From 1fdd432ffabfc81ec7395ebeb0c3d18e96221804 Mon Sep 17 00:00:00 2001 From: Andrew Kelley Date: Wed, 8 Jul 2015 17:03:49 -0700 Subject: [PATCH 01/41] ffmpeg: 2.6.3 -> 2.7.1 --- pkgs/development/libraries/ffmpeg-full/default.nix | 4 ++-- pkgs/development/libraries/ffmpeg/2.7.nix | 7 +++++++ pkgs/top-level/all-packages.nix | 3 ++- 3 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 pkgs/development/libraries/ffmpeg/2.7.nix diff --git a/pkgs/development/libraries/ffmpeg-full/default.nix b/pkgs/development/libraries/ffmpeg-full/default.nix index 7d108ba81ef0..555576d3a360 100644 --- a/pkgs/development/libraries/ffmpeg-full/default.nix +++ b/pkgs/development/libraries/ffmpeg-full/default.nix @@ -231,11 +231,11 @@ assert x11grabExtlib -> libX11 != null && libXv != null; stdenv.mkDerivation rec { name = "ffmpeg-${version}"; - version = "2.6.3"; + version = "2.7.1"; src = fetchurl { url = "https://www.ffmpeg.org/releases/${name}.tar.bz2"; - sha256 = "1yqc3vm1xrwf866q262qd4nr9d6ifp4gg183pjdc4sl9np0rissr"; + sha256 = "087pyx1wxvniq3wgj6z80wrb7ampwwsmwndmr7lymzhm4iyvj1vy"; }; patchPhase = ''patchShebangs .''; diff --git a/pkgs/development/libraries/ffmpeg/2.7.nix b/pkgs/development/libraries/ffmpeg/2.7.nix new file mode 100644 index 000000000000..3e4708fdf466 --- /dev/null +++ b/pkgs/development/libraries/ffmpeg/2.7.nix @@ -0,0 +1,7 @@ +{ callPackage, ... } @ args: + +callPackage ./generic.nix (args // rec { + version = "${branch}.1"; + branch = "2.7"; + sha256 = "087pyx1wxvniq3wgj6z80wrb7ampwwsmwndmr7lymzhm4iyvj1vy"; +}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4dbd291e304f..4efafc67348c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6111,10 +6111,11 @@ let ffmpeg_1_2 = import ../development/libraries/ffmpeg/1.2.nix { inherit callPackage; }; ffmpeg_2_2 = import ../development/libraries/ffmpeg/2.2.nix { inherit callPackage; }; ffmpeg_2_6 = import ../development/libraries/ffmpeg/2.6.nix { inherit callPackage; }; + ffmpeg_2_7 = import ../development/libraries/ffmpeg/2.7.nix { inherit callPackage; }; # Aliases ffmpeg_0 = ffmpeg_0_10; ffmpeg_1 = ffmpeg_1_2; - ffmpeg_2 = ffmpeg_2_6; + ffmpeg_2 = ffmpeg_2_7; ffmpeg = ffmpeg_2; ffmpeg-full = callPackage ../development/libraries/ffmpeg-full { From db3602b5d6a928a69cc00d837d513817bdabe1c4 Mon Sep 17 00:00:00 2001 From: "Jason \"Don\" O'Conal" Date: Fri, 10 Jul 2015 10:18:29 +1000 Subject: [PATCH 02/41] gnupg: fix build on darwin --- pkgs/tools/security/gnupg/20.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/security/gnupg/20.nix b/pkgs/tools/security/gnupg/20.nix index 542baa95efe2..016b22916ead 100644 --- a/pkgs/tools/security/gnupg/20.nix +++ b/pkgs/tools/security/gnupg/20.nix @@ -21,7 +21,8 @@ stdenv.mkDerivation rec { buildInputs = [ readline zlib libgpgerror libgcrypt libassuan libksba pth - openldap bzip2 libusb curl libiconv ]; + openldap bzip2 curl libiconv ] + ++ stdenv.lib.optional (!stdenv.isDarwin) libusb; patchPhase = '' find tests -type f | xargs sed -e 's@/bin/pwd@${coreutils}&@g' -i From 05a8ad5a806cf915c1e636e18763dec48d842214 Mon Sep 17 00:00:00 2001 From: Spencer Janssen Date: Mon, 13 Jul 2015 16:50:46 -0500 Subject: [PATCH 03/41] flexget: 1.2.278 -> 1.2.337 --- pkgs/top-level/python-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index ad152d25f75a..85cf0e63915e 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -5538,13 +5538,13 @@ let }; flexget = buildPythonPackage rec { - version = "1.2.278"; + version = "1.2.337"; name = "FlexGet-${version}"; disabled = isPy3k; src = pkgs.fetchurl { url = "https://pypi.python.org/packages/source/F/FlexGet/${name}.tar.gz"; - md5 = "9c8e41d9e59d53cf2c720661b2880719"; + md5 = "2c249c43bc594726f908b1425a8b8081"; }; doCheck = false; From 368fee5ff323ee7c1e4b72f9245dc6d893173a73 Mon Sep 17 00:00:00 2001 From: Sam Griffin Date: Sun, 12 Jul 2015 23:43:53 -0400 Subject: [PATCH 04/41] bitcoin: 0.10.2 -> 0.11.0 --- pkgs/applications/altcoins/bitcoin.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/altcoins/bitcoin.nix b/pkgs/applications/altcoins/bitcoin.nix index 7be2b90551ec..bdd0335fe3b5 100644 --- a/pkgs/applications/altcoins/bitcoin.nix +++ b/pkgs/applications/altcoins/bitcoin.nix @@ -6,14 +6,14 @@ with stdenv.lib; stdenv.mkDerivation rec{ name = "bitcoin" + (toString (optional (!withGui) "d")) + "-" + version; - core_version = "0.10.2"; + core_version = "0.11.0"; version = core_version; src = fetchurl { urls = [ "https://bitcoin.org/bin/bitcoin-core-${core_version}/bitcoin-${version}.tar.gz" "mirror://sourceforge/bitcoin/Bitcoin/bitcoin-${core_version}/bitcoin-${version}.tar.gz" ]; - sha256 = "cddf96c71d0a35524fde93380981cf0cf0b51441454a3a68b9be491b9239bfec"; + sha256 = "51ba1756addfa71567559e3f22331c1d908a63571891287689fff7113035d09f"; }; buildInputs = [ pkgconfig autoreconfHook openssl db48 boost zlib From 3f2de3eb64fea48a3da646d125b309c0e7f3f1db Mon Sep 17 00:00:00 2001 From: Leonardo Cecchi Date: Mon, 13 Jul 2015 09:20:43 +0200 Subject: [PATCH 05/41] leo-editor: init at 5.1 --- .../editors/leo-editor/default.nix | 23 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 25 insertions(+) create mode 100644 pkgs/applications/editors/leo-editor/default.nix diff --git a/pkgs/applications/editors/leo-editor/default.nix b/pkgs/applications/editors/leo-editor/default.nix new file mode 100644 index 000000000000..4c7e3cc08af7 --- /dev/null +++ b/pkgs/applications/editors/leo-editor/default.nix @@ -0,0 +1,23 @@ +{ stdenv, pythonPackages, fetchgit }: +pythonPackages.buildPythonPackage rec { + name = "leo-editor-${version}"; + version = "5.1"; + + namePrefix = ""; + + src = fetchgit { + url = "https://github.com/leo-editor/leo-editor"; + rev = "refs/tags/Leo-${version}-final"; + sha256 = "3cc5259609890bbde9cfee71f4f60b959b3f5b740f7d403c99ea2d9796b4758e"; + }; + + propagatedBuildInputs = with pythonPackages; [ pyqt4 sqlite3 ]; + + meta = { + homepage = "http://leoeditor.com"; + description = "A powerful folding editor"; + longDescription = "Leo is a PIM, IDE and outliner that accelerates the work flow of programmers, authors and web designers."; + license = stdenv.lib.licenses.mit; + maintainers = with stdenv.lib.maintainers; [ leonardoce ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e6b9bd719884..ec46f3edd2b9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11845,6 +11845,8 @@ let inherit (gnome) libglade; }; + leo-editor = callPackage ../applications/editors/leo-editor { }; + libowfat = callPackage ../development/libraries/libowfat { }; librecad = callPackage ../applications/misc/librecad { }; From 4f4fa581999fffe787882413f0cb5f00754bb2f2 Mon Sep 17 00:00:00 2001 From: Brandon Carrell Date: Tue, 14 Jul 2015 19:18:08 -0400 Subject: [PATCH 06/41] cassandra-1.2: Add package. - Add myself to maintainers. - Add package to all-packages.nix. --- lib/maintainers.nix | 1 + pkgs/servers/nosql/cassandra/1.2.nix | 52 ++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 1 + 3 files changed, 54 insertions(+) create mode 100644 pkgs/servers/nosql/cassandra/1.2.nix diff --git a/lib/maintainers.nix b/lib/maintainers.nix index 73156ac0b25f..0c76df9c0449 100644 --- a/lib/maintainers.nix +++ b/lib/maintainers.nix @@ -35,6 +35,7 @@ aycanirican = "Aycan iRiCAN "; balajisivaraman = "Balaji Sivaraman"; bbenoist = "Baptist BENOIST "; + bcarrell = "Brandon Carrell "; bcdarwin = "Ben Darwin "; bdimcheff = "Brandon Dimcheff "; bennofs = "Benno Fünfstück "; diff --git a/pkgs/servers/nosql/cassandra/1.2.nix b/pkgs/servers/nosql/cassandra/1.2.nix new file mode 100644 index 000000000000..75992ceb9ef5 --- /dev/null +++ b/pkgs/servers/nosql/cassandra/1.2.nix @@ -0,0 +1,52 @@ +{ stdenv +, fetchurl +, jre +, python +, makeWrapper +, gawk +, bash +, getopt +, procps +}: + +let + + version = "1.2.19"; + sha256 = "0zkq3ggpk8ra2siar43vmrn6lmvn902p1g2lrgb46ak1vii6w30w"; + +in + +stdenv.mkDerivation rec { + name = "cassandra-${version}"; + + src = fetchurl { + inherit sha256; + url = "http://apache.cs.utah.edu/cassandra/${version}/apache-${name}-bin.tar.gz"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + installPhase = '' + mkdir $out + mv * $out + + for cmd in cassandra nodetool sstablekeys sstableloader sstableupgrade + do wrapProgram $out/bin/$cmd \ + --set JAVA_HOME ${jre} \ + --prefix PATH : ${bash}/bin \ + --prefix PATH : ${getopt}/bin \ + --prefix PATH : ${gawk}/bin \ + --prefix PATH : ${procps}/bin + done + + wrapProgram $out/bin/cqlsh --prefix PATH : ${python}/bin + ''; + + meta = with stdenv.lib; { + homepage = http://cassandra.apache.org/; + description = "A massively scalable open source NoSQL database"; + platforms = with platforms; all; + license = licenses.asl20; + maintainers = with maintainers; [ bcarrell ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5b294e259290..1755ac2b6738 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8798,6 +8798,7 @@ let cadvisor = callPackage ../servers/monitoring/cadvisor { }; + cassandra_1_2 = callPackage ../servers/nosql/cassandra/1.2.nix { }; cassandra_2_0 = callPackage ../servers/nosql/cassandra/2.0.nix { }; cassandra_2_1 = callPackage ../servers/nosql/cassandra/2.1.nix { }; cassandra = cassandra_2_1; From a643e25286ee390cf2ccec91710283405c60255c Mon Sep 17 00:00:00 2001 From: lostdj Date: Wed, 15 Jul 2015 13:08:53 +0300 Subject: [PATCH 07/41] SmartGitHg: 6.5.7 -> 6.5.9 --- pkgs/applications/version-management/smartgithg/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/smartgithg/default.nix b/pkgs/applications/version-management/smartgithg/default.nix index f2a2fadae8c7..ccea8ffb3f27 100644 --- a/pkgs/applications/version-management/smartgithg/default.nix +++ b/pkgs/applications/version-management/smartgithg/default.nix @@ -7,7 +7,7 @@ }: let - the_version = "6_5_7"; + the_version = "6_5_9"; in @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "http://www.syntevo.com/downloads/smartgit/" + "smartgit-generic-${the_version}.tar.gz"; - sha256 = "0db4dxp0dl173z9r8n25zdl1il240p751d2f77cw0nmyibik7q4l"; + sha256 = "09bvx1jgaqfxg8qv9f306bgh3k057shsi2xllxv1vw3xf0pvkbwa"; }; buildInputs = [ From 0b9f605a2dab388259d593195429c47dbcc5641b Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Wed, 15 Jul 2015 08:08:46 -0300 Subject: [PATCH 08/41] Mednafen: Updates Mednafen: 0.9.36.4 -> 0.9.38.5 Server: 0.5.1 -> 0.5.2 --- pkgs/misc/emulators/mednafen/default.nix | 4 ++-- pkgs/misc/emulators/mednafen/server.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/misc/emulators/mednafen/default.nix b/pkgs/misc/emulators/mednafen/default.nix index e87ac98c8380..825968c61631 100644 --- a/pkgs/misc/emulators/mednafen/default.nix +++ b/pkgs/misc/emulators/mednafen/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { name = "mednafen-${version}"; - version = "0.9.36.4"; + version = "0.9.38.5"; src = fetchurl { url = "http://downloads.sourceforge.net/project/mednafen/Mednafen/${version}/${name}.tar.bz2"; - sha256 = "0s6dhdar6y64fah2ij98a9gskm0rzcbqdbksicnba8cakc87nsfy"; + sha256 = "1s1qwwlhkxr0vhzvlc1m0ib9lj7cws3cldm2mbjz4b421nxfdi8h"; }; buildInputs = with stdenv.lib; diff --git a/pkgs/misc/emulators/mednafen/server.nix b/pkgs/misc/emulators/mednafen/server.nix index ce361ef9fbcc..60e458222d3c 100644 --- a/pkgs/misc/emulators/mednafen/server.nix +++ b/pkgs/misc/emulators/mednafen/server.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { name = "mednafen-server-${version}"; - version = "0.5.1"; + version = "0.5.2"; src = fetchurl { url = "http://downloads.sourceforge.net/project/mednafen/Mednafen-Server/${version}/${name}.tar.gz"; - sha256="0c5wvg938y3h4n5lb0dl8pvmjzphhkbba34r6ikpvdahq166ps4j"; + sha256="06fal6hwrb8gw94yp7plhcz55109128cgp35m7zs5vvjf1zfhcs9"; }; postInstall = '' From 8506dfdd801ec68f99fed8235aea8ae3fe7924ee Mon Sep 17 00:00:00 2001 From: Tom Dimiduk Date: Wed, 15 Jul 2015 08:18:19 -0400 Subject: [PATCH 09/41] Update stripe-haskell to a working version (1.4 had broken tests which was stopping it from installing) --- pkgs/development/haskell-modules/hackage-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/haskell-modules/hackage-packages.nix b/pkgs/development/haskell-modules/hackage-packages.nix index c62f9071c5fe..86a98e6f3f46 100644 --- a/pkgs/development/haskell-modules/hackage-packages.nix +++ b/pkgs/development/haskell-modules/hackage-packages.nix @@ -121097,8 +121097,8 @@ self: { }: mkDerivation { pname = "stripe-haskell"; - version = "0.1.4.0"; - sha256 = "09s699h2b641bakcgf3f2cwdqb4qb37b4y31vpcq3k8pkbmhy8sf"; + version = "0.1.4.1"; + sha256 = "a0ffc70616d4eb86a9e0e0fcb1751cc48f3b6f618d07cf2bb96090276d64d218"; buildDepends = [ aeson base bytestring either HsOpenSSL http-streams io-streams mtl random text time transformers unordered-containers From 517451df97573940f987ac1962a21a98a9529716 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Wed, 15 Jul 2015 09:28:13 -0300 Subject: [PATCH 10/41] FS-UAE: 2.4.1 -> 2.4.3 --- pkgs/misc/emulators/fs-uae/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/misc/emulators/fs-uae/default.nix b/pkgs/misc/emulators/fs-uae/default.nix index 545691fa4d03..89f4e2338b44 100644 --- a/pkgs/misc/emulators/fs-uae/default.nix +++ b/pkgs/misc/emulators/fs-uae/default.nix @@ -5,11 +5,11 @@ with stdenv.lib; stdenv.mkDerivation rec{ name = "fs-uae-${version}"; - version = "2.4.1"; + version = "2.4.3"; src = fetchurl { urls = [ "http://fs-uae.net/fs-uae/stable/${version}/${name}.tar.gz" ]; - sha256 = "05gvnrkl1aclq1a6z57k6rmdnsg2ghyjcscwq0w5dhc5vcalv6f0"; + sha256 = "05wngvpqj8kj4wzi5jzzhvs19iljb3m6ba1l2hk4rz68b400ndv6"; }; buildInputs = [ pkgconfig gettext gtk SDL zlib glib openal mesa lua freetype ]; @@ -33,3 +33,5 @@ stdenv.mkDerivation rec{ maintainers = [ maintainers.AndersonTorres ]; }; } +# TODO: testing and Python GUI support +# TODO: SDL2 support From b9c32340a7467dca7a01856af55ad06b02cb8934 Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Wed, 15 Jul 2015 12:23:35 +0200 Subject: [PATCH 11/41] Gnuradio: 3.7.5.1 -> 3.7.7.1. --- pkgs/applications/misc/gnuradio/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/gnuradio/default.nix b/pkgs/applications/misc/gnuradio/default.nix index 888d39c37320..a5cc1ae09328 100644 --- a/pkgs/applications/misc/gnuradio/default.nix +++ b/pkgs/applications/misc/gnuradio/default.nix @@ -23,11 +23,11 @@ stdenv.mkDerivation rec { name = "gnuradio-${version}"; - version = "3.7.5.1"; + version = "3.7.7.1"; src = fetchurl { url = "http://gnuradio.org/releases/gnuradio/${name}.tar.gz"; - sha256 = "0gg4i8s1z5pcfk8d7n7baxv3lx2cjcizimvbziraj27lcbvpmwar"; + sha256 = "0kjqav1rdyi60vq85djmigyrgh606ga625icwj15iarlqwzv29rb"; }; buildInputs = [ From 022527a5e1b2b63e94cacb8a73397d3d9066010b Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Wed, 15 Jul 2015 12:24:03 +0200 Subject: [PATCH 12/41] Gnuradio: Add gnuradio-wrapper and gnuradio-full. gnuradio-wrapper is a simple derivation wrapping $(gnuradio)/bin/* to make other blocks (from `extraPackages') available. gnuradio-full uses gnuradio-wrapper to build gnuradio with blocks from gnuradio-osmosdr (therefore allowing the use of rtl-sdr, hackrf, the ccc-camp2015 badge, and similar). --- pkgs/applications/misc/gnuradio/wrapper.nix | 23 +++++++++++++++++++++ pkgs/top-level/all-packages.nix | 6 ++++++ 2 files changed, 29 insertions(+) create mode 100644 pkgs/applications/misc/gnuradio/wrapper.nix diff --git a/pkgs/applications/misc/gnuradio/wrapper.nix b/pkgs/applications/misc/gnuradio/wrapper.nix new file mode 100644 index 000000000000..cc8dbde273b6 --- /dev/null +++ b/pkgs/applications/misc/gnuradio/wrapper.nix @@ -0,0 +1,23 @@ +{ stdenv, gnuradio, makeWrapper, python +, extraPackages ? [] }: + +with stdenv.lib; + +stdenv.mkDerivation { + name = (appendToName "with-packages" gnuradio).name; + buildInputs = [ makeWrapper python ]; + + buildCommand = '' + mkdir -p $out/bin + ln -s "${gnuradio}"/bin/* $out/bin/ + + for file in "$out"/bin/*; do + wrapProgram "$file" \ + --prefix PYTHONPATH : ${stdenv.lib.concatStringsSep ":" + (map (path: "$(toPythonPath ${path})") extraPackages)} \ + --prefix GRC_BLOCKS_PATH : ${makeSearchPath "share/gnuradio/grc/blocks" extraPackages} + done + + ''; + inherit (gnuradio) meta; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index acfc7525f5e8..4a0d25cd1578 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11309,6 +11309,12 @@ let fftw = fftwFloat; }; + gnuradio-wrapper = callPackage ../applications/misc/gnuradio/wrapper.nix { }; + + gnuradio-full = gnuradio-wrapper.override { + extraPackages = [ gnuradio-osmosdr ]; + }; + gnuradio-osmosdr = callPackage ../applications/misc/gnuradio-osmosdr { }; goldendict = callPackage ../applications/misc/goldendict { }; From 2926f3aa2c18549b8ce895b4056d48598d78d0ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Mon, 13 Jul 2015 22:58:03 +0200 Subject: [PATCH 13/41] fgallery: init at 1.7 fgallery is a static photo gallery generator. http://www.thregr.org/~wavexx/software/fgallery/ --- pkgs/tools/graphics/fgallery/default.nix | 48 ++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 4 ++ 2 files changed, 52 insertions(+) create mode 100644 pkgs/tools/graphics/fgallery/default.nix diff --git a/pkgs/tools/graphics/fgallery/default.nix b/pkgs/tools/graphics/fgallery/default.nix new file mode 100644 index 000000000000..4b0531aa1ced --- /dev/null +++ b/pkgs/tools/graphics/fgallery/default.nix @@ -0,0 +1,48 @@ +{ stdenv, fetchurl, unzip, makeWrapper, perl, ImageExifTool, JSON +, coreutils, zip, imagemagick, pngcrush, lcms2, fbida +}: + +# TODO: add optional dependencies (snippet from fgallery source): +# +# if(system("jpegoptim -V >/dev/null 2>&1")) { +# $jpegoptim = 0; +# } +# if($facedet && system("facedetect -h >/dev/null 2>&1")) { +# fatal("cannot run \"facedetect\" (see http://www.thregr.org/~wavexx/hacks/facedetect/)"); + +stdenv.mkDerivation rec { + name = "fgallery-1.7"; + + src = fetchurl { + url = "http://www.thregr.org/~wavexx/software/fgallery/releases/${name}.zip"; + sha256 = "1iix6p8viwnsq3zn9vg99sx20nmgk2p5als3j1lk914nz3anvai4"; + }; + + buildInputs = [ unzip makeWrapper perl ImageExifTool JSON ]; + + installPhase = '' + mkdir -p "$out/bin" + mkdir -p "$out/share/fgallery" + + cp -r * "$out/share/fgallery" + ln -s -r "$out/share/fgallery/fgallery" "$out/bin/fgallery" + + # Don't preserve file attributes when copying files to output directories. + # (fgallery copies parts of itself to each output directory, and without + # this change the read-only nix store causes some bumps in the workflow.) + sed -i -e "s|'cp'|'cp', '--no-preserve=all'|g" "$out/share/fgallery/fgallery" + + wrapProgram "$out/share/fgallery/fgallery" \ + --set PERL5LIB "$PERL5LIB" \ + --set PATH "${stdenv.lib.makeSearchPath "bin" + [ coreutils zip imagemagick pngcrush lcms2 fbida ]}" + ''; + + meta = with stdenv.lib; { + description = "Static photo gallery generator"; + homepage = http://www.thregr.org/~wavexx/software/fgallery/; + license = licenses.gpl2; + platforms = platforms.all; + maintainers = [ maintainers.bjornfor ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4a0d25cd1578..616f3f918e44 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1454,6 +1454,10 @@ let fdm = callPackage ../tools/networking/fdm {}; + fgallery = callPackage ../tools/graphics/fgallery { + inherit (perlPackages) ImageExifTool JSON; + }; + flannel = callPackage ../tools/networking/flannel { }; flashbench = callPackage ../os-specific/linux/flashbench { }; From ae2b537d68b511165792c5e16aa4a750b03abc28 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Wed, 15 Jul 2015 14:36:58 +0000 Subject: [PATCH 14/41] update django minor versions (including security fixes) --- pkgs/top-level/python-packages.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index e73af3ba413b..45de46ef679f 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4904,12 +4904,12 @@ let django_1_8 = buildPythonPackage rec { name = "Django-${version}"; - version = "1.8"; + version = "1.8.3"; disabled = pythonOlder "2.7"; src = pkgs.fetchurl { url = "http://www.djangoproject.com/m/releases/1.8/${name}.tar.gz"; - sha256 = "04mlx3920r46vn69alrf4bmv1xqp7m6k1xzwgr798rjcrd1assq6"; + sha256 = "1fjv63rdm45j5057zb7qj4ya4pjwig1jpbwcr0bk1mazq3y59dib"; }; # error: invalid command 'test' @@ -4929,12 +4929,12 @@ let django_1_7 = buildPythonPackage rec { name = "Django-${version}"; - version = "1.7.7"; + version = "1.7.9"; disabled = pythonOlder "2.7"; src = pkgs.fetchurl { url = "http://www.djangoproject.com/m/releases/1.7/${name}.tar.gz"; - sha256 = "0crfpnf246c25887by2fjlxinp4rnhya4ksqfydcls9m0s9gh5j8"; + sha256 = "0q3q46yjjsqwp0ywrkbqwiac13rdvzrd5dchdbnzh3yjwpj9ygsg"; }; # error: invalid command 'test' @@ -4999,11 +4999,11 @@ let django_1_4 = buildPythonPackage rec { name = "Django-${version}"; - version = "1.4.20"; + version = "1.4.21"; src = pkgs.fetchurl { url = "http://www.djangoproject.com/m/releases/1.4/${name}.tar.gz"; - sha256 = "1cgb23afinmbvbaryvy3yj5m40h68mq6gvadcqyv3j64cja73b2q"; + sha256 = "1x5wk3yh6ydbp4sgsxl4qjmdvcazphwkmmm99lfdb04645sijkwk"; }; # error: invalid command 'test' From d68d929291072fe654eb4880b7bb0e3497e19f94 Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Wed, 15 Jul 2015 18:19:46 +0200 Subject: [PATCH 15/41] dtach: fix CVE-2012-3368 --- pkgs/tools/misc/dtach/default.nix | 2 + pkgs/tools/misc/dtach/fix-CVE-2012-3368.patch | 49 +++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100644 pkgs/tools/misc/dtach/fix-CVE-2012-3368.patch diff --git a/pkgs/tools/misc/dtach/default.nix b/pkgs/tools/misc/dtach/default.nix index 7ceecc3690ab..000f6cd0f93f 100644 --- a/pkgs/tools/misc/dtach/default.nix +++ b/pkgs/tools/misc/dtach/default.nix @@ -8,6 +8,8 @@ stdenv.mkDerivation rec { sha256 = "16614ebddf8ab2811d3dc0e7f329c7de88929ac6a9632d4cb4aef7fe11b8f2a9"; }; + patches = [ ./fix-CVE-2012-3368.patch ]; + installPhase = '' mkdir -p $out/bin cp dtach $out/bin/dtach diff --git a/pkgs/tools/misc/dtach/fix-CVE-2012-3368.patch b/pkgs/tools/misc/dtach/fix-CVE-2012-3368.patch new file mode 100644 index 000000000000..9e556d9325fb --- /dev/null +++ b/pkgs/tools/misc/dtach/fix-CVE-2012-3368.patch @@ -0,0 +1,49 @@ +Fix error handling for read from stdin in attach.c + +attach.c did not correctly handle a read from stdin when read returned +an error. The code assigned the return value of read to pkt.len (an +unsigned char) before checking the value. This prevented the error check +from working correctly, since an unsigned integer can never be < 0. + +A packet with an invalid length was then sent to the master, which then +sent 255 bytes of garbage to the program. + +Fix the bug in attach.c and the unchecked packet length bug in master.c. + +Report and initial patch by Enrico Scholz. + +--- a/master.c 2012/07/01 21:26:10 1.14 ++++ b/master.c 2012/07/01 21:44:34 1.15 +@@ -351,7 +351,10 @@ + + /* Push out data to the program. */ + if (pkt.type == MSG_PUSH) +- write(the_pty.fd, pkt.u.buf, pkt.len); ++ { ++ if (pkt.len <= sizeof(pkt.u.buf)) ++ write(the_pty.fd, pkt.u.buf, pkt.len); ++ } + + /* Attach or detach from the program. */ + else if (pkt.type == MSG_ATTACH) +--- a/attach.c 2012/07/01 21:26:10 1.12 ++++ b/attach.c 2012/07/01 21:44:34 1.13 +@@ -237,12 +237,16 @@ + /* stdin activity */ + if (n > 0 && FD_ISSET(0, &readfds)) + { ++ ssize_t len; ++ + pkt.type = MSG_PUSH; + memset(pkt.u.buf, 0, sizeof(pkt.u.buf)); +- pkt.len = read(0, pkt.u.buf, sizeof(pkt.u.buf)); ++ len = read(0, pkt.u.buf, sizeof(pkt.u.buf)); + +- if (pkt.len <= 0) ++ if (len <= 0) + exit(1); ++ ++ pkt.len = len; + process_kbd(s, &pkt); + n--; + } From 1e2718ed51c830928dcdd416ffd6f2b023dfc86a Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 12:25:21 -0700 Subject: [PATCH 16/41] lsof: 4.88 -> 4.89 --- pkgs/development/tools/misc/lsof/default.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pkgs/development/tools/misc/lsof/default.nix b/pkgs/development/tools/misc/lsof/default.nix index af9145bc4096..53bbcf228428 100644 --- a/pkgs/development/tools/misc/lsof/default.nix +++ b/pkgs/development/tools/misc/lsof/default.nix @@ -1,11 +1,12 @@ -{stdenv, fetchurl}: +{ stdenv, fetchurl }: -stdenv.mkDerivation { - name = "lsof-4.88"; +stdenv.mkDerivation rec { + name = "lsof-${version}"; + version = "4.89"; src = fetchurl { - url = "ftp://sunsite.ualberta.ca/pub/Mirror/lsof/lsof_4.88.tar.bz2"; - sha256 = "16y9wm26rg81mihnzcbdg8h8vhxmq8kn62ssxb8cqydp4q79nvzy"; + url = "ftp://sunsite.ualberta.ca/pub/Mirror/lsof/lsof_${version}.tar.bz2"; + sha256 = "061p18v0mhzq517791xkjs8a5dfynq1418a1mwxpji69zp2jzb41"; }; unpackPhase = "tar xvjf $src; cd lsof_*; tar xvf lsof_*.tar; sourceRoot=$( echo lsof_*/); "; From b48e49ddc39e6554fe67c4ba070da8ae2008b1fe Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 12:42:40 -0700 Subject: [PATCH 17/41] gnutls: 3.3.15 -> 3.3.16 --- pkgs/development/libraries/gnutls/3.3.nix | 4 ++-- pkgs/top-level/all-packages.nix | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.3.nix b/pkgs/development/libraries/gnutls/3.3.nix index a2c04506a6c9..bd95ce07254c 100644 --- a/pkgs/development/libraries/gnutls/3.3.nix +++ b/pkgs/development/libraries/gnutls/3.3.nix @@ -1,10 +1,10 @@ { callPackage, fetchurl, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.3.15"; + version = "3.3.16"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-${version}.tar.lz"; - sha256 = "166nynb055vlh6dm1gaqwpcnf4mp7ks8lz2yvm7dlsrkbh3swj5m"; + sha256 = "1jl5n02mh83ygrrk7rq8vwylv5gdr3wccqs1ynvzr749fd2wq637"; }; }) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2f39c4dc0402..38784d7a3b1c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6414,7 +6414,6 @@ let gnutls33 = callPackage ../development/libraries/gnutls/3.3.nix { guileBindings = config.gnutls.guile or false; - nettle = nettle27; }; gnutls34 = callPackage ../development/libraries/gnutls/3.4.nix { From 08ef62c1009c27db1c6a5750c80c4af01ee791f2 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 12:48:02 -0700 Subject: [PATCH 18/41] gnutls: 3.4.2 -> 3.4.3 --- pkgs/development/libraries/gnutls/3.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.4.nix b/pkgs/development/libraries/gnutls/3.4.nix index 614834252fa1..0558e4127c4b 100644 --- a/pkgs/development/libraries/gnutls/3.4.nix +++ b/pkgs/development/libraries/gnutls/3.4.nix @@ -1,10 +1,10 @@ { callPackage, fetchurl, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.4.2"; + version = "3.4.3"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-${version}.tar.lz"; - sha256 = "1wzasbrs4ncq4yisqyvifl7mzlyyg1pb0idr4fhjmcfpi13sxlaw"; + sha256 = "1q4adb1xi9pl00iy3cqs4r1qmwllv1g1r44p6xsg6n65dpyf53q2"; }; }) From be0f468926ff805b9fae4bba87a0fc8b628cbc1a Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 12:55:39 -0700 Subject: [PATCH 19/41] samba: 4.2.1 -> 4.2.3 --- pkgs/servers/samba/4.x.nix | 4 ++-- pkgs/top-level/all-packages.nix | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/samba/4.x.nix b/pkgs/servers/samba/4.x.nix index 1d957a8ec607..1f89e959c4bf 100644 --- a/pkgs/servers/samba/4.x.nix +++ b/pkgs/servers/samba/4.x.nix @@ -19,11 +19,11 @@ with lib; stdenv.mkDerivation rec { - name = "samba-4.2.1"; + name = "samba-4.2.3"; src = fetchurl { url = "mirror://samba/pub/samba/stable/${name}.tar.gz"; - sha256 = "1hsakc8h6rs48xr6i55m90pd53hpxcqjjnlwq8i2rp0nq4ws5sip"; + sha256 = "0z2c17d2id0m59mfdxdljhizp97l29clmw6g5zp93n0q92pabpxn"; }; patches = diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 38784d7a3b1c..232cabe6b938 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9178,7 +9178,6 @@ let samba4 = callPackage ../servers/samba/4.x.nix { python = python2; kerberos = null; # Bundle kerberos because samba uses internal, non-stable functions - gnutls = gnutls33; # enableLDAP }; From 66bc50a968372140f9e9fe367d172acb721fb147 Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Wed, 15 Jul 2015 22:12:29 +0200 Subject: [PATCH 20/41] vsftpd: fix CVE-2015-1419 Adds patch from Debian. --- pkgs/servers/ftp/vsftpd/CVE-2015-1419.patch | 104 ++++++++++++++++++++ pkgs/servers/ftp/vsftpd/default.nix | 2 + 2 files changed, 106 insertions(+) create mode 100644 pkgs/servers/ftp/vsftpd/CVE-2015-1419.patch diff --git a/pkgs/servers/ftp/vsftpd/CVE-2015-1419.patch b/pkgs/servers/ftp/vsftpd/CVE-2015-1419.patch new file mode 100644 index 000000000000..0a6144395116 --- /dev/null +++ b/pkgs/servers/ftp/vsftpd/CVE-2015-1419.patch @@ -0,0 +1,104 @@ +Description: CVE-2015-1419: config option deny_file is not handled correctly +Author: Marcus Meissner +Origin: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2015-1419 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776922 +Last-Update: 2015-02-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/ls.c +=================================================================== +--- trunk.orig/ls.c ++++ trunk/ls.c +@@ -7,6 +7,7 @@ + * Would you believe, code to handle directory listing. + */ + ++#include + #include "ls.h" + #include "access.h" + #include "defs.h" +@@ -243,11 +244,42 @@ vsf_filename_passes_filter(const struct + struct mystr temp_str = INIT_MYSTR; + struct mystr brace_list_str = INIT_MYSTR; + struct mystr new_filter_str = INIT_MYSTR; ++ struct mystr normalize_filename_str = INIT_MYSTR; ++ const char *normname; ++ const char *path; + int ret = 0; + char last_token = 0; + int must_match_at_current_pos = 1; ++ + str_copy(&filter_remain_str, p_filter_str); +- str_copy(&name_remain_str, p_filename_str); ++ ++ /* normalize filepath */ ++ path = str_strdup(p_filename_str); ++ normname = realpath(path, NULL); ++ if (normname == NULL) ++ goto out; ++ str_alloc_text(&normalize_filename_str, normname); ++ ++ if (!str_isempty (&filter_remain_str) && !str_isempty(&normalize_filename_str)) { ++ if (str_get_char_at(p_filter_str, 0) == '/') { ++ if (str_get_char_at(&normalize_filename_str, 0) != '/') { ++ str_getcwd (&name_remain_str); ++ ++ if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */ ++ str_append_char (&name_remain_str, '/'); ++ ++ str_append_str (&name_remain_str, &normalize_filename_str); ++ } ++ else ++ str_copy (&name_remain_str, &normalize_filename_str); ++ } else { ++ if (str_get_char_at(p_filter_str, 0) != '{') ++ str_basename (&name_remain_str, &normalize_filename_str); ++ else ++ str_copy (&name_remain_str, &normalize_filename_str); ++ } ++ } else ++ str_copy(&name_remain_str, &normalize_filename_str); + + while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX) + { +@@ -379,6 +411,9 @@ vsf_filename_passes_filter(const struct + ret = 0; + } + out: ++ free((char*) normname); ++ free((char*) path); ++ str_free(&normalize_filename_str); + str_free(&filter_remain_str); + str_free(&name_remain_str); + str_free(&temp_str); +Index: trunk/str.c +=================================================================== +--- trunk.orig/str.c ++++ trunk/str.c +@@ -723,3 +723,14 @@ str_replace_unprintable(struct mystr* p_ + } + } + ++void ++str_basename (struct mystr* d_str, const struct mystr* path) ++{ ++ static struct mystr tmp; ++ ++ str_copy (&tmp, path); ++ str_split_char_reverse(&tmp, d_str, '/'); ++ ++ if (str_isempty(d_str)) ++ str_copy (d_str, path); ++} +Index: trunk/str.h +=================================================================== +--- trunk.orig/str.h ++++ trunk/str.h +@@ -101,6 +101,7 @@ void str_replace_unprintable(struct myst + int str_atoi(const struct mystr* p_str); + filesize_t str_a_to_filesize_t(const struct mystr* p_str); + unsigned int str_octal_to_uint(const struct mystr* p_str); ++void str_basename (struct mystr* d_str, const struct mystr* path); + + /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string + * buffer, starting at character position 'p_pos'. The extracted line will diff --git a/pkgs/servers/ftp/vsftpd/default.nix b/pkgs/servers/ftp/vsftpd/default.nix index 3b9b32898e2f..f1ddf87e8c6a 100644 --- a/pkgs/servers/ftp/vsftpd/default.nix +++ b/pkgs/servers/ftp/vsftpd/default.nix @@ -8,6 +8,8 @@ stdenv.mkDerivation rec { sha256 = "0mjy345wszskz1vnk83360c1y37arwgap3gwz8hy13sjqpig0imy"; }; + patches = [ ./CVE-2015-1419.patch ]; + preConfigure = stdenv.lib.optionalString sslEnable '' echo "Will enable SSL" sed -i "/VSF_BUILD_SSL/s/^#undef/#define/" builddefs.h From e431602983977872c175cafc60c80c94a53e6e6c Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Wed, 15 Jul 2015 23:48:58 +0300 Subject: [PATCH 21/41] Update cl-unification source --- pkgs/development/lisp-modules/lisp-packages.nix | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/pkgs/development/lisp-modules/lisp-packages.nix b/pkgs/development/lisp-modules/lisp-packages.nix index 5e2bdd0cc549..d98994b1233a 100644 --- a/pkgs/development/lisp-modules/lisp-packages.nix +++ b/pkgs/development/lisp-modules/lisp-packages.nix @@ -75,11 +75,10 @@ let lispPackages = rec { version = "cvs-2013-10-28"; description = ""; deps = []; - src = pkgs.fetchcvs { - sha256 = "a574b7f9615232366e3e5e7ee400d60dbff23f6d0e1def5a3c77aafdfd786e6a"; - date = ''2013-10-28''; - module = ''cl-unification''; - cvsRoot = '':pserver:anonymous:anonymous@common-lisp.net:/project/cl-unification/cvsroot''; + src = pkgs.fetchgit { + url = "https://gitlab.common-lisp.net/cl-unification/cl-unification.git"; + sha256 = "01k2k7n98flnzm6mipk4xq2rqmjkjg8rcv4dsgifyxhqjwqf0l24"; + rev = ''283c94d38d11c806a1fc9db022f0b54dced93bab''; }; }; From 44c9eddd64fb0a79c73a76e3a5babf8c32787d86 Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Wed, 15 Jul 2015 23:51:39 +0300 Subject: [PATCH 22/41] Update cl-smtp source --- pkgs/development/lisp-modules/lisp-packages.nix | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/pkgs/development/lisp-modules/lisp-packages.nix b/pkgs/development/lisp-modules/lisp-packages.nix index d98994b1233a..566b42efdcf9 100644 --- a/pkgs/development/lisp-modules/lisp-packages.nix +++ b/pkgs/development/lisp-modules/lisp-packages.nix @@ -541,12 +541,11 @@ let lispPackages = rec { version = "cvs-2014-11-15"; description = "SMTP client library"; deps = [cl-ssl cl-base64 flexi-streams trivial-gray-streams usocket]; - # Source type: cvs - src = pkgs.fetchcvs { - sha256 = "15b7lvayn1izzfism7s7rcw2mv1hwgp9l2lgb5na9qxmqzjlw0r9"; - date = ''2014-11-15''; - module = ''cl-smtp''; - cvsRoot = '':pserver:anonymous:anonymous@common-lisp.net:/project/cl-smtp/cvsroot''; + # Source type: git + src = pkgs.fetchgit { + url = "https://gitlab.common-lisp.net/cl-smtp/cl-smtp.git"; + sha256 = "1i66x351cj114r2i8j6bhif5fcysfq5ia91hv7ksjqa4q7rfmpw2"; + rev = ''2bf946c1d561c0085dba6d6337e3e53d9711a5d2''; }; }; From e6e02133d6be3c7a1346d2b8826c37f4443ee42d Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Wed, 15 Jul 2015 23:52:21 +0300 Subject: [PATCH 23/41] Fix version strings for switch from CVS --- pkgs/development/lisp-modules/lisp-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/lisp-modules/lisp-packages.nix b/pkgs/development/lisp-modules/lisp-packages.nix index 566b42efdcf9..073721530321 100644 --- a/pkgs/development/lisp-modules/lisp-packages.nix +++ b/pkgs/development/lisp-modules/lisp-packages.nix @@ -72,7 +72,7 @@ let lispPackages = rec { cl-unification = buildLispPackage rec { baseName = "cl-unification"; - version = "cvs-2013-10-28"; + version = "git-2015-07-01"; description = ""; deps = []; src = pkgs.fetchgit { @@ -538,7 +538,7 @@ let lispPackages = rec { cl-smtp = buildLispPackage rec { baseName = "cl-smtp"; - version = "cvs-2014-11-15"; + version = "git-2015-07-01"; description = "SMTP client library"; deps = [cl-ssl cl-base64 flexi-streams trivial-gray-streams usocket]; # Source type: git From 01e37fe92dedabdaa7b9f047de1c59f8a43de45e Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Wed, 15 Jul 2015 16:10:57 -0500 Subject: [PATCH 24/41] pkgs: mariadb 10.0.19 -> 10.0.20 Signed-off-by: Austin Seipp --- pkgs/servers/sql/mariadb/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/sql/mariadb/default.nix b/pkgs/servers/sql/mariadb/default.nix index 7ca962b6f47a..cad03cbd1ffc 100644 --- a/pkgs/servers/sql/mariadb/default.nix +++ b/pkgs/servers/sql/mariadb/default.nix @@ -5,11 +5,11 @@ with stdenv.lib; stdenv.mkDerivation rec { name = "mariadb-${version}"; - version = "10.0.19"; + version = "10.0.20"; src = fetchurl { url = "https://downloads.mariadb.org/interstitial/mariadb-${version}/source/mariadb-${version}.tar.gz"; - sha256 = "0cm1j4805ypbmrhajn4ar5rqsis1p5haxs7c04b6k540gmfmxgrg"; + sha256 = "0ywb730l68mxvmpik1x2ndbdaaks6dmc17pxspspm5wlqxinjkrs"; }; buildInputs = [ cmake ncurses openssl zlib pcre libxml2 boost judy bison libevent ] From 11947a55c855164d6aa9e429227f21f3989046b2 Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Wed, 15 Jul 2015 23:23:53 +0200 Subject: [PATCH 25/41] libwmf: fix some security issues The added patches (sourced from Debian) fixes the following security issues: - CVE-2006-3376 - CVE-2009-1364 - CVE-2015-0848 - CVE-2015-4588 - CVE-2015-4695 - CVE-2015-4696 --- .../libraries/libwmf/CVE-2006-3376.patch | 28 +++ .../libraries/libwmf/CVE-2009-1364.patch | 11 ++ .../libwmf/CVE-2015-0848+4588+4695+4696.patch | 186 ++++++++++++++++++ pkgs/development/libraries/libwmf/default.nix | 5 + 4 files changed, 230 insertions(+) create mode 100644 pkgs/development/libraries/libwmf/CVE-2006-3376.patch create mode 100644 pkgs/development/libraries/libwmf/CVE-2009-1364.patch create mode 100644 pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch diff --git a/pkgs/development/libraries/libwmf/CVE-2006-3376.patch b/pkgs/development/libraries/libwmf/CVE-2006-3376.patch new file mode 100644 index 000000000000..4c7519d9c101 --- /dev/null +++ b/pkgs/development/libraries/libwmf/CVE-2006-3376.patch @@ -0,0 +1,28 @@ +--- libwmf-0.2.8.4.orig/src/player.c ++++ libwmf-0.2.8.4/src/player.c +@@ -23,6 +23,7 @@ + + #include + #include ++#include + #include + #include + +@@ -132,8 +133,14 @@ + } + } + +-/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char)); +- */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); ++ if (MAX_REC_SIZE(API) > UINT32_MAX / 2) ++ { ++ API->err = wmf_E_InsMem; ++ WMF_DEBUG (API,"bailing..."); ++ return (API->err); ++ } ++ ++ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); + + if (ERR (API)) + { WMF_DEBUG (API,"bailing..."); + diff --git a/pkgs/development/libraries/libwmf/CVE-2009-1364.patch b/pkgs/development/libraries/libwmf/CVE-2009-1364.patch new file mode 100644 index 000000000000..e2a4501662c6 --- /dev/null +++ b/pkgs/development/libraries/libwmf/CVE-2009-1364.patch @@ -0,0 +1,11 @@ +--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c +@@ -70,6 +70,7 @@ + { more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle)); + if (more == 0) return; + im->clip->max += 8; ++ im->clip->list = more; + } + im->clip->list[im->clip->count] = (*rect); + im->clip->count++; + diff --git a/pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch b/pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch new file mode 100644 index 000000000000..54d47800298b --- /dev/null +++ b/pkgs/development/libraries/libwmf/CVE-2015-0848+4588+4695+4696.patch @@ -0,0 +1,186 @@ +--- libwmf-0.2.8.4.orig/src/player/meta.h ++++ libwmf-0.2.8.4/src/player/meta.h +@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,w + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -2593,9 +2593,10 @@ static int meta_dc_restore (wmfAPI* API, + polyrect.BR = 0; + + polyrect.count = 0; ++ ++ if (FR->region_clip) FR->region_clip (API,&polyrect); + } + +- if (FR->region_clip) FR->region_clip (API,&polyrect); + + return (changed); + } +@@ -3067,7 +3068,7 @@ static int meta_pen_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3181,7 +3182,7 @@ static int meta_brush_create (wmfAPI* AP + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3288,7 +3289,7 @@ static int meta_font_create (wmfAPI* API + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3396,7 +3397,7 @@ static int meta_palette_create (wmfAPI* + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +--- libwmf-0.2.8.4.orig/src/ipa/ipa.h ++++ libwmf-0.2.8.4/src/ipa/ipa.h +@@ -48,7 +48,7 @@ static int ReadBlobByte (BMPS + static unsigned short ReadBlobLSBShort (BMPSource*); + static unsigned long ReadBlobLSBLong (BMPSource*); + static long TellBlob (BMPSource*); +-static void DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); ++static int DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); + static void ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*); + static int ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int); + static void SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int); +--- libwmf-0.2.8.4.orig/src/ipa/ipa/bmp.h ++++ libwmf-0.2.8.4/src/ipa/ipa/bmp.h +@@ -859,7 +859,7 @@ static long TellBlob (BMPSource* src) + % + % + */ +-static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) ++static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) + { int byte; + int count; + int i; +@@ -870,12 +870,14 @@ static void DecodeImage (wmfAPI* API,wmf + U32 u; + + unsigned char* q; ++ unsigned char* end; + + for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0; + + byte = 0; + x = 0; + q = pixels; ++ end = pixels + bmp->width * bmp->height; + + for (y = 0; y < bmp->height; ) + { count = ReadBlobByte (src); +@@ -884,7 +886,10 @@ static void DecodeImage (wmfAPI* API,wmf + { /* Encoded mode. */ + byte = ReadBlobByte (src); + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = (unsigned char) byte; + } + else +@@ -896,13 +901,15 @@ static void DecodeImage (wmfAPI* API,wmf + else + { /* Escape mode. */ + count = ReadBlobByte (src); +- if (count == 0x01) return; ++ if (count == 0x01) return 1; + switch (count) + { + case 0x00: + { /* End of line. */ + x = 0; + y++; ++ if (y >= bmp->height) ++ return 0; + q = pixels + y * bmp->width; + break; + } +@@ -910,13 +917,20 @@ static void DecodeImage (wmfAPI* API,wmf + { /* Delta mode. */ + x += ReadBlobByte (src); + y += ReadBlobByte (src); ++ if (y >= bmp->height) ++ return 0; ++ if (x >= bmp->width) ++ return 0; + q = pixels + y * bmp->width + x; + break; + } + default: + { /* Absolute mode. */ + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = ReadBlobByte (src); + } + else +@@ -943,7 +957,7 @@ static void DecodeImage (wmfAPI* API,wmf + byte = ReadBlobByte (src); /* end of line */ + byte = ReadBlobByte (src); + +- return; ++ return 1; + } + + /* +@@ -1143,8 +1157,18 @@ static void ReadBMPImage (wmfAPI* API,wm + } + } + else +- { /* Convert run-length encoded raster pixels. */ +- DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image); ++ { ++ if (bmp_info.bits_per_pixel == 8) /* Convert run-length encoded raster pixels. */ ++ { ++ if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image)) ++ { WMF_ERROR (API,"corrupt bmp"); ++ API->err = wmf_E_BadFormat; ++ } ++ } ++ else ++ { WMF_ERROR (API,"Unexpected pixel depth"); ++ API->err = wmf_E_BadFormat; ++ } + } + + if (ERR (API)) diff --git a/pkgs/development/libraries/libwmf/default.nix b/pkgs/development/libraries/libwmf/default.nix index 95740882a93c..bdede8f18cfd 100644 --- a/pkgs/development/libraries/libwmf/default.nix +++ b/pkgs/development/libraries/libwmf/default.nix @@ -11,6 +11,11 @@ stdenv.mkDerivation { buildInputs = [ zlib imagemagick libpng pkgconfig glib freetype libjpeg libxml2 ]; + patches = [ + ./CVE-2006-3376.patch ./CVE-2009-1364.patch + ./CVE-2015-0848+4588+4695+4696.patch + ]; + meta = { description = "WMF library from wvWare"; }; From 9ad01e41deee835ee5f9261efd3ed497862c995d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sat, 7 Mar 2015 14:20:01 +0100 Subject: [PATCH 26/41] eplot: init at 2.07 Create plots quickly with gnuplot. http://liris.cnrs.fr/christian.wolf/software/eplot/ --- pkgs/tools/graphics/eplot/default.nix | 47 +++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 49 insertions(+) create mode 100644 pkgs/tools/graphics/eplot/default.nix diff --git a/pkgs/tools/graphics/eplot/default.nix b/pkgs/tools/graphics/eplot/default.nix new file mode 100644 index 000000000000..a98a5e0aaece --- /dev/null +++ b/pkgs/tools/graphics/eplot/default.nix @@ -0,0 +1,47 @@ +{ stdenv, fetchurl, gnuplot, ruby }: + +stdenv.mkDerivation rec { + name = "eplot-2.07"; + + # Upstream has been contacted (2015-03) regarding providing versioned + # download URLs. Initial response was positive, but no action yet. + src = fetchurl { + url = "http://liris.cnrs.fr/christian.wolf/software/eplot/download/eplot"; + sha256 = "0y9x82i3sfpgxsqz2w42r6iad6ph7vxb7np1xbwapx5iipciclw5"; + }; + + ecSrc = fetchurl { + url = "http://liris.cnrs.fr/christian.wolf/software/eplot/download/ec"; + sha256 = "0fg31g8mrcx14h2rjcf091cbd924n19z55iscaiflspifya30yhd"; + }; + + buildInputs = [ ruby ]; + + unpackPhase = "true"; + + installPhase = '' + mkdir -p "$out/bin" + cp "$src" "$out/bin/eplot" + cp "$ecSrc" "$out/bin/ec" + chmod +x "$out/bin/"* + + sed -i -e "s|gnuplot -persist|${gnuplot}/bin/gnuplot -persist|" "$out/bin/eplot" + ''; + + meta = with stdenv.lib; { + description = "Create plots quickly with gnuplot"; + longDescription = '' + eplot ("easy gnuplot") is a ruby script which allows to pipe data easily + through gnuplot and create plots quickly, which can be saved in + postscript, PDF, PNG or EMF files. Plotting of multiple files into a + single diagram is supported. + + This package also includes the complementary 'ec' tool (say "extract + column"). + ''; + homepage = http://liris.cnrs.fr/christian.wolf/software/eplot/; + license = licenses.gpl2Plus; + platforms = platforms.all; + maintainers = [ maintainers.bjornfor ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 232cabe6b938..aa4a59e54f72 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1396,6 +1396,8 @@ let enscript = callPackage ../tools/text/enscript { }; + eplot = callPackage ../tools/graphics/eplot { }; + ethtool = callPackage ../tools/misc/ethtool { }; eternity = callPackage ../games/eternity-engine { }; From 1306c11b94351551c63dd23ba8b107fee2028fc2 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 16 Jul 2015 02:43:27 +0200 Subject: [PATCH 27/41] bitlbee service: fix typo --- nixos/modules/services/networking/bitlbee.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/bitlbee.nix b/nixos/modules/services/networking/bitlbee.nix index 1ffd57e0621d..27b7dd71d9e5 100644 --- a/nixos/modules/services/networking/bitlbee.nix +++ b/nixos/modules/services/networking/bitlbee.nix @@ -21,7 +21,7 @@ let DaemonInterface = ${cfg.interface} DaemonPort = ${toString cfg.portNumber} AuthMode = ${cfg.authMode} - ${lib.optionalStringv (cfg.hostName != "") "HostName = ${cfg.hostName}"} + ${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"} ${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"} ${cfg.extraSettings} From c284b83678af1e8ce89f222025fa8993302a4eab Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 17:45:19 -0700 Subject: [PATCH 28/41] setuptools: 7.0 -> 18.0.1 --- pkgs/development/python-modules/setuptools/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/setuptools/default.nix b/pkgs/development/python-modules/setuptools/default.nix index 01fe46686797..477d6f4b3a19 100644 --- a/pkgs/development/python-modules/setuptools/default.nix +++ b/pkgs/development/python-modules/setuptools/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { shortName = "setuptools-${version}"; name = "${python.executable}-${shortName}"; - version = "7.0"; + version = "18.0.1"; src = fetchurl { url = "http://pypi.python.org/packages/source/s/setuptools/${shortName}.tar.gz"; - sha256 = "0qg07f035agwcz9m0p3kgdjs18xpl3h00rv28aqsfdyz1wm1m76x"; + sha256 = "152b4qlpqc54939vfx5ipjpgx0kln02n3ywpm6x25pqysngwjjad"; }; buildInputs = [ python wrapPython distutils-cfg ]; From c1c757cea4f47a6ee3cec8f8db217bc92335b7fb Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 17:46:31 -0700 Subject: [PATCH 29/41] ceph: 9.0.1 -> 9.0.2 --- pkgs/tools/filesystems/ceph/dev.nix | 6 ++-- .../filesystems/ceph/fix-pythonpath.patch | 31 +++++++++++++++++++ pkgs/tools/filesystems/ceph/generic.nix | 12 +++++-- 3 files changed, 44 insertions(+), 5 deletions(-) create mode 100644 pkgs/tools/filesystems/ceph/fix-pythonpath.patch diff --git a/pkgs/tools/filesystems/ceph/dev.nix b/pkgs/tools/filesystems/ceph/dev.nix index 3a9aacbcd30e..5cc183d1053c 100644 --- a/pkgs/tools/filesystems/ceph/dev.nix +++ b/pkgs/tools/filesystems/ceph/dev.nix @@ -1,11 +1,13 @@ { callPackage, fetchgit, ... } @ args: callPackage ./generic.nix (args // rec { - version = "9.0.1"; + version = "9.0.2"; src = fetchgit { url = "https://github.com/ceph/ceph.git"; rev = "refs/tags/v${version}"; - sha256 = "1sq6gim7dik04lih5krwm4qpnf2blby3xj2vz9n4cknjnj0dbg7x"; + sha256 = "0kydjyvb1566mh33p6dlljfx1r4cfdj8ic4i19h5r9vavkc46nf0"; }; + + patches = [ ./fix-pythonpath.patch ]; }) diff --git a/pkgs/tools/filesystems/ceph/fix-pythonpath.patch b/pkgs/tools/filesystems/ceph/fix-pythonpath.patch new file mode 100644 index 000000000000..7458a46aca15 --- /dev/null +++ b/pkgs/tools/filesystems/ceph/fix-pythonpath.patch @@ -0,0 +1,31 @@ +diff --git a/src/Makefile-env.am b/src/Makefile-env.am +index e176596..384e230 100644 +--- a/src/Makefile-env.am ++++ b/src/Makefile-env.am +@@ -40,7 +40,7 @@ check_SCRIPTS = + export VERBOSE = true + + # python unit tests need to know where the scripts are located +-export PYTHONPATH=$(top_srcdir)/src/pybind ++export PYTHONPATH+=:$(top_srcdir)/src/pybind + + # when doing a debug build, make sure to make the targets + if WITH_DEBUG +diff --git a/src/ceph-detect-init/Makefile.am b/src/ceph-detect-init/Makefile.am +index 3e5ad03..66d6683 100644 +--- a/src/ceph-detect-init/Makefile.am ++++ b/src/ceph-detect-init/Makefile.am +@@ -64,9 +64,10 @@ install-data-local:: + if test "$(DESTDIR)" ; then \ + if lsb_release -si | grep --quiet 'Ubuntu\|Debian\|Devuan' ; then \ + options=--install-layout=deb ; \ +- else \ +- options=--prefix=/usr ; \ + fi ; \ + root="--root=$(DESTDIR)" ; \ + fi ; \ +- python setup.py install $$root $$options ++ if test "$(prefix)"; then \ ++ prefix="--prefix=$(prefix)" ; \ ++ fi ; \ ++ python setup.py install $$prefix $$root $$options diff --git a/pkgs/tools/filesystems/ceph/generic.nix b/pkgs/tools/filesystems/ceph/generic.nix index 4d358d6a9c59..b899192aa3cf 100644 --- a/pkgs/tools/filesystems/ceph/generic.nix +++ b/pkgs/tools/filesystems/ceph/generic.nix @@ -113,7 +113,9 @@ stdenv.mkDerivation { ]; nativeBuildInputs = [ autoconf automake makeWrapper pkgconfig libtool which ] - ++ optionals (versionAtLeast version "10.0.0") [ pythonPackages.setuptools ]; + ++ optionals (versionAtLeast version "9.0.2") [ + pythonPackages.setuptools pythonPackages.argparse + ]; buildInputs = buildInputs ++ cryptoLibsMap.${cryptoStr} ++ [ boost python libxml2 optYasm optLibatomic_ops optLibs3 malloc pythonPackages.flask zlib ] ++ optional (versionAtLeast version "9.0.0") [ @@ -147,7 +149,7 @@ stdenv.mkDerivation { preConfigure = '' # Ceph expects the arch command to be usable during configure # for detecting the assembly type - mkdir mybin + mkdir -p mybin echo "#${stdenv.shell} -e" >> mybin/arch echo "uname -m" >> mybin/arch chmod +x mybin/arch @@ -157,6 +159,10 @@ stdenv.mkDerivation { # Fix the python site-packages install directory sed -i "s,\(PYTHON\(\|_EXEC\)_PREFIX=\).*,\1'$lib',g" configure + + # Fix the PYTHONPATH for installing ceph-detect-init to $out + mkdir -p "$(toPythonPath $out)" + export PYTHONPATH="$(toPythonPath $out):$PYTHONPATH" ''; configureFlags = [ @@ -200,7 +206,7 @@ stdenv.mkDerivation { ] ++ optional (versionAtLeast version "9.0.1") [ (mkWith false "tcmalloc-minimal" null) (mkWith false "valgrind" null) - ] ++ optional (versionAtLeast version "10.0.0") [ + ] ++ optional (versionAtLeast version "9.0.2") [ (mkWith true "man-pages" null) (mkWith true "systemd-libexec-dir" "\${TMPDIR}") ]; From 3adb0e713c5336460846d8ec804a540ee2b508e8 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 17:46:45 -0700 Subject: [PATCH 30/41] ceph: 2015-06-06 -> 2015-07-15 --- pkgs/tools/filesystems/ceph/git.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/filesystems/ceph/git.nix b/pkgs/tools/filesystems/ceph/git.nix index df209b080b04..341c24c04a35 100644 --- a/pkgs/tools/filesystems/ceph/git.nix +++ b/pkgs/tools/filesystems/ceph/git.nix @@ -1,11 +1,13 @@ { callPackage, fetchgit, git, ... } @ args: callPackage ./generic.nix (args // rec { - version = "2015-06-06"; + version = "2015-07-15"; src = fetchgit { url = "git://github.com/ceph/ceph.git"; - rev = "efededa0107eebd4abc0e08dd34200d6ca175626"; - sha256 = "18lcn4misyvgjh7r0vkal480x23yr8pcjwzl4k4hbrpqmm97znp9"; + rev = "66dcbaed3c3c8e4b5367ba1cd2859271e692e7e0"; + sha256 = "05jba4zjrkksrra6rz4kby8vv4ja8fa73wvwcw3yn3mn1x9kyz2g"; }; + + patches = [ ./fix-pythonpath.patch ]; }) From ec5f94fbcc882895c538eefe304f995b5079135f Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 15 Jul 2015 17:54:27 -0700 Subject: [PATCH 31/41] chromium: Minor updates Notably a version bump for Flash Player to 18.0.0.209-r1 --- .../browsers/chromium/source/sources.nix | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/source/sources.nix b/pkgs/applications/networking/browsers/chromium/source/sources.nix index 86dd127aa6b6..5410293a7924 100644 --- a/pkgs/applications/networking/browsers/chromium/source/sources.nix +++ b/pkgs/applications/networking/browsers/chromium/source/sources.nix @@ -1,21 +1,21 @@ # This file is autogenerated from update.sh in the parent directory. { dev = { - version = "45.0.2431.0"; - sha256 = "0irlrym8r1wa6zb5bg4paxy3h5fg300k5c9vkj3xmhdp567clfja"; - sha256bin32 = "1lfrd7x7cav5mr7pg0a3d4a9dyy6f0rklarprfrcvqwipjkddb3f"; - sha256bin64 = "1jzmkgiqn17ynbv0xljiifvlj1136jq98zrkd4hdmkgv8xrrzd74"; + version = "45.0.2454.6"; + sha256 = "09bhbq3hvsfiac7w6ajd6n1lcdzf2isg1s9sqabrnx9blyds7msh"; + sha256bin32 = "1f38rfd9v91inhd9m2sfcj4bpvq5f03zn8ypvacr9mpwc47rylx3"; + sha256bin64 = "1bfjpjisa0hqiy8kmmgh2mr6zyifpmhr7k5ai44h5szf36768bn6"; }; beta = { - version = "44.0.2403.61"; - sha256 = "16bifaqs3fmfms305c1h10kabsyrscxkywf32pl6zwlzjd3y4ncm"; - sha256bin32 = "1lgqf6bid02pjdzxg1jipfzjqzp5frqxv4bi6q127kky3lz9lmlc"; - sha256bin64 = "1l6cyfn5mraprisib7q5rgy8vvkc7ky8z91c2iqsikjv7nmrm6hv"; + version = "44.0.2403.89"; + sha256 = "161shml5w2i0crl57hkfnizgmii6d70lxxg4rjxmays8g6lrmpds"; + sha256bin32 = "1vk022m9kz9fw82sd94zqzi988ald3p2vlha7pz5wm2dgibwr25g"; + sha256bin64 = "0kvrpqy3fpfzchly65nrh8z2z2i49xpa3pm2k7k18sn0x4bycji0"; }; stable = { - version = "43.0.2357.130"; - sha256 = "0bh093rfiklwj03my9d6x3118k2msbl7fhrxlndx99cnjd1mbyv2"; - sha256bin32 = "083scn6dd11lnd0z5yxd6jfgdxj7iaafssccj8a9ybr1ay894ch1"; - sha256bin64 = "14mfw64ips6nzz6kr8k8dq5253cbqd69hjlc54fl7nqfxi9zw31f"; + version = "43.0.2357.134"; + sha256 = "0nbn25pl3rgyqmy4p5dqr0v08xzkm08lpzsaxzszqpa4w7ivp8fk"; + sha256bin32 = "1xmybw4vs8x2rrg43f7x7yn763wfzr5f8d1jpq49r42qr365q6vs"; + sha256bin64 = "1y79135pmkhvv4cdhdy93jhm0jdx132a6spqqyyhbcr2sn26cq62"; }; } From 60d19b3adcec8d9d45240559e587467559d07184 Mon Sep 17 00:00:00 2001 From: Luca Bruno Date: Thu, 16 Jul 2015 10:36:29 +0200 Subject: [PATCH 32/41] Revert "gnupg: fix build on darwin" This reverts commit db3602b5d6a928a69cc00d837d513817bdabe1c4. Fixed libusb build by 82d2960f15942bdf8594a400d70ca907e5b23647 --- pkgs/tools/security/gnupg/20.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/tools/security/gnupg/20.nix b/pkgs/tools/security/gnupg/20.nix index 016b22916ead..542baa95efe2 100644 --- a/pkgs/tools/security/gnupg/20.nix +++ b/pkgs/tools/security/gnupg/20.nix @@ -21,8 +21,7 @@ stdenv.mkDerivation rec { buildInputs = [ readline zlib libgpgerror libgcrypt libassuan libksba pth - openldap bzip2 curl libiconv ] - ++ stdenv.lib.optional (!stdenv.isDarwin) libusb; + openldap bzip2 libusb curl libiconv ]; patchPhase = '' find tests -type f | xargs sed -e 's@/bin/pwd@${coreutils}&@g' -i From ff94a3f57e75fa894378e0620024382977385cbc Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Thu, 16 Jul 2015 10:04:11 +0000 Subject: [PATCH 33/41] pythonPackages.alembic: 0.6.6 -> 0.7.6 --- pkgs/top-level/python-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 45de46ef679f..bbb5421d7065 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -293,11 +293,11 @@ let alembic = buildPythonPackage rec { - name = "alembic-0.6.6"; + name = "alembic-0.7.6"; src = pkgs.fetchurl { url = "https://pypi.python.org/packages/source/a/alembic/${name}.tar.gz"; - md5 = "71e4a8f6849e1527abfc4ea33d51f37c"; + sha256 = "0qgglnxsn470ncyipm33j3d5nf5ny2g3wq7fxyy9fv2x4rhs8kw6"; }; buildInputs = with self; [ nose mock ]; From b7155460719ba2c8b0b276fad3fdd22441eac9f9 Mon Sep 17 00:00:00 2001 From: Rob Vermaas Date: Thu, 16 Jul 2015 14:35:31 +0000 Subject: [PATCH 34/41] Make fetchBower a bit more like a normal mkDerivation, which is easier to test. Also, in some cases, the result of fetchBower is different depending on the value of $out. For now, it seems that it works best if using a local output directory before copying to $out. (cherry picked from commit aa4c6b027163abe0891f9ad438899f9679298a64) --- pkgs/build-support/fetchbower/default.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/pkgs/build-support/fetchbower/default.nix b/pkgs/build-support/fetchbower/default.nix index 11af6dbedf13..7c6b1a8a0983 100644 --- a/pkgs/build-support/fetchbower/default.nix +++ b/pkgs/build-support/fetchbower/default.nix @@ -1,9 +1,11 @@ { stdenv, fetch-bower, git }: name: version: target: outputHash: stdenv.mkDerivation { name = "${name}-${version}"; - realBuilder = "${fetch-bower}/bin/fetch-bower"; - args = [ name version target ]; + buildCommand = '' + out=$PWD/out fetch-bower ${name} ${version} ${target} + cp -R out $out + ''; outputHashMode = "recursive"; outputHashAlgo = "sha256"; inherit outputHash; - PATH = "${git}/bin"; + buildInputs = [git fetch-bower]; } From aaa44b7c57a4e5666e2cdb173845253fbefe0146 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Thu, 16 Jul 2015 19:29:08 +0000 Subject: [PATCH 35/41] phpstorm: 8.0.3 -> 9.0 --- pkgs/applications/editors/idea/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/editors/idea/default.nix b/pkgs/applications/editors/idea/default.nix index b2b6d2ddde53..5d13cf6a4ce5 100644 --- a/pkgs/applications/editors/idea/default.nix +++ b/pkgs/applications/editors/idea/default.nix @@ -297,13 +297,13 @@ in phpstorm = buildPhpStorm rec { name = "phpstorm-${version}"; - version = "8.0.3"; - build = "PS-139.1348"; + version = "9.0"; + build = "PS-141.1912"; description = "Professional IDE for Web and PHP developers"; license = stdenv.lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz"; - sha256 = "1x67nfr3nap93cx7yhdrp02xvp1v6g74zy7hdmhx41sal7hzy49b"; + sha256 = "1n6p8xiv0nrs6yf0250mpga291msnrfamv573dva9f17cc3df2pp"; }; }; From 6a1519c6311bc2791b242cfdb6a9b1a3557e7fdb Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Thu, 16 Jul 2015 22:01:43 +0200 Subject: [PATCH 36/41] gmic: init at 1.6.5.0 --- pkgs/tools/graphics/gmic/default.nix | 40 ++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 42 insertions(+) create mode 100644 pkgs/tools/graphics/gmic/default.nix diff --git a/pkgs/tools/graphics/gmic/default.nix b/pkgs/tools/graphics/gmic/default.nix new file mode 100644 index 000000000000..f0115239f007 --- /dev/null +++ b/pkgs/tools/graphics/gmic/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, fftw, zlib, libjpeg, libtiff, libpng }: + +stdenv.mkDerivation rec { + name = "gmic-${version}"; + version = "1.6.5.0"; + + src = fetchurl { + url = "http://gmic.eu/files/source/gmic_${version}.tar.gz"; + sha256 = "1vb6zm5zpqfnzxjvb9yfvczaqacm55rf010ib0yk9f28b17qrjgb"; + }; + + buildInputs = [ fftw zlib libjpeg libtiff libpng ]; + + sourceRoot = "${name}/src"; + + preBuild = '' + buildFlagsArray=( \ + CURL_CFLAGS= CURL_LIBS= \ + EXR_CFLAGS= EXR_LIBS= \ + OPENCV_CFLAGS= OPENCV_LIBS= \ + X11_CFLAGS="-Dcimg_display=0" X11_LIBS= \ + cli \ + ) + ''; + + installPhase = '' + mkdir -p $out/bin + mkdir -p $out/share/man/man1 + + cp -v gmic $out/bin/ + cp -v ../man/gmic.1.gz $out/share/man/man1/ + ''; + + meta = with stdenv.lib; { + description = "G'MIC is an open and full-featured framework for image processing"; + homepage = http://gmic.eu/; + license = licenses.cecill20; + maintainers = [ maintainers.rycee ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 616f3f918e44..49f625122950 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -882,6 +882,8 @@ let gist = callPackage ../tools/text/gist { }; + gmic = callPackage ../tools/graphics/gmic { }; + mcrl = callPackage ../tools/misc/mcrl { }; mcrl2 = callPackage ../tools/misc/mcrl2 { }; From 541f6617f94d991cb10804038ce4efcb080a88fd Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Thu, 16 Jul 2015 19:19:44 -0700 Subject: [PATCH 37/41] libinput: 0.17.0 -> 0.20.0 --- pkgs/development/libraries/libinput/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libinput/default.nix b/pkgs/development/libraries/libinput/default.nix index 28880a3ac686..f02b0af82708 100644 --- a/pkgs/development/libraries/libinput/default.nix +++ b/pkgs/development/libraries/libinput/default.nix @@ -15,11 +15,11 @@ in with stdenv.lib; stdenv.mkDerivation rec { - name = "libinput-0.17.0"; + name = "libinput-0.20.0"; src = fetchurl { url = "http://www.freedesktop.org/software/libinput/${name}.tar.xz"; - sha256 = "1nr8zg99hk6lz2g2kdvlz13i7cwvrsakakrn3c1w2id7wcxj9nxp"; + sha256 = "0p8jswag33qjjxd8766hzk460bzhzhw32b6hl2i17aygjz7dynqp"; }; configureFlags = [ From 97d8c1cb239d992de20ed970b5128e6c49ef380d Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Thu, 16 Jul 2015 19:25:30 -0700 Subject: [PATCH 38/41] tinc: 1.0.25 -> 1.0.26 --- pkgs/tools/networking/tinc/default.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/tools/networking/tinc/default.nix b/pkgs/tools/networking/tinc/default.nix index eddd3bc31c4d..df3465969bb7 100644 --- a/pkgs/tools/networking/tinc/default.nix +++ b/pkgs/tools/networking/tinc/default.nix @@ -1,20 +1,20 @@ {stdenv, fetchurl, lzo, openssl, zlib}: stdenv.mkDerivation rec { - version = "1.0.25"; + version = "1.0.26"; name = "tinc-${version}"; src = fetchurl { url = "http://www.tinc-vpn.org/packages/tinc-${version}.tar.gz"; - sha256 = "0cziyiwsfcvk12dahqwi5wh0q326yhayy8ijnrjp7mwlwmacbhf5"; + sha256 = "08ds8s32cjslms1q227ihd6jz35583v378ij4pknfa5xngfijhrb"; }; buildInputs = [ lzo openssl zlib ]; - configureFlags = '' - --localstatedir=/var - --sysconfdir=/etc - ''; + configureFlags = [ + "--localstatedir=/var" + "--sysconfdir=/etc" + ]; meta = { description = "VPN daemon with full mesh routing"; From d7b917e6120a5ae011528446d9c421f549cfdc75 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Thu, 16 Jul 2015 19:25:55 -0700 Subject: [PATCH 39/41] git: 2.4.5 -> 2.4.6 --- .../version-management/git-and-tools/git/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/git/default.nix b/pkgs/applications/version-management/git-and-tools/git/default.nix index 68fd7405ee4a..9702a95133c8 100644 --- a/pkgs/applications/version-management/git-and-tools/git/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git/default.nix @@ -9,7 +9,7 @@ }: let - version = "2.4.5"; + version = "2.4.6"; svn = subversionClient.override { perlBindings = true; }; in @@ -18,7 +18,7 @@ stdenv.mkDerivation { src = fetchurl { url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz"; - sha256 = "15045v9ds1jn7csw4dijlz0ybiw3csh34l444vzgh9g0f9gmy6n3"; + sha256 = "1djkjjv491nk6g8rzrb4n75yqdfp3xpiv569nqblaiq33ibl9ndx"; }; patches = [ From da5e25dcaa7549b1e1159b6ab3b9b9654fe67f45 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Thu, 16 Jul 2015 19:29:10 -0700 Subject: [PATCH 40/41] tinc: 2015-06-20 -> 2015-07-17 --- pkgs/tools/networking/tinc/pre.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/tinc/pre.nix b/pkgs/tools/networking/tinc/pre.nix index f05ffdd6a467..3a89922ca9e5 100644 --- a/pkgs/tools/networking/tinc/pre.nix +++ b/pkgs/tools/networking/tinc/pre.nix @@ -1,12 +1,12 @@ { stdenv, fetchgit, autoreconfHook, texinfo, ncurses, readline, zlib, lzo, openssl }: stdenv.mkDerivation rec { - name = "tinc-1.1pre-2015-06-20"; + name = "tinc-1.1pre-2015-07-17"; src = fetchgit { url = "git://tinc-vpn.org/tinc"; - rev = "ebffa40aa7832459f63801e3a91cc741e6b339a8"; - sha256 = "0yp40n5cgfadd7lmi28qv7cf5s14qqw5ga76y5xd0fjpacv6akcp"; + rev = "f92c3446f2052a59d1e6a28f1bc7cec278cb1e48"; + sha256 = "1y15fk4i6jm9w3qkami2vgp5zfrm5frjxwfmwr4xiw23bmy9cgim"; }; buildInputs = [ autoreconfHook texinfo ncurses readline zlib lzo openssl ]; From 967abfc78660d0e49a32eac8fe19cec4b6b79d5c Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Thu, 16 Jul 2015 20:06:50 -0700 Subject: [PATCH 41/41] efivar: 0.20 -> 0.21 --- pkgs/tools/system/efivar/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/system/efivar/default.nix b/pkgs/tools/system/efivar/default.nix index d0c84d52daac..a9c3ebd02522 100644 --- a/pkgs/tools/system/efivar/default.nix +++ b/pkgs/tools/system/efivar/default.nix @@ -2,19 +2,21 @@ stdenv.mkDerivation rec { name = "efivar-${version}"; - version = "0.20"; + version = "0.21"; src = fetchFromGitHub { owner = "rhinstaller"; repo = "efivar"; rev = version; - sha256 = "14c8x9dhi4scj42n1cf513b551c1ccm8lwpaqx8h8ydpm2k35qi4"; + sha256 = "0iakv8prvl61mb2wnll02sxlg3kfzh3d4qb41d0bklmnljjkqr8p"; }; buildInputs = [ popt ]; - # 0.20 Relies on symbols from libdl.so which breaks efibootmgr - NIX_LDFLAGS = "-ldl"; + # 0.21 Has build warnings so disable -Werror + postPatch = '' + sed -i 's,-Werror,,g' Make.defaults + ''; installFlags = [ "libdir=$(out)/lib"