Commit Graph

1494 Commits

Author SHA1 Message Date
Efraim Flashner 338b58e0ea
gnu: openjpeg: Fix CVE-2017-14164.
* gnu/packages/image.scm (openjpeg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-14164.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-09-10 22:00:35 +03:00
Efraim Flashner 224bb4b6f9
gnu: graphicsmagick: Fix CVE-2017-14165.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patch.
* gnu/packages/patches/graphicsmagick-CVE-2017-14165.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-09-10 21:45:45 +03:00
Kei Kebreau 2cc752c0b0
gnu: graphicsmagick: Fix CVE-2017-14042.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patch.
* gnu/packages/patches/graphicsmagick-CVE-2017-14042.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-09-10 09:33:56 -04:00
Ludovic Courtès 67a37c6311
gnu: foomatic-filters: Add missing patches.
This is a followup to commit d02aabaf1b.

* gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
* gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-09-10 12:00:25 +02:00
Leo Famulari 81635ad03e
gnu: tcpdump: Update to 4.9.2 [security fixes].
Fixes CVE-2017-{12893,12894,12895,12896,12897,12898,12899,12900,12901,12902,
12985,12986,12987,12988,12989,12990,12991,12992,12993,12994,12995,12996,12997,
12998,12999,13000,13001,13002,13003,13004,13005,13006,13007,13008,13009,13010,
13012,13013,13014,13015,13016,13017,13018,13019,13020,13021,13022,13023,13024,
13025,13026,13027,13028,13029,13030,13031,13032,13033,13034,13035,13036,13037,
13038,13039,13040,13041,13042,13043,13044,13045,13046,13047,13048,13049,13050,
13051,13052,13053,13054,13055,13687,13688,13689,13690,13725}.

* gnu/packages/admin.scm (tcpdump): Update to 4.9.2.
[source]: Remove patches and add alternate source URL.
* gnu/packages/patches/tcpdump-CVE-2017-11541.patch,
gnu/packages/patches/tcpdump-CVE-2017-11542.patch,
gnu/packages/patches/tcpdump-CVE-2017-11543.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-09-07 17:44:20 -04:00
Leo Famulari 6a7bd25bf2
gnu: qemu: Fix CVE-2017-{13711,14167}.
* gnu/packages/patches/qemu-CVE-2017-14167.patch
gnu/packages/patches/qemu-CVE-2017-13711.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.
2017-09-07 15:46:57 -04:00
Leo Famulari 94d671f673
gnu: libarchive: Replace with libarchive 3.3.2 and fix CVE-2017-14166.
* gnu/packages/backup.scm (libarchive)[replacement]: New field.
(libarchive-3.3.2): New variable.
* gnu/packages/patches/libarchive-CVE-2017-14166.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-09-07 14:29:38 -04:00
Efraim Flashner 98df3a88b5
gnu: libzip: Update to 1.3.0 (fixes CVE-2017-14107).
* gnu/packages/compression.scm (libzip): Update to 1.3.0.
[source]: Remove patch.
[arguments]: Remove custom 'patch-perl phase.
* gnu/packages/patches/libzip-CVE-2017-12858.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-09-06 14:20:43 +03:00
Efraim Flashner 3b7c606965
gnu: openjpeg: Fix CVE-2017-14151, CVE-2017-14152.
* gnu/packages/image.scm (openjpeg)[source]: Add patches.
* gnu/packages/patches/openjpeg-CVE-2017-14151.patch,
gnu/packages/patches/openjpeg-CVE-2017-14152.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-09-06 14:20:40 +03:00
Nicolas Goaziou f049e79dc3
gnu: csound: Update to 6.09.1.
* gnu/packages/audio.scm (csound): Update to 6.09.1.  Change source URI.
* gnu/packages/patches/csound-header-ordering.patch: Remove patch.
* gnu/local.mk (dist_patch_DATA): Remove reference to patch above.
2017-09-06 12:51:59 +02:00
Roel Janssen 026ebc141f
gnu: Update calibre to 3.6.0.
* gnu/local.mk: Remove calibre-drop-unrar.patch
* gnu/packages/ebook.scm (calibre): Update to 3.6.0.
  Add python-html5-parser input.
* gnu/packages/patches/calibre-drop-unrar.patch: Remove file.
2017-09-06 12:42:57 +02:00
Efraim Flashner f1597427f2
gnu: file: Fix CVE-2017-1000249.
* gnu/packages/file.scm (file)[replacement]: New field.
(file/fixed): New variable.
* gnu/packages/commencement.scm (file-boot0): Use package/inherit.
* gnu/packages/patches/file-CVE-2017-1000249.patch.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-09-05 23:04:05 +03:00
Leo Famulari 514c2f4806
gnu: tcpdump: Fix CVE-2017-[11541,11542,11543].
* gnu/packages/patches/tcpdump-CVE-2017-11541.patch,
gnu/packages/patches/tcpdump-CVE-2017-11542.patch
gnu/packages/patches/tcpdump-CVE-2017-11543.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/admin.scm (tcpdump)[source]: Use them.
2017-09-05 14:53:50 -04:00
Jelle Licht 448339709d
gnu: node: Update to 8.4.0.
* gnu/packages/patches/node-9077.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/node.scm (node): Update to 8.4.0.
(node)[arguments]: Removed broken linter test. Removed dns test.
2017-09-02 22:59:18 +02:00
Kei Kebreau d536113df0
gnu: openjpeg: Fix CVE-2017-{14040,14041}.
* gnu/packages/image.scm (openjpeg)[source]: Add patches.
* gnu/packages/patches/openjpeg-CVE-2017-14040.patch,
gnu/packages/patches/openjpeg-CVE-2017-14041.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-09-02 10:21:03 -04:00
Ben Woodcroft 25bd1fc1c1
gnu: metabat: Update to 2.12.1.
* gnu/packages/patches/metabat-remove-compilation-date.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/bioinformatics.scm (metabat): Update to 2.12.1.
[source]: Remove it.  Use url-fetch.
2017-09-01 14:45:57 +08:00
Arun Isaac a0596a2f27
gnu: python2-larch: Enable tests.
* gnu/packages/patches/python2-larch-coverage-4.0a6-compatibility.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python2-larch)[source]: Use it.
[arguments]: Move 'check' phase to before 'build' phase.
2017-09-01 11:14:16 +05:30
Efraim Flashner 0ff44ba464
gnu: graphicsmagick: Fix CVE-2017-{13775,13776,13777}.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patches.
* gnu/packages/patches/graphicsmagick-CVE-2017-13775.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-13776+CVE-2017-13777.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-09-01 00:02:27 +03:00
Alex Vong 76fed2b3c4
gnu: libxml2: Fix CVE-2017-{0663,7375,7376,9047,9048,9049,9050}.
* gnu/packages/patches/libxml2-CVE-2017-0663.patch,
gnu/packages/patches/libxml2-CVE-2017-7375.patch,
gnu/packages/patches/libxml2-CVE-2017-7376.patch,
gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch,
gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/xml.scm (libxml2)[replacement]: New field.
(libxml2/fixed): New variable.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-31 21:45:36 +02:00
Ben Woodcroft c959e5a1dc
gnu: ruby-2.2.7: Fix CVE-2017-{0899,0900,0901,0902}.
* gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ruby.scm (ruby-2.2.7)[source]: Use it.
2017-08-31 10:43:19 +08:00
Ben Woodcroft db542518b3
gnu: ruby-2.3.4: Fix CVE-2017-{0899,0900,0901,0902}.
* gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ruby.scm (ruby-2.3.4)[source]: Use it.
2017-08-31 10:43:19 +08:00
Ben Woodcroft 9770cbf9e2
gnu: ruby-2.4.1: Fix CVE-2017-{0899,0900,0901,0902}.
* gnu/packages/patches/ruby-rubygems-2612-ruby24.patch,
gnu/packages/patches/ruby-rubygems-2613-ruby24.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/ruby.scm (ruby-2.4.1)[source]: Use them.
2017-08-31 10:43:19 +08:00
Ben Woodcroft 690a904ad7
gnu: metabat: Update to 2.11.3.
* gnu/packages/bioinformatics.scm (metabat): Update to 2.11.3.
[source]: Use git-fetch.  Remove boost-related patch.
* gnu/packages/patches/metabat-fix-boost-issue.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-31 10:43:18 +08:00
Marius Bakke 4f68156140
gnu: gd: Replace with 2.2.5.
Fixes CVE-2017-6362 and CVE-2017-7890.

* gnu/packages/gd.scm (gd)[replacement]: New field.
(gd-2.2.5): New variable.
* gnu/packages/php.scm (gd-for-php): Remove variable
(php)[inputs]: Replace GD-FOR-PHP with GD-2.2.5.
* gnu/packages/patches/gd-CVE-2017-7890.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-31 02:49:43 +02:00
Marius Bakke 2de7d137b3
gnu: qemu: Update to 2.10.0.
* gnu/packages/patches/qemu-CVE-2017-10664.patch,
gnu/packages/patches/qemu-CVE-2017-10806.patch,
gnu/packages/patches/qemu-CVE-2017-10911.patch,
gnu/packages/patches/qemu-CVE-2017-11334.patch,
gnu/packages/patches/qemu-CVE-2017-11434.patch,
gnu/packages/patches/qemu-CVE-2017-12809.patch:
gnu/packages/patches/qemu-CVE-2017-7493.patch,
gnu/packages/patches/qemu-CVE-2017-8112.patch,
gnu/packages/patches/qemu-CVE-2017-8309.patch,
gnu/packages/patches/qemu-CVE-2017-8379.patch,
gnu/packages/patches/qemu-CVE-2017-8380.patch,
gnu/packages/patches/qemu-CVE-2017-9524.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/virtualization.scm (qemu): Update to 2.10.0.
[source](patches): Remove.
2017-08-30 20:50:13 +02:00
Ricardo Wurmus 799247d2d9
gnu: multiqc: Update to 1.2.
* gnu/packages/bioinformatics.scm (multiqc): Update to 1.2.
[source]: Remove patches.
[arguments]: Remove to enable tests.
[propagated-inputs]: Add python-spectra, python-requests, python-markdown,
python-lzstring.
* gnu/packages/patches/multiqc-fix-git-subprocess-error.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-30 17:32:00 +02:00
Kei Kebreau 3c8ba11a97
Update e-mail for Kei Kebreau.
* .mailmap: Map kei@openmailbox.org to current address.
* gnu/local.mk: Replace kei@openmailbox.org to current address.
* gnu/packages/backup.scm: Likewise.
* gnu/packages/calendar.scm: Likewise.
* gnu/packages/check.scm: Likewise.
* gnu/packages/compression.scm: Likewise.
* gnu/packages/documentation.scm: Likewise.
* gnu/packages/emacs.scm: Likewise.
* gnu/packages/fltk.scm: Likewise.
* gnu/packages/freedesktop.scm: Likewise.
* gnu/packages/game-development.scm: Likewise.
* gnu/packages/games.scm: Likewise.
* gnu/packages/gnome.scm: Likewise.
* gnu/packages/gnustep.scm: Likewise.
* gnu/packages/gtk.scm: Likewise.
* gnu/packages/hexedit.scm: Likewise.
* gnu/packages/image.scm: Likewise.
* gnu/packages/maths.scm: Likewise.
* gnu/packages/music.scm: Likewise.
* gnu/packages/xfce.scm: Likewise.
* gnu/packages/python.scm: Likewise.
* gnu/packages/tcl.scm: Likewise.
* gnu/packages/textutils.scm: Likewise.
* gnu/packages/video.scm: Likewise.
* gnu/packages/w3m.scm: Likewise.
* gnu/packages/web.scm: Likewise.
* gnu/packages/web-browsers.scm: Likewise.
* gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch: Likewise.
2017-08-29 20:13:24 -04:00
Leo Famulari 9baa969758
gnu: libzip: Fix CVE-2017-12858.
* gnu/packages/patches/libzip-CVE-2017-12858.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/compression.scm (libzip)[source]: Use it.
2017-08-27 19:51:45 -04:00
Leo Famulari 1c059a6e16
gnu: wxwidgets: Update to 3.0.3.
* gnu/packages/wxwidgets.scm (wxwidgets): Update to 3.0.3.
[source]: Remove 'wxwidgets-fix-windowGTK.patch'.
* gnu/packages/patches/wxwidgets-fix-windowGTK.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-27 16:04:25 -04:00
Marius Bakke 72e2815d18
Merge branch 'core-updates' 2017-08-26 15:15:49 +02:00
Efraim Flashner f81039058c
gnu: qemu: Fix CVE-2017-12809.
* gnu/packages/virtualization.scm (qemu)[source]: Add patch.
* gnu/packages/patches/qemu-CVE-2017-12809.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-23 21:56:55 +03:00
Efraim Flashner f00e328fd3
gnu: openjpeg: Fix CVE-2017-12982.
* gnu/packages/image.scm (openjepg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-23 21:07:07 +03:00
Marius Bakke 2718a9cd09
Merge branch 'master' into core-updates 2017-08-21 02:40:37 +02:00
Kei Kebreau 6d7d9d9507
gnu: graphicsmagick: Fix CVE-2017-{12935,12936,12937}.
* gnu/packages/patches/graphicsmagick-CVE-2017-12935.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-12936.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Use them.
2017-08-20 08:35:45 -04:00
Tobias Geerinckx-Rice b7585ca3b9
gnu: lz4: Update to 1.8.0.
* gnu/packages/compression.scm (lz4): Update to 1.8.0.  Fix typo in comment.
[source]: Remove patch.
* gnu/packages/patches/lz4-fix-test-failures.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-19 02:17:42 +02:00
Leo Famulari d9f15d7e48
gnu: newsbeuter: Fix CVE-2017-12904.
* gnu/packages/patches/newsbeuter-CVE-2017-12904.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/syndication.scm (newsbeuter)[source]: Use it.
2017-08-18 17:24:47 -04:00
Marius Bakke 8c0c0c4def
gnu: python-pygit2: Update to 0.26.0.
* gnu/packages/python.scm (python-pygit2): Update to 0.26.0.
* gnu/packages/patches/python-pygit2-disable-network-tests.patch: Skip one
more test. Use unittest.skipIf instead of deleting sections.
2017-08-18 21:33:31 +02:00
Thomas Danckaert cc81f1c349
gnu: freerdp: Revert to version 1.1.
* gnu/packages/rdesktop.scm (freerdp) [version, source]: Revert to upstream
  branch 1.1.  [inputs]: Use ffmpeg-2.8.
* gnu/packages/gnome.scm (vinagre): Add patches required to build against
  freerdp branch 1.1.
* gnu/packages/patches/vinagre-revert-1.patch,
  gnu/packages/patches/vinagre-revert-2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-08-18 14:52:35 +02:00
Efraim Flashner c5a856d551
gnu: xf86-video-siliconmotion: Fix building on aarch64.
* gnu/packages/xorg.scm (xf86-video-siliconmotion)[source]: Add patch.
* gnu/packages/patches/xf86-video-siliconmotion-fix-ftbfs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-18 15:50:25 +03:00
Eric Bavier 623cc34cd2
gnu: rpm: Update to 4.13.0.1.
* gnu/packages/package-management.scm (rpm): Update to 4.13.0.1
[source]: Remove patch.  Use 'version-major+minor' for url.
* gnu/packages/patches/rpm-CVE-2014-8118.patch: Delete patch.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-17 21:39:18 -05:00
Efraim Flashner e3b861ce38
gnu: python-cython: Update to 0.26.
* gnu/packages/python.scm (python-cython, python2-cython): Update to 0.26.
[source]: Remove patch.
* gnu/packages/patches/python-cython-fix-tests-32bit.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-17 06:46:06 +03:00
Efraim Flashner 3837108e40
gnu: bcftools: Fix building on aarch64.
* gnu/packages/patches/bcftools-regidx-unsigned-char.patch: New file.
* gnu/packages/bioinformatics.scm (bcftools)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-15 10:31:20 +03:00
Mark H Weaver 09ec5a0f0c
Merge branch 'master' into core-updates 2017-08-15 03:10:14 -04:00
Marius Bakke f28fea1ca7
gnu: e2fsprogs: Update to 1.43.5.
* gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/linux.scm (e2fsprogs): Update to 1.43.5.
[source]: Use patch.
2017-08-15 01:08:01 +02:00
Leo Famulari 15428168ea
gnu: cvs: Fix CVE-2017-12836.
* gnu/packages/patches/cvs-2017-12836.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/version-control.scm (cvs)[source]: Use it.
2017-08-14 15:55:31 -04:00
Alex Vong f152208b0d
gnu: qemu: Fix CVE-2017-{10664,10806,10911,11434}.
* gnu/packages/patches/qemu-CVE-2017-10664.patch,
gnu/packages/patches/qemu-CVE-2017-10806.patch,
gnu/packages/patches/qemu-CVE-2017-10911.patch,
gnu/packages/patches/qemu-CVE-2017-11434.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-13 18:28:27 +02:00
Marius Bakke d5daf6fbe0
gnu: curl: Fix i686 test failure.
* gnu/packages/patches/curl-bounds-check.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/curl.scm (curl-7.55.0)[source]: Use it.
2017-08-13 16:46:41 +02:00
Alex Vong bfcdf88760
gnu: catdoc: Fix CVE-2017-11110.
* gnu/packages/patches/catdoc-CVE-2017-11110.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/textutils.scm (catdoc)[source]: Use it.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-12 15:30:23 +02:00
Mark H Weaver 3785e42e52
Merge branch 'master' into core-updates 2017-08-11 03:49:24 -04:00
Marius Bakke c2f93e9c07
gnu: openjpeg: Update to 2.2.0 [security fixes].
In addition to the patches we already had (which are not mentioned in the
ChangeLog, but verified by following their respective GitHub issues) this
release also fixes CVE-2016-9112, CVE-2016-5139, CVE-2016-5152, CVE-2016-5158,
CVE-2016-5159, CVE-2016-1626 and CVE-2016-1628.

See <https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md> for details.

* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch,
  gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.2.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Add phase to patch
hard-coded openjpeg-2.1 path.
2017-08-10 22:23:31 +02:00