Branch: refs/heads/release-16.09
Home: https://github.com/NixOS/nixpkgs
Commit: 2292d8548e6935021980ccfeb9d91e76a453e16d
https://github.com/NixOS/nixpkgs/commit/2292d8548e6935021980ccfeb9d91e76a453e16d
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/applications/graphics/graphicsmagick/default.nix
Log Message:
-----------
graphicsmagick: Update URLs for patches
(cherry picked from commit c823eaec0a210348b03fd3e8a51d53592fc3d4be)
Commit: ee38d133bc35f9d92397165751e65ec1304a81c8
https://github.com/NixOS/nixpkgs/commit/ee38d133bc35f9d92397165751e65ec1304a81c8
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/development/libraries/libtiff/default.nix
Log Message:
-----------
libtiff: 4.0.6 -> 4.0.7 for many CVEs
This release includes all our previous CVE patches, and suggets new ones:
- CVE-2016-3945
- CVE-2016-3990
- CVE-2016-3991
- CVE-2016-3622
- CVE-2016-9453
- CVE-2016-8127 (duplicate of CVE-2016-3658)
- CVE-2016-9297
- CVE-2016-9448
(cherry picked from commit 9de6029cc67dd19e2e99eb188a7c81d744df8a3d)
Commit: 386c9803e221a511ead8a8a7fb13c2093fb03d4a
https://github.com/NixOS/nixpkgs/commit/386c9803e221a511ead8a8a7fb13c2093fb03d4a
Author: Franz Pletz <fpl...@fnordicwalking.de>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/applications/virtualization/qemu/default.nix
Log Message:
-----------
qemu: add patch to fix CVE-2016-7907
cc #20647
(cherry picked from commit 336bacfa1d66eb1635ec72ba81faeb1c81938c80)
Commit: 27c390f78926d8ed465dea63589177a9722aa627
https://github.com/NixOS/nixpkgs/commit/27c390f78926d8ed465dea63589177a9722aa627
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/applications/networking/browsers/w3m/default.nix
Log Message:
-----------
w3m: 0.5.3-2015-12-20 -> 0.5.3+git20161120 for many CVEs
https://github.com/tats/w3m/blob/c94a28011f0cb8bcef4229f3f787ae04ee3fcf3e/NEWS\#L1-L52
(cherry picked from commit a3b746851f9ac55bbbd28b031259c84bda1ca864)
Commit: 1980c26c03e01de035c6b123bc941f8600a29756
https://github.com/NixOS/nixpkgs/commit/1980c26c03e01de035c6b123bc941f8600a29756
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/games/gnuchess/default.nix
Log Message:
-----------
gnuchess: 6.2.3 -> 6.2.4 for CVEs
CVE-2015-8972: stack buffer overflow related to user move input, where 160
characters of input can crash gnuchess
(cherry picked from commit 4a5c66135a4b2abb03a788db47601a02a886904b)
Commit: 5f69faa2694c1a923fb2574240139c07f3870d01
https://github.com/NixOS/nixpkgs/commit/5f69faa2694c1a923fb2574240139c07f3870d01
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/development/libraries/libarchive/default.nix
Log Message:
-----------
libarchive: 3.2.1 -> 3.2.2 for unspecified vulnerabilities
The release notes don't cover anything in particular:
https://github.com/libarchive/libarchive/blob/ba3dec4495496280226a463b3270a60c8864a4f1/NEWS#L3
(cherry picked from commit 91187028984eaf0bd3b2b23c3c988466b2885f26)
Compare: https://github.com/NixOS/nixpkgs/compare/728a9578e31a...5f69faa2694c
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits