tjh.dev
commits
Changelog: https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-5-8-released/
(cherry picked from commit 99b09d6b8f201379bb34f01a1acacdc1c3950c46)
(cherry picked from commit c13f1a508d6128d7cdea247d21015b5df8e44132)
Changelog: https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-5-7-released/
(cherry picked from commit 5e76e7b4301981d4118337c8f9a14a27cc5c7995)
Changelog:
- https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-4-8-released/
- https://www.ruby-lang.org/en/news/2019/10/02/ruby-2-4-9-released/
(cherry picked from commit 5ed9d8b8aaa1ce53b658704e075387678ba19222)
(cherry picked from commit 179ab1985629ff13b4445e1d75897f657aa2ceac)
Only includes a small fix for the login into the Robot Web interface,
which is used to eg. provide access to admin accounts (which in turn is
used by the NixOps Hetzner backend).
Signed-off-by: aszlig <aszlig@nix.build>
(cherry picked from commit 56009d4a8d0a7b9d424fea78b300fee3c92d21d5)
If our old Nix can’t evaluate the Nixpkgs channel, try the fallback
from the new channel /first/. That way we can upgrade Nix to a newer
version and support breaking changes to Nix (like seen in the upgrade
o Nix 2.0).
This change should be backported to older NixOS versions!
(cherry picked from commit 475c8aa018bbdd99e7e9d693c7207cdccdcde7b3)
grpcio currently does not build on Darwin (10.13.6). Due to the
following issues:
* ar is invoked with incorrect flags (#33765).
* libtool cannot be found, with a libtool dependency, with libtool
the option '-no_warning_for_no_symbols' is not recognized.
* the module build cannot find boringssl that is packaged with
python-grpcio when pkgconfig is not installed (grpc/#10058).
(cherry picked from commit 4beb94d6d6b7cf1829c27b1fd52d43707fbc1844)
release-18.03: linux: Fix kernel build for Linux >= 4.14.90
Similar to 98ac5710bd493b36635bc1f9c2924bb66605e6f5.
(cherry picked from commit dea57f15e9559056f96264e97271136f1ba476a6)
(cherry picked from commit a5f447e16a9c2a04047c559d25ceb42fe6f6620b)
(cherry picked from commit 54ce2e016b338e47632b8f35c19987823c95d6e6)
(cherry picked from commit e29ebd9e51d20f132c41fb8f641aaf6a5bbc5cd5)
(cherry picked from commit 56fcbb2f7882445d77bd5ba60bd11f22f743c540)
(cherry picked from commit 2e749ccd868d3cf38e61aa6e98a2641cf8dad432)
(cherry picked from commit f335fa6d74cf6ec7ace4d2fe7ef28e030126064e)
(cherry picked from commit 1f92bdcd948b5198fb28e6899edf361e7979aa20)
(cherry picked from commit adf8cdd67dc225bab32606aaaed08559601bf85e)
(cherry picked from commit 5fa8435719a1ad5b7ac8f57ce3c6e47cebafbdeb)
(cherry picked from commit 1567d09a49613f1bc21d6d5905fe339a26d82ed0)
(cherry picked from commit e945771e4ca6780fd8df8520ad595bcdc529ed6f)
(cherry picked from commit 1f7266cbbb1579238b7e5958accd9668dce87022)
(cherry picked from commit c29204b85278648279a6ed78db0dc4e4a85d4cfe)
(cherry picked from commit 4440f74ae57fd83f875f2f340eeed95c015a1b45)
(cherry picked from commit 2a533a71e36a41bfdde0e4dd880604a7141a985e)
(cherry picked from commit 23ef67470136839682322d33d94988fb25c13613)
[18.03] libtiff: fix download url
(cherry picked from commit 94906bfefed6cb7c1fe53fceb81038ddc8ee8ebc)
(cherry picked from commit 2c3325ecf9af6f1d5a237190028d28a44ba210b3)
(cherry picked from commit 86f9ac22e24143e60eb4b8eacbbc46b79a99bb0d)
(cherry picked from commit 5879586e0109bd9717ed557f04bb13ab19b2ec67)
(cherry picked from commit fa138b55a6d289151a2b4f7b0ea1b18d22ee6576)
(cherry picked from commit 917309fa62f411ed3aa87904f20fd716d936a670)
(cherry picked from commit 1e8694d3d75ba87551b207a1d82d702ca9cc6ee5)
(cherry picked from commit 52fc63e37b38f353795a06830bd6024fcf8d66d6)
Critical security fixes.
(cherry picked from commit 5b94195d216b77e97645198d60812680e7da29a5)
This reduces the closure size from 1689 MiB to 425 MiB.
(cherry picked from commit 2be42950c3b726f3cbf8c0198c66190aed094121)
(cherry picked from commit 338d38e57b68e12a2f015e9eabe561accefcad4f)
(cherry picked from commit 7395bd34f76e22abc4e4c79847fd978a713da932)
(cherry picked from commit e64068cdbfe0a5d6543da6986376763e3d588711)
(cherry picked from commit 98b6ecace1eea344987f6f942e88e550825f4aca)
(cherry picked from commit fb44ed79d22c88145132f49c0747def014528b68)
(cherry picked from commit bd636c897724c4c26171a8486c153c37c2a38eac)
Fixes CVE-2018-10933:
libssh versions 0.6 and above have an authentication bypass
vulnerability in the server code. By presenting the server an
SSH2_MSG_USERAUTH_SUCCESS message in place of the
SSH2_MSG_USERAUTH_REQUEST message which the server would expect to
initiate authentication, the attacker could successfully authentciate
without any credentials.
Source:
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
(cherry picked from commit eca462813d7586063deb5c9989ae9bcef29f9495)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/ntp/versions.
(cherry picked from commit 2524ad67da82f35d367e905994bd442b094f89c3)
(cherry picked from commit 6aba5e26b3bf79ba8e193ea3ece74011c1b33ce0)
(cherry picked from commit f71cc5f744d3fb4a08ce622a803b045e6ba4f013)
Security release: https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html
This release adds support for building with cmake!
So switch to that eagerly instead of fighting with bam.
(if nothing else cmake is the devil we know...)
Also:
* fixup 'DATA_DIR' so programs can find resources
(without need for wrappers)
* install readme+license as previously done ("docs")
* don't install tools since not built or installed by default
* esp since doesn't appear to have non-adhoc method for installation
* other distros don't seem to include
(cherry picked from commit 18258bae34ad16e808a2f5447962008d082fd19f)
Fixes CVE-2018-18541.
Fixes CVE-2018-11759, CVE-2018-1323, CVE-2016-6808.
(cherry picked from commit 9fe0e57d9d5e8ae95d081d8e33b867bcfbc4ba24)
Fixes CVE-2018-18820.
(cherry picked from commit 24d6c0dbde49ca939751fe6caff0f9af3d0e6723)
meshlab: 2016.02 -> 20180627-beta
[18.03] nixos/trezord: revised and updated udev rules
[18.03] mosquitto: 1.4.14 ->1.5.3
Changelog: https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-5-8-released/
(cherry picked from commit 99b09d6b8f201379bb34f01a1acacdc1c3950c46)
If our old Nix can’t evaluate the Nixpkgs channel, try the fallback
from the new channel /first/. That way we can upgrade Nix to a newer
version and support breaking changes to Nix (like seen in the upgrade
o Nix 2.0).
This change should be backported to older NixOS versions!
(cherry picked from commit 475c8aa018bbdd99e7e9d693c7207cdccdcde7b3)
grpcio currently does not build on Darwin (10.13.6). Due to the
following issues:
* ar is invoked with incorrect flags (#33765).
* libtool cannot be found, with a libtool dependency, with libtool
the option '-no_warning_for_no_symbols' is not recognized.
* the module build cannot find boringssl that is packaged with
python-grpcio when pkgconfig is not installed (grpc/#10058).
(cherry picked from commit 4beb94d6d6b7cf1829c27b1fd52d43707fbc1844)
Fixes CVE-2018-10933:
libssh versions 0.6 and above have an authentication bypass
vulnerability in the server code. By presenting the server an
SSH2_MSG_USERAUTH_SUCCESS message in place of the
SSH2_MSG_USERAUTH_REQUEST message which the server would expect to
initiate authentication, the attacker could successfully authentciate
without any credentials.
Source:
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
(cherry picked from commit eca462813d7586063deb5c9989ae9bcef29f9495)
This release adds support for building with cmake!
So switch to that eagerly instead of fighting with bam.
(if nothing else cmake is the devil we know...)
Also:
* fixup 'DATA_DIR' so programs can find resources
(without need for wrappers)
* install readme+license as previously done ("docs")
* don't install tools since not built or installed by default
* esp since doesn't appear to have non-adhoc method for installation
* other distros don't seem to include
(cherry picked from commit 18258bae34ad16e808a2f5447962008d082fd19f)
Fixes CVE-2018-18541.