Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: d3be52c83bf0
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: b4e3a404e67d
Choose a head ref
  • 13 commits
  • 16 files changed
  • 4 contributors

Commits on Oct 24, 2018

  1. firefox-bin: 62.0.3 -> 63.0 

    (cherry picked from commit 5137c04)
    @andir
    andir committed Oct 24, 2018
    Copy the full SHA
    15bd77a View commit details

Commits on Oct 25, 2018

  1. rust-cbindgen: init at 0.6.3 (backport from master) 

    version as of commit f41a35b
    @jtojnar @andir
    jtojnar authored and andir committed Oct 25, 2018
    Copy the full SHA
    b221c25 View commit details

  2. rust_1_29: backport for rust 1.29.1 from unstable 

    Based on commit aef6830
    @andir
    andir committed Oct 25, 2018
    Copy the full SHA
    dc2becf View commit details

  3. firefox: 62.0.3 -> 63.0

    @andir
    andir committed Oct 25, 2018
    Copy the full SHA
    caf1a09 View commit details

  4. firefox-esr-60: 60.2.2esr -> 60.3.0esr 

    (cherry picked from commit 3db6ca50ef0ce27b4f9765b783dcc32c0a613a2d)
    @andir
    andir committed Oct 25, 2018
    Copy the full SHA
    5dd4087 View commit details

  5. fuse3: 3.2.1 -> 3.2.2 

    Stop using bin/mount.fuse from fuse3 for fuse2 (mount.fuse from fuse3
isn't guaranteed to remain backwards compatible).

(cherry picked from commit c00b5bf)
    @primeos
    primeos committed Oct 25, 2018
    Copy the full SHA
    c178111 View commit details

  6. fuse3: install fuse.conf without execute bit 

    (cherry picked from commit 085eab7)
    @7c6f434c @primeos
    7c6f434c authored and primeos committed Oct 25, 2018
    Copy the full SHA
    f486260 View commit details

  7. fuse3: 3.2.2 -> 3.2.3 

    (cherry picked from commit d3e3e13)
    @primeos
    primeos committed Oct 25, 2018
    Copy the full SHA
    ea1b61c View commit details

  8. fuse3: 3.2.3 -> 3.2.4 

    (cherry picked from commit fa6941f)
    @primeos
    primeos committed Oct 25, 2018
    Copy the full SHA
    289390b View commit details

  9. fuse3: 3.2.4 -> 3.2.5 (security, CVE-2018-10906) 

    Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Added a test of seekdir to test_syscalls.
- Fixed readdir bug when non-zero offsets are given to filler and the
  filesystem client, after reading a whole directory, re-reads it from a
  non-zero offset e. g. by calling seekdir followed by readdir.

(cherry picked from commit 46cd782)
    @primeos
    primeos committed Oct 25, 2018
    Copy the full SHA
    0e58950 View commit details

  10. fuse: 2.9.7 -> 2.9.8 (security, CVE-2018-10906) 

    Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- libfuse no longer segfaults when fuse_interrupted() is called outside
  the event loop.
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Fixed rename deadlock on FreeBSD.

(cherry picked from commit ec1082c)
    @primeos
    primeos committed Oct 25, 2018
    Copy the full SHA
    228acdc View commit details

  11. Merge pull request #48757 from primeos/security-backports-for-18.03 

    [18.03] Security backport for fuse (CVE-2018-10906)
    @primeos
    primeos authored Oct 25, 2018
    Copy the full SHA
    ede8a2f View commit details

  12. Merge pull request #49096 from andir/18.03/firefox 

    [18.03] firefox{,-bin}: 62.0.3 -> 63.0 & nss: 3.38-> 3.39
    @andir
    andir authored Oct 25, 2018
    Copy the full SHA
    b4e3a40 View commit details
Loading