Commit Graph

295 Commits

Author SHA1 Message Date
Mark H Weaver 6c83c48391
gnu: icecat: Update to 60.8.0-guix1 [security fixes].
Includes fixes for CVE-2019-9811, CVE-2019-11709, CVE-2019-11711,
CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717,
CVE-2019-11719, CVE-2019-11729, and CVE-2019-11730.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.8.0-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
(icecat): Refresh some stale comments.
2019-07-09 19:31:36 -04:00
Mark H Weaver c2c4ac0f69
gnu: icecat: Update to 60.7.2-guix1 [security fixes].
Includes fixes for CVE-2019-11707 and CVE-2019-11708.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.7.2-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-06-21 05:20:36 -04:00
Mark H Weaver 05947d92b6
gnu: icecat: Update to 60.7.0-guix2.
This includes updates to bundled extensions from the upstream
GNU IceCat 60.7.0-gnu1 release.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.7.0-guix2.
(icecat-source)[upstream-icecat-base-version]: Update to 60.7.0.
[upstream-icecat-source, gnuzilla-source]: Update hashes.
[origin]: Remove the substitutions that dealt with debian-specific package
code in the makeicecat script, since that code has been removed upstream.
(icecat)[arguments]: Adapt the 'install-desktop-entry' phase to avoid using
the Debian desktop file, which is no longer included in the IceCat sources.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to upstream changes.
2019-06-04 04:21:52 -04:00
Mark H Weaver 865f5d8914
gnu: icecat: Update to 60.7.0-guix1 [security fixes].
Includes fixes for CVE-2018-18511, CVE-2019-5798, CVE-2019-7317,
CVE-2019-9797, CVE-2019-9800, CVE-2019-9815, CVE-2019-9816,
CVE-2019-9817, CVE-2019-9818, CVE-2019-9819, CVE-2019-9820,
CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11694, and
CVE-2019-11698.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.7.0-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-05-22 14:02:28 -04:00
Mark H Weaver 2fb31fd6a2
gnu: icecat: Update to 60.6.3-guix1.
* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.6.3-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-05-16 20:35:31 -04:00
Ivan Petkov e88735b45f
build/cargo-utils: Remove "src-name" parameter.
* gnu/packages/gnuzilla.scm (icecat)[arguments]<#:phases>
[patch-cargo-checksums]: Delete "null-file" variable.
* gnu/packages/rust.scm (%cargo-reference-project-file): Delete variable.
* gnu/packages/rust.scm (rust-1.19): Remove reference to
"%cargo-reference-project-file".
* guix/build/cargo-utils.scm (generate-checksums): Remove "src-name"
parameter.

Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
2019-05-10 00:44:08 +02:00
Mark H Weaver 46ce12d0a3
gnu: icecat: Move the snippet and patches out of the 'source'.
This commit changes the 'source' field of the 'icecat' package to
simply be 'icecat-source', which aims to be suitable for use on any
system that IceCat supports.

* gnu/packages/gnuzilla.scm (icecat)[source]: Change to simply
be 'icecat-source'.
[native-inputs]: Add 'patch', along with the Guix-specific patches
that were previously applied within 'source'.
[arguments]: Remove the 'ensure-no-mtimes-pre-1980' phase.
Add 'apply-guix-specific-patches' and 'remove-bundled-libraries'
phases.  Touch 'configure' in the bootstrap phase.  Return #t from
the 'augment-CPLUS_INCLUDE_PATH' phase.  Reindent.
2019-05-06 10:33:20 -04:00
Mark H Weaver 3e605b6998
gnu: icecat-source: Make sure 'makeicecat' is the right version.
* gnu/packages/gnuzilla.scm (icecat-source): Check to make sure the
value of FFMAJOR in the 'makeicecat' script matches the major version
of IceCat being generated.
2019-05-06 10:33:18 -04:00
Mark H Weaver ebff346945
gnu: icecat: Update to 60.6.2-guix1.
* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.6.2-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-05-06 10:33:12 -04:00
Clément Lassieur 747c8f2a20
gnu: mozjs-38: Fix URI.
* gnu/packages/gnuzilla.scm (mozjs-38): Fix URI.
2019-04-27 11:59:49 +02:00
Ludovic Courtès aff0cce917
gnu: Move nss & co. to nss.scm.
* gnu/packages/gnuzilla.scm (nspr, nss): Move to...
* gnu/packages/nss.scm: ... here.  New file.
* gnu/packages/chromium.scm, gnu/packages/disk.scm,
gnu/packages/freedesktop.scm, gnu/packages/gnome.scm,
gnu/packages/gnunet.scm, gnu/packages/java.scm,
gnu/packages/libreoffice.scm, gnu/packages/linux.scm,
gnu/packages/mate.scm, gnu/packages/openldap.scm,
gnu/packages/package-management.scm, gnu/packages/password-utils.scm,
gnu/packages/polkit.scm, gnu/packages/qt.scm,
gnu/packages/sssd.scm, gnu/packages/storage.scm,
gnu/packages/vpn.scm, gnu/packages/web.scm, gnu/packages/xml.scm: Adjust
accordingly.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add nss.scm.
2019-04-04 17:47:02 +02:00
Mark H Weaver 4518a9dfa8
gnu: icecat: Update to 60.6.1-guix1 [security fixes].
Includes fixes for CVE-2019-9810 and CVE-2019-9813.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.6.1-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-03-25 05:23:39 -04:00
Mark H Weaver 6d96a4f769
gnu: icecat: Update to 60.6.0-guix1 [security-fixes].
Includes fixes for CVE-2018-18506, CVE-2019-9788, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9794, CVE-2019-9795,
CVE-2019-9796, and CVE-2019-9801.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.6.0-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-03-19 22:36:44 -04:00
Mark H Weaver 8cf160e122
gnu: icecat: Improve computed 'icecat-source' tarball.
* gnu/packages/gnuzilla.scm (icecat-source): When packing the new IceCat
tarball, set the mtime of archived files to early 1980.  Remove useless
'string-append' applied to one argument.
2019-03-19 22:36:37 -04:00
ng0 47956fa0c2
Correct name and email address for ng0.
* .mailmap, Makefile.am, doc/guix.de.texi, doc/guix.fr.texi,
doc/guix.texi, etc/completion/fish/guix.fish,
gnu/packages/accessibility.scm, gnu/packages/admin.scm,
gnu/packages/audio.scm, gnu/packages/autotools.scm,
gnu/packages/cdrom.scm, gnu/packages/check.scm,
gnu/packages/cinnamon.scm, gnu/packages/compression.scm,
gnu/packages/crypto.scm, gnu/packages/databases.scm,
gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/elixir.scm,
gnu/packages/emacs-xyz.scm, gnu/packages/emacs.scm,
gnu/packages/enlightenment.scm, gnu/packages/erlang.scm,
gnu/packages/fonts.scm, gnu/packages/fontutils.scm,
gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm,
gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm,
gnu/packages/gnupg.scm, gnu/packages/gnuzilla.scm, gnu/packages/gtk.scm,
gnu/packages/guile-wm.scm,gnu/packages/guile-xyz.scm,
gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm,
gnu/packages/haskell.scm, gnu/packages/image-viewers.scm,
gnu/packages/image.scm, gnu/packages/irc.scm,
gnu/packages/language.scm, gnu/packages/libcanberra.scm,
gnu/packages/linux.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm,
gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm,
gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm,
gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm,
gnu/packages/ncurses.scm, gnu/packages/networking.scm,
gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm,
gnu/packages/perl-check.scm, gnu/packages/perl.scm,
gnu/packages/python-compression.scm, gnu/packages/python-crypto.scm,
gnu/packages/python-web.scm, gnu/packages/python-xyz.scm,
gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm,
gnu/packages/rust.scm, gnu/packages/scheme.scm,
gnu/packages/serialization.scm, gnu/packages/shells.scm,
gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm,
gnu/packages/telephony.scm, gnu/packages/text-editors.scm,
gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm,
gnu/packages/tor.scm, gnu/packages/version-control.scm,
gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm,
gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm,
gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm,
gnu/services/desktop.scm, gnu/services/version-control.scm,
gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm:
Correct name and email address for ng0.

Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
2019-03-18 15:05:08 +01:00
Ivan Petkov 7d141788b1
gnu: rust: Factor out "cargo-utils" from "cargo-build-system".
* guix/build/cargo-utils.scm: New file.
* Makefile.am (MODULES): Add it.
* guix/build-system/cargo.scm (%cargo-utils-modules): New variable.
(%cargo-build-system-modules): Use it.
* guix/build/cargo-build-system.scm (file-sha256, generate-checksums): Move
from here...
* guix/build/cargo-utils.scm: ...to here.
* gnu/packages/rust.scm (rust-1.19.0)[arguments]<#:imported-modules>: Use
%cargo-utils-modules.
<#:phases>[patch-cargo-checksums]: Use (guix build cargo-utils).
* gnu/packages/gnuzilla.scm (icecat):
[arguments]<#:imported-modules>: Use %cargo-utils-modules.
<#phases>[patch-cargo-checksums]: import (guix build cargo-utils).

Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
2019-03-01 08:20:50 +01:00
Marius Bakke 2a1ec7bcf4
gnu: icecat, ungoogled-chromium: Disable grafts on source derivation.
* gnu/packages/chromium.scm (computed-origin-method): Pass #:graft? #f to
GEXP->DERIVATION.
* gnu/packages/gnuzilla.scm (computed-origin-method): Likewise.
2019-02-22 17:10:24 +01:00
Mark H Weaver 54bee9ea2e
gnu: icecat: Update to 60.5.1-guix1 [security-fixes].
Includes fixes for CVE-2018-18335, CVE-2018-18356, and CVE-2019-5785.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.5.1-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
2019-02-15 23:32:42 -05:00
Marius Bakke 037d591367
gnu: libvpx: Update to 1.8.0.
* gnu/packages/patches/gst-plugins-good-libvpx-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/video.scm (libvpx): Update to 1.8.0.
[source](patches): Remove obsolete patch.
(libvpx-1.7): New public variable.
* gnu/packages/gnuzilla.scm (icecat)[inputs]: Use LIBVPX-1.7 instead of LIBVPX.
* gnu/packages/gstreamer.scm (gst-plugins-good)[source](patches): New field.
[arguments]: Add #:make-flags.
2019-02-09 20:58:15 +01:00
Marius Bakke 0747328e31
Merge branch 'master' into staging 2019-01-31 23:32:56 +01:00
Mark H Weaver 24886c1389
gnu: icecat: Update to 60.5.0-guix1 [security-fixes].
Includes fixes for CVE-2018-18500, CVE-2018-18501, and CVE-2018-18505.

* gnu/packages/gnuzilla.scm (icecat): Update to 60.5.0-guix1.
[version]: Use %icecat-version.
[source]: Inherit from 'icecat-source'.  Remove obsolete patches.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch,
gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch,
gnu/packages/patches/icecat-use-system-media-libs.patch: Adapt to 60.5.0.
2019-01-29 22:29:42 -05:00
Mark H Weaver 948879eeda
gnu: icecat: Add icecat-source.
* gnu/packages/gnuzilla.scm (computed-origin-method): New variable.
(%icecat-version, icecat-source): New variables.
* gnu/packages/patches/icecat-makeicecat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2019-01-29 22:29:40 -05:00
Ludovic Courtès 3e2d4e69c3
Merge branch 'master' into staging 2019-01-20 22:12:10 +01:00
Ricardo Wurmus 204cfbe1f4
gnu: Add mozjs-60.
* gnu/packages/gnuzilla.scm (mozjs-60): New variable.
2019-01-18 20:32:12 +01:00
Ricardo Wurmus 6cc147a31b
gnu: mozjs-52: Add configure flag to prevent crash.
* gnu/packages/gnuzilla.scm (mozjs-52)[arguments]: Pass "--disable-jemalloc"
to prevent crashes in gnome-shell.
2019-01-18 20:32:04 +01:00
Ricardo Wurmus cd0322a3ef
gnu: Move sqlite to separate module.
* gnu/packages/databases.scm (sqlite, sqlite-3.26.0, sqlite-with-fts5,
sqlite-with-column-metadata): Move variables from here...
* gnu/packages/sqlite.scm: ...to this new module.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/apl.scm,
gnu/packages/bittorrent.scm,
gnu/packages/calendar.scm,
gnu/packages/code.scm,
gnu/packages/crypto.scm,
gnu/packages/databases.scm,
gnu/packages/dc.scm,
gnu/packages/disk.scm,
gnu/packages/ebook.scm,
gnu/packages/education.scm,
gnu/packages/emacs.scm,
gnu/packages/emulators.scm,
gnu/packages/file-systems.scm,
gnu/packages/freedesktop.scm,
gnu/packages/ftp.scm,
gnu/packages/games.scm,
gnu/packages/geo.scm,
gnu/packages/gnome.scm,
gnu/packages/gnunet.scm,
gnu/packages/gnupg.scm,
gnu/packages/gnuzilla.scm,
gnu/packages/gps.scm,
gnu/packages/guile.scm,
gnu/packages/ibus.scm,
gnu/packages/kerberos.scm,
gnu/packages/kodi.scm,
gnu/packages/lisp.scm,
gnu/packages/mail.scm,
gnu/packages/messaging.scm,
gnu/packages/mpd.scm,
gnu/packages/music.scm,
gnu/packages/networking.scm,
gnu/packages/nfs.scm,
gnu/packages/ocaml.scm,
gnu/packages/package-management.scm,
gnu/packages/pdf.scm,
gnu/packages/photo.scm,
gnu/packages/php.scm,
gnu/packages/python.scm,
gnu/packages/qt.scm,
gnu/packages/ruby.scm,
gnu/packages/scheme.scm,
gnu/packages/sync.scm,
gnu/packages/syndication.scm,
gnu/packages/version-control.scm,
gnu/packages/video.scm,
gnu/packages/web-browsers.scm,
gnu/packages/webkit.scm: Adjust module references.
2019-01-16 16:08:22 +01:00
Ricardo Wurmus 44d10b1f72
gnu: Separate Python core packages from the rest.
* gnu/packages/python.scm: Move hundreds of package definitions from here...
* gnu/packages/python-xyz.scm: ...to this new module.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/ada.scm,
gnu/packages/admin.scm,
gnu/packages/android.scm,
gnu/packages/audio.scm,
gnu/packages/backup.scm,
gnu/packages/benchmark.scm,
gnu/packages/bioinformatics.scm,
gnu/packages/bittorrent.scm,
gnu/packages/calendar.scm,
gnu/packages/check.scm,
gnu/packages/chemistry.scm,
gnu/packages/cluster.scm,
gnu/packages/compression.scm,
gnu/packages/connman.scm,
gnu/packages/crypto.scm,
gnu/packages/cups.scm,
gnu/packages/databases.scm,
gnu/packages/dav.scm,
gnu/packages/direct-connect.scm,
gnu/packages/disk.scm,
gnu/packages/django.scm,
gnu/packages/dlang.scm,
gnu/packages/docker.scm,
gnu/packages/ebook.scm,
gnu/packages/elf.scm,
gnu/packages/emacs.scm,
gnu/packages/emulators.scm,
gnu/packages/engineering.scm,
gnu/packages/enlightenment.scm,
gnu/packages/finance.scm,
gnu/packages/fltk.scm,
gnu/packages/fontutils.scm,
gnu/packages/freedesktop.scm,
gnu/packages/game-development.scm,
gnu/packages/games.scm,
gnu/packages/geo.scm,
gnu/packages/gl.scm,
gnu/packages/glib.scm,
gnu/packages/gnome.scm,
gnu/packages/gnupg.scm,
gnu/packages/gnuzilla.scm,
gnu/packages/graph.scm,
gnu/packages/graphics.scm,
gnu/packages/graphviz.scm,
gnu/packages/gtk.scm,
gnu/packages/ham-radio.scm,
gnu/packages/image-processing.scm,
gnu/packages/image-viewers.scm,
gnu/packages/image.scm,
gnu/packages/irc.scm,
gnu/packages/jrnl.scm,
gnu/packages/julia.scm,
gnu/packages/kde-frameworks.scm,
gnu/packages/key-mon.scm,
gnu/packages/libffi.scm,
gnu/packages/libreoffice.scm,
gnu/packages/libusb.scm,
gnu/packages/lirc.scm,
gnu/packages/logging.scm,
gnu/packages/machine-learning.scm,
gnu/packages/mail.scm,
gnu/packages/mate.scm,
gnu/packages/maths.scm,
gnu/packages/medical.scm,
gnu/packages/messaging.scm,
gnu/packages/monitoring.scm,
gnu/packages/mp3.scm,
gnu/packages/mpd.scm,
gnu/packages/music.scm,
gnu/packages/networking.scm,
gnu/packages/nutrition.scm,
gnu/packages/openldap.scm,
gnu/packages/openstack.scm,
gnu/packages/package-management.scm,
gnu/packages/password-utils.scm,
gnu/packages/patchutils.scm,
gnu/packages/pdf.scm,
gnu/packages/photo.scm,
gnu/packages/polkit.scm,
gnu/packages/protobuf.scm,
gnu/packages/python-crypto.scm,
gnu/packages/python-web.scm,
gnu/packages/qt.scm,
gnu/packages/rdf.scm,
gnu/packages/ruby.scm,
gnu/packages/search.scm,
gnu/packages/selinux.scm,
gnu/packages/serialization.scm,
gnu/packages/shells.scm,
gnu/packages/simulation.scm,
gnu/packages/ssh.scm,
gnu/packages/statistics.scm,
gnu/packages/storage.scm,
gnu/packages/sync.scm,
gnu/packages/terminals.scm,
gnu/packages/textutils.scm,
gnu/packages/time.scm,
gnu/packages/tls.scm,
gnu/packages/tor.scm,
gnu/packages/tryton.scm,
gnu/packages/version-control.scm,
gnu/packages/video.scm,
gnu/packages/virtualization.scm,
gnu/packages/vpn.scm,
gnu/packages/web-browsers.scm,
gnu/packages/web.scm,
gnu/packages/wicd.scm,
gnu/packages/xdisorg.scm,
gnu/packages/xorg.scm: Update module references.
2019-01-15 14:46:44 +01:00
Marius Bakke 02bf685d00
Merge branch 'master' into staging 2018-12-23 23:26:04 +01:00
Ludovic Courtès f5301f005a
gnu: Remove conkeror.
* gnu/packages/conkeror.scm: Remove.
* gnu/local.mk (GNU_SYSTEM_MODULES): Remove it.
* gnu/packages/gnuzilla.scm (conkeror): New variable.
2018-12-23 22:14:15 +01:00
Marius Bakke f30830b2e6
Merge branch 'master' into staging 2018-12-22 15:26:30 +01:00
Mark H Weaver 9c58001192
gnu: icecat: Remove extraneous newlines.
* gnu/packages/gnuzilla.scm (icecat)[source]: Remove extraneous newlines.
2018-12-13 00:07:58 -05:00
Marius Bakke 12878d12ac
Merge branch 'master' into staging 2018-12-12 22:00:52 +01:00
Marius Bakke 3ce60c2247
gnu: nss, nss-certs: Update to 3.41.
* gnu/packages/certs.scm (nss-certs): Update to 3.41.
* gnu/packages/gnuzilla.scm (nss): Likewise.
2018-12-12 20:49:15 +01:00
Mark H Weaver 46e613e3e5
gnu: icecat: Add fixes from upstream mozilla-esr60 [security-fixes].
Includes fixes for CVE-2018-18494 and the remaining 7 out of 10 changesets
for CVE-2018-12405.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected changesets from
the upstream mozilla-esr60 repository.
2018-12-11 23:04:31 -05:00
Mark H Weaver 29eb0bc76c
gnu: icecat: Relabel patches to reflect CVE assignments.
Document that we include fixes for CVE-2018-17466, CVE-2018-18492,
CVE-2018-18493, CVE-2018-18498, and 3 out of 10 changesets for
CVE-2018-12405.

* gnu/packages/gnuzilla.scm (icecat)[source]: Relabel patches to reflect
CVE assignments.
2018-12-11 23:04:28 -05:00
Mark H Weaver 8d956d8600
gnu: icecat: Enable Stylo CSS engine.
* gnu/packages/gnuzilla.scm (icecat)[native-inputs]: Add 'llvm-3.9.1' and
'clang-3.9.1'.
[arguments]: In the configure-flags, use quasiquote, remove "--disable-stylo",
and add "--with-clang-path=..." and "--with-libclang-path=...".
Add 'augment-CPLUS_INCLUDE_PATH' phase.  In the custom 'configure' phase,
set the CC environment variable to "gcc".
2018-12-11 23:04:18 -05:00
Marius Bakke 8c62baa095
gnu: nss, nss-certs: Update to 3.40.1.
* gnu/packages/certs.scm (nss-certs): Update to 3.40.1.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[arguments]: Adjust DOMSUF variable to upstream changes.
2018-12-08 19:58:06 +01:00
Ludovic Courtès bc9aa60bd5
gnu: nss: Make tests deterministic.
Tests would fail once certificates had expired, along these lines:

  chains.sh: Verifying certificate(s)  PayPalEE.cert with flags -d AllDB -pp      -o OID.2.16.840.1.114412.1.1
  vfychain -d AllDB -pp -vv      -o OID.2.16.840.1.114412.1.1  /tmp/guix-build-nss-3.39.drv-0/nss-3.39/nss/tests/libpkix/certs/PayPalEE.cert
  Chain is bad!
  PROBLEM WITH THE CERT CHAIN:
  CERT 0. PayPalEE :
    ERROR -8181: Peer's Certificate has expired.
  Returned value is 1, expected result is pass

Using 'faketime' allows us to get deterministic results.

* gnu/packages/gnuzilla.scm (nss)[arguments]: In 'check' phase, run
'all.sh' under 'faketime'.
[native-inputs]: Add LIBFAKETIME.
2018-11-17 19:02:18 +01:00
Mark H Weaver 717d29e25b
gnu: icecat: Add more fixes from mozilla-esr60.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes
from the upstream mozilla-esr60 source repository.
2018-11-10 20:29:19 -05:00
Mark H Weaver 3b14494616
gnu: icecat: Update to 60.3.0-gnu1.
* gnu/packages/gnuzilla.scm (icecat): Update to 60.3.0-gnu1.
[source]: Switch back to the normal source URI.  Remove patches that
are no longer applicable.
* gnu/packages/patches/icecat-CVE-2018-12383.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2018-11-10 20:28:32 -05:00
Mark H Weaver d78587edca
gnu: icecat: Add fixes from mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12389, CVE-2018-12390, CVE-2018-12391,
CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, and
CVE-2018-12397.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected changesets from the
upstream mozilla-esr60 repository.  Relabel some previously existing patches
to reflect CVE assignments.
2018-10-23 19:41:47 -04:00
Efraim Flashner 89f9df6cfd
gnu: icecat: Build with rust-1.24.
* gnu/packages/gnuzilla.scm (icecat)[native-inputs]: Use the oldest
compatable rust over newer releases when building icecat.
2018-10-14 09:42:54 +03:00
Mark H Weaver 4a5e2a90d8
gnu: icecat: Add fixes from mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12386 and CVE-2018-12387.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr60 repository.
2018-10-04 21:35:01 -04:00
Mark H Weaver 6d32887937
gnu: icecat: Rebundle NSPR and NSS [security fix].
Works around <https://bugs.gnu.org/32833>.

* gnu/packages/gnuzilla.scm (icecat)[source]: In snippet, don't remove NSS.
[inputs]: Remove 'nspr' and 'nss'.
[arguments]: Remove --with-system-{nspr,nss} from configure flags.
2018-09-25 19:59:08 -04:00
Mark H Weaver 94e96f7f68
gnu: icecat: Unbundle libevent, libogg, and libvorbis.
* gnu/packages/patches/icecat-use-system-media-libs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Add
another hunk to enable removal of libevent.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.  In the snippet, add
libevent, libogg, libvorbis, and libtremor to the list of bundled libraries to
remove.  Add a comment regarding theora.  Remove comments regarding unbundling
cairo, which is no longer supported.
[inputs]: Add libevent, libogg, and libvorbis.
[arguments]: Add --with-system-{libevent,ogg,vorbis} to configure flags.
Add custom bootstrap phase.  Add comments.
2018-09-25 19:59:06 -04:00
Mark H Weaver 257e324791
gnu: icecat: Unbundle graphite2 and harfbuzz.
* gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch: New file.
* gnu/packages/patches/icecat-use-system-graphite2.patch,
gnu/packages/patches/icecat-use-system-harfbuzz.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Update accordingly.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add new patch.  Delete
bundled graphite2 and harfbuzz in snippet.
[inputs]: Add graphite2 and harfbuzz.
[arguments]: Add --with-system-{graphite2,harfbuzz} to configure flags.
2018-09-25 19:58:58 -04:00
Mark H Weaver ae71cd8ac9
gnu: icecat: Add fixes from upstream mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12383 and CVE-2018-12385.

* gnu/packages/patches/icecat-CVE-2018-12383.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to apply
cleanly to IceCat 60.
* gnu/packages/gnuzilla.scm (mozilla-patch): Update to fetch from
mozilla-esr60.
(icecat): Add selected changesets from upstream mozilla-esr60.
2018-09-22 13:48:32 -04:00
Mark H Weaver e67ad5532f
gnu: icecat: Update to 60.2.0-gnu1 (pre-release).
* gnu/packages/gnuzilla.scm (icecat): Update to 60.2.0-gnu1.
[source]: Download pre-release from alpha.gnu.org.  Remove obsolete patches.
Comment out the code to delete the bundled copies of libevent, cairo,
harfbuzz, and graphite2.
[inputs]: Use the latest ffmpeg.  Comment out libevent, cairo, harfbuzz, and
graphite2.
[native-inputs]: Add rust and cargo.
[arguments]: Remove --enable-gio and --disable-gnomeui.  Add --disable-stylo.
Comment out --with-system-{libevent,harfbuzz,graphite2}, --enable-system-cairo.
Import %cargo-build-system-modules.  Add 'patch-cargo-checksums' phase.
* gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch,
gnu/packages/patches/icecat-bug-1413868-pt1.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2018-09-21 07:16:02 -04:00
Marius Bakke e59588482b
gnu: nss, nss-certs: Update to 3.39 [fixes CVE-2018-12384].
* gnu/packages/gnuzilla.scm (nss): Update to 3.39.
* gnu/packages/certs.scm (nss-certs): Likewise.
2018-09-01 13:26:13 +02:00
Marius Bakke 7ea90c217f
gnu: nspr: Update to 4.20.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.20.
2018-09-01 13:23:39 +02:00