Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 68ad45f9541f
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: dce33f1a2d49
Choose a head ref
  • 7 commits
  • 4 files changed
  • 4 contributors

Commits on Feb 10, 2020

  1. Merge #79740: libssh2: patch CVE-2019-17498 (into staging) 

    (cherry picked from commit 4ff2a16)
    @vcunat
    vcunat committed Feb 10, 2020
    Copy the full SHA
    d9f1f8c View commit details

Commits on Mar 12, 2020

  1. Merge release-19.09 into staging-19.09

    @FRidh
    FRidh committed Mar 12, 2020
    Copy the full SHA
    8d27ad5 View commit details

Commits on Mar 14, 2020

  1. openjpeg: add patch for CVE-2020-6851 

    (cherry picked from commit 773462c3aacdd2eb50457c7949dae6dd91e3684d)
    @mmilata @alyssais
    mmilata authored and alyssais committed Mar 14, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    NeQuissimus Tim Steinbach
    GPG key ID: FD36A5EAAC49035A
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    1524ffc View commit details

  2. openjpeg: add patch for CVE-2020-8112 

    (cherry picked from commit 41d8bb133efeade8d25a634ca68c32f0f62f6a41)
    @mmilata @alyssais
    mmilata authored and alyssais committed Mar 14, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    NeQuissimus Tim Steinbach
    GPG key ID: FD36A5EAAC49035A
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    3b9b10e View commit details

Commits on Mar 15, 2020

  1. Merge branch 'staging-19.09' into release-19.09 

    (Older version finished on Hydra.)
    @vcunat
    vcunat committed Mar 15, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    NeQuissimus Tim Steinbach
    GPG key ID: FD36A5EAAC49035A
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    021b296 View commit details

Commits on Mar 16, 2020

  1. python3Packages.signedjson: 1.0.0 -> 1.1.0 

    (cherry picked from commit 500375e)
    @Ma27
    Ma27 committed Mar 16, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    NeQuissimus Tim Steinbach
    GPG key ID: FD36A5EAAC49035A
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    a9d4746 View commit details

  2. matrix-synapse: 1.9.1 -> 1.11.1 

    Contains only the version update from 8be61f7,
the module-changes are not needed on 19.09 since the database is always
configured properly here.
    @Ma27
    Ma27 committed Mar 16, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    NeQuissimus Tim Steinbach
    GPG key ID: FD36A5EAAC49035A
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    dce33f1 View commit details
9 changes: 9 additions & 0 deletions pkgs/development/libraries/libssh2/default.nix
View file
Original file line number Diff line number Diff line change
@@ -14,6 +14,15 @@ stdenv.mkDerivation rec {
buildInputs = [ openssl zlib ]
++ stdenv.lib.optional stdenv.hostPlatform.isMinGW windows.mingw_w64;

patches = [
# not able to use fetchpatch here: infinite recursion
(fetchurl {
name = "CVE-2019-17498.patch";
url = "https://github.com/libssh2/libssh2/pull/402.patch";
sha256 = "1n9s2mcz5dkw0xpm3c5x4hzj8bar4i6z0pr1rmqjplhfg888vdvc";
})
];

meta = with stdenv.lib; {
description = "A client-side C library implementing the SSH2 protocol";
homepage = https://www.libssh2.org;
10 changes: 10 additions & 0 deletions pkgs/development/libraries/openjpeg/2.x.nix
View file
Original file line number Diff line number Diff line change
@@ -23,5 +23,15 @@ callPackage ./generic.nix (args // rec {
name = "CVE-2019-12973-2.patch";
sha256 = "1jkkfw13l7nx4hxdhc7z17f4vfgqcaf09zpl235kypbxx1ygc7vq";
})
(fetchpatch {
url = "https://github.com/uclouvain/openjpeg/commit/024b8407392cb0b82b04b58ed256094ed5799e04.patch";
name = "CVE-2020-6851.patch";
sha256 = "1lfwlzqxb69cwzjp8v9lijz4c2qhf3b8m6sq1khipqlgrb3l58xw";
})
(fetchpatch {
url = "https://github.com/uclouvain/openjpeg/commit/05f9b91e60debda0e83977e5e63b2e66486f7074.patch";
name = "CVE-2020-8112.patch";
sha256 = "16kykc8wbq9kx9w9kkf3i7snak82m184qrl9bpxvkjl7h0n9aw49";
})
];
})
7 changes: 4 additions & 3 deletions pkgs/development/python-modules/signedjson/default.nix
View file
Original file line number Diff line number Diff line change
@@ -4,19 +4,20 @@
, canonicaljson
, unpaddedbase64
, pynacl
, typing-extensions
}:

buildPythonPackage rec {
pname = "signedjson";
version = "1.0.0";
version = "1.1.0";

src = fetchgit {
url = "https://github.com/matrix-org/python-signedjson.git";
rev = "refs/tags/v${version}";
sha256 = "0b8xxhc3npd4567kqapfp4gs7m0h057xam3an7424az262ind82n";
sha256 = "18s388hm3babnvakbbgfqk0jzq25nnznvhygywd3azp9b4yzmd5c";
};

propagatedBuildInputs = [ canonicaljson unpaddedbase64 pynacl ];
propagatedBuildInputs = [ canonicaljson unpaddedbase64 pynacl typing-extensions ];

meta = with stdenv.lib; {
homepage = https://pypi.org/project/signedjson/;
4 changes: 2 additions & 2 deletions pkgs/servers/matrix-synapse/default.nix
View file
Original file line number Diff line number Diff line change
@@ -23,11 +23,11 @@ let

in buildPythonApplication rec {
pname = "matrix-synapse";
version = "1.9.1";
version = "1.11.1";

src = fetchPypi {
inherit pname version;
sha256 = "13csf18dchm75vw251a7h57diag94vw6rhg8kkkbpi35cibn0cz2";
sha256 = "0xd4bxsmk67r6pfj5lh0hn36r8z51mxsl39fjfrfdidvl1qqbxnk";
};

patches = [