Commit Graph

269 Commits

Author SHA1 Message Date
Efraim Flashner edd08fb7ac
gnu: glibc@2.22: Fix security issues.
Fixes CVE-2015-{5180,7547}, CVE-2016-{3075,3706,4429}.

* gnu/packages/base.scm (glibc@2.22)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-02 21:51:35 +03:00
Efraim Flashner a0ae64a334
gnu: glibc@2.23: Fix CVE-2015-5180, CVE-2016-{3075,3706,4429}.
* gnu/packages/base.scm (glibc@2.23)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2016-3075.patch,
gnu/packages/patches/glibc-CVE-2016-3706.patch,
gnu/packages/patches/glibc-CVE-2016-4429.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-08-02 21:51:33 +03:00
Efraim Flashner 575e5e4e51
gnu: glibc@2.24: Fix CVE-2015-5180.
* gnu/packages/base.scm (glibc@2.24)[source]: Add patch.
* gnu/packages/patches/glibc-CVE-2015-5180.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-02 21:51:31 +03:00
Ludovic Courtès 6d833b13b7
gnu: Remove glibc@2.21 and its traces.
* gnu/packages/base.scm (glibc-2.21): Remove.
* gnu/system/locale.scm (localedef-command)[maybe-version-directory]:
Remove.  Replace call with use of 'package-version'.
(single-locale-directory): Remove 'version>=' conditional.
2017-07-17 23:41:36 +02:00
Ludovic Courtès d5ec5ed719
packages: Mark 'replacement' as an "innate" field.
Suggested by Mark H Weaver
at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>.

* guix/packages.scm (<package>)[replacement]: Mark as "innate".
* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24)
(glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove
'replacement' field, which was set to #f.
* gnu/packages/commencement.scm (perl-boot0): Likewise.
* gnu/packages/fontutils.scm (graphite2/fixed): Likewise.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise.
* gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise.
* gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise.
* gnu/packages/icu4c.scm (icu4c/fixed): Likewise.
* gnu/packages/image.scm (libpng-apng): Likewise.
* gnu/packages/make-bootstrap.scm (%guile-static): Likewise.
* gnu/packages/pcre.scm (pcre/fixed): Likewise.
* gnu/packages/perl.scm (perl/fixed): Likewise.
* gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1)
(ruby-1.8): Likewise.
* gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise.
* gnu/packages/xml.scm (expat-2.2.1): Likewise.
2017-07-03 23:51:22 +02:00
Mark H Weaver ffc015bea2
gnu: glibc: Fix replacement on i686.
This is followup to 665d6a5916.
Fixes <https://bugs.gnu.org/27489>.

* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24, glibc-2.23)
(glibc-2.22): Add glibc-vectorized-strcspn-guards.patch to patches.
Move a comment where it belongs.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch: Swap with ...
* gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: ... this.
* gnu/packages/patches/glibc-vectorized-strcspn-guards.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.  Fix formatting.
2017-06-25 21:56:22 -04:00
Efraim Flashner 665d6a5916
gnu: glibc: Add mitigations for CVE-2017-1000366.
* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc-2.25-patched): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)[source]: Add patches.
[replacement]: New field.
(glibc-locales)[replacement]: New field.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Modified-By: Mark H Weaver <mhw@netris.org>
2017-06-24 02:42:37 -04:00
Mark H Weaver 56ed97c8b5
gnu: glibc-2.22: Return #t from 'fix-pwd' phase.
Based on a patch by Efraim Flashner <efraim@flashner.co.il>.

* gnu/packages/base.scm (glibc-2.22)[arguments]: Return #t from 'fix-pwd'
phase.
2017-06-24 02:42:24 -04:00
Ricardo Wurmus 441e99d433
gnu: glibc/hurd: Do not apply i686 patch.
This is a follow-up to commit c2e4f14ac8.

* gnu/packages/base.scm (glibc/hurd)[arguments]: Override pre-configure phase
with a copy that does not include the patch application.
2017-05-16 22:37:31 +02:00
Ricardo Wurmus 711a0dcefa
gnu: glibc/hurd: Use modify-phases syntax.
* gnu/packages/base.scm (glibc/hurd)[arguments]: Use modify-phases syntax.
2017-05-16 22:37:31 +02:00
Ludovic Courtès 5c6b6827e9
gnu: libiconv: Update to 1.15.
* gnu/packages/base.scm (libiconv): Update to 1.15.
2017-05-02 12:32:52 +02:00
Ricardo Wurmus c2e4f14ac8
gnu: glibc/linux: Fix build of glibc-intermediate.
This is a follow-up to commit b2fd8f6367.

* gnu/packages/base.scm (glibc/linux)[arguments]: Take patch from either
native-inputs or just inputs; fix syntax error; report errors on patch
failure.
2017-04-30 13:01:20 +02:00
Ricardo Wurmus b2fd8f6367
gnu: glibc/linux: Fix runtime crashes on i686 systems.
* gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash)[native-inputs]:
Add the patch conditionally for i686 systems.
* gnu/packages/base.scm (glibc/linux)[native-inputs]: Add the patch
conditionally for i686 systems.
[arguments]: Apply the patch conditionally on i686 systems.
2017-04-29 23:31:35 +02:00
Leo Famulari 39d2d9a7ab
Merge branch 'master' into staging 2017-04-25 14:27:03 -04:00
Ludovic Courtès fd6ec6bd99
gnu: coreutils@8.27: Do not apply 'coreutils-cut-huge-range-test.patch'.
This patch is not needed in 8.27.
Reported by Mark H Weaver <mhw@netris.org>.

* gnu/packages/base.scm (coreutils-8.27)[arguments]: New field.
2017-04-23 01:24:57 +02:00
Leo Famulari 1524851f58
Merge branch 'master' into staging 2017-04-22 18:27:12 -04:00
Marius Bakke e162050dfc
gnu: Add workaround for `date` regression in coreutils@8.26.
See <https://bugs.gnu.org/23035> and <https://bugs.gnu.org/26238>.

* gnu/packages/base.scm (coreutils-8.27): New variable.
* gnu/system.scm (%base-packages): Use that instead of COREUTILS.
2017-04-19 22:07:18 +02:00
Leo Famulari 52196aea19
gnu: tzdata: Update to 2017b.
* gnu/packages/base.scm (tzdata): Update to 2017b.
2017-04-02 20:25:42 -04:00
Marius Bakke 84157bb8bf
Merge branch 'master' into core-updates
Most conflicts are from 6fd52309b8.
2017-03-30 22:59:53 +02:00
Tobias Geerinckx-Rice 6fd52309b8
gnu: Use HTTPS for almost all gnu.org HOME-PAGEs.
All HTTP gnu.org (and supported subdomain) HOME-PAGEs changed to HTTPS.
2017-03-30 01:30:16 +02:00
Ludovic Courtès d1e3f59c9b
gnu: coreutils: Patch 'cut' unit test on ARM.
Fixes <https://bugs.gnu.org/26253>.

* gnu/packages/patches/coreutils-cut-huge-range-test.patch: New file.
* gnu/packages/base.scm (coreutils)[native-inputs]: Add it as an input.
[arguments] <#:phases>: On ARM, add 'patch-cut-test' phase.
* gnu/local.mk (dist_patch_DATA): Add 'coreutils-cut-huge-range-test.patch'.
2017-03-25 23:31:10 +01:00
Leo Famulari 3ffaec136f
gnu: Add a tzdata variant for testing purposes.
* gnu/packages/base.scm (tzdata-2017a): New variable.
* gnu/packages/glib.scm (glib)[inputs]: Remove tzdata.
[native-inputs]: Add tzdata-2017a.
[arguments]: Add tzdata-2017a to #:disallowed-references.
* gnu/packages/statistics.scm (r)[inputs]: Remove tzdata.
[native-inputs]: Add tzdata-2017a.
[arguments]: Add tzdata-2017a to #:disallowed-references.
2017-03-12 20:45:46 -04:00
Leo Famulari 8ea0700d23
gnu: tzdata: Update to 2017a.
* gnu/packages/base.scm (tzdata): Update to 2017a.
2017-03-08 18:08:19 -05:00
Efraim Flashner e747964420
gnu: coreutils: Don't run tests in parallel.
* gnu/packages/base.scm (coreutils)[arguments]: Add '#:parallel-tests? #f'
to address a race contition in the test suite.
2017-02-20 10:57:18 +02:00
Marius Bakke f3a79f88e5
gnu: grep: Update to 3.0.
* gnu/packages/base.scm (grep): Update to 3.0.
2017-02-10 16:16:17 +01:00
Efraim Flashner 7ca72ec44b
gnu: glibc: Add version 2.24.
* gnu/packages/base.scm (glibc-2.24): New variable.
2017-02-07 19:41:04 +02:00
Efraim Flashner 242c092745
gnu: glibc: Update to 2.25.
* gnu/packages/base.scm (glibc): Update to 2.25
2017-02-07 19:34:41 +02:00
Marius Bakke 0cd3e44577
gnu: grep: Update to 2.28.
* gnu/packages/base.scm (grep): Update to 2.28.
2017-02-07 17:01:23 +01:00
Marius Bakke d6592d84ca
gnu: sed: Update to 4.4.
* gnu/packages/base.scm (sed): Update to 4.4.
2017-02-04 10:49:54 +01:00
Manolis Ragkousis 82a7a8c667
gnu: coreutils: Fix cross-compilation.
* gnu/packages/patches/coreutils-fix-cross-compilation.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (coreutils)[source]: Use it.
2017-01-27 10:19:25 +02:00
Ludovic Courtès c8b44fc107
gnu: sed: Do not attempt to rebuild 'doc/sed.1'.
* gnu/packages/base.scm (sed)[arguments]: Add 'dont-rebuild-sed.1'
phase.
[native-inputs]: Remove.
2017-01-22 13:13:36 +01:00
Ludovic Courtès 8a296947a6
gnu: sed: Use the same phases whether or not we're cross-compiling.
* gnu/packages/base.scm (sed)[arguments]: Make #:phases argument
unconditional.  In 'patch-test-suite' phase, use (which "sh") instead of
referring to the "bash" input.
2017-01-22 13:13:35 +01:00
Leo Famulari e483139141
gnu: glibc/linux: Use /bin/sh instead of /bin/bash as the default shell.
* gnu/packages/base.scm (glibc/linux)[arguments]: Use /bin/sh for scripts that
lack a shebang.
2017-01-06 17:16:03 -05:00
Leo Famulari 11b6687609
gnu: glibc/linux: Don't replace 'sh' reference with 'bash'.
* gnu/packages/base.scm (glibc/linux)[arguments]: Use /bin/sh instead of
/bin/bash in 'pre-configure' phase.
2017-01-06 17:16:03 -05:00
Leo Famulari 60f3ad8c07
gnu: gnu-make: Don't replace 'sh' reference with 'bash'.
* gnu/packages/base.scm (gnu-make)[arguments]: Use /bin/sh instead of /bin/bash
in 'set-default-shell' phase.
2017-01-06 17:16:02 -05:00
Leo Famulari 74288230ea
Merge branch 'master' into core-updates 2017-01-06 17:14:41 -05:00
Marius Bakke 7d7ea947f5
gnu: sed: Update to 4.3.
* gnu/packages/base.scm (sed): Update to 4.3.
[source]: Use xz tarball. Remove upstreamed patch.
[arguments]: Fix '/bin/sh' -> 'bash' substitution.
[home-page]: Use https.
[native-inputs]: Add perl.
* gnu/packages/patches/sed-hurd-path-max.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-01-05 15:21:23 +01:00
Manolis Ragkousis 367f701379
gnu: glibc-hurd: Disable werror.
* gnu/packages/base.scm (glibc/hurd)[arguments]: Add "--disable-werror".
2017-01-03 16:00:43 +02:00
Alex Vong 20be64dcf7
gnu: tar: Fix CVE-2016-6321.
* gnu/packages/patches/tar-CVE-2016-6321.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (tar)[source]: Use it.

Signed-off-by: Leo Famulari <leo@famulari.name>
2017-01-01 20:19:36 -05:00
Manolis Ragkousis 1d9c889881
gnu: glibc-hurd: Update to 2.23.
* gnu/packages/base.scm (glibc/hurd)[version]: Update to version 2.23.
2016-12-28 21:14:20 +02:00
Efraim Flashner 78636f0b8c
gnu: grep: Update to 2.27.
* gnu/packages/base.scm (grep): Update to 2.27.
2016-12-10 22:10:30 +02:00
Ludovic Courtès f80b4d2ce0
Merge remote-tracking branch 'origin/master' into staging 2016-12-09 18:11:14 +01:00
Jan Nieuwenhuizen 4dab8c5906
gnu: Add function libiconv-if-needed.
* gnu/packages/base.scm (libiconv-if-needed): New function.
2016-12-07 10:23:16 +01:00
Efraim Flashner bec5022ffe
gnu: coreutils: Update to 8.26.
* gnu/packages/base.scm (coreutils): Update to 8.26.
2016-12-03 17:30:33 +02:00
Leo Famulari 80b63e670e
gnu: tzdata: Update to 2016j.
* gnu/packages/base.scm (tzdata): Update to 2016j.
[source]: Use HTTPS URL.
[home-page]: Use HTTPS URL.
2016-12-02 13:16:35 -05:00
Manolis Ragkousis 9b5f498def
gnu: glibc-hurd: Force mach/hurd/libpthread subdirs to build first.
* gnu/packages/base.scm (glibc/hurd)[arguments]: Replace 'build' phase.

Co-authored-by: Ludovic Court<C3><A8>s <ludo@gnu.org>
2016-11-30 15:17:38 +02:00
Efraim Flashner 51c8e2996c
gnu: sed: Use 'modify-phases' syntax.
* gnu/packages/base.scm (sed)[arguments]: Use 'modify-phases' syntax.
2016-11-27 10:25:45 +02:00
Efraim Flashner b7a5a4821f
gnu: grep: Update to 2.26.
* gnu/packages/base.scm (grep): Update to 2.26.
2016-11-27 10:23:59 +02:00
Ludovic Courtès 19ac2ba858
gnu: glibc: Add version 2.23.
* gnu/packages/base.scm (glibc-2.23): New variable.
2016-11-07 00:44:56 +01:00
Mark H Weaver 8b6ad165d1
Merge branch 'master' into core-updates 2016-11-06 03:29:06 -05:00