Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: e3d393e7177e
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: d2f46002829c
Choose a head ref
  • 5 commits
  • 5 files changed
  • 4 contributors

Commits on Nov 3, 2020

  1. linux: 5.4.73 -> 5.4.74

    @NeQuissimus
    NeQuissimus committed Nov 3, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    NeQuissimus Tim Steinbach
    GPG key ID: 6538CB9266B06F31
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fbd345d View commit details

  2. salt: 2019.2.4 -> 2019.2.7 

    Fixes: CVE-2020-16846, CVE-2020-17490, CVE-2020-25592
    @mweinelt
    mweinelt committed Nov 3, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    mweinelt Martin Weinelt
    GPG key ID: BD4AA0528F63F17E
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    3488347 View commit details

  3. Merge pull request #102646 from mweinelt/20.03/salt 

    [20.03] salt: 2019.2.4 -> 2019.2.7
    @andir
    andir authored Nov 3, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fc997fd View commit details

  4. chromiumDev: 88.0.4292.2 -> 88.0.4298.4 

    This should also fix VA-API for chromiumBeta (though that part needs
some cleanup). However, chromiumDev likely still fails due to the
absence of dirmd (not included in the tarball so far, we might have to
package and add it as a dependency).

(cherry picked from commit 50a2f50)
    @primeos
    primeos committed Nov 3, 2020

    Verified

    This commit was signed with the committer’s verified signature.
    primeos Michael Weiss
    GPG key ID: 5BE487C4D4771D83
    Verified
    Learn about vigilant mode
    Copy the full SHA
    90c1c40 View commit details

  5. chromium: 86.0.4240.111 -> 86.0.4240.183 

    https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html

This update includes 10 security fixes. Google is aware of reports that
an exploit for CVE-2020-16009 exists in the wild.

CVEs:
CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007
CVE-2020-16008 CVE-2020-16009 CVE-2020-16011

(cherry picked from commit 531decc)
Backport of #102608. I'll push this directly as it should build fine and
we need the security fixes timely (see above).
    @primeos
    primeos committed Nov 3, 2020

    Verified

    This commit was signed with the committer’s verified signature.
    primeos Michael Weiss
    GPG key ID: 5BE487C4D4771D83
    Verified
    Learn about vigilant mode
    Copy the full SHA
    d2f4600 View commit details
2 changes: 1 addition & 1 deletion pkgs/applications/networking/browsers/chromium/common.nix
View file
Original file line number Diff line number Diff line change
@@ -157,7 +157,7 @@ let
#
# ++ optionals (channel == "dev") [ ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" ) ]
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
] ++ optionals (useVaapi) [
] ++ optionals (useVaapi && versionRange "86" "87") [
# Check for enable-accelerated-video-decode on Linux:
(githubPatch "54deb9811ca9bd2327def5c05ba6987b8c7a0897" "11jvxjlkzz1hm0pvfyr88j7z3zbwzplyl5idkx92l2lzv4459c8d")
];
1 change: 1 addition & 0 deletions pkgs/applications/networking/browsers/chromium/default.nix
View file
Original file line number Diff line number Diff line change
@@ -46,6 +46,7 @@ let
});
} // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "87") {
useOzone = true; # YAY: https://chromium-review.googlesource.com/c/chromium/src/+/2382834 \o/
useVaapi = !stdenv.isAarch64; # TODO: Might be best to not set use_vaapi anymore (default is fine)
gnChromium = gn.overrideAttrs (oldAttrs: {
version = "2020-08-17";
src = fetchgit {
18 changes: 9 additions & 9 deletions pkgs/applications/networking/browsers/chromium/upstream-info.json
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
{
"stable": {
"version": "86.0.4240.111",
"sha256": "05y7lwr89awkhvgmwkx3br9j4ap2aypg2wsc0nz8mi7kxc1dnyzj",
"sha256bin64": "10aqiiydw4i3jxnw8xxdgkgcqbfqc67n1fbrg40y54kg0v5dz8l6"
"version": "86.0.4240.183",
"sha256": "1g39i82js7fm4fqb8i66d6xs0kzqjxzi4vzvvwz5y9rkbikcc4ma",
"sha256bin64": "1r0dxqsx6j19hgwr3v2sdlb2vd7gb961c4wba4ymd8wy8j8pzly9"
},
"beta": {
"version": "87.0.4280.27",
"sha256": "0w0asxj7jlsw69cssfia8km4q9cx1c2mliks2rmhf4jk0hsghasm",
"sha256bin64": "1lsx4mhy8nachfb8c9f3mrx5nqw2bi046dqirb4lnv7y80jjjs1k"
"version": "87.0.4280.40",
"sha256": "07xh76fl257np68way6i5rf64qbvirkfddy7m5gvqb0fzcqd7dp3",
"sha256bin64": "1b2z0aqlh28pqrk6dmabxp1d4mvp9iyfmi4kqmns4cdpg0qgaf41"
},
"dev": {
"version": "88.0.4292.2",
"sha256": "0b8ihgbvdqpbcgw9p9sak8nz599pah94jmysqigs4phl9slvir5d",
"sha256bin64": "13bx19r56m2r1yjy3b84phv96kkckf87n88kpscf867lgwbrc4fc"
"version": "88.0.4300.0",
"sha256": "00cfs2rp4h8ybn2snr1d8ygg635hx7q5gv2aqriy1j6f8a1pgh1b",
"sha256bin64": "110r1m14h91212nx6pfhn8wkics7wlwx1608l5cqsxxcpvpzl3pv"
}
}
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/kernel/linux-5.4.nix
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
with stdenv.lib;

buildLinux (args // rec {
version = "5.4.73";
version = "5.4.74";

# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {

src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "1cknwnzpimjfacjbb39ay9j4lv3767j2858xz9yvwsvj7d04nhjs";
sha256 = "1drs2pngr5w3rmpydljirmibp30qb4hdrhqsi92knshlw6nz817c";
};
} // (args.argsOverride or {}))
4 changes: 2 additions & 2 deletions pkgs/tools/admin/salt/default.nix
View file
Original file line number Diff line number Diff line change
@@ -27,11 +27,11 @@ let
in
py.pkgs.buildPythonApplication rec {
pname = "salt";
version = "2019.2.4";
version = "2019.2.7";

src = py.pkgs.fetchPypi {
inherit pname version;
sha256 = "0ir8gmir4jl21v252vxwgjaskj15wlkhp715jn7h1jb1vfairsxg";
sha256 = "0wxqw6rca78bn2afrszbfb62bz2323n7vmnznl9jwgvcgzxvqj6n";
};

propagatedBuildInputs = with py.pkgs; [