The latest versions are not available on the mirrors, thus the source
URL was set to the project's official download link.
The patch for CVE-2021-22204 was removed as the vulnerability was
patched in version 12.24.
This allows users of the bind module to specify an alternate BIND
package. For example, by overriding the source attribute to use a
different version of BIND.
Since the default value for `services.bind.package` is `pkgs.bind`,
this change is completely backwards compatible with the current
module.
When the path to the Nixpkgs repo contains a space, generate.sh would fail. This can be esily fixed by adding quotes around the variable containing the path.
The use of unspliced llvmPackages in configureFlags was causing an
eval failure when cross-compiling, but since later versions of
Firefox/Spidermonkey can correctly detect clang and libclang without
those arguments being specified, we can just backport that
patch (which applies cleanly), and not have to worry about it any
more.
esphome is still stuck on hypothesis 5.49 and tries to import things
that are gone in 6.0 and later. Using a package override here would be
costly as it would cause alot of rebuilds, as hypothesis is an integral
part of e.g. pytest.
In order to have our linux builds be reproducible we patch the
`Makefile` to use `--build-id=none` as opposed to the default
`--build-id=sha1`. The way we've been doing this, however, caused the
flag to be mangled, and being set to `--build-id=none=sha1`. While bfd
seems to parse this normally, lld will loudly complain that the flag
does not exist:
```
linux> LD .tmp_vmlinux.kallsyms1
linux> ld.lld: error: unknown --build-id style: none=sha1
```
With this change the flag is now correctly set to `--build-id=none`.