Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: fbe321e66693
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: cfc23a2904c4
Choose a head ref
  • 16 commits
  • 12 files changed
  • 6 contributors

Commits on Dec 15, 2019

  1. dovecot: 2.3.8 -> 2.3.9.2 

    Update to latest version & updated the patch file to match with the
lastest verison.

Fixes the following security issue:
  * CVE-2019-19722: Mails with group addresses in From or To fields
    caused crash in push notification drivers.

(cherry picked from commit cd39434)
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    6d237b7 View commit details

  2. thunderbird-bin: 68.2.2 -> 68.3.0 

    (cherry picked from commit e1699e3)
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    943560f View commit details

  3. ansible_2_7: 2.7.11 -> 2.7.15 

    This fixes the following security issues:
  * Ansible: Splunk and Sumologic callback plugins leak sensitive data
    in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when invalid
    parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: https://github.com/ansible/ansible/blob/0623dedf2d9c4afc09e5be30d3ef249f9d1ebece/changelogs/CHANGELOG-v2.7.rst#v2-7-15
(cherry picked from commit 64e2791)
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    706c10b View commit details

  4. ansible_2_8: 2.8.4 -> 2.8.7 

    This addresses the following security issues:

  * Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)

Changelog: https://github.com/ansible/ansible/blob/24220a618a6d5cd3b5c99f8c7f7771661ed08d33/changelogs/CHANGELOG-v2.8.rst
(cherry picked from commit 71cde97)
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    b1ee58b View commit details

  5. ansible_2_6: 2.6.17 -> 2.6.20 

    This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: https://github.com/ansible/ansible/blob/9bdb89f740a87bcf760424577ce18a8f68d7a741/changelogs/CHANGELOG-v2.6.rst
(cherry picked from commit b21b929)
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    6d01dd8 View commit details

  6. wire-desktop: fix desktop icon 

    Update the Name attribute in the wire-desktop.desktop applications file
and add StartupWMClass key. This fixes the icons on plasma5 and gnome3
which, in certain places, showed a generic X.org icon instead of the Wire
icon.

(cherry picked from commit 4a73fbc)
    @Kiwi @worldofpeace
    Kiwi authored and worldofpeace committed Dec 15, 2019
    Copy the full SHA
    9436766 View commit details

  7. Merge pull request #75707 from andir/19.09/dovecot 

    [19.09] dovecot: 2.3.8 -> 2.3.9.2
    @fpletz
    fpletz authored Dec 15, 2019
    Copy the full SHA
    a1a0702 View commit details

  8. advancecomp: fix CVE-2019-9210 

    (cherry picked from commit f23627c)
    @andir
    andir committed Dec 15, 2019
    Copy the full SHA
    8fe113b View commit details

  9. Merge pull request #75709 from andir/19.09/thunderbird-bin 

    [19.09] thunderbird-bin: 68.2.2 -> 68.3.0
    @fpletz
    fpletz authored Dec 15, 2019
    Copy the full SHA
    168ab93 View commit details

  10. Merge pull request #75716 from andir/19.09/ansible 

    [19.09] ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
    @fpletz
    fpletz authored Dec 15, 2019
    Copy the full SHA
    dfceeb0 View commit details

  11. Merge pull request #75724 from andir/19.09/advancecomp 

    [19.09] advancecomp: fix CVE-2019-9210
    @7c6f434c
    7c6f434c authored Dec 15, 2019
    Copy the full SHA
    cdd5a99 View commit details

  12. tor-browser-bundle-bin: 9.0.1 -> 9.0.2 

    (cherry picked from commit fca98ea)
    @fpletz
    cap authored and fpletz committed Dec 15, 2019
    Copy the full SHA
    337e008 View commit details

  13. Merge pull request #75685 from scaredmushroom/tor-browser-bundle-bin_… 

    …release-19.09

backport: tor-browser-bundle-bin: 9.0.1 -> 9.0.2
    @fpletz
    fpletz authored Dec 15, 2019
    Copy the full SHA
    931a430 View commit details

  14. aircrack-ng: fixed missing dependency for airmon-ng 

    (cherry picked from commit 2978ca2)
    @fpletz
    cap authored and fpletz committed Dec 15, 2019
    Copy the full SHA
    6d44cb6 View commit details

  15. Merge pull request #75699 from scaredmushroom/aircrack-ng_release-19.09 

    backport: aircrack-ng: fixed missing dependency for airmon-ng
    @fpletz
    fpletz authored Dec 15, 2019
    Copy the full SHA
    c5f385d View commit details

Commits on Dec 16, 2019

  1. herwig: 7.1.5 -> 7.1.6 

    thepeg: 2.1.5 -> 2.1.6

(cherry picked from commit 2f79be4)
    @veprbl
    veprbl committed Dec 16, 2019
    Copy the full SHA
    cfc23a2 View commit details
6 changes: 3 additions & 3 deletions pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix
View file
Original file line number Diff line number Diff line change
@@ -89,19 +89,19 @@ let
fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ];

# Upstream source
version = "9.0.1";
version = "9.0.2";

lang = "en-US";

srcs = {
x86_64-linux = fetchurl {
url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz";
sha256 = "09iasj13wn3d1dygpxn4www4rx8wnxxlm9h6df9lzf4wll15px55";
sha256 = "1xdnqphsj7wzwyv927jwd3fi36srx0minydwl5jg5yyd3m3if9hb";
};

i686-linux = fetchurl {
url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz";
sha256 = "1vz3pvqi114c9lkyhqy754ngi90708c187xwiyr9786ff89sjw5i";
sha256 = "1qk9fg5dvyyvbngsqla00by8a974mpvq9pnm2djif54lr2nfivwf";
};
};
in
5 changes: 4 additions & 1 deletion pkgs/applications/networking/instant-messengers/wire-desktop/default.nix
View file
Original file line number Diff line number Diff line change
@@ -61,9 +61,12 @@ let
exec = "wire-desktop %U";
icon = "wire-desktop";
comment = "Secure messenger for everyone";
desktopName = "Wire Desktop";
desktopName = "Wire";
genericName = "Secure messenger";
categories = "Network;InstantMessaging;Chat;VideoConference";
extraEntries = ''
StartupWMClass="Wire"
'';
};

dontBuild = true;
490 changes: 245 additions & 245 deletions pkgs/applications/networking/mailreaders/thunderbird-bin/release_sources.nix
View file

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions pkgs/development/libraries/physics/herwig/default.nix
View file
Original file line number Diff line number Diff line change
@@ -2,11 +2,11 @@

stdenv.mkDerivation rec {
pname = "herwig";
version = "7.1.5";
version = "7.1.6";

src = fetchurl {
url = "https://www.hepforge.org/archive/herwig/Herwig-${version}.tar.bz2";
sha256 = "0jnrv59zfa41gc37pqr3vaiz5jkh7w0k0alcax37b3mlbsnacr9r";
sha256 = "0h4gcmwnk4iyd31agzcq3p8bvlrgc8svm4ymzqgvvhizwflqf3yr";
};

nativeBuildInputs = [ autoconf automake libtool ];
4 changes: 2 additions & 2 deletions pkgs/development/libraries/physics/thepeg/default.nix
View file
Original file line number Diff line number Diff line change
@@ -2,11 +2,11 @@

stdenv.mkDerivation rec {
pname = "thepeg";
version = "2.1.5";
version = "2.1.6";

src = fetchurl {
url = "https://www.hepforge.org/archive/thepeg/ThePEG-${version}.tar.bz2";
sha256 = "1rmmwhk9abn9mc9j3127axjwpvymv21ld4wcivwz01pldkxh06n6";
sha256 = "0krz6psr69kn48xkgr0mjadmzvq572mzn02inlasiz3bf61izrf1";
};

buildInputs = [ boost fastjet gsl hepmc2 lhapdf rivet zlib ];
4 changes: 2 additions & 2 deletions pkgs/development/python-modules/ansible/default.nix
View file
Original file line number Diff line number Diff line change
@@ -18,13 +18,13 @@

buildPythonPackage rec {
pname = "ansible";
version = "2.8.4";
version = "2.8.7";

src = fetchFromGitHub {
owner = "ansible";
repo = "ansible";
rev = "v${version}";
sha256 = "1fp7zz8awfv70nn8i6x0ggx4472377hm7787x16qv2kz4nb069ki";
sha256 = "08vqjk85j0g1x0iad03d7ysws433dikii8j2lr3a1mlx6d186vv8";
};

prePatch = ''
135 changes: 0 additions & 135 deletions pkgs/servers/mail/dovecot/2.2.x-module_dir.patch
View file

This file was deleted.

165 changes: 165 additions & 0 deletions pkgs/servers/mail/dovecot/2.3.x-module_dir.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,165 @@
diff -ru dovecot-2.3.9.2.orig/src/auth/main.c dovecot-2.3.9.2/src/auth/main.c
--- dovecot-2.3.9.2.orig/src/auth/main.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/auth/main.c 2019-12-15 19:46:52.101597499 +0100
@@ -191,7 +191,7 @@
mod_set.debug = global_auth_settings->debug;
mod_set.filter_callback = auth_module_filter;

- modules = module_dir_load(AUTH_MODULE_DIR, NULL, &mod_set);
+ modules = module_dir_load("/etc/dovecot/modules/auth", NULL, &mod_set);
module_dir_init(modules);

if (!worker)
@@ -222,7 +222,7 @@
mod_set.debug = global_auth_settings->debug;
mod_set.ignore_missing = TRUE;

- modules = module_dir_load_missing(modules, AUTH_MODULE_DIR, names,
+ modules = module_dir_load_missing(modules, "/etc/dovecot/modules/auth", names,
&mod_set);
module_dir_init(modules);
}
diff -ru dovecot-2.3.9.2.orig/src/config/all-settings.c dovecot-2.3.9.2/src/config/all-settings.c
--- dovecot-2.3.9.2.orig/src/config/all-settings.c 2019-12-13 14:12:32.000000000 +0100
+++ dovecot-2.3.9.2/src/config/all-settings.c 2019-12-15 19:49:42.764650074 +0100
@@ -1080,7 +1080,7 @@
.last_valid_gid = 0,

.mail_plugins = "",
- .mail_plugin_dir = MODULEDIR,
+ .mail_plugin_dir = "/etc/dovecot/modules",

.mail_log_prefix = "%s(%u)<%{pid}><%{session}>: ",

@@ -3849,7 +3849,7 @@
.login_log_format = "%$: %s",
.login_access_sockets = "",
.login_proxy_notify_path = "proxy-notify",
- .login_plugin_dir = MODULEDIR"/login",
+ .login_plugin_dir = "/etc/dovecot/modules""/login",
.login_plugins = "",
.login_proxy_max_disconnect_delay = 0,
.director_username_hash = "%u",
@@ -4058,7 +4058,7 @@
.login_trusted_networks = "",

.mail_plugins = "",
- .mail_plugin_dir = MODULEDIR,
+ .mail_plugin_dir = "/etc/dovecot/modules",
};
static const struct setting_parser_info *lmtp_setting_dependencies[] = {
&lda_setting_parser_info,
@@ -4823,7 +4823,7 @@
.base_dir = PKG_RUNDIR,
.libexec_dir = PKG_LIBEXECDIR,
.mail_plugins = "",
- .mail_plugin_dir = MODULEDIR,
+ .mail_plugin_dir = "/etc/dovecot/modules",
.mail_temp_dir = "/tmp",
.auth_debug = FALSE,
.auth_socket_path = "auth-userdb",
diff -ru dovecot-2.3.9.2.orig/src/config/config-parser.c dovecot-2.3.9.2/src/config/config-parser.c
--- dovecot-2.3.9.2.orig/src/config/config-parser.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/config/config-parser.c 2019-12-15 19:46:52.102597505 +0100
@@ -1077,7 +1077,7 @@

i_zero(&mod_set);
mod_set.abi_version = DOVECOT_ABI_VERSION;
- modules = module_dir_load(CONFIG_MODULE_DIR, NULL, &mod_set);
+ modules = module_dir_load("/etc/dovecot/modules/settings", NULL, &mod_set);
module_dir_init(modules);

i_array_init(&new_roots, 64);
diff -ru dovecot-2.3.9.2.orig/src/dict/main.c dovecot-2.3.9.2/src/dict/main.c
--- dovecot-2.3.9.2.orig/src/dict/main.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/dict/main.c 2019-12-15 19:46:52.102597505 +0100
@@ -104,7 +104,7 @@
mod_set.abi_version = DOVECOT_ABI_VERSION;
mod_set.require_init_funcs = TRUE;

- modules = module_dir_load(DICT_MODULE_DIR, NULL, &mod_set);
+ modules = module_dir_load("/etc/dovecot/modules/dict", NULL, &mod_set);
module_dir_init(modules);

/* Register only after loading modules. They may contain SQL drivers,
diff -ru dovecot-2.3.9.2.orig/src/doveadm/doveadm-settings.c dovecot-2.3.9.2/src/doveadm/doveadm-settings.c
--- dovecot-2.3.9.2.orig/src/doveadm/doveadm-settings.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/doveadm/doveadm-settings.c 2019-12-15 19:47:29.525812499 +0100
@@ -89,7 +89,7 @@
.base_dir = PKG_RUNDIR,
.libexec_dir = PKG_LIBEXECDIR,
.mail_plugins = "",
- .mail_plugin_dir = MODULEDIR,
+ .mail_plugin_dir = "/etc/dovecot/modules",
.mail_temp_dir = "/tmp",
.auth_debug = FALSE,
.auth_socket_path = "auth-userdb",
diff -ru dovecot-2.3.9.2.orig/src/doveadm/doveadm-util.c dovecot-2.3.9.2/src/doveadm/doveadm-util.c
--- dovecot-2.3.9.2.orig/src/doveadm/doveadm-util.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/doveadm/doveadm-util.c 2019-12-15 19:52:32.003844670 +0100
@@ -33,7 +33,7 @@
mod_set.debug = doveadm_debug;
mod_set.ignore_dlopen_errors = TRUE;

- modules = module_dir_load_missing(modules, DOVEADM_MODULEDIR,
+ modules = module_dir_load_missing(modules, "/etc/dovecot/modules/doveadm",
NULL, &mod_set);
module_dir_init(modules);
}
@@ -58,7 +58,7 @@
return FALSE;
}

- dir = opendir(DOVEADM_MODULEDIR);
+ dir = opendir("/etc/dovecot/modules/doveadm");
if (dir == NULL)
return FALSE;

diff -ru dovecot-2.3.9.2.orig/src/lib-fs/fs-api.c dovecot-2.3.9.2/src/lib-fs/fs-api.c
--- dovecot-2.3.9.2.orig/src/lib-fs/fs-api.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/lib-fs/fs-api.c 2019-12-15 19:46:52.102597505 +0100
@@ -114,7 +114,7 @@
mod_set.abi_version = DOVECOT_ABI_VERSION;
mod_set.ignore_missing = TRUE;

- fs_modules = module_dir_load_missing(fs_modules, MODULE_DIR,
+ fs_modules = module_dir_load_missing(fs_modules, "/etc/dovecot/modules",
module_name, &mod_set);
module_dir_init(fs_modules);

diff -ru dovecot-2.3.9.2.orig/src/lib-ssl-iostream/iostream-ssl.c dovecot-2.3.9.2/src/lib-ssl-iostream/iostream-ssl.c
--- dovecot-2.3.9.2.orig/src/lib-ssl-iostream/iostream-ssl.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/lib-ssl-iostream/iostream-ssl.c 2019-12-15 19:46:52.102597505 +0100
@@ -54,7 +54,7 @@
mod_set.abi_version = DOVECOT_ABI_VERSION;
mod_set.setting_name = "<built-in lib-ssl-iostream lookup>";
mod_set.require_init_funcs = TRUE;
- ssl_module = module_dir_load(MODULE_DIR, plugin_name, &mod_set);
+ ssl_module = module_dir_load("/etc/dovecot/modules", plugin_name, &mod_set);
if (module_dir_try_load_missing(&ssl_module, MODULE_DIR, plugin_name,
&mod_set, error_r) < 0)
return -1;
diff -ru dovecot-2.3.9.2.orig/src/lib-storage/mail-storage-settings.c dovecot-2.3.9.2/src/lib-storage/mail-storage-settings.c
--- dovecot-2.3.9.2.orig/src/lib-storage/mail-storage-settings.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/lib-storage/mail-storage-settings.c 2019-12-15 19:46:52.102597505 +0100
@@ -337,7 +337,7 @@
.last_valid_gid = 0,

.mail_plugins = "",
- .mail_plugin_dir = MODULEDIR,
+ .mail_plugin_dir = "/etc/dovecot/modules",

.mail_log_prefix = "%s(%u)<%{pid}><%{session}>: ",

diff -ru dovecot-2.3.9.2.orig/src/lmtp/lmtp-settings.c dovecot-2.3.9.2/src/lmtp/lmtp-settings.c
--- dovecot-2.3.9.2.orig/src/lmtp/lmtp-settings.c 2019-12-13 14:12:00.000000000 +0100
+++ dovecot-2.3.9.2/src/lmtp/lmtp-settings.c 2019-12-15 19:46:52.102597505 +0100
@@ -95,7 +95,7 @@
.login_trusted_networks = "",

.mail_plugins = "",
- .mail_plugin_dir = MODULEDIR,
+ .mail_plugin_dir = "/etc/dovecot/modules",
};

static const struct setting_parser_info *lmtp_setting_dependencies[] = {
6 changes: 3 additions & 3 deletions pkgs/servers/mail/dovecot/default.nix
View file
Original file line number Diff line number Diff line change
@@ -9,7 +9,7 @@
}:

stdenv.mkDerivation rec {
name = "dovecot-2.3.8";
name = "dovecot-2.3.9.2";

nativeBuildInputs = [ perl pkgconfig ];
buildInputs =
@@ -21,7 +21,7 @@ stdenv.mkDerivation rec {

src = fetchurl {
url = "https://dovecot.org/releases/2.3/${name}.tar.gz";
sha256 = "0jdng27hqqagjy6v7ymd0xflbv5dbc1rhh450nk39ar6pw1qsxy5";
sha256 = "1yc6hi4hqg4hcc4495sf4m5f1lnargphi6dawj43if21vncgp127";
};

enableParallelBuilding = true;
@@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
# Make dovecot look for plugins in /etc/dovecot/modules
# so we can symlink plugins from several packages there.
# The symlinking needs to be done in NixOS.
./2.2.x-module_dir.patch
./2.3.x-module_dir.patch
];

configureFlags = [
8 changes: 4 additions & 4 deletions pkgs/tools/admin/ansible/default.nix
View file
Original file line number Diff line number Diff line change
@@ -7,21 +7,21 @@

ansible_2_7 = with python3Packages; toPythonApplication (ansible.overridePythonAttrs(old: rec {
pname = "ansible";
version = "2.7.11";
version = "2.7.15";

src = fetchurl {
url = "https://releases.ansible.com/ansible/${pname}-${version}.tar.gz";
sha256 = "0zipzm9al6k74h88b6zkddpcbxqs4cms7lidid6wn1vx3d3dxrp7";
sha256 = "1kjqr35c11njyi3f2rjab6821bhqcrdykv4285q76gwv0qynigwr";
};
}));

ansible_2_6 = with python3Packages; toPythonApplication (ansible.overridePythonAttrs(old: rec {
pname = "ansible";
version = "2.6.17";
version = "2.6.20";

src = fetchurl {
url = "https://releases.ansible.com/ansible/${pname}-${version}.tar.gz";
sha256 = "0ixr3g1nb02xblqyk87bzag8sj8phy37m24xflabfl1k2zfh0313";
sha256 = "02ra9q2mifyawn0719y78wrbqzik73aymlzwi90fq71jgyfvkkqn";
};
}));
}
17 changes: 15 additions & 2 deletions pkgs/tools/compression/advancecomp/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
{ stdenv, fetchFromGitHub
, autoreconfHook, zlib }:
{ stdenv
, fetchFromGitHub
, fetchpatch
, autoreconfHook
, zlib
}:

stdenv.mkDerivation rec {
pname = "advancecomp";
@@ -15,6 +19,15 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ autoreconfHook ];
buildInputs = [ zlib ];

patches = [
(fetchpatch {
name = "CVE-2019-9210.patch";
url = "https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02.patch";
sha256 = "0cdv9g87c1y8zwhqkd9ba2zjw4slcvg7yzcqv43idvnwb5fl29n7";
excludes = [ "doc/history.d" ];
})
];

meta = with stdenv.lib; {
description = ''A set of tools to optimize deflate-compressed files'';
license = licenses.gpl3 ;
4 changes: 2 additions & 2 deletions pkgs/tools/networking/aircrack-ng/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{ stdenv, fetchurl, libpcap, openssl, zlib, wirelesstools
, iw, ethtool, pciutils, libnl, pkgconfig, makeWrapper
, autoreconfHook }:
, autoreconfHook, usbutils }:

stdenv.mkDerivation rec {
name = "aircrack-ng-1.5.2";
@@ -19,7 +19,7 @@ stdenv.mkDerivation rec {

postFixup = ''
wrapProgram $out/bin/airmon-ng --prefix PATH : ${stdenv.lib.makeBinPath [
ethtool iw pciutils
ethtool iw pciutils usbutils
]}
'';