* gnu/packages/patches/busybox-CVE-2021-28831.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/busybox.scm (busybox): Apply it.
* gnu/packages/patches/ungoogled-chromium-system-opus.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 89.
(%chromium-version): Remove variable.
(%ungoogled-revision): Set to 89.0.4389.90-1.
(%ungoogled-origin): Conditionally set file name based on commit/tag.
(%guix-patches): Add the new file.
(libvpx/chromium): Update to 1.9.0-104-gb5d77a48d.
(ungoogled-chromium)[version]: Use %UNGOOGLED-REVISION.
[source]: Update hash.
[arguments]: Adjust #:configure-flags for build system changes. Don't build
with external WebRTC SSL library. Remove obsolete substitution.
[inputs]: Remove OPENSSL. Change from PIPEWIRE to PIPEWIRE-0.3.
* gnu/packages/time.scm (countdown): New variable.
Also adds copyright, adds necessary module dependencies, and sorts them alphabetically.
Signed-off-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
This updates the 'guix' package so that it provides the fix
for <https://bugs.gnu.org/47229>.
* gnu/packages/package-management.scm (guix): Update to ec7fb66.
References:
https://sysctl-explorer.net/fs/protected_hardlinks/https://sysctl-explorer.net/fs/protected_symlinks/
* gnu/services/sysctl.scm (%default-sysctl-settings): New public variable.
(<sysctl-configuration>): Use %default-sysctl-settings as the default value.
* gnu/services/base.scm (%base-services): Add sysctl-service-type.
* doc/guix.texi (Miscellaneous Services): Document the new defaults.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/imagemagick.scm (imagemagick/fixed)[arguments]: Add
'fix-compat-cheat-rename-so phase to redirect old soname paths (expected
without grafting) to new sonames introduced by ImageMagick 6.9.12-0 and
later. These sonames are probably not forward compatible but most probably
backwards compatible so it should suffice until we remove the graft.
This should reduce confusion on when to use the "autoconf"
package and when to use "autoconf-wrapper" instead in
package definitions.
Fixes <https://bugs.gnu.org/46564>.
* gnu/packages/autotools.scm (autoconf-wrapper):
advise to use the "autoconf" package instead where
possible.
* gnu/packages/game-development.scm (tsukundere)[native-inputs]:
use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/gimp.scm
(glimpse)[native-inputs]: likewise.
(gimp-resynthesizer)[native-inputs]: add comment on why
"autoconf-wrapper" is used.
* gnu/packages/gnunet.scm (gnunet)[native-inputs]:
use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/gnupg.scm (signing-party)[native-inputs]:
add comment on why "autoconf-wrapper" is used.
* gnu/packages/guile-xyz.scm
(guile-bash,guile-filesystem,guile-ics,guile-udev)[native-inputs]:
use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/libevent.scm (libuv)[native-inputs]: indicates
"autoconf-wrapper" needs to be replaced with "autoconf"
on core-updates.
* gnu/packages/logging.scm (glog)[native-inputs]: use "autoconf"
instead of "autoconf-wrapper".
* gnu/packages/mail.scm (libetpan)[native-inputs]: likewise.
* gnu/packages/mate.scm
(mate-icon-theme-faenza)[native-inputs]: add comment on why
"autoconf-wrapper" is used.
(mate-screensaver)[native-inputs]: use "autoconf" instead of
"autoconf-wrapper".
* gnu/packages/package-management.scm (guix)[native-inputs]: likewise.
* gnu/packages/sawfish.scm (librep)[native-inputs]: likewise.
* gnu/packages/video.scm (motion)[native-inputs]: likewise.
* gnu/packages/zile.scm (zile)[native-inputs]: likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Amend the changes in 1a265842e6 to properly
access the origin patches from libtirpc.
I noticed this as guix weather didn't work for this package.
* gnu/packages/onc-rpc.scm (libtirpc/hurd)[source]: Call origin-patches
on (package-source libtirpc) rather than the libtirpc package.
* gnu/packages/compression.scm (pzstd): Use 'package/inherit' over zstd so any
graft applied to zstd cascades onto pzstd which is built from the same
source.
* gnu/packages/patches/mpg321-CVE-2019-14247.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (mpg321)[source]: Apply it.
Signed-off-by: Léo Le Bouter <lle-bout@zaclys.net>
Signed-off-by: Leo Famulari <leo@famulari.name>
* gnu/packages/databases.scm (libmemcached): Disable test suite. Removing
trailing #t.
[phases]{fix-configure}: Remove useless group in pattern.
{disable-failing-tests}: Remove phase.
{build-and-install-html-doc}: Order after the build phase.
[home-page]: Please 'guix lint'.
Reported-by: Simon Tournier <zimon.toutoune@gmail.com>
mongodb 3.4.10 has unpatched CVEs and mongodb 3.4.24 has some files in the
release tarball under the SSPL, therefore we cannot provide mongodb while
upholding to good security standards.
It turns out feff80cec3 was right since while
the main license file wasnt altered to SSPL, some files in the tree contain
SSPL headers.
* gnu/packages/databases.scm (go-gopkg.in-mgo.v2): Remove.
* gnu/packages/databases.scm (mongo-tools): Remove.
* doc/guix.texi (mongodb-service-type): Remove.
* gnu/tests/databases.scm (%test-mongodb, %mongodb-os, run-mongodb-test):
Remove.
* gnu/services/databases.scm (mongodb-configuration, mongodb-configuration?,
mongodb-configuration-mongodb, mongodb-configuration-config-file,
mongodb-configuration-data-directory, mongodb-service-type,
%default-mongodb-configuration-file, %mongodb-accounts, mongodb-activation,
mongodb-shepherd-service): Remove.
* gnu/packages/databases.scm (mongodb): Remove.
* gnu/packages/virtualization.scm (qemu): Update to 5.2.0.
[source]: Re-indent and break long lines, to appease 'guix lint'.
[arguments]{disable-unusable-tests}: Adjust for the new Meson build
system. Remove patching for a test workaround that has been resolved in
5.2.0.
{patch-test-shebangs, patch-/bin/sh-references}: Combine into...
{patch-embedded-shebangs}: ... this new phase. Patch the SHELL variable in
the Makefile.
{fix-optionrom-makefile}: New phase.
{install-user-static}: Adjust as the binaries are now symbolic links pointing to their
actual build path.
[native-inputs]: Add ninja.
* gnu/packages/patches/qemu-build-info-manual.patch: Update patch.
Co-authored-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Fixes <https://issues.guix.gnu.org/36117>.
Before this change, the 'binfmt_misc' entries registered for QEMU would not be
usable in container contexts outside of guix-daemon (without manually bind
mounting file names).
For example:
$ docker run --rm arm32v7/debian true
standard_init_linux.go:207: exec user process caused "no such file or directory"
After this change, any container can make use of the QEMU binfmt_misc
registrations, as their corresponding QEMU static binaries are fully
pre-loaded by the kernel.
* gnu/services/virtualization.scm (<qemu-platform>): Define using
'define-record-type*'.
[flags]: New field, which defaults to "F" (fix binary).
(%i386, %i486, %alpha, %arm, %armeb, %sparc, %sparc32plus, %ppc, %ppc64)
(%ppc64le, %m68k, %mips, %mipsel, %mipsn32, %mipsn32el, %mips64, %mips64el)
(%riscv32, %riscv64, %sh4, %sh4eb, %s390x, %aarch64, %hppa): Adjust.
(qemu-binfmt-guix-chroot): Remove variable.
(qemu-binfmt-service-type): Remove the qemu-binfmt-guix-chroot extension.
* gnu/services/qemu-binfmt (qemu-platform->binfmt): Use the static output of
QEMU.
* doc/contributing.texi (Submitting Patches): Update doc.
* doc/guix.texi (Virtualization Services): Update doc.
The static output is equivalent to what other distributions commonly package
as 'qemu-user-static'.
* gnu/packages/virtualization.scm (qemu)[outputs]: Add a static output.
[phases]{configure}: Configure the main build as an out-of-source build. Move
all configure flags to ...
[configure-flags]: ... here. The options explicitly enabling optional
features are removed; the configure script does a good job at enabling all the
features available based on the inputs present and this allows reusing the
flags in variant packages such as qemu-minimal.
{configure-user-static, build-user-static, install-user-static}: New phases.
{patch-test-shebangs}: New phase, extracted from the configure phase.
[native-inputs]: Add glib-static, pcre:static and zlib:static.
(qemu-minimal)[arguments]: Reuse the configure-flags argument. Rewrite to use
match instead of cond.
Léo Le Bouter
Marius Bakke
Tobias Geerinckx-Rice
Ryan Prior via Guix-patches via
Morgan Smith
Nicolas Goaziou
Ludovic Courtès
Leo Famulari
qblade
Maxime Devos
Christopher Baines
Efraim Flashner
Oleg Pykhalov
Leo Prikler
LibreMiami
Mark H Weaver
Maxim Cournoyer
Kei Kebreau
Ricardo Wurmus
Stefan Reichör
zimoun