| Age | Commit message (Collapse) | Author |
|---|
|
From 'NEWS' in the source distribution:
The CVE-2019-5736 runc vulnerability is about using /proc/self/exe
to modify the host side binary from the sandbox. This mostly does not
affect flatpak since the flatpak sandbox is not run with root permissions.
However, there is one case (running the apply_extra script for system
installs) where this happens, so this release contains a fix for that.
* Don't expose /proc in apply_extra script sandbox.
* gnu/packages/package-management.scm (flatpak): Update to 1.2.3.
|
|
* gnu/packages/networking.scm (frrouting): New variable.
|
|
* gnu/packages/docker.scm (%docker-version, docker, docker-cli): Update to
18.09.2.
(docker)[arguments]: Adjust to the Debian-specific 'iptables-legacy' lookup in
the 'patch-paths' phase.
|
|
* gnu/packages/virtualization.scm (runc): Update to 1.0.0-rc6.
[source]: Use a descriptive file-name. Add 'runc-CVE-2019-5736.patch'
* gnu/packages/patches/runc-CVE-2019-5736.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
|
|
It lacks lzip's dependency on libstdc++.so and libm.so and may have its
uses.
* gnu/packages/compression.scm (lzlib): Don't judge.
|
|
* gnu/packages/compression.scm (lzlib): Update to 1.11.
|
|
* gnu/packages/compression.scm (lzlib)[source]: Hard-code NAME.
|
|
* gnu/packages/compression.scm (clzip): Update to 1.11.
|
|
* gnu/packages/compression.scm (clzip)[source]: Hard-code NAME.
|
|
* gnu/packages/compression.scm (lunzip): Update to 1.11.
|
|
* gnu/packages/compression.scm (lunzip)[source]: Hard-code NAME.
|
|
* gnu/packages/compression.scm (plzip): Update to 1.8.
|
|
* gnu/packages/compression.scm (plzip)[source]: Hard-code NAME.
|
|
* gnu/packages/compression.scm (lziprecover): Update to 1.21.
|
|
* gnu/packages/compression.scm (lziprecover)[source]: Hard-code NAME.
|
|
* gnu/packages/databases.scm (perl-dbi): Update to 1.642.
|
|
* gnu/packages/databases.scm (kyotocabinet): Update to 1.2.77.
|
|
* gnu/packages/bootloaders.scm (os-prober): Update to 1.77.
|
|
* gnu/packages/image-viewers.scm (feh): Update to 3.1.2.
|
|
From 40db2b4eae5ca61a3134cdaf7b156ed1ae9f7415 Mon Sep 17 00:00:00 2001
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sun, 10 Feb 2019 23:39:25 -0500
Subject: [PATCH] gnu: python-pybedtools: Update to 0.8.0 and fix build.
* gnu/packages/bioinformatics.scm (python-pybedtools): Update to 0.8.0.
[phases]{disable-broken-tests}: Do not disable "test_issue_157" and
"test_to_dataframe" tests. Disable the "test_getting_example_beds".
{remove-cython-generated-files}: Add phase.
{generate-cython-extensions}: Add phase.
{check}: Move from python2-pybedtools to here. Add a scripts
subdirectory of the build directory to the PATH, so that the tests can call
them. Invoke pytest rather than nosetests.
[modules]: Move from python2-pybedtools to here.
[propagated-inputs]: Depend on the current BEDTOOLS rather than version 1.26.
[native-inputs]: Replace python-nose by python-pytest and add python-psutil.
|
|
Even with this patch efilinux does not build for arm*.
* gnu/packages/efi.scm (efilinux)[arguments]: On armhf-linux and
aarch64-linux set the ARCH variable apropriately.
|
|
* gnu/packages/bioinformatics.scm (cnvkit): New variable.
|
|
* gnu/packages/bioconductor.scm (r-dnacopy): New variable.
|
|
* gnu/packages/pdf.scm (python-reportlab): Update to 3.5.13.
[inputs]: Add freetype.
|
|
* gnu/packages/base.scm (glibc@2.27)[sources]: Add patches.
[properties]: New field, mark CVE-2017-18269 fixed.
* gnu/packages/patches/glibc-CVE-2018-11236.patch,
gnu/packages/patches/glibc-CVE-2018-11237.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
|
|
* gnu/packages/parallel.scm (parallel): Update to 20190122.
|
|
* gnu/packages/maven.scm (maven-resolver-api)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
* gnu/packages/linux.scm (multipath-tools): Update to 0.7.9.
|
|
* gnu/packages/web.scm (websockify)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
* gnu/packages/web.scm (libyajl)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
* gnu/packages/web.scm (rapidjson)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
* gnu/packages/web.scm (qjson)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
* gnu/packages/web.scm (fcgiwrap)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
* gnu/packages/web.scm (mod-wsgi)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
|
|
Fixes <https://bugs.gnu.org/34444>.
* gnu/packages/package-management.scm (guix): Update to 0.16.0-10.2637cfd.
|
|
* gnu/packages/guile-xyz.scm (guile-picture-language): Update to 0-2.1ea8b78.
|
|
* gnu/packages/file-systems (disorderfs): Update to 0.5.6.
Signed-off-by: Leo Famulari <leo@famulari.name>
|
|
* gnu/packages/package-management (diffoscope): Update to 111.
Signed-off-by: Leo Famulari <leo@famulari.name>
|
|
* gnu/packages/python-xyz.scm (python-cython): Update to 0.29.5.
|
|
* gnu/packages/xdisorg.scm (pixman)[source](uri): Use HTTPS.
|
|
* gnu/packages/django.scm (python-django): Update to 1.11.20.
|
|
* gnu/packages/video.scm (ffmpeg): Update to 4.1.1.
|
|
* gnu/packages/upnp.scm (miniupnpc): Update to 2.1.20190210.
|
|
* gnu/packages/audio.scm (lv2): Update to 1.16.0.
[arguments]: Remove #:python.
(lv2-devel): Remove variable.
* gnu/packages/music.scm (ingen)[inputs]: Change LV2-DEVEL to LV2.
|
|
Fixes <https://bugs.gnu.org/34439>.
* gnu/packages/video.scm (vlc)[inputs]: Remove libvpx. Add libvpx-1.7.
|
|
* gnu/packages/gps.scm (gama): Update to 2.03.
|
|
* gnu/packages/messaging.scm (gloox): Update to 1.0.22.
|
|
* gnu/packages/python-crypto.scm (python-ecpy): Update to 0.10.0.
|
|
* gnu/packages/python-crypto (python-cryptodome): Update to 3.7.3.
|
|
* gnu/packages/bootloaders.scm (u-boot-novena): Disable loading u-boot.img
from a partition.
|
