Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[pull] frq-nixos-19.09 from NixOS:nixos-19.09 #216

Open
wants to merge 452 commits into
base: frq-nixos-19.09
Choose a base branch
from
Open
Changes from 3 commits
Commits
Show all changes
452 commits
Select commit Hold shift + click to select a range
a9d4746
python3Packages.signedjson: 1.0.0 -> 1.1.0
Ma27 Feb 18, 2020
dce33f1
matrix-synapse: 1.9.1 -> 1.11.1
Ma27 Mar 16, 2020
107ffbb
Merge branch 'staging-19.09' into release-19.09
vcunat Mar 16, 2020
9a808dd
libxml2: add patch for CVE-2019-20388
mmilata Mar 12, 2020
311c3fd
nextcloud: 16.0.8 -> 16.0.9
flokli Mar 15, 2020
8d7fd7e
Merge pull request #82697 from flokli/19.09-nextcloud-16.0.9
flokli Mar 16, 2020
4f69f2c
opensmtpd: mark as insecure due to CVE-2020-8794 / #80978
obadz Mar 17, 2020
7db6a85
opensmtpd: 6.4.2p1 -> 6.6.1p1
flokli Nov 8, 2019
3ecd571
opensmtpd: 6.6.1p1 -> 6.6.2p1
fpletz Jan 29, 2020
7a106bd
opensmtpd: 6.6.2p1 -> 6.6.3p1
r-ryantm Feb 13, 2020
521c676
opensmtpd: 6.6.3p1 -> 6.6.4p1
andir Feb 24, 2020
ce282f0
Revert "opensmtpd: mark as insecure due to CVE-2020-8794 / #80978"
Mic92 Mar 17, 2020
fe67f42
Revert "opensmtpd: apply patch for CVE-2020-7247.patch"
Mic92 Mar 17, 2020
29431a0
opensmtpd: build against openssl
Mic92 Mar 17, 2020
bf7c0f0
Merge pull request #82775 from Mic92/opensmtpd-backport
obadz Mar 17, 2020
41f1484
openssl: 1.1.1d -> 1.1.1e
andir Mar 17, 2020
30fdf95
Merge remote-tracking branch 'origin/release-19.09' into staging-19.09
veprbl Mar 17, 2020
0e1cf19
buildGoModule: disable consult the checksum database on build
marsam Dec 1, 2019
dd9a493
tailscale: init at 0.96-33
Mar 8, 2020
65ff637
tailscale: 0.96-33 -> 0.97-0.
danderson Mar 18, 2020
87834cb
Merge pull request #82791 from andir/19.09/openssl
andir Mar 18, 2020
b0055f4
Merge branch 'staging-19.09' into release-19.09
vcunat Mar 18, 2020
0e01f4f
brave: 1.4.96 -> 1.5.112
JeffLabonte Mar 18, 2020
8963012
Merge pull request #81789 from JeffLabonte/19_09-brave_1.4.95_to_1.4.96
grahamc Mar 19, 2020
493a837
riot-web: 1.5.10 -> 1.5.13
Ma27 Mar 17, 2020
5d89c0b
linuxPackages.wireguard: 0.0.20200215 -> 0.0.20200318
Ma27 Mar 19, 2020
49eed3a
Revert "openssl: 1.1.1d -> 1.1.1e"
KamilaBorowska Mar 19, 2020
359de6b
chromium: 80.0.3987.132 -> 80.0.3987.149
primeos Mar 18, 2020
490d066
wireguard-tools: 1.0.20200206 -> 1.0.20200319
Ma27 Mar 19, 2020
db12da3
Merge pull request #82958 from primeos/chromium-backport
primeos Mar 20, 2020
2cc4474
nodejs-12_x: 12.14.1 -> 12.15.0
marsam Feb 6, 2020
9b2a26d
nodejs-12_x: 12.15.0 -> 12.16.0
marsam Feb 11, 2020
8e47767
nodejs-12_x: 12.16.0 -> 12.16.1
marsam Feb 19, 2020
2071e3b
openssl(_1_1): patch CVE-2019-1551
vcunat Mar 21, 2020
b2d71b4
Merge openssl(_1_1) downgrade (into release-19.09)
vcunat Mar 21, 2020
36cbcdc
grafana: 6.6.2 -> 6.7.0
Frostman Mar 19, 2020
c3a9111
grafana: 6.7.0 -> 6.7.1
Frostman Mar 21, 2020
85600b7
grafana: add Frostman to maintainers
Frostman Mar 21, 2020
4aac2c3
grafana: Drop Frostman from maintainers
dasJ Mar 22, 2020
8b8e73a
Merge pull request #83109 from helsinki-systems/bp-drop-frostman
Ma27 Mar 22, 2020
534e341
linux: 5.4.24 -> 5.4.25
NeQuissimus Mar 14, 2020
fb2dcec
linux: 4.14.173 -> 4.14.174
NeQuissimus Mar 22, 2020
5801ac4
linux: 4.19.109 -> 4.19.112
NeQuissimus Mar 22, 2020
dbea1f6
linux: 4.4.216 -> 4.4.217
NeQuissimus Mar 22, 2020
7dfe28c
linux: 4.9.216 -> 4.9.217
NeQuissimus Mar 22, 2020
216cd6c
linux: 5.4.25 -> 5.4.27
NeQuissimus Mar 22, 2020
75569aa
tailscale: switch version and git ref to use a tag.
danderson Mar 23, 2020
609a3da
tailscale: build using Go 1.13 explicitly.
danderson Mar 18, 2020
96c4045
Add packages.json to the tarball job
edolstra Mar 24, 2020
0ce53c4
Compress optionsJSON using brotli
edolstra Mar 24, 2020
1a54743
nixos/release-small.nix: Export options job
edolstra Mar 24, 2020
c0ce6d0
protonvpn-cli-ng: 2.2.0 -> 2.2.2
JeffLabonte Mar 4, 2020
da19ebc
gitlab: 12.8.6 -> 12.8.7 (#82838) (#83354)
talyz Mar 25, 2020
67643b0
linux: 4.19.112 -> 4.19.113
NeQuissimus Mar 25, 2020
6f11eda
linux: 5.4.27 -> 5.4.28
NeQuissimus Mar 25, 2020
ae48415
Merge pull request #83328 from JeffLabonte/update_protonvpn_ng_2.2.0-…
bhipple Mar 26, 2020
d5895b9
signal-desktop: 1.32.1 -> 1.32.2
primeos Mar 26, 2020
59c3b5f
Merge pull request #83417 from primeos/signal-desktop-backport
primeos Mar 26, 2020
008fc89
nix-bash-completions: 0.6.7 -> 0.6.8 (#81019)
hedning Mar 5, 2020
df07596
wire-desktop: Fix StartupWMClass
arianvp Mar 24, 2020
a932b1c
signal-desktop: 1.32.2 -> 1.32.3
primeos Mar 26, 2020
3be8b45
Merge pull request #83450 from primeos/signal-desktop-backport
primeos Mar 26, 2020
fbdb1ae
gitlab: 12.8.7 -> 12.8.8
flokli Mar 27, 2020
1881b34
matrix-synapse: 1.11.1 -> 1.12.0
ajs124 Mar 23, 2020
64a3ccb
Merge pull request #82831 from danderson/tailscale-19.09
grahamc Mar 27, 2020
939178c
bluez: apply patches for CVE-2020-0556
bhipple Mar 14, 2020
598a9cb
nginx: Fix ETag patch to ignore realpath(3) error
aszlig Feb 20, 2020
28dd9c3
tor-browser-bundle-bin: 9.0.5 -> 9.0.7
Mar 28, 2020
95d7551
Merge branch 'release-19.09' into staging-19.09
vcunat Mar 28, 2020
54e8994
riot-desktop: fix StartupWMClass
worldofpeace Mar 28, 2020
ace3bb3
Merge pull request #83602 from scaredmushroom/tor-browser-bundle-bin_…
Ma27 Mar 29, 2020
ac678d9
Merge branch 'release-19.09' into staging-19.09
vcunat Mar 28, 2020
e8f5908
Merge branch 'staging-19.09' into release-19.09
vcunat Mar 29, 2020
1bf2637
Merge #83013: exiv2: patch CVE-2019-20421
vcunat Mar 29, 2020
e7ad715
brave: 1.5.112 -> 1.5.115
JeffLabonte Mar 22, 2020
c7363c2
make-tarball.nix: Strip source directory from packages.json
edolstra Mar 29, 2020
2015db3
python3Packages.twisted: fix CVE-2020-10109
Ma27 Mar 27, 2020
a8639df
python3Packages.pysaml2: fix tests
Ma27 Mar 29, 2020
856dbd1
ghc-8.4.4.nix: Do not use git.haskell.org
nomeata Mar 29, 2020
ce73818
Merge pull request #83026 from wmertens/nodejs-backport
wmertens Mar 30, 2020
58dec78
mattermost-desktop: fix filechooser causing crash
evils Nov 6, 2019
6d445f8
mattermost-desktop: version 4.2.3 -> 4.3.1
evils Nov 5, 2019
85d879e
grafana: 6.7.1 -> 6.6.2
Ma27 Mar 31, 2020
d011e47
Merge pull request #83516 from Ma27/synapse-19.09
lheckemann Apr 1, 2020
6011c05
ruby_2_5: 2.5.7 -> 2.5.8
marsam Mar 31, 2020
deb8fd1
ruby_2_6: 2.6.5 -> 2.6.6
marsam Mar 31, 2020
926c763
linux: 5.4.28 -> 5.4.29
NeQuissimus Apr 1, 2020
190fbfd
chromium: fix webrtc interaction with pulseaudio
peti Mar 23, 2020
5ae092f
chromium: I accidentally added the webrtc patch into the wrong section
peti Mar 24, 2020
96614c2
chromium: 80.0.3987.149 -> 80.0.3987.162
primeos Apr 1, 2020
c221bb2
linux: 4.19.113 -> 4.19.114
NeQuissimus Apr 2, 2020
c5ad5d0
linux: 5.4.29 -> 5.4.30
NeQuissimus Apr 2, 2020
7d82b77
linux: 4.14.174 -> 4.14.175
NeQuissimus Apr 2, 2020
c95a98e
linux: 4.4.217 -> 4.4.218
NeQuissimus Apr 2, 2020
0ee9cef
linux: 4.9.217 -> 4.9.218
NeQuissimus Apr 2, 2020
1ca8a06
chromium: 80.0.3987.162 -> 80.0.3987.163
primeos Apr 2, 2020
6ce362a
Merge pull request #84107 from primeos/chromium-backport
primeos Apr 3, 2020
7a429e7
linuxPackages.wireguard: 0.0.20200318 -> 1.0.20200401
Ma27 Apr 1, 2020
f7f1d53
firefox: 74.0 -> 74.0.1
andir Apr 4, 2020
a90f68b
firefox-esr: 68.6.0esr -> 68.6.1esr
andir Apr 4, 2020
3c0b770
firefox-beta-bin: 75.0b1 -> 75.0b11
andir Apr 4, 2020
ca1ee17
firefox-bin: 74.0 -> 74.0.1
andir Apr 4, 2020
2d0be77
firefox-devedition-bin: 75.0b1 -> 75.0b12
andir Apr 4, 2020
b3e1b81
apacheHttpd: 2.4.41 -> 2.4.43
r-ryantm Apr 1, 2020
e10c65c
Merge pull request #84251 from andir/19.09/firefox
andir Apr 4, 2020
c1ef04e
Merge #84273: gnutls: 3.6.11.1 -> 3.6.13 [security]
vcunat Apr 5, 2020
30b05e1
wire-desktop: mac 3.15.3621 -> 3.16.3630
toonn Apr 6, 2020
f86271a
Merge pull request #84496 from toonn/release-19.09
flokli Apr 6, 2020
528b5b6
brave: 1.5.115 -> 1.5.123
JeffLabonte Apr 3, 2020
832d4e9
libvpx_1_8: init at 1.8.2
andir Apr 7, 2020
70bca49
firefox: prepare for version 75
andir Apr 6, 2020
0ffd59a
firefox: use nodejs-12_x for firefox >= 75
andir Apr 7, 2020
5f4b02f
firefox: 74.0.1 -> 75.0
andir Apr 7, 2020
0280d88
firefox-esr-68: 68.6.1esr -> 68.7.0esr
andir Apr 7, 2020
9dda51b
firefox-bin: 74.0.1 -> 75.0
andir Apr 7, 2020
08a7e09
firefox-beta-bin: 75.0b11 -> 76.0b1
andir Apr 7, 2020
aaffe07
firefox-devedition-bin: 75.0b12 -> 76.0b1
andir Apr 7, 2020
16d0add
Merge pull request #84590 from andir/19.09/firefox
andir Apr 7, 2020
be180f6
signal-desktop: 1.32.3 -> 1.33.0
primeos Apr 8, 2020
82de063
chromium: Ignore unknown warning options
primeos Apr 2, 2020
631a5ef
chromiumDev: Remove a patch that is already applied
primeos Apr 2, 2020
dd0d0e6
chromiumBeta: Fix the build
primeos Apr 7, 2020
7c60e5c
chromium: 80.0.3987.163 -> 81.0.4044.92
primeos Apr 7, 2020
35cfc19
Merge pull request #84708 from primeos/signal-desktop-backport
primeos Apr 8, 2020
6a8c4f7
linux: 5.4.30 -> 5.4.31
NeQuissimus Apr 8, 2020
7770f3a
Merge pull request #84709 from primeos/chromium-backport
primeos Apr 8, 2020
77b9000
vocal: add missing glib-networking
Mic92 Apr 8, 2020
52577ba
Merge pull request #84294 from aanderse/httpd-19.09
aanderse Apr 9, 2020
60c4ddb
linuxPackagesFor: wireguard: noop for kernel >= 5.6
d-xo Dec 30, 2019
ebf64ea
tor-browser-bundle-bin: 9.0.7 -> 9.0.9
andriokha Apr 9, 2020
02f2241
Merge pull request #84892 from andriokha/tor-browser-bundle-bin-9.0.9…
joachifm Apr 10, 2020
99a27f4
Merge #84773: thunderbird*: 68.6.0 -> 68.7.0 (security)
vcunat Apr 9, 2020
839cd8d
Merge #83022: simutrans: 120.2.2 -> 120.4.1 (unbreak)
vcunat Apr 12, 2020
5fa2612
Merge pull request #84536 from JeffLabonte/19.09-brave_1.5.115_to_1.5…
marsam Apr 12, 2020
f35e61d
linux: 4.4.218 -> 4.4.219
NeQuissimus Apr 13, 2020
f52196c
linux: 4.14.175 -> 4.14.176
NeQuissimus Apr 13, 2020
81ca80c
linux: 4.19.114 -> 4.19.115
NeQuissimus Apr 13, 2020
fec536f
linux: 4.9.218 -> 4.9.219
NeQuissimus Apr 13, 2020
ee95a68
linux: 5.4.31 -> 5.4.32
NeQuissimus Apr 13, 2020
f6c1d3b
luminance-hdr: use Qt5's mkDerivation
dominikh Apr 5, 2020
b67bc34
Merge pull request #79772 from wamserma/fix-aspell-CVEs-backport
risicle Apr 15, 2020
dd46307
Merge branch 'staging-19.09' into release-19.09
vcunat Apr 16, 2020
4f86f06
git: 2.23.1 -> 2.23.2 (CVE-2020-5260)
vcunat Apr 16, 2020
6f5b979
[19.09] flashplayer: 32.0.0.330 -> 32.0.0.363
taku0 Apr 14, 2020
9cb226c
chromium: 81.0.4044.92 -> 81.0.4044.113
primeos Apr 16, 2020
9eeef58
Merge pull request #85409 from tollb/flashplayer-32.0.0.363-release-1…
7c6f434c Apr 16, 2020
648a695
nexus: 3.18.1-01 -> 3.22.0-02
zaninime Apr 17, 2020
27c9e08
Merge pull request #85405 from primeos/chromium-backport
primeos Apr 17, 2020
6c9572a
linux: 4.19.115 -> 4.19.116
NeQuissimus Apr 17, 2020
36586a9
linux: 5.4.32 -> 5.4.33
NeQuissimus Apr 17, 2020
fed820b
Merge pull request #85429 from zaninime/backport-nexus
Ma27 Apr 17, 2020
3bd563f
maintainers: add wamserma
wamserma Apr 18, 2020
fdd75ab
maintainers: backport gazally
ehmry Apr 12, 2020
9237a09
yggdrasil: backport at 0.3.10
ehmry Apr 12, 2020
dff7016
chromium{Beta,Dev}: M81 -> M83 -> M84
primeos Apr 16, 2020
c0439ba
chromiumBeta: Mark as broken
primeos Apr 22, 2020
e45440a
chromium: 81.0.4044.113 -> 81.0.4044.122
primeos Apr 21, 2020
5a3490d
Merge pull request #85760 from primeos/chromium-backport
flokli Apr 22, 2020
a9750db
Merge release-19.09 into staging-19.09
FRidh Apr 22, 2020
cae3ac8
git: 2.23.2 -> 2.23.3 (security, CVE-2020-11008)
primeos Apr 22, 2020
336ef08
enyo-doom: use qt5's mkDerivation
mmilata Apr 7, 2020
fef4a36
httraqt: use qt5's mkDerivation
mmilata Apr 7, 2020
a508612
yabause: use qt5's mkDerivation
mmilata Apr 7, 2020
640e0d4
calaos_installer: use qt5's mkDerivation
mmilata Apr 7, 2020
afc608d
caneda: use qt5's mkDerivation
mmilata Apr 7, 2020
52ee2d5
valentina: use qt5's mkDerivation
mmilata Apr 7, 2020
163b434
traverso: use qt5's mkDerivation
mmilata Apr 7, 2020
8f63757
swift-im: use qt5's mkDerivation
mmilata Apr 7, 2020
754a796
ricochet: use qt5's mkDerivation
mmilata Apr 7, 2020
c988766
qstopmotion: use qt5's mkDerivation
mmilata Apr 7, 2020
fa24ad0
qmediathekview: use qt5's mkDerivation
mmilata Apr 7, 2020
9b1849a
qcomicbook: use qt5's mkDerivation
mmilata Apr 7, 2020
24490a6
phototonic: use qt5's mkDerivation
mmilata Apr 7, 2020
02635e3
openbrf: use qt5's mkDerivation
mmilata Apr 7, 2020
51e4700
okteta: use qt5's mkDerivation
mmilata Apr 7, 2020
c601b3e
mindforger: use qt5's mkDerivation
mmilata Apr 7, 2020
7a6c6ba
dfasma: use qt5's mkDerivation
mmilata Apr 7, 2020
183bb76
bomi: use qt5's mkDerivation
mmilata Apr 7, 2020
77e281f
awesomebump: use qt5's mkDerivation
mmilata Apr 7, 2020
1cbdf95
aqemu: use qt5's mkDerivation
mmilata Apr 7, 2020
ef7e187
qt-box-editor: use qt5's mkDerivation
mmilata Apr 7, 2020
64301c0
rocket: use qt5's mkDerivation
mmilata Apr 7, 2020
641f664
pro-office-calculator: use qt5's mkDerivation
mmilata Apr 7, 2020
0dd1ea1
iannix: use qt5's mkDerivation
mmilata Apr 7, 2020
7d215ac
glogg: use qt5's mkDerivation
mmilata Apr 7, 2020
8c7b082
firebird-emu: use qt5's mkDerivation
mmilata Apr 7, 2020
2ebfd55
colord-kde: use qt5's mkDerivation
mmilata Apr 7, 2020
0b8156d
candle: use qt5's mkDerivation
mmilata Apr 7, 2020
dacd7f3
tensor: use qt5's mkDerivation
mmilata Apr 7, 2020
f37435d
openssl: patch CVE-2020-1967
mweinelt Apr 22, 2020
04273c3
Merge pull request #85818 from mweinelt/19.09/openssl/cve-2020-1967
andir Apr 23, 2020
9642f12
Merge staging-19.09 into release-19.09
FRidh Apr 23, 2020
bfee698
gnome3.mutter: fix desktop freezing after ~50 days idle
worldofpeace Apr 24, 2020
c4799f0
gnome3.mutter328: backports from gnome-3-28
worldofpeace Apr 24, 2020
54a3772
hostapd: apply patch for CVE-2019-16275
mweinelt Apr 25, 2020
39a1ac5
Merge pull request #86001 from mweinelt/19.09/hostapd/cve-2019-16275
worldofpeace Apr 25, 2020
e6d222f
Merge pull request #85805 from mmilata/qt5-mkDerivation-stdenv-19.09
worldofpeace Apr 25, 2020
4a0df0c
ninja: fix 404'ing patch
cole-h Apr 22, 2020
f907dc9
nixos/gitlab: Fix services.gitlab.enableStartTLSAuto
talyz Apr 28, 2020
9ffae2a
Merge pull request #86191 from talyz/release-19.09
talyz Apr 28, 2020
7b9f3c8
gitlab: 12.8.8 -> 12.8.9
flokli Apr 20, 2020
57df0aa
gitlab: support passing --rev to the `update-all` script
flokli Apr 20, 2020
767ca36
gitlab-workhorse: 8.21.1 -> 8.21.2
flokli Apr 20, 2020
68169a7
gitaly: 12.8.8 -> 12.8.9
flokli Apr 20, 2020
a7ceb25
gitlab: update.py: invoke bundle lock manually
manveru Apr 21, 2020
4b39bb8
chromium: 81.0.4044.122 -> 81.0.4044.129
primeos Apr 28, 2020
ac3ed15
coturn: apply patch for CVE-2020-6061/6062
mweinelt Apr 28, 2020
1d06d40
Merge pull request #86271 from mweinelt/19.09/coturn/CVE-2020-6061+6062
rasendubi Apr 29, 2020
e27493e
monotone: openssl in botan is not needed, so drop to avoid old openssl
7c6f434c Apr 29, 2020
511766d
Merge pull request #86340 from 7c6f434c/monotone-no-botan-openssl-19.09
7c6f434c Apr 29, 2020
87819f9
roundcube: 1.3.10 -> 1.3.11
Ma27 Apr 29, 2020
322fd89
Merge pull request #86297 from primeos/chromium-backport
primeos Apr 30, 2020
24d07de
gitaly: 12.8.9 -> 12.8.10
flokli Apr 30, 2020
a73c7cb
gitlab: 12.8.9 -> 12.8.10
flokli Apr 30, 2020
85f3b47
Merge pull request #86461 from talyz/19.09-gitlab-12.8.10
flokli May 1, 2020
7da8a5a
salt: 2019.2.0 -> 2019.2.4
Flakebi Apr 30, 2020
4f820be
Merge pull request #86651 from Flakebi/salt-19.09
bhipple May 3, 2020
0fa8e3c
nss_3_52: 3.51 -> 3.52
andir May 4, 2020
72212cb
firefox: 75.0 -> 76.0
andir May 4, 2020
26316a2
firefox-bin: 75.0 -> 76.0
andir May 4, 2020
8f570a3
firefox-esr-68: 68.7.0esr -> 68.8.0esr
andir May 4, 2020
3f1f251
Merge pull request #86811 from andir/19.09/firefox76
andir May 5, 2020
b79f64b
chromium: 81.0.4044.129 -> 81.0.4044.138
primeos May 5, 2020
278db00
Merge pull request #87078 from primeos/chromium-backport
primeos May 6, 2020
5967390
Merge #87066: thunderbird*: 68.7.0 -> 68.8.0 (security)
vcunat May 8, 2020
d858110
monero: fix rcp.restricted option
vojta001 May 11, 2020
9cefaf9
firefox: Add patch to fix AES GCM IV bit size
aszlig May 12, 2020
810e561
firefox: 76.0 -> 76.0.1
andir May 14, 2020
31dcaa5
Merge pull request #87772 from andir/19.09/firefox
andir May 14, 2020
69e4ae5
chromium: Mark as insecure
primeos May 20, 2020
2efedf8
Merge pull request #88368 from primeos/chromium-eol
lheckemann May 20, 2020
e6d819a
dovecot: 2.3.9.3 -> 2.3.10
r-ryantm Mar 8, 2020
0d49c4a
dovecot: v2.3.10 → v2.3.10.1
mweinelt May 18, 2020
a689086
bind: 9.14.9 -> 9.14.12 (security, PR #88159)
vcunat May 19, 2020
35eda4a
pdns-recursor: 4.2.0 -> 4.2.2 (security)
vcunat May 23, 2020
7071e76
ffmpeg_4: 4.2.2 -> 4.2.3
zowoq May 22, 2020
76248ee
ffmpeg-full: 4.2.2 -> 4.2.3
zowoq May 22, 2020
d82bae4
ffmpeg_2_8: 2.8.15 -> 2.8.16
zowoq May 22, 2020
61421ed
ip2unix: 2.1.1 -> 2.1.2
aszlig May 27, 2020
2f9bafa
ip2unix: 2.1.2 -> 2.1.3
aszlig Jun 1, 2020
5d0d3ef
wire-desktop: linux 3.17.2924 -> 3.18.2925
toonn Jun 2, 2020
44170df
wire-desktop: mac 3.17.3666 -> 3.18.3728
toonn Jun 2, 2020
d5151a9
Merge #89474: thunderbird*: 68.8.0 -> 68.9.0 (security)
vcunat Jun 5, 2020
0a11634
Merge pull request #86994 from toonn/release-19.09
flokli Jun 6, 2020
716f393
gnutls: 3.6.13 -> 3.6.14
cole-h Jun 9, 2020
8260cd5
Merge pull request #88436 from mweinelt/19.09/dovecot
Mic92 Jun 12, 2020
b6558a1
libexif: 0.6.21 -> 0.6.22
erictapen May 18, 2020
289466d
Merge pull request #91009 from erictapen/19.09-libexif-0.6.22
flokli Jun 18, 2020
1549e1e
doc: rename guide to 'Nixpkgs Manual'
raboof Sep 24, 2020
75f4ba0
Merge pull request #98645 from raboof/rename-guide-to-nixpkgs-manual-…
garbas Sep 24, 2020
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
181 changes: 181 additions & 0 deletions pkgs/development/libraries/openssl/1.1/cve-2019-1551-improve.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,181 @@
From 46ac489a1369f6d938adda356accab83acf2987a Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <[email protected]>
Date: Wed, 4 Dec 2019 12:57:41 +0100
Subject: [PATCH] Improve the overflow handling in rsaz_512_sqr

We have always a carry in %rcx or %rbx in range 0..2
from the previous stage, that is added to the result
of the 64-bit square, but the low nibble of any square
can only be 0, 1, 4, 9.

Therefore one "adcq $0, %rdx" can be removed.
Likewise in the ADX code we can remove one
"adcx %rbp, $out" since %rbp is always 0, and carry is
also zero, therefore that is a no-op.

Reviewed-by: Paul Dale <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/10575)
---
crypto/bn/asm/rsaz-x86_64.pl | 42 ++++++++++++++++++------------------
1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
index 7534d5cd03e5..f4d9c9b1297b 100755
--- a/crypto/bn/asm/rsaz-x86_64.pl
+++ b/crypto/bn/asm/rsaz-x86_64.pl
@@ -242,9 +242,9 @@
adcq \$0, %rbx

mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rcx, %rax
movq 16($inp), %rbp
- adcq \$0, %rdx
addq %rax, %r9
movq 24($inp), %rax
adcq %rdx, %r10
@@ -298,9 +298,9 @@
adcq \$0, %rcx

mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rbx, %rax
movq 24($inp), %r10
- adcq \$0, %rdx
addq %rax, %r11
movq 32($inp), %rax
adcq %rdx, %r12
@@ -349,8 +349,8 @@
adcq \$0, %rbx

mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rcx, %rax
- adcq \$0, %rdx
addq %rax, %r13
movq %r12, %rax # 40($inp)
adcq %rdx, %r14
@@ -389,8 +389,8 @@
adcq \$0, %rcx

mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rbx, %rax
- adcq \$0, %rdx
addq %rax, %r15
movq %rbp, %rax # 48($inp)
adcq %rdx, %r8
@@ -420,8 +420,8 @@
adcq \$0, %rbx

mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rcx, %rax
- adcq \$0, %rdx
addq %rax, %r9
movq %r14, %rax # 56($inp)
adcq %rdx, %r10
@@ -443,8 +443,8 @@
adcq \$0, %rcx

mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rbx, %rax
- adcq \$0, %rdx
addq %rax, %r11
movq %r14, %rax # 56($inp)
adcq %rdx, %r12
@@ -459,8 +459,8 @@
adcq \$0, %rbx

mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
addq %rcx, %rax
- adcq \$0, %rdx
addq %r13, %rax
adcq %rbx, %rdx

@@ -572,9 +572,9 @@
.byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx

xor %rbx, %rbx
+ adox %r9, %r9
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rcx, %rax
- adox %r9, %r9
- adcx %rbp, $out
adox %r10, %r10
adcx %rax, %r9
adox %rbp, %rbx
@@ -609,9 +609,9 @@
mov 24($inp), %rdx

xor %rcx, %rcx
+ adox %r11, %r11
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rbx, %rax
- adox %r11, %r11
- adcx %rbp, $out
adox %r12, %r12
adcx %rax, %r11
adox %rbp, %rcx
@@ -642,9 +642,9 @@
mov 32($inp), %rdx

xor %rbx, %rbx
+ adox %r13, %r13
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rcx, %rax
- adox %r13, %r13
- adcx %rbp, $out
adox %r14, %r14
adcx %rax, %r13
adox %rbp, %rbx
@@ -671,9 +671,9 @@
adox %rbp, %r11

xor %rcx, %rcx
+ adox %r15, %r15
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rbx, %rax
- adox %r15, %r15
- adcx %rbp, $out
adox %r8, %r8
adcx %rax, %r15
adox %rbp, %rcx
@@ -696,9 +696,9 @@
mov 48($inp), %rdx

xor %rbx, %rbx
+ adox %r9, %r9
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rcx, %rax
- adox %r9, %r9
- adcx %rbp, $out
adox %r10, %r10
adcx %rax, %r9
adcx $out, %r10
@@ -716,9 +716,9 @@
mulx %rdx, %rax, $out
xor %rcx, %rcx
mov 56($inp), %rdx
+ adox %r11, %r11
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rbx, %rax
- adox %r11, %r11
- adcx %rbp, $out
adox %r12, %r12
adcx %rax, %r11
adox %rbp, %rcx
@@ -731,9 +731,9 @@
#eighth iteration
mulx %rdx, %rax, %rdx
xor %rbx, %rbx
+ adox %r13, %r13
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
adcx %rcx, %rax
- adox %r13, %r13
- adcx %rbp, %rdx
adox %rbp, %rbx
adcx %r13, %rax
adcx %rdx, %rbx
754 changes: 754 additions & 0 deletions pkgs/development/libraries/openssl/1.1/cve-2019-1551.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,754 @@
From 419102400a2811582a7a3d4a4e317d72e5ce0a8f Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Wed, 4 Dec 2019 12:48:21 +0100
Subject: [PATCH] Fix an overflow bug in rsaz_512_sqr

There is an overflow bug in the x64_64 Montgomery squaring procedure used in
exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis
suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a
result of this defect would be very difficult to perform and are not believed
likely. Attacks against DH512 are considered just feasible. However, for an
attack the target would have to re-use the DH512 private key, which is not
recommended anyway. Also applications directly using the low level API
BN_mod_exp may be affected if they use BN_FLG_CONSTTIME.

CVE-2019-1551

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/10575)
---
crypto/bn/asm/rsaz-x86_64.pl | 381 ++++++++++++++++++-----------------
1 file changed, 197 insertions(+), 184 deletions(-)

diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
index b1797b649f00..7534d5cd03e5 100755
--- a/crypto/bn/asm/rsaz-x86_64.pl
+++ b/crypto/bn/asm/rsaz-x86_64.pl
@@ -116,7 +116,7 @@
subq \$128+24, %rsp
.cfi_adjust_cfa_offset 128+24
.Lsqr_body:
- movq $mod, %rbp # common argument
+ movq $mod, %xmm1 # common off-load
movq ($inp), %rdx
movq 8($inp), %rax
movq $n0, 128(%rsp)
@@ -134,7 +134,8 @@
.Loop_sqr:
movl $times,128+8(%rsp)
#first iteration
- movq %rdx, %rbx
+ movq %rdx, %rbx # 0($inp)
+ mov %rax, %rbp # 8($inp)
mulq %rdx
movq %rax, %r8
movq 16($inp), %rax
@@ -173,31 +174,29 @@
mulq %rbx
addq %rax, %r14
movq %rbx, %rax
- movq %rdx, %r15
- adcq \$0, %r15
+ adcq \$0, %rdx

- addq %r8, %r8 #shlq \$1, %r8
- movq %r9, %rcx
- adcq %r9, %r9 #shld \$1, %r8, %r9
+ xorq %rcx,%rcx # rcx:r8 = r8 << 1
+ addq %r8, %r8
+ movq %rdx, %r15
+ adcq \$0, %rcx

mulq %rax
- movq %rax, (%rsp)
- addq %rdx, %r8
- adcq \$0, %r9
+ addq %r8, %rdx
+ adcq \$0, %rcx

- movq %r8, 8(%rsp)
- shrq \$63, %rcx
+ movq %rax, (%rsp)
+ movq %rdx, 8(%rsp)

#second iteration
- movq 8($inp), %r8
movq 16($inp), %rax
- mulq %r8
+ mulq %rbp
addq %rax, %r10
movq 24($inp), %rax
movq %rdx, %rbx
adcq \$0, %rbx

- mulq %r8
+ mulq %rbp
addq %rax, %r11
movq 32($inp), %rax
adcq \$0, %rdx
@@ -205,7 +204,7 @@
movq %rdx, %rbx
adcq \$0, %rbx

- mulq %r8
+ mulq %rbp
addq %rax, %r12
movq 40($inp), %rax
adcq \$0, %rdx
@@ -213,7 +212,7 @@
movq %rdx, %rbx
adcq \$0, %rbx

- mulq %r8
+ mulq %rbp
addq %rax, %r13
movq 48($inp), %rax
adcq \$0, %rdx
@@ -221,7 +220,7 @@
movq %rdx, %rbx
adcq \$0, %rbx

- mulq %r8
+ mulq %rbp
addq %rax, %r14
movq 56($inp), %rax
adcq \$0, %rdx
@@ -229,39 +228,39 @@
movq %rdx, %rbx
adcq \$0, %rbx

- mulq %r8
+ mulq %rbp
addq %rax, %r15
- movq %r8, %rax
+ movq %rbp, %rax
adcq \$0, %rdx
addq %rbx, %r15
- movq %rdx, %r8
- movq %r10, %rdx
- adcq \$0, %r8
+ adcq \$0, %rdx

- add %rdx, %rdx
- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- movq %r11, %rbx
- adcq %r11, %r11 #shld \$1, %r10, %r11
+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
+ addq %r9, %r9
+ movq %rdx, %r8
+ adcq %r10, %r10
+ adcq \$0, %rbx

mulq %rax
+ addq %rcx, %rax
+ movq 16($inp), %rbp
+ adcq \$0, %rdx
addq %rax, %r9
+ movq 24($inp), %rax
adcq %rdx, %r10
- adcq \$0, %r11
+ adcq \$0, %rbx

movq %r9, 16(%rsp)
movq %r10, 24(%rsp)
- shrq \$63, %rbx

#third iteration
- movq 16($inp), %r9
- movq 24($inp), %rax
- mulq %r9
+ mulq %rbp
addq %rax, %r12
movq 32($inp), %rax
movq %rdx, %rcx
adcq \$0, %rcx

- mulq %r9
+ mulq %rbp
addq %rax, %r13
movq 40($inp), %rax
adcq \$0, %rdx
@@ -269,7 +268,7 @@
movq %rdx, %rcx
adcq \$0, %rcx

- mulq %r9
+ mulq %rbp
addq %rax, %r14
movq 48($inp), %rax
adcq \$0, %rdx
@@ -277,9 +276,7 @@
movq %rdx, %rcx
adcq \$0, %rcx

- mulq %r9
- movq %r12, %r10
- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
+ mulq %rbp
addq %rax, %r15
movq 56($inp), %rax
adcq \$0, %rdx
@@ -287,36 +284,40 @@
movq %rdx, %rcx
adcq \$0, %rcx

- mulq %r9
- shrq \$63, %r10
+ mulq %rbp
addq %rax, %r8
- movq %r9, %rax
+ movq %rbp, %rax
adcq \$0, %rdx
addq %rcx, %r8
- movq %rdx, %r9
- adcq \$0, %r9
+ adcq \$0, %rdx

- movq %r13, %rcx
- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
+ addq %r11, %r11
+ movq %rdx, %r9
+ adcq %r12, %r12
+ adcq \$0, %rcx

mulq %rax
+ addq %rbx, %rax
+ movq 24($inp), %r10
+ adcq \$0, %rdx
addq %rax, %r11
+ movq 32($inp), %rax
adcq %rdx, %r12
- adcq \$0, %r13
+ adcq \$0, %rcx

movq %r11, 32(%rsp)
movq %r12, 40(%rsp)
- shrq \$63, %rcx

#fourth iteration
- movq 24($inp), %r10
- movq 32($inp), %rax
+ mov %rax, %r11 # 32($inp)
mulq %r10
addq %rax, %r14
movq 40($inp), %rax
movq %rdx, %rbx
adcq \$0, %rbx

+ mov %rax, %r12 # 40($inp)
mulq %r10
addq %rax, %r15
movq 48($inp), %rax
@@ -325,9 +326,8 @@
movq %rdx, %rbx
adcq \$0, %rbx

+ mov %rax, %rbp # 48($inp)
mulq %r10
- movq %r14, %r12
- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
addq %rax, %r8
movq 56($inp), %rax
adcq \$0, %rdx
@@ -336,32 +336,33 @@
adcq \$0, %rbx

mulq %r10
- shrq \$63, %r12
addq %rax, %r9
movq %r10, %rax
adcq \$0, %rdx
addq %rbx, %r9
- movq %rdx, %r10
- adcq \$0, %r10
+ adcq \$0, %rdx

- movq %r15, %rbx
- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
+ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1
+ addq %r13, %r13
+ movq %rdx, %r10
+ adcq %r14, %r14
+ adcq \$0, %rbx

mulq %rax
+ addq %rcx, %rax
+ adcq \$0, %rdx
addq %rax, %r13
+ movq %r12, %rax # 40($inp)
adcq %rdx, %r14
- adcq \$0, %r15
+ adcq \$0, %rbx

movq %r13, 48(%rsp)
movq %r14, 56(%rsp)
- shrq \$63, %rbx

#fifth iteration
- movq 32($inp), %r11
- movq 40($inp), %rax
mulq %r11
addq %rax, %r8
- movq 48($inp), %rax
+ movq %rbp, %rax # 48($inp)
movq %rdx, %rcx
adcq \$0, %rcx

@@ -369,97 +370,99 @@
addq %rax, %r9
movq 56($inp), %rax
adcq \$0, %rdx
- movq %r8, %r12
- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
addq %rcx, %r9
movq %rdx, %rcx
adcq \$0, %rcx

+ mov %rax, %r14 # 56($inp)
mulq %r11
- shrq \$63, %r12
addq %rax, %r10
movq %r11, %rax
adcq \$0, %rdx
addq %rcx, %r10
- movq %rdx, %r11
- adcq \$0, %r11
+ adcq \$0, %rdx

- movq %r9, %rcx
- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
+ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1
+ addq %r15, %r15
+ movq %rdx, %r11
+ adcq %r8, %r8
+ adcq \$0, %rcx

mulq %rax
+ addq %rbx, %rax
+ adcq \$0, %rdx
addq %rax, %r15
+ movq %rbp, %rax # 48($inp)
adcq %rdx, %r8
- adcq \$0, %r9
+ adcq \$0, %rcx

movq %r15, 64(%rsp)
movq %r8, 72(%rsp)
- shrq \$63, %rcx

#sixth iteration
- movq 40($inp), %r12
- movq 48($inp), %rax
mulq %r12
addq %rax, %r10
- movq 56($inp), %rax
+ movq %r14, %rax # 56($inp)
movq %rdx, %rbx
adcq \$0, %rbx

mulq %r12
addq %rax, %r11
movq %r12, %rax
- movq %r10, %r15
- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
adcq \$0, %rdx
- shrq \$63, %r15
addq %rbx, %r11
- movq %rdx, %r12
- adcq \$0, %r12
+ adcq \$0, %rdx

- movq %r11, %rbx
- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
+ addq %r9, %r9
+ movq %rdx, %r12
+ adcq %r10, %r10
+ adcq \$0, %rbx

mulq %rax
+ addq %rcx, %rax
+ adcq \$0, %rdx
addq %rax, %r9
+ movq %r14, %rax # 56($inp)
adcq %rdx, %r10
- adcq \$0, %r11
+ adcq \$0, %rbx

movq %r9, 80(%rsp)
movq %r10, 88(%rsp)

#seventh iteration
- movq 48($inp), %r13
- movq 56($inp), %rax
- mulq %r13
+ mulq %rbp
addq %rax, %r12
- movq %r13, %rax
- movq %rdx, %r13
- adcq \$0, %r13
+ movq %rbp, %rax
+ adcq \$0, %rdx

- xorq %r14, %r14
- shlq \$1, %rbx
- adcq %r12, %r12 #shld \$1, %rbx, %r12
- adcq %r13, %r13 #shld \$1, %r12, %r13
- adcq %r14, %r14 #shld \$1, %r13, %r14
+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
+ addq %r11, %r11
+ movq %rdx, %r13
+ adcq %r12, %r12
+ adcq \$0, %rcx

mulq %rax
+ addq %rbx, %rax
+ adcq \$0, %rdx
addq %rax, %r11
+ movq %r14, %rax # 56($inp)
adcq %rdx, %r12
- adcq \$0, %r13
+ adcq \$0, %rcx

movq %r11, 96(%rsp)
movq %r12, 104(%rsp)

#eighth iteration
- movq 56($inp), %rax
+ xorq %rbx, %rbx # rbx:r13 = r13 << 1
+ addq %r13, %r13
+ adcq \$0, %rbx
+
mulq %rax
- addq %rax, %r13
+ addq %rcx, %rax
adcq \$0, %rdx
-
- addq %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
+ addq %r13, %rax
+ adcq %rbx, %rdx

movq (%rsp), %r8
movq 8(%rsp), %r9
@@ -469,6 +472,10 @@
movq 40(%rsp), %r13
movq 48(%rsp), %r14
movq 56(%rsp), %r15
+ movq %xmm1, %rbp
+
+ movq %rax, 112(%rsp)
+ movq %rdx, 120(%rsp)

call __rsaz_512_reduce

@@ -500,9 +507,9 @@
.Loop_sqrx:
movl $times,128+8(%rsp)
movq $out, %xmm0 # off-load
- movq %rbp, %xmm1 # off-load
#first iteration
mulx %rax, %r8, %r9
+ mov %rax, %rbx

mulx 16($inp), %rcx, %r10
xor %rbp, %rbp # cf=0, of=0
@@ -510,40 +517,39 @@
mulx 24($inp), %rax, %r11
adcx %rcx, %r9

- mulx 32($inp), %rcx, %r12
+ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12
adcx %rax, %r10

- mulx 40($inp), %rax, %r13
+ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13
adcx %rcx, %r11

- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
+ mulx 48($inp), %rcx, %r14
adcx %rax, %r12
adcx %rcx, %r13

- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
+ mulx 56($inp), %rax, %r15
adcx %rax, %r14
adcx %rbp, %r15 # %rbp is 0

- mov %r9, %rcx
- shld \$1, %r8, %r9
- shl \$1, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rdx, %r8
- mov 8($inp), %rdx
- adcx %rbp, %r9
+ mulx %rdx, %rax, $out
+ mov %rbx, %rdx # 8($inp)
+ xor %rcx, %rcx
+ adox %r8, %r8
+ adcx $out, %r8
+ adox %rbp, %rcx
+ adcx %rbp, %rcx

mov %rax, (%rsp)
mov %r8, 8(%rsp)

#second iteration
- mulx 16($inp), %rax, %rbx
+ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx
adox %rax, %r10
adcx %rbx, %r11

- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
+ mulx 24($inp), $out, %r8
adox $out, %r11
+ .byte 0x66
adcx %r8, %r12

mulx 32($inp), %rax, %rbx
@@ -561,24 +567,25 @@
.byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
adox $out, %r15
adcx %rbp, %r8
+ mulx %rdx, %rax, $out
adox %rbp, %r8
+ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx

- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp,%ebp
- mulx %rdx, %rax, %rcx
- mov 16($inp), %rdx
+ xor %rbx, %rbx
+ adcx %rcx, %rax
+ adox %r9, %r9
+ adcx %rbp, $out
+ adox %r10, %r10
adcx %rax, %r9
- adcx %rcx, %r10
- adcx %rbp, %r11
+ adox %rbp, %rbx
+ adcx $out, %r10
+ adcx %rbp, %rbx

mov %r9, 16(%rsp)
.byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)

#third iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
+ mulx 24($inp), $out, %r9
adox $out, %r12
adcx %r9, %r13

@@ -586,7 +593,7 @@
adox %rax, %r13
adcx %rcx, %r14

- mulx 40($inp), $out, %r9
+ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9
adox $out, %r14
adcx %r9, %r15

@@ -594,27 +601,28 @@
adox %rax, %r15
adcx %rcx, %r8

- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
+ mulx 56($inp), $out, %r9
adox $out, %r8
adcx %rbp, %r9
+ mulx %rdx, %rax, $out
adox %rbp, %r9
+ mov 24($inp), %rdx

- mov %r13, %rcx
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rcx, %rcx
+ adcx %rbx, %rax
+ adox %r11, %r11
+ adcx %rbp, $out
+ adox %r12, %r12
adcx %rax, %r11
- adcx %rdx, %r12
- mov 24($inp), %rdx
- adcx %rbp, %r13
+ adox %rbp, %rcx
+ adcx $out, %r12
+ adcx %rbp, %rcx

mov %r11, 32(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
+ mov %r12, 40(%rsp)

#fourth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
+ mulx 32($inp), %rax, %rbx
adox %rax, %r14
adcx %rbx, %r15

@@ -629,25 +637,25 @@
mulx 56($inp), $out, %r10
adox $out, %r9
adcx %rbp, %r10
+ mulx %rdx, %rax, $out
adox %rbp, %r10
+ mov 32($inp), %rdx

- .byte 0x66
- mov %r15, %rbx
- shld \$1, %r14, %r15
- shld \$1, %rcx, %r14
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rbx, %rbx
+ adcx %rcx, %rax
+ adox %r13, %r13
+ adcx %rbp, $out
+ adox %r14, %r14
adcx %rax, %r13
- adcx %rdx, %r14
- mov 32($inp), %rdx
- adcx %rbp, %r15
+ adox %rbp, %rbx
+ adcx $out, %r14
+ adcx %rbp, %rbx

mov %r13, 48(%rsp)
mov %r14, 56(%rsp)

#fifth iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
+ mulx 40($inp), $out, %r11
adox $out, %r8
adcx %r11, %r9

@@ -658,18 +666,19 @@
mulx 56($inp), $out, %r11
adox $out, %r10
adcx %rbp, %r11
+ mulx %rdx, %rax, $out
+ mov 40($inp), %rdx
adox %rbp, %r11

- mov %r9, %rcx
- shld \$1, %r8, %r9
- shld \$1, %rbx, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rcx, %rcx
+ adcx %rbx, %rax
+ adox %r15, %r15
+ adcx %rbp, $out
+ adox %r8, %r8
adcx %rax, %r15
- adcx %rdx, %r8
- mov 40($inp), %rdx
- adcx %rbp, %r9
+ adox %rbp, %rcx
+ adcx $out, %r8
+ adcx %rbp, %rcx

mov %r15, 64(%rsp)
mov %r8, 72(%rsp)
@@ -682,18 +691,19 @@
.byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
adox $out, %r11
adcx %rbp, %r12
+ mulx %rdx, %rax, $out
adox %rbp, %r12
+ mov 48($inp), %rdx

- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rbx, %rbx
+ adcx %rcx, %rax
+ adox %r9, %r9
+ adcx %rbp, $out
+ adox %r10, %r10
adcx %rax, %r9
- adcx %rdx, %r10
- mov 48($inp), %rdx
- adcx %rbp, %r11
+ adcx $out, %r10
+ adox %rbp, %rbx
+ adcx %rbp, %rbx

mov %r9, 80(%rsp)
mov %r10, 88(%rsp)
@@ -703,31 +713,31 @@
adox %rax, %r12
adox %rbp, %r13

- xor %r14, %r14
- shld \$1, %r13, %r14
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
+ mulx %rdx, %rax, $out
+ xor %rcx, %rcx
mov 56($inp), %rdx
- adcx %rbp, %r13
+ adcx %rbx, %rax
+ adox %r11, %r11
+ adcx %rbp, $out
+ adox %r12, %r12
+ adcx %rax, %r11
+ adox %rbp, %rcx
+ adcx $out, %r12
+ adcx %rbp, %rcx

.byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
.byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)

#eighth iteration
mulx %rdx, %rax, %rdx
- adox %rax, %r13
- adox %rbp, %rdx
+ xor %rbx, %rbx
+ adcx %rcx, %rax
+ adox %r13, %r13
+ adcx %rbp, %rdx
+ adox %rbp, %rbx
+ adcx %r13, %rax
+ adcx %rdx, %rbx

- .byte 0x66
- add %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
movq %xmm0, $out
movq %xmm1, %rbp

@@ -741,6 +751,9 @@
movq 48(%rsp), %r14
movq 56(%rsp), %r15

+ movq %rax, 112(%rsp)
+ movq %rbx, 120(%rsp)
+
call __rsaz_512_reducex

addq 64(%rsp), %r8
7 changes: 5 additions & 2 deletions pkgs/development/libraries/openssl/default.nix
Original file line number Diff line number Diff line change
@@ -143,14 +143,17 @@ in {
};

openssl_1_1 = common {
version = "1.1.1e";
sha256 = "1gnwlri1dphr5wdzmg9vlhkh6aq2yqgpfkpmffzwjlfb26n62kv9";
version = "1.1.1d";
sha256 = "1whinyw402z3b9xlb3qaxv4b9sk4w1bgh9k0y8df1z4x3yy92fhy";
patches = [
./1.1/nix-ssl-cert-file.patch

(if stdenv.hostPlatform.isDarwin
then ./1.1/use-etc-ssl-certs-darwin.patch
else ./1.1/use-etc-ssl-certs.patch)

./1.1/cve-2019-1551.patch
./1.1/cve-2019-1551-improve.patch
];
withDocs = true;
};