guix-play

History

gnu: Go standard crypto library: Update to 0.0.0-3.b7391e9 [security fixes].

Fixes a vulnerability in 'golang.org/x/crypto/salsa20' where, if more than 256
GiB of keystream is generated, or if the counter otherwise grows greater than 32
bits, the amd64 implementation will first generate incorrect output, and then
cycle back to previously generated keystream.

https://go.googlesource.com/crypto/+/b7391e95e576cacdcdd422573063bc057239113d

* gnu/packages/golang.scm (go-golang-org-x-crypto-bcrypt,
go-golang-org-x-crypto-blowfish, go-golang-org-x-crypto-pbkdf2,
go-golang-org-x-crypto-tea, go-golang-org-x-crypto-salsa20,
go-golang-org-x-crypto-cast5, go-golang-org-x-crypto-twofish,
go-golang-org-x-crypto-xtea, go-golang-org-x-crypto-ed25519,
go-golang-org-x-crypto-ripemd160, go-golang-org-x-crypto-blake2s,
go-golang-org-x-crypto-sha3, go-golang-org-x-crypto-ssh-terminal): Update to
0.0.0-3.b7391e9.
(go-golang-org-x-crypto-blake2s)[propagated-inputs]: Add
go-golang-org-x-sys-cpu.
(go-golang-org-x-crypto-blowfish, go-golang-org-x-crypto-pbkdf2,
go-golang-org-x-crypto-tea, go-golang-org-x-crypto-salsa20,
go-golang-org-x-crypto-cast5, go-golang-org-x-crypto-twofish,
go-golang-org-x-crypto-xtea, go-golang-org-x-crypto-ssh-terminal):
Inherit from go-golang-org-x-crypto-bcrypt.

2019-04-02 13:07:03 -04:00

bootloader

bootloader: Add a 'keyboard-layout' field.

2019-03-24 23:06:11 +01:00

build

linux-container: Make the guest UID and GID a parameter.

2019-04-02 18:15:37 +02:00

installer

services: Deprecate 'xfce-desktop-service'.

2019-03-27 11:54:06 +01:00

packages

gnu: Go standard crypto library: Update to 0.0.0-3.b7391e9 [security fixes].