about summary refs log tree commit diff
path: root/pkgs/tools/networking
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/networking')
-rw-r--r--pkgs/tools/networking/curl-impersonate/default.nix6
-rw-r--r--pkgs/tools/networking/curl-impersonate/deps.nix22
-rw-r--r--pkgs/tools/networking/mpack/CVE-2011-4919.patch23
-rw-r--r--pkgs/tools/networking/mpack/default.nix2
-rw-r--r--pkgs/tools/networking/netbird/default.nix6
-rw-r--r--pkgs/tools/networking/tinyproxy/default.nix13
6 files changed, 43 insertions, 29 deletions
diff --git a/pkgs/tools/networking/curl-impersonate/default.nix b/pkgs/tools/networking/curl-impersonate/default.nix
index 070aab8d53f28..58c0f41fc446b 100644
--- a/pkgs/tools/networking/curl-impersonate/default.nix
+++ b/pkgs/tools/networking/curl-impersonate/default.nix
@@ -25,13 +25,13 @@
 let
   makeCurlImpersonate = { name, target }: stdenv.mkDerivation rec {
     pname = "curl-impersonate-${name}";
-    version = "0.5.4";
+    version = "0.6.1";
 
     src = fetchFromGitHub {
       owner = "lwthiker";
       repo = "curl-impersonate";
       rev = "v${version}";
-      hash = "sha256-LBGWFal2szqgURIBCLB84kHWpdpt5quvBBZu6buGj2A=";
+      hash = "sha256-ExmEhjJC8FPzx08RuKOhRxKgJ4Dh+ElEl+OUHzRCzZc=";
     };
 
     patches = [
@@ -138,7 +138,7 @@ let
         inherit (passthru.deps."boringssl.zip") name;
 
         src = passthru.deps."boringssl.zip";
-        vendorHash = "sha256-ISmRdumckvSu7hBXrjvs5ZApShDiGLdD3T5B0fJ1x2Q=";
+        vendorHash = "sha256-SNUsBiKOGWmkRdTVABVrlbLAVMfu0Q9IgDe+kFC5vXs=";
 
         nativeBuildInputs = [ unzip ];
 
diff --git a/pkgs/tools/networking/curl-impersonate/deps.nix b/pkgs/tools/networking/curl-impersonate/deps.nix
index 498616247dce9..1b04659f07413 100644
--- a/pkgs/tools/networking/curl-impersonate/deps.nix
+++ b/pkgs/tools/networking/curl-impersonate/deps.nix
@@ -2,9 +2,9 @@
 { fetchurl }:
 
 {
-  "curl-7.84.0.tar.xz" = fetchurl {
-    url = "https://curl.se/download/curl-7.84.0.tar.xz";
-    hash = "sha256-LRGLQ/VHv+W66AbY1HtOWW6lslpsHwgK70n7zYF8Xbg=";
+  "curl-8.1.1.tar.xz" = fetchurl {
+    url = "https://curl.se/download/curl-8.1.1.tar.xz";
+    hash = "sha256-CKlI4GGSlkVZfB73GU4HswiyIIT/A/p0ALRl5sBRSeU=";
   };
 
   "brotli-1.0.9.tar.gz" = fetchurl {
@@ -12,18 +12,18 @@
     hash = "sha256-+ejYHQQFumbRgVKa9CozVPg4yTkJX/mZMNpqqc32/kY=";
   };
 
-  "nss-3.87.tar.gz" = fetchurl {
-    url = "https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_87_RTM/src/nss-3.87-with-nspr-4.35.tar.gz";
-    hash = "sha256-63DqC1jc5pqkkOnp/s0TKn1kTh2j1jHhYzdqDcwRoCI=";
+  "nss-3.92.tar.gz" = fetchurl {
+    url = "https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_92_RTM/src/nss-3.92-with-nspr-4.35.tar.gz";
+    hash = "sha256-IcF2v/+27IQLX5hcf48BRoL0ovtVsGkkc0Fy1cBIbcU=";
   };
 
   "boringssl.zip" = fetchurl {
-    url = "https://github.com/google/boringssl/archive/3a667d10e94186fd503966f5638e134fe9fb4080.zip";
-    hash = "sha256-HsDIkd1x5IH49fUF07dJaabMIMsQygW+NI7GneULpA8=";
+    url = "https://github.com/google/boringssl/archive/1b7fdbd9101dedc3e0aa3fcf4ff74eacddb34ecc.zip";
+    hash = "sha256-daVVQvpxkuEL/8/+QtLOJkdO+ECYZE3P4qJmDjV1GM0=";
   };
 
-  "nghttp2-1.46.0.tar.bz2" = fetchurl {
-    url = "https://github.com/nghttp2/nghttp2/releases/download/v1.46.0/nghttp2-1.46.0.tar.bz2";
-    hash = "sha256-moKXjIcAcbdp8n0riBkct3/clFpRwdaFx/YafhP8Ryk=";
+  "nghttp2-1.56.0.tar.bz2" = fetchurl {
+    url = "https://github.com/nghttp2/nghttp2/releases/download/v1.56.0/nghttp2-1.56.0.tar.bz2";
+    hash = "sha256-L13Nv1d6LfUTokZGRUhMw10uTQczZT1jGTrlHbQd70E=";
   };
 }
diff --git a/pkgs/tools/networking/mpack/CVE-2011-4919.patch b/pkgs/tools/networking/mpack/CVE-2011-4919.patch
new file mode 100644
index 0000000000000..10b9a1116ef39
--- /dev/null
+++ b/pkgs/tools/networking/mpack/CVE-2011-4919.patch
@@ -0,0 +1,23 @@
+commit 0c87201f64491575350b18d04c62ec142e119d1f
+Author: Sebastian Pipping <sebastian@pipping.org>
+Date:   Sat, 31 Dec 2011 19:17:20 +0000 (20:17 +0100)
+Source: https://web.archive.org/web/20120128080247/http://git.goodpoint.de/?p=mpack.git;a=commitdiff;h=0c87201f64491575350b18d04c62ec142e119d1f
+
+    Fix permissions
+
+diff --git a/unixos.c b/unixos.c
+index fa6d0a7..0e2f469 100644 (file)
+--- a/unixos.c
++++ b/unixos.c
+@@ -134,9 +134,9 @@ FILE *os_createnewfile(char *fname)
+     FILE *ret;
+      
+ #ifdef O_EXCL
+-    fd=open(fname, O_RDWR|O_CREAT|O_EXCL, 0644);
++    fd=open(fname, O_RDWR|O_CREAT|O_EXCL, 0600);
+ #else
+-    fd=open(fname, O_RDWR|O_CREAT|O_TRUNC, 0644);
++    fd=open(fname, O_RDWR|O_CREAT|O_TRUNC, 0600);
+ #endif
+ 
+     if (fd == -1)
diff --git a/pkgs/tools/networking/mpack/default.nix b/pkgs/tools/networking/mpack/default.nix
index 2c9bf4ff2d308..669ef500c4556 100644
--- a/pkgs/tools/networking/mpack/default.nix
+++ b/pkgs/tools/networking/mpack/default.nix
@@ -9,7 +9,7 @@ stdenv.mkDerivation rec {
     sha256 = "0k590z96509k96zxmhv72gkwhrlf55jkmyqlzi72m61r7axhhh97";
   };
 
-  patches = [ ./build-fix.patch ./sendmail-via-execvp.diff ];
+  patches = [ ./build-fix.patch ./sendmail-via-execvp.diff ./CVE-2011-4919.patch ];
 
   postPatch = ''
     for f in *.{c,man,pl,unix} ; do
diff --git a/pkgs/tools/networking/netbird/default.nix b/pkgs/tools/networking/netbird/default.nix
index 3526037395142..24d7b5938be91 100644
--- a/pkgs/tools/networking/netbird/default.nix
+++ b/pkgs/tools/networking/netbird/default.nix
@@ -31,16 +31,16 @@ let
 in
 buildGoModule rec {
   pname = "netbird";
-  version = "0.27.4";
+  version = "0.27.10";
 
   src = fetchFromGitHub {
     owner = "netbirdio";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-+IcgzwLUA8OIa9od5LkGnI05FTbxC8PmOf8s5+akTrk=";
+    hash = "sha256-eliLEyw++NE+OTu4TNJWLptPDVCYUySRciBRoebmXYc=";
   };
 
-  vendorHash = "sha256-LPq6ovulE+xdoRaQpwA0mNqw3kFxMs/am1ucO8UmDtU=";
+  vendorHash = "sha256-gV/Jx5QEVw2PjMP3BRkZCZ0lo5i8DUddSs+yntfBcTM=";
 
   nativeBuildInputs = [ installShellFiles ] ++ lib.optional ui pkg-config;
 
diff --git a/pkgs/tools/networking/tinyproxy/default.nix b/pkgs/tools/networking/tinyproxy/default.nix
index 8778b90b2b026..03def9023b15a 100644
--- a/pkgs/tools/networking/tinyproxy/default.nix
+++ b/pkgs/tools/networking/tinyproxy/default.nix
@@ -1,7 +1,6 @@
 { lib
 , stdenv
 , fetchFromGitHub
-, fetchpatch
 , autoreconfHook
 , perl
 , nixosTests
@@ -10,23 +9,15 @@
 
 stdenv.mkDerivation rec {
   pname = "tinyproxy";
-  version = "1.11.1";
+  version = "1.11.2";
 
   src = fetchFromGitHub {
-    sha256 = "sha256-tipFXh9VG5auWTI2/IC5rwMQFls7aZr6dkzhYTZZkXM=";
+    hash = "sha256-bpr/O723FmW2gb+85aJrwW5/U7R2HwbePTx15i3rpsE=";
     rev = version;
     repo = "tinyproxy";
     owner = "tinyproxy";
   };
 
-  patches = [
-    (fetchpatch {
-      name = "CVE-2022-40468.patch";
-      url = "https://github.com/tinyproxy/tinyproxy/commit/3764b8551463b900b5b4e3ec0cd9bb9182191cb7.patch";
-      sha256 = "sha256-P0c4mUK227ld3703ss5MQhi8Vo2QVTCVXhKmc9fcufk=";
-    })
-  ];
-
   # perl is needed for man page generation.
   nativeBuildInputs = [ autoreconfHook perl ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-26 05:54:46 +0000