aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2017-08-15 03:10:14 -0400
committerMark H Weaver <mhw@netris.org>2017-08-15 03:10:14 -0400
commit09ec5a0f0c40afde63975af9e9203884dad86ea7 (patch)
treec85530d4a7ed433779d787a0c452ed0d4b7f0f0a /gnu/packages
parent3785e42e5219a86d9d8a5208ff18e97e0cbcbe78 (diff)
parent2d430f29231d0d817459d86e0fe15089372e9547 (diff)
downloadguix-09ec5a0f0c40afde63975af9e9203884dad86ea7.tar
guix-09ec5a0f0c40afde63975af9e9203884dad86ea7.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/bioinformatics.scm106
-rw-r--r--gnu/packages/code.scm55
-rw-r--r--gnu/packages/crypto.scm128
-rw-r--r--gnu/packages/curl.scm1
-rw-r--r--gnu/packages/emacs.scm17
-rw-r--r--gnu/packages/enlightenment.scm6
-rw-r--r--gnu/packages/games.scm31
-rw-r--r--gnu/packages/gcc.scm6
-rw-r--r--gnu/packages/image-viewers.scm4
-rw-r--r--gnu/packages/imagemagick.scm4
-rw-r--r--gnu/packages/ldc.scm4
-rw-r--r--gnu/packages/libreoffice.scm51
-rw-r--r--gnu/packages/linux.scm17
-rw-r--r--gnu/packages/maths.scm53
-rw-r--r--gnu/packages/moreutils.scm10
-rw-r--r--gnu/packages/music.scm7
-rw-r--r--gnu/packages/patches/catdoc-CVE-2017-11110.patch45
-rw-r--r--gnu/packages/patches/curl-bounds-check.patch19
-rw-r--r--gnu/packages/patches/cvs-2017-12836.patch45
-rw-r--r--gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch46
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-10664.patch27
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-10806.patch38
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-10911.patch106
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-11434.patch25
-rw-r--r--gnu/packages/perl.scm130
-rw-r--r--gnu/packages/python.scm4
-rw-r--r--gnu/packages/shells.scm69
-rw-r--r--gnu/packages/textutils.scm2
-rw-r--r--gnu/packages/version-control.scm22
-rw-r--r--gnu/packages/video.scm4
-rw-r--r--gnu/packages/virtualization.scm7
-rw-r--r--gnu/packages/xdisorg.scm8
32 files changed, 981 insertions, 116 deletions
diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm
index f0c4e7748a..87cf164c1a 100644
--- a/gnu/packages/bioinformatics.scm
+++ b/gnu/packages/bioinformatics.scm
@@ -5796,6 +5796,49 @@ differential expression based on a model using the negative binomial
distribution.")
(license license:lgpl3+)))
+(define-public r-dexseq
+ (package
+ (name "r-dexseq")
+ (version "1.22.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (bioconductor-uri "DEXSeq" version))
+ (sha256
+ (base32
+ "085aqk1wlzzqcqcqhvz74y099kr2ln5dwdxd3rl6zan806mgwahg"))))
+ (properties `((upstream-name . "DEXSeq")))
+ (build-system r-build-system)
+ (propagated-inputs
+ `(("r-annotationdbi" ,r-annotationdbi)
+ ("r-biobase" ,r-biobase)
+ ("r-biocgenerics" ,r-biocgenerics)
+ ("r-biocparallel" ,r-biocparallel)
+ ("r-biomart" ,r-biomart)
+ ("r-deseq2" ,r-deseq2)
+ ("r-genefilter" ,r-genefilter)
+ ("r-geneplotter" ,r-geneplotter)
+ ("r-genomicranges" ,r-genomicranges)
+ ("r-hwriter" ,r-hwriter)
+ ("r-iranges" ,r-iranges)
+ ("r-rcolorbrewer" ,r-rcolorbrewer)
+ ("r-rsamtools" ,r-rsamtools)
+ ("r-s4vectors" ,r-s4vectors)
+ ("r-statmod" ,r-statmod)
+ ("r-stringr" ,r-stringr)
+ ("r-summarizedexperiment" ,r-summarizedexperiment)))
+ (home-page "http://bioconductor.org/packages/DEXSeq")
+ (synopsis "Inference of differential exon usage in RNA-Seq")
+ (description
+ "This package is focused on finding differential exon usage using RNA-seq
+exon counts between samples with different experimental designs. It provides
+functions that allows the user to make the necessary statistical tests based
+on a model that uses the negative binomial distribution to estimate the
+variance between biological replicates and generalized linear models for
+testing. The package also provides functions for the visualization and
+exploration of the results.")
+ (license license:gpl3+)))
+
(define-public r-annotationforge
(package
(name "r-annotationforge")
@@ -9759,3 +9802,66 @@ such as transcription factor binding sites (ChIP-seq) or regions of open
chromatin (DNase-seq). Output can be displayed directly in the UCSC Genome
Browser.")
(license license:gpl3+))))
+
+(define-public bismark
+ (package
+ (name "bismark")
+ (version "0.16.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/FelixKrueger/Bismark/"
+ "archive/" version ".tar.gz"))
+ (file-name (string-append name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1204i0pa02ll2jn5pnxypkclnskvv7a2nwh5nxhagmhxk9wfv9sq"))))
+ (build-system perl-build-system)
+ (arguments
+ `(#:tests? #f ; there are no tests
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure)
+ (delete 'build)
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((bin (string-append (assoc-ref outputs "out")
+ "/bin"))
+ (docdir (string-append (assoc-ref outputs "out")
+ "/share/doc/bismark"))
+ (docs '("Bismark_User_Guide.pdf"
+ "RELEASE_NOTES.txt"))
+ (scripts '("bismark"
+ "bismark_genome_preparation"
+ "bismark_methylation_extractor"
+ "bismark2bedGraph"
+ "bismark2report"
+ "coverage2cytosine"
+ "deduplicate_bismark"
+ "bismark_sitrep.tpl"
+ "bam2nuc"
+ "bismark2summary")))
+ (mkdir-p docdir)
+ (mkdir-p bin)
+ (for-each (lambda (file) (install-file file bin))
+ scripts)
+ (for-each (lambda (file) (install-file file docdir))
+ docs)
+ #t))))))
+ (home-page "http://www.bioinformatics.babraham.ac.uk/projects/bismark/")
+ (synopsis "Map bisulfite treated sequence reads and analyze methylation")
+ (description "Bismark is a program to map bisulfite treated sequencing
+reads to a genome of interest and perform methylation calls in a single step.
+The output can be easily imported into a genome viewer, such as SeqMonk, and
+enables a researcher to analyse the methylation levels of their samples
+straight away. Its main features are:
+
+@itemize
+@item Bisulfite mapping and methylation calling in one single step
+@item Supports single-end and paired-end read alignments
+@item Supports ungapped and gapped alignments
+@item Alignment seed length, number of mismatches etc are adjustable
+@item Output discriminates between cytosine methylation in CpG, CHG
+ and CHH context
+@end itemize\n")
+ (license license:gpl3+)))
diff --git a/gnu/packages/code.scm b/gnu/packages/code.scm
index 6f25b7cd82..fa9e19db7d 100644
--- a/gnu/packages/code.scm
+++ b/gnu/packages/code.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
+;;; Copyright © 2017 Andy Wingo <wingo@igalia.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -189,6 +190,60 @@ effort, time, and money it would take to develop the software, using the
COCOMO model or user-provided parameters.")
(license license:gpl2+)))
+(define-public cloc
+ (package
+ (name "cloc")
+ (version "1.72")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/AlDanial/cloc/releases/download/v" version
+ "/cloc-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1gl7bxb4bi6pms0zzl133pzpfypvz57hk2cw7yf6rvs8b48kilnz"))))
+ (build-system gnu-build-system)
+ (inputs
+ `(("coreutils" ,coreutils)
+ ("perl" ,perl)
+ ("perl-algorithm-diff" ,perl-algorithm-diff)
+ ("perl-regexp-common" ,perl-regexp-common)
+ ("perl-digest-md5" ,perl-digest-md5)))
+ (arguments
+ `(#:phases (modify-phases %standard-phases
+ (delete 'configure)
+ (delete 'build)
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out")))
+ (zero?
+ (system* "make" "-C" "Unix"
+ (string-append "prefix=" out)
+ (string-append "INSTALL="
+ (assoc-ref inputs "coreutils")
+ "/bin/install")
+ "install")))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (wrap-program (string-append out "/bin/cloc")
+ `("PERL5LIB" ":" =
+ ,(string-split (getenv "PERL5LIB") #\:)))
+ #t))))
+ #:out-of-source? #t
+ ;; Tests require some other packages.
+ #:tests? #f))
+ (home-page "https://github.com/AlDanial/cloc")
+ (synopsis "Count source lines of code (SLOC) and other source code metrics")
+ (description "cloc counts blank lines, comment lines, and physical lines
+of source code in many programming languages. Given two versions of a code
+base, cloc can compute differences in blank, comment, and source lines.
+
+cloc contains code from David Wheeler's SLOCCount. Compared to SLOCCount,
+cloc can handle a greater variety of programming langauges.")
+ (license license:gpl2+)))
+
(define-public the-silver-searcher
(package
(name "the-silver-searcher")
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index d02bc20f20..62fe5fe081 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014 David Thompson <davet@gnu.org>
-;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
@@ -52,6 +52,7 @@
#:use-module (guix git-download)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system perl)
#:use-module (guix build-system python))
(define-public libsodium
@@ -437,3 +438,128 @@ PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
(define-public python2-asn1crypto
(package-with-python2 python-asn1crypto))
+
+(define-public perl-math-random-isaac-xs
+ (package
+ (name "perl-math-random-isaac-xs")
+ (version "1.004")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
+ "Math-Random-ISAAC-XS-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-nowarnings" ,perl-test-nowarnings)))
+ (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS")
+ (synopsis "C implementation of the ISAAC PRNG algorithm")
+ (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
+fast pseudo-random number generator. It is suitable for applications where a
+significant amount of random data needs to be produced quickly, such as
+solving using the Monte Carlo method or for games. The results are uniformly
+distributed, unbiased, and unpredictable unless you know the seed.
+
+This package implements the same interface as @code{Math::Random::ISAAC}.")
+ (license license:public-domain)))
+
+(define-public perl-math-random-isaac
+ (package
+ (name "perl-math-random-isaac")
+ (version "1.004")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
+ "Math-Random-ISAAC-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-test-nowarnings" ,perl-test-nowarnings)))
+ (propagated-inputs
+ `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
+ (home-page "http://search.cpan.org/dist/Math-Random-ISAAC")
+ (synopsis "Perl interface to the ISAAC PRNG algorithm")
+ (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
+fast pseudo-random number generator. It is suitable for applications where a
+significant amount of random data needs to be produced quickly, such as
+solving using the Monte Carlo method or for games. The results are uniformly
+distributed, unbiased, and unpredictable unless you know the seed.
+
+This package provides a Perl interface to the ISAAC pseudo random number
+generator.")
+ (license license:public-domain)))
+
+(define-public perl-crypt-random-source
+ (package
+ (name "perl-crypt-random-source")
+ (version "0.12")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
+ "Crypt-Random-Source-" version ".tar.gz"))
+ (sha256
+ (base32
+ "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build-tiny" ,perl-module-build-tiny)
+ ("perl-test-exception" ,perl-test-exception)))
+ (propagated-inputs
+ `(("perl-capture-tiny" ,perl-capture-tiny)
+ ("perl-module-find" ,perl-module-find)
+ ("perl-module-runtime" ,perl-module-runtime)
+ ("perl-moo" ,perl-moo)
+ ("perl-namespace-clean" ,perl-namespace-clean)
+ ("perl-sub-exporter" ,perl-sub-exporter)
+ ("perl-type-tiny" ,perl-type-tiny)))
+ (home-page "http://search.cpan.org/dist/Crypt-Random-Source")
+ (synopsis "Get weak or strong random data from pluggable sources")
+ (description "This module provides implementations for a number of
+byte-oriented sources of random data.")
+ (license (package-license perl))))
+
+(define-public perl-math-random-secure
+ (package
+ (name "perl-math-random-secure")
+ (version "0.080001")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/"
+ "Math-Random-Secure-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-list-moreutils" ,perl-list-moreutils)
+ ("perl-test-leaktrace" ,perl-test-leaktrace)
+ ("perl-test-sharedfork" ,perl-test-sharedfork)
+ ("perl-test-warn" ,perl-test-warn)))
+ (inputs
+ `(("perl-crypt-random-source" ,perl-crypt-random-source)
+ ("perl-math-random-isaac" ,perl-math-random-isaac)
+ ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
+ ("perl-moo" ,perl-moo)))
+ (home-page "http://search.cpan.org/dist/Math-Random-Secure")
+ (synopsis "Cryptographically secure replacement for rand()")
+ (description "This module is intended to provide a
+cryptographically-secure replacement for Perl's built-in @code{rand} function.
+\"Crytographically secure\", in this case, means:
+
+@enumerate
+@item No matter how many numbers you see generated by the random number
+generator, you cannot guess the future numbers, and you cannot guess the seed.
+@item There are so many possible seeds that it would take decades, centuries,
+or millenia for an attacker to try them all.
+@item The seed comes from a source that generates relatively strong random
+data on your platform, so the seed itself will be as random as possible.
+@end enumerate\n")
+ (license license:artistic2.0)))
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 492a049a05..23606b4810 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -132,6 +132,7 @@ tunneling, and so on.")
(method url-fetch)
(uri (string-append "https://curl.haxx.se/download/curl-"
version ".tar.xz"))
+ (patches (search-patches "curl-bounds-check.patch"))
(sha256
(base32
"1785vxi0jamiv9d1wr1l45g0fm9ircxdfyfzf7ld8zv0z0i8bmfd"))))
diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm
index bb5d2349fd..5a69990c67 100644
--- a/gnu/packages/emacs.scm
+++ b/gnu/packages/emacs.scm
@@ -5226,6 +5226,23 @@ multiplexer.")
editing RPM spec files.")
(license license:gpl2+)))
+(define-public emacs-nix-mode
+ (package
+ (inherit nix)
+ (name "emacs-nix-mode")
+ (build-system emacs-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'chdir-elisp
+ ;; Elisp directory is not in root of the source.
+ (lambda _
+ (chdir "misc/emacs"))))))
+ (synopsis "Emacs major mode for editing Nix expressions")
+ (description "@code{nixos-mode} provides an Emacs major mode for editing
+Nix expressions. It supports syntax highlighting, indenting and refilling of
+comments.")))
+
(define-public emacs-git-messenger
(package
(name "emacs-git-messenger")
diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm
index b42e631b98..da1a1cf43d 100644
--- a/gnu/packages/enlightenment.scm
+++ b/gnu/packages/enlightenment.scm
@@ -59,7 +59,7 @@
(define-public efl
(package
(name "efl")
- (version "1.20.1")
+ (version "1.20.2")
(source (origin
(method url-fetch)
(uri (string-append
@@ -67,7 +67,7 @@
version ".tar.xz"))
(sha256
(base32
- "1d1wmmwgc8pf6lk9g6lflpdxvg85wxxq650d6m30zgr85cb6d27q"))))
+ "0zll6k4xbbdsxqg53g8jddgv889g5m1xh20i03iz5a52y2bcnh55"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
@@ -123,7 +123,7 @@
("glib" ,glib) ; ecore.pc, ecore-cxx.pc
("harfbuzz" ,harfbuzz) ; evas.pc, evas-cxx.pc
("luajit" ,luajit) ; elua.pc, evas.pc, evas-cxx.pc
- ("libinput" ,libinput) ; elput.pc
+ ("libinput" ,libinput-minimal) ; elput.pc
("libpng" ,libpng) ; evas.pc, evas-cxx.pc
("libsndfile" ,libsndfile) ; ecore-audio.pc, ecore-audio-cxx.pc
("libxkbcommon" ,libxkbcommon) ; ecore-wl2.pc, elementary.pc, elput.pc
diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm
index 9f32e9f8e5..436a885d6e 100644
--- a/gnu/packages/games.scm
+++ b/gnu/packages/games.scm
@@ -17,7 +17,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2016, 2017 Rodger Fox <thylakoid@openmailbox.org>
;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
-;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz>
+;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
;;; Copyright © 2016 Albin Söderqvist <albin@fripost.org>
;;; Copyright © 2016, 2017 Kei Kebreau <kei@openmailbox.org>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
@@ -99,6 +99,7 @@
#:use-module (gnu packages xorg)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages databases)
+ #:use-module (gnu packages shells)
#:use-module (gnu packages sdl)
#:use-module (gnu packages swig)
#:use-module (gnu packages texinfo)
@@ -4564,8 +4565,8 @@ at their peak of economic growth and military prowess.
;; There have been no official releases.
(define-public open-adventure
- (let* ((commit "2483a23690d205f01ecb66165cf4522b541cd991")
- (revision "1"))
+ (let* ((commit "d43854f0f6bb8e9eea7fbce80348150e7e7fc34d")
+ (revision "2"))
(package
(name "open-adventure")
(version (string-append "2.5-" revision "." (string-take commit 7)))
@@ -4577,14 +4578,23 @@ at their peak of economic growth and military prowess.
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
- "1gkvkwbq5cl3llfc7nl41van8awn4myx782pg33bxpbx5l9scwb4"))))
+ "08bwrvf4axb1rsfd6ia1fddsky9pc1p350vjskhaakg2czc6dsk0"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (list "CC=gcc")
#:parallel-build? #f ; not supported
#:phases
(modify-phases %standard-phases
- (delete 'configure)
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; At this point linenoise is meant to be included,
+ ;; so we have to really copy it into the working directory
+ ;; of s.
+ (let* ((linenoise (assoc-ref inputs "linenoise"))
+ (noisepath (string-append linenoise "/include/linenoise"))
+ (out (assoc-ref outputs "out")))
+ (copy-recursively noisepath "linenoise"))
+ #t))
(add-before 'build 'use-echo
(lambda _
(substitute* "tests/Makefile"
@@ -4594,9 +4604,9 @@ at their peak of economic growth and military prowess.
(lambda _
;; This target is missing a dependency
(substitute* "Makefile"
- ((".asc.6:" line)
- (string-append line " advent.txt")))
- (zero? (system* "make" ".asc.6"))))
+ ((".adoc.6:" line)
+ (string-append line " advent.adoc")))
+ (zero? (system* "make" ".adoc.6"))))
;; There is no install target
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
@@ -4607,7 +4617,10 @@ at their peak of economic growth and military prowess.
(install-file "advent.6" man))
#t)))))
(native-inputs
- `(("asciidoc" ,asciidoc)))
+ `(("asciidoc" ,asciidoc)
+ ("linenoise" ,linenoise)
+ ("python" ,python)
+ ("python-pyyaml" ,python-pyyaml)))
(home-page "https://gitlab.com/esr/open-adventure")
(synopsis "Colossal Cave Adventure")
(description "The original Colossal Cave Adventure from 1976 was the
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index eee91c32bf..da4d66ce36 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -406,14 +406,14 @@ Go. It also includes runtime support libraries for these languages.")
(define-public gcc-7
(package
(inherit gcc-6)
- (version "7.1.0")
+ (version "7.2.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/gcc/gcc-"
- version "/gcc-" version ".tar.bz2"))
+ version "/gcc-" version ".tar.xz"))
(sha256
(base32
- "05xwps0ci7wgxh50askpa2r9p8518qxdgh6ad7pnyk7n6p13d0ca"))
+ "16j7i0888j2f1yp9l0nhji6cq65dy6y4nwy8868a8njbzzwavxqw"))
(patches (search-patches "gcc-strmov-store-file-names.patch"
"gcc-5.0-libvtv-runpath.patch"))))))
diff --git a/gnu/packages/image-viewers.scm b/gnu/packages/image-viewers.scm
index 07a62715de..c2f0a24344 100644
--- a/gnu/packages/image-viewers.scm
+++ b/gnu/packages/image-viewers.scm
@@ -54,7 +54,7 @@
(define-public feh
(package
(name "feh")
- (version "2.19.1")
+ (version "2.19.2")
(home-page "https://feh.finalrewind.org/")
(source (origin
(method url-fetch)
@@ -62,7 +62,7 @@
name "-" version ".tar.bz2"))
(sha256
(base32
- "1d4ycmai3dpajl0bdr9i56646g4h5j1lb95jjn0nckwcddcj927c"))))
+ "0v2nwc6sk4vs855a1ncz9vxpzxvs1d5wcjz87rfbypxx7nap2al2"))))
(build-system gnu-build-system)
(arguments
'(#:phases (alist-delete 'configure %standard-phases)
diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm
index 6e44175d97..8e17307543 100644
--- a/gnu/packages/imagemagick.scm
+++ b/gnu/packages/imagemagick.scm
@@ -45,14 +45,14 @@
;; The 7 release series has an incompatible API, while the 6 series is still
;; maintained. Don't update to 7 until we've made sure that the ImageMagick
;; users are ready for the 7-series API.
- (version "6.9.9-5")
+ (version "6.9.9-7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://imagemagick/ImageMagick-"
version ".tar.xz"))
(sha256
(base32
- "0mnhwzgap2q2qs899skc41s8gd2g1g6rgs959zxqg6yjx3n48r5a"))))
+ "1lwsz9b8clygdppgawv2hsry4aykgmawjlwhg3fj70rndv4a8rw4"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch")
diff --git a/gnu/packages/ldc.scm b/gnu/packages/ldc.scm
index 03cd033376..25fcb514d0 100644
--- a/gnu/packages/ldc.scm
+++ b/gnu/packages/ldc.scm
@@ -279,7 +279,7 @@ latest DMD frontend and uses LLVM as backend.")
(define-public dub
(package
(name "dub")
- (version "1.4.0")
+ (version "1.4.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/dlang/dub/archive/"
@@ -287,7 +287,7 @@ latest DMD frontend and uses LLVM as backend.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1w3pznyjnmsmasrvv93f82l0sr31fpwg2zcj8hh1b2gvc5761qhi"))))
+ "0hpl5srbrzwzv8abc96j4cgbmvm1zhr109ljbl7hrphzzc39zyan"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; it would have tested itself by installing some packages (vibe etc)
diff --git a/gnu/packages/libreoffice.scm b/gnu/packages/libreoffice.scm
index 5faa8db7e5..c27ddf042a 100644
--- a/gnu/packages/libreoffice.scm
+++ b/gnu/packages/libreoffice.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2017 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017 Andy Wingo <wingo@igalia.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -898,17 +899,51 @@ and to return information on pronunciations, meanings and synonyms.")
(substitute* "external/libxmlsec/ExternalProject_xmlsec.mk"
(("./configure") "$(CONFIG_SHELL) ./configure" ))
#t)))
- (add-after 'install 'bin-install
+ (add-after 'install 'bin-and-desktop-install
;; Create 'soffice' and 'libreoffice' symlinks to the executable
;; script.
(lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (bin (string-append out "/bin"))
- (soffice (string-append
- out "/lib/libreoffice/program/soffice")))
- (mkdir bin)
- (symlink soffice (string-append bin "/soffice"))
- (symlink soffice (string-append bin "/libreoffice")))
+ (let ((out (assoc-ref outputs "out")))
+ (define (symlink-output src dst)
+ (mkdir-p (dirname (string-append out dst)))
+ (symlink (string-append out src) (string-append out dst)))
+ (define (install src dst)
+ (let ((dst (string-append out dst)))
+ (mkdir-p (dirname dst))
+ (copy-file src dst)))
+ (define (install-desktop-file app)
+ (let ((src (string-append "/lib/libreoffice/share/xdg/"
+ app ".desktop"))
+ (dst (string-append "/share/applications/libreoffice-"
+ app ".desktop")))
+ (substitute* (string-append out src)
+ (("Exec=libreoffice[0-9]+\\.[0-9]+ ")
+ (string-append "Exec=" out "/bin/libreoffice "))
+ (("Icon=libreoffice[0-9]+\\.[0-9]+")
+ "Icon=libreoffice")
+ (("LibreOffice [0-9]+\\.[0-9]+")
+ "LibreOffice"))
+ (symlink-output src dst)
+ (install-file (string-append
+ "sysui/desktop/appstream-appdata/"
+ "libreoffice-" app ".appdata.xml")
+ (string-append out "/share/appdata"))))
+ (symlink-output "/lib/libreoffice/program/soffice"
+ "/bin/soffice")
+ (symlink-output "/lib/libreoffice/program/soffice"
+ "/bin/libreoffice")
+ (install "workdir/CustomTarget/sysui/share/libreoffice/openoffice.keys"
+ "/share/mime-info/libreoffice.keys")
+ (install "workdir/CustomTarget/sysui/share/libreoffice/openoffice.mime"
+ "/share/mime-info/libreoffice.mime")
+ (install
+ "workdir/CustomTarget/sysui/share/libreoffice/openoffice.org.xml"
+ "/share/mime/packages/libreoffice.xml")
+ (for-each install-desktop-file
+ '("base" "calc" "draw" "impress" "writer"))
+ (mkdir-p (string-append out "/share/icons"))
+ (copy-recursively "sysui/desktop/icons/hicolor"
+ (string-append out "/share/icons/")))
#t)))
#:configure-flags
(list
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 31572bd7dd..8ae74cbcb7 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -366,8 +366,8 @@ It has been modified to remove all non-free binary blobs.")
(define %intel-compatible-systems '("x86_64-linux" "i686-linux"))
-(define %linux-libre-version "4.12.5")
-(define %linux-libre-hash "0kybil1h07fwl9rb0rvmp0w356hi2v1azw603r18vh9x93i8b8xi")
+(define %linux-libre-version "4.12.7")
+(define %linux-libre-hash "1sjkxkcikdgl2w5h7c5pfyqwi29g69dxp4s2z2yavw7aicc91xfq")
(define-public linux-libre
(make-linux-libre %linux-libre-version
@@ -376,14 +376,14 @@ It has been modified to remove all non-free binary blobs.")
#:configuration-file kernel-config))
(define-public linux-libre-4.9
- (make-linux-libre "4.9.41"
- "1mkx7rvcny8b0yjkzd8zc53d15h1w8y75m0x6jx0dz3r9y3k0nql"
+ (make-linux-libre "4.9.43"
+ "0fxid4xmnrcq966vz2wsb6spw3i02pvqp2hv8xfrx7dr3hfs9nrr"
%intel-compatible-systems
#:configuration-file kernel-config))
(define-public linux-libre-4.4
- (make-linux-libre "4.4.80"
- "1s0d7lsapghgk6jh6igx2fhzj1f6nwmvhqrl2hdwf3dx14z93mp2"
+ (make-linux-libre "4.4.82"
+ "01bn0vn6i22hhwiqfh29m1cir1jrvz643lz13war8k9l6h0dmmwy"
%intel-compatible-systems
#:configuration-file kernel-config))
@@ -682,16 +682,17 @@ slabtop, and skill.")
(define-public e2fsprogs
(package
(name "e2fsprogs")
- (version "1.43.4")
+ (version "1.43.5")
(source (origin
(method url-fetch)
(uri (string-append
"mirror://kernel.org/linux/kernel/people/tytso/"
name "/v" version "/"
name "-" version ".tar.xz"))
+ (patches (search-patches "e2fsprogs-32bit-quota-warnings.patch"))
(sha256
(base32
- "092absr4vrlqrkdf9nwh4ykj40ab6hhwrkdr6sjsccd54c8z5csl"))))
+ "05ssjpmy0fpv2ik6ibm1f47wr6794nf0q50r581vygrqvsd3s7r6"))))
(build-system gnu-build-system)
(inputs `(("util-linux" ,util-linux)))
(native-inputs `(("pkg-config" ,pkg-config)
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 9096838d6f..a81f6156ab 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -2159,7 +2159,7 @@ point numbers.")
(define-public wxmaxima
(package
(name "wxmaxima")
- (version "17.05.0")
+ (version "17.05.1")
(source
(origin
(method url-fetch)
@@ -2168,7 +2168,7 @@ point numbers.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1bsyd7r12xm2crpizb9iyyki3j0mbazzzwbsh871m06dv2wk97gq"))))
+ "0dv0cy0cf46v0cbw32izscpkdmpxg1qhwq1f4cz46kkqd8k4yfbj"))))
(build-system gnu-build-system)
(native-inputs
`(("autoconf" ,autoconf)
@@ -2182,31 +2182,30 @@ point numbers.")
("gtk+" ,gtk+)
("shared-mime-info" ,shared-mime-info)))
(arguments
- `(#:phases (modify-phases %standard-phases
- (add-before
- 'configure 'autoconf
- (lambda _
- (zero? (system* "./bootstrap"))))
- (add-after
- 'install 'wrap-program
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (wrap-program (string-append (assoc-ref outputs "out")
- "/bin/wxmaxima")
- `("PATH" ":" prefix
- (,(string-append (assoc-ref inputs "maxima")
- "/bin")))
- ;; For GtkFileChooserDialog.
- `("GSETTINGS_SCHEMA_DIR" =
- (,(string-append (assoc-ref inputs "gtk+")
- "/share/glib-2.0/schemas")))
- `("XDG_DATA_DIRS" ":" prefix
- (;; Needed by gdk-pixbuf to know supported icon formats.
- ,(string-append
- (assoc-ref inputs "shared-mime-info") "/share")
- ;; The default icon theme of GTK+.
- ,(string-append
- (assoc-ref inputs "adwaita-icon-theme") "/share"))))
- #t)))))
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'autoconf
+ (lambda _
+ (zero? (system* "sh" "bootstrap"))))
+ (add-after 'install 'wrap-program
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (wrap-program (string-append (assoc-ref outputs "out")
+ "/bin/wxmaxima")
+ `("PATH" ":" prefix
+ (,(string-append (assoc-ref inputs "maxima")
+ "/bin")))
+ ;; For GtkFileChooserDialog.
+ `("GSETTINGS_SCHEMA_DIR" =
+ (,(string-append (assoc-ref inputs "gtk+")
+ "/share/glib-2.0/schemas")))
+ `("XDG_DATA_DIRS" ":" prefix
+ (;; Needed by gdk-pixbuf to know supported icon formats.
+ ,(string-append
+ (assoc-ref inputs "shared-mime-info") "/share")
+ ;; The default icon theme of GTK+.
+ ,(string-append
+ (assoc-ref inputs "adwaita-icon-theme") "/share"))))
+ #t)))))
(home-page "https://andrejv.github.io/wxmaxima/")
(synopsis "Graphical user interface for the Maxima computer algebra system")
(description
diff --git a/gnu/packages/moreutils.scm b/gnu/packages/moreutils.scm
index 03ffa8f992..bb6228af7f 100644
--- a/gnu/packages/moreutils.scm
+++ b/gnu/packages/moreutils.scm
@@ -52,10 +52,18 @@
("libxml2" ,libxml2)
("libxslt" ,libxslt)))
(inputs
- `(("perl" ,perl)))
+ `(("perl" ,perl)
+ ("perl-timedate" ,perl-timedate)
+ ("perl-time-duration" ,perl-time-duration)))
(arguments
`(#:phases
(modify-phases %standard-phases
+ (add-after 'install 'wrap-program
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out")))
+ (wrap-program
+ (string-append out "/bin/ts")
+ `("PERL5LIB" ":" prefix (,(getenv "PERL5LIB")))))))
(delete 'configure)) ; no configure script
#:make-flags
(list (string-append "PREFIX=" (assoc-ref %outputs "out"))
diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm
index 40996b11be..dcb48fb200 100644
--- a/gnu/packages/music.scm
+++ b/gnu/packages/music.scm
@@ -2264,15 +2264,16 @@ of tools for manipulating and accessing your music.")
(define-public milkytracker
(package
(name "milkytracker")
- (version "1.0.0")
+ (version "1.01.00")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/milkytracker/"
- "MilkyTracker/archive/v" version ".tar.gz"))
+ "MilkyTracker/archive/v"
+ version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1p1jd4h274jvcvl05l01v9bj19zhq4sjag92v1zawyi93ib85abz"))
+ "1dvnddsnn9c83lz4dlm0cfjpc0m524amfkbalxbswdy0qc8cj1wv"))
(modules '((guix build utils)))
;; Remove non-FSDG compliant sample songs.
(snippet
diff --git a/gnu/packages/patches/catdoc-CVE-2017-11110.patch b/gnu/packages/patches/catdoc-CVE-2017-11110.patch
new file mode 100644
index 0000000000..71c44f60fb
--- /dev/null
+++ b/gnu/packages/patches/catdoc-CVE-2017-11110.patch
@@ -0,0 +1,45 @@
+Fix CVE-2017-11110:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11110
+https://bugzilla.redhat.com/show_bug.cgi?id=1468471
+https://security-tracker.debian.org/tracker/CVE-2017-11110
+
+Patch copied from openSUSE:
+
+https://build.opensuse.org/package/view_file/openSUSE:Maintenance:6985/catdoc.openSUSE_Leap_42.2_Update/CVE-2017-11110.patch?expand=1
+
+From: Andreas Stieger <astieger@suse.com>
+Date: Mon, 10 Jul 2017 15:37:58 +0000
+References: CVE-2017-11110 http://bugzilla.suse.com/show_bug.cgi?id=1047877
+
+All .doc I found had sectorSize 0x09 at offset 0x1e. Guarding it against <4.
+
+---
+ src/ole.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+Index: catdoc-0.95/src/ole.c
+===================================================================
+--- catdoc-0.95.orig/src/ole.c 2016-05-25 06:37:12.000000000 +0200
++++ catdoc-0.95/src/ole.c 2017-07-10 17:42:33.578308107 +0200
+@@ -106,6 +106,11 @@ FILE* ole_init(FILE *f, void *buffer, si
+ return NULL;
+ }
+ sectorSize = 1<<getshort(oleBuf,0x1e);
++ /* CVE-2017-11110) */
++ if (sectorSize < 4) {
++ fprintf(stderr,"sectorSize < 4 not supported\n");
++ return NULL;
++ }
+ shortSectorSize=1<<getshort(oleBuf,0x20);
+
+ /* Read BBD into memory */
+@@ -147,7 +152,7 @@ FILE* ole_init(FILE *f, void *buffer, si
+ }
+
+ fseek(newfile, 512+mblock*sectorSize, SEEK_SET);
+- if(fread(tmpBuf+MSAT_ORIG_SIZE+(sectorSize-4)*i,
++ if(fread(tmpBuf+MSAT_ORIG_SIZE+(sectorSize-4)*i, /* >= 4 for CVE-2017-11110 */
+ 1, sectorSize, newfile) != sectorSize) {
+ fprintf(stderr, "Error read MSAT!\n");
+ ole_finish();
diff --git a/gnu/packages/patches/curl-bounds-check.patch b/gnu/packages/patches/curl-bounds-check.patch
new file mode 100644
index 0000000000..4b8ff65304
--- /dev/null
+++ b/gnu/packages/patches/curl-bounds-check.patch
@@ -0,0 +1,19 @@
+Fix test failure on some 32-bit platforms.
+
+Patch copied from upstream source repository:
+
+https://github.com/curl/curl/commit/45a560390c4356bcb81d933bbbb229c8ea2acb63
+
+diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
+index b9dedc989e..85c5e79a7e 100644
+--- a/src/tool_paramhlp.c
++++ b/src/tool_paramhlp.c
+@@ -218,7 +218,7 @@ static ParameterError str2double(double *val, const char *str, long max)
+ num = strtod(str, &endptr);
+ if(errno == ERANGE)
+ return PARAM_NUMBER_TOO_LARGE;
+- if((long)num > max) {
++ if(num > max) {
+ /* too large */
+ return PARAM_NUMBER_TOO_LARGE;
+ }
diff --git a/gnu/packages/patches/cvs-2017-12836.patch b/gnu/packages/patches/cvs-2017-12836.patch
new file mode 100644
index 0000000000..507ab0f7d0
--- /dev/null
+++ b/gnu/packages/patches/cvs-2017-12836.patch
@@ -0,0 +1,45 @@
+Fix CVE-2017-12836:
+
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12836
+https://security-tracker.debian.org/tracker/CVE-2017-12836
+
+Patch adpated from Debian (comments and changelog annotations removed):
+
+https://anonscm.debian.org/cgit/collab-maint/cvs.git/commit/?h=stretch&id=41e077396e35efb6c879951f44c62dd8a1d0f094
+
+From 41e077396e35efb6c879951f44c62dd8a1d0f094 Mon Sep 17 00:00:00 2001
+From: mirabilos <m@mirbsd.org>
+Date: Sat, 12 Aug 2017 03:17:18 +0200
+Subject: Fix CVE-2017-12836 (Closes: #871810) for stretch
+
+---
+ debian/changelog | 6 ++++++
+ src/rsh-client.c | 10 ++++++++--
+ 2 files changed, 14 insertions(+), 2 deletions(-)
+
+diff --git a/src/rsh-client.c b/src/rsh-client.c
+index fe0cfc4..1fc860d 100644
+--- a/src/rsh-client.c
++++ b/src/rsh-client.c
+@@ -105,6 +106,9 @@ start_rsh_server (cvsroot_t *root, struct buffer **to_server_p,
+ rsh_argv[i++] = argvport;
+ }
+
++ /* Only non-option arguments from here. (CVE-2017-12836) */
++ rsh_argv[i++] = "--";
++
+ rsh_argv[i++] = root->hostname;
+ rsh_argv[i++] = cvs_server;
+ if (readonlyfs)
+@@ -189,6 +193,8 @@ start_rsh_server (cvsroot_t *root, struct buffer **to_server_p,
+ *p++ = argvport;
+ }
+
++ *p++ = "--";
++
+ *p++ = root->hostname;
+ *p++ = command;
+ *p++ = NULL;
+--
+cgit v0.12
+
diff --git a/gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch b/gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch
new file mode 100644
index 0000000000..e7a96a2ac0
--- /dev/null
+++ b/gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch
@@ -0,0 +1,46 @@
+Fix a test failure on 32-bit platforms.
+
+Patch copied from upstream source repository:
+
+https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=9e31a5696c4b699bf000a07b86601c1fb91c0493
+
+diff --git a/lib/support/mkquota.c b/lib/support/mkquota.c
+index 00f3a40..931a839 100644
+--- a/lib/support/mkquota.c
++++ b/lib/support/mkquota.c
+@@ -50,11 +50,13 @@ static void print_dquot(const char *desc, struct dquot *dq)
+ {
+ if (desc)
+ fprintf(stderr, "%s: ", desc);
+- fprintf(stderr, "%u %ld:%ld:%ld %ld:%ld:%ld\n",
+- dq->dq_id, dq->dq_dqb.dqb_curspace,
+- dq->dq_dqb.dqb_bsoftlimit, dq->dq_dqb.dqb_bhardlimit,
+- dq->dq_dqb.dqb_curinodes,
+- dq->dq_dqb.dqb_isoftlimit, dq->dq_dqb.dqb_ihardlimit);
++ fprintf(stderr, "%u %lld:%lld:%lld %lld:%lld:%lld\n",
++ dq->dq_id, (long long) dq->dq_dqb.dqb_curspace,
++ (long long) dq->dq_dqb.dqb_bsoftlimit,
++ (long long) dq->dq_dqb.dqb_bhardlimit,
++ (long long) dq->dq_dqb.dqb_curinodes,
++ (long long) dq->dq_dqb.dqb_isoftlimit,
++ (long long) dq->dq_dqb.dqb_ihardlimit);
+ }
+ #else
+ static void print_dquot(const char *desc EXT2FS_ATTR((unused)),
+@@ -524,11 +526,11 @@ static int scan_dquots_callback(struct dquot *dquot, void *cb_data)
+ dq->dq_dqb.dqb_curinodes != dquot->dq_dqb.dqb_curinodes) {
+ scan_data->usage_is_inconsistent = 1;
+ fprintf(stderr, "[QUOTA WARNING] Usage inconsistent for ID %u:"
+- "actual (%ld, %ld) != expected (%ld, %ld)\n",
+- dq->dq_id, dq->dq_dqb.dqb_curspace,
+- dq->dq_dqb.dqb_curinodes,
+- dquot->dq_dqb.dqb_curspace,
+- dquot->dq_dqb.dqb_curinodes);
++ "actual (%lld, %lld) != expected (%lld, %lld)\n",
++ dq->dq_id, (long long) dq->dq_dqb.dqb_curspace,
++ (long long) dq->dq_dqb.dqb_curinodes,
++ (long long) dquot->dq_dqb.dqb_curspace,
++ (long long) dquot->dq_dqb.dqb_curinodes);
+ }
+
+ if (scan_data->update_limits) {
diff --git a/gnu/packages/patches/qemu-CVE-2017-10664.patch b/gnu/packages/patches/qemu-CVE-2017-10664.patch
new file mode 100644
index 0000000000..2b60de3dca
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2017-10664.patch
@@ -0,0 +1,27 @@
+Fix CVE-2017-10664:
+
+https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
+https://bugzilla.redhat.com/show_bug.cgi?id=1466190
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10664
+https://security-tracker.debian.org/tracker/CVE-2017-10664
+
+Patch copied from upstream source repository:
+
+https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1
+
+diff --git a/qemu-nbd.c b/qemu-nbd.c
+index 9464a0461c..4dd3fd4732 100644
+--- a/qemu-nbd.c
++++ b/qemu-nbd.c
+@@ -581,6 +581,10 @@ int main(int argc, char **argv)
+ sa_sigterm.sa_handler = termsig_handler;
+ sigaction(SIGTERM, &sa_sigterm, NULL);
+
++#ifdef CONFIG_POSIX
++ signal(SIGPIPE, SIG_IGN);
++#endif
++
+ module_call_init(MODULE_INIT_TRACE);
+ qcrypto_init(&error_fatal);
+
+
diff --git a/gnu/packages/patches/qemu-CVE-2017-10806.patch b/gnu/packages/patches/qemu-CVE-2017-10806.patch
new file mode 100644
index 0000000000..ebf782fe7b
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2017-10806.patch
@@ -0,0 +1,38 @@
+Fix CVE-2017-10806:
+
+https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html
+https://bugzilla.redhat.com/show_bug.cgi?id=1468496
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10806
+https://security-tracker.debian.org/tracker/CVE-2017-10806
+
+Patch copied from upstream source repository:
+
+https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bd4a683505b27adc1ac809f71e918e58573d851d
+
+diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
+index b001a27f05..ad5ef783a6 100644
+--- a/hw/usb/redirect.c
++++ b/hw/usb/redirect.c
+@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg)
+ static void usbredir_log_data(USBRedirDevice *dev, const char *desc,
+ const uint8_t *data, int len)
+ {
+- int i, j, n;
+-
+ if (dev->debug < usbredirparser_debug_data) {
+ return;
+ }
+-
+- for (i = 0; i < len; i += j) {
+- char buf[128];
+-
+- n = sprintf(buf, "%s", desc);
+- for (j = 0; j < 8 && i + j < len; j++) {
+- n += sprintf(buf + n, " %02X", data[i + j]);
+- }
+- error_report("%s", buf);
+- }
++ qemu_hexdump((char *)data, stderr, desc, len);
+ }
+
+ /*
diff --git a/gnu/packages/patches/qemu-CVE-2017-10911.patch b/gnu/packages/patches/qemu-CVE-2017-10911.patch
new file mode 100644
index 0000000000..1dcb860a2d
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2017-10911.patch
@@ -0,0 +1,106 @@
+Fix CVE-2017-10911:
+
+https://xenbits.xen.org/xsa/advisory-216.html
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10911
+https://security-tracker.debian.org/tracker/CVE-2017-10911
+
+Patch copied from Xen Security Advisory:
+
+https://xenbits.xen.org/xsa/xsa216-qemuu.patch
+
+--- a/hw/block/xen_blkif.h
++++ b/hw/block/xen_blkif.h
+@@ -14,9 +14,6 @@
+ struct blkif_common_request {
+ char dummy;
+ };
+-struct blkif_common_response {
+- char dummy;
+-};
+
+ /* i386 protocol version */
+ #pragma pack(push, 4)
+@@ -36,13 +33,7 @@ struct blkif_x86_32_request_discard {
+ blkif_sector_t sector_number; /* start sector idx on disk (r/w only) */
+ uint64_t nr_sectors; /* # of contiguous sectors to discard */
+ };
+-struct blkif_x86_32_response {
+- uint64_t id; /* copied from request */
+- uint8_t operation; /* copied from request */
+- int16_t status; /* BLKIF_RSP_??? */
+-};
+ typedef struct blkif_x86_32_request blkif_x86_32_request_t;
+-typedef struct blkif_x86_32_response blkif_x86_32_response_t;
+ #pragma pack(pop)
+
+ /* x86_64 protocol version */
+@@ -62,20 +53,14 @@ struct blkif_x86_64_request_discard {
+ blkif_sector_t sector_number; /* start sector idx on disk (r/w only) */
+ uint64_t nr_sectors; /* # of contiguous sectors to discard */
+ };
+-struct blkif_x86_64_response {
+- uint64_t __attribute__((__aligned__(8))) id;
+- uint8_t operation; /* copied from request */
+- int16_t status; /* BLKIF_RSP_??? */
+-};
+ typedef struct blkif_x86_64_request blkif_x86_64_request_t;
+-typedef struct blkif_x86_64_response blkif_x86_64_response_t;
+
+ DEFINE_RING_TYPES(blkif_common, struct blkif_common_request,
+- struct blkif_common_response);
++ struct blkif_response);
+ DEFINE_RING_TYPES(blkif_x86_32, struct blkif_x86_32_request,
+- struct blkif_x86_32_response);
++ struct blkif_response QEMU_PACKED);
+ DEFINE_RING_TYPES(blkif_x86_64, struct blkif_x86_64_request,
+- struct blkif_x86_64_response);
++ struct blkif_response);
+
+ union blkif_back_rings {
+ blkif_back_ring_t native;
+--- a/hw/block/xen_disk.c
++++ b/hw/block/xen_disk.c
+@@ -769,31 +769,30 @@ static int blk_send_response_one(struct
+ struct XenBlkDev *blkdev = ioreq->blkdev;
+ int send_notify = 0;
+ int have_requests = 0;
+- blkif_response_t resp;
+- void *dst;
+-
+- resp.id = ioreq->req.id;
+- resp.operation = ioreq->req.operation;
+- resp.status = ioreq->status;
++ blkif_response_t *resp;
+
+ /* Place on the response ring for the relevant domain. */
+ switch (blkdev->protocol) {
+ case BLKIF_PROTOCOL_NATIVE:
+- dst = RING_GET_RESPONSE(&blkdev->rings.native, blkdev->rings.native.rsp_prod_pvt);
++ resp = RING_GET_RESPONSE(&blkdev->rings.native,
++ blkdev->rings.native.rsp_prod_pvt);
+ break;
+ case BLKIF_PROTOCOL_X86_32:
+- dst = RING_GET_RESPONSE(&blkdev->rings.x86_32_part,
+- blkdev->rings.x86_32_part.rsp_prod_pvt);
++ resp = RING_GET_RESPONSE(&blkdev->rings.x86_32_part,
++ blkdev->rings.x86_32_part.rsp_prod_pvt);
+ break;
+ case BLKIF_PROTOCOL_X86_64:
+- dst = RING_GET_RESPONSE(&blkdev->rings.x86_64_part,
+- blkdev->rings.x86_64_part.rsp_prod_pvt);
++ resp = RING_GET_RESPONSE(&blkdev->rings.x86_64_part,
++ blkdev->rings.x86_64_part.rsp_prod_pvt);
+ break;
+ default:
+- dst = NULL;
+ return 0;
+ }
+- memcpy(dst, &resp, sizeof(resp));
++
++ resp->id = ioreq->req.id;
++ resp->operation = ioreq->req.operation;
++ resp->status = ioreq->status;
++
+ blkdev->rings.common.rsp_prod_pvt++;
+
+ RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&blkdev->rings.common, send_notify);
diff --git a/gnu/packages/patches/qemu-CVE-2017-11434.patch b/gnu/packages/patches/qemu-CVE-2017-11434.patch
new file mode 100644
index 0000000000..4da701a73d
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2017-11434.patch
@@ -0,0 +1,25 @@
+Fix CVE-2017-11434:
+
+https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
+https://bugzilla.redhat.com/show_bug.cgi?id=1472611
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11434
+https://security-tracker.debian.org/tracker/CVE-2017-11434
+
+Patch copied from upstream source repository:
+
+https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=413d463f43fbc4dd3a601e80a5724aa384a265a0
+
+diff --git a/slirp/bootp.c b/slirp/bootp.c
+index 5a4646c182..5dd1a415b5 100644
+--- a/slirp/bootp.c
++++ b/slirp/bootp.c
+@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type,
+ if (p >= p_end)
+ break;
+ len = *p++;
++ if (p + len > p_end) {
++ break;
++ }
+ DPRINTF("dhcp: tag=%d len=%d\n", tag, len);
+
+ switch(tag) {
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index 4a87d0ae63..2b2b2ea1fe 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
@@ -3419,6 +3419,30 @@ objects, which execute a given code block when destroyed, and scoped guards,
which are tied to the scope exit.")
(license (package-license perl))))
+(define-public perl-hash-fieldhash
+ (package
+ (name "perl-hash-fieldhash")
+ (version "0.15")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/G/GF/GFUJI/"
+ "Hash-FieldHash-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1wg8nzczfxif55j2nbymbhyd25pjy7dqs4bvd6jrcds3ll3mflaw"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-leaktrace" ,perl-test-leaktrace)))
+ (home-page "http://search.cpan.org/dist/Hash-FieldHash")
+ (synopsis "Lightweight field hash for inside-out objects")
+ (description "@code{Hash::FieldHash} provides the field hash mechanism
+which supports the inside-out technique. It is an alternative to
+@code{Hash::Util::FieldHash} with a simpler interface, higher performance, and
+relic support.")
+ (license (package-license perl))))
+
(define-public perl-hash-merge
(package
(name "perl-hash-merge")
@@ -5742,6 +5766,27 @@ can also be useful as a development and debugging tool for catching updates to
variables that should not be changed.")
(license (package-license perl))))
+(define-public perl-ref-util-xs
+ (package
+ (name "perl-ref-util-xs")
+ (version "0.116")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/X/XS/XSAWYERX/"
+ "Ref-Util-XS-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0l5dzbd71iclv8fdjk7685rq6pbfiiydh0n70br6g9l9iy2smr6f"))))
+ (build-system perl-build-system)
+ (home-page "http://search.cpan.org/dist/Ref-Util-XS")
+ (synopsis "XS implementation for Ref::Util")
+ (description "@code{Ref::Util::XS} is the XS implementation of
+@code{Ref::Util}, which provides several functions to help identify references
+in a more convenient way than the usual approach of examining the return value
+of @code{ref}.")
+ (license x11)))
+
(define-public perl-regexp-common
(package
(name "perl-regexp-common")
@@ -5767,6 +5812,27 @@ codes.")
;; Quad-licensed: Perl Artistic, Perl Artistic 2.0, X11, and BSD.
(license (list (package-license perl) x11 bsd-3))))
+(define-public perl-regexp-util
+ (package
+ (name "perl-regexp-util")
+ (version "0.003")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/T/TO/TOBYINK/"
+ "Regexp-Util-" version ".tar.gz"))
+ (sha256
+ (base32
+ "01n1cggiflsnp9f6adkcxzkc0qpgssz60cwnyyd8mzavh2ximr5a"))))
+ (build-system perl-build-system)
+ (home-page "http://search.cpan.org/dist/Regexp-Util")
+ (synopsis "Selection of general-utility regexp subroutines")
+ (description "This package provides a selection of regular expression
+subroutines including @code{is_regexp}, @code{regexp_seen_evals},
+@code{regexp_is_foreign}, @code{regexp_is_anchored}, @code{serialize_regexp},
+and @code{deserialize_regexp}.")
+ (license (package-license perl))))
+
(define-public perl-role-tiny
(package
(name "perl-role-tiny")
@@ -7955,6 +8021,68 @@ that are designed to minimize common mistakes with eval blocks, and nothing
else.")
(license x11)))
+(define-public perl-type-tie
+ (package
+ (name "perl-type-tie")
+ (version "0.009")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/T/TO/TOBYINK/"
+ "Type-Tie-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1wv32kd7gx4kfyvzs13y029f49qbbji991wawvarac7rlz09wpan"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-test-fatal" ,perl-test-fatal)
+ ("perl-test-requires" ,perl-test-requires)))
+ (propagated-inputs
+ `(("perl-exporter-tiny" ,perl-exporter-tiny)
+ ("perl-hash-fieldhash" ,perl-hash-fieldhash)))
+ (home-page "http://search.cpan.org/dist/Type-Tie")
+ (synopsis "Tie a variable to a type constraint")
+ (description "This module exports a single function: @code{ttie}. It ties
+a variable to a type constraint, ensuring that whatever values stored in the
+variable will conform to the type constraint. If the type constraint has
+coercions, these will be used if necessary to ensure values assigned to the
+variable conform.")
+ (license (package-license perl))))
+
+(define-public perl-type-tiny
+ (package
+ (name "perl-type-tiny")
+ (version "1.002001")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/T/TO/TOBYINK/"
+ "Type-Tiny-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1p8krim8kvw123nady96fagi8sk2pj1z8jkr4r8n45ihyamfxjck"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-test-warnings" ,perl-test-warnings)))
+ (propagated-inputs
+ `(("perl-devel-lexalias" ,perl-devel-lexalias)
+ ("perl-devel-stacktrace" ,perl-devel-stacktrace)
+ ("perl-exporter-tiny" ,perl-exporter-tiny)
+ ("perl-moo" ,perl-moo)
+ ("perl-moose" ,perl-moose)
+ ("perl-mouse" ,perl-mouse)
+ ("perl-ref-util-xs" ,perl-ref-util-xs)
+ ("perl-regexp-util" ,perl-regexp-util)
+ ("perl-type-tie" ,perl-type-tie)))
+ (home-page "http://search.cpan.org/dist/Type-Tiny")
+ (synopsis "Tiny, yet Moo(se)-compatible type constraint")
+ (description "@code{Type::Tiny} is a small class for writing type
+constraints, inspired by Moose's type constraint API. It has only one
+non-core dependency (and even that is simply a module that was previously
+distributed as part of @code{Type::Tiny} but has since been spun off), and can
+be used with Moose, Mouse and Moo (or none of the above).")
+ (license (package-license perl))))
+
(define-public perl-types-serialiser
(package
(name "perl-types-serialiser")
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index f5f89c9e06..5557b6042b 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -14324,10 +14324,12 @@ Pylint has many rules enabled by default, way too much to silence them
all on a minimally sized program. It's highly configurable and handle
pragmas to control it from within your code. Additionally, it is
possible to write plugins to add your own checks.")
+ (properties `((python2-variant . ,(delay python2-pylint))))
(license license:gpl2+)))
(define-public python2-pylint
- (let ((pylint (package-with-python2 python-pylint)))
+ (let ((pylint (package-with-python2
+ (strip-python2-variant python-pylint))))
(package (inherit pylint)
(propagated-inputs
`(("python2-backports-functools-lru-cache"
diff --git a/gnu/packages/shells.scm b/gnu/packages/shells.scm
index 89db28ff06..37307c807b 100644
--- a/gnu/packages/shells.scm
+++ b/gnu/packages/shells.scm
@@ -449,38 +449,41 @@ operating system.")
(license bsd-3))))
(define-public linenoise
- (package
- (name "linenoise")
- (version "1.0")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "https://github.com/antirez/linenoise/"
- "archive/" version ".tar.gz"))
- (file-name (string-append name "-" version ".tar.gz"))
- (sha256
- (base32
- "05006hd56xcvxjdpll4x720bpfan7vwqmxbw8a2kvm10w57ll1gm"))))
- (build-system gnu-build-system)
- (arguments
- `(#:tests? #f ;No tests are included
- #:make-flags (list "CC=gcc")
- #:phases
- (modify-phases %standard-phases
- (delete 'configure)
- (replace 'install
- (lambda* (#:key outputs #:allow-other-keys)
- ;; At the moment there is no 'make install' in upstream.
- (let* ((out (assoc-ref outputs "out")))
- (install-file "linenoise.h"
- (string-append out "/include/linenoise"))
- (install-file "linenoise.c"
- (string-append out "/include/linenoise"))
- #t))))))
- (home-page "https://github.com/antirez/linenoise")
- (synopsis "Minimal zero-config readline replacement")
- (description
- "Linenoise is a minimal, zero-config, readline replacement.
+ (let ((commit "2105ce445821381cf1bca87b6d386d4ea88ee20d")
+ (revision "1"))
+ (package
+ (name "linenoise")
+ (version (string-append "1.0-" revision "." (string-take commit 7)))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/antirez/linenoise")
+ (commit commit)))
+ (file-name (string-append name "-" version "-checkout"))
+ (sha256
+ (base32
+ "1z16qwix8z6a40fskdgxsibkqgdrp4q6ncp4n6hnv4r9iihy2d8r"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ;No tests are included
+ #:make-flags (list "CC=gcc")
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure)
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; At the moment there is no 'make install' in upstream.
+ (let* ((out (assoc-ref outputs "out")))
+ (install-file "linenoise.h"
+ (string-append out "/include/linenoise"))
+ (install-file "linenoise.c"
+ (string-append out "/include/linenoise"))
+ #t))))))
+ (home-page "https://github.com/antirez/linenoise")
+ (synopsis "Minimal zero-config readline replacement")
+ (description
+ "Linenoise is a minimal, zero-config, readline replacement.
Its features include:
@enumerate
@@ -490,7 +493,7 @@ Its features include:
@item Hints (suggestions at the right of the prompt as you type)
@item A subset of VT100 escapes, ANSI.SYS compatible
@end enumerate\n")
- (license bsd-2)))
+ (license bsd-2))))
(define-public s-shell
(let ((commit "6604341edb3a775ff94415762af3ee9bd86bfb3c")
diff --git a/gnu/packages/textutils.scm b/gnu/packages/textutils.scm
index e8ae30cd6d..537d013345 100644
--- a/gnu/packages/textutils.scm
+++ b/gnu/packages/textutils.scm
@@ -12,6 +12,7 @@
;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
;;; Copyright © 2017 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Kei Kebreau <kei@openmailbox.org>
+;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -409,6 +410,7 @@ runs Word\".")
(method url-fetch)
(uri (string-append "http://ftp.wagner.pp.ru/pub/catdoc/"
"catdoc-" version ".tar.gz"))
+ (patches (search-patches "catdoc-CVE-2017-11110.patch"))
(sha256
(base32
"15h7v3bmwfk4z8r78xs5ih6vd0pskn0rj90xghvbzdjj0cc88jji"))))
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index bff6471559..7c1f02d5ad 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -350,18 +350,21 @@ everything from small to very large projects with speed and efficiency.")
(home-page "https://git-scm.com/")))
;; Some dependent packages directly access internal interfaces which
-;; have changed in 2.12
+;; have changed in 2.12. TODO: Remove this for cgit > 1.1.
(define-public git@2.10
(package
(inherit git)
- (version "2.10.3")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://kernel.org/software/scm/git/git-"
- version ".tar.xz"))
- (sha256
- (base32
- "02mb7yi49algsya3hnkcxdslwb6p1bi7c732z1g8kzq4hs838m7z"))))))
+ (version "2.10.4")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://kernel.org/software/scm/git/git-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "1pni4mgih5w42813dxljl61s7xmcpdnar34d9m4548hzpljjyd4l"))))
+ (arguments
+ `(#:tests? #f
+ ,@(package-arguments git)))))
(define-public libgit2
(package
@@ -921,6 +924,7 @@ machine.")
(uri (string-append
"https://ftp.gnu.org/non-gnu/cvs/source/feature/"
version "/cvs-" version ".tar.bz2"))
+ (patches (search-patches "cvs-2017-12836.patch"))
(sha256
(base32
"0pjir8cwn0087mxszzbsi1gyfc6373vif96cw4q3m1x6p49kd1bq"))))
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index fdb7d48aec..610b258dfc 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -1121,7 +1121,7 @@ access to mpv's powerful playback capabilities.")
(define-public youtube-dl
(package
(name "youtube-dl")
- (version "2017.08.06")
+ (version "2017.08.13")
(source (origin
(method url-fetch)
(uri (string-append "https://yt-dl.org/downloads/"
@@ -1129,7 +1129,7 @@ access to mpv's powerful playback capabilities.")
version ".tar.gz"))
(sha256
(base32
- "1vdfda2w1ckhqna8xcpphr5l0rp9zhs368lic4f7144rxvbydiwm"))))
+ "1parn0xda7mp1phcj19axldifgh6mcwia6wdi3m20kidc9m4wb11"))))
(build-system python-build-system)
(arguments
;; The problem here is that the directory for the man page and completion
diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm
index 49998120d2..ab364cd1fb 100644
--- a/gnu/packages/virtualization.scm
+++ b/gnu/packages/virtualization.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2015, 2016, 2017 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -82,7 +83,11 @@
"qemu-CVE-2017-8379.patch"
"qemu-CVE-2017-8380.patch"
"qemu-CVE-2017-9524.patch"
- "qemu-CVE-2017-11334.patch"))
+ "qemu-CVE-2017-10664.patch"
+ "qemu-CVE-2017-10806.patch"
+ "qemu-CVE-2017-10911.patch"
+ "qemu-CVE-2017-11334.patch"
+ "qemu-CVE-2017-11434.patch"))
(sha256
(base32
"08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h"))))
diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm
index 7150fb28da..565e6e8927 100644
--- a/gnu/packages/xdisorg.scm
+++ b/gnu/packages/xdisorg.scm
@@ -93,6 +93,14 @@
(build-system python-build-system)
(arguments
`(#:python ,python-2 ;incompatible with python 3
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'build 'configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "screenlayout/xrandr.py"
+ (("\"xrandr\"") (string-append "\"" (assoc-ref inputs "xrandr")
+ "/bin/xrandr\"")))
+ #t)))
#:tests? #f)) ;no tests
(inputs `(("pygtk" ,python2-pygtk)
("xrandr" ,xrandr)))