Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 0f4978267a09
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 98c1150f2cc6
Choose a head ref
  • 3 commits
  • 3 files changed
  • 1 contributor

Commits on Nov 3, 2018

  1. Merge #49677: thunderbird*: 60.2.1 -> 60.3.0 

    Critical security fixes.

(cherry picked from commit f3cca2f)
    @vcunat
    vcunat committed Nov 3, 2018

    Verified

    This commit was signed with the committer’s verified signature.
    vcunat Vladimír Čunát
    GPG key ID: E747DF1F9575A3AA
    Verified
    Learn about vigilant mode
    Copy the full SHA
    5b94195 View commit details

  2. Revert "systemd: 239 -> 239.20181031" 

    This reverts commit d1de23b.
The changes turned out to be too intrusive, so we'll patch instead.
    @vcunat
    vcunat committed Nov 3, 2018

    Verified

    This commit was signed with the committer’s verified signature.
    vcunat Vladimír Čunát
    GPG key ID: E747DF1F9575A3AA
    Verified
    Learn about vigilant mode
    Copy the full SHA
    0744358 View commit details

  3. systemd: apply patches from Debian 

    There are some security fixes among those.
    @vcunat
    vcunat committed Nov 3, 2018

    Verified

    This commit was signed with the committer’s verified signature.
    vcunat Vladimír Čunát
    GPG key ID: E747DF1F9575A3AA
    Verified
    Learn about vigilant mode
    Copy the full SHA
    98c1150 View commit details
466 changes: 233 additions & 233 deletions pkgs/applications/networking/mailreaders/thunderbird-bin/release_sources.nix
View file

Large diffs are not rendered by default.

12 changes: 2 additions & 10 deletions pkgs/applications/networking/mailreaders/thunderbird/default.nix
View file
Original file line number Diff line number Diff line change
@@ -24,11 +24,11 @@ let
gcc = if stdenv.cc.isGNU then stdenv.cc.cc else stdenv.cc.cc.gcc;
in stdenv.mkDerivation rec {
name = "thunderbird-${version}";
version = "60.2.1";
version = "60.3.0";

src = fetchurl {
url = "mirror://mozilla/thunderbird/releases/${version}/source/thunderbird-${version}.source.tar.xz";
sha512 = "018l9pq03nzlirpaf285qpwvb8s4msam8n91d15lzc1bc1caq9zcy2dnrnvn5av3jlapm9ckz028iar66nhqxi2kkqbmiaq0v4s6kfp";
sha512 = "39sicxgfzfx4dm50nn2l8mimyjpvfigdpmkbxk6lvvbi8xxl527631xxq0gh1di6iyp590vpwk16z7hvdfbqj2pd3231knjkl991hvc";
};

# from firefox, but without sound libraries
@@ -48,14 +48,6 @@ in stdenv.mkDerivation rec {
nativeBuildInputs = [ m4 autoconf213 which gnused pkgconfig perl python wrapperTool cargo rustc ];

patches = [
# https://bugzilla.mozilla.org/show_bug.cgi?format=default&id=1479540
# https://hg.mozilla.org/releases/mozilla-release/rev/bc651d3d910c
(fetchpatch {
name = "bc651d3d910c.patch";
url = "https://hg.mozilla.org/releases/mozilla-release/raw-rev/bc651d3d910c";
sha256 = "0iybkadsgsf6a3pq3jh8z1p110vmpkih8i35jfj8micdkhxzi89g";
})

# Remove buildconfig.html to prevent a dependency on clang etc.
../../browsers/firefox/no-buildconfig.patch
];
25 changes: 20 additions & 5 deletions pkgs/os-specific/linux/systemd/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, lib, fetchFromGitHub, fetchpatch, pkgconfig, intltool, gperf, libcap, kmod
{ stdenv, lib, fetchFromGitHub, fetchpatch, fetchurl, pkgconfig, intltool, gperf, libcap, kmod
, xz, pam, acl, libuuid, m4, utillinux, libffi
, glib, kbd, libxslt, coreutils, libgcrypt, libgpgerror, libidn2, libapparmor
, audit, lz4, bzip2, libmicrohttpd, pcre2
@@ -18,18 +18,34 @@ let
pythonLxmlEnv = buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]);

in stdenv.mkDerivation rec {
version = "239.20181031";
version = "239";
name = "systemd-${version}";

# When updating, use https://github.com/systemd/systemd-stable tree, not the development one!
# Also fresh patches should be cherry-picked from that tree to our current one.
src = fetchFromGitHub {
owner = "NixOS";
repo = "systemd";
rev = "nixos-v${version}";
sha256 = "1rzl0iqrpa4ajvama5k3cb3yc7893c55kzcxkl3cyavpdzsw5505";
rev = "31859ddd35fc3fa82a583744caa836d356c31d7f";
sha256 = "1xci0491j95vdjgs397n618zii3sgwnvanirkblqqw6bcvcjvir1";
};

prePatch = let
# Upstream's maintenance branches are still too intrusive:
# https://github.com/systemd/systemd-stable/tree/v239-stable
patches-deb = fetchurl {
# When the URL disappears, it typically means that Debian has new patches
# (probably security) and updating to new tarball will apply them as well.
name = "systemd-debian-patches.tar.xz";
url = mirror://debian/pool/main/s/systemd/systemd_239-11~bpo9+1.debian.tar.xz;
sha256 = "136f6p4jbi4z94mf4g099dfcacwka8jwhza0wxxw2q5l5q3xiysh";
};
# Note that we skip debian-specific patches, i.e. ./debian/patches/debian/*
in ''
tar xf ${patches-deb}
patches="$patches $(cat debian/patches/series | grep -v '^debian/' | sed 's|^|debian/patches/|')"
'';

outputs = [ "out" "lib" "man" "dev" ];

nativeBuildInputs =
@@ -91,7 +107,6 @@ in stdenv.mkDerivation rec {
"-Dsulogin-path=${utillinux}/bin/sulogin"
"-Dmount-path=${utillinux}/bin/mount"
"-Dumount-path=${utillinux}/bin/umount"
"-Ddns-over-tls=false"
];

preConfigure = ''