Commit graph

728 commits

Author SHA1 Message Date
Leo Famulari
8d138ea087
gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].
Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.

* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
2017-06-15 11:28:21 -04:00
Leo Famulari
0c5a8007fe
gnu: zziplib: Fix CVE-2017-{5974,5975,5976,5978,5979,5981}.
* gnu/packages/patches/zziplib-CVE-2017-5974.patch,
gnu/packages/patches/zziplib-CVE-2017-5975.patch,
gnu/packages/patches/zziplib-CVE-2017-5976.patch,
gnu/packages/patches/zziplib-CVE-2017-5978.patch,
gnu/packages/patches/zziplib-CVE-2017-5979.patch,
gnu/packages/patches/zziplib-CVE-2017-5981.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/zip.scm (zziplib)[source]: Use them.
2017-06-15 11:12:02 -04:00
Ricardo Wurmus
db90eb8c2b
gnu: Add propeller-gcc-4.
* gnu/packages/embedded.scm (propeller-gcc-4): New variable.
* gnu/packages/patches/gcc-4.6-gnu-inline.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-15 17:06:47 +02:00
Leo Famulari
75072795bd
gnu: osip: Fix CVE-2017-7853.
* gnu/packages/patches/osip-CVE-2017-7853.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/telephony.scm (osip)[source]: Use it.
2017-06-14 13:16:21 -04:00
Ludovic Courtès
8e469b67f9
gnu: guile-ssh: Close RREPL channel ports before they are finalized.
Partly fixes <https://bugs.gnu.org/26976>.

* gnu/packages/patches/guile-ssh-channel-finalization.patch: New file.
* gnu/packages/ssh.scm (guile-ssh)[source](patches): Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-13 23:22:19 +02:00
Marius Bakke
a10040e09b
gnu: nss, nss-certs: Update to 3.31.
Release notes:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes>

* gnu/packages/certs.scm (nss-certs): Update to 3.31.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[source]<patches>: Remove upstream 'nss-disable-long-b64-tests' patch.
[arguments]<#:phases>: Move armhf timeout substitution ...
* gnu/packages/patches/nss-increase-test-timeout.patch: ... here.
* gnu/packages/patches/nss-disable-long-b64-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-12 21:31:12 +02:00
nee
1243aaac73
gnu: crawl: Fix savegame upgrades.
* gnu/packages/patches/crawl-upgrade-saves.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/games.scm (crawl)[source]: Apply patch.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-06-12 15:02:23 +05:30
Leo Famulari
34a0984e57
gnu: libmwaw: Fix CVE-2017-9433.
* gnu/packages/patches/libmwaw-CVE-2017-9433.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libreoffice.scm (libmwaw)[source]: Use it.
2017-06-12 01:20:34 -04:00
Marius Bakke
75cc8fe9ea
gnu: libextractor: Update to 1.4.
* gnu/packages/gnunet.scm (libextractor): Update to 1.4.
[source]: Remove obsolete patch and snippet.
* gnu/packages/patches/libextractor-ffmpeg-3.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-11 15:42:51 +02:00
Marius Bakke
88e2511e21
gnu: gnutls: Replace with 3.5.13.
This update addresses the following security advisories:

GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.

See <https://gnutls.org/security.html> and <https://gnutls.org/news.html>.

* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register patches.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls-3.5.13): New variable.
(gnutls/guile-2.2)[replacement]: New field. Set #f.
[source]: Inherit from GNUTLS-3.5.13.
2017-06-11 01:08:58 +02:00
ng0
e5eede3fb3
gnu: Rename (gnu packages markdown) to (gnu packages markup).
* gnu/packages/markdown.scm: Rename this ...
* gnu/packages/markup.scm: ... to this.
* gnu-system.am (GNU_SYSTEM_MODULES): Change markdown.scm to markup.scm.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-06-10 00:11:36 +02:00
Marius Bakke
099c9fdae6
gnu: raptor2: Fix heap overflow bug.
* gnu/packages/patches/raptor2-heap-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/rdf.scm (raptor2): Use it.
2017-06-09 01:16:55 +02:00
Ludovic Courtès
dfcd02c0f6
gnu: artanis: Update to 0.2.1.
* gnu/packages/guile.scm (artanis): Update to 0.2.1.
[inputs]: Switch to GUILE-2.2.
[arguments]: Adjust #:make-flags for Guile 2.2.  Take .go files from
lib/guile/2.2.  Add 'wrap-art' phase.
* gnu/packages/patches/artanis-fix-Makefile.in.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-08 23:54:56 +02:00
Leo Famulari
15df12beae
gnu: perl: Fix CVE-2017-6512 in File::Path.
* gnu/packages/perl.scm (perl)[replacement]: New field.
(perl/fixed): New variable.
* gnu/packages/patches/perl-file-path-CVE-2017-6512.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-06-06 20:59:12 -04:00
Arun Isaac
a3d3b7a4e1
gnu: Add js-mathjax.
* gnu/packages/javascript.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/javascript.scm (js-mathjax): New variable.
2017-06-05 19:16:06 +05:30
Marius Bakke
00c5e3e5fc
gnu: xf86-input-wacom: Update to 0.34.2.
* gnu/packages/xdisorg.scm (xf86-input-wacom): Update to 0.34.2.
[source]: Remove obsolete patch.
* gnu/packages/patches/xf86-input-wacom-xorg-abi-25.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-06-05 14:58:01 +02:00
Marius Bakke
f484a50d50
Merge branch 'staging' 2017-06-05 00:36:11 +02:00
Ludovic Courtès
fb976ada5b
gnu: libssh: Update to 0.7.5.
* gnu/packages/ssh.scm (libssh): Update to 0.7.5.
[source](patches): New field.
2017-06-04 23:00:32 +02:00
Manolis Ragkousis
6bf11392f9
gnu: Add openscenegraph.
* gnu/packages/graphics.scm (openscenegraph): New variable.
* gnu/packages/patches/openscenegraph-ffmpeg3.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
2017-06-04 21:57:08 +03:00
Leo Famulari
8b5cb8d054
gnu: qemu: Fix CVE-2017-{8112,8309,8379,8380}.
* gnu/packages/patches/qemu-CVE-2017-8112.patch,
gnu/packages/patches/qemu-CVE-2017-8309.patch,
gnu/packages/patches/qemu-CVE-2017-8379.patch,
gnu/packages/patches/qemu-CVE-2017-8380.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/qemu.scm (qemu)[source]: Use them.
2017-06-03 20:50:10 -04:00
Sergei Trofimovich
34cfeca84e
gnu: libgit2: Fix Clar test framework.
This commit reverts 'patch' hack introduced in
a48a1071a6 and fixes bug in the Clar test
framework.

Patch is proposed to Clar upstream as
<https://github.com/vmg/clar/pull/78>.

* gnu/local.mk: Add libgit2-0.25.1-mtime-0.patch.
* gnu/packages/patches/libgit2-0.25.1-mtime-0.patch: New file.
* gnu/packages/version-control.scm (libgit2)[arguments]:
Remove 'apply-patch' phase.
[inputs]: Remove "patch".
[source]: Add 'patches' field.

Signed-off-by: Sergei Trofimovich <slyfox@inbox.ru>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-04 00:56:18 +02:00
John Darrington
fb226b4351
gnu: Move vtk to image-processing.scm.
* gnu/packages/image-processing.scm (vtk): New variable.
* gnu/packages/vtk.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Remove it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-06-02 18:47:06 +02:00
Ethan R. Jones
17ce0d45bd
gnu: Add libzen.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add new file.
* gnu/packages/cpp.scm (libzen): New varible.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-05-31 17:08:45 +02:00
Leo Famulari
b0415c0361
gnu: openldap: Fix CVE-2017-9287.
* gnu/packages/patches/openldap-CVE-2017-9287.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/openldap.scm (openldap)[replacement]: New field.
(openldap/fixed): New variable.
2017-05-30 18:15:23 -04:00
Kei Kebreau
adc5cb1b49
gnu: Add libgdata.
* gnu/packages/gnome.scm (libgdata): New variable.
* gnu/packages/patches/libgdata-fix-tests.patch,
gnu/packages/patches/libgdata-glib-duplicate-tests.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-05-30 13:13:16 -04:00
Leo Famulari
4a897c4990
gnu: jasper: Update to 2.0.13.
* gnu/packages/image.scm (jasper): Update to 2.0.13.
[source]: Use GitHub URL and set the file-name. Remove
'jasper-CVE-2017-6850.patch'.
* gnu/packages/patches/jasper-CVE-2017-6850.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-05-29 12:52:30 -04:00
Marius Bakke
6f8cda185e
Merge branch 'master' into staging 2017-05-28 23:47:25 +02:00
Leo Famulari
0fd0bb56a8
gnu: rxvt-unicode: Disable an unwanted code execution vector.
* gnu/packages/patches/rxvt-unicode-escape-sequences.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (rxvt-unicode)[source]: Use it.
2017-05-28 14:41:46 -04:00
Leo Famulari
5cd0122e60
gnu: synfigstudio: Fix patch name in 'gnu/local.mk'.
This is a followup to commit 2ac2b17251.

* gnu/local.mk (dist_patch_DATA): Fix typo.
2017-05-28 14:34:43 -04:00
Leo Famulari
22e6656d25
gnu: libtiff: Update replacement to 4.0.8 [security fixes].
See 'ChangeLog' in the source distribution for more information about
the bugs and security issues fixed in this release.

* gnu/packages/image.scm (libtiff)[replacement]: Replace with libtiff-4.0.8.
(libtiff/fixed): Replace with ...
(libtiff-4.0.8): New variable.
* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-05-28 14:34:43 -04:00
Ricardo Wurmus
2ac2b17251
gnu: synfigstudio: Fix UI bug.
* gnu/packages/patches/synfigstudio-fix-ui-with-gtk3.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/animation.scm (synfigstudio)[source]: Apply patch.
2017-05-28 15:59:52 +02:00
Marius Bakke
3803b069f6
gnu: gajim: Fix CVE-2016-10376.
* gnu/packages/patches/gajim-CVE-2016-10376.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (gajim)[source]: Use it.
2017-05-28 13:18:24 +02:00
Ricardo Wurmus
21fea1d1a9
gnu: synfigstudio: Update to 1.2.0.
* gnu/packages/patches/synfig-build-fix.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove patch.
* gnu/packages/animation.scm (etl): Update to 0.04.22.
(synfig): Update to 1.2.0.
[source]: Remove patch.
[arguments]: Remove obsolete build phases.
[propagated-inputs]: Add fftw.
(synfigstudio): Update to 1.2.0.
[source]: Remove unnecessary snippet.
[arguments]: Remove.
2017-05-27 22:37:48 +02:00
ng0
574e4e16d8
gnu: Add florence.
* gnu/packages/accessibility.scm: New file.
* gnu/local.mk: (GNU_SYSTEM_MODULES): Add it.

Signed-off-by: Leo Famulari <leo@famulari.name>
2017-05-27 13:35:02 -04:00
Adriano Peluso
48174fb9aa
gnu: Add trytond.
* gnu/packages/tryton.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/tryton.scm (trytond): New variable.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-05-27 18:41:12 +05:30
Adriano Peluso
b208f71b9b
gnu: Add python-genshi.
* gnu/packages/python.scm (python-genshi, python2-genshi): New variables.
 * gnu/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch: New file.
 * gnu/packages/patches/python-genshi-buildable-on-python-2.7.patch: New file.
 * gnu/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch: New file.
 * gnu/packages/patches/python-genshi-fix-tests-on-python-3.5.patch: New file.
 * gnu/packages/patches/python-genshi-isstring-helper.patch: New file.
 * gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch: New file.
 * gnu/local.mk (dist_patch_DATA): Add them.

Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
2017-05-27 18:41:12 +05:30
Julien Lepiller
ba69e8f7ce
gnu: Add knot-service-type.
* gnu/services/dns.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (DNS Services): New subsubsection.
2017-05-27 10:40:24 +02:00
Mark H Weaver
12f37d6015
gnu: graphite2/fixed: Update to 1.3.10.
* gnu/packages/fontutils.scm (graphite2/fixed): Update to 1.3.10.  Remove
patches that have been incorporated upstream.
* gnu/packages/patches/graphite2-CVE-2017-5436.patch,
gnu/packages/patches/graphite2-check-code-point-limit.patch,
gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch,
gnu/packages/patches/graphite2-non-linear-classes-even-number.patch: Delete
files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-05-27 00:22:10 -04:00
Marius Bakke
9df24909e2
Merge branch 'master' into staging 2017-05-27 03:55:24 +02:00
Marius Bakke
ce1e6de076
gnu: gnome-shell: Update to 3.24.2.
* gnu/packages/patches/gnome-shell-CVE-2017-8288.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/gnome.scm (gnome-shell): Update to 3.24.2.
[source]: Remove patch.
2017-05-24 23:22:39 +02:00
Leo Famulari
ff51a87cae
gnu: libtasn1: Fix CVE-2017-6891.
* gnu/packages/patches/libtasn1-CVE-2017-6891.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (libtasn1)[replacement]: New field.
(libtasn1/fixed): New variable.
2017-05-24 16:57:40 -04:00
Ricardo Wurmus
9117448e76
gnu: Remove GCJ.
* gnu/packages/patches/gcj-arm-mode.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Delete it.
* gnu/packages/gcc.scm (javac.in, gcj, ecj-bootstrap): Remove variables.
2017-05-22 18:56:35 +02:00
Leo Famulari
10cb88f85c
gnu: jbig2dec: Fix CVE-2017-{7885,7975,7976}.
* gnu/packages/patches/jbig2dec-CVE-2017-7885.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7975.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7976.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jbig2dec)[source]: Use them.
2017-05-20 16:26:29 -04:00
Brendan Tildesley
d94a99ec66
gnu: calibre: Import unbundle feedparser patch from debian.
* gnu/packages/ebook.scm (calibre)[source]: Reference new patch file.
[inputs]: Add python2-feedparser as an input.
* gnu/packages/patches/calibre-use-packaged-feedparser.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-05-19 23:49:20 +02:00
Brendan Tildesley
7010d231db
gnu: calibre: Import dont-load-icons patch from debian.
* gnu/packages/patches/calibre-dont-load-remote-icons.patch: New file.
* gnu/packages/ebooks.scm (calibre)[source]: Add reference to patch file.
* gnu/local.mk (dist_path_DATA): Add it.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-05-19 23:49:20 +02:00
Ludovic Courtès
e7fbd49132
gnu: guile-ssh: Fix potential double-free/use-after-free issue.
Fixes <http://bugs.gnu.org/26976>.
Reported by Mark H Weaver <mhw@netris.org>.

* gnu/packages/patches/guile-ssh-double-free.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (guile-ssh)[source](patches): Add it.
2017-05-19 10:50:20 +02:00
Efraim Flashner
7c5cf7a29d
gnu: qtscript: Fix building on aarch64.
* gnu/packages/patches/qtscript-disable-tests.patch: New file.
* gnu/packages/qt.scm (qtscript)[source]: Use it.
* gnu/local.am (dist_patch_DATA): Register it.
2017-05-18 09:49:43 +03:00
Leo Famulari
b193fb2851
gnu: shadow: Update to 4.5.
This fixes a regression introduced by the fix for CVE-2017-2616.
See <https://github.com/shadow-maint/shadow/pull/72> for more information.

* gnu/packages/admin.scm (shadow): Update to 4.5.
[source]: Remove patches.
* gnu/packages/patches/shadow-4.4-su-snprintf-fix.patch,
gnu/packages/patches/shadow-CVE-2017-2616.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-05-17 21:20:29 -04:00
Ludovic Courtès
411ba51189
gnu: Add gspell.
* gnu/packages/patches/gspell-dash-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gspell): New variable.

Co-authored-by: humanitiesNerd <catonano@gmail.com>
2017-05-17 16:20:06 +02:00
Ludovic Courtès
6d35b1c99c
gnu: aspell: 'dict-dir' set to ~/.guix-profile/lib/aspell or $ASPELL_DICT_DIR.
See <https://bugs.gnu.org/25836> for background.

* gnu/packages/patches/aspell-default-dict-dir.patch: New file.
* gnu/packages/aspell.scm (aspell)[source](patches): New field.
[native-search-paths]: New field.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-05-17 16:20:06 +02:00