diff --git a/pkgs/applications/editors/textadept/default.nix b/pkgs/applications/editors/textadept/default.nix index a1ff1b8817f..c2b82321d4e 100644 --- a/pkgs/applications/editors/textadept/default.nix +++ b/pkgs/applications/editors/textadept/default.nix @@ -1,53 +1,31 @@ -{ lib, stdenv, fetchFromGitHub, fetchurl, gtk2, glib, pkg-config, unzip, ncurses, zip }: - +{ lib, stdenv, fetchFromGitHub, fetchurl, cmake, qtbase, wrapQtAppsHook }: stdenv.mkDerivation rec { - version = "11.4"; + version = "12.0"; pname = "textadept"; - nativeBuildInputs = [ pkg-config unzip zip ]; - buildInputs = [ - gtk2 ncurses glib - ]; - - enableParallelBuilding = true; - src = fetchFromGitHub { name = "textadept11"; owner = "orbitalquark"; repo = "textadept"; rev = "textadept_${version}"; - sha256 = "sha256-1we2NC4N8oY4QmmqIIWGSpTBuLx3MEFkZK+BjmNEfD0="; + sha256 = "sha256-KziVN0Fl/IvSnIJKK5s7UikXi3iP5mTauP0YxffKy9c="; }; - preConfigure = - lib.concatStringsSep "\n" (lib.mapAttrsToList (name: params: - "ln -s ${fetchurl params} $PWD/src/${name}" - ) (import ./deps.nix)) + '' + nativeBuildInputs = [ cmake wrapQtAppsHook ]; + buildInputs = [ qtbase ]; - cd src - make deps - ''; - - postBuild = '' - make curses - ''; - - preInstall = '' - mkdir -p $out/share/applications - mkdir -p $out/share/pixmaps - ''; - - postInstall = '' - make curses install PREFIX=$out MAKECMDGOALS=curses - ''; - - makeFlags = [ - "PREFIX=$(out)" - "WGET=true" - "PIXMAPS_DIR=$(out)/share/pixmaps" - "GTK2=1" + cmakeFlags = [ + "CMAKE_INSTALL_PREFIX=build/install" ]; + preConfigure = '' + mkdir -p $PWD/build/_deps + + '' + + lib.concatStringsSep "\n" (lib.mapAttrsToList (name: params: + "ln -s ${fetchurl params} $PWD/build/_deps/${name}" + ) (import ./deps.nix)); + meta = with lib; { description = "An extensible text editor based on Scintilla with Lua scripting."; homepage = "http://foicica.com/textadept"; diff --git a/pkgs/applications/editors/textadept/deps.nix b/pkgs/applications/editors/textadept/deps.nix index 1baac73df8d..b0117f40224 100644 --- a/pkgs/applications/editors/textadept/deps.nix +++ b/pkgs/applications/editors/textadept/deps.nix @@ -1,39 +1,32 @@ { - "scintilla524.tgz" = { - url = "https://www.scintilla.org/scintilla524.tgz"; - sha256 = "sha256-Su8UiMmkOxcuBat2JWYEnhNdG5HKnV1fn1ClnJhazGY="; + "scintilla536.tgz" = { + url = "https://www.scintilla.org/scintilla536.tgz"; + sha256 = "sha256-ib6CeKg+eBOSWq/il32quH0r1r69F7AXn+cq/dVIyyQ="; }; "lexilla510.tgz" = { url = "https://www.scintilla.org/lexilla510.tgz"; sha256 = "sha256-azWVJ0AFSYZxuFTPV73uwiVJZvNxcS/POnFtl6p/P9g="; }; - "9088723504b19f8611b66c119933a4dc7939d7b8.zip" = { - url = - "https://github.com/orbitalquark/scintillua/archive/9088723504b19f8611b66c119933a4dc7939d7b8.zip"; - sha256 = "sha256-V2t1kt6+SpZQvQSzLhh8n+WiAnA32SRVFnrbTaJrHRo="; + "scinterm_5.0.zip" = { + url = "https://github.com/orbitalquark/scinterm/archive/scinterm_5.0.zip"; + sha256 = "sha256-l1qeLMCrhyoZA/GfmXFR20rY5EsUoO5e+1vZJtYdb24="; }; - "475d8d43f3418590c28bd2fb07ee9229d1fa2d07.zip" = { - url = - "https://github.com/orbitalquark/scinterm/archive/475d8d43f3418590c28bd2fb07ee9229d1fa2d07.zip"; - sha256 = "sha256-lNMK0RFcOLg9RRE5a6VelhSzUYVl5TiAiXcje2JOedE="; + "scintillua_6.2.zip" = { + url = "https://github.com/orbitalquark/scintillua/archive/scintillua_6.2.zip"; + sha256 = "sha256-vjlN6MBz0xjBwWd8dpx/ks37WvdXt2vE1A71YM3uDik="; }; - "lua-5.4.4.tar.gz" = { - url = "http://www.lua.org/ftp/lua-5.4.4.tar.gz"; - sha256 = "sha256-Fkx4SWU7gK5nvsS3RzuIS/XMjS3KBWU0dewu0nuev2E="; + "lua-5.4.6.tar.gz" = { + url = "http://www.lua.org/ftp/lua-5.4.6.tar.gz"; + sha256 = "sha256-fV6huctqoLWco93hxq3LV++DobqOVDLA7NBr9DmzrYg="; }; - "lpeg-1.0.2.tar.gz" = { - url = "http://www.inf.puc-rio.br/~roberto/lpeg/lpeg-1.0.2.tar.gz"; - sha256 = "sha256-SNZldgUbbHg4j6rQm3BJMJMmRYj80PJY3aqxzdShX/4="; + "lpeg-1.1.0.tar.gz" = { + url = "http://www.inf.puc-rio.br/~roberto/lpeg/lpeg-1.1.0.tar.gz"; + sha256 = "sha256-SxVdZ9IkbB/6ete8RmweqJm7xA/vAlfMnAPOy67UNSo="; }; "v1_8_0.zip" = { url = "https://github.com/keplerproject/luafilesystem/archive/v1_8_0.zip"; sha256 = "sha256-46a+ynqKkFIu7THbbM3F7WWkM4JlAMaGJ4TidnG54Yo="; }; - "444af9ca8a73151dbf759e6676d1035af469f01a.zip" = { - url = - "https://github.com/orbitalquark/gtdialog/archive/444af9ca8a73151dbf759e6676d1035af469f01a.zip"; - sha256 = "sha256-7AkX7OWXJtzKq3h4uJeLzHpf6mrsz67SXtPvmyA5xxg="; - }; "cdk-5.0-20200923.tgz" = { url = "http://invisible-mirror.net/archives/cdk/cdk-5.0-20200923.tgz"; sha256 = "sha256-AH9d6IDLLuvYVW335M2Gc9XmTJlwFH7uaSOoFMKfqu0="; @@ -42,4 +35,11 @@ url = "http://www.leonerd.org.uk/code/libtermkey/libtermkey-0.22.tar.gz"; sha256 = "sha256-aUW9PEqqg9qD2AoEXFVj2k7dfQN0xiwNNa7AnrMBRgA="; }; + # lua-std-regex + "1.0.zip" = { + url = "https://github.com/orbitalquark/lua-std-regex/archive/1.0.zip"; + sha256 = "sha256-W2hKHOfqYyo3qk+YvPJlzZfZ1wxZmMVphSlcaql+dOE="; + }; } + + diff --git a/pkgs/applications/graphics/xournalpp/default.nix b/pkgs/applications/graphics/xournalpp/default.nix index b36ac5968b3..cd3b73b6b48 100644 --- a/pkgs/applications/graphics/xournalpp/default.nix +++ b/pkgs/applications/graphics/xournalpp/default.nix @@ -6,9 +6,11 @@ , wrapGAppsHook , pkg-config +, alsa-lib , glib , gsettings-desktop-schemas , gtk3 +, gtksourceview4 , librsvg , libsndfile , libxml2 @@ -23,20 +25,23 @@ stdenv.mkDerivation rec { pname = "xournalpp"; - version = "1.1.3"; + version = "1.2.0"; src = fetchFromGitHub { owner = "xournalpp"; repo = pname; rev = "v${version}"; - sha256 = "sha256-Hn7IDnbrmK3V+iz8UqdmHRV2TS4MwYSgYtnH6igbGJ8="; + sha256 = "sha256-0xsNfnKdGl34qeN0KZbII9w6PzC1HvvO7mtlNlRvUqQ="; }; nativeBuildInputs = [ cmake gettext pkg-config wrapGAppsHook ]; buildInputs = - [ glib + [ + alsa-lib + glib gsettings-desktop-schemas gtk3 + gtksourceview4 librsvg libsndfile libxml2 diff --git a/pkgs/development/perl-modules/Data-UUID-CVE-2013-4184.patch b/pkgs/development/perl-modules/Data-UUID-CVE-2013-4184.patch new file mode 100644 index 00000000000..731e2eeb0df --- /dev/null +++ b/pkgs/development/perl-modules/Data-UUID-CVE-2013-4184.patch @@ -0,0 +1,214 @@ +Eliminate use of state/node files in temp directory, which are a security concern due to insecure writing of State/Node files in a temporary directory, with predictable filenames, with a possible symlink attack. + +Fixes CVE-2013-4184 + +https://github.com/bleargh45/Data-UUID/pull/40 by Graham TerMarsch @bleargh45 + + +diff --git a/Makefile.PL b/Makefile.PL +index 4ca26af..fb1a0f0 100644 +--- a/Makefile.PL ++++ b/Makefile.PL +@@ -89,30 +89,14 @@ WriteMakefile( + + CONFIGURE => sub { + my %opt; +- GetOptions(\%opt, 's|state-storage-directory:s', 'd|default-umask:s', +- 'help|?', 'man') or pod2usage(2); ++ GetOptions(\%opt, 'help|?', 'man') or pod2usage(2); + pod2usage(1) if $opt{help}; + pod2usage(-verbose => 2) if $opt{man}; + + print "Configured options (run perl Makefile.PL --help for how to change this):\n"; + +- my $d = File::Spec->tmpdir; +- $d = $opt{s} || $d; +- print "\tUUID state storage: $d\n"; +- $d =~ s/\\/\\\\/g if $^O eq 'MSWin32'; +- +- my $m = '0007'; +- unless ($^O eq 'MSWin32') { +- $m = $opt{d} || $m; +- print "\tdefault umask: $m\n"; +- } +- +- chmod(0666, sprintf("%s/%s", $d, ".UUID_NODEID")); +- chmod(0666, sprintf("%s/%s", $d, ".UUID_STATE")); + return { +- DEFINE => '-D_STDIR=' . shell_quote(c_quote($d)) +- . ' -D' . shell_quote("__$Config{osname}__") +- . ' -D_DEFAULT_UMASK=' . shell_quote($m) ++ DEFINE => ' -D' . shell_quote("__$Config{osname}__") + }; + } + ); +@@ -127,11 +111,9 @@ Makefile.PL - configure Makefile for Data::UUID + + perl Makefile.PL [options] [EU::MM options] + +-perl Makefile.PL -s=/var/local/lib/data-uuid -d=0007 ++perl Makefile.PL + + Options: +- --state-storage-directory directory for storing library state information +- --default-umask umask for files in the state storage directory + --help brief help message + --man full documentation + +@@ -141,18 +123,6 @@ Options can be abbreviated, see L. + + =over + +-=item --state-storage-directory +- +-Optional. Takes a string that is interpreted as directory for storing library +-state information. Default is c:/tmp/ on Windows if it already exists, or the +-operating system's temporary directory (see tmpdir in L), +-or /var/tmp as fallback. +- +-=item --default-umask +- +-Optional. Takes a string that is interpreted as umask for the files in the state +-storage directory. Default is 0007. This is ignored on Windows. +- + =item --help + + Print a brief help message and exits. +@@ -165,10 +135,7 @@ Prints the manual page and exits. + + =head1 DESCRIPTION + +-B writes the Makefile for the Data::UUID library. It is configured +-with the options L and L. +-Unless given, default values are used. In any case the values are printed for +-confirmation. ++B writes the Makefile for the Data::UUID library. + + Additionally, the usual EU::MM options are processed, see + L. +diff --git a/README b/README +index 8aaa1c2..34d53a5 100644 +--- a/README ++++ b/README +@@ -23,15 +23,6 @@ To install this module type the following: + make test + make install + +-NOTE: This module is designed to save its state information in a permanent +-storage location. The installation script (i.e. Makefile.PL) prompts for +-a directory name to use as a storage location for state file and defaults +-this directory to "/var/tmp" if no directory name is provided. +-The installation script will not accept names of directories that do not +-exist, however, it will take the locations, which the installing user +-has no write permissions to. In this case, the state information will not be +-saved, which will maximize the chances of generating duplicate UUIDs. +- + COPYRIGHT AND LICENCE + + Copyright (C) 2001, Alexander Golomshtok +diff --git a/UUID.h b/UUID.h +index dc5ea28..11d6e13 100644 +--- a/UUID.h ++++ b/UUID.h +@@ -44,23 +44,6 @@ + #include + #endif + +-#if !defined _STDIR +-# define _STDIR "/var/tmp" +-#endif +-#if !defined _DEFAULT_UMASK +-# define _DEFAULT_UMASK 0007 +-#endif +- +-#define UUID_STATE ".UUID_STATE" +-#define UUID_NODEID ".UUID_NODEID" +-#if defined __mingw32__ || (defined _WIN32 && !defined(__cygwin__)) || defined _MSC_VER +-#define UUID_STATE_NV_STORE _STDIR"\\"UUID_STATE +-#define UUID_NODEID_NV_STORE _STDIR"\\"UUID_NODEID +-#else +-#define UUID_STATE_NV_STORE _STDIR"/"UUID_STATE +-#define UUID_NODEID_NV_STORE _STDIR"/"UUID_NODEID +-#endif +- + #define UUIDS_PER_TICK 1024 + #ifdef _MSC_VER + #define I64(C) C##i64 +@@ -134,7 +117,6 @@ typedef struct _uuid_state_t { + typedef struct _uuid_context_t { + uuid_state_t state; + uuid_node_t nodeid; +- perl_uuid_time_t next_save; + } uuid_context_t; + + static void format_uuid_v1( +diff --git a/UUID.xs b/UUID.xs +index c3496a8..8191727 100644 +--- a/UUID.xs ++++ b/UUID.xs +@@ -356,29 +356,11 @@ PREINIT: + UV one = 1; + CODE: + RETVAL = (uuid_context_t *)PerlMemShared_malloc(sizeof(uuid_context_t)); +- if ((fd = fopen(UUID_STATE_NV_STORE, "rb"))) { +- fread(&(RETVAL->state), sizeof(uuid_state_t), 1, fd); +- fclose(fd); +- get_current_time(×tamp); +- RETVAL->next_save = timestamp; +- } +- if ((fd = fopen(UUID_NODEID_NV_STORE, "rb"))) { +- pid_t *hate = (pid_t *) &(RETVAL->nodeid); +- fread(&(RETVAL->nodeid), sizeof(uuid_node_t), 1, fd ); +- fclose(fd); +- +- *hate += getpid(); +- } else { ++ + get_random_info(seed); + seed[0] |= 0x80; + memcpy(&(RETVAL->nodeid), seed, sizeof(uuid_node_t)); +- mask = umask(_DEFAULT_UMASK); +- if ((fd = fopen(UUID_NODEID_NV_STORE, "wb"))) { +- fwrite(&(RETVAL->nodeid), sizeof(uuid_node_t), 1, fd); +- fclose(fd); +- }; +- umask(mask); +- } ++ + errno = 0; + #if DU_THREADSAFE + MUTEX_LOCK(&instances_mutex); +@@ -415,17 +397,6 @@ PPCODE: + self->state.node = self->nodeid; + self->state.ts = timestamp; + self->state.cs = clockseq; +- if (timestamp > self->next_save ) { +- mask = umask(_DEFAULT_UMASK); +- if((fd = fopen(UUID_STATE_NV_STORE, "wb"))) { +- LOCK(fd); +- fwrite(&(self->state), sizeof(uuid_state_t), 1, fd); +- UNLOCK(fd); +- fclose(fd); +- } +- umask(mask); +- self->next_save = timestamp + (10 * 10 * 1000 * 1000); +- } + ST(0) = make_ret(uuid, ix); + XSRETURN(1); + +@@ -585,14 +556,6 @@ CODE: + MUTEX_UNLOCK(&instances_mutex); + if (count == 0) { + #endif +- mask = umask(_DEFAULT_UMASK); +- if ((fd = fopen(UUID_STATE_NV_STORE, "wb"))) { +- LOCK(fd); +- fwrite(&(self->state), sizeof(uuid_state_t), 1, fd); +- UNLOCK(fd); +- fclose(fd); +- }; +- umask(mask); + PerlMemShared_free(self); + #if DU_THREADSAFE + } + diff --git a/pkgs/servers/matrix-synapse/default.nix b/pkgs/servers/matrix-synapse/default.nix index 02679e43e72..56650531a65 100644 --- a/pkgs/servers/matrix-synapse/default.nix +++ b/pkgs/servers/matrix-synapse/default.nix @@ -12,20 +12,20 @@ in with python3.pkgs; buildPythonApplication rec { pname = "matrix-synapse"; - version = "1.88.0"; + version = "1.89.0"; format = "pyproject"; src = fetchFromGitHub { owner = "matrix-org"; repo = "synapse"; rev = "v${version}"; - hash = "sha256-uNk+vyOCbaoy8Jw8W5KyedIw6bJ0ci8NkFTMlBVcxEw="; + hash = "sha256-ywDXjwYYCR0ojemRnShDmeoeUlDkpFH/ajFxV2DrR70="; }; cargoDeps = rustPlatform.fetchCargoTarball { inherit src; name = "${pname}-${version}"; - hash = "sha256-ILLZUQjUbLvmNsDpCSqKAYO/PRHTJ/XTDJTo/LCT/mg="; + hash = "sha256-Atwa7yIA9kPsle0/DKQD30PJljVNArqWgau4Ueqzo94="; }; postPatch = '' diff --git a/pkgs/tools/security/gopass/default.nix b/pkgs/tools/security/gopass/default.nix index 440ed7fc882..87ea59122bb 100644 --- a/pkgs/tools/security/gopass/default.nix +++ b/pkgs/tools/security/gopass/default.nix @@ -13,7 +13,7 @@ buildGoModule rec { pname = "gopass"; - version = "1.15.5"; + version = "1.15.6"; nativeBuildInputs = [ installShellFiles makeWrapper ]; @@ -21,10 +21,10 @@ buildGoModule rec { owner = "gopasspw"; repo = "gopass"; rev = "v${version}"; - hash = "sha256-0vMzCqH/p0GXtjoSrnSqMsIul9D00fICYb29KY6/Hno="; + hash = "sha256-qhnkU2LuwUWP3Fi/XekFJp3WujeRxF/UHVBiVTfbxJ4="; }; - vendorHash = "sha256-IgfzzwJANUfDToFLHv3BjDfm93KNm5zxQ5GMq7TQP+Q="; + vendorHash = "sha256-FZFN+xy23osgFs7Cm3S+LwKaE9Y94qcDVgv+CxA8J68="; subPackages = [ "." ]; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 96e2c9da3ee..35988a42b62 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -1697,7 +1697,7 @@ mapAliases ({ tex-gyre-pagella-math = throw "'tex-gyre-pagella-math' has been renamed to/replaced by 'tex-gyre-math.pagella'"; # Converted to throw 2022-02-22 tex-gyre-schola-math = throw "'tex-gyre-schola-math' has been renamed to/replaced by 'tex-gyre-math.schola'"; # Converted to throw 2022-02-22 tex-gyre-termes-math = throw "'tex-gyre-termes-math' has been renamed to/replaced by 'tex-gyre-math.termes'"; # Converted to throw 2022-02-22 - textadept11 = textadept; # Added 2022-06-07 + textadept11 = throw "textadept11 has been removed. Please use textadept instead"; # Added 2022-12-23 TODO: UPDATE THE DATE tftp_hpa = throw "'tftp_hpa' has been renamed to/replaced by 'tftp-hpa'"; # Converted to throw 2022-02-22 thunderbird-68 = throw "Thunderbird 68 reached end of life with its final release 68.12.0 on 2020-08-25"; thunderbird-bin-68 = thunderbird-68; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 82480e2d70f..865ca4dd52b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -13473,7 +13473,7 @@ with pkgs; texstudio = qt6Packages.callPackage ../applications/editors/texstudio { }; - textadept = callPackage ../applications/editors/textadept { }; + textadept = libsForQt5.callPackage ../applications/editors/textadept { }; texworks = qt6Packages.callPackage ../applications/editors/texworks { }; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 54d25119ac8..ca3a46df185 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -6083,6 +6083,9 @@ with self; { url = "mirror://cpan/authors/id/R/RJ/RJBS/Data-UUID-1.226.tar.gz"; hash = "sha256-CT1X/6DUEalLr6+uSVaX2yb1ydAncZj+P3zyviKZZFM="; }; + patches = [ + ../development/perl-modules/Data-UUID-CVE-2013-4184.patch + ]; meta = { description = "Globally/Universally Unique Identifiers (GUIDs/UUIDs)"; license = with lib.licenses; [ bsd0 ];