Skip to content
This repository has been archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
base: a3ef555c770d
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
compare: 5c4059dd7536
Choose a head ref
  • 5 commits
  • 2 files changed
  • 3 contributors

Commits on Dec 15, 2019

  1. apt: 1.4.6 -> 1.4.9 

    Fixes on remote content injection issue (CVE-2019-3462).

Complete changelog:

 > apt (1.4.9) stretch-security; urgency=medium
 >
 >   * SECURITY UPDATE: content injection in http method (CVE-2019-3462)
 >     (LP: #1812353)
 >
 >  -- Julian Andres Klode <jak@debian.org>  Fri, 18 Jan 2019 11:42:07 +0100
 >
 > apt (1.4.8) stretch; urgency=medium
 >
 >   [ Balint Reczey ]
 >   * Gracefully terminate process when stopping apt-daily-upgrade (LP: #1690980)
 >
 >   [ David Kalnischkies ]
 >   * don't ask an uninit _system for supported archs, this
 >     crashes the mirror method (LP: #1613184)
 >
 >   [ Julian Andres Klode ]
 >   * Do not warn about duplicate "legacy" targets (Closes: #839259)
 >     (LP: #1697120)
 >   * apt-daily: Pull in network-online.target in service, not timer
 >     - this can cause a severe boot performance regression / hang
 >     (LP: #1716973)
 >
 >  -- Julian Andres Klode <jak@debian.org>  Wed, 13 Sep 2017 18:47:33 +0200
 >
 > apt (1.4.7) stretch; urgency=medium
 >
 >   * New release with important fixes up to 1.5~beta1; also see LP: #1702326
 >
 >   [ Robert Luberda ]
 >   * fix a "critical" typo in old changelog entry (Closes: 866358)
 >
 >   [ David Kalnischkies ]
 >   * test suite/travis CI: ignore profiling warning in progress lines
 >   * use port from SRV record instead of initial port
 >
 >   [ Julian Andres Klode ]
 >   * Reset failure reason when connection was successful, so later errors are
 >     reported as such and not as "connection failure" warnings.
 >   * debian/gbp.conf: Set debian-branch to 1.4.y
 >   * http: A response with Content-Length: 0 has no content, so don't try to
 >     read it - it will either timeout or the server closes the connection.
 >   * travis CI: Migrate to Docker
 >
 >  -- Julian Andres Klode <jak@debian.org>  Thu, 13 Jul 2017 23:45:39 +0200
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    86df5c3 View commit details
    Browse the repository at this point in the history

Commits on Dec 18, 2019

  1. Merge pull request #75717 from andir/19.09/apt 

    [19.09] apt: 1.4.6 -> 1.4.9 (CVE-2019-3462)
    @WilliButz
    WilliButz committed Dec 18, 2019
    Copy the full SHA
    f603527 View commit details
    Browse the repository at this point in the history

Commits on Dec 19, 2019

  1. matrix-synapse.ldap3: 0.1.3 -> 0.1.4 

    https://github.com/matrix-org/matrix-synapse-ldap3/releases/tag/v0.1.4
(cherry picked from commit e533a8c)
    @Ma27
    Ma27 committed Dec 19, 2019
    Copy the full SHA
    71738bf View commit details
    Browse the repository at this point in the history

  2. matrix-synapse: 1.6.1 -> 1.7.0 

    https://github.com/matrix-org/synapse/releases/tag/v1.7.0
(cherry picked from commit 7332273)
    @Ma27
    Ma27 committed Dec 19, 2019
    Copy the full SHA
    7695df5 View commit details
    Browse the repository at this point in the history

  3. matrix-synapse: 1.7.0 -> 1.7.1 

    https://github.com/matrix-org/synapse/releases/tag/v1.7.1
(cherry picked from commit f1acc6e)
    @Ma27
    Ma27 committed Dec 19, 2019
    Copy the full SHA
    5c4059d View commit details
    Browse the repository at this point in the history