New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add node 8 #28153
Add node 8 #28153
Conversation
To be useful in nixos, it probably also requires a module to set up a hardening wrapper. (cherry picked from commit 855c1bd)
(cherry picked from commit add9094)
It's not critical functionality and AFAICT only fails in environments that wouldn't benefit from "successfully" installing it anyway. Fixes NixOS#24709 Fixes NixOS#24821 (cherry picked from commit 4f4ae214a3a46ba83f790d23c0e9df0bf9f04215)
…backport-new xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224 (release-17.03)
(cherry picked from commit d2e199c)
(cherry picked from commit 6b35f22)
Also, remove XSA-216 patches, the fixes are now integrated upstream (cherry picked from commit d1aff8d)
(cherry picked from commit 37bc494)
(cherry picked from commit 6feedb4)
See http://lists.gnu.org/archive/html/info-gnu/2017-06/msg00016.html for release information (cherry picked from commit 9a9294a)
Simple version bump. Release notes: Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> (cherry picked from commit 9d4bf6b)
Simple version bump. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> (cherry picked from commit 9ffccc7)
firefox, firefox-bin: 54.0 -> 54.0.1, firefox-esr: 52.2.0esr -> 52.2.1esr (cherry picked from commit 7f9ec26)
This update was generated by hackage2nix v2.2.1-13-g5c18fb5 from Hackage revision commercialhaskell/all-cabal-hashes@04f3948.
Make it more intuitive for users to start ccl and avoid platform dependent executable names. NixOS#26934 (cherry picked from commit ad82538) It seems a rather safe change.
Fixes NixOS#24343. These parts of upstream texlive are really ugly. Also improve variable quoting in the code around. (cherry picked from commit 8dddd2b) The change seems safe enough.
(cherry picked from commit 1f0de2d)
Not even all their mirrors serve our version, unfortunately. (cherry picked from commit cc83f35)
(cherry picked from commit 02ce696)
(cherry picked from commit d88c0cf) There were just a couple of conflicts, apparently someone has already fixed rewritefs and cron on 17.03. I re-checked that all those do build now (with a new-enough nix daemon).
(cherry picked from commit f130e00) Signed-off-by: Domen Kožar <domen@dev.si>
(cherry picked from commit 336b044) Signed-off-by: Domen Kožar <domen@dev.si>
(cherry picked from commit b8bfc8d)
(cherry picked from commit ed0ac2f)
(cherry picked from commit 707145a)
(cherry picked from commit 668007f)
See https://subversion.apache.org/security/CVE-2017-9800-advisory.txt (cherry picked from commit 0f5cbe4)
See https://subversion.apache.org/security/CVE-2017-9800-advisory.txt (cherry picked from commit abd837f)
Fixes CVE-2017-2885 (cherry picked from commit 3be89a6)
(cherry picked from commit 9ce8aad)
(cherry picked from commit 1417065)
(cherry picked from commit 37daf75)
(cherry picked from commit 305b3fe)
(cherry picked from commit e8020e2)
Several git commands are implemented as shell scripts that run awk, sed, grep and perl. There is some existing patching in the postinstall for perl to rewrite it to an absolute reference to pkgs.perl, but several other packages are both missing as a dependency and have no rewrite logic. In particular git filter-branch depends on sed and grep. Additionally, the perl logic also seds git-am, which is now a binary not a shell script anymore (see <github.com/git/git/blob/master/builtin/am.c>), so this part was obsolete. I tested this by grepping all shell scripts for the relevant commands and then comparing the diffs of the new version to what is produced in master. All changes in the scripts seem good to me. (cherry picked from commit 2c1097a)
(cherry picked from commit eb5263a)
(cherry picked from commit ae73a17)
(cherry picked from commit dc74b1a)
The new version contains a security fix for CVE-2017-1000117 More information regarding this update can be found here: http://marc.info/?l=git&m=150238802328673&w=2 (cherry picked from commit 4a0efc9)
(cherry picked from commit 50bd7a1)
(cherry picked from commit f0719b5)
I don't get what's going on in this PR 😕 looks like a ton of unrelated commits. Needs a rebase perhaps? |
I think this is supposed to go to release-17.03 |
Yes, I closed it and made and merged #28154 instead :) Sorry for the noise, I didn't notice you were auto-added as reviewers… |
FYI. you can change the target branch in github. |
Wow, TIL. Well-hidden :( https://github.com/blog/2224-change-the-base-branch-of-a-pull-request |
Backport Node 8 from master