Skip to content
This repository has been archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
base: 520c39049f58
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
compare: 776d66ec1156
Choose a head ref
  • 7 commits
  • 4 files changed
  • 5 contributors

Commits on Aug 15, 2019

  1. qt4: Vendor bitrotted Arch Linux patch 

    It is no longer found at this URL. Vendoring until a better solution
comes along.

Fixes #63084
    @Ericson2314
    Ericson2314 committed Aug 15, 2019
    Copy the full SHA
    280795c View commit details
    Browse the repository at this point in the history

  2. Merge pull request #66685 from obsidiansystems/missing-qt-patch 

    qt4: Vendor bitrotted Arch Linux patch -- for 19.03
    @matthewbauer
    matthewbauer committed Aug 15, 2019
    Copy the full SHA
    6f7aca8 View commit details
    Browse the repository at this point in the history

  3. icedtea_web: 1.7.1 -> 1.7.2 (plus CVE patches) 

    On Wed, 31 Jul 2019 it was announced that IcedTea-Web was affected by the below
security vulnerabilities:

- CVE-2019-10185: zip-slip attack during auto-extraction of a JAR file.

- CVE-2019-10181: executable code could be injected in a JAR file without
  compromising the signature verification.

- CVE-2019-10182: improper path sanitization from elements in JNLP
  files.

Version 1.7 was patched, but no release was made. Moreover, the patches apply
cleanly only to 1.7.2, not the current 1.7.1.

Rather than marking 1.7.1 as insecure, update to 1.7.2 and apply the official
patches.

References:

https://www.openwall.com/lists/oss-security/2019/07/31/2
AdoptOpenJDK/IcedTea-Web#327
AdoptOpenJDK/IcedTea-Web#346
    @stefano-m @worldofpeace
    stefano-m authored and worldofpeace committed Aug 15, 2019
    Copy the full SHA
    f864ddf View commit details
    Browse the repository at this point in the history

  4. icedtea-web: use glib build input instead of gtk2 

    gtk2 is not needed any more
    @stefano-m @worldofpeace
    stefano-m authored and worldofpeace committed Aug 15, 2019
    Copy the full SHA
    eb01d7a View commit details
    Browse the repository at this point in the history

  5. icedtea-web: remove sh extension from launchers for back compat 

    icedtea-web 1.7.2 builds its launchers shell scripts with the "sh" extension,
while version 1.7.1 did not.

For backwards-compatibility, remove the extension from the executable in
postInstall.

Note that version 1.7.2 also creates a file called itw-modularjdk.args in the
bin directory. This file is referenced by the shell launchers, so we leave it
there (it's not executable anyway).
    @stefano-m @worldofpeace
    stefano-m authored and worldofpeace committed Aug 15, 2019
    Copy the full SHA
    fc78b41 View commit details
    Browse the repository at this point in the history

  6. Merge pull request #66444 from stefano-m/icedtea-web-1.7.2-cvefixes 

    icedtea_web: 1.7.1 -> 1.7.2 (plus CVE patches)
    @worldofpeace
    worldofpeace committed Aug 15, 2019
    Copy the full SHA
    e36f91f View commit details
    Browse the repository at this point in the history

Commits on Aug 16, 2019

  1. systemd-networkd: link: Name -> OriginalName 

    (cherry picked from commit aa251bb)
    @eadwu @Mic92
    eadwu authored and Mic92 committed Aug 16, 2019
    Copy the full SHA
    776d66e View commit details
    Browse the repository at this point in the history