Commit Graph

737 Commits

Author SHA1 Message Date
Leo Famulari d17e085a59
gnu: Remove libwmf.
This package contains many security vulnerabilities and is no longer maintained
upstream. See this discussion for more information:

https://lists.gnu.org/archive/html/guix-devel/2017-05/msg00478.html

* gnu/packages/image.scm (libwmf): Remove variable.
* gnu/packages/wv.scm (wv)[inputs]: Remove libwmf.
[arguments]: Remove field.
* gnu/packages/abiword.scm (abiword)[inputs]: Remove libwmf.
[source]: Remove patch 'abiword-wmf-version-lookup-fix.patch'.
* gnu/packages/patches/abiword-wmf-version-lookup-fix.patch,
gnu/packages/patches/libwmf-CAN-2004-0941.patch,
gnu/packages/patches/libwmf-CVE-2006-3376.patch,
gnu/packages/patches/libwmf-CVE-2007-0455.patch,
gnu/packages/patches/libwmf-CVE-2007-2756.patch,
gnu/packages/patches/libwmf-CVE-2007-3472.patch,
gnu/packages/patches/libwmf-CVE-2007-3473.patch,
gnu/packages/patches/libwmf-CVE-2007-3477.patch,
gnu/packages/patches/libwmf-CVE-2009-1364.patch,
gnu/packages/patches/libwmf-CVE-2009-3546.patch,
gnu/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch,
gnu/packages/patches/libwmf-CVE-2015-4695.patch,
gnu/packages/patches/libwmf-CVE-2015-4696.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-06-24 23:10:28 -04:00
Efraim Flashner 665d6a5916
gnu: glibc: Add mitigations for CVE-2017-1000366.
* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc-2.25-patched): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)[source]: Add patches.
[replacement]: New field.
(glibc-locales)[replacement]: New field.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Modified-By: Mark H Weaver <mhw@netris.org>
2017-06-24 02:42:37 -04:00
Mark H Weaver d2ba69f315
gnu: guile-ssh: Fix entry in dist_patch_DATA.
Based on a patch by Efraim Flashner <efraim@flashner.co.il>.

* gnu/local.mk (dist_patch_DATA): "gnu" -> "%D%" for
guile-ssh-channel-finalization.patch.
2017-06-24 02:42:17 -04:00
Theodoros Foradis 03d0cc1160
gnu: Add libserialport.
* gnu/packages/electronics.scm: New file.
(libserialport): New variable.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.

Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
2017-06-24 07:47:38 +02:00
Leo Famulari c57b56722f
gnu: qemu: Fix CVE-2017-9524.
* gnu/packages/patches/qemu-CVE-2017-9524.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/qemu.scm (qemu)[source]: Use it.
2017-06-23 16:54:36 -04:00
Roel Janssen f70f3407ca
gnu: Update calibre to 3.0.0.
* gnu/local.mk: Remove patch.
* gnu/packages/ebook.scm (calibre): Update to 3.0.0.
* gnu/packages/patches/calibre-dont-load-remote-icons.patch: Remove file.
2017-06-22 00:07:58 +02:00
Arun Isaac 148585c240
gnu: Move contents of zip module into compression module.
* gnu/packages/zip.scm (zip, unzip, zziplib, perl-zip): Move to...
* gnu/packages/compression.scm: ...here.
* gnu/packages/zip.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Unregister deleted file.
* po/packages/POTFILES.in: Unregister deleted file.
* gnu/packages/{audio, avr, bioinformatics, busybox, cdrom, ci, compression,
docbook, documentation, fonts, fpga, game-development, games, gl, gnome,
gnuzilla, graphics, guile, haskell, image, java, kodi, ldc, libreoffice,
markup, maths, mc, monitoring, music, php, pretty-print, python, scheme,
smalltalk, statistics, synergy, tex, textutils, video, web-browsers, xml,
zip}.scm, guix/build-system/{ant, font}.scm, guix/{download, packages}.scm:
Adapt module import.
2017-06-20 18:10:35 +05:30
Leo Famulari 4dd8d28085
gnu: exim: Fix CVE-2017-1000369.
* gnu/packages/patches/exim-CVE-2017-1000369.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (exim)[source]: Use it.
2017-06-19 20:20:54 -04:00
Marius Bakke 200762a44c
gnu: miniupnpc: Update to 2.0.20170509.
* gnu/packages/upnp.scm (miniupnpc): Update to 2.0.20170509.
[source]: Remove obsolete patch.
* gnu/packages/patches/miniupnpc-CVE-2017-8798.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-18 18:22:06 +02:00
Leo Famulari 8d138ea087
gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].
Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.

* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
2017-06-15 11:28:21 -04:00
Leo Famulari 0c5a8007fe
gnu: zziplib: Fix CVE-2017-{5974,5975,5976,5978,5979,5981}.
* gnu/packages/patches/zziplib-CVE-2017-5974.patch,
gnu/packages/patches/zziplib-CVE-2017-5975.patch,
gnu/packages/patches/zziplib-CVE-2017-5976.patch,
gnu/packages/patches/zziplib-CVE-2017-5978.patch,
gnu/packages/patches/zziplib-CVE-2017-5979.patch,
gnu/packages/patches/zziplib-CVE-2017-5981.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/zip.scm (zziplib)[source]: Use them.
2017-06-15 11:12:02 -04:00
Ricardo Wurmus db90eb8c2b
gnu: Add propeller-gcc-4.
* gnu/packages/embedded.scm (propeller-gcc-4): New variable.
* gnu/packages/patches/gcc-4.6-gnu-inline.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-15 17:06:47 +02:00
Leo Famulari 75072795bd
gnu: osip: Fix CVE-2017-7853.
* gnu/packages/patches/osip-CVE-2017-7853.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/telephony.scm (osip)[source]: Use it.
2017-06-14 13:16:21 -04:00
Ludovic Courtès 8e469b67f9
gnu: guile-ssh: Close RREPL channel ports before they are finalized.
Partly fixes <https://bugs.gnu.org/26976>.

* gnu/packages/patches/guile-ssh-channel-finalization.patch: New file.
* gnu/packages/ssh.scm (guile-ssh)[source](patches): Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-13 23:22:19 +02:00
Marius Bakke a10040e09b
gnu: nss, nss-certs: Update to 3.31.
Release notes:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes>

* gnu/packages/certs.scm (nss-certs): Update to 3.31.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[source]<patches>: Remove upstream 'nss-disable-long-b64-tests' patch.
[arguments]<#:phases>: Move armhf timeout substitution ...
* gnu/packages/patches/nss-increase-test-timeout.patch: ... here.
* gnu/packages/patches/nss-disable-long-b64-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-12 21:31:12 +02:00
nee 1243aaac73
gnu: crawl: Fix savegame upgrades.
* gnu/packages/patches/crawl-upgrade-saves.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/games.scm (crawl)[source]: Apply patch.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-06-12 15:02:23 +05:30
Leo Famulari 34a0984e57
gnu: libmwaw: Fix CVE-2017-9433.
* gnu/packages/patches/libmwaw-CVE-2017-9433.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libreoffice.scm (libmwaw)[source]: Use it.
2017-06-12 01:20:34 -04:00
Marius Bakke 75cc8fe9ea
gnu: libextractor: Update to 1.4.
* gnu/packages/gnunet.scm (libextractor): Update to 1.4.
[source]: Remove obsolete patch and snippet.
* gnu/packages/patches/libextractor-ffmpeg-3.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-11 15:42:51 +02:00
Marius Bakke 88e2511e21
gnu: gnutls: Replace with 3.5.13.
This update addresses the following security advisories:

GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.

See <https://gnutls.org/security.html> and <https://gnutls.org/news.html>.

* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register patches.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls-3.5.13): New variable.
(gnutls/guile-2.2)[replacement]: New field. Set #f.
[source]: Inherit from GNUTLS-3.5.13.
2017-06-11 01:08:58 +02:00
ng0 e5eede3fb3
gnu: Rename (gnu packages markdown) to (gnu packages markup).
* gnu/packages/markdown.scm: Rename this ...
* gnu/packages/markup.scm: ... to this.
* gnu-system.am (GNU_SYSTEM_MODULES): Change markdown.scm to markup.scm.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-06-10 00:11:36 +02:00
Marius Bakke 099c9fdae6
gnu: raptor2: Fix heap overflow bug.
* gnu/packages/patches/raptor2-heap-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/rdf.scm (raptor2): Use it.
2017-06-09 01:16:55 +02:00
Ludovic Courtès dfcd02c0f6
gnu: artanis: Update to 0.2.1.
* gnu/packages/guile.scm (artanis): Update to 0.2.1.
[inputs]: Switch to GUILE-2.2.
[arguments]: Adjust #:make-flags for Guile 2.2.  Take .go files from
lib/guile/2.2.  Add 'wrap-art' phase.
* gnu/packages/patches/artanis-fix-Makefile.in.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-08 23:54:56 +02:00
Leo Famulari 15df12beae
gnu: perl: Fix CVE-2017-6512 in File::Path.
* gnu/packages/perl.scm (perl)[replacement]: New field.
(perl/fixed): New variable.
* gnu/packages/patches/perl-file-path-CVE-2017-6512.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-06 20:59:12 -04:00
Arun Isaac a3d3b7a4e1
gnu: Add js-mathjax.
* gnu/packages/javascript.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/javascript.scm (js-mathjax): New variable.
2017-06-05 19:16:06 +05:30
Marius Bakke 00c5e3e5fc
gnu: xf86-input-wacom: Update to 0.34.2.
* gnu/packages/xdisorg.scm (xf86-input-wacom): Update to 0.34.2.
[source]: Remove obsolete patch.
* gnu/packages/patches/xf86-input-wacom-xorg-abi-25.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-05 14:58:01 +02:00
Marius Bakke f484a50d50
Merge branch 'staging' 2017-06-05 00:36:11 +02:00
Ludovic Courtès fb976ada5b
gnu: libssh: Update to 0.7.5.
* gnu/packages/ssh.scm (libssh): Update to 0.7.5.
[source](patches): New field.
2017-06-04 23:00:32 +02:00
Manolis Ragkousis 6bf11392f9
gnu: Add openscenegraph.
* gnu/packages/graphics.scm (openscenegraph): New variable.
* gnu/packages/patches/openscenegraph-ffmpeg3.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
2017-06-04 21:57:08 +03:00
Leo Famulari 8b5cb8d054
gnu: qemu: Fix CVE-2017-{8112,8309,8379,8380}.
* gnu/packages/patches/qemu-CVE-2017-8112.patch,
gnu/packages/patches/qemu-CVE-2017-8309.patch,
gnu/packages/patches/qemu-CVE-2017-8379.patch,
gnu/packages/patches/qemu-CVE-2017-8380.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/qemu.scm (qemu)[source]: Use them.
2017-06-03 20:50:10 -04:00
Sergei Trofimovich 34cfeca84e
gnu: libgit2: Fix Clar test framework.
This commit reverts 'patch' hack introduced in
a48a1071a6 and fixes bug in the Clar test
framework.

Patch is proposed to Clar upstream as
<https://github.com/vmg/clar/pull/78>.

* gnu/local.mk: Add libgit2-0.25.1-mtime-0.patch.
* gnu/packages/patches/libgit2-0.25.1-mtime-0.patch: New file.
* gnu/packages/version-control.scm (libgit2)[arguments]:
Remove 'apply-patch' phase.
[inputs]: Remove "patch".
[source]: Add 'patches' field.

Signed-off-by: Sergei Trofimovich <slyfox@inbox.ru>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-04 00:56:18 +02:00
John Darrington fb226b4351
gnu: Move vtk to image-processing.scm.
* gnu/packages/image-processing.scm (vtk): New variable.
* gnu/packages/vtk.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Remove it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-02 18:47:06 +02:00
Ethan R. Jones 17ce0d45bd
gnu: Add libzen.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add new file.
* gnu/packages/cpp.scm (libzen): New varible.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-05-31 17:08:45 +02:00
Leo Famulari b0415c0361
gnu: openldap: Fix CVE-2017-9287.
* gnu/packages/patches/openldap-CVE-2017-9287.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/openldap.scm (openldap)[replacement]: New field.
(openldap/fixed): New variable.
2017-05-30 18:15:23 -04:00
Kei Kebreau adc5cb1b49
gnu: Add libgdata.
* gnu/packages/gnome.scm (libgdata): New variable.
* gnu/packages/patches/libgdata-fix-tests.patch,
gnu/packages/patches/libgdata-glib-duplicate-tests.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-05-30 13:13:16 -04:00
Leo Famulari 4a897c4990
gnu: jasper: Update to 2.0.13.
* gnu/packages/image.scm (jasper): Update to 2.0.13.
[source]: Use GitHub URL and set the file-name. Remove
'jasper-CVE-2017-6850.patch'.
* gnu/packages/patches/jasper-CVE-2017-6850.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-05-29 12:52:30 -04:00
Marius Bakke 6f8cda185e
Merge branch 'master' into staging 2017-05-28 23:47:25 +02:00
Leo Famulari 0fd0bb56a8
gnu: rxvt-unicode: Disable an unwanted code execution vector.
* gnu/packages/patches/rxvt-unicode-escape-sequences.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (rxvt-unicode)[source]: Use it.
2017-05-28 14:41:46 -04:00
Leo Famulari 5cd0122e60
gnu: synfigstudio: Fix patch name in 'gnu/local.mk'.
This is a followup to commit 2ac2b17251.

* gnu/local.mk (dist_patch_DATA): Fix typo.
2017-05-28 14:34:43 -04:00
Leo Famulari 22e6656d25
gnu: libtiff: Update replacement to 4.0.8 [security fixes].
See 'ChangeLog' in the source distribution for more information about
the bugs and security issues fixed in this release.

* gnu/packages/image.scm (libtiff)[replacement]: Replace with libtiff-4.0.8.
(libtiff/fixed): Replace with ...
(libtiff-4.0.8): New variable.
* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-05-28 14:34:43 -04:00
Ricardo Wurmus 2ac2b17251
gnu: synfigstudio: Fix UI bug.
* gnu/packages/patches/synfigstudio-fix-ui-with-gtk3.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/animation.scm (synfigstudio)[source]: Apply patch.
2017-05-28 15:59:52 +02:00
Marius Bakke 3803b069f6
gnu: gajim: Fix CVE-2016-10376.
* gnu/packages/patches/gajim-CVE-2016-10376.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (gajim)[source]: Use it.
2017-05-28 13:18:24 +02:00
Ricardo Wurmus 21fea1d1a9
gnu: synfigstudio: Update to 1.2.0.
* gnu/packages/patches/synfig-build-fix.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove patch.
* gnu/packages/animation.scm (etl): Update to 0.04.22.
(synfig): Update to 1.2.0.
[source]: Remove patch.
[arguments]: Remove obsolete build phases.
[propagated-inputs]: Add fftw.
(synfigstudio): Update to 1.2.0.
[source]: Remove unnecessary snippet.
[arguments]: Remove.
2017-05-27 22:37:48 +02:00
ng0 574e4e16d8
gnu: Add florence.
* gnu/packages/accessibility.scm: New file.
* gnu/local.mk: (GNU_SYSTEM_MODULES): Add it.

Signed-off-by: Leo Famulari <leo@famulari.name>
2017-05-27 13:35:02 -04:00
Adriano Peluso 48174fb9aa
gnu: Add trytond.
* gnu/packages/tryton.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/tryton.scm (trytond): New variable.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-05-27 18:41:12 +05:30
Adriano Peluso b208f71b9b
gnu: Add python-genshi.
* gnu/packages/python.scm (python-genshi, python2-genshi): New variables.
 * gnu/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch: New file.
 * gnu/packages/patches/python-genshi-buildable-on-python-2.7.patch: New file.
 * gnu/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch: New file.
 * gnu/packages/patches/python-genshi-fix-tests-on-python-3.5.patch: New file.
 * gnu/packages/patches/python-genshi-isstring-helper.patch: New file.
 * gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch: New file.
 * gnu/local.mk (dist_patch_DATA): Add them.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-05-27 18:41:12 +05:30
Julien Lepiller ba69e8f7ce
gnu: Add knot-service-type.
* gnu/services/dns.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (DNS Services): New subsubsection.
2017-05-27 10:40:24 +02:00
Mark H Weaver 12f37d6015
gnu: graphite2/fixed: Update to 1.3.10.
* gnu/packages/fontutils.scm (graphite2/fixed): Update to 1.3.10.  Remove
patches that have been incorporated upstream.
* gnu/packages/patches/graphite2-CVE-2017-5436.patch,
gnu/packages/patches/graphite2-check-code-point-limit.patch,
gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch,
gnu/packages/patches/graphite2-non-linear-classes-even-number.patch: Delete
files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-05-27 00:22:10 -04:00
Marius Bakke 9df24909e2
Merge branch 'master' into staging 2017-05-27 03:55:24 +02:00
Marius Bakke ce1e6de076
gnu: gnome-shell: Update to 3.24.2.
* gnu/packages/patches/gnome-shell-CVE-2017-8288.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/gnome.scm (gnome-shell): Update to 3.24.2.
[source]: Remove patch.
2017-05-24 23:22:39 +02:00
Leo Famulari ff51a87cae
gnu: libtasn1: Fix CVE-2017-6891.
* gnu/packages/patches/libtasn1-CVE-2017-6891.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (libtasn1)[replacement]: New field.
(libtasn1/fixed): New variable.
2017-05-24 16:57:40 -04:00