Commit Graph

751 Commits

Author SHA1 Message Date
Leo Famulari b3cc304b30
gnu: poppler: Use an ABI-compatible replacement to fix CVE-2017-9776.
This is a followup to commit 95bbaa02aa.
See <https://bugs.gnu.org/27621> for more information.

Poppler 0.56.0's ABI is not compatible with Poppler 0.52.0, so it's not
possible to graft the newer version in place of the older one.

This change leaves CVE-2017-9775 unfixed for now.

* gnu/packages/patches/poppler-CVE-2017-9776.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler-0.56.0): Replace with ...
(poppler/fixed): ... new variable.
(poppler)[replacement]: Replaced with poppler/fixed.
2017-07-09 02:25:27 -04:00
Ben Woodcroft 4732e6ee84
gnu: blast+: Update to 2.6.0.
* gnu/packages/bioinformatics.scm (blast+): Update to 2.6.0.
[origin]: Remove bundled pcre.  Add patch.
[arguments]: Replace paths in run_with_lock.c.  Configure with pcre.
[inputs]: Add pcre, perl, python.
* gnu/packages/patches/blast+-fix-makefile.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-07-08 12:05:59 +10:00
Marius Bakke d28f90bed9
gnu: python-pyopenssl: Fix test failure on 32-bit platforms.
* gnu/packages/patches/python-pyopenssl-17.1.0-test-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-pyopenssl)[source]: Use it.
2017-07-07 18:43:16 +02:00
Alex Vong dab536fe1a
gnu: libtiff: Fix CVE-2017-{9936,10688}.
* gnu/packages/patches/libtiff-CVE-2017-9936.patch,
gnu/packages/patches/libtiff-CVE-2017-10688.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them.

Signed-off-by: Leo Famulari <leo@famulari.name>
2017-07-07 00:06:37 -04:00
Kei Kebreau ab104672e1
gnu: xorg-server: Fix CVE-2017-{10971,10972}.
* gnu/packages/patches/xorg-server-CVE-2017-10971.patch,
gnu/packages/patches/xorg-server-CVE-2017-10972.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/xorg.scm (xorg-server)[source]: Use them.

Signed-off-by: Leo Famulari <leo@famulari.name>
2017-07-06 23:52:22 -04:00
Efraim Flashner ce7e361fa3
gnu: gemma: Fix building on non-Intel architectures.
* gnu/packages/patches/gemma-intel-compat.patch: New file.
* gnu/packages/bioinformatics.scm (gemma)[source]: Add patch.
[arguments]: Add NO_INTEL_COMPAT flag on non-Intel architectures.
* gnu/local.mk (dist_patch_DATA): Register patch.
2017-07-04 22:55:44 +03:00
Arun Isaac 0545e43a91
gnu: gajim: Update to 0.16.8.
* gnu/packages/messaging.scm (gajim): Update to 0.16.8.
[source]: Remove patch.
* gnu/packages/patches/gajim-CVE-2016-10376.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-07-04 23:07:15 +05:30
宋文武 296bf4d5ab
services: Add 'sysctl-service-type'.
* gnu/services/sysctl.scm: New file.
* doc/guix.texi (Miscellaneous Services): Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
2017-07-04 20:40:51 +08:00
Marius Bakke 96bbc41f8b
gnu: python-pyopenssl: Update to 17.1.0.
* gnu/packages/python.scm (python-pyopenssl, python2-pyopenssl): Update to 17.1.0.
[source]: Remove patch.
[native-inputs]: Add PYTHON-PRETEND.
[arguments]<#:phases>: Disable the network test here instead of via a patch.
Also disable one new test.
* gnu/packages/patches/python-pyopenssl-skip-network-test.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-07-04 02:52:26 +02:00
Kei Kebreau 85c774808f
gnu: gcr: Enable working tests.
* gnu/packages/patches/gcr-disable-failing-tests.patch,
gnu/packages/patches/gcr-fix-collection-tests-to-work-with-gpg-21.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Add patches.
* gnu/packages/gnome.scm (gcr)[source]: Use patches.
[arguments]: Enable tests.
2017-07-03 09:52:59 -04:00
Jelle Licht b786661309
gnu: ansible: Apply experimental patch to deal with wrapping of ansible script.
See <http://lists.gnu.org/archive/html/bug-guix/2017-05/msg00015.html> for the
rationale.

* gnu/packages/patches/ansible-wrap-program-hack.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/admin.scm (ansible)[source]: Use it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-29 15:21:18 +02:00
Eric Bavier 57dfc9f86c
gnu: screen: Update to 4.6.0.
* gnu/packages/screen.scm (screen): Update to 4.6.0.
[source]: Remove patch.
* gnu/packages/patches/screen-fix-info-syntax-error.patch: Delete patch.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-28 22:59:41 -05:00
Gábor Boskovits c2700e785b
gnu: Add quagga.
* gnu/packages/networking.scm (quagga): New variable.
* gnu/packages/patches/quagga-reproducible-build.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-06-26 20:37:44 +02:00
Mark H Weaver ffc015bea2
gnu: glibc: Fix replacement on i686.
This is followup to 665d6a5916.
Fixes <https://bugs.gnu.org/27489>.

* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24, glibc-2.23)
(glibc-2.22): Add glibc-vectorized-strcspn-guards.patch to patches.
Move a comment where it belongs.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch: Swap with ...
* gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: ... this.
* gnu/packages/patches/glibc-vectorized-strcspn-guards.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.  Fix formatting.
2017-06-25 21:56:22 -04:00
Leo Famulari d17e085a59
gnu: Remove libwmf.
This package contains many security vulnerabilities and is no longer maintained
upstream. See this discussion for more information:

https://lists.gnu.org/archive/html/guix-devel/2017-05/msg00478.html

* gnu/packages/image.scm (libwmf): Remove variable.
* gnu/packages/wv.scm (wv)[inputs]: Remove libwmf.
[arguments]: Remove field.
* gnu/packages/abiword.scm (abiword)[inputs]: Remove libwmf.
[source]: Remove patch 'abiword-wmf-version-lookup-fix.patch'.
* gnu/packages/patches/abiword-wmf-version-lookup-fix.patch,
gnu/packages/patches/libwmf-CAN-2004-0941.patch,
gnu/packages/patches/libwmf-CVE-2006-3376.patch,
gnu/packages/patches/libwmf-CVE-2007-0455.patch,
gnu/packages/patches/libwmf-CVE-2007-2756.patch,
gnu/packages/patches/libwmf-CVE-2007-3472.patch,
gnu/packages/patches/libwmf-CVE-2007-3473.patch,
gnu/packages/patches/libwmf-CVE-2007-3477.patch,
gnu/packages/patches/libwmf-CVE-2009-1364.patch,
gnu/packages/patches/libwmf-CVE-2009-3546.patch,
gnu/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch,
gnu/packages/patches/libwmf-CVE-2015-4695.patch,
gnu/packages/patches/libwmf-CVE-2015-4696.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-06-24 23:10:28 -04:00
Efraim Flashner 665d6a5916
gnu: glibc: Add mitigations for CVE-2017-1000366.
* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc-2.25-patched): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)[source]: Add patches.
[replacement]: New field.
(glibc-locales)[replacement]: New field.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Modified-By: Mark H Weaver <mhw@netris.org>
2017-06-24 02:42:37 -04:00
Mark H Weaver d2ba69f315
gnu: guile-ssh: Fix entry in dist_patch_DATA.
Based on a patch by Efraim Flashner <efraim@flashner.co.il>.

* gnu/local.mk (dist_patch_DATA): "gnu" -> "%D%" for
guile-ssh-channel-finalization.patch.
2017-06-24 02:42:17 -04:00
Theodoros Foradis 03d0cc1160
gnu: Add libserialport.
* gnu/packages/electronics.scm: New file.
(libserialport): New variable.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.

Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
2017-06-24 07:47:38 +02:00
Leo Famulari c57b56722f
gnu: qemu: Fix CVE-2017-9524.
* gnu/packages/patches/qemu-CVE-2017-9524.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/qemu.scm (qemu)[source]: Use it.
2017-06-23 16:54:36 -04:00
Roel Janssen f70f3407ca
gnu: Update calibre to 3.0.0.
* gnu/local.mk: Remove patch.
* gnu/packages/ebook.scm (calibre): Update to 3.0.0.
* gnu/packages/patches/calibre-dont-load-remote-icons.patch: Remove file.
2017-06-22 00:07:58 +02:00
Arun Isaac 148585c240
gnu: Move contents of zip module into compression module.
* gnu/packages/zip.scm (zip, unzip, zziplib, perl-zip): Move to...
* gnu/packages/compression.scm: ...here.
* gnu/packages/zip.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Unregister deleted file.
* po/packages/POTFILES.in: Unregister deleted file.
* gnu/packages/{audio, avr, bioinformatics, busybox, cdrom, ci, compression,
docbook, documentation, fonts, fpga, game-development, games, gl, gnome,
gnuzilla, graphics, guile, haskell, image, java, kodi, ldc, libreoffice,
markup, maths, mc, monitoring, music, php, pretty-print, python, scheme,
smalltalk, statistics, synergy, tex, textutils, video, web-browsers, xml,
zip}.scm, guix/build-system/{ant, font}.scm, guix/{download, packages}.scm:
Adapt module import.
2017-06-20 18:10:35 +05:30
Leo Famulari 4dd8d28085
gnu: exim: Fix CVE-2017-1000369.
* gnu/packages/patches/exim-CVE-2017-1000369.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (exim)[source]: Use it.
2017-06-19 20:20:54 -04:00
Marius Bakke 200762a44c
gnu: miniupnpc: Update to 2.0.20170509.
* gnu/packages/upnp.scm (miniupnpc): Update to 2.0.20170509.
[source]: Remove obsolete patch.
* gnu/packages/patches/miniupnpc-CVE-2017-8798.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-18 18:22:06 +02:00
Leo Famulari 8d138ea087
gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].
Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.

* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
2017-06-15 11:28:21 -04:00
Leo Famulari 0c5a8007fe
gnu: zziplib: Fix CVE-2017-{5974,5975,5976,5978,5979,5981}.
* gnu/packages/patches/zziplib-CVE-2017-5974.patch,
gnu/packages/patches/zziplib-CVE-2017-5975.patch,
gnu/packages/patches/zziplib-CVE-2017-5976.patch,
gnu/packages/patches/zziplib-CVE-2017-5978.patch,
gnu/packages/patches/zziplib-CVE-2017-5979.patch,
gnu/packages/patches/zziplib-CVE-2017-5981.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/zip.scm (zziplib)[source]: Use them.
2017-06-15 11:12:02 -04:00
Ricardo Wurmus db90eb8c2b
gnu: Add propeller-gcc-4.
* gnu/packages/embedded.scm (propeller-gcc-4): New variable.
* gnu/packages/patches/gcc-4.6-gnu-inline.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-15 17:06:47 +02:00
Leo Famulari 75072795bd
gnu: osip: Fix CVE-2017-7853.
* gnu/packages/patches/osip-CVE-2017-7853.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/telephony.scm (osip)[source]: Use it.
2017-06-14 13:16:21 -04:00
Ludovic Courtès 8e469b67f9
gnu: guile-ssh: Close RREPL channel ports before they are finalized.
Partly fixes <https://bugs.gnu.org/26976>.

* gnu/packages/patches/guile-ssh-channel-finalization.patch: New file.
* gnu/packages/ssh.scm (guile-ssh)[source](patches): Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-13 23:22:19 +02:00
Marius Bakke a10040e09b
gnu: nss, nss-certs: Update to 3.31.
Release notes:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes>

* gnu/packages/certs.scm (nss-certs): Update to 3.31.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[source]<patches>: Remove upstream 'nss-disable-long-b64-tests' patch.
[arguments]<#:phases>: Move armhf timeout substitution ...
* gnu/packages/patches/nss-increase-test-timeout.patch: ... here.
* gnu/packages/patches/nss-disable-long-b64-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-12 21:31:12 +02:00
nee 1243aaac73
gnu: crawl: Fix savegame upgrades.
* gnu/packages/patches/crawl-upgrade-saves.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/games.scm (crawl)[source]: Apply patch.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-06-12 15:02:23 +05:30
Leo Famulari 34a0984e57
gnu: libmwaw: Fix CVE-2017-9433.
* gnu/packages/patches/libmwaw-CVE-2017-9433.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libreoffice.scm (libmwaw)[source]: Use it.
2017-06-12 01:20:34 -04:00
Marius Bakke 75cc8fe9ea
gnu: libextractor: Update to 1.4.
* gnu/packages/gnunet.scm (libextractor): Update to 1.4.
[source]: Remove obsolete patch and snippet.
* gnu/packages/patches/libextractor-ffmpeg-3.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-11 15:42:51 +02:00
Marius Bakke 88e2511e21
gnu: gnutls: Replace with 3.5.13.
This update addresses the following security advisories:

GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.

See <https://gnutls.org/security.html> and <https://gnutls.org/news.html>.

* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register patches.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls-3.5.13): New variable.
(gnutls/guile-2.2)[replacement]: New field. Set #f.
[source]: Inherit from GNUTLS-3.5.13.
2017-06-11 01:08:58 +02:00
ng0 e5eede3fb3
gnu: Rename (gnu packages markdown) to (gnu packages markup).
* gnu/packages/markdown.scm: Rename this ...
* gnu/packages/markup.scm: ... to this.
* gnu-system.am (GNU_SYSTEM_MODULES): Change markdown.scm to markup.scm.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-06-10 00:11:36 +02:00
Marius Bakke 099c9fdae6
gnu: raptor2: Fix heap overflow bug.
* gnu/packages/patches/raptor2-heap-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/rdf.scm (raptor2): Use it.
2017-06-09 01:16:55 +02:00
Ludovic Courtès dfcd02c0f6
gnu: artanis: Update to 0.2.1.
* gnu/packages/guile.scm (artanis): Update to 0.2.1.
[inputs]: Switch to GUILE-2.2.
[arguments]: Adjust #:make-flags for Guile 2.2.  Take .go files from
lib/guile/2.2.  Add 'wrap-art' phase.
* gnu/packages/patches/artanis-fix-Makefile.in.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-08 23:54:56 +02:00
Leo Famulari 15df12beae
gnu: perl: Fix CVE-2017-6512 in File::Path.
* gnu/packages/perl.scm (perl)[replacement]: New field.
(perl/fixed): New variable.
* gnu/packages/patches/perl-file-path-CVE-2017-6512.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-06 20:59:12 -04:00
Arun Isaac a3d3b7a4e1
gnu: Add js-mathjax.
* gnu/packages/javascript.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/javascript.scm (js-mathjax): New variable.
2017-06-05 19:16:06 +05:30
Marius Bakke 00c5e3e5fc
gnu: xf86-input-wacom: Update to 0.34.2.
* gnu/packages/xdisorg.scm (xf86-input-wacom): Update to 0.34.2.
[source]: Remove obsolete patch.
* gnu/packages/patches/xf86-input-wacom-xorg-abi-25.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-05 14:58:01 +02:00
Marius Bakke f484a50d50
Merge branch 'staging' 2017-06-05 00:36:11 +02:00
Ludovic Courtès fb976ada5b
gnu: libssh: Update to 0.7.5.
* gnu/packages/ssh.scm (libssh): Update to 0.7.5.
[source](patches): New field.
2017-06-04 23:00:32 +02:00
Manolis Ragkousis 6bf11392f9
gnu: Add openscenegraph.
* gnu/packages/graphics.scm (openscenegraph): New variable.
* gnu/packages/patches/openscenegraph-ffmpeg3.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
2017-06-04 21:57:08 +03:00
Leo Famulari 8b5cb8d054
gnu: qemu: Fix CVE-2017-{8112,8309,8379,8380}.
* gnu/packages/patches/qemu-CVE-2017-8112.patch,
gnu/packages/patches/qemu-CVE-2017-8309.patch,
gnu/packages/patches/qemu-CVE-2017-8379.patch,
gnu/packages/patches/qemu-CVE-2017-8380.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/qemu.scm (qemu)[source]: Use them.
2017-06-03 20:50:10 -04:00
Sergei Trofimovich 34cfeca84e
gnu: libgit2: Fix Clar test framework.
This commit reverts 'patch' hack introduced in
a48a1071a6 and fixes bug in the Clar test
framework.

Patch is proposed to Clar upstream as
<https://github.com/vmg/clar/pull/78>.

* gnu/local.mk: Add libgit2-0.25.1-mtime-0.patch.
* gnu/packages/patches/libgit2-0.25.1-mtime-0.patch: New file.
* gnu/packages/version-control.scm (libgit2)[arguments]:
Remove 'apply-patch' phase.
[inputs]: Remove "patch".
[source]: Add 'patches' field.

Signed-off-by: Sergei Trofimovich <slyfox@inbox.ru>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-04 00:56:18 +02:00
John Darrington fb226b4351
gnu: Move vtk to image-processing.scm.
* gnu/packages/image-processing.scm (vtk): New variable.
* gnu/packages/vtk.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Remove it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-02 18:47:06 +02:00
Ethan R. Jones 17ce0d45bd
gnu: Add libzen.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add new file.
* gnu/packages/cpp.scm (libzen): New varible.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-05-31 17:08:45 +02:00
Leo Famulari b0415c0361
gnu: openldap: Fix CVE-2017-9287.
* gnu/packages/patches/openldap-CVE-2017-9287.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/openldap.scm (openldap)[replacement]: New field.
(openldap/fixed): New variable.
2017-05-30 18:15:23 -04:00
Kei Kebreau adc5cb1b49
gnu: Add libgdata.
* gnu/packages/gnome.scm (libgdata): New variable.
* gnu/packages/patches/libgdata-fix-tests.patch,
gnu/packages/patches/libgdata-glib-duplicate-tests.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-05-30 13:13:16 -04:00
Leo Famulari 4a897c4990
gnu: jasper: Update to 2.0.13.
* gnu/packages/image.scm (jasper): Update to 2.0.13.
[source]: Use GitHub URL and set the file-name. Remove
'jasper-CVE-2017-6850.patch'.
* gnu/packages/patches/jasper-CVE-2017-6850.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-05-29 12:52:30 -04:00
Marius Bakke 6f8cda185e
Merge branch 'master' into staging 2017-05-28 23:47:25 +02:00