Skip to content
This repository has been archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
base: 131ff6dd9c8d
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
compare: 808d3c6d1238
Choose a head ref
  • 19 commits
  • 24 files changed
  • 13 contributors

Commits on Nov 20, 2019

  1. qt512.qtbase: add patch for CVE-2019-18281

    @KamilaBorowska
    KamilaBorowska committed Nov 20, 2019
    Copy the full SHA
    30fc722 View commit details
    Browse the repository at this point in the history

Commits on Nov 21, 2019

  1. musl: 1.1.2x -> 1.1.24 

    https://www.openwall.com/lists/musl/2019/10/13/5

Apparently 1.1.23 never made it to nixpkgs proper (?!), see:
https://git.musl-libc.org/cgit/musl/commit/?id=b07d45eb01e900f0176894fdedab62285f5cb8be

(sorry I apparently dropped the ball here)

(cherry picked from commit 1263a71)
    @dtzWill @fpletz
    dtzWill authored and fpletz committed Nov 21, 2019
    Copy the full SHA
    30843ef View commit details
    Browse the repository at this point in the history

Commits on Nov 23, 2019

  1. lua-5.3: add patch for CVE-2019-6706 

    Fixes #54799
    Christian Kauhaus committed Nov 23, 2019
    Copy the full SHA
    ea61d48 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #73978 from ckauhaus/lua-5.3-CVE-2019-6706-r19.09 

    [19.09] lua-5.3: add patch for CVE-2019-6706
    @adisbladis
    adisbladis committed Nov 23, 2019
    Copy the full SHA
    85ee427 View commit details
    Browse the repository at this point in the history

Commits on Nov 24, 2019

  1. aspell: add patch for CVE-2019-17544 

     (#73999)
    @risicle @c0bw3b
    risicle authored and c0bw3b committed Nov 24, 2019
    Copy the full SHA
    7aa75e5 View commit details
    Browse the repository at this point in the history

  2. fribidi: add patch for CVE-2019-18397 (#73707) 

    (adjusted cherry-pick from 55b583d)
    @risicle @c0bw3b
    risicle authored and c0bw3b committed Nov 24, 2019
    Copy the full SHA
    a8b7f4b View commit details
    Browse the repository at this point in the history

Commits on Nov 25, 2019

  1. systemd: v243 -> v243.3 

    (cherry picked from commit d5914d7)
    @andir @lheckemann
    andir authored and lheckemann committed Nov 25, 2019
    Copy the full SHA
    ed967de View commit details
    Browse the repository at this point in the history

Commits on Nov 27, 2019

  1. apple_sdk: broken link update (#73984) 

    (cherry picked from commit 7233afc)
    @dredozubov @veprbl
    dredozubov authored and veprbl committed Nov 27, 2019
    Copy the full SHA
    7ff5bca View commit details
    Browse the repository at this point in the history

Commits on Nov 28, 2019

  1. Merge pull request #73805 from xfix/qtbase-cve 

    [r19.09] qt512.qtbase: add patch for CVE-2019-18281
    @globin
    globin committed Nov 28, 2019
    Copy the full SHA
    00c2b2c View commit details
    Browse the repository at this point in the history

Commits on Dec 1, 2019

  1. Merge release-19.09 into staging-19.09

    @FRidh
    FRidh committed Dec 1, 2019
    Copy the full SHA
    de33cdf View commit details
    Browse the repository at this point in the history

  2. ghostscript: add patches for CVE-2019-3835 

    context-adjusted patches cribbed from debian's 9.26a~dfsg-0+deb9u6, also
requiring further adjustment of patch for CVE-2019-10216
    @risicle @FRidh
    risicle authored and FRidh committed Dec 1, 2019
    Copy the full SHA
    59ea6fc View commit details
    Browse the repository at this point in the history

  3. ghostscript: add patches for CVE-2019-3838 

    again, context-adjusted patches cribbed from debian's 9.26a~dfsg-0+deb9u6
    @risicle @FRidh
    risicle authored and FRidh committed Dec 1, 2019
    Copy the full SHA
    4e28989 View commit details
    Browse the repository at this point in the history

  4. ghostscript: add patch for CVE-2019-14869 

    again, context-adjusted patch cribbed from debian's 9.26a~dfsg-0+deb9u6
    @risicle @FRidh
    risicle authored and FRidh committed Dec 1, 2019
    Copy the full SHA
    0fba5b9 View commit details
    Browse the repository at this point in the history

Commits on Dec 4, 2019

  1. [19.09] djvulibre: patching multiple CVEs 

    Addresses:

NixOS/nixpkgs#73624
NixOS/nixpkgs#70086
(cherry picked from commit be7e51a)
    @d-goldin
    d-goldin authored and Christian Kauhaus committed Dec 4, 2019
    Copy the full SHA
    5bf1d43 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #74876 from d-goldin/djvulibre_sec_patches_1909 

    Closes #74876
    Christian Kauhaus committed Dec 4, 2019
    Copy the full SHA
    02fc78a View commit details
    Browse the repository at this point in the history

  3. Merge branch 'release-19.09' into staging-19.09

    Christian Kauhaus committed Dec 4, 2019
    Copy the full SHA
    0a606ed View commit details
    Browse the repository at this point in the history

Commits on Dec 7, 2019

  1. gnuplot_qt: Use qt mkDerivation 

    Fixes this error:

gnuplot> plot [-5:5] sin(x)
qt.qpa.plugin: Could not find the Qt platform plugin "xcb" in ""
This application failed to start because no Qt platform plugin could
be initialized. Reinstalling the application may fix this problem.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
(cherry picked from commit c55f484)
    @andersk @worldofpeace
    andersk authored and worldofpeace committed Dec 7, 2019
    Copy the full SHA
    41896c8 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #73758 from d-goldin/backport_musl_bump 

    [r19.09] musl: 1.1.2x -> 1.1.24 (security)
    @fpletz
    fpletz committed Dec 7, 2019
    Copy the full SHA
    7823b4a View commit details
    Browse the repository at this point in the history

  3. Merge branch 'staging-19.09' into release-19.09

    @vcunat
    vcunat committed Dec 7, 2019
    Copy the full SHA
    808d3c6 View commit details
    Browse the repository at this point in the history