summary refs log tree commit diff
path: root/gnu/packages/patches
AgeCommit message (Collapse)Author
2018-02-13gnu: mpv: Update to 0.28.1 [fixes CVE-2018-6360].Rutger Helling
* gnu/packages/video.scm (mpv): Update to 0.28.1.
2018-02-10gnu: libtasn1: Fix CVE-2018-6003.Leo Famulari
* gnu/packages/patches/libtasn1-CVE-2018-6003.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/tls.scm (libtasn1/fixed)[source]: Use it.
2018-02-10gnu: libtiff: Fix CVE-2017-{9935,11335,18013}.Leo Famulari
* gnu/packages/patches/libtiff-CVE-2017-9935.patch, gnu/packages/patches/libtiff-CVE-2017-11335.patch, gnu/packages/patches/libtiff-CVE-2017-18013.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff)[replacement]: New field. (libtiff/fixed): New variable.
2018-02-10gnu: Add java-xerces.Julien Lepiller
* gnu/packages/java.scm (java-xerces): New variable. * gnu/packages/patches/java-xerces-bootclasspath.patch: New file. * gnu/packages/patches/java-xerces-build_dont_unzip.patch: New file. * gnu/packages/patches/java-xerces-xjavac_taskdef.patch: New file. * gnu/local.mk (dist_patch_DATA): Add them.
2018-02-09gnu: emacs-browse-at-remote: Patch for GNU Cgit support.Oleg Pykhalov
* gnu/packages/patches/emacs-browse-at-remote-cgit-gnu.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/emacs.scm (emacs-browse-at-remote)[source](patches): Use it.
2018-02-09gnu: clementine: Remove Spotify downloader.Pierre Langlois
Clementine has a button in the preference menu that allows downloading a binary blob to add support for Spofify. Let's remove this button. It turns out this is the only part of the code base that uses crypto++, let's remove this dependency too. * gnu/packages/music.scm (clementine)[arguments]: Remove crypto++ support. Set HAVE_SPOTIFY_DOWNLOADER to FALSE. [inputs]: Remove crypto++ input. * gnu/packages/patches/clementine-remove-crypto++-dependency.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. Signed-off-by: Leo Famulari <leo@famulari.name>
2018-02-09gnu: zziplib: Update to 0.13.68.Marius Bakke
* gnu/packages/patches/zziplib-CVE-2017-5974.patch, gnu/packages/patches/zziplib-CVE-2017-5975.patch, gnu/packages/patches/zziplib-CVE-2017-5976.patch, gnu/packages/patches/zziplib-CVE-2017-5978.patch, gnu/packages/patches/zziplib-CVE-2017-5979.patch, gnu/packages/patches/zziplib-CVE-2017-5981.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/compression.scm (zziplib): Update to 0.13.68. [source](patches): Remove. [arguments]: Remove #:parallel-tests?. Set #:tests? #f.
2018-02-08gnu: mpv: Fix CVE-2018-6360.Alex Vong
* gnu/packages/patches/mpv-CVE-2018-6360-1.patch, gnu/packages/patches/mpv-CVE-2018-6360-2.patch, gnu/packages/patches/mpv-CVE-2018-6360-3.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/video.scm (mpv)[source]: Use them. Signed-off-by: Leo Famulari <leo@famulari.name>
2018-02-08gnu: libtirpc: Update to 1.0.2.Tobias Geerinckx-Rice
* gnu/packages/onc-rpc.scm (libtirpc): Update to 1.0.2. [patches]: Remove patch for fixed CVE. * gnu/packages/patches/libtirpc-CVE-2017-8779.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-02-08gnu: luajit: Update to 2.1.0-beta3.Tobias Geerinckx-Rice
* gnu/packages/lua.scm (luajit): Update to 2.1.0-beta3. [source]: Remove symlinks patch. * gnu/packages/patches/luajit-symlinks.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-02-07gnu: mupdf: Fix CVE-2017-17858.Leo Famulari
* gnu/packages/patches/mupdf-CVE-2017-17858.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pdf.scm (mupdf)[source]: Use it.
2018-02-06gnu: hwloc: Add 2.0.0.Ludovic Courtès
* gnu/packages/mpi.scm (hwloc-2.0): New variable. * gnu/packages/patches/hwloc-tests-without-sysfs.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2018-02-06gnu: gpsbabel: Update to 1.5.4 and fix build.Mathieu Othacehe
* gnu/packages/patches/gpsbabel-minizip.patch: New file. * gnu/packages/patches/gpsbabel-qstring.patch: New file. * gnu/local.mk (dist_patch_DATA): Update accordingly. * gnu/packages/gps.scm (gpsbabel): Update to 1.5.4, [source]: add two previous patches to fix build, [snippet]: remove "gpsbabel" directory excursion, [arguments]: ditto.
2018-02-05gnu: p7zip: Fix CVE-2017-17969.Leo Famulari
* gnu/packages/patches/p7zip-CVE-2017-17969.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/compression.scm (p7zip)[source]: Use it.
2018-01-31gnu: transmission: Update to 2.93.Leo Famulari
* gnu/packages/bittorrent.scm (transmission): Update to 2.93. [source]: Update URL and remove patch. * gnu/packages/patches/transmission-fix-dns-rebinding-vuln.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-31gnu: python-axolotl: Update to 0.1.39 and fix build.Adam Van Ymeren
python-axolotl has been failing since March, https://hydra.gnu.org/job/gnu/master/python-axolotl-0.1.35.x86_64-linux This also fixes the OMEMO and OTR plugins for Gajim work. * gnu/packages/patches/python-axolotl-AES-fix.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/python-crypto.scm (python-axolotl): Upgrade to 0.1.39. [source]: Use the patch. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2018-01-30gnu: rsync: Update to 3.1.3.Tobias Geerinckx-Rice
* gnu/packages/rsync.scm (rsync): Update to 3.1.3. [source]: Remove patches for fixed CVEs. [properties]: Remove field. * packages/patches/rsync-CVE-2017-16548.patch: Delete file. * packages/patches/rsync-CVE-2017-17433.patch: Delete file. * packages/patches/rsync-CVE-2017-17433-fix-tests.patch: Delete file. * packages/patches/rsync-CVE-2017-17434-pt1.patch: Delete file. * packages/patches/rsync-CVE-2017-17434-pt2.patch: Likewise. * gnu/local.mk (dist_patch_DATA): Remove them.
2018-01-26gnu: reposurgeon: Update to 3.43.Tobias Geerinckx-Rice
* gnu/packages/version-control.scm (reposurgeon): Update to 3.43. [source]: Add a patch needed to build the package. [arguments]: Add ‘patch-inputs’ phase. [native-inputs]: Replace docbook-xml-4.1.2 with the latest docbook-xml. [inputs]: Add tzdata. * gnu/packages/patches/reposurgeon-add-missing-docbook-files.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2018-01-25gnu: dovecot: Fix CVE-2017-15132.Leo Famulari
* gnu/packages/patches/dovecot-CVE-2017-15132.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/mail.scm (dovecot)[source]: Use it.
2018-01-25gnu: Update SELinux packages.Ricardo Wurmus
* gnu/packages/selinux.scm (libsepol): Update to 2.7, release 20170804. [source]: Fetch from git. (checkpolicy)[arguments]: Set LIBSEPOLA. (libselinux)[arguments]: Likewise; remove build phase "patch-libsepol-path". (python-sepolgen)[arguments]: Adjust directory name in "enter-dir". (python-setools): Update to 4.1.1. [source]: Fetch from git. (policycoreutils)[source]: Remove patch. [arguments]: Remove build phases "fix-glib-cflags", "fix-linkage-with-libsepol", "fix-target-paths", and "wrap-python-tools". [inputs]: Remove python-wrapper, python-sepolgen, python-setools, python-ipy, libcap-ng, pcre, dbus, dbus-glib, and glib. * gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-24gnu: icecat: Add more fixes from upstream mozilla-esr52.Mark H Weaver
Includes fixes for CVE-2018-5104, CVE-2018-5097, CVE-2018-5099, and the remaining 7 out of 21 changesets for CVE-2018-5089. * gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the upstream mozilla-esr52 repository. Remove the local spectre mitigation patch in favor of the (identical) changeset from upstream. * gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch: Delete. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-23gnu: libsndfile: Fix CVE-2017-12562.Leo Famulari
* gnu/packages/patches/libsndfile-CVE-2017-12562.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field. (libsndfile/fixed): New variable.
2018-01-23gnu: rtags: Fix the bundling issue.Fis Trivial
* gnu/packages/patches/rtags-separate-rct.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/code.scm (rtags): Dependencies no longer bundled. [source]: Use tarball release. Use the patch to link rct. Substitute corresponding headers. [native-inputs]: Add new dependencies. [inputs]: Likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2018-01-23gnu: rct: Add missing headers, enable RTTI.Fis Trivial
* gnu/packages/patches/rct-add-missing-headers.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/cpp.scm (rct): Use the patch, enable RTTI. [source]: Use the patch to add missing headers from installation. [arguments]: Enable RTTI in configure-flags. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2018-01-19gnu: libexif: Fix CVE-2016-6328.Leo Famulari
* gnu/packages/patches/libexif-CVE-2016-6328.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/photo.scm (libexif)[source]: Use it.
2018-01-19gnu: ninja: Update to 1.8.2.Tobias Geerinckx-Rice
* gnu/packages/ninja.scm (ninja): Update to 1.8.2. [source]: Remove upstreamed patch. [arguments]: Substitute INVOKE for SYSTEM*. Use standard indentation. * gnu/packages/patches/ninja-zero-mtime.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-18gnu: webkitgtk: Update to 2.18.5.Mark H Weaver
* gnu/packages/webkit.scm (webkitgtk): Update to 2.18.5. [source]: Remove patch. * gnu/packages/patches/webkitgtk-mitigate-spectre.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-18gnu: slurm: Update to 17.11.2.Tobias Geerinckx-Rice
* gnu/packages/parallel.scm (slurm): Update to 17.11.2. [source]: Replace patch with less fragile SUBSTITUTE* in a snippet. [arguments]: Rename ‘autogen’ phase to ‘autoconf’. Use INVOKE. * gnu/packages/patches/slurm-configure-remove-nonfree-contribs.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-18gnu: lxterminal: Update to 0.3.1.Tobias Geerinckx-Rice
* gnu/packages/lxde.scm (lxterminal): Update to 0.3.1. [source]: Remove patch for fixed CVE. [arguments]: No longer skip test suite which appear to be fixed. * gnu/packages/patches/lxterminal-CVE-2016-10369.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2018-01-16gnu: libxml2: Fix CVE-2017-15412.Leo Famulari
* gnu/packages/patches/libxml2-CVE-2017-15412.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xml.scm (libxml2/fixed)[source]: Use it.
2018-01-15gnu: Add emacs-json-reformat.Oleg Pykhalov
* gnu/packages/patches/emacs-json-reformat-fix-tests.patch: New file. * gnu/local.mk (dist_patch_DATA): Add this. * gnu/packages/emacs.scm (emacs-json-reformat): New variable.
2018-01-12gnu: transmission: Fix a DNS rebinding vulnerability that allows RCE.Leo Famulari
* gnu/packages/patches/transmission-fix-dns-rebinding-vuln.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/bittorrent.scm (transmission)[source]: Use it.
2018-01-12gnu: dtc: Update to 1.4.6.Tobias Geerinckx-Rice
* gnu/packages/bootloaders.scm (dtc): Update to 1.4.6. [source]: Remove both patches. * gnu/packages/patches/dtc-format-modifier.patch: Delete file. * gnu/packages/patches/dtc-32-bits-check.patch: Likewise. * gnu/local.mk (dist_patch_DATA): Remove both.
2018-01-11gnu: libvorbis: Fix CVE-2017-{14632,14633}.Leo Famulari
* gnu/packages/patches/libvorbis-CVE-2017-14632.patch, gnu/packages/patches/libvorbis-CVE-2017-14633.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/xiph.scm (libvorbis)[replacement]: New field. (libvorbis/fixed): New variable.
2018-01-11gnu: guile-bytestructures: Update to 1.0.1.amirouche
* gnu/package/guile.scm (guile-bytestructures): Update to 1.0.1. [source]: Use tarball from github instead of git. [build-system]: Use GNU-BUILD-SYSTEM. [arguments]: Remove. [navitve-inputs]: Add PKG-CONFIG. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2018-01-11gnu: newsbeuter: Deprecate in favour of newsboat.Tobias Geerinckx-Rice
* gnu/packages/syndication.scm (newsbeuter): Redefine using ‘deprecated-package’. * gnu/packages/patches/newsbeuter-CVE-2017-12904.patch: Delete file. * gnu/packages/patches/newsbeuter-CVE-2017-14500.patch: Likewise. * gnu/local.mk (dist_patch_DATA): Remove both.
2018-01-09gnu: perl-module-pluggable: Fix perms on patch.Eric Bavier
* gnu/packages/patches/perl-module-pluggable-search.patch: Remove executable bit.
2018-01-08gnu: ledger: Fix test failures.Eric Bavier
* gnu/packages/patches/ledger-revert-boost-python-fix.patch, gnu/packages/patches/ledger-fix-uninitialized.patch: New patches. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/finance.scm (ledger)[source]: Use them.
2018-01-07gnu: webkitgtk: Disable SharedArrayBuffers to mitigate Spectre.Mark H Weaver
* gnu/packages/patches/webkitgtk-mitigate-spectre.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/webkit.scm (webkitgtk)[source]: Add patch.
2018-01-06gnu: icecat: Add more fixes, including Spectre mitigation.Mark H Weaver
* gnu/packages/gnuzilla.scm (icecat)[source]: Add more fixes from the upstream mozilla-esr52 repository, plus a backported mitigation for Spectre from Firefox 57.0.4. * gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2018-01-04gnu: ao-cad: Update and fix for aarch64.Eric Bavier
* gnu/packages/patches/ao-cad-aarch64-support.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/engineering.scm (ao-cad)[source]: Use it. Update snapshot to fb288c9. Use VCS helpers for version and file-name. [arguments]: Add 'remove-native-compilation' phase.
2018-01-03gnu: fossil: Fix CVE-2017-17459.Leo Famulari
* gnu/packages/patches/fossil-CVE-2017-17459.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/version-control.scm (fossil)[source]: Use it.
2018-01-03gnu: httpd: Update to 2.4.29.Leo Famulari
* gnu/packages/web.scm (httpd): Update to 2.4.29. [source]: Remove patch. * gnu/packages/patches/httpd-CVE-2017-9798.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-12-31gnu: gimp: Fix CVE-2017-{17784,17785,17786,17787,17789}.Leo Famulari
* gnu/packages/patches/gimp-CVE-2017-17784.patch, gnu/packages/patches/gimp-CVE-2017-17785.patch, gnu/packages/patches/gimp-CVE-2017-17786.patch, gnu/packages/patches/gimp-CVE-2017-17787.patch, gnu/packages/patches/gimp-CVE-2017-17789.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/gimp.scm (gimp)[source]: Use them.
2017-12-30gnu: borg: Update to 1.1.4.Tobias Geerinckx-Rice
* gnu/packages/backup.scm (borg): Update to 1.1.4. [source]: Remove obsolete patch. Remove bundled lz4 and zstd. [inputs]: Add zstd. [arguments]: Build with input versions of lz4 and zstd. * gnu/packages/patches/borg-fix-archive-corruption-bug.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-12-27gnu: python-pillow: Fix test failures on i686-linux and armhf-linux.Kei Kebreau
* gnu/packages/patches/python-pillow-fix-failing-tests.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/python.scm (python-pillow)[source]: Use it.
2017-12-26gnu: icecat: Add more fixes from upstream mozilla-esr52.Mark H Weaver
* gnu/packages/gnuzilla.scm (icecat)[source]: Add selected fixes from the upstream mozilla-esr52 repository. * gnu/packages/patches/icecat-bug-1414945.patch, gnu/packages/patches/icecat-bug-1424373-pt2.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them.
2017-12-23gnu: chicken: Update to 4.13.0.Kei Kebreau
* gnu/packages/scheme.scm (chicken): Update to 4.13.0. [source]: Remove obsolete patches. * gnu/packages/patches/chicken-CVE-2017-6949.patch, gnu/packages/patches/chicken-CVE-2017-11343.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them.
2017-12-22gnu: python-pillow: Update to 4.3.0.Kei Kebreau
* gnu/packages/python.scm (python-pillow): Update to 4.3.0. [propagated-inputs]: Add python-olefile. * gnu/packages/patches/python-pillow-freetype-2.7-test-failure.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Kei Kebreau <kkebreau@posteo.net>
2017-12-21gnu: libgxps: Fix CVE-2017-11590.Leo Famulari
* gnu/packages/patches/libgxps-CVE-2017-11590.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnome.scm (libgxps)[source]: Use it.