Leo Famulari
8fe5d95e66
services: urandom-seed: Set umask to 077 while shutting down.
...
* gnu/services/base.scm (urandom-seed-shepherd-service): Call 'umask'.
2016-05-31 00:03:10 -04:00
Leo Famulari
df2dd07b88
gnu: libxml2: Update replacement to 2.9.4 [security fixes].
...
This fixes CVE-2016-{1762, 1833, 1834, 1835, 1836, 1837, 1838, 1839,
1840, 3627, 3705, 4483}.
* gnu/packages/patches/libxml2-CVE-2016-3627.patch,
gnu/packages/patches/libxml2-CVE-2016-3705.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/xml.scm (libxml2/fixed): Update to 2.9.4.
[source]: Remove patches.
2016-05-30 21:47:40 -04:00
Ludovic Courtès
c06f6db7a4
container: Gracefully report mount errors in the child process.
...
Fixes <http://bugs.gnu.org/23306 >.
* gnu/build/linux-container.scm (run-container): Use 'socketpair'
instead of 'pipe'. Rename 'in' to 'child' and 'out' to 'parent'. Send
a 'ready message or an exception argument list from the child to the
parent; adjust the parent accordingly.
* tests/containers.scm ("call-with-container, mnt namespace, wrong bind
mount"): New test.
* tests/guix-environment-container.sh: Add test with
--expose=/does-not-exist.
2016-05-31 00:11:04 +02:00
Ludovic Courtès
4c14d4eaa7
container: Gracefully handle failure to set up user namespaces.
...
* gnu/build/linux-container.scm (run-container): Exit when the parent
process doesn't say 'ready.
2016-05-31 00:11:04 +02:00
Efraim Flashner
f80d5fe02e
gnu: vapoursynth: Update to 32.
...
* gnu/packages/video.scm (vapoursynth): Update to 32.
2016-05-30 22:22:26 +03:00
Efraim Flashner
365a4a7f40
gnu: Add zimg.
...
* gnu/packages/image.scm (zimg): New variable.
2016-05-30 22:22:25 +03:00
Efraim Flashner
fd1461879c
gnu: mcrypt: Fix CVE-2012-4409, CVE-2012-4426, CVE-2012-4527.
...
* gnu/packages/mcrypt.scm (mcrypt)[source]: Add patches.
* gnu/packages/patches/mcrypt-CVE-2012-4409.patch,
gnu/packages/patches/mcrypt-CVE-2012-4426.patch,
gnu/packages/patches/mcrypt-CVE-2012-4527.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
2016-05-30 21:57:36 +03:00
Leo Famulari
5ae77a6f5a
gnu: imagemagick: Update to 6.9.4-5.
...
* gnu/packages/imagemagick.scm (imagemagick): Update to 6.9.4-5.
2016-05-30 14:08:08 -04:00
David Thompson
503a43f3fc
gnu: Remove xgcc-avr.
...
We now have a dedicated package module for the AVR toolchain with
important modifications on top of what cross-gcc produces.
* gnu/packages/cross-base.scm (xgcc-avr): Delete.
2016-05-30 13:45:21 -04:00
David Thompson
9d2bab09aa
gnu: Add avr-toolchain.
...
* gnu/packages/avr.scm (avr-toolchain): New procedure.
(avr-toolchain-4.9, avr-toolchain-5): New variables.
2016-05-30 13:45:21 -04:00
David Thompson
3087b7077c
gnu: avr-libc: Update to 2.0.0.
...
* gnu/packages/avr.scm (avr-libc): Update to 2.0.0.
2016-05-30 13:45:21 -04:00
David Thompson
e60972f288
gnu: avr-libc: Fix build.
...
* gnu/packages/avr.scm (avr-libc): Update to 2.0.0.
[native-inputs]: Use new avr-gcc and avr-binutils.
[arguments]: Add phase to unset C_INCLUDE_PATH.
2016-05-30 13:45:21 -04:00
David Thompson
a17eea4ba4
gnu: Add avr-gcc-5.
...
* gnu/packages/avr.scm (avr-gcc-5): New variable.
2016-05-30 13:45:21 -04:00
David Thompson
09b05fc7e9
gnu: Add avr-gcc.
...
* gnu/packages/avr.scm (avr-gcc): New variable.
2016-05-30 13:45:21 -04:00
David Thompson
cdc5cfdc4a
gnu: Add avr-binutils.
...
* gnu/packages/avr.scm (avr-binutils): New variable.
2016-05-30 13:45:21 -04:00
Efraim Flashner
983911d627
gnu: wordnet: Use 'modify-phases'.
...
* gnu/packages/wordnet.scm (wordnet)[arguments]: Use 'modify-phases'.
2016-05-30 20:19:04 +03:00
Efraim Flashner
c1dbd3a870
gnu: wordnet: Fix CVE-2008-2149, CVE-2008-3908.
...
* gnu/packages/wordnet.scm (wordnet)[source]: Add patches.
* gnu/packages/patches/wordnet-CVE-2008-2149.patch,
gnu/packages/patches/wordnet-CVE-2008-3908-pt1.patch,
gnu/packages/patches/wordnet-CVE-2008-3908-pt2.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
2016-05-30 20:14:06 +03:00
Efraim Flashner
1f521b7055
gnu: id3lib: Fix CVE-2007-4460.
...
* gnu/packages/mp3.scm (id3lib)[source]: Add patch.
* gnu/packages/patches/id3lib-CVE-2007-4460.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-05-30 20:13:24 +03:00
Leo Famulari
3d55d04ab8
gnu: cyrus-sasl: Update URLs.
...
* gnu/packages/cyrus-sasl.scm (cyrus-sasl)[source]: Use HTTPS URL.
[home-page]: Update home-page URL.
2016-05-30 12:53:23 -04:00
Leo Famulari
726f088884
gnu: devil: Fix CVE-2009-3994.
...
* gnu/packages/patches/devil-CVE-2009-3994.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (devil): Use it.
2016-05-30 12:36:26 -04:00
Leo Famulari
ac9fc78ff0
gnu: iptables: Update to 1.4.21.
...
* gnu/packages/linux.scm (iptables): Update to 1.4.21.
2016-05-30 12:18:57 -04:00
David Thompson
6ede256f77
gnu: Add emacs-better-defaults.
...
* gnu/packages/emacs.scm (emacs-better-defaults): New variable.
2016-05-30 11:10:49 -04:00
David Thompson
02736daa8c
gnu: emacs: Remove uncompressed-file-fetch.
...
* gnu/packages/emacs.scm (uncompressed-file-fetch): Delete.
(emacs-rfcview, emacs-ffap-rfc-space, emacs-queue, emacs-spinner):
Replace uncompressed-file-fetch with url-fetch.
2016-05-30 11:06:49 -04:00
humanitiesNerd
62a45cb647
gnu: Add emacs-seq.
...
* gnu/packages/emacs.scm (emacs-seq): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
2016-05-30 13:11:39 +03:00
humanitiesNerd
565bccc569
gnu: Add emacs-spinner.
...
* gnu/packages/emacs.scm (emacs-spinner): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
2016-05-30 13:11:39 +03:00
humanitiesNerd
32abfcf4ee
gnu: Add emacs-pkg-info.
...
* gnu/packages/emacs.scm (emacs-pkg-info): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
2016-05-30 13:09:43 +03:00
humanitiesNerd
ad6c4bc48a
gnu: Add emacs-queue.
...
* gnu/packages/emacs.scm (emacs-queue): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
2016-05-30 13:09:43 +03:00
Alex Kost
4509ec72a4
gnu: emacs: Fix indentation of scheme keyword lists.
...
* gnu/packages/patches/emacs-fix-scheme-indent-function.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/emacs.scm (emacs)[source]: Use it.
2016-05-30 13:09:43 +03:00
Efraim Flashner
5f1ba08953
gnu: gegl: Fix CVE-2012-4433.
...
* gnu/packages/gimp.scm (gegl)[source]: Add patch.
* gnu/packages/patches/gegl-CVE-2012-4433.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-05-30 12:09:17 +03:00
Efraim Flashner
7d48938a59
gnu: vte-0.28: Fix CVE-2012-2738.
...
* gnu/packages/gnome.scm (vte-0.28)[source]: Add patches.
* gnu/packages/patches/vte-CVE-2012-2738-pt1.patch,
gnu/packages/patches/vte-CVE-2012-2738-pt2.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
2016-05-30 12:09:15 +03:00
Efraim Flashner
4f3e02f198
gnu: t1lib: Fix CVE-2010-2642, CVE-2011-{0764, 1552, 1553, 1554}.
...
* gnu/packages/fontutils.scm (t1lib)[source]: Add patches.
* gnu/packages/patches/t1lib-CVE-2010-2642.patch,
gnu/packages/patches/t1lib-CVE-2011-0764.patch,
gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
2016-05-30 12:09:14 +03:00
Efraim Flashner
f228aa1543
gnu: dtach: Use 'modify-phases'.
...
* gnu/packages/screen.scm (dtach)[arguments]: Use 'modify-phases'.
2016-05-30 12:09:12 +03:00
Efraim Flashner
4b23c4b36a
gnu: dtach: Update to 0.9 [Fixes CVE-2012-3368].
...
* gnu/packages/screen.scm (dtach): Update to 0.9.
2016-05-30 12:09:10 +03:00
Efraim Flashner
b507646160
gnu: tinyproxy: Update to 1.8.4 [Fixes CVE-2012-3505].
...
* gnu/packages/web.scm (tinyproxy): Update to 1.8.4.
[source]: Download from new location.
[home-page]: Project has moved to Github.
2016-05-30 12:08:48 +03:00
Efraim Flashner
538884ccef
gnu: jansson: Fix CVE-2016-4425.
...
* gnu/packages/web.scm (jansson)[source]: Add patch.
* gnu/packages/patches/jansson-CVE-2016-4425.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-05-30 09:57:16 +03:00
Efraim Flashner
9116f12690
gnu: antiword: Fix CVE-2014-8123.
...
* gnu/packages/textutils.scm (antiword)[source]: Add patch.
* gnu/packages/patches/antiword-CVE-2014-8123: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-05-30 09:57:09 +03:00
Efraim Flashner
d01f680c07
gnu: a2ps: Use 'modify-phases'.
...
* gnu/packages/pretty-print.scm (a2ps)[arguments]: Use 'modify-phases'.
2016-05-30 07:44:29 +03:00
Efraim Flashner
6447e19108
gnu: a2ps: Fix CVE-2001-1593, CVE-2014-0466.
...
* gnu/packages/pretty-print.scm (a2ps)[source]: Add patches.
* gnu/packages/patches/a2ps-CVE-2001-1593.patch,
gnu/packages/patches/a2ps-CVE-2014-0466.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
2016-05-30 07:44:29 +03:00
Leo Famulari
ccda7c8317
gnu: pcre2: Fix CVE-2016-3191.
...
* gnu/packages/patches/pcre2-CVE-2016-3191.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pcre.scm (pcre2): Use it.
2016-05-29 23:57:31 -04:00
Leo Famulari
0d567b5531
gnu: libyaml: Fix CVE-2014-9130.
...
* gnu/packages/patches/libyaml-CVE-2014-9130.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/web.scm (libyaml): Use it.
2016-05-29 23:48:28 -04:00
Leo Famulari
d8862778c1
gnu: graphicsmagick: Fix CVE-2016-5118.
...
* gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/imagemagick.scm (graphicsmagick): Use it.
2016-05-29 23:46:21 -04:00
Efraim Flashner
b3d20b8280
gnu: vorbis-tools: Fix CVE-2014-9638, CVE-2014-9639, CVE-2014-9640.
...
* gnu/packages/xiph.scm (vorbis-tools)[source]: Add patches.
* gnu/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch,
gnu/packages/patches/vorbis-tools-CVE-2014-9640.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
2016-05-30 06:42:02 +03:00
Efraim Flashner
e99dd67ad8
gnu: libtar: Fix CVE-2013-4420.
...
* gnu/packages/compression.scm (libtar)[source]: Add patch.
* gnu/packages/patches/libtar-CVE-2013-4420.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
This is a follow-up to 89d80159b1
.
2016-05-30 06:04:46 +03:00
Ludovic Courtès
28dc10a455
gnu: glibc: Refer to the target kernel headers when cross-compiling.
...
This fixes a regression introduced in
efc4eb1475
whereby the build process
corresponding to 'guix build glibc --target=mips64el-linux-gnu' would
refer to the native headers instead of the target headers, leading to a
build failure:
../sysdeps/unix/sysv/linux/statfs64.c: In function ‘__statfs64’:
../sysdeps/unix/sysv/linux/statfs64.c:73:1: error: control reaches end of non-void function [-Werror=return-type]
}
^
When we were using CROSS_CPATH instead of CROSS_C_INCLUDE_PATH, the
problem was hidden by the fact that CPATH corresponds to '-I' whereas
C_INCLUDE_PATH corresponds to '-isystem', and '-isystem' directories are
searched after '-I' directories.
* gnu/packages/base.scm (glibc)[arguments]: Refer to the kernel headers
from '%build-target-inputs' when cross-building.
2016-05-30 00:17:44 +02:00
Efraim Flashner
89d80159b1
gnu: libtar: Update to 1.2.20 [fixes CVE-2013-4397, CVE-2013-4420].
...
* gnu/packages/compression.scm (libtar): Update to 1.2.20.
[source]: Add Debian mirror.
[arguments]: Add 'autoconf phase.
[native-inputs]: Add autoconf, automake, libtool.
[inputs]: Add zlib.
[home-page]: Point to temporary home.
2016-05-29 22:47:05 +03:00
Efraim Flashner
43ec6ca06e
gnu: pciutils: Add kmod support.
...
* gnu/packages/pciutils.scm (pciutils)[inputs]: Add kmod.
2016-05-29 22:07:47 +03:00
Efraim Flashner
0ef7a93d78
gnu: pciutils: Use 'modify-phases'.
...
* gnu/packages/pciutils.scm (pciutils)[arguments]: Use 'modify-phases'.
2016-05-29 22:07:47 +03:00
Efraim Flashner
fb3c855381
gnu: pciutils: Update to 3.5.1.
...
* gnu/packages/pciutils.scm (pciutils): Update to 3.5.1.
2016-05-29 22:07:47 +03:00
Leo Famulari
65da8dd01e
gnu: rpm: Fix CVE-2014-8118.
...
* gnu/packages/patches/rpm-CVE-2014-8118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/package-management.scm (rpm): Use it.
2016-05-29 14:02:08 -04:00
Leo Famulari
41019e9f2a
gnu: rpm: Update to 4.12.0.1.
...
* gnu/packages/package-management.scm (rpm): Update to 4.12.0.1.
2016-05-29 14:02:08 -04:00