summary refs log tree commit diff
path: root/gnu/local.mk
AgeCommit message (Collapse)Author
2021-04-12gnu: racket: Don't inject store paths into Racket files.Philip McGrath
Apparently, during grafting, Guix can somehow mangle compiled Racket CS files (.zo) such that Racket will refuse to load them. (Maybe it has something to do with compression?) So, we stop patching Racket sources with absolute paths to store files (i.e. for foreign libraries to dlopen). Instead, we put them in a data file that doesn't get compiled or, in one case, embed it in C. Fixes https://issues.guix.gnu.org/47064 * gnu/packages/patches/racket-sh-via-rktio.patch: New file. Adds a special case at the C level, controlled by a preprocessor macro, to handle attempts to execute "/bin/sh". * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/scheme.scm (racket)[source](patches): Apply it. (racket)[arguments](#:configure-flags): Add the CPP flag to enable it. (racket)[arguments](#:modules): Use srfi-1. (racket)[arguments](#:phases): Remove 'patch-/bin/sh and 'pre-configure. Change 'pre-configure-minimal to just change directory. Add 'patch-config.rktd-lib-search-dirs after 'build and before 'install to configure Racket's "lib-search-dirs". (racket, racket-minimal)[inputs]: Add bash-minimal as an explicit input. (racket-minimal)[source]: Adjust to inherit patches from racket. (racket-minimal)[arguments]: Inherit from racket: changes no longer needed. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-04-11gnu: lksctp-tools: Fix build of include file.Hartmut Goebel
* gnu/packages/patches/lksctp-tools-1.0.18-fix-header-file-name.patch: New file. * gnu/local.mk[patches]: Add it. * gnu/packages/networking.scm(/lksctp-tools)[source]: Use this patch.
2021-04-09gnu: python-pyqt: Fix build for new python-sip.Brendan Tildesley
* gnu/packages/qt.scm (python-pyqt) [source]: Remove pyqt-public-sip.patch. [propagated-inputs]: Add python-pyqt5-sip. * gnu/packages/patches/pyqt-public-sip.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2021-04-05gnu: libvirt: Update to 7.2.0.Brice Waegeneire
* gnu/packages/virtualization.scm (libvirt): Update to 7.2.0. [arguemnts]: Switch to meson, only build system supported by upstream. [inputs]: Add libssh2 and readline. [native-inputs]: Add bash-completion, gettext, python-docutils and rpcsvc-proto. * gnu/packages/patches/libvirt-add-install-prefix.patch: New file... * gnu/local.mk: ...add it. * gnu/packages/patches/libvirt-create-machine-cgroup.patch: Delete file, merged by upstream. Tested-by: Pierre Langlois <pierre.langlois@gmx.com>
2021-04-05gnu: chez-scheme: simplify packagingPhilip McGrath
Take advantage of patches that have been accepted upstream. These changes lay a foundation for reusing more of Chez's build process for Racket. * gnu/packages/patches/chez-scheme-build-util-paths-backport.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/chez.scm (chez-scheme)[source](patches): Use it. [source](snippet): Remove bundled libraries here, not in configure phase. [inputs]: Organize. Move "nanopass", "stex", and "xorg-rgb" to ... [native-inputs]: ... this field. [arguments]: Add (ice-9 ftw) to #:modules. Remove unneeded 'patch-processor-detection' phase. Add 'unpack-nanopass+stex' phase (refactored from 'configure'). Simplify 'configure' phase by removing patches that have been upstreamed. Add "--nogzip-man-pages" flag so we can remove 'make-manpages-writable' phase. Stop ignoring #:configure-flags, move "--threads" there, and remove unneeded workaround. Add 'prepare-stex' phase (refactored from 'install-doc'). Use it to streamline 'install-doc' phase, installing all of the right files into the right places. Signed-off-by: Leo Prikler <leo.prikler@student.tugraz.at>
2021-04-02gnu: runc: Update to 1.0.0-rc93.Maxim Cournoyer
* gnu/packages/virtualization.scm (runc): Update to 1.0.0-rc93. [source]: Remove the patches field. [phases]{unpack}: Remove override. {build}: Add the man target. {check}: Make conditional based on TESTS?. {install}: Add the install-man target. [native-inputs]: Add go-github-com-go-md2man. [home-page]: Update. * gnu/packages/patches/runc-CVE-2019-5736.patch: Delete file. * gnu/local.mk: Un-register it.
2021-04-02gnu: containerd: Update to 1.4.4.Maxim Cournoyer
* gnu/packages/docker.scm (containerd): Update to 1.4.4. Delete trailing #t. [arguments]: Set a MAKE-FLAGS binding. [phases]{patch-paths}: Patch the reference to 'unpigz'. {build, install}: Use the MAKE-FLAGS variable. [inputs]: Add pigz. * gnu/packages/patches/containerd-test-with-go1.13.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Un-register it.
2021-04-02gnu: pidgin: Update to 2.14.2.Tobias Geerinckx-Rice
* gnu/packages/messaging.scm (pidgin): Update to 2.14.2. [source]: Remove pidgin-vv-gst.patch. * gnu/packages/patches/pidgin-vv-gst.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2021-04-02gnu: curl: Update to 7.76.0 [security fixes].Léo Le Bouter
Fixes CVE-2021-22876 and CVE-2021-22890. * gnu/packages/curl.scm (curl/fixed): New variable. (curl)[replacement]: New field. * gnu/packages/patches/curl-7.76-use-ssl-cert-env.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2021-04-02gnu: wpa-supplicant-minimal: Fix CVE-2021-30004.Léo Le Bouter
* gnu/packages/patches/wpa-supplicant-CVE-2021-30004.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/admin.scm (wpa-supplicant-minimal): Apply patch.
2021-04-02gnu: Add llhttp-bootstrap.Jelle Licht
* gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/node.scm (llhttp-bootstrap): New variable.
2021-04-02gnu: opendht: Update to 2.2.0rc4.Maxim Cournoyer
* gnu/packages/patches/opendht-fix-jami.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Un-register it. * gnu/packages/networking.scm (opendht): Update to 2.2.0rc4. [patches]: Remove field. [inputs]: Use nettle-3.7. [native-inputs]: Move restinio to... [propagated-inputs]: ... here.
2021-04-02Revert "gnu: libvirt: Update to 7.1.0."Pierre Langlois
The update causes virsh to fail <https://bugs.gnu.org/47541>. This reverts commit 383b02a370252c08eb1d43ac94d659c1d3993a35.
2021-04-01gnu: qemu-for-american-fuzzy-lop: Fix build.Efraim Flashner
* gnu/packages/debug.scm (qemu-for-american-fuzzy-lop)[source]: Add patch. * gnu/packages/patches/qemu-glibc-2.30.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2021-04-01gnu: gimp: Ship a copy of the gegl patch.Tobias Geerinckx-Rice
As Ludo' rightly points out, GitHub's patches are probably as stable as their tarballs. * gnu/packages/gimp.scm (gimp)[source]: Use SEARCH-PATCHES instead of an origin. * gnu/packages/patches/gimp-make-gegl-introspect-optional.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2021-03-31gnu: libvirt: Update to 7.1.0.Pierre Langlois
* gnu/packages/virtualization.scm (libvirt): Update to 7.1.0. [source]: Remove libvirt-create-machine-cgroup.patch, add libvirt-do-not-create-var-dirs.patch. [build-system]: Switch to meson-build-system. [arguments]: Use meson-0.55. Adapt #:configure-flags for meson, there is no need for --docdir anymore. Remove fix-BOURNE_SHELL-definition phase. Add fix-sysconfdir-and-localstatedir phase. Adapt disable-broken-tests to meson. [native-inputs]: Add python-docutils and rpcsvc-proto. * gnu/packages/patches/libvirt-create-machine-cgroup.patch: Delete. * gnu/packages/patches/libvirt-do-not-create-var-dirs.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add new patch, remove the other. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-30gnu: zstd: Downgrade to 1.4.4 and make security graft saner.Léo Le Bouter
* gnu/packages/patches/zstd-CVE-2021-24031_CVE-2021-24032.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/compression.scm (zstd-1.4.9): Remove. (zstd/fixed): New variable. Apply patch. (zstd)[replacement]: Graft with zstd/fixed.
2021-03-29gnu: linphoneqt: Update to 4.2.5 and rename to linphone-desktop.Raghav Gururajan
Also enable the daemon and console interfaces. * gnu/packages/linphone.scm (linphoneqt) [name]: Rename to linphone-desktop. [source]: Switch to git repository. [patches]: Remove linphoneqt-tabbutton.patch and add linphone-desktop-without-sdk.patch. [outputs]<debug>: New output. [configure-flags]: Disable update checking and enable the daemon and console interfaces. [phases]<pre-configure>: New phase. <fix-cmake-error, set-version-string>: Remove phases. <extend-shared-resources>: Rename to... <post-install>: ... this; adjust. [native-inputs]: Add pkg-config. [inputs]: Add belr and ortp. Remove belle-sip. [home-page]: Update home page. [license]: Update to GPLv3+. * gnu/packages/patches/linphoneqt-tabbutton.patch: Remove file. linphone-desktop-without-sdk.patch: New file. * gnu/local.mk (dist_patch_DATA): Update. Co-authored-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2021-03-29gnu: mediastreamer2: Update to 4.4.34.Raghav Gururajan
* gnu/packages/linphone.scm (mediastreamer2)[source]: Switch to git repository. [version]: Update to 4.4.34. [patches]: Remove field. [configure-flags]: Remove the ENABLE_STRICT, ENABLE_BV16, CMAKE_C_FLAGS and CMAKE_CXX_FLAGS flags. [phases]{fix-version}: New phase. {separate-outputs}: Modify. [native-inputs]: Replace python with python-wrapper. [home-page]: Update. [license]: Upgrade to GPLv3+. * gnu/packages/patches/mediastreamer2-srtp2.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2021-03-28tests: Add Transmission Daemon system test.Simon South
* gnu/tests/file-sharing.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-27gnu: imagemagick: Add more upstream fixes.Mark H Weaver
* gnu/packages/patches/imagemagick-ReadDCMImage-fix.patch, gnu/packages/patches/imagemagick-ReadDCMPixels-fix.patch, gnu/packages/patches/imagemagick-WriteTHUMBNAILImage-fix.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/imagemagick.scm (source): Add patches.
2021-03-27gnu: imagemagick: Fix CVE-2020-27829.Mark H Weaver
* gnu/packages/patches/imagemagick-CVE-2020-27829.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/imagemagick.scm (source): Add patch.
2021-03-26gnu: upx: Fix CVE-2021-20285.Léo Le Bouter
* gnu/packages/patches/upx-CVE-2021-20285.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/compression.scm (upx): Apply patch.
2021-03-26gnu: mariadb: Fix CVE-2021-27928.Léo Le Bouter
* gnu/packages/patches/mariadb-CVE-2021-27928.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/databases.scm (mariadb/fixed): New variable. Apply patch. (mariadb)[replacement]: Graft.
2021-03-23gnu: glibc: Fix ldd path on powerpc*.Leo Le Bouter
This should avoid some problems, such as "not a dynamic executable" errors. * gnu/packages/patches/glibc-ldd-powerpc.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/base.scm: (glibc)[native-inputs]: Add it. [arguments]: When building for powerpc* apply it. * gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash, glibc-final)[native-inputs]: Add patch conditionally. This patch has been adjusted to apply to master. Signed-off-by: Chris Marusich <cmmarusich@gmail.com> Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2021-03-23tests: Remove Cuirass tests.Mathieu Othacehe
Those tests don't make sense anymore as the Cuirass 1.0 version has removed the possibility to execute a custom registration procedure. * gnu/tests/cuirass.scm: Remove it. * gnu/local.mk (GNU_SYSTEM_MODULES): Ditto.
2021-03-23gnu: efibootmgr: Update to 17.Tobias Geerinckx-Rice
* gnu/packages/linux.scm (efibootmgr): Update to 17. [source]: Use GIT-FETCH and GIT-FILE-NAME. Add a patch to build against efivar@37. * gnu/packages/patches/efibootmgr-remove-extra-decl.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2021-03-23gnu: cgal: Update to 5.2.1.Tobias Geerinckx-Rice
* gnu/packages/graphics.scm (cgal): Update to 5.2.1. [source]: Remove patch. * gnu/packages/patches/cgal-security-pr-5371.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2021-03-19gnu: abseil-cpp: Patch sterror_test.Greg Hogan
* gnu/packages/patches/abseil-cpp-fix-gtest.patch: Renamed file. * gnu/packages/patches/abseil-cpp-fix-strerror_test.patch: New file. * gnu/local.mk (dist_patch_DATA): Rename / add files. * gnu/packages/cpp.scm (abseil-cpp)[source]: Use files. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-19gnu: abseil-cpp: Update to 20200923.3.Greg Hogan
* gnu/packages/cpp.scm (abseil-cpp): Update to 20200923.3. [arguments]: Enable external googletest. * gnu/packages/patches/abseil-cpp-fix.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-19gnu: busybox: Fix CVE-2021-28831.Léo Le Bouter
* gnu/packages/patches/busybox-CVE-2021-28831.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/busybox.scm (busybox): Apply it.
2021-03-19gnu: ungoogled-chromium: Update to 89.0.4389.90-1.Marius Bakke
* gnu/packages/patches/ungoogled-chromium-system-opus.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 89. (%chromium-version): Remove variable. (%ungoogled-revision): Set to 89.0.4389.90-1. (%ungoogled-origin): Conditionally set file name based on commit/tag. (%guix-patches): Add the new file. (libvpx/chromium): Update to 1.9.0-104-gb5d77a48d. (ungoogled-chromium)[version]: Use %UNGOOGLED-REVISION. [source]: Update hash. [arguments]: Adjust #:configure-flags for build system changes. Don't build with external WebRTC SSL library. Remove obsolete substitution. [inputs]: Remove OPENSSL. Change from PIPEWIRE to PIPEWIRE-0.3.
2021-03-17gnu: Move lolcode to esolangs.Leo Prikler
* gnu/packages/lolcode.scm (lci): Move from here... * gnu/packages/esolangs.scm (lolcode-lci): ... to here. * gnu/packages/lolcode.scm: Delete file. * gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
2021-03-16gnu: mpg321: Fix CVE-2019-14247.Kei Kebreau
* gnu/packages/patches/mpg321-CVE-2019-14247.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/mp3.scm (mpg321)[source]: Apply it. Signed-off-by: Léo Le Bouter <lle-bout@zaclys.net> Signed-off-by: Leo Famulari <leo@famulari.name>
2021-03-14gnu: unzip: Remove redundant and unused "unzip-symlink.patch".Mark H Weaver
This is a followup to commit 31d289a4759909d24dd309ac24d42902a8c20da0, which added, but did not use, "unzip-symlink.patch", which is redundant with the pre-existing "unzip-initialize-symlink-flag.patch". * gnu/packages/patches/unzip-symlink.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2021-03-14gun: unzip/fixed: Fix tests on 32-bit systems.Léo Le Bouter
* gnu/packages/patches/unzip-32bit-zipbomb-fix.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/compression.scm (unzip/fixed): Apply patch.
2021-03-14gnu: unzip: Add patches from Fedora [security fixes].Léo Le Bouter
Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and CVE-2019-13232. * gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch, gnu/packages/patches/unzip-CVE-2016-9844.patch, gnu/packages/patches/unzip-CVE-2018-1000035.patch, gnu/packages/patches/unzip-CVE-2018-18384.patch, gnu/packages/patches/unzip-case-insensitive.patch, gnu/packages/patches/unzip-alt-iconv-utf8-print.patch, gnu/packages/patches/unzip-alt-iconv-utf8.patch, gnu/packages/patches/unzip-close.patch, gnu/packages/patches/unzip-exec-shield.patch, gnu/packages/patches/unzip-fix-recmatch.patch, gnu/packages/patches/unzip-manpage-fix.patch, gnu/packages/patches/unzip-overflow.patch, gnu/packages/patches/unzip-symlink.patch, gnu/packages/patches/unzip-timestamp.patch, gnu/packages/patches/unzip-valgrind.patch, gnu/packages/patches/unzip-x-option.patch, gnu/packages/patches/unzip-zipbomb-manpage.patch, gnu/packages/patches/unzip-zipbomb-part1.patch, gnu/packages/patches/unzip-zipbomb-part2.patch, gnu/packages/patches/unzip-zipbomb-part3.patch: New patches. * gnu/local.mk (dist_patch_DATA): Register them. * gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches. (unzip)[replacement]: Graft.
2021-03-13gnu: gnutls: Fix CVE-2021-20231 and CVE-2021-20232.Mark H Weaver
* gnu/packages/patches/gnutls-CVE-2021-20231.patch, gnu/packages/patches/gnutls-CVE-2021-20232.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/tls.scm (gnutls)[replacement]: New field. (gnutls/fixed): New variable. (guile2.2-gnutls): Use package/inherit.
2021-03-12gnu: Add aws-c-io.Greg Hogan
* gnu/packages/c.scm (aws-c-io): New variable. * gnu/packages/patches/aws-c-io-cmake-prefix.patch, gnu/packages/patches/aws-c-io-disable-networking-tests.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-12gnu: Add aws-c-cal.Greg Hogan
* gnu/packages/c.scm (aws-c-cal): New variable. * gnu/packages/patches/aws-c-cal-cmake-prefix.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-12gnu: gnome-shell: Fix CVE-2020-17489.Mark H Weaver
* gnu/packages/patches/gnome-shell-CVE-2020-17489.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnome.scm (gnome-shell)[source]: Add patch.
2021-03-12gnu: cairo: Fix CVE-2018-19876 and CVE-2020-35492.Mark H Weaver
* gnu/packages/patches/cairo-CVE-2018-19876.patch, gnu/packages/patches/cairo-CVE-2020-35492.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/gtk.scm (cairo)[replacement]: New field. (cairo/fixed): New variable. (cairo-xcb): Use package/inherit.
2021-03-12gnu: gdk-pixbuf: Fix CVE-2020-29385.Mark H Weaver
* gnu/packages/patches/gdk-pixbuf-CVE-2020-29385.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gtk.scm (gdk-pixbuf)[replacement]: New field. (gdk-pixbuf/fixed): New variable. (gdk-pixbuf+svg): Use package/inherit.
2021-03-12gnu: glib: Fix CVE-2021-28153.Mark H Weaver
* gnu/packages/patches/glib-CVE-2021-28153.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/glib.scm (glib/fixed): Add the new patch.
2021-03-11Revert "Revert "gnu: mongodb: Update to 3.4.24 [security fixes].""Efraim Flashner
This reverts commit feff80cec3c97a3df2c20d300be12d67f79d4f22. I was mistaken, there are still branches of mongodb which are still licensed under the AGPL3
2021-03-11Revert "gnu: mongodb: Update to 3.4.24 [security fixes]."Efraim Flashner
This reverts commit e5f89570c1d72c4b674fad6b6ad5591ead02d419. After this version mongodb switched to the Server Side Public License (https://www.mongodb.com/licensing/server-side-public-license) which is not a FOSS license.
2021-03-11gnu: glib: Fix CVE-2021-27218 and CVE-2021-27219.Mark H Weaver
* gnu/packages/patches/glib-CVE-2021-27218.patch, gnu/packages/patches/glib-CVE-2021-27219-01.patch, gnu/packages/patches/glib-CVE-2021-27219-02.patch, gnu/packages/patches/glib-CVE-2021-27219-03.patch, gnu/packages/patches/glib-CVE-2021-27219-04.patch, gnu/packages/patches/glib-CVE-2021-27219-05.patch, gnu/packages/patches/glib-CVE-2021-27219-06.patch, gnu/packages/patches/glib-CVE-2021-27219-07.patch, gnu/packages/patches/glib-CVE-2021-27219-08.patch, gnu/packages/patches/glib-CVE-2021-27219-09.patch, gnu/packages/patches/glib-CVE-2021-27219-10.patch, gnu/packages/patches/glib-CVE-2021-27219-11.patch, gnu/packages/patches/glib-CVE-2021-27219-12.patch, gnu/packages/patches/glib-CVE-2021-27219-13.patch, gnu/packages/patches/glib-CVE-2021-27219-14.patch, gnu/packages/patches/glib-CVE-2021-27219-15.patch, gnu/packages/patches/glib-CVE-2021-27219-16.patch, gnu/packages/patches/glib-CVE-2021-27219-17.patch, gnu/packages/patches/glib-CVE-2021-27219-18.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/glib.scm (glib)[replacement]: New field. (glib/fixed): New variable.
2021-03-11gnu: geary: Fix CVE-2020-24661.Léo Le Bouter
* gnu/packages/patches/geary-CVE-2020-24661.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/gnome.scm (geary): Apply it.
2021-03-11gnu: libcroco: Fix CVE-2020-12825.Léo Le Bouter
* gnu/packages/patches/libcroco-CVE-2020-12825.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/gnome.scm (libcroco/fixed): New variable. Apply patch. (libcroco)[replacement]: Graft.
2021-03-11gnu: evolution: Fix CVE-2020-11879.Léo Le Bouter
* gnu/packages/patches/evolution-CVE-2020-11879.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/gnome.scm (evolution): Apply it.