Efraim Flashner [Tue, 31 May 2016 19:20:57 +0000 (22:20 +0300)]
gnu: autogen: Update to 5.18.10.
* gnu/packages/autogen.scm (autogen): Update to 5.18.10.
Efraim Flashner [Tue, 31 May 2016 19:11:35 +0000 (22:11 +0300)]
gnu: scrot: Use 'modify-phases'.
* gnu/packages/xdisorg.scm (scrot)[arguments]: Use 'modify-phases'.
Efraim Flashner [Tue, 31 May 2016 19:09:43 +0000 (22:09 +0300)]
gnu: scrot: Fix typo in source uri.
* gnu/packages/xdisorg.scm (scrot)[source]: Fix typo in uri.
This is a follow-up to
9da459f350709af0cd92c3eb7ddd459eda5959dd.
Efraim Flashner [Tue, 31 May 2016 19:05:26 +0000 (22:05 +0300)]
gnu: emms: Use 'modify-phases'.
* gnu/packages/emacs.scm (emms)[arguments]: Use 'modify-phases'.
Efraim Flashner [Tue, 31 May 2016 18:59:30 +0000 (21:59 +0300)]
gnu: emms: Update to 4.1.
* gnu/packages/emacs.scm (emms): Update to 4.1.
Efraim Flashner [Tue, 31 May 2016 18:58:54 +0000 (21:58 +0300)]
gnu: librecad: Update to 2.0.11.
* gnu/packages/engineering.scm (librecad): Update to 2.0.11.
Efraim Flashner [Tue, 31 May 2016 17:45:07 +0000 (20:45 +0300)]
gnu: dosfstools: Update to 4.0.
* gnu/packages/disk.scm (dosfstools): Update to 4.0.
[arguments]: Re-enable the 'configure phase.
Efraim Flashner [Tue, 31 May 2016 17:29:34 +0000 (20:29 +0300)]
gnu: microscheme: Update to 0.9.3.
* gnu/packages/avr.scm (microscheme): Update to 0.9.3.
Efraim Flashner [Tue, 31 May 2016 16:17:52 +0000 (19:17 +0300)]
gnu: munge: Update to 0.5.12.
* gnu/packages/admin.scm (munge): Update to 0.5.12.
Efraim Flashner [Tue, 31 May 2016 15:55:25 +0000 (18:55 +0300)]
import github: Add to extension list.
* guix/import/github.scm (find-extension): Add '.tgz' extension.
Efraim Flashner [Tue, 31 May 2016 15:53:07 +0000 (18:53 +0300)]
gnu: obs: Update to 0.14.2.
* gnu/packages/video.scm (obs): Update to 0.14.2.
David Thompson [Tue, 31 May 2016 17:39:58 +0000 (13:39 -0400)]
gnu: emacs-better-defaults: Specify source file name.
* gnu/packages/emacs.scm (emacs-better-defaults)[source]: Specify a
useful file name, as usual with tarballs from GitHub.
Leo Famulari [Tue, 31 May 2016 17:20:19 +0000 (13:20 -0400)]
gnu: imagemagick: Fix CVE-2016-5118.
* gnu/packages/patches/imagemagick-CVE-2016-5118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/imagemagick.scm (imagemagick): Use it.
Leo Famulari [Tue, 31 May 2016 17:23:17 +0000 (13:23 -0400)]
gnu: graphicsmagick: Update to 1.3.24 [security update].
Fixes CVE-2016-{2317, 2318, 5118} and many other security issues
described in 'NEWS.txt'.
* gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/imagemagick.scm (graphicsmagick): Update to 1.3.24.
[source]: Remove patch.
Ludovic Courtès [Tue, 31 May 2016 15:58:46 +0000 (17:58 +0200)]
daemon: Substitute queries return immediately when substitutes are disabled.
Reported by Federico Beffa <beffa@ieee.org>
at <https://lists.gnu.org/archive/html/guix-devel/2016-05/msg00928.html>.
* nix/libstore/local-store.cc (LocalStore::querySubstitutablePaths)
(LocalStore::querySubstitutablePathInfos): Return when
'settings.useSubstitutes' is false.
* tests/store.scm ("references/substitutes missing reference info"):
Make sure to return #f on failure.
* tests/store.scm ("substitutable-path-info when substitutes are turned off"):
("substitutable-paths when substitutes are turned off"): New tests.
Ludovic Courtès [Tue, 31 May 2016 15:47:07 +0000 (17:47 +0200)]
daemon: Fix typo.
Fixes a regression/typo introduced in
e08380fb6cefd3fd67c3c220a3ddaf385e6413cf.
* nix/libstore/build.cc (DerivationGoal::startBuilder): Canonicalize
"/tmp", not "/tmp/guix-build".
Ludovic Courtès [Tue, 31 May 2016 13:08:42 +0000 (15:08 +0200)]
offload: Use (guix build syscalls).
This is a followup to
4e0ea3eb288c2143b44bf324c64047762c72d3b3.
* guix/scripts/offload.scm: Use (guix build syscalls).
Ludovic Courtès [Tue, 31 May 2016 12:37:54 +0000 (14:37 +0200)]
daemon: Remove unused XML output code.
* nix/local.mk (libutil_a_SOURCES): Remove libutil/xml-writer.cc.
(libutil_headers): Remove libutil/xml-writer.hh.
* nix/libutil/xml-writer.hh, nix/libutil/xml-writer.cc: Remove.
Ricardo Wurmus [Mon, 23 May 2016 10:52:00 +0000 (12:52 +0200)]
gnu: Add ghmm.
* gnu/packages/machine-learning.scm (ghmm): New variable.
Efraim Flashner [Tue, 31 May 2016 14:49:48 +0000 (17:49 +0300)]
gnu: gimp: Update to 2.8.16.
* gnu/packages/gimp.scm (gimp): Update to 2.8.16.
Ricardo Wurmus [Mon, 23 May 2016 14:57:16 +0000 (16:57 +0200)]
gnu: Add r-genomationdata.
* gnu/packages/bioinformatics.scm (r-genomationdata): New variable.
Ricardo Wurmus [Tue, 31 May 2016 14:24:59 +0000 (16:24 +0200)]
gnu: Add r-runit.
* gnu/packages/statistics.scm (r-runit): New variable.
Ricardo Wurmus [Wed, 25 May 2016 15:25:23 +0000 (17:25 +0200)]
gnu: julia: Update to 0.4.5.
* gnu/packages/julia.scm (julia): Update to 0.4.5.
(libuv-julia): Update commit.
Ricardo Wurmus [Tue, 24 May 2016 12:53:31 +0000 (14:53 +0200)]
gnu: Add r-knitrbootstrap.
* gnu/packages/statistics.scm (r-knitrbootstrap): New variable.
Eelco Dolstra [Tue, 12 Jan 2016 17:25:57 +0000 (18:25 +0100)]
daemon: rounds: Keep the differing output if -K is given.
Regardless of -K, we now also print which output differs.
Eelco Dolstra [Tue, 12 Jan 2016 16:27:40 +0000 (17:27 +0100)]
daemon: Canonicalize gids to 0.
Previously files in the Nix store were owned by root or by nixbld,
depending on whether they were created by a substituter or by a
builder. This doesn't matter much, but causes spurious diffoscope
differences. So use root everywhere.
Eelco Dolstra [Tue, 12 Jan 2016 15:44:26 +0000 (16:44 +0100)]
daemon: check: Keep the differing output if -K is given.
This makes it easier to investigate the non-determinism, e.g.
$ nix-build pkgs/stdenv/linux -A stage1.pkgs.zlib --check -K
error: derivation ‘/nix/store/l54i8wlw22656i4pk05c52ngv9rpl39q-zlib-1.2.8.drv’ may not be deterministic: output ‘/nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8’ differs from ‘/nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8-check’
$ diffoscope /nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8 /nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8-check
...
├── lib/libz.a
│ ├── metadata
│ │ @@ -1,15 +1,15 @@
│ │ -rw-r--r-- 30001/30000 3096 Jan 12 15:20 2016 adler32.o
...
│ │ +rw-r--r-- 30001/30000 3096 Jan 12 15:28 2016 adler32.o
...
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Eelco Dolstra [Tue, 12 Jan 2016 14:13:47 +0000 (15:13 +0100)]
daemon: check: Fix "failed to produce output path".
This occured when sandbox building is disabled, at least one output
exists, and at least one other output does not.
Eelco Dolstra [Tue, 12 Jan 2016 13:54:39 +0000 (14:54 +0100)]
daemon: check: Fix assertion failure when some outputs are missing.
E.g.
$ nix-build pkgs/stdenv/linux/ -A stage1.pkgs.perl --check
nix-store: src/libstore/build.cc:1323: void nix::DerivationGoal::tryToBuild(): Assertion `buildMode != bmCheck || validPaths.size() == drv->outputs.size()' failed.
when perl.out exists but perl.man doesn't. The fix is to only check
the outputs that exist. Note that "nix-build -A stage1.pkgs.all
--check" will still give a (proper) error in this case.
Eelco Dolstra [Wed, 6 Jan 2016 21:07:59 +0000 (22:07 +0100)]
daemon: When repairing, rebuild if there is no substituter.
Eelco Dolstra [Wed, 6 Jan 2016 20:49:32 +0000 (21:49 +0100)]
daemon: Fix --repair failure on multiple-output derivations.
If repair found a corrupted/missing path that depended on a
multiple-output derivation, and some of the outputs of the latter were
not present, it failed with a message like
error: path ‘/nix/store/cnfn9d5fjys1y93cz9shld2xwaibd7nn-bash-4.3-p42-doc’ is not valid
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Eelco Dolstra [Mon, 4 Jan 2016 10:32:46 +0000 (11:32 +0100)]
daemon: ~PathLocks(): Handle exceptions.
Otherwise, since the call to write a "d" character to the lock file
can fail with ENOSPC, we can get an unhandled exception resulting in a
call to terminate().
Eelco Dolstra [Tue, 22 Dec 2015 16:16:17 +0000 (17:16 +0100)]
daemon: Handle /tmp being a symlink.
* nix/libstore/build.cc (DerivationGoal::startBuilder): Call 'canonPath'
on "/tmp".
Leo Famulari [Sun, 29 May 2016 15:13:59 +0000 (11:13 -0400)]
services: urandom-seed: Set umask to 077 while shutting down.
* gnu/services/base.scm (urandom-seed-shepherd-service): Call 'umask'.
Leo Famulari [Fri, 27 May 2016 02:29:24 +0000 (22:29 -0400)]
gnu: libxml2: Update replacement to 2.9.4 [security fixes].
This fixes CVE-2016-{1762, 1833, 1834, 1835, 1836, 1837, 1838, 1839,
1840, 3627, 3705, 4483}.
* gnu/packages/patches/libxml2-CVE-2016-3627.patch,
gnu/packages/patches/libxml2-CVE-2016-3705.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/xml.scm (libxml2/fixed): Update to 2.9.4.
[source]: Remove patches.
Ludovic Courtès [Mon, 30 May 2016 20:44:58 +0000 (22:44 +0200)]
container: Gracefully report mount errors in the child process.
Fixes <http://bugs.gnu.org/23306>.
* gnu/build/linux-container.scm (run-container): Use 'socketpair'
instead of 'pipe'. Rename 'in' to 'child' and 'out' to 'parent'. Send
a 'ready message or an exception argument list from the child to the
parent; adjust the parent accordingly.
* tests/containers.scm ("call-with-container, mnt namespace, wrong bind
mount"): New test.
* tests/guix-environment-container.sh: Add test with
--expose=/does-not-exist.
Ludovic Courtès [Mon, 30 May 2016 20:13:09 +0000 (22:13 +0200)]
container: Gracefully handle failure to set up user namespaces.
* gnu/build/linux-container.scm (run-container): Exit when the parent
process doesn't say 'ready.
Efraim Flashner [Mon, 30 May 2016 21:05:54 +0000 (00:05 +0300)]
download: Update CPAN mirrors.
* guix/download.scm (mirrors)[cpan]: Add to mirror list.
Efraim Flashner [Sun, 29 May 2016 11:52:15 +0000 (14:52 +0300)]
gnu: vapoursynth: Update to 32.
* gnu/packages/video.scm (vapoursynth): Update to 32.
Efraim Flashner [Sun, 29 May 2016 11:48:42 +0000 (14:48 +0300)]
gnu: Add zimg.
* gnu/packages/image.scm (zimg): New variable.
Efraim Flashner [Mon, 30 May 2016 18:45:00 +0000 (21:45 +0300)]
gnu: mcrypt: Fix CVE-2012-4409, CVE-2012-4426, CVE-2012-4527.
* gnu/packages/mcrypt.scm (mcrypt)[source]: Add patches.
* gnu/packages/patches/mcrypt-CVE-2012-4409.patch,
gnu/packages/patches/mcrypt-CVE-2012-4426.patch,
gnu/packages/patches/mcrypt-CVE-2012-4527.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
Leo Famulari [Mon, 30 May 2016 17:25:20 +0000 (13:25 -0400)]
gnu: imagemagick: Update to 6.9.4-5.
* gnu/packages/imagemagick.scm (imagemagick): Update to 6.9.4-5.
David Thompson [Thu, 14 Apr 2016 12:48:47 +0000 (08:48 -0400)]
gnu: Remove xgcc-avr.
We now have a dedicated package module for the AVR toolchain with
important modifications on top of what cross-gcc produces.
* gnu/packages/cross-base.scm (xgcc-avr): Delete.
David Thompson [Thu, 14 Apr 2016 12:48:18 +0000 (08:48 -0400)]
gnu: Add avr-toolchain.
* gnu/packages/avr.scm (avr-toolchain): New procedure.
(avr-toolchain-4.9, avr-toolchain-5): New variables.
David Thompson [Fri, 15 Apr 2016 13:14:28 +0000 (09:14 -0400)]
gnu: avr-libc: Update to 2.0.0.
* gnu/packages/avr.scm (avr-libc): Update to 2.0.0.
David Thompson [Thu, 14 Apr 2016 12:44:46 +0000 (08:44 -0400)]
gnu: avr-libc: Fix build.
* gnu/packages/avr.scm (avr-libc): Update to 2.0.0.
[native-inputs]: Use new avr-gcc and avr-binutils.
[arguments]: Add phase to unset C_INCLUDE_PATH.
David Thompson [Fri, 15 Apr 2016 13:48:26 +0000 (09:48 -0400)]
gnu: Add avr-gcc-5.
* gnu/packages/avr.scm (avr-gcc-5): New variable.
David Thompson [Thu, 14 Apr 2016 12:43:56 +0000 (08:43 -0400)]
gnu: Add avr-gcc.
* gnu/packages/avr.scm (avr-gcc): New variable.
David Thompson [Thu, 14 Apr 2016 12:42:42 +0000 (08:42 -0400)]
gnu: Add avr-binutils.
* gnu/packages/avr.scm (avr-binutils): New variable.
Efraim Flashner [Mon, 30 May 2016 17:19:04 +0000 (20:19 +0300)]
gnu: wordnet: Use 'modify-phases'.
* gnu/packages/wordnet.scm (wordnet)[arguments]: Use 'modify-phases'.
Efraim Flashner [Mon, 30 May 2016 17:11:39 +0000 (20:11 +0300)]
gnu: wordnet: Fix CVE-2008-2149, CVE-2008-3908.
* gnu/packages/wordnet.scm (wordnet)[source]: Add patches.
* gnu/packages/patches/wordnet-CVE-2008-2149.patch,
gnu/packages/patches/wordnet-CVE-2008-3908-pt1.patch,
gnu/packages/patches/wordnet-CVE-2008-3908-pt2.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
Efraim Flashner [Mon, 30 May 2016 14:17:09 +0000 (17:17 +0300)]
gnu: id3lib: Fix CVE-2007-4460.
* gnu/packages/mp3.scm (id3lib)[source]: Add patch.
* gnu/packages/patches/id3lib-CVE-2007-4460.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
Leo Famulari [Mon, 30 May 2016 16:51:09 +0000 (12:51 -0400)]
gnu: cyrus-sasl: Update URLs.
* gnu/packages/cyrus-sasl.scm (cyrus-sasl)[source]: Use HTTPS URL.
[home-page]: Update home-page URL.
Leo Famulari [Mon, 30 May 2016 16:30:49 +0000 (12:30 -0400)]
gnu: devil: Fix CVE-2009-3994.
* gnu/packages/patches/devil-CVE-2009-3994.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (devil): Use it.
Leo Famulari [Mon, 30 May 2016 16:18:27 +0000 (12:18 -0400)]
gnu: iptables: Update to 1.4.21.
* gnu/packages/linux.scm (iptables): Update to 1.4.21.
David Thompson [Fri, 27 May 2016 14:09:18 +0000 (10:09 -0400)]
gnu: Add emacs-better-defaults.
* gnu/packages/emacs.scm (emacs-better-defaults): New variable.
David Thompson [Mon, 30 May 2016 15:04:47 +0000 (11:04 -0400)]
gnu: emacs: Remove uncompressed-file-fetch.
* gnu/packages/emacs.scm (uncompressed-file-fetch): Delete.
(emacs-rfcview, emacs-ffap-rfc-space, emacs-queue, emacs-spinner):
Replace uncompressed-file-fetch with url-fetch.
David Thompson [Fri, 27 May 2016 13:58:39 +0000 (09:58 -0400)]
build: emacs: Handle sources that are a single elisp file.
* guix/build/emacs-build-system.scm (gnu:unpack)
(store-file->elisp-source-file, unpack): New procedures.
(%standard-phases): Use the new unpack procedure.
humanitiesNerd [Sun, 29 May 2016 11:44:00 +0000 (13:44 +0200)]
gnu: Add emacs-seq.
* gnu/packages/emacs.scm (emacs-seq): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
humanitiesNerd [Sun, 29 May 2016 08:25:21 +0000 (10:25 +0200)]
gnu: Add emacs-spinner.
* gnu/packages/emacs.scm (emacs-spinner): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
humanitiesNerd [Sun, 29 May 2016 08:23:00 +0000 (10:23 +0200)]
gnu: Add emacs-pkg-info.
* gnu/packages/emacs.scm (emacs-pkg-info): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
humanitiesNerd [Fri, 27 May 2016 08:01:59 +0000 (10:01 +0200)]
gnu: Add emacs-queue.
* gnu/packages/emacs.scm (emacs-queue): New variable.
Signed-off-by: Alex Kost <alezost@gmail.com>
Alex Kost [Thu, 26 May 2016 08:45:16 +0000 (11:45 +0300)]
gnu: emacs: Fix indentation of scheme keyword lists.
* gnu/packages/patches/emacs-fix-scheme-indent-function.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/emacs.scm (emacs)[source]: Use it.
Efraim Flashner [Mon, 30 May 2016 09:01:32 +0000 (12:01 +0300)]
gnu: gegl: Fix CVE-2012-4433.
* gnu/packages/gimp.scm (gegl)[source]: Add patch.
* gnu/packages/patches/gegl-CVE-2012-4433.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
Efraim Flashner [Mon, 30 May 2016 08:53:45 +0000 (11:53 +0300)]
gnu: vte-0.28: Fix CVE-2012-2738.
* gnu/packages/gnome.scm (vte-0.28)[source]: Add patches.
* gnu/packages/patches/vte-CVE-2012-2738-pt1.patch,
gnu/packages/patches/vte-CVE-2012-2738-pt2.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
Efraim Flashner [Mon, 30 May 2016 08:46:12 +0000 (11:46 +0300)]
gnu: t1lib: Fix CVE-2010-2642, CVE-2011-{0764, 1552, 1553, 1554}.
* gnu/packages/fontutils.scm (t1lib)[source]: Add patches.
* gnu/packages/patches/t1lib-CVE-2010-2642.patch,
gnu/packages/patches/t1lib-CVE-2011-0764.patch,
gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
Efraim Flashner [Mon, 30 May 2016 08:37:03 +0000 (11:37 +0300)]
download: Update Sourceforge mirrors.
* guix/download.scm (mirrors)[sourceforge]: Update mirror list.
Efraim Flashner [Mon, 30 May 2016 07:21:48 +0000 (10:21 +0300)]
gnu: dtach: Use 'modify-phases'.
* gnu/packages/screen.scm (dtach)[arguments]: Use 'modify-phases'.
Efraim Flashner [Mon, 30 May 2016 07:20:23 +0000 (10:20 +0300)]
gnu: dtach: Update to 0.9 [Fixes CVE-2012-3368].
* gnu/packages/screen.scm (dtach): Update to 0.9.
Efraim Flashner [Mon, 30 May 2016 07:16:42 +0000 (10:16 +0300)]
gnu: tinyproxy: Update to 1.8.4 [Fixes CVE-2012-3505].
* gnu/packages/web.scm (tinyproxy): Update to 1.8.4.
[source]: Download from new location.
[home-page]: Project has moved to Github.
Efraim Flashner [Mon, 30 May 2016 06:56:39 +0000 (09:56 +0300)]
gnu: jansson: Fix CVE-2016-4425.
* gnu/packages/web.scm (jansson)[source]: Add patch.
* gnu/packages/patches/jansson-CVE-2016-4425.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
Efraim Flashner [Mon, 30 May 2016 06:35:10 +0000 (09:35 +0300)]
gnu: antiword: Fix CVE-2014-8123.
* gnu/packages/textutils.scm (antiword)[source]: Add patch.
* gnu/packages/patches/antiword-CVE-2014-8123: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
Efraim Flashner [Mon, 30 May 2016 04:15:42 +0000 (07:15 +0300)]
gnu: a2ps: Use 'modify-phases'.
* gnu/packages/pretty-print.scm (a2ps)[arguments]: Use 'modify-phases'.
Efraim Flashner [Mon, 30 May 2016 04:13:47 +0000 (07:13 +0300)]
gnu: a2ps: Fix CVE-2001-1593, CVE-2014-0466.
* gnu/packages/pretty-print.scm (a2ps)[source]: Add patches.
* gnu/packages/patches/a2ps-CVE-2001-1593.patch,
gnu/packages/patches/a2ps-CVE-2014-0466.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
Leo Famulari [Sun, 29 May 2016 18:38:54 +0000 (14:38 -0400)]
gnu: pcre2: Fix CVE-2016-3191.
* gnu/packages/patches/pcre2-CVE-2016-3191.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pcre.scm (pcre2): Use it.
Leo Famulari [Sat, 28 May 2016 05:16:43 +0000 (01:16 -0400)]
gnu: libyaml: Fix CVE-2014-9130.
* gnu/packages/patches/libyaml-CVE-2014-9130.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/web.scm (libyaml): Use it.
Leo Famulari [Mon, 30 May 2016 03:36:37 +0000 (23:36 -0400)]
gnu: graphicsmagick: Fix CVE-2016-5118.
* gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/imagemagick.scm (graphicsmagick): Use it.
Efraim Flashner [Mon, 30 May 2016 03:42:02 +0000 (06:42 +0300)]
gnu: vorbis-tools: Fix CVE-2014-9638, CVE-2014-9639, CVE-2014-9640.
* gnu/packages/xiph.scm (vorbis-tools)[source]: Add patches.
* gnu/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch,
gnu/packages/patches/vorbis-tools-CVE-2014-9640.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
Efraim Flashner [Mon, 30 May 2016 03:04:46 +0000 (06:04 +0300)]
gnu: libtar: Fix CVE-2013-4420.
* gnu/packages/compression.scm (libtar)[source]: Add patch.
* gnu/packages/patches/libtar-CVE-2013-4420.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
This is a follow-up to
89d80159b1da81c4017b46a575c3ec5dd9a96c90.
Ludovic Courtès [Sun, 29 May 2016 21:15:14 +0000 (23:15 +0200)]
gnu: glibc: Refer to the target kernel headers when cross-compiling.
This fixes a regression introduced in
efc4eb147512fa7a2c6d74d9b296cfc22b1ef198 whereby the build process
corresponding to 'guix build glibc --target=mips64el-linux-gnu' would
refer to the native headers instead of the target headers, leading to a
build failure:
../sysdeps/unix/sysv/linux/statfs64.c: In function ‘__statfs64’:
../sysdeps/unix/sysv/linux/statfs64.c:73:1: error: control reaches end of non-void function [-Werror=return-type]
}
^
When we were using CROSS_CPATH instead of CROSS_C_INCLUDE_PATH, the
problem was hidden by the fact that CPATH corresponds to '-I' whereas
C_INCLUDE_PATH corresponds to '-isystem', and '-isystem' directories are
searched after '-I' directories.
* gnu/packages/base.scm (glibc)[arguments]: Refer to the kernel headers
from '%build-target-inputs' when cross-building.
Efraim Flashner [Sun, 29 May 2016 19:46:29 +0000 (22:46 +0300)]
gnu: libtar: Update to 1.2.20 [fixes CVE-2013-4397, CVE-2013-4420].
* gnu/packages/compression.scm (libtar): Update to 1.2.20.
[source]: Add Debian mirror.
[arguments]: Add 'autoconf phase.
[native-inputs]: Add autoconf, automake, libtool.
[inputs]: Add zlib.
[home-page]: Point to temporary home.
Efraim Flashner [Sun, 29 May 2016 18:58:57 +0000 (21:58 +0300)]
gnu: pciutils: Add kmod support.
* gnu/packages/pciutils.scm (pciutils)[inputs]: Add kmod.
Efraim Flashner [Sun, 29 May 2016 18:50:27 +0000 (21:50 +0300)]
gnu: pciutils: Use 'modify-phases'.
* gnu/packages/pciutils.scm (pciutils)[arguments]: Use 'modify-phases'.
Efraim Flashner [Sun, 29 May 2016 18:45:43 +0000 (21:45 +0300)]
gnu: pciutils: Update to 3.5.1.
* gnu/packages/pciutils.scm (pciutils): Update to 3.5.1.
Leo Famulari [Sun, 29 May 2016 17:57:56 +0000 (13:57 -0400)]
gnu: rpm: Fix CVE-2014-8118.
* gnu/packages/patches/rpm-CVE-2014-8118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/package-management.scm (rpm): Use it.
Leo Famulari [Sun, 29 May 2016 17:57:13 +0000 (13:57 -0400)]
gnu: rpm: Update to 4.12.0.1.
* gnu/packages/package-management.scm (rpm): Update to 4.12.0.1.
Leo Famulari [Sun, 29 May 2016 17:31:29 +0000 (13:31 -0400)]
gnu: zeromq: Update to 4.0.7 [fixes CVE-2014-9721].
* gnu/packages/networking.scm (zeromq): Update to 4.0.7.
Leo Famulari [Sun, 29 May 2016 17:26:22 +0000 (13:26 -0400)]
gnu: libsodium: Update to 1.0.10.
* gnu/packages/crypto.scm (libsodium): Update to 1.0.10.
Leo Famulari [Sun, 29 May 2016 17:02:23 +0000 (13:02 -0400)]
gnu: procmail: Fix CVE-2014-3618.
* gnu/packages/patches/procmail-CVE-2014-3618.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (procmail): Use it.
Leo Famulari [Sun, 29 May 2016 16:46:12 +0000 (12:46 -0400)]
gnu: elfutils: Update to 0.166 [fixes CVE-2014-9447].
* gnu/packages/elf.scm (elfutils): Update to 0.166.
Efraim Flashner [Sun, 29 May 2016 06:12:47 +0000 (09:12 +0300)]
gnu: luajit: Update to 2.0.4.
* gnu/packages/lua.scm (luajit): Update to 2.0.4.
Efraim Flashner [Sun, 29 May 2016 05:57:27 +0000 (08:57 +0300)]
gnu: lua: Update to 5.2.4.
* gnu/packages/lua.scm (lua): Update to 5.2.4.
Efraim Flashner [Sun, 29 May 2016 05:56:07 +0000 (08:56 +0300)]
gnu: lua: Use 'modify-phases'.
* gnu/packages/lua.scm (lua)[arguments]: Use 'modify-phases'.
Efraim Flashner [Sun, 29 May 2016 05:50:15 +0000 (08:50 +0300)]
gnu: lua-5.1: Fix CVE-2014-5461.
* gnu/packages/lua.scm (lua-5.1)[source]: Add patch.
* gnu/packages/patches/lua-CVE-2014-5461: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
宋文武 [Sun, 29 May 2016 03:09:11 +0000 (11:09 +0800)]
gnu: retroarch: Update to 1.3.4.
* gnu/packages/games.scm (retroarch): Update to 1.3.4.
Leo Famulari [Sat, 28 May 2016 05:14:49 +0000 (01:14 -0400)]
gnu: libyaml: Update to 0.1.6 [fixes CVE-2014-2525].
* gnu/packages/web.scm (libyaml): Update to 0.1.6.
Leo Famulari [Sat, 28 May 2016 17:41:21 +0000 (13:41 -0400)]
services: Add urandom-seed-service.
Fixes <http://bugs.gnu.org/23605>.
* gnu/services/base.scm (urandom-seed-service): New procedure.
(%random-seed-file, urandom-seed-service-type): New variables.
(%urandom-seed-shepherd-service): New procedure.
(%base-services): Call 'urandom-seed-service'.
* doc/guix.texi (Base Services): Document it.
Efraim Flashner [Sat, 28 May 2016 19:57:16 +0000 (22:57 +0300)]
gnu: potrace: Update to 1.13 [fixes CVE-2013-7437].
* gnu/packages/fontutils.scm (potrace): Update to 1.13.
Patrick Hetu [Sat, 28 May 2016 16:01:48 +0000 (18:01 +0200)]
gnu: Add Guile-GNOME.
* gnu/packages/gtk.scm (guile-gnome): New variable.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Ben Woodcroft [Sat, 28 May 2016 13:44:16 +0000 (23:44 +1000)]
gnu: Update diamond to 0.8.3.
* gnu/packages/bioinformatics.scm (diamond): Update to 0.8.3.