Commit graph

986 commits

Author SHA1 Message Date
Leo Famulari
2fedcd1895
gnu: libtiff: Fix CVE-2016-9448.
* gnu/packages/patches/libtiff-CVE-2016-9448.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2016-11-19 11:31:00 -05:00
Ludovic Courtès
8134dc1f74
gnu: guile@2.0.13: Fix non-determinism issue in REPL server test.
* gnu/packages/patches/guile-repl-server-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/guile.scm (guile-2.0.13)[source]: Use it.
2016-11-18 18:28:02 +01:00
Eric Bavier
fe047e1380
gnu: Add Handbrake.
* gnu/packages/video.scm (handbrake): New variable.
* gnu/packages/patches/handbrake-pkg-config-path.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-11-16 20:58:12 -06:00
Leo Famulari
1339a8ed1c
gnu: libtiff: Fix some buffer overflows.
* gnu/packages/patches/libtiff-uint32-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2016-11-16 19:59:28 -05:00
Leo Famulari
7cea56e2ac
gnu: libtiff: Fix CVE-2016-9297.
* gnu/packages/patches/libtiff-CVE-2016-9297.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2016-11-16 19:59:24 -05:00
Mark H Weaver
1a87aa7567
gnu: icecat: Add fixes from Firefox ESR 45.5.0.
Includes fixes for CVE-2016-5290, CVE-2016-5291, CVE-2016-5297, CVE-2016-9064,
and CVE-2016-9066.

* gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add fixes for
aforementioned CVEs and other selected fixes from Firefox ESR 45.5.0.  Note
that the first six patches of CVE-2016-5290 and the patch for CVE-2016-9066
were already present, but were labeled by mozilla bug number instead of CVE.
* gnu/packages/patches/icecat-CVE-2016-9064.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-11-16 13:04:02 -05:00
Mark H Weaver
56ac2bf442
gnu: pixman: Add fix for CVE-2016-5296.
* gnu/packages/patches/pixman-CVE-2016-5296.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (pixman)[replacement]: New field.
(pixman/fixed): New variable.
2016-11-16 13:03:56 -05:00
Leo Famulari
d9721bcf27
gnu: readline-6.2: Fix CVE-2014-2524.
* gnu/packages/patches/readline-6.2-CVE-2014-2524.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/readline.scm (readline-6.2): Use it.
2016-11-13 17:01:01 -05:00
Ludovic Courtès
142530178d
gnu: mailutils: Update to 3.0.
* gnu/packages/mail.scm (mailutils): Update to 3.0.
[arguments]: Adjust 'pre-build' phase.
* gnu/packages/patches/m4-gets-undeclared.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
2016-11-13 21:12:32 +01:00
Ludovic Courtès
2cab1dd58b
Merge branch 'core-updates' 2016-11-13 00:34:16 +01:00
Leo Famulari
5c66314bd9
gnu: libtiff: Fix CVE-2016-9273.
* gnu/packages/patches/libtiff-CVE-2016-9273.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed): Use it.
2016-11-12 11:05:19 -05:00
Ben Woodcroft
e2bb2e1780
gnu: ruby-yard: Update to 0.9.5-1.d816482a.
* gnu/packages/ruby.scm (ruby-yard): Update to 0.9.5-1.d816482a.
[source]: Update source URL.
[arguments]: Remove unneeded substitutions.  Change test target.
* gnu/packages/patches/ruby-yard-fix-skip-of-markdown-tests.patch (New
file)
* gnu/local.mk (dist_patch_DATA): Add it.
2016-11-11 22:15:37 +10:00
Ludovic Courtès
8033772363
gnu: gcc@5, gcc@6: Work around use of 'movabs' for /gnu/store strings.
Partly addresses <http://bugs.gnu.org/24703>.
Reported by Mark H Weaver <mhw@netris.org>.

* gnu/packages/patches/gcc-strmov-store-file-names.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gcc.scm (gcc-5)[sources](patches): Add it.
(gcc-6)[sources](patches): Add it.
2016-11-09 21:24:44 +01:00
Leo Famulari
0b34b58688
gnu: libxslt: Fix CVE-2016-4738.
* gnu/packages/patches/libxslt-CVE-2016-4738.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxslt)[replacement]: New field.
(libxslt/fixed): New variable.
2016-11-09 10:19:49 -05:00
Leo Famulari
667e777b4e
gnu: mupdf: Fix CVE-2016-{7504,7505,7506,7563,7564,9017,9136} in bundled mujs.
* gnu/packages/patches/mupdf-CVE-2016-7504.patch,
gnu/packages/patches/mupdf-CVE-2016-7505.patch
gnu/packages/patches/mupdf-CVE-2016-7506.patch
gnu/packages/patches/mupdf-CVE-2016-7563.patch
gnu/packages/patches/mupdf-CVE-2016-7564.patch
gnu/packages/patches/mupdf-CVE-2016-9017.patch
gnu/packages/patches/mupdf-CVE-2016-9136.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/pdf.scm (mupdf)[source]: Use them.
2016-11-08 11:03:14 -05:00
Mark H Weaver
71e21fb26d
Merge branch 'master' into core-updates 2016-11-07 00:33:16 -05:00
Leo Famulari
14ac8e4865
gnu: jansson: Update to 2.9.
* gnu/packages/web.scm (jansson): Update to 2.9.
[source]: Remove 'jansson-CVE-2016-4425.patch'.
* gnu/packages/patches/jansson-CVE-2016-4425.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2016-11-06 19:50:30 -05:00
Marius Bakke
6dbf1fec0d
gnu: lua: Update to 5.3.3.
* gnu/packages/patches/lua52-liblua-so.patch: Rename to ...
* gnu/packages/patches/lua-liblua-so.patch: ... this. Add version comment.
* gnu/local.mk (dist_patch_DATA): Adjust patch name.
* gnu/packages/lua.scm (lua): Update to 5.3.3.
[source]: Use https URL. Use new patch name.
[home-page]: Use https URL.
(lua-5.2): New variable.
(lua-5.1)[source]: Use https URL.
2016-11-06 16:17:16 +00:00
Mark H Weaver
8b6ad165d1
Merge branch 'master' into core-updates 2016-11-06 03:29:06 -05:00
Leo Famulari
2d125a9b21
gnu: weex: Update to 2.8.2 [fixes CVE-2005-3150].
* gnu/packages/ftp.scm (weex): Update to 2.8.2.
[source]: Use new URL. Remove obsolete 'weex-vacopy.patch'.
[arguments]: Remove custom 'configure' phase and add 'bootstrap' phase.
[native-inputs]: Add autoconf, automake, and gnu-gettext.
* gnu/packages/patches/weex-vacopy.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2016-11-05 13:31:44 -04:00
Kei Kebreau
674a0f9558
gnu: w3m: Switch to Debian's actively maintained fork of w3m.
Fixes some security issues seen here:
<http://www.openwall.com/lists/oss-security/2016/11/03/3>

* gnu/packages/w3m.scm (w3m): Switch it.
[source]: Use Debian's git tree. Remove obsolete patches.
[arguments]: Remove an unneeded substitute* function.
* gnu/packages/patches/w3m-disable-sslv2-and-sslv3.patch,
gnu/packages/patches/w3m-disable-weak-ciphers.patch,
gnu/packages/patches/w3m-force-ssl_verify_server-on.patch,
gnu/packages/patches/w3m-libgc.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2016-11-04 20:06:03 -04:00
Ricardo Wurmus
accd5f996e
gnu: python-ipython: Update to 4.0.0.
* gnu/packages/python.scm (python-ipython): Update to 4.0.0.
[inputs]: Keep only "readline" and "which"; move the remaining inputs
to propagated-inputs, except for "python-requests" and "python-nose"
which are moved to native-inputs.
[propagated-inputs]: Add "python-pexpect", "python-pickleshare",
"python-simplegeneric", "python-traitlets", "python-ipykernel".
[native-inputs]: Add "python-testpath".
[arguments]: Enable building of HTML documentation.
[source]: Remove patch.
* gnu/packages/patches/python-ipython-inputhook-ctype.patch: Remove
patch.
* gnu/local.mk (dist_patch_DATA): Remove it.
2016-11-04 21:23:07 +01:00
Leo Famulari
8d806cb0e0
gnu: ola: Fix build failure caused by use of deprecated function.
* gnu/packages/patches/ola-readdir-r.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/lighting.scm (ola)[source]: Use it.
2016-11-04 01:44:42 -04:00
Kei Kebreau
b81245ccb3
[PATCH] gnu: Add libjxr.
* gnu/packages/image.scm (libjxr): New variable.
* gnu/packages/patches/libjxr-fix-function-signature.patch: New file.
* gnu/packages/patches/libjxr-fix-typos.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register patches.
2016-11-03 13:43:23 -04:00
Leo Famulari
b3cc0dce08
Merge branch 'master' into core-updates 2016-11-02 20:03:35 -04:00
Marius Bakke
bac3d6095d
gnu: python-django: Update to 1.10.3 [fixes CVE-2016-{9013,9014}].
* gnu/packages/django.scm (python-django, python2-django): Update to 1.10.3.
[source]: Remove patch.
* gnu/packages/patches/python-django-fix-testcase.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2016-11-01 14:02:01 -04:00
Leo Famulari
40330e555f
gnu: icecat: Fix build with binutils >= 2.26.
* gnu/packages/patches/icecat-binutils.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Use it.
2016-10-31 20:59:40 -04:00
Leo Famulari
205f0107bb
Merge branch 'master' into core-updates 2016-10-30 19:19:21 -04:00
Leo Famulari
b89cbf5832
gnu: libtiff: Fix CVE-2016-5652.
* gnu/packages/patches/libtiff-CVE-2016-5652.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-fixed)[source]: Use it.
2016-10-30 19:07:49 -04:00
Leo Famulari
062c7e43ed
Merge branch 'master' into core-updates 2016-10-29 21:44:44 -04:00
Theodoros Foradis
5b83b7b854
gnu: Add openocd.
* gnu/packages/embedded.scm (openocd): New variable.
* gnu/packages/patches/openocd-nrf52.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the patch.
2016-10-30 02:34:26 +01:00
Leo Famulari
a6447e7fb6
Merge branch 'master' into core-updates 2016-10-28 13:40:17 -04:00
Leo Famulari
95bff4f697
gnu: libwebp: Fix CVE-2016-9085.
* gnu/packages/patches/libwebp-CVE-2016-9085.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libwebp)[source]: Use it.
2016-10-28 13:39:37 -04:00
Efraim Flashner
aa6c09ed71
gnu: python-parse: Fix failing test.
* gnu/packages/python.scm (python-parse)[origin]: Add patch.
* gnu/packages/patches/python-parse-too-many-fields.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2016-10-27 23:28:07 +03:00
Leo Famulari
02c73adcdf
Merge branch 'master' into core-updates 2016-10-26 19:00:06 -04:00
Leo Famulari
a19da40630
gnu: perl-www-curl: Fix build failure.
* gnu/packages/patches/perl-www-curl-remove-symbol.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-www-curl)[source]: Use it.
2016-10-26 18:44:16 -04:00
Marius Bakke
39df253e2b
gnu: mupdf: Modify CVE-2016-8674 patch to apply to 1.9a.
The fix from upstream did not apply cleanly due to many context changes.
This was adapted by cloning mupdf 1.9a from git and fixing conflicts
after applying our patches and cherry-picking upstream commit 1e03c06.

This is a follow-up to 47a04fca99.

* gnu/packages/patches/mupdf-CVE-2016-8674.patch: Adapt to 1.9a.
2016-10-26 15:03:42 +01:00
Marius Bakke
d2a9b531fb
gnu: notmuch: Update to 0.23.1.
* gnu/packages/patches/notmuch-emacs-25-compatibility-fix.patch: Delete
file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/mail.scm (notmuch): Update to 0.23.1. Remove patch.
2016-10-26 10:45:49 +01:00
Kei Kebreau
47a04fca99
gnu: mupdf: Fix CVE-2016-8674.
* gnu/packages/patches/mupdf-CVE-2016-8674.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (mupdf): Use it.
2016-10-25 12:50:50 -04:00
Thomas Danckaert
4b12fe5cab
gnu: coda: Remove bundled libraries.
* gnu/packages/maths.scm (coda): Remove bundled libraries.
[source]: Add patch and snippet to remove bundled zlib, pcre and expat.
[inputs]: Add system zlib, pcre and expat.
* gnu/packages/patches/coda-use-system-libs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2016-10-25 14:56:37 +02:00
Mark H Weaver
e9a19bde40
gnu: linux-libre@4.1: Update to 4.1.35.
* gnu/packages/linux.scm (linux-libre-4.1): Update to 4.1.35.  Remove
patch.
* gnu/packages/patches/linux-libre-4.1-CVE-2016-5195.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2016-10-24 22:53:18 -04:00
Mark H Weaver
f1267c872f
gnu: mesa: Fix 'wayland-egl-symbols-check' on MIPS.
* gnu/packages/patches/mesa-wayland-egl-symbols-check-mips.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gl.scm (mesa)[source]: Add patch when building on MIPS.
2016-10-24 22:28:32 -04:00
Thomas Danckaert
d3c4f3bb00
gnu: Add hdf-eos2.
* gnu/packages/maths.scm (hdf-eos2): New variable.
* gnu/packages/patches/hdf-eos2-build-shared.patch: New file.
* gnu/packages/patches/hdf-eos2-remove-gctp.patch: New file.
* gnu/packages/patches/hdf-eos2-fortrantests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patches.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2016-10-24 23:05:20 +02:00
Leo Famulari
02cfea6627
gnu: musl: Fix CVE-2016-8859.
* gnu/packages/patches/musl-CVE-2016-8859.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/musl.scm (musl)[source]: Use it.
2016-10-23 18:08:17 -04:00
Mark H Weaver
ca0635b4ba
Merge branch 'master' into core-updates 2016-10-23 14:16:39 -04:00
Efraim Flashner
eccd1d24c9
gnu: hop: Update to 2.5.1.
* gnu/packages/scheme.scm (hop): Update to 2.5.1.
[source]: Remove patch.
* gnu/packages/patches/hop-bigloo-4.0b.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2016-10-23 14:37:28 +03:00
Mark H Weaver
a861665b75
gnu: linux-libre@4.1: Add fix for CVE-2016-5195.
* gnu/packages/patches/linux-libre-4.1-CVE-2016-5195.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (linux-libre-4.1): Add patch.
2016-10-22 00:30:38 -04:00
Christopher Allan Webber
7d2ee59b4a
gnu: slim: Fix line numbers in slim-login.patch.
This was causing build failures.

* gnu/packages/patches/slim-login.patch: Fix line numbers.
2016-10-21 12:51:33 -05:00
Eric Bavier
17d50dfdbb
gnu: slim: Display login message.
* gnu/packages/patches/slim-login.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/display-managers.scm (slim)[source]: Use it.
2016-10-20 16:47:20 -05:00
Eric Bavier
0b71c15c80
gnu: slim: Do not reset session after failed login.
* gnu/packages/patches/slim-reset.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/display-managers.scm (slim)[source]: Use it.
2016-10-20 16:47:19 -05:00