From 091191c3dcbfb9f01070d26bf15cb2c4dd07b1b5 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 31 Dec 2017 11:15:24 +0100 Subject: list-runtime-root: Fix off-by-one in 'strip-drop' call. Fixes . Reported by Danny Milosavljevic . * nix/scripts/list-runtime-roots.in (canonicalize-store-item): Define 'store' with a trailing "/". Have the 'string-prefix?' call match the 'string-drop' call. --- nix/scripts/list-runtime-roots.in | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/nix/scripts/list-runtime-roots.in b/nix/scripts/list-runtime-roots.in index 48a07edf5f..5f2660fb5e 100644 --- a/nix/scripts/list-runtime-roots.in +++ b/nix/scripts/list-runtime-roots.in @@ -130,12 +130,13 @@ or the empty list." (< (string->number a) (string->number b)))))) (define canonicalize-store-item - (let ((prefix (+ 1 (string-length %store-directory)))) + (let* ((store (string-append %store-directory "/")) + (prefix (string-length store))) (lambda (file) "Return #f if FILE is not a store item; otherwise, return the store file name without any sub-directory components." - (and (string-prefix? %store-directory file) - (string-append %store-directory "/" + (and (string-prefix? store file) + (string-append store (let ((base (string-drop file prefix))) (match (string-index base #\/) (#f base) -- cgit 1.4.1 From 809b884260b42c56c87c6c2263c5d9209aca86ce Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Sun, 31 Dec 2017 13:59:12 +0000 Subject: gnu: packages: 0ad: Tweak the build options. Use the -C make option, rather than changing directory before the build phase. Add config=release to the make flags as this might improve performance, and verbose=1 as this might make the build process clearer. Also remove --minimal-flags, as I don't quite understand what this does, but using it seems to remove lots of flags that would be used by default. * gnu/packages/games.scm (0ad)[arguments]: Add #:make-flags, remove the --minimal-flags argument from the configure phase, remove the 'chdir phase, and change the chdir argument in the install phase. --- gnu/packages/games.scm | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 0128d6372b..ce799ae33b 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -4922,7 +4922,8 @@ fight against their plot and save his fellow rabbits from slavery.") ("python-2" ,python-2))) (build-system gnu-build-system) (arguments - `(#:phases + `(#:make-flags '("config=release" "verbose=1" "-C" "build/workspaces/gcc") + #:phases (modify-phases %standard-phases (add-after 'unpack 'delete-bundles (lambda _ @@ -4949,17 +4950,12 @@ fight against their plot and save his fellow rabbits from slavery.") (zero? (system* "./update-workspaces.sh" (string-append "--libdir=" lib) (string-append "--datadir=" data) - "--minimal-flags" ;; TODO: "--with-system-nvtt" "--with-system-mozjs38")))))) - (add-before 'build 'chdir - (lambda _ - (chdir "build/workspaces/gcc") - #t)) (delete 'check) (replace 'install (lambda* (#:key inputs outputs #:allow-other-keys) - (chdir "../../../binaries") + (chdir "binaries") (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin")) (lib (string-append out "/lib")) -- cgit 1.4.1 From d3878e88f3b5a3b94b7cdb46b508ec726d399572 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 29 Dec 2017 15:36:33 -0500 Subject: gnu: Add go-github-com-alsm-ioprogress. * gnu/packages/golang.scm (go-github-com-alsm-ioprogress): New variable. --- gnu/packages/golang.scm | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm index b8f86ac5fd..0a4709d684 100644 --- a/gnu/packages/golang.scm +++ b/gnu/packages/golang.scm @@ -27,8 +27,10 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix utils) #:use-module (guix download) + #:use-module (guix git-download) #:use-module (guix packages) #:use-module (guix build-system gnu) + #:use-module (guix build-system go) #:use-module (gnu packages admin) #:use-module (gnu packages gcc) #:use-module (gnu packages base) @@ -377,3 +379,28 @@ sequential processes (CSP) concurrent programming features added.") (supported-systems %supported-systems))) (define-public go go-1.9) + +(define-public go-github-com-alsm-ioprogress + (let ((commit "063c3725f436e7fba0c8f588547bee21ffec7ac5") + (revision "0")) + (package + (name "go-github-com-alsm-ioprogress") + (version (git-version "0.0.0" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/alsm/ioprogress.git") + (commit commit))) + (sha256 + (base32 + "10ym5qlq77nynmkxbk767f2hfwyxg2k7hrzph05hvgzv833dhivh")))) + (build-system go-build-system) + (arguments + '(#:import-path "github.com/alsm/ioprogress")) + (synopsis "Textual progress bars in Go") + (description "@code{ioprogress} is a Go library with implementations of +@code{io.Reader} and @code{io.Writer} that draws progress bars. The primary use +case for these are for command-line applications but alternate progress bar +writers can be supplied for alternate environments.") + (home-page "https://github.com/alsm/ioprogress") + (license license:expat)))) -- cgit 1.4.1 From 11b12655f0541c23f4073f7476b9de0c595f6587 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 29 Dec 2017 15:37:05 -0500 Subject: gnu: Add go-github-com-aki237-nscjar. * gnu/packages/golang.scm (go-github-com-aki237-nscjar): New variable. --- gnu/packages/golang.scm | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm index 0a4709d684..e22a099b9b 100644 --- a/gnu/packages/golang.scm +++ b/gnu/packages/golang.scm @@ -404,3 +404,27 @@ case for these are for command-line applications but alternate progress bar writers can be supplied for alternate environments.") (home-page "https://github.com/alsm/ioprogress") (license license:expat)))) + +(define-public go-github-com-aki237-nscjar + (let ((commit "e2df936ddd6050d30dd90c7214c02b5019c42f06") + (revision "0")) + (package + (name "go-github-com-aki237-nscjar") + (version (git-version "0.0.0" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/aki237/nscjar.git") + (commit commit))) + (sha256 + (base32 + "03y7zzq12qvhsq86lb06sgns8xrkblbn7i7wd886wk3zr5574b96")))) + (build-system go-build-system) + (arguments + '(#:import-path "github.com/aki237/nscjar")) + (synopsis "Handle Netscape / Mozilla cookies") + (description "@code{nscjar} is a Go library used to parse and output +Netscape/Mozilla's old-style cookie files. It also implements a simple cookie +jar struct to manage the cookies added to the cookie jar.") + (home-page "https://github.com/aki237/nscjar") + (license license:expat)))) -- cgit 1.4.1 From 12f496ba566fd54db2558a13cd50d0b18ec245ed Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 29 Dec 2017 15:37:29 -0500 Subject: gnu: Add go-github-com-davidjpeacock-cli. * gnu/packages/golang.scm (go-github-com-davidjpeacock-cli): New variable. --- gnu/packages/golang.scm | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm index e22a099b9b..e7c2d228cc 100644 --- a/gnu/packages/golang.scm +++ b/gnu/packages/golang.scm @@ -428,3 +428,27 @@ Netscape/Mozilla's old-style cookie files. It also implements a simple cookie jar struct to manage the cookies added to the cookie jar.") (home-page "https://github.com/aki237/nscjar") (license license:expat)))) + +(define-public go-github-com-davidjpeacock-cli + (let ((commit "8ba6f23b6e36d03666a14bd9421f5e3efcb59aca") + (revision "0")) + (package + (name "go-github-com-davidjpeacock-cli") + (version (git-version "1.19.1" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/davidjpeacock/cli.git") + (commit commit))) + (sha256 + (base32 + "01s53ny3p0fdx64rnwcnmjj4xpc5adihnh6islsfq5z1ph2phhnj")))) + (build-system go-build-system) + (arguments + '(#:import-path "github.com/davidjpeacock/cli")) + (synopsis "Build command-line interfaces in Go") + (description "@code{cli} is a package for building command line +interfaces in Go. The goal is to enable developers to write fast and +distributable command line applications in an expressive way.") + (home-page "https://github.com/davidjpeacock/cli") + (license license:expat)))) -- cgit 1.4.1 From 8de9d5329e96d306279cabeb2cbe4b8319a6ab6e Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 29 Dec 2017 15:39:31 -0500 Subject: gnu: Add kurly. * gnu/packages/curl.scm (kurly): New variable. --- gnu/packages/curl.scm | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index 49703c0925..5f6180052f 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -25,10 +25,13 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) + #:use-module (guix git-download) #:use-module (guix utils) #:use-module (guix build-system gnu) + #:use-module (guix build-system go) #:use-module (gnu packages) #:use-module (gnu packages compression) + #:use-module (gnu packages golang) #:use-module (gnu packages groff) #:use-module (gnu packages gsasl) #:use-module (gnu packages libidn) @@ -135,3 +138,31 @@ tunneling, and so on.") (sha256 (base32 "0y3qbjjcxhcvm1yawp3spfssjbskv0g6gyzld6ckif5pf8ygvxpm")))))) + +(define-public kurly + (package + (name "kurly") + (version "1.1.0") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/davidjpeacock/kurly.git") + (commit (string-append "v" version)))) + (sha256 + (base32 + "1q192f457sjypgvwq7grrf8gq8w272p3zf1d5ppc20mriqm0mbc3")))) + (build-system go-build-system) + (arguments + '(#:import-path "github.com/davidjpeacock/kurly")) + (inputs + `(("go-github-com-alsm-ioprogress" ,go-github-com-alsm-ioprogress) + ("go-github-com-aki237-nscjar" ,go-github-com-aki237-nscjar) + ("go-github-com-davidjpeacock-cli" ,go-github-com-davidjpeacock-cli))) + (synopsis "Command-line HTTP client") + (description "kurly is an alternative to the @code{curl} program written in +Go. kurly is designed to operate in a similar manner to curl, with select +features. Notably, kurly is not aiming for feature parity, but common flags and +mechanisms particularly within the HTTP(S) realm are to be expected. kurly does +not offer a replacement for libcurl.") + (home-page "https://github.com/davidjpeacock/kurly") + (license license:asl2.0))) -- cgit 1.4.1 From 5cead945540bfc7141c3eb7ac197c881dae39b63 Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Sun, 31 Dec 2017 18:55:50 +0100 Subject: gnu: wine: Install libraries to /lib/wine32. * gnu/packages/wine.scm (wine)[arguments]: Install libraries to /lib/wine32. --- gnu/packages/wine.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index b4a303df93..937ce9eac6 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -122,10 +122,11 @@ #:tests? #f #:configure-flags - (list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib")) + (list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib/wine32")) #:make-flags - (list "SHELL=bash") + (list "SHELL=bash" + (string-append "libdir=" %output "/lib/wine32")) #:phases (modify-phases %standard-phases -- cgit 1.4.1 From 58cbcb02a5311641336d1bb3650d362fe445bf04 Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Sun, 31 Dec 2017 18:57:06 +0100 Subject: gnu: wine64: Add 32-bit support. * gnu/packages/wine.scm (wine64)[inputs]: Add wine. [arguments]: Install libraries to /lib/wine64. Don't inherit phases. Add 'copy-win32-files phase. [description]: Update description. --- gnu/packages/wine.scm | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 937ce9eac6..48cd830d0a 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -160,16 +160,42 @@ integrate Windows applications into your desktop.") (package (inherit wine) (name "wine64") + (inputs `(("wine" ,wine) + ,@(package-inputs wine))) (arguments `(#:make-flags (list "SHELL=bash" - (string-append "libdir=" %output "/lib")) + (string-append "libdir=" %output "/lib/wine64")) + #:phases + (modify-phases %standard-phases + (add-after 'install 'copy-wine32-files + (lambda* (#:key outputs #:allow-other-keys) + (copy-file (string-append (assoc-ref %build-inputs "wine") + "/bin/wine") (string-append (assoc-ref + %outputs "out") "/bin/wine")) + (copy-file (string-append (assoc-ref %build-inputs "wine") + "/bin/wine-preloader") (string-append + (assoc-ref %outputs "out") + "/bin/wine-preloader")) + #t)) + (add-after 'configure 'patch-dlopen-paths + ;; Hardcode dlopened sonames to absolute paths. + (lambda _ + (let* ((library-path (search-path-as-string->list + (getenv "LIBRARY_PATH"))) + (find-so (lambda (soname) + (search-path library-path soname)))) + (substitute* "include/config.h" + (("(#define SONAME_.* )\"(.*)\"" _ defso soname) + (format #f "~a\"~a\"" defso (find-so soname)))) + #t)))) #:configure-flags (list "--enable-win64" - (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib")) - ,@(strip-keyword-arguments '(#:configure-flags #:make-flags #:system) + (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib/wine64")) + ,@(strip-keyword-arguments '(#:configure-flags #:make-flags #:phases + #:system) (package-arguments wine)))) - (synopsis "Implementation of the Windows API (64-bit version)") + (synopsis "Implementation of the Windows API (WOW64 version)") (supported-systems '("x86_64-linux" "aarch64-linux")))) ;; TODO: This is wine development version, provided for historical reasons. -- cgit 1.4.1 From c41fb54f9556ccfa01225fe03765b2cbd6fb611a Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Sun, 31 Dec 2017 18:57:47 +0100 Subject: gnu: wine64-staging: Add 32-bit support. * gnu/packages/wine.scm (wine64-staging)[inputs]: Add wine-staging. [arguments]: Install libraries to /lib/wine64. Don't inherit phases. Add 'copy-win32-files phase. [description]: Update description. - --- gnu/packages/wine.scm | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 48cd830d0a..2c7732bcf3 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -248,15 +248,41 @@ integrated into the main branch.") (package (inherit wine-staging) (name "wine64-staging") + (inputs `(("wine-staging" ,wine-staging) + ,@(package-inputs wine-staging))) (arguments `(#:make-flags (list "SHELL=bash" - (string-append "libdir=" %output "/lib")) + (string-append "libdir=" %output "/lib/wine64")) + #:phases + (modify-phases %standard-phases + (add-after 'install 'copy-wine32-files + (lambda* (#:key outputs #:allow-other-keys) + (copy-file (string-append (assoc-ref %build-inputs "wine-staging") + "/bin/wine") (string-append (assoc-ref + %outputs "out") "/bin/wine")) + (copy-file (string-append (assoc-ref %build-inputs "wine-staging") + "/bin/wine-preloader") (string-append + (assoc-ref %outputs "out") + "/bin/wine-preloader")) + #t)) + (add-after 'configure 'patch-dlopen-paths + ;; Hardcode dlopened sonames to absolute paths. + (lambda _ + (let* ((library-path (search-path-as-string->list + (getenv "LIBRARY_PATH"))) + (find-so (lambda (soname) + (search-path library-path soname)))) + (substitute* "include/config.h" + (("(#define SONAME_.* )\"(.*)\"" _ defso soname) + (format #f "~a\"~a\"" defso (find-so soname)))) + #t)))) #:configure-flags (list "--enable-win64" - (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib")) - ,@(strip-keyword-arguments '(#:configure-flags #:make-flags #:system) + (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib/wine64")) + ,@(strip-keyword-arguments '(#:configure-flags #:make-flags #:phases + #:system) (package-arguments wine-staging)))) - (synopsis "Implementation of the Windows API (staging branch, 64-bit + (synopsis "Implementation of the Windows API (staging branch, WOW64 version)") (supported-systems '("x86_64-linux" "aarch64-linux")))) -- cgit 1.4.1 From 2a74f6f7e72c0bc420316d0d7cfb72bdcaedf414 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 31 Dec 2017 13:42:58 -0500 Subject: gnu: gimp: Fix CVE-2017-{17784,17785,17786,17787,17789}. * gnu/packages/patches/gimp-CVE-2017-17784.patch, gnu/packages/patches/gimp-CVE-2017-17785.patch, gnu/packages/patches/gimp-CVE-2017-17786.patch, gnu/packages/patches/gimp-CVE-2017-17787.patch, gnu/packages/patches/gimp-CVE-2017-17789.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/gimp.scm (gimp)[source]: Use them. --- gnu/local.mk | 5 + gnu/packages/gimp.scm | 5 + gnu/packages/patches/gimp-CVE-2017-17784.patch | 41 ++++++ gnu/packages/patches/gimp-CVE-2017-17785.patch | 171 +++++++++++++++++++++++++ gnu/packages/patches/gimp-CVE-2017-17786.patch | 94 ++++++++++++++ gnu/packages/patches/gimp-CVE-2017-17787.patch | 42 ++++++ gnu/packages/patches/gimp-CVE-2017-17789.patch | 48 +++++++ 7 files changed, 406 insertions(+) create mode 100644 gnu/packages/patches/gimp-CVE-2017-17784.patch create mode 100644 gnu/packages/patches/gimp-CVE-2017-17785.patch create mode 100644 gnu/packages/patches/gimp-CVE-2017-17786.patch create mode 100644 gnu/packages/patches/gimp-CVE-2017-17787.patch create mode 100644 gnu/packages/patches/gimp-CVE-2017-17789.patch diff --git a/gnu/local.mk b/gnu/local.mk index 346c8285e0..53a1aa5a45 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -674,6 +674,11 @@ dist_patch_DATA = \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ %D%/packages/patches/ghostscript-runpath.patch \ + %D%/packages/patches/gimp-CVE-2017-17784.patch \ + %D%/packages/patches/gimp-CVE-2017-17785.patch \ + %D%/packages/patches/gimp-CVE-2017-17786.patch \ + %D%/packages/patches/gimp-CVE-2017-17787.patch \ + %D%/packages/patches/gimp-CVE-2017-17789.patch \ %D%/packages/patches/glib-networking-ssl-cert-file.patch \ %D%/packages/patches/glib-tests-timer.patch \ %D%/packages/patches/glibc-CVE-2015-5180.patch \ diff --git a/gnu/packages/gimp.scm b/gnu/packages/gimp.scm index b0797453fa..fc2c8ff516 100644 --- a/gnu/packages/gimp.scm +++ b/gnu/packages/gimp.scm @@ -133,6 +133,11 @@ buffers.") (uri (string-append "http://download.gimp.org/pub/gimp/v" (version-major+minor version) "/gimp-" version ".tar.bz2")) + (patches (search-patches "gimp-CVE-2017-17784.patch" + "gimp-CVE-2017-17785.patch" + "gimp-CVE-2017-17786.patch" + "gimp-CVE-2017-17787.patch" + "gimp-CVE-2017-17789.patch")) (sha256 (base32 "12k3lp938qdc9cqj29scg55f3bb8iav2fysd29w0s49bqmfa71wi")))) diff --git a/gnu/packages/patches/gimp-CVE-2017-17784.patch b/gnu/packages/patches/gimp-CVE-2017-17784.patch new file mode 100644 index 0000000000..c791772fb5 --- /dev/null +++ b/gnu/packages/patches/gimp-CVE-2017-17784.patch @@ -0,0 +1,41 @@ +Fix CVE-2017-17784: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784 +https://bugzilla.gnome.org/show_bug.cgi?id=790784 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/gimp/commit/?id=c57f9dcf1934a9ab0cd67650f2dea18cb0902270 + +From c57f9dcf1934a9ab0cd67650f2dea18cb0902270 Mon Sep 17 00:00:00 2001 +From: Jehan +Date: Thu, 21 Dec 2017 12:25:32 +0100 +Subject: [PATCH] Bug 790784 - (CVE-2017-17784) heap overread in gbr parser / + load_image. + +We were assuming the input name was well formed, hence was +nul-terminated. As any data coming from external input, this has to be +thorougly checked. +Similar to commit 06d24a79af94837d615d0024916bb95a01bf3c59 but adapted +to older gimp-2-8 code. +--- + plug-ins/common/file-gbr.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/plug-ins/common/file-gbr.c b/plug-ins/common/file-gbr.c +index b028100bef..d3f01d9c56 100644 +--- a/plug-ins/common/file-gbr.c ++++ b/plug-ins/common/file-gbr.c +@@ -443,7 +443,8 @@ load_image (const gchar *filename, + { + gchar *temp = g_new (gchar, bn_size); + +- if ((read (fd, temp, bn_size)) < bn_size) ++ if ((read (fd, temp, bn_size)) < bn_size || ++ temp[bn_size - 1] != '\0') + { + g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, + _("Error in GIMP brush file '%s'"), +-- +2.15.1 + diff --git a/gnu/packages/patches/gimp-CVE-2017-17785.patch b/gnu/packages/patches/gimp-CVE-2017-17785.patch new file mode 100644 index 0000000000..939b01f214 --- /dev/null +++ b/gnu/packages/patches/gimp-CVE-2017-17785.patch @@ -0,0 +1,171 @@ +Fix CVE-2017-17785: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785 +https://bugzilla.gnome.org/show_bug.cgi?id=739133 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54 + +From 1882bac996a20ab5c15c42b0c5e8f49033a1af54 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Sun, 29 Oct 2017 15:19:41 +0100 +Subject: [PATCH] Bug 739133 - (CVE-2017-17785) Heap overflow while parsing FLI + files. + +It is possible to trigger a heap overflow while parsing FLI files. The +RLE decoder is vulnerable to out of boundary writes due to lack of +boundary checks. + +The variable "framebuf" points to a memory area which was allocated +with fli_header->width * fli_header->height bytes. The RLE decoder +therefore must never write beyond that limit. + +If an illegal frame is detected, the parser won't stop, which means +that the next valid sequence is properly parsed again. This should +allow GIMP to parse FLI files as good as possible even if they are +broken by an attacker or by accident. + +While at it, I changed the variable xc to be of type size_t, because +the multiplication of width and height could overflow a 16 bit type. + +Signed-off-by: Tobias Stoeckmann +(cherry picked from commit edb251a7ef1602d20a5afcbf23f24afb163de63b) +--- + plug-ins/file-fli/fli.c | 50 ++++++++++++++++++++++++++++++++++--------------- + 1 file changed, 35 insertions(+), 15 deletions(-) + +diff --git a/plug-ins/file-fli/fli.c b/plug-ins/file-fli/fli.c +index 313efeb977..ffb651e2af 100644 +--- a/plug-ins/file-fli/fli.c ++++ b/plug-ins/file-fli/fli.c +@@ -25,6 +25,8 @@ + + #include "config.h" + ++#include ++ + #include + #include + +@@ -461,23 +463,27 @@ void fli_read_brun(FILE *f, s_fli_header *fli_header, unsigned char *framebuf) + unsigned short yc; + unsigned char *pos; + for (yc=0; yc < fli_header->height; yc++) { +- unsigned short xc, pc, pcnt; ++ unsigned short pc, pcnt; ++ size_t n, xc; + pc=fli_read_char(f); + xc=0; + pos=framebuf+(fli_header->width * yc); ++ n=(size_t)fli_header->width * (fli_header->height-yc); + for (pcnt=pc; pcnt>0; pcnt--) { + unsigned short ps; + ps=fli_read_char(f); + if (ps & 0x80) { + unsigned short len; +- for (len=-(signed char)ps; len>0; len--) { ++ for (len=-(signed char)ps; len>0 && xcwidth * fli_header->height); + firstline = fli_read_short(f); + numline = fli_read_short(f); ++ if (numline > fli_header->height || fli_header->height-numline < firstline) ++ return; ++ + for (yc=0; yc < numline; yc++) { +- unsigned short xc, pc, pcnt; ++ unsigned short pc, pcnt; ++ size_t n, xc; + pc=fli_read_char(f); + xc=0; + pos=framebuf+(fli_header->width * (firstline+yc)); ++ n=(size_t)fli_header->width * (fli_header->height-firstline-yc); + for (pcnt=pc; pcnt>0; pcnt--) { + unsigned short ps,skip; + skip=fli_read_char(f); + ps=fli_read_char(f); +- xc+=skip; ++ xc+=MIN(n-xc,skip); + if (ps & 0x80) { + unsigned char val; ++ size_t len; + ps=-(signed char)ps; + val=fli_read_char(f); +- memset(&(pos[xc]), val, ps); +- xc+=ps; ++ len=MIN(n-xc,ps); ++ memset(&(pos[xc]), val, len); ++ xc+=len; + } else { +- fread(&(pos[xc]), ps, 1, f); +- xc+=ps; ++ size_t len; ++ len=MIN(n-xc,ps); ++ fread(&(pos[xc]), len, 1, f); ++ xc+=len; + } + } + } +@@ -689,7 +704,8 @@ void fli_read_lc_2(FILE *f, s_fli_header *fli_header, unsigned char *old_framebu + yc=0; + numline = fli_read_short(f); + for (lc=0; lc < numline; lc++) { +- unsigned short xc, pc, pcnt, lpf, lpn; ++ unsigned short pc, pcnt, lpf, lpn; ++ size_t n, xc; + pc=fli_read_short(f); + lpf=0; lpn=0; + while (pc & 0x8000) { +@@ -700,26 +716,30 @@ void fli_read_lc_2(FILE *f, s_fli_header *fli_header, unsigned char *old_framebu + } + pc=fli_read_short(f); + } ++ yc=MIN(yc, fli_header->height); + xc=0; + pos=framebuf+(fli_header->width * yc); ++ n=(size_t)fli_header->width * (fli_header->height-yc); + for (pcnt=pc; pcnt>0; pcnt--) { + unsigned short ps,skip; + skip=fli_read_char(f); + ps=fli_read_char(f); +- xc+=skip; ++ xc+=MIN(n-xc,skip); + if (ps & 0x80) { + unsigned char v1,v2; + ps=-(signed char)ps; + v1=fli_read_char(f); + v2=fli_read_char(f); +- while (ps>0) { ++ while (ps>0 && xc+1 +Date: Wed, 20 Dec 2017 13:02:38 +0100 +Subject: [PATCH] Bug 739134 - (CVE-2017-17786) Out of bounds read / heap + overflow in... +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +... TGA importer. + +Be more thorough on valid TGA RGB and RGBA images. +In particular current TGA plug-in can import RGBA as 32 bits (8 bits per +channel) and 16 bits (5 bits per color channel and 1 bit for alpha), and +RGB as 15 and 24 bits. +Maybe there exist more variants, but if they do exist, we simply don't +support them yet. + +Thanks to Hanno Böck for the report and a first patch attempt. + +(cherry picked from commit 674b62ad45b6579ec6d7923dc3cb1ef4e8b5498b) +--- + plug-ins/common/file-tga.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/plug-ins/common/file-tga.c b/plug-ins/common/file-tga.c +index aef98702d4..426acc2925 100644 +--- a/plug-ins/common/file-tga.c ++++ b/plug-ins/common/file-tga.c +@@ -564,12 +564,16 @@ load_image (const gchar *filename, + } + break; + case TGA_TYPE_COLOR: +- if (info.bpp != 15 && info.bpp != 16 && +- info.bpp != 24 && info.bpp != 32) ++ if ((info.bpp != 15 && info.bpp != 16 && ++ info.bpp != 24 && info.bpp != 32) || ++ ((info.bpp == 15 || info.bpp == 24) && ++ info.alphaBits != 0) || ++ (info.bpp == 16 && info.alphaBits != 1) || ++ (info.bpp == 32 && info.alphaBits != 8)) + { +- g_message ("Unhandled sub-format in '%s' (type = %u, bpp = %u)", ++ g_message ("Unhandled sub-format in '%s' (type = %u, bpp = %u, alpha = %u)", + gimp_filename_to_utf8 (filename), +- info.imageType, info.bpp); ++ info.imageType, info.bpp, info.alphaBits); + return -1; + } + break; +-- +2.15.1 + +From 22e2571c25425f225abdb11a566cc281fca6f366 Mon Sep 17 00:00:00 2001 +From: Jehan +Date: Wed, 20 Dec 2017 13:26:26 +0100 +Subject: [PATCH] plug-ins: TGA 16-bit RGB (without alpha bit) is also valid. + +According to some spec on the web, 16-bit RGB is also valid. In this +case, the last bit is simply ignored (at least that's how it is +implemented right now). + +(cherry picked from commit 8ea316667c8a3296bce2832b3986b58d0fdfc077) +--- + plug-ins/common/file-tga.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/plug-ins/common/file-tga.c b/plug-ins/common/file-tga.c +index 426acc2925..eb14a1dadc 100644 +--- a/plug-ins/common/file-tga.c ++++ b/plug-ins/common/file-tga.c +@@ -568,7 +568,8 @@ load_image (const gchar *filename, + info.bpp != 24 && info.bpp != 32) || + ((info.bpp == 15 || info.bpp == 24) && + info.alphaBits != 0) || +- (info.bpp == 16 && info.alphaBits != 1) || ++ (info.bpp == 16 && info.alphaBits != 1 && ++ info.alphaBits != 0) || + (info.bpp == 32 && info.alphaBits != 8)) + { + g_message ("Unhandled sub-format in '%s' (type = %u, bpp = %u, alpha = %u)", +-- +2.15.1 + diff --git a/gnu/packages/patches/gimp-CVE-2017-17787.patch b/gnu/packages/patches/gimp-CVE-2017-17787.patch new file mode 100644 index 0000000000..b5310d33d9 --- /dev/null +++ b/gnu/packages/patches/gimp-CVE-2017-17787.patch @@ -0,0 +1,42 @@ +Fix CVE-2017-17787: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787 +https://bugzilla.gnome.org/show_bug.cgi?id=790853 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/gimp/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d + +From 87ba505fff85989af795f4ab6a047713f4d9381d Mon Sep 17 00:00:00 2001 +From: Jehan +Date: Thu, 21 Dec 2017 12:49:41 +0100 +Subject: [PATCH] Bug 790853 - (CVE-2017-17787) heap overread in psp importer. + +As any external data, we have to check that strings being read at fixed +length are properly nul-terminated. + +(cherry picked from commit eb2980683e6472aff35a3117587c4f814515c74d) +--- + plug-ins/common/file-psp.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c +index 4cbafe37b1..e350e4d88d 100644 +--- a/plug-ins/common/file-psp.c ++++ b/plug-ins/common/file-psp.c +@@ -890,6 +890,12 @@ read_creator_block (FILE *f, + g_free (string); + return -1; + } ++ if (string[length - 1] != '\0') ++ { ++ g_message ("Creator keyword data not nul-terminated"); ++ g_free (string); ++ return -1; ++ } + switch (keyword) + { + case PSP_CRTR_FLD_TITLE: +-- +2.15.1 + diff --git a/gnu/packages/patches/gimp-CVE-2017-17789.patch b/gnu/packages/patches/gimp-CVE-2017-17789.patch new file mode 100644 index 0000000000..6dfa435fd0 --- /dev/null +++ b/gnu/packages/patches/gimp-CVE-2017-17789.patch @@ -0,0 +1,48 @@ +Fix CVE-2017-17789: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789 +https://bugzilla.gnome.org/show_bug.cgi?id=790849 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/gimp/commit/?id=01898f10f87a094665a7fdcf7153990f4e511d3f + +From 01898f10f87a094665a7fdcf7153990f4e511d3f Mon Sep 17 00:00:00 2001 +From: Jehan +Date: Wed, 20 Dec 2017 16:44:20 +0100 +Subject: [PATCH] Bug 790849 - (CVE-2017-17789) CVE-2017-17789 Heap buffer + overflow... + +... in PSP importer. +Check if declared block length is valid (i.e. within the actual file) +before going further. +Consider the file as broken otherwise and fail loading it. + +(cherry picked from commit 28e95fbeb5720e6005a088fa811f5bf3c1af48b8) +--- + plug-ins/common/file-psp.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c +index ac0fff78f0..4cbafe37b1 100644 +--- a/plug-ins/common/file-psp.c ++++ b/plug-ins/common/file-psp.c +@@ -1771,6 +1771,15 @@ load_image (const gchar *filename, + { + block_start = ftell (f); + ++ if (block_start + block_total_len > st.st_size) ++ { ++ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, ++ _("Could not open '%s' for reading: %s"), ++ gimp_filename_to_utf8 (filename), ++ _("invalid block size")); ++ goto error; ++ } ++ + if (id == PSP_IMAGE_BLOCK) + { + if (block_number != 0) +-- +2.15.1 + -- cgit 1.4.1 From b4a330ac721bd7682066cfd246f2084368a364f2 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 31 Dec 2017 22:56:22 +0200 Subject: gnu: wine: Add support for armhf and aarch64. * gnu/packages/wine.scm (wine)[arguments]: Target armhf-linux when building on armhf or aarch64. [supported-systems]: Add armhf and aarch64 to supported systems. --- gnu/packages/wine.scm | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 2c7732bcf3..d5309fd986 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -55,7 +55,8 @@ #:use-module (gnu packages tls) #:use-module (gnu packages video) #:use-module (gnu packages xml) - #:use-module (gnu packages xorg)) + #:use-module (gnu packages xorg) + #:use-module (ice-9 match)) (define-public wine (package @@ -113,9 +114,13 @@ ("v4l-utils" ,v4l-utils) ("zlib" ,zlib))) (arguments - `(;; Force a 32-bit build (under the assumption that this package is - ;; being used on an IA32-compatible architecture.) - #:system "i686-linux" + `(;; Force a 32-bit build targeting a similar architecture, i.e.: + ;; armhf for armhf/aarch64, i686 for i686/x86_64. + #:system ,@(match (%current-system) + ((or "armhf-linux" "aarch64-linux") + `("armhf-linux")) + (_ + `("i686-linux"))) ;; XXX: There's a test suite, but it's unclear whether it's supposed to ;; pass. @@ -154,7 +159,7 @@ integrate Windows applications into your desktop.") ;; It really only supports IA32, but building on x86_64 will have the same ;; effect as building on i686 anyway. - (supported-systems '("i686-linux" "x86_64-linux")))) + (supported-systems (delete "mips64el-linux" %supported-systems)))) (define-public wine64 (package -- cgit 1.4.1 From cc17345d549d9c99f625793bffa56bfa42abade7 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sat, 30 Dec 2017 18:49:49 +0000 Subject: gnu: Add xxhash. * gnu/packages/digest.scm: New file (xxhash): New public variable. * gnu/local.mk (GNU_SYSTEM_MODULES): Add new file. --- gnu/local.mk | 1 + gnu/packages/digest.scm | 55 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 gnu/packages/digest.scm diff --git a/gnu/local.mk b/gnu/local.mk index 53a1aa5a45..e9b3002b68 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -119,6 +119,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/dejagnu.scm \ %D%/packages/dico.scm \ %D%/packages/dictionaries.scm \ + %D%/packages/digest.scm \ %D%/packages/direct-connect.scm \ %D%/packages/disk.scm \ %D%/packages/display-managers.scm \ diff --git a/gnu/packages/digest.scm b/gnu/packages/digest.scm new file mode 100644 index 0000000000..5f14ab913b --- /dev/null +++ b/gnu/packages/digest.scm @@ -0,0 +1,55 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Tobias Geerinckx-Rice +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages digest) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu)) + +(define-public xxhash + (package + (name "xxhash") + (version "0.6.4") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/Cyan4973/xxHash/archive/v" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 "08nv9h3jzg6y85ysy2dj3qvvfsdz0rwkk497a2366syz278wqw25")))) + (build-system gnu-build-system) + (arguments + `(#:make-flags + (list "CC=gcc" + "XXH_FORCE_MEMORY_ACCESS=1" ; improved performance with GCC + (string-append "prefix=" (assoc-ref %outputs "out"))) + #:test-target "test" + #:phases + (modify-phases %standard-phases + (delete 'configure)))) ; no configure script + (home-page "https://cyan4973.github.io/xxHash/") + (synopsis "Extremely fast hash algorithm") + (description + "xxHash is an extremely fast non-cryptographic hash algorithm. It works +at speeds close to RAM limits, and comes in both 32- and 64-bit flavours. +The code is highly portable, and hashes of the same length are identical on all +platforms (both big and little endian).") + (license (list license:bsd-2 ; xxhash library (xxhash.[ch]) + license:gpl2+)))) ; xxhsum.c -- cgit 1.4.1 From 55dee52b9c4dbb256ae9c5816efd13a019e55ed0 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 31 Dec 2017 14:21:51 +0000 Subject: gnu: nasm: Update to 2.13.02. * gnu/packages/assembly.scm (nasm): Update to 2.13.02. --- gnu/packages/assembly.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/assembly.scm b/gnu/packages/assembly.scm index 769e5d2fca..22765b456a 100644 --- a/gnu/packages/assembly.scm +++ b/gnu/packages/assembly.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2013, 2015 Ludovic Courtès ;;; Copyright © 2013 Andreas Enge ;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -34,14 +35,14 @@ (define-public nasm (package (name "nasm") - (version "2.13.01") + (version "2.13.02") (source (origin (method url-fetch) (uri (string-append "http://www.nasm.us/pub/nasm/releasebuilds/" version "/" name "-" version ".tar.xz")) (sha256 (base32 - "0plsvcwxc7q3llr3bz10prwq1gn4ll38aqmv0yzfqcq4iw0160ma")))) + "0mqp559rypkv4cz3wb8crkp0s3a3lhcprvypm3vqz0x695gj7hwa")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl) ;for doc and test target ("texinfo" ,texinfo))) -- cgit 1.4.1 From c300cae68233ec7cbf50c40bdea7c191eed21e54 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 31 Dec 2017 15:11:38 +0000 Subject: gnu: crypto++: Don't use ‘-march=native’. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/crypto.scm (crypto++)[arguments]: Add ‘disable-native-optimisation’ phase. --- gnu/packages/crypto.scm | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm index 92da952999..1ac704ddb8 100644 --- a/gnu/packages/crypto.scm +++ b/gnu/packages/crypto.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2015, 2017 Ricardo Wurmus ;;; Copyright © 2016, 2017 Leo Famulari ;;; Copyright © 2016 Lukas Gradl -;;; Copyright © 2016 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice ;;; Copyright © 2016, 2017 ng0 ;;; Copyright © 2016, 2017 Eric Bavier ;;; Copyright © 2017 Pierre Langlois @@ -595,6 +595,13 @@ data on your platform, so the seed itself will be as random as possible. (list (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:phases (modify-phases %standard-phases + (add-after 'unpack 'disable-native-optimisation + ;; This package installs more than just headers. Ensure that the + ;; cryptest.exe binary & static library aren't CPU model specific. + (lambda _ + (substitute* "GNUmakefile" + ((" -march=native") "")) + #t)) (delete 'configure)))) (native-inputs `(("unzip" ,unzip))) -- cgit 1.4.1 From f0aba3844035abce7a05ef4e7c0b6f3ed9e9b5c8 Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Sun, 31 Dec 2017 21:28:40 -0500 Subject: gnu: xonsh: Update to 0.6.0. * gnu/packages/shells.scm (xonsh): Update to 0.6.0. --- gnu/packages/shells.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/shells.scm b/gnu/packages/shells.scm index 590b2c741d..022287dbf5 100644 --- a/gnu/packages/shells.scm +++ b/gnu/packages/shells.scm @@ -381,14 +381,14 @@ ksh, and tcsh.") (define-public xonsh (package (name "xonsh") - (version "0.5.12") + (version "0.6.0") (source (origin (method url-fetch) (uri (pypi-uri "xonsh" version)) (sha256 (base32 - "1yz595hx5bni524m73cx8a08vcr6vfksfci14nx2ylz53igzva2c")) + "1ikd1xg4iyjqp51y8g8n6c4y39bgx85xnb4bdd3zibkqac3lrahr")) (modules '((guix build utils))) (snippet `(begin -- cgit 1.4.1 From a5e3d59bb3281fffd26dfd4bd8a23567e5940e80 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 1 Jan 2018 18:03:17 +0100 Subject: gnu: python-jupyter-console: Make it installable. Fixes . Reported by Johannes Laute . * gnu/packages/python.scm (python-jupyter-console-minimal)[name]: New field. --- gnu/packages/python.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index ce3aa299bc..07302c729e 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013 Nikita Karetnikov -;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès +;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès ;;; Copyright © 2013, 2014, 2015, 2016 Andreas Enge ;;; Copyright © 2014, 2015 Mark H Weaver ;;; Copyright © 2014, 2017 Eric Bavier @@ -6511,6 +6511,7 @@ Jupyter kernels such as IJulia and IRKernel.") (define python-jupyter-console-minimal (package (inherit python-jupyter-console) + (name "python-jupyter-console-minimal") (arguments (substitute-keyword-arguments (package-arguments python-jupyter-console) -- cgit 1.4.1 From 397cd9cc416c677e84fb4bb6efef5f99d1d2394f Mon Sep 17 00:00:00 2001 From: Mathieu Lirzin Date: Mon, 1 Jan 2018 18:21:04 +0100 Subject: doc: Update requirements in 'README'. * README (Requirements): Update. --- README | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/README b/README index 18e685672d..4192eb4129 100644 --- a/README +++ b/README @@ -23,10 +23,9 @@ GNU Guix currently depends on the following packages: - [[https://gnu.org/software/guile/][GNU Guile 2.2.x or 2.0.x]], version 2.0.9 or later - [[https://gnupg.org/][GNU libgcrypt]] - [[https://www.gnu.org/software/make/][GNU Make]] + - [[https://www.gnutls.org][GnuTLS]] compiled with guile support enabled. + - [[https://gitlab.com/guile-git/guile-git][Guile-Git]] - optionally [[https://savannah.nongnu.org/projects/guile-json/][Guile-JSON]], for the 'guix import pypi' command - - optionally [[https://www.gnutls.org][GnuTLS]] compiled with guile support enabled, for HTTPS support - in the 'guix download' command. Note that 'guix import pypi' requires - this functionality. Unless `--disable-daemon' was passed, the following packages are needed: -- cgit 1.4.1 From 92f36323c423063f1d272f197df396a292f3741a Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 1 Jan 2018 18:22:28 +0100 Subject: ui: It's 2018 now! * guix/ui.scm (show-version-and-exit): Change year to 2018. --- guix/ui.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guix/ui.scm b/guix/ui.scm index 2b7cc3d41a..6e08a611cd 100644 --- a/guix/ui.scm +++ b/guix/ui.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès ;;; Copyright © 2013 Mark H Weaver ;;; Copyright © 2013 Nikita Karetnikov ;;; Copyright © 2014 Cyril Roelandt @@ -387,7 +387,7 @@ exiting. ARGS is the list of arguments received by the 'throw' handler." "Display version information for COMMAND and `(exit 0)'." (simple-format #t "~a (~a) ~a~%" command %guix-package-name %guix-version) - (format #t "Copyright ~a 2017 ~a" + (format #t "Copyright ~a 2018 ~a" ;; TRANSLATORS: Translate "(C)" to the copyright symbol ;; (C-in-a-circle), if this symbol is available in the user's ;; locale. Otherwise, do not translate "(C)"; leave it as-is. */ -- cgit 1.4.1 From 263e9b851a43ddc279b7d5db130856a7a236cbc4 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 31 Dec 2017 22:17:01 +0000 Subject: gnu: diffoscope: Update to 90. * gnu/packages/package-management.scm (diffoscope): Update to 90. --- gnu/packages/package-management.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index cbbf462c11..36c943f35a 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2017 Muriithi Frederick Muriuki ;;; Copyright © 2017 Oleg Pykhalov ;;; Copyright © 2017 Roel Janssen +;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -519,13 +520,13 @@ transactions from C or Python.") (define-public diffoscope (package (name "diffoscope") - (version "88") + (version "90") (source (origin (method url-fetch) (uri (pypi-uri name version)) (sha256 (base32 - "1zp6nb37igssxg4bqsi3cw5klx4prhcx50mzg4463l50mssn8mp2")))) + "0hhg26vi0z2q4gwklwq4k16hibc4kq16jvyzp6zhr4kspi07wl6i")))) (build-system python-build-system) (arguments `(#:phases (modify-phases %standard-phases -- cgit 1.4.1 From d9465101f4f3d764e89f6c819a19428980a6106a Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 31 Dec 2017 22:25:36 +0000 Subject: gnu: libksysguard: Update to 5.11.4. * gnu/packages/kde.scm (libksysguard): Update to 5.11.4. --- gnu/packages/kde.scm | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/gnu/packages/kde.scm b/gnu/packages/kde.scm index 89ad30ecd2..94834c336c 100644 --- a/gnu/packages/kde.scm +++ b/gnu/packages/kde.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016, 2017 Thomas Danckaert ;;; Copyright © 2017 Mark Meyer +;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -349,7 +350,7 @@ used in KDE development tools Kompare and KDevelop.") (define-public libksysguard (package (name "libksysguard") - (version "5.11.2") + (version "5.11.4") (source (origin (method url-fetch) @@ -357,7 +358,7 @@ used in KDE development tools Kompare and KDevelop.") "/libksysguard-" version ".tar.xz")) (sha256 (base32 - "12d0r4rilydbqdgkm256khvkb9m0hya3p27xqvv3hg77wgxzdl3f")))) + "1ry4478fv7blp80zyhz0xr3qragsddrkzjzmxkdarh01f4p987aq")))) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) ("pkg-config" ,pkg-config))) @@ -399,7 +400,7 @@ used in KDE development tools Kompare and KDevelop.") (lambda _ ;; TODO: Fix this failing test-case (zero? (system* "ctest" "-E" "processtest"))))))) - (home-page "https://www.kde.org/info/plasma-5.11.2.php") + (home-page "https://www.kde.org/info/plasma-5.11.4.php") (synopsis "Network enabled task and system monitoring") (description "KSysGuard can obtain information on system load and manage running processes. It obtains this information by interacting -- cgit 1.4.1 From 49ab09e6999b725a492796b87abe18535fafd1ba Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 13:38:32 +0000 Subject: gnu: perl-zip: Tweak synopsis & description. * gnu/packages/compression.scm (perl-zip)[synopsis]: Capitalise consisently. [description]: Use @code{}. --- gnu/packages/compression.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index b6ad3c9a1f..b85ff4b0bd 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1815,9 +1815,9 @@ recreates the stored directory structure by default.") (base32 "0m31qlppg65vh32pwxkwjby02q70abx49d2yk6vfd4585fqb27cx")))) (build-system perl-build-system) - (synopsis "Provides an interface to ZIP archive files") - (description "The Archive::Zip module allows a Perl program to create, -manipulate, read, and write Zip archive files.") + (synopsis "Provides an interface to Zip archive files") + (description "The @code{Archive::Zip} module allows a Perl program to +create, manipulate, read, and write Zip archive files.") (home-page "http://search.cpan.org/~adamk/Archive-Zip-1.30/") (license license:perl-license))) -- cgit 1.4.1 From e84f22257f1069588c115c85e93d98d056bafb69 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 16:44:38 +0000 Subject: gnu: Add perl-super. * gnu/packages/perl.scm (perl-super): New public variable. --- gnu/packages/perl.scm | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index 0fc6808537..9978cfa869 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -15,7 +15,7 @@ ;;; Copyright © 2017 Raoul J.P. Bonnal ;;; Copyright © 2017 Marius Bakke ;;; Copyright © 2017 Adriano Peluso -;;; Copyright © 2017 Tobias Geerinckx-Rice +;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2017 Leo Famulari ;;; Copyright © 2017 Christopher Allan Webber ;;; @@ -7106,6 +7106,32 @@ The idea is just to fool caller(). All the really naughty bits of Tcl's uplevel() are avoided.") (license (package-license perl)))) +(define-public perl-super + (package + (name "perl-super") + (version "1.20141117") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://cpan/authors/id/C/CH/CHROMATIC/" + "SUPER-" version ".tar.gz")) + (sha256 + (base32 "1cn05kacg0xfbm1zzksm2yx2pnrzqja4d9163cxv3sdfc1yhwqhs")))) + (build-system perl-build-system) + (native-inputs + `(("perl-module-build" ,perl-module-build))) + (propagated-inputs + `(("perl-sub-identify" ,perl-sub-identify))) + (home-page "http://search.cpan.org/dist/SUPER/") + (synopsis "Control superclass method dispatching") + (description + "When subclassing a class, you may occasionally want to dispatch control to +the superclass---at least conditionally and temporarily. This module provides +nicer equivalents to the native Perl syntax for calling superclasses, along with +a universal @code{super} method to determine a class' own superclass, and better +support for run-time mix-ins and roles.") + (license perl-license))) + (define-public perl-svg (package (name "perl-svg") -- cgit 1.4.1 From f1a2cb94ca52cab62831b1b18a9f78729fa24d03 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 17:10:48 +0000 Subject: gnu: perl-check: Request to add packages alphabetically. * gnu/packages/perl-check.scm: Copy comment from gnu/packages/perl.scm. --- gnu/packages/perl-check.scm | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/gnu/packages/perl-check.scm b/gnu/packages/perl-check.scm index 5df2940bd6..1a66a0fc51 100644 --- a/gnu/packages/perl-check.scm +++ b/gnu/packages/perl-check.scm @@ -35,6 +35,11 @@ #:use-module (guix build-system perl) #:use-module (gnu packages perl)) +;;; +;;; Please: Try to add new module packages in alphabetic order. +;;; + + (define-public perl-test2-bundle-extended (package (name "perl-test2-bundle-extended") -- cgit 1.4.1 From d948fe7ce84a3e072eb503a7b76045b1033ba13d Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 11:55:40 +0000 Subject: gnu: Add perl-test-mockmodule. * gnu/packages/perl-check.scm (perl-test-mockmodule): New public variable. --- gnu/packages/perl-check.scm | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/gnu/packages/perl-check.scm b/gnu/packages/perl-check.scm index 1a66a0fc51..121ebec414 100644 --- a/gnu/packages/perl-check.scm +++ b/gnu/packages/perl-check.scm @@ -10,7 +10,7 @@ ;;; Copyright © 2017 Leo Famulari ;;; Copyright © 2017 Christopher Baines ;;; Copyright © 2017 Petter -;;; Copyright © 2017 Tobias Geerinckx-Rice +;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -611,6 +611,36 @@ memory_cycle_ok( $object ); @end example") (license artistic2.0))) +(define-public perl-test-mockmodule + (package + (name "perl-test-mockmodule") + (version "0.13") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://cpan/authors/id/G/GF/GFRANKS/" + "Test-MockModule-" version ".tar.gz")) + (sha256 + (base32 "0lwh6fvnc16r6d74vvh5h4b5a1spcslpjb3mcqbv23k01lm78wvl")))) + (build-system perl-build-system) + (native-inputs + `(("perl-module-build" ,perl-module-build) + ;; For tests. + ("perl-test-pod" ,perl-test-pod) + ("perl-test-pod-coverage" ,perl-test-pod-coverage))) + (propagated-inputs + `(("perl-super" ,perl-super))) + (home-page "http://search.cpan.org/dist/Test-MockModule/") + (synopsis "Override subroutines in a module for unit testing") + (description + "@code{Test::MockModule} lets you temporarily redefine subroutines in other +packages for the purposes of unit testing. A @code{Test::MockModule} object is +set up to mock subroutines for a given module. The mocked object remembers the +original subroutine so it can be easily restored. This happens automatically +when all @code{MockModule} objects for the given module go out of scope, or when +you @code{unmock()} the subroutine.") + (license gpl3))) + (define-public perl-test-mockobject (package (name "perl-test-mockobject") -- cgit 1.4.1 From d5960bf7c2273d77f76916cec24af9623a16e02c Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 16:16:54 +0000 Subject: gnu: perl-zip: Update to 1.60. * gnu/packages/compression.scm (perl-zip): Update to 1.60. [native-inputs]: Add perl-test-mockmodule. [home-page]: Use version-independent URL. --- gnu/packages/compression.scm | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index b85ff4b0bd..4948fd2d47 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -10,7 +10,7 @@ ;;; Copyright © 2015, 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Ben Woodcroft ;;; Copyright © 2016 Danny Milosavljevic -;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2016 David Craven ;;; Copyright © 2016 Kei Kebreau ;;; Copyright © 2016 Marius Bakke @@ -58,6 +58,7 @@ #:use-module (gnu packages java) #:use-module (gnu packages maths) #:use-module (gnu packages perl) + #:use-module (gnu packages perl-check) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) #:use-module (gnu packages tls) @@ -1804,21 +1805,24 @@ recreates the stored directory structure by default.") (define-public perl-zip (package (name "perl-zip") - (version "1.59") + (version "1.60") (source (origin (method url-fetch) (uri (string-append - "mirror://cpan/authors/id/A/AD/ADAMK/Archive-Zip-" + "mirror://cpan/authors/id/P/PH/PHRED/Archive-Zip-" version ".tar.gz")) (sha256 (base32 - "0m31qlppg65vh32pwxkwjby02q70abx49d2yk6vfd4585fqb27cx")))) + "02y2ylq83hy9kgj57sc0239x65br9sm98c0chsm61s08yc2mpiza")))) (build-system perl-build-system) + (native-inputs + ;; For tests. + `(("perl-test-mockmodule" ,perl-test-mockmodule))) (synopsis "Provides an interface to Zip archive files") (description "The @code{Archive::Zip} module allows a Perl program to create, manipulate, read, and write Zip archive files.") - (home-page "http://search.cpan.org/~adamk/Archive-Zip-1.30/") + (home-page "http://search.cpan.org/dist/Archive-Zip/") (license license:perl-license))) (define-public libzip -- cgit 1.4.1 From b6f024ada7cb01660156ab552c4061fab8df63a9 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 16:15:27 +0000 Subject: gnu: Rename perl-zip to perl-archive-zip. It's called Archive::Zip, after all. Bring it in line with other modules. * gnu/packages/compression.scm (perl-zip): Rename from this... (perl-archive-zip): ...to this. * gnu/packages/libreoffice.scm (libreoffice): Update the only caller. --- gnu/packages/compression.scm | 4 ++-- gnu/packages/libreoffice.scm | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index 4948fd2d47..ae6710b25d 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1802,9 +1802,9 @@ recreates the stored directory structure by default.") "ZZipLib is a library based on zlib for accessing zip files.") (license license:lgpl2.0+))) -(define-public perl-zip +(define-public perl-archive-zip (package - (name "perl-zip") + (name "perl-archive-zip") (version "1.60") (source (origin diff --git a/gnu/packages/libreoffice.scm b/gnu/packages/libreoffice.scm index 6524e58400..799b062439 100644 --- a/gnu/packages/libreoffice.scm +++ b/gnu/packages/libreoffice.scm @@ -926,7 +926,7 @@ and to return information on pronunciations, meanings and synonyms.") ("openssl" ,openssl) ("orcus" ,orcus) ("perl" ,perl) - ("perl-zip" ,perl-zip) + ("perl-archive-zip" ,perl-archive-zip) ("poppler" ,poppler) ("postgresql" ,postgresql) ("python" ,python) -- cgit 1.4.1 From f0904b26d1d07423f99605a34dc08b720396c2b3 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 17:44:01 +0000 Subject: gnu: perl-archive-zip: Remove duplicate package definition. * gnu/packages/perl.scm (perl-archive-zip): Remove duplicate variable. --- gnu/packages/perl.scm | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index 9978cfa869..eeeef6eefa 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -42,6 +42,7 @@ #:use-module (guix build-system gnu) #:use-module (guix build-system perl) #:use-module (gnu packages base) + #:use-module (gnu packages compression) #:use-module (gnu packages perl-check) #:use-module (gnu packages perl-web) #:use-module (gnu packages pkg-config)) @@ -261,26 +262,6 @@ variable ANY_MOOSE to be Moose or Mouse.") configuration files and parsing command line arguments.") (license (package-license perl)))) -(define-public perl-archive-zip - (package - (name "perl-archive-zip") - (version "1.30") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://cpan/authors/id/A/AD/ADAMK/Archive-Zip-" - version ".tar.gz")) - (sha256 - (base32 - "0633zah5z9njiqnvy3vh42fjymncmil1jdfb7d18w8xpfzzp5d7q")))) - (build-system perl-build-system) - (synopsis "Perl API to zip files") - (description "The Archive::Zip module allows a Perl program to create, -manipulate, read, and write Zip archive files.") - (home-page "http://search.cpan.org/~phred/Archive-Zip-1.37/lib/Archive/Zip.pm") - (license (package-license perl)))) - (define-public perl-array-utils (package (name "perl-array-utils") -- cgit 1.4.1 From ff18d0f18644a4bd6b2130f3c4f6a6890a833d26 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 17:17:05 +0000 Subject: gnu: ansible: Use HTTPS for home page. * gnu/packages/admin.scm (ansible)[home-page]: Use HTTPS. --- gnu/packages/admin.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index f8b0cc388e..dd24ff0c8f 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -1413,7 +1413,7 @@ of supported upstream metrics systems simultaneously.") ("python2-paramiko" ,python2-paramiko))) (arguments `(#:python ,python-2)) ; incompatible with Python 3 - (home-page "http://ansible.com/") + (home-page "https://www.ansible.com/") (synopsis "Radically simple IT automation") (description "Ansible is a radically simple IT automation system. It handles configuration-management, application deployment, cloud provisioning, -- cgit 1.4.1 From c89b9d63e13ae1950d048bd7cdca7d0d1a367ebf Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 21:45:00 +0000 Subject: gnu: moreutils: Update to 0.62. * gnu/packages/moreutils.scm (moreutils): Update to 0.62. --- gnu/packages/moreutils.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/moreutils.scm b/gnu/packages/moreutils.scm index bb6228af7f..34bce23c30 100644 --- a/gnu/packages/moreutils.scm +++ b/gnu/packages/moreutils.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2016, 2017 Efraim Flashner -;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,7 +30,7 @@ (define-public moreutils (package (name "moreutils") - (version "0.61") + (version "0.62") (source (origin (method url-fetch) @@ -43,7 +43,7 @@ name "-" version ".tar.gz"))) (sha256 (base32 - "12rhzy8hw8vljlf10b7ys9zky0p94fdvd6ihq8w8cnkia4rd6izb")))) + "1gc3rswr0jl0z42pbrmw2zc4gxsyp60hq8cnvrlsig1vk1s9vpwx")))) (build-system gnu-build-system) ;; For building the manual pages. (native-inputs -- cgit 1.4.1 From e22473ffe289f49127c42e7819fcd3acbd51ffad Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 19:13:36 +0000 Subject: gnu: ansible: Update to 2.4.2.0. * gnu/packages/admin.scm (ansible): Update to 2.4.2.0. [description]: Redistribute hyphens. --- gnu/packages/admin.scm | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index dd24ff0c8f..d90bc7c050 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2016 Peter Feigl ;;; Copyright © 2016 John J. Foerch ;;; Copyright © 2016, 2017 ng0 -;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2016 John Darrington ;;; Copyright © 2017 Ben Sturmfels ;;; Copyright © 2017 Ethan R. Jones @@ -1387,14 +1387,14 @@ of supported upstream metrics systems simultaneously.") (define-public ansible (package (name "ansible") - (version "2.4.1.0") + (version "2.4.2.0") (source (origin (method url-fetch) (uri (pypi-uri "ansible" version)) (sha256 (base32 - "0spv0kjaicwss4q52s727b6grdizcxpa0bbsfg26pgf5kjrayqfs")) + "0n3n9py4s3aykiii31xq8g4wmd6693jvby0424pjrg0bna01apri")) (patches (search-patches "ansible-wrap-program-hack.patch")))) (build-system python-build-system) (native-inputs @@ -1416,9 +1416,9 @@ of supported upstream metrics systems simultaneously.") (home-page "https://www.ansible.com/") (synopsis "Radically simple IT automation") (description "Ansible is a radically simple IT automation system. It -handles configuration-management, application deployment, cloud provisioning, -ad-hoc task-execution, and multinode orchestration - including trivializing -things like zero downtime rolling updates with load balancers.") +handles configuration management, application deployment, cloud provisioning, +ad hoc task execution, and multinode orchestration---including trivializing +things like zero-downtime rolling updates with load balancers.") (license license:gpl3+))) (define-public cpulimit -- cgit 1.4.1 From ddf38ece8a4368df47cb0b5ee05ef37ed60bcfca Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 20:13:14 +0000 Subject: gnu: htslib: Update to 1.6. * gnu/packages/bioinformatics.scm (htslib): Update to 1.6. --- gnu/packages/bioinformatics.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index a1db9eedb6..02398479f9 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Marius Bakke ;;; Copyright © 2016 Raoul Bonnal -;;; Copyright © 2017 Tobias Geerinckx-Rice +;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2017 Arun Isaac ;;; ;;; This file is part of GNU Guix. @@ -3213,7 +3213,7 @@ VCF.") (define-public htslib (package (name "htslib") - (version "1.5") + (version "1.6") (source (origin (method url-fetch) (uri (string-append @@ -3221,7 +3221,7 @@ VCF.") version "/htslib-" version ".tar.bz2")) (sha256 (base32 - "0bcjmnbwp2bib1z1bkrp95w9v2syzdwdfqww10mkb1hxlmg52ax0")))) + "1jsca3hg4rbr6iqq6imkj4lsvgl8g9768bcmny3hlff2w25vx24m")))) (build-system gnu-build-system) (arguments `(#:phases -- cgit 1.4.1 From 685651845677d1a79ac037cf685e3dd00991999a Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 22:43:37 +0000 Subject: gnu: python-pysam: Update to 0.13.0. * gnu/packages/bioinformatics.scm (python-pysam): Update to 0.13.0. --- gnu/packages/bioinformatics.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 02398479f9..78eb2947d4 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -1439,7 +1439,7 @@ multiple sequence alignments.") (define-public python-pysam (package (name "python-pysam") - (version "0.11.2.2") + (version "0.13.0") (source (origin (method url-fetch) ;; Test data is missing on PyPi. @@ -1449,7 +1449,7 @@ multiple sequence alignments.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1cfqdxsqs3xhacns9n0271ck6wkc76px66ddjm91wfw2jxxfklvc")) + "0dzap2axin9cbbl0d825w294bpn00zagfm1sigamm4v2pm5bj9lp")) (modules '((guix build utils))) (snippet ;; Drop bundled htslib. TODO: Also remove samtools and bcftools. -- cgit 1.4.1 From 06e57331fc22750c7c7a020fd1f8e4a36e6ff4ba Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Tue, 2 Jan 2018 08:29:39 +0100 Subject: gnu: wine: Update synopsis. * gnu/packages/wine.scm (wine)[synopsis]: Clarify synopsis. --- gnu/packages/wine.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index d5309fd986..89ee9f91dd 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2014, 2015 Sou Bunnbu ;;; Copyright © 2016 Ricardo Wurmus ;;; Copyright © 2016, 2017 Efraim Flashner -;;; Copyright © 2017 Rutger Helling +;;; Copyright © 2017, 2018 Rutger Helling ;;; Copyright © 2017 Nicolas Goaziou ;;; ;;; This file is part of GNU Guix. @@ -147,7 +147,7 @@ (format #f "~a\"~a\"" defso (find-so soname)))) #t)))))) (home-page "https://www.winehq.org/") - (synopsis "Implementation of the Windows API") + (synopsis "Implementation of the Windows API (32-bit only)") (description "Wine (originally an acronym for \"Wine Is Not an Emulator\") is a compatibility layer capable of running Windows applications. Instead of -- cgit 1.4.1 From 95c45e53497e30af28bdfd6947801731c9d9f27b Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Tue, 2 Jan 2018 08:25:23 +0100 Subject: gnu: wine-staging: Update synopsis. * gnu/packages/wine.scm (wine-staging)[synopsis]: Clarify synopsis. --- gnu/packages/wine.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 89ee9f91dd..28e6f55b12 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -234,7 +234,7 @@ integrate Windows applications into your desktop.") (inputs `(("gtk+", gtk+) ("libva", libva) ,@(package-inputs wine))) - (synopsis "Implementation of the Windows API (staging branch)") + (synopsis "Implementation of the Windows API (staging branch, 32-bit only)") (description "Wine-Staging is the testing area of Wine. It contains bug fixes and features, which have not been integrated into the development branch yet. The idea of Wine-Staging is to provide -- cgit 1.4.1 From 68e4921130a9ff8231e971df06dbe4a71998165c Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Tue, 2 Jan 2018 11:33:16 +0100 Subject: gnu: wine64: Copy missing man file. * gnu/packages/wine.scm (wine64)[arguments]: Copy missing man file from "wine" input. Clarify 'copy-wine32-files phase with comments. [synopsis]: Use proper "WoW64" term. --- gnu/packages/wine.scm | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 28e6f55b12..91aa56de4c 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -175,6 +175,7 @@ integrate Windows applications into your desktop.") (modify-phases %standard-phases (add-after 'install 'copy-wine32-files (lambda* (#:key outputs #:allow-other-keys) + ;; Copy the 32-bit binaries needed for WoW64. (copy-file (string-append (assoc-ref %build-inputs "wine") "/bin/wine") (string-append (assoc-ref %outputs "out") "/bin/wine")) @@ -182,6 +183,12 @@ integrate Windows applications into your desktop.") "/bin/wine-preloader") (string-append (assoc-ref %outputs "out") "/bin/wine-preloader")) + ;; Copy the missing man file for the wine binary from wine. + (system (string-append "gunzip < " (string-append (assoc-ref + %build-inputs "wine") + "/share/man/man1/wine.1.gz") "> " + (string-append (assoc-ref %outputs "out") + "/share/man/man1/wine.1"))) #t)) (add-after 'configure 'patch-dlopen-paths ;; Hardcode dlopened sonames to absolute paths. @@ -200,7 +207,7 @@ integrate Windows applications into your desktop.") ,@(strip-keyword-arguments '(#:configure-flags #:make-flags #:phases #:system) (package-arguments wine)))) - (synopsis "Implementation of the Windows API (WOW64 version)") + (synopsis "Implementation of the Windows API (WoW64 version)") (supported-systems '("x86_64-linux" "aarch64-linux")))) ;; TODO: This is wine development version, provided for historical reasons. -- cgit 1.4.1 From 1adc6013fe3c7bc8e7f9b83268c0cc328b1a3fea Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Tue, 2 Jan 2018 11:34:17 +0100 Subject: gnu: wine64-staging: Copy missing man file. * gnu/packages/wine.scm (wine64-staging)[arguments]: Copy missing man file from "wine-staging" input. Clarify 'copy-wine32-files phase with comments. [synopsis]: Use proper "WoW64" term. --- gnu/packages/wine.scm | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 91aa56de4c..857047e733 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -270,6 +270,7 @@ integrated into the main branch.") (modify-phases %standard-phases (add-after 'install 'copy-wine32-files (lambda* (#:key outputs #:allow-other-keys) + ;; Copy the 32-bit binaries needed for WoW64. (copy-file (string-append (assoc-ref %build-inputs "wine-staging") "/bin/wine") (string-append (assoc-ref %outputs "out") "/bin/wine")) @@ -277,6 +278,12 @@ integrated into the main branch.") "/bin/wine-preloader") (string-append (assoc-ref %outputs "out") "/bin/wine-preloader")) + ;; Copy the missing man file for the wine binary from wine-staging. + (system (string-append "gunzip < " (string-append (assoc-ref + %build-inputs "wine-staging") + "/share/man/man1/wine.1.gz") "> " + (string-append (assoc-ref %outputs "out") + "/share/man/man1/wine.1"))) #t)) (add-after 'configure 'patch-dlopen-paths ;; Hardcode dlopened sonames to absolute paths. @@ -295,6 +302,6 @@ integrated into the main branch.") ,@(strip-keyword-arguments '(#:configure-flags #:make-flags #:phases #:system) (package-arguments wine-staging)))) - (synopsis "Implementation of the Windows API (staging branch, WOW64 + (synopsis "Implementation of the Windows API (staging branch, WoW64 version)") (supported-systems '("x86_64-linux" "aarch64-linux")))) -- cgit 1.4.1 From 7edee3442722bd4adab44f79b0336af51c0254ef Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 2 Jan 2018 12:06:00 +0100 Subject: gnu: ribotaper: Wrap executables. * gnu/packages/bioinformatics.scm (ribotaper)[arguments]: Add phase "wrap-executables". --- gnu/packages/bioinformatics.scm | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 78eb2947d4..8a482813db 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -493,6 +493,20 @@ BED, GFF/GTF, VCF.") (base32 "0ykjbps1y3z3085q94npw8i9x5gldc6shy8vlc08v76zljsm07hv")))) (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'install 'wrap-executables + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out"))) + (for-each + (lambda (script) + (wrap-program (string-append out "/bin/" script) + `("R_LIBS_SITE" ":" = (,(getenv "R_LIBS_SITE"))))) + '("create_annotations_files.bash" + "create_metaplots.bash" + "Ribotaper_ORF_find.sh" + "Ribotaper.sh")))))))) (inputs `(("bedtools" ,bedtools-2.18) ("samtools" ,samtools-0.1) -- cgit 1.4.1 From 8057dee15bb4b1c59ade1728dfdbdc0046d16091 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 1 Jan 2018 22:55:54 +0000 Subject: gnu: htslib: Mark up description. * gnu/packages/bioinformatics.scm (htslib)[description]: Use @command{}. --- gnu/packages/bioinformatics.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 8a482813db..ce66ce0d37 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -3256,7 +3256,8 @@ VCF.") (synopsis "C library for reading/writing high-throughput sequencing data") (description "HTSlib is a C library for reading/writing high-throughput sequencing -data. It also provides the bgzip, htsfile, and tabix utilities.") +data. It also provides the @command{bgzip}, @command{htsfile}, and +@command{tabix} utilities.") ;; Files under cram/ are released under the modified BSD license; ;; the rest is released under the Expat license (license (list license:expat license:bsd-3)))) -- cgit 1.4.1 From 1c848029b7b24beb0d4dcb4eff46b7fb2787c29e Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 2 Jan 2018 12:18:01 +0000 Subject: gnu: re2: Update to 2018-01-01. * gnu/packages/regex.scm (re2): Update to 2018-01-01. --- gnu/packages/regex.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/regex.scm b/gnu/packages/regex.scm index 4648a4d004..20242322b1 100644 --- a/gnu/packages/regex.scm +++ b/gnu/packages/regex.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2014 John Darrington ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Marius Bakke +;;; Copyright © 2018 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -28,7 +29,7 @@ (define-public re2 (package (name "re2") - (version "2017-12-01") + (version "2018-01-01") (source (origin (method url-fetch) (uri @@ -38,7 +39,7 @@ (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "03gv50hv7yaspx3ls8g8l1yj8nszbc3mplhcf4cr95fcsxy7wyb2")))) + "1hhp8gi0lzw1mvnksb112rc9kcz4j9kjic7v6gbgzyfgk43996mr")))) (build-system gnu-build-system) (arguments `(#:modules ((guix build gnu-build-system) -- cgit 1.4.1 From 02482f5d29a165bb0c58bfac29696189b6a46604 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 2 Jan 2018 11:49:46 +0000 Subject: gnu: knot: Update to 2.6.4. * gnu/packages/dns.scm (knot): Update to 2.6.4. --- gnu/packages/dns.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index e0197fca32..85b44fb6fb 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -5,7 +5,7 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 John Darrington ;;; Copyright © 2016 ng0 -;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2016 Marius Bakke ;;; Copyright © 2017 Vasile Dumitrascu ;;; Copyright © 2017 Gregor Giesen @@ -483,14 +483,14 @@ Extensions} (DNSSEC).") (define-public knot (package (name "knot") - (version "2.6.3") + (version "2.6.4") (source (origin (method url-fetch) (uri (string-append "https://secure.nic.cz/files/knot-dns/" name "-" version ".tar.xz")) (sha256 (base32 - "143pk2124liiq1r4ja1s579nbv3hm2scbbfbfclc2pw60r07mcig")) + "0siqfm6iibx5yfshw40wa2dvmh99bibda6bmj96mbkby0jskf38x")) (modules '((guix build utils))) (snippet '(begin -- cgit 1.4.1 From ab8a4a78d53717f528149982a32c496ae1c874fa Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Thu, 28 Dec 2017 17:06:49 +0530 Subject: gnu: Add emacs-evil-smartparens. * gnu/packages/emacs.scm (emacs-evil-smartparens): New variable. --- gnu/packages/emacs.scm | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 9f80f241b8..538c79a50f 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -6574,3 +6574,28 @@ Feautures: "@code{evil-matchit} is a minor mode for jumping between matching tags in evil mode using @kbd{%}. It is a port of @code{matchit} for Vim.") (license license:gpl3+))) + +(define-public emacs-evil-smartparens + (package + (name "emacs-evil-smartparens") + (version "0.4.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://github.com/expez/evil-smartparens/archive/" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "1bwzdd3054d407d5j4m3njsbvmc9r8zzp33m32pj3b3irxrl68q0")))) + (build-system emacs-build-system) + (propagated-inputs + `(("emacs-evil" ,emacs-evil) + ("emacs-smartparens" ,emacs-smartparens))) + (home-page "https://github.com/expez/evil-smartparens") + (synopsis "Emacs Evil integration for Smartparens") + (description "@code{emacs-evil-smartparens} is an Emacs minor mode which +makes Evil play nice with Smartparens. Evil is an Emacs minor mode that +emulates Vim features and provides Vim-like key bindings.") + (license license:gpl3+))) -- cgit 1.4.1 From 48a716c484c45594de86aa91c2ba5e80eb931a63 Mon Sep 17 00:00:00 2001 From: Adriano Peluso Date: Wed, 3 Jan 2018 01:08:11 +0100 Subject: gnu: OBS Studio: Update to 20.1.3 * gnu/packages/video.scm (obs): Update to 20.1.3 Signed-off-by: Leo Famulari --- gnu/packages/video.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index d9718e84f0..2d638abfe8 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -1808,7 +1808,7 @@ be used for realtime video capture via Linux-specific APIs.") (define-public obs (package (name "obs") - (version "18.0.2") + (version "20.1.3") (source (origin (method url-fetch) (uri (string-append "https://github.com/jp9000/obs-studio" @@ -1816,7 +1816,7 @@ be used for realtime video capture via Linux-specific APIs.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "02pbiyvf5x0zh448h5rpmyn33qnsqk694xxlyns83mdi74savyqw")))) + "1g5z6z050v25whc7n3xvg6l238wmg5crp7ihvk73qngvzxr8bg28")))) (build-system cmake-build-system) (arguments `(#:tests? #f)) ; no tests -- cgit 1.4.1 From 7526338837baf4d6ceef922b09df6967ff3aa6ec Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 2 Jan 2018 21:40:16 -0500 Subject: gnu: httpd: Update to 2.4.29. * gnu/packages/web.scm (httpd): Update to 2.4.29. [source]: Remove patch. * gnu/packages/patches/httpd-CVE-2017-9798.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/patches/httpd-CVE-2017-9798.patch | 22 ---------------------- gnu/packages/web.scm | 5 ++--- 3 files changed, 2 insertions(+), 26 deletions(-) delete mode 100644 gnu/packages/patches/httpd-CVE-2017-9798.patch diff --git a/gnu/local.mk b/gnu/local.mk index e9b3002b68..afa25e8c06 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -746,7 +746,6 @@ dist_patch_DATA = \ %D%/packages/patches/heimdal-CVE-2017-11103.patch \ %D%/packages/patches/hmmer-remove-cpu-specificity.patch \ %D%/packages/patches/higan-remove-march-native-flag.patch \ - %D%/packages/patches/httpd-CVE-2017-9798.patch \ %D%/packages/patches/hubbub-sort-entities.patch \ %D%/packages/patches/hurd-fix-eth-multiplexer-dependency.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ diff --git a/gnu/packages/patches/httpd-CVE-2017-9798.patch b/gnu/packages/patches/httpd-CVE-2017-9798.patch deleted file mode 100644 index 8391a3db4a..0000000000 --- a/gnu/packages/patches/httpd-CVE-2017-9798.patch +++ /dev/null @@ -1,22 +0,0 @@ -Fixes "options bleed", aka. CVE-2017-9798: - - https://nvd.nist.gov/vuln/detail/CVE-2017-9798 - https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html - -From . - ---- a/server/core.c 2017/08/16 16:50:29 1805223 -+++ b/server/core.c 2017/09/08 13:13:11 1807754 -@@ -2266,6 +2266,12 @@ - /* method has not been registered yet, but resource restriction - * is always checked before method handling, so register it. - */ -+ if (cmd->pool == cmd->temp_pool) { -+ /* In .htaccess, we can't globally register new methods. */ -+ return apr_psprintf(cmd->pool, "Could not register method '%s' " -+ "for %s from .htaccess configuration", -+ method, cmd->cmd->name); -+ } - methnum = ap_method_register(cmd->pool, - apr_pstrdup(cmd->pool, method)); - } diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index c8ad735423..a0d9e7a329 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -109,15 +109,14 @@ (define-public httpd (package (name "httpd") - (version "2.4.27") + (version "2.4.29") (source (origin (method url-fetch) (uri (string-append "mirror://apache/httpd/httpd-" version ".tar.bz2")) (sha256 (base32 - "0fn1778mxhf78np2d8qlycg1c2ak18rxax41plahasca4clc3z3i")) - (patches (search-patches "httpd-CVE-2017-9798.patch")))) + "003z3yckkdihfv69rgqsik1w2jsnh14j3ci8fjia4s2mlajm6xvp")))) (build-system gnu-build-system) (native-inputs `(("pcre" ,pcre "bin"))) ;for 'pcre-config' (inputs `(("apr" ,apr) -- cgit 1.4.1 From a684e38d73964f9694be0ef2ae796fdb8a40075e Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 2 Jan 2018 21:46:28 -0500 Subject: gnu: python-mistune: Update to 0.8.3 [fixes CVE-2017-{15612,16876}]. * gnu/packages/python.scm (python-mistune, python2-mistune): Update to 0.8.3. --- gnu/packages/python.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 07302c729e..832afe8356 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -5381,14 +5381,14 @@ plugins that intend to support Flake8 2.x and 3.x simultaneously.") (define-public python-mistune (package (name "python-mistune") - (version "0.7.3") + (version "0.8.3") (source (origin (method url-fetch) (uri (pypi-uri "mistune" version)) (sha256 (base32 - "04xpk1zvslhq3xpnf01g3ag0dy9wfv4z28p093r8k49vvxlyil11")))) + "06b662p6kf46wh2jsabaqhaq4bz1srh2zxkrnx4yg96azlxw645w")))) (build-system python-build-system) (native-inputs `(("python-nose" ,python-nose) -- cgit 1.4.1 From 3ee6315d8b509618d105942075c4fd0b60356d3f Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Wed, 3 Jan 2018 10:36:55 +0100 Subject: gnu: wine: Update to 2.0.4. * gnu/packages/wine.scm: Update to 2.0.4. --- gnu/packages/wine.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 857047e733..e12680da00 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -61,14 +61,14 @@ (define-public wine (package (name "wine") - (version "2.0.3") + (version "2.0.4") (source (origin (method url-fetch) (uri (string-append "https://dl.winehq.org/wine/source/2.0" "/wine-" version ".tar.xz")) (sha256 (base32 - "0mmyc94r5drffir8zr8jx6iawhgfzjk96fj494aa18vhz1jcc4d8")))) + "0nlq6apyq7hq36l3g6gw76lhi8ijz11v3v8m4vxy8d6x1qsppq5m")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("gettext" ,gettext-minimal) -- cgit 1.4.1 From 036f35772c5ffc2ede5bf6a47422ac2c349135f4 Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Wed, 3 Jan 2018 10:37:07 +0100 Subject: gnu: wine64: Fix arguments. * gnu/packages/wine.scm (wine64)[arguments]: Use new 'copy-wine32-binaries and 'copy-wine32-manpage phases instead of 'copy-wine32-files phase. --- gnu/packages/wine.scm | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index e12680da00..4ebc23f5e0 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -173,23 +173,24 @@ integrate Windows applications into your desktop.") (string-append "libdir=" %output "/lib/wine64")) #:phases (modify-phases %standard-phases - (add-after 'install 'copy-wine32-files + (add-after 'install 'copy-wine32-binaries (lambda* (#:key outputs #:allow-other-keys) - ;; Copy the 32-bit binaries needed for WoW64. - (copy-file (string-append (assoc-ref %build-inputs "wine") - "/bin/wine") (string-append (assoc-ref - %outputs "out") "/bin/wine")) - (copy-file (string-append (assoc-ref %build-inputs "wine") - "/bin/wine-preloader") (string-append - (assoc-ref %outputs "out") - "/bin/wine-preloader")) - ;; Copy the missing man file for the wine binary from wine. - (system (string-append "gunzip < " (string-append (assoc-ref - %build-inputs "wine") - "/share/man/man1/wine.1.gz") "> " - (string-append (assoc-ref %outputs "out") - "/share/man/man1/wine.1"))) - #t)) + (let* ((wine32 (assoc-ref %build-inputs "wine")) + (out (assoc-ref %outputs "out"))) + ;; Copy the 32-bit binaries needed for WoW64. + (copy-file (string-append wine32 "/bin/wine") + (string-append out "/bin/wine")) + (copy-file (string-append wine32 "/bin/wine-preloader") + (string-append out "/bin/wine-preloader")) + #t))) + (add-after 'compress-documentation 'copy-wine32-manpage + (lambda* (#:key outputs #:allow-other-keys) + (let* ((wine32 (assoc-ref %build-inputs "wine")) + (out (assoc-ref %outputs "out"))) + ;; Copy the missing man file for the wine binary from wine. + (copy-file (string-append wine32 "/share/man/man1/wine.1.gz") + (string-append out "/share/man/man1/wine.1.gz")) + #t))) (add-after 'configure 'patch-dlopen-paths ;; Hardcode dlopened sonames to absolute paths. (lambda _ -- cgit 1.4.1 From e6b94a0247f701c8f365a9a339f0c187d607f975 Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Wed, 3 Jan 2018 10:38:07 +0100 Subject: gnu: wine64-staging: Fix arguments. * gnu/packages/wine.scm (wine64-staging)[arguments]: Use new 'copy-wine32-binaries and 'copy-wine32-manpage phases instead of 'copy-wine32-files phase. --- gnu/packages/wine.scm | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 4ebc23f5e0..78f68385e0 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -269,23 +269,25 @@ integrated into the main branch.") (string-append "libdir=" %output "/lib/wine64")) #:phases (modify-phases %standard-phases - (add-after 'install 'copy-wine32-files + (add-after 'install 'copy-wine32-binaries + (lambda* (#:key outputs #:allow-other-keys) + (let* ((wine32 (assoc-ref %build-inputs "wine")) + (out (assoc-ref %outputs "out"))) + ;; Copy the 32-bit binaries needed for WoW64. + (copy-file (string-append wine32 "/bin/wine") + (string-append out "/bin/wine")) + (copy-file (string-append wine32 "/bin/wine-preloader") + (string-append out "/bin/wine-preloader")) + #t))) + (add-after 'compress-documentation 'copy-wine32-manpage (lambda* (#:key outputs #:allow-other-keys) - ;; Copy the 32-bit binaries needed for WoW64. - (copy-file (string-append (assoc-ref %build-inputs "wine-staging") - "/bin/wine") (string-append (assoc-ref - %outputs "out") "/bin/wine")) - (copy-file (string-append (assoc-ref %build-inputs "wine-staging") - "/bin/wine-preloader") (string-append - (assoc-ref %outputs "out") - "/bin/wine-preloader")) - ;; Copy the missing man file for the wine binary from wine-staging. - (system (string-append "gunzip < " (string-append (assoc-ref - %build-inputs "wine-staging") - "/share/man/man1/wine.1.gz") "> " - (string-append (assoc-ref %outputs "out") - "/share/man/man1/wine.1"))) - #t)) + (let* ((wine32 (assoc-ref %build-inputs "wine")) + (out (assoc-ref %outputs "out"))) + ;; Copy the missing man file for the wine binary from + ;; wine-staging. + (copy-file (string-append wine32 "/share/man/man1/wine.1.gz") + (string-append out "/share/man/man1/wine.1.gz")) + #t))) (add-after 'configure 'patch-dlopen-paths ;; Hardcode dlopened sonames to absolute paths. (lambda _ -- cgit 1.4.1 From 417903c63ce41030b288ac643aaa7ddb92ddfab1 Mon Sep 17 00:00:00 2001 From: Rutger Helling Date: Wed, 3 Jan 2018 10:56:44 +0100 Subject: gnu: wine64-staging: Fix incorrect input. * gnu/packages/wine.scm (wine64-staging): Copy from correct "wine-staging" input instead of "wine". --- gnu/packages/wine.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 78f68385e0..da7620cd3d 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -271,7 +271,7 @@ integrated into the main branch.") (modify-phases %standard-phases (add-after 'install 'copy-wine32-binaries (lambda* (#:key outputs #:allow-other-keys) - (let* ((wine32 (assoc-ref %build-inputs "wine")) + (let* ((wine32 (assoc-ref %build-inputs "wine-staging")) (out (assoc-ref %outputs "out"))) ;; Copy the 32-bit binaries needed for WoW64. (copy-file (string-append wine32 "/bin/wine") @@ -281,7 +281,7 @@ integrated into the main branch.") #t))) (add-after 'compress-documentation 'copy-wine32-manpage (lambda* (#:key outputs #:allow-other-keys) - (let* ((wine32 (assoc-ref %build-inputs "wine")) + (let* ((wine32 (assoc-ref %build-inputs "wine-staging")) (out (assoc-ref %outputs "out"))) ;; Copy the missing man file for the wine binary from ;; wine-staging. -- cgit 1.4.1 From ed8bdde9ced0e08cee898d38d13af02b249d44f1 Mon Sep 17 00:00:00 2001 From: Hartmut Goebel Date: Wed, 13 Dec 2017 18:02:05 +0100 Subject: gnu: kdelibs4support: Blacklist a recently failing test-function. --- gnu/packages/kde-frameworks.scm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gnu/packages/kde-frameworks.scm b/gnu/packages/kde-frameworks.scm index 72dff868cc..ef2a7cb07c 100644 --- a/gnu/packages/kde-frameworks.scm +++ b/gnu/packages/kde-frameworks.scm @@ -3359,6 +3359,10 @@ workspace.") (mkdir-p ".kde-unit-test/xdg/config") (with-output-to-file ".kde-unit-test/xdg/config/foorc" (lambda () #t)) ;; simply touch the file + ;; Blacklist a test-function (failing at build.kde.org, too). + (with-output-to-file "autotests/BLACKLIST" + (lambda _ + (display "[testSmb]\n*\n"))) ;; kuniqueapptest hangs. TODO: Make this test pass. (zero? (system* "dbus-launch" "ctest" "." "-E" "kstandarddirstest|kuniqueapptest"))))))) -- cgit 1.4.1 From 990e93fce16a83e1603b9ec28123ec3edc7ea787 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 31 Dec 2017 13:15:31 -0500 Subject: gnu: krita: Ensure icons are found at runtime. Fixes . * gnu/packages/kde.scm (krita)[arguments]: Set the QT_PLUGIN_PATH in a new 'wrap-executable' phase. --- gnu/packages/kde.scm | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/gnu/packages/kde.scm b/gnu/packages/kde.scm index 94834c336c..fdfca94e21 100644 --- a/gnu/packages/kde.scm +++ b/gnu/packages/kde.scm @@ -260,7 +260,21 @@ plugins, as well as code to create plugins, or complete applications.") (assoc-ref %build-inputs "libtiff")) (string-append "-DCMAKE_CXX_FLAGS=-I" (assoc-ref %build-inputs "ilmbase") - "/include/OpenEXR")))) + "/include/OpenEXR")) + #:phases + (modify-phases %standard-phases + ;; Ensure that icons are found at runtime + (add-after 'install 'wrap-executable + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out")) + (qt '("qtbase" "qtsvg"))) + (wrap-program (string-append out "/bin/krita") + `("QT_PLUGIN_PATH" ":" prefix + ,(map (lambda (label) + (string-append (assoc-ref inputs label) + "/lib/qt5/plugins/")) + qt))) + #t)))))) (native-inputs `(("curl" ,curl) ("eigen" ,eigen) -- cgit 1.4.1 From 1ee750ba4c76d9eff248b0f0657e0d8f119607ff Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 3 Jan 2018 12:33:07 -0500 Subject: gnu: krita: Add comment about the wrapper. * gnu/packages/kde.scm (krita): Add comment. --- gnu/packages/kde.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/kde.scm b/gnu/packages/kde.scm index fdfca94e21..f0df44528e 100644 --- a/gnu/packages/kde.scm +++ b/gnu/packages/kde.scm @@ -263,7 +263,8 @@ plugins, as well as code to create plugins, or complete applications.") "/include/OpenEXR")) #:phases (modify-phases %standard-phases - ;; Ensure that icons are found at runtime + ;; Ensure that icons are found at runtime. + ;; This works around . (add-after 'install 'wrap-executable (lambda* (#:key inputs outputs #:allow-other-keys) (let ((out (assoc-ref outputs "out")) -- cgit 1.4.1 From 0c84e8679c6d41e46416cfe97d63221a64beee55 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 3 Jan 2018 14:15:20 -0500 Subject: gnu: fossil: Fix CVE-2017-17459. * gnu/packages/patches/fossil-CVE-2017-17459.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/version-control.scm (fossil)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/fossil-CVE-2017-17459.patch | 57 ++++++++++++++++++++++++ gnu/packages/version-control.scm | 2 + 3 files changed, 60 insertions(+) create mode 100644 gnu/packages/patches/fossil-CVE-2017-17459.patch diff --git a/gnu/local.mk b/gnu/local.mk index afa25e8c06..6f540731e2 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -639,6 +639,7 @@ dist_patch_DATA = \ %D%/packages/patches/fltk-xfont-on-demand.patch \ %D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \ %D%/packages/patches/foomatic-filters-CVE-2015-8560.patch \ + %D%/packages/patches/fossil-CVE-2017-17459.patch \ %D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ diff --git a/gnu/packages/patches/fossil-CVE-2017-17459.patch b/gnu/packages/patches/fossil-CVE-2017-17459.patch new file mode 100644 index 0000000000..e566235b4e --- /dev/null +++ b/gnu/packages/patches/fossil-CVE-2017-17459.patch @@ -0,0 +1,57 @@ +Fix CVE-2017-17459: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17459 + +Patch copied from upstream source repository: + +https://www.fossil-scm.org/xfer/info/1f63db591c77108c + +Index: src/http_transport.c +================================================================== +--- src/http_transport.c ++++ src/http_transport.c +@@ -73,10 +73,23 @@ + if( resetFlag ){ + transport.nSent = 0; + transport.nRcvd = 0; + } + } ++ ++/* ++** Remove leading "-" characters from the input string. ++** ++** This prevents attacks that try to trick a victim into using ++** a ssh:// URI with a carefully crafted hostname of other ++** parameter that ends up being interpreted as a command-line ++** option by "ssh". ++*/ ++static const char *stripLeadingMinus(const char *z){ ++ while( z[0]=='-' ) z++; ++ return z; ++} + + /* + ** Default SSH command + */ + #ifdef _WIN32 +@@ -116,17 +129,17 @@ + }else{ + zHost = mprintf("%s", pUrlData->name); + } + n = blob_size(&zCmd); + blob_append(&zCmd, " ", 1); +- shell_escape(&zCmd, zHost); ++ shell_escape(&zCmd, stripLeadingMinus(zHost)); + blob_append(&zCmd, " ", 1); + shell_escape(&zCmd, mprintf("%s", pUrlData->fossil)); + blob_append(&zCmd, " test-http", 10); + if( pUrlData->path && pUrlData->path[0] ){ + blob_append(&zCmd, " ", 1); +- shell_escape(&zCmd, mprintf("%s", pUrlData->path)); ++ shell_escape(&zCmd, mprintf("%s", stripLeadingMinus(pUrlData->path))); + } + if( g.fSshTrace ){ + fossil_print("%s\n", blob_str(&zCmd)+n); /* Show tail of SSH command */ + } + free(zHost); + diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index cbf5ce7d87..d400afd6ef 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -1503,6 +1503,8 @@ repository\" with git-annex.") (string-append "https://www.fossil-scm.org/index.html/uv/" "fossil-src-" version ".tar.gz"))) + (patches (search-patches "fossil-CVE-2017-17459.patch")) + (patch-flags '("-p0")) (sha256 (base32 "0wfgacfg29dkl0c3l1rp5ji0kraa64gcbg5lh8p4m7mqdqcq53wv")))) -- cgit 1.4.1