Ludovic Courtès
6a25e59514
cve: Read entire CVE databases for the current year and the past year.
...
The "Modified" database that we were reading is much smaller, but it
only shows CVEs modified over the past week.
* guix/cve.scm (%now, %current-year, %past-year): New variables.
(yearly-feed-uri): New procedure.
(%cve-feed-uri, %ttl): Remove.
(%current-year-ttl, %past-year-ttl): New variables.
(call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them.
Add 'setvbuf' call.
(current-vulnerabilities)[read-vulnerabilities]: New procedure.
Read from both %LAST-YEAR and %CURRENT-YEAR.
2016-03-11 16:33:50 +01:00
Ludovic Courtès
ef0f0d5f97
gnu: vorbis-tools: Patch buffer overflow [fixes CVE-2015-6749].
...
* gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xiph.scm (vorbis-tools)[source]: Use it.
2016-03-11 16:33:50 +01:00
Jan Nieuwenhuizen
baacf042fd
doc: Suggest `guix.scm' for upstream maintainers.
...
* doc/guix.texi (Invoking guix package): Suggest `guix.scm'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2016-03-11 16:33:50 +01:00
Ludovic Courtès
cf557afa2e
cve: Make CPE patch level part of the version string.
...
* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL.
(cpe->package-name): Likewise.
2016-03-11 16:33:50 +01:00
Nils Gillmann
d381962f35
gnu: Add powwow.
...
* gnu/packages/games.scm (powwow): New variable.
2016-03-11 08:37:11 +08:00
Roel Janssen
a0a71439fa
gnu: Add bioawk.
...
* gnu/packages/bioinformatics.scm (bioawk): New variable.
Signed-off-by: Leo Famulari <leo@famulari.name>
2016-03-10 18:37:25 -05:00
Mark H Weaver
7bf4bd0991
gnu: linux-libre: Update to 4.4.5.
...
* gnu/packages/linux.scm (linux-libre): Update to 4.4.5.
2016-03-10 18:17:31 -05:00
Raimon Grau
9514662322
gnu: Add nload.
...
* gnu/packages/networking.scm (nload): New variable.
Signed-off-by: Leo Famulari <leo@famulari.name>
2016-03-10 16:48:16 -05:00
Leo Famulari
ff22f01d67
gnu: dropbear: Update to 2016.72 [fixes CVE-2016-3116].
...
* gnu/packages/ssh.scm (dropbear): Update to 2016.72.
2016-03-10 15:34:05 -05:00
Leo Famulari
efa3752964
gnu: openssh: Update to 7.2p2 [fixes CVE-2016-3115].
...
* gnu/packages/ssh.scm (openssh): Update to 7.2p2.
2016-03-10 15:34:05 -05:00
Efraim Flashner
a232ce429e
gnu: catch: Update to 1.3.5.
...
* gnu/packages/check.scm (catch): Update to 1.3.5.
2016-03-10 21:41:24 +02:00
Efraim Flashner
34a6f4dcf9
gnu: cppunit: Update to 1.13.2.
...
* gnu/packages/check.scm (cppunit): Update to 1.13.2.
[source]: Change to libreoffice's hosted release tarballs.
[home-page]: Change to freedesktop.
2016-03-10 21:25:31 +02:00
Efraim Flashner
591f1d3e4c
gnu: lcov: Update to 1.12.
...
* gnu/packages/code.scm (lcov): Update to 1.12.
2016-03-10 20:20:26 +02:00
Efraim Flashner
1d116171a0
gnu: the-silver-searcher: Update to 0.31.0.
...
* gnu/packages/code.scm (the-silver-searcher): Update to 0.31.0.
2016-03-10 20:17:50 +02:00
Efraim Flashner
1e42d8b8ba
gnu: complexity: Update to 1.10.
...
* gnu/packages/code.scm (complexity): Update to 1.10.
2016-03-10 20:15:15 +02:00
Efraim Flashner
9720651942
gnu: libass: Update to 0.13.2.
...
* gnu/packages/video.scm (libass): Update to 0.13.2.
2016-03-10 18:23:40 +02:00
Efraim Flashner
83820c0f10
gnu: obs: Update to 0.13.2.
...
* gnu/packages/video.scm (obs): Update to 0.13.2.
2016-03-10 18:23:40 +02:00
Mark H Weaver
c3499ad6b8
gnu: icecat: Add several security fixes.
...
* gnu/packages/patches/icecat-CVE-2015-4477.patch,
gnu/packages/patches/icecat-CVE-2015-7207.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch,
gnu/packages/patches/icecat-CVE-2016-1954.patch,
gnu/packages/patches/icecat-CVE-2016-1960.patch,
gnu/packages/patches/icecat-CVE-2016-1961.patch,
gnu/packages/patches/icecat-CVE-2016-1962.patch,
gnu/packages/patches/icecat-CVE-2016-1964.patch,
gnu/packages/patches/icecat-CVE-2016-1965.patch,
gnu/packages/patches/icecat-CVE-2016-1966.patch,
gnu/packages/patches/icecat-CVE-2016-1974.patch,
gnu/packages/patches/icecat-bug-1248851.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2016-03-10 10:52:41 -05:00
Ludovic Courtès
ec278439f3
substitute: Optimize HTTP pipelining over TLS.
...
* guix/scripts/substitute.scm (http-multiple-get): Write the requests
to a bytevector output port before sending them.
2016-03-10 13:55:30 +01:00
Ludovic Courtès
9b7bd1b160
substitute: Add HTTPS support.
...
Fixes <http://bugs.gnu.org/22937 >.
Reported by Chris Marusich <cmmarusich@gmail.com>.
* guix/scripts/substitute.scm (fetch): Add 'https' alongside 'http'.
Use 'open-connection-for-uri' instead of 'open-socket-for-uri'. Call
'setvbuf' only when PORT matches 'file-port?'.
(http-multiple-get): Likewise. Change 'base-url' parameter to
'base-uri'.
(fetch-narinfos)[do-fetch]: Add 'https' case alongside 'http'. Pass URI
instead of URL to 'http-multiple-get'.
* doc/guix.texi (Requirements): Move GnuTLS one level higher and mention
HTTPS substitutes.
(Substitutes): Mention HTTPS and recommend it. Explain why servers
are not authenticated. Add "On Trusting Binaries" subsection.
2016-03-10 13:55:30 +01:00
Efraim Flashner
2f9862ffd0
gnu: isc-dhcp: Update bundled bind to 9.9.8-P4 [fixes CVE-2016-1285, CVE-2016-1286].
...
* gnu/packages/admin.scm (isc-dhcp): Update bundled bind to 9.9.8-P4.
2016-03-10 09:49:04 +02:00
Efraim Flashner
0d88031c2f
gnu: bind-utils: Update to 9.10.3-P4 [fixes CVE-2016-1285, CVE-2016-1286].
...
* gnu/packages/dns.scm (bind-utils): Update to 9.10.3-P4.
2016-03-10 09:29:55 +02:00
Ricardo Wurmus
82f145ef7a
gnu: custom-gcc: Delete broken or conflicting executables.
...
* gnu/packages/gcc.scm (custom-gcc)[arguments]: Add phase to remove
executables that are non-functional or conflict with the executables of
"gcc".
2016-03-10 07:12:27 +01:00
宋文武
ce6027bf43
gnu: nautilus: Don't propagate gtk+.
...
* gnu/packages/gnome.scm (nautilus): Move gtk+ from propagated-inputs to inputs.
2016-03-10 08:27:53 +08:00
Ludovic Courtès
204d34ff96
substitute: Error out on unsupported URL schemes.
...
Reported in <http://bugs.gnu.org/22937 >
by Chris Marusich <cmmarusich@gmail.com>.
* guix/scripts/substitute.scm (fetch): Add 'else' case and call 'leave'.
2016-03-09 23:47:49 +01:00
Ludovic Courtès
bec7f35214
ui: Do not call 'port-filename' on closed file ports.
...
* guix/ui.scm (call-with-error-handling)[port-filename*]: New
procedure.
Use it in the 'nar-error?' case.
2016-03-09 23:47:49 +01:00
Andreas Enge
8bcdc23fd0
gnu: texlive: Make texlive-bin and texlive-texmf private.
...
* gnu/packages/texlive.scm (texlive-bin, texlive-texmf): Define the variables
as non-public; they should not be installed into a profile.
2016-03-09 22:36:45 +01:00
Andreas Enge
fde6060347
gnu: po4a: Use texlive-minimal instead of texlive-bin.
...
* gnu/packages/gettext.scm (po4a)[inputs]: Replace texlive-bin by
texlive-minimal.
2016-03-09 22:36:45 +01:00
Andreas Enge
aad375c9bc
gnu: statistics: Remove import of unused texlive module.
...
* gnu/packages/statistics.scm: Do not import (gnu packages texlive).
2016-03-09 22:36:45 +01:00
Andreas Enge
289adba7a3
gnu: gnuplot: Use texlive-minimal instead of texlive-bin.
...
* gnu/packages/maths.scm (gnuplot)[inputs]: Replace texlive-bin by
texlive-minimal.
2016-03-09 22:36:45 +01:00
Tobias Geerinckx-Rice
fb9ca51130
gnu: simple-scan: Update to 3.19.91.
...
* gnu/packages/gnome.scm (simple-scan): Update to 3.19.91.
[arguments]: Add 'clean' phase.
2016-03-09 15:55:33 -05:00
Mark H Weaver
f97334220c
gnu: pidgin-otr: Update to 4.0.2.
...
* gnu/packages/messaging.scm (pidgin-otr): Update to 4.0.2.
2016-03-09 15:51:16 -05:00
Andreas Enge
5adb3a4db4
gnu: libotr: Remove version 3.2.1.
...
* gnu/packages/messaging.scm (libotr-3): Remove variable.
2016-03-09 21:31:18 +01:00
Leo Famulari
89e58e8e8c
libotr: Update to 4.1.1 [fixes CVE-2016-2851].
...
* gnu/packages/messaging.scm (libotr): Update to 4.1.1.
[native-inputs]: New field.
2016-03-09 15:19:50 -05:00
Ludovic Courtès
f5a9103991
gnu: dbus: Incorporate "dbus-helper-search-path.patch".
...
* gnu/packages/glib.scm (dbus)[source]: Apply
"dbus-helper-search-path.patch".
(dbus/activation): Remove.
* gnu/services/dbus.scm (<dbus-configuration>)[dbus]: Default to DBUS.
(dbus-service): Likewise.
2016-03-09 15:31:23 +01:00
Ludovic Courtès
255f730879
gnu: eudev: Add dependency on blkid.
...
* gnu/packages/linux.scm (eudev)[inputs]: Add UTIL-LINUX.
(eudev-with-blkid): Remove.
* gnu/services/base.scm (udev-service): Use EUDEV instead of
EUDEV-WITH-BLKID.
* gnu/system.scm (%base-packages): Likewise.
2016-03-09 15:26:09 +01:00
Ludovic Courtès
297a36abfc
gnu: graphite2: Update to 1.3.6.
...
* gnu/packages/fontutils.scm (graphite2)[replacement]: Remove.
[version, source]: Update to 1.3.6.
(graphite2-1.3.6): Remove.
2016-03-09 15:23:12 +01:00
Ludovic Courtès
4cff124bbf
gnu: openssl: Update to 1.0.2g.
...
* gnu/packages/tls.scm (openssl)[replacement]: Remove.
[version, source]: Bump to 1.0.2g. Use "openssl-c-rehash-in.patch"
instead of "openssl-c-rehash.patch".
(openssl-1.0.2g): Remove.
* gnu-system.am (dist_patch_DATA): Remove "openssl-c-rehash.patch".
2016-03-09 15:20:34 +01:00
Ludovic Courtès
4d1a35fabc
gnu: perl: Incorporate patch for CVE-2016-2381.
...
* gnu/packages/perl.scm (perl)[source]: Add "perl-CVE-2016-2381.patch".
[replacement]: Remove.
(perl-fixed): Remove.
2016-03-09 15:17:12 +01:00
Ludovic Courtès
6da23c0429
gnu: complexity: Update to 1.9.
...
* gnu/packages/code.scm (complexity): Update to 1.9.
2016-03-09 15:10:20 +01:00
Ludovic Courtès
f1eacbafc4
upstream: Fix 'signature-urls' coalescing.
...
Previously, the resulting 'signature-urls' would contain N times the
same URL.
* guix/upstream.scm (coalesce-sources): Fix TWO in 'signature-urls'.
* tests/upstream.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
2016-03-09 15:08:00 +01:00
Ludovic Courtès
1ddee42472
doc: Add note on store immutability.
...
* doc/guix.texi (The Store): Mention "store items" and the database
location. Add note on the store's immutability.
2016-03-09 14:49:28 +01:00
Efraim Flashner
00eb9fa3e2
gnu: Add liblangtag.
...
* gnu/packages/libreoffice.scm (liblangtag): New variable.
Co-authored-by: Andreas Enge <andreas@enge.fr>
2016-03-09 14:27:19 +01:00
Andreas Enge
ebc816311c
gnu: libreoffice: Enable parallel build.
...
* gnu/packages/libreoffice.scm (libreoffice)[arguments]: Enable parallel
build.
2016-03-09 14:27:19 +01:00
Ludovic Courtès
112024826d
system: Explicitly set umask to 022 in /etc/profile.
...
Fixes <http://bugs.gnu.org/22650 >.
Reported by myglc2 <myglc2@gmail.com>.
* gnu/system.scm (operating-system-etc-service)[profile]: Invoke
'umask'.
2016-03-08 23:30:53 +01:00
Ludovic Courtès
5284339d9d
guix build: Add '--quiet'.
...
Fixes <http://bugs.gnu.org/19772 >.
Reported by Andrei Osipov <andrspv@gmail.com>.
* guix/scripts/build.scm (show-help, %options): Add --quiet.
(guix-build): Parameterize 'current-build-output-port' accordingly.
* doc/guix.texi (Invoking guix build): Use it in example.
(Additional Build Options): Document it.
2016-03-08 22:00:17 +01:00
Ludovic Courtès
efb107e0cd
packages: Gracefully report packages not found.
...
Fixes a thinko introduced in 1b846da8c3
that would lead to a backtrace when looking for an unknown package.
* gnu/packages.scm (%find-package): Correct logic when checking for
FALLBACK?.
2016-03-08 11:48:21 +01:00
Ludovic Courtès
95cd4971d0
packages: Support the deprecated "NAME-VERSION" syntax.
...
Fixes a typo introduced in 1b846da8c3
that
would lead to a backtrace when using the deprecated syntax.
* gnu/packages.scm (%find-package): Turn the first argument to
'call-with-values' into a thunk. Use #:select instead of '@' to select
the right 'package-name->name+version' procedure.
2016-03-08 11:38:46 +01:00
Ludovic Courtès
7befee308b
packages: Clarify NAME-VERSION deprecation message.
...
* gnu/packages.scm (%find-package): Clarify message; remove trailing
period.
2016-03-08 11:36:16 +01:00
Ludovic Courtès
16210486e6
guix system: Write the GC root on the target file system.
...
Fixes <http://bugs.gnu.org/22802 >.
Reported by Jookia <166291@gmail.com>.
* guix/scripts/system.scm (install-grub*): Prepend TARGET to GC-ROOT.
2016-03-08 11:11:28 +01:00