Commit graph

23744 commits

Author SHA1 Message Date
markuskowa ea324b3cfc
Merge pull request #75752 from saschagrunert/cri-tools
cri-tools: 1.16.1 -> v1.17.0
2019-12-16 14:22:30 +01:00
Maximilian Bosch 836e0dbaac
cargo-tree: 0.26.0 -> 0.27.0
https://crates.io/crates/cargo-tree/0.27.0

This release doesn't have a git tag, but the revision I used here is
published as 0.27.0 on crates.io.
2019-12-16 13:03:11 +01:00
Maximilian Bosch 03987eaeed
cargo-license: 0.2.0 -> 0.3.0
https://github.com/onur/cargo-license/releases/tag/v0.3.0
2019-12-16 12:56:18 +01:00
Mario Rodas c2be9fe835
Merge pull request #74896 from lovesegfault/geebar-libinput
gebaar-libinput: init at 0.0.5
2019-12-16 06:37:58 -05:00
Bernardo Meurer 435b929d52
gebaar-libinput: init at 0.0.5 2019-12-16 05:58:29 -05:00
Sascha Grunert 16bca7814a
cri-tools: 1.16.1 -> v1.17.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2019-12-16 09:48:03 +01:00
Mario Rodas 01956b5605 ocrmypdf: 9.0.3 -> 9.2.0 2019-12-15 23:15:07 -08:00
Mario Rodas 303c94493c
Merge pull request #75588 from gege251/darwin-amazon-ecs-cli
amazon-ecs-cli: add darwin
2019-12-15 22:42:08 -05:00
gege251 a1c8ec7c32
amazon-ecs-cli: enable on darwin 2019-12-15 22:16:34 -05:00
Franz Pletz a991de49f2
Merge pull request #75698 from scaredmushroom/aircrack-ng_master
aircrack-ng: fixed missing dependency for airmon-ng
2019-12-15 23:34:20 +00:00
Florian Klink 39b20f0986
Merge pull request #75722 from flokli/xilinx-bootgen
xilinx-bootgen: init at 2019-10-23
2019-12-15 23:55:05 +01:00
Michael Raskin 5f21b4b896
Merge pull request #75723 from andir/advancecomp
advancecomp: fix CVE-2019-9210
2019-12-15 22:53:36 +00:00
Franz Pletz 05c6009f56
Merge pull request #75715 from andir/ansible
ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
2019-12-15 22:47:28 +00:00
Florian Klink 5073aab831 xilinx-bootgen: init at unstable-2019-10-23 2019-12-15 23:27:17 +01:00
Andreas Rammhold f23627cb12
advancecomp: fix CVE-2019-9210 2019-12-15 23:15:35 +01:00
Franz Pletz ded56b2687
Merge pull request #75234 from filalex77/subfinder-2.2.2
subfinder: 2018-07-15 -> 2.2.4
2019-12-15 22:13:06 +00:00
Franz Pletz fda130af71
Merge pull request #75474 from chkno/xsecurelock-no-longer-needs-xset-path-fixed
xsecurelock: Remove obsolete path fix
2019-12-15 22:10:55 +00:00
Andreas Rammhold b21b92947e ansible_2_6: 2.6.17 -> 2.6.20
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
2019-12-15 21:25:07 +01:00
Andreas Rammhold 64e2791092 ansible_2_7: 2.7.11 -> 2.7.15
This fixes the following security issues:
  * Ansible: Splunk and Sumologic callback plugins leak sensitive data
    in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when invalid
    parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 0623dedf2d/changelogs/CHANGELOG-v2.7.rst (v2-7-15)
2019-12-15 21:24:59 +01:00
Mario Rodas 22a8e0eb85
Merge pull request #75398 from r-ryantm/auto-update/tpm2-tools
tpm2-tools: 4.0.1 -> 4.1
2019-12-15 15:20:48 -05:00
cap 2978ca2180 aircrack-ng: fixed missing dependency for airmon-ng 2019-12-15 18:38:43 +01:00
Marco A L Barbosa 5425557214 tectonic: 0.1.11 -> 0.1.12 (#75396) 2019-12-15 11:27:41 -05:00
Frederik Rietdijk c20cd71d60 Merge master into staging-next 2019-12-15 16:09:28 +01:00
Andrew Childs 6e71ffbabf tio: expand platforms to "unix" to include darwin 2019-12-15 21:23:16 +09:00
Gabriel Ebner 86ed15dcce
Merge pull request #75678 from marsam/fix-vdirsyncer-darwin
vdirsyncer: fix build on darwin
2019-12-15 10:37:53 +01:00
Oleksii Filonenko 608c65b671
subfinder: 2.2.2 -> 2.2.4 2019-12-15 10:36:39 +02:00
Bernardo Meurer 171ceb38ff
beets.externalPlugins.check: init at 0.12.0 2019-12-14 21:52:21 -08:00
Austin Seipp 3e88e1b144
vector: 0.5.0 -> 0.6.0
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-12-14 20:33:59 -06:00
Austin Seipp 1446f6ca38
Revert "vector: make some more options override-able"
See the comments in that commit for more information.

This reverts commit b964f4b421.
2019-12-14 20:33:59 -06:00
Andreas Rammhold 928bc00ec4
Merge pull request #75673 from flokli/exa-broken-symlinks
exa: apply patch to not panic on broken symlinks
2019-12-15 02:28:29 +01:00
Mario Rodas 3f9333064b
vdirsyncer: fix build on darwin 2019-12-14 20:20:20 -05:00
Florian Klink d41dca2f5f exa: apply patch to not panic on broken symlinks
Currently, exa fails when being executed in a git repository with
symlinks pointing to a non-existing location.

This can happen quite often with garbage-collected result links, or in
bazel repositories.

A fix was PR'ed in September at https://github.com/ogham/exa/pull/584,
but upstream seems to be not responding.

Let's apply this patch until there's a release containing the fixes.
2019-12-15 02:18:50 +01:00
Eduardo Quirós 297604cb35 pfetch: init at 0.4.0
* pfetch: init at 0.4.0
2019-12-14 23:28:44 +01:00
Jan Tojnar 429561978b
Merge branch 'master' into staging-next 2019-12-14 23:09:06 +01:00
Renaud a189ffc45e
Merge pull request #75258 from srhb/bump-openapi-generator
openapi-generator-cli: 4.2.1 -> 4.2.2
2019-12-14 22:59:23 +01:00
Maximilian Bosch ed8de578a0
Merge pull request #75653 from ivan/cargo-outdated-0.9.1
cargo-outdated: unstable-2019-04-13 -> 0.9.1
2019-12-14 18:37:35 +01:00
itsHMR a46e3ebae5 tigervnc: add perl to buildInputs (#75367)
tigervnc ships vncserver, quote from the documentation:
vncserver - a wrapper script which makes starting Xvnc more convenient vncserver requires Perl.
2019-12-14 18:06:01 +01:00
Michael Weiss e69c094227
html-proofer: 3.14.1 -> 3.15.0 2019-12-14 17:44:50 +01:00
Ivan Kozik 1896f2b2b0 cargo-outdated: unstable-2019-04-13 -> 0.9.1 2019-12-14 15:41:19 +00:00
Renaud dd465ba6b6
wpscan: 3.5.3 -> 3.7.5 (#75580) 2019-12-14 15:55:33 +01:00
Jörg Thalheim fbfd77b158
Merge pull request #75546 from averelld/jdgui-update
jd-gui: 1.4.0 -> 1.6.5
2019-12-14 07:41:01 +00:00
Jörg Thalheim 259139f1c3
Merge pull request #75565 from xwvvvvwx/wg-tools-20191212
wireguard-tools: 0.0.20191127 -> 0.0.20191212
2019-12-14 07:27:39 +00:00
Mario Rodas 6d34fb89eb fluent-bit: 1.3.2 -> 1.3.4 2019-12-13 22:46:22 -08:00
Mario Rodas 98634341e9
Merge pull request #75629 from filalex77/starship-0.30.1
starship: 0.29.0 -> 0.30.1
2019-12-13 23:12:20 -05:00
Maximilian Bosch ca1a918d4c
Merge pull request #74422 from r-ryantm/auto-update/ibus-typing-booster
ibus-engines.typing-booster-unwrapped: 2.7.0 -> 2.7.2
2019-12-14 04:22:12 +01:00
Oleksii Filonenko 0ee049be99
starship: 0.29.0 -> 0.30.1 2019-12-14 01:00:11 +02:00
Averell Dalton bc5f25a714 jd-gui: 1.4.0 -> 1.6.5 2019-12-13 21:29:24 +01:00
Silvan Mosberger 89eccbf985
Merge pull request #71052 from turboMaCk/imwheel-service
services.xserver.imwheel: add module
2019-12-13 19:37:59 +01:00
Dmitry Kalinkin c644c7578d
texlive.bin.dvipng: fix "Fatal error, PK file ends prematurely"
Closes: #75605
2019-12-13 13:14:35 -05:00
Marek Fajkus 7406c0af98
services.xserver.imwheel: add module 2019-12-13 18:19:29 +01:00