diff options
author | Marius Bakke <mbakke@fastmail.com> | 2019-10-23 20:48:55 +0200 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2019-10-23 20:48:55 +0200 |
commit | 4c1918db34e09f0da793c607acc161bdf9ec5535 (patch) | |
tree | e84431dc161ed3c04c9b94abe8224ec7f759df5f | |
parent | e8062974d5cc598134da4d57ff45970ac431611b (diff) | |
parent | 4163b6d855a4e655852029625762fccb077a196d (diff) | |
download | patches-4c1918db34e09f0da793c607acc161bdf9ec5535.tar patches-4c1918db34e09f0da793c607acc161bdf9ec5535.tar.gz |
Merge branch 'master' into staging
51 files changed, 4618 insertions, 1130 deletions
diff --git a/Makefile.am b/Makefile.am index 36767c2f47..b1f33946c5 100644 --- a/Makefile.am +++ b/Makefile.am @@ -564,7 +564,7 @@ EXTRA_DIST += \ tests/test.drv \ tests/signing-key.pub \ tests/signing-key.sec \ - tests/cve-sample.xml \ + tests/cve-sample.json \ build-aux/config.rpath \ bootstrap \ doc/build.scm \ diff --git a/doc/build.scm b/doc/build.scm index b6a921c421..81bb94670a 100644 --- a/doc/build.scm +++ b/doc/build.scm @@ -51,6 +51,12 @@ (define info-manual (@@ (guix self) info-manual)) +(define %manual + ;; The manual to build--i.e., the base name of a .texi file, such as "guix" + ;; or "guix-cookbook". + (or (getenv "GUIX_MANUAL") + "guix")) + (define %languages '("de" "en" "es" "fr" "ru" "zh_CN")) @@ -164,7 +170,9 @@ as well as images, OS examples, and translations." (define %makeinfo-html-options ;; Options passed to 'makeinfo --html'. - '("--css-ref=https://www.gnu.org/software/gnulib/manual.css")) + '("--css-ref=https://www.gnu.org/software/gnulib/manual.css" + "-c" "EXTRA_HEAD=<meta name=\"viewport\" \ +content=\"width=device-width, initial-scale=1\" />")) (define guile-lib/htmlprag-fixed ;; Guile-Lib with a hotfix for (htmlprag). @@ -359,7 +367,7 @@ its <pre class=\"lisp\"> blocks (as produced by 'makeinfo --html')." (define* (html-manual source #:key (languages %languages) (version "0.0") - (manual "guix") + (manual %manual) (date 1) (options %makeinfo-html-options)) "Return the HTML manuals built from SOURCE for all LANGUAGES, with the given @@ -386,6 +394,13 @@ makeinfo OPTIONS." (chr chr)) (string-downcase language))) + (define (language->texi-file-name language) + (if (string=? language "en") + (string-append #$manual-source "/" + #$manual ".texi") + (string-append #$manual-source "/" + #$manual "." language ".texi"))) + ;; Install a UTF-8 locale so that 'makeinfo' is at ease. (setenv "GUIX_LOCPATH" #+(file-append glibc-utf8-locales "/lib/locale")) @@ -395,15 +410,12 @@ makeinfo OPTIONS." (setvbuf (current-error-port) 'line) (for-each (lambda (language) - (let ((opts `("--html" - "-c" ,(string-append "TOP_NODE_UP_URL=/manual/" + (let* ((texi (language->texi-file-name language)) + (opts `("--html" + "-c" ,(string-append "TOP_NODE_UP_URL=/manual/" language) - #$@options - ,(if (string=? language "en") - (string-append #$manual-source "/" - #$manual ".texi") - (string-append #$manual-source "/" - #$manual "." language ".texi"))))) + #$@options + ,texi))) (format #t "building HTML manual for language '~a'...~%" language) (mkdir-p (string-append #$output "/" @@ -433,7 +445,8 @@ makeinfo OPTIONS." (symlink #$images (string-append #$output "/" (normalize language) "/html_node/images")))) - '#$languages)))) + (filter (compose file-exists? language->texi-file-name) + '#$languages))))) (let* ((name (string-append manual "-html-manual")) (manual (computed-file name build))) @@ -442,7 +455,7 @@ makeinfo OPTIONS." (define* (pdf-manual source #:key (languages %languages) (version "0.0") - (manual "guix") + (manual %manual) (date 1) (options '())) "Return the HTML manuals built from SOURCE for all LANGUAGES, with the given @@ -570,7 +583,10 @@ from SOURCE." (define* (html-manual-indexes source #:key (languages %languages) (version "0.0") - (manual "guix") + (manual %manual) + (title (if (string=? "guix" manual) + "GNU Guix Reference Manual" + "GNU Guix Cookbook")) (date 1)) (define build (with-extensions (list guile-json-3) @@ -674,7 +690,7 @@ from SOURCE." (define (language-index language) (define title - (translate "GNU Guix Reference Manual" language)) + (translate #$title language)) (sxml-index language title @@ -732,8 +748,7 @@ from SOURCE." %iso639-languages))) (define (top-level-index languages) - (define title - "GNU Guix Reference Manual") + (define title #$title) (sxml-index "en" title `(main @@ -741,7 +756,7 @@ from SOURCE." (@ (class "page centered-block limit-width")) (h2 ,title) (div - "The GNU Guix Reference Manual is available in the following + "This document is available in the following languages:\n" (ul ,@(map (lambda (language) @@ -782,7 +797,7 @@ languages:\n" #:key (languages %languages) (version "0.0") (date (time-second (current-time time-utc))) - (manual "guix")) + (manual %manual)) "Return the union of the HTML and PDF manuals, as well as the indexes." (directory-union (string-append manual "-manual") (map (lambda (proc) diff --git a/doc/guix.texi b/doc/guix.texi index 6eccbb971f..746561ed97 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9484,7 +9484,7 @@ that limit has been reset. @cindex CVE, Common Vulnerabilities and Exposures Report known vulnerabilities found in the Common Vulnerabilities and Exposures (CVE) databases of the current and past year -@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US +@uref{https://nvd.nist.gov/vuln/data-feeds, published by the US NIST}. To view information about a particular vulnerability, visit pages such as: @@ -9501,7 +9501,7 @@ where @code{CVE-YYYY-ABCD} is the CVE identifier---e.g., @code{CVE-2015-7554}. Package developers can specify in package recipes the -@uref{https://nvd.nist.gov/cpe.cfm,Common Platform Enumeration (CPE)} +@uref{https://nvd.nist.gov/products/cpe,Common Platform Enumeration (CPE)} name and version of the package when they differ from the name or version that Guix uses, as in this example: @@ -14193,16 +14193,43 @@ Relogin after logout. @cindex login manager @cindex X11 login -@deffn {Scheme Procedure} sddm-service config -Return a service that spawns the SDDM graphical login manager for config of -type @code{<sddm-configuration>}. +@defvr {Scheme Variable} sddm-service-type +This is the type of the service to run the +@uref{https://github.com/sddm/sddm,SSDM display manager}. Its value +must be a @code{sddm-configuration} record (see below). -@example - (sddm-service (sddm-configuration - (auto-login-user "Alice") - (auto-login-session "xfce.desktop"))) -@end example -@end deffn +Here's an example use: + +@lisp +(service sddm-service-type + (sddm-configuration + (auto-login-user "alice") + (auto-login-session "xfce.desktop"))) +@end lisp +@end defvr + +@deftp {Data Type} sddm-configuration +This data type represents the configuration of the SDDM login manager. +The available fields are: + +@table @asis +@item @code{sddm} (default: @code{sddm}) +The SDDM package to use. + +@item @code{display-server} (default: @code{"x11"}) +This must be either @code{"x11"} or @code{"wayland"}. + +@c FIXME: Add more fields. + +@item @code{auto-login-user} (default: @code{""}) +If non-empty, this is the user account under which to log in +automatically. + +@item @code{auto-login-session} (default: @code{""}) +If non-empty, this is the @file{.desktop} file name to use as the +auto-login session. +@end table +@end deftp @cindex Xorg, configuration @deftp {Data Type} xorg-configuration @@ -24546,6 +24573,10 @@ The type of device to connect to. Run @command{inputattach --help}, from the @item @code{device} (default: @code{"/dev/ttyS0"}) The device file to connect to the device. +@item @code{baud-rate} (default: @code{#f}) +Baud rate to use for the serial connection. +Should be a number or @code{#f}. + @item @code{log-file} (default: @code{#f}) If true, this must be the name of a file to log messages to. @end table @@ -25973,12 +26004,10 @@ The object of the operating system configuration to deploy. @item @code{environment} An @code{environment-type} describing how the machine should be provisioned. -At the moment, the only supported value is -@code{managed-host-environment-type}. @item @code{configuration} (default: @code{#f}) An object describing the configuration for the machine's @code{environment}. -If the @code{environment} has a default configuration, @code{#f} maybe used. +If the @code{environment} has a default configuration, @code{#f} may be used. If @code{#f} is used for an environment with no default configuration, however, an error will be thrown. @end table @@ -26006,6 +26035,26 @@ remote host. @end table @end deftp +@deftp {Data Type} digital-ocean-configuration +This is the data type describing the Droplet that should be created for a +machine with an @code{environment} of @code{digital-ocean-environment-type}. + +@table @asis +@item @code{ssh-key} +The path to the SSH private key to use to authenticate with the remote +host. In the future, this field may not exist. +@item @code{tags} +A list of string ``tags'' that uniquely identify the machine. Must be given +such that no two machines in the deployment have the same set of tags. +@item @code{region} +A Digital Ocean region slug, such as @code{"nyc3"}. +@item @code{size} +A Digital Ocean size slug, such as @code{"s-1vcpu-1gb"} +@item @code{enable-ipv6?} +Whether or not the droplet should be created with IPv6 networking. +@end table +@end deftp + @node Running Guix in a VM @section Running Guix in a Virtual Machine diff --git a/gnu/local.mk b/gnu/local.mk index 7f690598c0..c6ddbf4e99 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -425,6 +425,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/ruby.scm \ %D%/packages/rush.scm \ %D%/packages/rust.scm \ + %D%/packages/rust-cbindgen.scm \ %D%/packages/samba.scm \ %D%/packages/sagemath.scm \ %D%/packages/sawfish.scm \ @@ -580,6 +581,7 @@ GNU_SYSTEM_MODULES = \ %D%/system/vm.scm \ \ %D%/machine.scm \ + %D%/machine/digital-ocean.scm \ %D%/machine/ssh.scm \ \ %D%/build/accounts.scm \ @@ -704,6 +706,7 @@ dist_patch_DATA = \ %D%/packages/patches/ath9k-htc-firmware-objcopy.patch \ %D%/packages/patches/audacity-build-with-system-portaudio.patch \ %D%/packages/patches/automake-skip-amhello-tests.patch \ + %D%/packages/patches/avahi-CVE-2018-1000845.patch \ %D%/packages/patches/avahi-localstatedir.patch \ %D%/packages/patches/avogadro-boost148.patch \ %D%/packages/patches/avogadro-eigen3-update.patch \ @@ -1321,12 +1324,14 @@ dist_patch_DATA = \ %D%/packages/patches/rust-coresimd-doctest.patch \ %D%/packages/patches/rust-reproducible-builds.patch \ %D%/packages/patches/rxvt-unicode-escape-sequences.patch \ + %D%/packages/patches/sbcl-graph-asdf-definitions.patch \ %D%/packages/patches/scalapack-blacs-mpi-deprecations.patch \ %D%/packages/patches/scheme48-tests.patch \ %D%/packages/patches/scotch-build-parallelism.patch \ %D%/packages/patches/scotch-integer-declarations.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/sdl2-mesa-compat.patch \ + %D%/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ %D%/packages/patches/sharutils-CVE-2018-1000097.patch \ %D%/packages/patches/shishi-fix-libgcrypt-detection.patch \ @@ -1419,6 +1424,7 @@ dist_patch_DATA = \ %D%/packages/patches/wavpack-CVE-2018-6767.patch \ %D%/packages/patches/wavpack-CVE-2018-7253.patch \ %D%/packages/patches/wavpack-CVE-2018-7254.patch \ + %D%/packages/patches/weasyprint-library-paths.patch \ %D%/packages/patches/wicd-bitrate-none-fix.patch \ %D%/packages/patches/wicd-get-selected-profile-fix.patch \ %D%/packages/patches/wicd-urwid-1.3.patch \ diff --git a/gnu/machine/digital-ocean.scm b/gnu/machine/digital-ocean.scm new file mode 100644 index 0000000000..6f7cf8fb30 --- /dev/null +++ b/gnu/machine/digital-ocean.scm @@ -0,0 +1,422 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019 Jakob L. Kreuze <zerodaysfordays@sdf.lonestar.org> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu machine digital-ocean) + #:use-module (gnu machine ssh) + #:use-module (gnu machine) + #:use-module (gnu services) + #:use-module (gnu services networking) + #:use-module (gnu system) + #:use-module (gnu system pam) + #:use-module (guix base32) + #:use-module (guix derivations) + #:use-module (guix i18n) + #:use-module (guix import json) + #:use-module (guix monads) + #:use-module (guix records) + #:use-module (guix ssh) + #:use-module (guix store) + #:use-module (ice-9 iconv) + #:use-module (json) + #:use-module (rnrs bytevectors) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-2) + #:use-module (srfi srfi-34) + #:use-module (srfi srfi-35) + #:use-module (ssh key) + #:use-module (ssh sftp) + #:use-module (ssh shell) + #:use-module (web client) + #:use-module (web request) + #:use-module (web response) + #:use-module (web uri) + #:export (digital-ocean-configuration + digital-ocean-configuration? + + digital-ocean-configuration-ssh-key + digital-ocean-configuration-tags + digital-ocean-configuration-region + digital-ocean-configuration-size + digital-ocean-configuration-enable-ipv6? + + digital-ocean-environment-type)) + +;;; Commentary: +;;; +;;; This module implements a high-level interface for provisioning "droplets" +;;; from the Digital Ocean virtual private server (VPS) service. +;;; +;;; Code: + +(define %api-base "https://api.digitalocean.com") + +(define %digital-ocean-token + (make-parameter (getenv "GUIX_DIGITAL_OCEAN_TOKEN"))) + +(define* (post-endpoint endpoint body) + "Encode BODY as JSON and send it to the Digital Ocean API endpoint +ENDPOINT. This procedure is quite a bit more specialized than 'http-post', as +it takes care to set headers such as 'Content-Type', 'Content-Length', and +'Authorization' appropriately." + (let* ((uri (string->uri (string-append %api-base endpoint))) + (body (string->bytevector (scm->json-string body) "UTF-8")) + (headers `((User-Agent . "Guix Deploy") + (Accept . "application/json") + (Content-Type . "application/json") + (Authorization . ,(format #f "Bearer ~a" + (%digital-ocean-token))) + (Content-Length . ,(number->string + (bytevector-length body))))) + (port (open-socket-for-uri uri)) + (request (build-request uri + #:method 'POST + #:version '(1 . 1) + #:headers headers + #:port port)) + (request (write-request request port))) + (write-request-body request body) + (force-output (request-port request)) + (let* ((response (read-response port)) + (body (read-response-body response))) + (unless (= 2 (floor/ (response-code response) 100)) + (raise + (condition (&message + (message (format + #f + (G_ "~a: HTTP post failed: ~a (~s)") + (uri->string uri) + (response-code response) + (response-reason-phrase response))))))) + (close-port port) + (bytevector->string body "UTF-8")))) + +(define (fetch-endpoint endpoint) + "Return the contents of the Digital Ocean API endpoint ENDPOINT as an +alist. This procedure is quite a bit more specialized than 'json-fetch', as it +takes care to set headers such as 'Accept' and 'Authorization' appropriately." + (define headers + `((user-agent . "Guix Deploy") + (Accept . "application/json") + (Authorization . ,(format #f "Bearer ~a" (%digital-ocean-token))))) + (json-fetch (string-append %api-base endpoint) #:headers headers)) + + +;;; +;;; Parameters for droplet creation. +;;; + +(define-record-type* <digital-ocean-configuration> digital-ocean-configuration + make-digital-ocean-configuration + digital-ocean-configuration? + this-digital-ocean-configuration + (ssh-key digital-ocean-configuration-ssh-key) ; string + (tags digital-ocean-configuration-tags) ; list of strings + (region digital-ocean-configuration-region) ; string + (size digital-ocean-configuration-size) ; string + (enable-ipv6? digital-ocean-configuration-enable-ipv6?)) ; boolean + +(define (read-key-fingerprint file-name) + "Read the private key at FILE-NAME and return the key's fingerprint as a hex +string." + (let* ((privkey (private-key-from-file file-name)) + (pubkey (private-key->public-key privkey)) + (hash (get-public-key-hash pubkey 'md5))) + (bytevector->hex-string hash))) + +(define (machine-droplet machine) + "Return an alist describing the droplet allocated to MACHINE." + (let ((tags (digital-ocean-configuration-tags + (machine-configuration machine)))) + (find (lambda (droplet) + (equal? (assoc-ref droplet "tags") (list->vector tags))) + (vector->list + (assoc-ref (fetch-endpoint "/v2/droplets") "droplets"))))) + +(define (machine-public-ipv4-network machine) + "Return the public IPv4 network interface of the droplet allocated to +MACHINE as an alist. The expected fields are 'ip_address', 'netmask', and +'gateway'." + (and-let* ((droplet (machine-droplet machine)) + (networks (assoc-ref droplet "networks")) + (network (find (lambda (network) + (string= "public" (assoc-ref network "type"))) + (vector->list (assoc-ref networks "v4"))))) + network)) + + +;;; +;;; Remote evaluation. +;;; + +(define (digital-ocean-remote-eval target exp) + "Internal implementation of 'machine-remote-eval' for MACHINE instances with +an environment type of 'digital-ocean-environment-type'." + (let* ((network (machine-public-ipv4-network target)) + (address (assoc-ref network "ip_address")) + (ssh-key (digital-ocean-configuration-ssh-key + (machine-configuration target))) + (delegate (machine + (inherit target) + (environment managed-host-environment-type) + (configuration + (machine-ssh-configuration + (host-name address) + (identity ssh-key) + (system "x86_64-linux")))))) + (machine-remote-eval delegate exp))) + + +;;; +;;; System deployment. +;;; + +;; The following script was adapted from the guide available at +;; <https://wiki.pantherx.org/Installation-digital-ocean/>. +(define (guix-infect network) + "Given NETWORK, an alist describing the Droplet's public IPv4 network +interface, return a Bash script that will install the Guix system." + (format #f "#!/bin/bash + +apt-get update +apt-get install xz-utils -y +wget https://ftp.gnu.org/gnu/guix/guix-binary-1.0.1.x86_64-linux.tar.xz +cd /tmp +tar --warning=no-timestamp -xf ~~/guix-binary-1.0.1.x86_64-linux.tar.xz +mv var/guix /var/ && mv gnu / +mkdir -p ~~root/.config/guix +ln -sf /var/guix/profiles/per-user/root/current-guix ~~root/.config/guix/current +export GUIX_PROFILE=\"`echo ~~root`/.config/guix/current\" ; +source $GUIX_PROFILE/etc/profile +groupadd --system guixbuild +for i in `seq -w 1 10`; do + useradd -g guixbuild -G guixbuild \ + -d /var/empty -s `which nologin` \ + -c \"Guix build user $i\" --system \ + guixbuilder$i; +done; +cp ~~root/.config/guix/current/lib/systemd/system/guix-daemon.service /etc/systemd/system/ +systemctl start guix-daemon && systemctl enable guix-daemon +mkdir -p /usr/local/bin +cd /usr/local/bin +ln -s /var/guix/profiles/per-user/root/current-guix/bin/guix +mkdir -p /usr/local/share/info +cd /usr/local/share/info +for i in /var/guix/profiles/per-user/root/current-guix/share/info/*; do + ln -s $i; +done +guix archive --authorize < ~~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub +# guix pull +guix package -i glibc-utf8-locales +export GUIX_LOCPATH=\"$HOME/.guix-profile/lib/locale\" +guix package -i openssl +cat > /etc/bootstrap-config.scm << EOF +(use-modules (gnu)) +(use-service-modules networking ssh) + +(operating-system + (host-name \"gnu-bootstrap\") + (timezone \"Etc/UTC\") + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (target \"/dev/vda\") + (terminal-outputs '(console)))) + (file-systems (cons (file-system + (mount-point \"/\") + (device \"/dev/vda1\") + (type \"ext4\")) + %base-file-systems)) + (services + (append (list (static-networking-service \"eth0\" \"~a\" + #:netmask \"~a\" + #:gateway \"~a\" + #:name-servers '(\"84.200.69.80\" \"84.200.70.40\")) + (simple-service 'guile-load-path-in-global-env + session-environment-service-type + \\`((\"GUILE_LOAD_PATH\" + . \"/run/current-system/profile/share/guile/site/2.2\") + (\"GUILE_LOAD_COMPILED_PATH\" + . ,(string-append \"/run/current-system/profile/lib/guile/2.2/site-ccache:\" + \"/run/current-system/profile/share/guile/site/2.2\")))) + (service openssh-service-type + (openssh-configuration + (log-level 'debug) + (permit-root-login 'without-password)))) + %base-services))) +EOF +# guix pull +guix system build /etc/bootstrap-config.scm +guix system reconfigure /etc/bootstrap-config.scm +mv /etc /old-etc +mkdir /etc +cp -r /old-etc/{passwd,group,shadow,gshadow,mtab,guix,bootstrap-config.scm} /etc/ +guix system reconfigure /etc/bootstrap-config.scm" + (assoc-ref network "ip_address") + (assoc-ref network "netmask") + (assoc-ref network "gateway"))) + +(define (machine-wait-until-available machine) + "Block until the initial Debian image has been installed on the droplet +named DROPLET-NAME." + (and-let* ((droplet (machine-droplet machine)) + (droplet-id (assoc-ref droplet "id")) + (endpoint (format #f "/v2/droplets/~a/actions" droplet-id))) + (let loop () + (let ((actions (assoc-ref (fetch-endpoint endpoint) "actions"))) + (unless (every (lambda (action) + (string= "completed" (assoc-ref action "status"))) + (vector->list actions)) + (sleep 5) + (loop)))))) + +(define (wait-for-ssh address ssh-key) + "Block until the an SSH session can be made as 'root' with SSH-KEY at ADDRESS." + (let loop () + (catch #t + (lambda () + (open-ssh-session address #:user "root" #:identity ssh-key)) + (lambda args + (sleep 5) + (loop))))) + +(define (add-static-networking target network) + "Return an <operating-system> based on TARGET with a static networking +configuration for the public IPv4 network described by the alist NETWORK." + (operating-system + (inherit (machine-operating-system target)) + (services (cons* (static-networking-service "eth0" + (assoc-ref network "ip_address") + #:netmask (assoc-ref network "netmask") + #:gateway (assoc-ref network "gateway") + #:name-servers '("84.200.69.80" "84.200.70.40")) + (simple-service 'guile-load-path-in-global-env + session-environment-service-type + `(("GUILE_LOAD_PATH" + . "/run/current-system/profile/share/guile/site/2.2") + ("GUILE_LOAD_COMPILED_PATH" + . ,(string-append "/run/current-system/profile/lib/guile/2.2/site-ccache:" + "/run/current-system/profile/share/guile/site/2.2")))) + (operating-system-user-services + (machine-operating-system target)))))) + +(define (deploy-digital-ocean target) + "Internal implementation of 'deploy-machine' for 'machine' instances with an +environment type of 'digital-ocean-environment-type'." + (maybe-raise-missing-api-key-error) + (maybe-raise-unsupported-configuration-error target) + (let* ((config (machine-configuration target)) + (name (machine-display-name target)) + (region (digital-ocean-configuration-region config)) + (size (digital-ocean-configuration-size config)) + (ssh-key (digital-ocean-configuration-ssh-key config)) + (fingerprint (read-key-fingerprint ssh-key)) + (enable-ipv6? (digital-ocean-configuration-enable-ipv6? config)) + (tags (digital-ocean-configuration-tags config)) + (request-body `(("name" . ,name) + ("region" . ,region) + ("size" . ,size) + ("image" . "debian-9-x64") + ("ssh_keys" . ,(vector fingerprint)) + ("backups" . #f) + ("ipv6" . ,enable-ipv6?) + ("user_data" . #nil) + ("private_networking" . #nil) + ("volumes" . #nil) + ("tags" . ,(list->vector tags)))) + (response (post-endpoint "/v2/droplets" request-body))) + (machine-wait-until-available target) + (let* ((network (machine-public-ipv4-network target)) + (address (assoc-ref network "ip_address"))) + (wait-for-ssh address ssh-key) + (let* ((ssh-session (open-ssh-session address #:user "root" #:identity ssh-key)) + (sftp-session (make-sftp-session ssh-session))) + (call-with-remote-output-file sftp-session "/tmp/guix-infect.sh" + (lambda (port) + (display (guix-infect network) port))) + (rexec ssh-session "/bin/bash /tmp/guix-infect.sh") + ;; Session will close upon rebooting, which will raise 'guile-ssh-error. + (catch 'guile-ssh-error + (lambda () (rexec ssh-session "reboot")) + (lambda args #t))) + (wait-for-ssh address ssh-key) + (let ((delegate (machine + (operating-system (add-static-networking target network)) + (environment managed-host-environment-type) + (configuration + (machine-ssh-configuration + (host-name address) + (identity ssh-key) + (system "x86_64-linux")))))) + (deploy-machine delegate))))) + + +;;; +;;; Roll-back. +;;; + +(define (roll-back-digital-ocean target) + "Internal implementation of 'roll-back-machine' for MACHINE instances with an +environment type of 'digital-ocean-environment-type'." + (let* ((network (machine-public-ipv4-network target)) + (address (assoc-ref network "ip_address")) + (ssh-key (digital-ocean-configuration-ssh-key + (machine-configuration target))) + (delegate (machine + (inherit target) + (environment managed-host-environment-type) + (configuration + (machine-ssh-configuration + (host-name address) + (identity ssh-key) + (system "x86_64-linux")))))) + (roll-back-machine delegate))) + + +;;; +;;; Environment type. +;;; + +(define digital-ocean-environment-type + (environment-type + (machine-remote-eval digital-ocean-remote-eval) + (deploy-machine deploy-digital-ocean) + (roll-back-machine roll-back-digital-ocean) + (name 'digital-ocean-environment-type) + (description "Provisioning of \"droplets\": virtual machines + provided by the Digital Ocean virtual private server (VPS) service."))) + + +(define (maybe-raise-missing-api-key-error) + (unless (%digital-ocean-token) + (raise (condition + (&message + (message (G_ "No Digital Ocean access token was provided. This \ +may be fixed by setting the environment variable GUIX_DIGITAL_OCAEN_TOKEN to \ +one procured from https://cloud.digitalocean.com/account/api/tokens."))))))) + +(define (maybe-raise-unsupported-configuration-error machine) + "Raise an error if MACHINE's configuration is not an instance of +<digital-ocean-configuration>." + (let ((config (machine-configuration machine)) + (environment (environment-type-name (machine-environment machine)))) + (unless (and config (digital-ocean-configuration? config)) + (raise (condition + (&message + (message (format #f (G_ "unsupported machine configuration '~a' +for environment of type '~a'") + config + environment)))))))) diff --git a/gnu/packages/assembly.scm b/gnu/packages/assembly.scm index 26a6d23a8a..50f798ba83 100644 --- a/gnu/packages/assembly.scm +++ b/gnu/packages/assembly.scm @@ -99,6 +99,10 @@ has strong support for macros.") (base32 "0gv0slmm0qpq91za3v2v9glff3il594x5xsrbgab7xcmnh0ndkix")))) (build-system gnu-build-system) + (arguments + '(#:parallel-tests? #f)) ; Some tests fail + ; non-deterministically when run in + ; parallel (inputs `(("python" ,python-wrapper) ("xmlto" ,xmlto))) diff --git a/gnu/packages/avahi.scm b/gnu/packages/avahi.scm index e71ffc2982..e84fed6a71 100644 --- a/gnu/packages/avahi.scm +++ b/gnu/packages/avahi.scm @@ -35,6 +35,7 @@ (package (name "avahi") (version "0.7") + (replacement avahi/fixed) (home-page "http://avahi.org") (source (origin (method url-fetch) @@ -74,6 +75,17 @@ network. It is an implementation of the mDNS (for \"Multicast DNS\") and DNS-SD (for \"DNS-Based Service Discovery\") protocols.") (license lgpl2.1+))) +(define avahi/fixed + (package + (inherit avahi) + (source (origin + (inherit (package-source avahi)) + (patches + (append (search-patches "avahi-CVE-2018-1000845.patch") + (origin-patches (package-source avahi)))))) + ;; Hide a duplicate of the CVE fixed above. + (properties `((lint-hidden-cve . ("CVE-2017-6519")))))) + (define-public nss-mdns (package (name "nss-mdns") diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index a4a087728f..fc43f93d7d 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -14,7 +14,6 @@ ;;; Copyright © 2018, 2019 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2019 Alex Vong <alexvong1995@gmail.com> ;;; Copyright © 2019 Marius Bakke <mbakke@fastmail.com> -;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; diff --git a/gnu/packages/bioconductor.scm b/gnu/packages/bioconductor.scm index cf5097a74e..6467fecb8c 100644 --- a/gnu/packages/bioconductor.scm +++ b/gnu/packages/bioconductor.scm @@ -4568,14 +4568,14 @@ based on @dfn{Continuous Wavelet Transform} (CWT).") (define-public r-xcms (package (name "r-xcms") - (version "3.6.1") + (version "3.6.2") (source (origin (method url-fetch) (uri (bioconductor-uri "xcms" version)) (sha256 (base32 - "06vhqvvzlkc5bslswagrapmn5ag3x84xg9gxk0fhlmgwapqwki1g")))) + "0icww3f1kahyk96mc07yhsbyiranzm2614n509as09jf8bdhq23v")))) (build-system r-build-system) (propagated-inputs `(("r-biobase" ,r-biobase) diff --git a/gnu/packages/ci.scm b/gnu/packages/ci.scm index 5807c8b68c..f9dae5fd66 100644 --- a/gnu/packages/ci.scm +++ b/gnu/packages/ci.scm @@ -47,8 +47,8 @@ #:use-module (guix build-system gnu)) (define-public cuirass - (let ((commit "d27ff21e430cd38b02bd70a0dc8d60c9c2736f83") - (revision "24")) + (let ((commit "80b6e89a7b2e9a6f9dee26dcf22277970930039f") + (revision "25")) (package (name "cuirass") (version (string-append "0.0.1-" revision "." (string-take commit 7))) @@ -60,7 +60,7 @@ (file-name (string-append name "-" version)) (sha256 (base32 - "166xl9zfy7dm645fk2ln45bvw0y0gy0xw8fb7mprbjz8v95dh27p")))) + "0m7g7wqa1l8gab8pcyi43a6w6rxhaqbpsrwlnadwsds1b95x9bka")))) (build-system gnu-build-system) (arguments '(#:modules ((guix build utils) diff --git a/gnu/packages/cpp.scm b/gnu/packages/cpp.scm index 6aac60d284..f40f547781 100644 --- a/gnu/packages/cpp.scm +++ b/gnu/packages/cpp.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2018 Fis Trivial <ybbs.daans@hotmail.com> ;;; Copyright © 2018 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> +;;; Copyright © 2019 Pierre Neidhardt <mail@ambrevar.xyz> ;;; ;;; This file is part of GNU Guix. ;;; @@ -33,6 +34,7 @@ #:use-module (gnu packages code) #:use-module (gnu packages compression) #:use-module (gnu packages llvm) + #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages tls) #:use-module (gnu packages web)) @@ -313,3 +315,38 @@ code analysis and supports cross references, hierarchies, completion and syntax highlighting. @code{ccls} is derived from @code{cquery} which is not maintained anymore.") (license license:asl2.0))) + +(define-public gperftools + (package + (name "gperftools") + (version "2.7") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/gperftools/gperftools") + (commit (string-append "gperftools-" version)))) + (sha256 + (base32 "0amvwrzn5qc0b0jpxpy5g6zkmj97zjh4hhjrd130hsg2lwwcwhy1")) + (file-name (git-file-name name version)))) + (build-system gnu-build-system) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool) + ;; For tests: + ("perl" ,perl))) + (home-page "https://github.com/gperftools/gperftools") + (synopsis "Multi-threaded malloc() and performance analysis tools for C++") + (description + "@code{gperftools} is a collection of a high-performance multi-threaded +malloc() implementation plus some thread-friendly performance analysis +tools: + +@itemize +@item tcmalloc, +@item heap profiler, +@item heap checker, +@item CPU checker. +@end itemize\n") + (license license:bsd-3))) diff --git a/gnu/packages/cran.scm b/gnu/packages/cran.scm index 82a65d09f2..d3d6f7f4f0 100644 --- a/gnu/packages/cran.scm +++ b/gnu/packages/cran.scm @@ -3089,14 +3089,13 @@ color labels, layout, etc.") (define-public r-stringdist (package (name "r-stringdist") - (version "0.9.5.3") + (version "0.9.5.5") (source (origin (method url-fetch) (uri (cran-uri "stringdist" version)) (sha256 - (base32 - "1vbhn6qwj3bzplhq06bw1yqqq1qpf1zinnj27cr7pf1nqsbyx2nq")))) + (base32 "1dqfakclzaf878x7mhwmqrcpcql2h9cv19fz5f3ygpajf3si5kqi")))) (build-system r-build-system) (home-page "https://github.com/markvanderloo/stringdist") (synopsis "Approximate string matching and string distance functions") @@ -8728,21 +8727,20 @@ and related methods.") (define-public r-rcppgsl (package (name "r-rcppgsl") - (version "0.3.6") + (version "0.3.7") (source (origin (method url-fetch) (uri (cran-uri "RcppGSL" version)) (sha256 - (base32 - "16pdapq31729db53agnb48jkvdm97167n3bigy5zazc3q3isis1m")))) + (base32 "0cnw2k7cfqrm79r6j283aybflxig80x4n4rjkfp2317wf10mrsa5")))) (properties `((upstream-name . "RcppGSL"))) (build-system r-build-system) (propagated-inputs `(("r-rcpp" ,r-rcpp) ("gsl" ,gsl))) (native-inputs - `(("r-knitr" ,r-knitr))) ; for vignettes + `(("r-knitr" ,r-knitr))) ; for vignettes (home-page "https://cran.r-project.org/web/packages/RcppGSL/") (synopsis "Rcpp integration for GSL vectors and matrices") (description diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm index 76d15f4c59..13237fb8a8 100644 --- a/gnu/packages/cross-base.scm +++ b/gnu/packages/cross-base.scm @@ -454,7 +454,9 @@ target that libc." "Return LIBC cross-built for TARGET, a GNU triplet. Use XGCC and XBINUTILS and the cross tool chain." (if (cross-newlib? target libc) - (native-libc target libc) + (native-libc target libc + #:xgcc xgcc + #:xbinutils xbinutils) (let ((libc libc)) (package (inherit libc) (name (string-append "glibc-cross-" target)) @@ -511,10 +513,15 @@ and the cross tool chain." (define* (native-libc target #:optional - (libc glibc)) + (libc glibc) + #:key + xgcc + xbinutils) (if (target-mingw? target) (let ((machine (substring target 0 (string-index target #\-)))) - (make-mingw-w64 machine)) + (make-mingw-w64 machine + #:xgcc xgcc + #:xbinutils xbinutils)) libc)) (define* (cross-newlib? target diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index f32728b902..9373f7d9a9 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -216,6 +216,68 @@ standard Go idioms.") (home-page "http://labix.org/mgo") (license license:bsd-2))) +(define-public ephemeralpg + (package + (name "ephemeralpg") + (version "2.8") + (source + (origin + (method url-fetch) + (uri (string-append + "http://eradman.com/ephemeralpg/code/ephemeralpg-" + version ".tar.gz")) + (sha256 + (base32 "1dpfxsd8a52psx3zlfbqkw53m35w28qwyb87a8anz143x6gnkkr4")))) + (build-system gnu-build-system) + (arguments + '(#:make-flags (list "CC=gcc" + (string-append "PREFIX=" %output)) + #:phases + (modify-phases %standard-phases + (delete 'configure) + (replace 'check + (lambda* (#:key inputs #:allow-other-keys) + ;; The intention for one test is to test without PostgreSQL on + ;; the $PATH, so replace the test $PATH with just the util-linux + ;; bin, which contains getopt. It will hopefully be possible to + ;; remove this for releases after 2.8. + (substitute* "test.rb" + (("/bin:/usr/bin") + (string-append (assoc-ref inputs "util-linux") + "/bin"))) + ;; Set the LC_ALL=C as some tests use sort, and the locale + ;; affects the order. It will hopefully be possible to remove + ;; this for releases after 2.8. + (setenv "LC_ALL" "C") + (invoke "ruby" "test.rb") + #t)) + (add-after 'install 'wrap + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (wrap-program (string-append out "/bin/pg_tmp") + `("PATH" ":" prefix + (,(string-append (assoc-ref inputs "util-linux") + "/bin") + ,(string-append (assoc-ref inputs "postgresql") + "/bin") + ;; For getsocket + ,(string-append out "/bin"))))) + #t))))) + (inputs + `(("postgresql" ,postgresql) + ("util-linux" ,util-linux))) + (native-inputs + `(("ruby" ,ruby))) + (home-page "http://eradman.com/ephemeralpg/") + (synopsis "Run temporary PostgreSQL databases") + (description + "@code{pg_tmp} creates temporary PostgreSQL databases, suitable for tasks +like running software test suites. Temporary databases created with +@code{pg_tmp} have a limited shared memory footprint and are automatically +garbage-collected after a configurable number of seconds (the default is +60).") + (license license:isc))) + (define-public es-dump-restore (package (name "es-dump-restore") @@ -436,7 +498,7 @@ replacement for the code@{python-memcached} library.") (search-patch "mongodb-support-unknown-linux-distributions.patch"))))) (build-system scons-build-system) (inputs - `(("openssl" ,openssl) + `(("openssl" ,openssl-1.0) ("pcre" ,pcre) ,@(match (%current-system) ((or "x86_64-linux" "aarch64-linux" "mips64el-linux") @@ -476,6 +538,15 @@ replacement for the code@{python-memcached} library.") ,(format #f "--jobs=~a" (parallel-job-count)) "--ssl"))) (modify-phases %standard-phases + (add-after 'unpack 'patch + (lambda _ + ;; Remove use of GNU extensions in parse_number_test.cpp, to + ;; allow compiling with GCC 7 or later + ;; https://jira.mongodb.org/browse/SERVER-28063 + (substitute* "src/mongo/base/parse_number_test.cpp" + (("0xabcab\\.defdefP-10") + "687.16784283419838")) + #t)) (add-after 'unpack 'scons-propagate-environment (lambda _ ;; Modify the SConstruct file to arrange for diff --git a/gnu/packages/emacs-xyz.scm b/gnu/packages/emacs-xyz.scm index 671ee89d7c..2a77abd505 100644 --- a/gnu/packages/emacs-xyz.scm +++ b/gnu/packages/emacs-xyz.scm @@ -7541,6 +7541,31 @@ end of a line and increment or decrement it.") a popup window for previewing candidates.") (license license:gpl3+)))) +(define-public emacs-evil-args + (let ((commit "758ad5ae54ad34202064fec192c88151c08cb387") + (revision "1")) + (package + (name "emacs-evil-args") + (version (git-version "1.0" revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/wcsmith/evil-args.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0k35glgsirc3cph8v5hhjrqfh4ndwh8a28qbr03y3jl8s453xcj7")))) + (build-system emacs-build-system) + (propagated-inputs `(("emacs-evil" ,emacs-evil))) + (home-page "https://github.com/wcsmith/evil-args") + (synopsis "Motions and text objects for delimited arguments in Evil") + (description + "This package provides motions and text objects for delimited +arguments, such as arguments separated by commas and semicolons.") + (license license:expat)))) + (define-public emacs-evil-exchange (let ((commit "47691537815150715e64e6f6ec79be7746c96120") (version "0.41") @@ -11602,6 +11627,34 @@ close, copy, cut, paste, undo, redo.") standard Unix password manager\").") (license license:gpl2+))) +(define-public emacs-auth-source-pass + (let ((commit "847a1f54ed48856b4dfaaa184583ef2c84173edf") + (revision "1")) + (package + (name "emacs-auth-source-pass") + (version (git-version "5.0.0" revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/NicolasPetton/auth-password-store.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 "0g48z5w6n3c54zqfpx65dfyl9jqbl15idvbb1hhw2pd9f9r8fykk")))) + (build-system emacs-build-system) + (arguments + `(#:tests? #t + #:test-command '("emacs" "--batch" + "-L" "." + "-l" "test/auth-source-pass-tests.el" + "-f" "ert-run-tests-batch-and-exit"))) + (home-page "https://github.com/NicolasPetton/auth-password-store") + (synopsis "Integrate @code{auth-source} with @code{password-store}") + (description "This package helps Emacs integrate with the Unix +@code{password-store} application.") + (license license:gpl3+)))) + (define-public emacs-pass (package (name "emacs-pass") @@ -12195,50 +12248,48 @@ according to a parsing expression grammar.") (license license:gpl3+))) (define-public emacs-org-ql - (let ((commit "949a06c3ab50482b749fd2d4350837a197660d96") - (revision "3")) - (package - (name "emacs-org-ql") - (version (git-version "0.3.1" revision commit)) - (source (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/alphapapa/org-ql") - (commit commit))) - (sha256 - (base32 - "0apcg63xm0242mjgsgw0jrcda4p4iqj7fy3sgh0p7khi4hrs5ch0")) - (file-name (git-file-name name version)))) - (build-system emacs-build-system) - (propagated-inputs - `(("emacs-s" ,emacs-s) - ("emacs-f" ,emacs-f) - ("emacs-ov" ,emacs-ov) - ("emacs-peg" ,emacs-peg) - ("emacs-org-super-agenda" ,emacs-org-super-agenda) - ("emacs-ts" ,emacs-ts) - ("emacs-org" ,emacs-org) - ("emacs-helm" ,emacs-helm) - ("emacs-helm-org" ,emacs-helm-org) - ("emacs-dash" ,emacs-dash))) - (native-inputs - `(("emacs-buttercup" ,emacs-buttercup))) - (arguments - `(#:phases - (modify-phases %standard-phases - (add-after 'unpack 'require-helm - (lambda _ - (substitute* "helm-org-ql.el" - (("^;;;; Requirements") - ";;;; Requirements\n(require 'helm)\n(require 'helm-org)")) - #t))) - #:tests? #t - #:test-command '("buttercup" "-L" "."))) - (home-page "https://github.com/alphapapa/org-ql/") - (synopsis "Query language for Org buffers") - (description "This package provides a Lispy query language for Org + (package + (name "emacs-org-ql") + (version "0.3.2") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/alphapapa/org-ql") + (commit version))) + (sha256 + (base32 + "11bhpi2l28vp8mm9nx18jljbqdnh9vxpv9kp1dn9lpsgivcdbc34")) + (file-name (git-file-name name version)))) + (build-system emacs-build-system) + (propagated-inputs + `(("emacs-s" ,emacs-s) + ("emacs-f" ,emacs-f) + ("emacs-ov" ,emacs-ov) + ("emacs-peg" ,emacs-peg) + ("emacs-org-super-agenda" ,emacs-org-super-agenda) + ("emacs-ts" ,emacs-ts) + ("emacs-org" ,emacs-org) + ("emacs-helm" ,emacs-helm) + ("emacs-helm-org" ,emacs-helm-org) + ("emacs-dash" ,emacs-dash))) + (native-inputs + `(("emacs-buttercup" ,emacs-buttercup))) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'require-helm + (lambda _ + (substitute* "helm-org-ql.el" + (("^;;;; Requirements") + ";;;; Requirements\n(require 'helm)\n(require 'helm-org)")) + #t))) + #:tests? #t + #:test-command '("buttercup" "-L" "."))) + (home-page "https://github.com/alphapapa/org-ql/") + (synopsis "Query language for Org buffers") + (description "This package provides a Lispy query language for Org files, allowing for actions to be performed based on search criteria.") - (license license:gpl3+)))) + (license license:gpl3+))) (define-public emacs-org-auto-expand (let ((commit "4938d5f6460e2f8f051ba9ac000b291bfa43ef62") @@ -12537,6 +12588,11 @@ orient yourself in the code, and tell which statements are at a given level.") (sha256 (base32 "1kykbb1sil5cycfa5aj8dhsxc5yrx1641i2np5kwdjid6ahdlz5r")))) (build-system emacs-build-system) + (native-inputs + `(("emacs-buttercup" ,emacs-buttercup))) + (arguments + `(#:tests? #t + #:test-command '("buttercup" "-L" "."))) (home-page "https://github.com/DamienCassou/hierarchy") (synopsis "Library to create and display hierarchy structures") (description "This package provides an Emacs library to create, query, @@ -14960,7 +15016,7 @@ Org-mode. It features: (method git-fetch) (uri (git-reference (url home-page) (commit (string-append "v" version)))) - (file-name (string-append name "-" version ".tar.gz")) + (file-name (git-file-name name version)) (sha256 (base32 "1wi70r56pd5z0x4dp4m58p9asq03j74kdm4fi9vai83vsl2z9amq")))) @@ -16219,7 +16275,7 @@ backends, including the @command{wordnet} offline backend.") (define-public emacs-editorconfig (package (name "emacs-editorconfig") - (version "0.8.0") + (version "0.8.1") (source (origin (method git-fetch) @@ -16229,7 +16285,7 @@ backends, including the @command{wordnet} offline backend.") (file-name (git-file-name name version)) (sha256 (base32 - "1b2cpqz75pivl323bs60j5rszwi787x6vy68csycikqz9mhpmjn9")))) + "1djlhkap7zddknzvjsjz0agpfsms1ih05zcpg1bikid2vs4gddyr")))) (build-system emacs-build-system) (home-page "https://github.com/editorconfig/editorconfig-emacs") (synopsis "Define and maintain consistent coding styles between different @@ -18482,8 +18538,8 @@ Dash docsets.") (license license:gpl3+)))) (define-public emacs-counsel-dash - (let ((commit "24d370be9e94e90d045c49967e19484b9903fce9") - (revision "2")) + (let ((commit "7027868d483b51d949b9f20fb8f34b122ca61520") + (revision "3")) (package (name "emacs-counsel-dash") (version (git-version "0.1.3" revision commit)) @@ -18496,11 +18552,20 @@ Dash docsets.") (file-name (git-file-name name version)) (sha256 (base32 - "18gp7hhgng271c7bh06k9p24zqic0f64j5cicivljmyk9c3nh7an")))) + "0h3f5pxnmb21pq4hh7k4w8jzflz1k2ap7nwpjc222w0q6x6jrbjp")))) (build-system emacs-build-system) (propagated-inputs `(("emacs-dash-docs" ,emacs-dash-docs) ("emacs-ivy" ,emacs-ivy))) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'require-ivy + (lambda _ + (substitute* "counsel-dash.el" + (("^\\(require 'cl-lib\\)") + "(require 'cl-lib)\n(require 'ivy)\n(require 'subr-x)")) + #t))))) (home-page "https://github.com/dash-docs-el/counsel-dash") (synopsis "Offline documentation browser for APIs using Dash docsets") (description "This package uses @code{ivy-mode} to install and navigate diff --git a/gnu/packages/emulators.scm b/gnu/packages/emulators.scm index 1e5629451d..8095d3c44d 100644 --- a/gnu/packages/emulators.scm +++ b/gnu/packages/emulators.scm @@ -9,6 +9,8 @@ ;;; Copyright © 2017, 2018, 2019 Nicolas Goaziou <mail@nicolasgoaziou.fr> ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2017, 2018, 2019 Rutger Helling <rhelling@mykolab.com> +;;; Copyright © 2019 Pierre Neidhardt <mail@ambrevar.xyz> +;;; Copyright © 2019 David Wilson <david@daviwil.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -26,6 +28,7 @@ ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. (define-module (gnu packages emulators) + #:use-module (ice-9 match) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) @@ -39,6 +42,7 @@ #:use-module (gnu packages base) #:use-module (gnu packages boost) #:use-module (gnu packages backup) + #:use-module (gnu packages cdrom) #:use-module (gnu packages compression) #:use-module (gnu packages curl) #:use-module (gnu packages elf) @@ -82,6 +86,7 @@ #:use-module (gnu packages xorg) #:use-module (gnu packages web) #:use-module (guix build-system cmake) + #:use-module (guix build-system glib-or-gtk) #:use-module (guix build-system gnu)) (define-public desmume @@ -1366,3 +1371,94 @@ functions. The source code to MAME serves as this documentation.") ;; However, over 90% of the files are under Expat license. Also, artwork, ;; keymaps, languages and samples are under CC0. (license (list license:gpl2+ license:expat license:cc0)))) + +(define-public pcsxr + ;; No release since 2017. + (let ((commit "6484236cb0281e8040ff6c8078c87899a3407534")) + (package + (name "pcsxr") + ;; Version is tagged here: https://github.com/frealgagu/PCSX-Reloaded + (version "1.9.95") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/pcsxr/PCSX-Reloaded") + (commit commit))) + (sha256 + (base32 + "138mayp7zi9v4l3lm5f6xxkds619w1fgg769zm8s45c84jbz7dza")) + (file-name (git-file-name name commit)))) + (build-system cmake-build-system) + (arguments + `(#:tests? #f ;no "test" target + #:configure-flags + (list "-DSND_BACKEND=pulse" + "-DENABLE_CCDDA='ON'" + "-DUSE_LIBARCHIVE='ON'" + "-DUSE_LIBCDIO='ON'") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'cd-subdir + (lambda _ (chdir "pcsxr"))) + (add-before 'configure 'fix-cdio-lookup + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "cmake/FindCdio.cmake" + (("/usr/include/cdio") + (string-append (assoc-ref inputs "libcdio") "/include/cdio")))))))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("intltool" ,intltool) + ("glib" ,glib "bin"))) + (inputs + `(("libcdio" ,libcdio) + ("sdl2" ,sdl2) + ("gtk+" ,gtk+) + ("ffmpeg" ,ffmpeg) + ("libxv" ,libxv) + ("libarchive" ,libarchive) + ("pulseaudio" ,pulseaudio))) + (home-page "https://archive.codeplex.com/?p=pcsxr") + (synopsis "PlayStation emulator") + (description + "A PlayStation emulator based on PCSX-df Project with bugfixes and +improvements.") + (license license:gpl2+)))) + +(define-public gens-gs + (package + (name "gens-gs") + (version "7") + (source + (origin + (method url-fetch) + (uri (string-append "https://retrocdn.net/images/6/6d/Gens-gs-r" + version ".tar.gz")) + (sha256 + (base32 + "1ha5s6d3y7s9aq9f4zmn9p88109c3mrj36z2w68jhiw5xrxws833")))) + (build-system glib-or-gtk-build-system) + (arguments + `(#:system "i686-linux" + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'fix-CFLAGS + (lambda* _ + ;; Remove GTK API deprecation flags that cause build errors. + (substitute* "configure" + (("GTK_CFLAGS=\"\\$GTK_CFLAGS .*\"") "")) + #t))))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("nasm" ,nasm))) + (inputs + `(("sdl" ,sdl) + ("gtk" ,gtk+-2))) + (home-page "https://segaretro.org/Gens/GS") + (synopsis "Emulator for Sega Genesis/Mega Drive systems") + (description + "Gens/GS is an emulator for the Mega Drive (also known as Sega Genesis), +derived from Gens. Project goals include clean source code, combined features +from various forks of Gens, and improved platform portability.") + (supported-systems '("i686-linux" "x86_64-linux")) + (license license:gpl2+))) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index 857a8ddd1b..c49e6cf66b 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -30,6 +30,7 @@ #:use-module (guix build-system meson) #:use-module (guix build-system python) #:use-module (gnu packages) + #:use-module (gnu packages algebra) #:use-module (gnu packages avahi) #:use-module (gnu packages bash) #:use-module (gnu packages check) @@ -298,6 +299,11 @@ Libraries with some extra bells and whistles.") #:phases (modify-phases %standard-phases (delete 'bootstrap) ; We don't want to run the autogen script. + (add-after 'unpack 'fix-dot-desktop-creation + (lambda _ + (substitute* "data/session/meson.build" + (("HAVE_WAYLAND'.*") "HAVE_WAYLAND') == true\n")) + #t)) (add-before 'configure 'set-system-actions (lambda* (#:key inputs #:allow-other-keys) (setenv "HOME" "/tmp") @@ -306,6 +312,7 @@ Libraries with some extra bells and whistles.") (utils (assoc-ref inputs "util-linux")) (libc (assoc-ref inputs "libc")) (bluez (assoc-ref inputs "bluez")) + (bc (assoc-ref inputs "bc")) (efl (assoc-ref inputs "efl"))) ;; We need to patch the path to 'base.lst' to be able ;; to switch the keyboard layout in E. @@ -326,6 +333,8 @@ Libraries with some extra bells and whistles.") (string-append efl "/bin/edje_cc -v %s %s %s\""))) (substitute* "src/modules/everything/evry_plug_apps.c" (("/usr/bin/") "")) + (substitute* "src/modules/everything/evry_plug_calc.c" + (("bc -l") (string-append bc "/bin/bc -l"))) (substitute* "data/etc/meson.build" (("/bin/mount") (string-append utils "/bin/mount")) (("/bin/umount") (string-append utils "/bin/umount")) @@ -343,6 +352,7 @@ Libraries with some extra bells and whistles.") ("util-linux" ,util-linux))) (inputs `(("alsa-lib" ,alsa-lib) + ("bc" ,bc) ("bluez" ,bluez) ("dbus" ,dbus) ("efl" ,efl) diff --git a/gnu/packages/fonts.scm b/gnu/packages/fonts.scm index 03bfa43014..bb6dc45d94 100644 --- a/gnu/packages/fonts.scm +++ b/gnu/packages/fonts.scm @@ -1000,14 +1000,31 @@ correct spacing.") ;; <https://bugs.gnu.org/32916> (version "4.7.0") (source (origin - (method url-fetch) - (uri (string-append "http://fontawesome.io/assets/" - name "-" version ".zip")) + (method git-fetch) + (uri (git-reference + (url "https://github.com/FortAwesome/Font-Awesome.git") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) (sha256 (base32 - "1m1rfwm4sjkv10j3xd2dhwk286a5912b2zgvc692cmxi5gxs68jf")))) + "0w30y26jp8nvxa3iiw7ayl6rkza1rz62msl9xw3srvxya1c77grc")))) (build-system font-build-system) - (home-page "http://fontawesome.io") + (arguments + '(#:phases + (modify-phases %standard-phases + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (source (string-append (getcwd) "/fonts")) + (fonts (string-append out "/share/fonts"))) + (for-each (lambda (file) + (install-file file (string-append fonts "/truetype"))) + (find-files source "\\.(ttf|ttc)$")) + (for-each (lambda (file) + (install-file file (string-append fonts "/opentype"))) + (find-files source "\\.(otf|otc)$")) + #t)))))) + (home-page "https://fontawesome.com/") (synopsis "Font that contains a rich iconset") (description "Font Awesome is a full suite of pictographic icons for easy scalable diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 781f450621..870c4be4ab 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2223,7 +2223,7 @@ engineering.") (define-public seahorse (package (name "seahorse") - (version "3.30") + (version "3.30.1.1") (source (origin (method url-fetch) @@ -2232,8 +2232,19 @@ engineering.") version ".tar.xz")) (sha256 (base32 - "1sbj1czlx1fakm72dwgbn0bwm12j838yaky4mkf6hf8j8afnxmzp")))) - (build-system glib-or-gtk-build-system) + "12x7xmwh62yl0ax90v8nkx3jqzviaz9hz2g56yml78wzww20gawy")) + (patches (search-patches + "seahorse-gkr-use-0-on-empty-flags.patch")))) + (build-system meson-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'skip-gtk-update-icon-cache + ;; Don't create 'icon-theme.cache'. + (lambda _ + (substitute* "build-aux/meson_post_install.py" + (("gtk-update-icon-cache") "true")) + #t))))) (inputs `(("gtk+" ,gtk+) ("gcr" ,gcr) @@ -2241,13 +2252,15 @@ engineering.") ("gpgme" ,gpgme) ("openldap" ,openldap) ("openssh" ,openssh) + ("avahi" ,avahi) ("libsecret" ,libsecret) ("libsoup" ,libsoup))) (native-inputs - `(("intltool" ,intltool) + `(("gettext" ,gettext-minimal) ("glib:bin" ,glib "bin") ("itstool" ,itstool) ("pkg-config" ,pkg-config) + ("vala" ,vala) ("xmllint" ,libxml2))) (home-page "https://launchpad.net/gnome-themes-standard") (synopsis "Manage encryption keys and passwords in the GNOME keyring") @@ -4353,7 +4366,7 @@ USB transfers with your high-level application or system daemon.") ;; one breaks the build by referring to a ;; non-existent header (packagekit.h) (delete-file "src/ui.c")))))) - (home-page "https://launchpad.net/simple-scan") + (home-page "https://gitlab.gnome.org/GNOME/simple-scan") (synopsis "Document and image scanner") (description "Simple Scan is an easy-to-use application, designed to let users connect their scanner and quickly have the image/document in an @@ -7100,7 +7113,7 @@ dark elements. It supports GNOME, Unity, Xfce, and Openbox.") (define-public arc-theme (package (name "arc-theme") - (version "20181022") + (version "20190917") (source (origin (method git-fetch) (uri (git-reference @@ -7109,7 +7122,7 @@ dark elements. It supports GNOME, Unity, Xfce, and Openbox.") (file-name (git-file-name name version)) (sha256 (base32 - "08951dk1irfadwpr3p323a4fprmxg53rk2r2niwq3v62ryhi3663")))) + "1qgpk4p2hi5hd4yy0hj93kq1vs0b32wb8qkaj1wi90c8gwddq5wa")))) (build-system gnu-build-system) (arguments '(#:phases diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 49a6e964a3..4419c48d1a 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -59,6 +59,7 @@ #:use-module (guix git-download) #:use-module (guix build-system gnu) #:use-module (guix build-system guile) + #:use-module (guix deprecation) #:use-module (guix utils) #:use-module (ice-9 match) #:use-module ((srfi srfi-1) #:prefix srfi-1:)) @@ -413,7 +414,7 @@ GNU@tie{}Guile. Use the @code{(ice-9 readline)} module and call its ;;; Extensions. ;;; -(define-public guile-json +(define-public guile-json-1 (package (name "guile-json") (version "1.2.0") @@ -444,17 +445,21 @@ specification. These are the main features: ;; Version 1.2.0 switched to GPLv3+ (from LGPLv3+). (license license:gpl3+))) -(define-public guile-json-1 - ;; This is the 1.x branch of Guile-JSON. - guile-json) +;; Deprecate the 'guile-json' alias to force the use 'guile-json-1' or +;; 'guile-json-3'. In the future, we may reuse 'guile-json' as an alias for +;; 'guile-json-3'. +(define-deprecated guile-json + guile-json-1 + guile-json-1) +(export guile-json) (define-public guile2.0-json - (package-for-guile-2.0 guile-json)) + (package-for-guile-2.0 guile-json-1)) (define-public guile-json-3 ;; This version is incompatible with 1.x; see the 'NEWS' file. (package - (inherit guile-json) + (inherit guile-json-1) (name "guile-json") (version "3.2.0") (source (origin diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index d75d28ef0a..96c69bd126 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -2919,7 +2919,7 @@ country-specific regulations for the wireless spectrum.") (define-public lm-sensors (package (name "lm-sensors") - (version "3.5.0") + (version "3.6.0") (source (origin (method git-fetch) @@ -2929,7 +2929,7 @@ country-specific regulations for the wireless spectrum.") (string-split version #\.) "-"))))) (file-name (git-file-name name version)) (sha256 - (base32 "1mdrnb9r01z1xfdm6dpkywvf9yy9a4yzb59paih9sijwmigv19fj")) + (base32 "1ipf6wjx037sqyhy0r5jh4983h216anq9l68ckn2x5c3qc4wfmzn")) (patches (search-patches "lm-sensors-hwmon-attrs.patch")))) (build-system gnu-build-system) (inputs `(("rrdtool" ,rrdtool) @@ -2940,10 +2940,10 @@ country-specific regulations for the wireless spectrum.") ("flex" ,flex) ("bison" ,bison) ("which" ,which))) - (outputs '("lib" ;avoid perl in closure + (outputs '("lib" ; avoid perl in closure "out")) (arguments - `(#:tests? #f ; no 'check' target + `(#:tests? #f ; no 'check' target #:make-flags (list (string-append "PREFIX=" %output) (string-append "ETCDIR=" (assoc-ref %outputs "lib") "/etc") (string-append "INCLUDEDIR=" diff --git a/gnu/packages/lisp.scm b/gnu/packages/lisp.scm index bb2a589578..4a7527344f 100644 --- a/gnu/packages/lisp.scm +++ b/gnu/packages/lisp.scm @@ -1508,6 +1508,8 @@ else @code{parse-number} signals an error of type @code{invalid-number}.") (base32 "0kvz16gnxnkdz0fy1x8y5yr28nfm7i2qpvix7mgwccdpjmsb4pgm")))) (build-system asdf-build-system/sbcl) + (native-inputs + `(("rt" ,sbcl-rt))) (home-page "https://common-lisp.net/project/iterate/") (synopsis "Iteration construct for Common Lisp") (description "@code{iterate} is an iteration construct for Common Lisp. @@ -1524,6 +1526,9 @@ It is similar to the @code{CL:LOOP} macro, with these distinguishing marks: (define-public cl-iterate (sbcl-package->cl-source-package sbcl-iterate)) +(define-public ecl-iterate + (sbcl-package->ecl-package sbcl-iterate)) + (define-public sbcl-cl-uglify-js ;; There have been many bug fixes since the 2010 release. (let ((commit "429c5e1d844e2f96b44db8fccc92d6e8e28afdd5") @@ -7833,3 +7838,248 @@ Clojure, as well as several expansions on the idea.") (define-public ecl-arrows (sbcl-package->ecl-package sbcl-arrows)) + +(define-public sbcl-simple-parallel-tasks + (let ((commit "db460f7a3f7bbfe2d3a2223ed21e162068d04dda") + (revision "0")) + (package + (name "sbcl-simple-parallel-tasks") + (version (git-version "1.0" revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/glv2/simple-parallel-tasks.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0amw3qk23wnlyrsgzszs6rs7y4zvxv8dr03rnqhc60mnm8ds4dd5")))) + (build-system asdf-build-system/sbcl) + (native-inputs + `(("fiveam" ,sbcl-fiveam))) + (inputs + `(("chanl" ,sbcl-chanl))) + (synopsis "Common Lisp library to evaluate some forms in parallel") + (description "This is a simple Common Lisp library to evaluate some +forms in parallel.") + (home-page "https://github.com/glv2/simple-parallel-tasks") + (license license:gpl3)))) + +(define-public cl-simple-parallel-tasks + (sbcl-package->cl-source-package sbcl-simple-parallel-tasks)) + +(define-public ecl-simple-parallel-tasks + (sbcl-package->ecl-package sbcl-simple-parallel-tasks)) + +(define-public sbcl-cl-heap + (package + (name "sbcl-cl-heap") + (version "0.1.6") + (source + (origin + (method url-fetch) + (uri (string-append "https://common-lisp.net/project/cl-heap/releases/" + "cl-heap_" version ".tar.gz")) + (sha256 + (base32 + "163hb07p2nxz126rpq3cj5dyala24n0by5i5786n2qcr1w0bak4i")))) + (build-system asdf-build-system/sbcl) + (native-inputs + `(("xlunit" ,sbcl-xlunit))) + (arguments + `(#:test-asd-file "cl-heap-tests.asd")) + (synopsis "Heap and priority queue data structures for Common Lisp") + (description + "CL-HEAP provides various implementations of heap data structures (a +binary heap and a Fibonacci heap) as well as an efficient priority queue.") + (home-page "https://common-lisp.net/project/cl-heap/") + (license license:gpl3+))) + +(define-public cl-heap + (sbcl-package->cl-source-package sbcl-cl-heap)) + +(define-public ecl-cl-heap + (sbcl-package->ecl-package sbcl-cl-heap)) + +(define-public sbcl-curry-compose-reader-macros + (let ((commit "beaa92dedf392726c042184bfd6149fa8d9e6ac2") + (revision "0")) + (package + (name "sbcl-curry-compose-reader-macros") + (version (git-version "1.0.0" revision commit)) + (source + (origin + (method git-fetch) + (uri + (git-reference + (url "https://github.com/eschulte/curry-compose-reader-macros.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0rv9bl8xrad5wfcg5zs1dazvnpmvqz6297lbn8bywsrcfnlf7h98")))) + (build-system asdf-build-system/sbcl) + (inputs + `(("alexandria" ,sbcl-alexandria) + ("named-readtables" ,sbcl-named-readtables))) + (synopsis "Reader macros for partial application and composition") + (description + "This Common Lisp library provides reader macros for concise expression +of function partial application and composition.") + (home-page "https://eschulte.github.io/curry-compose-reader-macros/") + (license license:public-domain)))) + +(define-public cl-curry-compose-reader-macros + (sbcl-package->cl-source-package sbcl-curry-compose-reader-macros)) + +(define-public ecl-curry-compose-reader-macros + (sbcl-package->ecl-package sbcl-curry-compose-reader-macros)) + +(define-public sbcl-yason + (package + (name "sbcl-yason") + (version "0.7.7") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/phmarek/yason.git") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0479rbjgbj80jpk5bby18inlv1kfp771a82rlcq5psrz65qqa9bj")))) + (build-system asdf-build-system/sbcl) + (inputs + `(("alexandria" ,sbcl-alexandria) + ("trivial-gray-streams" ,sbcl-trivial-gray-streams))) + (synopsis "Common Lisp JSON parser/encoder") + (description + "YASON is a Common Lisp library for encoding and decoding data in the +JSON interchange format.") + (home-page "https://github.com/phmarek/yason") + (license license:bsd-3))) + +(define-public cl-yason + (sbcl-package->cl-source-package sbcl-yason)) + +(define-public ecl-yason + (sbcl-package->ecl-package sbcl-yason)) + +(define-public sbcl-stefil + (let ((commit "0398548ec95dceb50fc2c2c03e5fb0ce49b86c7a") + (revision "0")) + (package + (name "sbcl-stefil") + (version (git-version "0.1" revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://gitlab.common-lisp.net/stefil/stefil.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0bqz64q2szzhf91zyqyssmvrz7da6442rs01808pf3wrdq28bclh")))) + (build-system asdf-build-system/sbcl) + (inputs + `(("alexandria" ,sbcl-alexandria) + ("iterate" ,sbcl-iterate) + ("metabang-bind" ,sbcl-metabang-bind))) + (propagated-inputs + ;; Swank doesn't have a pre-compiled package, therefore we must + ;; propagate its sources. + `(("swank" ,cl-slime-swank))) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'drop-unnecessary-dependency + (lambda _ + (substitute* "package.lisp" + ((":stefil-system") "")) + #t))))) + (home-page "https://common-lisp.net/project/stefil/index-old.shtml") + (synopsis "Simple test framework") + (description + "Stefil is a simple test framework for Common Lisp, with a focus on +interactive development.") + (license license:public-domain)))) + +(define-public cl-stefil + (sbcl-package->cl-source-package sbcl-stefil)) + +(define-public sbcl-graph + (let ((commit "78bf9ec930d8eae4f0861b5be76765fb1e45e24f") + (revision "0")) + (package + (name "sbcl-graph") + (version (git-version "0.0.0" revision commit)) + (source + (origin + (method git-fetch) + (uri + (git-reference + (url "https://github.com/eschulte/graph.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "1qpij4xh8bqwc2myahpilcbh916v7vg0acz2fij14d3y0jm02h0g")) + (patches (search-patches "sbcl-graph-asdf-definitions.patch")))) + (build-system asdf-build-system/sbcl) + (native-inputs + `(("stefil" ,sbcl-stefil))) + (inputs + `(("alexandria" ,sbcl-alexandria) + ("cl-heap" ,sbcl-cl-heap) + ("curry-compose-reader-macros" ,sbcl-curry-compose-reader-macros) + ("metabang-bind" ,sbcl-metabang-bind) + ("named-readtables" ,sbcl-named-readtables))) + (arguments + '(#:test-asd-file "graph.test.asd")) + (synopsis "Graph data structure and algorithms for Common Lisp") + (description + "The GRAPH Common Lisp library provides a data structures to represent +graphs, as well as some graph manipulation and analysis algorithms (shortest +path, maximum flow, minimum spanning tree, etc.).") + (home-page "https://eschulte.github.io/graph/") + (license license:gpl3+)))) + +(define-public cl-graph + (sbcl-package->cl-source-package sbcl-graph)) + +(define-public sbcl-graph-dot + (package + (inherit sbcl-graph) + (name "sbcl-graph-dot") + (inputs + `(("alexandria" ,sbcl-alexandria) + ("cl-ppcre" ,sbcl-cl-ppcre) + ("curry-compose-reader-macros" ,sbcl-curry-compose-reader-macros) + ("graph" ,sbcl-graph) + ("metabang-bind" ,sbcl-metabang-bind) + ("named-readtables" ,sbcl-named-readtables))) + (arguments + (substitute-keyword-arguments (package-arguments sbcl-graph) + ((#:asd-file _ "") "graph.dot.asd") + ((#:asd-system-name _ #f) "graph-dot"))) + (synopsis "Serialize graphs to and from DOT format"))) + +(define-public sbcl-graph-json + (package + (inherit sbcl-graph) + (name "sbcl-graph-json") + (inputs + `(("alexandria" ,sbcl-alexandria) + ("curry-compose-reader-macros" ,sbcl-curry-compose-reader-macros) + ("graph" ,sbcl-graph) + ("metabang-bind" ,sbcl-metabang-bind) + ("named-readtables" ,sbcl-named-readtables) + ("yason" ,sbcl-yason))) + (arguments + (substitute-keyword-arguments (package-arguments sbcl-graph) + ((#:asd-file _ "") "graph.json.asd") + ((#:asd-system-name _ #f) "graph-json"))) + (synopsis "Serialize graphs to and from JSON format"))) diff --git a/gnu/packages/machine-learning.scm b/gnu/packages/machine-learning.scm index 2b2df6da6a..b83b336d84 100644 --- a/gnu/packages/machine-learning.scm +++ b/gnu/packages/machine-learning.scm @@ -2051,3 +2051,39 @@ includes an implementation of Global Refinement of Random Forest.") (define-public ecl-cl-random-forest (sbcl-package->ecl-package sbcl-cl-random-forest)) + +(define-public gloo + (let ((version "0.0.0") ; no proper version tag + (commit "ca528e32fea9ca8f2b16053cff17160290fc84ce") + (revision "0")) + (package + (name "gloo") + (version (git-version version revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/facebookincubator/gloo.git") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "1q9f80zy75f6njrzrqkmhc0g3qxs4gskr7ns2jdqanxa2ww7a99w")))) + (build-system cmake-build-system) + (native-inputs + `(("googletest" ,googletest))) + (arguments + `(#:configure-flags '("-DBUILD_TEST=1") + #:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ + (invoke "make" "gloo_test") + #t))))) + (synopsis "Collective communications library") + (description + "Gloo is a collective communications library. It comes with a +number of collective algorithms useful for machine learning applications. +These include a barrier, broadcast, and allreduce.") + (home-page "https://github.com/facebookincubator/gloo") + (license license:bsd-3)))) diff --git a/gnu/packages/make-bootstrap.scm b/gnu/packages/make-bootstrap.scm index 3a664fd94f..4b8387a65f 100644 --- a/gnu/packages/make-bootstrap.scm +++ b/gnu/packages/make-bootstrap.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2018, 2019 Mark H Weaver <mhw@netris.org> @@ -24,6 +24,7 @@ (define-module (gnu packages make-bootstrap) #:use-module (guix utils) #:use-module (guix packages) + #:use-module (guix memoization) #:use-module ((guix licenses) #:select (gpl3+)) #:use-module (guix build-system trivial) #:use-module (guix build-system gnu) @@ -63,27 +64,29 @@ ;;; ;;; Code: -(define* (glibc-for-bootstrap #:optional (base glibc)) - "Return a libc deriving from BASE whose `system' and `popen' functions looks +(define glibc-for-bootstrap + (mlambdaq (base) + "Return a libc deriving from BASE whose `system' and `popen' functions looks for `sh' in $PATH, and without nscd, and with static NSS modules." - (package (inherit base) - (source (origin (inherit (package-source base)) - (patches (cons (search-patch "glibc-bootstrap-system.patch") - (origin-patches (package-source base)))))) - (arguments - (substitute-keyword-arguments (package-arguments base) - ((#:configure-flags flags) - ;; Arrange so that getaddrinfo & co. do not contact the nscd, - ;; and can use statically-linked NSS modules. - `(cons* "--disable-nscd" "--disable-build-nscd" - "--enable-static-nss" - ,flags)))) - - ;; Remove the 'debug' output to allow bit-reproducible builds (when the - ;; 'debug' output is used, ELF files end up with a .gnu_debuglink, which - ;; includes a CRC of the corresponding debugging symbols; those symbols - ;; contain store file names, so the CRC changes at every rebuild.) - (outputs (delete "debug" (package-outputs base))))) + (package + (inherit base) + (source (origin (inherit (package-source base)) + (patches (cons (search-patch "glibc-bootstrap-system.patch") + (origin-patches (package-source base)))))) + (arguments + (substitute-keyword-arguments (package-arguments base) + ((#:configure-flags flags) + ;; Arrange so that getaddrinfo & co. do not contact the nscd, + ;; and can use statically-linked NSS modules. + `(cons* "--disable-nscd" "--disable-build-nscd" + "--enable-static-nss" + ,flags)))) + + ;; Remove the 'debug' output to allow bit-reproducible builds (when the + ;; 'debug' output is used, ELF files end up with a .gnu_debuglink, which + ;; includes a CRC of the corresponding debugging symbols; those symbols + ;; contain store file names, so the CRC changes at every rebuild.) + (outputs (delete "debug" (package-outputs base)))))) (define (package-with-relocatable-glibc p) "Return a variant of P that uses the libc as defined by @@ -122,8 +125,8 @@ for `sh' in $PATH, and without nscd, and with static NSS modules." (package-search-paths gcc))))) ("cross-binutils" ,(cross-binutils target)) ,@(%final-inputs))) - `(("libc" ,(glibc-for-bootstrap)) - ("libc:static" ,(glibc-for-bootstrap) "static") + `(("libc" ,(glibc-for-bootstrap glibc)) + ("libc:static" ,(glibc-for-bootstrap glibc) "static") ("gcc" ,(package (inherit gcc) (outputs '("out")) ;all in one so libgcc_s is easily found (native-search-paths @@ -135,8 +138,8 @@ for `sh' in $PATH, and without nscd, and with static NSS modules." (package-native-search-paths gcc))) (inputs `(;; Distinguish the name so we can refer to it below. - ("bootstrap-libc" ,(glibc-for-bootstrap)) - ("libc:static" ,(glibc-for-bootstrap) "static") + ("bootstrap-libc" ,(glibc-for-bootstrap glibc)) + ("libc:static" ,(glibc-for-bootstrap glibc) "static") ,@(package-inputs gcc))) (arguments (substitute-keyword-arguments (package-arguments gcc) @@ -438,7 +441,7 @@ for `sh' in $PATH, and without nscd, and with static NSS modules." ;; GNU libc's essential shared libraries, dynamic linker, and headers, ;; with all references to store directories stripped. As a result, ;; libc.so is unusable and need to be patched for proper relocation. - (let ((glibc (glibc-for-bootstrap))) + (let ((glibc (glibc-for-bootstrap glibc))) (package (inherit glibc) (name "glibc-stripped") (build-system trivial-build-system) diff --git a/gnu/packages/mingw.scm b/gnu/packages/mingw.scm index fe51780fa3..88c8d41ef8 100644 --- a/gnu/packages/mingw.scm +++ b/gnu/packages/mingw.scm @@ -30,12 +30,21 @@ #:use-module (guix packages) #:use-module (guix download) #:use-module (guix utils) - #:use-module (ice-9 match)) + #:use-module (ice-9 match) + #:export (make-mingw-w64)) -(define-public (make-mingw-w64 machine) - (let ((triplet (string-append machine "-" "w64-mingw32"))) +(define* (make-mingw-w64 machine + #:key + xgcc + xbinutils + with-winpthreads?) + "Return a mingw-w64 for targeting MACHINE. If XGCC or XBINUTILS is specified, +use that gcc or binutils when cross-compiling. If WITH-WINPTHREADS? is +specified, recurse and return a mingw-w64 with support for winpthreads." + (let* ((triplet (string-append machine "-" "w64-mingw32"))) (package - (name (string-append "mingw-w64" "-" machine)) + (name (string-append "mingw-w64" "-" machine + (if with-winpthreads? "-winpthreads" ""))) (version "6.0.0") (source (origin (method url-fetch) @@ -45,8 +54,13 @@ (sha256 (base32 "1w28mynv500y03h92nh87rgw3fnp82qwnjbxrrzqkmr63q812pl0")) (patches (search-patches "mingw-w64-6.0.0-gcc.patch")))) - (native-inputs `(("xgcc-core" ,(cross-gcc triplet)) - ("xbinutils" ,(cross-binutils triplet)))) + (native-inputs `(("xgcc-core" ,(if xgcc xgcc (cross-gcc triplet))) + ("xbinutils" ,(if xbinutils xbinutils (cross-binutils triplet))) + ,@(if with-winpthreads? + `(("xlibc" ,(make-mingw-w64 machine + #:xgcc xgcc + #:xbinutils xbinutils))) + '()))) (build-system gnu-build-system) (search-paths (list (search-path-specification @@ -59,7 +73,10 @@ ,(string-append triplet "/lib") ,(string-append triplet "/lib64")))))) (arguments - `(#:configure-flags '(,(string-append "--host=" triplet)) + `(#:configure-flags '(,(string-append "--host=" triplet) + ,@(if with-winpthreads? + '("--with-libraries=winpthreads") + '())) #:phases (modify-phases %standard-phases (add-before 'configure 'setenv @@ -74,7 +91,13 @@ ":" mingw-headers "/include" ":" mingw-headers "/crt" ":" mingw-headers "/defaults/include" - ":" mingw-headers "/direct-x/include")))))) + ":" mingw-headers "/direct-x/include")) + (when ,with-winpthreads? + (let ((xlibc (assoc-ref inputs "xlibc"))) + (setenv "CROSS_LIBRARY_PATH" + (string-append + xlibc "/lib" ":" + xlibc "/" ,triplet "/lib")))))))) #:make-flags (list "DEFS=-DHAVE_CONFIG_H -D__MINGW_HAS_DXSDK=1") #:tests? #f ; compiles and includes glibc headers #:strip-binaries? #f)) @@ -98,4 +121,12 @@ several new APIs such as DirectX and DDK, and 64-bit support.") (define-public mingw-w64-x86_64 (make-mingw-w64 "x86_64")) +(define-public mingw-w64-i686-winpthreads + (make-mingw-w64 "i686" + #:with-winpthreads? #t)) + +(define-public mingw-w64-x86_64-winpthreads + (make-mingw-w64 "x86_64" + #:with-winpthreads? #t)) + (define-public mingw-w64 mingw-w64-i686) diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm index 8e89836595..36d035ada0 100644 --- a/gnu/packages/multiprecision.scm +++ b/gnu/packages/multiprecision.scm @@ -293,7 +293,7 @@ multiplies.") (define-public libtommath (package (name "libtommath") - (version "1.1.0") + (version "1.2.0") (outputs '("out" "static")) (source (origin @@ -302,8 +302,7 @@ multiplies.") "download/v" version "/ltm-" version ".tar.xz")) (sha256 (base32 - "1bbyagqzfdbg37k1n08nsqzdf44z8zsnjjinqbsyj7rxg246qilh")) - (patches (search-patches "libtommath-fix-linkage.patch")))) + "1c8q1qy88cjhdjlk3g24mra94h34c1ldvkjz0n2988c0yvn5xixp")))) (build-system gnu-build-system) (arguments '(#:phases @@ -311,10 +310,6 @@ multiplies.") (delete 'configure) ; no configure (add-after 'unpack 'prepare-build (lambda _ - ;; Don't pull in coreutils. - (substitute* "makefile_include.mk" - (("arch") "uname -m")) - ;; We want the shared library by default so force it to be the ;; default makefile target. (delete-file "makefile") @@ -326,14 +321,15 @@ multiplies.") "/lib/libtommath.a")) #t)) (replace 'check - (lambda* (#:key make-flags #:allow-other-keys) - (apply invoke "make" "test_standalone" make-flags) + (lambda* (#:key test-target make-flags #:allow-other-keys) + (apply invoke "make" test-target make-flags) (invoke "sh" "test"))) (add-after 'install 'install-static-library (lambda* (#:key outputs #:allow-other-keys) (invoke "make" "-f" "makefile.unix" "install" (string-append "PREFIX=" (assoc-ref outputs "static")) (string-append "CC=" (which "gcc")))))) + #:test-target "test" #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")) "CC=gcc"))) (native-inputs @@ -346,9 +342,34 @@ simple to work with that provides fairly efficient routines that build out of the box without configuration.") (license unlicense))) -(define-public libtommath-1.0 +(define-public libtommath-1.1 (package (inherit libtommath) + (version "1.1.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/libtom/libtommath/releases/" + "download/v" version "/ltm-" version ".tar.xz")) + (sha256 + (base32 + "1bbyagqzfdbg37k1n08nsqzdf44z8zsnjjinqbsyj7rxg246qilh")) + (patches (search-patches "libtommath-fix-linkage.patch")))) + (arguments + (substitute-keyword-arguments (package-arguments libtommath) + ((#:phases phases) + `(modify-phases ,phases + (add-after 'unpack 'patch-coreutils-call + (lambda _ + ;; Don't pull in coreutils. + (substitute* "makefile_include.mk" + (("arch") "uname -m")) + #t)))) + ((#:test-target _) "test_standalone"))))) + +(define-public libtommath-1.0 + (package + (inherit libtommath-1.1) (version "1.0.1") (outputs '("out")) (source @@ -360,7 +381,7 @@ the box without configuration.") (base32 "0sbccdwbkfc680id2fi0x067j23biqcjqilwkk7y9339knrjy0s7")))) (arguments - (substitute-keyword-arguments (package-arguments libtommath) + (substitute-keyword-arguments (package-arguments libtommath-1.1) ((#:phases phases) `(modify-phases ,phases (delete 'install-static-library))))))) diff --git a/gnu/packages/parallel.scm b/gnu/packages/parallel.scm index 253596d8e3..d8338caffb 100644 --- a/gnu/packages/parallel.scm +++ b/gnu/packages/parallel.scm @@ -52,14 +52,14 @@ (define-public parallel (package (name "parallel") - (version "20190922") + (version "20191022") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/parallel/parallel-" version ".tar.bz2")) (sha256 - (base32 "0qrw34rpp8g5knb2nhs8z1hz9i42nxjn6i12m4rblm0anhnfwbr8")))) + (base32 "1a89x5ix9kls1abj8zkgxdf3g3s5phzb83xcd4cwpz4szfjfw6v4")))) (build-system gnu-build-system) (arguments `(#:phases diff --git a/gnu/packages/patches/avahi-CVE-2018-1000845.patch b/gnu/packages/patches/avahi-CVE-2018-1000845.patch new file mode 100644 index 0000000000..e5b13e0bee --- /dev/null +++ b/gnu/packages/patches/avahi-CVE-2018-1000845.patch @@ -0,0 +1,42 @@ +From e111def44a7df4624a4aa3f85fe98054bffb6b4f Mon Sep 17 00:00:00 2001 +From: Trent Lloyd <trent@lloyd.id.au> +Date: Sat, 22 Dec 2018 09:06:07 +0800 +Subject: [PATCH] Drop legacy unicast queries from address not on local link + +When handling legacy unicast queries, ensure that the source IP is +inside a subnet on the local link, otherwise drop the packet. + +Fixes #145 +Fixes #203 +CVE-2017-6519 +CVE-2018-100084 +--- + avahi-core/server.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/avahi-core/server.c b/avahi-core/server.c +index a2cb19a8..a2580e38 100644 +--- a/avahi-core/server.c ++++ b/avahi-core/server.c +@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres + + if (avahi_dns_packet_is_query(p)) { + int legacy_unicast = 0; ++ char t[AVAHI_ADDRESS_STR_MAX]; + + /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the + * AR section completely here, so far. Until the day we add +@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres + legacy_unicast = 1; + } + ++ if (!is_mdns_mcast_address(dst_address) && ++ !avahi_interface_address_on_link(i, src_address)) { ++ ++ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol); ++ return; ++ } ++ + if (legacy_unicast) + reflect_legacy_unicast_query_packet(s, p, i, src_address, port); + diff --git a/gnu/packages/patches/sbcl-graph-asdf-definitions.patch b/gnu/packages/patches/sbcl-graph-asdf-definitions.patch new file mode 100644 index 0000000000..a528ccfcc6 --- /dev/null +++ b/gnu/packages/patches/sbcl-graph-asdf-definitions.patch @@ -0,0 +1,70 @@ +commit 52ebece1243ae6900e414b6248b5145a28348eef +Author: Guillaume Le Vaillant <glv@posteo.net> +Date: Fri Oct 18 15:41:23 2019 +0200 + + Use basic ASDF system definitions instead of package-inferred-system + +diff --git a/graph.asd b/graph.asd +index 193b6e3..56afc8f 100644 +--- a/graph.asd ++++ b/graph.asd +@@ -3,12 +3,10 @@ + :version "0.0.0" + :author ("Eric Schulte <schulte.eric@gmail.com>" "Thomas Dye") + :licence "GPL V3" +- :class :package-inferred-system +- :defsystem-depends-on (:asdf-package-system) ++ :in-order-to ((test-op (test-op graph-test))) + :depends-on (alexandria + metabang-bind + named-readtables + curry-compose-reader-macros +- graph/graph)) +- +-(register-system-packages "femlisp-matlisp" '(:fl.matlisp)) ++ cl-heap) ++ :components ((:file "graph"))) +diff --git a/graph.dot.asd b/graph.dot.asd +new file mode 100644 +index 0000000..12aec7e +--- /dev/null ++++ b/graph.dot.asd +@@ -0,0 +1,8 @@ ++(defsystem :graph-dot ++ :depends-on (alexandria ++ metabang-bind ++ named-readtables ++ curry-compose-reader-macros ++ cl-ppcre ++ graph) ++ :components ((:file "dot"))) +diff --git a/graph.json.asd b/graph.json.asd +new file mode 100644 +index 0000000..e7d091f +--- /dev/null ++++ b/graph.json.asd +@@ -0,0 +1,8 @@ ++(defsystem :graph-json ++ :depends-on (alexandria ++ metabang-bind ++ named-readtables ++ curry-compose-reader-macros ++ yason ++ graph) ++ :components ((:file "json"))) +diff --git a/graph.test.asd b/graph.test.asd +new file mode 100644 +index 0000000..1e811e1 +--- /dev/null ++++ b/graph.test.asd +@@ -0,0 +1,10 @@ ++(defsystem :graph-test ++ :depends-on (alexandria ++ metabang-bind ++ named-readtables ++ curry-compose-reader-macros ++ graph ++ stefil) ++ :perform (test-op (o s) ++ (uiop:symbol-call :graph/test 'test)) ++ :components ((:file "test"))) diff --git a/gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch b/gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch new file mode 100644 index 0000000000..55866d2973 --- /dev/null +++ b/gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch @@ -0,0 +1,32 @@ +Patch from <https://gitlab.gnome.org/GNOME/seahorse/commit/d9db29db567012b7c72e85e1be1fbf55fcc9b667>. + +From d9db29db567012b7c72e85e1be1fbf55fcc9b667 Mon Sep 17 00:00:00 2001 +From: Niels De Graef <nielsdegraef@gmail.com> +Date: Sat, 11 May 2019 09:02:34 +0200 +Subject: [PATCH] gkr: Use 0 on empty flags + +A Flags-type variable without any flag set can be replaced with 0, so +this is a safe thing to do. It also prevents us from having to deal with +the accidental API break in libsecret (see +https://gitlab.gnome.org/GNOME/libsecret/merge_requests/19) +--- + gkr/gkr-keyring-add.vala | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/gkr/gkr-keyring-add.vala b/gkr/gkr-keyring-add.vala +index 4e92a520..f60c9a22 100644 +--- a/gkr/gkr-keyring-add.vala ++++ b/gkr/gkr-keyring-add.vala +@@ -41,8 +41,7 @@ public class Seahorse.Gkr.KeyringAdd : Gtk.Dialog { + + var cancellable = Dialog.begin_request(this); + var service = Backend.instance().service; +- Secret.Collection.create.begin(service, this.name_entry.text, null, +- Secret.CollectionCreateFlags.COLLECTION_CREATE_NONE, ++ Secret.Collection.create.begin(service, this.name_entry.text, null, 0, + cancellable, (obj, res) => { + /* Clear the operation without cancelling it since it is complete */ + Dialog.complete_request(this, false); +-- +2.23.0 + diff --git a/gnu/packages/patches/weasyprint-library-paths.patch b/gnu/packages/patches/weasyprint-library-paths.patch new file mode 100644 index 0000000000..eabbdbdcd6 --- /dev/null +++ b/gnu/packages/patches/weasyprint-library-paths.patch @@ -0,0 +1,38 @@ +diff --git a/weasyprint/fonts.py b/weasyprint/fonts.py +index 377716c1..2016e01c 100644 +--- a/weasyprint/fonts.py ++++ b/weasyprint/fonts.py +@@ -48,11 +48,8 @@ else: + # with OSError: dlopen() failed to load a library: cairo / cairo-2 + # So let's hope we find the same file as cairo already did ;) + # Same applies to pangocairo requiring pangoft2 +- fontconfig = dlopen(ffi, 'fontconfig', 'libfontconfig', +- 'libfontconfig-1.dll', +- 'libfontconfig.so.1', 'libfontconfig-1.dylib') +- pangoft2 = dlopen(ffi, 'pangoft2-1.0', 'libpangoft2-1.0-0', +- 'libpangoft2-1.0.so', 'libpangoft2-1.0.dylib') ++ fontconfig = dlopen(ffi, '@fontconfig@') ++ pangoft2 = dlopen(ffi, '@pangoft2@') + + ffi.cdef(''' + // FontConfig +diff --git a/weasyprint/text.py b/weasyprint/text.py +index 035074e9..08e40395 100644 +--- a/weasyprint/text.py ++++ b/weasyprint/text.py +@@ -243,12 +243,9 @@ def dlopen(ffi, *names): + return ffi.dlopen(names[0]) # pragma: no cover + + +-gobject = dlopen(ffi, 'gobject-2.0', 'libgobject-2.0-0', 'libgobject-2.0.so', +- 'libgobject-2.0.dylib') +-pango = dlopen(ffi, 'pango-1.0', 'libpango-1.0-0', 'libpango-1.0.so', +- 'libpango-1.0.dylib') +-pangocairo = dlopen(ffi, 'pangocairo-1.0', 'libpangocairo-1.0-0', +- 'libpangocairo-1.0.so', 'libpangocairo-1.0.dylib') ++gobject = dlopen(ffi, '@gobject@') ++pango = dlopen(ffi, '@pango@') ++pangocairo = dlopen(ffi, '@pangocairo@') + + gobject.g_type_init() + diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 5f99f8b752..6cca129ce6 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2016 ng0 <ng0@n0.is> ;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com> -;;; Copyright © 2016, 2017 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2016, 2017, 2019 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu> ;;; Copyright © 2016, 2019 Arun Isaac <arunisaac@systemreboot.net> ;;; Copyright © 2017, 2018 Leo Famulari <leo@famulari.name> @@ -15,6 +15,8 @@ ;;; Copyright © 2017, 2018 Rene Saavedra <pacoon@protonmail.com> ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2019 Alex Griffin <a@ajgrf.com> +;;; Copyright © 2019 Ben Sturmfels <ben@sturm.com.au> +;;; Copyright © 2019 Hartmut Goebel <h.goebel@crazy-compilers.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -65,6 +67,7 @@ #:use-module (gnu packages imagemagick) #:use-module (gnu packages javascript) #:use-module (gnu packages lesstif) + #:use-module (gnu packages libffi) #:use-module (gnu packages linux) #:use-module (gnu packages lua) #:use-module (gnu packages pcre) @@ -72,6 +75,8 @@ #:use-module (gnu packages photo) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) + #:use-module (gnu packages python-check) + #:use-module (gnu packages python-web) #:use-module (gnu packages python-xyz) #:use-module (gnu packages qt) #:use-module (gnu packages sdl) @@ -975,6 +980,50 @@ Note: This module isn't maintained anymore. For new projects please use python-pypdf2 instead.") (license license:bsd-3))) +(define-public pdfarranger + (package + (name "pdfarranger") + (version "1.3.1") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/jeromerobert/pdfarranger.git") + (commit version))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1f8m8r81322i97wkqpmf7a4kiwnq244n6cnbldh03jc49vwq2kxx")))) + (build-system python-build-system) + (arguments + '(#:tests? #f ;no tests + #:phases (modify-phases %standard-phases + (add-after 'install 'wrap-for-typelib + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (program (string-append out "/bin/pdfarranger"))) + (wrap-program program + `("GI_TYPELIB_PATH" ":" prefix + (,(getenv "GI_TYPELIB_PATH")))) + #t)))))) + (native-inputs + `(("intltool" ,intltool) + ("python-distutils-extra" ,python-distutils-extra))) + (propagated-inputs + `(("gtk+" ,gtk+) + ("poppler" ,poppler) + ("python-pycairo" ,python-pycairo) + ("python-pygobject" ,python-pygobject) + ("python-pypdf2" ,python-pypdf2))) + (home-page "https://github.com/jeromerobert/pdfarranger") + (synopsis "Merge, split and re-arrange pages from PDF documents") + (description + "PDF Arranger is a small application which allows one to merge or split +PDF documents and rotate, crop and rearrange their pages using an interactive +and intuitive graphical interface. + +PDF Arranger was formerly known as PDF-Shuffler.") + (license license:gpl3+))) + (define-public pdfposter (package (name "pdfposter") @@ -1155,3 +1204,80 @@ manipulating PDF documents from the command line. It supports @item displaying the mapping between logical and physical page numbers @end itemize") (license license:bsd-3))) + +(define-public weasyprint + (package + (name "weasyprint") + (version "50") + (source + (origin + (method url-fetch) + (uri (pypi-uri "WeasyPrint" version)) + (sha256 + (base32 "0invs96zvmcr6wh5klj52jrcnr9qg150v9wpmbhcsf3vv1d1hbcw")) + (patches (search-patches "weasyprint-library-paths.patch")))) + (build-system python-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'patch-library-paths + (lambda* (#:key inputs #:allow-other-keys) + (let ((fontconfig (assoc-ref inputs "fontconfig")) + (glib (assoc-ref inputs "glib")) + (pango (assoc-ref inputs "pango")) + (pangoft2 (assoc-ref inputs "pangoft2"))) + (substitute* "weasyprint/fonts.py" + (("@fontconfig@") + (string-append fontconfig "/lib/libfontconfig.so")) + (("@pangoft2@") + (string-append pango "/lib/libpangoft2-1.0.so"))) + (substitute* "weasyprint/text.py" + (("@gobject@") + (string-append glib "/lib/libgobject-2.0.so")) + (("@pango@") + (string-append pango "/lib/libpango-1.0.so")) + (("@pangocairo@") + (string-append pango "/lib/libpangocairo-1.0.so")))))) + (add-after 'unpack 'remove-pytest-options + (lambda _ + (substitute* "setup.cfg" + ;; flake8 and isort syntax checks fail, which is not our + ;; business + (("addopts = --flake8 --isort") "")))) + (replace 'check + (lambda _ + ;; run pytest, excluding one failing test + (invoke "pytest" "-k" "not test_flex_column_wrap_reverse")))))) + (inputs + `(("fontconfig" ,fontconfig) + ("glib" ,glib) + ("pango" ,pango))) + (propagated-inputs + `(("gdk-pixbuf" ,gdk-pixbuf) + ("python-cairocffi" ,python-cairocffi) + ("python-cairosvg" ,python-cairosvg) + ("python-cffi" ,python-cffi) + ("python-cssselect2" ,python-cssselect2) + ("python-html5lib" ,python-html5lib) + ("python-pyphen" ,python-pyphen) + ("python-tinycss2" ,python-tinycss2))) + (native-inputs + `(("python-pytest-cov" ,python-pytest-cov) + ("python-pytest-runner" ,python-pytest-runner))) + (home-page "https://weasyprint.org/") + (synopsis "Document factory for creating PDF files from HTML") + (description "WeasyPrint helps web developers to create PDF documents. It +turns simple HTML pages into gorgeous statistical reports, invoices, tickets, +etc. + +From a technical point of view, WeasyPrint is a visual rendering engine for +HTML and CSS that can export to PDF and PNG. It aims to support web standards +for printing. + +It is based on various libraries but not on a full rendering engine like +WebKit or Gecko. The CSS layout engine is written in Python, designed for +pagination, and meant to be easy to hack on. Weasyprint can also be used as a +python library. + +Keywords: html2pdf, htmltopdf") + (license license:bsd-3))) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index baa29af22e..33d0f107d6 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -3166,14 +3166,14 @@ separator.") (define-public perl-error (package (name "perl-error") - (version "0.17027") + (version "0.17028") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/S/SH/SHLOMIF/" "Error-" version ".tar.gz")) (sha256 (base32 - "1gnkxf12dq2w1jmjpllp5f30ya4nll01jv2sfi24386zfn1arch7")))) + "0q796nwwiarfc6pga97380c9z8xva5545632001qj75kb1g5rn1s")))) (build-system perl-build-system) (native-inputs `(("perl-module-build" ,perl-module-build))) (home-page "https://metacpan.org/release/Error") diff --git a/gnu/packages/python-check.scm b/gnu/packages/python-check.scm index 15cf9138d4..caa398752e 100644 --- a/gnu/packages/python-check.scm +++ b/gnu/packages/python-check.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2019 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com> +;;; Copyright © 2019 Hartmut Goebel <h.goebel@crazy-compilers.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -153,6 +154,36 @@ of the project to ensure it renders properly.") compliance.") (license license:bsd-3))) +(define-public python-pytest-isort + (package + (name "python-pytest-isort") + (version "0.3.1") + (source + (origin + (method url-fetch) + (uri (pypi-uri "pytest-isort" version)) + (sha256 + (base32 "06myn5hhxs5yp8dqr1yjsgcnnxnsrvsqannm00bvaw0qml6ydzjb")))) + (build-system python-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ + (setenv "PYTHONPATH" + (string-append (getcwd) ":" + (getenv "PYTHONPATH"))) + (invoke "pytest")))))) + (propagated-inputs + `(("python-isort" ,python-isort) + ("python-pytest" ,python-pytest))) + (home-page "https://github.com/moccu/pytest-isort/") + (synopsis "Pytest plugin to check import ordering using isort") + (description + "This package provides a pytest plugin to check import ordering using +isort.") + (license license:bsd-3))) + (define-public python-pytest-shutil (package (name "python-pytest-shutil") diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm index 752d120782..b79b10d51e 100644 --- a/gnu/packages/python-web.scm +++ b/gnu/packages/python-web.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com> ;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name> -;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com> +;;; Copyright © 2016, 2019 Hartmut Goebel <h.goebel@crazy-compilers.com> ;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2015, 2017 Ben Woodcroft <donttrustben@gmail.com> ;;; Copyright © 2015, 2016 Christopher Allan Webber <cwebber@dustycloud.org> @@ -63,6 +63,7 @@ #:use-module (gnu packages libffi) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) + #:use-module (gnu packages python-check) #:use-module (gnu packages python-crypto) #:use-module (gnu packages python-xyz) #:use-module (gnu packages sphinx) @@ -1636,14 +1637,13 @@ Amazon Web Services (AWS) API.") (define-public python-wsgiproxy2 (package (name "python-wsgiproxy2") - (version "0.4.5") + (version "0.4.6") (source (origin (method url-fetch) (uri (pypi-uri "WSGIProxy2" version ".tar.gz")) (sha256 - (base32 - "19d9dva282vfjs784i0zkxp078lxfz4h3f621z30ij9wbf5rba6a")))) + (base32 "16jch5nic0hia28lps3c678s9s9mjdq8n87igxncjg0rpi5adqnf")))) (build-system python-build-system) (native-inputs `(("python-webtest" ,python-webtest))) @@ -3301,3 +3301,69 @@ library to create slugs from unicode strings while keeping it DRY.") (description "Generate complex HTML+JS pages with Python") (license license:expat))) +(define-public python-tinycss2 + (package + (name "python-tinycss2") + (version "1.0.2") + (source + (origin + (method url-fetch) + (uri (pypi-uri "tinycss2" version)) + (sha256 + (base32 "1kw84y09lggji4krkc58jyhsfj31w8npwhznr7lf19d0zbix09v4")))) + (build-system python-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ (invoke "pytest")))))) + (propagated-inputs + `(("python-webencodings" ,python-webencodings))) + (native-inputs + `(("python-pytest-flake8" ,python-pytest-flake8) + ("python-pytest-isort" ,python-pytest-isort) + ("python-pytest-runner" ,python-pytest-runner))) + (home-page "https://tinycss2.readthedocs.io/") + (synopsis "Low-level CSS parser for Python") + (description "@code{tinycss2} can parse strings, return Python objects +representing tokens and blocks, and generate CSS strings corresponding to +these objects. + +Based on the CSS Syntax Level 3 specification, @code{tinycss2} knows the +grammar of CSS but doesn’t know specific rules, properties or values supported +in various CSS modules.") + (license license:bsd-3))) + +(define-public python-cssselect2 + (package + (name "python-cssselect2") + (version "0.2.2") + (source + (origin + (method url-fetch) + (uri (pypi-uri "cssselect2" version)) + (sha256 + (base32 "0skymzb4ncrm2zdsy80f53vi0arf776lvbp51hzh4ayp1il5lj3h")))) + (build-system python-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ (invoke "pytest")))))) + (propagated-inputs + `(("python-tinycss2" ,python-tinycss2))) + (native-inputs + `(("python-pytest-cov" ,python-pytest-cov) + ("python-pytest-flake8" ,python-pytest-flake8) + ("python-pytest-isort" ,python-pytest-isort) + ("python-pytest-runner" ,python-pytest-runner))) + (home-page "https://cssselect2.readthedocs.io/") + (synopsis "CSS selectors for Python ElementTree") + (description "@code{cssselect2} is a straightforward implementation of +CSS3 Selectors for markup documents (HTML, XML, etc.) that can be read by +ElementTree-like parsers (including cElementTree, lxml, html5lib, etc.). + +Unlike the Python package @code{cssselect}, it does not translate selectors to +XPath and therefore does not have all the correctness corner cases that are +hard or impossible to fix in cssselect.") + (license license:bsd-3))) diff --git a/gnu/packages/python-xyz.scm b/gnu/packages/python-xyz.scm index cc64070ed0..7a2e1a7d81 100644 --- a/gnu/packages/python-xyz.scm +++ b/gnu/packages/python-xyz.scm @@ -166,14 +166,13 @@ (define-public python-psutil (package (name "python-psutil") - (version "5.6.2") + (version "5.6.3") (source (origin (method url-fetch) (uri (pypi-uri "psutil" version)) (sha256 - (base32 - "1v95vb5385qscfdvphv8l2w22bmir3d7yhpi02n58v3mlqy1r3l2")))) + (base32 "1wv31zly44qj0rp2acg58xbnc7bf6ffyadasq093l455q30qafl6")))) (build-system python-build-system) (arguments ;; FIXME: some tests does not return and times out. @@ -1924,13 +1923,13 @@ files.") (define-public python-pyld (package (name "python-pyld") - (version "1.0.3") + (version "1.0.5") (source (origin (method url-fetch) (uri (pypi-uri "PyLD" version)) (sha256 (base32 - "12i2g6xdj30k7xxcibg3sc5y76snwq8l6n8fy9lyi577kgy0h2pm")))) + "1ywbdbsrkg533qh8xn9ifjh2mvam6v5msrjyqq73jfpvcp89qvff")))) (build-system python-build-system) (home-page "https://github.com/digitalbazaar/pyld") (synopsis "Python implementation of the JSON-LD specification") @@ -3000,14 +2999,13 @@ receive files via the SCP1 protocol, as implemented by the OpenSSH (define-public python-rst.linker (package (name "python-rst.linker") - (version "1.10") + (version "1.11") (source (origin (method url-fetch) (uri (pypi-uri "rst.linker" version)) (sha256 - (base32 - "0iqaacp7pj1s8avs4kc0qg0r7dscywaq37y6l9j14glqdikk0wdj")))) + (base32 "0pqsfqqx8h0pq21k8l3k62kznrgaj2ala93c64s4d9rpbr4mgkd2")))) (build-system python-build-system) (propagated-inputs `(("python-dateutil" ,python-dateutil) @@ -6146,13 +6144,13 @@ Python.") (define-public snakemake (package (name "snakemake") - (version "5.2.4") + (version "5.7.1") (source (origin (method url-fetch) (uri (pypi-uri "snakemake" version)) (sha256 - (base32 "0gj0xxgiq3mp9qyyrbfzldiaq1giliqw0in64nqiz7vx49myqj7z")))) + (base32 "1pnpvvn8n2a78cg360wz3ldmpqrsm2wzi0c0dmvki9fnsw6fxdas")))) (build-system python-build-system) (arguments ;; TODO: Package missing test dependencies. @@ -6170,18 +6168,19 @@ Python.") "/bin/snakemake"))) #t))))) (propagated-inputs - `(("python-gitpython" ,python-gitpython) - ("python-wrapt" ,python-wrapt) - ("python-requests" ,python-requests) - ("python-appdirs" ,python-appdirs) + `(("python-appdirs" ,python-appdirs) ("python-configargparse" ,python-configargparse) ("python-datrie" ,python-datrie) ("python-docutils" ,python-docutils) + ("python-gitpython" ,python-gitpython) ("python-jinja2" ,python-jinja2) ("python-jsonschema" ,python-jsonschema) ("python-networkx" ,python-networkx) + ("python-psutil" ,python-psutil) ("python-pyyaml" ,python-pyyaml) - ("python-ratelimiter" ,python-ratelimiter))) + ("python-ratelimiter" ,python-ratelimiter) + ("python-requests" ,python-requests) + ("python-wrapt" ,python-wrapt))) (home-page "https://snakemake.readthedocs.io") (synopsis "Python-based execution environment for make-like workflows") (description @@ -6190,24 +6189,6 @@ providing a clean and modern domain specific specification language (DSL) in Python style, together with a fast and comfortable execution environment.") (license license:expat))) -;; This is currently needed for the pigx-* packages. -(define-public snakemake-4 - (package (inherit snakemake) - (version "4.4.0") - (source - (origin - (method url-fetch) - (uri (pypi-uri "snakemake" version)) - (sha256 - (base32 "0g0paia4z7w3srnqdmavq3hrb2x7qnpf81jx50njl0p7y4y0j8jv")))) - (propagated-inputs - `(("python-wrapt" ,python-wrapt) - ("python-requests" ,python-requests) - ("python-appdirs" ,python-appdirs) - ("python-configargparse" ,python-configargparse) - ("python-pyyaml" ,python-pyyaml) - ("python-ratelimiter" ,python-ratelimiter))))) - (define-public python-pyqrcode (package (name "python-pyqrcode") @@ -14854,14 +14835,13 @@ Included are implementations of: (define-public bpython (package (name "bpython") - (version "0.17.1") + (version "0.18") (source (origin (method url-fetch) (uri (pypi-uri "bpython" version)) (sha256 - (base32 - "0bxhxi5zxdkrf8b4gwn0d363kdz3qnypjwhm1aydki53ph8ca1w9")))) + (base32 "1hl6frgvr2lqaxqczl8amg9xih32b3gzv429vs0qrjb8wpdj1k2n")))) (build-system python-build-system) (arguments `(#:phases @@ -14884,10 +14864,10 @@ Included are implementations of: (propagated-inputs `(("python-pygments" ,python-pygments) ("python-requests" ,python-requests) - ("python-babel" ,python-babel) ; optional, for internationalization + ("python-babel" ,python-babel) ; optional, for internationalization ("python-curtsies" ,python-curtsies) ; >= 0.1.18 ("python-greenlet" ,python-greenlet) - ("python-urwid" ,python-urwid) ; for bpython-urwid only + ("python-urwid" ,python-urwid) ; for bpython-urwid only ("python-six" ,python-six))) (native-inputs `(("python-sphinx" ,python-sphinx) @@ -16610,3 +16590,57 @@ It is the recommended replacement for Python's original @code{distro} also provides a command-line interface to output the platform information in various formats.") (license license:asl2.0))) + +(define-public python-cairosvg + (package + (name "python-cairosvg") + (version "2.4.2") + (source + (origin + (method url-fetch) + (uri (pypi-uri "CairoSVG" version)) + (sha256 + (base32 "1bb7irxbaxxb9ahm3z5wsx1q96mm5gzskc7b6q07h9ikcnb8yrjf")))) + (build-system python-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ (invoke "pytest")))))) + (propagated-inputs + `(("python-cairocffi" ,python-cairocffi) + ("python-cssselect2" ,python-cssselect2) + ("python-defusedxml" ,python-defusedxml) + ("python-pillow" ,python-pillow) + ("python-tinycss2" ,python-tinycss2))) + (native-inputs + `(("python-pytest-flake8" ,python-pytest-flake8) + ("python-pytest-isort" ,python-pytest-isort) + ("python-pytest-runner" ,python-pytest-runner))) + (home-page "https://cairosvg.org/") + (synopsis "SVG to PDF/PS/PNG converter based on Cairo") + (description "CairoSVG is a SVG converter based on Cairo. It can export +SVG files to PDF, PostScript and PNG files. The main part of CairoSVG is a +SVG parser, trying to follow the SVG 1.1 recommendation from the W3C. Once +parsed, the result is drawn to a Cairo surface that can be exported to +qvarious formats: PDF, PostScript, PNG and even SVG.") + (license license:lgpl3+))) + +(define-public python-pyphen + (package + (name "python-pyphen") + (version "0.9.5") + (source + (origin + (method url-fetch) + (uri (pypi-uri "Pyphen" version)) + (sha256 + (base32 "08c9y69ry9d6m4zalhnalg86lsp9v2j5n1ziw5vxfmiihx83lqrv")))) + (build-system python-build-system) + ;; TODO: Use the Guix system hyphenation packages hyphen-* rather than the + ;; embedded set provided by upstream - like Debian does. + (home-page "https://github.com/Kozea/Pyphen") + (synopsis "Pure Python module to hyphenate text") + (description "Pyphen is a pure Python module to hyphenate text using +existing Hunspell hyphenation dictionaries.") + (license (list license:gpl2 license:lgpl2.1 license:mpl1.1)))) diff --git a/gnu/packages/rust-cbindgen.scm b/gnu/packages/rust-cbindgen.scm new file mode 100644 index 0000000000..9d20310346 --- /dev/null +++ b/gnu/packages/rust-cbindgen.scm @@ -0,0 +1,1019 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019 Efraim Flashner <efraim@flashner.co.il> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu packages rust-cbindgen) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system cargo)) + +(define-public rust-cbindgen + (package + (name "rust-cbindgen") + (version "0.9.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "cbindgen" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1zgamxahlxmg4warzivaa8m1f8d6b45mhznm7n6d7p5l18acdblx")))) + (build-system cargo-build-system) + (arguments + `(#:cargo-inputs + (("clap" ,rust-clap-2) + ("log" ,rust-log-0.4) + ("proc-macro2" ,rust-proc-macro2-1.0) + ("quote" ,rust-quote-1.0) + ("serde" ,rust-serde-1.0) + ("serde-json" ,rust-serde-json-1.0) + ("syn" ,rust-syn-1.0) + ("tempfile" ,rust-tempfile-3.0) + ("toml" ,rust-toml-0.5)) + #:cargo-development-inputs + (("ansi-term" ,rust-ansi-term-0.11) + ("atty" ,rust-atty-0.2) + ("autocfg" ,rust-autocfg-0.1) + ("bitflags" ,rust-bitflags-1.1) + ("cfg-if" ,rust-cfg-if-0.1) + ("cloudabi" ,rust-cloudabi-0.0) + ("fuchsia-cprng" ,rust-fuchsia-cprng-0.1) + ("itoa" ,rust-itoa-0.4) + ("libc" ,rust-libc-0.2) + ("numtoa" ,rust-numtoa-0.1) + ("rand" ,rust-rand-0.6) + ("rand-chacha" ,rust-rand-chacha-0.1) + ("rand-core" ,rust-rand-core-0.3) + ("rand-hc" ,rust-rand-hc-0.1) + ("rand-isaac" ,rust-rand-isaac-0.1) + ("rand-jitter" ,rust-rand-jitter-0.1) + ("rand-os" ,rust-rand-os-0.1) + ("rand-pcg" ,rust-rand-pcg-0.1) + ("rand-xorshift" ,rust-rand-xorshift-0.1) + ("rdrand" ,rust-rdrand-0.4) + ("redox-syscall" ,rust-redox-syscall-0.1) + ("redox-termios" ,rust-redox-termios-0.1) + ("remove-dir-all" ,rust-remove-dir-all-0.5) + ("ryu" ,rust-ryu-1.0) + ("serde-derive" ,rust-serde-derive-1.0) + ("strsim" ,rust-strsim-0.8) + ("termion" ,rust-termion-1.5) + ("textwrap" ,rust-textwrap-0.11) + ("unicode-width" ,rust-unicode-width-0.1) + ("unicode-xid" ,rust-unicode-xid-0.2) + ("vec-map" ,rust-vec-map-0.8) + ("winapi" ,rust-winapi-0.3)))) + (home-page "https://github.com/eqrion/cbindgen/") + (synopsis "Tool for generating C bindings to Rust code") + (description + "This package provides a tool for generating C/C++ bindings to Rust code.") + (license license:mpl2.0))) + +;;; +;;;^L +;;; + +(define rust-ansi-term-0.11 + (package + (name "rust-ansi-term") + (version "0.11.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "ansi_term" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "16wpvrghvd0353584i1idnsgm0r3vchg8fyrm0x8ayv1rgvbljgf")))) + (build-system cargo-build-system) + (home-page "https://github.com/ogham/rust-ansi-term") + (synopsis "Library for ANSI terminal colours and styles") + (description + "This is a library for controlling colours and formatting, such as red bold +text or blue underlined text, on ANSI terminals.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-atty-0.2 + (package + (name "rust-atty") + (version "0.2.13") + (source + (origin + (method url-fetch) + (uri (crate-uri "atty" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "140sswp1bwqwc4zk80bxkbnfb3g936hgrb77g9g0k1zcld3wc0qq")))) + (build-system cargo-build-system) + (home-page "https://github.com/softprops/atty") + (synopsis "A simple interface for querying atty") + (description + "This package provides a simple interface for querying atty.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-autocfg-0.1 + (package + (name "rust-autocfg") + (version "0.1.7") + (source + (origin + (method url-fetch) + (uri (crate-uri "autocfg" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1chwgimpx5z7xbag7krr9d8asxfqbh683qhgl9kn3hxk2l0djj8x")))) + (build-system cargo-build-system) + (home-page "https://github.com/cuviper/autocfg") + (synopsis "Automatic cfg for Rust compiler features") + (description "Rust library for build scripts to automatically configure +code based on compiler support. Code snippets are dynamically tested to see +if the @code{rustc} will accept them, rather than hard-coding specific version +support.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-bitflags-1.1 + (package + (name "rust-bitflags") + (version "1.1.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "bitflags" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1zc1qb1hwsnl2d8rhzicsv9kqd5b2hwbrscrcfw5as4sfr35659x")))) + (build-system cargo-build-system) + (home-page "https://github.com/bitflags/bitflags") + (synopsis "Macro to generate structures which behave like bitflags") + (description "This package provides a macro to generate structures which +behave like a set of bitflags.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-cfg-if-0.1 + (package + (name "rust-cfg-if") + (version "0.1.10") + (source + (origin + (method url-fetch) + (uri (crate-uri "cfg-if" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "08h80ihs74jcyp24cd75wwabygbbdgl05k6p5dmq8akbr78vv1a7")))) + (build-system cargo-build-system) + (home-page "https://github.com/alexcrichton/cfg-if") + (synopsis "Define an item depending on parameters") + (description "This package provides a macro to ergonomically define an item +depending on a large number of #[cfg] parameters. Structured like an +@code{if-else} chain, the first matching branch is the item that gets emitted.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-clap-2 + (package + (name "rust-clap") + (version "2.33.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "clap" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1nf6ld3bims1n5vfzhkvcb55pdzh04bbhzf8nil5vvw05nxzarsh")))) + (build-system cargo-build-system) + (home-page "https://clap.rs/") + (synopsis "Command Line Argument Parser") + (description + "This package provides a simple to use, efficient, and full-featured +Command Line Argument Parser.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-cloudabi-0.0 + (package + (name "rust-cloudabi") + (version "0.0.3") + (source + (origin + (method url-fetch) + (uri (crate-uri "cloudabi" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0kxcg83jlihy0phnd2g8c2c303px3l2p3pkjz357ll6llnd5pz6x")))) + (build-system cargo-build-system) + (home-page "https://nuxi.nl/cloudabi/") + (synopsis "Low level interface to CloudABI") + (description + "Low level interface to CloudABI. Contains all syscalls and related types.") + (properties '((hidden? . #t))) + (license license:bsd-2))) + +(define rust-fuchsia-cprng-0.1 + (package + (name "rust-fuchsia-cprng") + (version "0.1.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "fuchsia-cprng" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1fnkqrbz7ixxzsb04bsz9p0zzazanma8znfdqjvh39n14vapfvx0")))) + (build-system cargo-build-system) + (home-page "https://fuchsia.googlesource.com/fuchsia/+/master/garnet/public/rust/fuchsia-cprng") + (synopsis "Fuchsia cryptographically secure pseudorandom number generator") + (description "Thix package provides a rust crate for the Fuchsia +cryptographically secure pseudorandom number generator.") + (properties '((hidden? . #t))) + (license license:bsd-3))) + +(define rust-itoa-0.4 + (package + (name "rust-itoa") + (version "0.4.4") + (source + (origin + (method url-fetch) + (uri (crate-uri "itoa" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0zvg2d9qv3avhf3d8ggglh6fdyw8kkwqg3r4622ly5yhxnvnc4jh")))) + (build-system cargo-build-system) + (home-page "https://github.com/dtolnay/itoa") + (synopsis "Fast functions for printing integer primitives") + (description "This crate provides fast functions for printing integer +primitives to an @code{io::Write}.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-libc-0.2 + (package + (name "rust-libc") + (version "0.2.65") + (source + (origin + (method url-fetch) + (uri (crate-uri "libc" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1s14bjxnz6haw0gr1h3j4sr7s2s407hpgm8dxhwnl7yzgxia0c8s")))) + (build-system cargo-build-system) + (home-page "https://github.com/rust-lang/libc") + (synopsis "Raw FFI bindings to platform libraries like libc") + (description + "libc provides all of the definitions necessary to easily +interoperate with C code (or \"C-like\" code) on each of the platforms +that Rust supports. This includes type definitions (e.g., c_int), +constants (e.g., EINVAL) as well as function headers (e.g., malloc). + +This crate exports all underlying platform types, functions, and +constants under the crate root, so all items are accessible as +@samp{libc::foo}. The types and values of all the exported APIs match +the platform that libc is compiled for.") + (properties '((hidden? . #t))) + (license (list license:expat + license:asl2.0)))) + +(define rust-log-0.4 + (package + (name "rust-log") + (version "0.4.8") + (source + (origin + (method url-fetch) + (uri (crate-uri "log" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1xz18ixccl5c6np4linv3ypc7hpmmgpc5zzd2ymp2ssfx0mhbdhl")))) + (build-system cargo-build-system) + (home-page "https://github.com/rust-lang/log") + (synopsis "Lightweight logging facade for Rust") + (description + "This package provides a lightweight logging facade for Rust.") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-numtoa-0.1 + (package + (name "rust-numtoa") + (version "0.1.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "numtoa" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1vs9rhggqbql1p26x8nkha1j06wawwgb2jp5fs88b5gi7prvvy5q")))) + (build-system cargo-build-system) + (home-page "https://gitlab.com/mmstick/numtoa") + (synopsis "Convert numbers into stack-allocated byte arrays") + (description + "This package can convert numbers into stack-allocated byte arrays.") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-proc-macro2-1.0 + (package + (name "rust-proc-macro2") + (version "1.0.6") + (source + (origin + (method url-fetch) + (uri (crate-uri "proc-macro2" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "09rgb5ab0jgw39kyad0lgqs4nb9yaf7mwcrgxqnsxbn4il54g7lw")))) + (build-system cargo-build-system) + (home-page "https://github.com/alexcrichton/proc-macro2") + (synopsis "Stable implementation of the upcoming new `proc_macro` API") + (description "This package provides a stable implementation of the upcoming new +`proc_macro` API. Comes with an option, off by default, to also reimplement itself +in terms of the upstream unstable API.") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-quote-1.0 + (package + (name "rust-quote") + (version "1.0.2") + (source + (origin + (method url-fetch) + (uri (crate-uri "quote" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1zkc46ryacf2jdkc6krsy2z615xbk1x8kp1830rcxz3irj5qqfh5")))) + (build-system cargo-build-system) + (home-page "https://github.com/dtolnay/quote") + (synopsis "Quasi-quoting macro quote!(...)") + (description "Quasi-quoting macro quote!(...)") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-rand-0.6 + (package + (name "rust-rand") + (version "0.6.5") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1jl4449jcl4wgmzld6ffwqj5gwxrp8zvx8w573g1z368qg6xlwbd")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand") + (synopsis "Random number generators and other randomness functionality") + (description + "This package contains random number generators and other randomness +functionality.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-chacha-0.1 + (package + (name "rust-rand-chacha") + (version "0.1.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_chacha" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1vxwyzs4fy1ffjc8l00fsyygpiss135irjf7nyxgq2v0lqf3lvam")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_chacha") + (synopsis "ChaCha random number generator") + (description "ChaCha random number generator") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-core-0.4 + (package + (name "rust-rand-core") + (version "0.4.2") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_core" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1p09ynysrq1vcdlmcqnapq4qakl2yd1ng3kxh3qscpx09k2a6cww")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_core") + (synopsis + "Core random number generator traits and tools for implementation.") + (description + "Core random number generator traits and tools for implementation.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-core-0.3 + (package + (inherit rust-rand-core-0.4) + (name "rust-rand-core") + (version "0.3.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_core" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0jzdgszfa4bliigiy4hi66k7fs3gfwi2qxn8vik84ph77fwdwvvs")))) + ;; This version is a 0.3 API wrapper around the 0.4 version. + (arguments + `(#:cargo-inputs (("rand-core" ,rust-rand-core-0.4)))))) + +(define rust-rand-hc-0.1 + (package + (name "rust-rand-hc") + (version "0.1.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_hc" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1i0vl8q5ddvvy0x8hf1zxny393miyzxkwqnw31ifg6p0gdy6fh3v")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_hc") + (synopsis "HC128 random number generator") + (description "HC128 random number generator") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-isaac-0.1 + (package + (name "rust-rand-isaac") + (version "0.1.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_isaac" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "027flpjr4znx2csxk7gxb7vrf9c7y5mydmvg5az2afgisp4rgnfy")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_isaac") + (synopsis "ISAAC random number generator") + (description "ISAAC random number generator") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-jitter-0.1 + (package + (name "rust-rand-jitter") + (version "0.1.4") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_jitter" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "16z387y46bfz3csc42zxbjq89vcr1axqacncvv8qhyy93p4xarhi")))) + (build-system cargo-build-system) + (home-page "https://github.com/rust-random/rand") + (synopsis + "Random number generator based on timing jitter") + (description + "Random number generator based on timing jitter") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-os-0.1 + (package + (name "rust-rand-os") + (version "0.1.3") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_os" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0wahppm0s64gkr2vmhcgwc0lij37in1lgfxg5rbgqlz0l5vgcxbv")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_os") + (synopsis "OS backed Random Number Generator") + (description "OS backed Random Number Generator") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-pcg-0.1 + (package + (name "rust-rand-pcg") + (version "0.1.2") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_pcg" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0i0bdla18a8x4jn1w0fxsbs3jg7ajllz6azmch1zw33r06dv1ydb")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_pcg") + (synopsis + "Selected PCG random number generators") + (description + "Selected PCG random number generators") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rand-xorshift-0.1 + (package + (name "rust-rand-xorshift") + (version "0.1.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "rand_xorshift" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0p2x8nr00hricpi2m6ca5vysiha7ybnghz79yqhhx6sl4gkfkxyb")))) + (build-system cargo-build-system) + (home-page "https://crates.io/crates/rand_xorshift") + (synopsis "Xorshift random number generator") + (description + "Xorshift random number generator") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-rdrand-0.4 + (package + (name "rust-rdrand") + (version "0.4.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "rdrand" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1cjq0kwx1bk7jx3kzyciiish5gqsj7620dm43dc52sr8fzmm9037")))) + (build-system cargo-build-system) + (home-page "https://github.com/nagisa/rust_rdrand/") + (synopsis "Random number generator") + (description + "This package is an implementation of random number generator based on +@code{rdrand} and @cpde{rdseed} instructions") + (properties '((hidden? . #t))) + (license license:isc))) + +(define rust-redox-syscall-0.1 + (package + (name "rust-redox-syscall") + (version "0.1.56") + (source + (origin + (method url-fetch) + (uri (crate-uri "redox_syscall" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "110y7dyfm2vci4x5vk7gr0q551dvp31npl99fnsx2fb17wzwcf94")))) + (build-system cargo-build-system) + (home-page "https://gitlab.redox-os.org/redox-os/syscall") + (synopsis "Rust library to access raw Redox system calls") + (description "This package provides a Rust library to access raw Redox +system calls.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-redox-termios-0.1 + (package + (name "rust-redox-termios") + (version "0.1.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "redox-termios" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0xhgvdh62mymgdl3jqrngl8hr4i8xwpnbsxnldq0l47993z1r2by")))) + (build-system cargo-build-system) + (home-page "https://github.com/redox-os/termios") + (synopsis "Rust library to access Redox termios functions") + (description + "This package provides a Rust library to access Redox termios functions.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-remove-dir-all-0.5 + (package + (name "rust-remove-dir-all") + (version "0.5.2") + (source + (origin + (method url-fetch) + (uri (crate-uri "remove-dir-all" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0bkrlyg26mgizpiy1yb2hhpgscxcag8r5fnckqsvk25608vzm0sa")))) + (build-system cargo-build-system) + (home-page "https://github.com/XAMPPRocky/remove_dir_all.git") + (synopsis "Implementation of remove_dir_all for Windows") + (description + "This package provides a safe, reliable implementation of remove_dir_all +for Windows.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-ryu-1.0 + (package + (name "rust-ryu") + (version "1.0.2") + (source + (origin + (method url-fetch) + (uri (crate-uri "ryu" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1j0h74f1xqf9hjkhanp8i20mqc1aw35kr1iq9i79q7713mn51a5z")))) + (build-system cargo-build-system) + (home-page "https://github.com/dtolnay/ryu") + (synopsis + "Fast floating point to string conversion") + (description + "Fast floating point to string conversion") + (properties '((hidden? . #t))) + (license (list license:asl2.0 license:boost1.0)))) + +(define rust-serde-1.0 + (package + (name "rust-serde") + (version "1.0.101") + (source + (origin + (method url-fetch) + (uri (crate-uri "serde" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1p8r24hagcsrl92w5z32nfrg9040qkgqf8iwwnf7mzigpavwk5lp")))) + (build-system cargo-build-system) + (home-page "https://serde.rs") + (synopsis "Generic serialization/deserialization framework") + (description + "This package provides a generic serialization/deserialization framework.") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-serde-derive-1.0 + (package + (name "rust-serde-derive") + (version "1.0.101") + (source + (origin + (method url-fetch) + (uri (crate-uri "serde-derive" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0bn0wz3j48248187mfmypyqnh73mq734snxxhr05vmgcl51kl4sb")))) + (build-system cargo-build-system) + (home-page "https://serde.rs") + (synopsis + "Macros 1.1 implementation of #[derive(Serialize, Deserialize)]") + (description + "Macros 1.1 implementation of #[derive(Serialize, Deserialize)]") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-serde-json-1.0 + (package + (name "rust-serde-json") + (version "1.0.41") + (source + (origin + (method url-fetch) + (uri (crate-uri "serde-json" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1hipk84x40454mf599752mi7l08wb8qakz8vd6d3zp57d0mfnwig")))) + (build-system cargo-build-system) + (home-page "https://github.com/serde-rs/json") + (synopsis "A JSON serialization file format") + (description + "This package provides a JSON serialization file format.") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-strsim-0.8 + (package + (name "rust-strsim") + (version "0.8.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "strsim" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0sjsm7hrvjdifz661pjxq5w4hf190hx53fra8dfvamacvff139cf")))) + (build-system cargo-build-system) + (home-page "https://github.com/dguo/strsim-rs") + (synopsis "Rust implementations of string similarity metrics") + (description "This crate includes implementations of string similarity +metrics. It includes Hamming, Levenshtein, OSA, Damerau-Levenshtein, Jaro, +and Jaro-Winkler.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-syn-1.0 + (package + (name "rust-syn") + (version "1.0.5") + (source + (origin + (method url-fetch) + (uri (crate-uri "syn" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1gw03w7lzrlqmp2vislcybikgl5wkhrqi6sy70w93xss2abhx1b6")))) + (build-system cargo-build-system) + (home-page "https://github.com/dtolnay/syn") + (synopsis "Parser for Rust source code") + (description "Parser for Rust source code") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-tempfile-3.0 + (package + (name "rust-tempfile") + (version "3.0.8") + (source + (origin + (method url-fetch) + (uri (crate-uri "tempfile" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1vqk7aq2l04my2r3jiyyxirnf8f90nzcvjasvrajivb85s7p7i3x")))) + (build-system cargo-build-system) + (home-page "http://stebalien.com/projects/tempfile-rs") + (synopsis "Library for managing temporary files and directories") + (description + "This package provides a library for managing temporary files and +directories.") + (properties '((hidden? . #t))) + (license (list license:expat license:asl2.0)))) + +(define rust-termion-1.5 + (package + (name "rust-termion") + (version "1.5.3") + (source + (origin + (method url-fetch) + (uri (crate-uri "termion" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0c634rg520zjjfhwnxrc2jbfjz7db0rcpsjs1qici0nyghpv53va")))) + (build-system cargo-build-system) + (home-page "https://gitlab.redox-os.org/redox-os/termion") + (synopsis "Library for manipulating terminals") + (description + "This package provides a bindless library for manipulating terminals.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-textwrap-0.11 + (package + (name "rust-textwrap") + (version "0.11.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "textwrap" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0q5hky03ik3y50s9sz25r438bc4nwhqc6dqwynv4wylc807n29nk")))) + (build-system cargo-build-system) + (home-page "https://github.com/mgeisler/textwrap") + (synopsis "Library for word wrapping, indenting, and dedenting strings") + (description + "Textwrap is a small library for word wrapping, indenting, and dedenting +strings. You can use it to format strings (such as help and error messages) +for display in commandline applications. It is designed to be efficient and +handle Unicode characters correctly.") + (properties '((hidden? . #t))) + (license license:expat))) + +(define rust-toml-0.5 + (package + (name "rust-toml") + (version "0.5.3") + (source + (origin + (method url-fetch) + (uri (crate-uri "toml" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "093p48vpqm4bb8q3514xsij0dkljxlr3jp9ypxr4p48xjisvxan7")))) + (build-system cargo-build-system) + (home-page "https://github.com/alexcrichton/toml-rs") + (synopsis "Rust encoder and decoder of TOML-formatted files and streams") + (description + "This package provides a native Rust encoder and decoder of TOML-formatted +files and streams. Provides implementations of the standard +Serialize/Deserialize traits for TOML data to facilitate deserializing and +serializing Rust structures.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-unicode-width-0.1 + (package + (name "rust-unicode-width") + (version "0.1.6") + (source + (origin + (method url-fetch) + (uri (crate-uri "unicode-width" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "082f9hv1r3gcd1xl33whjhrm18p0w9i77zhhhkiccb5r47adn1vh")))) + (build-system cargo-build-system) + (home-page "https://github.com/unicode-rs/unicode-width") + (synopsis "Determine displayed width according to Unicode rules") + (description "This crate allows you to determine displayed width of +@code{char} and @code{str} types according to Unicode Standard Annex #11 rules.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-unicode-xid-0.2 + (package + (name "rust-unicode-xid") + (version "0.2.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "unicode-xid" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0z09fn515xm7zyr0mmdyxa9mx2f7azcpv74pqmg611iralwpcvl2")))) + (build-system cargo-build-system) + (home-page "https://github.com/unicode-rs/unicode-xid") + (synopsis "Determine Unicode XID related properties") + (description "Determine whether characters have the XID_Start +or XID_Continue properties according to Unicode Standard Annex #31.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 license:expat)))) + +(define rust-vec-map-0.8 + (package + (name "rust-vec-map") + (version "0.8.1") + (source + (origin + (method url-fetch) + (uri (crate-uri "vec_map" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "06n8hw4hlbcz328a3gbpvmy0ma46vg1lc0r5wf55900szf3qdiq5")))) + (build-system cargo-build-system) + (home-page "https://github.com/contain-rs/vec-map") + (synopsis "Simple map based on a vector for small integer keys") + (description + "This package provides a simple map based on a vector for small integer keys.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-winapi-0.3 + (package + (name "rust-winapi") + (version "0.3.8") + (source + (origin + (method url-fetch) + (uri (crate-uri "winapi" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1ii9j9lzrhwri0902652awifzx9fpayimbp6hfhhc296xcg0k4w0")))) + (build-system cargo-build-system) + ;; This package depends unconditionally on these two crates. + (arguments + `(#:cargo-inputs + (("winapi-i686-pc-windows-gnu" ,rust-winapi-i686-pc-windows-gnu-0.4) + ("winapi-x86-64-pc-windows-gnu" ,rust-winapi-x86-64-pc-windows-gnu-0.4)))) + (home-page "https://github.com/retep998/winapi-rs") + (synopsis "Raw FFI bindings for all of Windows API") + (description + "This package contains raw FFI bindings for all of Windows API.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define-public rust-winapi-i686-pc-windows-gnu-0.4 + (package + (name "rust-winapi-i686-pc-windows-gnu") + (version "0.4.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "winapi-i686-pc-windows-gnu" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "1dmpa6mvcvzz16zg6d5vrfy4bxgg541wxrcip7cnshi06v38ffxc")))) + (build-system cargo-build-system) + (home-page "https://github.com/retep998/winapi-rs") + (synopsis "Import libraries for the i686-pc-windows-gnu target") + (description "This crate provides import libraries for the +i686-pc-windows-gnu target. Please don't use this crate directly, depend on +@code{winapi} instead.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) + +(define rust-winapi-x86-64-pc-windows-gnu-0.4 + (package + (name "rust-winapi-x86-64-pc-windows-gnu") + (version "0.4.0") + (source + (origin + (method url-fetch) + (uri (crate-uri "winapi-x86_64-pc-windows-gnu" version)) + (file-name (string-append name "-" version ".crate")) + (sha256 + (base32 + "0gqq64czqb64kskjryj8isp62m2sgvx25yyj3kpc2myh85w24bki")))) + (build-system cargo-build-system) + (home-page "https://github.com/retep998/winapi-rs") + (synopsis "Import libraries for the x86_64-pc-windows-gnu target") + (description "This package provides import libraries for the +x86_64-pc-windows-gnu target. Please don't use this crate directly, depend on +@code{winapi} instead.") + (properties '((hidden? . #t))) + (license (list license:asl2.0 + license:expat)))) diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm index 4b1ba98e2f..66bb2755d2 100644 --- a/gnu/packages/statistics.scm +++ b/gnu/packages/statistics.scm @@ -1848,16 +1848,18 @@ times.") (define-public r-data-table (package (name "r-data-table") - (version "1.12.4") + (version "1.12.6") (source (origin (method url-fetch) (uri (cran-uri "data.table" version)) (sha256 (base32 - "0zdcbr4nixvl8ga4mp9pw1dfww35dzhzpb6ixajqasiri824m7i9")))) + "1kgbnm5gv7ax7qn8irpz7qsry2ci21axga8y7qpkidcqkxkkndn2")))) (build-system r-build-system) (inputs `(("zlib" ,zlib))) + (native-inputs + `(("pkg-config" ,pkg-config))) (home-page "https://github.com/Rdatatable/data.table/wiki") (synopsis "Enhanced version of data.frame R object") (description @@ -5733,16 +5735,16 @@ shaped points? Now you can!") (define-public r-colorout (package (name "r-colorout") - (version "1.2-0") + (version "1.2-2") (source (origin - (method url-fetch) - (uri (string-append "https://github.com/jalvesaq/colorout/archive/" - "v" version ".tar.gz")) - (file-name (string-append name "-" version ".tar.gz")) + (method git-fetch) + (uri (git-reference + (url "https://github.com/jalvesaq/colorout.git") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) (sha256 - (base32 - "07vqx5ihgnq4dzn5jnfjfhdm3957v4prvf8vhnb3cwvlly4l7p9v")))) + (base32 "1rsx69wjpa73c6x2hacvvvbzdzxn7wg06gizf97kasjdlb7azmp3")))) (build-system r-build-system) (home-page "https://github.com/jalvesaq/colorout") (synopsis "Colorize output in the R REPL") diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 3aa3efbfb8..76370b7925 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -522,13 +522,13 @@ netcat implementation that supports TLS.") (package (name "python-acme") ;; Remember to update the hash of certbot when updating python-acme. - (version "0.37.2") + (version "0.39.0") (source (origin (method url-fetch) (uri (pypi-uri "acme" version)) (sha256 (base32 - "0p3zqhna9p8iy5i9mfhzdf5bmjigs05r6rlwnxykk4n67fp8yyc8")))) + "021nyzld949ahrhamlcgmzmk8r1gxrbs8wypnks08s6y2rfvgz52")))) (build-system python-build-system) (arguments `(#:phases @@ -579,7 +579,7 @@ netcat implementation that supports TLS.") (uri (pypi-uri "certbot" version)) (sha256 (base32 - "1xbfv4fwkgfp9qqzlk8wxbhchc61349m26q9fg35j9fnm253cm74")))) + "1q6zmnfyyk4rhsjg9s2gxx1ciink57ybnv32dgw8m2059lffwp48")))) (build-system python-build-system) (arguments `(,@(substitute-keyword-arguments (package-arguments python-acme) @@ -613,6 +613,7 @@ netcat implementation that supports TLS.") ("python-pyopenssl" ,python-pyopenssl) ("python-configobj" ,python-configobj) ("python-configargparse" ,python-configargparse) + ("python-distro" ,python-distro) ("python-zope-component" ,python-zope-component) ("python-parsedatetime" ,python-parsedatetime) ("python-six" ,python-six) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 8f2c0eda78..5b7b529fd6 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -688,8 +688,8 @@ streams.") (source (origin (method url-fetch) (uri (string-append - "mirror://sourceforge/" name "/" name "/" - version "/" name "-" version ".tar.gz")) + "mirror://sourceforge/libdv/libdv/" + version "/libdv-" version ".tar.gz")) (sha256 (base32 "1fl96f2xh2slkv1i1ix7kqk576a0ak1d33cylm0mbhm96d0761d3")))) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 612074473b..6aa4ebf0bb 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -2363,14 +2363,14 @@ HTTP requests.") (define-public perl-cgi-simple (package (name "perl-cgi-simple") - (version "1.21") + (version "1.22") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/M/MA/MANWAR/" "CGI-Simple-" version ".tar.gz")) (sha256 - (base32 "1wzc2igs4khmj7zfahvs87c24p9ks8hnqhhsyviyiix53xx2y6sg")))) + (base32 "13c7iwnnavky10ab87pi8jc1kqph03s0rhvj7myn7szhbfisc4gn")))) (build-system perl-build-system) (native-inputs `(("perl-io-stringy" ,perl-io-stringy) ; for IO::Scalar @@ -4044,11 +4044,11 @@ CDF, Atom 0.3, and Atom 1.0 feeds.") "0awfvps7k9bpg3gpgc93y401g7pjabx7mr9960vigad8vddhixqi")))) (build-system gnu-build-system) (arguments - '(#:tests? #f ; TODO Tests require PostgreSQL - #:modules ((guix build utils) + '(#:modules ((guix build utils) (guix build gnu-build-system) (ice-9 rdelim) (ice-9 popen)) + #:test-target "check-with-tmp-database" #:phases (modify-phases %standard-phases (add-after 'set-paths 'set-GUIX_ENVIRONMENT @@ -4106,6 +4106,7 @@ CDF, Atom 0.3, and Atom 1.0 feeds.") `(("guile" ,guile-2.2) ("autoconf" ,autoconf) ("automake" ,automake) + ("ephemeralpg" ,ephemeralpg) ("emacs-with-modules" ,(directory-union "emacs-union" (list emacs-no-x diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index d1c27a65a7..e73432ba3a 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -318,7 +318,7 @@ integrate Windows applications into your desktop.") (define-public wine-staging-patchset-data (package (name "wine-staging-patchset-data") - (version "4.16") + (version "4.18") (source (origin (method git-fetch) @@ -327,8 +327,7 @@ integrate Windows applications into your desktop.") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 - (base32 - "0zkvwl6rxr6xcqk4a3h43cak67w6bcyqqnajz6azif07ir3z1c61")))) + (base32 "03z0haf47mpm2aj9cji3wma4jy6j12wz10kkbgmbgrkkrc5lcqc2")))) (build-system trivial-build-system) (native-inputs `(("bash" ,bash) @@ -374,7 +373,7 @@ integrate Windows applications into your desktop.") (file-name (string-append name "-" version ".tar.xz")) (sha256 (base32 - "17qxbddv23ibbayw1ai984m0dlq63cgplms2jhsc09incjhafywd")))) + "0chf6vdy41kg75liibkb862442zwi8dbjzf6l5arcy2z4580a2yi")))) (inputs `(("autoconf" ,autoconf) ; for autoreconf ("faudio" ,faudio) ("ffmpeg" ,ffmpeg) diff --git a/gnu/services/base.scm b/gnu/services/base.scm index e75c56828e..b1eff89ecc 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -990,7 +990,6 @@ to use as the tty. This is primarily useful for headless systems." erase-characters kill-characters chdir delay nice extra-options) (list (shepherd-service - (modules '((ice-9 match) (gnu build linux-boot))) (documentation "Run agetty on a tty.") (provision (list (symbol-append 'term- (string->symbol (or tty "auto"))))) @@ -1000,122 +999,126 @@ to use as the tty. This is primarily useful for headless systems." ;; mingetty-shepherd-service). (requirement '(user-processes host-name udev)) - (start #~(lambda args - (let ((defaulted-tty #$(or tty (default-serial-port)))) - (apply - (if defaulted-tty - (make-forkexec-constructor - (list #$(file-append util-linux "/sbin/agetty") - #$@extra-options - #$@(if eight-bits? - #~("--8bits") - #~()) - #$@(if no-reset? - #~("--noreset") - #~()) - #$@(if remote? - #~("--remote") - #~()) - #$@(if flow-control? - #~("--flow-control") - #~()) - #$@(if host - #~("--host" #$host) - #~()) - #$@(if no-issue? - #~("--noissue") - #~()) - #$@(if init-string - #~("--init-string" #$init-string) - #~()) - #$@(if no-clear? - #~("--noclear") - #~()) + (modules '((ice-9 match) (gnu build linux-boot))) + (start + (with-imported-modules (source-module-closure + '((gnu build linux-boot))) + #~(lambda args + (let ((defaulted-tty #$(or tty (default-serial-port)))) + (apply + (if defaulted-tty + (make-forkexec-constructor + (list #$(file-append util-linux "/sbin/agetty") + #$@extra-options + #$@(if eight-bits? + #~("--8bits") + #~()) + #$@(if no-reset? + #~("--noreset") + #~()) + #$@(if remote? + #~("--remote") + #~()) + #$@(if flow-control? + #~("--flow-control") + #~()) + #$@(if host + #~("--host" #$host) + #~()) + #$@(if no-issue? + #~("--noissue") + #~()) + #$@(if init-string + #~("--init-string" #$init-string) + #~()) + #$@(if no-clear? + #~("--noclear") + #~()) ;;; FIXME This doesn't work as expected. According to agetty(8), if this option ;;; is not passed, then the default is 'auto'. However, in my tests, when that ;;; option is selected, agetty never presents the login prompt, and the ;;; term-ttyS0 service respawns every few seconds. - #$@(if local-line - #~(#$(match local-line - ('auto "--local-line=auto") - ('always "--local-line=always") - ('never "-local-line=never"))) - #~()) - #$@(if tty - #~() - #~("--keep-baud")) - #$@(if extract-baud? - #~("--extract-baud") - #~()) - #$@(if skip-login? - #~("--skip-login") - #~()) - #$@(if no-newline? - #~("--nonewline") - #~()) - #$@(if login-options - #~("--login-options" #$login-options) - #~()) - #$@(if chroot - #~("--chroot" #$chroot) - #~()) - #$@(if hangup? - #~("--hangup") - #~()) - #$@(if keep-baud? - #~("--keep-baud") - #~()) - #$@(if timeout - #~("--timeout" #$(number->string timeout)) - #~()) - #$@(if detect-case? - #~("--detect-case") - #~()) - #$@(if wait-cr? - #~("--wait-cr") - #~()) - #$@(if no-hints? - #~("--nohints?") - #~()) - #$@(if no-hostname? - #~("--nohostname") - #~()) - #$@(if long-hostname? - #~("--long-hostname") - #~()) - #$@(if erase-characters - #~("--erase-chars" #$erase-characters) - #~()) - #$@(if kill-characters - #~("--kill-chars" #$kill-characters) - #~()) - #$@(if chdir - #~("--chdir" #$chdir) - #~()) - #$@(if delay - #~("--delay" #$(number->string delay)) - #~()) - #$@(if nice - #~("--nice" #$(number->string nice)) - #~()) - #$@(if auto-login - (list "--autologin" auto-login) - '()) - #$@(if login-program - #~("--login-program" #$login-program) - #~()) - #$@(if login-pause? - #~("--login-pause") - #~()) - defaulted-tty - #$@(if baud-rate - #~(#$baud-rate) - #~()) - #$@(if term - #~(#$term) - #~()))) - (const #f)) ; never start. - args)))) + #$@(if local-line + #~(#$(match local-line + ('auto "--local-line=auto") + ('always "--local-line=always") + ('never "-local-line=never"))) + #~()) + #$@(if tty + #~() + #~("--keep-baud")) + #$@(if extract-baud? + #~("--extract-baud") + #~()) + #$@(if skip-login? + #~("--skip-login") + #~()) + #$@(if no-newline? + #~("--nonewline") + #~()) + #$@(if login-options + #~("--login-options" #$login-options) + #~()) + #$@(if chroot + #~("--chroot" #$chroot) + #~()) + #$@(if hangup? + #~("--hangup") + #~()) + #$@(if keep-baud? + #~("--keep-baud") + #~()) + #$@(if timeout + #~("--timeout" #$(number->string timeout)) + #~()) + #$@(if detect-case? + #~("--detect-case") + #~()) + #$@(if wait-cr? + #~("--wait-cr") + #~()) + #$@(if no-hints? + #~("--nohints?") + #~()) + #$@(if no-hostname? + #~("--nohostname") + #~()) + #$@(if long-hostname? + #~("--long-hostname") + #~()) + #$@(if erase-characters + #~("--erase-chars" #$erase-characters) + #~()) + #$@(if kill-characters + #~("--kill-chars" #$kill-characters) + #~()) + #$@(if chdir + #~("--chdir" #$chdir) + #~()) + #$@(if delay + #~("--delay" #$(number->string delay)) + #~()) + #$@(if nice + #~("--nice" #$(number->string nice)) + #~()) + #$@(if auto-login + (list "--autologin" auto-login) + '()) + #$@(if login-program + #~("--login-program" #$login-program) + #~()) + #$@(if login-pause? + #~("--login-pause") + #~()) + defaulted-tty + #$@(if baud-rate + #~(#$baud-rate) + #~()) + #$@(if term + #~(#$term) + #~()))) + (const #f)) ; never start. + args))))) (stop #~(make-kill-destructor))))))) (define agetty-service-type diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 5a7f8be4bb..449b606a31 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -580,7 +580,7 @@ include the @command{udisksctl} command, part of UDisks, and GNOME Disks." (define-record-type* <elogind-configuration> elogind-configuration make-elogind-configuration - elogind-configuration + elogind-configuration? (elogind elogind-package (default elogind)) (kill-user-processes? elogind-kill-user-processes? @@ -834,7 +834,7 @@ accountsservice web site} for more information." (define-record-type* <gnome-desktop-configuration> gnome-desktop-configuration make-gnome-desktop-configuration - gnome-desktop-configuration + gnome-desktop-configuration? (gnome-package gnome-package (default gnome))) (define (gnome-polkit-settings config) @@ -872,7 +872,7 @@ and extends polkit with the actions from @code{gnome-settings-daemon}." (define-record-type* <mate-desktop-configuration> mate-desktop-configuration make-mate-desktop-configuration - mate-desktop-configuration + mate-desktop-configuration? (mate-package mate-package (default mate))) (define mate-desktop-service-type @@ -905,7 +905,7 @@ and extends polkit with the actions from @code{mate-settings-daemon}." (define-record-type* <xfce-desktop-configuration> xfce-desktop-configuration make-xfce-desktop-configuration - xfce-desktop-configuration + xfce-desktop-configuration? (xfce xfce-package (default xfce))) (define (xfce-polkit-settings config) @@ -1028,23 +1028,29 @@ as expected."))) (default "wacom")) (device inputattach-configuration-device (default "/dev/ttyS0")) + (baud-rate inputattach-configuration-baud-rate + (default #f)) (log-file inputattach-configuration-log-file (default #f))) (define inputattach-shepherd-service (match-lambda - (($ <inputattach-configuration> type device log-file) - (list (shepherd-service - (provision '(inputattach)) - (requirement '(udev)) - (documentation "inputattach daemon") - (start #~(make-forkexec-constructor - (list (string-append #$inputattach - "/bin/inputattach") - (string-append "--" #$type) - #$device) - #:log-file #$log-file)) - (stop #~(make-kill-destructor))))))) + (($ <inputattach-configuration> type device baud-rate log-file) + (let ((args (append (if baud-rate + (list "--baud-rate" (number->string baud-rate)) + '()) + (list (string-append "--" type) + device)))) + (list (shepherd-service + (provision '(inputattach)) + (requirement '(udev)) + (documentation "inputattach daemon") + (start #~(make-forkexec-constructor + (cons (string-append #$inputattach + "/bin/inputattach") + (quote #$args)) + #:log-file #$log-file)) + (stop #~(make-kill-destructor)))))))) (define inputattach-service-type (service-type diff --git a/gnu/services/sddm.scm b/gnu/services/sddm.scm index b0e6d40260..ac8c9a8403 100644 --- a/gnu/services/sddm.scm +++ b/gnu/services/sddm.scm @@ -30,6 +30,7 @@ #:use-module (gnu system shadow) #:use-module (guix gexp) #:use-module (guix records) + #:use-module (guix deprecation) #:export (sddm-configuration sddm-configuration? sddm-service-type @@ -316,9 +317,14 @@ Relogin=" (if (sddm-configuration-relogin? config) (service-extension account-service-type (const %sddm-accounts)) (service-extension profile-service-type - sddm-profile-service))))) + sddm-profile-service))) + (default-value (sddm-configuration)) + (description + "Run SDDM, a display and log-in manager for X11 and +Wayland."))) -(define* (sddm-service #:optional (config (sddm-configuration))) +(define-deprecated (sddm-service #:optional (config (sddm-configuration))) + sddm-service-type "Run the @uref{https://github.com/sddm/sddm,SSDM display manager} with the given @var{config}, a @code{<sddm-configuration>} object." (service sddm-service-type config)) diff --git a/guix/build/download.scm b/guix/build/download.scm index 0c9c61de4b..a4c91550a6 100644 --- a/guix/build/download.scm +++ b/guix/build/download.scm @@ -172,7 +172,8 @@ session record port using PORT as its underlying communication port." (define %x509-certificate-directory ;; The directory where X.509 authority PEM certificates are stored. (make-parameter (or (getenv "GUIX_TLS_CERTIFICATE_DIRECTORY") - (getenv "SSL_CERT_DIR")))) ;like OpenSSL + (getenv "SSL_CERT_DIR") ;like OpenSSL + "/etc/ssl/certs"))) (define (set-certificate-credentials-x509-trust-file!* cred file format) "Like 'set-certificate-credentials-x509-trust-file!', but without the file diff --git a/guix/cve.scm b/guix/cve.scm index 99754fa1f6..903d94a8a6 100644 --- a/guix/cve.scm +++ b/guix/cve.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,21 +19,43 @@ (define-module (guix cve) #:use-module (guix utils) #:use-module (guix http-client) - #:use-module (sxml ssax) + #:use-module (guix json) + #:use-module (guix i18n) + #:use-module (json) #:use-module (web uri) #:use-module (srfi srfi-1) #:use-module (srfi srfi-9) #:use-module (srfi srfi-11) #:use-module (srfi srfi-19) #:use-module (srfi srfi-26) + #:use-module (srfi srfi-34) + #:use-module (srfi srfi-35) #:use-module (ice-9 match) #:use-module (ice-9 regex) #:use-module (ice-9 vlist) - #:export (vulnerability? + #:export (json->cve-items + + cve-item? + cve-item-cve + cve-item-configurations + cve-item-published-date + cve-item-last-modified-date + + cve? + cve-id + cve-data-type + cve-data-format + cvs-references + + cve-reference? + cve-reference-url + cve-reference-tags + + vulnerability? vulnerability-id vulnerability-packages - xml->vulnerabilities + json->vulnerabilities current-vulnerabilities vulnerabilities->lookup-proc)) @@ -41,15 +63,174 @@ ;;; ;;; This modules provides the tools to fetch, parse, and digest part of the ;;; Common Vulnerabilities and Exposures (CVE) feeds provided by the US NIST -;;; at <https://nvd.nist.gov/download.cfm#CVE_FEED>. +;;; at <https://nvd.nist.gov/vuln/data-feeds>. ;;; ;;; Code: -(define-record-type <vulnerability> - (vulnerability id packages) - vulnerability? - (id vulnerability-id) ;string - (packages vulnerability-packages)) ;((p1 v1 v2 v3) (p2 v1) ...) +(define (string->date* str) + (string->date str "~Y-~m-~dT~H:~M~z")) + +(define-json-mapping <cve-item> cve-item cve-item? + json->cve-item + (cve cve-item-cve "cve" json->cve) ;<cve> + (configurations cve-item-configurations ;list of sexps + "configurations" configuration-data->cve-configurations) + (published-date cve-item-published-date + "publishedDate" string->date*) + (last-modified-date cve-item-last-modified-date + "lastModifiedDate" string->date*)) + +(define-json-mapping <cve> cve cve? + json->cve + (id cve-id "CVE_data_meta" ;string + (cut assoc-ref <> "ID")) + (data-type cve-data-type ;'CVE + "data_type" string->symbol) + (data-format cve-data-format ;'MITRE + "data_format" string->symbol) + (references cve-item-references ;list of <cve-reference> + "references" reference-data->cve-references)) + +(define-json-mapping <cve-reference> cve-reference cve-reference? + json->cve-reference + (url cve-reference-url) ;string + (tags cve-reference-tags ;list of strings + "tags" vector->list)) + +(define (reference-data->cve-references alist) + (map json->cve-reference + (vector->list (assoc-ref alist "reference_data")))) + +(define %cpe-package-rx + ;; For applications: "cpe:2.3:a:VENDOR:PACKAGE:VERSION", or sometimes + ;; "cpe:2.3:a:VENDOR:PACKAGE:VERSION:PATCH-LEVEL". + (make-regexp "^cpe:2\\.3:a:([^:]+):([^:]+):([^:]+):([^:]+):")) + +(define (cpe->package-name cpe) + "Converts the Common Platform Enumeration (CPE) string CPE to a package +name, in a very naive way. Return two values: the package name, and its +version string. Return #f and #f if CPE does not look like an application CPE +string." + (cond ((regexp-exec %cpe-package-rx cpe) + => + (lambda (matches) + (values (match:substring matches 2) + (match (match:substring matches 3) + ("*" '_) + (version + (string-append version + (match (match:substring matches 4) + ("" "") + (patch-level + ;; Drop the colon from things like + ;; "cpe:2.3:a:openbsd:openssh:6.8:p1". + (string-drop patch-level 1))))))))) + (else + (values #f #f)))) + +(define (cpe-match->cve-configuration alist) + "Convert ALIST, a \"cpe_match\" alist, into an sexp representing the package +and versions matched. Return #f if ALIST doesn't correspond to an application +package." + (let ((cpe (assoc-ref alist "cpe23Uri")) + (starti (assoc-ref alist "versionStartIncluding")) + (starte (assoc-ref alist "versionStartExcluding")) + (endi (assoc-ref alist "versionEndIncluding")) + (ende (assoc-ref alist "versionEndExcluding"))) + (let-values (((package version) (cpe->package-name cpe))) + (and package + `(,package + ,(cond ((and (or starti starte) (or endi ende)) + `(and ,(if starti `(>= ,starti) `(> ,starte)) + ,(if endi `(<= ,endi) `(< ,ende)))) + (starti `(>= ,starti)) + (starte `(> ,starte)) + (endi `(<= ,endi)) + (ende `(< ,ende)) + (else version))))))) + +(define (configuration-data->cve-configurations alist) + "Given ALIST, a JSON dictionary for the baroque \"configurations\" +element found in CVEs, return an sexp such as (\"binutils\" (< +\"2.31\")) that represents matching configurations." + (define string->operator + (match-lambda + ("OR" 'or) + ("AND" 'and))) + + (define (node->configuration node) + (let ((operator (string->operator (assoc-ref node "operator")))) + (cond + ((assoc-ref node "cpe_match") + => + (lambda (matches) + (let ((matches (vector->list matches))) + (match (filter-map cpe-match->cve-configuration + matches) + (() #f) + ((one) one) + (lst (cons operator lst)))))) + ((assoc-ref node "children") ;typically for 'and' + => + (lambda (children) + (match (filter-map node->configuration (vector->list children)) + (() #f) + ((one) one) + (lst (cons operator lst))))) + (else + #f)))) + + (let ((nodes (vector->list (assoc-ref alist "nodes")))) + (filter-map node->configuration nodes))) + +(define (json->cve-items json) + "Parse JSON, an input port or a string, and return a list of <cve-item> +records." + (let* ((alist (json->scm json)) + (type (assoc-ref alist "CVE_data_type")) + (format (assoc-ref alist "CVE_data_format")) + (version (assoc-ref alist "CVE_data_version"))) + (unless (equal? type "CVE") + (raise (condition (&message + (message "invalid CVE feed"))))) + (unless (equal? format "MITRE") + (raise (condition + (&message + (message (format #f (G_ "unsupported CVE format: '~a'") + format)))))) + (unless (equal? version "4.0") + (raise (condition + (&message + (message (format #f (G_ "unsupported CVE data version: '~a'") + version)))))) + + (map json->cve-item + (vector->list (assoc-ref alist "CVE_Items"))))) + +(define (version-matches? version sexp) + "Return true if VERSION, a string, matches SEXP." + (match sexp + ('_ + #t) + ((? string? expected) + (version-prefix? expected version)) + (('or sexps ...) + (any (cut version-matches? version <>) sexps)) + (('and sexps ...) + (every (cut version-matches? version <>) sexps)) + (('< max) + (version>? max version)) + (('<= max) + (version>=? max version)) + (('> min) + (version>? version min)) + (('>= min) + (version>=? version min)))) + + +;;; +;;; High-level interface. +;;; (define %now (current-date)) @@ -61,8 +242,8 @@ (define (yearly-feed-uri year) "Return the URI for the CVE feed for YEAR." (string->uri - (string-append "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-" - (number->string year) ".xml.gz"))) + (string-append "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-" + (number->string year) ".json.gz"))) (define %current-year-ttl ;; According to <https://nvd.nist.gov/download.cfm#CVE_FEED>, feeds are @@ -73,102 +254,11 @@ ;; Update the previous year's database more and more infrequently. (* 3600 24 (date-month %now))) -(define %cpe-package-rx - ;; For applications: "cpe:/a:VENDOR:PACKAGE:VERSION", or sometimes - ;; "cpe/a:VENDOR:PACKAGE:VERSION:PATCH-LEVEL". - (make-regexp "^cpe:/a:([^:]+):([^:]+):([^:]+)((:.+)?)")) - -(define (cpe->package-name cpe) - "Converts the Common Platform Enumeration (CPE) string CPE to a package -name, in a very naive way. Return two values: the package name, and its -version string. Return #f and #f if CPE does not look like an application CPE -string." - (cond ((regexp-exec %cpe-package-rx (string-trim-both cpe)) - => - (lambda (matches) - (values (match:substring matches 2) - (string-append (match:substring matches 3) - (match (match:substring matches 4) - ("" "") - (patch-level - ;; Drop the colon from things like - ;; "cpe:/a:openbsd:openssh:6.8:p1". - (string-drop patch-level 1))))))) - (else - (values #f #f)))) - -(define (cpe->product-alist products) - "Given PRODUCTS, a list of CPE names, return the subset limited to the -applications listed in PRODUCTS, with names converted to package names: - - (cpe->product-alist - '(\"cpe:/a:gnu:libtasn1:4.7\" \"cpe:/a:gnu:libtasn1:4.6\" \"cpe:/a:gnu:cpio:2.11\")) - => ((\"libtasn1\" \"4.7\" \"4.6\") (\"cpio\" \"2.11\")) -" - (fold (lambda (product result) - (let-values (((name version) (cpe->package-name product))) - (if name - (match result - (((previous . versions) . tail) - ;; Attempt to coalesce NAME and PREVIOUS. - (if (string=? name previous) - (alist-cons name (cons version versions) tail) - (alist-cons name (list version) result))) - (() - (alist-cons name (list version) result))) - result))) - '() - (sort products string<?))) - -(define %parse-vulnerability-feed - ;; Parse the XML vulnerability feed from - ;; <https://nvd.nist.gov/download.cfm#CVE_FEED> and return a list of - ;; vulnerability objects. - (ssax:make-parser NEW-LEVEL-SEED - (lambda (elem-gi attributes namespaces expected-content - seed) - (match elem-gi - ((name-space . 'entry) - (cons (assoc-ref attributes 'id) seed)) - ((name-space . 'vulnerable-software-list) - (cons '() seed)) - ((name-space . 'product) - (cons 'product seed)) - (x seed))) - - FINISH-ELEMENT - (lambda (elem-gi attributes namespaces parent-seed - seed) - (match elem-gi - ((name-space . 'entry) - (match seed - (((? string? id) . rest) - ;; Some entries have no vulnerable-software-list. - rest) - ((products id . rest) - (match (cpe->product-alist products) - (() - ;; No application among PRODUCTS. - rest) - (packages - (cons (vulnerability id packages) - rest)))))) - (x - seed))) - - CHAR-DATA-HANDLER - (lambda (str _ seed) - (match seed - (('product software-list . rest) - ;; Add STR to the vulnerable software list this - ;; <product> tag is part of. - (cons (cons str software-list) rest)) - (x x))))) - -(define (xml->vulnerabilities port) - "Read from PORT an XML feed of vulnerabilities and return a list of -vulnerability objects." - (reverse (%parse-vulnerability-feed port '()))) +(define-record-type <vulnerability> + (vulnerability id packages) + vulnerability? + (id vulnerability-id) ;string + (packages vulnerability-packages)) ;((p1 sexp1) (p2 sexp2) ...) (define vulnerability->sexp (match-lambda @@ -180,16 +270,70 @@ vulnerability objects." (('v id (packages ...)) (vulnerability id packages)))) +(define (cve-configuration->package-list config) + "Parse CONFIG, a config sexp, and return a list of the form (P SEXP) +where P is a package name and SEXP expresses constraints on the matching +versions." + (let loop ((config config) + (packages '())) + (match config + (('or configs ...) + (fold loop packages configs)) + (('and config _ ...) ;XXX + (loop config packages)) + (((? string? package) '_) ;any version + (cons `(,package _) + (alist-delete package packages))) + (((? string? package) sexp) + (let ((previous (assoc-ref packages package))) + (if previous + (cons `(,package (or ,sexp ,@previous)) + (alist-delete package packages)) + (cons `(,package ,sexp) packages))))))) + +(define (merge-package-lists lst) + "Merge the list in LST, each of which has the form (p sexp), where P +is the name of a package and SEXP is an sexp that constrains matching +versions." + (fold (lambda (plist result) ;XXX: quadratic + (fold (match-lambda* + (((package version) result) + (match (assoc-ref result package) + (#f + (cons `(,package ,version) result)) + ((previous) + (cons `(,package (or ,version ,previous)) + (alist-delete package result)))))) + result + plist)) + '() + lst)) + +(define (cve-item->vulnerability item) + "Return a <vulnerability> corresponding to ITEM, a <cve-item> record; +return #f if ITEM does not list any configuration or if it does not list +any \"a\" (application) configuration." + (let ((id (cve-id (cve-item-cve item)))) + (match (cve-item-configurations item) + (() ;no configurations + #f) + ((configs ...) + (vulnerability id + (merge-package-lists + (map cve-configuration->package-list configs))))))) + +(define (json->vulnerabilities json) + "Parse JSON, an input port or a string, and return the list of +vulnerabilities found therein." + (filter-map cve-item->vulnerability (json->cve-items json))) + (define (write-cache input cache) - "Read vulnerabilities as gzipped XML from INPUT, and write it as a compact + "Read vulnerabilities as gzipped JSON from INPUT, and write it as a compact sexp to CACHE." (call-with-decompressed-port 'gzip input (lambda (input) - ;; XXX: The SSAX "error port" is used to send pointless warnings such as - ;; "warning: Skipping PI". Turn that off. (define vulns - (parameterize ((current-ssax-error-port (%make-void-port "w"))) - (xml->vulnerabilities input))) + (json->vulnerabilities input)) (write `(vulnerabilities 1 ;format version @@ -215,7 +359,7 @@ the given TTL (fetch from the NIST web site when TTL has expired)." (lambda () (read-options options))))) - ;; Note: We used to keep the original XML files in cache but parsing it + ;; Note: We used to keep the original JSON files in cache but parsing it ;; would take typically ~15s for a year of data. Thus, we instead store a ;; summarized version thereof as an sexp, which can be parsed in 1s or so. (let* ((port (http-fetch/cached (yearly-feed-uri year) @@ -269,8 +413,8 @@ vulnerabilities affecting the given package version." (vhash-fold* (if version (lambda (pair result) (match pair - ((vuln . versions) - (if (member version versions) + ((vuln sexp) + (if (version-matches? version sexp) (cons vuln result) result)))) (lambda (pair result) diff --git a/guix/lint.scm b/guix/lint.scm index 6336cf4e3b..03a8e88225 100644 --- a/guix/lint.scm +++ b/guix/lint.scm @@ -1319,17 +1319,11 @@ or a list thereof") (name 'github-url) (description "Suggest GitHub URLs") (check check-github-url)) - - ;; FIXME: Commented out as a consequence of the XML CVE feed retirement: - ;; <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>. - ;; Reinstate it once the JSON feed is supported. - - ;; (lint-checker - ;; (name 'cve) - ;; (description "Check the Common Vulnerabilities and Exposures\ - ;; (CVE) database") - ;; (check check-vulnerabilities)) - + (lint-checker + (name 'cve) + (description "Check the Common Vulnerabilities and Exposures\ + (CVE) database") + (check check-vulnerabilities)) (lint-checker (name 'refresh) (description "Check the package for new upstream releases") diff --git a/tests/cve-sample.json b/tests/cve-sample.json new file mode 100644 index 0000000000..39816f9dd4 --- /dev/null +++ b/tests/cve-sample.json @@ -0,0 +1,1279 @@ +{ + "CVE_data_type" : "CVE", + "CVE_data_format" : "MITRE", + "CVE_data_version" : "4.0", + "CVE_data_numberOfCVEs" : "9826", + "CVE_data_timestamp" : "2019-10-17T07:00Z", + "CVE_Items" : [ { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-0001", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ { + "lang" : "en", + "value" : "CWE-400" + } ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "http://www.securityfocus.com/bid/106541", + "name" : "106541", + "refsource" : "BID", + "tags" : [ "Third Party Advisory", "VDB Entry" ] + }, { + "url" : "https://kb.juniper.net/JSA10900", + "name" : "https://kb.juniper.net/JSA10900", + "refsource" : "CONFIRM", + "tags" : [ "Vendor Advisory" ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result in an extended denial of service condition for the device. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S1; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*" + } ] + } { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.2:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.2:r1-s3:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.2:r1-s4:*:*:*:*:*:*" + } ] + } ] + }, + "impact" : { + "baseMetricV3" : { + "cvssV3" : { + "version" : "3.0", + "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector" : "NETWORK", + "attackComplexity" : "HIGH", + "privilegesRequired" : "NONE", + "userInteraction" : "NONE", + "scope" : "UNCHANGED", + "confidentialityImpact" : "NONE", + "integrityImpact" : "NONE", + "availabilityImpact" : "HIGH", + "baseScore" : 5.9, + "baseSeverity" : "MEDIUM" + }, + "exploitabilityScore" : 2.2, + "impactScore" : 3.6 + }, + "baseMetricV2" : { + "cvssV2" : { + "version" : "2.0", + "vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:C", + "accessVector" : "NETWORK", + "accessComplexity" : "MEDIUM", + "authentication" : "NONE", + "confidentialityImpact" : "NONE", + "integrityImpact" : "NONE", + "availabilityImpact" : "COMPLETE", + "baseScore" : 7.1 + }, + "severity" : "HIGH", + "exploitabilityScore" : 8.6, + "impactScore" : 6.9, + "acInsufInfo" : false, + "obtainAllPrivilege" : false, + "obtainUserPrivilege" : false, + "obtainOtherPrivilege" : false, + "userInteractionRequired" : false + } + }, + "publishedDate" : "2019-01-15T21:29Z", + "lastModifiedDate" : "2019-10-09T23:43Z" + }, { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-0005", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ { + "lang" : "en", + "value" : "CWE-400" + } ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "http://www.securityfocus.com/bid/106665", + "name" : "106665", + "refsource" : "BID", + "tags" : [ "Third Party Advisory" ] + }, { + "url" : "https://kb.juniper.net/JSA10905", + "name" : "https://kb.juniper.net/JSA10905", + "refsource" : "CONFIRM", + "tags" : [ "Vendor Advisory" ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d234:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d59:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d590:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r3-s10:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r6-s6:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:gfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + }, { + "operator" : "AND", + "children" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.1:*:*:*:*:*:*:*" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.1:r1:*:*:*:*:*:*" + } ] + }, { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*" + }, { + "vulnerable" : false, + "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*" + } ] + } ] + } ] + }, + "impact" : { + "baseMetricV3" : { + "cvssV3" : { + "version" : "3.0", + "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector" : "NETWORK", + "attackComplexity" : "LOW", + "privilegesRequired" : "NONE", + "userInteraction" : "NONE", + "scope" : "UNCHANGED", + "confidentialityImpact" : "NONE", + "integrityImpact" : "LOW", + "availabilityImpact" : "NONE", + "baseScore" : 5.3, + "baseSeverity" : "MEDIUM" + }, + "exploitabilityScore" : 3.9, + "impactScore" : 1.4 + }, + "baseMetricV2" : { + "cvssV2" : { + "version" : "2.0", + "vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector" : "NETWORK", + "accessComplexity" : "LOW", + "authentication" : "NONE", + "confidentialityImpact" : "NONE", + "integrityImpact" : "PARTIAL", + "availabilityImpact" : "NONE", + "baseScore" : 5.0 + }, + "severity" : "MEDIUM", + "exploitabilityScore" : 10.0, + "impactScore" : 2.9, + "acInsufInfo" : false, + "obtainAllPrivilege" : false, + "obtainUserPrivilege" : false, + "obtainOtherPrivilege" : false, + "userInteractionRequired" : false + } + }, + "publishedDate" : "2019-01-15T21:29Z", + "lastModifiedDate" : "2019-02-14T18:40Z" + }, { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-14811", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ { + "lang" : "en", + "value" : "CWE-264" + } ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html", + "name" : "openSUSE-SU-2019:2223", + "refsource" : "SUSE", + "tags" : [ ] + }, { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html", + "name" : "openSUSE-SU-2019:2222", + "refsource" : "SUSE", + "tags" : [ ] + }, { + "url" : "https://access.redhat.com/errata/RHBA-2019:2824", + "name" : "RHBA-2019:2824", + "refsource" : "REDHAT", + "tags" : [ ] + }, { + "url" : "https://access.redhat.com/errata/RHSA-2019:2594", + "name" : "RHSA-2019:2594", + "refsource" : "REDHAT", + "tags" : [ ] + }, { + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14811", + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14811", + "refsource" : "CONFIRM", + "tags" : [ "Exploit", "Issue Tracking", "Mitigation", "Patch", "Third Party Advisory" ] + }, { + "url" : "https://lists.debian.org/debian-lts-announce/2019/09/msg00007.html", + "name" : "[debian-lts-announce] 20190909 [SECURITY] [DLA 1915-1] ghostscript security update", + "refsource" : "MLIST", + "tags" : [ ] + }, { + "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/", + "name" : "FEDORA-2019-ebd6c4f15a", + "refsource" : "FEDORA", + "tags" : [ ] + }, { + "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBUC4DBBJTRFNCR3IODBV4IXB2C2HI3V/", + "name" : "FEDORA-2019-0a9d525d71", + "refsource" : "FEDORA", + "tags" : [ ] + }, { + "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/", + "name" : "FEDORA-2019-953fc0f16d", + "refsource" : "FEDORA", + "tags" : [ ] + }, { + "url" : "https://seclists.org/bugtraq/2019/Sep/15", + "name" : "20190910 [SECURITY] [DSA 4518-1] ghostscript security update", + "refsource" : "BUGTRAQ", + "tags" : [ ] + }, { + "url" : "https://www.debian.org/security/2019/dsa-4518", + "name" : "DSA-4518", + "refsource" : "DEBIAN", + "tags" : [ ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "versionEndExcluding" : "9.28" + } ] + } ] + }, + "impact" : { + "baseMetricV3" : { + "cvssV3" : { + "version" : "3.0", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector" : "LOCAL", + "attackComplexity" : "LOW", + "privilegesRequired" : "NONE", + "userInteraction" : "REQUIRED", + "scope" : "UNCHANGED", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "availabilityImpact" : "HIGH", + "baseScore" : 7.8, + "baseSeverity" : "HIGH" + }, + "exploitabilityScore" : 1.8, + "impactScore" : 5.9 + }, + "baseMetricV2" : { + "cvssV2" : { + "version" : "2.0", + "vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P", + "accessVector" : "NETWORK", + "accessComplexity" : "MEDIUM", + "authentication" : "NONE", + "confidentialityImpact" : "PARTIAL", + "integrityImpact" : "PARTIAL", + "availabilityImpact" : "PARTIAL", + "baseScore" : 6.8 + }, + "severity" : "MEDIUM", + "exploitabilityScore" : 8.6, + "impactScore" : 6.4, + "acInsufInfo" : false, + "obtainAllPrivilege" : false, + "obtainUserPrivilege" : false, + "obtainOtherPrivilege" : false, + "userInteractionRequired" : true + } + }, + "publishedDate" : "2019-09-03T16:15Z", + "lastModifiedDate" : "2019-09-10T03:15Z" + }, { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-17365", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ { + "lang" : "en", + "value" : "CWE-276" + } ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "http://www.openwall.com/lists/oss-security/2019/10/09/4", + "name" : "http://www.openwall.com/lists/oss-security/2019/10/09/4", + "refsource" : "MISC", + "tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ] + }, { + "url" : "http://www.openwall.com/lists/oss-security/2019/10/10/1", + "name" : "[oss-security] 20191010 Re: CVE-2019-17365: Nix per-user profile directory hijack", + "refsource" : "MLIST", + "tags" : [ "Third Party Advisory" ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "Nix through 2.3 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*", + "versionEndIncluding" : "2.3" + } ] + } ] + }, + "impact" : { + "baseMetricV3" : { + "cvssV3" : { + "version" : "3.1", + "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector" : "LOCAL", + "attackComplexity" : "LOW", + "privilegesRequired" : "LOW", + "userInteraction" : "NONE", + "scope" : "UNCHANGED", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "availabilityImpact" : "HIGH", + "baseScore" : 7.8, + "baseSeverity" : "HIGH" + }, + "exploitabilityScore" : 1.8, + "impactScore" : 5.9 + }, + "baseMetricV2" : { + "cvssV2" : { + "version" : "2.0", + "vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P", + "accessVector" : "LOCAL", + "accessComplexity" : "LOW", + "authentication" : "NONE", + "confidentialityImpact" : "PARTIAL", + "integrityImpact" : "PARTIAL", + "availabilityImpact" : "PARTIAL", + "baseScore" : 4.6 + }, + "severity" : "MEDIUM", + "exploitabilityScore" : 3.9, + "impactScore" : 6.4, + "acInsufInfo" : false, + "obtainAllPrivilege" : false, + "obtainUserPrivilege" : false, + "obtainOtherPrivilege" : false, + "userInteractionRequired" : false + } + }, + "publishedDate" : "2019-10-09T22:15Z", + "lastModifiedDate" : "2019-10-11T13:19Z" + }, { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-1010180", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ { + "lang" : "en", + "value" : "CWE-119" + } ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "http://www.securityfocus.com/bid/109367", + "name" : "109367", + "refsource" : "BID", + "tags" : [ "Third Party Advisory", "VDB Entry" ] + }, { + "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", + "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", + "refsource" : "MISC", + "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*" + } ] + } ] + }, + "impact" : { + "baseMetricV3" : { + "cvssV3" : { + "version" : "3.0", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector" : "LOCAL", + "attackComplexity" : "LOW", + "privilegesRequired" : "NONE", + "userInteraction" : "REQUIRED", + "scope" : "UNCHANGED", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "availabilityImpact" : "HIGH", + "baseScore" : 7.8, + "baseSeverity" : "HIGH" + }, + "exploitabilityScore" : 1.8, + "impactScore" : 5.9 + }, + "baseMetricV2" : { + "cvssV2" : { + "version" : "2.0", + "vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P", + "accessVector" : "NETWORK", + "accessComplexity" : "MEDIUM", + "authentication" : "NONE", + "confidentialityImpact" : "PARTIAL", + "integrityImpact" : "PARTIAL", + "availabilityImpact" : "PARTIAL", + "baseScore" : 6.8 + }, + "severity" : "MEDIUM", + "exploitabilityScore" : 8.6, + "impactScore" : 6.4, + "acInsufInfo" : false, + "obtainAllPrivilege" : false, + "obtainUserPrivilege" : false, + "obtainOtherPrivilege" : false, + "userInteractionRequired" : true + } + }, + "publishedDate" : "2019-07-24T13:15Z", + "lastModifiedDate" : "2019-08-01T15:39Z" + }, { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-1010204", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ { + "lang" : "en", + "value" : "CWE-125" + }, { + "lang" : "en", + "value" : "CWE-20" + } ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "https://security.netapp.com/advisory/ntap-20190822-0001/", + "name" : "https://security.netapp.com/advisory/ntap-20190822-0001/", + "refsource" : "CONFIRM", + "tags" : [ ] + }, { + "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23765", + "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23765", + "refsource" : "MISC", + "tags" : [ "Issue Tracking", "Third Party Advisory" ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ { + "operator" : "OR", + "cpe_match" : [ { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*", + "versionStartIncluding" : "2.21", + "versionEndIncluding" : "2.31.1" + }, { + "vulnerable" : true, + "cpe23Uri" : "cpe:2.3:a:gnu:binutils_gold:*:*:*:*:*:*:*:*", + "versionStartIncluding" : "1.11", + "versionEndIncluding" : "1.16" + } ] + } ] + }, + "impact" : { + "baseMetricV3" : { + "cvssV3" : { + "version" : "3.0", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector" : "LOCAL", + "attackComplexity" : "LOW", + "privilegesRequired" : "NONE", + "userInteraction" : "REQUIRED", + "scope" : "UNCHANGED", + "confidentialityImpact" : "NONE", + "integrityImpact" : "NONE", + "availabilityImpact" : "HIGH", + "baseScore" : 5.5, + "baseSeverity" : "MEDIUM" + }, + "exploitabilityScore" : 1.8, + "impactScore" : 3.6 + }, + "baseMetricV2" : { + "cvssV2" : { + "version" : "2.0", + "vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P", + "accessVector" : "NETWORK", + "accessComplexity" : "MEDIUM", + "authentication" : "NONE", + "confidentialityImpact" : "NONE", + "integrityImpact" : "NONE", + "availabilityImpact" : "PARTIAL", + "baseScore" : 4.3 + }, + "severity" : "MEDIUM", + "exploitabilityScore" : 8.6, + "impactScore" : 2.9, + "acInsufInfo" : false, + "obtainAllPrivilege" : false, + "obtainUserPrivilege" : false, + "obtainOtherPrivilege" : false, + "userInteractionRequired" : true + } + }, + "publishedDate" : "2019-07-23T14:15Z", + "lastModifiedDate" : "2019-08-22T07:15Z" + }, { + "cve" : { + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2019-18192", + "ASSIGNER" : "cve@mitre.org" + }, + "problemtype" : { + "problemtype_data" : [ { + "description" : [ ] + } ] + }, + "references" : { + "reference_data" : [ { + "url" : "http://www.openwall.com/lists/oss-security/2019/10/17/3", + "name" : "[oss-security] 20191017 CVE-2019-18192: Insecure permissions on Guix profile directory", + "refsource" : "MLIST", + "tags" : [ ] + }, { + "url" : "https://issues.guix.gnu.org/issue/37744", + "name" : "https://issues.guix.gnu.org/issue/37744", + "refsource" : "MISC", + "tags" : [ ] + } ] + }, + "description" : { + "description_data" : [ { + "lang" : "en", + "value" : "GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365." + } ] + } + }, + "configurations" : { + "CVE_data_version" : "4.0", + "nodes" : [ ] + }, + "impact" : { }, + "publishedDate" : "2019-10-17T20:15Z", + "lastModifiedDate" : "2019-10-17T20:29Z" + } ] +} diff --git a/tests/cve-sample.xml b/tests/cve-sample.xml deleted file mode 100644 index ce158490f1..0000000000 --- a/tests/cve-sample.xml +++ /dev/null @@ -1,616 +0,0 @@ -<?xml version='1.0' encoding='UTF-8'?> -<nvd xmlns:scap-core="http://scap.nist.gov/schema/scap-core/0.1" xmlns:cvss="http://scap.nist.gov/schema/cvss-v2/0.2" xmlns:vuln="http://scap.nist.gov/schema/vulnerability/0.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:patch="http://scap.nist.gov/schema/patch/0.1" xmlns="http://scap.nist.gov/schema/feed/vulnerability/2.0" xmlns:cpe-lang="http://cpe.mitre.org/language/2.0" nvd_xml_version="2.0" pub_date="2015-11-25T08:07:01" xsi:schemaLocation="http://scap.nist.gov/schema/patch/0.1 http://nvd.nist.gov/schema/patch_0.1.xsd http://scap.nist.gov/schema/feed/vulnerability/2.0 http://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd http://scap.nist.gov/schema/scap-core/0.1 http://nvd.nist.gov/schema/scap-core_0.1.xsd"> - <entry id="CVE-2003-0001"> - <vuln:vulnerable-configuration id="http://nvd.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.2"/> - <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.3"/> - <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.4"/> - <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.5"/> - <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.6"/> - <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.7"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.1"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.10"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.11"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.12"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.13"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.14"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.15"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.16"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.17"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.18"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.19"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.2"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.20"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.3"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.4"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.5"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.6"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.7"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.8"/> - <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.9"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000:::advanced_server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000:::datacenter_server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000:::professional"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000:::server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp1:advanced_server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp1:datacenter_server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp1:professional"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp1:server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp2:advanced_server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp2:datacenter_server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp2:professional"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp2:server"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000_terminal_services"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000_terminal_services::sp1"/> - <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000_terminal_services::sp2"/> - <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5"/> - <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.1"/> - <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.2"/> - <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.3"/> - <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.6"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-software-list> - <vuln:product>cpe:/o:microsoft:windows_2000::sp2:professional</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.4</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000_terminal_services::sp1</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp1:advanced_server</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.19</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp2:advanced_server</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000_terminal_services</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000:::advanced_server</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.20</vuln:product> - <vuln:product>cpe:/o:netbsd:netbsd:1.5.1</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000_terminal_services::sp2</vuln:product> - <vuln:product>cpe:/o:netbsd:netbsd:1.5.3</vuln:product> - <vuln:product>cpe:/o:netbsd:netbsd:1.5.2</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.6</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.9</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000:::datacenter_server</vuln:product> - <vuln:product>cpe:/o:netbsd:netbsd:1.6</vuln:product> - <vuln:product>cpe:/o:netbsd:netbsd:1.5</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.7</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.8</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp1:datacenter_server</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp2:datacenter_server</vuln:product> - <vuln:product>cpe:/o:freebsd:freebsd:4.3</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.10</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp1:server</vuln:product> - <vuln:product>cpe:/o:freebsd:freebsd:4.5</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.12</vuln:product> - <vuln:product>cpe:/o:freebsd:freebsd:4.2</vuln:product> - <vuln:product>cpe:/o:freebsd:freebsd:4.7</vuln:product> - <vuln:product>cpe:/o:freebsd:freebsd:4.4</vuln:product> - <vuln:product>cpe:/o:freebsd:freebsd:4.6</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp2:server</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.18</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.1</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.15</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000:::server</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.17</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.14</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.2</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000:::professional</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.11</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.5</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.16</vuln:product> - <vuln:product>cpe:/o:microsoft:windows_2000::sp1:professional</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.13</vuln:product> - <vuln:product>cpe:/o:linux:linux_kernel:2.4.3</vuln:product> - </vuln:vulnerable-software-list> - <vuln:cve-id>CVE-2003-0001</vuln:cve-id> - <vuln:published-datetime>2003-01-17T00:00:00.000-05:00</vuln:published-datetime> - <vuln:last-modified-datetime>2015-11-24T13:05:47.073-05:00</vuln:last-modified-datetime> - <vuln:cvss> - <cvss:base_metrics> - <cvss:score>5.0</cvss:score> - <cvss:access-vector>NETWORK</cvss:access-vector> - <cvss:access-complexity>LOW</cvss:access-complexity> - <cvss:authentication>NONE</cvss:authentication> - <cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact> - <cvss:integrity-impact>NONE</cvss:integrity-impact> - <cvss:availability-impact>NONE</cvss:availability-impact> - <cvss:source>http://nvd.nist.gov</cvss:source> - <cvss:generated-on-datetime>2015-11-24T12:23:33.593-05:00</cvss:generated-on-datetime> - </cvss:base_metrics> - </vuln:cvss> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2665" name="oval:org.mitre.oval:def:2665"/> - <vuln:cwe id="CWE-200"/> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>CERT-VN</vuln:source> - <vuln:reference href="http://www.kb.cert.org/vuls/id/412115" xml:lang="en">VU#412115</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BUGTRAQ</vuln:source> - <vuln:reference href="http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded" xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BUGTRAQ</vuln:source> - <vuln:reference href="http://www.securityfocus.com/archive/1/archive/1/307564/30/26270/threaded" xml:lang="en">20030117 Re: More information regarding Etherleak</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BUGTRAQ</vuln:source> - <vuln:reference href="http://www.securityfocus.com/archive/1/archive/1/305335/30/26420/threaded" xml:lang="en">20030106 Etherleak: Ethernet frame padding information leakage (A010603-1)</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>REDHAT</vuln:source> - <vuln:reference href="http://www.redhat.com/support/errata/RHSA-2003-088.html" xml:lang="en">RHSA-2003:088</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>REDHAT</vuln:source> - <vuln:reference href="http://www.redhat.com/support/errata/RHSA-2003-025.html" xml:lang="en">RHSA-2003:025</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>OSVDB</vuln:source> - <vuln:reference href="http://www.osvdb.org/9962" xml:lang="en">9962</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf" xml:lang="en">http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>ATSTAKE</vuln:source> - <vuln:reference href="http://www.atstake.com/research/advisories/2003/a010603-1.txt" xml:lang="en">A010603-1</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>FULLDISC</vuln:source> - <vuln:reference href="http://seclists.org/fulldisclosure/2015/Apr/5" xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html" xml:lang="en">http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>BUGTRAQ</vuln:source> - <vuln:reference href="http://marc.theaimsgroup.com/?l=bugtraq&m=104222046632243&w=2" xml:lang="en">20030110 More information regarding Etherleak</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>VULNWATCH</vuln:source> - <vuln:reference href="http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html" xml:lang="en">20030110 More information regarding Etherleak</vuln:reference> - </vuln:references> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2665" name="oval:org.mitre.oval:def:2665"/> - </vuln:scanner> - <vuln:summary>Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.</vuln:summary> - </entry> - <entry id="CVE-2004-0230"> - <vuln:vulnerable-configuration id="http://nvd.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/a:tcp:tcp"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-software-list> - <vuln:product>cpe:/a:tcp:tcp</vuln:product> - </vuln:vulnerable-software-list> - <vuln:cve-id>CVE-2004-0230</vuln:cve-id> - <vuln:published-datetime>2004-08-18T00:00:00.000-04:00</vuln:published-datetime> - <vuln:last-modified-datetime>2015-11-24T13:06:40.597-05:00</vuln:last-modified-datetime> - <vuln:cvss> - <cvss:base_metrics> - <cvss:score>5.0</cvss:score> - <cvss:access-vector>NETWORK</cvss:access-vector> - <cvss:access-complexity>LOW</cvss:access-complexity> - <cvss:authentication>NONE</cvss:authentication> - <cvss:confidentiality-impact>NONE</cvss:confidentiality-impact> - <cvss:integrity-impact>NONE</cvss:integrity-impact> - <cvss:availability-impact>PARTIAL</cvss:availability-impact> - <cvss:source>http://nvd.nist.gov</cvss:source> - <cvss:generated-on-datetime>2015-11-24T12:17:30.930-05:00</cvss:generated-on-datetime> - </cvss:base_metrics> - </vuln:cvss> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5711" name="oval:org.mitre.oval:def:5711"/> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4791" name="oval:org.mitre.oval:def:4791"/> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:3508" name="oval:org.mitre.oval:def:3508"/> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:270" name="oval:org.mitre.oval:def:270"/> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2689" name="oval:org.mitre.oval:def:2689"/> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>CERT</vuln:source> - <vuln:reference href="http://www.us-cert.gov/cas/techalerts/TA04-111A.html" xml:lang="en">TA04-111A</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CERT-VN</vuln:source> - <vuln:reference href="http://www.kb.cert.org/vuls/id/415294" xml:lang="en">VU#415294</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="https://kc.mcafee.com/corporate/index?page=content&id=SB10053" xml:lang="en">https://kc.mcafee.com/corporate/index?page=content&id=SB10053</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>XF</vuln:source> - <vuln:reference href="http://xforce.iss.net/xforce/xfdb/15886" xml:lang="en">tcp-rst-dos(15886)</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>VUPEN</vuln:source> - <vuln:reference href="http://www.vupen.com/english/advisories/2006/3983" xml:lang="en">ADV-2006-3983</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://www.uniras.gov.uk/vuls/2004/236929/index.htm" xml:lang="en">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>BID</vuln:source> - <vuln:reference href="http://www.securityfocus.com/bid/10183" xml:lang="en">10183</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BUGTRAQ</vuln:source> - <vuln:reference href="http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded" xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>HP</vuln:source> - <vuln:reference href="http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded" xml:lang="en">SSRT061264</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>OSVDB</vuln:source> - <vuln:reference href="http://www.osvdb.org/4030" xml:lang="en">4030</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MS</vuln:source> - <vuln:reference href="http://www.microsoft.com/technet/security/Bulletin/MS06-064.mspx" xml:lang="en">MS06-064</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MS</vuln:source> - <vuln:reference href="http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx" xml:lang="en">MS05-019</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CISCO</vuln:source> - <vuln:reference href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml" xml:lang="en">20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>FULLDISC</vuln:source> - <vuln:reference href="http://seclists.org/fulldisclosure/2015/Apr/5" xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html" xml:lang="en">http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>HP</vuln:source> - <vuln:reference href="http://marc.theaimsgroup.com/?l=bugtraq&m=108506952116653&w=2" xml:lang="en">SSRT4696</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BUGTRAQ</vuln:source> - <vuln:reference href="http://marc.theaimsgroup.com/?l=bugtraq&m=108302060014745&w=2" xml:lang="en">20040425 Perl code exploting TCP not checking RST ACK.</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="http://kb.juniper.net/JSA10638" xml:lang="en">http://kb.juniper.net/JSA10638</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>SGI</vuln:source> - <vuln:reference href="ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc" xml:lang="en">20040403-01-A</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>SCO</vuln:source> - <vuln:reference href="ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt" xml:lang="en">SCOSA-2005.14</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>SCO</vuln:source> - <vuln:reference href="ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt" xml:lang="en">SCOSA-2005.9</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>SCO</vuln:source> - <vuln:reference href="ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt" xml:lang="en">SCOSA-2005.3</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>NETBSD</vuln:source> - <vuln:reference href="ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc" xml:lang="en">NetBSD-SA2004-006</vuln:reference> - </vuln:references> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:3508" name="oval:org.mitre.oval:def:3508"/> - </vuln:scanner> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:270" name="oval:org.mitre.oval:def:270"/> - </vuln:scanner> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2689" name="oval:org.mitre.oval:def:2689"/> - </vuln:scanner> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5711" name="oval:org.mitre.oval:def:5711"/> - </vuln:scanner> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:4791" name="oval:org.mitre.oval:def:4791"/> - </vuln:scanner> - <vuln:summary>TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.</vuln:summary> - </entry> - <entry id="CVE-2008-2335"> - <vuln:vulnerable-configuration id="http://nvd.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/a:vastal:phpvid:1.2"/> - <cpe-lang:fact-ref name="cpe:/a:vastal:phpvid:1.1"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-software-list> - <vuln:product>cpe:/a:vastal:phpvid:1.1</vuln:product> - <vuln:product>cpe:/a:vastal:phpvid:1.2</vuln:product> - </vuln:vulnerable-software-list> - <vuln:cve-id>CVE-2008-2335</vuln:cve-id> - <vuln:published-datetime>2008-05-19T09:20:00.000-04:00</vuln:published-datetime> - <vuln:last-modified-datetime>2015-11-24T11:45:25.057-05:00</vuln:last-modified-datetime> - <vuln:cvss> - <cvss:base_metrics> - <cvss:score>4.3</cvss:score> - <cvss:access-vector>NETWORK</cvss:access-vector> - <cvss:access-complexity>MEDIUM</cvss:access-complexity> - <cvss:authentication>NONE</cvss:authentication> - <cvss:confidentiality-impact>NONE</cvss:confidentiality-impact> - <cvss:integrity-impact>PARTIAL</cvss:integrity-impact> - <cvss:availability-impact>NONE</cvss:availability-impact> - <cvss:source>http://nvd.nist.gov</cvss:source> - <cvss:generated-on-datetime>2015-11-24T10:50:05.737-05:00</cvss:generated-on-datetime> - </cvss:base_metrics> - </vuln:cvss> - <vuln:cwe id="CWE-79"/> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>XF</vuln:source> - <vuln:reference href="http://xforce.iss.net/xforce/xfdb/42450" xml:lang="en">phpvid-query-xss(42450)</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>VUPEN</vuln:source> - <vuln:reference href="http://www.vupen.com/english/advisories/2008/2552" xml:lang="en">ADV-2008-2552</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BID</vuln:source> - <vuln:reference href="http://www.securityfocus.com/bid/29238" xml:lang="en">29238</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MILW0RM</vuln:source> - <vuln:reference href="http://www.milw0rm.com/exploits/6422" xml:lang="en">6422</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>EXPLOIT-DB</vuln:source> - <vuln:reference href="http://www.exploit-db.com/exploits/27519" xml:lang="en">27519</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/" xml:lang="en">http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>FULLDISC</vuln:source> - <vuln:reference href="http://seclists.org/fulldisclosure/2015/Mar/59" xml:lang="en">20150310 Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Security Vulnerabilities</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html" xml:lang="en">http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html" xml:lang="en">http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>OSVDB</vuln:source> - <vuln:reference href="http://osvdb.org/show/osvdb/45171" xml:lang="en">45171</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://holisticinfosec.org/content/view/65/45/" xml:lang="en">http://holisticinfosec.org/content/view/65/45/</vuln:reference> - </vuln:references> - <vuln:summary>Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is also affected.</vuln:summary> - </entry> - <entry id="CVE-2008-3522"> - <vuln:vulnerable-configuration id="http://nvd.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/a:redhat:enterprise_virtualization:3.5"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-configuration id="http://nvd.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/a:jasper_project:jasper:1.900.1"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-software-list> - <vuln:product>cpe:/a:redhat:enterprise_virtualization:3.5</vuln:product> - <vuln:product>cpe:/a:jasper_project:jasper:1.900.1</vuln:product> - </vuln:vulnerable-software-list> - <vuln:cve-id>CVE-2008-3522</vuln:cve-id> - <vuln:published-datetime>2008-10-02T14:18:05.790-04:00</vuln:published-datetime> - <vuln:last-modified-datetime>2015-11-24T11:46:04.933-05:00</vuln:last-modified-datetime> - <vuln:cvss> - <cvss:base_metrics> - <cvss:score>10.0</cvss:score> - <cvss:access-vector>NETWORK</cvss:access-vector> - <cvss:access-complexity>LOW</cvss:access-complexity> - <cvss:authentication>NONE</cvss:authentication> - <cvss:confidentiality-impact>COMPLETE</cvss:confidentiality-impact> - <cvss:integrity-impact>COMPLETE</cvss:integrity-impact> - <cvss:availability-impact>COMPLETE</cvss:availability-impact> - <cvss:source>http://nvd.nist.gov</cvss:source> - <cvss:generated-on-datetime>2015-11-24T10:05:46.467-05:00</cvss:generated-on-datetime> - </cvss:base_metrics> - </vuln:cvss> - <vuln:security-protection>ALLOWS_ADMIN_ACCESS</vuln:security-protection> - <vuln:cwe id="CWE-119"/> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>XF</vuln:source> - <vuln:reference href="http://xforce.iss.net/xforce/xfdb/45623" xml:lang="en">jasper-jasstreamprintf-bo(45623)</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>UBUNTU</vuln:source> - <vuln:reference href="http://www.ubuntu.com/usn/USN-742-1" xml:lang="en">USN-742-1</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BID</vuln:source> - <vuln:reference href="http://www.securityfocus.com/bid/31470" xml:lang="en">31470</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MANDRIVA</vuln:source> - <vuln:reference href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:164" xml:lang="en">MDVSA-2009:164</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MANDRIVA</vuln:source> - <vuln:reference href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:144" xml:lang="en">MDVSA-2009:144</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MANDRIVA</vuln:source> - <vuln:reference href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:142" xml:lang="en">MDVSA-2009:142</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>GENTOO</vuln:source> - <vuln:reference href="http://security.gentoo.org/glsa/glsa-200812-18.xml" xml:lang="en">GLSA-200812-18</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>REDHAT</vuln:source> - <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2015-0698.html" xml:lang="en">RHSA-2015:0698</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://bugs.gentoo.org/show_bug.cgi?id=222819" xml:lang="en">http://bugs.gentoo.org/show_bug.cgi?id=222819</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://bugs.gentoo.org/attachment.cgi?id=163282&action=view" xml:lang="en">http://bugs.gentoo.org/attachment.cgi?id=163282&action=view</vuln:reference> - </vuln:references> - <vuln:summary>Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.</vuln:summary> - </entry> - <entry id="CVE-2009-3301"> - <vuln:vulnerable-configuration id="http://www.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.1.1"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.1.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.0.1"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.0.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.1"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.1.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:1.1.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.2"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.3"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.3.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.3.1"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.2.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.2.1"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.0.0"/> - <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.0.3"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-configuration id="http://www.nist.gov/"> - <cpe-lang:logical-test operator="OR" negate="false"> - <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~"/> - <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:10.10"/> - <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:9.10"/> - <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:8.04:-:lts"/> - </cpe-lang:logical-test> - </vuln:vulnerable-configuration> - <vuln:vulnerable-software-list> - <vuln:product>cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~</vuln:product> - <vuln:product>cpe:/o:canonical:ubuntu_linux:8.04:-:lts</vuln:product> - <vuln:product>cpe:/o:canonical:ubuntu_linux:10.10</vuln:product> - <vuln:product>cpe:/a:sun:openoffice.org:2.1.0</vuln:product> - <vuln:product>cpe:/a:sun:openoffice.org:2.3.0</vuln:product> - <vuln:product>cpe:/a:sun:openoffice.org:2.2.1</vuln:product> - <!-- snipped --> - </vuln:vulnerable-software-list> - <vuln:cve-id>CVE-2009-3301</vuln:cve-id> - <vuln:published-datetime>2010-02-16T14:30:00.533-05:00</vuln:published-datetime> - <vuln:last-modified-datetime>2015-11-17T10:59:44.723-05:00</vuln:last-modified-datetime> - <vuln:cvss> - <cvss:base_metrics> - <cvss:score>9.3</cvss:score> - <cvss:access-vector>NETWORK</cvss:access-vector> - <cvss:access-complexity>MEDIUM</cvss:access-complexity> - <cvss:authentication>NONE</cvss:authentication> - <cvss:confidentiality-impact>COMPLETE</cvss:confidentiality-impact> - <cvss:integrity-impact>COMPLETE</cvss:integrity-impact> - <cvss:availability-impact>COMPLETE</cvss:availability-impact> - <cvss:source>http://nvd.nist.gov</cvss:source> - <cvss:generated-on-datetime>2015-11-17T10:02:50.097-05:00</cvss:generated-on-datetime> - </cvss:base_metrics> - </vuln:cvss> - <vuln:assessment_check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10423" name="oval:org.mitre.oval:def:10423"/> - <vuln:cwe id="CWE-189"/> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>CERT</vuln:source> - <vuln:reference href="http://www.us-cert.gov/cas/techalerts/TA10-287A.html" xml:lang="en">TA10-287A</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="https://bugzilla.redhat.com/show_bug.cgi?id=533038" xml:lang="en">https://bugzilla.redhat.com/show_bug.cgi?id=533038</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>XF</vuln:source> - <vuln:reference href="http://xforce.iss.net/xforce/xfdb/56240" xml:lang="en">openoffice-word-sprmtdeftable-bo(56240)</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>VUPEN</vuln:source> - <vuln:reference href="http://www.vupen.com/english/advisories/2010/2905" xml:lang="en">ADV-2010-2905</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>VUPEN</vuln:source> - <vuln:reference href="http://www.vupen.com/english/advisories/2010/0635" xml:lang="en">ADV-2010-0635</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>VUPEN</vuln:source> - <vuln:reference href="http://www.vupen.com/english/advisories/2010/0366" xml:lang="en">ADV-2010-0366</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>UBUNTU</vuln:source> - <vuln:reference href="http://www.ubuntu.com/usn/USN-903-1" xml:lang="en">USN-903-1</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>BID</vuln:source> - <vuln:reference href="http://www.securityfocus.com/bid/38218" xml:lang="en">38218</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>REDHAT</vuln:source> - <vuln:reference href="http://www.redhat.com/support/errata/RHSA-2010-0101.html" xml:lang="en">RHSA-2010:0101</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html" xml:lang="en">http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY"> - <vuln:source>CONFIRM</vuln:source> - <vuln:reference href="http://www.openoffice.org/security/bulletin.html" xml:lang="en">http://www.openoffice.org/security/bulletin.html</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MANDRIVA</vuln:source> - <vuln:reference href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:221" xml:lang="en">MDVSA-2010:221</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>GENTOO</vuln:source> - <vuln:reference href="http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" xml:lang="en">GLSA-201408-19</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>DEBIAN</vuln:source> - <vuln:reference href="http://www.debian.org/security/2010/dsa-1995" xml:lang="en">DSA-1995</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>SECTRACK</vuln:source> - <vuln:reference href="http://securitytracker.com/id?1023591" xml:lang="en">1023591</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>SUSE</vuln:source> - <vuln:reference href="http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" xml:lang="en">SUSE-SA:2010:017</vuln:reference> - </vuln:references> - <vuln:scanner> - <vuln:definition system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10423" name="oval:org.mitre.oval:def:10423"/> - </vuln:scanner> - <vuln:summary>Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.</vuln:summary> - </entry> - <entry id="CVE-2015-8330"> - <vuln:cve-id>CVE-2015-8330</vuln:cve-id> - <vuln:published-datetime>2015-11-24T15:59:25.897-05:00</vuln:published-datetime> - <vuln:last-modified-datetime>2015-11-24T15:59:26.930-05:00</vuln:last-modified-datetime> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015" xml:lang="en">https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015</vuln:reference> - </vuln:references> - <vuln:references xml:lang="en" reference_type="UNKNOWN"> - <vuln:source>MISC</vuln:source> - <vuln:reference href="http://erpscan.com/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/" xml:lang="en">http://erpscan.com/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/</vuln:reference> - </vuln:references> - <vuln:summary>The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619.</vuln:summary> - </entry> -</nvd> diff --git a/tests/cve.scm b/tests/cve.scm index e95b21c073..b69da0e120 100644 --- a/tests/cve.scm +++ b/tests/cve.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2015, 2016, 2019 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,10 +19,11 @@ (define-module (test-cve) #:use-module (guix cve) #:use-module (srfi srfi-1) + #:use-module (srfi srfi-19) #:use-module (srfi srfi-64)) (define %sample - (search-path %load-path "tests/cve-sample.xml")) + (search-path %load-path "tests/cve-sample.json")) (define (vulnerability id packages) (make-struct/no-tail (@@ (guix cve) <vulnerability>) id packages)) @@ -30,34 +31,76 @@ (define %expected-vulnerabilities ;; What we should get when reading %SAMPLE. (list - ;; CVE-2003-0001 has no "/a" in its product list so it is omitted. - ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number. - (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1"))) - (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5") - ("jasper" "1.900.1"))) - (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1" "2.1.0"))) - ;; CVE-2015-8330 has no software list. + (vulnerability "CVE-2019-0001" + ;; Only the "a" CPE configurations are kept; the "o" + ;; configurations are discarded. + '(("junos" (or "18.21-s4" (or "18.21-s3" "18.2"))))) + (vulnerability "CVE-2019-0005" + '(("junos" (or "18.11" "18.1")))) + ;; CVE-2019-0005 has no "a" configurations. + (vulnerability "CVE-2019-14811" + '(("ghostscript" (< "9.28")))) + (vulnerability "CVE-2019-17365" + '(("nix" (<= "2.3")))) + (vulnerability "CVE-2019-1010180" + '(("gdb" _))) ;any version + (vulnerability "CVE-2019-1010204" + '(("binutils" (and (>= "2.21") (<= "2.31.1"))) + ("binutils_gold" (and (>= "1.11") (<= "1.16"))))) + ;; CVE-2019-18192 has no associated configurations. )) (test-begin "cve") -(test-equal "xml->vulnerabilities" +(test-equal "json->cve-items" + '("CVE-2019-0001" + "CVE-2019-0005" + "CVE-2019-14811" + "CVE-2019-17365" + "CVE-2019-1010180" + "CVE-2019-1010204" + "CVE-2019-18192") + (map (compose cve-id cve-item-cve) + (call-with-input-file %sample json->cve-items))) + +(test-equal "cve-item-published-date" + '(2019) + (delete-duplicates + (map (compose date-year cve-item-published-date) + (call-with-input-file %sample json->cve-items)))) + +(test-equal "json->vulnerabilities" %expected-vulnerabilities - (call-with-input-file %sample xml->vulnerabilities)) + (call-with-input-file %sample json->vulnerabilities)) (test-equal "vulnerabilities->lookup-proc" - (list (list (first %expected-vulnerabilities)) + (list (list (third %expected-vulnerabilities)) ;ghostscript + (list (third %expected-vulnerabilities)) + '() + + (list (fifth %expected-vulnerabilities)) ;gdb + (list (fifth %expected-vulnerabilities)) + + (list (fourth %expected-vulnerabilities)) ;nix '() + + (list (sixth %expected-vulnerabilities)) ;binutils '() - (list (second %expected-vulnerabilities)) - (list (third %expected-vulnerabilities))) - (let* ((vulns (call-with-input-file %sample xml->vulnerabilities)) + (list (sixth %expected-vulnerabilities)) + '()) + (let* ((vulns (call-with-input-file %sample json->vulnerabilities)) (lookup (vulnerabilities->lookup-proc vulns))) - (list (lookup "phpvid") - (lookup "jasper" "2.0") - (lookup "foobar") - (lookup "jasper" "1.900.1") - (lookup "openoffice.org" "2.3.0")))) + (list (lookup "ghostscript") + (lookup "ghostscript" "9.27") + (lookup "ghostscript" "9.28") + (lookup "gdb") + (lookup "gdb" "42.0") + (lookup "nix") + (lookup "nix" "2.4") + (lookup "binutils" "2.31.1") + (lookup "binutils" "2.10") + (lookup "binutils_gold" "1.11") + (lookup "binutils" "2.32")))) (test-end "cve") |