Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
base: e758436f9868
Choose a base ref
...
head repository: NixOS/nixpkgs
compare: 02dbdcddcd30
Choose a head ref
  • 13 commits
  • 14 files changed
  • 3 contributors

Commits on Oct 2, 2019

  1. gnupatch: rename patch files to match their CVE ids. 

    This should be a behavior no-op, but it helps vulnix figure out that we
are up to date regarding security patches.

(cherry picked from commit 2242bb8)
    @delroth
    delroth committed Oct 2, 2019
    Configuration menu
    Copy the full SHA
    41f6a49 View commit details
    Browse the repository at this point in the history

  2. libtiff: patch for CVE-2019-6128, CVE-2019-14973 

    CVE-2019-14973.patch is a manually backported of the upstream patch to
work around some minor merge conflicts.

(cherry picked from commit a2e1da7)
    @delroth
    delroth committed Oct 2, 2019
    Configuration menu
    Copy the full SHA
    b7eac27 View commit details
    Browse the repository at this point in the history

  3. gst-plugins-base,gst_all_1.gst-plugins-base: apply patch for CVE-2019… 

    …-9928

Refactor the patchPhase management for the package along the way to
something more standard.

(Cherry pick from 97e4a11 with an extra
version of the package to patch in 19.03.)
    @delroth
    delroth committed Oct 2, 2019
    Configuration menu
    Copy the full SHA
    061663a View commit details
    Browse the repository at this point in the history

  4. glibc: patch CVE-2018-11236, CVE-2018-11237 

    Patches have been imported into nixpkgs and manually edited to avoid
merge conflicts on ChangeLog / NEWS files.

(cherry picked from commit 17be09a)
    @delroth
    delroth committed Oct 2, 2019
    Configuration menu
    Copy the full SHA
    2aae1c9 View commit details
    Browse the repository at this point in the history

Commits on Oct 12, 2019

  1. Merge branch 'release-19.03' into staging-19.03

    @vcunat
    vcunat committed Oct 12, 2019
    Configuration menu
    Copy the full SHA
    1a62ef4 View commit details
    Browse the repository at this point in the history

  2. curl: apply upstream security patch 

    Partially fixes #70084.  Cherry-picked from 19.09's 22b5bbf.
    @vcunat
    vcunat committed Oct 12, 2019
    Configuration menu
    Copy the full SHA
    8350d25 View commit details
    Browse the repository at this point in the history

Commits on Oct 13, 2019

  1. poppler_0_61: add patch for CVE-2019-9959 

    custom adapted patch to accommodate the openjpeg1/openjpeg2 split that
0.61 still has

(cherry picked from commit e6889d4)
    @risicle @vcunat
    risicle authored and vcunat committed Oct 13, 2019
    Configuration menu
    Copy the full SHA
    7240f2f View commit details
    Browse the repository at this point in the history

  2. Merge #70278: libtiff: patch for CVE-2019-6128, CVE-2019-14973 

    ...into staging-19.03
    @vcunat
    vcunat committed Oct 13, 2019
    Configuration menu
    Copy the full SHA
    57bd5f1 View commit details
    Browse the repository at this point in the history

  3. Merge #70273: gnupatch: rename patch files to match their CVE ids 

    ...into staging-19.03
    @vcunat
    vcunat committed Oct 13, 2019
    Configuration menu
    Copy the full SHA
    7585be8 View commit details
    Browse the repository at this point in the history

  4. Merge #70285: *gst-plugins-base: patch CVE-2019-9928 

    ...into staging-19.03
    @vcunat
    vcunat committed Oct 13, 2019
    Configuration menu
    Copy the full SHA
    139e21b View commit details
    Browse the repository at this point in the history

  5. poppler: add patch for CVE-2019-9959 (PR #71046) 

    (cherry picked from commit 3fa2864)
    @risicle @vcunat
    risicle authored and vcunat committed Oct 13, 2019
    Configuration menu
    Copy the full SHA
    3475116 View commit details
    Browse the repository at this point in the history

  6. Merge branch 'release-19.03' into staging-19.03

    @vcunat
    vcunat committed Oct 13, 2019
    Configuration menu
    Copy the full SHA
    72d36be View commit details
    Browse the repository at this point in the history

Commits on Oct 14, 2019

  1. Merge branch 'staging-19.03' into release-19.03 (security) 

    Only x86_64-linux has managed to finish rebuilding so far
https://hydra.nixos.org/eval/1548583
but I think that's a sufficient trade-off, given that regressions
should be very unlikely.
    @vcunat
    vcunat committed Oct 14, 2019
    Configuration menu
    Copy the full SHA
    02dbdcd View commit details
    Browse the repository at this point in the history