gnu: runc: Update to 1.0.0-rc6 [fixes CVE-2019-5736].

[jackhill/guix/guix.git] / gnu / packages / virtualization.scm

diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm
index d178a08..8a5af2e 100644 (file)
--- a/gnu/packages/virtualization.scm
+++ b/gnu/packages/virtualization.scm
@@ -5,7 +5,7 @@
 ;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
 ;;; Copyright © 2017 Andy Patterson <ajpatter@uwaterloo.ca>
-;;; Copyright © 2017, 2018 Rutger Helling <rhelling@mykolab.com>
+;;; Copyright © 2017, 2018, 2019 Rutger Helling <rhelling@mykolab.com>
 ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2018 Danny Milosavljevic <dannym@scratchpost.org>
 ;;; Copyright © 2018 Sou Bunnbu <iyzsong@member.fsf.org>
@@ -110,6 +110,8 @@
              (method url-fetch)
              (uri (string-append "https://download.qemu.org/qemu-"
                                  version ".tar.xz"))
+             (patches (search-patches "qemu-CVE-2018-16872.patch"
+                                      "qemu-CVE-2019-6778.patch"))
              (sha256
               (base32
                "1z5bd5nfyjvhfi1s95labc82y4hjdjjkdabw931362ls0zghh1ba"))))
@@ -799,13 +801,13 @@ Machine Protocol.")
    (version "a12")
    (source
     (origin
-     (method url-fetch)
-     (uri (string-append "https://github.com/gnif/LookingGlass/archive/"
-                         version ".tar.gz"))
-     (file-name (string-append name "-" version))
+     (method git-fetch)
+     (uri (git-reference (url "https://github.com/gnif/LookingGlass")
+                         (commit version)))
+     (file-name (git-file-name name version))
      (sha256
       (base32
-       "0x57chx83f8pq56d9sfxmc9p4qjm9nqvdyamj41bmy145mxw5w3m"))))
+       "0r6bvl9q94039r6ff4f2bg8si95axx9w8bf1h1qr5730d2kv5yxq"))))
    (build-system cmake-build-system)
    (inputs `(("fontconfig" ,fontconfig)
              ("glu" ,glu)
@@ -813,7 +815,7 @@ Machine Protocol.")
              ("openssl" ,openssl)
              ("sdl2" ,sdl2)
              ("sdl2-ttf" ,sdl2-ttf)
-             ("spice-protocol" ,spice-protocol)))
+             ("spice-protocol" ,spice-protocol-0.12.14)))
    (native-inputs `(("libconfig" ,libconfig)
                     ("nettle" ,nettle)
                     ("pkg-config" ,pkg-config)))
@@ -845,15 +847,17 @@ monitor/GPU.")
 (define-public runc
   (package
     (name "runc")
-    (version "1.0.0-rc5")
+    (version "1.0.0-rc6")
     (source (origin
               (method url-fetch)
               (uri (string-append
                     "https://github.com/opencontainers/runc/releases/"
                     "download/v" version "/runc.tar.xz"))
+              (file-name (string-append name "-" version ".tar.xz"))
+              (patches (search-patches "runc-CVE-2019-5736.patch"))
               (sha256
                (base32
-                "081avdzwnqpk368wbaihlzsypaxpj42d7699h7jgp0fks14x4103"))))
+                "1c7832dq70slkjh8qp2civ1wxhhdd2hrx84pq7db1mmqc9fdr3cc"))))
     (build-system go-build-system)
     (arguments
      '(#:import-path "github.com/opencontainers/runc"
@@ -902,7 +906,7 @@ Open Container Initiative specification.")
 (define-public umoci
   (package
     (name "umoci")
-    (version "0.4.3")
+    (version "0.4.4")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -911,7 +915,7 @@ Open Container Initiative specification.")
               (file-name (string-append "umoci-" version ".tar.xz"))
               (sha256
                (base32
-                "1hy3gcs8z25153qpw4rk2lispfaf2c90hv1q64xwyjxn22j9ayy9"))))
+                "1wchmha5k2f370jfijmx9fqp0cp99zfa9ajmfbq3j24qc8p5k8lk"))))
     (build-system go-build-system)
     (arguments
      '(#:import-path "github.com/openSUSE/umoci"