Age | Commit message (Collapse) | Author |
|
* gnu/packages/image.scm (imlib2): Update to 1.5.0.
|
|
This release claims to fix 2 vulnerabilities:
- ‘an integer overflow vulnerability in the TIFF decoder’
(CVE-2017-1000229, previously patched in Guix), and
- ‘a buffer overflow vulnerability in the GIF decoder’.
* gnu/packages/image.scm (optipng): Update to 0.7.7.
[source]: Remove patch.
[arguments]: Substitute INVOKE for SYSTEM* and end phase with #t.
* gnu/packages/patches/optipng-CVE-2017-1000229.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
|
|
|
|
* gnu/packages/patches/libtiff-CVE-2017-9935.patch,
gnu/packages/patches/libtiff-CVE-2017-11335.patch,
gnu/packages/patches/libtiff-CVE-2017-18013.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff)[replacement]: New field.
(libtiff/fixed): New variable.
|
|
* gnu/packages/image.scm (libtiff)[source]: Use HTTP URL.
|
|
|
|
* gnu/packages/image.scm (libjpeg-turbo): Update to 1.5.3.
|
|
|
|
* gnu/packages/image.scm (libwebp): Update to 0.6.1.
|
|
* gnu/packages/image.scm (libtiff): Update to 4.0.9.
[source]: Remove obsolete patches.
* gnu/packages/patches/libtiff-CVE-2016-10688.patch,
gnu/packages/patches/libtiff-CVE-2017-9936.patch,
gnu/packages/patches/libtiff-tiffgetfield-bugs.patch,
gnu/packages/patches/libtiff-tiffycbcrtorgb-integer-overflow.patch,
gnu/packages/patches/libtiff-tiffycbcrtorgbinit-integer-overflow.patch: Delete
files.
* gnu/local.mk (dist_patch_DATA): Remove them.
|
|
* gnu/packages/image.scm (gpick): Switch to scons-build-system.
|
|
* gnu/packages/image.scm (optipng)[source](patches): New field.
* gnu/packages/patches/optipng-CVE-2017-1000229.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
|
|
* gnu/packages/image.scm (steghide)[description]: Remove typos and improve
grammar.
|
|
* gnu/packages/image.scm (pngcrush): Renamed from pngcrunch.
[version]: update to 1.8.13.
[arguments]: Use the nolib Makefile.
[origin]: Use the no-lib tar.
[home-page]: update to the new website.
(pngcrunch): New deprecation variable.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/packages/image.scm (jbi2dec): Update to 0.14.
[source]: Remove obsolete patches.
* gnu/packages/patches/jbig2dec-CVE-2016-9601.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7885.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7975.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7976.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/patches/jbig2dec-ignore-testtest.patch: Update for new release.
|
|
|
|
* gnu/packages/python.scm (python-behave-web-api, python2-behave-web-api,
python-mock, python2-mock, python-mock-2, python-nose, python2-nose,
python-nose2, python2-nose2, python-unittest2, python2-unittest2,
python-pytest, python2-pytest, python-pytest-3.0, python2-pytest-3.0,
python-pytest-cov, python2-pytest-cov, python-pytest-runner,
python2-pytest-runner, python-pytest-mock, python2-pytest-mock,
python-pytest-xdist, python2-pytest-xdist, python-scripttest,
python2-scripttest, python-testtools, python2-testtools, python-testscenarios,
python2-testscenarios, python-testresources, python2-testresources,
python-subunit, python2-subunit, python-fixtures, python2-fixtures,
python-testrepository, python2-testrepository, python-coverage,
python2-coverage, python-cov-core, python2-cov-core, python-testpath,
python2-testpath, python-testlib, python2-testlib, python-pytest-cache,
python2-pytest-cache, python-pytest-localserver, python-pytest-xprocess,
python-pytest-subtesthack, python2-pytest-subtesthack, python-hypothesis,
python2-hypothesis, python-lit, python2-lit, python-pytest-pep8,
python2-pytest-pep8, python-pytest-flakes, python2-pytest-flakes,
python2-coverage-test-runner, python-pylint, python2-pylint,
python-paramunittest, python2-python-paramunittest, python-pytest-warnings,
python2-pytest-warnings, python-pytest-capturelog, python2-pytest-capturelog,
python-pytest-catchlog, python2-pytest-catchlog, python-nosexcover,
python2-nosexcover, python-discover, python2-discover, behave, python-rednose,
python2-rednose, python-nose-randomly, python2-nose-randomly,
python-nose-timer, python2-nose-timer): Move from here...
* gnu/packages/check.scm: ...to here.
* gnu/packages/admin.scm,
gnu/packages/android.scm,
gnu/packages/backup.scm,
gnu/packages/bioinformatics.scm,
gnu/packages/calendar.scm,
gnu/packages/dav.scm,
gnu/packages/django.scm,
gnu/packages/freedesktop.scm,
gnu/packages/haskell.scm,
gnu/packages/image.scm,
gnu/packages/irc.scm,
gnu/packages/jrnl.scm,
gnu/packages/ldc.scm,
gnu/packages/libffi.scm,
gnu/packages/mail.scm,
gnu/packages/mpd.scm,
gnu/packages/openstack.scm,
gnu/packages/package-management.scm,
gnu/packages/password-utils.scm,
gnu/packages/python-crypto.scm,
gnu/packages/python-web.scm,
gnu/packages/rdf.scm,
gnu/packages/statistics.scm,
gnu/packages/storage.scm,
gnu/packages/time.scm,
gnu/packages/tls.scm,
gnu/packages/tor.scm,
gnu/packages/tryton.scm: Adjust accordingly.
|
|
|
|
Fixes CVE-2017-14859, CVE-2017-14860, CVE-2017-14862 and CVE-2017-14864.
* gnu/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch,
gnu/packages/patches/exiv2-CVE-2017-14860.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/image.scm (exiv2)[source]: Use them.
|
|
* gnu/packages/image.scm (libpng): Update to 1.6.34.
|
|
* gnu/packages/image.scm (vigra): Update 1.11.1.
[source]<uri>: Don't hard-code version.
[home-page]: Change to <https://ukoethe.github.io/vigra/>.
|
|
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch,
gnu/packages/patches/openjpeg-CVE-2017-14040.patch,
gnu/packages/patches/openjpeg-CVE-2017-14041.patch,
gnu/packages/patches/openjpeg-CVE-2017-14151.patch,
gnu/packages/patches/openjpeg-CVE-2017-14152.patch,
gnu/packages/patches/openjpeg-CVE-2017-14164.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.3.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Adjust openjpeg
substitution.
|
|
* gnu/packages/image.scm (libpng-1.2): Update to 1.2.59.
|
|
* gnu/packages/image.scm (jasper): Update to 2.0.14.
|
|
* gnu/packages/image.scm (openjpeg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-14164.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
|
|
* gnu/packages/image.scm (openjpeg)[source]: Add patches.
* gnu/packages/patches/openjpeg-CVE-2017-14151.patch,
gnu/packages/patches/openjpeg-CVE-2017-14152.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
|
|
* gnu/packages/image.scm (openjpeg)[source]: Add patches.
* gnu/packages/patches/openjpeg-CVE-2017-14040.patch,
gnu/packages/patches/openjpeg-CVE-2017-14041.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
|
|
The source archive was updated in place; only a cleanup of non functional
files was done (see: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28326).
* gnu/packages/image.scm (exiv2)[source]: Update hash.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
|
|
* .mailmap: Map kei@openmailbox.org to current address.
* gnu/local.mk: Replace kei@openmailbox.org to current address.
* gnu/packages/backup.scm: Likewise.
* gnu/packages/calendar.scm: Likewise.
* gnu/packages/check.scm: Likewise.
* gnu/packages/compression.scm: Likewise.
* gnu/packages/documentation.scm: Likewise.
* gnu/packages/emacs.scm: Likewise.
* gnu/packages/fltk.scm: Likewise.
* gnu/packages/freedesktop.scm: Likewise.
* gnu/packages/game-development.scm: Likewise.
* gnu/packages/games.scm: Likewise.
* gnu/packages/gnome.scm: Likewise.
* gnu/packages/gnustep.scm: Likewise.
* gnu/packages/gtk.scm: Likewise.
* gnu/packages/hexedit.scm: Likewise.
* gnu/packages/image.scm: Likewise.
* gnu/packages/maths.scm: Likewise.
* gnu/packages/music.scm: Likewise.
* gnu/packages/xfce.scm: Likewise.
* gnu/packages/python.scm: Likewise.
* gnu/packages/tcl.scm: Likewise.
* gnu/packages/textutils.scm: Likewise.
* gnu/packages/video.scm: Likewise.
* gnu/packages/w3m.scm: Likewise.
* gnu/packages/web.scm: Likewise.
* gnu/packages/web-browsers.scm: Likewise.
* gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch: Likewise.
|
|
|
|
* gnu/packages/image.scm (openjepg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
|
|
* gnu/packages/image.scm (libjpeg-turbo)[arguments]: Add #:configure-flags.
Co-authored-by: Z. Ren <zren@dlut.edu.cn>
|
|
|
|
* gnu/packages/image.scm (r-png): New variable.
|
|
* gnu/packages/image.scm (gpick): New variable.
|
|
|
|
In addition to the patches we already had (which are not mentioned in the
ChangeLog, but verified by following their respective GitHub issues) this
release also fixes CVE-2016-9112, CVE-2016-5139, CVE-2016-5152, CVE-2016-5158,
CVE-2016-5159, CVE-2016-1626 and CVE-2016-1628.
See <https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md> for details.
* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch,
gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.2.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Add phase to patch
hard-coded openjpeg-2.1 path.
|
|
|
|
* gnu/packages/web.scm (perl-www-curl)[arguments]: Add 'set-search-path'
phase.
* gnu/packages/bioinformatics.scm (ngs-sdk)[arguments]: Augment
'configure' phase to set PERL5LIB.
* gnu/packages/image.scm (steghide)[arguments]: Add #:phases argument.
|
|
* gnu/packages/image.scm (libpng-apng)[arguments]: Check the return status of
the patching procedures.
|
|
Fixes <https://bugs.gnu.org/27556>.
* gnu/packages/image.scm (libpng-apng): Update to 1.6.28.
Remove inherit of 'libpng'.
[version]: Use own version, remove 'package-version libpng'.
[source]: Don't inherit the source of libpng.
[arguments]: Update hash of libpng-apng source.
Signed-off-by: Leo Famulari <leo@famulari.name>
|
|
|
|
* gnu/packages/patches/libtiff-tiffycbcrtorgb-integer-overflow.patch,
gnu/packages/patches/libtiff-tiffycbcrtorgbinit-integer-overflow.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them.
|
|
* gnu/packages/image.scm (libjpeg-turbo): Update to 1.5.2.
[arguments]<#:phases>: Remove.
|
|
* gnu/packages/patches/libtiff-CVE-2017-9936.patch,
gnu/packages/patches/libtiff-CVE-2017-10688.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them.
Signed-off-by: Leo Famulari <leo@famulari.name>
|
|
Suggested by Mark H Weaver
at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>.
* guix/packages.scm (<package>)[replacement]: Mark as "innate".
* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24)
(glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove
'replacement' field, which was set to #f.
* gnu/packages/commencement.scm (perl-boot0): Likewise.
* gnu/packages/fontutils.scm (graphite2/fixed): Likewise.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise.
* gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise.
* gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise.
* gnu/packages/icu4c.scm (icu4c/fixed): Likewise.
* gnu/packages/image.scm (libpng-apng): Likewise.
* gnu/packages/make-bootstrap.scm (%guile-static): Likewise.
* gnu/packages/pcre.scm (pcre/fixed): Likewise.
* gnu/packages/perl.scm (perl/fixed): Likewise.
* gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1)
(ruby-1.8): Likewise.
* gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise.
* gnu/packages/xml.scm (expat-2.2.1): Likewise.
|
|
|
|
This package contains many security vulnerabilities and is no longer maintained
upstream. See this discussion for more information:
https://lists.gnu.org/archive/html/guix-devel/2017-05/msg00478.html
* gnu/packages/image.scm (libwmf): Remove variable.
* gnu/packages/wv.scm (wv)[inputs]: Remove libwmf.
[arguments]: Remove field.
* gnu/packages/abiword.scm (abiword)[inputs]: Remove libwmf.
[source]: Remove patch 'abiword-wmf-version-lookup-fix.patch'.
* gnu/packages/patches/abiword-wmf-version-lookup-fix.patch,
gnu/packages/patches/libwmf-CAN-2004-0941.patch,
gnu/packages/patches/libwmf-CVE-2006-3376.patch,
gnu/packages/patches/libwmf-CVE-2007-0455.patch,
gnu/packages/patches/libwmf-CVE-2007-2756.patch,
gnu/packages/patches/libwmf-CVE-2007-3472.patch,
gnu/packages/patches/libwmf-CVE-2007-3473.patch,
gnu/packages/patches/libwmf-CVE-2007-3477.patch,
gnu/packages/patches/libwmf-CVE-2009-1364.patch,
gnu/packages/patches/libwmf-CVE-2009-3546.patch,
gnu/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch,
gnu/packages/patches/libwmf-CVE-2015-4695.patch,
gnu/packages/patches/libwmf-CVE-2015-4696.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
|
|
* gnu/packages/zip.scm (zip, unzip, zziplib, perl-zip): Move to...
* gnu/packages/compression.scm: ...here.
* gnu/packages/zip.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Unregister deleted file.
* po/packages/POTFILES.in: Unregister deleted file.
* gnu/packages/{audio, avr, bioinformatics, busybox, cdrom, ci, compression,
docbook, documentation, fonts, fpga, game-development, games, gl, gnome,
gnuzilla, graphics, guile, haskell, image, java, kodi, ldc, libreoffice,
markup, maths, mc, monitoring, music, php, pretty-print, python, scheme,
smalltalk, statistics, synergy, tex, textutils, video, web-browsers, xml,
zip}.scm, guix/build-system/{ant, font}.scm, guix/{download, packages}.scm:
Adapt module import.
|
|
|