Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 749591242534
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 9282ad68812c
Choose a head ref
  • 8 commits
  • 4 files changed
  • 4 contributors

Commits on Mar 27, 2018

  1. openssl_1_1_0: 1.1.0g -> 1.1.0h (fixes CVE-2018-0739, CVE-2017-3738) 

    Also fixes CVE-2018-0733 but we do not support HP-UX to my knowledge :-)

Announcement at [1].

[1] https://www.openssl.org/news/secadv/20180327.txt

(cherry picked from commit 7211032)
    @andir
    andir committed Mar 27, 2018

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    marsam Mario Rodas
    GPG key ID: 4C4BEFD7B18DC5E8
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    33aedce View commit details

  2. openssl: 1.0.2n -> 1.0.2o (fixes CVE-2017-3738, CVE-2018-0739) 

    Announcement can be found at [1].

[1] https://www.openssl.org/news/secadv/20180327.txt

(cherry picked from commit 4bf9b4a)
    @andir
    andir committed Mar 27, 2018

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    marsam Mario Rodas
    GPG key ID: 4C4BEFD7B18DC5E8
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    4e63b37 View commit details

  3. firefox-bin: 59.0.1 -> 59.0.2 

    Fixes MFSA2018-10 [1].

[1] https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/

(cherry picked from commit 6abbe39)
    @andir
    andir committed Mar 27, 2018
    Copy the full SHA
    2a74e47 View commit details

  4. firefox-esr: 52.7.2esr -> 52.7.3esr 

    Fixes MFSA2018-10 [1].

[1] https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/

(cherry picked from commit 24a2c3f)
    @andir
    andir committed Mar 27, 2018

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    b23c467 View commit details

  5. firefox: 59.0.1 -> 59.0.2 

    (cherry picked from commit 73a7d67)
    @7c6f434c @andir
    7c6f434c authored and andir committed Mar 27, 2018
    Copy the full SHA
    4f9505f View commit details

Commits on Mar 28, 2018

  1. Fix build failures with DBD-SQLite 

    This passes the correct compilation flags to the builder so we pick up
the path to sqlite, and (despite the fact that it's a development
version), also updates to version 1.55_07 to fix
DBD-SQLite/DBD-SQLite#28
    @andrew-d @matthewbauer
    andrew-d authored and matthewbauer committed Mar 28, 2018
    Copy the full SHA
    ae5c5c0 View commit details

  2. Merge pull request #37947 from andir/17.09/openssl 

    [17.09] openssl{,1_1_0} update (1.0.2o, 1.1.0h)
    @andir
    andir authored Mar 28, 2018
    Copy the full SHA
    a58c1ce View commit details

  3. Merge pull request #37963 from andir/17.09/firefox 

    [17.09] firefox{,-bin,-esr} updates for MFSA2018-10
    @fpletz
    fpletz authored Mar 28, 2018
    Copy the full SHA
    9282ad6 View commit details
778 changes: 389 additions & 389 deletions pkgs/applications/networking/browsers/firefox-bin/release_sources.nix
View file

Large diffs are not rendered by default.

10 changes: 5 additions & 5 deletions pkgs/applications/networking/browsers/firefox/packages.nix
View file
Original file line number Diff line number Diff line change
@@ -6,10 +6,10 @@ rec {

firefox = common rec {
pname = "firefox";
version = "59.0.1";
version = "59.0.2";
src = fetchurl {
url = "https://hg.mozilla.org/releases/mozilla-release/archive/3db9e3d52b17563efca181ccbb50deb8660c59ae.tar.bz2";
sha512 = "3da3gmfv2aalsbsx15csas4mwnvlliy1q081sd2riz3nvxr7qyrdx1qvxj4gdr97wlmvz7mig9djhh5gwx7ddah5hfhj23cvccmw6jw";
url = "https://hg.mozilla.org/releases/mozilla-release/archive/239e434d6d2b8e1e2b697c3416d1e96d48fe98e5.tar.bz2";
sha512 = "3kfh224sfc9ig4733frnskcs49xzjkrs00lxllsvx1imm6f4sf117mqlvc7bhgrn8ldiqn6vaa5g6gd9b7awkk1g975bbzk9namb3yv";
};

patches =
@@ -28,10 +28,10 @@ rec {

firefox-esr = common rec {
pname = "firefox-esr";
version = "52.7.2esr";
version = "52.7.3esr";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "e275fd10fd32a0dc237135af3395e3a1ae501844632c973ff3b9bca1456702ee36dbee99fc57300598403c924c0db63bd62a199845c8f4a2e29db5d1e5973395";
sha512 = "31y3qrslg61724vmly6gr1lqcrqgpkh3zsl8riax45gizfcp3qbgkvmd5wwfn9fiwjqi6ww3i08j51wxrfxcxznv7c6qzsvzzc30mgw";
};

meta = firefox.meta // {
15 changes: 4 additions & 11 deletions pkgs/development/libraries/openssl/default.nix
View file
Original file line number Diff line number Diff line change
@@ -108,20 +108,13 @@ let
in {

openssl_1_0_2 = common {
version = "1.0.2n";
sha256 = "1zm82pyq5a9jm10q6iv7d3dih3xwjds4x30fqph3k317byvsn2rp";
version = "1.0.2o";
sha256 = "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc";
};

openssl_1_1_0 = common {
version = "1.1.0g";
sha256 = "1bvka2wf33w2vxv7yw578nnjqyhz2b3chvfb0l4k2ffscw950kfy";
patches = [
(fetchpatch {
name = "CVE-2017-3738.patch";
url = "https://github.com/openssl/openssl/commit/563066.patch";
sha256 = "0ni9fwpxf8raw8b58pfa15akbqmxx4q64v0ldsm4b9dqhbxf8mkz";
})
];
version = "1.1.0h";
sha256 = "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq";
};

}
9 changes: 4 additions & 5 deletions pkgs/development/perl-modules/DBD-SQLite/default.nix
View file
Original file line number Diff line number Diff line change
@@ -2,11 +2,11 @@

buildPerlPackage rec {
name = "DBD-SQLite-${version}";
version = "1.54";
version = "1.55_07";

src = fetchurl {
url = "mirror://cpan/authors/id/I/IS/ISHIGAKI/${name}.tar.gz";
sha256 = "3929a6dbd8d71630f0cb57f85dcef9588cd7ac4c9fa12db79df77b9d3a4d7269";
url = "https://github.com/DBD-SQLite/DBD-SQLite/archive/${version}.tar.gz";
sha256 = "0213a31eb7b5afc2d7b3775ca2d1717d07fc7e9ed21ae73b2513a8d54ca222d8";
};

propagatedBuildInputs = [ DBI ];
@@ -17,8 +17,7 @@ buildPerlPackage rec {
./external-sqlite.patch
];

SQLITE_INC = sqlite.dev + "/include";
SQLITE_LIB = sqlite.out + "/lib";
makeMakerFlags = "SQLITE_INC=${sqlite.dev}/include SQLITE_LIB=${sqlite.out}/lib";

preBuild =
''