summary refs log tree commit diff
path: root/gnu/packages/patches
AgeCommit message (Collapse)Author
2016-03-22gnu: webkitgtk-2.4: Update to 2.4.10 [fixes many security flaws].Mark H Weaver
Fixes CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081, CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801, CVE-2015-5809, CVE-2015-5822, and CVE-2015-5928. * gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/webkit.scm (webkitgtk-2.4): Update to 2.4.10. [source]: Remove patch.
2016-03-22Merge branch 'security-updates'Ludovic Courtès
2016-03-18gnu: Add python-rarfile.Leo Famulari
* gnu/packages/python.scm (python-rarfile, python2-rarfile): New variables. * gnu/packages/patches/python-rarfile-fix-tests.patch: New file. * gnu-system.am (dist_patch_DATA): Add it.
2016-03-17gnu: libotr: Fix tests on mips64el.Mark H Weaver
* gnu/packages/patches/libotr-test-auth-fix.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/messaging.scm (libotr)[source]: Add patch.
2016-03-15Merge branch 'master' into security-updatesMark H Weaver
2016-03-15gnu: gitolite: Update to 3.6.5.Efraim Flashner
* gnu/packages/version-control.scm (gitolite): Update to 3.6.5. [source]: Remove patch. * gnu/packages/patches/gitolite-openssh-6.8-compat.patch: Remove file. * gnu-system.am (dist_patch_DATA): Remove it.
2016-03-12Merge branch 'master' into security-updatesMark H Weaver
2016-03-12gnu: mupdf: Simplify package.Andreas Enge
* gnu/packages/pdf.scm (mupdf)[source]: Drop patch and part of snippet modifying permissions of files added by the patch. [arguments]: Use #:make-flags instead of modified build and install phases. Drop superfluous module inclusion. Use modify-phases syntax. * gnu/packages/patches/mupdf-buildsystem-fix.patch: Remove patch. * gnu-system.am (dist_patch_DATA): Unregister patch.
2016-03-11gnu: vorbis-tools: Patch buffer overflow [fixes CVE-2015-6749].Ludovic Courtès
* gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/xiph.scm (vorbis-tools)[source]: Use it.
2016-03-10gnu: icecat: Add several security fixes.Mark H Weaver
* gnu/packages/patches/icecat-CVE-2015-4477.patch, gnu/packages/patches/icecat-CVE-2015-7207.patch, gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch, gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch, gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch, gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch, gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch, gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch, gnu/packages/patches/icecat-CVE-2016-1954.patch, gnu/packages/patches/icecat-CVE-2016-1960.patch, gnu/packages/patches/icecat-CVE-2016-1961.patch, gnu/packages/patches/icecat-CVE-2016-1962.patch, gnu/packages/patches/icecat-CVE-2016-1964.patch, gnu/packages/patches/icecat-CVE-2016-1965.patch, gnu/packages/patches/icecat-CVE-2016-1966.patch, gnu/packages/patches/icecat-CVE-2016-1974.patch, gnu/packages/patches/icecat-bug-1248851.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2016-03-09gnu: openssl: Update to 1.0.2g.Ludovic Courtès
* gnu/packages/tls.scm (openssl)[replacement]: Remove. [version, source]: Bump to 1.0.2g. Use "openssl-c-rehash-in.patch" instead of "openssl-c-rehash.patch". (openssl-1.0.2g): Remove. * gnu-system.am (dist_patch_DATA): Remove "openssl-c-rehash.patch".
2016-03-08gnu: jasper: Add fixes for CVE-2016-1577, CVE-2016-2089, CVE-2016-2116.Efraim Flashner
* gnu/packages/patches/jasper-CVE-2016-1557.patch, gnu/packages/patches/jasper-CVE-2016-2089.patch, gnu/packages/patches/jasper-CVE-2016-2116.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (jasper)[source]: Add patches.
2016-03-05gnu: Add einstein.Andreas Enge
* gnu/packages/games.scm (einstein): New variable. * gnu/packages/patches/einstein-build.patch: New file. * gnu-system.am (dist_patch_DATA): Register patch.
2016-03-03gnu: perl: Replace with patched version [fixes CVE-2016-2381].Leo Famulari
* gnu/packages/patches/perl-CVE-2016-2381.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/perl.scm (perl)[replacement]: New field. (perl-fixed): New variable. * gnu/packages/commencement.scm (perl-boot0)[replacement]: New field.
2016-03-02gnu: Add procmail.Lukas Gradl
* gnu/packages/patches/procmail-ambiguous-getline-debian.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/mail.scm (procmail): New variable. Signed-off-by: Leo Famulari <leo@famulari.name>
2016-03-02gnu: icecat: Update bundled graphite2 to 1.3.6 [unspecified security fixes].Mark H Weaver
* gnu/packages/patches/icecat-update-graphite2-pt2.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.
2016-03-01gnu: ilmbase: Add patch to fix build on i686.Leo Famulari
Fixes <http://bugs.gnu.org/22049>. * gnu/packages/patches/ilmbase-fix-tests.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/graphics.scm (ilmbase)[source]: Add patch.
2016-03-01gnu: openssl: Replace with 1.0.2g [fixes ↵Ludovic Courtès
CVE-2016-{0800,0705,0798,0797,0799,0702,0703,0704}]. See <http://openssl.org/news/secadv/20160301.txt>. Also fixes <http://bugs.gnu.org/22831>. * gnu/packages/patches/openssl-c-rehash-in.patch: New file. * gnu/packages/tls.scm (openssl)[replacement]: New field. (openssl-1.0.2g): New variable.
2016-02-27gnu: bitlbee: Update to 3.4.1.Mark H Weaver
* gnu/packages/patches/bitlbee-configure-doc-fix.patch: Delete file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/messaging.scm (bitlbee): Update to 3.4.1. [source]: Remove patch.
2016-02-27gnu: scribus: Update to 1.5.1.Ricardo Wurmus
* gnu/packages/scribus.scm (scribus): Update to 1.5.1. [source]: Remove patch. * gnu/packages/patches/scribus-qobject.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it.
2016-02-25gnu: Add python-paste.Christopher Allan Webber
* gnu/packages/python.scm (python-paste, python2-paste): New variables. * gnu/packages/patches/python-paste-remove-timing-test.patch: New file. * gnu/packages/patches/python-paste-remove-website-test.patch: New file. * gnu-system.am (dist_patch_DATA): Add them.
2016-02-25Merge branch 'media-updates'Mark H Weaver
2016-02-24gnu: libssh: Update to 0.7.3 [fixes CVE-2016-0739].Leo Famulari
* gnu/packages/patches/libssh-CVE-2014-0017.patch: Delete file. * gnu/packages/patches/libssh-0.6.5-CVE-2016-0739.patch: New file. * gnu-system.am (dist_patch_DATA): Adjust accordingly. * gnu/packages/ssh.scm (libssh): Update to 0.7.3. (libssh-0.5): Rename to... (libssh-0.6): ... this. Update to 0.6.5. [source]: Add patch for CVE-2016-0739. (guile-ssh)[inputs]: Use libssh-0.6. Modified-By: Mark H Weaver <mhw@netris.org>
2016-02-24gnu: xf86-video-vmware: Update to 13.1.0.Andy Wingo
* gnu/packages/patches/xf86-video-vmware-glibc-2.20.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/xorg.scm (xf86-video-vmware): Update to 13.1.0. [source]: Remove patch.
2016-02-24gnu: xf86-video-trident: Update to 1.3.7.Andy Wingo
* gnu/packages/patches/xf86-video-trident-remove-mibstore.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/xorg.scm (xf86-video-trident): Update to 1.3.7. [source]: Remove patch.
2016-02-24gnu: xf86-video-tdfx: Update to 1.4.6.Andy Wingo
* gnu/packages/patches/xf86-video-tdfx-remove-mibstore.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/xorg.scm (xf86-video-tdfx): Update to 1.4.6. [source]: Remove patch.
2016-02-24gnu: xf86-video-sis: Update to 0.10.8.Andy Wingo
* gnu/packages/patches/xf86-video-sis-fix-exa-crash.patch, gnu/packages/patches/xf86-video-sis-update-api.patch: Delete files. * gnu-system.am (dist_patch_DATA): Remove them. * gnu/packages/xorg.scm (xf86-video-sis): Update to 0.10.8. [source]: Remove patches.
2016-02-24gnu: xf86-video-siliconmotion: Update to 1.7.8.Andy Wingo
* gnu/packages/patches/xf86-video-siliconmotion-remove-mibstore.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/xorg.scm (xf86-video-siliconmotion): Update to 1.7.8. [source]: Remove patch.
2016-02-24gnu: xf86-video-r128: Update to 6.10.1.Andy Wingo
* gnu/packages/patches/xf86-video-r128-glibc-2.20.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/xorg.scm (xf86-video-r128): Update to 6.10.1. [source]: Remove patch.
2016-02-24gnu: xf86-video-mga: Update to 1.6.4.Andy Wingo
* gnu/packages/patches/xf86-video-mga-glibc-2.20.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/xorg.scm (xf86-video-mga): Update to 1.6.4. [source]: Remove patch.
2016-02-22gnu: qemu: Add fixes for CVE-2015-8619, CVE-2016-1981, CVE-2016-2197.Mark H Weaver
* gnu/packages/patches/qemu-CVE-2015-8619.patch, gnu/packages/patches/qemu-CVE-2016-1981.patch, gnu/packages/patches/qemu-CVE-2016-2197.patch, gnu/packages/patches/qemu-usb-ehci-oob-read.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/qemu.scm (qemu)[source]: Add patches.
2016-02-19gnu: cpio: Add fix for CVE-2016-2037.Leo Famulari
* gnu/packages/patches/cpio-CVE-2016-2037.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/cpio.scm (cpio)[source]: Add patch.
2016-02-19gnu: glibc: Add fix for CVE-2015-7547.Mark H Weaver
* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/base.scm (glibc)[source]: Add patch.
2016-02-15gnu: Add slurm.Pjotr Prins
* gnu/packages/parallel.scm (slurm): New variable. * gnu/packages/patches/slurm-configure-remove-nonfree-contribs.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/parallel.scm: Introduce license name space. Co-authored-by: Andreas Enge <andreas@enge.fr>
2016-02-15gnu: libsndfile: Update to 1.0.26 [with follow-up fix CVE-2015-7805].Mark H Weaver
Note: The previous fix for CVE-2015-7805 was incomplete. * gnu/packages/patches/libsndfile-CVE-2014-9496.patch, gnu/packages/patches/libsndfile-CVE-2015-7805.patch: Delete files. * gnu-system.am (dist_patch_DATA): Remove them. * gnu/packages/pulseaudio.scm (libsndfile): Update to 1.0.26. [source]: Remove patches.
2016-02-13gnu: Add ocaml-findlib.Jan Nieuwenhuizen
* gnu/packages/ocaml.scm (ocaml-findlib): New variable. * gnu/packages/patches/ocaml-findlib-make-install.patch: New file. * gnu-system.am (dist_patch_DATA): Register it.
2016-02-12gnu: gnupg: Add upstream fix for test failures on x86_64.Mark H Weaver
Fixes <https://debbugs.gnu.org/22558>. * gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/gnupg.scm (gnupg)[source]: Add patch.
2016-02-12gnu: Add tclxml.Jan Nieuwenhuizen
* gnu/packages/patches/tclxml-3.2-install.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/tcl.scm (tclxml): New variable. Signed-off-by: Leo Famulari <leo@famulari.name>
2016-02-11gnu: icecat: Update bundled graphite2 to 1.3.5 for security fixes.Mark H Weaver
* gnu/packages/patches/icecat-update-graphite2.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Add TODO comment about using the system graphite2 in the future.
2016-02-10gnu: mit-krb5: Update to 1.13.3; add fixes for CVE-2015-{8629,8630,8631}.Mark H Weaver
* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch, gnu/packages/patches/mit-krb5-CVE-2015-2696.patch, gnu/packages/patches/mit-krb5-CVE-2015-2697.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: Delete files. * gnu/packages/patches/mit-krb5-CVE-2015-8629.patch, gnu/packages/patches/mit-krb5-CVE-2015-8630.patch, gnu/packages/patches/mit-krb5-CVE-2015-8631.patch, gnu/packages/patches/mit-krb5-init-context-null-spnego.patch: New files. * gnu-system.am (dist_patch_DATA): Adjust accordingly. * gnu/packages/mit-krb5.scm (mit-krb5): Update to 1.13.3. [source]: Update URI to download conventional .tar.gz file. Add patches. [native-inputs]: Remove old patches-as-inputs. [arguments]: Remove hacks needed to cope with the older unconventional tarball that contained an inner source tarball and signature: Remove #:modules argument, and the custom 'unpack' and 'apply-patches' phases.
2016-02-06gnu: xdotools: Update to 3.20150503.1Christopher Allan Webber
* gnu/packages/xdisorg.scm (xdotools): Upgrade to 3.20150503.1. * gnu/packages/patches/xdotool-fix-makefile.patch: New file. * gnu-system.am (dist_patch_DATA): Add it.
2016-02-06gnu: Add python-pygpgmeChristopher Allan Webber
* gnu/packages/gnupg.scm (python-pygpgme, python2-pygpgme): New variables. * gnu/packages/patches/pygpgme-disable-problematic-tests.patch: New file. * gnu-system.am (dist_patch_DATA): Add it.
2016-02-06gnu: icecat: Re-enable the Ephemeral Diffie-Hellman cipher suites.Mark H Weaver
* gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.
2016-02-05gnu: icecat: Update to 38.6.0-gnu1.Mark H Weaver
* gnu/packages/patches/icecat-bug-1146335-pt1.patch, gnu/packages/patches/icecat-bug-1146335-pt2.patch, gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch, gnu/packages/patches/icecat-CVE-2016-1935.patch: Delete files. * gnu-system.am (dist_patch_DATA): Remove them. * gnu/packages/gnuzilla.scm (icecat): Update to 38.6.0-gnu1. [source]: Remove patches.
2016-02-04gnu: jasper: Add fixes for several security flaws.Leo Famulari
* gnu/packages/patches/jasper-CVE-2007-2721.patch, gnu/packages/patches/jasper-CVE-2008-3520.patch, gnu/packages/patches/jasper-CVE-2011-4516-and-CVE-2011-4517.patch, gnu/packages/patches/jasper-CVE-2014-8137.patch, gnu/packages/patches/jasper-CVE-2014-8138.patch, gnu/packages/patches/jasper-CVE-2014-8157.patch, gnu/packages/patches/jasper-CVE-2014-8158.patch, gnu/packages/patches/jasper-CVE-2014-9029.patch, gnu/packages/patches/jasper-CVE-2016-1867.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (jasper)[source]: Add patches.
2016-02-04gnu: perl-io-socket-ssl: Add workaround for OpenSSL-1.0.2f.Mark H Weaver
* gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/web.scm (perl-io-socket-ssl)[source]: Add patch.
2016-02-03gnu: Add emacs-constants.Federico Beffa
* gnu/packages/emacs.scm (emacs-constants): New variable. * gnu/packages/patches/emacs-constants-lisp-like.patch: New patch. * gnu-system.am (dist_patch_DATA): Add it.
2016-02-03gnu: Add emacs-scheme-complete.Federico Beffa
* gnu/packages/emacs.scm (emacs-scheme-complete): New variable. * gnu/packages/patches/emacs-scheme-complete-scheme-r5rs-info.patch: New patch. * gnu-system.am (dist_patch_DATA): Add the new patch.
2016-02-03gnu: qemu: Update to 2.5.0; add fixes for security flaws.Mark H Weaver
* gnu/packages/patches/qemu-CVE-2015-6855.patch: Delete file. * gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch, gnu/packages/patches/qemu-CVE-2015-8558.patch, gnu/packages/patches/qemu-CVE-2015-8567.patch, gnu/packages/patches/qemu-CVE-2015-8613.patch, gnu/packages/patches/qemu-CVE-2015-8701.patch, gnu/packages/patches/qemu-CVE-2015-8743.patch, gnu/packages/patches/qemu-CVE-2016-1568.patch, gnu/packages/patches/qemu-CVE-2016-1922.patch: New files. * gnu-system.am (dist_patch_DATA): Remove 'qemu-CVE-2015-6855.patch'; add the new patches. * gnu/packages/qemu.scm (qemu): Update to 2.5.0. [source]: Remove old patches and add new ones. [arguments]: Add 'disable-test-qga' phase. (%glib-memory-vtable-patch, %glib-duplicate-test-patch): Remove variables.
2016-02-01gnu: linux-libre: Update to 4.4.1.Mark H Weaver
* gnu/packages/patches/linux-libre-CVE-2016-0728.patch: Delete file. * gnu-system.am (dist_patch_DATA): Remove it. * gnu/packages/linux.scm (linux-libre): Update to 4.4.1. [source]: Remove patch.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-03 13:50:48 +0000