Commit Graph

11164 Commits

Author SHA1 Message Date
Mark H Weaver c3499ad6b8 gnu: icecat: Add several security fixes.
* gnu/packages/patches/icecat-CVE-2015-4477.patch,
gnu/packages/patches/icecat-CVE-2015-7207.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch,
gnu/packages/patches/icecat-CVE-2016-1954.patch,
gnu/packages/patches/icecat-CVE-2016-1960.patch,
gnu/packages/patches/icecat-CVE-2016-1961.patch,
gnu/packages/patches/icecat-CVE-2016-1962.patch,
gnu/packages/patches/icecat-CVE-2016-1964.patch,
gnu/packages/patches/icecat-CVE-2016-1965.patch,
gnu/packages/patches/icecat-CVE-2016-1966.patch,
gnu/packages/patches/icecat-CVE-2016-1974.patch,
gnu/packages/patches/icecat-bug-1248851.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2016-03-10 10:52:41 -05:00
Ludovic Courtès ec278439f3 substitute: Optimize HTTP pipelining over TLS.
* guix/scripts/substitute.scm (http-multiple-get): Write the requests
to a bytevector output port before sending them.
2016-03-10 13:55:30 +01:00
Ludovic Courtès 9b7bd1b160 substitute: Add HTTPS support.
Fixes <http://bugs.gnu.org/22937>.
Reported by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'https' alongside 'http'.
Use 'open-connection-for-uri' instead of 'open-socket-for-uri'.  Call
'setvbuf' only when PORT matches 'file-port?'.
(http-multiple-get): Likewise.  Change 'base-url' parameter to
'base-uri'.
(fetch-narinfos)[do-fetch]: Add 'https' case alongside 'http'.  Pass URI
instead of URL to 'http-multiple-get'.
* doc/guix.texi (Requirements): Move GnuTLS one level higher and mention
HTTPS substitutes.
(Substitutes): Mention HTTPS and recommend it.  Explain why servers
are not authenticated.  Add "On Trusting Binaries" subsection.
2016-03-10 13:55:30 +01:00
Efraim Flashner 2f9862ffd0 gnu: isc-dhcp: Update bundled bind to 9.9.8-P4 [fixes CVE-2016-1285, CVE-2016-1286].
* gnu/packages/admin.scm (isc-dhcp): Update bundled bind to 9.9.8-P4.
2016-03-10 09:49:04 +02:00
Efraim Flashner 0d88031c2f gnu: bind-utils: Update to 9.10.3-P4 [fixes CVE-2016-1285, CVE-2016-1286].
* gnu/packages/dns.scm (bind-utils): Update to 9.10.3-P4.
2016-03-10 09:29:55 +02:00
Ricardo Wurmus 82f145ef7a gnu: custom-gcc: Delete broken or conflicting executables.
* gnu/packages/gcc.scm (custom-gcc)[arguments]: Add phase to remove
executables that are non-functional or conflict with the executables of
"gcc".
2016-03-10 07:12:27 +01:00
宋文武 ce6027bf43 gnu: nautilus: Don't propagate gtk+.
* gnu/packages/gnome.scm (nautilus): Move gtk+ from propagated-inputs to inputs.
2016-03-10 08:27:53 +08:00
Ludovic Courtès 204d34ff96 substitute: Error out on unsupported URL schemes.
Reported in <http://bugs.gnu.org/22937>
by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'else' case and call 'leave'.
2016-03-09 23:47:49 +01:00
Ludovic Courtès bec7f35214 ui: Do not call 'port-filename' on closed file ports.
* guix/ui.scm (call-with-error-handling)[port-filename*]: New
procedure.
Use it in the 'nar-error?' case.
2016-03-09 23:47:49 +01:00
Andreas Enge 8bcdc23fd0 gnu: texlive: Make texlive-bin and texlive-texmf private.
* gnu/packages/texlive.scm (texlive-bin, texlive-texmf): Define the variables
  as non-public; they should not be installed into a profile.
2016-03-09 22:36:45 +01:00
Andreas Enge fde6060347 gnu: po4a: Use texlive-minimal instead of texlive-bin.
* gnu/packages/gettext.scm (po4a)[inputs]: Replace texlive-bin by
  texlive-minimal.
2016-03-09 22:36:45 +01:00
Andreas Enge aad375c9bc gnu: statistics: Remove import of unused texlive module.
* gnu/packages/statistics.scm: Do not import (gnu packages texlive).
2016-03-09 22:36:45 +01:00
Andreas Enge 289adba7a3 gnu: gnuplot: Use texlive-minimal instead of texlive-bin.
* gnu/packages/maths.scm (gnuplot)[inputs]: Replace texlive-bin by
  texlive-minimal.
2016-03-09 22:36:45 +01:00
Tobias Geerinckx-Rice fb9ca51130 gnu: simple-scan: Update to 3.19.91.
* gnu/packages/gnome.scm (simple-scan): Update to 3.19.91.
[arguments]: Add 'clean' phase.
2016-03-09 15:55:33 -05:00
Mark H Weaver f97334220c gnu: pidgin-otr: Update to 4.0.2.
* gnu/packages/messaging.scm (pidgin-otr): Update to 4.0.2.
2016-03-09 15:51:16 -05:00
Andreas Enge 5adb3a4db4 gnu: libotr: Remove version 3.2.1.
* gnu/packages/messaging.scm (libotr-3): Remove variable.
2016-03-09 21:31:18 +01:00
Leo Famulari 89e58e8e8c libotr: Update to 4.1.1 [fixes CVE-2016-2851].
* gnu/packages/messaging.scm (libotr): Update to 4.1.1.
[native-inputs]: New field.
2016-03-09 15:19:50 -05:00
Ludovic Courtès 6da23c0429 gnu: complexity: Update to 1.9.
* gnu/packages/code.scm (complexity): Update to 1.9.
2016-03-09 15:10:20 +01:00
Ludovic Courtès f1eacbafc4 upstream: Fix 'signature-urls' coalescing.
Previously, the resulting 'signature-urls' would contain N times the
same URL.

* guix/upstream.scm (coalesce-sources): Fix TWO in 'signature-urls'.
* tests/upstream.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
2016-03-09 15:08:00 +01:00
Ludovic Courtès 1ddee42472 doc: Add note on store immutability.
* doc/guix.texi (The Store): Mention "store items" and the database
location.  Add note on the store's immutability.
2016-03-09 14:49:28 +01:00
Efraim Flashner 00eb9fa3e2 gnu: Add liblangtag.
* gnu/packages/libreoffice.scm (liblangtag): New variable.

Co-authored-by: Andreas Enge <andreas@enge.fr>
2016-03-09 14:27:19 +01:00
Andreas Enge ebc816311c gnu: libreoffice: Enable parallel build.
* gnu/packages/libreoffice.scm (libreoffice)[arguments]: Enable parallel
  build.
2016-03-09 14:27:19 +01:00
Ludovic Courtès 112024826d system: Explicitly set umask to 022 in /etc/profile.
Fixes <http://bugs.gnu.org/22650>.
Reported by myglc2 <myglc2@gmail.com>.

* gnu/system.scm (operating-system-etc-service)[profile]: Invoke
'umask'.
2016-03-08 23:30:53 +01:00
Ludovic Courtès 5284339d9d guix build: Add '--quiet'.
Fixes <http://bugs.gnu.org/19772>.
Reported by Andrei Osipov <andrspv@gmail.com>.

* guix/scripts/build.scm (show-help, %options): Add --quiet.
(guix-build): Parameterize 'current-build-output-port' accordingly.
* doc/guix.texi (Invoking guix build): Use it in example.
(Additional Build Options): Document it.
2016-03-08 22:00:17 +01:00
Ludovic Courtès efb107e0cd packages: Gracefully report packages not found.
Fixes a thinko introduced in 1b846da8c3
that would lead to a backtrace when looking for an unknown package.

* gnu/packages.scm (%find-package): Correct logic when checking for
FALLBACK?.
2016-03-08 11:48:21 +01:00
Ludovic Courtès 95cd4971d0 packages: Support the deprecated "NAME-VERSION" syntax.
Fixes a typo introduced in 1b846da8c3 that
would lead to a backtrace when using the deprecated syntax.

* gnu/packages.scm (%find-package): Turn the first argument to
'call-with-values' into a thunk.  Use #:select instead of '@' to select
the right 'package-name->name+version' procedure.
2016-03-08 11:38:46 +01:00
Ludovic Courtès 7befee308b packages: Clarify NAME-VERSION deprecation message.
* gnu/packages.scm (%find-package): Clarify message; remove trailing
period.
2016-03-08 11:36:16 +01:00
Ludovic Courtès 16210486e6 guix system: Write the GC root on the target file system.
Fixes <http://bugs.gnu.org/22802>.
Reported by Jookia <166291@gmail.com>.

* guix/scripts/system.scm (install-grub*): Prepend TARGET to GC-ROOT.
2016-03-08 11:11:28 +01:00
Ludovic Courtès 16f4acbddb emacs: Gracefully handle wrong package names passed to 'guix-edit'.
Fixes <http://bugs.gnu.org/22933>.

* emacs/guix-main.scm (package-location-string): Rewrite to handle the
case where 'packages-by-name' returns the empty list.

Co-authored-by: Mathieu Lirzin <mthl@gnu.org>
2016-03-08 11:11:28 +01:00
Efraim Flashner e224495ce1 gnu: jasper: Add fixes for CVE-2016-1577, CVE-2016-2089, CVE-2016-2116.
* gnu/packages/patches/jasper-CVE-2016-1557.patch,
gnu/packages/patches/jasper-CVE-2016-2089.patch,
gnu/packages/patches/jasper-CVE-2016-2116.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jasper)[source]: Add patches.
2016-03-08 11:54:58 +02:00
Leo Famulari 165e0382b3 gnu: libreoffice: Update to 5.0.5.2 [fixes CVE-2016-{0794, 0795}].
* gnu/packages/libreoffice.scm (libreoffice): Update to 5.0.5.2.
2016-03-07 22:55:45 -05:00
Mark H Weaver a90d24715b gnu: linux-libre: Update to 4.1.19.
* gnu/packages/linux.scm (linux-libre): Update to 4.1.19.
2016-03-07 19:17:39 -05:00
Mark H Weaver ac00a3d897 gnu: linux-libre: Update to 4.4.4.
* gnu/packages/linux.scm (linux-libre): Update to 4.4.4.
2016-03-07 19:17:39 -05:00
Ludovic Courtès ced71ac7a7 packages: Cache the result of 'input-grafts'.
This reduces the wall-clock time of

  guix environment gnutls --pure -E true

by ~35%.

* guix/packages.scm (%graft-cache): New variable.
(input-graft): Use 'cached' to cache to %GRAFT-CACHE.
2016-03-08 00:01:13 +01:00
Ludovic Courtès 9775412ee0 packages: Cache the result of 'package->bag'.
This reduces the wall-clock time of

  guix environment gnutls --pure -E true

by ~25%.

* guix/packages.scm (%bag-cache): New variable.
(package->bag): Use 'cached' to cache things to %BAG-CACHE.
2016-03-08 00:01:13 +01:00
Ludovic Courtès 198d84b70b packages: Generalize the 'cached' macro.
* guix/packages.scm (cache): Rename to...
  (cache!): ... this.  Add 'cache' parameter, and use it.
  (cached): Add a rule to allow the cache to be specified.
2016-03-08 00:01:13 +01:00
Andy Wingo ef7516aa04 gnu: network-manager: Update to 1.0.10.
* gnu/packages/gnome.scm (network-manager): Update to 1.0.10.
  (network-manager-applet): Likewise.
  (%network-manager-glib-duplicate-test-patch): Remove.
2016-03-07 21:15:37 +01:00
Andy Wingo b4f59d87a6 gnu: network-manager: Disable failing tests.
* gnu/packages/gnome.scm (network-manager): Add pre-configure phase.
2016-03-07 21:14:23 +01:00
Andy Wingo c42602b5cb gnu: elogind: Update to 219.13.
* gnu/packages/freedesktop.scm (elogind): Update to 219.13.  Remove
  build fix that is no longer needed.  Update home page.
2016-03-07 21:10:00 +01:00
Andy Wingo a7e50a2a03 gnu: system: Add elogind cgroup mount.
* gnu/system/file-systems.scm (%elogind-file-systems): Add elogind
  cgroup mount.
2016-03-07 21:10:00 +01:00
Ricardo Wurmus 0e2f2aebed gnu: Add Blender.
* gnu/packages/graphics.scm (blender): New variable.
2016-03-07 20:58:25 +01:00
宋文武 201cfb81d1 gnu: Add gst-python.
* gnu/packages/gstreamer.scm (python-gst, python2-gst): New variables.
2016-03-07 09:57:20 +08:00
宋文武 fa7cf82ebe gnu: python-pygobject: Propagate glib and libffi.
* gnu/packages/glib.scm (python-pygobject): Move glib and libffi to propagated-inputs.
(python2-pygobject)[inputs]: Remove glib and libffi.
2016-03-07 09:57:20 +08:00
宋文武 e28f95a963 gnu: python-pygobject: Add search path for GI_TYPELIB_PATH.
* gnu/packages/glib.scm (python-pygobject)[native-search-paths]: Use the
same search paths as gobject-introspection.
2016-03-07 09:57:20 +08:00
宋文武 b3585d9bda gnu: orc: Update to 0.4.25.
* gnu/packages/gstreamer.scm (orc): Update to 0.4.25.
2016-03-07 09:57:20 +08:00
宋文武 60a0886d72 services: Use 'packages->manifest' in 'packages->profile-entry'.
This allows using (PACKAGE OUTPUT) in the packages field.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.

* gnu/services.scm (packages->profile-entry): Use 'packages->manifest'.
2016-03-07 09:57:20 +08:00
Ludovic Courtès 956ad60cad services: elogind: Rely on D-Bus activation.
Previously elogind was explicitly spawned by the Shepherd.  Now it is
activated by dbus-daemon on demand.

* gnu/packages/freedesktop.scm (elogind)[arguments]: Add
'fix-service-file' phase.
* gnu/services/desktop.scm (elogind-shepherd-service): Remove.
(elogind-dbus-service): New procedure.
(elogind-service-type): Do not extend SHEPHERD-ROOT-SERVICE-TYPE.  Use
'elogind-dbus-service' for DBUS-ROOT-SERVICE-TYPE.
2016-03-07 00:01:03 +01:00
Ludovic Courtès ef8de9852e tests: Disable grafting by default for most tests.
This allows tests to run as expected even in the presence of
replacements among the bootstrap packages, such as Perl (commit
d8173f21f7).

* tests/cpan.scm: Add (%graft? #f).
* tests/derivations.scm: Likewise.
* tests/graph.scm: Likewise.
* tests/monads.scm: Likewise.
* tests/profiles.scm: Likewise.
* tests/gexp.scm: Likewise.
("gexp->derivation vs. grafts"): Explicitly reenable grafting before,
and disable it after, using 'set-grafting'.
2016-03-06 23:16:35 +01:00
Ludovic Courtès 322bb53c7a import: snix: Use the right 'package-name->name+version'.
Fixes a regression introduced in
1b846da8c3.

* guix/import/snix.scm: Use 'package-name->name+version' from (guix
build utils).
2016-03-06 23:16:35 +01:00
Ricardo Wurmus afadb05e58 gnu: alsa-modular-synth: Insert space to separate linker flags.
* gnu/packages/audio.scm (alsa-modular-synth)[arguments]: Add build
phase to separate linker flags.
2016-03-06 21:17:05 +01:00