Merge remote-tracking branch 'origin/wip-ungrafting' into HEAD
commit
87c0d6265c
|
@ -44,8 +44,8 @@
|
|||
version ".tar.gz")))
|
||||
(sha256 (base32
|
||||
"1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6"))
|
||||
(patches (search-patches "cyrus-sasl-ac-try-run-fix.patch"))))
|
||||
(replacement cyrus-sasl/fixed)
|
||||
(patches (search-patches "cyrus-sasl-ac-try-run-fix.patch"
|
||||
"cyrus-sasl-CVE-2019-19906.patch"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("autoconf" ,autoconf)
|
||||
|
@ -81,20 +81,3 @@ server writers.")
|
|||
(license (license:non-copyleft "file://COPYING"
|
||||
"See COPYING in the distribution."))
|
||||
(home-page "https://cyrusimap.org/sasl/")))
|
||||
|
||||
(define cyrus-sasl/fixed
|
||||
(package
|
||||
(inherit cyrus-sasl)
|
||||
(version "2.1.27")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (list (string-append
|
||||
"https://cyrusimap.org/releases/cyrus-sasl-"
|
||||
version ".tar.gz")
|
||||
(string-append
|
||||
"ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-"
|
||||
version ".tar.gz")))
|
||||
(sha256 (base32
|
||||
"1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6"))
|
||||
(patches (search-patches "cyrus-sasl-ac-try-run-fix.patch"
|
||||
"cyrus-sasl-CVE-2019-19906.patch"))))))
|
||||
|
|
|
@ -3221,10 +3221,10 @@ the GNOME desktop environment.")
|
|||
(uri (string-append "mirror://gnome/sources/" name "/"
|
||||
(version-major+minor version) "/"
|
||||
name "-" version ".tar.xz"))
|
||||
(patches (search-patches "libcroco-CVE-2020-12825.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1m110rbj5d2raxcdp4iz0qp172284945awrsbdlq99ksmqsc4zkn"))))
|
||||
(replacement libcroco/fixed)
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
|
@ -3243,21 +3243,6 @@ XML/CSS rendering engine.")
|
|||
;; LGPLv2.1-only.
|
||||
(license license:lgpl2.1)))
|
||||
|
||||
(define libcroco/fixed
|
||||
(package
|
||||
(inherit libcroco)
|
||||
(name "libcroco")
|
||||
(version "0.6.13")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://gnome/sources/" name "/"
|
||||
(version-major+minor version) "/"
|
||||
name "-" version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1m110rbj5d2raxcdp4iz0qp172284945awrsbdlq99ksmqsc4zkn"))
|
||||
(patches (search-patches "libcroco-CVE-2020-12825.patch"))))))
|
||||
|
||||
(define-public libgsf
|
||||
(package
|
||||
(name "libgsf")
|
||||
|
|
|
@ -125,11 +125,12 @@ tools have full access to view and control running applications.")
|
|||
(package
|
||||
(name "cairo")
|
||||
(version "1.16.0")
|
||||
(replacement cairo/fixed)
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://cairographics.org/releases/cairo-"
|
||||
version ".tar.xz"))
|
||||
(patches (search-patches "cairo-CVE-2018-19876.patch"
|
||||
"cairo-CVE-2020-35492.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"0c930mk5xr2bshbdljv005j3j8zr47gqmkry3q6qgvqky6rjjysy"))))
|
||||
|
@ -176,15 +177,6 @@ affine transformation (scale, rotation, shear, etc.).")
|
|||
(license license:lgpl2.1) ; or Mozilla Public License 1.1
|
||||
(home-page "https://cairographics.org/")))
|
||||
|
||||
(define cairo/fixed
|
||||
(package
|
||||
(inherit cairo)
|
||||
(source (origin
|
||||
(inherit (package-source cairo))
|
||||
(patches (append (search-patches "cairo-CVE-2018-19876.patch"
|
||||
"cairo-CVE-2020-35492.patch")
|
||||
(origin-patches (package-source cairo))))))))
|
||||
|
||||
(define-public cairo-sans-poppler
|
||||
;; Variant used to break the dependency cycle between Poppler and Cairo.
|
||||
(package/inherit cairo
|
||||
|
@ -567,12 +559,12 @@ highlighting and other features typical of a source code editor.")
|
|||
(package
|
||||
(name "gdk-pixbuf")
|
||||
(version "2.40.0")
|
||||
(replacement gdk-pixbuf/fixed)
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://gnome/sources/" name "/"
|
||||
(version-major+minor version) "/"
|
||||
name "-" version ".tar.xz"))
|
||||
(patches (search-patches "gdk-pixbuf-CVE-2020-29385.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1rnlx9yfw970maxi2x6niaxmih5la11q1ilr7gzshz2kk585k0hm"))))
|
||||
|
@ -624,15 +616,6 @@ in the GNOME project.")
|
|||
(license license:lgpl2.0+)
|
||||
(home-page "https://developer.gnome.org/gdk-pixbuf/")))
|
||||
|
||||
(define gdk-pixbuf/fixed
|
||||
(package
|
||||
(inherit gdk-pixbuf)
|
||||
(source (origin
|
||||
(inherit (package-source gdk-pixbuf))
|
||||
(patches
|
||||
(append (search-patches "gdk-pixbuf-CVE-2020-29385.patch")
|
||||
(origin-patches (package-source gdk-pixbuf))))))))
|
||||
|
||||
;; To build gdk-pixbuf with SVG support, we need librsvg, and librsvg depends
|
||||
;; on gdk-pixbuf, so this new varibale. Also, librsvg adds 90MiB to the
|
||||
;; closure size.
|
||||
|
|
|
@ -107,7 +107,6 @@
|
|||
(define-public python-2.7
|
||||
(package
|
||||
(name "python2")
|
||||
(replacement python-2.7/fixed)
|
||||
(version "2.7.17")
|
||||
(source
|
||||
(origin
|
||||
|
@ -122,7 +121,8 @@
|
|||
"python-2.7-site-prefixes.patch"
|
||||
"python-2.7-source-date-epoch.patch"
|
||||
"python-2.7-adjust-tests.patch"
|
||||
"python-cross-compile.patch"))
|
||||
"python-cross-compile.patch"
|
||||
"python-2.7-CVE-2021-3177.patch"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
'(begin
|
||||
|
@ -351,14 +351,6 @@ data types.")
|
|||
(properties '((cpe-name . "python")))
|
||||
(license license:psfl)))
|
||||
|
||||
(define python-2.7/fixed
|
||||
(package
|
||||
(inherit python-2.7)
|
||||
(source (origin
|
||||
(inherit (package-source python-2.7))
|
||||
(patches (append (search-patches "python-2.7-CVE-2021-3177.patch")
|
||||
(origin-patches (package-source python-2.7))))))))
|
||||
|
||||
;; Current 2.x version.
|
||||
(define-public python-2 python-2.7)
|
||||
|
||||
|
@ -373,7 +365,6 @@ data types.")
|
|||
(define-public python-3.8
|
||||
(package (inherit python-2)
|
||||
(name "python")
|
||||
(replacement python-3.8/fixed)
|
||||
(version "3.8.2")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
|
@ -381,6 +372,7 @@ data types.")
|
|||
version "/Python-" version ".tar.xz"))
|
||||
(patches (search-patches
|
||||
"python-CVE-2020-26116.patch"
|
||||
"python-3.8-CVE-2021-3177.patch"
|
||||
"python-3-fix-tests.patch"
|
||||
"python-3.8-fix-tests.patch"
|
||||
"python-3-deterministic-build-info.patch"
|
||||
|
@ -531,14 +523,6 @@ data types.")
|
|||
(version-major+minor version)
|
||||
"/site-packages"))))))))
|
||||
|
||||
(define python-3.8/fixed
|
||||
(package
|
||||
(inherit python-3.8)
|
||||
(source (origin
|
||||
(inherit (package-source python-3.8))
|
||||
(patches (append (search-patches "python-3.8-CVE-2021-3177.patch")
|
||||
(origin-patches (package-source python-3.8))))))))
|
||||
|
||||
(define-public python-3.9
|
||||
(package (inherit python-3.8)
|
||||
(name "python-next")
|
||||
|
|
|
@ -165,7 +165,6 @@ living in the same process.")
|
|||
(package
|
||||
(name "gnutls")
|
||||
(version "3.6.15")
|
||||
(replacement gnutls/fixed)
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
;; Note: Releases are no longer on ftp.gnu.org since the
|
||||
|
@ -174,7 +173,9 @@ living in the same process.")
|
|||
(version-major+minor version)
|
||||
"/gnutls-" version ".tar.xz"))
|
||||
(patches (search-patches "gnutls-skip-trust-store-test.patch"
|
||||
"gnutls-cross.patch"))
|
||||
"gnutls-cross.patch"
|
||||
"gnutls-CVE-2021-20231.patch"
|
||||
"gnutls-CVE-2021-20232.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"0n0m93ymzd0q9hbknxc2ycanz49sqlkyyf73g9fk7n787llc7a0f"))))
|
||||
|
@ -257,15 +258,6 @@ required structures.")
|
|||
(properties '((ftp-server . "ftp.gnutls.org")
|
||||
(ftp-directory . "/gcrypt/gnutls")))))
|
||||
|
||||
(define gnutls/fixed
|
||||
(package
|
||||
(inherit gnutls)
|
||||
(source (origin
|
||||
(inherit (package-source gnutls))
|
||||
(patches (append (search-patches "gnutls-CVE-2021-20231.patch"
|
||||
"gnutls-CVE-2021-20232.patch")
|
||||
(origin-patches (package-source gnutls))))))))
|
||||
|
||||
(define-public gnutls/guile-2.0
|
||||
;; GnuTLS for Guile 2.0.
|
||||
(package/inherit gnutls
|
||||
|
@ -296,8 +288,7 @@ required structures.")
|
|||
(define-public openssl
|
||||
(package
|
||||
(name "openssl")
|
||||
(replacement openssl/fixed)
|
||||
(version "1.1.1i")
|
||||
(version "1.1.1j")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (list (string-append "https://www.openssl.org/source/openssl-"
|
||||
|
@ -310,7 +301,7 @@ required structures.")
|
|||
(patches (search-patches "openssl-1.1-c-rehash-in.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"0hjj1phcwkz69lx1lrvr9grhpl4y529mwqycqc1hdla1zqsnmgp8"))))
|
||||
"1gw17520vh13izy1xf5q0a2fqgcayymjjj5bk0dlkxndfnszrwma"))))
|
||||
(build-system gnu-build-system)
|
||||
(outputs '("out"
|
||||
"doc" ;6.8 MiB of man3 pages and full HTML documentation
|
||||
|
@ -431,24 +422,6 @@ required structures.")
|
|||
(license license:openssl)
|
||||
(home-page "https://www.openssl.org/")))
|
||||
|
||||
(define-public openssl/fixed
|
||||
(package
|
||||
(inherit openssl)
|
||||
(version "1.1.1k")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (list (string-append "https://www.openssl.org/source/openssl-"
|
||||
version ".tar.gz")
|
||||
(string-append "ftp://ftp.openssl.org/source/"
|
||||
"openssl-" version ".tar.gz")
|
||||
(string-append "ftp://ftp.openssl.org/source/old/"
|
||||
(string-trim-right version char-set:letter)
|
||||
"/openssl-" version ".tar.gz")))
|
||||
(patches (search-patches "openssl-1.1-c-rehash-in.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1rdfzcrxy9y38wqdw5942vmdax9hjhgrprzxm42csal7p5shhal9"))))))
|
||||
|
||||
(define-public openssl-1.0
|
||||
(package
|
||||
(inherit openssl)
|
||||
|
|
Reference in New Issue