[Nix-commits] [NixOS/nixpkgs] 78b526: game-music-emu: 0.6.0 -> 0.6.1 for multiple CVEs

Wed, 21 Dec 2016 13:19:12 -0800 

  Branch: refs/heads/release-16.09
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 78b52670810607309fc8fc1604da90933297b3da
      
https://github.com/NixOS/nixpkgs/commit/78b52670810607309fc8fc1604da90933297b3da
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/applications/audio/game-music-emu/default.nix

  Log Message:
  -----------
  game-music-emu: 0.6.0 -> 0.6.1 for multiple CVEs

CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961

(cherry picked from commit 2c24ce5cfa831677556a9fecec3488ea701285c1)


  Commit: 2ab18b75da7b661506aaea0cdc534cd6cab7cd4d
      
https://github.com/NixOS/nixpkgs/commit/2ab18b75da7b661506aaea0cdc534cd6cab7cd4d
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/servers/http/tomcat/default.nix

  Log Message:
  -----------
  tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775

(cherry picked from commit a528c04612b87e52fd6a07c3a31fc80a34bf00c2)


  Commit: 6c97c1c1b61fec9f4db9169bf00eb9f6ecbe1ded
      
https://github.com/NixOS/nixpkgs/commit/6c97c1c1b61fec9f4db9169bf00eb9f6ecbe1ded
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/servers/http/tomcat/default.nix

  Log Message:
  -----------
  tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, CVE-2016-9775

(cherry picked from commit 72faac9d358a1e2645b49c1e15ac940226f07e9b)


  Commit: 490a23e0324740bf5391af4e70904c560d02136b
      
https://github.com/NixOS/nixpkgs/commit/490a23e0324740bf5391af4e70904c560d02136b
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/servers/monitoring/nagios/default.nix

  Log Message:
  -----------
  nagios: 4.2.3 -> 4.2.4 for CVE-2016-9566

(cherry picked from commit 2f17c3628e0cee6c5af051f21514da12f43aef6e)


  Commit: 142b303fc08b11a1e31c65f65eeeed1f7abe5b7f
      
https://github.com/NixOS/nixpkgs/commit/142b303fc08b11a1e31c65f65eeeed1f7abe5b7f
  Author: Daiderd Jordan <daid...@gmail.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/development/libraries/pupnp/default.nix

  Log Message:
  -----------
  libupnp: 1.6.20 -> 1.6.21 for CVE-2016-8863

Switching to git tags means we don't get pre-generated configure
scripts. Thusly, run bootstrap ourselves.

For https://github.com/NixOS/nixpkgs/issues/21289
For CVE-2016-8863 (remote code execution)

(cherry picked from commit 0d3f0f05e20672e2f021df855fb2b8b5482637fe)


  Commit: d3934be8a74d4097026989e3587aa52e32f9b38b
      
https://github.com/NixOS/nixpkgs/commit/d3934be8a74d4097026989e3587aa52e32f9b38b
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/development/libraries/openjpeg/2.1.nix
    A pkgs/development/libraries/openjpeg/CVE-2016-9580-and-CVE-2016-9581.patch
    M pkgs/development/libraries/openjpeg/generic.nix

  Log Message:
  -----------
  openjpeg2: patch for CVE-2016-9580, and CVE-2016-9581

(cherry picked from commit c7a2073323b7837214aa081840d7088c798be8d5)


  Commit: b5de7ef68654a0ec5aa3f06a2d85da2dc35625e9
      
https://github.com/NixOS/nixpkgs/commit/b5de7ef68654a0ec5aa3f06a2d85da2dc35625e9
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/applications/virtualization/xen/4.5.nix

  Log Message:
  -----------
  xen: patch for many XSAs

 - XSA-190
 - XSA-191
 - XSA-192
 - XSA-193
 - XSA-195
 - XSA-196
 - XSA-198
 - XSA-200
 - XSA_202
 - XSA-204

(cherry picked from commit 4e6c7faf3680ecc4eff79ee0f5b1f1d05ace6a52)


  Commit: 4e6223cc866537821fa4f5bd59576bb1be6ac913
      
https://github.com/NixOS/nixpkgs/commit/4e6223cc866537821fa4f5bd59576bb1be6ac913
  Author: Franz Pletz <fpl...@fnordicwalking.de>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M pkgs/top-level/python-packages.nix

  Log Message:
  -----------
  pythonPackages.bottle: 0.12.9 -> 0.12.11 for CVE-2016-9964

(cherry picked from commit ecc7b3364c5b43f2ea7bfeac9dbdb23eccb73947)


Compare: https://github.com/NixOS/nixpkgs/compare/1dd0fb6b5a7c...4e6223cc8665
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

Reply via email to