Commit graph

286 commits

Author SHA1 Message Date
Efraim Flashner
ce27857f71
gnu: binutils: Fix security issues.
* gnu/packages/base.scm (binutils)[replacement]: New field.
(binutils/fixed): New variable.
* gnu/packages/commencement.scm (binutils-boot0, binutils-final): Use
'package/inherit' to correctly use replacement binutils.
2017-09-17 22:45:21 +03:00
Mark H Weaver
f167595ba1
Merge branch 'master' into core-updates 2017-08-06 00:23:20 -04:00
Efraim Flashner
edd08fb7ac
gnu: glibc@2.22: Fix security issues.
Fixes CVE-2015-{5180,7547}, CVE-2016-{3075,3706,4429}.

* gnu/packages/base.scm (glibc@2.22)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-02 21:51:35 +03:00
Efraim Flashner
a0ae64a334
gnu: glibc@2.23: Fix CVE-2015-5180, CVE-2016-{3075,3706,4429}.
* gnu/packages/base.scm (glibc@2.23)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2016-3075.patch,
gnu/packages/patches/glibc-CVE-2016-3706.patch,
gnu/packages/patches/glibc-CVE-2016-4429.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
2017-08-02 21:51:33 +03:00
Efraim Flashner
575e5e4e51
gnu: glibc@2.24: Fix CVE-2015-5180.
* gnu/packages/base.scm (glibc@2.24)[source]: Add patch.
* gnu/packages/patches/glibc-CVE-2015-5180.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-02 21:51:31 +03:00
Leo Famulari
6c1a317e29
Merge branch 'master' into core-updates 2017-07-23 03:42:12 -04:00
Ludovic Courtès
6d833b13b7
gnu: Remove glibc@2.21 and its traces.
* gnu/packages/base.scm (glibc-2.21): Remove.
* gnu/system/locale.scm (localedef-command)[maybe-version-directory]:
Remove.  Replace call with use of 'package-version'.
(single-locale-directory): Remove 'version>=' conditional.
2017-07-17 23:41:36 +02:00
Ludovic Courtès
d5ec5ed719
packages: Mark 'replacement' as an "innate" field.
Suggested by Mark H Weaver
at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>.

* guix/packages.scm (<package>)[replacement]: Mark as "innate".
* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24)
(glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove
'replacement' field, which was set to #f.
* gnu/packages/commencement.scm (perl-boot0): Likewise.
* gnu/packages/fontutils.scm (graphite2/fixed): Likewise.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise.
* gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise.
* gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise.
* gnu/packages/icu4c.scm (icu4c/fixed): Likewise.
* gnu/packages/image.scm (libpng-apng): Likewise.
* gnu/packages/make-bootstrap.scm (%guile-static): Likewise.
* gnu/packages/pcre.scm (pcre/fixed): Likewise.
* gnu/packages/perl.scm (perl/fixed): Likewise.
* gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1)
(ruby-1.8): Likewise.
* gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise.
* gnu/packages/xml.scm (expat-2.2.1): Likewise.
2017-07-03 23:51:22 +02:00
Mark H Weaver
13fa4d7c35
gnu: glibc: Fix build on i686.
This is followup to 503a4df904.
Fixes <https://bugs.gnu.org/27489>.

* gnu/packages/base.scm (glibc/linux): Add
"glibc-vectorized-strcspn-guards.patch" to patches.
2017-07-01 02:18:32 -04:00
Ludovic Courtès
503a4df904
gnu: glibc/linux: Add patches for CVE-2017-1000366.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/base.scm (glibc/linux)[source](patches): Add them.
[replacement]: Remove.
(glibc-2.25-patched): Remove.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)
(glibc-locales): Remove 'replacement' field.
2017-06-29 22:03:33 +02:00
Mark H Weaver
ed068b960e
Merge branch 'master' into core-updates 2017-06-26 00:00:58 -04:00
Mark H Weaver
ffc015bea2
gnu: glibc: Fix replacement on i686.
This is followup to 665d6a5916.
Fixes <https://bugs.gnu.org/27489>.

* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24, glibc-2.23)
(glibc-2.22): Add glibc-vectorized-strcspn-guards.patch to patches.
Move a comment where it belongs.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch: Swap with ...
* gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: ... this.
* gnu/packages/patches/glibc-vectorized-strcspn-guards.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.  Fix formatting.
2017-06-25 21:56:22 -04:00
Efraim Flashner
665d6a5916
gnu: glibc: Add mitigations for CVE-2017-1000366.
* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc-2.25-patched): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)[source]: Add patches.
[replacement]: New field.
(glibc-locales)[replacement]: New field.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Modified-By: Mark H Weaver <mhw@netris.org>
2017-06-24 02:42:37 -04:00
Mark H Weaver
56ed97c8b5
gnu: glibc-2.22: Return #t from 'fix-pwd' phase.
Based on a patch by Efraim Flashner <efraim@flashner.co.il>.

* gnu/packages/base.scm (glibc-2.22)[arguments]: Return #t from 'fix-pwd'
phase.
2017-06-24 02:42:24 -04:00
Ricardo Wurmus
ff647c3d38
gnu: glibc: Move i686 patch to source field.
This is a rewrite of changes introduced by commits
b2fd8f6367,
c2e4f14ac8,
441e99d433 and
d03b34cf19.

* gnu/packages/base.scm (glibc/linux)[source]: Add i686 patch.
[arguments]: Remove conditional patch application from build phase.
[native-inputs]: Remove patch.
(glibc/hurd)[arguments]: Inherit pre-configure build phase from glibc/linux.
* gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash)[native-inputs]:
Remove patch.
2017-05-29 06:14:11 +02:00
Marius Bakke
ccd7daae4c
gnu: Remove workaround for <https://bugs.gnu.org/26238>.
* gnu/packages/base.scm (coreutils-8.27): Remove variable.
* gnu/system.scm (%base-packages): Change back to COREUTILS.
2017-05-28 19:08:54 +02:00
Marius Bakke
f0c6dda640
gnu: binutils: Update to 2.28.
* gnu/packages/base.scm (binutils): Update to 2.28.
[source]<patches>: Remove upstreamed patch.
[arguments]<#:configure-flags>: Remove "--disable-werror"
* gnu/packages/patches/binutils-mips-bash-bug.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-05-28 19:08:40 +02:00
Marius Bakke
03bcf7c317
gnu: diffutils: Update to 3.6.
* gnu/packages/base.scm (diffutils): Update to 3.6.
2017-05-24 17:45:56 +02:00
Ricardo Wurmus
d1a914082b
Merge branch 'master' into core-updates 2017-05-24 12:05:47 +02:00
Ricardo Wurmus
441e99d433
gnu: glibc/hurd: Do not apply i686 patch.
This is a follow-up to commit c2e4f14ac8.

* gnu/packages/base.scm (glibc/hurd)[arguments]: Override pre-configure phase
with a copy that does not include the patch application.
2017-05-16 22:37:31 +02:00
Ricardo Wurmus
711a0dcefa
gnu: glibc/hurd: Use modify-phases syntax.
* gnu/packages/base.scm (glibc/hurd)[arguments]: Use modify-phases syntax.
2017-05-16 22:37:31 +02:00
Ludovic Courtès
5c6b6827e9
gnu: libiconv: Update to 1.15.
* gnu/packages/base.scm (libiconv): Update to 1.15.
2017-05-02 12:32:52 +02:00
Ricardo Wurmus
c2e4f14ac8
gnu: glibc/linux: Fix build of glibc-intermediate.
This is a follow-up to commit b2fd8f6367.

* gnu/packages/base.scm (glibc/linux)[arguments]: Take patch from either
native-inputs or just inputs; fix syntax error; report errors on patch
failure.
2017-04-30 13:01:20 +02:00
Ricardo Wurmus
b2fd8f6367
gnu: glibc/linux: Fix runtime crashes on i686 systems.
* gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash)[native-inputs]:
Add the patch conditionally for i686 systems.
* gnu/packages/base.scm (glibc/linux)[native-inputs]: Add the patch
conditionally for i686 systems.
[arguments]: Apply the patch conditionally on i686 systems.
2017-04-29 23:31:35 +02:00
Leo Famulari
39d2d9a7ab
Merge branch 'master' into staging 2017-04-25 14:27:03 -04:00
Ludovic Courtès
fd6ec6bd99
gnu: coreutils@8.27: Do not apply 'coreutils-cut-huge-range-test.patch'.
This patch is not needed in 8.27.
Reported by Mark H Weaver <mhw@netris.org>.

* gnu/packages/base.scm (coreutils-8.27)[arguments]: New field.
2017-04-23 01:24:57 +02:00
Leo Famulari
1524851f58
Merge branch 'master' into staging 2017-04-22 18:27:12 -04:00
Ludovic Courtès
78dea6f1d4
gnu: ld-wrapper: Build with Guile 2.2.
Reported by Sergei Trofimovich <slyfox@inbox.ru>.

* gnu/packages/base.scm (make-ld-wrapper): Change #:guile to default to
GUILE-2.2.
* gnu/packages/commencement.scm (ld-wrapper): Define in terms of
'make-ld-wrapper' such that #:guile-for-build and #:guile are the same.
2017-04-20 23:58:14 +02:00
Marius Bakke
e162050dfc
gnu: Add workaround for date regression in coreutils@8.26.
See <https://bugs.gnu.org/23035> and <https://bugs.gnu.org/26238>.

* gnu/packages/base.scm (coreutils-8.27): New variable.
* gnu/system.scm (%base-packages): Use that instead of COREUTILS.
2017-04-19 22:07:18 +02:00
Efraim Flashner
a55fbab722
gnu: libiconv: Update to 1.15.
* gnu/packages/base.scm (libiconv): Update to 1.15.
[source]: Remove snippet.
2017-04-18 06:38:01 +03:00
Mathieu Othacehe
da8e256a52
gnu: findutils: Fix make check issues on multi-core machines.
* gnu/packages/patches/findutils-gnulib-multi-core.patch: New file.
* gnu/local.mk (dist_patch): Add previous patch.
* gnu/packages/base.scm (findutils)[patches]: Add a reference
to the previous patch.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-04-17 21:35:32 +02:00
Sergei Trofimovich
dd58c53399
gnu: glibc/linux: Re-enable parallel build.
Parallel build failure was fixed upstream as:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e8b6be0016f131c2ac72bf3213eabdb59800e63b

* gnu/packages/base.scm (glibc/linux): Re-enable parallel build.

Signed-off-by: Sergei Trofimovich <slyfox@inbox.ru>
Signed-off-by: Kei Kebreau <kei@openmailbox.org>
2017-04-16 09:18:02 -04:00
Ludovic Courtès
1cbd63f205
gnu: coreutils: Update to 8.27.
* gnu/packages/base.scm (coreutils): Update to 8.27.
[source](patches): Remove "coreutils-fix-cross-compilation.patch" and
add "coreutils-cut-huge-range-test.patch".
[native-inputs]: Remove "coreutils-cut-huge-range-test.patch".
[arguments]: Remove 'patch-cut-test' phase.  Remove #:parallel-tests?.
* gnu/local.mk (dist_patch_DATA): Remove
"coreutils-fix-cross-compilation.patch".
* gnu/packages/patches/coreutils-fix-cross-compilation.patch: Remove.
* gnu/packages/patches/coreutils-cut-huge-range-test.patch: Adjust.
2017-04-08 23:27:08 +02:00
rennes
b81d11e580
gnu: grep: Fix for gnulib library.
* gnu/packages/patches/grep-gnulib-lock.patch: New file.
* gnu/packages/base.scm (grep)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-04-08 19:04:44 +03:00
Leo Famulari
52196aea19
gnu: tzdata: Update to 2017b.
* gnu/packages/base.scm (tzdata): Update to 2017b.
2017-04-02 20:25:42 -04:00
Marius Bakke
84157bb8bf
Merge branch 'master' into core-updates
Most conflicts are from 6fd52309b8.
2017-03-30 22:59:53 +02:00
Tobias Geerinckx-Rice
6fd52309b8
gnu: Use HTTPS for almost all gnu.org HOME-PAGEs.
All HTTP gnu.org (and supported subdomain) HOME-PAGEs changed to HTTPS.
2017-03-30 01:30:16 +02:00
Ludovic Courtès
d1e3f59c9b
gnu: coreutils: Patch 'cut' unit test on ARM.
Fixes <https://bugs.gnu.org/26253>.

* gnu/packages/patches/coreutils-cut-huge-range-test.patch: New file.
* gnu/packages/base.scm (coreutils)[native-inputs]: Add it as an input.
[arguments] <#:phases>: On ARM, add 'patch-cut-test' phase.
* gnu/local.mk (dist_patch_DATA): Add 'coreutils-cut-huge-range-test.patch'.
2017-03-25 23:31:10 +01:00
Leo Famulari
3ffaec136f
gnu: Add a tzdata variant for testing purposes.
* gnu/packages/base.scm (tzdata-2017a): New variable.
* gnu/packages/glib.scm (glib)[inputs]: Remove tzdata.
[native-inputs]: Add tzdata-2017a.
[arguments]: Add tzdata-2017a to #:disallowed-references.
* gnu/packages/statistics.scm (r)[inputs]: Remove tzdata.
[native-inputs]: Add tzdata-2017a.
[arguments]: Add tzdata-2017a to #:disallowed-references.
2017-03-12 20:45:46 -04:00
Leo Famulari
8ea0700d23
gnu: tzdata: Update to 2017a.
* gnu/packages/base.scm (tzdata): Update to 2017a.
2017-03-08 18:08:19 -05:00
Efraim Flashner
e747964420
gnu: coreutils: Don't run tests in parallel.
* gnu/packages/base.scm (coreutils)[arguments]: Add '#:parallel-tests? #f'
to address a race contition in the test suite.
2017-02-20 10:57:18 +02:00
Marius Bakke
f3a79f88e5
gnu: grep: Update to 3.0.
* gnu/packages/base.scm (grep): Update to 3.0.
2017-02-10 16:16:17 +01:00
Efraim Flashner
7ca72ec44b
gnu: glibc: Add version 2.24.
* gnu/packages/base.scm (glibc-2.24): New variable.
2017-02-07 19:41:04 +02:00
Efraim Flashner
242c092745
gnu: glibc: Update to 2.25.
* gnu/packages/base.scm (glibc): Update to 2.25
2017-02-07 19:34:41 +02:00
Marius Bakke
0cd3e44577
gnu: grep: Update to 2.28.
* gnu/packages/base.scm (grep): Update to 2.28.
2017-02-07 17:01:23 +01:00
Marius Bakke
d6592d84ca
gnu: sed: Update to 4.4.
* gnu/packages/base.scm (sed): Update to 4.4.
2017-02-04 10:49:54 +01:00
Manolis Ragkousis
82a7a8c667
gnu: coreutils: Fix cross-compilation.
* gnu/packages/patches/coreutils-fix-cross-compilation.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (coreutils)[source]: Use it.
2017-01-27 10:19:25 +02:00
Ludovic Courtès
c8b44fc107
gnu: sed: Do not attempt to rebuild 'doc/sed.1'.
* gnu/packages/base.scm (sed)[arguments]: Add 'dont-rebuild-sed.1'
phase.
[native-inputs]: Remove.
2017-01-22 13:13:36 +01:00
Ludovic Courtès
8a296947a6
gnu: sed: Use the same phases whether or not we're cross-compiling.
* gnu/packages/base.scm (sed)[arguments]: Make #:phases argument
unconditional.  In 'patch-test-suite' phase, use (which "sh") instead of
referring to the "bash" input.
2017-01-22 13:13:35 +01:00
Leo Famulari
e483139141
gnu: glibc/linux: Use /bin/sh instead of /bin/bash as the default shell.
* gnu/packages/base.scm (glibc/linux)[arguments]: Use /bin/sh for scripts that
lack a shebang.
2017-01-06 17:16:03 -05:00