diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2015-07-17 06:37:13 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2015-07-17 06:38:04 +0200 |
commit | 9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c (patch) | |
tree | 946e5c7626f668079bcf35caf203a52c5d33f3c7 /pkgs/development | |
parent | cf8309ef34b9ec18bc9aeca9e63f984e1be19b56 (diff) | |
parent | 967abfc78660d0e49a32eac8fe19cec4b6b79d5c (diff) | |
download | nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.tar nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.tar.gz nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.tar.bz2 nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.tar.lz nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.tar.xz nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.tar.zst nixpkgs-9f37e91ec502b68e7a8ebc71b7bf37ad02092a0c.zip |
Merge master into staging
There are larger-rebuild changes: gnutls and samba.
Diffstat (limited to 'pkgs/development')
-rw-r--r-- | pkgs/development/haskell-modules/hackage-packages.nix | 4 | ||||
-rw-r--r-- | pkgs/development/libraries/ffmpeg-full/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/libraries/ffmpeg/2.7.nix | 7 | ||||
-rw-r--r-- | pkgs/development/libraries/gnutls/3.3.nix | 4 | ||||
-rw-r--r-- | pkgs/development/libraries/gnutls/3.4.nix | 4 | ||||
-rw-r--r-- | pkgs/development/libraries/libinput/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/libraries/libwmf/CVE-2006-3376.patch | 28 | ||||
-rw-r--r-- | pkgs/development/libraries/libwmf/CVE-2009-1364.patch | 11 | ||||
-rw-r--r-- | pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch | 186 | ||||
-rw-r--r-- | pkgs/development/libraries/libwmf/default.nix | 5 | ||||
-rw-r--r-- | pkgs/development/lisp-modules/lisp-packages.nix | 24 | ||||
-rw-r--r-- | pkgs/development/python-modules/setuptools/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/tools/misc/lsof/default.nix | 11 |
13 files changed, 266 insertions, 30 deletions
diff --git a/pkgs/development/haskell-modules/hackage-packages.nix b/pkgs/development/haskell-modules/hackage-packages.nix index c62f9071c5f..86a98e6f3f4 100644 --- a/pkgs/development/haskell-modules/hackage-packages.nix +++ b/pkgs/development/haskell-modules/hackage-packages.nix @@ -121097,8 +121097,8 @@ self: { }: mkDerivation { pname = "stripe-haskell"; - version = "0.1.4.0"; - sha256 = "09s699h2b641bakcgf3f2cwdqb4qb37b4y31vpcq3k8pkbmhy8sf"; + version = "0.1.4.1"; + sha256 = "a0ffc70616d4eb86a9e0e0fcb1751cc48f3b6f618d07cf2bb96090276d64d218"; buildDepends = [ aeson base bytestring either HsOpenSSL http-streams io-streams mtl random text time transformers unordered-containers diff --git a/pkgs/development/libraries/ffmpeg-full/default.nix b/pkgs/development/libraries/ffmpeg-full/default.nix index 7d108ba81ef..555576d3a36 100644 --- a/pkgs/development/libraries/ffmpeg-full/default.nix +++ b/pkgs/development/libraries/ffmpeg-full/default.nix @@ -231,11 +231,11 @@ assert x11grabExtlib -> libX11 != null && libXv != null; stdenv.mkDerivation rec { name = "ffmpeg-${version}"; - version = "2.6.3"; + version = "2.7.1"; src = fetchurl { url = "https://www.ffmpeg.org/releases/${name}.tar.bz2"; - sha256 = "1yqc3vm1xrwf866q262qd4nr9d6ifp4gg183pjdc4sl9np0rissr"; + sha256 = "087pyx1wxvniq3wgj6z80wrb7ampwwsmwndmr7lymzhm4iyvj1vy"; }; patchPhase = ''patchShebangs .''; diff --git a/pkgs/development/libraries/ffmpeg/2.7.nix b/pkgs/development/libraries/ffmpeg/2.7.nix new file mode 100644 index 00000000000..3e4708fdf46 --- /dev/null +++ b/pkgs/development/libraries/ffmpeg/2.7.nix @@ -0,0 +1,7 @@ +{ callPackage, ... } @ args: + +callPackage ./generic.nix (args // rec { + version = "${branch}.1"; + branch = "2.7"; + sha256 = "087pyx1wxvniq3wgj6z80wrb7ampwwsmwndmr7lymzhm4iyvj1vy"; +}) diff --git a/pkgs/development/libraries/gnutls/3.3.nix b/pkgs/development/libraries/gnutls/3.3.nix index a2c04506a6c..bd95ce07254 100644 --- a/pkgs/development/libraries/gnutls/3.3.nix +++ b/pkgs/development/libraries/gnutls/3.3.nix @@ -1,10 +1,10 @@ { callPackage, fetchurl, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.3.15"; + version = "3.3.16"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-${version}.tar.lz"; - sha256 = "166nynb055vlh6dm1gaqwpcnf4mp7ks8lz2yvm7dlsrkbh3swj5m"; + sha256 = "1jl5n02mh83ygrrk7rq8vwylv5gdr3wccqs1ynvzr749fd2wq637"; }; }) diff --git a/pkgs/development/libraries/gnutls/3.4.nix b/pkgs/development/libraries/gnutls/3.4.nix index 614834252fa..0558e4127c4 100644 --- a/pkgs/development/libraries/gnutls/3.4.nix +++ b/pkgs/development/libraries/gnutls/3.4.nix @@ -1,10 +1,10 @@ { callPackage, fetchurl, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.4.2"; + version = "3.4.3"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-${version}.tar.lz"; - sha256 = "1wzasbrs4ncq4yisqyvifl7mzlyyg1pb0idr4fhjmcfpi13sxlaw"; + sha256 = "1q4adb1xi9pl00iy3cqs4r1qmwllv1g1r44p6xsg6n65dpyf53q2"; }; }) diff --git a/pkgs/development/libraries/libinput/default.nix b/pkgs/development/libraries/libinput/default.nix index 28880a3ac68..f02b0af8270 100644 --- a/pkgs/development/libraries/libinput/default.nix +++ b/pkgs/development/libraries/libinput/default.nix @@ -15,11 +15,11 @@ in with stdenv.lib; stdenv.mkDerivation rec { - name = "libinput-0.17.0"; + name = "libinput-0.20.0"; src = fetchurl { url = "http://www.freedesktop.org/software/libinput/${name}.tar.xz"; - sha256 = "1nr8zg99hk6lz2g2kdvlz13i7cwvrsakakrn3c1w2id7wcxj9nxp"; + sha256 = "0p8jswag33qjjxd8766hzk460bzhzhw32b6hl2i17aygjz7dynqp"; }; configureFlags = [ diff --git a/pkgs/development/libraries/libwmf/CVE-2006-3376.patch b/pkgs/development/libraries/libwmf/CVE-2006-3376.patch new file mode 100644 index 00000000000..4c7519d9c10 --- /dev/null +++ b/pkgs/development/libraries/libwmf/CVE-2006-3376.patch @@ -0,0 +1,28 @@ +--- libwmf-0.2.8.4.orig/src/player.c ++++ libwmf-0.2.8.4/src/player.c +@@ -23,6 +23,7 @@ + + #include <stdio.h> + #include <stdlib.h> ++#include <stdint.h> + #include <string.h> + #include <math.h> + +@@ -132,8 +133,14 @@ + } + } + +-/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char)); +- */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); ++ if (MAX_REC_SIZE(API) > UINT32_MAX / 2) ++ { ++ API->err = wmf_E_InsMem; ++ WMF_DEBUG (API,"bailing..."); ++ return (API->err); ++ } ++ ++ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); + + if (ERR (API)) + { WMF_DEBUG (API,"bailing..."); + diff --git a/pkgs/development/libraries/libwmf/CVE-2009-1364.patch b/pkgs/development/libraries/libwmf/CVE-2009-1364.patch new file mode 100644 index 00000000000..e2a4501662c --- /dev/null +++ b/pkgs/development/libraries/libwmf/CVE-2009-1364.patch @@ -0,0 +1,11 @@ +--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c +@@ -70,6 +70,7 @@ + { more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle)); + if (more == 0) return; + im->clip->max += 8; ++ im->clip->list = more; + } + im->clip->list[im->clip->count] = (*rect); + im->clip->count++; + diff --git a/pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch b/pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch new file mode 100644 index 00000000000..54d47800298 --- /dev/null +++ b/pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch @@ -0,0 +1,186 @@ +--- libwmf-0.2.8.4.orig/src/player/meta.h ++++ libwmf-0.2.8.4/src/player/meta.h +@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,w + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -2593,9 +2593,10 @@ static int meta_dc_restore (wmfAPI* API, + polyrect.BR = 0; + + polyrect.count = 0; ++ ++ if (FR->region_clip) FR->region_clip (API,&polyrect); + } + +- if (FR->region_clip) FR->region_clip (API,&polyrect); + + return (changed); + } +@@ -3067,7 +3068,7 @@ static int meta_pen_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3181,7 +3182,7 @@ static int meta_brush_create (wmfAPI* AP + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3288,7 +3289,7 @@ static int meta_font_create (wmfAPI* API + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3396,7 +3397,7 @@ static int meta_palette_create (wmfAPI* + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +--- libwmf-0.2.8.4.orig/src/ipa/ipa.h ++++ libwmf-0.2.8.4/src/ipa/ipa.h +@@ -48,7 +48,7 @@ static int ReadBlobByte (BMPS + static unsigned short ReadBlobLSBShort (BMPSource*); + static unsigned long ReadBlobLSBLong (BMPSource*); + static long TellBlob (BMPSource*); +-static void DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); ++static int DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); + static void ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*); + static int ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int); + static void SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int); +--- libwmf-0.2.8.4.orig/src/ipa/ipa/bmp.h ++++ libwmf-0.2.8.4/src/ipa/ipa/bmp.h +@@ -859,7 +859,7 @@ static long TellBlob (BMPSource* src) + % + % + */ +-static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) ++static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) + { int byte; + int count; + int i; +@@ -870,12 +870,14 @@ static void DecodeImage (wmfAPI* API,wmf + U32 u; + + unsigned char* q; ++ unsigned char* end; + + for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0; + + byte = 0; + x = 0; + q = pixels; ++ end = pixels + bmp->width * bmp->height; + + for (y = 0; y < bmp->height; ) + { count = ReadBlobByte (src); +@@ -884,7 +886,10 @@ static void DecodeImage (wmfAPI* API,wmf + { /* Encoded mode. */ + byte = ReadBlobByte (src); + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = (unsigned char) byte; + } + else +@@ -896,13 +901,15 @@ static void DecodeImage (wmfAPI* API,wmf + else + { /* Escape mode. */ + count = ReadBlobByte (src); +- if (count == 0x01) return; ++ if (count == 0x01) return 1; + switch (count) + { + case 0x00: + { /* End of line. */ + x = 0; + y++; ++ if (y >= bmp->height) ++ return 0; + q = pixels + y * bmp->width; + break; + } +@@ -910,13 +917,20 @@ static void DecodeImage (wmfAPI* API,wmf + { /* Delta mode. */ + x += ReadBlobByte (src); + y += ReadBlobByte (src); ++ if (y >= bmp->height) ++ return 0; ++ if (x >= bmp->width) ++ return 0; + q = pixels + y * bmp->width + x; + break; + } + default: + { /* Absolute mode. */ + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = ReadBlobByte (src); + } + else +@@ -943,7 +957,7 @@ static void DecodeImage (wmfAPI* API,wmf + byte = ReadBlobByte (src); /* end of line */ + byte = ReadBlobByte (src); + +- return; ++ return 1; + } + + /* +@@ -1143,8 +1157,18 @@ static void ReadBMPImage (wmfAPI* API,wm + } + } + else +- { /* Convert run-length encoded raster pixels. */ +- DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image); ++ { ++ if (bmp_info.bits_per_pixel == 8) /* Convert run-length encoded raster pixels. */ ++ { ++ if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image)) ++ { WMF_ERROR (API,"corrupt bmp"); ++ API->err = wmf_E_BadFormat; ++ } ++ } ++ else ++ { WMF_ERROR (API,"Unexpected pixel depth"); ++ API->err = wmf_E_BadFormat; ++ } + } + + if (ERR (API)) diff --git a/pkgs/development/libraries/libwmf/default.nix b/pkgs/development/libraries/libwmf/default.nix index 95740882a93..bdede8f18cf 100644 --- a/pkgs/development/libraries/libwmf/default.nix +++ b/pkgs/development/libraries/libwmf/default.nix @@ -11,6 +11,11 @@ stdenv.mkDerivation { buildInputs = [ zlib imagemagick libpng pkgconfig glib freetype libjpeg libxml2 ]; + patches = [ + ./CVE-2006-3376.patch ./CVE-2009-1364.patch + ./CVE-2015-0848+4588+4695+4696.patch + ]; + meta = { description = "WMF library from wvWare"; }; diff --git a/pkgs/development/lisp-modules/lisp-packages.nix b/pkgs/development/lisp-modules/lisp-packages.nix index 5e2bdd0cc54..07372153032 100644 --- a/pkgs/development/lisp-modules/lisp-packages.nix +++ b/pkgs/development/lisp-modules/lisp-packages.nix @@ -72,14 +72,13 @@ let lispPackages = rec { cl-unification = buildLispPackage rec { baseName = "cl-unification"; - version = "cvs-2013-10-28"; + version = "git-2015-07-01"; description = ""; deps = []; - src = pkgs.fetchcvs { - sha256 = "a574b7f9615232366e3e5e7ee400d60dbff23f6d0e1def5a3c77aafdfd786e6a"; - date = ''2013-10-28''; - module = ''cl-unification''; - cvsRoot = '':pserver:anonymous:anonymous@common-lisp.net:/project/cl-unification/cvsroot''; + src = pkgs.fetchgit { + url = "https://gitlab.common-lisp.net/cl-unification/cl-unification.git"; + sha256 = "01k2k7n98flnzm6mipk4xq2rqmjkjg8rcv4dsgifyxhqjwqf0l24"; + rev = ''283c94d38d11c806a1fc9db022f0b54dced93bab''; }; }; @@ -539,15 +538,14 @@ let lispPackages = rec { cl-smtp = buildLispPackage rec { baseName = "cl-smtp"; - version = "cvs-2014-11-15"; + version = "git-2015-07-01"; description = "SMTP client library"; deps = [cl-ssl cl-base64 flexi-streams trivial-gray-streams usocket]; - # Source type: cvs - src = pkgs.fetchcvs { - sha256 = "15b7lvayn1izzfism7s7rcw2mv1hwgp9l2lgb5na9qxmqzjlw0r9"; - date = ''2014-11-15''; - module = ''cl-smtp''; - cvsRoot = '':pserver:anonymous:anonymous@common-lisp.net:/project/cl-smtp/cvsroot''; + # Source type: git + src = pkgs.fetchgit { + url = "https://gitlab.common-lisp.net/cl-smtp/cl-smtp.git"; + sha256 = "1i66x351cj114r2i8j6bhif5fcysfq5ia91hv7ksjqa4q7rfmpw2"; + rev = ''2bf946c1d561c0085dba6d6337e3e53d9711a5d2''; }; }; diff --git a/pkgs/development/python-modules/setuptools/default.nix b/pkgs/development/python-modules/setuptools/default.nix index 5db34a9d49d..f6030bb9526 100644 --- a/pkgs/development/python-modules/setuptools/default.nix +++ b/pkgs/development/python-modules/setuptools/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { shortName = "setuptools-${version}"; name = "${python.executable}-${shortName}"; - version = "7.0"; + version = "18.0.1"; src = fetchurl { url = "http://pypi.python.org/packages/source/s/setuptools/${shortName}.tar.gz"; - sha256 = "0qg07f035agwcz9m0p3kgdjs18xpl3h00rv28aqsfdyz1wm1m76x"; + sha256 = "152b4qlpqc54939vfx5ipjpgx0kln02n3ywpm6x25pqysngwjjad"; }; buildInputs = [ python wrapPython distutils-cfg ]; diff --git a/pkgs/development/tools/misc/lsof/default.nix b/pkgs/development/tools/misc/lsof/default.nix index af9145bc409..53bbcf22842 100644 --- a/pkgs/development/tools/misc/lsof/default.nix +++ b/pkgs/development/tools/misc/lsof/default.nix @@ -1,11 +1,12 @@ -{stdenv, fetchurl}: +{ stdenv, fetchurl }: -stdenv.mkDerivation { - name = "lsof-4.88"; +stdenv.mkDerivation rec { + name = "lsof-${version}"; + version = "4.89"; src = fetchurl { - url = "ftp://sunsite.ualberta.ca/pub/Mirror/lsof/lsof_4.88.tar.bz2"; - sha256 = "16y9wm26rg81mihnzcbdg8h8vhxmq8kn62ssxb8cqydp4q79nvzy"; + url = "ftp://sunsite.ualberta.ca/pub/Mirror/lsof/lsof_${version}.tar.bz2"; + sha256 = "061p18v0mhzq517791xkjs8a5dfynq1418a1mwxpji69zp2jzb41"; }; unpackPhase = "tar xvjf $src; cd lsof_*; tar xvf lsof_*.tar; sourceRoot=$( echo lsof_*/); "; |