypt/default.nix b/pkgs/tools/security/tcpcrypt/default.nix index 222b861f937c..7ffec8c4c884 100644 --- a/pkgs/tools/security/tcpcrypt/default.nix +++ b/pkgs/tools/security/tcpcrypt/default.nix @@ -7,13 +7,13 @@ with stdenv.lib; stdenv.mkDerivation rec { name = "tcpcrypt-${version}"; - version = "0.4"; + version = "0.5"; src = fetchFromGitHub { repo = "tcpcrypt"; owner = "scslab"; rev = "v${version}"; - sha256 = "04n1qpf4x8x289xa7jndmx99xp0lbxjzjw013kf64i1n70i9wbnp"; + sha256 = "0a015rlyvagz714pgwr85f8gjq1fkc0il7d7l39qcgxrsp15b96w"; }; postUnpack = ''mkdir -vp $sourceRoot/m4''; diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index 6a5269c03dc5..a3b3c1c0290f 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -1,18 +1,18 @@ -{ stdenv, fetchurl, fetchFromGitHub, autoconf, automake, libtool, pcre +{ stdenv, fetchFromGitHub, autoconf, automake, libtool, pcre , withCrypto ? true, openssl , enableMagic ? true, file , enableCuckoo ? true, jansson }: stdenv.mkDerivation rec { - version = "3.4.0"; + version = "3.5.0"; name = "yara-${version}"; src = fetchFromGitHub { - owner = "plusvic"; + owner = "VirusTotal"; repo = "yara"; rev = "v${version}"; - sha256 = "1rv1xixbjqx1vkcij8r01rq08ncqgy6nn98xvkrpixwvi4fy956s"; + sha256 = "18hn6acfj0cha9cv70f6hyaqf8qbgj0c0dm9db4v2q8z7cgi1681"; }; # FIXME: this is probably not the right way to make it work @@ -34,10 +34,6 @@ stdenv.mkDerivation rec { EOF ''; patches = [ - (fetchurl { - url = "https://github.com/plusvic/yara/pull/261.diff"; - sha256 = "1fkxnk84ryvrjq7p225xvw9pn5gm2bjia2jz38fclwbsaxdi6p3b"; - }) "staticlibrary.patch" ]; diff --git a/pkgs/tools/system/facter/default.nix b/pkgs/tools/system/facter/default.nix index 677981b97ca5..9f97a403159a 100644 --- a/pkgs/tools/system/facter/default.nix +++ b/pkgs/tools/system/facter/default.nix @@ -2,9 +2,10 @@ stdenv.mkDerivation rec { name = "facter-${version}"; - version = "3.5.1"; + version = "3.6.0"; + src = fetchFromGitHub { - sha256 = "1rhfww0knjh6bj3b0ykxgfgw6rg2bzibkdrisq3nhl3djfq7r1a8"; + sha256 = "1fwvjd84nw39lgclkz4kn90z84fs9lsama3ikq0qs1in3y3jfmvi"; rev = version; repo = "facter"; owner = "puppetlabs"; @@ -24,5 +25,4 @@ stdenv.mkDerivation rec { maintainers = [ maintainers.womfoo ]; platforms = platforms.linux; }; - } diff --git a/pkgs/tools/system/ipmitool/default.nix b/pkgs/tools/system/ipmitool/default.nix index 16bb05898416..dcbea5156771 100644 --- a/pkgs/tools/system/ipmitool/default.nix +++ b/pkgs/tools/system/ipmitool/default.nix @@ -2,14 +2,14 @@ let pkgname = "ipmitool"; - version = "1.8.15"; + version = "1.8.17"; in stdenv.mkDerivation { name = "${pkgname}-${version}"; src = fetchurl { url = "mirror://sourceforge/${pkgname}/${pkgname}-${version}.tar.gz"; - sha256 = "0y6g8xg9p854n7xm3kds8m3d53jrsllnknp8lcr3jscf99j4x5ph"; + sha256 = "0qcrz1d1dbjg46n3fj6viglzcxlf2q15xa7bx9w1hm2hq1r3jzbi"; }; patchPhase = stdenv.lib.optionalString stdenv.isDarwin '' |