From 460292af30f08567833926f0ee8b49287ba9c9bc Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 24 Apr 2018 20:19:38 +0200 Subject: gnu: qemu: Update to 2.12.0. * gnu/packages/patches/qemu-CVE-2018-7550.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. * gnu/packages/virtualization.scm (qemu): Update to 2.12.0. [source](patches): Remove. --- gnu/local.mk | 1 - 1 file changed, 1 deletion(-) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 056a46cb79..639dd943d6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1061,7 +1061,6 @@ dist_patch_DATA = \ %D%/packages/patches/python-unittest2-python3-compat.patch \ %D%/packages/patches/python-unittest2-remove-argparse.patch \ %D%/packages/patches/python-waitress-fix-tests.patch \ - %D%/packages/patches/qemu-CVE-2018-7550.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/qtbase-use-TZDIR.patch \ %D%/packages/patches/qtscript-disable-tests.patch \ -- cgit 1.4.1 From 379848ed31d995ed7ce38dd89bce7ea8679c13e7 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 26 Apr 2018 15:05:19 -0400 Subject: gnu: zsh: Update to 5.5.1. * gnu/packages/shells.scm (zsh): Update to 5.5.1. [source]: Remove obsolete patches. * gnu/packages/patches/zsh-CVE-2018-7548.patch, gnu/packages/patches/zsh-CVE-2018-7549.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 4 +- gnu/packages/patches/zsh-CVE-2018-7548.patch | 48 ------------------------ gnu/packages/patches/zsh-CVE-2018-7549.patch | 56 ---------------------------- gnu/packages/shells.scm | 10 ++--- 4 files changed, 5 insertions(+), 113 deletions(-) delete mode 100644 gnu/packages/patches/zsh-CVE-2018-7548.patch delete mode 100644 gnu/packages/patches/zsh-CVE-2018-7549.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 639dd943d6..6065d4c96b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1196,9 +1196,7 @@ dist_patch_DATA = \ %D%/packages/patches/xinetd-CVE-2013-4342.patch \ %D%/packages/patches/xmodmap-asprintf.patch \ %D%/packages/patches/libyaml-CVE-2014-9130.patch \ - %D%/packages/patches/zathura-plugindir-environment-variable.patch \ - %D%/packages/patches/zsh-CVE-2018-7548.patch \ - %D%/packages/patches/zsh-CVE-2018-7549.patch + %D%/packages/patches/zathura-plugindir-environment-variable.patch MISC_DISTRO_FILES = \ %D%/packages/ld-wrapper.in diff --git a/gnu/packages/patches/zsh-CVE-2018-7548.patch b/gnu/packages/patches/zsh-CVE-2018-7548.patch deleted file mode 100644 index 1ee15fad73..0000000000 --- a/gnu/packages/patches/zsh-CVE-2018-7548.patch +++ /dev/null @@ -1,48 +0,0 @@ -Fix CVE-2018-7548: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7548 - -Patch copied from upstream source repository: - -https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102 - -From 110b13e1090bc31ac1352b28adc2d02b6d25a102 Mon Sep 17 00:00:00 2001 -From: Joey Pabalinas -Date: Tue, 23 Jan 2018 22:28:08 -0800 -Subject: [PATCH] 42313: avoid null-pointer deref when using ${(PA)...} on an - empty array result - ---- - ChangeLog | 5 +++++ - Src/subst.c | 2 +- - 2 files changed, 6 insertions(+), 1 deletion(-) - -#diff --git a/ChangeLog b/ChangeLog -#index d2ba94afc..3037edda4 100644 -#--- a/ChangeLog -#+++ b/ChangeLog -#@@ -1,3 +1,8 @@ -#+2018-01-23 Barton E. Schaefer -#+ -#+ * Joey Pabalinas: 42313: Src/subst.c: avoid null-pointer deref -#+ when using ${(PA)...} on an empty array result -#+ -# 2018-01-23 Oliver Kiddle -# -# * 42317: Completion/Linux/Command/_cryptsetup, -diff --git a/Src/subst.c b/Src/subst.c -index d027e3d83..a265a187e 100644 ---- a/Src/subst.c -+++ b/Src/subst.c -@@ -2430,7 +2430,7 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt, int pf_flags, - val = aval[0]; - isarr = 0; - } -- s = dyncat(val, s); -+ s = val ? dyncat(val, s) : dupstring(s); - /* Now behave po-faced as if it was always like that... */ - subexp = 0; - /* --- -2.16.2 - diff --git a/gnu/packages/patches/zsh-CVE-2018-7549.patch b/gnu/packages/patches/zsh-CVE-2018-7549.patch deleted file mode 100644 index abefcdf2f9..0000000000 --- a/gnu/packages/patches/zsh-CVE-2018-7549.patch +++ /dev/null @@ -1,56 +0,0 @@ -Fix CVE-2018-7549: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7549 - -Patch copied from upstream source repository: - -https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd - -From c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd Mon Sep 17 00:00:00 2001 -From: Stephane Chazelas -Date: Fri, 22 Dec 2017 22:17:09 +0000 -Subject: [PATCH] Avoid crash copying empty hash table. - -Visible with typeset -p. ---- - ChangeLog | 2 ++ - Src/params.c | 11 +++++++---- - 2 files changed, 9 insertions(+), 4 deletions(-) - -#diff --git a/ChangeLog b/ChangeLog -#index f74c26b88..e3628cfa7 100644 -#--- a/ChangeLog -#+++ b/ChangeLog -#@@ -1,5 +1,7 @@ -# 2018-01-04 Peter Stephenson -# -#+ * Stephane: 42159: Src/params.c: avoid crash copying empty hash table. -#+ -# * Sebastian: 42188: Src/Modules/system.c: It is necessary to -# close the lock descriptor in some failure cases. -# -diff --git a/Src/params.c b/Src/params.c -index 31ff0445b..de7730ae7 100644 ---- a/Src/params.c -+++ b/Src/params.c -@@ -549,10 +549,13 @@ scancopyparams(HashNode hn, UNUSED(int flags)) - HashTable - copyparamtable(HashTable ht, char *name) - { -- HashTable nht = newparamtable(ht->hsize, name); -- outtable = nht; -- scanhashtable(ht, 0, 0, 0, scancopyparams, 0); -- outtable = NULL; -+ HashTable nht = 0; -+ if (ht) { -+ nht = newparamtable(ht->hsize, name); -+ outtable = nht; -+ scanhashtable(ht, 0, 0, 0, scancopyparams, 0); -+ outtable = NULL; -+ } - return nht; - } - --- -2.16.2 - diff --git a/gnu/packages/shells.scm b/gnu/packages/shells.scm index 8f3aa9b5f1..f0f25a0120 100644 --- a/gnu/packages/shells.scm +++ b/gnu/packages/shells.scm @@ -291,20 +291,18 @@ history mechanism, job control and a C-like syntax.") (define-public zsh (package (name "zsh") - (version "5.4.2") + (version "5.5.1") (source (origin (method url-fetch) (uri (list (string-append "http://www.zsh.org/pub/zsh-" version - ".tar.gz") + ".tar.xz") (string-append "http://www.zsh.org/pub/old/zsh-" version - ".tar.gz"))) - (patches (search-patches "zsh-CVE-2018-7548.patch" - "zsh-CVE-2018-7549.patch")) + ".tar.xz"))) (sha256 (base32 - "1jdcfinzmki2w963msvsanv29vqqfmdfm4rncwpw0r3zqnrcsywm")))) + "105aqkdfsdxc4531anrj2zis2ywz6icagjam9lsc235yzh48ihz1")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-tcsetpgrp" "--enable-pcre") #:phases -- cgit 1.4.1 From cbd9f91c326f5f57fb9dd4374069b215e2e7a5f6 Mon Sep 17 00:00:00 2001 From: Roel Janssen Date: Fri, 27 Apr 2018 01:05:18 +0200 Subject: gnu: bcftools: Update to 1.8. * gnu/packages/bioinformatics.scm (bcftools): Update to 1.8. * gnu/local.mk: Remove patch. * gnu/packages/patches/bcftools-regidx-unsigned-char.patch: Remove file. --- gnu/local.mk | 1 - gnu/packages/bioinformatics.scm | 7 +++---- gnu/packages/patches/bcftools-regidx-unsigned-char.patch | 16 ---------------- 3 files changed, 3 insertions(+), 21 deletions(-) delete mode 100644 gnu/packages/patches/bcftools-regidx-unsigned-char.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 6065d4c96b..3e093b791b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -575,7 +575,6 @@ dist_patch_DATA = \ %D%/packages/patches/azr3.patch \ %D%/packages/patches/bash-completion-directories.patch \ %D%/packages/patches/bazaar-CVE-2017-14176.patch \ - %D%/packages/patches/bcftools-regidx-unsigned-char.patch \ %D%/packages/patches/binutils-ld-new-dtags.patch \ %D%/packages/patches/binutils-loongson-workaround.patch \ %D%/packages/patches/blast+-fix-makefile.patch \ diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index fc5fe41115..d8b17f51e4 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -285,7 +285,7 @@ BAM files.") (define-public bcftools (package (name "bcftools") - (version "1.5") + (version "1.8") (source (origin (method url-fetch) (uri (string-append @@ -293,12 +293,11 @@ BAM files.") version "/bcftools-" version ".tar.bz2")) (sha256 (base32 - "0093hkkvxmbwfaa7905s6185jymynvg42kq6sxv7fili11l5mxwz")) - (patches (search-patches "bcftools-regidx-unsigned-char.patch")) + "1vgw2mwngq20c530zim52zvgmw1lci8rzl33pvh44xqk3xlzvjsa")) (modules '((guix build utils))) (snippet ;; Delete bundled htslib. - '(delete-file-recursively "htslib-1.5")))) + '(delete-file-recursively "htslib-1.8")))) (build-system gnu-build-system) (arguments `(#:test-target "test" diff --git a/gnu/packages/patches/bcftools-regidx-unsigned-char.patch b/gnu/packages/patches/bcftools-regidx-unsigned-char.patch deleted file mode 100644 index af5bc160f5..0000000000 --- a/gnu/packages/patches/bcftools-regidx-unsigned-char.patch +++ /dev/null @@ -1,16 +0,0 @@ -Description: Fix test-regidx argument parsing on archs with unsigned char - On architectures where char is unsigned "c >= 0" was always true. -Author: Adrian Bunk -Bug-Debian: https://bugs.debian.org/865060 - ---- a/test/test-regidx.c -+++ b/test/test-regidx.c -@@ -336,7 +336,7 @@ - {"seed",1,0,'s'}, - {0,0,0,0} - }; -- char c; -+ int c; - int seed = (int)time(NULL); - while ((c = getopt_long(argc, argv, "hvs:",loptions,NULL)) >= 0) - { -- cgit 1.4.1 From ca2158bb3a0f5de3108a4f81e6733a5309e9af1d Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 27 Apr 2018 00:34:46 +0200 Subject: gnu: pcmanfm: Update to 1.3.0. * gnu/packages/lxde.scm (pcmanfm): Update to 1.3.0. [source]: Remove patch. * gnu/packages/patches/pcmanfm-CVE-2017-8934.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/lxde.scm | 9 ++-- gnu/packages/patches/pcmanfm-CVE-2017-8934.patch | 56 ------------------------ 3 files changed, 4 insertions(+), 62 deletions(-) delete mode 100644 gnu/packages/patches/pcmanfm-CVE-2017-8934.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 3e093b791b..db1c260da6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -977,7 +977,6 @@ dist_patch_DATA = \ %D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchutils-xfail-gendiff-tests.patch \ %D%/packages/patches/patch-hurd-path-max.patch \ - %D%/packages/patches/pcmanfm-CVE-2017-8934.patch \ %D%/packages/patches/pcre2-CVE-2017-7186.patch \ %D%/packages/patches/pcre2-CVE-2017-8786.patch \ %D%/packages/patches/perl-file-path-CVE-2017-6512.patch \ diff --git a/gnu/packages/lxde.scm b/gnu/packages/lxde.scm index 97ab8720d6..67e66f8f6b 100644 --- a/gnu/packages/lxde.scm +++ b/gnu/packages/lxde.scm @@ -205,26 +205,25 @@ speed up the access to freedesktop.org defined application menus.") (define-public pcmanfm (package (name "pcmanfm") - (version "1.2.5") + (version "1.3.0") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/" name "/" "PCManFM%20%2B%20Libfm%20%28tarball%20release" "%29/PCManFM/" name "-" version ".tar.xz")) - (patches (search-patches "pcmanfm-CVE-2017-8934.patch")) (sha256 (base32 - "0rxdh0dfzc84l85c54blq42gczygq8adhr3l9hqzy1dp530cm1hc")))) + "1ywgfyklms5hqkapsbjps4kyx20ac0d1qk16ww74yagkyfdkwsas")))) (build-system gnu-build-system) (inputs `(("gtk+" ,gtk+-2) - ("gvfs" ,gvfs) ;for trash and mount support + ("gvfs" ,gvfs) ; for trash and mount support ("libfm" ,libfm) ("libx11" ,libx11))) (native-inputs `(("intltool" ,intltool) ("libtool" ,libtool) ("pkg-config" ,pkg-config))) (propagated-inputs - `(("lxmenu-data" ,lxmenu-data))) ;for "Open With..." application list + `(("lxmenu-data" ,lxmenu-data))) ; for "Open With..." application list (synopsis "LXDE file manager") (description "PCMan is a lightweight GTK+ based file manager, compliant with freedesktop.org standard.") diff --git a/gnu/packages/patches/pcmanfm-CVE-2017-8934.patch b/gnu/packages/patches/pcmanfm-CVE-2017-8934.patch deleted file mode 100644 index 489d22c83b..0000000000 --- a/gnu/packages/patches/pcmanfm-CVE-2017-8934.patch +++ /dev/null @@ -1,56 +0,0 @@ -From bc8c3d871e9ecc67c47ff002b68cf049793faf08 Mon Sep 17 00:00:00 2001 -From: Andriy Grytsenko -Date: Sun, 14 May 2017 21:35:40 +0300 -Subject: [PATCH] Fix potential access violation, use runtime user dir instead - of tmp dir. - ---- - NEWS | 4 ++++ - src/single-inst.c | 7 ++++++- - 2 files changed, 10 insertions(+), 1 deletion(-) - -diff --git a/NEWS b/NEWS -index 8c2049a..876f7f3 100644 ---- a/NEWS -+++ b/NEWS -@@ -1,3 +1,7 @@ -+* Fixed potential access violation, use runtime user dir instead of tmp dir -+ for single instance socket. -+ -+ - Changes on 1.2.5 since 1.2.4: - - * Removed options to Cut, Remove and Rename from context menu on mounted -diff --git a/src/single-inst.c b/src/single-inst.c -index 62c37b3..aaf84ab 100644 ---- a/src/single-inst.c -+++ b/src/single-inst.c -@@ -2,7 +2,7 @@ - * single-inst.c: simple IPC mechanism for single instance app - * - * Copyright 2010 Hong Jen Yee (PCMan) -- * Copyright 2012 Andriy Grytsenko (LStranger) -+ * Copyright 2012-2017 Andriy Grytsenko (LStranger) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by -@@ -404,11 +404,16 @@ static void get_socket_name(SingleInstData* data, char* buf, int len) - } - else - dpynum = 0; -+#if GLIB_CHECK_VERSION(2, 28, 0) -+ g_snprintf(buf, len, "%s/%s-socket-%s-%d", g_get_user_runtime_dir(), -+ data->prog_name, host ? host : "", dpynum); -+#else - g_snprintf(buf, len, "%s/.%s-socket-%s-%d-%s", - g_get_tmp_dir(), - data->prog_name, - host ? host : "", - dpynum, - g_get_user_name()); -+#endif - } - --- -2.1.4 - -- cgit 1.4.1 From 72dae07296fd6e3db6a77f48a014a80520d6e6d1 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 27 Apr 2018 01:14:48 +0200 Subject: gnu: quassel: Update to 0.12.5. * gnu/packages/irc.scm (quassel): Update to 0.12.5. [source]: Remove patch. * gnu/packages/patches/quassel-fix-tls-check.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/irc.scm | 7 +++---- gnu/packages/patches/quassel-fix-tls-check.patch | 25 ------------------------ 3 files changed, 3 insertions(+), 30 deletions(-) delete mode 100644 gnu/packages/patches/quassel-fix-tls-check.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index db1c260da6..3ce87ee444 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1063,7 +1063,6 @@ dist_patch_DATA = \ %D%/packages/patches/qtbase-use-TZDIR.patch \ %D%/packages/patches/qtscript-disable-tests.patch \ %D%/packages/patches/quagga-reproducible-build.patch \ - %D%/packages/patches/quassel-fix-tls-check.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ %D%/packages/patches/raptor2-heap-overflow.patch \ diff --git a/gnu/packages/irc.scm b/gnu/packages/irc.scm index 38a1fb3a2d..c376805f46 100644 --- a/gnu/packages/irc.scm +++ b/gnu/packages/irc.scm @@ -65,18 +65,17 @@ (define-public quassel (package (name "quassel") - (version "0.12.4") + (version "0.12.5") (source (origin (method url-fetch) (uri (string-append "http://quassel-irc.org/pub/quassel-" version ".tar.bz2")) - (patches (search-patches "quassel-fix-tls-check.patch")) (sha256 (base32 - "0ka456fb8ha3w7g74xlzfg6w4azxjjxgrhl4aqpbwg3lnd6fbr4k")) + "1qkl3sb4ijx4k17m0c42j2p5bc4jymypwhmplm942rbrzm6mg50q")) (modules '((guix build utils))) - ;; We don't want to install the bundles scripts + ;; We don't want to install the bundled scripts. (snippet '(begin (delete-file-recursively "data/scripts") diff --git a/gnu/packages/patches/quassel-fix-tls-check.patch b/gnu/packages/patches/quassel-fix-tls-check.patch deleted file mode 100644 index 057bc02a14..0000000000 --- a/gnu/packages/patches/quassel-fix-tls-check.patch +++ /dev/null @@ -1,25 +0,0 @@ -This allows quasselclient to connect to SSL-enabled quasselcore instances. - -The check in qglobal.h requires -fPIC (not -fPIE as it is now). When this check -fails SSL / TLS is disabled. - -This patch comes from the upstream source repository [0] and can be -removed when the next version is packaged. - -[0] https://github.com/quassel/quassel/commit/4768c9e99f99b581d4e32e797db91d0182391696 - ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -428,6 +428,11 @@ endif() - cmake_push_check_state(RESET) - set(CMAKE_REQUIRED_INCLUDES ${QT_INCLUDES} ${Qt5Core_INCLUDE_DIRS}) - set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${Qt5Core_EXECUTABLE_COMPILE_FLAGS}") -+ -+if (USE_QT5 AND Qt5_POSITION_INDEPENDENT_CODE) -+ set(CMAKE_REQUIRED_FLAGS "-fPIC -DQT_NO_VERSION_TAGGING") -+endif() -+ - check_cxx_source_compiles(" - #include \"qglobal.h\" - #if defined QT_NO_SSL - -- cgit 1.4.1 From d98e9009a934f7c12e2241b072ad469a009468de Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Fri, 2 Mar 2018 14:05:34 -0600 Subject: gnu: scotch: Update to 6.0.5a. * gnu/packages/patches/pt-scotch-build-parallelism.patch: Delete files. * gnu/packages/patches/scotch-build-parallelism.patch, gnu/packages/patches/scotch-graph-diam-64.patch, gnu/packages/patches/scotch-graph-induce-type-64.patch: New files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/maths.scm (scotch): Update to 6.0.5a. [source](patches): Adjust accordingly. --- gnu/local.mk | 4 ++- gnu/packages/maths.scm | 8 +++-- .../patches/pt-scotch-build-parallelism.patch | 13 -------- .../patches/scotch-build-parallelism.patch | 39 ++++++++++++++++++++++ gnu/packages/patches/scotch-graph-diam-64.patch | 27 +++++++++++++++ .../patches/scotch-graph-induce-type-64.patch | 19 +++++++++++ 6 files changed, 93 insertions(+), 17 deletions(-) delete mode 100644 gnu/packages/patches/pt-scotch-build-parallelism.patch create mode 100644 gnu/packages/patches/scotch-build-parallelism.patch create mode 100644 gnu/packages/patches/scotch-graph-diam-64.patch create mode 100644 gnu/packages/patches/scotch-graph-induce-type-64.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 3ce87ee444..cbf2c6f1b4 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1014,7 +1014,6 @@ dist_patch_DATA = \ %D%/packages/patches/psm-arch.patch \ %D%/packages/patches/psm-ldflags.patch \ %D%/packages/patches/psm-repro.patch \ - %D%/packages/patches/pt-scotch-build-parallelism.patch \ %D%/packages/patches/pulseaudio-fix-mult-test.patch \ %D%/packages/patches/pulseaudio-longer-test-timeout.patch \ %D%/packages/patches/pycairo-wscript.patch \ @@ -1086,6 +1085,9 @@ dist_patch_DATA = \ %D%/packages/patches/rxvt-unicode-escape-sequences.patch \ %D%/packages/patches/scheme48-tests.patch \ %D%/packages/patches/scotch-test-threading.patch \ + %D%/packages/patches/scotch-build-parallelism.patch \ + %D%/packages/patches/scotch-graph-diam-64.patch \ + %D%/packages/patches/scotch-graph-induce-type-64.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ %D%/packages/patches/shadow-CVE-2018-7169.patch \ diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 353aa41167..aa382cda6b 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -2199,16 +2199,18 @@ implemented in ANSI C, and MPI for communications.") (define-public scotch (package (name "scotch") - (version "6.0.4") + (version "6.0.5a") (source (origin (method url-fetch) (uri (string-append "https://gforge.inria.fr/frs/download.php/" "latestfile/298/scotch_" version ".tar.gz")) (sha256 - (base32 "1ir088mvrqggyqdkx9qfynmiaffqbyih5qfl5mga2nrlm1qlsgzm")) + (base32 "0vsmgjz8qv80di3ljmc7hbdsizxxxwy2b9rgd2fl1mdc6dgbj8av")) (patches (search-patches "scotch-test-threading.patch" - "pt-scotch-build-parallelism.patch")))) + "scotch-build-parallelism.patch" + "scotch-graph-induce-type-64.patch" + "scotch-graph-diam-64.patch")))) (build-system gnu-build-system) (inputs `(("zlib" ,zlib) diff --git a/gnu/packages/patches/pt-scotch-build-parallelism.patch b/gnu/packages/patches/pt-scotch-build-parallelism.patch deleted file mode 100644 index 2ac5f27f52..0000000000 --- a/gnu/packages/patches/pt-scotch-build-parallelism.patch +++ /dev/null @@ -1,13 +0,0 @@ -Building with -j may cause the esmumps_main target to fail with a "no rule for -dependency libptesmumps.a" error. Fix the dependency name. - ---- scotch_6.0.4/src/esmumps/Makefile 2012-12-01 08:29:29.000000000 -0600 -+++ scotch_6.0.4/src/esmumps/Makefile 2015-06-15 17:29:23.279605734 -0500 -@@ -160,6 +160,6 @@ - order.h \ - symbol.h \ - esmumps.h \ -- lib$(ESMUMPSLIB)$(LIB) \ -+ libesmumps$(LIB) \ - $(libdir)/lib$(SCOTCHLIB)$(LIB) \ - $(libdir)/lib$(SCOTCHLIB)errexit$(LIB) diff --git a/gnu/packages/patches/scotch-build-parallelism.patch b/gnu/packages/patches/scotch-build-parallelism.patch new file mode 100644 index 0000000000..a669f1dbeb --- /dev/null +++ b/gnu/packages/patches/scotch-build-parallelism.patch @@ -0,0 +1,39 @@ +Fixes make with -j, otherwise scotch.h may not be generated by the time make +tries to compile library_graph_diam.o et al. + +Reported upstream at +https://gforge.inria.fr/tracker/index.php?func=detail&aid=21651&group_id=248&atid=1081 + +diff --git a/src/libscotch/Makefile b/src/libscotch/Makefile +index 9898894..b0ee14c 100644 +--- a/src/libscotch/Makefile ++++ b/src/libscotch/Makefile +@@ -2229,6 +2229,28 @@ library_graph_color_f$(OBJ) : library_graph_color_f.c \ + common.h \ + scotch.h + ++library_graph_diam$(OBJ) : library_graph_diam.c \ ++ module.h \ ++ common.h \ ++ graph.h \ ++ scotch.h ++ ++library_graph_diam_f$(OBJ) : library_graph_diam.c \ ++ module.h \ ++ common.h \ ++ scotch.h ++ ++library_graph_induce$(OBJ) : library_graph_diam.c \ ++ module.h \ ++ common.h \ ++ graph.h \ ++ scotch.h ++ ++library_graph_induce_f$(OBJ) : library_graph_diam.c \ ++ module.h \ ++ common.h \ ++ scotch.h ++ + library_graph_io_chac$(OBJ) : library_graph_io_chac.c \ + module.h \ + common.h \ diff --git a/gnu/packages/patches/scotch-graph-diam-64.patch b/gnu/packages/patches/scotch-graph-diam-64.patch new file mode 100644 index 0000000000..2ae31e3c3b --- /dev/null +++ b/gnu/packages/patches/scotch-graph-diam-64.patch @@ -0,0 +1,27 @@ +Fixes test_scotch_graph_diam test with -DINTSIZE64. + +Reported upstream at +https://gforge.inria.fr/tracker/index.php?func=detail&aid=21650&group_id=248&atid=1081 + +--- scotch-6.0.5a/src/libscotch/library.h ++++ scotch-6.0.5a/src/libscotch/library.h +@@ -187,6 +187,7 @@ SCOTCH_Num SCOTCH_graphBase (SCOTCH_Graph * const, const SCO + int SCOTCH_graphCheck (const SCOTCH_Graph * const); + void SCOTCH_graphSize (const SCOTCH_Graph * const, SCOTCH_Num * const, SCOTCH_Num * const); + void SCOTCH_graphData (const SCOTCH_Graph * const, SCOTCH_Num * const, SCOTCH_Num * const, SCOTCH_Num ** const, SCOTCH_Num ** const, SCOTCH_Num ** const, SCOTCH_Num ** const, SCOTCH_Num * const, SCOTCH_Num ** const, SCOTCH_Num ** const); ++SCOTCH_Num SCOTCH_graphDiamPV (SCOTCH_Graph * const); + void SCOTCH_graphStat (const SCOTCH_Graph * const, SCOTCH_Num * const, SCOTCH_Num * const, SCOTCH_Num * const, double * const, double * const, SCOTCH_Num * const, SCOTCH_Num * const, double * const, double * const, SCOTCH_Num * const, SCOTCH_Num * const, SCOTCH_Num * const, double * const, double * const); + int SCOTCH_graphCoarsen (const SCOTCH_Graph * const, const SCOTCH_Num, const double, const SCOTCH_Num, SCOTCH_Graph * const, SCOTCH_Num * const); + int SCOTCH_graphCoarsenMatch (const SCOTCH_Graph * const, SCOTCH_Num * const, const double, const SCOTCH_Num, SCOTCH_Num * const); +--- scotch-6.0.5a/src/libscotch/library_graph_diam.c ++++ scotch-6.0.5a/src/libscotch/library_graph_diam.c +@@ -72,8 +72,7 @@ + + SCOTCH_Num + SCOTCH_graphDiamPV ( +-SCOTCH_Graph * const grafptr, +-const SCOTCH_Num baseval) ++SCOTCH_Graph * const grafptr) + { + return ((SCOTCH_Num) graphDiamPV ((Graph * const) grafptr)); + } diff --git a/gnu/packages/patches/scotch-graph-induce-type-64.patch b/gnu/packages/patches/scotch-graph-induce-type-64.patch new file mode 100644 index 0000000000..d2eee52a7b --- /dev/null +++ b/gnu/packages/patches/scotch-graph-induce-type-64.patch @@ -0,0 +1,19 @@ +Fixes return type of SCOTCH_graphInduceList and SCOTCH_graphInducePart +so that the definition matches with -DINTSIZE64. + +Reported upstream at +https://gforge.inria.fr/tracker/index.php?func=detail&aid=21608&group_id=248&atid=1081 + +--- scotch_6.0.5a/src/libscotch/library.h.orig 2018-02-11 10:52:38.000000000 -0600 ++++ scotch_6.0.5a/src/libscotch/library.h 2018-02-23 16:56:41.000000000 -0600 +@@ -199,8 +199,8 @@ + int SCOTCH_graphGeomSaveChac (const SCOTCH_Graph * const, const SCOTCH_Geom * const, FILE * const, FILE * const, const char * const); + int SCOTCH_graphGeomSaveMmkt (const SCOTCH_Graph * const, const SCOTCH_Geom * const, FILE * const, FILE * const, const char * const); + int SCOTCH_graphGeomSaveScot (const SCOTCH_Graph * const, const SCOTCH_Geom * const, FILE * const, FILE * const, const char * const); +-int SCOTCH_graphInduceList (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_Num * const, SCOTCH_Graph * const); +-int SCOTCH_graphInducePart (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_GraphPart2 * const, const SCOTCH_GraphPart2, SCOTCH_Graph * const); ++SCOTCH_Num SCOTCH_graphInduceList (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_Num * const, SCOTCH_Graph * const); ++SCOTCH_Num SCOTCH_graphInducePart (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_GraphPart2 * const, const SCOTCH_GraphPart2, SCOTCH_Graph * const); + + int SCOTCH_graphMapInit (const SCOTCH_Graph * const, SCOTCH_Mapping * const, const SCOTCH_Arch * const, SCOTCH_Num * const); + void SCOTCH_graphMapExit (const SCOTCH_Graph * const, SCOTCH_Mapping * const); -- cgit 1.4.1 From f1f4a4f016291509ed97034af0216573cdacf36c Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Wed, 18 Apr 2018 17:19:12 +0200 Subject: gnu: Add java-apache-ivy. * gnu/package/java.scm (java-apache-ivy): New variable. * gnu/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/java.scm | 101 +++++++++++++++++++++ ...va-apache-ivy-port-to-latest-bouncycastle.patch | 81 +++++++++++++++++ 3 files changed, 183 insertions(+) create mode 100644 gnu/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index cbf2c6f1b4..ec11b26632 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -792,6 +792,7 @@ dist_patch_DATA = \ %D%/packages/patches/intltool-perl-compatibility.patch \ %D%/packages/patches/isl-0.11.1-aarch64-support.patch \ %D%/packages/patches/jacal-fix-texinfo.patch \ + %D%/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch \ %D%/packages/patches/java-jeromq-fix-tests.patch \ %D%/packages/patches/java-powermock-fix-java-files.patch \ %D%/packages/patches/java-simple-xml-fix-tests.patch \ diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index a63d9707fb..90fd07c597 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -9705,3 +9705,104 @@ and Pageant included in Putty. This component contains a connector factory."))) (description "jsch-agent-proxy is a proxy program to OpenSSH's ssh-agent and Pageant included in Putty. This component contains a library to use jsch-agent-proxy with JSch."))) + +(define-public java-apache-ivy + (package + (name "java-apache-ivy") + (version "2.4.0") + (source (origin + (method url-fetch) + (uri (string-append "mirror://apache//ant/ivy/" version + "/apache-ivy-" version "-src.tar.gz")) + (sha256 + (base32 + "1xkfn57g2m7l6y0xdq75x5rnrgk52m9jx2xah70g3ggl8750hbr0")) + (patches + (search-patches + "java-apache-ivy-port-to-latest-bouncycastle.patch")))) + (build-system ant-build-system) + (arguments + `(#:jar-name "ivy.jar" + #:tests? #f + #:phases + (modify-phases %standard-phases + (add-before 'build 'remove-example + (lambda _ + (delete-file-recursively "src/example") + #t)) + (add-before 'build 'copy-resources + (lambda _ + (with-directory-excursion "src/java" + (for-each (lambda (file) + (install-file file (string-append "../../build/classes/" (dirname file)))) + (append + (find-files "." ".*.css") + (find-files "." ".*.ent") + (find-files "." ".*.html") + (find-files "." ".*.properties") + (find-files "." ".*.xsd") + (find-files "." ".*.xsl") + (find-files "." ".*.xml")))))) + (add-before 'build 'fix-vfs + (lambda _ + (substitute* + '("src/java/org/apache/ivy/plugins/repository/vfs/VfsRepository.java" + "src/java/org/apache/ivy/plugins/repository/vfs/VfsResource.java") + (("import org.apache.commons.vfs") "import org.apache.commons.vfs2")) + #t)) + (add-before 'install 'copy-manifest + (lambda _ + (install-file "META-INF/MANIFEST.MF" "build/classes/META-INF") + #t)) + (add-before 'install 'repack + (lambda _ + (invoke "jar" "-cmf" "build/classes/META-INF/MANIFEST.MF" "build/jar/ivy.jar" + "-C" "build/classes" ".") + #t)) + (add-after 'install 'install-bin + (lambda* (#:key outputs #:allow-other-keys) + (let* ((bin (string-append (assoc-ref outputs "out") "/bin")) + (ivy (string-append bin "/ivy")) + (jar (string-append (assoc-ref outputs "out") "/share/java/ivy.jar"))) + (mkdir-p bin) + (with-output-to-file ivy + (lambda _ + (display (string-append + "#!" (which "sh") "\n" + "if [[ -z $CLASSPATH ]]; then\n" + " cp=\"" (getenv "CLASSPATH") ":" jar "\"\n" + "else\n" + " cp=\"" (getenv "CLASSPATH") ":" jar ":$CLASSPATH\"\n" + "fi\n" + (which "java") " -cp $cp org.apache.ivy.Main $@\n")))) + (chmod ivy #o755) + #t)))))) + (inputs + `(("java-bouncycastle" ,java-bouncycastle) + ("java-commons-cli" ,java-commons-cli) + ("java-commons-collections" ,java-commons-collections) + ("java-commons-httpclient" ,java-commons-httpclient) + ("java-commons-lang" ,java-commons-lang) + ("java-commons-vfs" ,java-commons-vfs) + ("java-jakarta-oro" ,java-jakarta-oro) + ("java-jsch" ,java-jsch) + ("java-jsch-agentproxy-core" ,java-jsch-agentproxy-core) + ("java-jsch-agentproxy-connector-factory" ,java-jsch-agentproxy-connector-factory) + ("java-jsch-agentproxy-jsch" ,java-jsch-agentproxy-jsch) + ("java-junit" ,java-junit))) + (home-page "https://ant.apache.org/ivy") + (synopsis "Dependency manager for the Java programming language") + (description "Ivy is a tool for managing (recording, tracking, resolving +and reporting) project dependencies. It is characterized by the following: + +@itemize +@item flexibility and configurability - Ivy is essentially process agnostic + and is not tied to any methodology or structure. Instead it provides the + necessary flexibility and configurability to be adapted to a broad range + of dependency management and build processes. +@item tight integration with Apache Ant - while available as a standalone tool, + Ivy works particularly well with Apache Ant providing a number of + powerful Ant tasks ranging from dependency resolution to dependency + reporting and publication. +@end itemize") + (license license:asl2.0))) diff --git a/gnu/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch b/gnu/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch new file mode 100644 index 0000000000..506de833dd --- /dev/null +++ b/gnu/packages/patches/java-apache-ivy-port-to-latest-bouncycastle.patch @@ -0,0 +1,81 @@ +From 29055a825af5405e44ffcd59a776f8952bdc7203 Mon Sep 17 00:00:00 2001 +From: Julien Lepiller +Date: Fri, 15 Dec 2017 16:03:23 +0100 +Subject: [PATCH] Port to latest bouncycastle. + +--- + .../bouncycastle/OpenPGPSignatureGenerator.java | 34 ++++++++++------------ + 1 file changed, 16 insertions(+), 18 deletions(-) + +diff --git a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java +index af7beae..34c204f 100644 +--- a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java ++++ b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java +@@ -41,6 +41,11 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; + import org.bouncycastle.openpgp.PGPSignature; + import org.bouncycastle.openpgp.PGPSignatureGenerator; + import org.bouncycastle.openpgp.PGPUtil; ++import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; ++import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder; ++import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider; ++import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder; ++import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator; + + public class OpenPGPSignatureGenerator implements SignatureGenerator { + +@@ -101,11 +106,15 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { + pgpSec = readSecretKey(keyIn); + } + +- PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(password.toCharArray(), +- BouncyCastleProvider.PROVIDER_NAME); +- PGPSignatureGenerator sGen = new PGPSignatureGenerator(pgpSec.getPublicKey() +- .getAlgorithm(), PGPUtil.SHA1, BouncyCastleProvider.PROVIDER_NAME); +- sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); ++ PBESecretKeyDecryptor decryptor = ++ new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) ++ .build(password.toCharArray()); ++ PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor); ++ BcPGPContentSignerBuilder builder = new BcPGPContentSignerBuilder( ++ pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1); ++ ++ PGPSignatureGenerator sGen = new PGPSignatureGenerator(builder); ++ sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); + + in = new FileInputStream(src); + out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest))); +@@ -116,22 +125,10 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { + } + + sGen.generate().encode(out); +- } catch (SignatureException e) { +- IOException ioexc = new IOException(); +- ioexc.initCause(e); +- throw ioexc; + } catch (PGPException e) { + IOException ioexc = new IOException(); + ioexc.initCause(e); + throw ioexc; +- } catch (NoSuchAlgorithmException e) { +- IOException ioexc = new IOException(); +- ioexc.initCause(e); +- throw ioexc; +- } catch (NoSuchProviderException e) { +- IOException ioexc = new IOException(); +- ioexc.initCause(e); +- throw ioexc; + } finally { + if (out != null) { + try { +@@ -156,7 +153,8 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { + + private PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException { + in = PGPUtil.getDecoderStream(in); +- PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in); ++ PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in, ++ new BcKeyFingerprintCalculator()); + + PGPSecretKey key = null; + for (Iterator it = pgpSec.getKeyRings(); key == null && it.hasNext();) { +-- +2.15.1 -- cgit 1.4.1