Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 526b34a18e0b
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: ea0820818a7b
Choose a head ref
  • 20 commits
  • 25 files changed
  • 9 contributors

Commits on Jan 30, 2019

  1. qt59: 5.9.3 -> 5.9.7 

    (cherry picked from commit 776c962)
    @FlorianFranzen @andir
    FlorianFranzen authored and andir committed Jan 30, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    rickie Rick Ossendrijver
    GPG key ID: A2237828CE7F76B2
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fc0c9a2 View commit details

  2. qt59.qtvirtualkeyboard: fix CVE-2018-19865 

    CVE-2018-19865 tracks the issue of qtvirtualkeyboard where it logs all
user input. With this commit we are applying the recommended patches
form the upstream project.

More details can be obtained from the Qt annoucement [1].

[1] https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/

(cherry picked from commit 6660128)
    @andir
    andir committed Jan 30, 2019
    Copy the full SHA
    0d6c4a8 View commit details

Commits on Feb 2, 2019

  1. qt56.qtvirtualkeyboard: init at 5.6.3 

    This adds the "missing" qtvirtualkeyboard module of qt56. I just add
this so I can apply (& test) the patches for a CVE in the next commit.
This might seem strange but in case anyone decided to add / use this in
the future we are on the safe(r) side.

(cherry picked from commit 295a210)
    @andir
    andir committed Feb 2, 2019
    Copy the full SHA
    a3c82b9 View commit details

  2. qt56: fix CVE-2018-{15518,19873,19870,19871,19865,19869} 

     * CVE-2018-15518, Qt Base: “double free or corruption” in QXmlStreamReader
 * CVE-2018-19873, Qt Base: QBmpHandler segfault on malformed BMP file
 * CVE-2018-19870, Qt Base: Check for QImage allocation failure in qgifhandler
 * CVE-2018-19871, Qt Imageformats: QImage: QTgaFile CPU exhaustion
 * CVE-2018-19865, Qt Virtual Keyboard: Qt Virtual Keyboard logs all key presses
 * CVE-2018-19869, Qt Svg: Fix crash when parsing malformed url reference

More details can be obtained from the Qt annoucement [1].

[1] https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/

(cherry picked from commit 066be85)
    @andir
    andir committed Feb 2, 2019
    Copy the full SHA
    0948f87 View commit details

  3. qt511: 5.11.1 -> 5.11.3 

    This fixes

 * CVE-2018-15518, Qt Base: “double free or corruption” in QXmlStreamReader
 * CVE-2018-19873, Qt Base: QBmpHandler segfault on malformed BMP file
 * CVE-2018-19870, Qt Base: Check for QImage allocation failure in qgifhandler
 * CVE-2018-19871, Qt Imageformats: QImage: QTgaFile CPU exhaustion
 * CVE-2018-19865, Qt Virtual Keyboard: Qt Virtual Keyboard logs all key presses
 * CVE-2018-19869, Qt Svg: Fix crash when parsing malformed url reference

More details can be obtained from the Qt annoucement [1].

[1] https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/

(cherry picked from commit 2f5d37b)
    @andir
    andir committed Feb 2, 2019
    Copy the full SHA
    89049f3 View commit details

  4. Revert "qt59-qtbase: fix darwin build with clang-5" 

    The fix is already included in Qt 5.9.7

This reverts commit 0bf153f.

(cherry picked from commit fd75bbc)
    @veprbl @andir
    veprbl authored and andir committed Feb 2, 2019
    Copy the full SHA
    1e2c3be View commit details

Commits on Feb 15, 2019

  1. firefox: 60.5.0 -> 60.5.1 

    (cherry picked from commit 0f2226a)
    @andir
    andir committed Feb 15, 2019
    Copy the full SHA
    657d92e View commit details

  2. thunderbird-bin: 60.5.0 -> 60.5.1 

    (cherry picked from commit 3c35745)
    @andir
    andir committed Feb 15, 2019
    Copy the full SHA
    cd88dcb View commit details

Commits on Feb 16, 2019

  1. qt511: add patch for macOS sdk 

    Unfortunately we don’t have access to NSWindowStyleMask. These patches
should go away once we switch to a newer SDK.

(cherry picked from commit 8153104)
    @matthewbauer @vcunat
    matthewbauer authored and vcunat committed Feb 16, 2019
    Copy the full SHA
    82434e7 View commit details

  2. openssl: 1.0.2p -> 1.0.2q 

    CVE-2018-0734: https://www.openssl.org/news/vulnerabilities.html#2018-0734
CVE-2018-5407: https://www.openssl.org/news/vulnerabilities.html#2018-5407

No patches can any longer be shared between 1.0.2 and 1.1, so reorganize
patches into subdirectories (and remove an unused one).

(cherry picked from commit ae29a9e)
    @alyssais @andrew-d
    alyssais authored and andrew-d committed Feb 16, 2019
    Copy the full SHA
    9c75f20 View commit details

  3. Merge branch 'release-18.09' into staging-18.09

    @vcunat
    vcunat committed Feb 16, 2019
    Copy the full SHA
    d7225e0 View commit details

  4. Merge #55885: openssl: 1.0.2p -> 1.0.2q 

    ... into staging-18.09.
    @vcunat
    vcunat committed Feb 16, 2019
    Copy the full SHA
    fe00e77 View commit details

  5. Merge #55832: thunderbird*: 60.5.0 -> 60.5.1 

    ... into release-18.09
    @vcunat
    vcunat committed Feb 16, 2019
    Copy the full SHA
    7892372 View commit details

  6. Merge #55089: qt5*: bugfixes + security 

    ... into staging-18.09.
    @vcunat
    vcunat committed Feb 16, 2019
    Copy the full SHA
    af6b20c View commit details

  7. unifi: 5.9.29 -> 5.10.17 

    (cherry picked from commit 04a1f84)
    @0x4A6F @flokli
    0x4A6F authored and flokli committed Feb 16, 2019
    Copy the full SHA
    19a0543 View commit details

Commits on Feb 17, 2019

  1. Merge branch 'staging-18.09' into release-18.09 

    Security updates for qt5* and openssl.
We can't afford to wait for darwin rebuild - it would take far too long.
    @vcunat
    vcunat committed Feb 17, 2019
    Copy the full SHA
    f4ddc31 View commit details

  2. adoptopenjdk: pick expression structure from master 

    They seem to be uninteresting changes just hindering
backports of version bumps.
    @vcunat
    vcunat committed Feb 17, 2019
    Copy the full SHA
    a332973 View commit details

  3. Merge #54576: adoptopenjdk-bin: 11.0.1 -> 11.0.2 

    Includes security fixes.

(cherry picked from commit 94b518f)
    @vcunat
    vcunat committed Feb 17, 2019
    Copy the full SHA
    ef02c63 View commit details

  4. vscode: 1.31.0 -> 1.31.1 

    (cherry picked from commit 8d5bce4)
    @eadwu
    eadwu committed Feb 17, 2019
    Copy the full SHA
    347bccc View commit details

  5. Merge pull request #55949 from eadwu/backports/20190217 

    [18.09] vscode backports - 2019-02-17
    @worldofpeace
    worldofpeace authored Feb 17, 2019
    Copy the full SHA
    ea08208 View commit details
Showing with 948 additions and 825 deletions.
  1. +5 −5 pkgs/applications/editors/vscode/default.nix
  2. +233 −233 pkgs/applications/networking/mailreaders/thunderbird-bin/release_sources.nix
  3. +2 −2 pkgs/applications/networking/mailreaders/thunderbird/default.nix
  4. +2 −8 pkgs/development/compilers/adoptopenjdk-bin/generate-sources.py
  5. +5 −4 pkgs/development/compilers/adoptopenjdk-bin/jdk-darwin-base.nix
  6. +7 −3 pkgs/development/compilers/adoptopenjdk-bin/jdk-linux-base.nix
  7. +1 −2 pkgs/development/compilers/adoptopenjdk-bin/jdk11-darwin.nix
  8. +46 −32 pkgs/development/compilers/adoptopenjdk-bin/sources.json
  9. +16 −0 pkgs/development/libraries/openssl/1.0.2/nix-ssl-cert-file.patch
  10. 0 pkgs/development/libraries/openssl/{ → 1.0.2}/use-etc-ssl-certs-darwin.patch
  11. 0 pkgs/development/libraries/openssl/{ → 1.0.2}/use-etc-ssl-certs.patch
  12. +0 −12 pkgs/development/libraries/openssl/darwin-arch.patch
  13. +11 −9 pkgs/development/libraries/openssl/default.nix
  14. +1 −0 pkgs/development/libraries/qt-5/5.11/default.nix
  15. +1 −1 pkgs/development/libraries/qt-5/5.11/fetch.sh
  16. +73 −0 pkgs/development/libraries/qt-5/5.11/qtbase-darwin-revert-69221.patch
  17. +150 −172 pkgs/development/libraries/qt-5/5.11/qtbase.patch
  18. +160 −160 pkgs/development/libraries/qt-5/5.11/srcs.nix
  19. +51 −2 pkgs/development/libraries/qt-5/5.6/default.nix
  20. +20 −1 pkgs/development/libraries/qt-5/5.9/default.nix
  21. +1 −1 pkgs/development/libraries/qt-5/5.9/fetch.sh
  22. +0 −13 pkgs/development/libraries/qt-5/5.9/qtbase-darwin.patch
  23. +156 −156 pkgs/development/libraries/qt-5/5.9/srcs.nix
  24. +2 −2 pkgs/servers/unifi/default.nix
  25. +5 −7 pkgs/top-level/all-packages.nix
10 changes: 5 additions & 5 deletions pkgs/applications/editors/vscode/default.nix
View file
Original file line number Diff line number Diff line change
@@ -16,16 +16,16 @@ let
}.${system};

sha256 = {
"i686-linux" = "09mgvff27iljj9z7h0xxmr6152hcxh7qqxl3i7wdc55ra1rsjq1n";
"x86_64-linux" = "1gvlvg3cjsscx6khy5gxd4wnb069kska00qdfwcq4kn7x1z04xnz";
"x86_64-darwin" = "1mf9nyjnxgmzai7rfd1rkwk0wvil0ripg3mh8icg4mld2jjz8rsy";
"i686-linux" = "04kbx1cx40lsy9irxy1arp1rixzk49ldhg34w3llmfbx63a4hchf";
"x86_64-linux" = "1plvx0mjcbizl6iffib95p5224r9frf0mn6c5xp14p3qnrp32jhm";
"x86_64-darwin" = "14h9gs6jpxydgd1h16ybq3ifw5jc7k83yg22pw3sk6vhy7hx7pxr";
}.${system};

archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
in
stdenv.mkDerivation rec {
name = "vscode-${version}";
version = "1.31.0";
version = "1.31.1";

src = fetchurl {
name = "VSCode_${version}_${plat}.${archive_fmt}";
@@ -94,7 +94,7 @@ in
and code refactoring. It is also customizable, so users can change the
editor's theme, keyboard shortcuts, and preferences
'';
homepage = http://code.visualstudio.com/;
homepage = https://code.visualstudio.com/;
downloadPage = https://code.visualstudio.com/Updates;
license = licenses.unfree;
maintainers = with maintainers; [ eadwu ];
Loading