Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 9137f05564eb
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 2faa76db27c4
Choose a head ref
  • 7 commits
  • 6 files changed
  • 6 contributors

Commits on Apr 27, 2020

  1. coqPackages.equations: 1.2 → 1.2.1 

    (cherry picked from commit a4adb1f)
    @vbgl
    vbgl committed Apr 27, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    vbgl Vincent Laporte
    GPG key ID: EBD582ADDDB1F81F
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    61bea7b View commit details

  2. coqPackages.coqhammer: 1.1.1 → 1.2 

    Add support for Coq 8.11

(cherry picked from commit ef964a8)
    @vbgl
    vbgl committed Apr 27, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    vbgl Vincent Laporte
    GPG key ID: EBD582ADDDB1F81F
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    694b4ca View commit details

  3. wireguard-compat: 1.0.20200413 -> 1.0.20200426 

    https://lists.zx2c4.com/pipermail/wireguard/2020-April/005237.html
(cherry picked from commit e9c44e8)
    @d-xo @Ma27
    d-xo authored and Ma27 committed Apr 27, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    Ma27 Maximilian Bosch
    GPG key ID: 091DBF4D1FC46B8E
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    9c44146 View commit details

  4. oauth2_proxy: Backport security fix (CVE-2017-1000070) 

    Since 20.03 still uses old oauth2_proxy (3.2.0), which is not compatible
with the newest one (5.1.0), this change backports an important security
fix to 3.2.0:

oauth2-proxy/oauth2-proxy@a316f8a

The vulnerability is an open redirect, where a bad actor can redirect a
session to another domain using `/\` in redirect URIs.
    @knl
    knl committed Apr 27, 2020
    Copy the full SHA
    92ab877 View commit details

  5. teams: fixing pulseaudio access 

    (cherry picked from commit 73e4647)
    @Mic92
    Elyhaka authored and Mic92 committed Apr 27, 2020

    Verified

    This commit was signed with the committer’s verified signature.
    Mic92 Jörg Thalheim
    GPG key ID: 003F2096411B5F92
    Verified
    Learn about vigilant mode
    Copy the full SHA
    b4f2f29 View commit details

  6. Merge pull request #86108 from knl/security-fix-oauth2_proxy

    @Mic92
    Mic92 authored Apr 27, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    7d0b089 View commit details

  7. mautrix-whatsapp: 2020-04-21 -> 2020-04-21-1 

    (cherry picked from commit 1066f11)
    @Ma27
    Ma27 committed Apr 27, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    Ma27 Maximilian Bosch
    GPG key ID: 091DBF4D1FC46B8E
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    2faa76d View commit details
22 changes: 22 additions & 0 deletions pkgs/applications/networking/instant-messengers/teams/default.nix
View file
Original file line number Diff line number Diff line change
@@ -52,6 +52,28 @@ stdenv.mkDerivation rec {
ln -s $out/opt/teams/teams $out/bin/
'';

dontAutoPatchelf = true;

# Includes runtimeDependencies in the RPATH of the included Node modules
# so that dynamic loading works. We cannot use directly runtimeDependencies
# here, since the libraries from runtimeDependencies are not propagated
# to the dynamically loadable node modules because of a condition in
# autoPatchElfHook since *.node modules have Type: DYN (Shared object file)
# instead of EXEC or INTERP it expects.
# Fixes: https://github.com/NixOS/nixpkgs/issues/85449
postFixup = ''
autoPatchelf "$out"
runtime_rpath="${lib.makeLibraryPath runtimeDependencies}"
for mod in $(find "$out/opt/teams" -name '*.node'); do
mod_rpath="$(patchelf --print-rpath "$mod")"
echo "Adding runtime dependencies to RPATH of Node module $mod"
patchelf --set-rpath "$runtime_rpath:$mod_rpath" "$mod"
done;
'';

meta = with stdenv.lib; {
description = "Microsoft Teams";
homepage = "https://teams.microsoft.com";
8 changes: 6 additions & 2 deletions pkgs/development/coq-modules/coqhammer/default.nix
View file
Original file line number Diff line number Diff line change
@@ -13,8 +13,12 @@ let
buildInputs = [ coq.ocamlPackages.camlp5 ];
};
"8.10" = {
version = "1.1.1";
sha256 = "0b6r7bsygl1axbqybkhkr7zlwcd51ski5ql52994klrrxvjd58df";
version = "1.2";
sha256 = "1ir313mmkgp2c65wgw8c681a15clvri1wb1hyjqmj7ymx4shkl56";
};
"8.11" = {
version = "1.2";
sha256 = "1w317h7r5llyamzn1kqb8j6p5sxks2j8vq8wnpzrx01jqbyibxgy";
};
};
param = params.${coq.coq-version};
18 changes: 12 additions & 6 deletions pkgs/development/coq-modules/equations/default.nix
View file
Original file line number Diff line number Diff line change
@@ -21,15 +21,21 @@ let
};

"8.9" = {
version = "1.2";
rev = "v1.2-8.9";
sha256 = "1q3wvicr43bgy7xn1diwh4j43mnrhprrc2xd22qlbz9cl6bhf8bj";
version = "1.2.1";
rev = "v1.2.1-8.9";
sha256 = "0d8ddj6nc6p0k25cd8fs17cq427zhzbc3v9pk2wd2fnvk70nlfij";
};

"8.10" = {
version = "1.2";
rev = "v1.2-8.10";
sha256 = "1v5kx0xzxzsbs5r4w08rm1lrmjjggnd3ap0sd1my88ds17jzyasd";
version = "1.2.1";
rev = "v1.2.1-8.10-2";
sha256 = "0j3z4l5nrbyi9zbbyqkc6kassjanwld2188mwmrbqspaypm2ys68";
};

"8.11" = {
version = "1.2.1";
rev = "v1.2.1-8.11";
sha256 = "06k0h7lansxs479is3vj5ikg8s5k4c6svnqcwmxbni4wx8bhmg17";
};
};
param = params.${coq.coq-version};
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/wireguard/default.nix
View file
Original file line number Diff line number Diff line change
@@ -7,11 +7,11 @@ assert stdenv.lib.versionOlder kernel.version "5.6";

stdenv.mkDerivation rec {
pname = "wireguard";
version = "1.0.20200413";
version = "1.0.20200426";

src = fetchzip {
url = "https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${version}.tar.xz";
sha256 = "11dpw1inszbc3qjcfnap74kgjxkyyrx90vxv6wmsgkbp8lsl4p66";
sha256 = "0j343xk9qgmzn0j6kgvydfqjqslf2rv6r4ikfc59982xxny6f6l5";
};

hardeningDisable = [ "pic" ];
8 changes: 4 additions & 4 deletions pkgs/servers/mautrix-whatsapp/default.nix
View file
Original file line number Diff line number Diff line change
@@ -2,16 +2,16 @@

buildGoModule {
pname = "mautrix-whatsapp-unstable";
version = "2020-04-21";
version = "2020-04-21-1";

src = fetchFromGitHub {
owner = "tulir";
repo = "mautrix-whatsapp";
rev = "53fe1b18184fc0967658805abc8560641f8d2cb0";
sha256 = "0rahj9v7cgvk4w3m41jbs8vnya37dhq5wxyhyg74kwrv8a2nqxra";
rev = "e0aea74abf090bc9dc499332b28bf03640c162f8";
sha256 = "1gayjyh0x0axc1xak38zkdhvx6fy8pwlniqsirqy2mwcgkkll9i5";
};

modSha256 = "0jn88a4hagwfkw9bv8cg12ywsg35znmfkmhi1v7k2qpj5qzi81w6";
modSha256 = "1pddabyyz6q1snx9j7yv7dchasqa1y8nbpb5zrwmrpnwpns8kxl7";

meta = with stdenv.lib; {
homepage = https://github.com/tulir/mautrix-whatsapp;
10 changes: 9 additions & 1 deletion pkgs/servers/oauth2_proxy/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ lib, buildGoPackage, fetchFromGitHub }:
{ lib, buildGoPackage, fetchFromGitHub, fetchpatch }:

buildGoPackage rec {
pname = "oauth2_proxy";
@@ -15,6 +15,14 @@ buildGoPackage rec {

goDeps = ./deps.nix;

patches = [
(fetchpatch {
url = https://github.com/oauth2-proxy/oauth2-proxy/commit/a316f8a06f3c0ca2b5fc5fa18a91781b313607b2.patch;
excludes = [ "CHANGELOG.md" ];
sha256 = "1bnij902418hy1rh9d1g16wpxw5w6zvg52iylbs2y1zi88y7a01c";
})
];

meta = with lib; {
description = "A reverse proxy that provides authentication with Google, Github or other provider";
homepage = https://github.com/pusher/oauth2_proxy/;