me
/
guix
Archived
1
0
Fork 0
Commit Graph

2963 Commits (5a29639cf6096641ec872b1f18e02d6d583ed6bd)

Author SHA1 Message Date
Philip McGrath 834aa48504
gnu: racket: Don't inject store paths into Racket files.
Apparently, during grafting, Guix can somehow mangle compiled
Racket CS files (.zo) such that Racket will refuse to load them.
(Maybe it has something to do with compression?)
So, we stop patching Racket sources with absolute paths to store
files (i.e. for foreign libraries to dlopen).
Instead, we put them in a data file that doesn't get compiled or,
in one case, embed it in C.

Fixes https://issues.guix.gnu.org/47064

* gnu/packages/patches/racket-sh-via-rktio.patch: New file.
Adds a special case at the C level, controlled by a preprocessor macro,
to handle attempts to execute "/bin/sh".
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/scheme.scm (racket)[source](patches): Apply it.
(racket)[arguments](#:configure-flags): Add the CPP flag to enable it.
(racket)[arguments](#:modules): Use srfi-1.
(racket)[arguments](#:phases): Remove 'patch-/bin/sh and 'pre-configure.
Change 'pre-configure-minimal to just change directory.
Add 'patch-config.rktd-lib-search-dirs after 'build and before 'install
to configure Racket's "lib-search-dirs".
(racket, racket-minimal)[inputs]: Add bash-minimal as an explicit input.
(racket-minimal)[source]: Adjust to inherit patches from racket.
(racket-minimal)[arguments]: Inherit from racket: changes no longer needed.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-04-12 18:42:22 +02:00
Hartmut Goebel 3281ba6eae
gnu: lksctp-tools: Fix build of include file.
* gnu/packages/patches/lksctp-tools-1.0.18-fix-header-file-name.patch:
  New file.
* gnu/local.mk[patches]: Add it.
* gnu/packages/networking.scm(/lksctp-tools)[source]: Use this patch.
2021-04-11 17:02:30 +02:00
Brendan Tildesley 586f017d98
gnu: python-pyqt: Fix build for new python-sip.
* gnu/packages/qt.scm (python-pyqt)
[source]: Remove pyqt-public-sip.patch.
[propagated-inputs]: Add python-pyqt5-sip.
* gnu/packages/patches/pyqt-public-sip.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2021-04-09 16:09:24 -04:00
Brice Waegeneire 0d4ae86bc2
gnu: libvirt: Update to 7.2.0.
* gnu/packages/virtualization.scm (libvirt): Update to 7.2.0.
[arguemnts]: Switch to meson, only build system supported by upstream.
[inputs]: Add libssh2 and readline.
[native-inputs]: Add bash-completion, gettext, python-docutils and
rpcsvc-proto.
* gnu/packages/patches/libvirt-add-install-prefix.patch: New file...
* gnu/local.mk: ...add it.
* gnu/packages/patches/libvirt-create-machine-cgroup.patch: Delete file,
merged by upstream.

Tested-by: Pierre Langlois <pierre.langlois@gmx.com>
2021-04-05 18:26:37 +01:00
Philip McGrath e29b1fff1d
gnu: chez-scheme: simplify packaging
Take advantage of patches that have been accepted upstream.
These changes lay a foundation for reusing more of Chez's
build process for Racket.

* gnu/packages/patches/chez-scheme-build-util-paths-backport.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/chez.scm (chez-scheme)[source](patches): Use it.
[source](snippet): Remove bundled libraries here, not in configure phase.
[inputs]: Organize. Move "nanopass", "stex", and "xorg-rgb" to ...
[native-inputs]: ... this field.
[arguments]: Add (ice-9 ftw) to #:modules. Remove unneeded
'patch-processor-detection' phase. Add 'unpack-nanopass+stex' phase
(refactored from 'configure'). Simplify 'configure' phase by removing
patches that have been upstreamed. Add "--nogzip-man-pages" flag so we can
remove 'make-manpages-writable' phase. Stop ignoring #:configure-flags,
move "--threads" there, and remove unneeded workaround. Add 'prepare-stex'
phase (refactored from 'install-doc'). Use it to streamline 'install-doc'
phase, installing all of the right files into the right places.

Signed-off-by: Leo Prikler <leo.prikler@student.tugraz.at>
2021-04-05 16:10:06 +02:00
Maxim Cournoyer 86c39376cc
gnu: runc: Update to 1.0.0-rc93.
* gnu/packages/virtualization.scm (runc): Update to 1.0.0-rc93.
[source]: Remove the patches field.
[phases]{unpack}: Remove override.
{build}: Add the man target.
{check}: Make conditional based on TESTS?.
{install}: Add the install-man target.
[native-inputs]: Add go-github-com-go-md2man.
[home-page]: Update.
* gnu/packages/patches/runc-CVE-2019-5736.patch: Delete file.
* gnu/local.mk: Un-register it.
2021-04-02 23:33:42 -04:00
Maxim Cournoyer 7bf82f5ede
gnu: containerd: Update to 1.4.4.
* gnu/packages/docker.scm (containerd): Update to 1.4.4.  Delete
trailing #t.
[arguments]: Set a MAKE-FLAGS binding.
[phases]{patch-paths}: Patch the reference to 'unpigz'.
{build, install}: Use the MAKE-FLAGS variable.
[inputs]: Add pigz.
* gnu/packages/patches/containerd-test-with-go1.13.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Un-register it.
2021-04-02 23:33:42 -04:00
Tobias Geerinckx-Rice 8d89d3c9bf
gnu: pidgin: Update to 2.14.2.
* gnu/packages/messaging.scm (pidgin): Update to 2.14.2.
[source]: Remove pidgin-vv-gst.patch.
* gnu/packages/patches/pidgin-vv-gst.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2021-04-02 23:25:18 +02:00
Léo Le Bouter f4dc8ac6df
gnu: curl: Update to 7.76.0 [security fixes].
Fixes CVE-2021-22876 and CVE-2021-22890.

* gnu/packages/curl.scm (curl/fixed): New variable.
(curl)[replacement]: New field.
* gnu/packages/patches/curl-7.76-use-ssl-cert-env.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2021-04-02 16:44:33 -04:00
Léo Le Bouter c18c8d3e9c
gnu: wpa-supplicant-minimal: Fix CVE-2021-30004.
* gnu/packages/patches/wpa-supplicant-CVE-2021-30004.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/admin.scm (wpa-supplicant-minimal): Apply patch.
2021-04-02 19:22:33 +02:00
Jelle Licht 31c4d89073
gnu: Add llhttp-bootstrap.
* gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/node.scm (llhttp-bootstrap): New variable.
2021-04-02 18:04:24 +02:00
Maxim Cournoyer 67a5e112b1
gnu: opendht: Update to 2.2.0rc4.
* gnu/packages/patches/opendht-fix-jami.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Un-register it.
* gnu/packages/networking.scm (opendht): Update to 2.2.0rc4.
[patches]: Remove field.
[inputs]: Use nettle-3.7.
[native-inputs]: Move restinio to...
[propagated-inputs]: ... here.
2021-04-02 07:41:15 -04:00
Pierre Langlois bd9e140856
Revert "gnu: libvirt: Update to 7.1.0."
The update causes virsh to fail <https://bugs.gnu.org/47541>.

This reverts commit 383b02a370.
2021-04-02 09:23:20 +01:00
Efraim Flashner b82cc0b90e
gnu: qemu-for-american-fuzzy-lop: Fix build.
* gnu/packages/debug.scm (qemu-for-american-fuzzy-lop)[source]: Add
patch.
* gnu/packages/patches/qemu-glibc-2.30.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2021-04-01 13:31:51 +03:00
Tobias Geerinckx-Rice 94c77c9a0f
gnu: gimp: Ship a copy of the gegl patch.
As Ludo' rightly points out, GitHub's patches are probably as stable
as their tarballs.

* gnu/packages/gimp.scm (gimp)[source]:
Use SEARCH-PATCHES instead of an origin.
* gnu/packages/patches/gimp-make-gegl-introspect-optional.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2021-04-01 00:49:28 +02:00
Pierre Langlois 383b02a370
gnu: libvirt: Update to 7.1.0.
* gnu/packages/virtualization.scm (libvirt): Update to 7.1.0.
[source]: Remove libvirt-create-machine-cgroup.patch, add
libvirt-do-not-create-var-dirs.patch.
[build-system]: Switch to meson-build-system.
[arguments]: Use meson-0.55.  Adapt #:configure-flags for meson, there is no
need for --docdir anymore.  Remove fix-BOURNE_SHELL-definition phase.  Add
fix-sysconfdir-and-localstatedir phase.  Adapt disable-broken-tests to meson.
[native-inputs]: Add python-docutils and rpcsvc-proto.
* gnu/packages/patches/libvirt-create-machine-cgroup.patch: Delete.
* gnu/packages/patches/libvirt-do-not-create-var-dirs.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add new patch, remove the other.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-31 15:36:48 +02:00
Léo Le Bouter 9feef62b73
gnu: zstd: Downgrade to 1.4.4 and make security graft saner.
* gnu/packages/patches/zstd-CVE-2021-24031_CVE-2021-24032.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (zstd-1.4.9): Remove.
(zstd/fixed): New variable. Apply patch.
(zstd)[replacement]: Graft with zstd/fixed.
2021-03-30 02:21:25 +02:00
Raghav Gururajan 48b2202789
gnu: linphoneqt: Update to 4.2.5 and rename to linphone-desktop.
Also enable the daemon and console interfaces.

* gnu/packages/linphone.scm (linphoneqt) [name]: Rename to linphone-desktop.
[source]: Switch to git repository.
[patches]: Remove linphoneqt-tabbutton.patch and add
linphone-desktop-without-sdk.patch.
[outputs]<debug>: New output.
[configure-flags]: Disable update checking and enable the daemon and console
interfaces.
[phases]<pre-configure>: New phase.
<fix-cmake-error, set-version-string>: Remove phases.
<extend-shared-resources>: Rename to...
<post-install>: ... this; adjust.
[native-inputs]: Add pkg-config.
[inputs]: Add belr and ortp.  Remove belle-sip.
[home-page]: Update home page.
[license]: Update to GPLv3+.
* gnu/packages/patches/linphoneqt-tabbutton.patch: Remove file.
linphone-desktop-without-sdk.patch: New file.
* gnu/local.mk (dist_patch_DATA): Update.

Co-authored-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2021-03-29 01:17:14 -04:00
Raghav Gururajan 146a9403b3
gnu: mediastreamer2: Update to 4.4.34.
* gnu/packages/linphone.scm (mediastreamer2)[source]: Switch to git repository.
[version]: Update to 4.4.34.
[patches]: Remove field.
[configure-flags]: Remove the ENABLE_STRICT, ENABLE_BV16, CMAKE_C_FLAGS and
CMAKE_CXX_FLAGS flags.
[phases]{fix-version}: New phase.
{separate-outputs}: Modify.
[native-inputs]: Replace python with python-wrapper.
[home-page]: Update.
[license]: Upgrade to GPLv3+.
* gnu/packages/patches/mediastreamer2-srtp2.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2021-03-29 01:17:13 -04:00
Simon South 5d8c2c00d6
tests: Add Transmission Daemon system test.
* gnu/tests/file-sharing.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-28 22:31:00 +02:00
Mark H Weaver 2d3d7faf0a
gnu: imagemagick: Add more upstream fixes.
* gnu/packages/patches/imagemagick-ReadDCMImage-fix.patch,
gnu/packages/patches/imagemagick-ReadDCMPixels-fix.patch,
gnu/packages/patches/imagemagick-WriteTHUMBNAILImage-fix.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/imagemagick.scm (source): Add patches.
2021-03-27 19:49:14 -04:00
Mark H Weaver bfc69d5e7c
gnu: imagemagick: Fix CVE-2020-27829.
* gnu/packages/patches/imagemagick-CVE-2020-27829.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/imagemagick.scm (source): Add patch.
2021-03-27 19:49:07 -04:00
Léo Le Bouter 53dd99bc0b
gnu: upx: Fix CVE-2021-20285.
* gnu/packages/patches/upx-CVE-2021-20285.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (upx): Apply patch.
2021-03-26 22:52:33 +01:00
Léo Le Bouter 52c8d07a4f
gnu: mariadb: Fix CVE-2021-27928.
* gnu/packages/patches/mariadb-CVE-2021-27928.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/databases.scm (mariadb/fixed): New variable. Apply patch.
(mariadb)[replacement]: Graft.
2021-03-26 02:21:51 +01:00
Leo Le Bouter 6e98e9ca92
gnu: glibc: Fix ldd path on powerpc*.
This should avoid some problems, such as "not a dynamic executable" errors.

* gnu/packages/patches/glibc-ldd-powerpc.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm: (glibc)[native-inputs]: Add it.
[arguments]: When building for powerpc* apply it.
* gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash,
glibc-final)[native-inputs]: Add patch conditionally.

This patch has been adjusted to apply to master.

Signed-off-by: Chris Marusich <cmmarusich@gmail.com>
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2021-03-23 23:19:55 -07:00
Mathieu Othacehe eee69da3a5
tests: Remove Cuirass tests.
Those tests don't make sense anymore as the Cuirass 1.0 version has removed
the possibility to execute a custom registration procedure.

* gnu/tests/cuirass.scm: Remove it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Ditto.
2021-03-23 16:47:47 +01:00
Tobias Geerinckx-Rice 46cac065be
gnu: efibootmgr: Update to 17.
* gnu/packages/linux.scm (efibootmgr): Update to 17.
[source]: Use GIT-FETCH and GIT-FILE-NAME.
Add a patch to build against efivar@37.
* gnu/packages/patches/efibootmgr-remove-extra-decl.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2021-03-23 14:20:06 +01:00
Tobias Geerinckx-Rice f119612d64
gnu: cgal: Update to 5.2.1.
* gnu/packages/graphics.scm (cgal): Update to 5.2.1.
[source]: Remove patch.
* gnu/packages/patches/cgal-security-pr-5371.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2021-03-23 14:20:05 +01:00
Greg Hogan 6457985e39
gnu: abseil-cpp: Patch sterror_test.
* gnu/packages/patches/abseil-cpp-fix-gtest.patch: Renamed file.
* gnu/packages/patches/abseil-cpp-fix-strerror_test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Rename / add files.
* gnu/packages/cpp.scm (abseil-cpp)[source]: Use files.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-19 22:32:40 +01:00
Greg Hogan c4d616f7c6
gnu: abseil-cpp: Update to 20200923.3.
* gnu/packages/cpp.scm (abseil-cpp): Update to 20200923.3.
[arguments]: Enable external googletest.
* gnu/packages/patches/abseil-cpp-fix.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-19 22:17:03 +01:00
Léo Le Bouter 572528e7dd
gnu: busybox: Fix CVE-2021-28831.
* gnu/packages/patches/busybox-CVE-2021-28831.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/busybox.scm (busybox): Apply it.
2021-03-19 11:56:38 +01:00
Marius Bakke 1155a88308
gnu: ungoogled-chromium: Update to 89.0.4389.90-1.
* gnu/packages/patches/ungoogled-chromium-system-opus.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 89.
(%chromium-version): Remove variable.
(%ungoogled-revision): Set to 89.0.4389.90-1.
(%ungoogled-origin): Conditionally set file name based on commit/tag.
(%guix-patches): Add the new file.
(libvpx/chromium): Update to 1.9.0-104-gb5d77a48d.
(ungoogled-chromium)[version]: Use %UNGOOGLED-REVISION.
[source]: Update hash.
[arguments]: Adjust #:configure-flags for build system changes.  Don't build
with external WebRTC SSL library.  Remove obsolete substitution.
[inputs]: Remove OPENSSL.  Change from PIPEWIRE to PIPEWIRE-0.3.
2021-03-19 00:14:11 +01:00
Leo Prikler fef91c0cc8
gnu: Move lolcode to esolangs.
* gnu/packages/lolcode.scm (lci): Move from here...
* gnu/packages/esolangs.scm (lolcode-lci): ... to here.
* gnu/packages/lolcode.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
2021-03-17 14:21:29 +01:00
Kei Kebreau 109f58444b
gnu: mpg321: Fix CVE-2019-14247.
* gnu/packages/patches/mpg321-CVE-2019-14247.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (mpg321)[source]: Apply it.

Signed-off-by: Léo Le Bouter <lle-bout@zaclys.net>
Signed-off-by: Leo Famulari <leo@famulari.name>
2021-03-16 19:12:36 +01:00
Mark H Weaver d059485257
gnu: unzip: Remove redundant and unused "unzip-symlink.patch".
This is a followup to commit 31d289a475,
which added, but did not use, "unzip-symlink.patch", which is
redundant with the pre-existing "unzip-initialize-symlink-flag.patch".

* gnu/packages/patches/unzip-symlink.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2021-03-14 19:16:17 -04:00
Léo Le Bouter 703843922a
gun: unzip/fixed: Fix tests on 32-bit systems.
* gnu/packages/patches/unzip-32bit-zipbomb-fix.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (unzip/fixed): Apply patch.
2021-03-14 09:09:45 +01:00
Léo Le Bouter 31d289a475
gnu: unzip: Add patches from Fedora [security fixes].
Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and
CVE-2019-13232.

* gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch,
gnu/packages/patches/unzip-CVE-2016-9844.patch,
gnu/packages/patches/unzip-CVE-2018-1000035.patch,
gnu/packages/patches/unzip-CVE-2018-18384.patch,
gnu/packages/patches/unzip-case-insensitive.patch,
gnu/packages/patches/unzip-alt-iconv-utf8-print.patch,
gnu/packages/patches/unzip-alt-iconv-utf8.patch,
gnu/packages/patches/unzip-close.patch,
gnu/packages/patches/unzip-exec-shield.patch,
gnu/packages/patches/unzip-fix-recmatch.patch,
gnu/packages/patches/unzip-manpage-fix.patch,
gnu/packages/patches/unzip-overflow.patch,
gnu/packages/patches/unzip-symlink.patch,
gnu/packages/patches/unzip-timestamp.patch,
gnu/packages/patches/unzip-valgrind.patch,
gnu/packages/patches/unzip-x-option.patch,
gnu/packages/patches/unzip-zipbomb-manpage.patch,
gnu/packages/patches/unzip-zipbomb-part1.patch,
gnu/packages/patches/unzip-zipbomb-part2.patch,
gnu/packages/patches/unzip-zipbomb-part3.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches.
(unzip)[replacement]: Graft.
2021-03-14 06:11:20 +01:00
Mark H Weaver 74e2c0e00f
gnu: gnutls: Fix CVE-2021-20231 and CVE-2021-20232.
* gnu/packages/patches/gnutls-CVE-2021-20231.patch,
gnu/packages/patches/gnutls-CVE-2021-20232.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls/fixed): New variable.
(guile2.2-gnutls): Use package/inherit.
2021-03-13 04:58:12 -05:00
Greg Hogan 8ea7b6f91e
gnu: Add aws-c-io.
* gnu/packages/c.scm (aws-c-io): New variable.
* gnu/packages/patches/aws-c-io-cmake-prefix.patch,
gnu/packages/patches/aws-c-io-disable-networking-tests.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-12 23:58:54 +01:00
Greg Hogan 748e2ec07a
gnu: Add aws-c-cal.
* gnu/packages/c.scm (aws-c-cal): New variable.
* gnu/packages/patches/aws-c-cal-cmake-prefix.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-12 23:58:54 +01:00
Mark H Weaver 825cc7e0d4
gnu: gnome-shell: Fix CVE-2020-17489.
* gnu/packages/patches/gnome-shell-CVE-2020-17489.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gnome-shell)[source]: Add patch.
2021-03-12 06:08:33 -05:00
Mark H Weaver bc16eacc99
gnu: cairo: Fix CVE-2018-19876 and CVE-2020-35492.
* gnu/packages/patches/cairo-CVE-2018-19876.patch,
gnu/packages/patches/cairo-CVE-2020-35492.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gtk.scm (cairo)[replacement]: New field.
(cairo/fixed): New variable.
(cairo-xcb): Use package/inherit.
2021-03-12 06:08:33 -05:00
Mark H Weaver 453e101fc3
gnu: gdk-pixbuf: Fix CVE-2020-29385.
* gnu/packages/patches/gdk-pixbuf-CVE-2020-29385.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gtk.scm (gdk-pixbuf)[replacement]: New field.
(gdk-pixbuf/fixed): New variable.
(gdk-pixbuf+svg): Use package/inherit.
2021-03-12 06:08:32 -05:00
Mark H Weaver 5a06b83fc9
gnu: glib: Fix CVE-2021-28153.
* gnu/packages/patches/glib-CVE-2021-28153.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/glib.scm (glib/fixed): Add the new patch.
2021-03-12 01:44:26 -05:00
Efraim Flashner 2f9132e2e0
Revert "Revert "gnu: mongodb: Update to 3.4.24 [security fixes].""
This reverts commit feff80cec3.

I was mistaken, there are still branches of mongodb which are still
licensed under the AGPL3
2021-03-11 23:23:00 +02:00
Efraim Flashner feff80cec3
Revert "gnu: mongodb: Update to 3.4.24 [security fixes]."
This reverts commit e5f89570c1.

After this version mongodb switched to the Server Side Public License
(https://www.mongodb.com/licensing/server-side-public-license) which is
not a FOSS license.
2021-03-11 15:13:55 +02:00
Mark H Weaver 21b3b75515
gnu: glib: Fix CVE-2021-27218 and CVE-2021-27219.
* gnu/packages/patches/glib-CVE-2021-27218.patch,
gnu/packages/patches/glib-CVE-2021-27219-01.patch,
gnu/packages/patches/glib-CVE-2021-27219-02.patch,
gnu/packages/patches/glib-CVE-2021-27219-03.patch,
gnu/packages/patches/glib-CVE-2021-27219-04.patch,
gnu/packages/patches/glib-CVE-2021-27219-05.patch,
gnu/packages/patches/glib-CVE-2021-27219-06.patch,
gnu/packages/patches/glib-CVE-2021-27219-07.patch,
gnu/packages/patches/glib-CVE-2021-27219-08.patch,
gnu/packages/patches/glib-CVE-2021-27219-09.patch,
gnu/packages/patches/glib-CVE-2021-27219-10.patch,
gnu/packages/patches/glib-CVE-2021-27219-11.patch,
gnu/packages/patches/glib-CVE-2021-27219-12.patch,
gnu/packages/patches/glib-CVE-2021-27219-13.patch,
gnu/packages/patches/glib-CVE-2021-27219-14.patch,
gnu/packages/patches/glib-CVE-2021-27219-15.patch,
gnu/packages/patches/glib-CVE-2021-27219-16.patch,
gnu/packages/patches/glib-CVE-2021-27219-17.patch,
gnu/packages/patches/glib-CVE-2021-27219-18.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/glib.scm (glib)[replacement]: New field.
(glib/fixed): New variable.
2021-03-11 06:21:13 -05:00
Léo Le Bouter 1acfda2f94
gnu: geary: Fix CVE-2020-24661.
* gnu/packages/patches/geary-CVE-2020-24661.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (geary): Apply it.
2021-03-11 02:32:19 +01:00
Léo Le Bouter e940f6d801
gnu: libcroco: Fix CVE-2020-12825.
* gnu/packages/patches/libcroco-CVE-2020-12825.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (libcroco/fixed): New variable. Apply patch.
(libcroco)[replacement]: Graft.
2021-03-11 02:02:24 +01:00
Léo Le Bouter a2943e36c7
gnu: evolution: Fix CVE-2020-11879.
* gnu/packages/patches/evolution-CVE-2020-11879.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (evolution): Apply it.
2021-03-11 01:19:40 +01:00