Merge branch 'master' into core-updates

This commit is contained in:
Mark H Weaver 2016-07-29 14:18:07 -04:00
commit 0bab3af078
No known key found for this signature in database
GPG key ID: 7CEF29847562C516
39 changed files with 731 additions and 619 deletions

View file

@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.68)
AC_INIT([GNU Guix], [0.10.0], [bug-guix@gnu.org], [guix],
AC_INIT([GNU Guix], [0.11.0], [bug-guix@gnu.org], [guix],
[http://www.gnu.org/software/guix/])
AC_CONFIG_AUX_DIR([build-aux])

View file

@ -103,6 +103,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/dvtm.scm \
%D%/packages/ebook.scm \
%D%/packages/ed.scm \
%D%/packages/education.scm \
%D%/packages/elf.scm \
%D%/packages/emacs.scm \
%D%/packages/enchant.scm \
@ -316,6 +317,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/slim.scm \
%D%/packages/smalltalk.scm \
%D%/packages/speech.scm \
%D%/packages/spice.scm \
%D%/packages/ssh.scm \
%D%/packages/stalonetray.scm \
%D%/packages/statistics.scm \
@ -513,11 +515,7 @@ dist_patch_DATA = \
%D%/packages/patches/gcc-cross-environment-variables.patch \
%D%/packages/patches/gcc-libvtv-runpath.patch \
%D%/packages/patches/gcc-5.0-libvtv-runpath.patch \
%D%/packages/patches/gd-CVE-2016-5766.patch \
%D%/packages/patches/gd-CVE-2016-6128.patch \
%D%/packages/patches/gd-CVE-2016-6132.patch \
%D%/packages/patches/gd-CVE-2016-6214.patch \
%D%/packages/patches/gd-fix-test-on-i686.patch \
%D%/packages/patches/gd-fix-tests-on-i686.patch \
%D%/packages/patches/gegl-CVE-2012-4433.patch \
%D%/packages/patches/geoclue-config.patch \
%D%/packages/patches/ghostscript-CVE-2015-3228.patch \

View file

@ -24,10 +24,9 @@ (define-module (gnu packages bison)
#:use-module (gnu packages m4)
#:use-module (gnu packages perl)
#:use-module (gnu packages flex)
#:use-module (srfi srfi-1)
#:export (bison))
#:use-module (srfi srfi-1))
(define bison
(define-public bison
(package
(name "bison")
(version "3.0.4")
@ -65,4 +64,3 @@ (define-public bison-2.7
(sha256
(base32
"1zd77ilmpv5mi3kr55jrj6ncqlcnyhpianhrwzak2q28cv2cbn23"))))))

View file

@ -765,7 +765,8 @@ (define-public perl-dbd-pg
("postgresql" ,postgresql)))
(home-page "http://search.cpan.org/dist/DBD-Pg")
(synopsis "DBI PostgreSQL interface")
(description "")
(description "This package provides a PostgreSQL driver for the Perl5
@dfn{Database Interface} (DBI).")
(license (package-license perl))))
(define-public perl-dbd-mysql

View file

@ -0,0 +1,69 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages education)
#:use-module (ice-9 regex)
#:use-module (gnu packages)
#:use-module (gnu packages qt)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages perl)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix svn-download)
#:use-module (guix utils)
#:use-module (guix build-system gnu)
#:use-module (guix build-system cmake)
#:use-module (srfi srfi-1))
(define-public stellarium
(package
(name "stellarium")
(version "0.14.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/stellarium/"
"Stellarium-sources/"
version "/stellarium-" version ".tar.gz"))
(sha256 (base32
"1xxil0rv61zc08znfv83cpsc47y1gjl2f3njhz0pn5zd8jpaa15a"))))
(build-system cmake-build-system)
(inputs
`(("qtbase" ,qtbase)
("zlib" ,zlib)
("qtserialport" ,qtserialport)
("qtscript" ,qtscript)
("gettext" ,gnu-gettext)))
(native-inputs
`(("qtbase" ,qtbase) ;Qt MOC is needed at compile time
("qttools" ,qttools)
("perl" ,perl))) ;for 'pod2man'
(arguments
`(#:test-target "tests"
#:phases (modify-phases %standard-phases
(add-before 'check 'set-offscreen-display
(lambda _
(setenv "QT_QPA_PLATFORM" "offscreen")
(setenv "HOME" "/tmp")
#t)))))
(home-page "http://www.stellarium.org/")
(synopsis "3D sky viewer")
(description "Stellarium is a planetarium. It shows a realistic sky in
3D, just like what you see with the naked eye, binoculars, or a telescope.")
(license license:gpl2+)))

View file

@ -1563,7 +1563,7 @@ (define-public emacs-smart-mode-line
(propagated-inputs
`(("emacs-rich-minority" ,emacs-rich-minority)))
(home-page "http://github.com/Malabarba/smart-mode-line")
(synopsis "Color-coded smart mode-line.")
(synopsis "Color-coded smart mode-line")
(description
"Smart Mode Line is a mode-line theme for Emacs. It aims to be easy to
read from small to large monitors by using colors, a prefix feature, and smart

View file

@ -26,10 +26,9 @@ (define-module (gnu packages flex)
#:use-module (gnu packages m4)
#:use-module (gnu packages bison)
#:use-module (gnu packages indent)
#:use-module (srfi srfi-1)
#:export (flex))
#:use-module (srfi srfi-1))
(define flex
(define-public flex
(package
(name "flex")
(version "2.6.0")
@ -79,4 +78,3 @@ (define flex
executes the corresponding C code.")
(license (non-copyleft "file://COPYING"
"See COPYING in the distribution."))))

View file

@ -106,6 +106,16 @@ (define-public libinput
other applications that need to directly deal with input devices.")
(license license:x11)))
(define-public libinput-minimal
(package (inherit libinput)
(name "libinput-minimal")
(inputs
`(("libevdev" ,libevdev)
("mtdev" ,mtdev)))
(arguments
`(#:configure-flags
'("--disable-libwacom")))))
(define-public libxdg-basedir
(package
(name "libxdg-basedir")

View file

@ -40,21 +40,17 @@ (define-public gd
;; Note: With libgd.org now pointing to github.com, genuine old
;; tarballs are no longer available. Notably, versions 2.0.x are
;; missing.
(version "2.2.2")
(version "2.2.3")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/libgd/libgd/releases/download/gd-"
version "/libgd-" version ".tar.xz"))
(patches (search-patches "gd-fix-test-on-i686.patch"
"gd-CVE-2016-5766.patch"
"gd-CVE-2016-6128.patch"
"gd-CVE-2016-6132.patch"
"gd-CVE-2016-6214.patch"))
(sha256
(base32
"1311g5mva2xlzqv3rjqjc4jjkn5lzls4skvr395h633zw1n7b7s8"))))
"0g3xz8jpz1pl2zzmssglrpa9nxiaa7rmcmvgpbrjz8k9cyynqsvl"))
(patches (search-patches "gd-fix-tests-on-i686.patch"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))

View file

@ -257,14 +257,12 @@ (define-public gnunet
%standard-phases)))))
(synopsis "Secure, decentralized, peer-to-peer networking framework")
(description
"GNUnet is a framework for secure peer-to-peer networking that does not
use any centralized or otherwise trusted services. Our high-level goal is to
provide a strong free software foundation for a global network that provides
security and privacy. GNUnet started with an idea for anonymous
censorship-resistant file-sharing, but has grown to incorporate other
applications as well as many generic building blocks for secure networking
applications. In particular, GNUnet now includes the GNU Name System, a
privacy-preserving, decentralized public key infrastructure.")
"GNUnet is a framework for secure peer-to-peer networking. The
high-level goal is to provide a strong foundation of free software for a
global, distributed network that provides security and privacy. GNUnet in
that sense aims to replace the current internet protocol stack. Along with
an application for secure publication of files, it has grown to include all
kinds of basic applications for the foundation of a GNU internet.")
(license license:gpl3+)
(home-page "https://gnunet.org/")))

View file

@ -244,7 +244,7 @@ (define-public wmfire
(native-inputs
`(("pkg-config" ,pkg-config)))
(home-page "http://www.improbability.net/")
(synopsis "Display flames to represent CPU usage, memory usage, etc.")
(synopsis "Display flames to represent resource usage")
(description
"wmfire is an applet for Window Maker that can monitor the average cpu
load, or individual cpu load on SMP computers. Additionally it can monitor the

View file

@ -6205,7 +6205,7 @@ (define-public ghc-socks
`(("ghc-cereal" ,ghc-cereal)
("ghc-network" ,ghc-network)))
(home-page "https://github.com/vincenthz/hs-socks")
(synopsis "SOCKS proxy (version 5) implementation.")
(synopsis "SOCKS proxy (version 5) implementation")
(description
"This library provides a SOCKS proxy (version 5) implementation.")
(license license:bsd-3)))

View file

@ -112,6 +112,6 @@ (define-public oxygen-icons
`(("extra-cmake-modules" ,extra-cmake-modules)
("qtbase" ,qtbase)))
(home-page "https://community.kde.org/Frameworks")
(synopsis "Oxygen provides the standard icon theme for the KDE desktop.")
(synopsis "Oxygen provides the standard icon theme for the KDE desktop")
(description "Oxygen icon theme for the KDE desktop")
(license license:lgpl3+)))

View file

@ -341,13 +341,13 @@ (define-public linux-libre
(define-public linux-libre-4.4
(package
(inherit linux-libre)
(version "4.4.15")
(version "4.4.16")
(source (origin
(method url-fetch)
(uri (linux-libre-urls version))
(sha256
(base32
"0n3lz4xnciif9v3y769q1pjs9321gvl6a2wr10r40sl1ixlk3ipz"))))
"0lgc064r18gxvya5zvv2l4dmcj7161mb34q4frlw9z02ils9d623"))))
(native-inputs
(let ((conf (kernel-config (or (%current-target-system)
(%current-system))
@ -903,7 +903,7 @@ (define-public iptables
(synopsis "Program to configure the Linux IP packet filtering rules")
(description
"iptables is the userspace command line program used to configure the
Linux 2.4.x and later IPv4 packet filtering ruleset. It is targeted towards
Linux 2.4.x and later IPv4 packet filtering ruleset (firewall). It is targeted at
system administrators. Since Network Address Translation is also configured
from the packet filter ruleset, iptables is used for this, too. The iptables
package also includes ip6tables. ip6tables is used for configuring the IPv6

View file

@ -37,7 +37,10 @@ (define-public marst
(base32 "0l6swjy8fjrqw89ghc1vvakg21jmpfkpsw92yssrzkg3rg8vkrry"))))
(build-system gnu-build-system)
(home-page "http://www.gnu.org/software/marst")
(synopsis "Algol to C translator")
(description "MARST is an Algol-to-C translator. It automatically translates programs
written on the algorithmic language Algol 60 to the C programming language.")
(synopsis "Algol-to-C translator")
(description
"GNU MARST is an Algol-to-C translator. The package consists of the
translator itself, a library that contains the necessary Algol 60 procedures,
and a converter that converts existing Algol 60 programs from other
representations to the MARST representation.")
(license gpl3+)))

View file

@ -102,10 +102,13 @@ (define-public c-graph
(build-system gnu-build-system)
(inputs
`(("fortran" ,gfortran)))
(synopsis "Visualize and analyze convolution operations")
(synopsis "Visualizing and demonstrating convolution")
(description
"GNU C-Graph demonstrates the theory of convolution underlying
engineering systems and signal analysis.")
"GNU C-Graph is a tool for demonstrating the theory of convolution.
Thus, it can serve as an excellent aid to students of signal and systems
theory in visualizing the convolution process. Rather than forcing the
student to write code, the program offers an intuitive interface with
interactive dialogs to guide them.")
(license license:gpl3+)
(home-page "http://www.gnu.org/software/c-graph/")))

View file

@ -62,7 +62,7 @@ (define-public macchanger
"1xsiivjjyhqcs6dyjcshrnxlgypvyfzacjz7gcjgl88xiw9lylri"))))
(build-system gnu-build-system)
(home-page "http://www.gnu.org/software/macchanger")
(synopsis "Display or change the MAC address of networking devices")
(synopsis "Viewing and manipulating MAC addresses of network interfaces")
(description "GNU MAC Changer is a utility for viewing and changing MAC
addresses of networking devices. New addresses may be set explicitly or
randomly. They can include MAC addresses of the same or other hardware vendors

View file

@ -56,7 +56,7 @@ (define-public python-bandit
("python-testscenarios" ,python-testscenarios)
("python-testtools" ,python-testtools)))
(home-page "https://wiki.openstack.org/wiki/Security/Projects/Bandit")
(synopsis "Security oriented static analyser for python code.")
(synopsis "Security oriented static analyser for python code")
(description
"Bandit is a tool designed to find common security issues in Python code.
To do this Bandit processes each file, builds an AST from it, and runs

View file

@ -168,6 +168,7 @@ (define (copy arch)
(sha256 hash)))))
`(("bzip2" ,bzip2)
("gzip" ,gzip)
("zlib" ,zlib) ;for 'guix publish'
("sqlite" ,sqlite)
("libgcrypt" ,libgcrypt)

View file

@ -6,6 +6,7 @@
;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se>
;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -266,27 +267,26 @@ (define-public password-store
'(#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-after
;; The script requires 'getopt' at run-time, and this allows
;; the user to not install the providing package 'util-linux'
;; in their profile.
'unpack 'patch-path
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((getopt (string-append (assoc-ref inputs "getopt")
"/bin/getopt")))
(substitute* "src/password-store.sh"
(("GETOPT=\"getopt\"")
(string-append "GETOPT=\"" getopt "\"")))
#t))))
(add-after 'install 'wrap-path
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out"))
(path (map (lambda (pkg)
(string-append (assoc-ref inputs pkg) "/bin"))
'("coreutils" "getopt" "git" "gnupg" "pwgen"
"sed" "tree" "which" "xclip"))))
(wrap-program (string-append out "/bin/pass")
`("PATH" ":" prefix (,(string-join path ":"))))))))
#:make-flags (list "CC=gcc" (string-append "PREFIX=" %output))
#:test-target "test"))
(native-inputs `(("getopt" ,util-linux))) ; getopt for the tests
(inputs `(("gnupg" ,gnupg)
("pwgen" ,pwgen)
("xclip" ,xclip)
("git" ,git)
("tree" ,tree)
("which" ,which)))
(inputs
`(("getopt" ,util-linux)
("git" ,git)
("gnupg" ,gnupg)
("pwgen" ,pwgen)
("sed" ,sed)
("tree" ,tree)
("which" ,which)
("xclip" ,xclip)))
(home-page "http://www.passwordstore.org/")
(synopsis "Encrypted password manager")
(description "Password-store is a password manager which uses GnuPG to

View file

@ -1,81 +0,0 @@
Fix CVE-2016-5766 (Integer Overflow in _gd2GetHeader() resulting in heap
overflow).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
Adapted from upstream commits:
https://github.com/libgd/libgd/commit/aba3db8ba159465ecec1089027a24835a6da9cc0
https://github.com/libgd/libgd/commit/a6a0e7feabb2a9738086a5dc96348f233c87fa79
Since `patch` cannot apply Git binary diffs, we omit the addition of
'tests/gd2/php_bug_72339.c' and its associated binary data.
From aba3db8ba159465ecec1089027a24835a6da9cc0 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Tue, 28 Jun 2016 16:23:42 +0700
Subject: [PATCH] fix php bug 72339 (CVE-2016-5766), Integer Overflow in
_gd2GetHeader() resulting in heap overflow
---
src/gd_gd2.c | 5 ++++-
tests/gd2/CMakeLists.txt | 1 +
tests/gd2/Makemodule.am | 6 ++++--
tests/gd2/php_bug_72339.c | 21 +++++++++++++++++++++
tests/gd2/php_bug_72339_exp.gd2 | Bin 0 -> 67108882 bytes
5 files changed, 30 insertions(+), 3 deletions(-)
create mode 100644 tests/gd2/php_bug_72339.c
create mode 100644 tests/gd2/php_bug_72339_exp.gd2
diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index fd1e0c9..bdbbecf 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -154,8 +154,11 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
nc = (*ncx) * (*ncy);
GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
sidx = sizeof (t_chunk_info) * nc;
+ if (overflow2(sidx, nc)) {
+ goto fail1;
+ }
cidx = gdCalloc (sidx, 1);
- if (!cidx) {
+ if (cidx == NULL) {
goto fail1;
}
for (i = 0; i < nc; i++) {
From a6a0e7feabb2a9738086a5dc96348f233c87fa79 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Wed, 29 Jun 2016 09:36:26 +0700
Subject: [PATCH] fix php bug 72339 (CVE-2016-5766), Integer Overflow in
_gd2GetHeader() resulting in heap overflow. Sync with php's sync
---
src/gd_gd2.c | 7 ++++++-
tests/gd2/php_bug_72339.c | 2 +-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index bdbbecf..2837456 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -152,11 +152,16 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
if (gd2_compressed (*fmt)) {
nc = (*ncx) * (*ncy);
+
GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
+ if (overflow2(sizeof(t_chunk_info), nc)) {
+ goto fail1;
+ }
sidx = sizeof (t_chunk_info) * nc;
- if (overflow2(sidx, nc)) {
+ if (sidx <= 0) {
goto fail1;
}
+
cidx = gdCalloc (sidx, 1);
if (cidx == NULL) {
goto fail1;
--
2.9.1

View file

@ -1,253 +0,0 @@
Fix CVE-2016-6128 (invalid color index is not properly handled leading
to denial of service).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6128
Copied from upstream commits:
https://github.com/libgd/libgd/compare/3fe0a7128bac5000fdcfab888bd2a75ec0c9447d...fd623025505e87bba7ec8555eeb72dae4fb0afd
From 1ccfe21e14c4d18336f9da8515cd17db88c3de61 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:17:39 +0700
Subject: [PATCH 1/8] fix php 72494, invalid color index not handled, can lead
to crash
---
src/gd_crop.c | 4 ++++
tests/CMakeLists.txt | 1 +
tests/Makefile.am | 1 +
3 files changed, 6 insertions(+)
diff --git a/src/gd_crop.c b/src/gd_crop.c
index 0296633..532b49b 100644
--- a/src/gd_crop.c
+++ b/src/gd_crop.c
@@ -136,6 +136,10 @@ BGD_DECLARE(gdImagePtr) gdImageCropThreshold(gdImagePtr im, const unsigned int c
return NULL;
}
+ if (color < 0 || (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im))) {
+ return NULL;
+ }
+
/* TODO: Add gdImageGetRowPtr and works with ptr at the row level
* for the true color and palette images
* new formats will simply work with ptr
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 6f5c786..5093d52 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -31,6 +31,7 @@ if (BUILD_TEST)
gdimagecolortransparent
gdimagecopy
gdimagecopyrotated
+ gdimagecrop
gdimagefile
gdimagefill
gdimagefilledellipse
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4f6e756..5a0ebe8 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -25,6 +25,7 @@ include gdimagecolorresolve/Makemodule.am
include gdimagecolortransparent/Makemodule.am
include gdimagecopy/Makemodule.am
include gdimagecopyrotated/Makemodule.am
+include gdimagecrop/Makemodule.am
include gdimagefile/Makemodule.am
include gdimagefill/Makemodule.am
include gdimagefilledellipse/Makemodule.am
--
2.9.1
From 8c9f39c7cb1f62ea00bc7a48aff64d3811c2d6d0 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:20:07 +0700
Subject: [PATCH 2/8] fix php 72494, invalid color index not handled, can lead
to crash
---
tests/gdimagecrop/.gitignore | 1 +
1 file changed, 1 insertion(+)
create mode 100644 tests/gdimagecrop/.gitignore
diff --git a/tests/gdimagecrop/.gitignore b/tests/gdimagecrop/.gitignore
new file mode 100644
index 0000000..8e8c9c3
--- /dev/null
+++ b/tests/gdimagecrop/.gitignore
@@ -0,0 +1 @@
+/php_bug_72494
--
2.9.1
From 8de370b7b6263a02268037a7cd13ddd991b43ea9 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:24:50 +0700
Subject: [PATCH 3/8] fix php 72494, invalid color index not handled, can lead
to crash
---
tests/gdimagecrop/CMakeLists.txt | 5 +++++
1 file changed, 5 insertions(+)
create mode 100644 tests/gdimagecrop/CMakeLists.txt
diff --git a/tests/gdimagecrop/CMakeLists.txt b/tests/gdimagecrop/CMakeLists.txt
new file mode 100644
index 0000000..f7e4c7e
--- /dev/null
+++ b/tests/gdimagecrop/CMakeLists.txt
@@ -0,0 +1,5 @@
+SET(TESTS_FILES
+ php_bug_72494
+)
+
+ADD_GD_TESTS()
--
2.9.1
From bca12e4e11ecda8a0ea719472700ad5c2b36a0d6 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:25:12 +0700
Subject: [PATCH 4/8] fix php 72494, invalid color index not handled, can lead
to crash
---
tests/gdimagecrop/Makemodule.am | 5 +++++
1 file changed, 5 insertions(+)
create mode 100644 tests/gdimagecrop/Makemodule.am
diff --git a/tests/gdimagecrop/Makemodule.am b/tests/gdimagecrop/Makemodule.am
new file mode 100644
index 0000000..210888b
--- /dev/null
+++ b/tests/gdimagecrop/Makemodule.am
@@ -0,0 +1,5 @@
+libgd_test_programs += \
+ gdimagecrop/php_bug_72494
+
+EXTRA_DIST += \
+ gdimagecrop/CMakeLists.txt
--
2.9.1
From 6ff72ae40c7c20ece939afb362d98cc37f4a1c96 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:25:40 +0700
Subject: [PATCH 5/8] fix php 72494, invalid color index not handled, can lead
to crash
---
tests/gdimagecrop/php_bug_72494.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
create mode 100644 tests/gdimagecrop/php_bug_72494.c
diff --git a/tests/gdimagecrop/php_bug_72494.c b/tests/gdimagecrop/php_bug_72494.c
new file mode 100644
index 0000000..adaa379
--- /dev/null
+++ b/tests/gdimagecrop/php_bug_72494.c
@@ -0,0 +1,23 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include "gd.h"
+
+#include "gdtest.h"
+
+int main()
+{
+ gdImagePtr im, exp;
+ int error = 0;
+
+ im = gdImageCreate(50, 50);
+
+ if (!im) {
+ gdTestErrorMsg("gdImageCreate failed.\n");
+ return 1;
+ }
+
+ gdImageCropThreshold(im, 1337, 0);
+ gdImageDestroy(im);
+ /* this bug tests a crash, it never reaches this point if the bug exists*/
+ return 0;
+}
--
2.9.1
From a0f9f8f7bd0d3a6c6afd6d180b8e75d93aadddfa Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:38:07 +0700
Subject: [PATCH 6/8] fix php 72494, CID 149753, color is unsigned int, remove
useless <0 comparison
---
src/gd_crop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/gd_crop.c b/src/gd_crop.c
index 532b49b..d51ad67 100644
--- a/src/gd_crop.c
+++ b/src/gd_crop.c
@@ -136,7 +136,7 @@ BGD_DECLARE(gdImagePtr) gdImageCropThreshold(gdImagePtr im, const unsigned int c
return NULL;
}
- if (color < 0 || (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im))) {
+ if (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im)) {
return NULL;
}
--
2.9.1
From 907115fbb980862934d0de91af4977a216745039 Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 11:51:40 +0700
Subject: [PATCH 7/8] fix php 72494, CID 149753, color is unsigned int, remove
useless <0 comparison
---
tests/gdimagecrop/php_bug_72494.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/gdimagecrop/php_bug_72494.c b/tests/gdimagecrop/php_bug_72494.c
index adaa379..5cb589b 100644
--- a/tests/gdimagecrop/php_bug_72494.c
+++ b/tests/gdimagecrop/php_bug_72494.c
@@ -6,7 +6,7 @@
int main()
{
- gdImagePtr im, exp;
+ gdImagePtr im;
int error = 0;
im = gdImageCreate(50, 50);
--
2.9.1
From fd623025505e87bba7ec8555eeb72dae4fb0afdc Mon Sep 17 00:00:00 2001
From: Pierre Joye <pierre.php@gmail.com>
Date: Mon, 27 Jun 2016 12:04:25 +0700
Subject: [PATCH 8/8] fix php 72494, CID 149753, color is unsigned int, remove
useless <0 comparison
---
tests/gdimagecrop/php_bug_72494.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/tests/gdimagecrop/php_bug_72494.c b/tests/gdimagecrop/php_bug_72494.c
index 5cb589b..3bd19be 100644
--- a/tests/gdimagecrop/php_bug_72494.c
+++ b/tests/gdimagecrop/php_bug_72494.c
@@ -7,7 +7,6 @@
int main()
{
gdImagePtr im;
- int error = 0;
im = gdImageCreate(50, 50);
--
2.9.1

View file

@ -1,55 +0,0 @@
Fix CVE-2016-6132 (read out-of-bounds when parsing TGA files).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6132
Copied from upstream commit:
https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
From ead349e99868303b37f5e6e9d9d680c9dc71ff8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
Date: Tue, 12 Jul 2016 11:24:09 +0200
Subject: [PATCH] Fix #247, A read out-of-bands was found in the parsing of TGA
files (CVE-2016-6132)
---
src/gd_tga.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/src/gd_tga.c b/src/gd_tga.c
index ef20f86..20fe2d2 100644
--- a/src/gd_tga.c
+++ b/src/gd_tga.c
@@ -237,7 +237,11 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga )
return -1;
}
- gdGetBuf(conversion_buffer, image_block_size, ctx);
+ if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) {
+ gd_error("gd-tga: premature end of image data\n");
+ gdFree(conversion_buffer);
+ return -1;
+ }
while (buffer_caret < image_block_size) {
tga->bitmap[buffer_caret] = (int) conversion_buffer[buffer_caret];
@@ -257,11 +261,16 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga )
}
conversion_buffer = (unsigned char *) gdMalloc(image_block_size * sizeof(unsigned char));
if (conversion_buffer == NULL) {
+ gd_error("gd-tga: premature end of image data\n");
gdFree( decompression_buffer );
return -1;
}
- gdGetBuf( conversion_buffer, image_block_size, ctx );
+ if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) {
+ gdFree(conversion_buffer);
+ gdFree(decompression_buffer);
+ return -1;
+ }
buffer_caret = 0;
--
2.9.1

View file

@ -1,66 +0,0 @@
Fix CVE-2016-6214 (read out-of-bounds when parsing TGA files).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214
Adapted from upstream commit:
https://github.com/libgd/libgd/commit/341aa68843ceceae9ba6e083431f14a07bd92308
Since `patch` cannot apply Git binary diffs, we omit the addition of
'tests/tga/bug00247a.c' and its associated binary data.
From 341aa68843ceceae9ba6e083431f14a07bd92308 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Tue, 12 Jul 2016 19:23:13 +0200
Subject: [PATCH] Unsupported TGA bpp/alphabit combinations should error
gracefully
Currently, only 24bpp without alphabits and 32bpp with 8 alphabits are
really supported. All other combinations will be rejected with a warning.
(cherry picked from commit cb1a0b7e54e9aa118270c23a4a6fe560e4590dc9)
---
src/gd_tga.c | 16 ++++++----------
tests/tga/.gitignore | 1 +
tests/tga/CMakeLists.txt | 1 +
tests/tga/Makemodule.am | 4 +++-
tests/tga/bug00247a.c | 19 +++++++++++++++++++
tests/tga/bug00247a.tga | Bin 0 -> 36 bytes
6 files changed, 30 insertions(+), 11 deletions(-)
create mode 100644 tests/tga/bug00247a.c
create mode 100644 tests/tga/bug00247a.tga
diff --git a/src/gd_tga.c b/src/gd_tga.c
index 20fe2d2..b4f8fa6 100644
--- a/src/gd_tga.c
+++ b/src/gd_tga.c
@@ -99,7 +99,7 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromTgaCtx(gdIOCtx* ctx)
if (tga->bits == TGA_BPP_24) {
*tpix = gdTrueColor(tga->bitmap[bitmap_caret + 2], tga->bitmap[bitmap_caret + 1], tga->bitmap[bitmap_caret]);
bitmap_caret += 3;
- } else if (tga->bits == TGA_BPP_32 || tga->alphabits) {
+ } else if (tga->bits == TGA_BPP_32 && tga->alphabits) {
register int a = tga->bitmap[bitmap_caret + 3];
*tpix = gdTrueColorAlpha(tga->bitmap[bitmap_caret + 2], tga->bitmap[bitmap_caret + 1], tga->bitmap[bitmap_caret], gdAlphaMax - (a >> 1));
@@ -159,16 +159,12 @@ int read_header_tga(gdIOCtx *ctx, oTga *tga)
printf("wxh: %i %i\n", tga->width, tga->height);
#endif
- switch(tga->bits) {
- case 8:
- case 16:
- case 24:
- case 32:
- break;
- default:
- gd_error("bps %i not supported", tga->bits);
+ if (!((tga->bits == TGA_BPP_24 && tga->alphabits == 0)
+ || (tga->bits == TGA_BPP_32 && tga->alphabits == 8)))
+ {
+ gd_error_ex(GD_WARNING, "gd-tga: %u bits per pixel with %u alpha bits not supported\n",
+ tga->bits, tga->alphabits);
return -1;
- break;
}
tga->ident = NULL;

View file

@ -1,34 +0,0 @@
Disable part of the gdimagerotate test on architectures such as i686
where intermediate floating-point operations are done with 80-bit long
doubles, and typically later rounded to 64-bit doubles. This double
rounding causes small differences in the resulting pixel values
compared with other architectures, causing the image comparison to
fail.
Patch by Mark H Weaver <mhw@netris.org>.
--- libgd-2.2.2/tests/gdimagerotate/bug00067.c 1969-12-31 19:00:00.000000000 -0500
+++ libgd-2.2.2/tests/gdimagerotate/bug00067.c 2016-07-18 12:19:19.885423132 -0400
@@ -1,5 +1,6 @@
#include <stdio.h>
#include <stdlib.h>
+#include <float.h>
#include "gd.h"
#include "gdtest.h"
@@ -41,6 +42,7 @@
return 1;
}
+#if FLT_EVAL_METHOD != 2
sprintf(filename, "bug00067_%03d_exp.png", angle);
path = gdTestFilePath2("gdimagerotate", filename);
if (!gdAssertImageEqualsToFile(path, exp)) {
@@ -48,6 +50,7 @@
error += 1;
}
free(path);
+#endif
gdImageDestroy(exp);
}

View file

@ -0,0 +1,66 @@
Disable some image comparison tests on architectures such as i686
where intermediate floating-point operations are done with 80-bit long
doubles, and typically later rounded to 64-bit doubles. This double
rounding causes small differences in the resulting pixel values
compared with other architectures, causing the image comparisons to
fail.
Patch by Mark H Weaver <mhw@netris.org>.
diff -ru libgd-2.2.3.orig/tests/gdimagecopyresampled/basic_alpha.c libgd-2.2.3/tests/gdimagecopyresampled/basic_alpha.c
--- libgd-2.2.3.orig/tests/gdimagecopyresampled/basic_alpha.c 2016-07-21 04:06:42.000000000 -0400
+++ libgd-2.2.3/tests/gdimagecopyresampled/basic_alpha.c 2016-07-29 13:50:56.214877446 -0400
@@ -1,5 +1,6 @@
/* Testing basic gdImageCopyResampled() functionality with alpha channel */
+#include <float.h>
#include "gd.h"
#include "gdtest.h"
@@ -33,7 +34,8 @@
gdImageCopyResampled(copy, im, 0,0, 0,0, 200,200, 400,300);
gdImageDestroy(im);
- gdAssertImageEqualsToFile("gdimagecopyresampled/basic_alpha_exp.png", copy);
+ if (FLT_EVAL_METHOD != 2)
+ gdAssertImageEqualsToFile("gdimagecopyresampled/basic_alpha_exp.png", copy);
gdImageDestroy(copy);
return gdNumFailures();
diff -ru libgd-2.2.3.orig/tests/gdimagecopyresampled/bug00201.c libgd-2.2.3/tests/gdimagecopyresampled/bug00201.c
--- libgd-2.2.3.orig/tests/gdimagecopyresampled/bug00201.c 2016-07-21 04:06:42.000000000 -0400
+++ libgd-2.2.3/tests/gdimagecopyresampled/bug00201.c 2016-07-29 13:50:30.638559003 -0400
@@ -1,3 +1,4 @@
+#include <float.h>
#include "gd.h"
#include "gdtest.h"
@@ -65,7 +66,8 @@
gdImageDestroy(background);
gdImageDestroy(scaled_logo);
- gdAssertImageEqualsToFile("gdimagecopyresampled/bug00201_exp.png", img);
+ if (FLT_EVAL_METHOD != 2)
+ gdAssertImageEqualsToFile("gdimagecopyresampled/bug00201_exp.png", img);
gdImageDestroy(img);
return gdNumFailures();
}
diff -ru libgd-2.2.3.orig/tests/gdimagerotate/bug00067.c libgd-2.2.3/tests/gdimagerotate/bug00067.c
--- libgd-2.2.3.orig/tests/gdimagerotate/bug00067.c 2016-06-18 05:42:16.000000000 -0400
+++ libgd-2.2.3/tests/gdimagerotate/bug00067.c 2016-07-29 13:50:07.566271765 -0400
@@ -1,5 +1,6 @@
#include <stdio.h>
#include <stdlib.h>
+#include <float.h>
#include "gd.h"
#include "gdtest.h"
@@ -43,7 +44,7 @@
sprintf(filename, "bug00067_%03d_exp.png", angle);
path = gdTestFilePath2("gdimagerotate", filename);
- if (!gdAssertImageEqualsToFile(path, exp)) {
+ if (FLT_EVAL_METHOD != 2 && !gdAssertImageEqualsToFile(path, exp)) {
gdTestErrorMsg("comparing rotated image to %s failed.\n", path);
error += 1;
}

View file

@ -1930,7 +1930,7 @@ (define-public perl-devel-stacktrace-ashtml
(define-public perl-devel-symdump
(package
(name "perl-devel-symdump")
(version "2.14")
(version "2.17")
(source
(origin
(method url-fetch)
@ -1938,7 +1938,7 @@ (define-public perl-devel-symdump
"Devel-Symdump-" version ".tar.gz"))
(sha256
(base32
"1phyyxgxsymgzbjd524zlaavvay6vjw34af5zn9153qffqign54v"))))
"0qkfjk7bm7jwn9d9qaldg298zvkqh2f19fgvfh5j1rp66mwzql1c"))))
(build-system perl-build-system)
(home-page "http://search.cpan.org/dist/Devel-Symdump")
(synopsis "Dump symbol names or the symbol table")
@ -5732,7 +5732,7 @@ (define-public perl-test-trap
`(("perl-test-tester" ,perl-test-tester)
("perl-data-dump" ,perl-data-dump)))
(home-page "http://search.cpan.org/dist/Test-Trap")
(synopsis "Trap exit codes, exceptions, output, etc.")
(synopsis "Trap exit codes, exceptions, output, and so on")
(description "This module is primarily (but not exclusively) for use in
test scripts: A block eval configurable and extensible but by default trapping
STDOUT, STDERR, warnings, exceptions, would-be exit codes, and return values

View file

@ -37,12 +37,9 @@ (define-module (gnu packages pulseaudio)
#:use-module (gnu packages linux)
#:use-module (gnu packages m4)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages xiph)
#:export (libsndfile
libsamplerate
pulseaudio))
#:use-module (gnu packages xiph))
(define libsndfile
(define-public libsndfile
(package
(name "libsndfile")
(version "1.0.26")
@ -75,7 +72,7 @@ (define libsndfile
for reading and writing new sound file formats.")
(license l:gpl2+)))
(define libsamplerate
(define-public libsamplerate
(package
(name "libsamplerate") ; aka. Secret Rabbit Code (SRC)
(version "0.1.8")
@ -113,7 +110,7 @@ (define libsamplerate
rates.")
(license l:gpl2+)))
(define pulseaudio
(define-public pulseaudio
(package
(name "pulseaudio")
(version "8.0")

View file

@ -4653,14 +4653,14 @@ (define-public python2-lxml
(define-public python-beautifulsoup4
(package
(name "python-beautifulsoup4")
(version "4.4.1")
(version "4.5.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "beautifulsoup4" version))
(sha256
(base32
"1d36lc4pfkvl74fmzdib2nqnvknm0jddgf2n9yd7im150qyh3m47"))))
"1rf94360s8pmn37vxqjl0g74krq2p6nj3wbn6pj94ik6ny44q24f"))))
(build-system python-build-system)
(home-page
"http://www.crummy.com/software/BeautifulSoup/bs4/")
@ -5023,7 +5023,7 @@ (define-public python-backports-abc
(inputs
`(("python-setuptools" ,python-setuptools)))
(home-page "https://github.com/cython/backports_abc")
(synopsis "Backport of additions to the 'collections.abc' module.")
(synopsis "Backport of additions to the 'collections.abc' module")
(description
"Python-backports-abc provides a backport of additions to the
'collections.abc' module in Python-3.5.")
@ -5998,7 +5998,7 @@ (define-public python-cryptography-vectors
(native-inputs
`(("python-setuptools" ,python-setuptools)))
(home-page "https://github.com/pyca/cryptography")
(synopsis "Test vectors for the cryptography package.")
(synopsis "Test vectors for the cryptography package")
(description
"This package contains test vectors for the cryptography package.")
;; Distributed under either BSD-3 or ASL2.0
@ -9297,7 +9297,7 @@ (define-public python-wcwidth
"02wjrpf001gjdjsaxxbzcwfg19crlk2dbddayrfc2v06f53yrcyw"))))
(build-system python-build-system)
(home-page "https://github.com/jquast/wcwidth")
(synopsis "Measure number of terminal column cells of wide-character codes.")
(synopsis "Measure number of terminal column cells of wide-character codes")
(description "Wcwidth measures the number of terminal column cells of
wide-character codes. It is useful for those implementing a terminal emulator,
or programs that carefully produce output to be interpreted by one. It is a

View file

@ -19,27 +19,27 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages qemu)
#:use-module (guix download)
#:use-module (guix packages)
#:use-module (guix utils)
#:use-module ((guix licenses) #:select (gpl2))
#:use-module (guix build-system gnu)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages glib)
#:use-module (gnu packages python)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages compression)
#:use-module (gnu packages image)
#:use-module (gnu packages attr)
#:use-module (gnu packages linux)
#:use-module (gnu packages libusb)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages compression)
#:use-module (gnu packages gl)
#:use-module (gnu packages sdl)
#:use-module (gnu packages glib)
#:use-module (gnu packages image)
#:use-module (gnu packages libusb)
#:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages sdl)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages xdisorg)
#:use-module (guix build-system gnu)
#:use-module (guix download)
#:use-module ((guix licenses) #:select (gpl2))
#:use-module (guix packages)
#:use-module (guix utils)
#:use-module (srfi srfi-1))
(define (qemu-patch commit file-name sha256)

View file

@ -4050,7 +4050,7 @@ (define-public ruby-timecop
("ruby-minitest-rg" ,ruby-minitest-rg)
("ruby-mocha" ,ruby-mocha)
("ruby-activesupport" ,ruby-activesupport)))
(synopsis "Test mocks for time-dependent functions.")
(synopsis "Test mocks for time-dependent functions")
(description
"Timecop provides \"time travel\" and \"time freezing\" capabilities,
making it easier to test time-dependent code. It provides a unified method to
@ -4116,4 +4116,3 @@ (define-public ruby-concurrent
patterns.")
(home-page "http://www.concurrent-ruby.com")
(license license:expat)))

View file

@ -38,17 +38,9 @@ (define-module (gnu packages sdl)
#:use-module (gnu packages gl)
#:use-module (gnu packages xiph)
#:use-module (gnu packages xorg)
#:export (sdl
sdl2
libmikmod
sdl-gfx
sdl-image
sdl-mixer
sdl-net
sdl-ttf
sdl-union))
#:export (sdl-union))
(define sdl
(define-public sdl
(package
(name "sdl")
(version "1.2.15")
@ -92,7 +84,7 @@ (define sdl
(home-page "http://libsdl.org/")
(license lgpl2.1)))
(define sdl2
(define-public sdl2
(package (inherit sdl)
(name "sdl2")
(version "2.0.4")
@ -106,7 +98,7 @@ (define sdl2
"0jqp46mxxbh9lhpx1ih6sp93k752j2smhpc0ad0q4cb3px0famfs"))))
(license bsd-3)))
(define libmikmod
(define-public libmikmod
(package
(name "libmikmod")
(version "3.3.7")
@ -131,7 +123,7 @@ (define libmikmod
(license lgpl2.1)
(home-page "http://mikmod.sourceforge.net/")))
(define sdl-gfx
(define-public sdl-gfx
(package
(name "sdl-gfx")
(version "2.0.24")
@ -155,7 +147,7 @@ (define sdl-gfx
;; MIPS, at least.
(supported-systems '("i686-linux" "x86_64-linux"))))
(define sdl-image
(define-public sdl-image
(package
(name "sdl-image")
(version "1.2.12")
@ -191,7 +183,7 @@ (define sdl-image
(home-page "http://www.libsdl.org/projects/SDL_image/")
(license zlib)))
(define sdl-mixer
(define-public sdl-mixer
(package
(name "sdl-mixer")
(version "1.2.12")
@ -229,7 +221,7 @@ (define sdl-mixer
(home-page "http://www.libsdl.org/projects/SDL_mixer/")
(license zlib)))
(define sdl-net
(define-public sdl-net
(package
(name "sdl-net")
(version "1.2.8")
@ -250,7 +242,7 @@ (define sdl-net
(home-page "http://www.libsdl.org/projects/SDL_net/")
(license zlib)))
(define sdl-ttf
(define-public sdl-ttf
(package
(name "sdl-ttf")
(version "2.0.11")

View file

@ -26,8 +26,7 @@ (define-module (gnu packages search)
#:use-module (gnu packages compression)
#:use-module (gnu packages check)
#:use-module (gnu packages databases)
#:use-module (gnu packages linux)
#:export (xapian))
#:use-module (gnu packages linux))
(define-public xapian
(package

View file

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Claes Wallin <claes.wallin@greatsinodevelopment.com>
;;; Copyright © 2016 Eric Le Bihan <eric.le.bihan.dev@free.fr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -26,7 +27,7 @@ (define-module (gnu packages skarnet)
(define-public skalibs
(package
(name "skalibs")
(version "2.3.5.1")
(version "2.3.10.0")
(source
(origin
(method url-fetch)
@ -34,7 +35,7 @@ (define-public skalibs
version ".tar.gz"))
(sha256
(base32
"1m31wph4qr4mqgv51nzwd9nw0x5vmpkcxr48i216wn3dpy3mvxwy"))))
"0i7af224kl1crxgml09wx0x6q8ab79vnyrllfwv2lnq585wi9mg4"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--enable-force-devr") ; do not analyze /dev/random
@ -51,7 +52,7 @@ (define-public skalibs
(define-public execline
(package
(name "execline")
(version "2.1.2.2")
(version "2.1.5.0")
(source
(origin
(method url-fetch)
@ -59,7 +60,7 @@ (define-public execline
version ".tar.gz"))
(sha256
(base32
"01pckac5zijf6icrhwicbmq92yq68gfkf1yl03rr2v4q3cn8r85f"))))
"0hhirdmyh3sj9qagkis7addmmdvyic717wkb6ym3n63kvfk0adla"))))
(build-system gnu-build-system)
(inputs `(("skalibs" ,skalibs)))
(arguments
@ -90,3 +91,116 @@ (define-public execline
globbing, redirection and other shell concepts, expressed as discrete commands
rather than in special syntax, minimizing runtime footprint and
complexity.")))
(define-public s6
(package
(name "s6")
(version "2.3.0.0")
(source
(origin
(method url-fetch)
(uri (string-append "http://skarnet.org/software/s6/s6-"
version ".tar.gz"))
(sha256
(base32
"1rp8i228zxzbia1799pdav1kkzdk96fax9bcfyf2gilkdm3s1ja9"))))
(build-system gnu-build-system)
(inputs `(("skalibs" ,skalibs)
("execline" ,execline)))
(arguments
'(#:configure-flags (list
(string-append "--with-lib="
(assoc-ref %build-inputs "skalibs")
"/lib/skalibs")
(string-append "--with-lib="
(assoc-ref %build-inputs "execline")
"/lib/execline")
(string-append "--with-sysdeps="
(assoc-ref %build-inputs "skalibs")
"/lib/skalibs/sysdeps"))
#:tests? #f))
(home-page "http://skarnet.org/software/s6")
(license isc)
(synopsis "Small suite of programs for process supervision")
(description
"s6 is a small suite of programs for UNIX, designed to allow process
supervision (a.k.a. service supervision), in the line of daemontools and
runit, as well as various operations on processes and daemons. It is meant to
be a toolbox for low-level process and service administration, providing
different sets of independent tools that can be used within or without the
framework, and that can be assembled together to achieve powerful
functionality with a very small amount of code.")))
(define-public s6-dns
(package
(name "s6-dns")
(version "2.0.1.0")
(source
(origin
(method url-fetch)
(uri (string-append "http://skarnet.org/software/s6-dns/s6-dns-"
version ".tar.gz"))
(sha256
(base32
"1ji47iy8czx4jmi763dxd6lgjbnp4vqqgcijh46ym65l0a97z04w"))))
(build-system gnu-build-system)
(inputs `(("skalibs" ,skalibs)))
(arguments
'(#:configure-flags (list
(string-append "--with-lib="
(assoc-ref %build-inputs "skalibs")
"/lib/skalibs")
(string-append "--with-sysdeps="
(assoc-ref %build-inputs "skalibs")
"/lib/skalibs/sysdeps"))
#:tests? #f))
(home-page "http://skarnet.org/software/s6-dns")
(license isc)
(synopsis "Suite of DNS client programs")
(description
"s6-dns is a suite of DNS client programs and libraries for Unix systems,
as an alternative to the BIND, djbdns or other DNS clients.")))
(define-public s6-networking
(package
(name "s6-networking")
(version "2.1.1.0")
(source
(origin
(method url-fetch)
(uri (string-append "http://skarnet.org/software/s6-networking/s6-networking-"
version ".tar.gz"))
(sha256
(base32
"0r8gfv0l2k449nacjy919gqlgn25q7fjxaqra5r37k7kiikkgqfw"))))
(build-system gnu-build-system)
(inputs `(("skalibs" ,skalibs)
("execline" ,execline)
("s6" ,s6)
("s6-dns" ,s6-dns)))
(arguments
'(#:configure-flags (list
(string-append "--with-lib="
(assoc-ref %build-inputs "skalibs")
"/lib/skalibs")
(string-append "--with-lib="
(assoc-ref %build-inputs "execline")
"/lib/execline")
(string-append "--with-lib="
(assoc-ref %build-inputs "s6")
"/lib/s6")
(string-append "--with-lib="
(assoc-ref %build-inputs "s6-dns")
"/lib/s6-dns")
(string-append "--with-sysdeps="
(assoc-ref %build-inputs "skalibs")
"/lib/skalibs/sysdeps"))
#:tests? #f))
(home-page "http://skarnet.org/software/s6-networking")
(license isc)
(synopsis "Suite of network utilities for Unix systems")
(description
"s6-networking is a suite of small networking utilities for Unix systems.
It includes command-line client and server management, TCP access control,
privilege escalation across UNIX domain sockets, IDENT protocol management and
clock synchronization.")))

297
gnu/packages/spice.scm Normal file
View file

@ -0,0 +1,297 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 David Craven <david@craven.ch>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages spice)
#:use-module (gnu packages)
#:use-module (gnu packages compression)
#:use-module (gnu packages gl)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnome)
#:use-module (gnu packages gstreamer)
#:use-module (gnu packages gtk)
#:use-module (gnu packages image)
#:use-module (gnu packages libusb)
#:use-module (gnu packages linux)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages pulseaudio)
#:use-module (gnu packages python)
#:use-module (gnu packages tls)
#:use-module (gnu packages xorg)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xiph)
#:use-module (gnu packages xml)
#:use-module (guix build-system gnu)
#:use-module (guix download)
#:use-module (guix packages)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix utils))
(define-public usbredir
(package
(name "usbredir")
(version "0.7.1")
(source (origin
(method url-fetch)
(uri (string-append
"http://spice-space.org/download/usbredir/"
"usbredir-" version ".tar.bz2"))
(sha256
(base32
"1wsnmk4wjpdhbn1zaxg6bmyxspcki2zgy0am9lk037rnl4krwzj0"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libusb" ,libusb)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(synopsis "Tools for sending USB device traffic over a network")
(description "Usbredir is a network protocol for sending USB device traffic
over a network connection. It can be used to redirect traffic from a USB device
to a different (virtual) machine than the one to which the USB device is
attached.")
(home-page "http://www.spice-space.org")
(license (list license:gpl2+ license:lgpl2.0+ license:lgpl2.1+))))
(define-public virglrenderer
(package
(name "virglrenderer")
(version "0.5.0")
(source (origin
(method url-fetch)
(uri (string-append
"https://www.freedesktop.org/software/virgl/"
"virglrenderer-" version ".tar.bz2"))
(sha256
(base32
"1dj0j8nbyr7nrpds4dqlp43ji8ixjyqhgw6ywlz1r9dn6cs5m5d1"))))
(build-system gnu-build-system)
(inputs
`(("libepoxy" ,libepoxy)
("mesa" ,mesa)
("udev" ,eudev)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(synopsis "Virtual 3D GPU library")
(description "A virtual 3D GPU library that enables a virtualized operating
system to use the host GPU to accelerate 3D rendering.")
(home-page "https://virgil3d.github.io")
(license (list license:expat license:bsd-3))))
(define-public spice-protocol
(package
(name "spice-protocol")
(version "0.12.11")
(source (origin
(method url-fetch)
(uri (string-append
"http://www.spice-space.org/download/releases/"
"spice-protocol-" version ".tar.bz2"))
(sha256
(base32
"0c33kg3vdz3nnl2wjfbgmszz5hbjbvsw6map35dj9hxnpwwf9fi2"))))
(build-system gnu-build-system)
(synopsis "Protocol headers for the SPICE protocol")
(description "SPICE (the Simple Protocol for Independent Computing
Environments) is a remote-display system built for virtual environments
which allows users to view a desktop computing environment.")
(home-page "http://www.spice-space.org")
(license (list license:bsd-3 license:lgpl2.1+))))
(define-public spice-gtk
(package
(name "spice-gtk")
(version "0.32")
(source (origin
(method url-fetch)
(uri (string-append
"http://spice-space.org/download/gtk/"
"spice-gtk-" version ".tar.bz2"))
(sha256
(base32
"00pf94xh2xf0h1g13lnavxrysd0d0x22l5jl108cvq1mjc4z8j2c"))))
(build-system gnu-build-system)
(propagated-inputs
`(("gstreamer" ,gstreamer)
("gst-libav" ,gst-libav)
("gst-plugins-base" ,gst-plugins-base)
("gst-plugins-good" ,gst-plugins-good)
("gst-plugins-bad" ,gst-plugins-bad)
("gst-plugins-ugly" ,gst-plugins-ugly)
("spice-protocol" ,spice-protocol)))
(inputs
`(("glib-networking" ,glib-networking)
("gtk+" ,gtk+)
("libepoxy" ,libepoxy)
("libjpeg" ,libjpeg)
("libxcb" ,libxcb)
("lz4" ,lz4)
("mesa" ,mesa)
("pixman" ,pixman)
("pulseaudio" ,pulseaudio)
("python" ,python)
("openssl" ,openssl)
("opus" ,opus)
("usbredir" ,usbredir)))
(native-inputs
`(("glib:bin" ,glib "bin")
("intltool" ,intltool)
("pkg-config" ,pkg-config)))
(arguments
`(#:configure-flags
'("--enable-gstaudio"
"--enable-gstvideo"
"--enable-pulse")
#:phases
(modify-phases %standard-phases
(add-after
'install 'wrap-spicy
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out"))
(gst-plugin-path (getenv "GST_PLUGIN_SYSTEM_PATH")))
(wrap-program (string-append out "/bin/spicy")
`("GST_PLUGIN_SYSTEM_PATH" ":" prefix (,gst-plugin-path))))
#t)))))
(synopsis "Gtk client and libraries for SPICE remote desktop servers")
(description "Gtk client and libraries for SPICE remote desktop servers.")
(home-page "http://www.spice-space.org")
(license (list license:lgpl2.1+ license:lgpl2.0+))))
(define-public spice
(package
(name "spice")
(version "0.13.1")
(source (origin
(method url-fetch)
(uri (string-append
"http://www.spice-space.org/download/releases/"
"spice-" version ".tar.bz2"))
(sha256
(base32
"18hxk47z58cqbix5h477qmvcdmsrwzv984jw4c6fj0ns4h217jwy"))))
(build-system gnu-build-system)
(propagated-inputs
`(("openssl" ,openssl)
("pixman" ,pixman)
("spice-protocol" ,spice-protocol)))
(inputs
`(("glib" ,glib)
("libjpeg" ,libjpeg)
("lz4" ,lz4)
("opus" ,opus)
("zlib" ,zlib)))
(native-inputs
`(("pkg-config" ,pkg-config)
("python" ,python)
("spice-gtk" ,spice-gtk)))
(arguments
`(#:configure-flags
'("--disable-celt051" ; Disable support for unpackaged audio codec
"--enable-lz4"
"--enable-automated-tests")))
(synopsis "Server implementation of the SPICE protocol")
(description "SPICE is a remote display system built for virtual
environments which allows you to view a computing 'desktop' environment
not only on the machine where it is running, but from anywhere on the
Internet and from a wide variety of machine architectures.")
(home-page "http://www.spice-space.org")
(license (list license:lgpl2.1+ license:lgpl2.0+))))
(define-public spice-vdagent
(package
(name "spice-vdagent")
(version "0.17.0")
(source (origin
(method url-fetch)
(uri (string-append
"http://www.spice-space.org/download/releases/"
"spice-vdagent-" version ".tar.bz2"))
(sha256
(base32
"0gdkyylyg1hksg0i0anvznqfli2q39335fnrmcd6847frpc8njpi"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
'("--localstatedir=/var")
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'patch-makefile.in
(lambda _
(substitute* "Makefile.in"
(((string-append "\\$\\(mkdir_p\\) \\$\\(DESTDIR\\)"
"\\$\\(localstatedir\\)/run/spice-vdagentd"))
"-$(mkdir_p) $(DESTDIR)$(localstatedir)/run/spice-vdagentd"))
#t)))))
(inputs
`(("alsa-lib" ,alsa-lib)
("dbus" ,dbus)
("glib" ,glib)
("libpciaccess" ,libpciaccess)
("libx11" ,libx11)
("libxext" ,libxext)
("libxfixes" ,libxfixes)
("libxinerama" ,libxinerama)
("libxrandr" ,libxrandr)
("spice-protocol" ,spice-protocol)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(synopsis "Spice agent for Linux")
(description "Spice-vdagent enables sharing the clipboard and guest display
resolution scaling on graphical console window resize.")
(home-page "http://www.spice-space.org")
(license license:gpl3+)))
(define-public virt-viewer
(package
(name "virt-viewer")
(version "4.0")
(source (origin
(method url-fetch)
(uri (string-append
"https://virt-manager.org/download/sources/virt-viewer/"
"virt-viewer-" version ".tar.gz"))
(sha256
(base32
"07zsi1fqg05mag1ayniaqj25fzb6dxg76d4ka5196lq4l477nhhw"))))
(build-system gnu-build-system)
(inputs
`(("gtk+" ,gtk+)
("libcap" ,libcap)
("libxml2" ,libxml2)
("openssl" ,openssl)
("spice-gtk" ,spice-gtk)))
(native-inputs
`(("glib:bin" ,glib "bin")
("intltool" ,intltool)
("pkg-config" ,pkg-config)))
(arguments
`(#:configure-flags
'("--with-spice-gtk")
#:phases
(modify-phases %standard-phases
(add-after
'install 'wrap-remote-viewer
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out"))
(gst-plugin-path (getenv "GST_PLUGIN_SYSTEM_PATH")))
(wrap-program (string-append out "/bin/remote-viewer")
`("GST_PLUGIN_SYSTEM_PATH" ":" prefix (,gst-plugin-path))))
#t)))))
(synopsis "Graphical console client for virtual machines")
(description "Graphical console client for virtual machines using SPICE or
VNC.")
(home-page "https://virt-manager.org")
(license license:gpl2+)))

View file

@ -4,6 +4,7 @@
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -492,3 +493,23 @@ (define-public lsh
both the server daemon and the client application, as well as tools for
manipulating key files.")
(license license:gpl2+)))
(define-public sshpass
(package
(name "sshpass")
(version "1.06")
(synopsis "Non-interactive password authentication with SSH")
(home-page "https://sourceforge.net/projects/sshpass/")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/sshpass/sshpass/"
version "/sshpass-" version ".tar.gz"))
(sha256
(base32
"0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6"))))
(build-system gnu-build-system)
(description "sshpass is a tool for non-interactivly performing password
authentication with SSH's so-called @dfn{interactive keyboard password
authentication}.")
(license license:gpl2+)))

View file

@ -26,10 +26,9 @@ (define-module (gnu packages swig)
#:use-module (gnu packages guile)
#:use-module (gnu packages boost)
#:use-module (gnu packages python)
#:use-module (gnu packages perl)
#:export (swig))
#:use-module (gnu packages perl))
(define swig
(define-public swig
(package
(name "swig")
(version "3.0.5")
@ -48,7 +47,7 @@ (define swig
("guile" ,guile-2.0)
("perl" ,perl)))
;; FIXME: reactivate input python as soon as the test failures
;; fatal error: Python.h: No such file or directory
;; fatal error: Python.h: No such file or directory
;; # include <Python.h>
;; are fixed.
;; The python part probably never worked and does not seem to

View file

@ -38,6 +38,7 @@ (define-module (gnu packages xorg)
#:use-module (gnu packages compression)
#:use-module (gnu packages flex)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gl)
#:use-module (gnu packages glib)
@ -46,13 +47,13 @@ (define-module (gnu packages xorg)
#:use-module (gnu packages image)
#:use-module (gnu packages linux)
#:use-module (gnu packages m4)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages spice)
#:use-module (gnu packages xml)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages freedesktop))
#:use-module (gnu packages xdisorg))
@ -3076,6 +3077,35 @@ (define-public xf86-video-openchrome
(license license:x11)))
(define-public xf86-video-qxl
(package
(name "xf86-video-qxl")
(version "0.1.4")
(source (origin
(method url-fetch)
(uri (string-append
"mirror://xorg/individual/driver/"
"xf86-video-qxl-" version ".tar.bz2"))
(sha256
(base32
"018ic9ddxfnjcv2yss0mwk1gq6rmip1hrgi2wxwqkbqx1cpx4yp5"))))
(build-system gnu-build-system)
(inputs
`(("fontsproto" ,fontsproto)
("libxfont" ,libxfont)
("spice-protocol" ,spice-protocol)
("xf86dgaproto" ,xf86dgaproto)
("xorg-server" ,xorg-server)
("xproto" ,xproto)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(synopsis "Qxl video driver for X server")
(description "xf86-video-qxl is a video driver for the Xorg X server.
This driver is intended for the spice qxl virtio device.")
(home-page "http://www.spice-space.org")
(license license:x11)))
(define-public xf86-video-r128
(package
(name "xf86-video-r128")

View file

@ -1,5 +1,5 @@
# GNU Guix --- Functional package management for GNU
# Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
# Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
#
# This file is part of GNU Guix.
#
@ -157,8 +157,20 @@ do
# that name in a 'valid-path?' query because 'assertStorePath' would kill
# us because of the wrong prefix. So we just list dead paths instead.
guile -c "
(use-modules (guix store) (srfi srfi-1))
(define s (open-connection \"$GUIX_DAEMON_SOCKET\"))
(use-modules (guix store) (srfi srfi-1) (srfi srfi-34))
(define s
(let loop ((i 5))
(guard (c ((nix-connection-error? c)
(if (<= i 0)
(raise c)
(begin
(display \"waiting for daemon socket...\")
(newline)
(sleep 1)
(loop (- i 1))))))
(open-connection \"$GUIX_DAEMON_SOCKET\"))))
(exit (lset= string=?
(pk 1 (list \"$copied\" \"$copied_duplicate1\"
\"$copied_duplicate2\"))