| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
https://diffoscope.org/news/diffoscope-162-released/
https://diffoscope.org/news/diffoscope-163-released/
|
|
ChangeLog: https://docs.citrix.com/en-us/citrix-workspace-app-for-linux/whats-new.html#whats-new-in-2012
|
|
|
|
|
|
|
|
|
|
|
|
|
|
wasabiwallet: 1.1.12.2 -> 1.1.12.3
|
|
gqrx: 2.14.2 -> 2.14.3
|
|
khal,stig,deluge_1,libtorrent-rasterbar,linkchecker: Disable failing tests
|
|
|
|
|
|
matcha-gtk-theme: 2020-11-23 -> 2020-12-07
|
|
Version 5.x of traitlets requires Python 3.7, so it doesn't build on Python
3.6. This commit downgrades traitlets to 4.3.3 on Python versions older than
3.7 so that it can still be used.
|
|
smesh: fix building with clang
|
|
Staging next
|
|
Changelog:
https://github.com/pytorch/pytorch/releases/tag/v1.7.1
|
|
In PR #96456, black was upgraded from 19.10b0 to 20.8b1. This new version of
black depends on the dataclasses module, but that was only introduced into the
standard library in Python 3.7; earlier versions of Python require the backport
package of the same name. This commit addresses the missing dependency.
|
|
talloc: remove python2 as a build dependency
|
|
tagref: 1.3.3 -> 1.4.1
|
|
qmapshack: 1.15.1 -> 1.15.2
|
|
beamerpresenter: 0.1.2 -> 0.1.3
|
|
delve: 1.5.0 -> 1.5.1
|
|
DEBUG:homeassistant.components.http.auth:Authenticated 127.0.0.1 for /media/local/test.mp3 using bearer token
DEBUG:homeassistant.components.http.view:Serving /media/local/test.mp3 to 127.0.0.1 (auth: True)
ERROR:aiohttp.server:Unhandled exception
Traceback (most recent call last):
File "/nix/store/8y4x6km9q2ik0hcgh0klx6rl46pcw6qf-python3.8-aiohttp-3.7.3/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 485, in start
resp, reset = await task
File "/nix/store/8y4x6km9q2ik0hcgh0klx6rl46pcw6qf-python3.8-aiohttp-3.7.3/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 440, in _handle_request
reset = await self.finish_response(request, resp, start_time)
File "/nix/store/8y4x6km9q2ik0hcgh0klx6rl46pcw6qf-python3.8-aiohttp-3.7.3/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 591, in finish_response
await prepare_meth(request)
File "/nix/store/8y4x6km9q2ik0hcgh0klx6rl46pcw6qf-python3.8-aiohttp-3.7.3/lib/python3.8/site-packages/aiohttp/web_fileresponse.py", line 241, in prepare
return await self._sendfile(request, fobj, offset, count)
File "/nix/store/8y4x6km9q2ik0hcgh0klx6rl46pcw6qf-python3.8-aiohttp-3.7.3/lib/python3.8/site-packages/aiohttp/web_fileresponse.py", line 96, in _sendfile
await loop.sendfile(transport, fobj, offset, count)
File "/nix/store/i9lzacdfrwlj1ayw551c016s0fq71p7j-python3-3.8.6/lib/python3.8/asyncio/base_events.py", line 1120, in sendfile
return await self._sendfile_native(transport, file,
File "/nix/store/i9lzacdfrwlj1ayw551c016s0fq71p7j-python3-3.8.6/lib/python3.8/asyncio/selector_events.py", line 578, in _sendfile_native
return await self.sock_sendfile(transp._sock, file, offset, count,
File "/nix/store/i9lzacdfrwlj1ayw551c016s0fq71p7j-python3-3.8.6/lib/python3.8/asyncio/base_events.py", line 836, in sock_sendfile
self._check_sendfile_params(sock, file, offset, count)
File "/nix/store/i9lzacdfrwlj1ayw551c016s0fq71p7j-python3-3.8.6/lib/python3.8/asyncio/base_events.py", line 889, in _check_sendfile_params
raise ValueError(
ValueError: count must be a positive integer (got 0)
|
|
fetchMavenArtifact: switch mirrors to https
|
|
nextcloud: 19.0.4 -> 19.0.6, 20.0.1 -> 20.0.3, mark v19 as insecure
|
|
|
|
github-commenter: add darwin platform
|
|
weechatScripts.colorize_nicks: init at 27
|
|
###### Motivation for this change
|
|
|
|
cedille: 1.1.1 -> 1.1.2; fix build
|
|
mcfly: 0.5.1 -> 0.5.2
|
|
vis: 0.6 -> 0.7
|
|
vultr-cli: 2.0.0 -> 2.0.1
|
|
bottom: 0.5.3 -> 0.5.4
|
|
|
|
qt515.qtwebkit: unbreak
|
|
ChangeLogs:
* https://nextcloud.com/changelog/#20-0-3
* https://nextcloud.com/changelog/#19-0-6
For Nextcloud 20, security advisories for CVE-2020-8259[1] &
CVE-2020-8152[2] were published. The only way to fix those is to upgrade
to v20, although v19 and v18 are supported, the issue won't be fixed
there[3].
Even though both CVEs are only related to the encryption module[4] which
is turned off by default, I decided to add a vulnerability note to
`nextcloud19` since CVE-2020-8259's is rated as "High" by NIST (in
contrast to Nextcloud which rates it as "Low").
If one is not affected by the issue, `nextcloud19` can still be used by
declaring `permittedInsecurePackages`[5].
[1] https://nvd.nist.gov/vuln/detail/CVE-2020-8259,
https://nextcloud.com/security/advisory/?id=NC-SA-2020-041
[2] https://nvd.nist.gov/vuln/detail/CVE-2020-8152,
https://nextcloud.com/security/advisory/?id=NC-SA-2020-040
[3] https://help.nextcloud.com/t/fixes-for-cve-2020-8259-cve-2020-8152-in-nextcloud-18-19/98289
[4] https://docs.nextcloud.com/server/20/admin_manual/configuration_files/encryption_configuration.html
[5] https://nixos.org/manual/nixpkgs/stable/#sec-allow-insecure
Closes #106212
|
|
|
|
This also changes the origin of the code. Hashicorp decided to stop
maintaining that provider and passed on the buck to cyrilgdn.
|
|
|
|
Maven repositories are disabling HTTP support for security.
Even though Nix adds some security with its own hash validation,
broken mirrors are a, well, suboptimal experience.
I don't know of any plans by sonatype, but it seems like a matter
of time.
https://www.lightbend.com/blog/lightbend-to-require-https-on-repos-starting-august-5-2020
|
|
lens: init at 3.6.7
|
|
|
|
monero-gui: 0.17.1.5 -> 0.17.1.6
|
|
|
