Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 842d499ce872
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 7351aa52acd0
Choose a head ref
7 contributors

Commits on Nov 30, 2019

  1. libvpx: add patches for CVE-2019-9232, CVE-2019-9325, CVE-2019-9371, C… 

    …VE-2019-9433

backports sourced from debian package 1.7.0-3+deb10u1, included in-repo
as file is not available on sources.debian.org or salsa.debian.org
    @risicle
    risicle committed Nov 30, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    Doctor-wu Doctor Wu
    GPG key ID: 7D1412F015912FB2
    Verified
    Learn about vigilant mode
    Copy the full SHA
    9bcc760 View commit details

Commits on Dec 7, 2019

  1. libofx: add patch for CVE-2019-9656

    @risicle
    risicle committed Dec 7, 2019
    Copy the full SHA
    b091d1d View commit details

Commits on Dec 11, 2019

  1. glibc: add patch for CVE-2019-19126 

    including patch in-repo as it needs modification to remove the changes to
NEWS but fetchpatch doesn't work here

(cherry picked from commit 9234d1d)
    @risicle
    risicle committed Dec 11, 2019
    Copy the full SHA
    ef57504 View commit details

Commits on Dec 12, 2019

  1. Merge pull request #75529 from risicle/ris-glibc-CVE-2019-19126-r19.09 

    [r19.09] glibc: add patch for CVE-2019-19126
    @andir
    andir authored Dec 12, 2019
    Copy the full SHA
    72e8683 View commit details

  2. Merge branch release-19.09 into staging-19.09

    @andir
    andir committed Dec 12, 2019
    Copy the full SHA
    137247f View commit details

  3. boolector: add patch for CVE-2019-7560 

    (cherry picked from commit b9185a9)
    @risicle
    risicle committed Dec 12, 2019
    Copy the full SHA
    ce35c56 View commit details

  4. btor2tools: correct meta information 

    (cherry picked from commit c676063)
    @risicle
    risicle committed Dec 12, 2019
    Copy the full SHA
    78ac8fc View commit details

Commits on Dec 13, 2019

  1. Merge pull request #74751 from risicle/ris-libvpx-CVEs-r19.09 

    [r19.09] libvpx: add patches for CVE-2019-9232, CVE-2019-9325, CVE-2019-9371, CVE-2019-9433
    @andir
    andir authored Dec 13, 2019
    Copy the full SHA
    36f766f View commit details

  2. Merge pull request #75577 from risicle/ris-boolector-CVE-2019-7560-r1… 

    …9.09

[r19.09] boolector: add patch for CVE-2019-7560
    @andir
    andir authored Dec 13, 2019
    Copy the full SHA
    18ca17f View commit details

  3. Merge pull request #75159 from risicle/ris-libofx-CVE-2019-9656-r19.09 

    [r19.09] libofx: add patch for CVE-2019-9656
    @andir
    andir authored Dec 13, 2019
    Copy the full SHA
    a5d5fc1 View commit details

  4. linux: 4.19.88 -> 4.19.89 

    (cherry picked from commit 00875c0)
    @NeQuissimus
    NeQuissimus committed Dec 13, 2019
    Copy the full SHA
    8cd3530 View commit details

  5. linux: 5.4.2 -> 5.4.3 

    (cherry picked from commit 4974c6f)
    @NeQuissimus
    NeQuissimus committed Dec 13, 2019
    Copy the full SHA
    d570b98 View commit details

  6. vscode: 1.39.1 -> 1.39.2 

    (cherry picked from commit 9fadd8e)
    @eadwu @worldofpeace
    eadwu authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    8cea6d2 View commit details

  7. vscode: 1.39.2 -> 1.40.0 

    (cherry picked from commit a2f62bc)
    @domenkozar @worldofpeace
    domenkozar authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    89d4136 View commit details

  8. vscode 1.40.0 -> 1.40.1 (#73610) 

    (cherry picked from commit a6934e3)
    @Dema @worldofpeace
    Dema authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    9862792 View commit details

  9. vscode: 1.40.1 -> 1.41.0 

    (cherry picked from commit 8d5e90b)
    @domenkozar @worldofpeace
    domenkozar authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    0817bb1 View commit details

  10. vscodium: 1.39.1 -> 1.39.2 

    (cherry picked from commit 445dd73)
    @eadwu @worldofpeace
    eadwu authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    77b02cc View commit details

  11. vscodium: 1.39.2 -> 1.40.0 

    (cherry picked from commit 065dc03)
    @Synthetica9 @worldofpeace
    Synthetica9 authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    f8b7b15 View commit details

  12. vscodium: 1.40.0 -> 1.40.1 

    (cherry picked from commit 7b3cf4c)
    @Synthetica9 @worldofpeace
    Synthetica9 authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    6ef6bd7 View commit details

  13. vscodium: 1.40.1 -> 1.41.0 

    (cherry picked from commit a552a7d)
    @Synthetica9 @worldofpeace
    Synthetica9 authored and worldofpeace committed Dec 13, 2019
    Copy the full SHA
    cac8a97 View commit details

  14. Merge branch staging-19.09 into release-19.09

    @andir
    andir committed Dec 13, 2019
    Copy the full SHA
    7351aa5 View commit details
6 changes: 3 additions & 3 deletions pkgs/applications/editors/vscode/vscode.nix
View file
Original file line number Diff line number Diff line change
@@ -11,13 +11,13 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";

sha256 = {
x86_64-linux = "06yrcn7857fw1dvwj0fhj6b2pb224i0r1m2diqg49a0jaj15mnak";
x86_64-darwin = "0gq2lazjlzf7wmmdlpg5zg60lmwlmq5rm65lb815r0dpqqj0dizn";
x86_64-linux = "1ziw2b851kg17jaf713nwhsv5ikbvivq3h01xximhcglv9vzk93l";
x86_64-darwin = "0nndasa130551jf06mfrym593c02c3ypgg9f9rdg1fw5qbyjb8hm";
}.${system};
in
callPackage ./generic.nix rec {

version = "1.39.1";
version = "1.41.0";
pname = "vscode";

executableName = "code" + lib.optionalString isInsiders "-insiders";
6 changes: 3 additions & 3 deletions pkgs/applications/editors/vscode/vscodium.nix
View file
Original file line number Diff line number Diff line change
@@ -11,13 +11,13 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";

sha256 = {
x86_64-linux = "1vhrfz36ay67laa5159jcnxyl4prgm8v1mp6anv1s7bppazigg2n";
x86_64-darwin = "0cxsl0qpk223khndfwwgxl8az4rz4ap657yrkvws9bh8k4vv473h";
x86_64-linux = "1njxa19mzzydz1jacghwmha3dl4a13m9xzzwsb0rbks5zc9a0v7m";
x86_64-darwin = "0cpd87q0q3i172l4s43s79by42wa9k5pyik3v2z5mq8zpms8qcq4";
}.${system};
in
callPackage ./generic.nix rec {

version = "1.39.1";
version = "1.41.0";
pname = "vscodium";

executableName = "codium";
10 changes: 9 additions & 1 deletion pkgs/applications/science/logic/boolector/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub
{ stdenv, fetchFromGitHub, fetchpatch
, cmake, lingeling, btor2tools
}:

@@ -13,6 +13,14 @@ stdenv.mkDerivation rec {
sha256 = "15i3ni5klss423m57wcy1gx0m5wfrjmglapwg85pm7fb3jj1y7sz";
};

patches = [
(fetchpatch {
name = "CVE-2019-7560.patch";
url = "https://github.com/Boolector/boolector/commit/8d979d02e0482c7137c9f3a34e6d430dbfd1f5c5.patch";
sha256 = "1a1g02mk8b0azzjcigdn5zpshn0dn05fciwi8sd5q38yxvnvpbbi";
})
];

nativeBuildInputs = [ cmake ];
buildInputs = [ lingeling btor2tools ];

4 changes: 2 additions & 2 deletions pkgs/applications/science/logic/btor2tools/default.nix
View file
Original file line number Diff line number Diff line change
@@ -24,8 +24,8 @@ stdenv.mkDerivation {
outputs = [ "out" "dev" "lib" ];

meta = with stdenv.lib; {
description = "Fast SAT solver";
homepage = http://fmv.jku.at/lingeling/;
description = "A generic parser and tool package for the BTOR2 format";
homepage = "https://github.com/Boolector/btor2tools";
license = licenses.mit;
platforms = platforms.linux;
maintainers = with maintainers; [ thoughtpolice ];
18 changes: 18 additions & 0 deletions pkgs/development/libraries/glibc/2.27-CVE-2019-19126.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
Adapted from https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=patch;h=4d5cfeb510125345cb41431afc9022492994cffa, omitting changes to NEWS
diff --git a/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h b/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
index 1943691..ac694c0 100644
--- a/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
+++ b/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
@@ -31,7 +31,8 @@
environment variable, LD_PREFER_MAP_32BIT_EXEC. */
#define EXTRA_LD_ENVVARS \
case 21: \
- if (memcmp (envline, "PREFER_MAP_32BIT_EXEC", 21) == 0) \
+ if (!__libc_enable_secure \
+ && memcmp (envline, "PREFER_MAP_32BIT_EXEC", 21) == 0) \
GLRO(dl_x86_cpu_features).feature[index_arch_Prefer_MAP_32BIT_EXEC] \
|= bit_arch_Prefer_MAP_32BIT_EXEC; \
break;
--
2.9.3

5 changes: 4 additions & 1 deletion pkgs/development/libraries/glibc/common.nix
View file
Original file line number Diff line number Diff line change
@@ -98,7 +98,10 @@ stdenv.mkDerivation ({
# https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f51c8367685dc888a02f7304c729ed5277904aff
./CVE-2018-11237.patch
]
++ lib.optional stdenv.isx86_64 ./fix-x64-abi.patch
++ lib.optionals stdenv.isx86_64 [
./fix-x64-abi.patch
./2.27-CVE-2019-19126.patch
]
++ lib.optional stdenv.hostPlatform.isMusl ./fix-rpc-types-musl-conflicts.patch
++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch

10 changes: 9 additions & 1 deletion pkgs/development/libraries/libofx/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, opensp, pkgconfig, libxml2, curl }:
{ stdenv, fetchurl, opensp, pkgconfig, libxml2, curl, fetchpatch }:

stdenv.mkDerivation rec {
name = "libofx-0.9.14";
@@ -8,6 +8,14 @@ stdenv.mkDerivation rec {
sha256 = "02i9zxkp66yxjpjay5dscfh53bz5vxy03zcxncpw09svl6zmf9xq";
};

patches = [
(fetchpatch {
name = "CVE-2019-9656.patch";
url = "https://github.com/libofx/libofx/commit/15d0511253d7a8011ab7fa8d1e74c265d17d1b44.patch";
sha256 = "13lmn8izjdxsi8yvwqn635kc8qcr0cazzhz16lj4fdwwa645z2ca";
})
];

configureFlags = [ "--with-opensp-includes=${opensp}/include/OpenSP" ];
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ opensp libxml2 curl ];
211 changes: 211 additions & 0 deletions ...evelopment/libraries/libvpx/CVE-2019-9232.CVE-2019-9325.CVE-2019-9371.CVE-2019-9433.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,211 @@
Backports of

From 46e17f0cb4a80b36755c84b8bf15731d3386c08f Mon Sep 17 00:00:00 2001
From: kyslov <kyslov@google.com>
Date: Fri, 4 Jan 2019 17:04:09 -0800
Subject: [PATCH] Fix OOB memory access on fuzzed data

From 0681cff1ad36b3ef8ec242f59b5a6c4234ccfb88 Mon Sep 17 00:00:00 2001
From: James Zern <jzern@google.com>
Date: Tue, 24 Jul 2018 21:36:50 -0700
Subject: [PATCH] vp9: fix OOB read in decoder_peek_si_internal

From f00890eecdf8365ea125ac16769a83aa6b68792d Mon Sep 17 00:00:00 2001
From: James Zern <jzern@google.com>
Date: Tue, 11 Dec 2018 18:06:20 -0800
Subject: [PATCH] update libwebm to libwebm-1.0.0.27-352-g6ab9fcf

From 34d54b04e98dd0bac32e9aab0fbda0bf501bc742 Mon Sep 17 00:00:00 2001
From: James Zern <jzern@google.com>
Date: Tue, 9 Apr 2019 18:37:44 -0700
Subject: [PATCH] update libwebm to libwebm-1.0.0.27-358-gdbf1d10

From 52add5896661d186dec284ed646a4b33b607d2c7 Mon Sep 17 00:00:00 2001
From: Jerome Jiang <jianj@google.com>
Date: Wed, 23 May 2018 15:43:00 -0700
Subject: [PATCH] VP8: Fix use-after-free in postproc.

to address CVE-2019-9232 CVE-2019-9325 CVE-2019-9371 CVE-2019-9433

--- libvpx-1.7.0.orig/test/decode_api_test.cc
+++ libvpx-1.7.0/test/decode_api_test.cc
@@ -138,8 +138,30 @@ TEST(DecodeAPI, Vp9InvalidDecode) {
EXPECT_EQ(VPX_CODEC_OK, vpx_codec_destroy(&dec));
}

-TEST(DecodeAPI, Vp9PeekSI) {
+void TestPeekInfo(const uint8_t *const data, uint32_t data_sz,
+ uint32_t peek_size) {
const vpx_codec_iface_t *const codec = &vpx_codec_vp9_dx_algo;
+ // Verify behavior of vpx_codec_decode. vpx_codec_decode doesn't even get
+ // to decoder_peek_si_internal on frames of size < 8.
+ if (data_sz >= 8) {
+ vpx_codec_ctx_t dec;
+ EXPECT_EQ(VPX_CODEC_OK, vpx_codec_dec_init(&dec, codec, NULL, 0));
+ EXPECT_EQ((data_sz < peek_size) ? VPX_CODEC_UNSUP_BITSTREAM
+ : VPX_CODEC_CORRUPT_FRAME,
+ vpx_codec_decode(&dec, data, data_sz, NULL, 0));
+ vpx_codec_iter_t iter = NULL;
+ EXPECT_EQ(NULL, vpx_codec_get_frame(&dec, &iter));
+ EXPECT_EQ(VPX_CODEC_OK, vpx_codec_destroy(&dec));
+ }
+
+ // Verify behavior of vpx_codec_peek_stream_info.
+ vpx_codec_stream_info_t si;
+ si.sz = sizeof(si);
+ EXPECT_EQ((data_sz < peek_size) ? VPX_CODEC_UNSUP_BITSTREAM : VPX_CODEC_OK,
+ vpx_codec_peek_stream_info(codec, data, data_sz, &si));
+}
+
+TEST(DecodeAPI, Vp9PeekStreamInfo) {
// The first 9 bytes are valid and the rest of the bytes are made up. Until
// size 10, this should return VPX_CODEC_UNSUP_BITSTREAM and after that it
// should return VPX_CODEC_CORRUPT_FRAME.
@@ -150,24 +172,18 @@ TEST(DecodeAPI, Vp9PeekSI) {
};

for (uint32_t data_sz = 1; data_sz <= 32; ++data_sz) {
- // Verify behavior of vpx_codec_decode. vpx_codec_decode doesn't even get
- // to decoder_peek_si_internal on frames of size < 8.
- if (data_sz >= 8) {
- vpx_codec_ctx_t dec;
- EXPECT_EQ(VPX_CODEC_OK, vpx_codec_dec_init(&dec, codec, NULL, 0));
- EXPECT_EQ(
- (data_sz < 10) ? VPX_CODEC_UNSUP_BITSTREAM : VPX_CODEC_CORRUPT_FRAME,
- vpx_codec_decode(&dec, data, data_sz, NULL, 0));
- vpx_codec_iter_t iter = NULL;
- EXPECT_EQ(NULL, vpx_codec_get_frame(&dec, &iter));
- EXPECT_EQ(VPX_CODEC_OK, vpx_codec_destroy(&dec));
- }
-
- // Verify behavior of vpx_codec_peek_stream_info.
- vpx_codec_stream_info_t si;
- si.sz = sizeof(si);
- EXPECT_EQ((data_sz < 10) ? VPX_CODEC_UNSUP_BITSTREAM : VPX_CODEC_OK,
- vpx_codec_peek_stream_info(codec, data, data_sz, &si));
+ TestPeekInfo(data, data_sz, 10);
+ }
+}
+
+TEST(DecodeAPI, Vp9PeekStreamInfoTruncated) {
+ // This profile 1 header requires 10.25 bytes, ensure
+ // vpx_codec_peek_stream_info doesn't over read.
+ const uint8_t profile1_data[10] = { 0xa4, 0xe9, 0x30, 0x68, 0x53,
+ 0xe9, 0x30, 0x68, 0x53, 0x04 };
+
+ for (uint32_t data_sz = 1; data_sz <= 10; ++data_sz) {
+ TestPeekInfo(profile1_data, data_sz, 11);
}
}
#endif // CONFIG_VP9_DECODER
--- libvpx-1.7.0.orig/third_party/libwebm/mkvparser/mkvparser.cc
+++ libvpx-1.7.0/third_party/libwebm/mkvparser/mkvparser.cc
@@ -5307,8 +5307,8 @@ long VideoTrack::Parse(Segment* pSegment

const long long stop = pos + s.size;

- Colour* colour = NULL;
- Projection* projection = NULL;
+ std::unique_ptr<Colour> colour_ptr;
+ std::unique_ptr<Projection> projection_ptr;

while (pos < stop) {
long long id, size;
@@ -5357,11 +5357,19 @@ long VideoTrack::Parse(Segment* pSegment
if (rate <= 0)
return E_FILE_FORMAT_INVALID;
} else if (id == libwebm::kMkvColour) {
- if (!Colour::Parse(pReader, pos, size, &colour))
+ Colour* colour = NULL;
+ if (!Colour::Parse(pReader, pos, size, &colour)) {
return E_FILE_FORMAT_INVALID;
+ } else {
+ colour_ptr.reset(colour);
+ }
} else if (id == libwebm::kMkvProjection) {
- if (!Projection::Parse(pReader, pos, size, &projection))
+ Projection* projection = NULL;
+ if (!Projection::Parse(pReader, pos, size, &projection)) {
return E_FILE_FORMAT_INVALID;
+ } else {
+ projection_ptr.reset(projection);
+ }
}

pos += size; // consume payload
@@ -5392,8 +5400,8 @@ long VideoTrack::Parse(Segment* pSegment
pTrack->m_display_unit = display_unit;
pTrack->m_stereo_mode = stereo_mode;
pTrack->m_rate = rate;
- pTrack->m_colour = colour;
- pTrack->m_projection = projection;
+ pTrack->m_colour = colour_ptr.release();
+ pTrack->m_projection = projection_ptr.release();

pResult = pTrack;
return 0; // success
--- libvpx-1.7.0.orig/vp8/common/postproc.c
+++ libvpx-1.7.0/vp8/common/postproc.c
@@ -65,7 +65,7 @@ void vp8_deblock(VP8_COMMON *cm, YV12_BU
double level = 6.0e-05 * q * q * q - .0067 * q * q + .306 * q + .0065;
int ppl = (int)(level + .5);

- const MODE_INFO *mode_info_context = cm->show_frame_mi;
+ const MODE_INFO *mode_info_context = cm->mi;
int mbr, mbc;

/* The pixel thresholds are adjusted according to if or not the macroblock
--- libvpx-1.7.0.orig/vp8/decoder/dboolhuff.h
+++ libvpx-1.7.0/vp8/decoder/dboolhuff.h
@@ -76,7 +76,7 @@ static int vp8dx_decode_bool(BOOL_DECODE
}

{
- register int shift = vp8_norm[range];
+ const unsigned char shift = vp8_norm[(unsigned char)range];
range <<= shift;
value <<= shift;
count -= shift;
--- libvpx-1.7.0.orig/vp9/vp9_dx_iface.c
+++ libvpx-1.7.0/vp9/vp9_dx_iface.c
@@ -97,7 +97,7 @@ static vpx_codec_err_t decoder_peek_si_i
const uint8_t *data, unsigned int data_sz, vpx_codec_stream_info_t *si,
int *is_intra_only, vpx_decrypt_cb decrypt_cb, void *decrypt_state) {
int intra_only_flag = 0;
- uint8_t clear_buffer[10];
+ uint8_t clear_buffer[11];

if (data + data_sz <= data) return VPX_CODEC_INVALID_PARAM;

@@ -158,6 +158,9 @@ static vpx_codec_err_t decoder_peek_si_i
if (profile > PROFILE_0) {
if (!parse_bitdepth_colorspace_sampling(profile, &rb))
return VPX_CODEC_UNSUP_BITSTREAM;
+ // The colorspace info may cause vp9_read_frame_size() to need 11
+ // bytes.
+ if (data_sz < 11) return VPX_CODEC_UNSUP_BITSTREAM;
}
rb.bit_offset += REF_FRAMES; // refresh_frame_flags
vp9_read_frame_size(&rb, (int *)&si->w, (int *)&si->h);
--- libvpx-1.7.0.orig/vpx_dsp/bitreader.h
+++ libvpx-1.7.0/vpx_dsp/bitreader.h
@@ -94,7 +94,7 @@ static INLINE int vpx_read(vpx_reader *r
}

{
- register int shift = vpx_norm[range];
+ const unsigned char shift = vpx_norm[(unsigned char)range];
range <<= shift;
value <<= shift;
count -= shift;
--- libvpx-1.7.0.orig/vpx_dsp/bitreader_buffer.c
+++ libvpx-1.7.0/vpx_dsp/bitreader_buffer.c
@@ -23,7 +23,7 @@ int vpx_rb_read_bit(struct vpx_read_bit_
rb->bit_offset = off + 1;
return bit;
} else {
- rb->error_handler(rb->error_handler_data);
+ if (rb->error_handler != NULL) rb->error_handler(rb->error_handler_data);
return 0;
}
}
6 changes: 5 additions & 1 deletion pkgs/development/libraries/libvpx/default.nix
View file
Original file line number Diff line number Diff line change
@@ -65,7 +65,11 @@ stdenv.mkDerivation rec {
sha256 = "0vvh89hvp8qg9an9vcmwb7d9k3nixhxaz6zi65qdjnd0i56kkcz6";
};

patchPhase = ''patchShebangs .'';
patches = [
./CVE-2019-9232.CVE-2019-9325.CVE-2019-9371.CVE-2019-9433.patch
];

postPatch = ''patchShebangs .'';

outputs = [ "bin" "dev" "out" ];
setOutputFlags = false;
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/kernel/linux-4.19.nix
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
with stdenv.lib;

buildLinux (args // rec {
version = "4.19.88";
version = "4.19.89";

# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {

src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
sha256 = "1gizkdmq46ykw7ya3hibd6lalww2kvsia346pq3xvrk6s5mkp4n1";
sha256 = "0ijx8ih91p4g95zpwz6ga3q2x9lf1948xf2v5mz4348byf5hdwv8";
};
} // (args.argsOverride or {}))
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/kernel/linux-5.4.nix
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
with stdenv.lib;

buildLinux (args // rec {
version = "5.4.2";
version = "5.4.3";

# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {

src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "0mx50cp61kajya3lfcksw7wksq7ihkqzrzszf4bb19kwhxb85y9j";
sha256 = "0lgfg31pgvdhkh9y4y4yh075mlk3qa6npxp7n19yxcg168pnhcb7";
};
} // (args.argsOverride or {}))