Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 590320e107e1
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 41164d94ab4a
Choose a head ref
  • 3 commits
  • 3 files changed
  • 2 contributors

Commits on Apr 4, 2018

  1. nixos/tests.chromium: actually notice the tab crash 

    Argh, debugging NixOS tests takes forever…

(cherry picked from commit 1afb6e7)
    @7c6f434c
    7c6f434c committed Apr 4, 2018

    Verified

    This commit was signed with the committer’s verified signature.
    benjamn Ben Newman
    GPG key ID: 15D2E57778C1A4BF
    Verified
    Learn about vigilant mode
    Copy the full SHA
    d78695d View commit details

  2. go_1_10: 1.10 -> 1.10.1 

    This updates go to the latest version of the golang 1.10 branch.
A few minor (but important) things are fixed in this version:

* CVE-2018-7187 - arbitrary code execution in `go get` (when used with
  --insecure) [1]
* Extended Key Usage verification in client certificate scenarios [3]
* a bunch of stability changes

The full list of changes can se been on GitHub [2] & [4].

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7187
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.10.1
[3] golang/go#23884
[4] golang/go#24563

(cherry picked from commit 568d30b)
    @andir @Mic92
    andir authored and Mic92 committed Apr 4, 2018

    Verified

    This commit was signed with the committer’s verified signature.
    benjamn Ben Newman
    GPG key ID: 15D2E57778C1A4BF
    Verified
    Learn about vigilant mode
    Copy the full SHA
    ba49d72 View commit details

  3. go_1_9: 1.9.4 -> 1.9.5 

    This is a maintenance bump of the golang 1.9 version.

Within the updates are a few bug fixes including an (extended?)
fix for CVE-2018-7187 [1].

The complete changelog is available at the golang GitHub project [2].

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7187
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.9.5

(cherry picked from commit e9f74b9)
    @andir @Mic92
    andir authored and Mic92 committed Apr 4, 2018

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    41164d9 View commit details
Showing with 26 additions and 6 deletions.
  1. +22 −2 nixos/tests/chromium.nix
  2. +2 −2 pkgs/development/compilers/go/1.10.nix
  3. +2 −2 pkgs/development/compilers/go/1.9.nix
24 changes: 22 additions & 2 deletions nixos/tests/chromium.nix
View file
Original file line number Diff line number Diff line change
@@ -151,11 +151,11 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
$machine->screenshot("sandbox_info");
$machine->succeed(ru "${xdo "submit-url" ''
$machine->succeed(ru "${xdo "find-window" ''
search --sync --onlyvisible --name "sandbox status"
windowfocus --sync
''}");
$machine->succeed(ru "${xdo "submit-url" ''
$machine->succeed(ru "${xdo "copy-sandbox-info" ''
key --delay 1000 Ctrl+a Ctrl+c
''}");
@@ -166,6 +166,26 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
&& $clipboard =~ /network namespaces.*yes/mi
&& $clipboard =~ /seccomp.*sandbox.*yes/mi
&& $clipboard =~ /you are adequately sandboxed/mi;
$machine->sleep(1);
$machine->succeed(ru "${xdo "find-window-after-copy" ''
search --onlyvisible --name "sandbox status"
''}");
my $clipboard = $machine->succeed(ru "echo void | ${pkgs.xclip}/bin/xclip -i");
$machine->succeed(ru "${xdo "copy-sandbox-info" ''
key --delay 1000 Ctrl+a Ctrl+c
''}");
my $clipboard = $machine->succeed(ru "${pkgs.xclip}/bin/xclip -o");
die "copying twice in a row does not work properly: $clipboard"
unless $clipboard =~ /namespace sandbox.*yes/mi
&& $clipboard =~ /pid namespaces.*yes/mi
&& $clipboard =~ /network namespaces.*yes/mi
&& $clipboard =~ /seccomp.*sandbox.*yes/mi
&& $clipboard =~ /you are adequately sandboxed/mi;
$machine->screenshot("afer_copy_from_chromium");
};
$machine->shutdown;
4 changes: 2 additions & 2 deletions pkgs/development/compilers/go/1.10.nix
View file
Original file line number Diff line number Diff line change
@@ -25,13 +25,13 @@ in

stdenv.mkDerivation rec {
name = "go-${version}";
version = "1.10";
version = "1.10.1";

src = fetchFromGitHub {
owner = "golang";
repo = "go";
rev = "go${version}";
sha256 = "1dzs1mz3zxgg1qyi2lrlxdz1lsvazxvmj9cb69pgqnwjlh3jpw0l";
sha256 = "1wqwy52ibb343a4v7b9q26xa6r5jk4khfxd90wbpcayws8cxly8m";
};

# perl is used for testing go vet
4 changes: 2 additions & 2 deletions pkgs/development/compilers/go/1.9.nix
View file
Original file line number Diff line number Diff line change
@@ -25,13 +25,13 @@ in

stdenv.mkDerivation rec {
name = "go-${version}";
version = "1.9.4";
version = "1.9.5";

src = fetchFromGitHub {
owner = "golang";
repo = "go";
rev = "go${version}";
sha256 = "15d9lfiy1cjfz6nqnig5884ykqckx58cynd1bva1xna7bwcwwp2r";
sha256 = "15dx1b71xv7b265gqk9nv02pirggpw7d83apikhrza2qkj64ydd0";
};

# perl is used for testing go vet