Includes fixes for: CVE-2022-28738, and CVE-2022-28739.
* gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.2.
Signed-off-by: Marius Bakke <marius@gnu.org>
Includes fixes for: CVE-2022-28738, CVE-2022-28739, CVE-2021-41819,
CVE-2021-41816, and CVE-2021-41817.
* gnu/packages/ruby.scm (ruby-3.0): Update to 3.0.4.
Signed-off-by: Marius Bakke <marius@gnu.org>
This fixes the builds of gdm and some other packages.
* gnu/packages/freedesktop.scm (accountsservice)[inputs]: Move polkit ...
[propagated-inputs]: ... to here.
* gnu/services/lightdm.scm: New service.
* tests/services/lightdm.scm: Test it.
* doc/guix.texi (X Window): Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Register it.
Co-authored-by: L p R n d n <guix@lprndn.info>
Co-authored-by: Ricardo Wurmus <rekado@elephly.net>
* gnu/build/marionette.scm (wait-for-screen-text): Return the last OCR'd text
when the predicate fails to match instead of the not useful predicate object.
* gnu/packages/patches/lightdm-vnc-color-depth.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/display-managers.scm (lightdm): Apply it.
* gnu/packages/patches/lightdm-arguments-ordering.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/display-managers.scm (lightdm): Apply it.
* gnu/packages/patches/lightdm-vncserver-check.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/display-managers.scm (lightdm): Apply it.
* gnu/packages/display-managers.scm (lightdm-gtk-greeter)
[configure-flags]: Add the '--launch-immediately' option to the
at-spi-bus-launcher to match what is used in the source.
* gnu/packages/display-managers.scm (lightdm-gtk-greeter)
[configure-flags]: Install binaries to bin/, so the wrap phase of glib-or-gtk
handles them.
[phases]{wrap-program}: Delete.
{custom-wrap}: New phase, wrapping the wrapper with a few extra environment
variables.
* gnu/packages/patches/accountsservice-extensions.patch: New patch.
* gnu/packages/freedesktop.scm (accountsservice)[source]: Apply it.
[phases]{wrap-with-xdg-data-dirs}: New phase.
Previously, menu-entry->sexp didn't try to convert `device` to a
proper sexp, which was inserted directly into the boot parameters
G-exp, leading to a G-exp input error. Now convert both uuid and
file-system-label possibilities to sexps, and add parsing code to
sexp->menu-entry. This fixes#57307.
* gnu/bootloader.scm (menu-entry->sexp, sexp->menu-entry): Take
non-string devices into account.
Signed-off-by: Marius Bakke <marius@gnu.org>
This package was introduced as native input to the now removed fortune-mod,
so let's remove it as well.
* gnu/packages/games.scm (rinutils): Delete variable.
Since the addition of fortune-jkirchartz, it is no longer necessary to
keep around a package that propagates various non-nice things.
For a complete list, see <https://bugs.gnu.org/54691>.
* gnu/packages/games.scm (fortune-mod): Delete variable.
* gnu/packages/libffi.scm (ruby-ffi): Update to 1.15.5.
[arguments]: Remove custom 'do-not-depend-on-ccache phase. Adjust custom
'remove-git-ls-files phase to changes in the code. Remove trailing #t
from phases.
* gnu/packages/qt.scm (qtwebengine)[native-search-paths]: Use
"lib/qt6/libexec/QtWebEngineProcess" for search path.
Signed-off-by: Marius Bakke <marius@gnu.org>
As a reproducibility check, you can check the hash:
$ guix hash -r $(./pre-inst-env guix build samba --no-grafts --system=x86_64-linux)
1mg3nh705pbiz3ihq8jzkmjb15m6y8zjnzyr4hxmbciv7frgykk0
I've checked that it's correctly signed, and I've tried to verify that the PGP
key is correct -- searching for 'Samba Distribution Verification Key', the
websites of the first search results have the same key:
* https://www.linuxcompatible.org/story/samba-4150rc5-released/
* https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed
* https://www.mail-archive.com/samba-announce@lists.samba.org/msg00562.html
* https://wiki.linuxfromscratch.org/blfs/ticket/14748https://groups.google.com/g/linux.samba/c/k3xaN0TIcQU has a different key,
but as mentioned on the previous locations, the key has changed.
I have also checked the source code diff (using diffoscope) between the the
current version and the previous, nothing appears 'suspicious' (with the
caveat that it is written in C).
According to "guix refresh -l" there aren't too many dependents. I'm
currently rebuilding them, no failures so far except for lxde, but it already
failed to build before this patch.
* gnu/packages/samba.scm (samba): Update to 4.16.4. To help future updaters,
add the current PGP fingerprint in a comment.
Signed-off-by: Marius Bakke <marius@gnu.org>
* gnu/packages/patches/scons-test-environment.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/build-tools.scm (scons): Update to 4.4.0.
[source](patches): New field.
[arguments]: Adjust bootstrap for the new version. Enable tests.
[native-inputs]: Add PYTHON-WHEEL and PYTHON-PSUTIL.
(scons-3): New variable.
(scons-python2): Inherit from it.
* gnu/packages/web.scm (serf)[arguments]: Stick with SCONS-3 to prevent rebuilds.