From: Ricardo Wurmus Date: Wed, 24 May 2017 10:05:47 +0000 (+0200) Subject: Merge branch 'master' into core-updates X-Git-Url: http://git.hcoop.net/jackhill/guix/guix.git/commitdiff_plain/d1a914082b7e53636f9801769ef96218b2125c4b Merge branch 'master' into core-updates --- d1a914082b7e53636f9801769ef96218b2125c4b diff --cc gnu/local.mk index a0d7cfd0ac,16b80fde9d..5ffd9779f9 --- a/gnu/local.mk +++ b/gnu/local.mk @@@ -524,7 -537,12 +537,11 @@@ dist_patch_DATA = %D%/packages/patches/clx-remove-demo.patch \ %D%/packages/patches/cmake-fix-tests.patch \ %D%/packages/patches/coda-use-system-libs.patch \ + %D%/packages/patches/cool-retro-term-dont-check-uninit-member.patch \ + %D%/packages/patches/cool-retro-term-fix-array-size.patch \ + %D%/packages/patches/cool-retro-term-memory-leak-1.patch \ + %D%/packages/patches/cool-retro-term-remove-non-free-fonts.patch \ %D%/packages/patches/coreutils-cut-huge-range-test.patch \ - %D%/packages/patches/coreutils-fix-cross-compilation.patch \ %D%/packages/patches/cpio-CVE-2016-2037.patch \ %D%/packages/patches/cpufrequtils-fix-aclocal.patch \ %D%/packages/patches/cracklib-CVE-2016-6318.patch \ @@@ -573,6 -592,9 +592,7 @@@ %D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ - %D%/packages/patches/freetype-CVE-2017-8105.patch \ - %D%/packages/patches/freetype-CVE-2017-8287.patch \ + %D%/packages/patches/fuse-overlapping-headers.patch \ %D%/packages/patches/gawk-shell.patch \ %D%/packages/patches/gcc-arm-bug-71399.patch \ %D%/packages/patches/gcc-arm-link-spec-fix.patch \ @@@ -618,16 -640,15 +640,16 @@@ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ + %D%/packages/patches/graphite2-CVE-2017-5436.patch \ + %D%/packages/patches/graphite2-check-code-point-limit.patch \ %D%/packages/patches/graphite2-ffloat-store.patch \ + %D%/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch \ + %D%/packages/patches/graphite2-non-linear-classes-even-number.patch \ + %D%/packages/patches/grep-gnulib-lock.patch \ %D%/packages/patches/grep-timing-sensitive-test.patch \ - %D%/packages/patches/grub-CVE-2015-8370.patch \ - %D%/packages/patches/grub-gets-undeclared.patch \ - %D%/packages/patches/grub-freetype.patch \ %D%/packages/patches/gsl-test-i686.patch \ + %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ - %D%/packages/patches/guile-arm-fixes.patch \ %D%/packages/patches/guile-default-utf8.patch \ %D%/packages/patches/guile-linux-syscalls.patch \ %D%/packages/patches/guile-present-coding.patch \ diff --cc gnu/packages/algebra.scm index 1f34e86b23,db1344f34b..9abff040bb --- a/gnu/packages/algebra.scm +++ b/gnu/packages/algebra.scm @@@ -1,10 -1,11 +1,12 @@@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Andreas Enge ;;; Copyright © 2013, 2015, 2017 Ludovic Courtès - ;;; Copyright © 2016 Nicolas Goaziou + ;;; Copyright © 2016, 2017 Nicolas Goaziou ;;; Copyright © 2014 Mark H Weaver ;;; Copyright © 2016 Ricardo Wurmus +;;; Copyright © 2017 Efraim Flashner + ;;; Copyright © 2017 Tobias Geerinckx-Rice + ;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@@ -474,28 -477,16 +478,15 @@@ binary." (uri (string-append "mirror://gnu/bc/bc-" version ".tar.gz")) (sha256 (base32 - "0cqf5jkwx6awgd2xc2a0mkpxilzcfmhncdcfg7c9439wgkqxkxjf")))) + "0amh9ik44jfg66csyvf4zz1l878c4755kjndq9j0270akflgrbb2")))) (build-system gnu-build-system) -- (inputs `(("readline" ,readline))) - (native-inputs `(("flex" ,flex))) + (native-inputs + `(("ed" ,ed) + ("flex" ,flex) + ("texinfo" ,texinfo))) (arguments - '(#:phases - (modify-phases %standard-phases - (replace 'configure - (lambda* (#:key outputs #:allow-other-keys) - ;; This old `configure' script doesn't support - ;; variables passed as arguments. - (let ((out (assoc-ref outputs "out"))) - (setenv "CONFIG_SHELL" (which "bash")) - (zero? - (system* - "./configure" - (string-append "--prefix=" out) - ;; By default, man and info pages are put in - ;; PREFIX/{man,info}, but we want them in - ;; PREFIX/share/{man,info}. - (string-append "--mandir=" out "/share/man") - (string-append "--infodir=" out "/share/info"))))))))) + '(#:configure-flags + (list "--with-readline"))) (home-page "https://www.gnu.org/software/bc/") (synopsis "Arbitrary precision numeric processing language") (description diff --cc gnu/packages/base.scm index 4fd9ed87e8,d135a18bf8..972b51b964 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@@ -5,10 -5,9 +5,11 @@@ ;;; Copyright © 2014, 2015, 2016 Mark H Weaver ;;; Copyright © 2014 Alex Kost ;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis -;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Jan Nieuwenhuizen +;;; Copyright © 2017 Rene Saavedra +;;; Copyright © 2017 Mathieu Othacehe + ;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; diff --cc gnu/packages/curl.scm index d0f4bbf295,73d402ce18..420b9bacc1 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@@ -40,14 -40,15 +40,14 @@@ (define-public curl (package (name "curl") - (version "7.53.1") - (replacement curl-7.54.0) - (version "7.53.0") ++ (version "7.54.0") (source (origin (method url-fetch) (uri (string-append "https://curl.haxx.se/download/curl-" version ".tar.lzma")) (sha256 (base32 - "1qpm4qj5llr8f5bbl185gpjqknj47nzhvxd8j1vm6asgk3sly4jb")))) - "1k0i31xygb804c61llhin5wbpcscg4gfqmbxcfkpdr1alwh7igrq")))) ++ "02h7qhl8ynp75g1vcaw18ks0gp7nahvvkqck19pb1q0kkw1scsnd")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.2 MiB of man3 pages diff --cc gnu/packages/fontutils.scm index f53881eb9c,1c4d7d07ff..5544111393 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@@ -381,7 -392,7 +381,12 @@@ applications should be." (method url-fetch) (uri (string-append "https://github.com/silnrsi/graphite/releases/" "download/" version "/" name "-" version ".tgz")) -- (patches (search-patches "graphite2-ffloat-store.patch")) ++ (patches (search-patches ++ "graphite2-ffloat-store.patch" ++ "graphite2-check-code-point-limit.patch" ++ "graphite2-CVE-2017-5436.patch" ++ "graphite2-fix-32-bit-wrap-arounds.patch" ++ "graphite2-non-linear-classes-even-number.patch")) (sha256 (base32 "0rs5h7m340z75kygx8d72cps0q6yvvqa9i788vym7585cfv8a0gc")))) diff --cc gnu/packages/ghostscript.scm index 33b8f51b6d,1cb651c96b..3a24580b77 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@@ -130,7 -130,9 +130,8 @@@ printing, and psresize, for adjusting p (define-public ghostscript (package (name "ghostscript") - (replacement ghostscript/fixed) (version "9.14.0") + ;; XXX Try removing the bundled copy of jbig2dec. (source (origin (method url-fetch) (uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-" @@@ -144,6 -146,6 +145,7 @@@ "ghostscript-CVE-2016-7978.patch" "ghostscript-CVE-2016-7979.patch" "ghostscript-CVE-2016-8602.patch" ++ "ghostscript-CVE-2017-8291.patch" "ghostscript-runpath.patch")) (modules '((guix build utils))) (snippet diff --cc gnu/packages/gnome.scm index 9856fef0ce,e81a3f0883..6990ab564a --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@@ -927,7 -963,7 +962,9 @@@ the GNOME desktop environment." name "-" version ".tar.xz")) (sha256 (base32 -- "0mm0wldbi40am5qn0nv7psisbg01k42rwzjxl3gv11l5jj554aqk")))) ++ "0mm0wldbi40am5qn0nv7psisbg01k42rwzjxl3gv11l5jj554aqk")) ++ (patches (search-patches "libcroco-CVE-2017-7960.patch" ++ "libcroco-CVE-2017-7961.patch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --cc gnu/packages/guile.scm index 46e6dea747,5b85a61c12..bb34063463 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@@ -216,14 -227,11 +219,14 @@@ without requiring the source code to b (replacement #f) (source (origin (method url-fetch) + + ;; Note: we are limited to one of the compression formats + ;; supported by the bootstrap binaries, so no lzip here. (uri (string-append "mirror://gnu/guile/guile-" version - ".tar.lz")) + ".tar.xz")) (sha256 (base32 - "05dmvhd1y135x7w5qfw4my42cfp6l8bbhjfxvchcc1cbdvzri0f1")) - "1dnh75h4rkx1zflpsngznkwcd6afn6zrc5x3xq7n946pm5bnx5bq")) ++ "1azm25zcmxif0skxfrp11d2wc89nrzpjaann9yxdw6pvjxhs948w")) (modules '((guix build utils))) ;; Remove the pre-built object files. Instead, build everything diff --cc gnu/packages/icu4c.scm index d842f03b4e,3e96520054..3461285850 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@@ -38,6 -42,6 +41,9 @@@ "/icu4c-" (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version) "-src.tgz")) ++ (patches ++ (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch" ++ "icu4c-reset-keyword-list-iterator.patch")) (sha256 (base32 "036shcb3f8bm1lynhlsb4kpjm9s9c2vdiir01vg216rs2l8482ib")))) (build-system gnu-build-system) @@@ -63,3 -67,40 +69,30 @@@ globalisation support for software appl C/C++ part.") (license x11) (home-page "http://site.icu-project.org/"))) + -(define icu4c/fixed - (package - (inherit icu4c) - (replacement #f) - (source (origin - (inherit (package-source icu4c)) - (patches - (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch" - "icu4c-reset-keyword-list-iterator.patch")))))) - + (define-public java-icu4j + (package + (name "java-icu4j") + (version "59.1") + (source (origin + (method url-fetch) + (uri (string-append "http://download.icu-project.org/files/icu4j/" + version "/icu4j-" + (string-map (lambda (x) + (if (char=? x #\.) #\_ x)) + version) + "-src.jar")) + (sha256 + (base32 + "0bgxsvgi0qcwj60pvcxrf7a3fbk7aksyxnfwpbzavyfrfzixqh0c")))) + (build-system ant-build-system) + (arguments + `(#:tests? #f ; no tests included + #:jar-name "icu4j.jar")) + (home-page "http://site.icu-project.org/") + (synopsis "International Components for Unicode") + (description + "ICU is a set of C/C++ and Java libraries providing Unicode and + globalisation support for software applications. This package contains the + Java part.") + (license x11))) diff --cc gnu/packages/image.scm index 82fc7bfe7a,86902d5680..326834907d --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@@ -320,7 -356,7 +356,10 @@@ extracting icontainer icon files." "libtiff-divide-by-zero-tiffcp.patch" "libtiff-assertion-failure.patch" "libtiff-CVE-2016-10094.patch" -- "libtiff-CVE-2017-5225.patch")) ++ "libtiff-CVE-2017-5225.patch" ++ "libtiff-CVE-2017-7593.patch" ++ "libtiff-CVE-2017-7594.patch" ++ "libtiff-multiple-UBSAN-crashes.patch")) (sha256 (base32 "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) diff --cc gnu/packages/pcre.scm index 011a30dd38,58beab0a96..61aaf7c153 --- a/gnu/packages/pcre.scm +++ b/gnu/packages/pcre.scm @@@ -41,6 -43,6 +42,7 @@@ "pcre-" version ".tar.bz2") (string-append "mirror://sourceforge/pcre/pcre/" version "/pcre-" version ".tar.bz2"))) ++ (patches (search-patches "pcre-CVE-2017-7186.patch")) (sha256 (base32 "1x7lpjn7jhk0n3sdvggxrlrhab8kkfjwl7qix0ypw9nlx8lpmqh0")))) diff --cc gnu/packages/pulseaudio.scm index a12f8d8494,92ebe6f3eb..846c174fa7 --- a/gnu/packages/pulseaudio.scm +++ b/gnu/packages/pulseaudio.scm @@@ -42,14 -45,16 +45,17 @@@ (define-public libsndfile (package (name "libsndfile") - (version "1.0.27") - (replacement libsndfile/fixed) + (version "1.0.28") (source (origin (method url-fetch) (uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-" version ".tar.gz")) - (patches (search-patches "libsndfile-armhf-type-checks.patch")) ++ (patches (search-patches "libsndfile-armhf-type-checks.patch" ++ "libsndfile-CVE-2017-8361-8363-8365.patch" ++ "libsndfile-CVE-2017-8362.patch")) (sha256 (base32 - "1h7s61nhf7vklh9sdsbbqzb6x287q4x4j1jc5gmjragl4wprb4d3")))) + "1afzm7jx34jhqn32clc5xghyjglccam2728yxlx37yj2y0lkkwqz")))) (build-system gnu-build-system) (inputs `(("libvorbis" ,libvorbis)