Commit Graph

268 Commits

Author SHA1 Message Date
Marius Bakke 02bf685d00
Merge branch 'master' into staging 2018-12-23 23:26:04 +01:00
Ludovic Courtès f5301f005a
gnu: Remove conkeror.
* gnu/packages/conkeror.scm: Remove.
* gnu/local.mk (GNU_SYSTEM_MODULES): Remove it.
* gnu/packages/gnuzilla.scm (conkeror): New variable.
2018-12-23 22:14:15 +01:00
Marius Bakke f30830b2e6
Merge branch 'master' into staging 2018-12-22 15:26:30 +01:00
Mark H Weaver 9c58001192
gnu: icecat: Remove extraneous newlines.
* gnu/packages/gnuzilla.scm (icecat)[source]: Remove extraneous newlines.
2018-12-13 00:07:58 -05:00
Marius Bakke 12878d12ac
Merge branch 'master' into staging 2018-12-12 22:00:52 +01:00
Marius Bakke 3ce60c2247
gnu: nss, nss-certs: Update to 3.41.
* gnu/packages/certs.scm (nss-certs): Update to 3.41.
* gnu/packages/gnuzilla.scm (nss): Likewise.
2018-12-12 20:49:15 +01:00
Mark H Weaver 46e613e3e5
gnu: icecat: Add fixes from upstream mozilla-esr60 [security-fixes].
Includes fixes for CVE-2018-18494 and the remaining 7 out of 10 changesets
for CVE-2018-12405.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected changesets from
the upstream mozilla-esr60 repository.
2018-12-11 23:04:31 -05:00
Mark H Weaver 29eb0bc76c
gnu: icecat: Relabel patches to reflect CVE assignments.
Document that we include fixes for CVE-2018-17466, CVE-2018-18492,
CVE-2018-18493, CVE-2018-18498, and 3 out of 10 changesets for
CVE-2018-12405.

* gnu/packages/gnuzilla.scm (icecat)[source]: Relabel patches to reflect
CVE assignments.
2018-12-11 23:04:28 -05:00
Mark H Weaver 8d956d8600
gnu: icecat: Enable Stylo CSS engine.
* gnu/packages/gnuzilla.scm (icecat)[native-inputs]: Add 'llvm-3.9.1' and
'clang-3.9.1'.
[arguments]: In the configure-flags, use quasiquote, remove "--disable-stylo",
and add "--with-clang-path=..." and "--with-libclang-path=...".
Add 'augment-CPLUS_INCLUDE_PATH' phase.  In the custom 'configure' phase,
set the CC environment variable to "gcc".
2018-12-11 23:04:18 -05:00
Marius Bakke 8c62baa095
gnu: nss, nss-certs: Update to 3.40.1.
* gnu/packages/certs.scm (nss-certs): Update to 3.40.1.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[arguments]: Adjust DOMSUF variable to upstream changes.
2018-12-08 19:58:06 +01:00
Ludovic Courtès bc9aa60bd5
gnu: nss: Make tests deterministic.
Tests would fail once certificates had expired, along these lines:

  chains.sh: Verifying certificate(s)  PayPalEE.cert with flags -d AllDB -pp      -o OID.2.16.840.1.114412.1.1
  vfychain -d AllDB -pp -vv      -o OID.2.16.840.1.114412.1.1  /tmp/guix-build-nss-3.39.drv-0/nss-3.39/nss/tests/libpkix/certs/PayPalEE.cert
  Chain is bad!
  PROBLEM WITH THE CERT CHAIN:
  CERT 0. PayPalEE :
    ERROR -8181: Peer's Certificate has expired.
  Returned value is 1, expected result is pass

Using 'faketime' allows us to get deterministic results.

* gnu/packages/gnuzilla.scm (nss)[arguments]: In 'check' phase, run
'all.sh' under 'faketime'.
[native-inputs]: Add LIBFAKETIME.
2018-11-17 19:02:18 +01:00
Mark H Weaver 717d29e25b
gnu: icecat: Add more fixes from mozilla-esr60.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes
from the upstream mozilla-esr60 source repository.
2018-11-10 20:29:19 -05:00
Mark H Weaver 3b14494616
gnu: icecat: Update to 60.3.0-gnu1.
* gnu/packages/gnuzilla.scm (icecat): Update to 60.3.0-gnu1.
[source]: Switch back to the normal source URI.  Remove patches that
are no longer applicable.
* gnu/packages/patches/icecat-CVE-2018-12383.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2018-11-10 20:28:32 -05:00
Mark H Weaver d78587edca
gnu: icecat: Add fixes from mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12389, CVE-2018-12390, CVE-2018-12391,
CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, and
CVE-2018-12397.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected changesets from the
upstream mozilla-esr60 repository.  Relabel some previously existing patches
to reflect CVE assignments.
2018-10-23 19:41:47 -04:00
Efraim Flashner 89f9df6cfd
gnu: icecat: Build with rust-1.24.
* gnu/packages/gnuzilla.scm (icecat)[native-inputs]: Use the oldest
compatable rust over newer releases when building icecat.
2018-10-14 09:42:54 +03:00
Mark H Weaver 4a5e2a90d8
gnu: icecat: Add fixes from mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12386 and CVE-2018-12387.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr60 repository.
2018-10-04 21:35:01 -04:00
Mark H Weaver 6d32887937
gnu: icecat: Rebundle NSPR and NSS [security fix].
Works around <https://bugs.gnu.org/32833>.

* gnu/packages/gnuzilla.scm (icecat)[source]: In snippet, don't remove NSS.
[inputs]: Remove 'nspr' and 'nss'.
[arguments]: Remove --with-system-{nspr,nss} from configure flags.
2018-09-25 19:59:08 -04:00
Mark H Weaver 94e96f7f68
gnu: icecat: Unbundle libevent, libogg, and libvorbis.
* gnu/packages/patches/icecat-use-system-media-libs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Add
another hunk to enable removal of libevent.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.  In the snippet, add
libevent, libogg, libvorbis, and libtremor to the list of bundled libraries to
remove.  Add a comment regarding theora.  Remove comments regarding unbundling
cairo, which is no longer supported.
[inputs]: Add libevent, libogg, and libvorbis.
[arguments]: Add --with-system-{libevent,ogg,vorbis} to configure flags.
Add custom bootstrap phase.  Add comments.
2018-09-25 19:59:06 -04:00
Mark H Weaver 257e324791
gnu: icecat: Unbundle graphite2 and harfbuzz.
* gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch: New file.
* gnu/packages/patches/icecat-use-system-graphite2.patch,
gnu/packages/patches/icecat-use-system-harfbuzz.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Update accordingly.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add new patch.  Delete
bundled graphite2 and harfbuzz in snippet.
[inputs]: Add graphite2 and harfbuzz.
[arguments]: Add --with-system-{graphite2,harfbuzz} to configure flags.
2018-09-25 19:58:58 -04:00
Mark H Weaver ae71cd8ac9
gnu: icecat: Add fixes from upstream mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12383 and CVE-2018-12385.

* gnu/packages/patches/icecat-CVE-2018-12383.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to apply
cleanly to IceCat 60.
* gnu/packages/gnuzilla.scm (mozilla-patch): Update to fetch from
mozilla-esr60.
(icecat): Add selected changesets from upstream mozilla-esr60.
2018-09-22 13:48:32 -04:00
Mark H Weaver e67ad5532f
gnu: icecat: Update to 60.2.0-gnu1 (pre-release).
* gnu/packages/gnuzilla.scm (icecat): Update to 60.2.0-gnu1.
[source]: Download pre-release from alpha.gnu.org.  Remove obsolete patches.
Comment out the code to delete the bundled copies of libevent, cairo,
harfbuzz, and graphite2.
[inputs]: Use the latest ffmpeg.  Comment out libevent, cairo, harfbuzz, and
graphite2.
[native-inputs]: Add rust and cargo.
[arguments]: Remove --enable-gio and --disable-gnomeui.  Add --disable-stylo.
Comment out --with-system-{libevent,harfbuzz,graphite2}, --enable-system-cairo.
Import %cargo-build-system-modules.  Add 'patch-cargo-checksums' phase.
* gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch,
gnu/packages/patches/icecat-bug-1413868-pt1.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2018-09-21 07:16:02 -04:00
Marius Bakke e59588482b
gnu: nss, nss-certs: Update to 3.39 [fixes CVE-2018-12384].
* gnu/packages/gnuzilla.scm (nss): Update to 3.39.
* gnu/packages/certs.scm (nss-certs): Likewise.
2018-09-01 13:26:13 +02:00
Marius Bakke 7ea90c217f
gnu: nspr: Update to 4.20.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.20.
2018-09-01 13:23:39 +02:00
Ricardo Wurmus 192a59d0f6
gnu: Add mozjs-52.
* gnu/packages/gnuzilla.scm (mozjs-52): New variable.

(cherry picked from commit f67db495aa6e29692e368a13130a40541d5d8273)
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2018-08-09 21:19:47 +02:00
Marius Bakke 92af3ce417
Merge branch 'master' into staging 2018-07-02 12:18:58 +02:00
Mark H Weaver 605e3345c3
gnu: icecat: Add more fixes from upstream mozilla-esr52.
Includes fixes for CVE-2018-12363, CVE-2018-12364, CVE-2018-12366, the
remaining 1 out of 2 changesets for CVE-2018-5156, and the remaining 7 out
of 17 changesets for CVE-2018-5188.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from
the upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1413868-pt1.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2018-06-27 01:08:53 -04:00
Mark H Weaver 018229734f
gnu: icecat: Relabel patches to reflect CVE assignments.
Document that we include fixes for CVE-2018-6126, CVE-2018-12359,
CVE-2018-12360, CVE-2018-12362, CVE-2018-12365, 1 out of 2 changesets for
CVE-2018-5156, and 10 out of 17 changesets for CVE-2018-5188.

* gnu/packages/gnuzilla.scm (icecat)[source]: Relabel patches to reflect CVE
assignments.
2018-06-27 01:08:46 -04:00
Marius Bakke 7c3bea7e62
gnu: nss, nss-certs: Update to 3.38 [fixes CVE-2018-0495].
* gnu/packages/certs.scm (nss-certs): Update to 3.38.
* gnu/packages/gnuzilla.scm (nss): Likewise.
2018-06-26 13:51:20 +02:00
Marius Bakke 7469b7cb3d
gnu: nss, nss-certs: Update to 3.37.3.
* gnu/packages/gnuzilla.scm (nss): Update to 3.37.
* gnu/packages/certs.scm (nss-certs): Likewise.
2018-06-19 15:45:40 +02:00
Ludovic Courtès a13c1bf4ca
Merge branch 'master' into core-updates 2018-06-01 23:41:40 +02:00
Mark H Weaver 1a3e3162ac
gnu: icecat: Add more fixes from upstream esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from
the upstream mozilla-esr52 repository.
2018-06-01 12:51:43 -04:00
Mark H Weaver 82b695b834
Merge branch 'master' into core-updates 2018-05-28 20:45:37 -04:00
Mark H Weaver 25816c4306
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from
the upstream mozilla-esr52 repository.
2018-05-27 17:39:29 -04:00
Mark H Weaver 539bf8f2c0
Merge branch 'master' into core-updates 2018-05-17 01:00:50 -04:00
Mark H Weaver 93565b4483
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add fixes for CVE-2018-5183
and the remaining 1 of 10 changesets for CVE-2018-5150.
2018-05-11 06:07:57 -04:00
Mark H Weaver d2cebbf694
gnu: icecat: Relabel patches to reflect CVE assignments.
Document the fact that we include fixes for CVE-2018-5154, CVE-2018-5155,
CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178,
and 9/10 changesets for CVE-2018-5150.

* gnu/packages/gnuzilla.scm (icecat)[source]: Relabel patches to reflect CVE
assignments.
* gnu/packages/patches/icecat-bug-1452075.patch: Rename to...
* gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch: ...this.
* gnu/local.mk (dist_patch_DATA): Rename it.
2018-05-11 06:07:43 -04:00
Marius Bakke 12bd588346
Merge branch 'master' into core-updates 2018-05-06 15:56:24 +02:00
Marius Bakke 069f1c2074
gnu: icecat: Use ffmpeg@3.4.
Fixes <https://bugs.gnu.org/31356>.
Reported by Clément Lassieur <clement@lassieur.org>.

* gnu/packages/gnuzilla.scm (icecat)[inputs]: Change from FFMPEG to FFMPEG-3.4.
2018-05-03 20:23:54 +02:00
Mark H Weaver f0ae90cbbb
Merge branch 'master' into core-updates 2018-04-30 16:48:15 -04:00
Mark H Weaver 59bc15cf88
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes
from the upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1452075.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2018-04-30 16:46:40 -04:00
Marius Bakke 5d904d63f4
Merge branch 'master' into staging 2018-04-16 18:15:28 +02:00
Marius Bakke c5154b37ac
gnu: nss, nss-certs: Update to 3.36.1.
* gnu/packages/gnuzilla.scm (nss): Update to 3.36.1.
* gnu/packages/certs.scm (nss-certs): Likewise.
2018-04-15 14:45:43 +02:00
Mark H Weaver 1293f6d8a4
gnu: icecat: Remove 'use-skia-by-default' phase.
This seems no longer to be needed for stability.

* gnu/packages/gnuzilla.scm (icecat)[arguments]: Remove the
'use-skia-by-default' phase.
2018-04-11 17:20:00 -04:00
Mark H Weaver 3c0316169b
Merge branch 'master' into core-updates 2018-04-11 17:19:06 -04:00
Mark H Weaver 87a841b2d4
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2018-04-11 17:06:41 -04:00
Mark H Weaver 9502ea3e3e
gnu: icecat: Add more configure flags and rename a phase.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: To configure-flags, add
"--with-distribution-id=org.gnu", "--disable-tests", "--disable-updater",
"--disable-crashreporter", "--disable-maintenance-service", and
"--disable-eme".  Rename the
'arrange-to-link-libxul-with-libraries-it-might-dlopen' phase to
'link-libxul-with-libraries'.
2018-04-11 17:06:36 -04:00
Marius Bakke 5576cfabf3
Merge branch 'master' into core-updates 2018-03-29 17:34:41 +02:00
Mark H Weaver 6ef66d3f12
gnu: icecat: Add fix for CVE-2018-5148.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add the fix for CVE-2018-5148
from the upstream mozilla-esr52 repository.
2018-03-27 21:08:15 -04:00
Mark H Weaver f050ebcfed
gnu: nss: Use invoke.
* gnu/packages/gnuzilla.scm (nss)[arguments]: Use invoke in the check phase.
2018-03-23 04:43:12 -04:00
Mark H Weaver 5f70b6d4e8
gnu: mozjs@38: Use invoke.
* gnu/packages/gnuzilla.scm (mozjs-38)[arguments]: Use invoke in the custom
configure phase.
2018-03-23 04:43:05 -04:00