diff options
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/packages/autotools.scm | 9 | ||||
| -rw-r--r-- | gnu/packages/base.scm | 62 | ||||
| -rw-r--r-- | gnu/packages/bison.scm | 6 | ||||
| -rw-r--r-- | gnu/packages/fontutils.scm | 25 | ||||
| -rw-r--r-- | gnu/packages/gnome.scm | 47 | ||||
| -rw-r--r-- | gnu/packages/gnupg.scm | 83 | ||||
| -rw-r--r-- | gnu/packages/gnutls.scm | 5 | ||||
| -rw-r--r-- | gnu/packages/libunistring.scm | 5 | ||||
| -rw-r--r-- | gnu/packages/multiprecision.scm | 8 | ||||
| -rw-r--r-- | gnu/packages/patches/glibc-CVE-2012-3406.patch | 282 | ||||
| -rw-r--r-- | gnu/packages/patches/glibc-CVE-2014-7817.patch | 171 | ||||
| -rw-r--r-- | gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch | 45 | ||||
| -rw-r--r-- | gnu/packages/patches/grep-CVE-2015-1345.patch | 17 | ||||
| -rw-r--r-- | gnu/packages/patches/libtool-skip-tests.patch | 28 | ||||
| -rw-r--r-- | gnu/packages/xml.scm | 2 |
15 files changed, 201 insertions, 594 deletions
diff --git a/gnu/packages/autotools.scm b/gnu/packages/autotools.scm index 7f20b262f8..4b5cbb6dfd 100644 --- a/gnu/packages/autotools.scm +++ b/gnu/packages/autotools.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org> ;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> +;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -238,14 +239,14 @@ Makefile, simplifying the entire process for the developer.") (define-public libtool (package (name "libtool") - (version "2.4.5") + (version "2.4.6") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/libtool/libtool-" version ".tar.xz")) (sha256 (base32 - "0zhphv4n9bdd6sz66lqfrfqcsnv89mg2bykgi5w9401va4vc3al4")) + "0vxj52zm709125gwv9qqlw02silj8bnjnh4y07arrz60r31ai1vw")) (patches (list (search-patch "libtool-skip-tests.patch"))))) (build-system gnu-build-system) @@ -295,14 +296,14 @@ complexity of working with shared libraries across platforms.") ;; Libtool's extensive test suite isn't run. (package (name "libltdl") - (version "2.4.4") + (version "2.4.6") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/libtool/libtool-" version ".tar.xz")) (sha256 (base32 - "0v3zq08qxv7k5067mpqrkjkjl3wphhg06i696mka90mzadc5nad8")) + "0vxj52zm709125gwv9qqlw02silj8bnjnh4y07arrz60r31ai1vw")) (patches (list (search-patch "libtool-skip-tests.patch"))))) (build-system gnu-build-system) diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 9c5d6b7b27..13b1a1060f 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org> -;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> +;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014 Alex Kost <alezost@gmail.com> ;;; ;;; This file is part of GNU Guix. @@ -75,7 +75,8 @@ command-line arguments, multiple languages, and so on.") version ".tar.xz")) (sha256 (base32 - "1pp5n15qwxrw1pibwjhhgsibyv5cafhamf8lwzjygs6y00fa2i2j")))) + "1pp5n15qwxrw1pibwjhhgsibyv5cafhamf8lwzjygs6y00fa2i2j")) + (patches (list (search-patch "grep-CVE-2015-1345.patch"))))) (build-system gnu-build-system) (synopsis "Print lines matching a pattern") (description @@ -150,18 +151,16 @@ standard utility.") (define-public patch (package (name "patch") - (version "2.7.1") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/patch/patch-" - version ".tar.xz")) - (sha256 - (base32 - "1sqckf560pzwgniy00vcpdv2c9c11s4cmhlm14yqgg8avd3bl94i")))) + (version "2.7.4") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnu/patch/patch-" + version ".tar.xz")) + (sha256 + (base32 + "02gikxjvcxysr4l65c8vivgz62xmalp0av5ypzff8vqhrq3vpb0f")))) (build-system gnu-build-system) (native-inputs `(("ed", ed))) - ;; TODO: When cross-compiling, add this: - ;; '(#:configure-flags '("ac_cv_func_strnlen_working=yes")) (synopsis "Apply differences to originals, with optional backups") (description "Patch is a program that applies changes to files based on differences @@ -170,27 +169,8 @@ files depending on the contents of the diff file. It accepts several different diff formats. It may also be used to revert previously applied differences.") (license gpl3+) - (replacement patch-CVE-2015-1196) (home-page "http://savannah.gnu.org/projects/patch/"))) -(define-public patch-2.7.4 - (package - (inherit patch) - (version "2.7.4") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/patch/patch-" - version ".tar.xz")) - (sha256 - (base32 - "02gikxjvcxysr4l65c8vivgz62xmalp0av5ypzff8vqhrq3vpb0f")))) - (replacement #f))) - -(define patch-CVE-2015-1196 - (package (inherit patch-2.7.4) - ;; Keep the old version number so it can be used as a 'replacement'. - (version (package-version patch)))) - (define-public diffutils (package (name "diffutils") @@ -381,14 +361,14 @@ included.") (define-public glibc (package (name "glibc") - (version "2.20") + (version "2.21") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/glibc/glibc-" version ".tar.xz")) (sha256 (base32 - "19bbyfc2gcxr9rihrkkbd3p362i608yhlyrr7icqsa6cmr16sjzq")) + "1f135546j34s9bfkydmx2nhh9vwxlx60jldi80zmsnln6wj3dsxf")) (snippet ;; Disable 'ldconfig' and /etc/ld.so.cache. The latter is ;; required on LFS distros to avoid loading the distro's libc.so @@ -397,10 +377,7 @@ included.") (("use_ldconfig=yes") "use_ldconfig=no"))) (modules '((guix build utils))) - (patches (list (search-patch "glibc-CVE-2014-7817.patch") - (search-patch "glibc-CVE-2012-3406.patch") - (search-patch "glibc-mips-dangling-vfork-ref.patch") - (search-patch "glibc-ldd-x86_64.patch"))))) + (patches (list (search-patch "glibc-ldd-x86_64.patch"))))) (build-system gnu-build-system) ;; Glibc's <limits.h> refers to <linux/limit.h>, for instance, so glibc @@ -411,6 +388,7 @@ included.") (arguments `(#:out-of-source? #t + #:parallel-build? #f ; There's at least one race in the build. #:configure-flags (list "--enable-add-ons" "--sysconfdir=/etc" @@ -433,7 +411,7 @@ included.") (assoc-ref %build-inputs "linux-headers") "/include") - ;; This is the default for most architectures as of GNU libc 2.20, + ;; This is the default for most architectures as of GNU libc 2.21, ;; but we specify it explicitly for clarity and consistency. See ;; "kernel-features.h" in the GNU libc for details. "--enable-kernel=2.6.32" @@ -512,6 +490,13 @@ included.") (native-inputs `(("texinfo" ,texinfo) ("perl" ,perl))) + (native-search-paths + ;; Search path for packages that provide locale data. This is useful + ;; primarily in build environments. + (list (search-path-specification + (variable "LOCPATH") + (files '("lib/locale"))))) + (synopsis "The GNU C Library") (description "Any Unix-like operating system needs a C library: the library which @@ -536,6 +521,7 @@ with the Linux kernel.") more than 400 in total. To use them set the 'LOCPATH' environment variable to the 'share/locale' sub-directory of this package.") (outputs '("out")) ;110+ MiB + (native-search-paths '()) (arguments (let ((args `(#:tests? #f #:strip-binaries? #f ,@(package-arguments glibc)))) diff --git a/gnu/packages/bison.scm b/gnu/packages/bison.scm index 76aa88fe26..43ab216797 100644 --- a/gnu/packages/bison.scm +++ b/gnu/packages/bison.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2015 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,7 +30,7 @@ (define bison (package (name "bison") - (version "3.0.2") + (version "3.0.4") (source (origin (method url-fetch) @@ -38,7 +38,7 @@ version ".tar.xz")) (sha256 (base32 - "0g4gjan477lac18m51kv4xzcsp6wjfsfwvd2dxymcl6vid9fihx2")))) + "1qbgf6q1n2z17k8g33444m0q68kf3fbiq65q7jlrzpvvj73jh957")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl))) (inputs `(("flex" ,flex))) diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index 4d4a288d3e..14f42a9236 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -40,28 +40,23 @@ (define-public freetype (package (name "freetype") - (version "2.4.11") + (version "2.5.5") (source (origin (method url-fetch) (uri (string-append "mirror://savannah/freetype/freetype-" - version ".tar.gz")) + version ".tar.bz2")) (sha256 (base32 - "0gpcz6swir64kp0dk3rwgqqkmf48b90dqgczdmznjjryhrahx9r9")))) + "1fdgl7js99xv1yy5zx1ravmqd0jxlnqpv7zcl954h4hbg15wqyrq")))) (build-system gnu-build-system) (arguments `(#:phases - (alist-replace - 'install - (lambda* (#:key outputs #:allow-other-keys #:rest args) - (let ((install (assoc-ref %standard-phases 'install)) - (include (string-append (assoc-ref outputs "out") "/include"))) - (apply install args) - ;; Unravel one directory, since ft2build.h includes directly from - ;; freetype/, not freetype2/freetype; this is announced in the file - ;; to be changed in a future release. - (symlink (string-append include "/freetype2/freetype") - (string-append include "/freetype")))) - %standard-phases))) + ;; This should not be necessary; reported upstream as + ;; https://savannah.nongnu.org/bugs/index.php?44261 + (alist-cons-before + 'configure 'set-paths + (lambda _ + (setenv "CONFIG_SHELL" (which "bash"))) + %standard-phases))) (synopsis "Font rendering library") (description "Freetype is a library that can be used by applications to access the diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 663912bf3c..52be520df5 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net> ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2014, 2015 Federico Beffa <beffa@fbengineering.ch> +;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -1536,3 +1537,49 @@ serialization and deserialization support for the JavaScript Object Notation GObject classes and various wrappers for the complex data types employed by JSON, such as arrays and objects.") (license license:lgpl2.1+))) + +(define-public libxklavier + (package + (name "libxklavier") + (version "5.3") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnome/sources/" name "/" + version "/" name "-" version ".tar.xz")) + (sha256 + (base32 + "016lpdv35z0qsw1cprdc2k5qzkdi5waj6qmr0a2q6ljn9g2kpv7b")))) + (build-system gnu-build-system) + (arguments + '(#:configure-flags + (list (string-append "--with-xkb-base=" + (assoc-ref %build-inputs "xkeyboard-config") + "/share/X11/xkb")) + #:phases + (alist-cons-before + 'build 'set-cc + (lambda _ + (setenv "CC" "gcc")) ; for g-ir-scanner. + %standard-phases))) + (native-inputs + `(("glib:bin" ,glib "bin") ; for glib-mkenums, etc. + ("gobject-introspection" ,gobject-introspection) + ("pkg-config" ,pkg-config))) + (propagated-inputs + ;; Required by libxklavier.pc. + `(("glib" ,glib) + ("libxml2" ,libxml2))) + (inputs + `(("iso-codes" ,iso-codes) + ("libxi" ,libxi) + ("libxkbfile" ,libxkbfile) + ("xkbcomp" ,xkbcomp) + ("xkeyboard-config" ,xkeyboard-config))) + (home-page "http://www.freedesktop.org/wiki/Software/LibXklavier/") + (synopsis "High-level API for X Keyboard Extension") + (description + "LibXklavier is a library providing high-level API for X Keyboard +Extension known as XKB. This library is indended to support XFree86 and other +commercial X servers. It is useful for creating XKB-related software (layout +indicators etc).") + (license license:lgpl2.0+))) diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index 9bc75b2329..584b1c68c1 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2013 Andreas Enge <andreas@enge.fr> +;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; @@ -39,7 +39,7 @@ (define-public libgpg-error (package (name "libgpg-error") - (version "1.17") + (version "1.18") (source (origin (method url-fetch) @@ -47,7 +47,7 @@ version ".tar.bz2")) (sha256 (base32 - "1dapxzxl1naghf342fwfc2w2f2c5hb9gr1a1s4n8dsqn26kybx1z")))) + "0408v19h3h0q6w61g51hgbdg6cyw81nyzkh70qfprvsc3pkddwcz")))) (build-system gnu-build-system) (home-page "http://gnupg.org") (synopsis "Library of error values for GnuPG components") @@ -162,17 +162,42 @@ as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.") (license gpl3+))) +(define-public npth + (package + (name "npth") + (version "1.1") + (source + (origin + (method url-fetch) + (uri (string-append + "mirror://gnupg/npth/npth-" + version ".tar.bz2")) + (sha256 + (base32 + "0zyzwmk4mp6pas87jz35zx0jvwdz7x5b13w225gs73gcn8g5cv49")))) + (build-system gnu-build-system) + (home-page "http://www.gnupg.org") + (synopsis "Non-preemptive thread library") + (description + "Npth is a library to provide the GNU Pth API and thus a non-preemptive +threads implementation. + +In contrast to GNU Pth is is based on the system's standard threads +implementation. This allows the use of libraries which are not +compatible to GNU Pth.") + (license (list lgpl3+ gpl2+)))) ; dual license + (define-public gnupg (package (name "gnupg") - (version "2.0.26") + (version "2.1.2") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/gnupg/gnupg-" version ".tar.bz2")) (sha256 (base32 - "1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p")))) + "14k7c5spai3yppz6izf1ggbnffskl54ln87v1wgy9pwism1mlks0")))) (build-system gnu-build-system) (inputs `(("bzip2" ,guix:bzip2) @@ -181,7 +206,7 @@ specifications are building blocks of S/MIME and TLS.") ("libgcrypt" ,libgcrypt) ("libgpg-error" ,libgpg-error) ("libksba" ,libksba) - ("pth" ,pth) + ("npth" ,npth) ("openldap" ,openldap) ("zlib" ,guix:zlib) ("readline" ,readline))) @@ -190,8 +215,8 @@ specifications are building blocks of S/MIME and TLS.") (alist-cons-before 'configure 'patch-config-files (lambda _ - (substitute* "tests/openpgp/Makefile.in" - (("/bin/sh") (which "bash")))) + (substitute* "tests/openpgp/defs.inc" + (("/bin/pwd") (which "pwd")))) %standard-phases))) (home-page "http://gnupg.org/") (synopsis "GNU Privacy Guard") @@ -204,6 +229,36 @@ components), libgpg-error (centralized GnuPG error values), and libskba (working with X.509 certificates and CMS data).") (license gpl3+))) +(define-public gnupg-2.0 + (package (inherit gnupg) + (version "2.0.26") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnupg/gnupg/gnupg-" version + ".tar.bz2")) + (sha256 + (base32 + "1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p")))) + (inputs + `(("bzip2" ,guix:bzip2) + ("curl" ,curl) + ("libassuan" ,libassuan) + ("libgcrypt" ,libgcrypt) + ("libgpg-error" ,libgpg-error) + ("libksba" ,libksba) + ("pth" ,pth) + ("openldap" ,openldap) + ("zlib" ,guix:zlib) + ("readline" ,readline))) + (arguments + `(#:phases + (alist-cons-before + 'configure 'patch-config-files + (lambda _ + (substitute* "tests/openpgp/Makefile.in" + (("/bin/sh") (which "bash")))) + %standard-phases))))) + (define-public gnupg-1 (package (inherit gnupg) (version "1.4.18") @@ -231,7 +286,7 @@ libskba (working with X.509 certificates and CMS data).") (define-public gpgme (package (name "gpgme") - (version "1.5.1") + (version "1.5.3") (source (origin (method url-fetch) @@ -239,7 +294,7 @@ libskba (working with X.509 certificates and CMS data).") ".tar.bz2")) (sha256 (base32 - "1qqi9bxwxxsc4r15j7drclgp0w8jk9nj3h2fsivk4c7brvw3lbvc")))) + "1jgwmra6cf0i5x2prj92w77vl7hmj276qmmll3lwysbyn32l1c0d")))) (build-system gnu-build-system) (propagated-inputs ;; Needs to be propagated because gpgme.h includes gpg-error.h. @@ -265,14 +320,14 @@ and every application benefits from this.") (define-public pius (package (name "pius") - (version "2.0.9") + (version "2.0.11") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/pgpius/pius/" version "/pius-" version ".tar.bz2")) (sha256 (base32 - "1g1jly3wl4ks6h8ydkygyl2c4i7v3z91rg42005m6vm70y1d8b3d")))) + "0pdbyqz6k0bm182cz81ss7yckmpms5qhrrw0wcr4a1srzcjyzf5f")))) (build-system gnu-build-system) (inputs `(("perl" ,perl) ("python" ,python-2) ; uses the Python 2 'print' syntax @@ -414,14 +469,14 @@ including tools for signing keys, keyring analysis, and party preparation. (define-public pinentry (package (name "pinentry") - (version "0.8.3") + (version "0.9.0") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/pinentry/pinentry-" version ".tar.bz2")) (sha256 (base32 - "1bd047crf7xb8g61mval8v6qww98rddlsw2dz6j8h8qbnl4hp2sn")))) + "1awhajq21hcjgqfxg9czaxg555gij4bba6axrwg8w6lfmc3ml14h")))) (build-system gnu-build-system) (inputs `(("ncurses" ,ncurses) diff --git a/gnu/packages/gnutls.scm b/gnu/packages/gnutls.scm index a51d948ce8..b256a97ddf 100644 --- a/gnu/packages/gnutls.scm +++ b/gnu/packages/gnutls.scm @@ -132,14 +132,15 @@ living in the same process.") ;; independently. This seems suboptimal. "--with-default-trust-store-dir=/etc/ssl/certs"))) (native-inputs - `(("pkg-config" ,pkg-config))) + `(("pkg-config" ,pkg-config) + ("which" ,which))) (inputs `(("guile" ,guile-2.0) ("perl" ,perl))) (propagated-inputs + ;; These are all in the 'Requires.private' field of gnutls.pc. `(("libtasn1" ,libtasn1) ("nettle" ,nettle) - ("which" ,which) ("zlib" ,guix:zlib))) (home-page "http://www.gnu.org/software/gnutls/") (synopsis "Transport layer security library") diff --git a/gnu/packages/libunistring.scm b/gnu/packages/libunistring.scm index ddafd74202..aa053711a9 100644 --- a/gnu/packages/libunistring.scm +++ b/gnu/packages/libunistring.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -25,7 +26,7 @@ (define-public libunistring (package (name "libunistring") - (version "0.9.4") + (version "0.9.5") (source (origin (method url-fetch) (uri (string-append @@ -33,7 +34,7 @@ version ".tar.gz")) (sha256 (base32 - "19nqvn19hz25ig9dbmh2di5j1r7v852x9mlnq0nr0hka51ins97m")))) + "05va4x47ik006nd13grwm276gfxb8igsj63k37vvwl3q8rr0g30s")))) (propagated-inputs '()) ; FIXME: add libiconv when !glibc (build-system gnu-build-system) (arguments diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm index ddbfc79965..da52b2b1e9 100644 --- a/gnu/packages/multiprecision.scm +++ b/gnu/packages/multiprecision.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> +;;; Copyright © 2015 Andreas Enge <andreas@enge.fr> ;;; ;;; This file is part of GNU Guix. ;;; @@ -88,13 +89,14 @@ floating-point computations with correct rounding.") (define-public mpc (package (name "mpc") - (version "1.0.2") + (version "1.0.3") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/mpc/mpc-" version ".tar.gz")) - (sha256 (base32 - "1264h3ivldw5idph63x35dqqdzqqbxrm5vlir0xyx727i96zaqdm")))) + (sha256 + (base32 + "1hzci2zrrd7v3g1jk35qindq05hbl0bhjcyyisq9z209xb3fqzb1")))) (build-system gnu-build-system) (outputs '("out" "debug")) (propagated-inputs `(("gmp" ,gmp) ; <mpc.h> refers to both diff --git a/gnu/packages/patches/glibc-CVE-2012-3406.patch b/gnu/packages/patches/glibc-CVE-2012-3406.patch deleted file mode 100644 index 9147a2aeee..0000000000 --- a/gnu/packages/patches/glibc-CVE-2012-3406.patch +++ /dev/null @@ -1,282 +0,0 @@ -Fix CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] - -Note: Here the ChangeLog and NEWS updates are removed from Jeff's - patch, since they depend on other earlier commits. - -From: Jeff Law <law@redhat.com> -Date: Mon, 15 Dec 2014 09:09:32 +0000 (+0100) -Subject: CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] -X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff_plain;h=a3a1f4163c4d0f9a36056c8640661a88674ae8a2 - -CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] - -A larger number of format specifiers coudld cause a stack overflow, -potentially allowing to bypass _FORTIFY_SOURCE format string -protection. - -(cherry picked from commit a5357b7ce2a2982c5778435704bcdb55ce3667a0) -(cherry picked from commit ae61fc7b33d9d99d2763c16de8275227dc9748ba) - -Conflicts: - NEWS ---- - -diff --git a/stdio-common/Makefile b/stdio-common/Makefile -index 5f8e534..e5e45b6 100644 ---- a/stdio-common/Makefile -+++ b/stdio-common/Makefile -@@ -57,7 +57,7 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ - bug19 bug19a tst-popen2 scanf13 scanf14 scanf15 bug20 bug21 bug22 \ - scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \ - bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \ -- bug25 tst-printf-round bug26 -+ bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 - - test-srcs = tst-unbputc tst-printf - -diff --git a/stdio-common/bug23-2.c b/stdio-common/bug23-2.c -new file mode 100644 -index 0000000..9e0cfe6 ---- /dev/null -+++ b/stdio-common/bug23-2.c -@@ -0,0 +1,70 @@ -+#include <stdio.h> -+#include <string.h> -+#include <stdlib.h> -+ -+static const char expected[] = "\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55\ -+\n\ -+a\n\ -+abbcd55%%%%%%%%%%%%%%%%%%%%%%%%%%\n"; -+ -+static int -+do_test (void) -+{ -+ char *buf = malloc (strlen (expected) + 1); -+ snprintf (buf, strlen (expected) + 1, -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n", -+ "a", "b", "c", "d", 5); -+ return strcmp (buf, expected) != 0; -+} -+ -+#define TEST_FUNCTION do_test () -+#include "../test-skeleton.c" -diff --git a/stdio-common/bug23-3.c b/stdio-common/bug23-3.c -new file mode 100644 -index 0000000..57c8cef ---- /dev/null -+++ b/stdio-common/bug23-3.c -@@ -0,0 +1,50 @@ -+#include <stdio.h> -+#include <string.h> -+#include <stdlib.h> -+ -+int -+do_test (void) -+{ -+ size_t instances = 16384; -+#define X0 "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" -+ const char *item = "\na\nabbcd55"; -+#define X3 X0 X0 X0 X0 X0 X0 X0 X0 -+#define X6 X3 X3 X3 X3 X3 X3 X3 X3 -+#define X9 X6 X6 X6 X6 X6 X6 X6 X6 -+#define X12 X9 X9 X9 X9 X9 X9 X9 X9 -+#define X14 X12 X12 X12 X12 -+#define TRAILER "%%%%%%%%%%%%%%%%%%%%%%%%%%" -+#define TRAILER2 TRAILER TRAILER -+ size_t length = instances * strlen (item) + strlen (TRAILER) + 1; -+ -+ char *buf = malloc (length + 1); -+ snprintf (buf, length + 1, -+ X14 TRAILER2 "\n", -+ "a", "b", "c", "d", 5); -+ -+ const char *p = buf; -+ size_t i; -+ for (i = 0; i < instances; ++i) -+ { -+ const char *expected; -+ for (expected = item; *expected; ++expected) -+ { -+ if (*p != *expected) -+ { -+ printf ("mismatch at offset %zu (%zu): expected %d, got %d\n", -+ (size_t) (p - buf), i, *expected & 0xFF, *p & 0xFF); -+ return 1; -+ } -+ ++p; -+ } -+ } -+ if (strcmp (p, TRAILER "\n") != 0) -+ { -+ printf ("mismatch at trailer: [%s]\n", p); -+ return 1; -+ } -+ free (buf); -+ return 0; -+} -+#define TEST_FUNCTION do_test () -+#include "../test-skeleton.c" -diff --git a/stdio-common/bug23-4.c b/stdio-common/bug23-4.c -new file mode 100644 -index 0000000..a478564 ---- /dev/null -+++ b/stdio-common/bug23-4.c -@@ -0,0 +1,31 @@ -+#include <stdio.h> -+#include <stdlib.h> -+#include <string.h> -+#include <sys/resource.h> -+ -+#define LIMIT 1000000 -+ -+int -+main (void) -+{ -+ struct rlimit lim; -+ getrlimit (RLIMIT_STACK, &lim); -+ lim.rlim_cur = 1048576; -+ setrlimit (RLIMIT_STACK, &lim); -+ char *fmtstr = malloc (4 * LIMIT + 1); -+ if (fmtstr == NULL) -+ abort (); -+ char *output = malloc (LIMIT + 1); -+ if (output == NULL) -+ abort (); -+ for (size_t i = 0; i < LIMIT; i++) -+ memcpy (fmtstr + 4 * i, "%1$d", 4); -+ fmtstr[4 * LIMIT] = '\0'; -+ int ret = snprintf (output, LIMIT + 1, fmtstr, 0); -+ if (ret != LIMIT) -+ abort (); -+ for (size_t i = 0; i < LIMIT; i++) -+ if (output[i] != '0') -+ abort (); -+ return 0; -+} -diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c -index c4ff833..429a3d1 100644 ---- a/stdio-common/vfprintf.c -+++ b/stdio-common/vfprintf.c -@@ -263,6 +263,12 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap) - /* For the argument descriptions, which may be allocated on the heap. */ - void *args_malloced = NULL; - -+ /* For positional argument handling. */ -+ struct printf_spec *specs; -+ -+ /* Track if we malloced the SPECS array and thus must free it. */ -+ bool specs_malloced = false; -+ - /* This table maps a character into a number representing a - class. In each step there is a destination label for each - class. */ -@@ -1679,8 +1685,8 @@ do_positional: - size_t nspecs = 0; - /* A more or less arbitrary start value. */ - size_t nspecs_size = 32 * sizeof (struct printf_spec); -- struct printf_spec *specs = alloca (nspecs_size); - -+ specs = alloca (nspecs_size); - /* The number of arguments the format string requests. This will - determine the size of the array needed to store the argument - attributes. */ -@@ -1721,11 +1727,39 @@ do_positional: - if (nspecs * sizeof (*specs) >= nspecs_size) - { - /* Extend the array of format specifiers. */ -+ if (nspecs_size * 2 < nspecs_size) -+ { -+ __set_errno (ENOMEM); -+ done = -1; -+ goto all_done; -+ } - struct printf_spec *old = specs; -- specs = extend_alloca (specs, nspecs_size, 2 * nspecs_size); -+ if (__libc_use_alloca (2 * nspecs_size)) -+ specs = extend_alloca (specs, nspecs_size, 2 * nspecs_size); -+ else -+ { -+ nspecs_size *= 2; -+ specs = malloc (nspecs_size); -+ if (specs == NULL) -+ { -+ __set_errno (ENOMEM); -+ specs = old; -+ done = -1; -+ goto all_done; -+ } -+ } - - /* Copy the old array's elements to the new space. */ - memmove (specs, old, nspecs * sizeof (*specs)); -+ -+ /* If we had previously malloc'd space for SPECS, then -+ release it after the copy is complete. */ -+ if (specs_malloced) -+ free (old); -+ -+ /* Now set SPECS_MALLOCED if needed. */ -+ if (!__libc_use_alloca (nspecs_size)) -+ specs_malloced = true; - } - - /* Parse the format specifier. */ -@@ -2046,6 +2080,8 @@ do_positional: - } - - all_done: -+ if (specs_malloced) -+ free (specs); - if (__glibc_unlikely (args_malloced != NULL)) - free (args_malloced); - if (__glibc_unlikely (workstart != NULL)) diff --git a/gnu/packages/patches/glibc-CVE-2014-7817.patch b/gnu/packages/patches/glibc-CVE-2014-7817.patch deleted file mode 100644 index 14c885523c..0000000000 --- a/gnu/packages/patches/glibc-CVE-2014-7817.patch +++ /dev/null @@ -1,171 +0,0 @@ -Fix CVE-2014-7817: wordexp fails to honour WRDE_NOCMD. - -Note: Here the ChangeLog and NEWS updates are removed from Carlos's - patch, since they depend on other earlier commits. - -From: Carlos O'Donell <carlos@redhat.com> -Date: Wed, 19 Nov 2014 16:44:12 +0000 (-0500) -Subject: CVE-2014-7817: wordexp fails to honour WRDE_NOCMD. -X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff_plain;h=33ceaf6187b31ea15284ac65131749e1cb68d2ae - -CVE-2014-7817: wordexp fails to honour WRDE_NOCMD. - -The function wordexp() fails to properly handle the WRDE_NOCMD -flag when processing arithmetic inputs in the form of "$((... ``))" -where "..." can be anything valid. The backticks in the arithmetic -epxression are evaluated by in a shell even if WRDE_NOCMD forbade -command substitution. This allows an attacker to attempt to pass -dangerous commands via constructs of the above form, and bypass -the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD -in exec_comm(), the only place that can execute a shell. All other -checks for WRDE_NOCMD are superfluous and removed. - -We expand the testsuite and add 3 new regression tests of roughly -the same form but with a couple of nested levels. - -On top of the 3 new tests we add fork validation to the WRDE_NOCMD -testing. If any forks are detected during the execution of a wordexp() -call with WRDE_NOCMD, the test is marked as failed. This is slightly -heuristic since vfork might be used in the future, but it provides a -higher level of assurance that no shells were executed as part of -command substitution with WRDE_NOCMD in effect. In addition it doesn't -require libpthread or libdl, instead we use the public implementation -namespace function __register_atfork (already part of the public ABI -for libpthread). - -Tested on x86_64 with no regressions. - -(cherry picked from commit a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c) ---- - -diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c -index 4957006..bdd65e4 100644 ---- a/posix/wordexp-test.c -+++ b/posix/wordexp-test.c -@@ -27,6 +27,25 @@ - - #define IFS " \n\t" - -+extern void *__dso_handle __attribute__ ((__weak__, __visibility__ ("hidden"))); -+extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *); -+ -+static int __app_register_atfork (void (*prepare) (void), void (*parent) (void), void (*child) (void)) -+{ -+ return __register_atfork (prepare, parent, child, -+ &__dso_handle == NULL ? NULL : __dso_handle); -+} -+ -+/* Number of forks seen. */ -+static int registered_forks; -+ -+/* For each fork increment the fork count. */ -+static void -+register_fork (void) -+{ -+ registered_forks++; -+} -+ - struct test_case_struct - { - int retval; -@@ -206,6 +225,12 @@ struct test_case_struct - { WRDE_SYNTAX, NULL, "$((2+))", 0, 0, { NULL, }, IFS }, - { WRDE_SYNTAX, NULL, "`", 0, 0, { NULL, }, IFS }, - { WRDE_SYNTAX, NULL, "$((010+4+))", 0, 0, { NULL }, IFS }, -+ /* Test for CVE-2014-7817. We test 3 combinations of command -+ substitution inside an arithmetic expression to make sure that -+ no commands are executed and error is returned. */ -+ { WRDE_CMDSUB, NULL, "$((`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, -+ { WRDE_CMDSUB, NULL, "$((1+`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, -+ { WRDE_CMDSUB, NULL, "$((1+$((`echo 1`))))", WRDE_NOCMD, 0, { NULL, }, IFS }, - - { -1, NULL, NULL, 0, 0, { NULL, }, IFS }, - }; -@@ -258,6 +283,15 @@ main (int argc, char *argv[]) - return -1; - } - -+ /* If we are not allowed to do command substitution, we install -+ fork handlers to verify that no forks happened. No forks should -+ happen at all if command substitution is disabled. */ -+ if (__app_register_atfork (register_fork, NULL, NULL) != 0) -+ { -+ printf ("Failed to register fork handler.\n"); -+ return -1; -+ } -+ - for (test = 0; test_case[test].retval != -1; test++) - if (testit (&test_case[test])) - ++fail; -@@ -367,6 +401,9 @@ testit (struct test_case_struct *tc) - - printf ("Test %d (%s): ", ++tests, tc->words); - -+ if (tc->flags & WRDE_NOCMD) -+ registered_forks = 0; -+ - if (tc->flags & WRDE_APPEND) - { - /* initial wordexp() call, to be appended to */ -@@ -378,6 +415,13 @@ testit (struct test_case_struct *tc) - } - retval = wordexp (tc->words, &we, tc->flags); - -+ if ((tc->flags & WRDE_NOCMD) -+ && (registered_forks > 0)) -+ { -+ printf ("FAILED fork called for WRDE_NOCMD\n"); -+ return 1; -+ } -+ - if (tc->flags & WRDE_DOOFFS) - start_offs = sav_we.we_offs; - -diff --git a/posix/wordexp.c b/posix/wordexp.c -index b6b65dd..26f3a26 100644 ---- a/posix/wordexp.c -+++ b/posix/wordexp.c -@@ -893,6 +893,10 @@ exec_comm (char *comm, char **word, size_t *word_length, size_t *max_length, - pid_t pid; - int noexec = 0; - -+ /* Do nothing if command substitution should not succeed. */ -+ if (flags & WRDE_NOCMD) -+ return WRDE_CMDSUB; -+ - /* Don't fork() unless necessary */ - if (!comm || !*comm) - return 0; -@@ -2082,9 +2086,6 @@ parse_dollars (char **word, size_t *word_length, size_t *max_length, - } - } - -- if (flags & WRDE_NOCMD) -- return WRDE_CMDSUB; -- - (*offset) += 2; - return parse_comm (word, word_length, max_length, words, offset, flags, - quoted? NULL : pwordexp, ifs, ifs_white); -@@ -2196,9 +2197,6 @@ parse_dquote (char **word, size_t *word_length, size_t *max_length, - break; - - case '`': -- if (flags & WRDE_NOCMD) -- return WRDE_CMDSUB; -- - ++(*offset); - error = parse_backtick (word, word_length, max_length, words, - offset, flags, NULL, NULL, NULL); -@@ -2357,12 +2355,6 @@ wordexp (const char *words, wordexp_t *pwordexp, int flags) - break; - - case '`': -- if (flags & WRDE_NOCMD) -- { -- error = WRDE_CMDSUB; -- goto do_error; -- } -- - ++words_offset; - error = parse_backtick (&word, &word_length, &max_length, words, - &words_offset, flags, pwordexp, ifs, diff --git a/gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch b/gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch deleted file mode 100644 index 852b6de669..0000000000 --- a/gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch +++ /dev/null @@ -1,45 +0,0 @@ -Avoid a dangling `vfork@GLIBC_2.0' reference on MIPS. - -Note: Here the ChangeLog and NEWS updates are removed from Maciej's - patch, since they depend on other earlier commits. - -From: Maciej W. Rozycki <macro@codesourcery.com> -Date: Wed, 22 Oct 2014 14:20:37 +0000 (+0100) -Subject: MIPS: Avoid a dangling `vfork@GLIBC_2.0' reference -X-Git-Url: https://sourceware.org/git/?p=glibc.git;a=commitdiff_plain;h=c14e752fc73d34c75d4f84f37fea8e0b1734cf98 - -MIPS: Avoid a dangling `vfork@GLIBC_2.0' reference - -This satisfies a symbol reference created with: - - .symver __libc_vfork, vfork@GLIBC_2.0 - -where `__libc_vfork' has not been defined or referenced. In this case -the `vfork@GLIBC_2.0' reference is supposed to be discarded, however a -bug present in GAS since forever causes an undefined symbol table entry -to be created. This in turn triggers a problem in the linker that can -manifest itself by link errors such as: - -ld: libpthread.so: invalid string offset 2765592330 >= 5154 for section `.dynstr' - -The GAS and linker bugs need to be resolved, but we can avoid them too -by providing a `__libc_vfork' definition just like our other platforms. - - [BZ #17485] - * sysdeps/unix/sysv/linux/mips/vfork.S (__libc_vfork): Define. - -(cherry picked from commit b5af9297d51a43f96c5be1bafab032184690dd6f) - -Conflicts: - NEWS ---- - -diff --git a/sysdeps/unix/sysv/linux/mips/vfork.S b/sysdeps/unix/sysv/linux/mips/vfork.S -index 80c362d..2c1a747 100644 ---- a/sysdeps/unix/sysv/linux/mips/vfork.S -+++ b/sysdeps/unix/sysv/linux/mips/vfork.S -@@ -108,3 +108,4 @@ L(error): - - libc_hidden_def(__vfork) - weak_alias (__vfork, vfork) -+strong_alias (__vfork, __libc_vfork) diff --git a/gnu/packages/patches/grep-CVE-2015-1345.patch b/gnu/packages/patches/grep-CVE-2015-1345.patch new file mode 100644 index 0000000000..b0d0c8e5dc --- /dev/null +++ b/gnu/packages/patches/grep-CVE-2015-1345.patch @@ -0,0 +1,17 @@ +Fix CVE-2015-1345. From upstream commit +83a95bd8c8561875b948cadd417c653dbe7ef2e2 +by Yuliy Pisetsky <ypisetsky@fb.com>. + +diff --git a/src/kwset.c b/src/kwset.c +index 4003c8d..376f7c3 100644 +--- a/src/kwset.c ++++ b/src/kwset.c +@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size) + if (! tp) + return -1; + tp++; ++ if (ep <= tp) ++ break; + } + } + } diff --git a/gnu/packages/patches/libtool-skip-tests.patch b/gnu/packages/patches/libtool-skip-tests.patch index 6082c3f1f1..9191d40487 100644 --- a/gnu/packages/patches/libtool-skip-tests.patch +++ b/gnu/packages/patches/libtool-skip-tests.patch @@ -4,8 +4,8 @@ one in demo.test, and one in destdir.at. Disable these. Also skip the nopic test on ARM and MIPS systems. ---- libtool-2.4.4/tests/demo.at.orig 2014-11-19 07:28:51.000000000 -0500 -+++ libtool-2.4.4/tests/demo.at 2015-01-07 17:30:46.482247718 -0500 +--- libtool-2.4.6/tests/demo.at.orig 2015-01-16 13:52:04.000000000 -0500 ++++ libtool-2.4.6/tests/demo.at 2015-02-16 10:48:51.435851966 -0500 @@ -510,7 +510,7 @@ AT_SETUP([force non-PIC objects]) @@ -15,9 +15,9 @@ Also skip the nopic test on ARM and MIPS systems. # These hosts cannot use non-PIC shared libs exit 77 ;; *-solaris*|*-sunos*) ---- libtool-2.4.4/tests/testsuite.orig 2014-11-29 11:43:11.000000000 -0500 -+++ libtool-2.4.4/tests/testsuite 2015-01-07 17:24:51.424672582 -0500 -@@ -8633,7 +8633,7 @@ +--- libtool-2.4.6/tests/testsuite.orig 2015-02-15 11:15:25.000000000 -0500 ++++ libtool-2.4.6/tests/testsuite 2015-02-16 10:50:58.736483216 -0500 +@@ -8741,7 +8741,7 @@ { set +x $as_echo "$at_srcdir/demo.at:535: case \$host in @@ -26,7 +26,7 @@ Also skip the nopic test on ARM and MIPS systems. # These hosts cannot use non-PIC shared libs exit 77 ;; *-solaris*|*-sunos*) -@@ -8658,7 +8658,7 @@ +@@ -8766,7 +8766,7 @@ " at_fn_check_prepare_notrace 'a `...` command substitution' "demo.at:535" ( $at_check_trace; case $host in @@ -35,19 +35,19 @@ Also skip the nopic test on ARM and MIPS systems. # These hosts cannot use non-PIC shared libs exit 77 ;; *-solaris*|*-sunos*) -@@ -9185,7 +9185,7 @@ read at_status <"$at_status_file" - #AT_START_33 - at_fn_group_banner 33 'demo.at:548' \ - "hardcoding library path" " " 3 +@@ -9298,7 +9298,7 @@ + #AT_START_34 + at_fn_group_banner 34 'demo.at:548' \ + "hardcoding library path" " " 4 -at_xfail=no +at_xfail=yes test no = "$ACLOCAL" && at_xfail=yes test no = "$AUTOHEADER" && at_xfail=yes test no = "$AUTOMAKE" && at_xfail=yes -@@ -27052,7 +27052,7 @@ read at_status <"$at_status_file" - #AT_START_97 - at_fn_group_banner 97 'destdir.at:75' \ - "DESTDIR with in-package deplibs" " " 7 +@@ -27243,7 +27243,7 @@ + #AT_START_98 + at_fn_group_banner 98 'destdir.at:75' \ + "DESTDIR with in-package deplibs" " " 8 -at_xfail=no +at_xfail=yes eval `$LIBTOOL --config | $GREP '^fast_install='` diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index f2b3baa418..173435d2a5 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -65,7 +65,7 @@ things the parser might find in the XML document (like start tags).") (build-system gnu-build-system) (home-page "http://www.xmlsoft.org/") (synopsis "C parser for XML") - (inputs `(("zlib" ,zlib))) + (propagated-inputs `(("zlib" ,zlib))) ; libxml2.la says '-lz'. (native-inputs `(("perl" ,perl) ("python" ,python-2))) ; incompatible with Python 3 (print syntax) |