diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2016-12-24 10:50:49 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2016-12-24 10:50:49 +0100 |
| commit | c655399126608c80b66566e847764346a4b4383d (patch) | |
| tree | 92503afd90d9ff27d5b5fc60524b57b235a0c358 | |
| parent | 324a115747ade5e7a3fa932d453ba49cbc1c48df (diff) | |
| parent | 0e2f1af5e748df1eacf8c92785a68dde8d03c779 (diff) | |
| download | nixpkgs-c655399126608c80b66566e847764346a4b4383d.tar nixpkgs-c655399126608c80b66566e847764346a4b4383d.tar.gz nixpkgs-c655399126608c80b66566e847764346a4b4383d.tar.bz2 nixpkgs-c655399126608c80b66566e847764346a4b4383d.tar.lz nixpkgs-c655399126608c80b66566e847764346a4b4383d.tar.xz nixpkgs-c655399126608c80b66566e847764346a4b4383d.tar.zst nixpkgs-c655399126608c80b66566e847764346a4b4383d.zip | |
Merge branch 'staging'
27 files changed, 515 insertions, 169 deletions
diff --git a/pkgs/development/libraries/cairo/default.nix b/pkgs/development/libraries/cairo/default.nix index 71aa1874951..5d201c52312 100644 --- a/pkgs/development/libraries/cairo/default.nix +++ b/pkgs/development/libraries/cairo/default.nix @@ -12,11 +12,11 @@ assert glSupport -> mesa_noglu != null; with { inherit (stdenv.lib) optional optionals; }; stdenv.mkDerivation rec { - name = "cairo-1.14.6"; + name = "cairo-1.14.8"; src = fetchurl { url = "http://cairographics.org/releases/${name}.tar.xz"; - sha256 = "0lmjlzmghmr27y615px9hkm552x7ap6pmq9mfbzr6smp8y2b6g31"; + sha1 = "c6f7b99986f93c9df78653c3e6a3b5043f65145e"; }; infinality = fetchFromGitHub { diff --git a/pkgs/development/libraries/cyrus-sasl/default.nix b/pkgs/development/libraries/cyrus-sasl/default.nix index 5bbfd6e375e..05eb575547d 100644 --- a/pkgs/development/libraries/cyrus-sasl/default.nix +++ b/pkgs/development/libraries/cyrus-sasl/default.nix @@ -2,7 +2,8 @@ with stdenv.lib; stdenv.mkDerivation rec { - name = "cyrus-sasl-2.1.26${optionalString (kerberos == null) "-without-kerberos"}"; + name = "cyrus-sasl-${version}${optionalString (kerberos == null) "-without-kerberos"}"; + version = "2.5.10"; src = fetchurl { url = "ftp://ftp.cyrusimap.org/cyrus-sasl/${name}.tar.gz"; diff --git a/pkgs/development/libraries/glib/default.nix b/pkgs/development/libraries/glib/default.nix index 87c511f00dd..c7c704c641f 100644 --- a/pkgs/development/libraries/glib/default.nix +++ b/pkgs/development/libraries/glib/default.nix @@ -99,7 +99,12 @@ stdenv.mkDerivation rec { moveToOutput "share/glib-2.0" "$dev" substituteInPlace "$dev/bin/gdbus-codegen" --replace "$out" "$dev" sed -i "$dev/bin/glib-gettextize" -e "s|^gettext_dir=.*|gettext_dir=$dev/share/glib-2.0/gettext|" - ''; + '' + # This file is *included* in gtk3 and would introduce runtime reference via __FILE__. + + '' + sed '1i#line 1 "${name}/include/glib-2.0/gobject/gobjectnotifyqueue.c"' \ + -i "$dev"/include/glib-2.0/gobject/gobjectnotifyqueue.c + ''; inherit doCheck; preCheck = optionalString doCheck diff --git a/pkgs/development/libraries/gtk+/3.x.nix b/pkgs/development/libraries/gtk+/3.x.nix index b50264f3a02..1b938215d17 100644 --- a/pkgs/development/libraries/gtk+/3.x.nix +++ b/pkgs/development/libraries/gtk+/3.x.nix @@ -13,7 +13,7 @@ with stdenv.lib; let ver_maj = "3.22"; - ver_min = "4"; + ver_min = "5"; version = "${ver_maj}.${ver_min}"; in stdenv.mkDerivation rec { @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/gtk+/${ver_maj}/gtk+-${version}.tar.xz"; - sha256 = "0zrq3wq4x0vcrzapps0608d5ywcrwk9xb2rmg32h2g8kzvyad53h"; + sha256 = "693fa0ac643c59ccd51db99cabe476b4e0a41fd4f0c3c8b3e3ef38f94b2e7334"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/libraries/json-glib/default.nix b/pkgs/development/libraries/json-glib/default.nix index 9505192ef8a..9d434c088ba 100644 --- a/pkgs/development/libraries/json-glib/default.nix +++ b/pkgs/development/libraries/json-glib/default.nix @@ -17,6 +17,8 @@ stdenv.mkDerivation rec { NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isDarwin "-lintl"; + outputs = [ "out" "dev" ]; + meta = with stdenv.lib; { homepage = http://live.gnome.org/JsonGlib; description = "A library providing (de)serialization support for the JavaScript Object Notation (JSON) format"; diff --git a/pkgs/development/libraries/kerberos/krb5.nix b/pkgs/development/libraries/kerberos/krb5.nix index 8fda2b7e584..1b8c274c457 100644 --- a/pkgs/development/libraries/kerberos/krb5.nix +++ b/pkgs/development/libraries/kerberos/krb5.nix @@ -11,11 +11,12 @@ in with stdenv.lib; stdenv.mkDerivation rec { name = "${type}krb5-${version}"; - version = "1.14.3"; + majorVersion = "1.15"; + version = "${majorVersion}"; src = fetchurl { - url = "${meta.homepage}dist/krb5/1.14/krb5-${version}.tar.gz"; - sha256 = "1jgjiyh1sp72lkxvk437lz5hzcibvw99jc4ihzfz03fg43aj0ind"; + url = "${meta.homepage}dist/krb5/${majorVersion}/krb5-${version}.tar.gz"; + sha256 = "0z0jxm6ppbxi9anv2h12nrb5lpwl95f96kw6dx7sn268fhkpad7x"; }; configureFlags = optional stdenv.isFreeBSD ''WARN_CFLAGS=""''; @@ -26,8 +27,6 @@ stdenv.mkDerivation rec { buildInputs = [ openssl ] ++ optionals (!libOnly) [ openldap libedit ]; - patches = [ ./path_char_fix.patch ]; - preConfigure = "cd ./src"; buildPhase = optionalString libOnly '' diff --git a/pkgs/development/libraries/kerberos/path_char_fix.patch b/pkgs/development/libraries/kerberos/path_char_fix.patch deleted file mode 100644 index 2a6dc4c11c3..00000000000 --- a/pkgs/development/libraries/kerberos/path_char_fix.patch +++ /dev/null @@ -1,38 +0,0 @@ -See https://github.com/krb5/krb5/pull/467 -diff --git a/src/include/Makefile.in b/src/include/Makefile.in -index 4bb11e4..cb4b44b 100644 ---- a/src/include/Makefile.in -+++ b/src/include/Makefile.in -@@ -57,19 +57,19 @@ SBINDIR = @sbindir@ - LIBDIR = @libdir@ - SYSCONFCONF = @SYSCONFCONF@ - --PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(KRB5RCTMPDIR)+" \ -- -e "s+@PREFIX+$(INSTALL_PREFIX)+" \ -- -e "s+@EXEC_PREFIX+$(INSTALL_EXEC_PREFIX)+" \ -- -e "s+@BINDIR+$(BINDIR)+" \ -- -e "s+@LIBDIR+$(LIBDIR)+" \ -- -e "s+@SBINDIR+$(SBINDIR)+" \ -- -e "s+@MODULEDIR+$(MODULE_DIR)+" \ -- -e "s+@GSSMODULEDIR+$(GSS_MODULE_DIR)+" \ -- -e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \ -- -e 's+@RUNSTATEDIR+$(RUNSTATEDIR)+' \ -- -e 's+@SYSCONFDIR+$(SYSCONFDIR)+' \ -- -e 's+@DYNOBJEXT+$(DYNOBJEXT)+' \ -- -e 's+@SYSCONFCONF+$(SYSCONFCONF)+' -+PROCESS_REPLACE = -e "s\"@KRB5RCTMPDIR\"$(KRB5RCTMPDIR)\"" \ -+ -e "s\"@PREFIX\"$(INSTALL_PREFIX)\"" \ -+ -e "s\"@EXEC_PREFIX\"$(INSTALL_EXEC_PREFIX)\"" \ -+ -e "s\"@BINDIR\"$(BINDIR)\"" \ -+ -e "s\"@LIBDIR\"$(LIBDIR)\"" \ -+ -e "s\"@SBINDIR\"$(SBINDIR)\"" \ -+ -e "s\"@MODULEDIR\"$(MODULE_DIR)\"" \ -+ -e "s\"@GSSMODULEDIR\"$(GSS_MODULE_DIR)\"" \ -+ -e "s\"@LOCALSTATEDIR\"$(LOCALSTATEDIR)\"" \ -+ -e "s\"@RUNSTATEDIR\"$(RUNSTATEDIR)\"" \ -+ -e "s\"@SYSCONFDIR\"$(SYSCONFDIR)\"" \ -+ -e "s\"@DYNOBJEXT\"$(DYNOBJEXT)\"" \ -+ -e "s\"@SYSCONFCONF\"$(SYSCONFCONF)\"" - - OSCONFSRC = $(srcdir)/osconf.hin - diff --git a/pkgs/development/libraries/libuv/default.nix b/pkgs/development/libraries/libuv/default.nix index db77a6fefc3..f9e7cf389bb 100644 --- a/pkgs/development/libraries/libuv/default.nix +++ b/pkgs/development/libraries/libuv/default.nix @@ -1,5 +1,4 @@ { stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, pkgconfig - , ApplicationServices, CoreServices }: stdenv.mkDerivation rec { @@ -13,10 +12,15 @@ stdenv.mkDerivation rec { sha256 = "0gna53fgsjjs38kv1g20xfaalv0fk3xncb6abga3saswrv283hx0"; }; - # these checks are probably network-dependent - postPatch = lib.optionalString doCheck '' - sed '/getnameinfo_basic/d' -i test/test-list.h - ''; + postPatch = let + toDisable = [ + "getnameinfo_basic" # probably network-dependent + "spawn_setuid_fails" "spawn_setgid_fails" "fs_chown" # user namespaces + ]; + tdRegexp = lib.concatStringsSep "\\|" toDisable; + in lib.optionalString doCheck '' + sed '/${tdRegexp}/d' -i test/test-list.h + ''; buildInputs = [ automake autoconf libtool pkgconfig ] ++ stdenv.lib.optionals stdenv.isDarwin [ ApplicationServices CoreServices ]; diff --git a/pkgs/development/libraries/ncurses/default.nix b/pkgs/development/libraries/ncurses/default.nix index 3eff1f3d5bb..bbf7d7108dd 100644 --- a/pkgs/development/libraries/ncurses/default.nix +++ b/pkgs/development/libraries/ncurses/default.nix @@ -102,6 +102,9 @@ stdenv.mkDerivation rec { done done + # create libtinfo symlink + ln -svf $out/lib/libncurses.$dylibtype $out/libtinfo.$dylibtype + # move some utilities to $bin # these programs are used at runtime and don't really belong in $dev moveToOutput "bin/clear" "$out" diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix index 080a3e35138..f7a026c52d4 100644 --- a/pkgs/development/libraries/nghttp2/default.nix +++ b/pkgs/development/libraries/nghttp2/default.nix @@ -1,26 +1,20 @@ { stdenv, fetchurl, pkgconfig # Optional Dependencies -, openssl ? null, libev ? null, zlib ? null, jansson ? null, boost ? null -, libxml2 ? null, jemalloc ? null +, openssl ? null, libev ? null, zlib ? null +#, jansson ? null, boost ? null, libxml2 ? null, jemalloc ? null }: stdenv.mkDerivation rec { name = "nghttp2-${version}"; - version = "1.16.1"; + version = "1.17.0"; # Don't use fetchFromGitHub since this needs a bootstrap curl src = fetchurl { url = "https://github.com/nghttp2/nghttp2/releases/download/v${version}/nghttp2-${version}.tar.bz2"; - sha256 = "069pw84f8gg21npapn7y1sizwn6w35692zaq5g45gy8hdbmcl8yc"; + sha256 = "7685b6717d205d3a251b7dd5e73a7ca5e643bc5c01f928b82bfeed30c243f28a"; }; - # Configure script searches for a symbol which does not exist in jemalloc on Darwin - # Reported upstream in https://github.com/tatsuhiro-t/nghttp2/issues/233 - postPatch = if stdenv.isDarwin && jemalloc != null then '' - substituteInPlace configure --replace "malloc_stats_print" "je_malloc_stats_print" - '' else null; - outputs = [ "out" "dev" "lib" ]; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/development/libraries/wxmac/default.nix b/pkgs/development/libraries/wxmac/default.nix index e5d680501f0..f4e71424833 100644 --- a/pkgs/development/libraries/wxmac/default.nix +++ b/pkgs/development/libraries/wxmac/default.nix @@ -1,7 +1,7 @@ -{ stdenv, fetchurl -, expat, libiconv, libjpeg, libpng, libtiff, zlib -, setfile, rez, derez -, AGL, Cocoa, Kernel, QuickTime +{ stdenv, fetchurl, fetchpatch, expat, libiconv, libjpeg, libpng, libtiff, zlib +# darwin only attributes +, derez, rez, setfile +, AGL, Cocoa, Kernel }: with stdenv.lib; @@ -15,11 +15,46 @@ stdenv.mkDerivation rec { sha256 = "346879dc554f3ab8d6da2704f651ecb504a22e9d31c17ef5449b129ed711585d"; }; - patches = [ ./wx.patch ]; + patches = + [ # Use std::abs() from <cmath> instead of abs() from <math.h> to avoid problems + # with abiguous overloads for clang-3.8 and gcc6. + (fetchpatch { + name = "patch-stc-abs.diff"; + url = https://github.com/wxWidgets/wxWidgets/commit/73e9e18ea09ffffcaac50237def0d9728a213c02.patch; + sha256 = "0w5whmfzm8waw62jmippming0zffa9064m5b3aw5nixph21rlcvq"; + }) + + # Various fixes related to Yosemite. Revisit in next stable release. + # Please keep an eye on http://trac.wxwidgets.org/ticket/16329 as well + # Theoretically the above linked patch should still be needed, but it isn't. + # Try to find out why. + (fetchpatch { + name = "patch-yosemite.diff"; + url = https://raw.githubusercontent.com/Homebrew/formula-patches/bbf4995/wxmac/patch-yosemite.diff; + sha256 = "0ss66z2a79v976mvlrskyj1zmkyaz8hbwm98p29bscfvcx5845jb"; + }) + + # Remove uncenessary <QuickTime/QuickTime.h> includes + # http://trac.wxwidgets.org/changeset/f6a2d1caef5c6d412c84aa900cb0d3990b350938/git-wxWidgets + (fetchpatch { + name = "patch-quicktime-removal.diff"; + url = https://raw.githubusercontent.com/Homebrew/formula-patches/bbf4995/wxmac/patch-quicktime-removal.diff; + sha256 = "0mzvdk8r70p9s1wj7qzdsqmdrlxlf2dalh9gqs8xjkqq2666yp0y"; + }) + + # Patch for wxOSXPrintData, custom paper not applied + # http://trac.wxwidgets.org/ticket/16959 + (fetchpatch { + name = "wxPaperCustomPatch.patch"; + url = http://trac.wxwidgets.org/raw-attachment/ticket/16959/wxPaperCustomPatch.patch; + sha256 = "0xgscv86f8dhggn9n8bhlq9wlj3ydsicgy9v35sraxyma18cbjvl"; + }) + ]; buildInputs = [ expat libiconv libjpeg libpng libtiff zlib - Cocoa Kernel QuickTime setfile rez derez + derez rez setfile + Cocoa Kernel ]; propagatedBuildInputs = [ AGL ]; diff --git a/pkgs/development/libraries/wxmac/wx.patch b/pkgs/development/libraries/wxmac/wx.patch deleted file mode 100644 index 622e22d1fdb..00000000000 --- a/pkgs/development/libraries/wxmac/wx.patch +++ /dev/null @@ -1,59 +0,0 @@ -diff --git a/include/wx/defs.h b/include/wx/defs.h -index 397ddd7..d128083 100644 ---- a/include/wx/defs.h -+++ b/include/wx/defs.h -@@ -3169,12 +3169,20 @@ DECLARE_WXCOCOA_OBJC_CLASS(UIImage); - DECLARE_WXCOCOA_OBJC_CLASS(UIEvent); - DECLARE_WXCOCOA_OBJC_CLASS(NSSet); - DECLARE_WXCOCOA_OBJC_CLASS(EAGLContext); -+DECLARE_WXCOCOA_OBJC_CLASS(UIWebView); - - typedef WX_UIWindow WXWindow; - typedef WX_UIView WXWidget; - typedef WX_EAGLContext WXGLContext; - typedef WX_NSString* WXGLPixelFormat; - -+typedef WX_UIWebView OSXWebViewPtr; -+ -+#endif -+ -+#if wxOSX_USE_COCOA_OR_CARBON -+DECLARE_WXCOCOA_OBJC_CLASS(WebView); -+typedef WX_WebView OSXWebViewPtr; - #endif - - #endif /* __WXMAC__ */ -diff --git a/include/wx/html/webkit.h b/include/wx/html/webkit.h -index 8700367..f805099 100644 ---- a/include/wx/html/webkit.h -+++ b/include/wx/html/webkit.h -@@ -18,7 +18,6 @@ - #endif - - #include "wx/control.h" --DECLARE_WXCOCOA_OBJC_CLASS(WebView); - - // ---------------------------------------------------------------------------- - // Web Kit Control -@@ -107,7 +106,7 @@ private: - wxString m_currentURL; - wxString m_pageTitle; - -- WX_WebView m_webView; -+ OSXWebViewPtr m_webView; - - // we may use this later to setup our own mouse events, - // so leave it in for now. -diff --git a/include/wx/osx/webview_webkit.h b/include/wx/osx/webview_webkit.h -index 803f8b0..438e532 100644 ---- a/include/wx/osx/webview_webkit.h -+++ b/include/wx/osx/webview_webkit.h -@@ -158,7 +158,7 @@ private: - wxWindowID m_windowID; - wxString m_pageTitle; - -- wxObjCID m_webView; -+ OSXWebViewPtr m_webView; - - // we may use this later to setup our own mouse events, - // so leave it in for now. diff --git a/pkgs/development/libraries/zlib/CVE-2016-9840.patch b/pkgs/development/libraries/zlib/CVE-2016-9840.patch new file mode 100644 index 00000000000..a8b84ff8413 --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9840.patch @@ -0,0 +1,71 @@ +From 6a043145ca6e9c55184013841a67b2fef87e44c0 Mon Sep 17 00:00:00 2001 +From: Mark Adler <madler@alumni.caltech.edu> +Date: Wed, 21 Sep 2016 23:35:50 -0700 +Subject: [PATCH] Remove offset pointer optimization in inftrees.c. + +inftrees.c was subtracting an offset from a pointer to an array, +in order to provide a pointer that allowed indexing starting at +the offset. This is not compliant with the C standard, for which +the behavior of a pointer decremented before its allocated memory +is undefined. Per the recommendation of a security audit of the +zlib code by Trail of Bits and TrustInSoft, in support of the +Mozilla Foundation, this tiny optimization was removed, in order +to avoid the possibility of undefined behavior. +--- + inftrees.c | 18 ++++++++---------- + 1 file changed, 8 insertions(+), 10 deletions(-) + +diff --git a/inftrees.c b/inftrees.c +index 22fcd66..0d2670d 100644 +--- a/inftrees.c ++++ b/inftrees.c +@@ -54,7 +54,7 @@ unsigned short FAR *work; + code FAR *next; /* next available space in table */ + const unsigned short FAR *base; /* base value table to use */ + const unsigned short FAR *extra; /* extra bits table to use */ +- int end; /* use base and extra for symbol > end */ ++ unsigned match; /* use base and extra for symbol >= match */ + unsigned short count[MAXBITS+1]; /* number of codes of each length */ + unsigned short offs[MAXBITS+1]; /* offsets in table for each length */ + static const unsigned short lbase[31] = { /* Length codes 257..285 base */ +@@ -181,19 +181,17 @@ unsigned short FAR *work; + switch (type) { + case CODES: + base = extra = work; /* dummy value--not used */ +- end = 19; ++ match = 20; + break; + case LENS: + base = lbase; +- base -= 257; + extra = lext; +- extra -= 257; +- end = 256; ++ match = 257; + break; + default: /* DISTS */ + base = dbase; + extra = dext; +- end = -1; ++ match = 0; + } + + /* initialize state for loop */ +@@ -216,13 +214,13 @@ unsigned short FAR *work; + for (;;) { + /* create table entry */ + here.bits = (unsigned char)(len - drop); +- if ((int)(work[sym]) < end) { ++ if (work[sym] + 1 < match) { + here.op = (unsigned char)0; + here.val = work[sym]; + } +- else if ((int)(work[sym]) > end) { +- here.op = (unsigned char)(extra[work[sym]]); +- here.val = base[work[sym]]; ++ else if (work[sym] >= match) { ++ here.op = (unsigned char)(extra[work[sym] - match]); ++ here.val = base[work[sym] - match]; + } + else { + here.op = (unsigned char)(32 + 64); /* end of block */ diff --git a/pkgs/development/libraries/zlib/CVE-2016-9841.patch b/pkgs/development/libraries/zlib/CVE-2016-9841.patch new file mode 100644 index 00000000000..e350b3d9642 --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9841.patch @@ -0,0 +1,224 @@ +From 9aaec95e82117c1cb0f9624264c3618fc380cecb Mon Sep 17 00:00:00 2001 +From: Mark Adler <madler@alumni.caltech.edu> +Date: Wed, 21 Sep 2016 22:25:21 -0700 +Subject: [PATCH] Use post-increment only in inffast.c. + +An old inffast.c optimization turns out to not be optimal anymore +with modern compilers, and furthermore was not compliant with the +C standard, for which decrementing a pointer before its allocated +memory is undefined. Per the recommendation of a security audit of +the zlib code by Trail of Bits and TrustInSoft, in support of the +Mozilla Foundation, this "optimization" was removed, in order to +avoid the possibility of undefined behavior. +--- + inffast.c | 81 ++++++++++++++++++++++++--------------------------------------- + 1 file changed, 31 insertions(+), 50 deletions(-) + +diff --git a/inffast.c b/inffast.c +index bda59ce..f0d163d 100644 +--- a/inffast.c ++++ b/inffast.c +@@ -10,25 +10,6 @@ + + #ifndef ASMINF + +-/* Allow machine dependent optimization for post-increment or pre-increment. +- Based on testing to date, +- Pre-increment preferred for: +- - PowerPC G3 (Adler) +- - MIPS R5000 (Randers-Pehrson) +- Post-increment preferred for: +- - none +- No measurable difference: +- - Pentium III (Anderson) +- - M68060 (Nikl) +- */ +-#ifdef POSTINC +-# define OFF 0 +-# define PUP(a) *(a)++ +-#else +-# define OFF 1 +-# define PUP(a) *++(a) +-#endif +- + /* + Decode literal, length, and distance codes and write out the resulting + literal and match bytes until either not enough input or output is +@@ -96,9 +77,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + + /* copy state to local variables */ + state = (struct inflate_state FAR *)strm->state; +- in = strm->next_in - OFF; ++ in = strm->next_in; + last = in + (strm->avail_in - 5); +- out = strm->next_out - OFF; ++ out = strm->next_out; + beg = out - (start - strm->avail_out); + end = out + (strm->avail_out - 257); + #ifdef INFLATE_STRICT +@@ -119,9 +100,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + input data or output space */ + do { + if (bits < 15) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + here = lcode[hold & lmask]; +@@ -134,14 +115,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ? + "inflate: literal '%c'\n" : + "inflate: literal 0x%02x\n", here.val)); +- PUP(out) = (unsigned char)(here.val); ++ *out++ = (unsigned char)(here.val); + } + else if (op & 16) { /* length base */ + len = (unsigned)(here.val); + op &= 15; /* number of extra bits */ + if (op) { + if (bits < op) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + len += (unsigned)hold & ((1U << op) - 1); +@@ -150,9 +131,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + } + Tracevv((stderr, "inflate: length %u\n", len)); + if (bits < 15) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + here = dcode[hold & dmask]; +@@ -165,10 +146,10 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + dist = (unsigned)(here.val); + op &= 15; /* number of extra bits */ + if (bits < op) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + if (bits < op) { +- hold += (unsigned long)(PUP(in)) << bits; ++ hold += (unsigned long)(*in++) << bits; + bits += 8; + } + } +@@ -196,30 +177,30 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + #ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR + if (len <= op - whave) { + do { +- PUP(out) = 0; ++ *out++ = 0; + } while (--len); + continue; + } + len -= op - whave; + do { +- PUP(out) = 0; ++ *out++ = 0; + } while (--op > whave); + if (op == 0) { + from = out - dist; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--len); + continue; + } + #endif + } +- from = window - OFF; ++ from = window; + if (wnext == 0) { /* very common case */ + from += wsize - op; + if (op < len) { /* some from window */ + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); + from = out - dist; /* rest from output */ + } +@@ -230,14 +211,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + if (op < len) { /* some from end of window */ + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); +- from = window - OFF; ++ from = window; + if (wnext < len) { /* some from start of window */ + op = wnext; + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); + from = out - dist; /* rest from output */ + } +@@ -248,35 +229,35 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + if (op < len) { /* some from window */ + len -= op; + do { +- PUP(out) = PUP(from); ++ *out++ = *from++; + } while (--op); + from = out - dist; /* rest from output */ + } + } + while (len > 2) { +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); ++ *out++ = *from++; ++ *out++ = *from++; ++ *out++ = *from++; + len -= 3; + } + if (len) { +- PUP(out) = PUP(from); ++ *out++ = *from++; + if (len > 1) +- PUP(out) = PUP(from); ++ *out++ = *from++; + } + } + else { + from = out - dist; /* copy direct from output */ + do { /* minimum length is three */ +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); +- PUP(out) = PUP(from); ++ *out++ = *from++; ++ *out++ = *from++; ++ *out++ = *from++; + len -= 3; + } while (len > 2); + if (len) { +- PUP(out) = PUP(from); ++ *out++ = *from++; + if (len > 1) +- PUP(out) = PUP(from); ++ *out++ = *from++; + } + } + } +@@ -313,8 +294,8 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ + hold &= (1U << bits) - 1; + + /* update state and return */ +- strm->next_in = in + OFF; +- strm->next_out = out + OFF; ++ strm->next_in = in; ++ strm->next_out = out; + strm->avail_in = (unsigned)(in < last ? 5 + (last - in) : 5 - (in - last)); + strm->avail_out = (unsigned)(out < end ? + 257 + (end - out) : 257 - (out - end)); diff --git a/pkgs/development/libraries/zlib/CVE-2016-9842.patch b/pkgs/development/libraries/zlib/CVE-2016-9842.patch new file mode 100644 index 00000000000..e729f7e162c --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9842.patch @@ -0,0 +1,29 @@ +From e54e1299404101a5a9d0cf5e45512b543967f958 Mon Sep 17 00:00:00 2001 +From: Mark Adler <madler@alumni.caltech.edu> +Date: Sat, 5 Sep 2015 17:45:55 -0700 +Subject: [PATCH] Avoid shifts of negative values inflateMark(). + +The C standard says that bit shifts of negative integers is +undefined. This casts to unsigned values to assure a known +result. +--- + inflate.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index 2889e3a..a718416 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -1506,9 +1506,10 @@ z_streamp strm; + { + struct inflate_state FAR *state; + +- if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16; ++ if (strm == Z_NULL || strm->state == Z_NULL) ++ return (long)(((unsigned long)0 - 1) << 16); + state = (struct inflate_state FAR *)strm->state; +- return ((long)(state->back) << 16) + ++ return (long)(((unsigned long)((long)state->back)) << 16) + + (state->mode == COPY ? state->length : + (state->mode == MATCH ? state->was - state->length : 0)); + } diff --git a/pkgs/development/libraries/zlib/CVE-2016-9843.patch b/pkgs/development/libraries/zlib/CVE-2016-9843.patch new file mode 100644 index 00000000000..1fe4c4daa03 --- /dev/null +++ b/pkgs/development/libraries/zlib/CVE-2016-9843.patch @@ -0,0 +1,49 @@ +From d1d577490c15a0c6862473d7576352a9f18ef811 Mon Sep 17 00:00:00 2001 +From: Mark Adler <madler@alumni.caltech.edu> +Date: Wed, 28 Sep 2016 20:20:25 -0700 +Subject: [PATCH] Avoid pre-decrement of pointer in big-endian CRC calculation. + +There was a small optimization for PowerPCs to pre-increment a +pointer when accessing a word, instead of post-incrementing. This +required prefacing the loop with a decrement of the pointer, +possibly pointing before the object passed. This is not compliant +with the C standard, for which decrementing a pointer before its +allocated memory is undefined. When tested on a modern PowerPC +with a modern compiler, the optimization no longer has any effect. +Due to all that, and per the recommendation of a security audit of +the zlib code by Trail of Bits and TrustInSoft, in support of the +Mozilla Foundation, this "optimization" was removed, in order to +avoid the possibility of undefined behavior. +--- + crc32.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/crc32.c b/crc32.c +index 979a719..05733f4 100644 +--- a/crc32.c ++++ b/crc32.c +@@ -278,7 +278,7 @@ local unsigned long crc32_little(crc, buf, len) + } + + /* ========================================================================= */ +-#define DOBIG4 c ^= *++buf4; \ ++#define DOBIG4 c ^= *buf4++; \ + c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \ + crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24] + #define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4 +@@ -300,7 +300,6 @@ local unsigned long crc32_big(crc, buf, len) + } + + buf4 = (const z_crc_t FAR *)(const void FAR *)buf; +- buf4--; + while (len >= 32) { + DOBIG32; + len -= 32; +@@ -309,7 +308,6 @@ local unsigned long crc32_big(crc, buf, len) + DOBIG4; + len -= 4; + } +- buf4++; + buf = (const unsigned char FAR *)buf4; + + if (len) do { diff --git a/pkgs/development/libraries/zlib/default.nix b/pkgs/development/libraries/zlib/default.nix index e61001e7d6d..21a7e81ce3e 100644 --- a/pkgs/development/libraries/zlib/default.nix +++ b/pkgs/development/libraries/zlib/default.nix @@ -13,6 +13,13 @@ stdenv.mkDerivation rec { sha256 = "039agw5rqvqny92cpkrfn243x2gd4xn13hs3xi6isk55d2vqqr9n"; }; + patches = [ + ./CVE-2016-9840.patch + ./CVE-2016-9841.patch + ./CVE-2016-9842.patch + ./CVE-2016-9843.patch + ]; + postPatch = stdenv.lib.optionalString stdenv.isDarwin '' substituteInPlace configure \ --replace '/usr/bin/libtool' 'ar' \ @@ -81,4 +88,3 @@ stdenv.mkDerivation rec { platforms = platforms.all; }; } - diff --git a/pkgs/development/python-modules/pycairo/default.nix b/pkgs/development/python-modules/pycairo/default.nix index 23e06ff4cb4..e7cf3b4c448 100644 --- a/pkgs/development/python-modules/pycairo/default.nix +++ b/pkgs/development/python-modules/pycairo/default.nix @@ -2,7 +2,7 @@ if (isPyPy) then throw "pycairo not supported for interpreter ${python.executable}" else mkPythonDerivation rec { version = "1.10.0"; - name = "${python.libPrefix}-pycairo-${version}"; + name = "pycairo-${version}"; src = if isPy3k then fetchurl { url = "http://cairographics.org/releases/pycairo-${version}.tar.bz2"; diff --git a/pkgs/development/tools/build-managers/cmake/default.nix b/pkgs/development/tools/build-managers/cmake/default.nix index 1e4bacb0725..fbc6f5be5ca 100644 --- a/pkgs/development/tools/build-managers/cmake/default.nix +++ b/pkgs/development/tools/build-managers/cmake/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig -, bzip2, curl, expat, libarchive, xz, zlib +, bzip2, curl, expat, libarchive, xz, zlib, libuv , useNcurses ? false, ncurses, useQt4 ? false, qt4 , wantPS ? false, ps ? null }: @@ -12,8 +12,8 @@ assert stdenv.cc ? libc; let os = stdenv.lib.optionalString; - majorVersion = "3.6"; - minorVersion = "2"; + majorVersion = "3.7"; + minorVersion = "1"; version = "${majorVersion}.${minorVersion}"; in @@ -24,7 +24,8 @@ stdenv.mkDerivation rec { src = fetchurl { url = "${meta.homepage}files/v${majorVersion}/cmake-${version}.tar.gz"; - sha256 = "0imkz04ncz6cv5659qfd4scm99k3siq7zrrsa8pvp663d8mf76hq"; + # from https://cmake.org/files/v3.7/cmake-3.7.1-SHA-256.txt + sha256 = "449a5bce64dbd4d5b9517ebd1a1248ed197add6ad27934478976fd5f1f9330e1"; }; # Don't search in non-Nix locations such as /usr, but do search in our libc. @@ -37,7 +38,7 @@ stdenv.mkDerivation rec { setupHook = ./setup-hook.sh; buildInputs = - [ setupHook pkgconfig bzip2 curl expat libarchive xz zlib ] + [ setupHook pkgconfig bzip2 curl expat libarchive xz zlib libuv ] ++ optional useNcurses ncurses ++ optional useQt4 qt4; diff --git a/pkgs/os-specific/darwin/apple-sdk/default.nix b/pkgs/os-specific/darwin/apple-sdk/default.nix index c1e09c20111..1148fe5c4a1 100644 --- a/pkgs/os-specific/darwin/apple-sdk/default.nix +++ b/pkgs/os-specific/darwin/apple-sdk/default.nix @@ -31,6 +31,10 @@ let mv System/* . rmdir System + pushd lib + ln -s -L /usr/lib/libcups*.dylib . + popd + cd Library/Frameworks/QuartzCore.framework/Versions/A/Headers for file in CI*.h; do rm $file diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 4fbd2d76e99..4108bc60c27 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -217,7 +217,7 @@ let libresolv = applePackage "libresolv" "osx-10.11.6" "09flfdi3dlzq0yap32sxidacpc4nn4va7z12a6viip21ix2xb2gf" {}; Libsystem = applePackage "Libsystem" "osx-10.11.6" "1nfkmbqml587v2s1d1y2s2v8nmr577jvk51y6vqrfvsrhdhc2w94" {}; libutil = applePackage "libutil" "osx-10.11.6" "1gmgmcyqdyc684ih7dimdmxdljnq7mzjy5iqbf589wc0pa8h5abm" {}; - libunwind = applePackage "libunwind" "osx-10.11.6" "16nhx2pahh9d62mvszc88q226q5lwjankij276fxwrm8wb50zzlx" {}; + libunwind = applePackage "libunwind" "osx-10.11.6" "0miffaa41cv0lzf8az5k1j1ng8jvqvxcr4qrlkf3xyj479arbk1b" {}; mDNSResponder = applePackage "mDNSResponder" "osx-10.11.6" "069incq28a78yh1bnr17h9cd5if5mwqpq8ahnkyxxx25fkaxgzcf" {}; objc4 = applePackage "objc4" "osx-10.11.6" "00b7vbgxni8frrqyi69b4njjihlwydzjd9zj9x4z5dbx8jabkvrj" {}; ppp = applePackage "ppp" "osx-10.11.6" "1dql6r1v0vbcs04958nn2i6p31yfsxyy51jca63bm5mf0gxalk3f" {}; diff --git a/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix index 81a45d99a86..b4b2b685895 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libunwind/default.nix @@ -1,15 +1,16 @@ { stdenv, appleDerivation, dyld, osx_private_sdk }: appleDerivation { - phases = [ "unpackPhase" "installPhase" ]; + buildPhase = ":"; + # install headers only installPhase = '' mkdir -p $out/lib cp -R include $out/include ''; meta = with stdenv.lib; { - maintainers = with maintainers; [ copumpkin ]; + maintainers = with maintainers; [ copumpkin lnl7 ]; platforms = platforms.darwin; license = licenses.apsl20; }; diff --git a/pkgs/servers/samba/4.x.nix b/pkgs/servers/samba/4.x.nix index 2dfdf3709ee..51bee4f0b4c 100644 --- a/pkgs/servers/samba/4.x.nix +++ b/pkgs/servers/samba/4.x.nix @@ -19,11 +19,11 @@ with lib; stdenv.mkDerivation rec { name = "samba-${version}"; - version = "4.4.6"; + version = "4.5.3"; src = fetchurl { url = "mirror://samba/pub/samba/stable/${name}.tar.gz"; - sha256 = "1361ijz7vpgf66w3j9z7qb37rnlrydxw01ibjnfhjqqcb7fj7i1p"; + sha256 = "1jif95684swssqwp9v3i2r08cn3r2iddf6ly68db4wmvl5ac8vgh"; }; outputs = [ "out" "dev" "man" ]; diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index 8f09a677b8e..ec6be06ede3 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -13,11 +13,11 @@ with lib; let self = stdenv.mkDerivation rec { - name = "coreutils-8.25"; + name = "coreutils-8.26"; src = fetchurl { url = "mirror://gnu/coreutils/${name}.tar.xz"; - sha256 = "11yfrnb94xzmvi4lhclkcmkqsbhww64wf234ya1aacjvg82prrii"; + sha256 = "13lspazc7xkviy93qz7ks9jv4sldvgmwpq36ghrbrqpq93br8phm"; }; # FIXME needs gcc 4.9 in bootstrap tools diff --git a/pkgs/tools/text/gnugrep/default.nix b/pkgs/tools/text/gnugrep/default.nix index 3e714871827..b9dca2e8709 100644 --- a/pkgs/tools/text/gnugrep/default.nix +++ b/pkgs/tools/text/gnugrep/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, pcre, libiconv, perl }: -let version = "2.25"; in +let version = "2.27"; in stdenv.mkDerivation { name = "gnugrep-${version}"; src = fetchurl { url = "mirror://gnu/grep/grep-${version}.tar.xz"; - sha256 = "0c38b67cnwchwzv4wq2gpz6smkhdxrac2hhssv8f0l04qnx867p2"; + sha256 = "1syadppgpxpfhpwhhqcsibrn131azypzps5aicx1qjh74d6w8k5d"; }; # Perl is needed for testing diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a35ef13bb43..77164a08bbc 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2559,7 +2559,9 @@ in leafpad = callPackage ../applications/editors/leafpad { }; - leatherman = callPackage ../development/libraries/leatherman {}; + leatherman = callPackage ../development/libraries/leatherman { + boost = boost160; + }; leela = callPackage ../tools/graphics/leela { }; @@ -6740,7 +6742,7 @@ in boost159 = callPackage ../development/libraries/boost/1.59.nix { }; boost160 = callPackage ../development/libraries/boost/1.60.nix { }; boost162 = callPackage ../development/libraries/boost/1.62.nix { }; - boost = boost160; + boost = boost162; boost_process = callPackage ../development/libraries/boost-process { }; @@ -9659,7 +9661,7 @@ in }; wxmac = callPackage ../development/libraries/wxmac { - inherit (darwin.apple_sdk.frameworks) AGL Cocoa Kernel QuickTime; + inherit (darwin.apple_sdk.frameworks) AGL Cocoa Kernel; inherit (darwin.stubs) setfile rez derez; }; @@ -10299,11 +10301,11 @@ in mariadb = callPackage ../servers/sql/mariadb { inherit (darwin) cctools; inherit (pkgs.darwin.apple_sdk.frameworks) CoreServices; - boost = boost159; }; mongodb = callPackage ../servers/nosql/mongodb { sasl = cyrus_sasl; + boost = boost160; inherit (darwin.apple_sdk.frameworks) Security; }; @@ -15043,7 +15045,9 @@ in tuxguitar = callPackage ../applications/editors/music/tuxguitar { }; - twister = callPackage ../applications/networking/p2p/twister { }; + twister = callPackage ../applications/networking/p2p/twister { + boost = boost160; + }; twmn = qt5.callPackage ../applications/misc/twmn { }; @@ -15718,7 +15722,9 @@ in dhewm3 = callPackage ../games/dhewm3 {}; - digikam5 = kde5.callPackage ../applications/graphics/digikam/5.nix {}; + digikam5 = kde5.callPackage ../applications/graphics/digikam/5.nix { + boost = boost160; + }; drumkv1 = callPackage ../applications/audio/drumkv1 { }; @@ -15777,7 +15783,9 @@ in freedink = callPackage ../games/freedink { }; - freeorion = callPackage ../games/freeorion { }; + freeorion = callPackage ../games/freeorion { + boost = boost160; + }; frotz = callPackage ../games/frotz { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index aa94c114371..693fe1028e0 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -10748,11 +10748,12 @@ in { docutils = buildPythonPackage rec { - name = "docutils-0.12"; + name = "docutils-${version}"; + version = "0.13.1"; src = pkgs.fetchurl { url = "mirror://sourceforge/docutils/${name}.tar.gz"; - sha256 = "c7db717810ab6965f66c8cf0398a98c9d8df982da39b4cd7f162911eb89596fa"; + sha256 = "1gkma47i609jfs7dssxn4y9vsz06qi0l5q41nws0zgkpnrghz33i"; }; # error: invalid command 'test' @@ -10761,7 +10762,7 @@ in { meta = { description = "An open-source text processing system for processing plaintext documentation into useful formats, such as HTML or LaTeX"; homepage = http://docutils.sourceforge.net/; - maintainers = with maintainers; [ garbas ]; + maintainers = with maintainers; [ garbas AndersonTorres ]; }; }; @@ -13897,16 +13898,16 @@ in { llvmlite = callPackage ../development/python-modules/llvmlite {llvm=pkgs.llvm_38;}; lockfile = buildPythonPackage rec { - name = "lockfile-${version}"; - version = "0.10.2"; + pname = "lockfile"; + version = "0.12.2"; + name = "${pname}-${version}"; src = pkgs.fetchurl { - sha256 = "0zi7amj3y55lp6339w217zksn1a0ssfvscmv059g2wvnyjqi6f95"; - url = "https://github.com/openstack/pylockfile/archive/${version}.tar.gz"; + url = "mirror://pypi/${builtins.substring 0 1 pname}/${pname}/${name}.tar.gz"; + sha256 = "6aed02de03cba24efabcd600b30540140634fc06cfa603822d508d5361e9f799"; }; - OSLO_PACKAGE_VERSION = "${version}"; buildInputs = with self; [ - pbr nose sphinx_1_2 + pbr nose ]; checkPhase = '' @@ -24435,20 +24436,25 @@ in { sphinx = buildPythonPackage (rec { name = "${pname}-${version}"; pname = "Sphinx"; - version = "1.4.6"; + version = "1.5.1"; src = pkgs.fetchurl { - url = "mirror://pypi/S/${pname}/${name}.tar.gz"; - sha256 = "1lvr39ab5sjp894jshk39xidlxw9vc735882cgcfr4dlm4546hwy"; + url = "mirror://pypi/${builtins.substring 0 1 pname}/${pname}/${name}.tar.gz"; + sha256 = "8e6a77a20b2df950de322fc32f3b508697d9d654fe984e3cc88f446a5b4c17c5"; }; LC_ALL = "en_US.UTF-8"; - buildInputs = with self; [ nose simplejson mock pkgs.glibcLocales ]; - patchPhase = '' sed -i '$ d' tests/test_setup_command.py ''; - checkPhase = '' PYTHON=${python.executable} make test ''; + buildInputs = with self; [ nose simplejson mock pkgs.glibcLocales html5lib ] ++ optional (pythonOlder "3.4") self.enum34; + # Disable two tests that require network access. + postPatch = '' + substituteInPlace tests/test_build_linkcheck.py --replace test_defaults dont_test_defaults + substituteInPlace tests/test_build_linkcheck.py --replace test_anchors_ignored dont_test_anchors_ignored + ''; + checkPhase = '' + make test + ''; propagatedBuildInputs = with self; [ docutils jinja2 pygments - sphinx_rtd_theme alabaster Babel snowballstemmer @@ -24456,6 +24462,7 @@ in { sqlalchemy whoosh imagesize + requests2 ]; meta = { description = "A tool that makes it easy to create intelligent and beautiful documentation for Python projects"; @@ -24472,7 +24479,7 @@ in { url = "mirror://pypi/s/sphinx/sphinx-1.2.3.tar.gz"; sha256 = "94933b64e2fe0807da0612c574a021c0dac28c7bd3c4a23723ae5a39ea8f3d04"; }; - patches = []; + postPatch = ''''; # Tests requires Pygments >=2.0.2 which isn't worth keeping around for this: doCheck = false; }; |