summary refs log tree commit diff
path: root/gnu/packages/patches
AgeCommit message (Collapse)Author
2017-08-31gnu: libxml2: Fix CVE-2017-{0663,7375,7376,9047,9048,9049,9050}.Alex Vong
* gnu/packages/patches/libxml2-CVE-2017-0663.patch, gnu/packages/patches/libxml2-CVE-2017-7375.patch, gnu/packages/patches/libxml2-CVE-2017-7376.patch, gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch, gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/xml.scm (libxml2)[replacement]: New field. (libxml2/fixed): New variable. Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-31gnu: ruby-2.2.7: Fix CVE-2017-{0899,0900,0901,0902}.Ben Woodcroft
* gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ruby.scm (ruby-2.2.7)[source]: Use it.
2017-08-31gnu: ruby-2.3.4: Fix CVE-2017-{0899,0900,0901,0902}.Ben Woodcroft
* gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ruby.scm (ruby-2.3.4)[source]: Use it.
2017-08-31gnu: ruby-2.4.1: Fix CVE-2017-{0899,0900,0901,0902}.Ben Woodcroft
* gnu/packages/patches/ruby-rubygems-2612-ruby24.patch, gnu/packages/patches/ruby-rubygems-2613-ruby24.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/ruby.scm (ruby-2.4.1)[source]: Use them.
2017-08-31gnu: metabat: Update to 2.11.3.Ben Woodcroft
* gnu/packages/bioinformatics.scm (metabat): Update to 2.11.3. [source]: Use git-fetch. Remove boost-related patch. * gnu/packages/patches/metabat-fix-boost-issue.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-31gnu: gd: Replace with 2.2.5.Marius Bakke
Fixes CVE-2017-6362 and CVE-2017-7890. * gnu/packages/gd.scm (gd)[replacement]: New field. (gd-2.2.5): New variable. * gnu/packages/php.scm (gd-for-php): Remove variable (php)[inputs]: Replace GD-FOR-PHP with GD-2.2.5. * gnu/packages/patches/gd-CVE-2017-7890.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-30gnu: qemu: Update to 2.10.0.Marius Bakke
* gnu/packages/patches/qemu-CVE-2017-10664.patch, gnu/packages/patches/qemu-CVE-2017-10806.patch, gnu/packages/patches/qemu-CVE-2017-10911.patch, gnu/packages/patches/qemu-CVE-2017-11334.patch, gnu/packages/patches/qemu-CVE-2017-11434.patch, gnu/packages/patches/qemu-CVE-2017-12809.patch: gnu/packages/patches/qemu-CVE-2017-7493.patch, gnu/packages/patches/qemu-CVE-2017-8112.patch, gnu/packages/patches/qemu-CVE-2017-8309.patch, gnu/packages/patches/qemu-CVE-2017-8379.patch, gnu/packages/patches/qemu-CVE-2017-8380.patch, gnu/packages/patches/qemu-CVE-2017-9524.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/virtualization.scm (qemu): Update to 2.10.0. [source](patches): Remove.
2017-08-30gnu: multiqc: Update to 1.2.Ricardo Wurmus
* gnu/packages/bioinformatics.scm (multiqc): Update to 1.2. [source]: Remove patches. [arguments]: Remove to enable tests. [propagated-inputs]: Add python-spectra, python-requests, python-markdown, python-lzstring. * gnu/packages/patches/multiqc-fix-git-subprocess-error.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-29Update e-mail for Kei Kebreau.Kei Kebreau
* .mailmap: Map kei@openmailbox.org to current address. * gnu/local.mk: Replace kei@openmailbox.org to current address. * gnu/packages/backup.scm: Likewise. * gnu/packages/calendar.scm: Likewise. * gnu/packages/check.scm: Likewise. * gnu/packages/compression.scm: Likewise. * gnu/packages/documentation.scm: Likewise. * gnu/packages/emacs.scm: Likewise. * gnu/packages/fltk.scm: Likewise. * gnu/packages/freedesktop.scm: Likewise. * gnu/packages/game-development.scm: Likewise. * gnu/packages/games.scm: Likewise. * gnu/packages/gnome.scm: Likewise. * gnu/packages/gnustep.scm: Likewise. * gnu/packages/gtk.scm: Likewise. * gnu/packages/hexedit.scm: Likewise. * gnu/packages/image.scm: Likewise. * gnu/packages/maths.scm: Likewise. * gnu/packages/music.scm: Likewise. * gnu/packages/xfce.scm: Likewise. * gnu/packages/python.scm: Likewise. * gnu/packages/tcl.scm: Likewise. * gnu/packages/textutils.scm: Likewise. * gnu/packages/video.scm: Likewise. * gnu/packages/w3m.scm: Likewise. * gnu/packages/web.scm: Likewise. * gnu/packages/web-browsers.scm: Likewise. * gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch: Likewise.
2017-08-27gnu: libzip: Fix CVE-2017-12858.Leo Famulari
* gnu/packages/patches/libzip-CVE-2017-12858.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/compression.scm (libzip)[source]: Use it.
2017-08-27gnu: wxwidgets: Update to 3.0.3.Leo Famulari
* gnu/packages/wxwidgets.scm (wxwidgets): Update to 3.0.3. [source]: Remove 'wxwidgets-fix-windowGTK.patch'. * gnu/packages/patches/wxwidgets-fix-windowGTK.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-26Merge branch 'core-updates'Marius Bakke
2017-08-23gnu: qemu: Fix CVE-2017-12809.Efraim Flashner
* gnu/packages/virtualization.scm (qemu)[source]: Add patch. * gnu/packages/patches/qemu-CVE-2017-12809.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2017-08-23gnu: openjpeg: Fix CVE-2017-12982.Efraim Flashner
* gnu/packages/image.scm (openjepg)[source]: Add patch. * gnu/packages/patches/openjpeg-CVE-2017-12982.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2017-08-21Merge branch 'master' into core-updatesMarius Bakke
2017-08-20gnu: graphicsmagick: Fix CVE-2017-{12935,12936,12937}.Kei Kebreau
* gnu/packages/patches/graphicsmagick-CVE-2017-12935.patch, gnu/packages/patches/graphicsmagick-CVE-2017-12936.patch, gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/imagemagick.scm (graphicsmagick)[source]: Use them.
2017-08-19gnu: lz4: Update to 1.8.0.Tobias Geerinckx-Rice
* gnu/packages/compression.scm (lz4): Update to 1.8.0. Fix typo in comment. [source]: Remove patch. * gnu/packages/patches/lz4-fix-test-failures.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-18gnu: newsbeuter: Fix CVE-2017-12904.Leo Famulari
* gnu/packages/patches/newsbeuter-CVE-2017-12904.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/syndication.scm (newsbeuter)[source]: Use it.
2017-08-18gnu: python-pygit2: Update to 0.26.0.Marius Bakke
* gnu/packages/python.scm (python-pygit2): Update to 0.26.0. * gnu/packages/patches/python-pygit2-disable-network-tests.patch: Skip one more test. Use unittest.skipIf instead of deleting sections.
2017-08-18gnu: freerdp: Revert to version 1.1.Thomas Danckaert
* gnu/packages/rdesktop.scm (freerdp) [version, source]: Revert to upstream branch 1.1. [inputs]: Use ffmpeg-2.8. * gnu/packages/gnome.scm (vinagre): Add patches required to build against freerdp branch 1.1. * gnu/packages/patches/vinagre-revert-1.patch, gnu/packages/patches/vinagre-revert-2.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them.
2017-08-18gnu: xf86-video-siliconmotion: Fix building on aarch64.Efraim Flashner
* gnu/packages/xorg.scm (xf86-video-siliconmotion)[source]: Add patch. * gnu/packages/patches/xf86-video-siliconmotion-fix-ftbfs.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2017-08-17gnu: rpm: Update to 4.13.0.1.Eric Bavier
* gnu/packages/package-management.scm (rpm): Update to 4.13.0.1 [source]: Remove patch. Use 'version-major+minor' for url. * gnu/packages/patches/rpm-CVE-2014-8118.patch: Delete patch. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-17gnu: python-cython: Update to 0.26.Efraim Flashner
* gnu/packages/python.scm (python-cython, python2-cython): Update to 0.26. [source]: Remove patch. * gnu/packages/patches/python-cython-fix-tests-32bit.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-15gnu: bcftools: Fix building on aarch64.Efraim Flashner
* gnu/packages/patches/bcftools-regidx-unsigned-char.patch: New file. * gnu/packages/bioinformatics.scm (bcftools)[source]: Use it. * gnu/local.mk (dist_patch_DATA): Register it.
2017-08-15Merge branch 'master' into core-updatesMark H Weaver
2017-08-15gnu: e2fsprogs: Update to 1.43.5.Marius Bakke
* gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/linux.scm (e2fsprogs): Update to 1.43.5. [source]: Use patch.
2017-08-14gnu: cvs: Fix CVE-2017-12836.Leo Famulari
* gnu/packages/patches/cvs-2017-12836.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/version-control.scm (cvs)[source]: Use it.
2017-08-13gnu: qemu: Fix CVE-2017-{10664,10806,10911,11434}.Alex Vong
* gnu/packages/patches/qemu-CVE-2017-10664.patch, gnu/packages/patches/qemu-CVE-2017-10806.patch, gnu/packages/patches/qemu-CVE-2017-10911.patch, gnu/packages/patches/qemu-CVE-2017-11434.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/virtualization.scm (qemu)[source]: Use them. Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-13gnu: curl: Fix i686 test failure.Marius Bakke
* gnu/packages/patches/curl-bounds-check.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/curl.scm (curl-7.55.0)[source]: Use it.
2017-08-12gnu: catdoc: Fix CVE-2017-11110.Alex Vong
* gnu/packages/patches/catdoc-CVE-2017-11110.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/textutils.scm (catdoc)[source]: Use it. Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2017-08-11Merge branch 'master' into core-updatesMark H Weaver
2017-08-10gnu: openjpeg: Update to 2.2.0 [security fixes].Marius Bakke
In addition to the patches we already had (which are not mentioned in the ChangeLog, but verified by following their respective GitHub issues) this release also fixes CVE-2016-9112, CVE-2016-5139, CVE-2016-5152, CVE-2016-5158, CVE-2016-5159, CVE-2016-1626 and CVE-2016-1628. See <https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md> for details. * gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch, gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/image.scm (openjpeg): Update to 2.2.0. [source](patches): Remove. * gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Add phase to patch hard-coded openjpeg-2.1 path.
2017-08-09Merge branch 'master' into core-updatesMark H Weaver
2017-08-08gnu: ruby-puma: Update to 3.9.1.Ben Woodcroft
* gnu/packages/ruby.scm (ruby-puma): Update to 3.9.1. [source]: Remove patch. [arguments]: Disable tests. [native-inputs]: Remove field. * gnu/packages/patches/ruby-puma-ignore-broken-test.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-07Merge branch 'master' into core-updatesMark H Weaver
2017-08-07gnu: texlive: Update to 2017.Leo Famulari
* gnu/packages/tex.scm (texlive, texlive-texmf): Update to 2017. (texlive-texmf-src): Update to 20170524. Remove 'texlive-texmf-CVE-2016-10243.patch'. (texlive-bin, texlive-extra-src): Update to 20170524. * gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-07gnu: ntfs-3g: Update to 2017.3.23.Tobias Geerinckx-Rice
* gnu/packages/linux.scm (ntfs-3g): Update to 2017.3.23. [source]: Remove patch. * gnu/packages/patches/ntfs-3g-CVE-2017-0358.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-06Merge branch 'master' into core-updatesMark H Weaver
2017-08-06gnu: libtasn1: Add replacement to fix CVE-2017-10790.Mark H Weaver
Based on commit 01a61d7040b1794f36547b107abce6e967d59f21 by Leo Famulari <leo@famulari.name>. * gnu/packages/patches/libtasn1-CVE-2017-10790.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/tls.scm (libtasn1)[replacement]: New field. (libtasn1/fixed): New variable.
2017-08-05gnu: libtasn1: Fix CVE-2017-10790.Leo Famulari
* gnu/packages/patches/libtasn1-CVE-2017-10790.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/tls.scm (libtasn1/fixed)[source]: Use it.
2017-08-04gnu: php: Update to 7.1.8.Julien Lepiller
* gnu/packages/patches/gd-CVE-2017-7890.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it * gnu/packages/php.scm (php): Update to 7.1.8.
2017-08-04gnu: fabric: Update to 1.13.2.Tobias Geerinckx-Rice
* gnu/packages/admin.scm (fabric): Update to 1.13.2. Remove outdated comments. [source]: Remove ‘patches’. * gnu/packages/patches/fabric-tests.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-08-02gnu: glibc@2.22: Fix security issues.Efraim Flashner
Fixes CVE-2015-{5180,7547}, CVE-2016-{3075,3706,4429}. * gnu/packages/base.scm (glibc@2.22)[source]: Add patches. * gnu/packages/patches/glibc-CVE-2015-7547.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2017-08-02gnu: glibc@2.23: Fix CVE-2015-5180, CVE-2016-{3075,3706,4429}.Efraim Flashner
* gnu/packages/base.scm (glibc@2.23)[source]: Add patches. * gnu/packages/patches/glibc-CVE-2016-3075.patch, gnu/packages/patches/glibc-CVE-2016-3706.patch, gnu/packages/patches/glibc-CVE-2016-4429.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
2017-08-02gnu: glibc@2.24: Fix CVE-2015-5180.Efraim Flashner
* gnu/packages/base.scm (glibc@2.24)[source]: Add patch. * gnu/packages/patches/glibc-CVE-2015-5180.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2017-08-01Merge branch 'master' into core-updatesMarius Bakke
2017-08-01gnu: guile-ssh: Update to 0.11.2.Ludovic Courtès
* gnu/packages/ssh.scm (guile-ssh): Update to 0.11.2. [source]: Remove 'patches', 'modules', and 'snippet'. * gnu/packages/patches/guile-ssh-channel-finalization.patch, gnu/packages/patches/guile-ssh-double-free.patch, gnu/packages/patches/guile-ssh-rexec-bug.patch: Remove. * gnu/local.mk (dist_patch_DATA): Remove them.
2017-08-01gnu: python-pbr-minimal: Update to 3.0.1Muriithi Frederick Muriuki
* gnu/packages/python.scm (python-pbr-minimal): Update to 3.0.1 [source]: Update hash and remove patch. * gnu/packages/patches/python-pbr-fix-man-page-support.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2017-07-31gnu: libgit2: Update to 0.26.0.Ludovic Courtès
* gnu/packages/version-control.scm (libgit2): Update to 0.26.0. Remove "libgit2-use-after-free.patch". * gnu/packages/patches/libgit2-use-after-free.patch: Remove. * gnu/local.mk (dist_patch_DATA): Remove it.
2017-07-29gnu: erlang: Fix man-pages search path of 'erl -man'.Peter Mikkelsen
* gnu/packages/patches/erlang-man-path.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/erlang.scm (erlang)[source]: Use it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>