* gnu/packages/qt.scm (python-qscintilla)[arguments]: In the 'configure'
phase, remove result code plumbing that is no longer needed, since 'invoke'
never returns #false.
Includes fixes for CVE-2018-5104, CVE-2018-5097, CVE-2018-5099, and the
remaining 7 out of 21 changesets for CVE-2018-5089.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the
upstream mozilla-esr52 repository. Remove the local spectre mitigation patch
in favor of the (identical) changeset from upstream.
* gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch: Delete.
* gnu/local.mk (dist_patch_DATA): Remove it.
Document that our existing patches include fixes for CVE-2018-5091,
CVE-2018-5095, CVE-2018-5096, CVE-2018-5098, CVE-2018-5102, CVE-2018-5103,
CVE-2018-5117, and 14 out of 21 changesets for CVE-2018-5089.
* gnu/packages/gnuzilla.scm (icecat)[sources]: Relabel patches to reflect CVE
assignments.
* gnu/packages/patches/libsndfile-CVE-2017-12562.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field.
(libsndfile/fixed): New variable.
* scripts/guix.in: Remove empty surrounding ‘let’. Define 'main' as the
procedure called when running the script.
(maybe-augment-load-paths!): Rename to ...
(augment-load-paths!): ... this. Use 'and=>' for 'file-exists?'.
(run-guix-main): Rename to ...
(main): ... this. Call 'augment-load-paths!'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/rtags-separate-rct.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/code.scm (rtags): Dependencies no longer bundled.
[source]: Use tarball release. Use the patch to link rct.
Substitute corresponding headers.
[native-inputs]: Add new dependencies.
[inputs]: Likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/rct-add-missing-headers.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/cpp.scm (rct): Use the patch, enable RTTI.
[source]: Use the patch to add missing headers from installation.
[arguments]: Enable RTTI in configure-flags.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
As a fork of cURL, gnURL on Guix needs to be made aware of the certificate store
to prevent the well-known issue we have.
* gnu/packages/gnunet.scm (gnurl)[configure-flags]: Add '--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This moves the complexity of Autotools variable expansion outside of the
application code.
* scripts/guix.in (config-lookup): Delete.
(maybe-augment-load-paths!, run-guix-main): Use fully expanded variables
instead of calling ‘config-lookup’.
* configure.ac: Don't use AC_CONFIG_FILES for ‘scripts/guix’.
Use AC_PROG_SED.
* Makefile.am (scripts/guix): New rule.
(do_subst): New variable.
(CLEANFILES, EXTRA_DIST): Adapt.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
