Commit Graph

186 Commits

Author SHA1 Message Date
Mark H Weaver 52009dc3bd
gnu: icecat: Add more fixes from upstream mozilla-esr52.
Includes fixes for CVE-2018-5104, CVE-2018-5097, CVE-2018-5099, and the
remaining 7 out of 21 changesets for CVE-2018-5089.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.  Remove the local spectre mitigation patch
in favor of the (identical) changeset from upstream.
* gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch: Delete.
* gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-24 05:59:01 -05:00
Mark H Weaver c1c2e1d72b
gnu: icecat: Relabel patches to reflect CVE assignments.
Document that our existing patches include fixes for CVE-2018-5091,
CVE-2018-5095, CVE-2018-5096, CVE-2018-5098, CVE-2018-5102, CVE-2018-5103,
CVE-2018-5117, and 14 out of 21 changesets for CVE-2018-5089.

* gnu/packages/gnuzilla.scm (icecat)[sources]: Relabel patches to reflect CVE
assignments.
2018-01-24 05:58:55 -05:00
Mark H Weaver c23243fccd
gnu: icecat: Add more fixes, including Spectre mitigation.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add more fixes from the
upstream mozilla-esr52 repository, plus a backported mitigation for
Spectre from Firefox 57.0.4.
* gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2018-01-06 15:04:10 -05:00
Mark H Weaver e8e860a559
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1414945.patch,
gnu/packages/patches/icecat-bug-1424373-pt2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-12-26 22:53:02 -05:00
Mark H Weaver 145a5310cd
gnu: icecat: Fix CVE-2017-7843.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add upstream fix for
CVE-2017-7843.
2017-12-09 03:55:47 -05:00
Tobias Geerinckx-Rice e26e55c86c
gnu: nss: Mark up description.
* gnu/packages/gnuzilla.scm (nss)[description]: Use @dfn.
2017-11-21 02:53:00 +01:00
Marius Bakke a93447b89a
gnu: nss, nss-certs: Update to 3.34.
* gnu/packages/certs.scm (nss-certs): Update to 3.34.
* gnu/packages/gnuzilla.scm (nss): Update to 3.34.
2017-11-19 13:19:14 +01:00
ng0 c146314566
Update email address for ng0. 2017-11-19 12:13:43 +02:00
Mark H Weaver f1e3214534
gnu: icecat: Add more fixes from upstream mozilla-esr52.
Add fixes for CVE-2017-7830, the remaining 1/2 changesets for CVE-2017-7828,
the remaining 1/19 changesets for CVE-2017-7826, and selected other fixes.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1348660-pt5.patch,
gnu/packages/patches/icecat-bug-1415133.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-11-16 00:01:46 -05:00
Mark H Weaver 6a71fa6faa
gnu: icecat: Label patches to reflect CVE assignments.
Document that we include 18/19 changesets for CVE-2017-7826, and 1/2
changesets for CVE-2017-7828.

* gnu/packages/gnuzilla.scm (icecat)[source]: Rename patches to reflect CVE
assignments.
2017-11-16 00:01:21 -05:00
Mark H Weaver f7ddf99696
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2017-10-29 15:29:18 -04:00
Mark H Weaver bb234ed825
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2017-10-23 00:51:34 -04:00
Mark H Weaver 464a2889c9
gnu: icecat: Add more fixes from upstream mozilla-esr52.
Includes fixes for CVE-2017-7793, CVE-2017-7805, CVE-2017-7819, CVE-2017-7823,
and the remaining 3 out of 8 changesets for CVE-2017-7810.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2017-09-29 05:37:10 -04:00
Mark H Weaver 3fd2f86a3f
gnu: icecat: Rename patches to reflect CVE assignments.
Document the fact that we include fixes for CVE-2017-7814 and 5 out of 8
changesets for CVE-2017-7810.

* gnu/packages/gnuzilla.scm (icecat)[source]: Rename some patches to reflect
CVE assignments.
2017-09-29 05:37:04 -04:00
Marius Bakke 40f1694778
gnu: nss, nss-certs: Update to 3.33.
* gnu/packages/gnuzilla.scm (nss): Update to 3.33.
* gnu/packages/certs.scm (nss-certs): Likewise.
2017-09-20 16:58:04 +02:00
Marius Bakke ad7a73a9d7
gnu: nspr: Update to 4.17.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.17.
2017-09-20 16:57:40 +02:00
Mark H Weaver 3c7c916161
gnu: icecat: Update to 52.3.0-gnu1 and add more upstream fixes.
* gnu/packages/gnuzilla.scm (icecat): Update to 52.3.0-gnu1.
[source]: Remove outdated patches and add more selected fixes from
upstream mozilla-esr52.
2017-09-02 19:50:58 -04:00
Mark H Weaver ea0277abcd
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add fixes for CVE-2017-7802,
CVE-2017-7803, CVE-2017-7807, and the remaining 6 out of 23 changesets for
CVE-2017-7779.
2017-08-09 13:16:52 -04:00
Mark H Weaver 12025fb9b0
gnu: icecat: Rename patches to reflect CVE assignments.
Document that our existing patches include fixes for CVE-2017-7753,
CVE-2017-7784, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792,
CVE-2017-7798, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801, and 17 out of 23
changesets for CVE-2017-7779.

* gnu/packages/gnuzilla.scm (icecat)[source]: Rename patches to reflect CVE
assignments.
2017-08-09 13:16:43 -04:00
Marius Bakke bd51224936
gnu: nss, nss-certs: Update to 3.32.
This release includes minor code changes and many certificate updates:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.32_release_notes>

* gnu/packages/certs.scm (nss-certs): Update to 3.32.
* gnu/packages/gnuzilla.scm (nss): Update to 3.32.
[arguments]: Prevent another test file from being installed.
* gnu/packages/patches/nss-pkgconfig.patch: Adjust.
2017-07-28 00:07:28 +02:00
Marius Bakke 6571754462
gnu: nspr: Update to 4.16.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.16.
2017-07-27 22:15:27 +02:00
Mark H Weaver a2bda5e4e3
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from
the upstream mozilla-esr52 repository.
2017-07-14 12:48:14 -04:00
Mark H Weaver d07d292808
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2017-06-28 06:09:59 -04:00
Arun Isaac 148585c240
gnu: Move contents of zip module into compression module.
* gnu/packages/zip.scm (zip, unzip, zziplib, perl-zip): Move to...
* gnu/packages/compression.scm: ...here.
* gnu/packages/zip.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Unregister deleted file.
* po/packages/POTFILES.in: Unregister deleted file.
* gnu/packages/{audio, avr, bioinformatics, busybox, cdrom, ci, compression,
docbook, documentation, fonts, fpga, game-development, games, gl, gnome,
gnuzilla, graphics, guile, haskell, image, java, kodi, ldc, libreoffice,
markup, maths, mc, monitoring, music, php, pretty-print, python, scheme,
smalltalk, statistics, synergy, tex, textutils, video, web-browsers, xml,
zip}.scm, guix/build-system/{ant, font}.scm, guix/{download, packages}.scm:
Adapt module import.
2017-06-20 18:10:35 +05:30
Mark H Weaver 89727ada52
gnu: icecat: Add security fixes from upstream mozilla-esr52.
This adds fixes for CVE-2017-7757, CVE-2017-7758, and the remaining
5 patches for CVE-2017-5470.

* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository, through ESR 52.2.
2017-06-14 02:23:25 -04:00
Mark H Weaver 449bff2b79
gnu: icecat: Rename patches to indicate CVE assignments.
This documents that we include fixes for the following CVEs: CVE-2017-5472,
CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754,
CVE-2017-7756, CVE-2017-7764, CVE-2017-7765, CVE-2017-7778, and that we
include 15 out of 20 patches for CVE-2017-5470.

* gnu/packages/gnuzilla.scm (icecat)[source]: Rename existing patches to
indicate their CVE assignments.
2017-06-14 02:23:18 -04:00
Marius Bakke a10040e09b
gnu: nss, nss-certs: Update to 3.31.
Release notes:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes>

* gnu/packages/certs.scm (nss-certs): Update to 3.31.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[source]<patches>: Remove upstream 'nss-disable-long-b64-tests' patch.
[arguments]<#:phases>: Move armhf timeout substitution ...
* gnu/packages/patches/nss-increase-test-timeout.patch: ... here.
* gnu/packages/patches/nss-disable-long-b64-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-12 21:31:12 +02:00
Marius Bakke c4395e782e
gnu: nspr: Update to 4.15.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.15.
2017-06-12 21:24:47 +02:00
Mark H Weaver d771ba62f8
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2017-05-27 03:06:39 -04:00
Clément Lassieur 29f381bac7
gnu: Add mozjs-38 (Mozilla SpiderMonkey 38).
* gnu/packages/gnuzilla.scm (mozjs-38): New variable.
* gnu/packages/patches/mozjs38-pkg-config-version.patch,
gnu/packages/patches/mozjs38-shell-version.patch,
gnu/packages/patches/mozjs38-tracelogger.patch,
gnu/packages/patches/mozjs38-version-detection.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Co-authored-by: ng0 <ng0@no-reply.pragmatique.xyz>
2017-05-08 17:25:44 +02:00
Mark H Weaver 0fd8e6d39f
gnu: icecat: Update to 52.1.0-gnu1. Add fixes from upstream ESR 52.1.1.
* gnu/packages/gnuzilla.scm (icecat): Update to 52.1.0-gnu1.  Remove patches
that are included in the new release.  In the snippet, don't try to remove
dom/devicestorage, which has since been removed upstream.  Add selected fixes
from upstream mozilla-esr52, up to the ESR 52.1.1 release.
* gnu/packages/patches/icecat-bug-1299500-pt10.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-05-06 23:34:54 -04:00
Mark H Weaver ee3401d018
gnu: icecat: Add more fixes from upstream mozilla-esr52.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository.
2017-05-02 04:19:03 -04:00
Marius Bakke 769df80ded
gnu: nss: Further increase test timeouts on armhf.
* gnu/packages/gnuzilla.scm (nss)[arguments]<#:phases>: Add a substitution
when target platform is armhf.
2017-04-23 11:34:45 +02:00
Clément Lassieur 6e75740f89
gnu: icecat: Fix GTK 3 file chooser crash.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: Add a 'wrap-program' phase to
set XDG_DATA_DIRS.
2017-04-21 21:05:28 +02:00
Mark H Weaver 002c3e6dd6
gnu: icecat: Update to 52.0.2-gnu1; add fixes from ESR 52.1.
* gnu/packages/gnuzilla.scm (icecat): Update to 52.0.2-gnu1.
[source]: Remove all patches except "icecat-avoid-bundled-libraries.patch".
Add selected fixes from the upstream mozilla-esr52 repository, up to 52.1.
Remove "dom/devicestorage" in the snippet.
[inputs]: Remove gstreamer and gst-plugins-base.  Add ffmpeg and gtk+3.  Move
yasm to native-inputs.
[native-inputs]: Add autoconf-2.13 and yasm.
[arguments]: In configure-flags, remove the following switches which are no
longer accepted: --enable-{pango,svg,canvas,mathml,gstreamer=1.0} and
"--disable-gnomevfs".  Use "--enable-default-toolkit=cairo-gtk3" to switch to
Gtk+3.  Remove the 'remove-h264parse-from-blacklist' phase.  Adapt the
'arrange-to-link-libxul-with-libraries-it-might-dlopen' phase as needed.  In
the 'configure' phase, set the AUTOCONF environment variable.
(mozilla-patch): Update the URL pattern to fetch from the mozilla-esr52
repository.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to mozilla-esr52.
* gnu/packages/patches/icecat-binutils.patch: Remove file.
* gnu/packages/patches/icecat-bug-1299500-pt10.patch: New file.
* gnu/local.mk (dist_patch_DATA): Remove "icecat-binutils.patch".
Add "icecat-bug-1299500-pt10.patch".
2017-04-21 00:04:45 -04:00
Mark H Weaver 6be43d95b5
gnu: nss: Disable long b64 tests.
Suggested by Marius Bakke <mbakke@fastmail.com> in
<https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00440.html>.

* gnu/packages/patches/nss-disable-long-b64-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (nss)[source]: Add patch.
2017-04-21 00:04:42 -04:00
Mark H Weaver 1aa9e42214
gnu: nss: Update to 3.30.2 [fixes CVE-2017-5461].
* gnu/packages/gnuzilla.scm (nss): Update to 3.30.2.
2017-04-21 00:04:40 -04:00
Mark H Weaver ad00ac6811
gnu: icecat: Label patches that have since been assigned CVEs.
Label patches that address the following CVEs: CVE-2017-5429, CVE-2017-5432,
CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5438,
CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443,
CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448,
CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, and CVE-2017-5469.

* gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add comments indicating
CVE assignments.
2017-04-19 20:38:24 -04:00
Marius Bakke 8bbd50e968
Revert "gnu: nss, nss-certs: Update to 3.30.1."
This version fails to build on some architectures:

https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00365.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1351459

This reverts commit 96e98d51a7.
2017-04-18 00:29:03 +02:00
Clément Lassieur 483ab08f84
gnu: icecat: Use system ICU.
* gnu/packages/gnuzilla.scm (icecat)[arguments] <#:configure-flags>: Remove
comment for "--with-system-icu".
2017-04-17 20:41:17 +02:00
Mark H Weaver d24b989424
gnu: icecat: Add more fixes from mozilla-esr45.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add fixes from the upstream
mozilla-esr45 repository.
2017-04-12 21:40:05 -04:00
Marius Bakke 96e98d51a7
gnu: nss, nss-certs: Update to 3.30.1.
* gnu/packages/certs.scm (nss-certs): Update to 3.30.1.
* gnu/packages/gnuzilla.scm (nss): Update to 3.30.1.
2017-04-09 23:52:24 +02:00
Clément Lassieur 8db947169f
gnu: icecat: Use bundled ICU to avoid crashes.
* gnu/packages/gnuzilla.scm (icecat)[arguments] <#:configure-flags>:
Temporarily comment out "--with-system-icu".
2017-04-04 20:18:38 +02:00
Clément Lassieur cca906754d
gnu: icecat: Re-enable parallel build.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: Re-enable parallel build.
2017-04-04 20:18:38 +02:00
Marius Bakke 26bad5d7eb
gnu: nss, nss-certs: Update to 3.30.
* gnu/packages/gnuzilla.scm (nss): Update to 3.30.
* gnu/packages/certs.scm (nss-certs): Update to 3.30.
* gnu/packages/patches/nss-increase-test-timeout.patch: Adjust patch context.
2017-04-03 19:25:57 +02:00
Marius Bakke 84157bb8bf
Merge branch 'master' into core-updates
Most conflicts are from 6fd52309b8.
2017-03-30 22:59:53 +02:00
Tobias Geerinckx-Rice 6fd52309b8
gnu: Use HTTPS for almost all gnu.org HOME-PAGEs.
All HTTP gnu.org (and supported subdomain) HOME-PAGEs changed to HTTPS.
2017-03-30 01:30:16 +02:00
Mark H Weaver 2abf6371cc
gnu: icecat: Add fixes from mozilla-esr45; use skia by default.
* gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add fixes from
the upstream mozilla-esr45 repository.
[arguments]: Add 'use-skia-by-default' phase.
2017-03-29 19:03:38 -04:00
Efraim Flashner 04952bd732
gnu: nspr: Use 'modify-phases' syntax.
* gnu/packages/gnuzilla.scm (nspr)[arguments]: Use 'modify-phases'
syntax.
2017-03-28 09:38:27 +03:00
Efraim Flashner 84fb4bd907
gnu: nspr: Update to 4.14.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.14.
2017-03-28 09:38:14 +03:00