Commit Graph

853 Commits

Author SHA1 Message Date
Mark H Weaver 58cc369f32 gnu: webkitgtk-2.4: Update to 2.4.10 [fixes many security flaws].
Fixes CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081,
CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153,
CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731,
CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748,
CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801,
CVE-2015-5809, CVE-2015-5822, and CVE-2015-5928.

* gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/webkit.scm (webkitgtk-2.4): Update to 2.4.10.
[source]: Remove patch.
2016-03-22 07:38:22 -04:00
Ludovic Courtès cd6cc144e0 Merge branch 'security-updates' 2016-03-22 00:14:03 +01:00
Leo Famulari 064503aaa2 gnu: Add python-rarfile.
* gnu/packages/python.scm (python-rarfile, python2-rarfile): New
variables.
* gnu/packages/patches/python-rarfile-fix-tests.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
2016-03-18 14:27:16 -04:00
Mark H Weaver e3d3546eda gnu: libotr: Fix tests on mips64el.
* gnu/packages/patches/libotr-test-auth-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (libotr)[source]: Add patch.
2016-03-17 19:05:08 -04:00
Mark H Weaver a3b84f70d8 Merge branch 'master' into security-updates 2016-03-15 12:40:53 -04:00
Efraim Flashner 20109e07bd gnu: gitolite: Update to 3.6.5.
* gnu/packages/version-control.scm (gitolite): Update to 3.6.5.
[source]: Remove patch.
* gnu/packages/patches/gitolite-openssh-6.8-compat.patch: Remove file.
* gnu-system.am (dist_patch_DATA): Remove it.
2016-03-15 07:10:35 +02:00
Mark H Weaver 2c9f0b0770 Merge branch 'master' into security-updates 2016-03-12 15:07:41 -05:00
Andreas Enge 8e755b1bcd gnu: mupdf: Simplify package.
* gnu/packages/pdf.scm (mupdf)[source]: Drop patch and part of snippet
  modifying permissions of files added by the patch.
  [arguments]: Use #:make-flags instead of modified build and install phases.
  Drop superfluous module inclusion. Use modify-phases syntax.
* gnu/packages/patches/mupdf-buildsystem-fix.patch: Remove patch.
* gnu-system.am (dist_patch_DATA): Unregister patch.
2016-03-12 09:56:27 +01:00
Ludovic Courtès ef0f0d5f97 gnu: vorbis-tools: Patch buffer overflow [fixes CVE-2015-6749].
* gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xiph.scm (vorbis-tools)[source]: Use it.
2016-03-11 16:33:50 +01:00
Mark H Weaver c3499ad6b8 gnu: icecat: Add several security fixes.
* gnu/packages/patches/icecat-CVE-2015-4477.patch,
gnu/packages/patches/icecat-CVE-2015-7207.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch,
gnu/packages/patches/icecat-CVE-2016-1954.patch,
gnu/packages/patches/icecat-CVE-2016-1960.patch,
gnu/packages/patches/icecat-CVE-2016-1961.patch,
gnu/packages/patches/icecat-CVE-2016-1962.patch,
gnu/packages/patches/icecat-CVE-2016-1964.patch,
gnu/packages/patches/icecat-CVE-2016-1965.patch,
gnu/packages/patches/icecat-CVE-2016-1966.patch,
gnu/packages/patches/icecat-CVE-2016-1974.patch,
gnu/packages/patches/icecat-bug-1248851.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2016-03-10 10:52:41 -05:00
Ludovic Courtès 4cff124bbf gnu: openssl: Update to 1.0.2g.
* gnu/packages/tls.scm (openssl)[replacement]: Remove.
[version, source]: Bump to 1.0.2g.  Use "openssl-c-rehash-in.patch"
instead of "openssl-c-rehash.patch".
(openssl-1.0.2g): Remove.
* gnu-system.am (dist_patch_DATA): Remove "openssl-c-rehash.patch".
2016-03-09 15:20:34 +01:00
Efraim Flashner e224495ce1 gnu: jasper: Add fixes for CVE-2016-1577, CVE-2016-2089, CVE-2016-2116.
* gnu/packages/patches/jasper-CVE-2016-1557.patch,
gnu/packages/patches/jasper-CVE-2016-2089.patch,
gnu/packages/patches/jasper-CVE-2016-2116.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jasper)[source]: Add patches.
2016-03-08 11:54:58 +02:00
Andreas Enge d7c4619bd1 gnu: Add einstein.
* gnu/packages/games.scm (einstein): New variable.
* gnu/packages/patches/einstein-build.patch: New file.
* gnu-system.am (dist_patch_DATA): Register patch.
2016-03-05 18:44:43 +01:00
Leo Famulari d8173f21f7 gnu: perl: Replace with patched version [fixes CVE-2016-2381].
* gnu/packages/patches/perl-CVE-2016-2381.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/perl.scm (perl)[replacement]: New field.
(perl-fixed): New variable.
* gnu/packages/commencement.scm (perl-boot0)[replacement]: New field.
2016-03-03 14:56:23 -05:00
Lukas Gradl e90819c40a gnu: Add procmail.
* gnu/packages/patches/procmail-ambiguous-getline-debian.patch: New file.
 * gnu-system.am (dist_patch_DATA): Add it.
 * gnu/packages/mail.scm (procmail): New variable.

Signed-off-by: Leo Famulari <leo@famulari.name>
2016-03-02 20:44:18 -05:00
Mark H Weaver b134a80c36 gnu: icecat: Update bundled graphite2 to 1.3.6 [unspecified security fixes].
* gnu/packages/patches/icecat-update-graphite2-pt2.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.
2016-03-02 15:13:15 -05:00
Leo Famulari eb8065cd27 gnu: ilmbase: Fix typo in adding a patch.
* gnu-system.am (dist_patch_DATA): Fix typo.
5e8276dcf4
2016-03-01 20:47:11 -05:00
Leo Famulari 5e8276dcf4 gnu: ilmbase: Add patch to fix build on i686.
Fixes <http://bugs.gnu.org/22049>.

* gnu/packages/patches/ilmbase-fix-tests.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/graphics.scm (ilmbase)[source]: Add patch.
2016-03-01 19:08:31 -05:00
Ludovic Courtès caeadfddb0 gnu: openssl: Replace with 1.0.2g [fixes CVE-2016-{0800,0705,0798,0797,0799,0702,0703,0704}].
See <http://openssl.org/news/secadv/20160301.txt>.
Also fixes <http://bugs.gnu.org/22831>.

* gnu/packages/patches/openssl-c-rehash-in.patch: New file.
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2g): New variable.
2016-03-01 16:00:46 +01:00
Efraim Flashner e288f0075c gnu: weechat: Move to irc.scm.
* gnu/packages/weechat.scm (weechat): Move from here ...
* gnu/packages/irc.scm (weechat): ... to here.
* gnu/packages/weechat.scm: Delete file.
* gnu-system.am (GNU_SYSTEM_MODULES): Remove weechat.scm.
2016-03-01 11:09:32 +02:00
Efraim Flashner 27930f853d gnu: irssi: Move to irc.scm.
* gnu/packages/irssi.scm (irssi): Move from here ...
* gnu/packages/irc.scm (irssi): ... to here.
* gnu/packages/irssi.scm: Delete file.
* gnu-system.am (GNU_SYSTEM_MODULES): Remove irssi.scm.
2016-03-01 11:09:32 +02:00
Efraim Flashner 980f058d92 gnu: Add quassel.
* gnu/packages/irc.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Register it.
2016-03-01 11:09:32 +02:00
Efraim Flashner d34c594aeb gnu: Add qca.
* gnu/packages/kde.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Register it.
2016-03-01 11:09:32 +02:00
Mark H Weaver 9579118922 gnu: bitlbee: Update to 3.4.1.
* gnu/packages/patches/bitlbee-configure-doc-fix.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (bitlbee): Update to 3.4.1.
[source]: Remove patch.
2016-02-27 21:10:56 -05:00
Ricardo Wurmus a003b5b650 gnu: scribus: Update to 1.5.1.
* gnu/packages/scribus.scm (scribus): Update to 1.5.1.
[source]: Remove patch.
* gnu/packages/patches/scribus-qobject.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
2016-02-27 16:34:20 +01:00
Christopher Allan Webber c4a7904c21 gnu: Add python-paste.
* gnu/packages/python.scm (python-paste, python2-paste): New variables.
* gnu/packages/patches/python-paste-remove-timing-test.patch: New file.
* gnu/packages/patches/python-paste-remove-website-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add them.
2016-02-25 11:01:45 -08:00
Mark H Weaver e62b5c6903 Merge branch 'media-updates' 2016-02-25 13:50:19 -05:00
Leo Famulari 85267efb2a gnu: libssh: Update to 0.7.3 [fixes CVE-2016-0739].
* gnu/packages/patches/libssh-CVE-2014-0017.patch: Delete file.
* gnu/packages/patches/libssh-0.6.5-CVE-2016-0739.patch: New file.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/ssh.scm (libssh): Update to 0.7.3.
  (libssh-0.5): Rename to...
  (libssh-0.6): ... this.  Update to 0.6.5.
  [source]: Add patch for CVE-2016-0739.
  (guile-ssh)[inputs]: Use libssh-0.6.

Modified-By: Mark H Weaver <mhw@netris.org>
2016-02-24 16:32:09 -05:00
Andy Wingo 2ae7a55062 gnu: xf86-video-vmware: Update to 13.1.0.
* gnu/packages/patches/xf86-video-vmware-glibc-2.20.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-vmware): Update to 13.1.0.
  [source]: Remove patch.
2016-02-24 11:49:57 -05:00
Andy Wingo bcd4a74039 gnu: xf86-video-trident: Update to 1.3.7.
* gnu/packages/patches/xf86-video-trident-remove-mibstore.patch: Delete
  file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-trident): Update to 1.3.7.
  [source]: Remove patch.
2016-02-24 11:49:57 -05:00
Andy Wingo 816decebf2 gnu: xf86-video-tdfx: Update to 1.4.6.
* gnu/packages/patches/xf86-video-tdfx-remove-mibstore.patch: Delete
  file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-tdfx): Update to 1.4.6.
  [source]: Remove patch.
2016-02-24 11:49:57 -05:00
Andy Wingo 5f59f5103a gnu: xf86-video-sis: Update to 0.10.8.
* gnu/packages/patches/xf86-video-sis-fix-exa-crash.patch,
  gnu/packages/patches/xf86-video-sis-update-api.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Remove them.
* gnu/packages/xorg.scm (xf86-video-sis): Update to 0.10.8.
  [source]: Remove patches.
2016-02-24 11:49:57 -05:00
Andy Wingo fc1172f787 gnu: xf86-video-siliconmotion: Update to 1.7.8.
* gnu/packages/patches/xf86-video-siliconmotion-remove-mibstore.patch:
  Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-siliconmotion): Update to 1.7.8.
  [source]: Remove patch.
2016-02-24 11:49:57 -05:00
Andy Wingo bfe27469b4 gnu: xf86-video-r128: Update to 6.10.1.
* gnu/packages/patches/xf86-video-r128-glibc-2.20.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-r128): Update to 6.10.1.
  [source]: Remove patch.
2016-02-24 11:49:57 -05:00
Andy Wingo ea192db119 gnu: xf86-video-mga: Update to 1.6.4.
* gnu/packages/patches/xf86-video-mga-glibc-2.20.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-mga): Update to 1.6.4.
  [source]: Remove patch.
2016-02-24 11:49:57 -05:00
Andreas Enge dbbb45dd73 gnu: Remove KDE 4.
* gnu/packages/kde.scm (qjson): Move from here...
* gnu/packages/qt.scm (qjson): ...to here.
* gnu/packages/pumpio.scm: Drop inclusion of (gnu packages kde).
* gnu/packages/kde.scm: Delete file.
* gnu-system.am (GNU_SYSTEM_MODULES): Unregister it.
* gnu/packages/rdf.scm (soprano): Delete variable.

KDE 4 relies on Qt 4, which does not receive security updates any more.
2016-02-22 21:30:56 +01:00
Mark H Weaver 5879f0d649 gnu: qemu: Add fixes for CVE-2015-8619, CVE-2016-1981, CVE-2016-2197.
* gnu/packages/patches/qemu-CVE-2015-8619.patch,
  gnu/packages/patches/qemu-CVE-2016-1981.patch,
  gnu/packages/patches/qemu-CVE-2016-2197.patch,
  gnu/packages/patches/qemu-usb-ehci-oob-read.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/qemu.scm (qemu)[source]: Add patches.
2016-02-22 10:26:22 -05:00
Leo Famulari 4e58a402ff gnu: cpio: Add fix for CVE-2016-2037.
* gnu/packages/patches/cpio-CVE-2016-2037.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/cpio.scm (cpio)[source]: Add patch.
2016-02-19 18:04:15 -05:00
Mark H Weaver 3729ff4183 gnu: glibc: Add fix for CVE-2015-7547.
* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Add patch.
2016-02-19 00:42:10 -05:00
Fabian Harfert bb2fe79e6e gnu: Add mate-icon-theme.
* gnu/packages/mate.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/mate.scm (mate-icon-theme): New variable.
2016-02-17 12:14:02 +02:00
Ricardo Wurmus 469d6589e3 gnu: Add Augeas.
* gnu/packages/augeas.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
2016-02-16 14:41:25 +01:00
Pjotr Prins 552f5c009e gnu: Add slurm.
* gnu/packages/parallel.scm (slurm): New variable.
* gnu/packages/patches/slurm-configure-remove-nonfree-contribs.patch:
  New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/parallel.scm: Introduce license name space.

Co-authored-by: Andreas Enge <andreas@enge.fr>
2016-02-15 22:47:47 +01:00
Mark H Weaver 4373278ea5 gnu: libsndfile: Update to 1.0.26 [with follow-up fix CVE-2015-7805].
Note: The previous fix for CVE-2015-7805 was incomplete.

* gnu/packages/patches/libsndfile-CVE-2014-9496.patch,
  gnu/packages/patches/libsndfile-CVE-2015-7805.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Remove them.
* gnu/packages/pulseaudio.scm (libsndfile): Update to 1.0.26.
  [source]: Remove patches.
2016-02-15 02:51:35 -05:00
Jan Nieuwenhuizen a747baba00 gnu: Add ocaml-findlib.
* gnu/packages/ocaml.scm (ocaml-findlib): New variable.
* gnu/packages/patches/ocaml-findlib-make-install.patch: New file.
* gnu-system.am (dist_patch_DATA): Register it.
2016-02-13 09:15:55 +01:00
Mark H Weaver 3a7261bf96 gnu: gnupg: Add upstream fix for test failures on x86_64.
Fixes <https://debbugs.gnu.org/22558>.

* gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch: New
  file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (gnupg)[source]: Add patch.
2016-02-12 21:02:24 -05:00
Jan Nieuwenhuizen 511539ae81 gnu: Add tclxml.
* gnu/packages/patches/tclxml-3.2-install.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tcl.scm (tclxml): New variable.

Signed-off-by: Leo Famulari <leo@famulari.name>
2016-02-12 19:13:05 -05:00
Mark H Weaver 59d4cf1c58 gnu: icecat: Update bundled graphite2 to 1.3.5 for security fixes.
* gnu/packages/patches/icecat-update-graphite2.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.  Add TODO
  comment about using the system graphite2 in the future.
2016-02-11 14:59:16 -05:00
Mark H Weaver 16114c3494 gnu: mit-krb5: Update to 1.13.3; add fixes for CVE-2015-{8629,8630,8631}.
* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2696.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2697.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: Delete files.
* gnu/packages/patches/mit-krb5-CVE-2015-8629.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-8630.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-8631.patch,
  gnu/packages/patches/mit-krb5-init-context-null-spnego.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/mit-krb5.scm (mit-krb5): Update to 1.13.3.
  [source]: Update URI to download conventional .tar.gz file.  Add patches.
  [native-inputs]: Remove old patches-as-inputs.
  [arguments]: Remove hacks needed to cope with the older unconventional
  tarball that contained an inner source tarball and signature: Remove
  #:modules argument, and the custom 'unpack' and 'apply-patches' phases.
2016-02-10 10:41:11 -05:00
Christopher Allan Webber 6f74aecdb3 gnu: xdotools: Update to 3.20150503.1
* gnu/packages/xdisorg.scm (xdotools): Upgrade to 3.20150503.1.
* gnu/packages/patches/xdotool-fix-makefile.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
2016-02-06 15:39:51 -08:00
Christopher Allan Webber a05d1d82c0 gnu: Add python-pygpgme
* gnu/packages/gnupg.scm (python-pygpgme, python2-pygpgme): New variables.
* gnu/packages/patches/pygpgme-disable-problematic-tests.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
2016-02-06 11:30:35 -08:00