Branch: refs/heads/roundup-10
Home: https://github.com/NixOS/nixpkgs
Commit: 91187028984eaf0bd3b2b23c3c988466b2885f26
https://github.com/NixOS/nixpkgs/commit/91187028984eaf0bd3b2b23c3c988466b2885f26
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/development/libraries/libarchive/default.nix
Log Message:
-----------
libarchive: 3.2.1 -> 3.2.2 for unspecified vulnerabilities
The release notes don't cover anything in particular:
https://github.com/libarchive/libarchive/blob/ba3dec4495496280226a463b3270a60c8864a4f1/NEWS#L3
Commit: 4a5c66135a4b2abb03a788db47601a02a886904b
https://github.com/NixOS/nixpkgs/commit/4a5c66135a4b2abb03a788db47601a02a886904b
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/games/gnuchess/default.nix
Log Message:
-----------
gnuchess: 6.2.3 -> 6.2.4 for CVEs
CVE-2015-8972: stack buffer overflow related to user move input, where 160
characters of input can crash gnuchess
Commit: a3b746851f9ac55bbbd28b031259c84bda1ca864
https://github.com/NixOS/nixpkgs/commit/a3b746851f9ac55bbbd28b031259c84bda1ca864
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/applications/networking/browsers/w3m/default.nix
Log Message:
-----------
w3m: 0.5.3-2015-12-20 -> 0.5.3+git20161120 for many CVEs
https://github.com/tats/w3m/blob/c94a28011f0cb8bcef4229f3f787ae04ee3fcf3e/NEWS\#L1-L52
Commit: 336bacfa1d66eb1635ec72ba81faeb1c81938c80
https://github.com/NixOS/nixpkgs/commit/336bacfa1d66eb1635ec72ba81faeb1c81938c80
Author: Franz Pletz <fpl...@fnordicwalking.de>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/applications/virtualization/qemu/default.nix
Log Message:
-----------
qemu: add patch to fix CVE-2016-7907
cc #20647
Commit: 9de6029cc67dd19e2e99eb188a7c81d744df8a3d
https://github.com/NixOS/nixpkgs/commit/9de6029cc67dd19e2e99eb188a7c81d744df8a3d
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/development/libraries/libtiff/default.nix
Log Message:
-----------
libtiff: 4.0.6 -> 4.0.7 for many CVEs
This release includes all our previous CVE patches, and suggets new ones:
- CVE-2016-3945
- CVE-2016-3990
- CVE-2016-3991
- CVE-2016-3622
- CVE-2016-9453
- CVE-2016-8127 (duplicate of CVE-2016-3658)
- CVE-2016-9297
- CVE-2016-9448
Commit: c823eaec0a210348b03fd3e8a51d53592fc3d4be
https://github.com/NixOS/nixpkgs/commit/c823eaec0a210348b03fd3e8a51d53592fc3d4be
Author: Graham Christensen <gra...@grahamc.com>
Date: 2016-11-23 (Wed, 23 Nov 2016)
Changed paths:
M pkgs/applications/graphics/graphicsmagick/default.nix
Log Message:
-----------
graphicsmagick: Update URLs for patches
Compare: https://github.com/NixOS/nixpkgs/compare/8c977d83004f...c823eaec0a21
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits