Includes fixes for CVE-2020-6821, CVE-2020-6822, CVE-2020-6825,
CVE-2020-6827, and CVE-2020-6828.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
The tester binary generated gets installed with about 20 MiB of data files,
and the HTML documentation weighs another 500 KiB or so. Move them to
separate outputs.
* gnu/packages/patches/mediastreamer-srtp2.patch: Rename to...
* gnu/packages/patches/mediastreamer2-srtp2.patch: ...this, to please 'guix
lint'.
* gnu/local.mk (dist_patch_DATA): Adapt.
* gnu/packages/linphone.scm (mediastreamer2)[patches]: Likewise.
[outputs]: Add the "doc" and "tester" outputs.
[phases]: Add a phase to move the HTML doc and tester binary and data to the
'doc' and 'tester' outputs, respectively.
[description]: Remove the unicode characters surrounding the word 'powerful'.
* gnu/packages/patches/mediastreamer-srtp2.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linphone.scm (mediastreamer2)[source]: Use it.
These patches were originally found at the debian mingw-w64 team's
mingw-w64 repo, and should improve the reproducibility of our mingw-w64
toolchain.
* gnu/packages/patches/mingw-w64-dlltool-temp-prefix.patch: New file.
* gnu/packages/patches/mingw-w64-reproducible-gendef.patch: New file.
* gnu/local.mk (dist_patch_DATA): Update accordingly.
* gnu/packages/mingw.scm (make-mingw-w64): Apply patches.
Includes fixes for CVE-2020-6819 and CVE-2020-6820.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
This also removes the execute bit from the patches added. Not sure how
or why those were set in the first place.
* gnu/packages/cross-base.scm (package-with-extra-patches): Imitate
PACKAGE-WITH-PATCH instead of using it.
* gnu/packages/patches/binutils-mingw-w64-reproducible-import-libraries.patch:
Remove execute bit.
* gnu/packages/patches/binutils-mingw-w64-specify-timestamp.patch:
Remove execute bit.
These patches were originally found at the debian mingw-w64 team's
binutils repo, and should improve the reproducibility of our mingw-w64
toolchain.
* gnu/packages/patches/binutils-mingw-w64-reproducible-import-libraries.patch:
New file.
* gnu/packages/patches/binutils-mingw-w64-specify-timestamp.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Update accordingly.
* gnu/packages/cross-base.scm (cross-binutils): Apply relevant patches
if target is mingw-w64.
(package-with-extra-patches): New procedure.
* gnu/packages/patches/sdl2-mesa-compat.patch: Delete file.
* gnu/packages/sdl.scm (sdl2): Update to 2.0.12.
[source]: Drop patch that was included in this release.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/packages/finance.scm (beancount): New variable.
* gnu/packages/patches/beancount-disable-googleapis-fonts.patch: New file.
* gnu/local.mk: Add it.
* gnu/packages/patches/pam-krb5-CVE-2020-10595.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/admin.scm (pam-krb5)[source]: Use it.
Fixes <https://bugs.gnu.org/24076>.
* gnu/packages/patches/gnupg-default-pinentry.patch: New file. Use $HOME to find
the user's Guix profile and installed pinentry.
* gnu/local.mk (dist_patch_DATA): Add the patch.
* gnu/packages/gnupg.scm (gnupg)[source]: Use it.
* gnu/packages/crypto.scm (hash-extender): Update to newer commit.
* gnu/packages/patches/hash-extender-test-suite.patch: The patch
was merged upstream, no need to apply it anymore.
* gnu/local.mk (dist_patch_DATA): Unregister the patch file.
Fixes <https://bugs.gnu.org/24076>.
Reported by Danny Milosavljevic <dannym@scratchpost.org>.
* gnu/packages/patches/gnupg-default-pinentry.patch: New file.
* gnu/packages/gnupg.scm (gnupg)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icu4c-CVE-2020-10531.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/icu4c.scm (icu4c)[replacement]: New field.
(icu4c/fixed): New variable.
* gnu/packages/crypto.scm (hash-extender): New variable.
* gnu/packages/patches/hash-extender-test-suite.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register the new file.
* gnu/packages/patches/ffmpeg-prefer-dav1d.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/video.scm (ffmpeg)[source]: Use it.
* gnu/packages/games.scm (foobillard++): New variable.
* gnu/packages/patches/foobillard++-pkg-config.patch: New file.
* gnu/local.mk: Reference new file.
* gnu/packages/kde-pim.scm (kdepim-runtime): New variable.
* gnu/packages/patches/kdepim-runtime-Fix-missing-link-libraries.patch:
New file.
* gnu/local.mk: Add it.
* gnu/packages/kde-pim.scm (libksieve): New variable.
* gnu/packages/patches/libksieve-Fix-missing-link-libraries.patch:
New file.
* gnu/local.mk: Add it.
* gnu/packages/algebra.scm (eigen): Update to 3.3.7.
[source]: Add a patch to fix a test failure.
* gnu/packages/patches/eigen-stabilise-sparseqr-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/fribidi.scm (bidiv): New variable.
* gnu/packages/patches/bidiv-update-fribidi.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/bluez-CVE-2020-0556.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (bluez)[replacement]: New field.
(bluez/fixed): New variable.
