me
/
guix
Archived
1
0
Fork 0
Commit Graph

1579 Commits (60c8a14b8a2dddf9ef00624fcd9b607863987e56)

Author SHA1 Message Date
Marius Bakke 1ec0b7407f
gnu: libxfont@2: Update replacement to 2.0.3 [fixes CVE-2017-16611].
* gnu/packages/xorg.scm (libxfont2/fixed): Rename to ...
(libxfont2-2.0.3): ... this.  Make public.
[version]: New field.
[source]: Add URI and SHA256.  Remove patches.
(libxfont2)[replacement]: Change LIBXFONT2/FIXED to LIBXFONT2-2.0.3.
* gnu/packages/patches/libxfont-CVE-2017-13720.patch,
gnu/packages/patches/libxfont-CVE-2017-13722.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-11-29 12:53:08 +01:00
Marius Bakke 0e7fb0cd9b
gnu: optipng: Fix CVE-2017-1000229.
* gnu/packages/image.scm (optipng)[source](patches): New field.
* gnu/packages/patches/optipng-CVE-2017-1000229.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-11-29 12:53:08 +01:00
Leo Famulari 3519f2841d
gnu: libtorrent-rasterbar: Update to 1.1.4.
* gnu/packages/bittorrent.scm (libtorrent-rasterbar): Update to 1.1.4.
[source]: Remove 'libtorrent-rasterbar-boost-compat.patch'.
* gnu/packages/patches/libtorrent-rasterbar-boost-compat.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-11-29 01:12:18 -05:00
Leo Famulari 48adc61c14
gnu: exim: Fix CVE-2017-16944.
* gnu/packages/patches/exim-CVE-2017-16944.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (exim)[source]: Use it.
2017-11-28 18:22:49 -05:00
Leo Famulari 38faa2b546
gnu: qemu: Fix CVE-2017-{15118,15119}.
* gnu/packages/patches/qemu-CVE-2017-15118.patch,
gnu/packages/patches/qemu-CVE-2017-15119.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.
2017-11-28 18:16:22 -05:00
Ludovic Courtès 1da3d2a3a1
gnu: perl-markdown-discount: Use a shorter patch file name.
* gnu/packages/patches/perl-text-markdown-discount-use-system-markdown.patch:
Rename to...
* gnu/packages/patches/perl-text-markdown-discount-unbundle.patch:
... this.
* gnu/packages/markup.scm (perl-text-markdown-discount): Adjust accordingly.
2017-11-28 14:57:16 +01:00
Mike Gerwitz 797d238789
gnu: node: Update to 8.9.1.
* gnu/packages/node.scm (node): Update to 8.9.1.
[source]: Apply 'node-test-http2-server-rst-stream.patch'.
[arguments]: Skip 'doc-only' target in 'check', which attempts to use
npm to retrieve 'js-yaml' package.  Remove test/doctool/test-make-doc.js.
Do not remove now-missing test case.  Remove new test case that fails in
containers due to networking.
* gnu/packages/patches/node-test-http2-server-rst-stream.patch: New file.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-11-28 10:04:26 +01:00
Leo Famulari 5b327a2d61
gnu: exim: Fix CVE-2017-16943.
* gnu/packages/patches/exim-CVE-2017-16943.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (exim)[source]: Use it.
2017-11-26 15:31:46 -05:00
Jan Nieuwenhuizen 68cb962a8d
gnu: guile-emacs: Resurrect, fixes #29186.
* gnu/packages/patches/guile-emacs-fix-configure.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/emacs.scm (guile-emacs): Use it.  Add workaround for src/deps
dir creation.  Fixes #29186.
2017-11-25 20:05:26 +01:00
Oleg Pykhalov 7a45268935
gnu: Add emacs-highlight-stages.
* gnu/packages/emacs.scm (emacs-highlight-stages): New variable.
* gnu/packages/patches/emacs-highlight-stages-add-gexp.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add this.
2017-11-25 00:18:45 +03:00
Rutger Helling 17c3f77641
gnu: supertuxkart: Update to 0.9.3.
* gnu/packages/games.scm (supertuxkart): Update to 0.9.3.
[arguments] <#:configure-flags>: Pass -DBUILD_RECORDER=0.
* gnu/packages/patches/supertuxkart-angelscript-ftbfs.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-11-23 23:19:02 +01:00
Rutger Helling 5864f1c1ee
gnu: higan: Update to 106.
* gnu/packages/games.scm (higan): Update to 106.
* gnu/packages/patches/higan-remove-march-native-flag.patch: Adjust.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-11-23 22:59:49 +01:00
Brendan Tildesley 327620dc72
gnu: pcmanfm: Fix CVE-2017-8934.
* gnu/packages/patches/pcmanfm-CVE-2017-8934.patch: New file.  This patch was
imported from Arch Linux.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/lxde.scm (pcmanfm)[source]: Use it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-11-23 22:55:58 +01:00
Leo Famulari c297e965d5
gnu: procmail: Fix CVE-2017-16844.
* gnu/packages/patches/procmail-CVE-2017-16844.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (procmail)[source]: Use it.
2017-11-21 21:54:39 -05:00
Marius Bakke aace9be80b
gnu: gcc@6: Respect SOURCE_DATE_EPOCH in __DATE__ and __TIME__ macros.
* gnu/packages/patches/gcc-6-source-date-epoch-1.patch,
gnu/packages/patches/gcc-6-source-date-epoch-2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/gcc.scm (gcc-6)[source]: Use them.
2017-11-20 00:17:39 +01:00
Efraim Flashner 6563d58c7e
gnu: owncloud-client: Don't check for updates.
* gnu/packages/sync.scm (owncloud-client)[source]: Add patch.
* gnu/packages/patches/owncloud-disable-updatecheck.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-11-18 21:50:08 +02:00
Ricardo Wurmus 3182a1d2f1
gnu: audacity: Update to 2.2.0.
* gnu/packages/patches/audacity-build-with-system-portaudio.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/audio.scm (audacity): Update to 2.2.0.
[source]: Add patch to build with system portaudio; add snippet to remove most
bundled libraries.
[inputs]: Replace "gtk+-2" with "gtk+", replace "wxwidgets-gtk2" with
"wxwidgets"; remove "libsbsms"; add "suil" and "portmidi".
[arguments]: Adjust configure flags to avoid using bundled libraries; remove
phase "autoreconf"; add phases "fix-sbsms-check" and "use-upstream-headers".
2017-11-18 16:07:57 +01:00
Mark H Weaver f1e3214534
gnu: icecat: Add more fixes from upstream mozilla-esr52.
Add fixes for CVE-2017-7830, the remaining 1/2 changesets for CVE-2017-7828,
the remaining 1/19 changesets for CVE-2017-7826, and selected other fixes.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1348660-pt5.patch,
gnu/packages/patches/icecat-bug-1415133.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-11-16 00:01:46 -05:00
Leo Famulari 882d921344
gnu: mupdf: Actually fix CVE-2017-15587.
The original fix could be removed by an optimizing compiler.

* gnu/packages/patches/mupdf-CVE-2017-15587.patch: Revise patch.
2017-11-11 22:34:24 -05:00
Marius Bakke 45d5c80253
gnu: libvisio: Update to 0.1.6.
* gnu/packages/libreoffice.scm (libvisio): Update to 0.1.6.
[source](patches): Remove.
* gnu/packages/patches/libvisio-fix-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-11-11 07:15:39 +01:00
Marius Bakke 7a9283a619
gnu: libetonyek: Update to 0.1.7.
* gnu/packages/libreoffice.scm (libetonyek): Update to 0.1.7.
[source](patches): Remove.
[arguments]<#:phases>: Remove.
[native-inputs]: Remove AUTOCONF and AUTOMAKE.
* gnu/packages/patches/libetonyek-build-with-mdds-1.2.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-11-11 07:13:01 +01:00
Leo Famulari adf7e69cab
gnu: qemu: Fix CVE-2017-{15038,15268,15289}.
* gnu/packages/patches/qemu-CVE-2017-15038.patch,
gnu/packages/patches/qemu-CVE-2017-15268.patch,
gnu/packages/patches/qemu-CVE-2017-15289.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.
2017-11-10 12:16:31 -05:00
Jan Nieuwenhuizen 625492ee1a
gnu: gcc-4.7: Resurrect building with gcc-5.4.0.
* gnu/packages/patches/gcc-4-compile-with-gcc-5.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gcc.scm (gcc-4.7): Use it.
2017-11-07 22:03:51 +01:00
Gábor Boskovits 75d342ffa9
gnu: Add python-networkx2.
* gnu/packages/python.scm (python-networkx2, python2-networkx2): New variables.
* gnu/local.mk (dist_patch_DATA): Register 'python-networkx2-reproducible-build.patch'.
* gnu/packages/patches/python-networkx2-reproducible-build.patch: New file.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-11-07 21:17:20 +01:00
Dave Love fd23d259cd
gnu: Add PSM.
* gnu/packages/linux.scm (psm): New variable.
* gnu/packages/patches/psm-arch.patch,
gnu/packages/patches/psm-ldflags.patch,
gnu/packages/patches/psm-repro.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-11-07 18:09:13 +01:00
Eric Bavier d8799bd0df
gnu: netsurf: Update to 3.7.
For compatibility, dependents must be updated at the same time.

* gnu/packages/web.scm (libcss): Update to 0.7.0
(nsgenbind): Update to 0.5.
(netsurf): Update to 3.7.
[arguments]: Fix binary name in .desktop.  Adjust "docs" directory name.
* gnu/packages/patches/netsurf-system-utf8proc.patch: Adjust to new source.
2017-11-05 07:46:08 -06:00
Hartmut Goebel 6211aadf4b
gnu: kde-frameworks: Update to 5.39.0.
Beside simple updating:
- ktexteditor: Add input.
- kdelibs4support: Enable test kmimetypetest, disable test kuniqueapptest.
- kimageformats: Make the plugins available for tests.
- krunner: Make old tests pass again. Blacklist a failing new test.

* gnu/packages/kde-frameworks.scm (attica, baloo, bluez-qt, breeze-icons,
  extra-cmake-modules, kactivities, kactivities-stats, kapidox, karchive,
  kauth, kbookmarks, kcmutils, kcodecs, kcompletion, kconfig, kconfigwidgets,
  kcoreaddons, kcrash, kdbusaddons, kdeclarative, kded,
  kde-frameworkintegration, kdelibs4support, kdesignerplugin, kdesu,
  kdewebkit, kdnssd, kdoctools, kemoticons, kfilemetadata, kglobalaccel,
  kguiaddons, khtml, ki18n, kiconthemes, kidletime, kimageformats, kinit, kio,
  kitemmodels, kitemviews, kjobwidgets, kjs, kjsembed, kmediaplayer,
  knewstuff, knotifications, knotifyconfig, kpackage, kparts, kpeople,
  kplotting, kpty, kross, krunner, kservice, ksyntaxhighlighting,
  ktextwidgets, kunitconversion, kwallet, kwayland, kwidgetsaddons,
  kwindowsystem, kxmlgui, kxmlrpcclient, modemmanager-qt, networkmanager-qt,
  oxygen-icons, plasma-framework, prison, solid, sonnet, threadweaver): Update
  to 5.39.0
  (ktexteditor) Update to 5.39.0. [source]: Add patch. [inputs]: Add
  qtdeclarative.
  (kdelibs4support): Update to 5.39.0. [#:phase check-post-install]: Remove
  kmimetypetest from and add kuniqueapptest to list of test to be excluded
  when running ctest.
  (kimageformats): Update to 5.39.0. [#:phase check-setup] Make the plugins
  available for tests.
* gnu/packages/patches/ktexteditor-5.39.0-autotests-dependencies.patch:
  New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-11-05 10:56:35 +01:00
Julien Lepiller 8d6a48150a
gnu: Add java-powermock-reflect.
* gnu/packages/java.scm (java-powermock-reflect): New variable.
* gnu/packages/patches/java-powermock-fix-java-files.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-11-02 13:07:17 +01:00
Marius Bakke 4119376d66
gnu: exiv2: Add upstream security fixes.
Fixes CVE-2017-14859, CVE-2017-14860, CVE-2017-14862 and CVE-2017-14864.

* gnu/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch,
gnu/packages/patches/exiv2-CVE-2017-14860.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/image.scm (exiv2)[source]: Use them.
2017-10-27 00:50:09 +02:00
Marius Bakke 6b88912eb6
gnu: wget: Update to 1.19.2 [fixes CVE-2017-13089 and CVE-2017-13090].
* gnu/packages/wget.scm (wget): Update to 1.19.2.
[source](uri): Change to '.lz' tarball.
[source](patches): Remove.
[native-inputs]: Add LZIP.
* gnu/packages/patches/wget-CVE-2017-6508.patch,
gnu/packages/patches/wget-fix-504-test-timeout.patch,
gnu/packages/patches/wget-perl-5.26.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-10-26 23:45:17 +02:00
Pierre Langlois de98f4ed55
gnu: Add crypto++.
* gnu/packages/crypto.scm (crypto++): New variable.
* gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

Co-authored-by: Ricardo Wurmus <rekado@elephly.net>
2017-10-25 14:54:13 +02:00
Leo Famulari ae7e24c421
gnu: mupdf: Fix CVE-2017-{14685,14686,14687}.
* gnu/packages/patches/mupdf-CVE-2017-14685.patch,
gnu/packages/patches/mupdf-CVE-2017-14686.patch,
gnu/packages/patches/mupdf-CVE-2017-14687.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/pdf.scm (mupdf)[source]: Use them.
2017-10-24 13:44:34 -04:00
Leo Famulari 6dcc8239be
gnu: icu4c: Fix CVE-2017-14952.
* gnu/packages/patches/icu4c-CVE-2017-14952.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/icu4c.scm (icu4c)[replacement]: New field.
(icu4c-fixed): New variable.
2017-10-24 13:10:35 -04:00
Marius Bakke 60e29339d8
gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671.
* gnu/packages/patches/glibc-CVE-2017-15670-15671.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc/fixed): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22)[source](patches): Add
'glibc-CVE-2017-15670-15671.patch'.
2017-10-22 23:13:09 +02:00
Leo Famulari 7827032a7c
gnu: libvirt: Fix CVE-2017-1000256.
* gnu/packages/patches/libvirt-CVE-2017-1000256.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (libvirt)[source]: Use it.
2017-10-20 15:36:43 -04:00
Leo Famulari 9ccce79910
gnu: musl: Update to 1.1.17.
* gnu/packages/musl.scm (musl): Update to 1.1.17.
[source]: Remove patch.
* gnu/packages/patches/musl-CVE-2016-8859.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-19 17:37:25 -04:00
Marius Bakke 07dfc89859
gnu: mupdf: Fix CVE-2017-15587.
* gnu/packages/patches/mupdf-CVE-2017-15587.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (mupdf)[source](patches): Use it.
2017-10-18 22:15:09 +02:00
Ricardo Wurmus d991b05664
gnu: Add Axoloti.
* gnu/packages/axoloti.scm: New file.
* gnu/packages/patches/libusb-for-axoloti.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
(GNU_SYSTEM_MODULES): Add module.
2017-10-17 16:49:20 +02:00
Leo Famulari 09748a3527
gnu: wpa-supplicant: Fix "KRACK" key reinstallation attacks [security fixes].
Fixes CVE-2017-{13078,13079,13080,13081,13082,13087,13088}.

See these announcements for more information:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.krackattacks.com/

* gnu/packages/patches/wpa-supplicant-CVE-2017-13082.patch,
gnu/packages/patches/wpa-supplicant-fix-key-reuse.patch,
gnu/packages/patches/wpa-supplicant-fix-nonce-reuse.patch
gnu/packages/patches/wpa-supplicant-fix-zeroed-keys.patch,
gnu/packages/patches/wpa-supplicant-krack-followups.patch: New files.
* gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Use them.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-10-16 14:17:27 -04:00
Ludovic Courtès 7ad81b8b67
gnu: totem: Update to 3.26.0.
* gnu/packages/gnome.scm (totem): Update to 3.26.0.
[source]: Add 'patches' field.
[build-system]: Switch to MESON-BUILD-SYSTEM.
[native-inputs]: Add GTK+:bin and GLIB:bin.
[arguments]: Pass #:glib-or-gtk?.  Adjust #:configure-flags to new
syntax.
* gnu/packages/patches/totem-meson-easy-codec.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-10-11 23:00:46 +02:00
Marius Bakke 1c055d7258
Merge branch 'staging' 2017-10-10 21:44:32 +02:00
Marius Bakke 97ecd75e28
gnu: libxfont: Fix CVE-2017-13720, CVE-2017-13722.
* gnu/packages/patches/libxfont-CVE-2017-13720.patch,
  gnu/packages/patches/libxfont-CVE-2017-13722.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/xorg.scm (libxfont, libxfont2)[source]: Use them.
2017-10-10 19:34:02 +02:00
Marius Bakke c334058f6e
gnu: libmwaw: Update to 0.3.12.
* gnu/packages/libreoffice.scm (libmwaw): Update to 0.3.12.
[source](patches): Remove.
[arguments]: Remove.
* gnu/packages/patches/libmwaw-CVE-2017-9433.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-10 18:38:01 +02:00
Marius Bakke 5124e63775
gnu: libvisio: Update to 0.1.5.
* gnu/packages/patches/libvisio-fix-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libreoffice.scm (libvisio): Update to 0.1.5.
[source]: Add 'libvisio-fix-tests.patch'.
[arguments]: Remove.
2017-10-10 18:38:00 +02:00
Cyril Roelandt 4792a0321a
gnu: python2-unittest2: Update to 1.1.0.
* gnu/packages/python.scm (python2-unittest2): Update to 1.1.0.
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: New file.
* gnu/local.mk: Add it.
2017-10-10 02:36:35 +02:00
Marius Bakke ad3a937dae
Merge branch 'master' into staging 2017-10-07 12:54:40 +02:00
Christopher Baines 6bbbca9073
gnu: Add mongodb.
* gnu/packages/databases.scm (mongodb): New variable.
2017-10-06 21:24:23 +01:00
Marius Bakke 6a317919cf
Merge branch 'master' into staging 2017-10-06 11:03:27 +02:00
Marius Bakke 3f697ff2e8
gnu: openjpeg: Update to 2.3.0.
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch,
gnu/packages/patches/openjpeg-CVE-2017-14040.patch,
gnu/packages/patches/openjpeg-CVE-2017-14041.patch,
gnu/packages/patches/openjpeg-CVE-2017-14151.patch,
gnu/packages/patches/openjpeg-CVE-2017-14152.patch,
gnu/packages/patches/openjpeg-CVE-2017-14164.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.3.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Adjust openjpeg
substitution.
2017-10-05 20:28:32 +02:00
Kei Kebreau 46cf31868c
gnu: curl: Update replacement to 7.56.0 [security fixes].
Fixes CVE-2017-1000254.
See <https://curl.haxx.se/docs/adv_20171004.html> for details.

* gnu/packages/curl.scm (curl)[replacement]: Update to 7.56.0.
(curl-7.55.0): Rename to ...
(curl-7.56.0): ... this.
[arguments]: Remove 'fix-Makefile' phase.
[source]: Remove patch.
* gnu/packages/patches/curl-bounds-check.patch: Delete it.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-04 19:37:55 -04:00