Commit graph

993 commits

Author SHA1 Message Date
Marius Bakke
b4c22f2546
Merge branch 'master' into core-updates 2017-11-02 22:24:24 +01:00
Julien Lepiller
8d6a48150a
gnu: Add java-powermock-reflect.
* gnu/packages/java.scm (java-powermock-reflect): New variable.
* gnu/packages/patches/java-powermock-fix-java-files.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-11-02 13:07:17 +01:00
Efraim Flashner
4e080fbb0b
gnu: icu4c: Update to 60.1.
* gnu/packages/icu4c.scm (icu4c): Update to 60.1.
[source]: Remove patches.
* gnu/packages/patches/icu4c-CVE-2017-14952.patch,
gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch,
icu4c-reset-keyword-list-iterator.patch: Remove files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-11-02 09:08:02 +02:00
Efraim Flashner
19b7bba1b5
Merge remote-tracking branch 'origin/master' into core-updates 2017-11-01 10:29:59 +02:00
Marius Bakke
4119376d66
gnu: exiv2: Add upstream security fixes.
Fixes CVE-2017-14859, CVE-2017-14860, CVE-2017-14862 and CVE-2017-14864.

* gnu/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch,
gnu/packages/patches/exiv2-CVE-2017-14860.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/image.scm (exiv2)[source]: Use them.
2017-10-27 00:50:09 +02:00
Marius Bakke
6b88912eb6
gnu: wget: Update to 1.19.2 [fixes CVE-2017-13089 and CVE-2017-13090].
* gnu/packages/wget.scm (wget): Update to 1.19.2.
[source](uri): Change to '.lz' tarball.
[source](patches): Remove.
[native-inputs]: Add LZIP.
* gnu/packages/patches/wget-CVE-2017-6508.patch,
gnu/packages/patches/wget-fix-504-test-timeout.patch,
gnu/packages/patches/wget-perl-5.26.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-10-26 23:45:17 +02:00
Efraim Flashner
eda8a841ac
Merge remote-tracking branch 'origin/python-updates' into core-updates 2017-10-26 12:45:11 +03:00
Tobias Geerinckx-Rice
b7883b111d
Merge branch 'master' into core-updates 2017-10-25 20:02:08 +02:00
Pierre Langlois
de98f4ed55
gnu: Add crypto++.
* gnu/packages/crypto.scm (crypto++): New variable.
* gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

Co-authored-by: Ricardo Wurmus <rekado@elephly.net>
2017-10-25 14:54:13 +02:00
Marius Bakke
ca4fd41de8
Merge branch 'master' into core-updates 2017-10-24 22:00:23 +02:00
Leo Famulari
ae7e24c421
gnu: mupdf: Fix CVE-2017-{14685,14686,14687}.
* gnu/packages/patches/mupdf-CVE-2017-14685.patch,
gnu/packages/patches/mupdf-CVE-2017-14686.patch,
gnu/packages/patches/mupdf-CVE-2017-14687.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/pdf.scm (mupdf)[source]: Use them.
2017-10-24 13:44:34 -04:00
Leo Famulari
6dcc8239be
gnu: icu4c: Fix CVE-2017-14952.
* gnu/packages/patches/icu4c-CVE-2017-14952.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/icu4c.scm (icu4c)[replacement]: New field.
(icu4c-fixed): New variable.
2017-10-24 13:10:35 -04:00
Marius Bakke
60e29339d8
gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671.
* gnu/packages/patches/glibc-CVE-2017-15670-15671.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc/fixed): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22)[source](patches): Add
'glibc-CVE-2017-15670-15671.patch'.
2017-10-22 23:13:09 +02:00
Marius Bakke
3f9204c916
gnu: ghostscript: Remove graft for 9.22.
* gnu/packages/patches/ghostscript-CVE-2017-8291.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.22.
[replacement]: Remove field.
[source](patches): Remove 'ghostscript-CVE-2017-8291.patch'.
(ghostscript-9.22): Remove variable.
2017-10-22 20:15:25 +02:00
Marius Bakke
119a749db9
Merge branch 'master' into core-updates 2017-10-22 20:12:52 +02:00
Leo Famulari
7827032a7c
gnu: libvirt: Fix CVE-2017-1000256.
* gnu/packages/patches/libvirt-CVE-2017-1000256.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (libvirt)[source]: Use it.
2017-10-20 15:36:43 -04:00
Leo Famulari
9ccce79910
gnu: musl: Update to 1.1.17.
* gnu/packages/musl.scm (musl): Update to 1.1.17.
[source]: Remove patch.
* gnu/packages/patches/musl-CVE-2016-8859.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-19 17:37:25 -04:00
Efraim Flashner
01c7193e0b
gnu: automake: Update to 1.15.1.
* gnu/packages/autotools.scm (automake): Update to 1.15.1.
[source]: Remove patches.
(automake/latest): Remove package.
* gnu/packages/patches/automake-regexp-syntax.patch,
gnu/packages/patches/automake-test-gzip-warning.patch: Remove files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2017-10-19 09:04:42 +03:00
Marius Bakke
7439173f2c
gnu: python-unittest2: Update to 1.1.0.
* gnu/packages/python.scm (python-unittest2): Update to 1.1.0.
[source]: Use PYPI-URI. Add two patches.
[arguments]: Add phase to run tests.
[propagated-inputs]: Add PYTHON-SIX and PYTHON-TRACEBACK2.
(python2-unittest2): Use 'package-with-python2'.
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: Rename to ...
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: ... this.
* gnu/packages/patches/python-unittest2-python3-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
2017-10-19 00:16:52 +02:00
Marius Bakke
b18226c3a1
gnu: python@3: Update to 3.6.3.
* gnu/packages/patches/python-3.5-fix-tests.patch: Rename to ...
* gnu/packages/patches/python-3-fix-tests.patch: ... this. Adjust and disable
more tests.
* gnu/packages/patches/python-3.5-getentropy-on-old-kernels.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/python.scm (python-2.7)[argument]: Patch '/bin/sh' in one more file.
(python-3.5): Rename to ...
(python-3.6): ... this. Update to 3.6.3.
[source](patches): Remove obsolete patch, adjust to patch rename.
(python-3): Use PYTHON-3.6.
2017-10-19 00:16:49 +02:00
Marius Bakke
603a64920f
gnu: python@2: Update to 2.7.14.
* gnu/packages/python.scm (python-2.7): Update to 2.7.14.
[source]: Add patch to skip two new tests.  Delete upstreamed patch.
* gnu/packages/patches/python-2.7-adjust-tests.patch: New file.
* gnu/packages/patches/python-2.7-getentropy-on-old-kernels.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
2017-10-19 00:16:49 +02:00
Marius Bakke
07dfc89859
gnu: mupdf: Fix CVE-2017-15587.
* gnu/packages/patches/mupdf-CVE-2017-15587.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (mupdf)[source](patches): Use it.
2017-10-18 22:15:09 +02:00
Ricardo Wurmus
d991b05664
gnu: Add Axoloti.
* gnu/packages/axoloti.scm: New file.
* gnu/packages/patches/libusb-for-axoloti.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch.
(GNU_SYSTEM_MODULES): Add module.
2017-10-17 16:49:20 +02:00
Leo Famulari
09748a3527
gnu: wpa-supplicant: Fix "KRACK" key reinstallation attacks [security fixes].
Fixes CVE-2017-{13078,13079,13080,13081,13082,13087,13088}.

See these announcements for more information:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.krackattacks.com/

* gnu/packages/patches/wpa-supplicant-CVE-2017-13082.patch,
gnu/packages/patches/wpa-supplicant-fix-key-reuse.patch,
gnu/packages/patches/wpa-supplicant-fix-nonce-reuse.patch
gnu/packages/patches/wpa-supplicant-fix-zeroed-keys.patch,
gnu/packages/patches/wpa-supplicant-krack-followups.patch: New files.
* gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Use them.
* gnu/local.mk (dist_patch_DATA): Add them.
2017-10-16 14:17:27 -04:00
Thomas Danckaert
8cff2e7aed
Merge 'master' into core-updates 2017-10-16 19:52:30 +02:00
ng0
96acbc2be8
gnu: Add cinnamon-desktop.
* gnu/packages/cinnamon.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.

Signed-off-by: Christopher Baines <mail@cbaines.net>
2017-10-15 20:29:31 +01:00
Efraim Flashner
404e3d8b1b
gnu: gcc@5: Update to 5.5.0.
* gnu/packages/gcc.scm (gcc@5): Update to 5.5.0.
[source]: Switch to '.tar.xz' tarball. Remove patch.
* gnu/packages/patches/gcc-asan-powerpc-missing-include.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-13 17:13:22 +03:00
Leo Famulari
56a37713c3
gnu: Add go-github-com-audriusbutkevicius-go-nat-pmp.
* gnu/packages/syncthing.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
2017-10-12 21:22:44 -04:00
Marius Bakke
c60ecc35da
gnu: glib: Update to 2.54.1.
See <https://bugzilla.gnome.org/show_bug.cgi?id=776504> for the license change.

* gnu/packages/patches/glib-respect-datadir.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/glib.scm (glib): Update to 2.54.1.
[source](patches): Add 'glib-respect-datadir.patch'.
[arguments]<#:phases>: Re-enable timezone test.
[license]: Change to LGPL2.1+.
2017-10-12 20:40:55 +02:00
Ludovic Courtès
7ad81b8b67
gnu: totem: Update to 3.26.0.
* gnu/packages/gnome.scm (totem): Update to 3.26.0.
[source]: Add 'patches' field.
[build-system]: Switch to MESON-BUILD-SYSTEM.
[native-inputs]: Add GTK+:bin and GLIB:bin.
[arguments]: Pass #:glib-or-gtk?.  Adjust #:configure-flags to new
syntax.
* gnu/packages/patches/totem-meson-easy-codec.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
2017-10-11 23:00:46 +02:00
Marius Bakke
c09629520b
gnu: libxml2: Update to 2.9.6.
While at it, remove leftover patches since libxml2/fixed went missing
without conflict in c01ef97594.

* gnu/packages/patches/libxml2-CVE-2017-0663.patch,
gnu/packages/patches/libxml2-CVE-2017-7375.patch,
gnu/packages/patches/libxml2-CVE-2017-7376.patch,
gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch,
gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch:  Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/xml.scm (libxml2): Update to 2.9.6.
2017-10-10 22:36:42 +02:00
Marius Bakke
c01ef97594
Merge branch 'master' into core-updates 2017-10-10 22:33:28 +02:00
Marius Bakke
1c055d7258
Merge branch 'staging' 2017-10-10 21:44:32 +02:00
Marius Bakke
97ecd75e28
gnu: libxfont: Fix CVE-2017-13720, CVE-2017-13722.
* gnu/packages/patches/libxfont-CVE-2017-13720.patch,
  gnu/packages/patches/libxfont-CVE-2017-13722.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/xorg.scm (libxfont, libxfont2)[source]: Use them.
2017-10-10 19:34:02 +02:00
Marius Bakke
c334058f6e
gnu: libmwaw: Update to 0.3.12.
* gnu/packages/libreoffice.scm (libmwaw): Update to 0.3.12.
[source](patches): Remove.
[arguments]: Remove.
* gnu/packages/patches/libmwaw-CVE-2017-9433.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-10 18:38:01 +02:00
Marius Bakke
5124e63775
gnu: libvisio: Update to 0.1.5.
* gnu/packages/patches/libvisio-fix-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libreoffice.scm (libvisio): Update to 0.1.5.
[source]: Add 'libvisio-fix-tests.patch'.
[arguments]: Remove.
2017-10-10 18:38:00 +02:00
Cyril Roelandt
4792a0321a
gnu: python2-unittest2: Update to 1.1.0.
* gnu/packages/python.scm (python2-unittest2): Update to 1.1.0.
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: New file.
* gnu/local.mk: Add it.
2017-10-10 02:36:35 +02:00
Christopher Baines
6626c54ddf
gnu: Add missing mongodb patch to local.mk.
* gnu/local.mk (dist_patch_DATA): Add the
  mongodb-support-unknown-linux-distributions.patch.
2017-10-08 15:11:04 +01:00
Marius Bakke
6a317919cf
Merge branch 'master' into staging 2017-10-06 11:03:27 +02:00
Marius Bakke
3f697ff2e8
gnu: openjpeg: Update to 2.3.0.
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch,
gnu/packages/patches/openjpeg-CVE-2017-14040.patch,
gnu/packages/patches/openjpeg-CVE-2017-14041.patch,
gnu/packages/patches/openjpeg-CVE-2017-14151.patch,
gnu/packages/patches/openjpeg-CVE-2017-14152.patch,
gnu/packages/patches/openjpeg-CVE-2017-14164.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.3.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Adjust openjpeg
substitution.
2017-10-05 20:28:32 +02:00
Maxim Cournoyer
19d2713196
gnu: gcc: Fix manual pages.
Fixes bug #24069. perl is made a native input to all of the gcc-* packages
except for gcc-boot0; perl-boot0 is made a native input to gcc-final.

* gnu/packages/patches/gcc-fix-texi2pod.patch: Add patch file to fix texi2pod.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gcc.scm (gcc-4.7, gcc-4.8, gcc-4.9, gcc-5): Use it.
(gcc-4.7)[native-inputs]: Add perl.
(gcc-4.9)[native-inputs]: Likewise.
* gnu/packages/commencement.scm (gcc-boot0)[native-inputs]: Remove perl.
(gcc-final)[native-inputs]: Add perl-boot0.

Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2017-10-05 21:15:21 +03:00
Kei Kebreau
46cf31868c
gnu: curl: Update replacement to 7.56.0 [security fixes].
Fixes CVE-2017-1000254.
See <https://curl.haxx.se/docs/adv_20171004.html> for details.

* gnu/packages/curl.scm (curl)[replacement]: Update to 7.56.0.
(curl-7.55.0): Rename to ...
(curl-7.56.0): ... this.
[arguments]: Remove 'fix-Makefile' phase.
[source]: Remove patch.
* gnu/packages/patches/curl-bounds-check.patch: Delete it.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-10-04 19:37:55 -04:00
Marius Bakke
7716ccd59c
Merge branch 'master' into staging 2017-10-05 00:45:38 +02:00
Marius Bakke
a35532f52d
gnu: xorg-server: Update to 1.19.4 [fixes CVE-2017-13721, CVE-2017-13723].
The GPG signature for the bz2 tarball is bad, but the checksum matches the
signed release announcement, and contents are identical to the good .gz.

* gnu/packages/xorg.scm (xorg-server): Update to 1.19.4.
[source]: Remove obsolete patches.
* gnu/packages/patches/xorg-server-CVE-2017-10971.patch,
gnu/packages/patches/xorg-server-CVE-2017-10972.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
2017-10-05 00:42:56 +02:00
Efraim Flashner
f473b8f1f7
gnu: clisp: Update to 2.49-60.
* gnu/packages/lisp.scm (clisp): Update to 2.49-60.
[source]: Download mercurial repository, apply patch.
[inputs]: Replace readline@6.2 with readline, add ncurses.
[arguments]: Add multiple configure flags. Remove build phase to build
in "src" directory. Remove more uses of a timestamp.
2017-10-04 09:29:24 +03:00
Marius Bakke
f9bd2051f0
gnu: qemu: Update to 2.10.1.
* gnu/packages/patches/qemu-CVE-2017-13711.patch,
  gnu/packages/patches/qemu-CVE-2017-14167.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/virtualization.scm (qemu): Update to 2.10.1.
[source](patches): Remove.
2017-10-03 23:22:54 +02:00
Cyril Roelandt
2299f5cd78
gnu: python-nose-timer: Add missing patch.
* gnu/packages/patches/python-nose-timer-drop-ordereddict.patch: New file.
* gnu/local.mk: Add it.
2017-10-03 22:41:25 +02:00
Kei Kebreau
4d6801b735
gnu: graphicsmagick: Fix CVE-2017-14649.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patch.
* gnu/packages/patches/graphicsmagick-CVE-2017-14649.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-10-03 11:56:24 -04:00
Dave Love
a66408f8c0
gnu: Add cube.
* gnu/packages/profiling.scm(cube): New variable.
* gnu/packages/patches/cube-nocheck.patch: New file.
* gnu/local.mk: Add it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-10-03 17:07:55 +02:00
Dave Love
6a3af24f06
gnu: Add papi.
* gnu/packages/profiling.scm: New file.
* gnu/local.mk: Add it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2017-10-03 17:07:55 +02:00