Includes fixes for CVE-2018-12363, CVE-2018-12364, CVE-2018-12366, the
remaining 1 out of 2 changesets for CVE-2018-5156, and the remaining 7 out
of 17 changesets for CVE-2018-5188.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from
the upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1413868-pt1.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/gcc-8-strmov-store-file-names.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gcc.scm (gcc-8): New public variable.
This is a follow-up to commit 18ab54d4a2
and fixes a regression introduced by Nyx 2.0.4 + Python 3.
* gnu/packages/tor.scm (nyx)[source]: Add patch.
* gnu/packages/patches/nyx-show-header-stats-with-python3.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/ocaml-enable-ocamldoc-reproducibility.patch: New
file.
* gnu/packages/ocaml.scm (ocaml)[origin]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/openblas-fix-tests-i686.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/maths.scm (openblas)[native-inputs]: Add it.
[arguments]: Add phase to apply it on i686 systems only.
* gnu/packages/games.scm (mrrescue)[arguments]: Extract & patch the game
data, and point ‘love’ to this modified copy. Minor cosmetic tweaks.
[native-inputs]: Add unzip, patch, and the love-11.patch which is...
* gnu/packages/patches/mrrescue-support-love-11.patch: ...a new file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/qemu-CVE-2018-11806.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (qemu)[source]: Use it.
eb6a5dab5c (gnu: zathura: Update to 0.3.9)
silently broke Zathura's (Guix-specific) ZATHURA_PLUGIN_PATH mechanism.
My environment was so filthy that all happened to work just fine, but as
usual Marius was right and the patch needed tweaking.
* gnu/packages/patches/zathura-plugindir-environment-variable.patch:
Tweak.
* gnu/packages/patches/upx-protect-against-bad-crafted-input.patch: New file.
* gnu/packages/compression.scm (upx)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/perl.scm (perl-5.26.2)[source](patches): Use it.
* gnu/packages/patches/binutils-aarch64-symbol-relocation.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm (binutils/fixed): New public variable.
* gnu/packages/linux.scm (make-linux-libre)[native-inputs]: On aarch64, define
new ld-wrapper with the above binutils and use it.
* gnu/packages/patches/bind-CVE-2018-5738.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/dns.scm (isc-bind)[source]: Use it.
Previously, due to issues in the erlang package, many tests would fail, and
the package would also nondeterministically fail to build. This is now
fixed (by patching occurrences of /bin/sh in the erlang package), so all the
tests can be run.
* gnu/packages/elixir.scm (elixir)[source]: Remove patches.
[arguments]: Remove the fix-or-disable-tests phase. Add a new set-home phase
to set the HOME environment variable prior to running the tests.
* gnu/packages/patches/elixir-disable-failing-tests.patch: Delete this file.
* gnu/local.mk: Remove now deleted patch.
* gnu/packages/patches/gnupg-1.4-CVE-2018-12020.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (gnupg-1)[source]: Use it.
Reported by Mark H Weaver <mhw@netris.org>
at <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=31708#10>.
* gnu/packages/patches/doxygen-gcc-ice.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/documentation.scm (doxygen)[inputs]: Add "gcc-ice-patch"
on armhf-* only.
[arguments]: Add 'apply-gcc-patch' phase on armhf-* only.
* gnu/packages/patches/opensmtpd-fix-crash.patch: New patch.
* gnu/packages/mail.scm (opensmtpd)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
Works around <https://bugs.gnu.org/31708>.
* gnu/packages/patches/perf-gcc-ice.patch: New patch.
* gnu/packages/linux.scm (perf)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/emacs.scm (emacs): Update to 26.1,
[arguments]: disable tests as they do not exist in release.
* gnu/packages/patches/emacs-fix-scheme-indent-function.patch: Update patch
indentation and line numbers.
* gnu/packages/emacs.scm (emacs): Update to 26.1,
[arguments]: disable tests as they do not exist in release.
* gnu/packages/patches/emacs-fix-scheme-indent-function.patch: Update patch
indentation and line numbers.
The update to Qt 5.11.0 broke libmygpo-qt. It turned it was using a deprecated
CMake function (qt5_use_moduldes). Let's pick up two upstream patches that
fix the issue: https://github.com/gpodder/libmygpo-qt/pull/15
As mentioned in the the pull request, there is now a test failure but it looks
harmless.
* gnu/packages/patches/libmygpo-qt-fix-qt-5.11.patch,
gnu/packages/patches/libmygpo-qt-missing-qt5-modules.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/music.scm (libmygpo-qt)[source]: Add patches.
[arguments]: Build tests but do not run them.
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
* gnu/packages/patches/alsa-lib-add-environment-variable.patch: New
file.
* gnu/packages/linux.scm (alsa-lib)[source]: Use it.
[native-search-paths]: Add ALSA_PLUGIN_DIR.
* gnu/local.mk (dist_patch_DATA): Add it.
Document the fact that we include fixes for CVE-2018-5154, CVE-2018-5155,
CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178,
and 9/10 changesets for CVE-2018-5150.
* gnu/packages/gnuzilla.scm (icecat)[source]: Relabel patches to reflect CVE
assignments.
* gnu/packages/patches/icecat-bug-1452075.patch: Rename to...
* gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch: ...this.
* gnu/local.mk (dist_patch_DATA): Rename it.
* gnu/packages/patches/libutils-add-includes.patch: New file.
* gnu/packages/patches/libutils-remove-damaging-includes.patch: New file.
* gnu/packages/android.scm (android-platform-system-core): Use them.
(android-libutils): New variable.
* gnu/local.mk: Add them.
* gnu/packages/android.scm (android-libziparchive): New variable.
* gnu/packages/patches/libziparchive-add-includes.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/wesnoth-fix-std-bad-cast.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/games.scm (wesnoth): Update to 1.14.0.
[source]: Add wesnoth-fix-std-bad-cast.patch to patches.
[arguments]: Remove "-DENABLE_STRICT_COMPILATION=OFF" configure flag.
[inputs]: Remove sdl-image, sdl-mixer, sdl-net and sdl-ttf. Add openssl and
sdl-union of sdl2, sdl2-image, sdl2-mixer and sdl2-ttf.
[home-page]: Use HTTPS URI.
(wesnoth-server)[inputs]: Remove sdl-net. Add icu4c, openssl and sdl2.
[arguments]: Remove delete-data phase. Since wesnoth 1.14.0, configure flag
"-DENABLE_GAME=OFF" disables installation of game assets.
* gnu/packages/patches/strace-kernel-4.16.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/linux.scm (strace)][source](patches): New field.
* gnu/packages/gimp.scm (gegl): Update to 0.4.
[inputs]: Move babl and glib to propagated-inputs.
[propagated-inputs]: Add json-glib.
[arguments]: Re-enable the tests and remove the obsolete 'pre-build'
phase.
[source]: Use HTTPS URL.
* gnu/packages/patches/gegl-CVE-2012-4433.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/networking.scm (amule): New public variable.
* gnu/packages/patches/amule_crypto-6.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes
from the upstream mozilla-esr52 repository.
* gnu/packages/patches/icecat-bug-1452075.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/package/java.scm (java-apache-ivy): New variable.
* gnu/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/qemu-CVE-2018-7550.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (qemu)[source]: Use it.
* gnu/packages/music.scm (libmygpo-qt): Update to 1.1.0.
[source]: Remove 'patches'.
[arguments]: Do not set BUILD_WITH_QT4=OFF, it is the default.
* gnu/packages/patches/libmygpo-qt-fix-jsoncreatortest.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Adjust.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/packages/patches/sharutils-CVE-2018-1000097.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (sharutils)[source](patches): Use it.
* gnu/packages/patches/mupen64plus-video-z64-glew-correct-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/emulators.scm (mupen64plus-video-z64)[source]: Use it.
* gnu/packages/patches/datamash-arm-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/datamash.scm (datamash)[source]: Use it.
* gnu/packages/patches/boost-fix-icu-build.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/boost.scm (boost)[source]: Add the patch.
[arguments]: In the custom configure phase, pass --with-icu=[...]
to ./bootstrap.sh
* gnu/packages/patches/gnu/packages/patches/racket-fix-xform-issue.patch:
Renamed from gnu/packages/patches/racket-minus_zero_p-disable-xform.patch.
Switch to upstream patch in Racket.
* gnu/packages/scheme.scm (racket): Update to renamed patch.
* gnu/packages/patches/glibc-reinstate-prlimit64-fallback.patch: New file.
* gnu/packages/base.scm (glibc/linux)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
This placates 'assert-no-store-file-names', which would prevent
'make dist' from succeeding.
* gnu/packages/patches/libgnomeui-utf8.patch: Replace store file names
with ellipses.
* gnu/packages/bioinformatics.scm (delly): New variable.
* gnu/packages/patches/delly-use-system-libraries.patch: New file.
* gnu/local.mk: Include delly-use-system-libraries.patch.
Signed-off-by: Leo Famulari <leo@famulari.name>
* gnu/packages/patches/elogind-glibc-2.27.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/freedesktop.scm (elogind)[source]: Add patch.
[arguments]: Replace the bootstrap phase with what was previously the
autogen phase.
* gnu/packages/patches/make-glibc-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm (gnu-make)[source](patches): Use it.
Fixes <https://bugs.gnu.org/30395>.
* gnu/packages/patches/gcc-strmov-store-file-names.patch: Update patch
to deal with string constants stored in 'static' variables.
* gnu/packages/patches/guile-gdbm-ffi-support-gdbm-1.14.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/guile.scm (guile-gdbm-ffi)[inputs]: Move above arguments. Add
the patch, and the 'patch' program.
[propagated-inputs]: Move above arguments.
[arguments]: In the builder, add code to apply the patch.