Commit Graph

11387 Commits

Author SHA1 Message Date
Ludovic Courtès 66a30a3ea4 gnu: libevent: Update to 2.0.22 [fixes CVE-2015-6525].
* gnu/packages/libevent.scm (libevent): Update to 2.0.22.
2016-03-11 16:33:50 +01:00
Ludovic Courtès 6a25e59514 cve: Read entire CVE databases for the current year and the past year.
The "Modified" database that we were reading is much smaller, but it
only shows CVEs modified over the past week.

* guix/cve.scm (%now, %current-year, %past-year): New variables.
(yearly-feed-uri): New procedure.
(%cve-feed-uri, %ttl): Remove.
(%current-year-ttl, %past-year-ttl): New variables.
(call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them.
Add 'setvbuf' call.
(current-vulnerabilities)[read-vulnerabilities]: New procedure.
Read from both %LAST-YEAR and %CURRENT-YEAR.
2016-03-11 16:33:50 +01:00
Ludovic Courtès ef0f0d5f97 gnu: vorbis-tools: Patch buffer overflow [fixes CVE-2015-6749].
* gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xiph.scm (vorbis-tools)[source]: Use it.
2016-03-11 16:33:50 +01:00
Jan Nieuwenhuizen baacf042fd doc: Suggest `guix.scm' for upstream maintainers.
* doc/guix.texi (Invoking guix package): Suggest `guix.scm'.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2016-03-11 16:33:50 +01:00
Ludovic Courtès cf557afa2e cve: Make CPE patch level part of the version string.
* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL.
(cpe->package-name): Likewise.
2016-03-11 16:33:50 +01:00
Nils Gillmann d381962f35 gnu: Add powwow.
* gnu/packages/games.scm (powwow): New variable.
2016-03-11 08:37:11 +08:00
Roel Janssen a0a71439fa gnu: Add bioawk.
* gnu/packages/bioinformatics.scm (bioawk): New variable.

Signed-off-by: Leo Famulari <leo@famulari.name>
2016-03-10 18:37:25 -05:00
Mark H Weaver 7bf4bd0991 gnu: linux-libre: Update to 4.4.5.
* gnu/packages/linux.scm (linux-libre): Update to 4.4.5.
2016-03-10 18:17:31 -05:00
Raimon Grau 9514662322 gnu: Add nload.
* gnu/packages/networking.scm (nload): New variable.

Signed-off-by: Leo Famulari <leo@famulari.name>
2016-03-10 16:48:16 -05:00
Leo Famulari ff22f01d67 gnu: dropbear: Update to 2016.72 [fixes CVE-2016-3116].
* gnu/packages/ssh.scm (dropbear): Update to 2016.72.
2016-03-10 15:34:05 -05:00
Leo Famulari efa3752964 gnu: openssh: Update to 7.2p2 [fixes CVE-2016-3115].
* gnu/packages/ssh.scm (openssh): Update to 7.2p2.
2016-03-10 15:34:05 -05:00
Efraim Flashner a232ce429e gnu: catch: Update to 1.3.5.
* gnu/packages/check.scm (catch): Update to 1.3.5.
2016-03-10 21:41:24 +02:00
Efraim Flashner 34a6f4dcf9 gnu: cppunit: Update to 1.13.2.
* gnu/packages/check.scm (cppunit): Update to 1.13.2.
[source]: Change to libreoffice's hosted release tarballs.
[home-page]: Change to freedesktop.
2016-03-10 21:25:31 +02:00
Efraim Flashner 591f1d3e4c gnu: lcov: Update to 1.12.
* gnu/packages/code.scm (lcov): Update to 1.12.
2016-03-10 20:20:26 +02:00
Efraim Flashner 1d116171a0 gnu: the-silver-searcher: Update to 0.31.0.
* gnu/packages/code.scm (the-silver-searcher): Update to 0.31.0.
2016-03-10 20:17:50 +02:00
Efraim Flashner 1e42d8b8ba gnu: complexity: Update to 1.10.
* gnu/packages/code.scm (complexity): Update to 1.10.
2016-03-10 20:15:15 +02:00
Efraim Flashner 9720651942 gnu: libass: Update to 0.13.2.
* gnu/packages/video.scm (libass): Update to 0.13.2.
2016-03-10 18:23:40 +02:00
Efraim Flashner 83820c0f10 gnu: obs: Update to 0.13.2.
* gnu/packages/video.scm (obs): Update to 0.13.2.
2016-03-10 18:23:40 +02:00
Mark H Weaver c3499ad6b8 gnu: icecat: Add several security fixes.
* gnu/packages/patches/icecat-CVE-2015-4477.patch,
gnu/packages/patches/icecat-CVE-2015-7207.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch,
gnu/packages/patches/icecat-CVE-2016-1954.patch,
gnu/packages/patches/icecat-CVE-2016-1960.patch,
gnu/packages/patches/icecat-CVE-2016-1961.patch,
gnu/packages/patches/icecat-CVE-2016-1962.patch,
gnu/packages/patches/icecat-CVE-2016-1964.patch,
gnu/packages/patches/icecat-CVE-2016-1965.patch,
gnu/packages/patches/icecat-CVE-2016-1966.patch,
gnu/packages/patches/icecat-CVE-2016-1974.patch,
gnu/packages/patches/icecat-bug-1248851.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2016-03-10 10:52:41 -05:00
Ludovic Courtès ec278439f3 substitute: Optimize HTTP pipelining over TLS.
* guix/scripts/substitute.scm (http-multiple-get): Write the requests
to a bytevector output port before sending them.
2016-03-10 13:55:30 +01:00
Ludovic Courtès 9b7bd1b160 substitute: Add HTTPS support.
Fixes <http://bugs.gnu.org/22937>.
Reported by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'https' alongside 'http'.
Use 'open-connection-for-uri' instead of 'open-socket-for-uri'.  Call
'setvbuf' only when PORT matches 'file-port?'.
(http-multiple-get): Likewise.  Change 'base-url' parameter to
'base-uri'.
(fetch-narinfos)[do-fetch]: Add 'https' case alongside 'http'.  Pass URI
instead of URL to 'http-multiple-get'.
* doc/guix.texi (Requirements): Move GnuTLS one level higher and mention
HTTPS substitutes.
(Substitutes): Mention HTTPS and recommend it.  Explain why servers
are not authenticated.  Add "On Trusting Binaries" subsection.
2016-03-10 13:55:30 +01:00
Efraim Flashner 2f9862ffd0 gnu: isc-dhcp: Update bundled bind to 9.9.8-P4 [fixes CVE-2016-1285, CVE-2016-1286].
* gnu/packages/admin.scm (isc-dhcp): Update bundled bind to 9.9.8-P4.
2016-03-10 09:49:04 +02:00
Efraim Flashner 0d88031c2f gnu: bind-utils: Update to 9.10.3-P4 [fixes CVE-2016-1285, CVE-2016-1286].
* gnu/packages/dns.scm (bind-utils): Update to 9.10.3-P4.
2016-03-10 09:29:55 +02:00
Ricardo Wurmus 82f145ef7a gnu: custom-gcc: Delete broken or conflicting executables.
* gnu/packages/gcc.scm (custom-gcc)[arguments]: Add phase to remove
executables that are non-functional or conflict with the executables of
"gcc".
2016-03-10 07:12:27 +01:00
宋文武 ce6027bf43 gnu: nautilus: Don't propagate gtk+.
* gnu/packages/gnome.scm (nautilus): Move gtk+ from propagated-inputs to inputs.
2016-03-10 08:27:53 +08:00
Ludovic Courtès 204d34ff96 substitute: Error out on unsupported URL schemes.
Reported in <http://bugs.gnu.org/22937>
by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'else' case and call 'leave'.
2016-03-09 23:47:49 +01:00
Ludovic Courtès bec7f35214 ui: Do not call 'port-filename' on closed file ports.
* guix/ui.scm (call-with-error-handling)[port-filename*]: New
procedure.
Use it in the 'nar-error?' case.
2016-03-09 23:47:49 +01:00
Andreas Enge 8bcdc23fd0 gnu: texlive: Make texlive-bin and texlive-texmf private.
* gnu/packages/texlive.scm (texlive-bin, texlive-texmf): Define the variables
  as non-public; they should not be installed into a profile.
2016-03-09 22:36:45 +01:00
Andreas Enge fde6060347 gnu: po4a: Use texlive-minimal instead of texlive-bin.
* gnu/packages/gettext.scm (po4a)[inputs]: Replace texlive-bin by
  texlive-minimal.
2016-03-09 22:36:45 +01:00
Andreas Enge aad375c9bc gnu: statistics: Remove import of unused texlive module.
* gnu/packages/statistics.scm: Do not import (gnu packages texlive).
2016-03-09 22:36:45 +01:00
Andreas Enge 289adba7a3 gnu: gnuplot: Use texlive-minimal instead of texlive-bin.
* gnu/packages/maths.scm (gnuplot)[inputs]: Replace texlive-bin by
  texlive-minimal.
2016-03-09 22:36:45 +01:00
Tobias Geerinckx-Rice fb9ca51130 gnu: simple-scan: Update to 3.19.91.
* gnu/packages/gnome.scm (simple-scan): Update to 3.19.91.
[arguments]: Add 'clean' phase.
2016-03-09 15:55:33 -05:00
Mark H Weaver f97334220c gnu: pidgin-otr: Update to 4.0.2.
* gnu/packages/messaging.scm (pidgin-otr): Update to 4.0.2.
2016-03-09 15:51:16 -05:00
Andreas Enge 5adb3a4db4 gnu: libotr: Remove version 3.2.1.
* gnu/packages/messaging.scm (libotr-3): Remove variable.
2016-03-09 21:31:18 +01:00
Leo Famulari 89e58e8e8c libotr: Update to 4.1.1 [fixes CVE-2016-2851].
* gnu/packages/messaging.scm (libotr): Update to 4.1.1.
[native-inputs]: New field.
2016-03-09 15:19:50 -05:00
Ludovic Courtès f5a9103991 gnu: dbus: Incorporate "dbus-helper-search-path.patch".
* gnu/packages/glib.scm (dbus)[source]: Apply
"dbus-helper-search-path.patch".
(dbus/activation): Remove.
* gnu/services/dbus.scm (<dbus-configuration>)[dbus]: Default to DBUS.
(dbus-service): Likewise.
2016-03-09 15:31:23 +01:00
Ludovic Courtès 255f730879 gnu: eudev: Add dependency on blkid.
* gnu/packages/linux.scm (eudev)[inputs]: Add UTIL-LINUX.
(eudev-with-blkid): Remove.
* gnu/services/base.scm (udev-service): Use EUDEV instead of
EUDEV-WITH-BLKID.
* gnu/system.scm (%base-packages): Likewise.
2016-03-09 15:26:09 +01:00
Ludovic Courtès 297a36abfc gnu: graphite2: Update to 1.3.6.
* gnu/packages/fontutils.scm (graphite2)[replacement]: Remove.
[version, source]: Update to 1.3.6.
(graphite2-1.3.6): Remove.
2016-03-09 15:23:12 +01:00
Ludovic Courtès 4cff124bbf gnu: openssl: Update to 1.0.2g.
* gnu/packages/tls.scm (openssl)[replacement]: Remove.
[version, source]: Bump to 1.0.2g.  Use "openssl-c-rehash-in.patch"
instead of "openssl-c-rehash.patch".
(openssl-1.0.2g): Remove.
* gnu-system.am (dist_patch_DATA): Remove "openssl-c-rehash.patch".
2016-03-09 15:20:34 +01:00
Ludovic Courtès 4d1a35fabc gnu: perl: Incorporate patch for CVE-2016-2381.
* gnu/packages/perl.scm (perl)[source]: Add "perl-CVE-2016-2381.patch".
[replacement]: Remove.
(perl-fixed): Remove.
2016-03-09 15:17:12 +01:00
Ludovic Courtès 6da23c0429 gnu: complexity: Update to 1.9.
* gnu/packages/code.scm (complexity): Update to 1.9.
2016-03-09 15:10:20 +01:00
Ludovic Courtès f1eacbafc4 upstream: Fix 'signature-urls' coalescing.
Previously, the resulting 'signature-urls' would contain N times the
same URL.

* guix/upstream.scm (coalesce-sources): Fix TWO in 'signature-urls'.
* tests/upstream.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
2016-03-09 15:08:00 +01:00
Ludovic Courtès 1ddee42472 doc: Add note on store immutability.
* doc/guix.texi (The Store): Mention "store items" and the database
location.  Add note on the store's immutability.
2016-03-09 14:49:28 +01:00
Efraim Flashner 00eb9fa3e2 gnu: Add liblangtag.
* gnu/packages/libreoffice.scm (liblangtag): New variable.

Co-authored-by: Andreas Enge <andreas@enge.fr>
2016-03-09 14:27:19 +01:00
Andreas Enge ebc816311c gnu: libreoffice: Enable parallel build.
* gnu/packages/libreoffice.scm (libreoffice)[arguments]: Enable parallel
  build.
2016-03-09 14:27:19 +01:00
Ludovic Courtès 112024826d system: Explicitly set umask to 022 in /etc/profile.
Fixes <http://bugs.gnu.org/22650>.
Reported by myglc2 <myglc2@gmail.com>.

* gnu/system.scm (operating-system-etc-service)[profile]: Invoke
'umask'.
2016-03-08 23:30:53 +01:00
Ludovic Courtès 5284339d9d guix build: Add '--quiet'.
Fixes <http://bugs.gnu.org/19772>.
Reported by Andrei Osipov <andrspv@gmail.com>.

* guix/scripts/build.scm (show-help, %options): Add --quiet.
(guix-build): Parameterize 'current-build-output-port' accordingly.
* doc/guix.texi (Invoking guix build): Use it in example.
(Additional Build Options): Document it.
2016-03-08 22:00:17 +01:00
Ludovic Courtès efb107e0cd packages: Gracefully report packages not found.
Fixes a thinko introduced in 1b846da8c3
that would lead to a backtrace when looking for an unknown package.

* gnu/packages.scm (%find-package): Correct logic when checking for
FALLBACK?.
2016-03-08 11:48:21 +01:00
Ludovic Courtès 95cd4971d0 packages: Support the deprecated "NAME-VERSION" syntax.
Fixes a typo introduced in 1b846da8c3 that
would lead to a backtrace when using the deprecated syntax.

* gnu/packages.scm (%find-package): Turn the first argument to
'call-with-values' into a thunk.  Use #:select instead of '@' to select
the right 'package-name->name+version' procedure.
2016-03-08 11:38:46 +01:00
Ludovic Courtès 7befee308b packages: Clarify NAME-VERSION deprecation message.
* gnu/packages.scm (%find-package): Clarify message; remove trailing
period.
2016-03-08 11:36:16 +01:00