Commit Graph

23 Commits

Author SHA1 Message Date
Franz Pletz
0653abc07a
gd: 2.2.4 -> 2.2.5 for multiple CVEs
Fixes:
  * CVE-2017-6362
  * CVE-2017-7890
2017-09-18 22:45:30 +02:00
Franz Pletz
6a02d48c72
gd: 2.2.3 -> 2.2.4 for multiple CVEs
Fixes:

  * CVE-2016-9317
  * CVE-2016-6912
2017-01-25 20:53:37 -05:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Robin Gloster
f222d98746 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-25 12:47:13 +00:00
Joachim Fasting
bbae43a7a9
gd: remove left-over cruft from 9b658d51cb746cfffcc60aa4dc27b60f2ab3e228 2016-07-24 12:54:07 +02:00
Michael Stone
19f074a5c3 gd: 2.2.2 -> 2.2.3 2016-07-22 15:30:30 -04:00
Robin Gloster
1f04b4a566 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-21 00:56:43 +00:00
Anthony Cowley
9b658d51cb gd: cherry-pick a temporary patch for darwin 2016-07-19 12:57:42 -04:00
Robin Gloster
5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Vladimír Čunát
b1a07467d2 gd: security 2.2.1 -> 2.2.2
CVE-2015-8874, CVE-2016-5767
2016-07-09 17:17:38 +02:00
Robin Gloster
8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Joachim Fasting
8b2fc35987
gd: propagate image format dependencies
After f8bdd7969d1af9b1f4ab5f968fae336190c1ae1c it has become necessary for users
of gd to also add inputs for optional image format support, such as libjpeg and
libwebp.

This patch makes the following commits obsolete:
- 972c438c03f046bddffea2a2ae349aaf6e652277
- 2113b7389afa040923e8e33443d3f5ce6eaed69e
- 94286527ace1f7c3b09bf68e9449a1c8ecfcbd33
- a371094f1f0df1edf669362fe2612de10b077ca4
- f345d01974378d443e82cd615ee95620529beb1d
2016-06-03 15:43:12 +02:00
Joachim Fasting
3a7ec4c8f4
gd: enable parallel building 2016-06-03 15:43:12 +02:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Franz Pletz
7d580b8339 gd: 2.1.1 -> 2.2.1 2016-05-30 09:49:12 +02:00
Joachim Fasting
63a8c58185
gd: multiple outputs 2016-05-22 20:03:00 +02:00
Franz Pletz
f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Joachim Fasting
220836d066
gd: apply patch for CVE-2016-3074 from upstream
Source:
2bb97f407c.patch

The original patch contains binary data, however, which is not supported
by `patch`; we could use `git apply` here, of course, but it was simpler
to just copy-paste only the fix into a separate file and include it in
the repo.
2016-05-14 07:15:41 +02:00
Joachim Fasting
f8bdd7969d
gd: 2.0.35 -> 2.1.1
Upstream claims 2.1 is fully API compatible with 2.0

https://libgd.github.io/release-2.1.0.html
https://libgd.github.io/release-2.1.1.html

Also includes meta updates, adds pkg-config to the build environment,
for proper detection of dependencies, and adds optional support for tiff
and xpm image formats.
2016-05-14 07:15:41 +02:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster
f6d3b7a2ae switch hardening flags 2016-01-30 16:36:57 +00:00
Franz Pletz
954e9903ad Use a hardened stdenv by default 2016-01-30 16:36:57 +00:00
Eelco Dolstra
ebacd32b71 * Added libgd.
* gnuplot 4.2.2.

svn path=/nixpkgs/trunk/; revision=9354
2007-09-21 20:43:43 +00:00