aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
authorAndreas Enge <andreas@enge.fr>2016-07-25 21:58:36 +0200
committerAndreas Enge <andreas@enge.fr>2016-07-25 21:58:36 +0200
commit14656f44959a519239910b88b783fa6adbbd8d40 (patch)
tree0ece327363bc6ee3d0cacba13c751361091b6ca8 /gnu
parentd8eb912132ccdff955e3318fe549c5f7f674adf8 (diff)
parent424a323e92d92284efcd30cf548d1f41c556d592 (diff)
downloadgnu-guix-14656f44959a519239910b88b783fa6adbbd8d40.tar
gnu-guix-14656f44959a519239910b88b783fa6adbbd8d40.tar.gz
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'gnu')
-rw-r--r--gnu/local.mk3
-rw-r--r--gnu/packages/backup.scm3
-rw-r--r--gnu/packages/compression.scm37
-rw-r--r--gnu/packages/cook.scm4
-rw-r--r--gnu/packages/cups.scm6
-rw-r--r--gnu/packages/emacs.scm8
-rw-r--r--gnu/packages/fish.scm8
-rw-r--r--gnu/packages/geeqie.scm6
-rw-r--r--gnu/packages/gnupg.scm40
-rw-r--r--gnu/packages/gnuzilla.scm8
-rw-r--r--gnu/packages/guile.scm57
-rw-r--r--gnu/packages/haskell.scm5
-rw-r--r--gnu/packages/java.scm39
-rw-r--r--gnu/packages/lisp.scm77
-rw-r--r--gnu/packages/mail.scm8
-rw-r--r--gnu/packages/parallel.scm4
-rw-r--r--gnu/packages/patches/openssh-CVE-2016-6210-1.patch114
-rw-r--r--gnu/packages/patches/openssh-CVE-2016-6210-2.patch111
-rw-r--r--gnu/packages/patches/openssh-CVE-2016-6210-3.patch60
-rw-r--r--gnu/packages/python.scm15
-rw-r--r--gnu/packages/samba.scm83
-rw-r--r--gnu/packages/shellutils.scm42
-rw-r--r--gnu/packages/ssh.scm5
-rw-r--r--gnu/packages/statistics.scm4
-rw-r--r--gnu/packages/version-control.scm6
-rw-r--r--gnu/packages/video.scm13
-rw-r--r--gnu/packages/web.scm9
-rw-r--r--gnu/packages/wxwidgets.scm8
-rw-r--r--gnu/packages/xdisorg.scm23
-rw-r--r--gnu/packages/xorg.scm104
30 files changed, 749 insertions, 161 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 65834897dc..911b89f14b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -683,6 +683,9 @@ dist_patch_DATA = \
%D%/packages/patches/openjpeg-CVE-2015-6581.patch \
%D%/packages/patches/openjpeg-use-after-free-fix.patch \
%D%/packages/patches/openssh-CVE-2015-8325.patch \
+ %D%/packages/patches/openssh-CVE-2016-6210-1.patch \
+ %D%/packages/patches/openssh-CVE-2016-6210-2.patch \
+ %D%/packages/patches/openssh-CVE-2016-6210-3.patch \
%D%/packages/patches/openssl-runpath.patch \
%D%/packages/patches/openssl-c-rehash-in.patch \
%D%/packages/patches/openssl-CVE-2016-2177.patch \
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 956ead4d5a..0a2e9b1b90 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -106,8 +106,7 @@ spying and/or modification by the server.")
(source
(origin
(method url-fetch)
- ;; Source tarballs are not versioned
- (uri "http://archive.miek.nl/projects/hdup2/hdup.tar.bz2")
+ (uri "https://fossies.org/linux/privat/old/hdup-2.0.14.tar.bz2")
(sha256
(base32
"02bnczg01cyhajmm4rhbnc0ja0dd9ikv9fwv28asxh1rlx9yr0b7"))))
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 01b32a2ac3..e63c1af048 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -36,6 +36,7 @@
#:use-module (guix build-system gnu)
#:use-module (guix build-system perl)
#:use-module (gnu packages)
+ #:use-module (gnu packages assembly)
#:use-module (gnu packages autotools)
#:use-module (gnu packages backup)
#:use-module (gnu packages base)
@@ -834,3 +835,39 @@ also be used to apply such patches. xdelta is similar to @command{diff} and
@command{patch}, but is not limited to plain text and does not generate
human-readable output.")
(license license:asl2.0)))
+
+(define-public lrzip
+ (package
+ (name "lrzip")
+ (version "0.630")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.bz2"))
+ (sha256
+ (base32
+ "01ykxliqw4cavx9f2gawxfa9wf52cjy1qx28cnkrh6i3lfzzcq94"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(;; nasm is only required when building for 32-bit x86 platforms
+ ,@(if (string-prefix? "i686" (or (%current-target-system)
+ (%current-system)))
+ `(("nasm" ,nasm))
+ '())
+ ("perl" ,perl)))
+ (inputs
+ `(("bzip2" ,bzip2)
+ ("lzo" ,lzo)
+ ("zlib" ,zlib)))
+ (home-page "http://ck.kolivas.org/apps/lrzip/")
+ (synopsis "Large file compressor with a very high compression ratio")
+ (description "lrzip is a compression utility that uses long-range
+redundancy reduction to improve the subsequent compression ratio of
+larger files. It can then further compress the result with the ZPAQ or
+LZMA algorithms for maximum compression, or LZO for maximum speed. This
+choice between size or speed allows for either better compression than
+even LZMA can provide, or a higher speed than gzip while compressing as
+well as bzip2.")
+ (license (list license:gpl3+
+ license:public-domain)))) ; most files in lzma/
diff --git a/gnu/packages/cook.scm b/gnu/packages/cook.scm
index d0dd80dc40..e149968f24 100644
--- a/gnu/packages/cook.scm
+++ b/gnu/packages/cook.scm
@@ -33,9 +33,7 @@
(source
(origin
(method url-fetch)
- (uri (string-append
- "http://miller.emu.id.au/pmiller/software/cook/cook-" version
- ".tar.gz"))
+ (uri "http://fossies.org/linux/misc/old/cook-2.34.tar.gz")
(sha256
(base32
"104saqnqql1l7zr2pm3f718fdky3ds8j07c6xvwrs1rfkhrw58yw"))))
diff --git a/gnu/packages/cups.scm b/gnu/packages/cups.scm
index 2865ff1494..09b804f39a 100644
--- a/gnu/packages/cups.scm
+++ b/gnu/packages/cups.scm
@@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org>
;;;
;;; This file is part of GNU Guix.
@@ -303,14 +303,14 @@ device-specific programs to convert and print many types of files.")
(define-public hplip
(package
(name "hplip")
- (version "3.16.3")
+ (version "3.16.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/hplip/hplip/" version
"/hplip-" version ".tar.gz"))
(sha256
(base32
- "1501qdnkjp1ybgagy5188fmf6cgmj5555ygjl3543nlbwcp31lj2"))))
+ "1hpzyf9ifs0vilsbwxcgpv8g9557p1x8w5qwgz5l0avgcd10dzlx"))))
(build-system gnu-build-system)
(home-page "http://hplipopensource.com/")
(synopsis "HP Printer Drivers")
diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm
index 926db42a46..5a718fa341 100644
--- a/gnu/packages/emacs.scm
+++ b/gnu/packages/emacs.scm
@@ -117,9 +117,7 @@
(lambda* (#:key inputs outputs #:allow-other-keys)
(let* ((guix-src (assoc-ref inputs "guix-src"))
(out (assoc-ref outputs "out"))
- (lisp-dir (string-append out "/share/emacs/"
- ,(version-major+minor version)
- "/site-lisp"))
+ (lisp-dir (string-append out "/share/emacs/site-lisp"))
(unpack (assoc-ref %standard-phases 'unpack)))
(mkdir "guix")
(with-directory-excursion "guix"
@@ -2079,9 +2077,7 @@ It is built on top of the custom theme support in Emacs 24 or later.")
"1ha3slc6d9wi9ilkhmwrzkvf308n6ph7b0k69pk369s9304awxzx"))))
(build-system emacs-build-system)
(propagated-inputs
- `(("emacs-dash" ,emacs-dash)
- ("emacs-f" ,emacs-f)
- ("emacs-s" ,emacs-s)))
+ `(("emacs-dash" ,emacs-dash)))
(home-page "http://github.com/bbatsov/solarized-emacs")
(synopsis "Port of the Solarized theme for Emacs")
(description
diff --git a/gnu/packages/fish.scm b/gnu/packages/fish.scm
index 7abaaf0ecd..a8b88e7c10 100644
--- a/gnu/packages/fish.scm
+++ b/gnu/packages/fish.scm
@@ -29,14 +29,14 @@
(define-public fish
(package
(name "fish")
- (version "2.3.0")
+ (version "2.3.1")
(source (origin
(method url-fetch)
- (uri (string-append "http://fishshell.com/files/"
+ (uri (string-append "https://fishshell.com/files/"
version "/fish-" version ".tar.gz"))
(sha256
(base32
- "1ralmp7lavdl0plc09ppm232aqsn0crxx6m3hgaa06ibam3sqawi"))
+ "0r46p64lg6da3v6chsa4gisvl04kd3rpy60yih8r870kbp9wm2ij"))
(modules '((guix build utils)))
;; Don't try to install /etc/fish/config.fish.
(snippet
@@ -61,5 +61,5 @@ has extensive and discoverable help. A special help command gives access to
all the fish documentation in your web browser. Other features include smart
terminal handling based on terminfo, an easy to search history, and syntax
highlighting.")
- (home-page "http://fishshell.com/")
+ (home-page "https://fishshell.com/")
(license gpl2)))
diff --git a/gnu/packages/geeqie.scm b/gnu/packages/geeqie.scm
index 110fb68ea0..509819e780 100644
--- a/gnu/packages/geeqie.scm
+++ b/gnu/packages/geeqie.scm
@@ -37,8 +37,10 @@
(version "0.25")
(source (origin
(method url-fetch)
- (uri (string-append "http://www.exiv2.org/exiv2-"
- version ".tar.gz"))
+ (uri (list (string-append "http://www.exiv2.org/exiv2-"
+ version ".tar.gz")
+ (string-append "https://fossies.org/linux/misc/exiv2-"
+ version ".tar.gz")))
(sha256
(base32
"197g6vgcpyf9p2cwn5p5hb1r714xsk1v4p96f5pv1z8mi9vzq2y8"))))
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index 2b4ce71866..9bc7b65108 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -235,13 +235,14 @@ compatible to GNU Pth.")
("sqlite" ,sqlite)
("zlib" ,zlib)))
(arguments
- `(#:phases
- (alist-cons-before
- 'configure 'patch-config-files
- (lambda _
- (substitute* "tests/openpgp/defs.inc"
- (("/bin/pwd") (which "pwd"))))
- %standard-phases)))
+ `(#:configure-flags '("--enable-gpg2-is-gpg")
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'patch-config-files
+ (lambda _
+ (substitute* "tests/openpgp/defs.inc"
+ (("/bin/pwd") (which "pwd")))
+ #t)))))
(home-page "https://gnupg.org/")
(synopsis "GNU Privacy Guard")
(description
@@ -280,12 +281,25 @@ libskba (working with X.509 certificates and CMS data).")
("readline" ,readline)))
(arguments
`(#:phases
- (alist-cons-before
- 'configure 'patch-config-files
- (lambda _
- (substitute* "tests/openpgp/Makefile.in"
- (("/bin/sh") (which "bash"))))
- %standard-phases)))))
+ (modify-phases %standard-phases
+ (add-before 'configure 'patch-config-files
+ (lambda _
+ (substitute* "tests/openpgp/Makefile.in"
+ (("/bin/sh") (which "bash")))
+ #t))
+ (add-after 'install 'rename-v2-commands
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; Upstream suggests removing the trailing '2' from command names:
+ ;; <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22883#58>.
+ (let ((out (assoc-ref outputs "out")))
+ (with-directory-excursion (string-append out "/bin")
+ (rename-file "gpgv2" "gpgv")
+ (rename-file "gpg2" "gpg")
+
+ ;; Keep the old name around to ease transition.
+ (symlink "gpgv" "gpgv2")
+ (symlink "gpg" "gpg2")
+ #t)))))))))
(define-public gnupg-1
(package (inherit gnupg)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 506ab98e91..34b4040458 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -293,16 +293,16 @@ standards.")
(define-public icecat
(package
(name "icecat")
- (version "38.8.0-gnu1")
+ (version "38.8.0-gnu2")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://gnu/gnuzilla/"
- (first (string-split version #\-)) "/"
+ version "/"
name "-" version ".tar.bz2"))
(sha256
(base32
- "0v4k47ziqsyfksv9sn4v1xvk4q414rc883hb1qzld63grj2nxxwp"))
+ "1yb7a1zsqpra9cgq8hrzrbm5v31drb9367cwvwiksz0ngqy342hb"))
(patches (search-patches
"icecat-avoid-bundled-includes.patch"
"icecat-CVE-2016-2818-pt1.patch"
@@ -405,7 +405,7 @@ standards.")
(arguments
`(#:tests? #f ; no check target
#:out-of-source? #t ; must be built outside of the source directory
-
+ #:parallel-build? #f
;; XXX: There are RUNPATH issues such as
;; $prefix/lib/icecat-31.6.0/plugin-container NEEDing libmozalloc.so,
diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm
index 4bea9aad76..f50605a7fb 100644
--- a/gnu/packages/guile.scm
+++ b/gnu/packages/guile.scm
@@ -6,6 +6,7 @@
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Erik Edrosa <erik.edrosa@gmail.com>
;;; Copyright © 2016 Eraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -50,6 +51,8 @@
#:use-module (gnu packages sdl)
#:use-module (gnu packages maths)
#:use-module (gnu packages image)
+ #:use-module (gnu packages xdisorg)
+ #:use-module (gnu packages xorg)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix git-download)
@@ -1123,4 +1126,58 @@ It currently supports MySQL, Postgres and SQLite3.")
SQL databases. This package implements the interface for SQLite.")
(license gpl2+)))
+(define-public guile-xosd
+ (package
+ (name "guile-xosd")
+ (version "0.2")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/alezost/" name
+ "/releases/download/v" version
+ "/" name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1j0b07kycccfslp5n6q0hz7adwc7k41fpzds2dvrly67gavjqljv"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("guile" ,guile-2.0)
+ ("libx11" ,libx11)
+ ("libxext" ,libxext)
+ ("libxinerama" ,libxinerama)
+ ("xosd" ,xosd)))
+ (home-page "https://github.com/alezost/guile-xosd")
+ (synopsis "XOSD bindings for Guile")
+ (description
+ "Guile-XOSD provides Guile bindings for @code{libxosd},
+@uref{http://sourceforge.net/projects/libxosd/, the X On Screen Display
+library}.")
+ (license gpl3+)))
+
+(define-public guile-daemon
+ (package
+ (name "guile-daemon")
+ (version "0.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/alezost/" name
+ "/releases/download/v" version
+ "/" name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1s90h8qhblhhz4ahn3p5d573a24px6cdjq2w311ibpgwnsni4qvq"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("guile" ,guile-2.0)))
+ (home-page "https://github.com/alezost/guile-daemon")
+ (synopsis "Evaluate code in a running Guile process")
+ (description
+ "Guile-Daemon is a small Guile program that loads your initial
+configuration file, and then reads and evaluates Guile expressions that
+you send to a FIFO file.")
+ (license gpl3+)))
+
;;; guile.scm ends here
diff --git a/gnu/packages/haskell.scm b/gnu/packages/haskell.scm
index ba8f48d677..f41157332d 100644
--- a/gnu/packages/haskell.scm
+++ b/gnu/packages/haskell.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -6008,14 +6009,14 @@ generators, and more.")
(define-public ghc-memory
(package
(name "ghc-memory")
- (version "0.10")
+ (version "0.13")
(source (origin
(method url-fetch)
(uri (string-append "https://hackage.haskell.org/package/"
"memory/memory-" version ".tar.gz"))
(sha256
(base32
- "1xqs9zmjbjihb7gfbk25f2q00m2lsi4kc3jv672175ac8a36pgag"))))
+ "02l742qxjqy3jw1a347gb7sn7pn7a5qha1vzi2qqbvgafcjn0wyw"))))
(build-system haskell-build-system)
(native-inputs
`(("ghc-tasty" ,ghc-tasty)
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index 2d50ad84fa..83ffba4f4c 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -535,17 +535,38 @@ build process and its dependencies, whereas Make uses Makefile format.")
"/etc/ssl/certs"))
(keytool (string-append (assoc-ref outputs "jdk")
"/bin/keytool")))
+ (define (extract-cert file target)
+ (call-with-input-file file
+ (lambda (in)
+ (call-with-output-file target
+ (lambda (out)
+ (let loop ((line (read-line in 'concat))
+ (copying? #f))
+ (cond
+ ((eof-object? line) #t)
+ ((string-prefix? "-----BEGIN" line)
+ (display line out)
+ (loop (read-line in 'concat) #t))
+ ((string-prefix? "-----END" line)
+ (display line out)
+ #t)
+ (else
+ (when copying? (display line out))
+ (loop (read-line in 'concat) copying?)))))))))
(define (import-cert cert)
(format #t "Importing certificate ~a\n" (basename cert))
- (let* ((port (open-pipe* OPEN_WRITE keytool
- "-import"
- "-alias" (basename cert)
- "-keystore" keystore
- "-storepass" "changeit"
- "-file" cert)))
- (display "yes\n" port)
- (when (not (zero? (status:exit-val (close-pipe port))))
- (error "failed to import" cert))))
+ (let ((temp "tmpcert"))
+ (extract-cert cert temp)
+ (let ((port (open-pipe* OPEN_WRITE keytool
+ "-import"
+ "-alias" (basename cert)
+ "-keystore" keystore
+ "-storepass" "changeit"
+ "-file" temp)))
+ (display "yes\n" port)
+ (when (not (zero? (status:exit-val (close-pipe port))))
+ (error "failed to import" cert)))
+ (delete-file temp)))
;; This is necessary because the certificate directory contains
;; files with non-ASCII characters in their names.
diff --git a/gnu/packages/lisp.scm b/gnu/packages/lisp.scm
index 22f542ccc5..5c0df4e1ff 100644
--- a/gnu/packages/lisp.scm
+++ b/gnu/packages/lisp.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Federico Beffa <beffa@fbengineering.ch>
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016 Andy Patterson <ajpatter@uwaterloo.ca>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -102,15 +103,15 @@ interface to the Tk widget system.")
(define-public ecl
(package
(name "ecl")
- (version "15.2.21")
+ (version "16.1.2")
(source
(origin
(method url-fetch)
- (uri (string-append "mirror://sourceforge/ecls/ecls/"
- (version-major+minor version)
- "/ecl-" version ".tgz"))
+ (uri (string-append
+ "https://common-lisp.net/project/ecl/static/files/release/"
+ name "-" version ".tgz"))
(sha256
- (base32 "05di23v977byf67rq5bdshw8lqbby1ycbscdcl1vca0z6r1s204j"))))
+ (base32 "16ab8qs3awvdxy8xs8jy82v8r04x4wr70l9l2j45vgag18d2nj1d"))))
(build-system gnu-build-system)
;; src/configure uses 'which' to confirm the existence of 'gzip'.
(native-inputs `(("which" ,which)))
@@ -119,30 +120,38 @@ interface to the Tk widget system.")
("libgc" ,libgc)
("libffi" ,libffi)))
(arguments
- '(;; During 'make check', ECL fails to initialize with "protocol not
- ;; supported", presumably because /etc/protocols is missing in the
- ;; build environment. See <http://sourceforge.net/p/ecls/bugs/300/>.
- ;;
- ;; Should the test suite be re-enabled, it might be necessary to add
- ;; '#:parallel-tests #f'. See the same bug report as above.
- ;;
- ;; The following might also be necessary, due to 'make check' assuming
- ;; ECL is installed. See <http://sourceforge.net/p/ecls/bugs/299/>.
- ;;
- ;; #:phases
- ;; (let* ((check-phase (assq-ref %standard-phases 'check))
- ;; (rearranged-phases
- ;; (alist-cons-after 'install 'check check-phase
- ;; (alist-delete 'check %standard-phases))))
- ;; (alist-cons-before
- ;; 'check 'pre-check
- ;; (lambda* (#:key outputs #:allow-other-keys)
- ;; (substitute* '("build/tests/Makefile")
- ;; (("ECL=ecl")
- ;; (string-append
- ;; "ECL=" (assoc-ref outputs "out") "/bin/ecl"))))
- ;; rearranged-phases))
- #:tests? #f))
+ '(#:tests? #t
+ #:make-flags `(,(string-append "ECL="
+ (assoc-ref %outputs "out")
+ "/bin/ecl"))
+ #:parallel-tests? #f
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'check)
+ (add-after 'install 'wrap
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((ecl (assoc-ref outputs "out"))
+ (input-path (lambda (lib path)
+ (string-append
+ (assoc-ref inputs lib) path)))
+ (libraries '("gmp" "libatomic-ops" "libgc" "libffi" "libc"))
+ (binaries '("gcc" "ld-wrapper" "binutils"))
+ (library-directories
+ (map (lambda (lib) (input-path lib "/lib"))
+ libraries)))
+
+ (wrap-program (string-append ecl "/bin/ecl")
+ `("PATH" prefix
+ ,(map (lambda (binary)
+ (input-path binary "/bin"))
+ binaries))
+ `("CPATH" suffix
+ ,(map (lambda (lib)
+ (input-path lib "/include"))
+ `("linux-headers" ,@libraries)))
+ `("LIBRARY_PATH" suffix ,library-directories)
+ `("LD_LIBRARY_PATH" suffix ,library-directories)))))
+ (add-after 'wrap 'check (assoc-ref %standard-phases 'check)))))
(home-page "http://ecls.sourceforge.net/")
(synopsis "Embeddable Common Lisp")
(description "ECL is an implementation of the Common Lisp language as
@@ -209,14 +218,14 @@ an interpreter, a compiler, a debugger, and much more.")
(define-public sbcl
(package
(name "sbcl")
- (version "1.2.8")
+ (version "1.3.7")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/sbcl/sbcl/" version "/sbcl-"
version "-source.tar.bz2"))
(sha256
- (base32 "0ab9lw056yf6y0rjmx3iirn5n59pmssqxf00fbmpyl6qsnpaja1d"))))
+ (base32 "0fjdqnb2rsm2vi9794ywp27jr239ddvzc4xfr0dk49jd4v7p2kc5"))))
(build-system gnu-build-system)
(outputs '("out" "doc"))
;; Bootstrap with CLISP.
@@ -243,7 +252,11 @@ an interpreter, a compiler, a debugger, and much more.")
;; occurs in some .sh files too (which contain Lisp code). Use
;; ISO-8859-1 because some of the files are ISO-8859-1 encoded.
(with-fluids ((%default-port-encoding #f))
- (substitute* (find-files "." "\\.(lisp|sh)$")
+ ;; The removed file is utf-16-be encoded, which gives substitute*
+ ;; trouble. It does not contain references to the listed programs.
+ (substitute* (delete
+ "./tests/data/compile-file-pos-utf16be.lisp"
+ (find-files "." "\\.(lisp|sh)$"))
(("\"/bin/sh\"") (quoted-path bash "/bin/sh"))
(("\"/usr/bin/env\"") (quoted-path coreutils "/usr/bin/env"))
(("\"/bin/cat\"") (quoted-path coreutils "/bin/cat"))
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index f99c16b405..aed7db0dae 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -293,7 +293,7 @@ and corrections. It is based on a Bayesian filter.")
(define-public offlineimap
(package
(name "offlineimap")
- (version "6.7.0.1")
+ (version "7.0.0")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/OfflineIMAP/offlineimap/"
@@ -301,10 +301,10 @@ and corrections. It is based on a Bayesian filter.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1ys26v2w3vws08acjs7w5irjgahdxyad00pmj7fhcx91hbvizs80"))))
+ "0hnyfby6ib7i7yblg7qpabdyl35n9l3n0a6agk47w1crpn2lsric"))))
(build-system python-build-system)
- (native-inputs `(("python" ,python-2)))
- (inputs `(("python2-pysqlite" ,python2-pysqlite)))
+ (inputs `(("python2-pysqlite" ,python2-pysqlite)
+ ("python2-six" ,python2-six)))
(arguments
;; The setup.py script expects python-2.
`(#:python ,python-2
diff --git a/gnu/packages/parallel.scm b/gnu/packages/parallel.scm
index 766167d6e9..12f0028a34 100644
--- a/gnu/packages/parallel.scm
+++ b/gnu/packages/parallel.scm
@@ -44,7 +44,7 @@
(define-public parallel
(package
(name "parallel")
- (version "20160622")
+ (version "20160722")
(source
(origin
(method url-fetch)
@@ -52,7 +52,7 @@
version ".tar.bz2"))
(sha256
(base32
- "1axng9bwapmb0vrrv67pp787gv7r5g02zyrfwnrhpxhi8zmm1jmg"))))
+ "08gm0i9vj2nz8qgqi98z00myypgb3dni0s5yf3l17fp8h78fp4g3"))))
(build-system gnu-build-system)
(inputs `(("perl" ,perl)))
(home-page "http://www.gnu.org/software/parallel/")
diff --git a/gnu/packages/patches/openssh-CVE-2016-6210-1.patch b/gnu/packages/patches/openssh-CVE-2016-6210-1.patch
new file mode 100644
index 0000000000..9b46ec12a9
--- /dev/null
+++ b/gnu/packages/patches/openssh-CVE-2016-6210-1.patch
@@ -0,0 +1,114 @@
+From e5ef9d3942cebda819a6fd81647b51c8d87d23df Mon Sep 17 00:00:00 2001
+From: Darren Tucker <dtucker@zip.com.au>
+Date: Fri, 15 Jul 2016 13:32:45 +1000
+Subject: Determine appropriate salt for invalid users.
+
+When sshd is processing a non-PAM login for a non-existent user it uses
+the string from the fakepw structure as the salt for crypt(3)ing the
+password supplied by the client. That string has a Blowfish prefix, so on
+systems that don't understand that crypt will fail fast due to an invalid
+salt, and even on those that do it may have significantly different timing
+from the hash methods used for real accounts (eg sha512). This allows
+user enumeration by, eg, sending large password strings. This was noted
+by EddieEzra.Harari at verint.com (CVE-2016-6210).
+
+To mitigate, use the same hash algorithm that root uses for hashing
+passwords for users that do not exist on the system. ok djm@
+
+Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc
+Bug-Debian: https://bugs.debian.org/831902
+Last-Update: 2016-07-22
+
+Patch-Name: CVE-2016-6210-1.patch
+---
+ auth-passwd.c | 12 ++++++++----
+ openbsd-compat/xcrypt.c | 34 ++++++++++++++++++++++++++++++++++
+ 2 files changed, 42 insertions(+), 4 deletions(-)
+
+diff --git a/auth-passwd.c b/auth-passwd.c
+index 63ccf3c..530b5d4 100644
+--- a/auth-passwd.c
++++ b/auth-passwd.c
+@@ -193,7 +193,7 @@ int
+ sys_auth_passwd(Authctxt *authctxt, const char *password)
+ {
+ struct passwd *pw = authctxt->pw;
+- char *encrypted_password;
++ char *encrypted_password, *salt = NULL;
+
+ /* Just use the supplied fake password if authctxt is invalid */
+ char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
+@@ -202,9 +202,13 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
+ if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
+ return (1);
+
+- /* Encrypt the candidate password using the proper salt. */
+- encrypted_password = xcrypt(password,
+- (pw_password[0] && pw_password[1]) ? pw_password : "xx");
++ /*
++ * Encrypt the candidate password using the proper salt, or pass a
++ * NULL and let xcrypt pick one.
++ */
++ if (authctxt->valid && pw_password[0] && pw_password[1])
++ salt = pw_password;
++ encrypted_password = xcrypt(password, salt);
+
+ /*
+ * Authentication is accepted if the encrypted passwords
+diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
+index 8577cbd..8913bb8 100644
+--- a/openbsd-compat/xcrypt.c
++++ b/openbsd-compat/xcrypt.c
+@@ -25,6 +25,7 @@
+ #include "includes.h"
+
+ #include <sys/types.h>
++#include <string.h>
+ #include <unistd.h>
+ #include <pwd.h>
+
+@@ -62,11 +63,44 @@
+ # define crypt DES_crypt
+ # endif
+
++/*
++ * Pick an appropriate password encryption type and salt for the running
++ * system.
++ */
++static const char *
++pick_salt(void)
++{
++ struct passwd *pw;
++ char *passwd, *p;
++ size_t typelen;
++ static char salt[32];
++
++ if (salt[0] != '\0')
++ return salt;
++ strlcpy(salt, "xx", sizeof(salt));
++ if ((pw = getpwuid(0)) == NULL)
++ return salt;
++ passwd = shadow_pw(pw);
++ if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL)
++ return salt; /* no $, DES */
++ typelen = p - passwd + 1;
++ strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
++ explicit_bzero(passwd, strlen(passwd));
++ return salt;
++}
++
+ char *
+ xcrypt(const char *password, const char *salt)
+ {
+ char *crypted;
+
++ /*
++ * If we don't have a salt we are encrypting a fake password for
++ * for timing purposes. Pick an appropriate salt.
++ */
++ if (salt == NULL)
++ salt = pick_salt();
++
+ # ifdef HAVE_MD5_PASSWORDS
+ if (is_md5_salt(salt))
+ crypted = md5_crypt(password, salt);
diff --git a/gnu/packages/patches/openssh-CVE-2016-6210-2.patch b/gnu/packages/patches/openssh-CVE-2016-6210-2.patch
new file mode 100644
index 0000000000..1c580f90b9
--- /dev/null
+++ b/gnu/packages/patches/openssh-CVE-2016-6210-2.patch
@@ -0,0 +1,111 @@
+From dde63f7f998ac3812a26bbb2c1b2947f24fcd060 Mon Sep 17 00:00:00 2001
+From: Darren Tucker <dtucker@zip.com.au>
+Date: Fri, 15 Jul 2016 13:49:44 +1000
+Subject: Mitigate timing of disallowed users PAM logins.
+
+When sshd decides to not allow a login (eg PermitRootLogin=no) and
+it's using PAM, it sends a fake password to PAM so that the timing for
+the failure is not noticeably different whether or not the password
+is correct. This behaviour can be detected by sending a very long
+password string which is slower to hash than the fake password.
+
+Mitigate by constructing an invalid password that is the same length
+as the one from the client and thus takes the same time to hash.
+Diff from djm@
+
+Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=283b97ff33ea2c641161950849931bd578de6946
+Bug-Debian: https://bugs.debian.org/831902
+Last-Update: 2016-07-22
+
+Patch-Name: CVE-2016-6210-2.patch
+---
+ auth-pam.c | 35 +++++++++++++++++++++++++++++++----
+ 1 file changed, 31 insertions(+), 4 deletions(-)
+
+diff --git a/auth-pam.c b/auth-pam.c
+index 8425af1..abd6a5e 100644
+--- a/auth-pam.c
++++ b/auth-pam.c
+@@ -232,7 +232,6 @@ static int sshpam_account_status = -1;
+ static char **sshpam_env = NULL;
+ static Authctxt *sshpam_authctxt = NULL;
+ static const char *sshpam_password = NULL;
+-static char badpw[] = "\b\n\r\177INCORRECT";
+
+ /* Some PAM implementations don't implement this */
+ #ifndef HAVE_PAM_GETENVLIST
+@@ -810,12 +809,35 @@ sshpam_query(void *ctx, char **name, char **info,
+ return (-1);
+ }
+
++/*
++ * Returns a junk password of identical length to that the user supplied.
++ * Used to mitigate timing attacks against crypt(3)/PAM stacks that
++ * vary processing time in proportion to password length.
++ */
++static char *
++fake_password(const char *wire_password)
++{
++ const char junk[] = "\b\n\r\177INCORRECT";
++ char *ret = NULL;
++ size_t i, l = wire_password != NULL ? strlen(wire_password) : 0;
++
++ if (l >= INT_MAX)
++ fatal("%s: password length too long: %zu", __func__, l);
++
++ ret = malloc(l + 1);
++ for (i = 0; i < l; i++)
++ ret[i] = junk[i % (sizeof(junk) - 1)];
++ ret[i] = '\0';
++ return ret;
++}
++
+ /* XXX - see also comment in auth-chall.c:verify_response */
+ static int
+ sshpam_respond(void *ctx, u_int num, char **resp)
+ {
+ Buffer buffer;
+ struct pam_ctxt *ctxt = ctx;
++ char *fake;
+
+ debug2("PAM: %s entering, %u responses", __func__, num);
+ switch (ctxt->pam_done) {
+@@ -836,8 +858,11 @@ sshpam_respond(void *ctx, u_int num, char **resp)
+ (sshpam_authctxt->pw->pw_uid != 0 ||
+ options.permit_root_login == PERMIT_YES))
+ buffer_put_cstring(&buffer, *resp);
+- else
+- buffer_put_cstring(&buffer, badpw);
++ else {
++ fake = fake_password(*resp);
++ buffer_put_cstring(&buffer, fake);
++ free(fake);
++ }
+ if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) {
+ buffer_free(&buffer);
+ return (-1);
+@@ -1181,6 +1206,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
+ {
+ int flags = (options.permit_empty_passwd == 0 ?
+ PAM_DISALLOW_NULL_AUTHTOK : 0);
++ char *fake = NULL;
+
+ if (!options.use_pam || sshpam_handle == NULL)
+ fatal("PAM: %s called when PAM disabled or failed to "
+@@ -1196,7 +1222,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
+ */
+ if (!authctxt->valid || (authctxt->pw->pw_uid == 0 &&
+ options.permit_root_login != PERMIT_YES))
+- sshpam_password = badpw;
++ sshpam_password = fake = fake_password(password);
+
+ sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
+ (const void *)&passwd_conv);
+@@ -1206,6 +1232,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
+
+ sshpam_err = pam_authenticate(sshpam_handle, flags);
+ sshpam_password = NULL;
++ free(fake);
+ if (sshpam_err == PAM_SUCCESS && authctxt->valid) {
+ debug("PAM: password authentication accepted for %.100s",
+ authctxt->user);
diff --git a/gnu/packages/patches/openssh-CVE-2016-6210-3.patch b/gnu/packages/patches/openssh-CVE-2016-6210-3.patch
new file mode 100644
index 0000000000..303c34ee1b
--- /dev/null
+++ b/gnu/packages/patches/openssh-CVE-2016-6210-3.patch
@@ -0,0 +1,60 @@
+From abde8dda29c2db2405d6fbca2fe022430e2c1177 Mon Sep 17 00:00:00 2001
+From: Darren Tucker <dtucker@zip.com.au>
+Date: Thu, 21 Jul 2016 14:17:31 +1000
+Subject: Search users for one with a valid salt.
+
+If the root account is locked (eg password "!!" or "*LK*") keep looking
+until we find a user with a valid salt to use for crypting passwords of
+invalid users. ok djm@
+
+Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=dbf788b4d9d9490a5fff08a7b09888272bb10fcc
+Bug-Debian: https://bugs.debian.org/831902
+Last-Update: 2016-07-22
+
+Patch-Name: CVE-2016-6210-3.patch
+---
+ openbsd-compat/xcrypt.c | 24 +++++++++++++++---------
+ 1 file changed, 15 insertions(+), 9 deletions(-)
+
+diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
+index 8913bb8..cf6a9b9 100644
+--- a/openbsd-compat/xcrypt.c
++++ b/openbsd-compat/xcrypt.c
+@@ -65,7 +65,9 @@
+
+ /*
+ * Pick an appropriate password encryption type and salt for the running
+- * system.
++ * system by searching through accounts until we find one that has a valid
++ * salt. Usually this will be root unless the root account is locked out.
++ * If we don't find one we return a traditional DES-based salt.
+ */
+ static const char *
+ pick_salt(void)
+@@ -78,14 +80,18 @@ pick_salt(void)
+ if (salt[0] != '\0')
+ return salt;
+ strlcpy(salt, "xx", sizeof(salt));
+- if ((pw = getpwuid(0)) == NULL)
+- return salt;
+- passwd = shadow_pw(pw);
+- if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL)
+- return salt; /* no $, DES */
+- typelen = p - passwd + 1;
+- strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
+- explicit_bzero(passwd, strlen(passwd));
++ setpwent();
++ while ((pw = getpwent()) != NULL) {
++ passwd = shadow_pw(pw);
++ if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {
++ typelen = p - passwd + 1;
++ strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
++ explicit_bzero(passwd, strlen(passwd));
++ goto out;
++ }
++ }
++ out:
++ endpwent();
+ return salt;
+ }
+
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 00f7803897..a5260f2bff 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -5028,14 +5028,14 @@ connection to each user.")
(define-public python-waf
(package
(name "python-waf")
- (version "1.8.8")
+ (version "1.9.1")
(source (origin
(method url-fetch)
(uri (string-append "https://waf.io/"
"waf-" version ".tar.bz2"))
(sha256
(base32
- "0b5q307fgn6a5d8yjia2d1l4bk1q3ilvc0w8k4isfrrx2gbcw8wn"))))
+ "1nc4qaqx2vsanlpp9mcwvf91xjqpkvcc6fcxd5sb4fwvaxamw5v6"))))
(build-system python-build-system)
(arguments
'(#:phases
@@ -5627,17 +5627,14 @@ and MAC network addresses.")
(define-public python-iso8601
(package
(name "python-iso8601")
- (version "0.1.10")
+ (version "0.1.11")
(source
(origin
(method url-fetch)
- (uri (string-append
- "https://pypi.python.org/packages/source/i/iso8601/iso8601-"
- version
- ".tar.gz"))
+ (uri (pypi-uri "iso8601" version))
(sha256
- (base32
- "1qf01afxh7j4gja71vxv345if8avg6nnm0ry0zsk6j3030xgy4p7"))))
+ (base32
+ "0c7gh3lsdjds262h0v1sqc66l7hqgfwbakn96qrhdbl0i3vm5yz8"))))
(build-system python-build-system)
(inputs
`(("python-setuptools" ,python-setuptools)))
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index 9f0b57c739..d089167312 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -39,55 +39,54 @@
(define-public iniparser
(package
(name "iniparser")
- (version "3.1")
+ (version "4.0")
(source (origin
(method url-fetch)
- (uri (string-append "http://ndevilla.free.fr/iniparser/iniparser-"
+ (uri (string-append "https://github.com/ndevilla/iniparser/archive/v"
version ".tar.gz"))
+ (file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1igmxzcy0s25zcy9vmcw0kd13lh60r0b4qg8lnp1jic33f427pxf"))))
+ "1flj7srvh2hp9ls96qz922bklyhw7f27mmn23b16839zpdjddfz0"))))
(build-system gnu-build-system)
(arguments
- '(#:phases (alist-replace
- 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- (("/usr/lib")
- (string-append (assoc-ref outputs "out") "/lib"))))
- (alist-replace
- 'build
- (lambda _
- (and (zero? (system* "make" "libiniparser.so"))
- (symlink "libiniparser.so.0" "libiniparser.so")))
- (alist-replace
- 'install
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib"))
- (inc (string-append out "/include"))
- (doc (string-append out "/share/doc"))
- (html (string-append doc "/html")))
- (define (copy dir)
- (lambda (file)
- (copy-file file
- (string-append dir "/"
- (basename file)))))
- (mkdir-p lib)
- (for-each (copy lib)
- (find-files "." "^lib.*\\.(so\\.|a)"))
- (with-directory-excursion lib
- (symlink "libiniparser.so.0" "libiniparser.so"))
- (mkdir-p inc)
- (for-each (copy inc)
- (find-files "src" "\\.h$"))
- (mkdir-p html)
- (for-each (copy html)
- (find-files "html" ".*"))
- (for-each (copy doc)
- '("AUTHORS" "INSTALL" "LICENSE"
- "README"))))
- %standard-phases)))))
+ '(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* '("Makefile" "test/Makefile")
+ (("/usr/lib")
+ (string-append (assoc-ref outputs "out") "/lib"))
+ (("\\?= gcc") "= gcc"))))
+ (replace 'build
+ (lambda _
+ (and (zero? (system* "make" "libiniparser.so"))
+ (symlink "libiniparser.so.0" "libiniparser.so"))))
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (inc (string-append out "/include"))
+ (doc (string-append out "/share/doc"))
+ (html (string-append doc "/html")))
+ (define (copy dir)
+ (lambda (file)
+ (copy-file file
+ (string-append dir "/"
+ (basename file)))))
+ (mkdir-p lib)
+ (for-each (copy lib)
+ (find-files "." "^lib.*\\.(so\\.|a)"))
+ (with-directory-excursion lib
+ (symlink "libiniparser.so.0" "libiniparser.so"))
+ (mkdir-p inc)
+ (for-each (copy inc)
+ (find-files "src" "\\.h$"))
+ (mkdir-p html)
+ (for-each (copy html)
+ (find-files "html" ".*"))
+ (for-each (copy doc)
+ '("AUTHORS" "INSTALL" "LICENSE" "README.md"))))))))
(home-page "http://ndevilla.free.fr/iniparser")
(synopsis "Standalone ini file parsing library")
(description
diff --git a/gnu/packages/shellutils.scm b/gnu/packages/shellutils.scm
index 8108b0465d..27f45bab9b 100644
--- a/gnu/packages/shellutils.scm
+++ b/gnu/packages/shellutils.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Matthew Jordan <matthewjordandevops@yandex.com>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -17,11 +18,14 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages shellutils)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages python)
#:use-module (guix licenses)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix utils)
- #:use-module (guix build-system gnu))
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system python))
(define-public envstore
(package
@@ -48,3 +52,39 @@
between various shells or commands.")
(license
(non-copyleft "http://www.wtfpl.net/txt/copying/"))))
+
+(define-public trash-cli
+ (package
+ (name "trash-cli")
+ (version "0.12.9.14")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "trash-cli" version))
+ (sha256
+ (base32
+ "1p4v2qx0sy47d9c9axszq04wns63s4b7rrhmsavg948sklqdaf54"))))
+ (build-system python-build-system)
+ (arguments
+ `(#:python ,python-2
+ #:tests? #f ; no tests
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'build 'patch-path-constants
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((libc (assoc-ref inputs "libc"))
+ (coreutils (assoc-ref inputs "coreutils")))
+ (substitute* "trashcli/list_mount_points.py"
+ (("\"/lib/libc.so.6\".*")
+ (string-append "\"" libc "/lib/libc.so.6\"\n"))
+ (("\"df\"")
+ (string-append "\"" coreutils "/bin/df\"")))))))))
+ (inputs `(("coreutils" ,coreutils)))
+ (home-page "https://github.com/andreafrancia/trash-cli")
+ (synopsis "Trash can management tool")
+ (description
+ "trash-cli is a command line utility for interacting with the
+FreeDesktop.org trash can used by GNOME, KDE, XFCE, and other common desktop
+environments. It can move files to the trash, and remove or list files that
+are already there.")
+ (license gpl2+)))
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 71310ecf94..61a6a5b9d9 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -135,7 +135,10 @@ a server that supports the SSH-2 protocol.")
tail))))
(sha256 (base32
"132lh9aanb0wkisji1d6cmsxi520m8nh7c7i9wi6m1s3l38q29x7"))
- (patches (search-patches "openssh-CVE-2015-8325.patch"))))
+ (patches (search-patches "openssh-CVE-2015-8325.patch"
+ "openssh-CVE-2016-6210-1.patch"
+ "openssh-CVE-2016-6210-2.patch"
+ "openssh-CVE-2016-6210-3.patch"))))
(build-system gnu-build-system)
(inputs `(("groff" ,groff)
("openssl" ,openssl)
diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm
index 45e50b651c..2365149fad 100644
--- a/gnu/packages/statistics.scm
+++ b/gnu/packages/statistics.scm
@@ -62,7 +62,7 @@
(define-public pspp
(package
(name "pspp")
- (version "0.10.1")
+ (version "0.10.2")
(source
(origin
(method url-fetch)
@@ -70,7 +70,7 @@
version ".tar.gz"))
(sha256
(base32
- "0xw61kq0hxh7f6a4yjhnqbhc0fj9r3wb3qnpq05qhdp79n30ik24"))))
+ "1afsq0a3iij64qacczvwhk81qg0q5rfqm055y5h9ls28d6paqz7p"))))
(build-system gnu-build-system)
(inputs
`(("cairo" ,cairo)
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 705275242b..767715d1b1 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -113,14 +113,14 @@ as well as the classic centralized workflow.")
;; Keep in sync with 'git-manpages'!
(package
(name "git")
- (version "2.9.1")
+ (version "2.9.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
version ".tar.xz"))
(sha256
(base32
- "18l2jb4bkp9ljz6p2aviwzxqyzza9z3v6h1pnkz7kjf1fay61zp8"))))
+ "1d9dmhgzcnwc2jbib4q23ypjbnw1gh1w8gif63qldwkpixj4dxgq"))))
(build-system gnu-build-system)
(native-inputs
`(("native-perl" ,perl)
@@ -295,7 +295,7 @@ everything from small to very large projects with speed and efficiency.")
version ".tar.xz"))
(sha256
(base32
- "1v9icsf85vvrrg7fakm91d11q23rvnh6dq4b4c4ya8v95z00mg8p"))))
+ "08y38w6yfvrpgj10dl3vghp05xjpl8jj37kkfna2nhf0wip52p2c"))))
(build-system trivial-build-system)
(arguments
'(#:modules ((guix build utils))
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 948ab5ac8a..d5880c45e2 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -805,14 +805,7 @@ SVCD, DVD, 3ivx, DivX 3/4/5, WMV and H.264 movies.")
("pulseaudio" ,pulseaudio)
("rsound" ,rsound)
("vapoursynth" ,vapoursynth)
- ("waf" ,(origin
- (method url-fetch)
- ;; Keep this in sync with the version in the bootstrap.py
- ;; script of the source tarball.
- (uri "http://www.freehackers.org/~tnagy/release/waf-1.8.12")
- (sha256
- (base32
- "12y9c352zwliw0zk9jm2lhynsjcf5jy0k1qch1c1av8hnbm2pgq1"))))
+ ("waf" ,python-waf)
("youtube-dl" ,youtube-dl)
("zlib" ,zlib)))
(arguments
@@ -902,7 +895,7 @@ access to mpv's powerful playback capabilities.")
(define-public youtube-dl
(package
(name "youtube-dl")
- (version "2016.06.14")
+ (version "2016.07.22")
(source (origin
(method url-fetch)
(uri (string-append "https://youtube-dl.org/downloads/"
@@ -910,7 +903,7 @@ access to mpv's powerful playback capabilities.")
version ".tar.gz"))
(sha256
(base32
- "0fmvpqipc1xwagvk7ih4slmv1xz1rb6s8wpndhypwvrq4pnnm9ns"))))
+ "02wcxpcbpvsbvyxcnhhf94ma0x5dcg4fygnxxca2h31dp47dkak9"))))
(build-system python-build-system)
(home-page "https://youtube-dl.org")
(arguments
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index bbe33db32b..91186cdb19 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -2390,18 +2390,21 @@ and IPv6 sockets, intended as a replacement for IO::Socket::INET.")
(define-public perl-io-socket-ssl
(package
(name "perl-io-socket-ssl")
- (version "2.002")
+ (version "2.033")
(source (origin
(method url-fetch)
(uri (string-append "mirror://cpan/authors/id/S/SU/SULLR/"
"IO-Socket-SSL-" version ".tar.gz"))
(sha256
(base32
- "1mph52lw6x5v44wf8mw00llzi8pp6k5c4jnrnrvlacrlfv260jb8"))
+ "01qggwmc97kpzx49fp4fxysrjyq8mpnx54nrb087ridj0ch3cf46"))
(patches (search-patches
"perl-io-socket-ssl-openssl-1.0.2f-fix.patch"))))
(build-system perl-build-system)
- (propagated-inputs `(("perl-net-ssleay" ,perl-net-ssleay)))
+ (propagated-inputs
+ `(("perl-net-ssleay" ,perl-net-ssleay)
+ ;; for IDN support
+ ("perl-uri" ,perl-uri)))
(synopsis "Nearly transparent SSL encapsulation for IO::Socket::INET")
(description
"IO::Socket::SSL makes using SSL/TLS much easier by wrapping the
diff --git a/gnu/packages/wxwidgets.scm b/gnu/packages/wxwidgets.scm
index c9eb1780d6..31da2a9eed 100644
--- a/gnu/packages/wxwidgets.scm
+++ b/gnu/packages/wxwidgets.scm
@@ -42,7 +42,8 @@
(source
(origin
(method url-fetch)
- (uri (string-append "mirror://sourceforge/wxwindows/" version
+ (uri (string-append "https://github.com/wxWidgets/wxWidgets/"
+ "releases/download/v" version
"/wxWidgets-" version ".tar.bz2"))
(sha256
(base32 "0paq27brw4lv8kspxh9iklpa415mxi8zc117vbbbhfjgapf7js1l"))))
@@ -88,8 +89,9 @@ and many other languages.")
(source
(origin
(method url-fetch)
- (uri (string-append "mirror://sourceforge/wxwindows/" version
- "/wxWidgets-" version ".tar.bz2"))
+ (uri (string-append "https://github.com/wxWidgets/wxWidgets/"
+ "releases/download/v" version
+ "/wxGTK-" version ".tar.gz"))
(sha256
(base32 "1gjs9vfga60mk4j4ngiwsk9h6c7j22pw26m3asxr1jwvqbr8kkqk"))))
(inputs
diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm
index f611518e86..226e5c1ca1 100644
--- a/gnu/packages/xdisorg.scm
+++ b/gnu/packages/xdisorg.scm
@@ -13,6 +13,7 @@
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -913,6 +914,28 @@ demos. It also acts as a nice screen locker.")
"http://metadata.ftp-master.debian.org/changelogs/"
"/main/x/xscreensaver/xscreensaver_5.34-2_copyright")))))
+(define-public xdpyprobe
+ (package
+ (name "xdpyprobe")
+ (version "0.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/alezost/" name
+ "/releases/download/v" version
+ "/" name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1h09wd2qcg08rj5hcakvdh9q01hkrj8vxly94ax3ch2x06lm0zq8"))))
+ (build-system gnu-build-system)
+ (inputs
+ `(("libx11" ,libx11)))
+ (home-page "https://github.com/alezost/xdpyprobe")
+ (synopsis "Probe X server for connectivity")
+ (description
+ "Xdpyprobe is a tiny C program whose only purpose is to probe a
+connectivity of the X server running on a particular @code{DISPLAY}.")
+ (license license:gpl3+)))
+
(define-public rofi
(package
(name "rofi")
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 61479bef47..59c8d1c871 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -8,6 +8,7 @@
;;; Copyright © 2015 Cyrill Schenkel <cyrill.schenkel@gmail.com>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -3870,6 +3871,97 @@ running on X server.")
protocol.")
(license license:x11)))
+(define-public xfontsel
+ (package
+ (name "xfontsel")
+ (version "1.0.5")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "mirror://xorg/individual/app/xfontsel-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "1grir464hy52a71r3mpm9mzvkf7nwr3vk0b1vc27pd3gp588a38p"))))
+ (build-system gnu-build-system)
+ (arguments
+ ;; By default, it tries to install XFontSel file in
+ ;; "/gnu/store/<libxt>/share/X11/app-defaults": it defines this
+ ;; directory from 'libxt' (using 'pkg-config'). To put this file
+ ;; inside output dir and to use it properly, we need to configure
+ ;; --with-appdefaultdir and to wrap 'xfontsel' binary.
+ (let ((app-defaults-dir "/share/X11/app-defaults"))
+ `(#:configure-flags
+ (list (string-append "--with-appdefaultdir="
+ %output ,app-defaults-dir))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'wrap-xfontsel
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (wrap-program (string-append out "/bin/xfontsel")
+ `("XAPPLRESDIR" =
+ (,(string-append out ,app-defaults-dir)))))))))))
+ (inputs
+ `(("libx11" ,libx11)
+ ("libxaw" ,libxaw)
+ ("libxmu" ,libxmu)
+ ("libxt" ,libxt)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (home-page "https://www.x.org/wiki/")
+ (synopsis "Browse and select X font names")
+ (description
+ "XFontSel provides a simple way to display the X11 core protocol fonts
+known to your X server, examine samples of each, and retrieve the X Logical
+Font Description (XLFD) full name for a font.")
+ (license license:x11)))
+
+(define-public xfd
+ (package
+ (name "xfd")
+ (version "1.1.2")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "mirror://xorg/individual/app/xfd-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0n97iqqap9wyxjan2n520vh4rrf5bc0apsw2k9py94dqzci258y1"))))
+ (build-system gnu-build-system)
+ (arguments
+ ;; The same 'app-defaults' problem as with 'xfontsel' package.
+ (let ((app-defaults-dir "/share/X11/app-defaults"))
+ `(#:configure-flags
+ (list (string-append "--with-appdefaultdir="
+ %output ,app-defaults-dir))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'wrap-xfd
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (wrap-program (string-append out "/bin/xfd")
+ `("XAPPLRESDIR" =
+ (,(string-append out ,app-defaults-dir)))))))))))
+ (inputs
+ `(("fontconfig" ,fontconfig)
+ ("libx11" ,libx11)
+ ("libxaw" ,libxaw)
+ ("libxft" ,libxft)
+ ("libxmu" ,libxmu)
+ ("libxrender" ,libxrender)))
+ (native-inputs
+ `(("gettext" ,gnu-gettext)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://www.x.org/wiki/")
+ (synopsis "Display all the characters in an X font")
+ (description
+ "XFD (X Font Display) package provides an utility that displays a
+window containing the name of the font being displayed, a row of command
+buttons, several lines of text for displaying character metrics, and a grid
+containing one glyph per cell.")
+ (license license:x11)))
(define-public xmodmap
(package
@@ -4562,7 +4654,17 @@ protocol and arbitrary X extension protocol.")
(base32
"0c3563kw9fg15dpgx4dwvl12qz6sdqdns1pxa574hc7i5m42mman"))))
(build-system gnu-build-system)
- (propagated-inputs
+ (arguments
+ '(#:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'wrap-mkfontdir
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (wrap-program (string-append (assoc-ref outputs "out")
+ "/bin/mkfontdir")
+ `("PATH" ":" prefix
+ (,(string-append (assoc-ref inputs "mkfontscale")
+ "/bin")))))))))
+ (inputs
`(("mkfontscale" ,mkfontscale)))
(native-inputs
`(("pkg-config" ,pkg-config)))