Commit graph

1609 commits

Author SHA1 Message Date
taku0
47024938a2 firefox-bin: 47.0.1 -> 48.0 (#17452) 2016-08-02 16:55:55 +02:00
Robin Gloster
63c7b4f9a7 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-31 20:51:34 +00:00
Miguel Madrid
94549d4fab qutebrowser: 0.8.0 -> 0.8.1 (#17302) 2016-07-27 15:50:29 +01:00
Gabriel Ebner
7fce7c5a07 qutebrowser: 0.7.0 -> 0.8.0 2016-07-26 14:53:59 +02:00
Ram Kromberg
5685968ca6 midori: 0.5.8 -> 0.5.11 (#17142) 2016-07-25 21:25:42 +01:00
Kranium Gikos Mendoza
a5d1c8d471 bluejeans: 2.160.63.8 -> 2.160.66.8 (#17232) 2016-07-25 20:53:32 +01:00
Robin Gloster
1f04b4a566 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-21 00:56:43 +00:00
Rok Garbas
f5dca01b50 firefox-bin: 48.0b7 -> 48.0b9 2016-07-21 00:59:56 +02:00
Rok Garbas
0558ae3057 firefox-bin: libpulseaudio.dev is needed otherwise firefox doesn't start 2016-07-21 00:56:38 +02:00
Frederik Rietdijk
bae6ad8efa uzbl: fix build
See also #16740.
2016-07-19 15:06:42 +02:00
Robin Gloster
203846b9de Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-19 10:37:02 +00:00
Rok Garbas
a377c71280 firefox-bin: 48.0b1 -> 48.0b7
* removed firefox-developer-bin
* extend firefox-bin expression to accept sources as input so
  firefox-developer-bin can be packaged outside nixpkgs
* generate_sources.rb now includes full urls in the output
2016-07-16 13:04:04 +02:00
Robin Gloster
5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Ram Kromberg
6046702e5e flashplayer: 11.2.202.626 -> 11.2.202.632 2016-07-14 12:42:26 +03:00
zimbatm
a265ad2842 firefox-developer-bin: fix hashes (#16860)
the nightly tend to get replaced in-place on the FTP and so benefit from
an update script as well
2016-07-11 13:40:58 +02:00
Oliver Charles
65ac26e28a Merge pull request #16841 from womfoo/bump/bluejeans-2.160.63.8
bluejeans: 2.160.49.8 -> 2.160.63.8
2016-07-11 10:00:18 +01:00
Kranium Gikos Mendoza
5da05eef62 bluejeans: 2.160.49.8 -> 2.160.63.8 2016-07-10 23:52:23 +08:00
Tobias Geerinckx-Rice
921d3321f5
trezor-bridge: mark as broken
Cool, a bitcoin wallet app silently changes its hash.

CC maintainer @ehmry
2016-07-06 19:42:45 +02:00
Miguel Madrid
87be90336f links2: 2.12 -> 2.13 (#16756) 2016-07-06 19:40:05 +02:00
taku0
a10ddb582e firefox-bin: 47.0 -> 47.0.1 (#16599) 2016-06-30 23:39:45 +02:00
Eelco Dolstra
0967b0d303 firefox-esr: Fix build
http://hydra.nixos.org/build/36668046
2016-06-29 17:23:03 +02:00
Eelco Dolstra
0c832dceb2 firefox-esr: 45.1.1 -> 45.2.0 2016-06-29 16:08:26 +02:00
Eelco Dolstra
653be3c802 firefox: 47.0 -> 47.0.1 2016-06-29 16:06:50 +02:00
zimbatm
e25933ac6e Merge pull request #16410 from womfoo/conkeror
conkeror: 1.0pre-20160130 -> 1.0.3
2016-06-22 21:47:13 +01:00
Marius Bakke
4a7d31a392 treewide: remove double quotes from wrappers
Close #14753; see that for context.
2016-06-22 11:12:27 +02:00
Kranium Gikos Mendoza
ac680eed2b conkeror: 1.0pre-20160130 -> 1.0.3 2016-06-22 07:14:03 +08:00
aszlig
9728554c4f
Merge pull request #16099 (Chromium update)
The changes contain an update of the stable channel (along with beta and
dev as well) fixing 18 security vulnerabilities:

http://googlechromereleases.blogspot.de/2016/06/stable-channel-update.html
http://googlechromereleases.blogspot.de/2016/06/stable-channel-update_6.html
http://googlechromereleases.blogspot.de/2016/06/stable-channel-update_16.html

I've built and tested this at the following evaluation on my Hydra:

https://headcounter.org/hydra/eval/324449
2016-06-20 18:43:41 +02:00
Bjørn Forsman
bd01fad0ed Captialize meta.description of all packages
In line with the Nixpkgs manual.

A mechanical change, done with this command:

  find pkgs -name "*.nix" | \
      while read f; do \
          sed -e 's/description\s*=\s*"\([a-z]\)/description = "\u\1/' -i "$f"; \
      done

I manually skipped some:

* Descriptions starting with an abbreviation, a user name or package name
* Frequently generated expressions (haskell-packages.nix)
2016-06-20 13:55:52 +02:00
Scott R. Parish
1f1f0f049b chromium: Update to latest stable, beta, and dev channels
stable 51.0.2704.63 => 51.0.2704.103
beta   51.0.2704.63 => 52.0.2743.41
dev    52.0.2743.10 => 53.0.2767.4

This addresses 15 security fixes, including:

 * High   CVE-2015-1696: Cross-origin bypass in Extension bindings. Credit to
                         anonymous.
 * High   CVE-2015-1697: Cross-origin bypass in Blink. Credit to Mariusz
                         Mlynski.
 * Medium CVE-2016-1698: Information leak in Extension bindings. Credit to
                         Rob Wu.
 * Medium CVE-2016-1699: Parameter sanitization failure in DevTools. Credit
                         to Gregory Panakkal.
 * Medium CVE-2016-1700: Use-after-free in Extensions. Credit to Rob Wu.
 * Medium CVE-2016-1701: Use-after-free in Autofill. Credit to Rob Wu.
 * Medium CVE-2016-1702: Out-of-bounds read in Skia. Credit to cloudfuzzer.

See: http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html
2016-06-19 19:50:45 -07:00
Gabriel Ebner
9988488fc6 qutebrowser: use makeQtWrapper
Fixes #15597.
2016-06-19 14:42:13 +02:00
Gabriel Ebner
5862c38d9d qutebrowser: 0.6.2 -> 0.7.0 2016-06-19 14:08:09 +02:00
taku0
c802f56639 flashplayer: 11.2.202.621 -> 11.2.202.626 2016-06-16 21:24:38 +09:00
Arseniy Seroka
d4876168e2 Merge pull request #16140 from hiberno/update-vivaldi
vivaldi: 1.1 -> 1.2
2016-06-11 22:32:38 +03:00
Arseniy Seroka
263edf8897 Merge pull request #16147 from womfoo/bluejeans
bluejeans: 2.155.17.5 -> 2.160.49-8
2016-06-11 22:31:46 +03:00
Christian Lask
da0b516a5f vivaldi: 1.1 -> 1.2 2016-06-11 09:55:32 +02:00
Kranium Gikos Mendoza
1497998a40 bluejeans: 2.155.17.5 -> 2.160.49-8 2016-06-11 06:29:52 +08:00
Robin Gloster
8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Christian Lask
527077f02c qutebrowser: 0.6.1 -> 0.6.2 2016-06-10 10:11:59 +02:00
Rok Garbas
4c96860b53 firefox-bin: 47.0b9 -> 48.0b1, 48.0a2 -> 49.0a2 2016-06-10 04:24:27 +02:00
Joachim Fasting
ccf7048307 Merge pull request #16057 from taku0/firefox-bin-47.0
firefox-bin: 46.0.1 -> 47.0
2016-06-08 17:20:24 +02:00
Michael Raskin
d88aa14c6e Firefox: 46.0.1 -> 47.0 2016-06-08 17:09:12 +02:00
taku0
697437c8e7 firefox-bin: 46.0.1 -> 47.0 2016-06-07 03:23:43 +09:00
Tuomas Tynkkynen
bac26e08db Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Rok Garbas
ea3f1ff7f0 firefox-bin: 47.0b8 -> 47.0b9 2016-05-30 11:27:45 +02:00
aszlig
79d18eb604
chromium: Update dev channel to v52.0.2743.10
With this update we need to rebase the nix_plugin_paths patch, which was
done by @srp and I took it from his comment at:

https://github.com/NixOS/nixpkgs/pull/15762#issuecomment-222230677

Other than that, using libjpeg from nixpkgs fails to link:

https://headcounter.org/hydra/build/1114273

Rather than just using versionAtLeast to check for >= version 52, we're
matching on the explicit version number. That way we can make sure that
we (try to) build with system libjpeg again so we can keep it out of the
overall Chromium build time.

Built and tested using the VM tests on my Hydra at:

https://headcounter.org/hydra/eval/322006

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 19:15:39 +02:00
aszlig
c7a3645e7b
chromium: Remove stuff for versions <= v51
We're already on version 52, so there really is no need to keep all
those conditionals and old patches anymore.

Tested dropping the unconditional build_fixes_46.patch via the Chromium
VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 19:04:22 +02:00
aszlig
0f4095ec50
chromium: Fix hash for beta Debian package
I'm not sure how the wrong hash ended up being there, but I've checked
the hash from three different machines (and networks) just to be sure I
didn't make a mistake.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 18:57:15 +02:00
Scott R. Parish
e2d067d760
chromium: Update to latest stable and beta channel
Overview of updated versions:

stable: 50.0.2661.102 -> 51.0.2704.63
beta: 51.0.2704.47 -> 51.0.2704.63

I tried to update dev, but couldn't get it to compile, it was failing
with a "'isnan' was not declared in this scope.

As far as I can tell, at the moment the beta and stable channels are
on the same version.

The stable update addresses the following security issues:

  * High   CVE-2016-1672: Cross-origin bypass in extension bindings. Credit
                          to Mariusz Mlynski.
  * High   CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1676: Cross-origin bypass in extension bindings. Credit
                          to Rob Wu.
  * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of
                        Qihoo 360.
  * High   CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
  * High   CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
  * High   CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * High   CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic
                          of Cisco Talos.
  * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to
                          KingstonTime.
  * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
  * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
  * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte
                          Kettunen of OUSPG.
  * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
  * Low    CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * Low    CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit
                          to Til Jasper Ullrich.
  * Low    CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to
                          Khalil Zhani.
  * Low    CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
                          Lester and Bryant Zadegan.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
2016-05-28 18:12:39 +02:00
Vladimír Čunát
81039713fa Merge branch 'master' into staging
... to get the systemd update (rebuilding ~7k jobs).
2016-05-26 16:50:22 +02:00
Rok Garbas
1908c90412 firefox-bin: 47.0b7 -> 47.0b8 2016-05-25 11:42:40 +02:00
Rok Garbas
03f36a4141 firefox-bin: 47.0b5 -> 47.0b7 2016-05-24 12:36:23 +02:00
Vladimír Čunát
c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
825bd69b38 treewide: Make explicit that 'dev' output of boehmgc is used 2016-05-19 10:00:27 +02:00
Nikolay Amiantov
5445e521b6 firefox: restore gstreamer support for older firefox releases 2016-05-19 00:28:49 +03:00
Franz Pletz
f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Franz Pletz
2007e9b140
firefox: reenable libvpx as 1.5 is now available 2016-05-17 01:05:46 +02:00
Tobias Geerinckx-Rice
e8db151fa3
firefox-bin: fix evaluation 2016-05-15 23:22:50 +02:00
aszlig
ad2c8d3510
chromium: Update to latest beta and dev channels
Overview of the updated versions:

beta: 50.0.2661.49 -> 51.0.2704.47
dev:  51.0.2693.2  -> 52.0.2729.3

It has been a while since we had a major Chromium update that compiled
and worked without troubles, but version 52 builds and the VM tests are
successful as well:

https://headcounter.org/hydra/eval/320335

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-15 05:17:51 +02:00
Rok Garbas
d4fe0f522e firefox-bin: adding developer and beta channel 2016-05-15 03:00:44 +02:00
Nikolay Amiantov
e81c6c7768 firefox: upstream moved to ffmpeg from gstreamer
Sadly, they don't support using system library yet (or I was unattentive).
2016-05-15 01:06:39 +03:00
Scott R. Parish
5ebf20db0f
chromium: Update stable to 50.0.2661.102 for multiple security fixes
This addresses the following security fixes:

 * High   CVE-2016-1667: Same origin bypass in DOM. Credit to
                         Mariusz Mlynski.
 * High   CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit
                         to Mariusz Mlynski.
 * High   CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
 * Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
 * Medium CVE-2016-1671: Directory traversal using the file scheme on
                         Android. Credit to Jann Horn.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Signed-off-by: Scott R. Parish <srparish@gmail.com>
Tested-by: aszlig <aszlig@redmoonstudios.org>
Closes: #15446
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-14 22:04:56 +02:00
Vladimír Čunát
3e387c3e00 Merge branch 'staging'
Darwin isn't in a perfect state, in particular its bootstrap tools won't
build which will block nixpkgs channel. But on the whole it seems
acceptable.
2016-05-13 10:14:53 +02:00
taku0
cade2f36e5 flashplayer: 11.2.202.616 -> 11.2.202.621 2016-05-12 21:58:26 +09:00
Vladimír Čunát
6c2fbfbd77 Merge branch 'master' into staging 2016-05-12 04:53:38 +02:00
Eelco Dolstra
86c45ba50d google-talk-plugin: 5.4.2.0 -> 5.41.0.0 2016-05-11 20:18:30 +02:00
Kranium Gikos Mendoza
a36f721630 bluejeans: 2.125.24.5 -> 2.155.17.5 2016-05-11 21:47:12 +08:00
Eelco Dolstra
cb37ab146b Add mirror://mozilla scheme 2016-05-09 19:37:22 +02:00
Eelco Dolstra
de22402f85 firefox-esr: 45.0.2 -> 45.1.1 2016-05-09 15:28:13 +02:00
Eelco Dolstra
02d01dc7c5 firefox: 46.0 -> 46.0.1 2016-05-09 15:27:06 +02:00
Vladimír Čunát
65a9fa8cdc Merge branch 'master' into staging 2016-05-08 21:24:48 +02:00
taku0
07a83f226e firefox-bin: fixed missing icon 2016-05-08 17:06:08 +09:00
Wei Tang
4d15758984 firefox: Fix build due to commit #ab0a0c 2016-05-08 05:58:02 +02:00
Vladimír Čunát
1dc36904d8 Merge #14920: windows improvements, mainly mingw 2016-05-05 08:30:19 +02:00
aszlig
3f7735fe65
chromium+chrome: Don't import update.nix directly
Regression introduced by f28b71023c.

Let's now expose and use the upstream-info attribute via the main
Chromium derivation, so that other packages like the google-chrome
package doesn't need to rely on internals of the Chromium
implementation.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-04 23:12:33 +02:00
aszlig
f28b71023c
chromium/updater: Don't import <nixpkgs> again
This effectively resets the attributes given at the point the main
<nixpkgs> is imported and thus for example is also reading in stuff like
~/.nixpkgs/config.nix again, which might lead to unexpected results.

We now only import <nixpkgs> now if the updater is auto-called (like in
update.sh), otherwise the required attributes are passed by callPackage
within the Chromium scope.

I remember noting about this a while ago either on IRC or on GitHub, but
I can't find it right now, so thanks to @obadz for reminding me about
this in #15225.

Tested this by running the updater and also using:

NIXPKGS_CONFIG=$(pwd)/broken.nix nix-instantiate --arg config {} -A chromium

The contents of broken.nix were:

EVALERR{

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #15225
2016-05-04 22:35:24 +02:00
Arseniy Seroka
9cb8abe846 Merge pull request #15208 from taku0/firefox-bin-46.0.1
firefox-bin: 45.0.2 -> 46.0.1
2016-05-04 21:38:47 +03:00
Eelco Dolstra
1f84e43239 Do some large, concurrency-capable builds on dedicated machines 2016-05-04 18:16:27 +02:00
Eelco Dolstra
f2d24b9840 chromium: Disable Hydra builds of -dev and -beta
It's not the job of Nixpkgs to distribute beta versions of upstream
packages. More importantly, building these delays channel updates by
several hours, which is bad for our security fix turnaround time.
2016-05-04 18:16:27 +02:00
taku0
90f5be3133 firefox-bin: 45.0.2 -> 46.0.1 2016-05-04 14:50:17 +09:00
Tuomas Tynkkynen
aadaa91379 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/applications/networking/browsers/vivaldi/default.nix
	pkgs/misc/emulators/wine/base.nix
2016-05-03 23:12:48 +03:00
Robin Gloster
c92bca56f8 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-02 22:58:02 +00:00
Nikolay Amiantov
3a52c5fa7d firefox: fix library path
Fixes #15126
2016-05-01 12:26:39 +03:00
Nikolay Amiantov
87ebab128a replace ${stdenv.cc.cc}/lib occurences 2016-05-01 00:13:23 +03:00
Tim Steinbach
1142b402a8 vivaldi: Clean up 2016-04-29 01:19:15 +00:00
Tim Steinbach
25290a9f15 vivaldi: 1.0 -> 1.1 2016-04-28 23:54:05 +00:00
Eelco Dolstra
930d243ea4 firefox: 45.0.2 -> 46.0
Still using GTK+ 2 for now, since apparently building with GTK+ 3
still requires GTK+ 2, increasing the closure size. (#15008)
2016-04-28 13:39:12 +02:00
Arseniy Seroka
52b64cedec Merge pull request #15016 from jagajaga/eid
open-eid
2016-04-28 13:56:09 +03:00
Arseniy Seroka
f6d7cefa7b
esteidfirefoxplugin: init at 3.12.1.1142 2016-04-27 11:38:09 +03:00
Nikolay Amiantov
ab0a0c004e makeSearchPathOutputs: refactor to makeSearchPathOutput 2016-04-25 13:24:39 +03:00
Nikolay Amiantov
bab152826f arora: move to qmake4Hook 2016-04-20 18:55:45 +03:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Gabriel Ebner
4003d16d66 qutebrowser: 0.6.0 -> 0.6.1 2016-04-17 15:38:12 +02:00
Pascal Wittmann
ea4f08a919 Merge pull request #14742 from mbakke/dwb
dwb: 2015-07-07 -> 2016-03-21
2016-04-15 23:12:31 +02:00
Marius Bakke
2500945b31 dwb: 2015-07-07 -> 2016-03-21 2016-04-15 21:26:17 +01:00
Moritz Ulrich
6645ae3946 google-chrome: Also add ${deps}/lib64 to $LD_LIBRARY_PATH.
...as per @abbradar's suggestion. Thanks!
2016-04-14 19:00:15 +02:00
Moritz Ulrich
0c5ed43cd4 google-chrome: Fix regression from closure-size merge.
Fixes #14695

I'm not entirely sure if including `stdenv.cc.cc` in `makeLibraryPath`
is the correct thing to do here. If it's incorrect, please feel free to
ping me.
2016-04-14 18:54:48 +02:00
Nikolay Amiantov
8b7ebaffeb replace makeSearchPath tree-wise to take care of possible multiple outputs 2016-04-13 22:09:41 +03:00
Michael Raskin
f99a9c0679 nspluginwrapper: add missing libXt build input 2016-04-13 19:10:42 +02:00