aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-03-22 00:14:03 +0100
committerLudovic Courtès <ludo@gnu.org>2016-03-22 00:14:03 +0100
commitcd6cc144e0822482a8ca2b033b7bd6d33f0fd331 (patch)
tree28b7c39d314eb54845de71f20fdb144e348c0fe5 /gnu/packages
parentffc13e753b37adb694de1d26f3ea51cf0796a8a2 (diff)
parenta3b84f70d8bc992a0fc38cabdf12d48ff5e10e15 (diff)
downloadguix-cd6cc144e0822482a8ca2b033b7bd6d33f0fd331.tar
guix-cd6cc144e0822482a8ca2b033b7bd6d33f0fd331.tar.gz
Merge branch 'security-updates'
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/fontutils.scm22
-rw-r--r--gnu/packages/glib.scm16
-rw-r--r--gnu/packages/linux.scm19
-rw-r--r--gnu/packages/patches/openssl-c-rehash.patch17
-rw-r--r--gnu/packages/perl.scm26
-rw-r--r--gnu/packages/tls.scm81
6 files changed, 26 insertions, 155 deletions
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index 7e3f293817..34f391e5fa 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -208,9 +208,8 @@ applications should be.")
(define-public graphite2
(package
- (replacement graphite2-1.3.6)
(name "graphite2")
- (version "1.3.5")
+ (version "1.3.6")
(source
(origin
(method url-fetch)
@@ -218,8 +217,8 @@ applications should be.")
version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
- (base32
- "0jrjb56zim57xg2pckfdyrw46c624mqz9zywgwza0g1bxg26940w"))))
+ (base32
+ "1frd9mjaqzvh9gs74ngc43igi53vzjzlwr5chbrs6ii1hc4aa23s"))))
(build-system cmake-build-system)
(native-inputs
`(("python" ,python-2) ; because of "import imap" in tests
@@ -235,21 +234,6 @@ and returns a sequence of positioned glyphids from the font.")
(license license:lgpl2.1+)
(home-page "https://github.com/silnrsi/graphite")))
-(define graphite2-1.3.6
- (package
- (inherit graphite2)
- (replacement #f)
- (source
- (let ((name "graphite2") (version "1.3.6"))
- (origin
- (method url-fetch)
- (uri (string-append "https://github.com/silnrsi/graphite/archive/"
- version ".tar.gz"))
- (file-name (string-append name "-" version ".tar.gz"))
- (sha256
- (base32
- "1frd9mjaqzvh9gs74ngc43igi53vzjzlwr5chbrs6ii1hc4aa23s")))))))
-
(define-public potrace
(package
(name "potrace")
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index bc69af5a9e..16a1a6162d 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -61,14 +61,15 @@
(name "dbus")
(version "1.10.0")
(source (origin
- ;; TODO: Apply patch from DBUS/ACTIVATION below.
(method url-fetch)
(uri (string-append
"https://dbus.freedesktop.org/releases/dbus/dbus-"
version ".tar.gz"))
(sha256
(base32
- "0jwj7wlrhq5y0fwfh8k2d9rgdpfax06lj8698g6iqbwrzd2rgyqx"))))
+ "0jwj7wlrhq5y0fwfh8k2d9rgdpfax06lj8698g6iqbwrzd2rgyqx"))
+ (patches
+ (list (search-patch "dbus-helper-search-path.patch")))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
@@ -126,17 +127,6 @@ or through unencrypted TCP/IP suitable for use behind a firewall with
shared NFS home directories.")
(license license:gpl2+))) ; or Academic Free License 2.1
-(define-public dbus/activation
- ;; D-Bus with a patch to fix service activation.
- ;; TODO: Merge with DBUS above.
- (package
- (inherit dbus)
- (version (string-append (package-version dbus) ".a"))
- (source (origin
- (inherit (package-source dbus))
- (patches
- (list (search-patch "dbus-helper-search-path.patch")))))))
-
(define glib
(package
(name "glib")
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index f62c254447..d3865fbe66 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -1581,7 +1581,6 @@ from the module-init-tools project.")
(define-public eudev
;; The post-systemd fork, maintained by Gentoo.
- ;; TODO: Merge with 'eudev-with-blkid' below at an opportune time.
(package
(name "eudev")
(version "3.1.5")
@@ -1600,7 +1599,11 @@ from the module-init-tools project.")
("perl" ,perl)
("gperf" ,gperf)))
(inputs
- `(("kmod" ,kmod)))
+ ;; When linked against libblkid, eudev can populate /dev/disk/by-label
+ ;; and similar; it also installs the '60-persistent-storage.rules' file,
+ ;; which contains the rules to do that.
+ `(("util-linux" ,util-linux) ;for blkid
+ ("kmod" ,kmod)))
(home-page "https://wiki.gentoo.org/wiki/Project:Eudev")
(synopsis "Userspace device management")
(description "Udev is a daemon which dynamically creates and removes
@@ -1608,18 +1611,6 @@ device nodes from /dev/, handles hotplug events and loads drivers at boot
time.")
(license license:gpl2+)))
-(define-public eudev-with-blkid
- ;; TODO: Merge with 'eudev' above at an opportune time.
- (package
- (inherit eudev)
- (name "eudev-with-blkid")
- (inputs
- ;; When linked against libblkid, eudev can populate /dev/disk/by-label
- ;; and similar; it also installs the '60-persistent-storage.rules' file,
- ;; which contains the rules to do that.
- `(("util-linux" ,util-linux) ;for blkid
- ,@(package-inputs eudev)))))
-
(define-public lvm2
(package
(name "lvm2")
diff --git a/gnu/packages/patches/openssl-c-rehash.patch b/gnu/packages/patches/openssl-c-rehash.patch
deleted file mode 100644
index f873a9af23..0000000000
--- a/gnu/packages/patches/openssl-c-rehash.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-This patch removes the explicit reference to the 'perl' binary,
-such that OpenSSL does not retain a reference to Perl.
-
-The 'c_rehash' program is seldom used, but it is used nonetheless
-to create symbolic links to certificates, for instance in the 'nss-certs'
-package.
-
---- openssl-1.0.2d/tools/c_rehash 2015-09-09 18:36:07.313316482 +0200
-+++ openssl-1.0.2d/tools/c_rehash 2015-09-09 18:36:28.965458458 +0200
-@@ -1,4 +1,6 @@
--#!/usr/bin/perl
-+eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
-+ & eval 'exec perl -wS "$0" $argv:q'
-+ if 0;
-
- # Perl c_rehash script, scan all files in a directory
- # and add symbolic links to their hash values.
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index fb42735495..9bbcc8ffa4 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -38,7 +38,6 @@
(define-public perl
;; Yeah, Perl... It is required early in the bootstrap process by Linux.
(package
- (replacement perl-fixed)
(name "perl")
(version "5.22.1")
(source (origin
@@ -54,7 +53,8 @@
"perl-source-date-epoch.patch"
"perl-deterministic-ordering.patch"
"perl-no-build-time.patch"
- "perl-CVE-2015-8607.patch")))))
+ "perl-CVE-2015-8607.patch"
+ "perl-CVE-2016-2381.patch")))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f
@@ -116,28 +116,6 @@
(home-page "http://www.perl.org/")
(license gpl1+))) ; or "Artistic"
-(define perl-fixed
- (package
- (inherit perl)
- (replacement #f)
- (source
- (let ((name "perl") (version "5.22.1"))
- (origin
- (method url-fetch)
- (uri (string-append "http://www.cpan.org/src/5.0/perl-"
- version ".tar.gz"))
- (sha256
- (base32
- "09wg24w5syyafyv87l6z8pxwz4bjgcdj996bx5844k6m9445sirb"))
- (patches (map search-patch
- '("perl-no-sys-dirs.patch"
- "perl-autosplit-default-time.patch"
- "perl-source-date-epoch.patch"
- "perl-deterministic-ordering.patch"
- "perl-no-build-time.patch"
- "perl-CVE-2015-8607.patch"
- "perl-CVE-2016-2381.patch"))))))))
-
(define-public perl-algorithm-c3
(package
(name "perl-algorithm-c3")
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index b6bf2578ea..d6225f7592 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -179,22 +179,21 @@ required structures.")
(define-public openssl
(package
- (replacement openssl-1.0.2g)
(name "openssl")
- (version "1.0.2f")
+ (version "1.0.2g")
(source (origin
- (method url-fetch)
- (uri (list (string-append "ftp://ftp.openssl.org/source/"
- name "-" version ".tar.gz")
- (string-append "ftp://ftp.openssl.org/source/old/"
- (string-trim-right version char-set:letter)
- "/" name "-" version ".tar.gz")))
- (sha256
- (base32
- "171fkdg9v6j29d962nh6kb79kfm8kkhy7n9makw39d7jvvj4wawk"))
- (patches (map search-patch
- '("openssl-runpath.patch"
- "openssl-c-rehash.patch")))))
+ (method url-fetch)
+ (uri (list (string-append "ftp://ftp.openssl.org/source/"
+ name "-" version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/old/"
+ (string-trim-right version char-set:letter)
+ "/" name "-" version ".tar.gz")))
+ (sha256
+ (base32
+ "0cxajjayi859czi545ddafi24m9nwsnjsw4q82zrmqvwj2rv315p"))
+ (patches (map search-patch
+ '("openssl-runpath.patch"
+ "openssl-c-rehash-in.patch")))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(arguments
@@ -283,60 +282,6 @@ required structures.")
(license license:openssl)
(home-page "http://www.openssl.org/")))
-(define openssl-1.0.2g
- (package
- (inherit openssl)
- (replacement #f)
- (source
- (let ((name "openssl") (version "1.0.2g"))
- (origin
- (method url-fetch)
- (uri (list (string-append "ftp://ftp.openssl.org/source/"
- name "-" version ".tar.gz")
- (string-append "ftp://ftp.openssl.org/source/old/"
- (string-trim-right version char-set:letter)
- "/" name "-" version ".tar.gz")))
- (sha256
- (base32
- "0cxajjayi859czi545ddafi24m9nwsnjsw4q82zrmqvwj2rv315p"))
- (patches (map search-patch
- '("openssl-runpath.patch"
- "openssl-c-rehash-in.patch"))))))
- (arguments
- (substitute-keyword-arguments (package-arguments openssl)
- ((#:phases phases)
- `(modify-phases ,phases
- (replace 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (zero?
- (system*
- "./config"
-
- ;; XXX TEMPORARY, FOR GRAFTING ONLY
- ;; Enable ssl2 code to preserve
- ;; ABI compatibility with 1.0.2f
- "enable-ssl2"
-
- "shared" ;build shared libraries
- "--libdir=lib"
-
- ;; The default for this catch-all directory is
- ;; PREFIX/ssl. Change that to something more
- ;; conventional.
- (string-append "--openssldir=" out
- "/share/openssl-" ,(package-version openssl))
-
- (string-append "--prefix=" out)
-
- ;; XXX FIXME: Work around a code generation bug in GCC
- ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
- ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
- ,@(if (and (not (%current-target-system))
- (string-prefix? "armhf" (%current-system)))
- '("-mfpu=vfpv3")
- '()))))))))))))
-
(define-public libressl
(package
(name "libressl")