This addresses CVE-2018-{1060,1061,14647,1000802}.
* gnu/packages/patches/python2-CVE-2018-1000802.patch,
gnu/packages/patches/python2-CVE-2018-1060.patch,
gnu/packages/patches/python2-CVE-2018-1061.patch,
gnu/packages/patches/python2-CVE-2018-14647.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/python.scm (python-2/fixed): New variable.
(python-2.7)[replacement]: New field.
(python2-minimal): Use PACKAGE/INHERIT.
* gnu/packages/patches/python-CVE-2018-14647.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/python.scm (python-3/fixed): New variable.
(python-3.6)[replacement]: New field.
(python-minimal, python-debug, wrap-python3): Use PACKAGE/INHERIT instead of
standard inheritance.
* guix/status.scm (build-event-output-port)[guile@2.0]: Do not call 'setvbuf'
on custom binary port.
* tests/status.scm (current-build-output-port, UTF-8 + garbage)[guile@2.0]:
Use "?" in place of REPLACEMENT CHARACTER.
* gnu/packages/gnupg.scm (guile2.0-gcrypt): New variable.
* gnu/packages/guile.scm (guile2.0-sqlite3): New variable.
* gnu/packages/package-management.scm (guile2.0-guix)[propagated-inputs]: Use
them.
GStreamer moved all MPEG-1 audio (mp1, mp2, and mp3) decoders and encoders to
the group of "good" plugins in GStreamer 1.14.0. See the 'NEWS' file for more
information.
* gnu/packages/gstreamer.scm (gst-plugins-ugly)[inputs]: Remove lame, mpg123,
and twolame.
(gst-plugins-bad): Remove mpg123.
(gst-plugins-good): Add lame, mpg123, and twolame.
This allows for more accurate status tracking and parsing of extended
build traces.
* guix/status.scm (multiplexed-output-supported?): New procedure.
(print-build-event): Don't print \r when PRINT-LOG? is true.
Adjust 'build-log' handling for when 'multiplexed-output-supported?'
returns true.
(bytevector-index, split-lines): New procedures.
(build-event-output-port)[%build-output-pid, %build-output]
[%build-output-left]: New variables.
[process-line]: Handle "@ build-output" traces.
[process-build-output]: New procedure.
[write!]: Add case for when %BUILD-OUTPUT-PID is true. Use
'bytevector-index' rather than 'string-index'.
(compute-status): Add #:derivation-path->output-path. Use it.
* tests/status.scm ("compute-status, multiplexed build output"):
New test.
("build-output-port, UTF-8")
("current-build-output-port, UTF-8 + garbage"): Adjust to new
'build-log' output.
* guix/scripts/build.scm (set-build-options-from-command-line):
Pass #:multiplexed-build-output?.
(%default-options): Add 'multiplexed-build-output?'.
* guix/scripts/environment.scm (%default-options): Likewise.
* guix/scripts/pack.scm (%default-options): Likewise.
* guix/scripts/package.scm (%default-options): Likewise.
* guix/scripts/pull.scm (%default-options): Likewise.
* guix/scripts/system.scm (%default-options): Likewise.
This allows clients to tell whether output comes from the daemon or, if
it comes from a builder, from which builder it comes. The latter is
particularly useful when MAX-BUILD-JOBS > 1.
* nix/libstore/build.cc (DerivationGoal::tryBuildHook)
(DerivationGoal::startBuilder): Print the child's PID in "@ build-started"
traces.
(DerivationGoal::handleChildOutput): Define 'prefix', pass it to
'writeToStderr'.
* nix/libstore/globals.cc (Settings:Settings): Initialize
'multiplexedBuildOutput'.
(Settings::update): Likewise.
* nix/libstore/globals.hh (Settings)[multiplexedBuildOutput]: New field.
Update 'printBuildTrace' documentation.
* nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0.163.
* nix/nix-daemon/nix-daemon.cc (performOp) <wopSetOptions>: Special-case
"multiplexed-build-output" and remove "use-ssh-substituter".
* guix/store.scm (set-build-options): Add #:multiplexed-build-output?
and honor it.
(%protocol-version): Bump to #x163.
* tests/store.scm ("multiplexed-build-output"): New test.
fixlet
* gnu/packages/video.scm (x265)[source]: Update list of patches.
[arguments]: Change configure flag to ensure PIC for all architectures.
* gnu/packages/patches/x265-arm-asm-primitives.patch: Remove file.
* gnu/packages/patches/x265-detect512-all-arches.patch: New file.
* gnu/local.mk (dist_patch_DATA): Update patch registry.
* gnu/packages/fabric-management.scm (opensm): Update to 3.3.21.
[source]: Update tarball URI.
[native-inputs]: Add autoconf, automake, and libtool.
[arguments]: Rename 'doc' phase to 'install-doc'.
Omit AUTHORS and ChangeLog files. They are more than a decade old.
Fixes a regression introduced in
795d430d90 whereby 'guix describe' would
no longer display the generation number of ~/.config/guix/current.
* guix/scripts/describe.scm (guix-describe): Call 'canonicalize-profile'.
This is a followup to 8155a20907.
* guix/scripts/pull.scm (migrate-generations): Compute the right target
for /var/guix/profiles/per-user/USER/current-guix. Previously we'd
return "current-N-link" instead of "current-guix-N-link'.
Reported by Formbi on #guix.
* guix/scripts/pull.scm (migrate-generations): Use 'symlink' and
'delete-file' instead of 'rename-file'. The latter could lead to EXDEV
when $HOME and /var were different partitions.