Commit graph

522 commits

Author SHA1 Message Date
Robert Hensing
a298710dd1 cassandra: Add passthru.tests 2020-12-09 13:24:48 +01:00
Robert Hensing
48929049d7
Merge pull request #104838 from redvers/update_cassandra_2.1.20_to_2.1.22_cve-2020-13946
cassandra_2_1: 2.1.20 -> 2.1.22
2020-12-09 13:21:04 +01:00
Robert Hensing
ed03f1a594
Merge pull request #104840 from redvers/update_cassandra_2.2.14_to_2.2.19_cve-2020-13946
cassandra_2_2: 2.2.14 -> 2.2.19
2020-12-09 13:20:34 +01:00
Robert Hensing
f41b7f6153
Merge pull request #104835 from redvers/update_cassandra_3.11.4_3.11.9_cve-2020-13946
cassandra: 3.11.4 -> 3.11.9
2020-12-09 13:19:53 +01:00
Casey Ransom
f6e974e701 cassandra: remove maintainer cransom
I've been disconnected from Cassandra for years now, I wouldn't be an
appropriate maintainer.
2020-12-02 11:01:14 -05:00
Jörg Thalheim
baf2814f48
redis: disable systemd in musl build 2020-11-29 11:15:28 +01:00
Andreas Rammhold
9ea8fd6df1
Merge pull request #104841 from redvers/update_cassandra_3.0.17_to_3.0.23_cve-2020-13946
cassandra_3_0: 3.0.17 -> 3.0.23
2020-11-28 16:43:03 +01:00
Red Davies
1431c3cc60 cassandra_3_0: 3.0.17 -> 3.0.23
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

3.0.x users should upgrade to 3.0.22
2020-11-24 21:21:56 -05:00
Red Davies
ee1b13dd13 cassandra_2_2: 2.2.14 -> 2.2.19
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

2.2.x users should upgrade to 2.2.18
2020-11-24 20:58:37 -05:00
Red Davies
b0f1fea52f cassandra_2_1: 2.1.20 -> 2.1.22
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

2.1.x users should upgrade to 2.1.22
2020-11-24 20:42:29 -05:00
Red Davies
90d2986368 cassandra: 3.11.4 -> 3.11.9
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

3.11.x users should upgrade to 3.11.8
2020-11-24 20:24:32 -05:00
Dave Anderson
4de5d2b081
influxdb2: init at v2.0.2 (#104717)
Signed-off-by: David Anderson <dave@natulte.net>
2020-11-24 16:06:39 +01:00
Graham Christensen
fbc4af5725 Revert "influxdb2: init at v2.0.2 (#104484)"
This reverts commit ecbe92e576.
2020-11-23 14:55:26 -05:00
Dave Anderson
ecbe92e576
influxdb2: init at v2.0.2 (#104484)
Signed-off-by: David Anderson <dave@natulte.net>
2020-11-23 20:40:42 +01:00
Thomas Depierre
63caecee7d riak-cs: delete 2020-10-28 19:31:33 +01:00
R. RyanTM
26f82d4246 influxdb: 1.8.2 -> 1.8.3 2020-10-18 14:18:35 +00:00
Mario Rodas
cbf2b8880b
Merge pull request #99250 from yorickvP/victoriametrics-auto-test
victoriametrics: add passthru.tests
2020-10-01 20:18:22 -05:00
Yorick van Pelt
1ef22a5d1f
victoriametrics: add passthru.tests 2020-10-01 11:58:32 +02:00
Souvik Sen
ae4a51c15c
victoriametrics: 1.40.0 -> 1.42.0 (#99241) 2020-10-01 04:49:59 -05:00
R. RyanTM
b0094fc46b influxdb: 1.8.0 -> 1.8.2 2020-09-05 02:11:12 +00:00
John Ericson
1965a241fc
Merge pull request #61019 from volth/gcc.arch-amd
platform.gcc.arch: support for AMD CPUs
2020-09-01 22:31:16 -04:00
R. RyanTM
6f2d868624 victoriametrics: 1.37.4 -> 1.40.0 2020-08-31 10:00:23 +00:00
Matthias Totschnig
9b2769b061 rethinkdb: use clangStdenv
And remove patch working around a GCC bug.
2020-08-21 15:44:52 -07:00
Matthias Totschnig
8025e4ffe4 rethinkdb: 2.3.6 -> 2.4.1, fix
Update patch that prevents making V8 snapshots, as those segfault.

Fix build by building only the database server. Other make targets fetch
dependencies at build time and this behaviour cannot be overriden.
Therefore, the clients and web interface are no longer built. See
rethinkdb/rethinkdb#6867.
2020-08-21 15:44:52 -07:00
zowoq
cea7cd902e buildGoModule packages: set doCheck = false 2020-08-10 16:02:30 +10:00
volth
cf7b63df5b gcc.arch: refactor, move tables under lib/ 2020-08-05 11:18:26 +00:00
zowoq
3c5750d1cd buildGoModule packages: editorconfig fixes 2020-07-31 13:58:04 +10:00
Vladimír Čunát
2b7c0dcdaa
Merge branch 'staging-next'
Rebuild on Hydra seems OK-ish.
mongodb.nix needed some conflict resolution (scons versions);
all four versions seem to build fine.
2020-07-25 16:18:40 +02:00
Jaka Hudoklin
fea9351d81
Merge pull request #92719 from pjjw/update/mongodb-42
mongodb: 4.0.12 -> 4.2.8
2020-07-24 20:15:29 +02:00
Peter Woodman
dbd0f3e957
mongodb: 4.0.12 -> 4.2.8
Not strictly an upgrade, but adds a new mongodb-4_2 target with the
current mongodb from that branch.

Use matching client and server versions in mongodb tests- tests were
using the mongo 3.4 client to connect, and this finally doesn't work
with server 4.2.

Per reviewer suggestion, adding myself as cheetah3 maintainer.

Additionally, reestore comments describing the purpose of the
build-dependencies patch
2020-07-24 11:44:16 -04:00
Daniël de Kok
28ce0b968b redis: 6.0.5 -> 6.0.6
Release notes:

https://groups.google.com/g/redis-db/c/7tuERP0dN9c/m/HddqH3X5BwAJ?pli=1
2020-07-23 10:47:44 +02:00
Vladimír Čunát
7a5c6fee0f
Merge branch 'master' into staging-next
Some rebuilds, e.g. all of haskell.
Hydra nixpkgs: ?compare=1601713
2020-07-22 08:37:19 +02:00
Justin Humm
6f7af76904
mongodb: use pname instead of name 2020-07-20 16:48:50 +02:00
Michael Weiss
5b14758d31
Merge pull request #92920 from primeos/scons
scons: 3.1.2 -> 4.0.0
2020-07-18 13:36:29 +02:00
Michael Weiss
595a36d846
scons.py2: Replace with sconsPackages.scons_3_1_2
Required since SCons 4.0.0 doesn't support Python 2.7 anymore.
2020-07-18 10:48:20 +02:00
Vladimír Čunát
c62e88ab81
Merge #91818: gperftools: fix on ARM 2020-07-11 11:08:58 +02:00
Vladimír Čunát
44391a72b2
mongodb: add basic check
For example, it detected the issue fixed in the parent commit
(tested on aarch64).
2020-07-11 11:07:18 +02:00
Mario Rodas
7f45aa87b2
Merge pull request #92658 from r-ryantm/auto-update/VictoriaMetrics
victoriametrics: 1.37.0 -> 1.37.4
2020-07-08 08:17:01 -05:00
Mario Rodas
cf5467dfa4
victoriametrics: add ldflags 2020-07-08 04:20:00 -05:00
R. RyanTM
bca87facad victoriametrics: 1.37.0 -> 1.37.4 2020-07-07 22:46:33 +00:00
R. RyanTM
520e4fdae0 redis: 6.0.3 -> 6.0.5 2020-07-07 07:27:17 +00:00
Souvik Sen
73df78b810 victoriametrics: 1.34.7 -> 1.37.0 2020-06-08 08:51:18 -04:00
Jamie McClymont
68a09ca2d4 redis: 6.0.1 -> 6.0.3
================================================================================
Redis 6.0.3     Released Sat May 16 18:10:21 CEST 2020
================================================================================

Upgrade urgency CRITICAL: a crash introduced in 6.0.2 is now fixed.

1eab62f7e Remove the client from CLOSE_ASAP list before caching the master.

================================================================================
Redis 6.0.2     Released Fri May 15 22:24:36 CEST 2020
================================================================================

Upgrade urgency MODERATE: many not critical bugfixes in different areas.
                          Critical fix to client side caching when
                          keys are evicted from the tracking table but
                          no notifications are sent.

The following are the most serious fix:

* XPENDING should not update consumer's seen-time
* optimize memory usage of deferred replies - fixed
* Fix CRC64 initialization outside the Redis server itself.
* stringmatchlen() should not expect null terminated strings.
* Cluster nodes availability checks improved when there is
  high Pub/Sub load on the cluster bus.
* Redis Benchmark: Fix coredump because of double free
* Tracking: send eviction messages when evicting entries.
* rax.c updated from upstream antirez/rax.
* fix redis 6.0 not freeing closed connections during loading.

New features:

* Support setcpuaffinity on linux/bsd
* Client Side Caching: Add Tracking Prefix Number Stats in Server Info
* Add --user argument to redis-benchmark.c (ACL)
2020-05-17 21:14:52 +12:00
Jamie McClymont
8cdc8687bf redis: handle changes to systemd support
The 6.0 changelog notes that systemd support was rewritten. The effects
of that seem to be twofold:

* Redis will silently fail to sd_notify if not built with libsystemd,
  breaking our unit configuration.
* It also appears to misbehave if told to daemonize when running under
  systemd -- note that upstream's sample unit configuration does not
  daemonize:
  https://github.com/antirez/redis/blob/unstable/utils/systemd-redis_server.service
2020-05-17 20:23:48 +12:00
Mario Rodas
8d3b239340
Merge pull request #87472 from r-ryantm/auto-update/redis
redis: 5.0.8 -> 6.0.1
2020-05-16 06:55:40 -05:00
Colin L Rice
d6162dab50
go-modules: Update files to use vendorSha256 2020-05-14 07:22:21 +01:00
R. RyanTM
4a07eb225b redis: 5.0.8 -> 6.0.1 2020-05-10 06:25:56 +00:00
R. RyanTM
40886adad8 eventstore: 5.0.7 -> 5.0.8 2020-05-01 09:06:14 +02:00
Maximilian Bosch
25b9bca759
mongodb_3_4: fix license
As noted in #83433, the 3.4 branch of `mongodb` is still licensed under
AGPL[1].

[1] https://github.com/mongodb/mongo/blob/r3.4.24/README
2020-04-21 18:05:15 +02:00
Mario Rodas
a4d12f7d81
Merge pull request #85109 from marsam/update-victoriametrics
victoriametrics: 1.34.5 -> 1.34.7
2020-04-15 06:51:53 -05:00