about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
11 daysfirefox-devedition-bin-unwrapped: 126.0b5 -> 127.0b2jopejoe11-409/+409
(cherry picked from commit 4fdfcf9c4dda0a1bf4cd1210e4cb27c40f2521b8)
11 daysfirefox-beta-bin-unwrapped: 125.0b9 -> 126.0b5jopejoe11-409/+409
(cherry picked from commit 5c0cfdcf575b2022af74c94f4789339fd97b6f21)
11 daysfirefox-devedition-bin-unwrapped: 125.0b9 -> 126.0b5jopejoe11-409/+409
(cherry picked from commit 97e43dad5bb81d59de43db872512eb9120e96f0f)
11 daysfirefox-devedition-bin-unwrapped: 125.0b3 -> 125.0b9jopejoe11-409/+409
(cherry picked from commit c7f89ecf3bd8e624cf174f427ecec8c6c2be5846)
11 daysfirefox-beta-bin-unwrapped: 125.0b3 -> 125.0b9jopejoe11-409/+409
(cherry picked from commit aba81ce08407f4eeef7471f451397ae2135a9435)
11 daysvlc: 3.0.20 -> 3.0.21Thomas Gerbet1-2/+2
Manual backport of #319262. Upstream changelog: https://code.videolan.org/videolan/vlc/-/blob/dd8bfdbabe8ae3974ca3864ad3125879f523e3a2/NEWS Fixes https://www.videolan.org/security/sb-vlc3021.html (VideoLAN-SB-VLC-3021).
11 daysungoogled-chromium: 125.0.6422.141-1 -> 126.0.6478.55-1networkException1-7/+7
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html This update includes 21 security fixes. CVEs: CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 (cherry picked from commit c1c5e1ca4570a9504c5f77f1f4a059bfe8da82f8)
11 daysMerge release-23.11 into staging-next-23.11github-actions[bot]1-2/+2
11 daysMerge pull request #319819 from NixOS/backport-319813-to-release-23.11Martin Weinelt1-2/+2
[Backport release-23.11] prometheus-knot-exporter: 3.3.5 -> 3.3.6
12 daysprometheus-knot-exporter: 3.3.5 -> 3.3.6R. Ryantm1-2/+2
(cherry picked from commit 9de38ffd8ec88eed4229bd2d2ff1765cde42661c)
12 daysMerge release-23.11 into staging-next-23.11github-actions[bot]7-26/+114
12 daysMerge pull request #318686 from buckley310/2024-06-10-braveThomas Gerbet1-2/+2
[23.11] brave: 1.66.115 -> 1.66.118
12 daysprofessor: 2.3.3 -> 2.4.2 (#319402)github-actions[bot]1-12/+40
(cherry picked from commit 827fad6fceefd644f8803d4adb35ae46616b0cf4) Co-authored-by: Dmitry Kalinkin <dmitry.kalinkin@gmail.com>
13 daysgitlab: 16.10.6 -> 16.11.4Yaya10-169/+211
https://gitlab.com/gitlab-org/gitlab/-/blob/v16.11.4-ee/CHANGELOG.md Fixes CVE-2024-1495 Fixes CVE-2024-1963 Fixes CVE-2024-4201 Fixes CVE-2024-5469
13 daysMerge pull request #319399 from emilylange/backport-319193-to-release-23.11Emily5-12/+72
[Backport release-23.11] chromedriver,chromium: 125.0.6422.141 -> 126.0.6478.55, rebase patches, extend tarball exclude
13 dayspython312Packages.libknot: 3.3.5 -> 3.3.6Martin Weinelt1-3/+2
(cherry picked from commit 5e57e65ce4295a22fa7c36cf99e5233586773383)
13 daysknot-dns: 3.3.5 -> 3.3.6Vladimír Čunát1-2/+2
https://gitlab.nic.cz/knot/knot-dns/-/releases/v3.3.6 (cherry picked from commit e67116cda691a38f5c4f8cc20069e2223288f460)
13 daysMerge release-23.11 into staging-next-23.11github-actions[bot]18-70/+334
13 dayschromium: 125.0.6422.141 -> 126.0.6478.55emilylange1-5/+5
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html This update includes 21 security fixes. CVEs: CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 (cherry picked from commit 4942c64484400fe046785efe3b95cc45c2c8fb41)
13 dayschromium: rebase patches for M126emilylange3-3/+62
Note that we can't just update previous patches in place, as that would prevent electron-source and ungoogled-chrome (< M126) from building. (cherry picked from commit 7f36179f17f5893535a055d1246714b86790baf7)
13 dayschromium: extend release tarball excludes to keep size below 3 GBemilylange1-0/+1
Starting with M126, the upstream release tarball includes two full Debian sysroots to compile chromium with: ~~~shell $ du -sh build/linux/debian_bullseye_* 835M build/linux/debian_bullseye_amd64-sysroot 739M build/linux/debian_bullseye_i386-sysroot ~~~ But they are huge and we don't need them. In order to stay below the current 3 GB tarball size limit that is dictated by hydra.nixos.org's max-output-limit, we add them to our exclude patterns. This is a no-op for < M126. (cherry picked from commit bda04d27a0c0a482d3506d74f367f96155392e66)
13 dayschromedriver: 125.0.6422.141 -> 126.0.6478.55emilylange1-4/+4
(cherry picked from commit 7daf0986f20b4cea8bcfe2c265189f93df7107a8)
13 daysMerge pull request #319372 from NixOS/backport-279864-to-release-23.11Doron Behar1-0/+2
[Backport release-23.11] vimPlugins/copilot-vim: specify license (unfree)
13 daysMerge pull request #319376 from NixOS/backport-306801-to-release-23.11Martin Weinelt1-0/+3
[Backport release-23.11] matrix-conduit: 0.6.0 -> 0.7.0
13 daysmatrix-conduit: mark vulnerableMartin Weinelt1-0/+3
13 daysvimPlugins/copilot-vim: specify license (unfree)Andrew Marshall1-0/+2
From [the license][1]: > GitHub Copilot is offered under the GitHub Terms of Service. > Copyright (C) 2023 GitHub, Inc. - All Rights Reserved. [1]: https://github.com/github/copilot.vim/blob/5b19fb001d7f31c4c7c5556d7a97b243bd29f45f/LICENSE.md (cherry picked from commit 58ff8a126c5de1f23663fa07b5942d16c5940c7f)
13 daysMerge pull request #319346 from NixOS/backport-319306-to-release-23.11K9002-9/+9
[Backport release-23.11] Linux kernel updates 2024-06-12
13 dayslinux-rt_5_10: 5.10.217-rt109 -> 5.10.218-rt110Maximilian Bosch1-3/+3
(cherry picked from commit 51c2144ca72d4e30c151e7acd1796e47694c4334)
13 dayslinux_6_1: 6.1.92 -> 6.1.93Maximilian Bosch1-2/+2
(cherry picked from commit de7df0d3eb38ca2926d04a73e90b1b73ec850ea7)
13 dayslinux_6_6: 6.6.32 -> 6.6.33Maximilian Bosch1-2/+2
(cherry picked from commit d1d700300084c462b3aaf67a7c66c79fa0db2c66)
13 dayslinux_6_9: 6.9.3 -> 6.9.4Maximilian Bosch1-2/+2
(cherry picked from commit ee6d6317b4f678720dd300734815eecc6fb6c70c)
13 daysMerge pull request #319345 from K900/backport-315121-to-release-23.11K9006-16/+19
Backport (the rest of) #315121 to release-23.11
13 dayslinux_latest-libre: 19569 -> 19575Alyssa Ross1-2/+2
(cherry picked from commit a21294b60b45847b27b227e5d5876e71e3a00d72)
13 dayslinux-rt_6_6: 6.6.31-rt31 -> 6.6.32-rt32Alyssa Ross2-6/+6
(cherry picked from commit e192371fb05ff4f9ed9729610d1b01f581ef03f4)
13 dayslinux-rt_5_10: 5.10.216-rt108 -> 5.10.217-rt109Alyssa Ross1-3/+3
(cherry picked from commit 979e6398aaa178d2542dbd856b2283bc38aad4f3)
13 dayslinux_testing: 6.9-rc6 -> 6.10-rc1Alyssa Ross1-2/+2
(cherry picked from commit 3fb6880a9949dba1c40ef5811568e260bea1c1ba)
13 dayslinux/common-config: update for 6.10Alyssa Ross1-3/+6
We assume RISC-V uses an uncompressed kernel in lib/systems/platforms.nix. Since this is the first Linux version to support either xz or zstd compressed kernels on RISC-V, we can't change platforms.nix to match the other platforms without breaking builds of older kernel versions, so let's just preserve the old behaviour. We could in future decide to use gzip-compressed kernels on RISC-V, which is supported going back further. (cherry picked from commit 9f18414c6b7daa5b83210984bfb124e4f7c3340e)
14 daysMerge pull request #297850 from vojta001/pyinfraPeder Bergebakken Sundt1-11/+2
[Backport release-23.11] python3Packages.pyinfra: 2.8 -> 2.9.2
14 daysMerge #313691: tailscale: 1.58.2 -> 1.66.4Vladimír Čunát4-4/+229
...into release-23.11
14 daysMerge #316231: Linux Hardened Kernels 2024-05-20Vladimír Čunát5-31/+71
...into release-23.11
14 daysMerge #319244: knot-resolver: 5.7.2 -> 5.7.3Vladimír Čunát1-2/+2
...into release-23.11
14 daysPick #315880: knot-resolver: 5.7.2 -> 5.7.3Vladimír Čunát1-2/+2
https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.3 (cherry picked from commit 2dc0bf5786f1fcc0445013249c48f207312b7c8d)
2024-06-12Merge release-23.11 into staging-next-23.11github-actions[bot]4-12/+20
2024-06-11Merge #319116: knot-resolver: 5.7.1 -> 5.7.2Vladimír Čunát1-2/+2
...into release-23.11
2024-06-11knot-resolver: 5.7.1 -> 5.7.2Sandro Jäckel1-2/+2
(cherry picked from commit 1385946a930b9887ad5495687d1ad7b9573b52b7)
2024-06-11Merge pull request #319010 from LeSuisse/composer-2.7.7-23.11Pol Dellaiera1-4/+4
[23.11] phpPackages.composer: 2.7.6 -> 2.7.7
2024-06-11phpPackages.composer: 2.7.6 -> 2.7.7Thomas Gerbet1-4/+4
Fixes CVE-2024-35241 and CVE-2024-35242. Changes: https://github.com/composer/composer/releases/tag/2.7.7
2024-06-11Merge pull request #318992 from NixOS/backport-318536-to-release-23.11Pol Dellaiera1-2/+10
[Backport release-23.11] php81: restore patch for libxml2 on darwin
2024-06-11php81: restore patch for libxml2 on darwinPol Dellaiera1-2/+10
(cherry picked from commit b09b1844d3f85758719619352556d5c3bbca5e0b)
2024-06-11Merge pull request #318979 from NixOS/backport-318828-to-release-23.11K9001-4/+4
[Backport release-23.11] linux-firmware: 20240513 -> 20240610
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-26 02:38:28 +0000