Age | Commit message (Expand) | Author |
2021-03-16 | gnu: mpg321: Fix CVE-2019-14247....* gnu/packages/patches/mpg321-CVE-2019-14247.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (mpg321)[source]: Apply it.
Signed-off-by: Léo Le Bouter <lle-bout@zaclys.net>
Signed-off-by: Leo Famulari <leo@famulari.name>
| Kei Kebreau |
2021-03-14 | gnu: unzip: Remove redundant and unused "unzip-symlink.patch"....This is a followup to commit 31d289a4759909d24dd309ac24d42902a8c20da0,
which added, but did not use, "unzip-symlink.patch", which is
redundant with the pre-existing "unzip-initialize-symlink-flag.patch".
* gnu/packages/patches/unzip-symlink.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
| Mark H Weaver |
2021-03-14 | gun: unzip/fixed: Fix tests on 32-bit systems....* gnu/packages/patches/unzip-32bit-zipbomb-fix.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (unzip/fixed): Apply patch.
| Léo Le Bouter |
2021-03-14 | gnu: unzip: Add patches from Fedora [security fixes]....Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and
CVE-2019-13232.
* gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch,
gnu/packages/patches/unzip-CVE-2016-9844.patch,
gnu/packages/patches/unzip-CVE-2018-1000035.patch,
gnu/packages/patches/unzip-CVE-2018-18384.patch,
gnu/packages/patches/unzip-case-insensitive.patch,
gnu/packages/patches/unzip-alt-iconv-utf8-print.patch,
gnu/packages/patches/unzip-alt-iconv-utf8.patch,
gnu/packages/patches/unzip-close.patch,
gnu/packages/patches/unzip-exec-shield.patch,
gnu/packages/patches/unzip-fix-recmatch.patch,
gnu/packages/patches/unzip-manpage-fix.patch,
gnu/packages/patches/unzip-overflow.patch,
gnu/packages/patches/unzip-symlink.patch,
gnu/packages/patches/unzip-timestamp.patch,
gnu/packages/patches/unzip-valgrind.patch,
gnu/packages/patches/unzip-x-option.patch,
gnu/packages/patches/unzip-zipbomb-manpage.patch,
gnu/packages/patches/unzip-zipbomb-part1.patch,
gnu/packages/patches/unzip-zipbomb-part2.patch,
gnu/packages/patches/unzip-zipbomb-part3.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches.
(unzip)[replacement]: Graft.
| Léo Le Bouter |
2021-03-13 | gnu: gnutls: Fix CVE-2021-20231 and CVE-2021-20232....* gnu/packages/patches/gnutls-CVE-2021-20231.patch,
gnu/packages/patches/gnutls-CVE-2021-20232.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls/fixed): New variable.
(guile2.2-gnutls): Use package/inherit.
| Mark H Weaver |
2021-03-12 | gnu: Add aws-c-io....* gnu/packages/c.scm (aws-c-io): New variable.
* gnu/packages/patches/aws-c-io-cmake-prefix.patch,
gnu/packages/patches/aws-c-io-disable-networking-tests.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Add them.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Greg Hogan |
2021-03-12 | gnu: Add aws-c-cal....* gnu/packages/c.scm (aws-c-cal): New variable.
* gnu/packages/patches/aws-c-cal-cmake-prefix.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Greg Hogan |
2021-03-12 | gnu: gnome-shell: Fix CVE-2020-17489....* gnu/packages/patches/gnome-shell-CVE-2020-17489.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gnome-shell)[source]: Add patch.
| Mark H Weaver |
2021-03-12 | gnu: cairo: Fix CVE-2018-19876 and CVE-2020-35492....* gnu/packages/patches/cairo-CVE-2018-19876.patch,
gnu/packages/patches/cairo-CVE-2020-35492.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gtk.scm (cairo)[replacement]: New field.
(cairo/fixed): New variable.
(cairo-xcb): Use package/inherit.
| Mark H Weaver |
2021-03-12 | gnu: gdk-pixbuf: Fix CVE-2020-29385....* gnu/packages/patches/gdk-pixbuf-CVE-2020-29385.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gtk.scm (gdk-pixbuf)[replacement]: New field.
(gdk-pixbuf/fixed): New variable.
(gdk-pixbuf+svg): Use package/inherit.
| Mark H Weaver |
2021-03-12 | gnu: glib: Fix CVE-2021-28153....* gnu/packages/patches/glib-CVE-2021-28153.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/glib.scm (glib/fixed): Add the new patch.
| Mark H Weaver |
2021-03-11 | Revert "Revert "gnu: mongodb: Update to 3.4.24 [security fixes].""...This reverts commit feff80cec3c97a3df2c20d300be12d67f79d4f22.
I was mistaken, there are still branches of mongodb which are still
licensed under the AGPL3
| Efraim Flashner |
2021-03-11 | Revert "gnu: mongodb: Update to 3.4.24 [security fixes]."...This reverts commit e5f89570c1d72c4b674fad6b6ad5591ead02d419.
After this version mongodb switched to the Server Side Public License
(https://www.mongodb.com/licensing/server-side-public-license) which is
not a FOSS license.
| Efraim Flashner |
2021-03-11 | gnu: glib: Fix CVE-2021-27218 and CVE-2021-27219....* gnu/packages/patches/glib-CVE-2021-27218.patch,
gnu/packages/patches/glib-CVE-2021-27219-01.patch,
gnu/packages/patches/glib-CVE-2021-27219-02.patch,
gnu/packages/patches/glib-CVE-2021-27219-03.patch,
gnu/packages/patches/glib-CVE-2021-27219-04.patch,
gnu/packages/patches/glib-CVE-2021-27219-05.patch,
gnu/packages/patches/glib-CVE-2021-27219-06.patch,
gnu/packages/patches/glib-CVE-2021-27219-07.patch,
gnu/packages/patches/glib-CVE-2021-27219-08.patch,
gnu/packages/patches/glib-CVE-2021-27219-09.patch,
gnu/packages/patches/glib-CVE-2021-27219-10.patch,
gnu/packages/patches/glib-CVE-2021-27219-11.patch,
gnu/packages/patches/glib-CVE-2021-27219-12.patch,
gnu/packages/patches/glib-CVE-2021-27219-13.patch,
gnu/packages/patches/glib-CVE-2021-27219-14.patch,
gnu/packages/patches/glib-CVE-2021-27219-15.patch,
gnu/packages/patches/glib-CVE-2021-27219-16.patch,
gnu/packages/patches/glib-CVE-2021-27219-17.patch,
gnu/packages/patches/glib-CVE-2021-27219-18.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/glib.scm (glib)[replacement]: New field.
(glib/fixed): New variable.
| Mark H Weaver |
2021-03-11 | gnu: geary: Fix CVE-2020-24661....* gnu/packages/patches/geary-CVE-2020-24661.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (geary): Apply it.
| Léo Le Bouter |
2021-03-11 | gnu: libcroco: Fix CVE-2020-12825....* gnu/packages/patches/libcroco-CVE-2020-12825.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (libcroco/fixed): New variable. Apply patch.
(libcroco)[replacement]: Graft.
| Léo Le Bouter |
2021-03-11 | gnu: evolution: Fix CVE-2020-11879....* gnu/packages/patches/evolution-CVE-2020-11879.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (evolution): Apply it.
| Léo Le Bouter |
2021-03-11 | gnu: evolution-data-server: Fix CVE-2020-14928 and CVE-2020-16117....* gnu/packages/patches/evolution-data-server-CVE-2020-14928.patch,
gnu/packages/patches/evolution-data-server-CVE-2020-16117.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/gnome.scm (evolution-data-server): Apply them.
| Léo Le Bouter |
2021-03-10 | gnu: mongodb: Update to 3.4.24 [security fixes]....* gnu/packages/patches/mongodb-support-unknown-linux-distributions.patch:
Remove patch.
* gnu/local.mk (dist_patch_DATA): Ditto.
* gnu/packages/databases.scm (mongodb): Update to 3.4.24.
[source]: Drop patch. Update third_party libs folder names.
| Léo Le Bouter |
2021-03-10 | gnu: python-shouldbe: Remove....Unmaintained upstream and its only dependent (python-gssapi) dropped it.
* gnu/packages/patches/python-shouldbe-0.1.2-cpy3.8.patch: Remove.
* gnu/local.mk: Drop patch file.
* gnu/packages/python-xyz.scm (python-shouldbe): Remove.
| Lars-Dominik Braun |
2021-03-10 | gnu: cyrus-sasl: Fix CVE-2019-19906....* gnu/packages/patches/cyrus-sasl-CVE-2019-19906.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/cyrus-sasl.scm (cyrus-sasl/fixed): New variable. Apply patch.
(cyrus-sasl)[replacement]: Graft.
| Léo Le Bouter |
2021-03-10 | gnu: bsdiff: Fix CVE-2014-9862....* gnu/packages/patches/bsdiff-CVE-2014-9862.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (bsdiff): Apply it.
| Léo Le Bouter |
2021-03-09 | gnu: vtk: Fix build failure....* gnu/packages/image-processing.scm (vtk): Fix build failure.
[source]: Add patch to fix build failure with recent versions of freetype.
* gnu/packages/patches/vtk-fix-freetypetools-build-failure.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
| Felix Gruber |
2021-03-08 | gnu: libcaca: Patch for CVE-2021-3410....* gnu/packages/video.scm (libcaca)[source]: Add patches.
* gnu/packages/patches/libcaca-CVE-2021-3410-pt1.patch,
gnu/packages/patches/libcaca-CVE-2021-3410-pt2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
| Efraim Flashner |
2021-03-06 | gnu: ytnef: Fix CVE-2021-3403 and CVE-2021-3404....* gnu/packages/patches/ytnef-CVE-2021-3403.patch,
gnu/packages/patches/ytnef-CVE-2021-3404.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/mail.scm (ytnef): Apply them.
| Léo Le Bouter |
2021-03-05 | gnu: cgal: Update to 5.2 [security fixes]....* gnu/packages/patches/cgal-security-pr-5371.patch: New patch. Downloaded from
<https://patch-diff.githubusercontent.com/raw/CGAL/cgal/pull/5371.patch>, with
hunks on files matching pattern "*Convex_decomposition_3*" removed because
they don't exist in cgal's released sources.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/graphics.scm (cgal): Update to 5.2.
[source]: Apply patch.
| Léo Le Bouter |
2021-03-04 | gnu: mupdf: Fix CVE-2021-3407....* gnu/packages/pdf.scm (mupdf)[source]: Add patch.
* gnu/packages/patches/mupdf-CVE-2021-3407.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
| Kei Kebreau |
2021-03-03 | gnu: openssh: Update to 8.5p1....* gnu/packages/patches/openssh-fix-ssh-copy-id.patch: Remove patch.
* gnu/local.mk (dist_patch_DATA): Also unregister it.
* gnu/packages/ssh.scm (openssh): Update to 8.5p1.
| Léo Le Bouter |
2021-03-02 | gnu: Python 2: Fix CVE-2021-3177....* gnu/packages/patches/python-2.7-CVE-2021-3177.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-2.7)[replacement]: New field.
(python-2.7/fixed): New variable.
| Leo Famulari |
2021-03-02 | gnu: python-matplotlib: Fix running under Wayland with GTK3....* gnu/packages/python-xyz.scm (python-matplotlib)[source]: Add patch.
* gnu/packages/patches/python-matplotlib-run-under-wayland-gtk3.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
| Tobias Geerinckx-Rice |
2021-03-01 | gnu: openscad: Update to 2021.01 [maybe fixes TALOS-2020-1222, TALOS-2020-1223]....TALOS-2020-1222 has yet to be disclosed and has no known CVE number.
TALOS-2020-1223 has CVE-2020-28599 assigned.
* gnu/packages/engineering.scm (openscad): Update to 2021.01.
[patches]: Remove. Boost 1.72 is supported now upstream.
[arguments]: In replacement 'check phase, disable some tests requiring
experimental "lazy-union" feature. Also disable PDF-related tests requiring
ghostscript and failing either way.
* gnu/local.mk (dist_patch_DATA): Remove patch.
* gnu/packages/patches/openscad-parser-boost-1.72.patch: Ditto.
| Léo Le Bouter |
2021-02-28 | gnu: qemu: Fix CVE-2021-20203....* gnu/packages/patches/qemu-CVE-2021-20203.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/virtualization.scm (qemu): Apply it.
| Léo Le Bouter |
2021-02-28 | gnu: retroarch: Update to 1.9.0....* gnu/packages/emulators.scm (retroarch): Update to 1.9.0.
[source]: Remove 'retroarch-disable-online-updater.patch' and snippet.
Add 'retroarch-LIBRETRO_DIRECTORY.patch'.
[native-search-paths]: New field.
* gnu/packages/patches/retroarch-disable-online-updater.patch: Remove file.
* gnu/packages/patches/retroarch-LIBRETRO_DIRECTORY: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
| 宋文武 |
2021-02-28 | gnu: wpa-supplicant, hostapd: Fix CVE-2021-27803....See <https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt>.
* gnu/packages/patches/wpa-supplicant-CVE-2021-27803.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/admin.scm (wpa-supplicant-minimal, hostapd): Apply it.
| Léo Le Bouter |
2021-02-25 | gnu: Python 3.9: Update to 3.9.2....* gnu/packages/python.scm (python-3.9): Update to 3.9.2.
[source]: Remove obsolete patch.
* gnu/packages/patches/python-3.9-CVE-2021-3177.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Signed-off-by: Leo Famulari <leo@famulari.name>
| Greg Hogan |
2021-02-24 | gnu: http-server: Fix build on i686-linux....* gnu/packages/patches/http-parser-fix-assertion-on-armhf.patch: Remove it.
* gnu/local.mk (dist_patch_DATA): Update it.
* gnu/packages/web.scm (http-parser)[source]: Remove a test assertion failing
on i686-linux.
[arguments]: Remove the "assertion.patch" that is merged upstream.
[native-inputs]: Ditto.
[synopsis]: Wrap it.
| Mathieu Othacehe |
2021-02-24 | gnu: http-parser: Update to 2.9.4-1.ec8b5ee [fixes CVE-2020-8287]....Fixes CVE-2020-8287.
* gnu/packages/web.scm (http-parser): Update to 2.9.4-1.ec8b5ee.
[source]: Add patch to mitigate CVE.
* gnu/packages/patches/patches/http-parser-CVE-2020-8287.patch: New file.
* gnu/local.mk [dist_patch_DATA]: New patch.
| Jelle Licht |
2021-02-23 | gnu: Python: Fix CVE-2021-3177....* gnu/packages/patches/python-3.8-CVE-2021-3177.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-3.8)[replacement]: New field.
(python-3.8/fixed): New variable.
| Leo Famulari |
2021-02-23 | gnu: ruby-rack: Update to 2.2.3....* gnu/packages/ruby.scm (ruby-rack): Update to 2.2.3.
[source]: Remove patch. Add snippet.
[arguments]: Adjust custom 'fix-tests phase. Remove 'make-files-writable
phase.
[native-inputs]: Remove ruby-minitest-sprint, which. Add
ruby-minitest-global-expectations.
[propagated-inputs]: Remove ruby-concurrent.
* gnu/packages/patches/ruby-rack-ignore-failing-test.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
| Efraim Flashner |
2021-02-23 | gnu: ruby-tzinfo-data: Update to 1.2021.1....* gnu/packages/ruby.scm (ruby-tzinfo-data): Update to 1.2021.1.
[source]: Remove patch.
[arguments]: Add custom 'patch-source, 'pre-check phases.
[native-inputs]: Add IANA timezone data files.
* gnu/packages/patches/ruby-tzinfo-data-ignore-broken-test.patch: Remove
file.
* gnu/local.mk (dist_patch_DATA): Remove it.
| Efraim Flashner |
2021-02-21 | image: Add rock64 support....* gnu/system/images/rock64.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
| Marius Bakke |
2021-02-21 | gnu: exiv2-0.26: Remove variable....* gnu/packages/image.scm (exiv2-0.26): Remove variable.
* gnu/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch:
* gnu/packages/patches/exiv2-CVE-2017-14860.patch: Remove files.
* gnu/local.mk (dist_patch_DATA): Apply removal.
| Nicolas Goaziou |
2021-02-21 | gnu: screen: Patch CVE-2021-26937....* gnu/packages/screen.scm (screen)[source]: Add patch.
* gnu/packages/patches/screen-CVE-2021-26937.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
| Efraim Flashner |
2021-02-20 | gnu: lrzip: Update to 0.640....* gnu/packages/compression.scm (lrzip): Update to 0.640.
[source]: Remove obsolete patch 'lrzip-CVE-2017-8842.patch'.
[inputs]: Add lz4.
* gnu/packages/patches/lrzip-CVE-2017-8842.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Signed-off-by: Leo Famulari <leo@famulari.name>
| Vincent Legoll |
2021-02-19 | gnu: Python 3.9: Fix CVE-2021-3177....* gnu/packages/patches/python-3.9-CVE-2021-3177.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-3.9)[source]: Use it.
| Leo Famulari |
2021-02-19 | gnu: Add perl-math-matrixreal....* gnu/packages/perl-maths.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
| Ricardo Wurmus |
2021-02-17 | gnu: ruby-rubocop: Update to 1.10.0....* gnu/packages/ruby.scm (ruby-rubocop): Update to 1.10.0.
[source]: Remove patch.
[arguments]: Remove custom 'remove-problematic-tests, 'disable-bundler,
'replace-git-ls-files phases. Add custom 'check phase.
[native-inputs]: Add ruby-memory-profiler, ruby-rake,
ruby-rubocop-minimal, ruby-rubocop-performance-minimal,
ruby-rubocop-rspec-minimal, ruby-simplecov, ruby-stackprof. Replace
ruby-webmock-2 with ruby-webmock.
(ruby-rubocop-minimal, ruby-rubocop-performance-minimal,
ruby-rubocop-rspec-minimal): New variables.
* gnu/packages/patches/ruby-rubocop-break-dependency-cycle.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
| Efraim Flashner |
2021-02-15 | gnu: Add run....* gnu/packages/task-runners.scm (run): New variable.
Signed-off-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
| Stefan Reichör |
2021-02-12 | gnu: diffoscope: Update to use python-magic....Fixes: https://salsa.debian.org/reproducible-builds/diffoscope/-/issues/238
* gnu/packages/patches/diffoscope-revert-to-magic-open.patch: Remove file.
* gnu/local.mk [dist_patch_DATA]: Update.
* gnu/packages/diffoscope.scm (diffoscope)[source]: Remove patch.
[inputs]: Remove python-file.
| Vagrant Cascadian |
2021-02-12 | services: Add transmission-daemon service....* gnu/services/file-sharing.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* po/packages/POTFILES.in: Add it.
* tests/services/file-sharing.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
* doc/guix.texi (File-Sharing Services): New section.
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
| Simon South |