From 6bc85e79c2a8403fe8683b68c513987bd1562aec Mon Sep 17 00:00:00 2001 From: Andreas Enge Date: Mon, 21 May 2018 19:24:51 +0200 Subject: [PATCH 1/4] gnu: pius: Really add the patch file. * gnu/packages/patches/pius.patch: New file. This is a follow-up to commit a92d97266dffcd1ab5c40a379005a7db1fc3dad4. --- gnu/packages/patches/pius.patch | 38 +++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 gnu/packages/patches/pius.patch diff --git a/gnu/packages/patches/pius.patch b/gnu/packages/patches/pius.patch new file mode 100644 index 0000000000..da39731d4d --- /dev/null +++ b/gnu/packages/patches/pius.patch @@ -0,0 +1,38 @@ +See https://github.com/jaymzh/pius/pull/96 + +commit 4dba0bf75ab351969622f7b9c38484657411a528 +Author: Martin Kletzander +Date: Thu May 17 17:55:27 2018 +0200 + + Don't fail on ENCRYPTION_COMPLIANCE_MODE line from too new GnuPG (#96) + + GnuPG started printing information about encryption compliance in [commit + f31dc2540acf](https://dev.gnupg.org/rGf31dc2540acf7cd7f09fd94658e815822222bfcb) + and since then signing with pius fails. + + Closes #95 + + Signed-off-by: Martin Kletzander + +diff --git a/libpius/signer.py b/libpius/signer.py +index 3c7262f..13013bb 100644 +--- a/libpius/signer.py ++++ b/libpius/signer.py +@@ -45,6 +45,7 @@ class PiusSigner(object): + GPG_PINENTRY_LAUNCHED = '[GNUPG:] PINENTRY_LAUNCHED' + GPG_KEY_CONSIDERED = '[GNUPG:] KEY_CONSIDERED' + GPG_WARN_VERSION = '[GNUPG:] WARNING server_version_mismatch' ++ GPG_ENC_COMPLIANT_MODE = '[GNUPG:] ENCRYPTION_COMPLIANCE_MODE' + + def __init__(self, signer, force_signer, mode, keyring, gpg_path, tmpdir, + outdir, encrypt_outfiles, mail, mailer, verbose, sort_keyring, +@@ -431,6 +432,9 @@ class PiusSigner(object): + if PiusSigner.GPG_ENC_BEG in line: + debug('Got GPG_ENC_BEG') + continue ++ elif PiusSigner.GPG_ENC_COMPLIANT_MODE in line: ++ debug('Got ENCRYPTION_COMPLIANCE_MODE') ++ continue + elif PiusSigner.GPG_ENC_END in line: + debug('Got GPG_ENC_END') + break From 27135cf4473b001a07ce339e1fa33fcf7642db81 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 20 May 2018 23:03:32 -0400 Subject: [PATCH 2/4] gnu: BIND: Update to 9.12.1-P2 [fixes CVE-2018-{5736,5737}]. * gnu/packages/dns.scm (isc-bind): Update to 9.12.1-P2. --- gnu/packages/dns.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index 5bc18b4cbc..5e0cd34fdd 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -98,7 +98,7 @@ and BOOTP/TFTP for network booting of diskless machines.") (define-public isc-bind (package (name "bind") - (version "9.12.1") + (version "9.12.1-P2") (source (origin (method url-fetch) (uri (string-append @@ -106,7 +106,7 @@ and BOOTP/TFTP for network booting of diskless machines.") version ".tar.gz")) (sha256 (base32 - "043mjcw405qa0ghm5dkhfsq35gsy279724fz3mjqpr1mbi14dr0n")))) + "0a9dvyg1dk7vpqn9gz7p5jas3bz7z22bjd66b98g1qk16i2w7rqd")))) (build-system gnu-build-system) (outputs `("out" "utils")) (inputs From 7d798b3bb3342f9a29d0214a2d6becd3c9482532 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 17 May 2018 18:59:44 -0400 Subject: [PATCH 3/4] gnu: curl: Update replacement to 7.60.0 [Fixes CVE-2018-{1000300,1000301}]. * gnu/packages/curl.scm (curl)[replacement]: Update to 7.60.0. (curl-7.59.0): Replace with ... (curl-7.60.0): ... new variable. --- gnu/packages/curl.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index ae8b9600dd..16cbdcd7df 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -50,7 +50,7 @@ (package (name "curl") (version "7.57.0") - (replacement curl-7.59.0) + (replacement curl-7.60.0) (source (origin (method url-fetch) (uri (string-append "https://curl.haxx.se/download/curl-" @@ -139,10 +139,10 @@ tunneling, and so on.") "See COPYING in the distribution.")) (home-page "https://curl.haxx.se/"))) -(define-public curl-7.59.0 +(define-public curl-7.60.0 (package (inherit curl) - (version "7.59.0") + (version "7.60.0") (source (origin (method url-fetch) @@ -150,7 +150,7 @@ tunneling, and so on.") version ".tar.xz")) (sha256 (base32 - "1z310hrjm2vmbcpkyp81dcmj9rk127zkjyawpy2pah0nz6yslkp4")))))) + "1876ck0smbqz3xakm7s6q6gh4zarh9pv3izf4vlzgpc9xn6zydl7")))))) (define-public kurly (package From 4699ffa383ea50442fbe659f687cb5652ab5a557 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 18 May 2018 02:17:35 -0400 Subject: [PATCH 4/4] gnu: procps: Update to 3.3.14. * gnu/packages/linux.scm (procps): Update to 3.3.14. [arguments]: Remove obsolete phase 'disable-strtod-test' because the change has been upstreamed. --- gnu/packages/linux.scm | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index c8ad2ef356..4d3bda8824 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -695,14 +695,14 @@ by Robert Shea and Robert Anton Wilson.") (define-public procps (package (name "procps") - (version "3.3.12") + (version "3.3.14") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/procps-ng/Production/" "procps-ng-" version ".tar.xz")) (sha256 (base32 - "1m57w6jmry84njd5sgk5afycbglql0al80grx027kwqqcfw5mmkf")))) + "0v3j6rkzzscqds37i105cxx3q4dk04rsgpqfd5p7hzcvk59h5njy")))) (build-system gnu-build-system) (arguments '(#:modules ((guix build utils) @@ -711,15 +711,6 @@ by Robert Shea and Robert Anton Wilson.") (srfi srfi-26)) #:phases (modify-phases %standard-phases - (add-before 'check 'disable-strtod-test - (lambda _ - ;; Disable the 'strtod' test, which fails on 32-bit systems. - ;; This is what upstream does: - ;; . - (substitute* "Makefile" - (("^(TESTS|check_PROGRAMS) = .*$" all) - (string-append "# " all "\n"))) - #t)) (add-after 'install 'post-install ;; Remove commands and man pages redudant with