Commit graph

1483 commits

Author SHA1 Message Date
Efraim Flashner
f1597427f2
gnu: file: Fix CVE-2017-1000249.
* gnu/packages/file.scm (file)[replacement]: New field.
(file/fixed): New variable.
* gnu/packages/commencement.scm (file-boot0): Use package/inherit.
* gnu/packages/patches/file-CVE-2017-1000249.patch.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-09-05 23:04:05 +03:00
Leo Famulari
514c2f4806
gnu: tcpdump: Fix CVE-2017-[11541,11542,11543].
* gnu/packages/patches/tcpdump-CVE-2017-11541.patch,
gnu/packages/patches/tcpdump-CVE-2017-11542.patch
gnu/packages/patches/tcpdump-CVE-2017-11543.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/admin.scm (tcpdump)[source]: Use them.
2017-09-05 14:53:50 -04:00
Jelle Licht
448339709d
gnu: node: Update to 8.4.0.
* gnu/packages/patches/node-9077.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/node.scm (node): Update to 8.4.0.
(node)[arguments]: Removed broken linter test. Removed dns test.
2017-09-02 22:59:18 +02:00
Kei Kebreau
d536113df0
gnu: openjpeg: Fix CVE-2017-{14040,14041}.
* gnu/packages/image.scm (openjpeg)[source]: Add patches.
* gnu/packages/patches/openjpeg-CVE-2017-14040.patch,
gnu/packages/patches/openjpeg-CVE-2017-14041.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-09-02 10:21:03 -04:00
Ben Woodcroft
25bd1fc1c1
gnu: metabat: Update to 2.12.1.
* gnu/packages/patches/metabat-remove-compilation-date.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/bioinformatics.scm (metabat): Update to 2.12.1.
[source]: Remove it.  Use url-fetch.
2017-09-01 14:45:57 +08:00
Arun Isaac
a0596a2f27
gnu: python2-larch: Enable tests.
* gnu/packages/patches/python2-larch-coverage-4.0a6-compatibility.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python2-larch)[source]: Use it.
[arguments]: Move 'check' phase to before 'build' phase.
2017-09-01 11:14:16 +05:30
Efraim Flashner
0ff44ba464
gnu: graphicsmagick: Fix CVE-2017-{13775,13776,13777}.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patches.
* gnu/packages/patches/graphicsmagick-CVE-2017-13775.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-13776+CVE-2017-13777.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-09-01 00:02:27 +03:00
Alex Vong
76fed2b3c4
gnu: libxml2: Fix CVE-2017-{0663,7375,7376,9047,9048,9049,9050}.
* gnu/packages/patches/libxml2-CVE-2017-0663.patch,
gnu/packages/patches/libxml2-CVE-2017-7375.patch,
gnu/packages/patches/libxml2-CVE-2017-7376.patch,
gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch,
gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/xml.scm (libxml2)[replacement]: New field.
(libxml2/fixed): New variable.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-31 21:45:36 +02:00
Ben Woodcroft
c959e5a1dc
gnu: ruby-2.2.7: Fix CVE-2017-{0899,0900,0901,0902}.
* gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ruby.scm (ruby-2.2.7)[source]: Use it.
2017-08-31 10:43:19 +08:00
Ben Woodcroft
db542518b3
gnu: ruby-2.3.4: Fix CVE-2017-{0899,0900,0901,0902}.
* gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ruby.scm (ruby-2.3.4)[source]: Use it.
2017-08-31 10:43:19 +08:00
Ben Woodcroft
9770cbf9e2
gnu: ruby-2.4.1: Fix CVE-2017-{0899,0900,0901,0902}.
* gnu/packages/patches/ruby-rubygems-2612-ruby24.patch,
gnu/packages/patches/ruby-rubygems-2613-ruby24.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/ruby.scm (ruby-2.4.1)[source]: Use them.
2017-08-31 10:43:19 +08:00
Ben Woodcroft
690a904ad7
gnu: metabat: Update to 2.11.3.
* gnu/packages/bioinformatics.scm (metabat): Update to 2.11.3.
[source]: Use git-fetch.  Remove boost-related patch.
* gnu/packages/patches/metabat-fix-boost-issue.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-31 10:43:18 +08:00
Marius Bakke
4f68156140
gnu: gd: Replace with 2.2.5.
Fixes CVE-2017-6362 and CVE-2017-7890.

* gnu/packages/gd.scm (gd)[replacement]: New field.
(gd-2.2.5): New variable.
* gnu/packages/php.scm (gd-for-php): Remove variable
(php)[inputs]: Replace GD-FOR-PHP with GD-2.2.5.
* gnu/packages/patches/gd-CVE-2017-7890.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-31 02:49:43 +02:00
Marius Bakke
2de7d137b3
gnu: qemu: Update to 2.10.0.
* gnu/packages/patches/qemu-CVE-2017-10664.patch,
gnu/packages/patches/qemu-CVE-2017-10806.patch,
gnu/packages/patches/qemu-CVE-2017-10911.patch,
gnu/packages/patches/qemu-CVE-2017-11334.patch,
gnu/packages/patches/qemu-CVE-2017-11434.patch,
gnu/packages/patches/qemu-CVE-2017-12809.patch:
gnu/packages/patches/qemu-CVE-2017-7493.patch,
gnu/packages/patches/qemu-CVE-2017-8112.patch,
gnu/packages/patches/qemu-CVE-2017-8309.patch,
gnu/packages/patches/qemu-CVE-2017-8379.patch,
gnu/packages/patches/qemu-CVE-2017-8380.patch,
gnu/packages/patches/qemu-CVE-2017-9524.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/virtualization.scm (qemu): Update to 2.10.0.
[source](patches): Remove.
2017-08-30 20:50:13 +02:00
Ricardo Wurmus
799247d2d9
gnu: multiqc: Update to 1.2.
* gnu/packages/bioinformatics.scm (multiqc): Update to 1.2.
[source]: Remove patches.
[arguments]: Remove to enable tests.
[propagated-inputs]: Add python-spectra, python-requests, python-markdown,
python-lzstring.
* gnu/packages/patches/multiqc-fix-git-subprocess-error.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-30 17:32:00 +02:00
Kei Kebreau
3c8ba11a97
Update e-mail for Kei Kebreau.
* .mailmap: Map kei@openmailbox.org to current address.
* gnu/local.mk: Replace kei@openmailbox.org to current address.
* gnu/packages/backup.scm: Likewise.
* gnu/packages/calendar.scm: Likewise.
* gnu/packages/check.scm: Likewise.
* gnu/packages/compression.scm: Likewise.
* gnu/packages/documentation.scm: Likewise.
* gnu/packages/emacs.scm: Likewise.
* gnu/packages/fltk.scm: Likewise.
* gnu/packages/freedesktop.scm: Likewise.
* gnu/packages/game-development.scm: Likewise.
* gnu/packages/games.scm: Likewise.
* gnu/packages/gnome.scm: Likewise.
* gnu/packages/gnustep.scm: Likewise.
* gnu/packages/gtk.scm: Likewise.
* gnu/packages/hexedit.scm: Likewise.
* gnu/packages/image.scm: Likewise.
* gnu/packages/maths.scm: Likewise.
* gnu/packages/music.scm: Likewise.
* gnu/packages/xfce.scm: Likewise.
* gnu/packages/python.scm: Likewise.
* gnu/packages/tcl.scm: Likewise.
* gnu/packages/textutils.scm: Likewise.
* gnu/packages/video.scm: Likewise.
* gnu/packages/w3m.scm: Likewise.
* gnu/packages/web.scm: Likewise.
* gnu/packages/web-browsers.scm: Likewise.
* gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch: Likewise.
2017-08-29 20:13:24 -04:00
Leo Famulari
9baa969758
gnu: libzip: Fix CVE-2017-12858.
* gnu/packages/patches/libzip-CVE-2017-12858.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/compression.scm (libzip)[source]: Use it.
2017-08-27 19:51:45 -04:00
Leo Famulari
1c059a6e16
gnu: wxwidgets: Update to 3.0.3.
* gnu/packages/wxwidgets.scm (wxwidgets): Update to 3.0.3.
[source]: Remove 'wxwidgets-fix-windowGTK.patch'.
* gnu/packages/patches/wxwidgets-fix-windowGTK.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-27 16:04:25 -04:00
Marius Bakke
72e2815d18
Merge branch 'core-updates' 2017-08-26 15:15:49 +02:00
Efraim Flashner
f81039058c
gnu: qemu: Fix CVE-2017-12809.
* gnu/packages/virtualization.scm (qemu)[source]: Add patch.
* gnu/packages/patches/qemu-CVE-2017-12809.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-23 21:56:55 +03:00
Efraim Flashner
f00e328fd3
gnu: openjpeg: Fix CVE-2017-12982.
* gnu/packages/image.scm (openjepg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-23 21:07:07 +03:00
Marius Bakke
2718a9cd09
Merge branch 'master' into core-updates 2017-08-21 02:40:37 +02:00
Kei Kebreau
6d7d9d9507
gnu: graphicsmagick: Fix CVE-2017-{12935,12936,12937}.
* gnu/packages/patches/graphicsmagick-CVE-2017-12935.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-12936.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Use them.
2017-08-20 08:35:45 -04:00
Tobias Geerinckx-Rice
b7585ca3b9
gnu: lz4: Update to 1.8.0.
* gnu/packages/compression.scm (lz4): Update to 1.8.0.  Fix typo in comment.
[source]: Remove patch.
* gnu/packages/patches/lz4-fix-test-failures.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-19 02:17:42 +02:00
Leo Famulari
d9f15d7e48
gnu: newsbeuter: Fix CVE-2017-12904.
* gnu/packages/patches/newsbeuter-CVE-2017-12904.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/syndication.scm (newsbeuter)[source]: Use it.
2017-08-18 17:24:47 -04:00
Marius Bakke
8c0c0c4def
gnu: python-pygit2: Update to 0.26.0.
* gnu/packages/python.scm (python-pygit2): Update to 0.26.0.
* gnu/packages/patches/python-pygit2-disable-network-tests.patch: Skip one
more test. Use unittest.skipIf instead of deleting sections.
2017-08-18 21:33:31 +02:00
Thomas Danckaert
cc81f1c349
gnu: freerdp: Revert to version 1.1.
* gnu/packages/rdesktop.scm (freerdp) [version, source]: Revert to upstream
  branch 1.1.  [inputs]: Use ffmpeg-2.8.
* gnu/packages/gnome.scm (vinagre): Add patches required to build against
  freerdp branch 1.1.
* gnu/packages/patches/vinagre-revert-1.patch,
  gnu/packages/patches/vinagre-revert-2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-08-18 14:52:35 +02:00
Efraim Flashner
c5a856d551
gnu: xf86-video-siliconmotion: Fix building on aarch64.
* gnu/packages/xorg.scm (xf86-video-siliconmotion)[source]: Add patch.
* gnu/packages/patches/xf86-video-siliconmotion-fix-ftbfs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-18 15:50:25 +03:00
Eric Bavier
623cc34cd2
gnu: rpm: Update to 4.13.0.1.
* gnu/packages/package-management.scm (rpm): Update to 4.13.0.1
[source]: Remove patch.  Use 'version-major+minor' for url.
* gnu/packages/patches/rpm-CVE-2014-8118.patch: Delete patch.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-17 21:39:18 -05:00
Efraim Flashner
e3b861ce38
gnu: python-cython: Update to 0.26.
* gnu/packages/python.scm (python-cython, python2-cython): Update to 0.26.
[source]: Remove patch.
* gnu/packages/patches/python-cython-fix-tests-32bit.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-17 06:46:06 +03:00
Efraim Flashner
3837108e40
gnu: bcftools: Fix building on aarch64.
* gnu/packages/patches/bcftools-regidx-unsigned-char.patch: New file.
* gnu/packages/bioinformatics.scm (bcftools)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-15 10:31:20 +03:00
Mark H Weaver
09ec5a0f0c
Merge branch 'master' into core-updates 2017-08-15 03:10:14 -04:00
Marius Bakke
f28fea1ca7
gnu: e2fsprogs: Update to 1.43.5.
* gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/linux.scm (e2fsprogs): Update to 1.43.5.
[source]: Use patch.
2017-08-15 01:08:01 +02:00
Leo Famulari
15428168ea
gnu: cvs: Fix CVE-2017-12836.
* gnu/packages/patches/cvs-2017-12836.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/version-control.scm (cvs)[source]: Use it.
2017-08-14 15:55:31 -04:00
Alex Vong
f152208b0d
gnu: qemu: Fix CVE-2017-{10664,10806,10911,11434}.
* gnu/packages/patches/qemu-CVE-2017-10664.patch,
gnu/packages/patches/qemu-CVE-2017-10806.patch,
gnu/packages/patches/qemu-CVE-2017-10911.patch,
gnu/packages/patches/qemu-CVE-2017-11434.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-13 18:28:27 +02:00
Marius Bakke
d5daf6fbe0
gnu: curl: Fix i686 test failure.
* gnu/packages/patches/curl-bounds-check.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/curl.scm (curl-7.55.0)[source]: Use it.
2017-08-13 16:46:41 +02:00
Alex Vong
bfcdf88760
gnu: catdoc: Fix CVE-2017-11110.
* gnu/packages/patches/catdoc-CVE-2017-11110.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/textutils.scm (catdoc)[source]: Use it.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-12 15:30:23 +02:00
Mark H Weaver
3785e42e52
Merge branch 'master' into core-updates 2017-08-11 03:49:24 -04:00
Marius Bakke
c2f93e9c07
gnu: openjpeg: Update to 2.2.0 [security fixes].
In addition to the patches we already had (which are not mentioned in the
ChangeLog, but verified by following their respective GitHub issues) this
release also fixes CVE-2016-9112, CVE-2016-5139, CVE-2016-5152, CVE-2016-5158,
CVE-2016-5159, CVE-2016-1626 and CVE-2016-1628.

See <https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md> for details.

* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch,
  gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.2.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Add phase to patch
hard-coded openjpeg-2.1 path.
2017-08-10 22:23:31 +02:00
Mark H Weaver
cc294bcee6
Merge branch 'master' into core-updates 2017-08-09 17:25:31 -04:00
Ben Woodcroft
63755fcd65
gnu: ruby-puma: Update to 3.9.1.
* gnu/packages/ruby.scm (ruby-puma): Update to 3.9.1.
[source]: Remove patch.
[arguments]: Disable tests.
[native-inputs]: Remove field.
* gnu/packages/patches/ruby-puma-ignore-broken-test.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-08 09:31:18 +10:00
Mark H Weaver
2d9495da23
Merge branch 'master' into core-updates 2017-08-07 16:45:16 -04:00
Leo Famulari
149f668821
gnu: texlive: Update to 2017.
* gnu/packages/tex.scm (texlive, texlive-texmf): Update to 2017.
(texlive-texmf-src): Update to 20170524. Remove
'texlive-texmf-CVE-2016-10243.patch'.
(texlive-bin, texlive-extra-src): Update to 20170524.
* gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-07 12:08:03 +02:00
Tobias Geerinckx-Rice
d8af4f6dde
gnu: ntfs-3g: Update to 2017.3.23.
* gnu/packages/linux.scm (ntfs-3g): Update to 2017.3.23.
[source]: Remove patch.
* gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-07 02:01:34 +02:00
Mark H Weaver
f167595ba1
Merge branch 'master' into core-updates 2017-08-06 00:23:20 -04:00
Mark H Weaver
e3df6938ac
gnu: libtasn1: Add replacement to fix CVE-2017-10790.
Based on commit 01a61d7040
by Leo Famulari <leo@famulari.name>.

* gnu/packages/patches/libtasn1-CVE-2017-10790.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (libtasn1)[replacement]: New field.
(libtasn1/fixed): New variable.
2017-08-06 00:21:09 -04:00
Leo Famulari
01a61d7040
gnu: libtasn1: Fix CVE-2017-10790.
* gnu/packages/patches/libtasn1-CVE-2017-10790.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (libtasn1/fixed)[source]: Use it.
2017-08-05 20:17:53 -04:00
Julien Lepiller
1cec346232
gnu: php: Update to 7.1.8.
* gnu/packages/patches/gd-CVE-2017-7890.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it
* gnu/packages/php.scm (php): Update to 7.1.8.
2017-08-04 18:58:33 +02:00
Tobias Geerinckx-Rice
f58be41761
gnu: fabric: Update to 1.13.2.
* gnu/packages/admin.scm (fabric): Update to 1.13.2.  Remove outdated comments.
[source]: Remove ‘patches’.
* gnu/packages/patches/fabric-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-04 03:46:49 +02:00
Efraim Flashner
edd08fb7ac
gnu: glibc@2.22: Fix security issues.
Fixes CVE-2015-{5180,7547}, CVE-2016-{3075,3706,4429}.

* gnu/packages/base.scm (glibc@2.22)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-02 21:51:35 +03:00