Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: efe4afd0420e
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 8b5194ff167e
Choose a head ref
  • 5 commits
  • 4 files changed
  • 4 contributors

Commits on Oct 2, 2019

  1. lua5_1: rename patch file to match its CVE id 

    (cherry picked from commit 1b77830)
    @delroth
    delroth committed Oct 2, 2019
    Copy the full SHA
    430ce02 View commit details

Commits on Oct 29, 2019

  1. [R19.09] qemu: 4.0.0 -> 4.0.1

    @kmcopper
    kmcopper committed Oct 29, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    6707534 View commit details

Commits on Nov 7, 2019

  1. expat: fetch the patch from "my private mirror" 

    Fixes #71075.  I'm really tired of these, so lemme try this approach.
    @vcunat
    vcunat committed Nov 7, 2019
    Copy the full SHA
    d628521 View commit details

  2. Merge pull request #70275 from delroth/lua51-cve-19.09 

    lua5_1: rename patch file to match its CVE id [19.09]
    @matthewbauer
    matthewbauer authored Nov 7, 2019
    Copy the full SHA
    15409cd View commit details

  3. Merge pull request #72236 from kmcopper/r19.09-qemu_4.0.1 

    [r19.09] qemu: 4.0.0 -> 4.0.1
    @matthewbauer
    matthewbauer authored Nov 7, 2019
    Copy the full SHA
    8b5194f View commit details
10 changes: 2 additions & 8 deletions pkgs/applications/virtualization/qemu/default.nix
View file
Original file line number Diff line number Diff line change
@@ -35,7 +35,7 @@ let
in

stdenv.mkDerivation rec {
version = "4.0.0";
version = "4.0.1";
name = "qemu-"
+ stdenv.lib.optionalString xenSupport "xen-"
+ stdenv.lib.optionalString hostCpuOnly "host-cpu-only-"
@@ -44,7 +44,7 @@ stdenv.mkDerivation rec {

src = fetchurl {
url = "https://wiki.qemu.org/download/qemu-${version}.tar.bz2";
sha256 = "085g6f75si8hbn94mnnjn1r7ysixn5bqj4bhqwvadj00fhzp2zvd";
sha256 = "11mv5sh9qb5mp6rcr527hbg1r2mi64qjbrr2w65wgdwrb6a1rg8h";
};

nativeBuildInputs = [ python python.pkgs.sphinx pkgconfig flex bison ];
@@ -83,12 +83,6 @@ stdenv.mkDerivation rec {
name = "CVE-2019-12155.patch";
sha256 = "0h2q71mcz3gvlrbfkqcgla74jdg73hvzcrwr4max2ckpxx8x9207";
})
(fetchpatch {
url = "https://sources.debian.org/data/main/q/qemu/1:3.1+dfsg-8+deb10u2/debian/patches/slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch";
sha256 = "0f3jabl6x6slpnz5pg6fv1k9vfmrkd482z9vqm3adn6mka8lfimb";
extraPrefix = "slirp/src/";
stripLen = 2;
})
(fetchpatch {
url = "https://sources.debian.org/data/main/q/qemu/1:3.1+dfsg-8+deb10u2/debian/patches/qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch";
sha256 = "1ypcdlpg3nap0kg9xkrgrqw33j5ah4j7l4i2cp6d5ap8vrw9nn3l";
0 ...-stack-overflow-in-vararg-functions.patch → ...nt/interpreters/lua-5/CVE-2014-5461.patch
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion pkgs/development/interpreters/lua-5/default.nix
View file
Original file line number Diff line number Diff line change
@@ -49,7 +49,7 @@ in rec {
sourceVersion = { major = "5"; minor = "1"; patch = "5"; };
hash = "2640fc56a795f29d28ef15e13c34a47e223960b0240e8cb0a82d9b0738695333";
patches = (if stdenv.isDarwin then [ ./5.1.darwin.patch ] else [ dsoPatch51 ])
++ [ ./5.1.0004-Fix-stack-overflow-in-vararg-functions.patch ];
++ [ ./CVE-2014-5461.patch ];
};

luajit_2_0 = import ../luajit/2.0.nix {
9 changes: 3 additions & 6 deletions pkgs/development/libraries/expat/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, fetchpatch }:
{ stdenv, fetchurl }:

stdenv.mkDerivation rec {
name = "expat-2.2.7";
@@ -9,12 +9,9 @@ stdenv.mkDerivation rec {
};

patches = [
(fetchpatch {
name = "CVE-2019-15903.patch";
url = "https://sources.debian.org/data/main/e/expat/2.2.7-2/debian/patches/CVE-2019-15903_Deny_internal_entities_closing_the_doctype.patch";
(fetchurl {
url = "https://raw.githubusercontent.com/vcunat/patch-mirror/master/CVE-2019-15903.patch";
sha256 = "0lv4392ihpk71fgaf1fz03gandqkaqisal8xrzvcqnvnq4mnmwxp";
stripLen = 1;
excludes = [ "tests/runtests.c" "Changes" ];
})
];