gnu: libreoffice: Update to 5.4.5.1 [CVE-2018-6871].
* gnu/packages/check.scm (cppunit-1.14): New public variable. * gnu/packages/libreoffice.scm (xmlsec-src-libreoffice): Remove variable. (libreoffice): Update to 5.4.5.1. [native-inputs]: Change CPPUNIT to CPPUNIT-1.14. Remove AUTOCONF and AUTOMAKE. [inputs]: Add GPGME, XMLSEC-NSS and LIBLTDL. Remove XMLSEC-SRC-LIBREOFFICE. Replace LIBJPEG with LIBJPEG-TURBO. [arguments]: Remove xmlsec code from PREPARE-SRC-PHASE. Make sure GPGME++ headers are found. Add workaround for <https://bugs.gentoo.org/641812>. Add "--disable-pdfium" to #:configure-flags. * gnu/packages/xml.scm (xmlsec-nss): New public variable.
This commit is contained in:
parent
f1d7e14a1b
commit
b4c9a3173d
|
@ -157,6 +157,23 @@ unit testing. Test output is in XML for automatic testing and GUI based for
|
||||||
supervised tests.")
|
supervised tests.")
|
||||||
(license license:lgpl2.1))) ; no copyright notices. LGPL2.1 is in the tarball
|
(license license:lgpl2.1))) ; no copyright notices. LGPL2.1 is in the tarball
|
||||||
|
|
||||||
|
;; Some packages require this newer version of cppunit. However, it needs
|
||||||
|
;; C++11 support, which is not enabled by default in our current GCC, and
|
||||||
|
;; updating in-place would require adding CXXFLAGS to many dependent packages.
|
||||||
|
;; Thus, keep as a separate variable for now.
|
||||||
|
;; TODO: Remove this when our default GCC is updated to 6 or higher.
|
||||||
|
(define-public cppunit-1.14
|
||||||
|
(package
|
||||||
|
(inherit cppunit)
|
||||||
|
(version "1.14.0")
|
||||||
|
(source (origin
|
||||||
|
(method url-fetch)
|
||||||
|
(uri (string-append "https://dev-www.libreoffice.org/src/"
|
||||||
|
"cppunit-" version ".tar.gz"))
|
||||||
|
(sha256
|
||||||
|
(base32
|
||||||
|
"1027cyfx5gsjkdkaf6c2wnjh68882grw8n672018cj3vs9lrhmix"))))))
|
||||||
|
|
||||||
(define-public catch-framework
|
(define-public catch-framework
|
||||||
(package
|
(package
|
||||||
(name "catch")
|
(name "catch")
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
|
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||||
;;; Copyright © 2017 Andy Wingo <wingo@igalia.com>
|
;;; Copyright © 2017 Andy Wingo <wingo@igalia.com>
|
||||||
;;; Copyright © 2017 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2017 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
|
;;; Copyright © 2017, 2018 Marius Bakke <mbakke@fastmail.com>
|
||||||
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
|
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
|
||||||
;;;
|
;;;
|
||||||
;;; This file is part of GNU Guix.
|
;;; This file is part of GNU Guix.
|
||||||
|
@ -54,6 +54,7 @@
|
||||||
#:use-module (gnu packages glib)
|
#:use-module (gnu packages glib)
|
||||||
#:use-module (gnu packages gnome)
|
#:use-module (gnu packages gnome)
|
||||||
#:use-module (gnu packages gperf)
|
#:use-module (gnu packages gperf)
|
||||||
|
#:use-module (gnu packages gnupg)
|
||||||
#:use-module (gnu packages gnuzilla)
|
#:use-module (gnu packages gnuzilla)
|
||||||
#:use-module (gnu packages gstreamer)
|
#:use-module (gnu packages gstreamer)
|
||||||
#:use-module (gnu packages gtk)
|
#:use-module (gnu packages gtk)
|
||||||
|
@ -839,22 +840,10 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
(license (non-copyleft "file://COPYING"
|
(license (non-copyleft "file://COPYING"
|
||||||
"See COPYING in the distribution."))))
|
"See COPYING in the distribution."))))
|
||||||
|
|
||||||
;; LibreOffice requires an xmlsec source tarball; it does not even check
|
|
||||||
;; for the presence of an externally compiled library.
|
|
||||||
(define xmlsec-src-libreoffice
|
|
||||||
(origin
|
|
||||||
(method url-fetch)
|
|
||||||
(uri
|
|
||||||
(string-append
|
|
||||||
"http://dev-www.libreoffice.org/src/"
|
|
||||||
"86b1daaa438f5a7bea9a52d7b9799ac0-xmlsec1-1.2.23.tar.gz"))
|
|
||||||
(sha256 (base32
|
|
||||||
"17qfw5crkqn4v6xbkjxrjvcccfc00dy053892wrwv54qdk8n7m21"))))
|
|
||||||
|
|
||||||
(define-public libreoffice
|
(define-public libreoffice
|
||||||
(package
|
(package
|
||||||
(name "libreoffice")
|
(name "libreoffice")
|
||||||
(version "5.3.7.2")
|
(version "5.4.5.1")
|
||||||
(source
|
(source
|
||||||
(origin
|
(origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
|
@ -863,16 +852,11 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
"https://download.documentfoundation.org/libreoffice/src/"
|
"https://download.documentfoundation.org/libreoffice/src/"
|
||||||
(version-prefix version 3) "/libreoffice-" version ".tar.xz"))
|
(version-prefix version 3) "/libreoffice-" version ".tar.xz"))
|
||||||
(sha256 (base32
|
(sha256 (base32
|
||||||
"0z7fssp0jcj09wxad1wmhy69n71a2mwl933lxp9dz5sdvzncxmy3"))))
|
"167bh6jgyhfcvn3g7xghkg4nb99h91diypdlry5df21xs8bis5gb"))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
(native-inputs
|
(native-inputs
|
||||||
`(;; autoreconf is run by the LibreOffice build system, since after
|
`(("bison" ,bison)
|
||||||
;; unpacking the external xmlsec tarball, it applies a series of
|
("cppunit" ,cppunit-1.14)
|
||||||
;; patches to Makefile.am, configure.in, config.guess and config.sub.
|
|
||||||
("autoconf" ,autoconf)
|
|
||||||
("automake" ,automake)
|
|
||||||
("bison" ,bison)
|
|
||||||
("cppunit" ,cppunit)
|
|
||||||
("flex" ,flex)
|
("flex" ,flex)
|
||||||
("pkg-config" ,pkg-config)
|
("pkg-config" ,pkg-config)
|
||||||
("python" ,python-wrapper)
|
("python" ,python-wrapper)
|
||||||
|
@ -888,6 +872,7 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
("glew" ,glew)
|
("glew" ,glew)
|
||||||
("glm" ,glm)
|
("glm" ,glm)
|
||||||
("gperf" ,gperf)
|
("gperf" ,gperf)
|
||||||
|
("gpgme" ,gpgme)
|
||||||
("graphite2" ,graphite2)
|
("graphite2" ,graphite2)
|
||||||
("gst-plugins-base" ,gst-plugins-base)
|
("gst-plugins-base" ,gst-plugins-base)
|
||||||
("gtk+" ,gtk+)
|
("gtk+" ,gtk+)
|
||||||
|
@ -897,12 +882,14 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
("libabw" ,libabw)
|
("libabw" ,libabw)
|
||||||
("libcdr" ,libcdr)
|
("libcdr" ,libcdr)
|
||||||
("libcmis" ,libcmis)
|
("libcmis" ,libcmis)
|
||||||
("libjpeg" ,libjpeg)
|
("libjpeg-turbo" ,libjpeg-turbo)
|
||||||
("libe-book" ,libe-book)
|
("libe-book" ,libe-book)
|
||||||
("libetonyek" ,libetonyek)
|
("libetonyek" ,libetonyek)
|
||||||
("libexttextcat" ,libexttextcat)
|
("libexttextcat" ,libexttextcat)
|
||||||
("libfreehand" ,libfreehand)
|
("libfreehand" ,libfreehand)
|
||||||
("liblangtag" ,liblangtag)
|
("liblangtag" ,liblangtag)
|
||||||
|
;; XXX: Perhaps this should be propagated from xmlsec.
|
||||||
|
("libltdl" ,libltdl)
|
||||||
("libmspub" ,libmspub)
|
("libmspub" ,libmspub)
|
||||||
("libmwaw" ,libmwaw)
|
("libmwaw" ,libmwaw)
|
||||||
("libodfgen" ,libodfgen)
|
("libodfgen" ,libodfgen)
|
||||||
|
@ -935,7 +922,7 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
("unixodbc" ,unixodbc)
|
("unixodbc" ,unixodbc)
|
||||||
("unzip" ,unzip)
|
("unzip" ,unzip)
|
||||||
("vigra" ,vigra)
|
("vigra" ,vigra)
|
||||||
("xmlsec-src" ,xmlsec-src-libreoffice)
|
("xmlsec" ,xmlsec-nss)
|
||||||
("zip" ,zip)))
|
("zip" ,zip)))
|
||||||
(arguments
|
(arguments
|
||||||
`(#:tests? #f ; Building the tests already fails.
|
`(#:tests? #f ; Building the tests already fails.
|
||||||
|
@ -944,26 +931,27 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
(modify-phases %standard-phases
|
(modify-phases %standard-phases
|
||||||
(add-before 'configure 'prepare-src
|
(add-before 'configure 'prepare-src
|
||||||
(lambda* (#:key inputs #:allow-other-keys)
|
(lambda* (#:key inputs #:allow-other-keys)
|
||||||
(let ((xmlsec (assoc-ref inputs "xmlsec-src")))
|
(let ((gpgme (assoc-ref inputs "gpgme")))
|
||||||
(substitute*
|
(substitute*
|
||||||
(list "sysui/CustomTarget_share.mk"
|
(list "sysui/CustomTarget_share.mk"
|
||||||
"solenv/gbuild/gbuild.mk"
|
"solenv/gbuild/gbuild.mk"
|
||||||
"solenv/gbuild/platform/unxgcc.mk")
|
"solenv/gbuild/platform/unxgcc.mk")
|
||||||
(("/bin/sh") (which "sh")))
|
(("/bin/sh") (which "sh")))
|
||||||
(mkdir "external/tarballs")
|
|
||||||
(symlink
|
;; GPGME++ headers are installed in a gpgme++ subdirectory,
|
||||||
xmlsec
|
;; but files in "xmlsecurity/source/gpg/" expect to find them
|
||||||
(string-append "external/tarballs/"
|
;; on the include path without a prefix.
|
||||||
"86b1daaa438f5a7bea9a52d7b9799ac0-"
|
(substitute* "xmlsecurity/Library_xsec_xmlsec.mk"
|
||||||
"xmlsec1-1.2.23.tar.gz"))
|
(("\\$\\$\\(INCLUDE\\)")
|
||||||
;; The following is required for building xmlsec from the
|
(string-append "$$(INCLUDE) -I" gpgme "/include/gpgme++")))
|
||||||
;; unpatched external tarball; since "configure" starts with
|
|
||||||
;; "/bin/sh", it needs to be executed by a command invoking
|
;; XXX: When GTK2 is disabled, one header file is not included.
|
||||||
;; the shell.
|
;; This is likely fixed in later versions. See also
|
||||||
(setenv "SHELL" (which "bash"))
|
;; <https://bugs.gentoo.org/641812>.
|
||||||
(setenv "CONFIG_SHELL" (which "bash"))
|
(substitute* "vcl/unx/gtk3/gtk3gtkframe.cxx"
|
||||||
(substitute* "external/libxmlsec/ExternalProject_xmlsec.mk"
|
(("#include <unx/gtk/gtkgdi.hxx>")
|
||||||
(("./configure") "$(CONFIG_SHELL) ./configure" ))
|
"#include <unx/gtk/gtkgdi.hxx>\n#include <unx/gtk/gtksalmenu.hxx>"))
|
||||||
|
|
||||||
#t)))
|
#t)))
|
||||||
(add-after 'install 'bin-and-desktop-install
|
(add-after 'install 'bin-and-desktop-install
|
||||||
;; Create 'soffice' and 'libreoffice' symlinks to the executable
|
;; Create 'soffice' and 'libreoffice' symlinks to the executable
|
||||||
|
@ -1037,6 +1025,10 @@ and to return information on pronunciations, meanings and synonyms.")
|
||||||
"--disable-coinmp"
|
"--disable-coinmp"
|
||||||
"--disable-firebird-sdbc" ; embedded firebird
|
"--disable-firebird-sdbc" ; embedded firebird
|
||||||
"--disable-gltf"
|
"--disable-gltf"
|
||||||
|
;; XXX: PDFium support requires fetching an external tarball and
|
||||||
|
;; patching the build scripts to work with GCC5. Try enabling this
|
||||||
|
;; when our default compiler is >=GCC 6.
|
||||||
|
"--disable-pdfium"
|
||||||
"--disable-gtk" ; disable use of GTK+ 2
|
"--disable-gtk" ; disable use of GTK+ 2
|
||||||
"--without-doxygen")))
|
"--without-doxygen")))
|
||||||
(home-page "https://www.libreoffice.org/")
|
(home-page "https://www.libreoffice.org/")
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
|
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
|
||||||
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
|
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
|
||||||
;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||||
;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
|
;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
|
||||||
;;; Copyright © 2017 Adriano Peluso <catonano@gmail.com>
|
;;; Copyright © 2017 Adriano Peluso <catonano@gmail.com>
|
||||||
;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
|
;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
|
||||||
;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
|
;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
|
||||||
|
@ -41,6 +41,7 @@
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages gnupg)
|
#:use-module (gnu packages gnupg)
|
||||||
#:use-module (gnu packages java)
|
#:use-module (gnu packages java)
|
||||||
|
#:use-module (gnu packages gnuzilla)
|
||||||
#:use-module (gnu packages perl)
|
#:use-module (gnu packages perl)
|
||||||
#:use-module (gnu packages perl-check)
|
#:use-module (gnu packages perl-check)
|
||||||
#:use-module (gnu packages python)
|
#:use-module (gnu packages python)
|
||||||
|
@ -971,6 +972,15 @@ Libxml2).")
|
||||||
(license (license:x11-style "file://COPYING"
|
(license (license:x11-style "file://COPYING"
|
||||||
"See 'COPYING' in the distribution."))))
|
"See 'COPYING' in the distribution."))))
|
||||||
|
|
||||||
|
(define-public xmlsec-nss
|
||||||
|
(package
|
||||||
|
(inherit xmlsec)
|
||||||
|
(name "xmlsec-nss")
|
||||||
|
(inputs
|
||||||
|
`(("nss" ,nss)
|
||||||
|
("libltdl" ,libltdl)))
|
||||||
|
(synopsis "XML Security Library (using NSS instead of GnuTLS)")))
|
||||||
|
|
||||||
(define-public minixml
|
(define-public minixml
|
||||||
(package
|
(package
|
||||||
(name "minixml")
|
(name "minixml")
|
||||||
|
|
Loading…
Reference in New Issue