summary refs log tree commit diff
path: root/gnu/packages/patches
AgeCommit message (Collapse)Author
2017-01-04gnu: mcrypt: Fix patches for CVE-2012-{4409,4527}.Leo Famulari
This fixes CVE-2012-{4409,4527}. This is a followup to commit fd1461879c63c608617d30524183a71370a7451c. * gnu/packages/patches/mcrypt-CVE-2012-4409.patch, gnu/packages/patches/mcrypt-CVE-2012-4527.patch: Apply the patches to the mcrypt source code.
2017-01-03gnu: slock: Update to 1.4.Alex Griffin
* gnu/packages/suckless.scm (slock): Update to 1.4. [source] Remove CVE-2016-6866 patch (no longer needed). * gnu/packages/patches/slock-CVE-2016-6866.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Leo Famulari <leo@famulari.name>
2017-01-03gnu: chicken: Fix CVE-2016-{6830,6831}.Kei Kebreau
* gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch: New file. * gnu/local.mk (dist_patch_DATA): Use it. * gnu/packages/scheme.scm (chicken)[source]: Use it.
2017-01-01gnu: python-dendropy: Update to 4.2.0.Ben Woodcroft
* gnu/packages/bioinformatics.scm (python-dendropy): Update to 4.2.0. [source]: Remove patch. (python2-dendropy)[source]: Use the same source as python-dendropy. * gnu/packages/patches/python-dendropy-exclude-failing-tests.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-12-30gnu: libpng: Mention CVE-2016-10087.Leo Famulari
* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: Rename to ... * gnu/packages/patches/libpng-CVE-2016-10087.patch: ... this. * gnu/local.mk (dist_patch_DATA): Adjust. * gnu/packages/image.scm (libpng/fixed)[source]: Use renamed patch.
2016-12-30gnu: multiqc: Update to 0.9.Ben Woodcroft
Suggested by Raoul Bonnal <ilpuccio.febo@gmail.com>. * gnu/packages/bioinformatics.scm (multiqc): Update to 0.9. [origin]: Add patch. * gnu/packages/patches/multiqc-fix-git-subprocess-error.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2016-12-29gnu: libpng: Fix a null pointer dereference [fixes security issue].Leo Famulari
* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libpng)[replacement]: New field. (libpng/fixed): New variable.
2016-12-26gnu: awesome: Update to 4.0.ng0
* gnu/packages/wm.scm (awesome): Update to 4.0. [source]: Adjust URL. [inputs]: Add xcb-util-xrm and libxkbcommon. * gnu/packages/patches/awesome-reproducible-png.patch: Adjust patch. Signed-off-by: Leo Famulari <leo@famulari.name>
2016-12-24gnu: libxml2: Fix CVE-2016-5131.Leo Famulari
* gnu/packages/patches/libxml2-CVE-2016-5131.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xml.scm (libxml2/fixed)[source]: Add it.
2016-12-24gnu: libxml2: Fix CVE-2016-4658.Leo Famulari
* gnu/packages/xml.scm (libxml2)[replacement]: New field. (libxml2/fixed): New variable. * gnu/packages/patches/libxml2-CVE-2016-4658.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
2016-12-22gnu: gnupg: Fix build on 32-bit architectures.Marius Bakke
* gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/gnupg.scm (gnupg)[source]: Use it.
2016-12-21gnu: qemu: Update to 2.8.0.Efraim Flashner
* gnu/packages/qemu.scm (qemu): Update to 2.8.0. [source]: Remove patches. [arguments]: Set host_cc during 'configure. * gnu/packages/patches/qemu-CVE-2016-8576.patch, gnu/packages/patches/qemu-CVE-2016-8577.patch, gnu/packages/patches/qemu-CVE-2016-8577.patch: Remove files. * gnu/local.mk (dist_patch_DATA): Remove them.
2016-12-19gnu: kdbusaddons: Embed kinit store dir, avoid dependency cycles.Thomas Danckaert
kdbusaddons needs to know the location of the kdeinit5 executable, provided by kinit. kinit depends on kdbusaddons, so we add bootstrap versions of all packages in the dependency chain from kinit to kdbusaddons to avoid cyclic dependencies. * gnu/packages/kde-frameworks.scm (kinit-bootstrap, kdbusaddons-bootstrap): New variables. (kdbusaddons)[inputs]: Add kinit-bootstrap. [source,arguments]: Add patch and substitution to embed kinit-bootstrap's store directory in the code. * gnu/packages/patches/kdbusaddons-kinit-file-name.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2016-12-19gnu: openssh: Update to 7.4p1.Leo Famulari
* gnu/packages/ssh.scm (openssh): Update to 7.4p1. [source]: Remove 'openssh-memory-exhaustion.patch'. * gnu/packages/patches/openssh-memory-exhaustion.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-12-16gnu: libupnp: Fix CVE-2016-8863.Leo Famulari
* gnu/packages/patches/libupnp-CVE-2016-8863.patch: New file. * gnu/local.mk (dist_patch_DATA): Use it. * gnu/packages/libupnp.scm (libupnp)[source]: Use it.
2016-12-13gnu: onionshare: Update to 0.9.2 (fixes CVE-2016-5026).Efraim Flashner
* gnu/packages/tor.scm (onionshare): Update to 0.9.2. [source]: Remove patch. [arguments]: Update substitutions for new version. * gnu/packages/patches/onionshare-fix-install-paths.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-12-12gnu: cssc: Update to 1.4.0.Tobias Geerinckx-Rice
* gnu/packages/version-control.scm (cssc): Update to 1.4.0. [source]: Remove unneeded patches (i.e. all of them). * gnu/packages/patches/cssc-gets-undeclared.patch: Delete file. * gnu/packages/patches/cssc-missing-include.patch: Likewise. * gnu/local.mk (dist_patch_DATA): Remove deleted patches.
2016-12-10Merge branch 'master' into stagingMark H Weaver
2016-12-10gnu: Remove unused patch.Efraim Flashner
* gnu/packages/patches/openjpeg-CVE-2015-6581.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-12-10gnu: openjpeg: Add fixes for CVE-2016-{9850,9851}.Efraim Flashner
* gnu/packages/image.scm (openjpeg)[replacement]: New field. (openjpeg/fixed): New variable, patch against CVE-2016-9850, CVE-2016-9851. * gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2016-12-09Merge remote-tracking branch 'origin/master' into stagingLudovic Courtès
2016-12-09gnu: libepoxy: Add patch to avoid segfault when GL support is missing.Ludovic Courtès
* gnu/packages/patches/libepoxy-gl-null-checks.patch: New file. * gnu/packages/gl.scm (libepoxy)[source]: Add it. * gnu/local.mk (dist_patch_DATA): Add it.
2016-12-08gnu: tcsh: Fix out of bounds read.Leo Famulari
* gnu/packages/patches/tcsh-fix-out-of-bounds-read.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/shells.scm (tcsh)[replacement]: New field. (tcsh/fixed): New variable.
2016-12-07gnu: readline: support mingw.Jan Nieuwenhuizen
* gnu/packages/patches/readline-7.0-mingw.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/readline.scm (readline): Support MinGW.
2016-12-07gnu: Add mingw-w64.Jan Nieuwenhuizen
* gnu/packages/patches/gcc-4.9.3-mingw-gthr-default.patch, gnu/packages/patches/mingw-w64-5.0rc2-gcc-4.9.3.patch, gnu/packages/mingw.scm: New files. * gnu/local.mk (dist_patch_DATA): Add the patches. (GNU_SYSTEM_MODULES): Add mingw.scm.
2016-12-06gnu: httpd: Add fix for CVE-2016-8740.Efraim Flashner
* gnu/packages/web.scm (httpd)[source]: Add patch for CVE-2016-8740. * gnu/packages/patches/httpd-CVE-2016-8740.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2016-12-06gnu: Add seq24.Ricardo Wurmus
* gnu/packages/music.scm (seq24): New variable. * gnu/packages/patches/seq24-rename-mutex.patch: New file. * gnu/local.mk (dist_patch_DATA): Register patch.
2016-12-04gnu: mupdf: Update to 1.10a.Marius Bakke
* gnu/packages/patches/mupdf-CVE-2016-6265.patch: Delete file. * gnu/packages/patches/mupdf-CVE-2016-6525.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-7504.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-7505.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-7506.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-7563.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-7564.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-8674.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-9017.patch: Likewise. * gnu/packages/patches/mupdf-CVE-2016-9136.patch: Likewise. * gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch: Adjust to 1.10a. * gnu/local.mk (dist_patch_DATA): Remove deleted patches. * gnu/packages/pdf.scm (mupdf): Update to 1.10a. [source]: Remove patches.
2016-12-04Merge branch 'master' into stagingMarius Bakke
2016-12-03gnu: icecat: Update to 45.5.1-gnu1.Mark H Weaver
* gnu/packages/gnuzilla.scm (icecat): Update to 45.5.1-gnu1. [source]: Remove temporary URI for 45.3 beta. Fix URI computation. Remove outdated patches. Add more cherry-picked bug fixes from upstream mozilla-esr45. Use 'list' instead of quasiquote in 'patches' field.
2016-12-03gnu: Add fcgi.Ricardo Wurmus
* gnu/packages/patches/fcgi-2.4.0-gcc44-fixes.patch: New file. * gnu/packages/patches/fcgi-2.4.0-poll.patch: New file. * gnu/local.mk (dist_patch_DATA): Register patches. * gnu/packages/web.scm (fcgi): New variable.
2016-12-01gnu: vtk: Upgrade to 7.1.0.Eric Bavier
* gnu/packages/vtk.scm (vtk): Upgrade to 7.1.0. [source]: Remove patches. Use version-major+minor. * gnu/packages/patches/vtk-mesa-10.patch: Delete patch. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-12-01gnu: netcdf: Upgrade to 4.4.1.1.Eric Bavier
* gnu/packages/maths.scm (netcdf, netcdf-parallel-openmpi): Upgrade to 4.4.1.1. [source]: Adjust patch name, add netcdf-tst_h_par.patch * gnu/packages/patches/netcdf-config.date.patch: Rename to... * gnu/packages/patches/netcdf-date-time.patch: ...this. Adjust for latest source. * gnu/packages/patches/netcdf-tst_h_par.patch: New patch. * gnu/local.mk (dist_patch_DATA): Adjust patches.
2016-12-01gnu: gst-plugins-good: Update to 1.10.2.Efraim Flashner
* gnu/packages/gstreamer.scm (gst-plugins-good): Update to 1.10.2. [source]: Remove patches. * gnu/packages/patches/gst-plugins-good-fix-crashes.patch, gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch, gnu/packages/patches/gst-plugins-good-fix-signedness.patch, gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch: Remove files. * gnu/local.mk (dist_patch_DATA): Remove them.
2016-12-01gnu: nasm: Switch patch to phase.Efraim Flashner
* gnu/packages/assembly.scm (nasm)[source]: Remove patch. [arguments]: Disable ps and pdf doc outputs in new phase. * gnu/packages/patches/nasm-no-ps-pdf.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-11-30Merge branch 'master' into stagingMarius Bakke
2016-11-29Merge branch 'master' into python-build-systemHartmut Goebel
2016-11-29gnu: cairo: Fix CVE-2016-9082.Efraim Flashner
* gnu/packages/gtk.scm (cairo)[replacement]: New field. (cairo/fixed): New variable. (cairo-xcb)[source]: Use patch. [replacement]: New field, set false. * gnu/packages/pdf.scm (poppler)[inputs]: Custom cairo should be replaced by a new custom patched cairo. * gnu/packages/patches/cairo-CVE-2016-9082.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2016-11-27gnu: python-rarfile: Update to 2.8.Leo Famulari
* gnu/packages/python.scm (python-rarfile, python2-rarfile): Update to 2.8. [source]: Remove obsolete patch. * gnu/packages/patches/python-rarfile-fix-tests.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2016-11-27gnu: gcj: Correct paths in ARM patch.Ricardo Wurmus
* gnu/packages/patches/gcj-arm-mode.patch: Strip directories.
2016-11-27gnu: gcj: Fix build on armhf.Ricardo Wurmus
* gnu/packages/patches/gcj-arm-mode.patch: New file. * gnu/local.mk (dist_patch_DATA): Add patch. * gnu/packages/gcc.scm (gcj): Add patch. [arguments]: Delete failing tests.
2016-11-26gnu: cyrus-sasl: Fix CVE-2013-4122.Leo Famulari
* gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field. (cyrus-sasl/fixed): New variable. [source]: Use patch.
2016-11-26gnu: gst-plugins-good: Fix CVE-2016-{9634,9635,9636} and other security issues.Leo Famulari
* gnu/packages/patches/gst-plugins-good-fix-crashes.patch, gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch, gnu/packages/patches/gst-plugins-good-fix-signedness.patch, gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/gstreamer.scm (gst-plugins-good): Use them.
2016-11-25gnu: ldc: Update to 0.17.2.Danny Milosavljevic
* gnu/packages/ldc.scm (ldc): Update to 0.17.2. * gnu/packages/patches/ldc-disable-tests.patch: Fix timezone file name. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2016-11-25Merge branch 'master' into python-build-systemLeo Famulari
2016-11-23gnu: libtiff: Update to 4.0.7.Leo Famulari
* gnu/packages/image.scm (libtiff): Update to 4.0.7. [source]: Update URL and remove obsolete patches. [home-page]: Update URL. [native-inputs]: Add gcc-5. (libtiff-4.0.7): Delete variable. * gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch, gnu/packages/patches/libtiff-CVE-2016-3623.patch, gnu/packages/patches/libtiff-CVE-2016-3945.patch, gnu/packages/patches/libtiff-CVE-2016-3990.patch, gnu/packages/patches/libtiff-CVE-2016-3991.patch, gnu/packages/patches/libtiff-CVE-2016-5314.patch, gnu/packages/patches/libtiff-CVE-2016-5321.patch, gnu/packages/patches/libtiff-CVE-2016-5323.patch, gnu/packages/patches/libtiff-oob-accesses-in-decode.patch, gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them.
2016-11-23Merge branch 'master' into stagingLeo Famulari
2016-11-22gnu: Add 'lvm2-static'.Ludovic Courtès
* gnu/packages/patches/lvm2-static-link.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/linux.scm (lvm2)[source](patches): New field. (lvm2-static): New variable.
2016-11-22gnu: libtiff: Update replacement to 4.0.7.Leo Famulari
* gnu/packages/image.scm (libtiff)[replacement]: Update to 4.0.7. (libtiff-4.0.7): New variable. Update home-page and source URLs. (libtiff/fixed): Delete variable. * gnu/packages/patches/libtiff-CVE-2016-5652.patch, gnu/packages/patches/libtiff-CVE-2016-9273.patch, gnu/packages/patches/libtiff-CVE-2016-9297.patch, gnu/packages/patches/libtiff-CVE-2016-9448.patch, gnu/packages/patches/libtiff-uint32-overflow.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them.
2016-11-21gnu: libtiff: Fix URL in 'libtiff-uint32-overflow.patch'.Leo Famulari
* gnu/packages/patches/libtiff-uint32-overflow.patch: Fix URL.