Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 862fb5215f07
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: bfa517dc1006
Choose a head ref
  • 5 commits
  • 3 files changed
  • 4 contributors

Commits on Jul 21, 2018

  1. Merge pull request #43811 from taku0/oraclejdk-8u181 

    oraclejdk: 10.0.1 -> 10.0.2 [Critical security fixes]

(cherry picked from commit defa760)
    @srhb
    srhb committed Jul 21, 2018
    Copy the full SHA
    79e6571 View commit details

Commits on Oct 5, 2018

  1. git: 2.16.4 -> 2.16.5 (CVE-2018-17456)

    @edef1c
    edef1c committed Oct 5, 2018
    Copy the full SHA
    d90b6ca View commit details

  2. Merge pull request #47926 from edef1c/git-2.16.5 

    git: 2.16.4 -> 2.16.5 (CVE-2018-17456)
    @andir
    andir authored Oct 5, 2018
    Copy the full SHA
    a8e307e View commit details

Commits on Oct 6, 2018

  1. ghostscript: 9.24 -> 9.25 (#47948) 

    Highlights in this release include:

This release fixes problems with argument handling, some unintended results of the security fixes to the SAFER file access restrictions (specifically accessing ICC profile files), and some additional security issues over the recent 9.24 release.

CVE-2018-16802
CVE-2018-17183

Note: The ps2epsi utility does not, and cannot call Ghostscript with the -dSAFER command line option. It should never be called with input from untrusted sources.

Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits.
PLEASE NOTE: We strongly urge users to upgrade to this latest release to avoid these issues.

As well as Ghostscript itself, jbig2dec has had a significant amount of work improving its robustness in the face of out specification files.

IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF).

The usual round of bug fixes, compatibility changes, and incremental improvements.

(cherry picked from commit 5b77b0d2f1eda9a42fe188eafb499230741e7925)
(cherry picked from commit dbcbf7c)
    @flokli @xeji
    flokli authored and xeji committed Oct 6, 2018
    Copy the full SHA
    54a2076 View commit details

  2. Merge pull request #43842 from srhb/jdk-backport 

    Backport of #43811 jdk updates (help needed)
    @andir
    andir authored Oct 6, 2018
    Copy the full SHA
    bfa517d View commit details
4 changes: 2 additions & 2 deletions pkgs/applications/version-management/git-and-tools/git/default.nix
View file
Original file line number Diff line number Diff line change
@@ -13,7 +13,7 @@
}:

let
version = "2.16.4";
version = "2.16.5";
svn = subversionClient.override { perlBindings = true; };
in

@@ -22,7 +22,7 @@ stdenv.mkDerivation {

src = fetchurl {
url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz";
sha256 = "0cnmidjvbdf81mybcvxvl0c2r2x2nvq2jj2dl59dmrc7qklv0sbf";
sha256 = "0qiqlrmzs3714dll54iqnviv8472xasyhbwcn32sjf5w7h2ipdyz";
};

hardeningDisable = [ "format" ];
8 changes: 4 additions & 4 deletions pkgs/development/compilers/oraclejdk/jdk10-linux.nix
View file
Original file line number Diff line number Diff line change
@@ -29,7 +29,7 @@ assert stdenv.system == "x86_64-linux";
assert swingSupport -> xorg != null;

let
version = "10.0.1";
version = "10.0.2";

downloadUrlBase = http://www.oracle.com/technetwork/java/javase/downloads;

@@ -52,19 +52,19 @@ let result = stdenv.mkDerivation rec {
requireFile {
name = "jdk-${version}_linux-x64_bin.tar.gz";
url = "${downloadUrlBase}/jdk10-downloads-4416644.html";
sha256 = "1975s6cn2lxb8jmxp236afvq6hhxqrx5jix8aqm46f5gwr2xd3mf";
sha256 = "0arpzac64apji1s8d0gzizkvrjz0fbhz7l34af1j0365ac6w4cv6";
}
else if packageType == "JRE" then
requireFile {
name = "jre-${version}_linux-x64_bin.tar.gz";
url = "${downloadUrlBase}/jre10-downloads-4417026.html";
sha256 = "11pb8cwzmalc6ax735m84g13jh1mrfc8g84b5qypnmqjjdv6fpiq";
sha256 = "0pc4a0a3fl6874vfaflf6jvpm9da647vp41pj0hihkspjyjhjabx";
}
else if packageType == "ServerJRE" then
requireFile {
name = "serverjre-${version}_linux-x64_bin.tar.gz";
url = "${downloadUrlBase}/sjre10-downloads-4417025.html";
sha256 = "0hvfqgr22sq9zyqc496vqgg5ail189h3a4pazp39i8n86brd48lw";
sha256 = "0hbcb4c6ncy0sbz02gyygyqcwkz0xpv4fwrx4sripia6vph9592c";
}
else abort "unknown package Type ${packageType}";

5 changes: 2 additions & 3 deletions pkgs/misc/ghostscript/default.nix
View file
Original file line number Diff line number Diff line change
@@ -9,9 +9,8 @@ assert x11Support -> xlibsWrapper != null;
assert cupsSupport -> cups != null;
let
version = "9.${ver_min}";
ver_min = "24";
# ghostscript*.tar.xz in https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9xx/SHA512SUMS
sha512 = "dcbeeb5d3dd5ccaf949dc4be68363c50b1d35e647be4790a50b1bbf5f259f1d9181f705be27bfca708c4d270f945ff4b24e3db10b57800c1ee0ea7a40931c547";
ver_min = "25";
sha512 = "18pcqzva7pq2a9mmqf9pq8x4winb6qmzni49vq2qx50k60rwyv1kdmixik3ym2bpj5p1j8g0vb47w7w2cf4lba5q583ylpd8rshn73s";

fonts = stdenv.mkDerivation {
name = "ghostscript-fonts";