A small set of package updates #2
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This includes fixes for kernels up to v3.4, so we shouldn't get build failures with kernel 3.4 anymore.
This is primarily because version 222 is no longer available at the upstream FTP site.
|
Committed in r34439 to r34441. |
Closed
wizeman
added a commit
that referenced
this pull request
Feb 22, 2014
grsecurity: add gradm, paxctl, and pax-utils (take #2)
cstrahan
referenced
this pull request
in cstrahan/nixpkgs
Dec 12, 2014
Update ghcjs && and remove deprecation warning
nbp
added a commit
that referenced
this pull request
Jan 18, 2015
briangebala
pushed a commit
to briangebala/nixpkgs
that referenced
this pull request
Jun 15, 2015
Inline swizzle of NodeJs.
garbas
pushed a commit
that referenced
this pull request
Sep 3, 2015
Local build and run successful. From the ChangeLog: ``` Version 0.7.77, 2015-09-02 + #B941, MXF: files having only a video stream and an ancillary data stream were having incorrect second video stream + MOV: detection of r210 CodecID as raw RGB + Ancillary data: detection of all metadata blocks (previously: only the first one was detected) x MPEG-TS: Wrong demux of TSP (188+16 TS) files having PES with only padding x MediaTrace #2: XML malformed with Flags items (hotfix, flags meaning disabled in XML output) x MediaTrace #3: XML malformed with some MP4 files x MediaTrace #6: XML duplicated attributes x MediaTrace #10: versioned xsd, creating library name and version x MediaTrace: XML content was not escaped x #B947, Amazon S3 support (REST API v2), CLI/DLL only and if compiled with libcurl support: Analyze file on s3 was not working if secret key contains / character ```
LnL7
referenced
this pull request
in LnL7/nixpkgs
Jan 8, 2016
jagajaga
added a commit
that referenced
this pull request
Jan 8, 2016
vim-plugins: added build inputs for jagajaga/vim-addon-vim2nix #2
gleber
added a commit
to gleber/nixpkgs
that referenced
this pull request
Jan 18, 2016
rebar3: refactor to make hermetic
7 tasks
corngood
referenced
this pull request
in corngood/nixpkgs
Sep 24, 2016
vulkan-loader: fix evaluation without source
dezren39
referenced
this pull request
in developing-today-forks/nixpkgs
Oct 14, 2024
13 tasks
modulitos
pushed a commit
to modulitos/nixpkgs
that referenced
this pull request
Nov 24, 2024
13 tasks
drupol
pushed a commit
that referenced
this pull request
Jan 5, 2025
nixosTests.cryptpad started failing recently. Investigating the issue shows that seccomp has become problematic during the init phase, (e.g. this can be reproduced by removing the customize directory in /var/lib/cryptpad): machine # [ 10.774365] systemd-coredump[864]: Process 756 (node) of user 65513 dumped core. machine # machine # Module libgcc_s.so.1 without build-id. machine # Module libstdc++.so.6 without build-id. machine # Module libicudata.so.74 without build-id. machine # Module libicuuc.so.74 without build-id. machine # Module libicui18n.so.74 without build-id. machine # Module libz.so.1 without build-id. machine # Module node without build-id. machine # Stack trace of thread 756: machine # #0 0x00007ff951974dcb fchown (libc.so.6 + 0x107dcb) machine # #1 0x00007ff95490d0c0 uv__fs_copyfile (libuv.so.1 + 0x150c0) machine # #2 0x00007ff95490d89a uv__fs_work (libuv.so.1 + 0x1589a) machine # #3 0x00007ff954910c76 uv_fs_copyfile (libuv.so.1 + 0x18c76) machine # #4 0x0000000000eb8a39 _ZN4node2fsL8CopyFileERKN2v820FunctionCallbackInfoINS1_5ValueEEE (node + 0xab8a39) machine # #5 0x0000000001cda5e2 Builtins_CallApiCallbackGeneric (node + 0x18da5e2) [...] machine # [ 10.877468] cryptpad[685]: /nix/store/h4yhhxpfm03c5rgz91q7jrvknh596ly2-cryptpad-2024.12.0/bin/cryptpad: line 3: 756 Bad system call (core dumped) "/nix/store/fkyp1bm5gll9adnfcj92snyym524mdrj-nodejs-22.11.0/bin/node" "/nix/store/h4yhhxpfm03c5rgz91q7jrvknh596ly2-cryptpad-2024.12.0/lib/node_modules/cryptpad/scripts/build.js" nodejs 20.18 rightly did not require chown when the source and destination are the same owner (heck, the script does not run as root so even if it is not blocked there is no way it'd work with a different owner...) For now just allow chown calls again, this is not worth wasting more time. Fixes #370717
yechielw
pushed a commit
to yechielw/nixpkgs
that referenced
this pull request
Jan 6, 2025
nixosTests.cryptpad started failing recently. Investigating the issue shows that seccomp has become problematic during the init phase, (e.g. this can be reproduced by removing the customize directory in /var/lib/cryptpad): machine # [ 10.774365] systemd-coredump[864]: Process 756 (node) of user 65513 dumped core. machine # machine # Module libgcc_s.so.1 without build-id. machine # Module libstdc++.so.6 without build-id. machine # Module libicudata.so.74 without build-id. machine # Module libicuuc.so.74 without build-id. machine # Module libicui18n.so.74 without build-id. machine # Module libz.so.1 without build-id. machine # Module node without build-id. machine # Stack trace of thread 756: machine # #0 0x00007ff951974dcb fchown (libc.so.6 + 0x107dcb) machine # NixOS#1 0x00007ff95490d0c0 uv__fs_copyfile (libuv.so.1 + 0x150c0) machine # NixOS#2 0x00007ff95490d89a uv__fs_work (libuv.so.1 + 0x1589a) machine # NixOS#3 0x00007ff954910c76 uv_fs_copyfile (libuv.so.1 + 0x18c76) machine # NixOS#4 0x0000000000eb8a39 _ZN4node2fsL8CopyFileERKN2v820FunctionCallbackInfoINS1_5ValueEEE (node + 0xab8a39) machine # NixOS#5 0x0000000001cda5e2 Builtins_CallApiCallbackGeneric (node + 0x18da5e2) [...] machine # [ 10.877468] cryptpad[685]: /nix/store/h4yhhxpfm03c5rgz91q7jrvknh596ly2-cryptpad-2024.12.0/bin/cryptpad: line 3: 756 Bad system call (core dumped) "/nix/store/fkyp1bm5gll9adnfcj92snyym524mdrj-nodejs-22.11.0/bin/node" "/nix/store/h4yhhxpfm03c5rgz91q7jrvknh596ly2-cryptpad-2024.12.0/lib/node_modules/cryptpad/scripts/build.js" nodejs 20.18 rightly did not require chown when the source and destination are the same owner (heck, the script does not run as root so even if it is not blocked there is no way it'd work with a different owner...) For now just allow chown calls again, this is not worth wasting more time. Fixes NixOS#370717
3 tasks
3 tasks
3 tasks
mweinelt
added a commit
that referenced
this pull request
Feb 17, 2025
This test crashes the python interpreter in libx265_encode_stream: ``` #0 0x00007feefe2a7a7e in free () from /nix/store/81mi7m3k3wsiz9rrrg636sx21psj20hc-glibc-2.40-66/lib/libc.so.6 No symbol table info available. #1 0x00007fee98059295 in av_free (ptr=<optimized out>) at libavutil/mem.c:243 No locals. #2 0x00007fee98059352 in av_freep (arg=<optimized out>) at libavutil/mem.c:253 val = <optimized out> #3 0x00007fee997a4713 in libx265_encode_frame (avctx=<optimized out>, pkt=<optimized out>, pic=<optimized out>, got_packet=0x7ffe35c7e3f4) at libavcodec/libx265.c:821 [...] #4 0x00007fee99526ff6 in ff_encode_encode_cb (avctx=avctx@entry=0x16d1f00, avpkt=avpkt@entry=0x16ad440, frame=0x16f5e80, got_packet=got_packet@entry=0x7ffe35c7e3f4) at libavcodec/encode.c:254 codec = 0x7fee9a25e5c0 <ff_libx265_encoder> [...] ```
CodeRadu
pushed a commit
to CodeRadu/nixpkgs
that referenced
this pull request
Feb 25, 2025
…d-providers Golang Provider + Example + Hoist Providers
thiagokokada
pushed a commit
that referenced
this pull request
Mar 5, 2025
Prior to this the `dev` output was also propagated, when it's not
actually used
```console
$ nix-store --query --references /nix/store/ppw0flx4dbksxsnr84hq1gz4k0s0hpcq-nixos-rebuild-ng-0.0.0
/nix/store/11ciq72n4fdv8rw6wgjgasfv4mjs1jrw-bash-5.2p37
/nix/store/26yi95240650jxp5dj78xzch70i1kzlz-python3-3.12.9
/nix/store/xxh7mivp64xmzyw5wir2c2xbhy6cjzjd-nix-2.24.12
/nix/store/8jai5cxdfzgj9nsz4i26fh9sx5zsgilz-nix-2.24.12-dev
/nix/store/ppw0flx4dbksxsnr84hq1gz4k0s0hpcq-nixos-rebuild-ng-0.0.0
```
```console
$ nix why-depends --all --precise /nix/store/ppw0flx4dbksxsnr84hq1gz4k0s0hpcq-nixos-rebuild-ng-0.0.0 /nix/store/8jai5cxdfzgj9nsz4i26fh9sx5zsgilz-nix-2.24.12-dev
/nix/store/ppw0flx4dbksxsnr84hq1gz4k0s0hpcq-nixos-rebuild-ng-0.0.0
└───nix-support/propagated-build-inputs: …/nix/store/8jai5cxdfzgj9nsz4i26fh9sx5zsgilz-nix-2.24.12-dev /nix/store/26yi…
→ /nix/store/8jai5cxdfzgj9nsz4i26fh9sx5zsgilz-nix-2.24.12-dev
```
```console
$ nvd diff /nix/store/ppw0flx4dbksxsnr84hq1gz4k0s0hpcq-nixos-rebuild-ng-0.0.0 /nix/store/fqm81bhggzkqh7033np2z0jr8c0qrpbw-nixos-rebuild-ng-0.0.0
<<< /nix/store/ppw0flx4dbksxsnr84hq1gz4k0s0hpcq-nixos-rebuild-ng-0.0.0
>>> /nix/store/fqm81bhggzkqh7033np2z0jr8c0qrpbw-nixos-rebuild-ng-0.0.0
Version changes:
[C.] #1 boehm-gc 8.2.8, 8.2.8-dev -> 8.2.8
[C*] #2 nix 2.24.12, 2.24.12-dev, 2.24.12-man -> 2.24.12, 2.24.12-man
Removed packages:
[R.] #1 nlohmann_json 3.11.3
Closure size: 66 -> 63 (1 paths added, 4 paths removed, delta -3, disk usage -1.9MiB).
```
arianvp
added a commit
that referenced
this pull request
Apr 1, 2025
fluent-bit 3.2.7, 3.2.8 and 3.2.9 are segfaulting when used in combination with the systemd input. Lets revert to 3.2.6 for now. Upstream bug: fluent/fluent-bit#10139 Note that fluent-bit-3.2.7 fixes two high CVEs which we are now reintroducing. However they are only exploitable if you are using the OpenTelemetry input or the Prometheus Remote Write input. OpenTelemetry input: [CVE-2024-50609](https://nvd.nist.gov/vuln/detail/CVE-2024-50609) Prometheus Remote Write input: [CVE-2024-50608](https://nvd.nist.gov/vuln/detail/CVE-2024-50608) The problem is as follows: 3.2.7 started vendoring a copy of `libzstd` in tree and statically linking against it. Also, the fluent-bit binary exports the symbols of static libraries it links against. This is a problem because `libzstd` gets `dlopen()`ed by `libsystemd` when enumerating the journal (as journal logs are zstd compressed). and `libzstd` in Nixpkgs is built with `-DZSTD_LEGACY_SUPPORT=0` which causes `struct ZSTD_DCtx` to be 16 bytes smaller than without this flag https://github.com/facebook/zstd/blob/dev/lib/decompress/zstd_decompress_internal.h#L183-L187 `libsystemd` calls [`sym_ZSTD_createDCtx()`](https://github.com/systemd/systemd/blob/1e79a2923364b65fc9f347884dd5b9b2087f6e32/src/basic/compress.c#L480) which calls the function pointer returned by `dlsym()` which is calling into the `libzstd` that comes with `nixpkgs` and thus allocates a struct that is 16 bytes smaller. Later then `sym_ZSTD_freeDCtx()` is called. However because fluent-bit has `zstd` in its global symbol table, any functions that `sym_ZSTD_freeDCtx()` calls will be calls to the functions in the vendored fluent-bit version of the library which expects the larger struct. This then causes enough heap corruption to cause a segfault. E.g. the subsequent calls to `ZSTD_clearDict(dctx)` and `ZSTD_customFree(dctx->inBuff)` in https://github.com/facebook/zstd/blob/dev/lib/decompress/zstd_decompress.c#L324 will be working on a struct that is 16 bytes smaller than the one that was allocated by `libsystemd` and will cause a segfault at some point and thus are probably modifying pieces of memory that they shouldn't (gdb) bt #0 0x00007f10e7e9916c in __pthread_kill_implementation () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #1 0x00007f10e7e40e86 in raise () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #2 0x00007f10e7e2893a in abort () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #3 0x000000000046a938 in flb_signal_handler () #4 <signal handler called> #5 0x00007f10e7ea42b7 in unlink_chunk.isra () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #6 0x00007f10e7ea45cd in _int_free_create_chunk () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #7 0x00007f10e7ea5a1c in _int_free_merge_chunk () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #8 0x00007f10e7ea5dc9 in _int_free () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #9 0x00007f10e7ea8613 in free () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #10 0x00007f10e80ad3b5 in ZSTD_freeDCtx () from /nix/store/wy0slah6yvchgra8nhp6vgrqa6ay72cq-zstd-1.5.6/lib/libzstd.so.1 #11 0x00007f10e8c90f6b in decompress_blob_zstd () from /nix/store/b2cfj7yk3wfg1jdwjzim7306hvsc5gnl-systemd-257.3/lib/libsystemd.so.0 #12 0x00007f10e8bf0efe in journal_file_data_payload () from /nix/store/b2cfj7yk3wfg1jdwjzim7306hvsc5gnl-systemd-257.3/lib/libsystemd.so.0 #13 0x00007f10e8c00f74 in sd_journal_enumerate_data () from /nix/store/b2cfj7yk3wfg1jdwjzim7306hvsc5gnl-systemd-257.3/lib/libsystemd.so.0 #14 0x00000000004eae2f in in_systemd_collect () #15 0x00000000004eb5a0 in in_systemd_collect_archive () #16 0x000000000047aa18 in flb_input_collector_fd () #17 0x0000000000495223 in flb_engine_start () #18 0x000000000046f304 in flb_lib_worker () #19 0x00007f10e7e972e3 in start_thread () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 #20 0x00007f10e7f1b2fc in __clone3 () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 Reverts 7310ab3 Reverts 4fbc6cf
13 tasks
tanya1866
pushed a commit
to tanya1866/nixpkgs
that referenced
this pull request
Apr 3, 2025
fluent-bit 3.2.7, 3.2.8 and 3.2.9 are segfaulting when used in combination with the systemd input. Lets revert to 3.2.6 for now. Upstream bug: fluent/fluent-bit#10139 Note that fluent-bit-3.2.7 fixes two high CVEs which we are now reintroducing. However they are only exploitable if you are using the OpenTelemetry input or the Prometheus Remote Write input. OpenTelemetry input: [CVE-2024-50609](https://nvd.nist.gov/vuln/detail/CVE-2024-50609) Prometheus Remote Write input: [CVE-2024-50608](https://nvd.nist.gov/vuln/detail/CVE-2024-50608) The problem is as follows: 3.2.7 started vendoring a copy of `libzstd` in tree and statically linking against it. Also, the fluent-bit binary exports the symbols of static libraries it links against. This is a problem because `libzstd` gets `dlopen()`ed by `libsystemd` when enumerating the journal (as journal logs are zstd compressed). and `libzstd` in Nixpkgs is built with `-DZSTD_LEGACY_SUPPORT=0` which causes `struct ZSTD_DCtx` to be 16 bytes smaller than without this flag https://github.com/facebook/zstd/blob/dev/lib/decompress/zstd_decompress_internal.h#L183-L187 `libsystemd` calls [`sym_ZSTD_createDCtx()`](https://github.com/systemd/systemd/blob/1e79a2923364b65fc9f347884dd5b9b2087f6e32/src/basic/compress.c#L480) which calls the function pointer returned by `dlsym()` which is calling into the `libzstd` that comes with `nixpkgs` and thus allocates a struct that is 16 bytes smaller. Later then `sym_ZSTD_freeDCtx()` is called. However because fluent-bit has `zstd` in its global symbol table, any functions that `sym_ZSTD_freeDCtx()` calls will be calls to the functions in the vendored fluent-bit version of the library which expects the larger struct. This then causes enough heap corruption to cause a segfault. E.g. the subsequent calls to `ZSTD_clearDict(dctx)` and `ZSTD_customFree(dctx->inBuff)` in https://github.com/facebook/zstd/blob/dev/lib/decompress/zstd_decompress.c#L324 will be working on a struct that is 16 bytes smaller than the one that was allocated by `libsystemd` and will cause a segfault at some point and thus are probably modifying pieces of memory that they shouldn't (gdb) bt #0 0x00007f10e7e9916c in __pthread_kill_implementation () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#1 0x00007f10e7e40e86 in raise () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#2 0x00007f10e7e2893a in abort () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#3 0x000000000046a938 in flb_signal_handler () NixOS#4 <signal handler called> NixOS#5 0x00007f10e7ea42b7 in unlink_chunk.isra () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#6 0x00007f10e7ea45cd in _int_free_create_chunk () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#7 0x00007f10e7ea5a1c in _int_free_merge_chunk () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#8 0x00007f10e7ea5dc9 in _int_free () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#9 0x00007f10e7ea8613 in free () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#10 0x00007f10e80ad3b5 in ZSTD_freeDCtx () from /nix/store/wy0slah6yvchgra8nhp6vgrqa6ay72cq-zstd-1.5.6/lib/libzstd.so.1 NixOS#11 0x00007f10e8c90f6b in decompress_blob_zstd () from /nix/store/b2cfj7yk3wfg1jdwjzim7306hvsc5gnl-systemd-257.3/lib/libsystemd.so.0 NixOS#12 0x00007f10e8bf0efe in journal_file_data_payload () from /nix/store/b2cfj7yk3wfg1jdwjzim7306hvsc5gnl-systemd-257.3/lib/libsystemd.so.0 NixOS#13 0x00007f10e8c00f74 in sd_journal_enumerate_data () from /nix/store/b2cfj7yk3wfg1jdwjzim7306hvsc5gnl-systemd-257.3/lib/libsystemd.so.0 NixOS#14 0x00000000004eae2f in in_systemd_collect () NixOS#15 0x00000000004eb5a0 in in_systemd_collect_archive () NixOS#16 0x000000000047aa18 in flb_input_collector_fd () NixOS#17 0x0000000000495223 in flb_engine_start () NixOS#18 0x000000000046f304 in flb_lib_worker () NixOS#19 0x00007f10e7e972e3 in start_thread () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 NixOS#20 0x00007f10e7f1b2fc in __clone3 () from /nix/store/rmy663w9p7xb202rcln4jjzmvivznmz8-glibc-2.40-66/lib/libc.so.6 Reverts 7310ab3 Reverts 4fbc6cf
13 tasks
gignsky
added a commit
to gignsky/nixpkgs
that referenced
this pull request
May 28, 2025
Co-authored-by: Leah Amelia Chen <github@acc.pluie.me>
3 tasks
SuperSandro2000
added a commit
that referenced
this pull request
Jul 1, 2025
SuperSandro2000
added a commit
that referenced
this pull request
Jul 1, 2025
radimkrcmar
added a commit
to radimkrcmar/nixpkgs
that referenced
this pull request
Jul 3, 2025
Building cross compilers fails because libstdc++-target.patch does not apply: > Running phase: patchPhase > applying patch /nix/store/m65mm399kh8q6h8k836hln3h0y8k7lw7-libstdc++-target.patch > patching file Makefile.in > Hunk NixOS#1 succeeded at 303 (offset 37 lines). > Hunk NixOS#2 FAILED at 292. > 1 out of 2 hunks FAILED -- saving rejects to file Makefile.in.rej As I understand the patch, it was supposed to fix GCC cross compiler for mingw32. I built mingw32/mingwW64/aarch64-multiplatform/riscv64 cross compilers on x86_64-linux without applying the patch, and it does not seem necessary anymore. It's possible we didn't need this patch for quite a while, but I haven't tested that. Do not apply libstdc++-target.patch starting with gcc15. Signed-off-by: Radim Krčmář <radim@krcmar.dev>
13 tasks
LordGrimmauld
added a commit
to LordGrimmauld/nixpkgs
that referenced
this pull request
Jul 20, 2025
# This is the 1st commit message: nixos/systemd: move systemd.watchdog.* to systemd.settings.Manager # The commit message NixOS#2 will be skipped: # nixos/systemd: move systemd.watchdog.* to systemd.settings.Manager
LordGrimmauld
added a commit
to LordGrimmauld/nixpkgs
that referenced
this pull request
Jul 28, 2025
# This is the 1st commit message: nixos/systemd: move systemd.watchdog.* to systemd.settings.Manager # The commit message NixOS#2 will be skipped: # nixos/systemd: move systemd.watchdog.* to systemd.settings.Manager
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This should fix a few build failures with those packages, especially VirtualBox with newer kernels.
In addition some updates to quite old versions of a few packages.