| Age | Commit message (Expand) | Author |
|---|
| 2016-03-11 | cve: Read entire CVE databases for the current year and the past year.•••The "Modified" database that we were reading is much smaller, but it
only shows CVEs modified over the past week.
* guix/cve.scm (%now, %current-year, %past-year): New variables.
(yearly-feed-uri): New procedure.
(%cve-feed-uri, %ttl): Remove.
(%current-year-ttl, %past-year-ttl): New variables.
(call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them.
Add 'setvbuf' call.
(current-vulnerabilities)[read-vulnerabilities]: New procedure.
Read from both %LAST-YEAR and %CURRENT-YEAR.
| Ludovic Courtès |
| 2016-03-11 | gnu: vorbis-tools: Patch buffer overflow [fixes CVE-2015-6749].•••* gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xiph.scm (vorbis-tools)[source]: Use it.
| Ludovic Courtès |
| 2016-03-11 | doc: Suggest `guix.scm' for upstream maintainers.•••* doc/guix.texi (Invoking guix package): Suggest `guix.scm'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Jan Nieuwenhuizen |
| 2016-03-11 | cve: Make CPE patch level part of the version string.•••* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL.
(cpe->package-name): Likewise.
| Ludovic Courtès |
| 2016-03-11 | gnu: Add powwow.•••* gnu/packages/games.scm (powwow): New variable.
| Nils Gillmann |
| 2016-03-10 | gnu: Add bioawk.•••* gnu/packages/bioinformatics.scm (bioawk): New variable.
Signed-off-by: Leo Famulari <leo@famulari.name>
| Roel Janssen |
| 2016-03-10 | gnu: linux-libre: Update to 4.4.5.•••* gnu/packages/linux.scm (linux-libre): Update to 4.4.5.
| Mark H Weaver |
| 2016-03-10 | gnu: Add nload.•••* gnu/packages/networking.scm (nload): New variable.
Signed-off-by: Leo Famulari <leo@famulari.name>
| Raimon Grau |
| 2016-03-10 | gnu: dropbear: Update to 2016.72 [fixes CVE-2016-3116].•••* gnu/packages/ssh.scm (dropbear): Update to 2016.72.
| Leo Famulari |
| 2016-03-10 | gnu: openssh: Update to 7.2p2 [fixes CVE-2016-3115].•••* gnu/packages/ssh.scm (openssh): Update to 7.2p2.
| Leo Famulari |
| 2016-03-10 | gnu: catch: Update to 1.3.5.•••* gnu/packages/check.scm (catch): Update to 1.3.5.
| Efraim Flashner |
| 2016-03-10 | gnu: cppunit: Update to 1.13.2.•••* gnu/packages/check.scm (cppunit): Update to 1.13.2.
[source]: Change to libreoffice's hosted release tarballs.
[home-page]: Change to freedesktop.
| Efraim Flashner |
| 2016-03-10 | gnu: lcov: Update to 1.12.•••* gnu/packages/code.scm (lcov): Update to 1.12.
| Efraim Flashner |
| 2016-03-10 | gnu: the-silver-searcher: Update to 0.31.0.•••* gnu/packages/code.scm (the-silver-searcher): Update to 0.31.0.
| Efraim Flashner |
| 2016-03-10 | gnu: complexity: Update to 1.10.•••* gnu/packages/code.scm (complexity): Update to 1.10.
| Efraim Flashner |
| 2016-03-10 | gnu: libass: Update to 0.13.2.•••* gnu/packages/video.scm (libass): Update to 0.13.2.
| Efraim Flashner |
| 2016-03-10 | gnu: obs: Update to 0.13.2.•••* gnu/packages/video.scm (obs): Update to 0.13.2.
| Efraim Flashner |
| 2016-03-10 | gnu: icecat: Add several security fixes.•••* gnu/packages/patches/icecat-CVE-2015-4477.patch,
gnu/packages/patches/icecat-CVE-2015-7207.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch,
gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch,
gnu/packages/patches/icecat-CVE-2016-1954.patch,
gnu/packages/patches/icecat-CVE-2016-1960.patch,
gnu/packages/patches/icecat-CVE-2016-1961.patch,
gnu/packages/patches/icecat-CVE-2016-1962.patch,
gnu/packages/patches/icecat-CVE-2016-1964.patch,
gnu/packages/patches/icecat-CVE-2016-1965.patch,
gnu/packages/patches/icecat-CVE-2016-1966.patch,
gnu/packages/patches/icecat-CVE-2016-1974.patch,
gnu/packages/patches/icecat-bug-1248851.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
| Mark H Weaver |
| 2016-03-10 | substitute: Optimize HTTP pipelining over TLS.•••* guix/scripts/substitute.scm (http-multiple-get): Write the requests
to a bytevector output port before sending them.
| Ludovic Courtès |
| 2016-03-10 | substitute: Add HTTPS support.•••Fixes <http://bugs.gnu.org/22937>.
Reported by Chris Marusich <cmmarusich@gmail.com>.
* guix/scripts/substitute.scm (fetch): Add 'https' alongside 'http'.
Use 'open-connection-for-uri' instead of 'open-socket-for-uri'. Call
'setvbuf' only when PORT matches 'file-port?'.
(http-multiple-get): Likewise. Change 'base-url' parameter to
'base-uri'.
(fetch-narinfos)[do-fetch]: Add 'https' case alongside 'http'. Pass URI
instead of URL to 'http-multiple-get'.
* doc/guix.texi (Requirements): Move GnuTLS one level higher and mention
HTTPS substitutes.
(Substitutes): Mention HTTPS and recommend it. Explain why servers
are not authenticated. Add "On Trusting Binaries" subsection.
| Ludovic Courtès |
| 2016-03-10 | gnu: isc-dhcp: Update bundled bind to 9.9.8-P4 [fixes CVE-2016-1285, CVE-2016...•••* gnu/packages/admin.scm (isc-dhcp): Update bundled bind to 9.9.8-P4.
| Efraim Flashner |
| 2016-03-10 | gnu: bind-utils: Update to 9.10.3-P4 [fixes CVE-2016-1285, CVE-2016-1286].•••* gnu/packages/dns.scm (bind-utils): Update to 9.10.3-P4.
| Efraim Flashner |
| 2016-03-10 | gnu: custom-gcc: Delete broken or conflicting executables.•••* gnu/packages/gcc.scm (custom-gcc)[arguments]: Add phase to remove
executables that are non-functional or conflict with the executables of
"gcc".
| Ricardo Wurmus |
| 2016-03-10 | gnu: nautilus: Don't propagate gtk+.•••* gnu/packages/gnome.scm (nautilus): Move gtk+ from propagated-inputs to inputs.
| 宋文武 |
| 2016-03-09 | substitute: Error out on unsupported URL schemes.•••Reported in <http://bugs.gnu.org/22937>
by Chris Marusich <cmmarusich@gmail.com>.
* guix/scripts/substitute.scm (fetch): Add 'else' case and call 'leave'.
| Ludovic Courtès |
| 2016-03-09 | ui: Do not call 'port-filename' on closed file ports.•••* guix/ui.scm (call-with-error-handling)[port-filename*]: New
procedure.
Use it in the 'nar-error?' case.
| Ludovic Courtès |
| 2016-03-09 | gnu: texlive: Make texlive-bin and texlive-texmf private.•••* gnu/packages/texlive.scm (texlive-bin, texlive-texmf): Define the variables
as non-public; they should not be installed into a profile.
| Andreas Enge |
| 2016-03-09 | gnu: po4a: Use texlive-minimal instead of texlive-bin.•••* gnu/packages/gettext.scm (po4a)[inputs]: Replace texlive-bin by
texlive-minimal.
| Andreas Enge |
| 2016-03-09 | gnu: statistics: Remove import of unused texlive module.•••* gnu/packages/statistics.scm: Do not import (gnu packages texlive).
| Andreas Enge |
| 2016-03-09 | gnu: gnuplot: Use texlive-minimal instead of texlive-bin.•••* gnu/packages/maths.scm (gnuplot)[inputs]: Replace texlive-bin by
texlive-minimal.
| Andreas Enge |
| 2016-03-09 | gnu: simple-scan: Update to 3.19.91.•••* gnu/packages/gnome.scm (simple-scan): Update to 3.19.91.
[arguments]: Add 'clean' phase.
| Tobias Geerinckx-Rice |
| 2016-03-09 | gnu: pidgin-otr: Update to 4.0.2.•••* gnu/packages/messaging.scm (pidgin-otr): Update to 4.0.2.
| Mark H Weaver |
| 2016-03-09 | gnu: libotr: Remove version 3.2.1.•••* gnu/packages/messaging.scm (libotr-3): Remove variable.
| Andreas Enge |
| 2016-03-09 | libotr: Update to 4.1.1 [fixes CVE-2016-2851].•••* gnu/packages/messaging.scm (libotr): Update to 4.1.1.
[native-inputs]: New field.
| Leo Famulari |
| 2016-03-09 | gnu: complexity: Update to 1.9.•••* gnu/packages/code.scm (complexity): Update to 1.9.
| Ludovic Courtès |
| 2016-03-09 | upstream: Fix 'signature-urls' coalescing.•••Previously, the resulting 'signature-urls' would contain N times the
same URL.
* guix/upstream.scm (coalesce-sources): Fix TWO in 'signature-urls'.
* tests/upstream.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
| Ludovic Courtès |
| 2016-03-09 | doc: Add note on store immutability.•••* doc/guix.texi (The Store): Mention "store items" and the database
location. Add note on the store's immutability.
| Ludovic Courtès |
| 2016-03-09 | gnu: Add liblangtag.•••* gnu/packages/libreoffice.scm (liblangtag): New variable.
Co-authored-by: Andreas Enge <andreas@enge.fr>
| Efraim Flashner |
| 2016-03-09 | gnu: libreoffice: Enable parallel build.•••* gnu/packages/libreoffice.scm (libreoffice)[arguments]: Enable parallel
build.
| Andreas Enge |
| 2016-03-08 | system: Explicitly set umask to 022 in /etc/profile.•••Fixes <http://bugs.gnu.org/22650>.
Reported by myglc2 <myglc2@gmail.com>.
* gnu/system.scm (operating-system-etc-service)[profile]: Invoke
'umask'.
| Ludovic Courtès |
| 2016-03-08 | guix build: Add '--quiet'.•••Fixes <http://bugs.gnu.org/19772>.
Reported by Andrei Osipov <andrspv@gmail.com>.
* guix/scripts/build.scm (show-help, %options): Add --quiet.
(guix-build): Parameterize 'current-build-output-port' accordingly.
* doc/guix.texi (Invoking guix build): Use it in example.
(Additional Build Options): Document it.
| Ludovic Courtès |
| 2016-03-08 | packages: Gracefully report packages not found.•••Fixes a thinko introduced in 1b846da8c372bee78851439fd9e72b2499115e5a
that would lead to a backtrace when looking for an unknown package.
* gnu/packages.scm (%find-package): Correct logic when checking for
FALLBACK?.
| Ludovic Courtès |
| 2016-03-08 | packages: Support the deprecated "NAME-VERSION" syntax.•••Fixes a typo introduced in 1b846da8c372bee78851439fd9e72b2499115e5a that
would lead to a backtrace when using the deprecated syntax.
* gnu/packages.scm (%find-package): Turn the first argument to
'call-with-values' into a thunk. Use #:select instead of '@' to select
the right 'package-name->name+version' procedure.
| Ludovic Courtès |
| 2016-03-08 | packages: Clarify NAME-VERSION deprecation message.•••* gnu/packages.scm (%find-package): Clarify message; remove trailing
period.
| Ludovic Courtès |
| 2016-03-08 | guix system: Write the GC root on the target file system.•••Fixes <http://bugs.gnu.org/22802>.
Reported by Jookia <166291@gmail.com>.
* guix/scripts/system.scm (install-grub*): Prepend TARGET to GC-ROOT.
| Ludovic Courtès |
| 2016-03-08 | emacs: Gracefully handle wrong package names passed to 'guix-edit'.•••Fixes <http://bugs.gnu.org/22933>.
* emacs/guix-main.scm (package-location-string): Rewrite to handle the
case where 'packages-by-name' returns the empty list.
Co-authored-by: Mathieu Lirzin <mthl@gnu.org>
| Ludovic Courtès |
| 2016-03-08 | gnu: jasper: Add fixes for CVE-2016-1577, CVE-2016-2089, CVE-2016-2116.•••* gnu/packages/patches/jasper-CVE-2016-1557.patch,
gnu/packages/patches/jasper-CVE-2016-2089.patch,
gnu/packages/patches/jasper-CVE-2016-2116.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jasper)[source]: Add patches.
| Efraim Flashner |
| 2016-03-07 | gnu: libreoffice: Update to 5.0.5.2 [fixes CVE-2016-{0794, 0795}].•••* gnu/packages/libreoffice.scm (libreoffice): Update to 5.0.5.2.
| Leo Famulari |
| 2016-03-07 | gnu: linux-libre: Update to 4.1.19.•••* gnu/packages/linux.scm (linux-libre): Update to 4.1.19.
| Mark H Weaver |
| 2016-03-07 | gnu: linux-libre: Update to 4.4.4.•••* gnu/packages/linux.scm (linux-libre): Update to 4.4.4.
| Mark H Weaver |
