commit 1931ad0e2cbb636d9fa09e3aa5afff24cc9b7deb · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

qemu: 2.8.1 -> 2.9.0

authored by Volth and committed by Michael Raskin 8 years ago 1931ad0e 37b0be68

+8 -67

2 changed files

expand all

unified split

pkgs

applications

virtualization

qemu

default.nix

no-etc-install.patch

+4 -62

pkgs/applications/virtualization/qemu/default.nix

··· 18 18 19 19 with stdenv.lib; 20 20 let 21 - version = "2.8.1"; 21 + version = "2.9.0"; 22 22 audio = optionalString (hasSuffix "linux" stdenv.system) "alsa," 23 23 + optionalString pulseSupport "pa," 24 24 + optionalString sdlSupport "sdl,"; ··· 33 33 34 34 src = fetchurl { 35 35 url = "http://wiki.qemu.org/download/qemu-${version}.tar.bz2"; 36 - sha256 = "1kdv8aa800rbsz9qnm4saw79vr052p83by21ryah68ics9z4r3h1"; 36 + sha256 = "053c7ivp3li7cdagzkp2wdc5myybzjf826r6qfkcf0xvn4bv5gq0"; 37 37 }; 38 38 39 39 buildInputs = ··· 54 54 55 55 enableParallelBuilding = true; 56 56 57 - patches = let 58 - upstreamPatch = name: commit: sha256: fetchurl { 59 - name = "${name}.patch"; 60 - url = "http://git.qemu-project.org/?p=qemu.git;a=patch;h=${commit}"; 61 - inherit sha256; 62 - }; 63 - in [ 64 - ./no-etc-install.patch 65 - 66 - # bugfixes 67 - # xhci: fix event queue IRQ handling 68 - (upstreamPatch "qemu-fix-win7-xhci" "7da76e12cc5cc902dda4c168d8d608fd4e61cbc5" 69 - "0m1ggbxziy7vqz9007ypzg23cni8cc4db36wlnhxz0kdpq70c6x0") 70 - 71 - # xhci: only free completed transfers 72 - (upstreamPatch "qemu-xhci-free-completed-transfers" "f94d18d6c6df388fde196d3ab252f57e33843a8b" 73 - "0lk19qss6ky7cqnvis54742cr2z0vl8c64chhch0kp6n83hray9x") 74 - 75 - # security fixes from upstream 76 - # net: imx: limit buffer descriptor count 77 - (upstreamPatch "CVE-2016-7907" "81f17e0d435c3db3a3e67e0d32ebf9c98973211f" 78 - "0dzghbm3jmnyw34kd40a6akrr1cpizd9hdzqmhlc2ljab7pr1rcb") 79 - 80 - # watchdog: 6300esb: add exit function 81 - (upstreamPatch "CVE-2016-10155" "eb7a20a3616085d46aa6b4b4224e15587ec67e6e" 82 - "1xk00fyls0hdza11dyfrnzcn6gibmmcrwy7sxgp6iizp6wgzi3vw") 83 - 84 - # audio: ac97: add exit function 85 - (upstreamPatch "CVE-2017-5525" "12351a91da97b414eec8cdb09f1d9f41e535a401" 86 - "190b4aqr35p4lb3rjarknfi1ip1c9zizliqp1dd6frx4364y5yp2") 87 - 88 - # audio: es1370: add exit function 89 - (upstreamPatch "CVE-2017-5526" "069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da" 90 - "05xgzd3zldk3x2vqpjag9z5ilhdkpkyh633fb5kvnz8scns6v86f") 91 - 92 - # serial: fix memory leak in serial exit 93 - (upstreamPatch "CVE-2017-5579" "8409dc884a201bf74b30a9d232b6bbdd00cb7e2b" 94 - "0lbcyhif1kdcy8my0bv8aqr2f421kmljcch3plrjzj9pgcm4sv83") 95 - 96 - # megasas: fix guest-triggered memory leak 97 - (upstreamPatch "CVE-2017-5856" "765a707000e838c30b18d712fe6cb3dd8e0435f3" 98 - "03pjkn8l8rp9ip5h5rm1dp0nrwd43nmgpwamz4z1vy3rli1z3yjw") 99 - 100 - # virtio-gpu: fix resource leak in virgl_cmd_resource_unref 101 - (upstreamPatch "CVE-2017-5857" "5e8e3c4c75c199aa1017db816fca02be2a9f8798" 102 - "1kz14rmxf049zl5m27apzpbvy8dk0g47n9gnwy0nm70g65rl1dh8") 103 - 104 - # usb: ccid: check ccid apdu length 105 - (upstreamPatch "CVE-2017-5898" "c7dfbf322595ded4e70b626bf83158a9f3807c6a" 106 - "1y2j0qw04s8fl0cs8i619y08kj75lxn3c0y19g710fzpk3rq8dvn") 107 - 108 - # xhci: apply limits to loops 109 - (upstreamPatch "CVE-2017-5973" "f89b60f6e5fee3923bedf80e82b4e5efc1bb156b" 110 - "06niyighjxb4p5z2as3mqfmrwrzn4sq47j7raipbq9gnda7x9sw6") 111 - 112 - # sd: sdhci: check transfer mode register in multi block transfer 113 - (upstreamPatch "CVE-2017-5987" "6e86d90352adf6cb08295255220295cf23c4286e" 114 - "09yfxf93cisx8rhm0h48ib1ibwfs420k5pqpz8dnz33nci9567jm") 115 - 116 - ] ++ optional nixosTestRunner ./force-uid0-on-9p.patch; 57 + patches = [ ./no-etc-install.patch ] 58 + ++ optional nixosTestRunner ./force-uid0-on-9p.patch; 117 59 118 60 hardeningDisable = [ "stackprotector" ]; 119 61

+4 -5

pkgs/applications/virtualization/qemu/no-etc-install.patch

··· 1 1 --- a/Makefile 2 2 +++ b/Makefile 3 - @@ -461,7 +461,7 @@ 3 + @@ -597,7 +597,7 @@ 4 4 5 5 6 - install: all $(if $(BUILD_DOCS),install-doc) \ 7 - -install-datadir install-localstatedir 8 - +install-datadir 6 + -install: all $(if $(BUILD_DOCS),install-doc) install-datadir install-localstatedir 7 + +install: all $(if $(BUILD_DOCS),install-doc) install-datadir 9 8 ifneq ($(TOOLS),) 10 - $(call install-prog,$(TOOLS),$(DESTDIR)$(bindir)) 9 + $(call install-prog,$(subst qemu-ga,qemu-ga$(EXESUF),$(TOOLS)),$(DESTDIR)$(bindir)) 11 10 endif