Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
base: 550d80880d5b
Choose a base ref
...
head repository: NixOS/nixpkgs
compare: 30a0b4c6ebcc
Choose a head ref
  • 8 commits
  • 8 files changed
  • 1 contributor

Commits on Oct 26, 2018

  1. ligcgroup: fix CVE-2018-14348 

    When using cgrulesengd it would create a logfile at /var/log/cgred with
the permission wide open (0666).
    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    9843fdc View commit details
    Browse the repository at this point in the history

  2. taglib: fix CVE-2018-11439

    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    c994f40 View commit details
    Browse the repository at this point in the history

  3. yara: 3.7.1 -> 3.8.1 

    This fixes issues CVE-2018-12034 & CVE-2018-12035. They are OOB read &
write issues of the internal VM. Details can be retrieved at [1] & [2].

[1] VirusTotal/yara#891
[2] https://bnbdr.github.io/posts/swisscheese/
    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    5f75f72 View commit details
    Browse the repository at this point in the history

  4. libgxps: fix CVE-2018-10733

    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    6ad3088 View commit details
    Browse the repository at this point in the history

  5. batik: mark as insecure 

    The package hasn't been updated in a long time. There have been several
issues with the package. There is no dependant  package in the
repository so marking it as insecure until someone maintains it sounds
reasonable.
    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    1103b3f View commit details
    Browse the repository at this point in the history

  6. sddm: 0.17.0 -> 0.18.0 

    Bumps to the latest stable version while fixing CVE-2018-14345 [1].

Changelog [2]:
 - Support theme supplied avatars
 - Compile against Qt 5.11
 - Fix platform detection for HighDPI
 - On close, switch VT to a running session if applicable
 - Better ConsoleKit support
 - Fix authentication when non-default hidden option ReuseSession=true is used (CVE-2018-14345)
 - Hide sessions with NoDisplay=true
 - Honor PAM's ambient supplemental groups
 - Cleanup socket destruction
 - Don't quit on SIGHUP
 - Updated translations

[1] https://nvd.nist.gov/vuln/detail/CVE-2018-14345
[2] https://github.com/sddm/sddm/releases/tag/v0.18.0
    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    385e5ac View commit details
    Browse the repository at this point in the history

  7. kiwix: mark as insecure 

    There is at least one recorded issue against our kiwix version. Upstream
does no longer support this version of the project. They have moved to a
different repository & software architecture.
    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    2898972 View commit details
    Browse the repository at this point in the history

  8. Merge pull request #49150 from andir/secfoo 

    Various security issues
    @andir
    andir committed Oct 26, 2018
    Configuration menu
    Copy the full SHA
    30a0b4c View commit details
    Browse the repository at this point in the history