diff options
| author | Leo Famulari <leo@famulari.name> | 2016-10-30 19:19:21 -0400 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2016-10-30 19:19:21 -0400 |
| commit | 205f0107bb894745ee740227c090ff90ee599915 (patch) | |
| tree | 08b2ddba47ce404468d6aba31b768e013dfb1fa3 /gnu/packages | |
| parent | a8dd960ac0c68957dac281812f0d16f1295a6eaa (diff) | |
| parent | b89cbf5832fd920ef85002041bc690204b0174a3 (diff) | |
| download | patches-205f0107bb894745ee740227c090ff90ee599915.tar patches-205f0107bb894745ee740227c090ff90ee599915.tar.gz | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages')
| -rw-r--r-- | gnu/packages/emacs.scm | 4 | ||||
| -rw-r--r-- | gnu/packages/image.scm | 19 | ||||
| -rw-r--r-- | gnu/packages/libusb.scm | 11 | ||||
| -rw-r--r-- | gnu/packages/networking.scm | 34 | ||||
| -rw-r--r-- | gnu/packages/package-management.scm | 22 | ||||
| -rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-5652.patch | 47 | ||||
| -rw-r--r-- | gnu/packages/python.scm | 29 | ||||
| -rw-r--r-- | gnu/packages/samba.scm | 8 | ||||
| -rw-r--r-- | gnu/packages/version-control.scm | 6 |
9 files changed, 154 insertions, 26 deletions
diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 7c147845fd..2c76b46e54 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -1652,14 +1652,14 @@ source code using IPython.") (define-public emacs-debbugs (package (name "emacs-debbugs") - (version "0.9") + (version "0.11") (source (origin (method url-fetch) (uri (string-append "https://elpa.gnu.org/packages/debbugs-" version ".tar")) (sha256 (base32 - "1wc6kw7hihqqdx8qyl01akygycnan44x400hwrcf54m3hb4isa0k")))) + "10v9s7ayvfzd6j6hqfc9zihxgmsc2j0xhxrgy3ah30qkqn6z8w6n")))) (build-system emacs-build-system) (propagated-inputs `(("emacs-async" ,emacs-async))) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 43e8622c76..6cfc6e5be1 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -186,6 +186,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") + (replacement libtiff/fixed) (version "4.0.6") (source (origin (method url-fetch) @@ -225,6 +226,24 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.remotesensing.org/libtiff/"))) +(define libtiff/fixed + (package + (inherit libtiff) + (source (origin + (inherit (package-source libtiff)) + (patches (search-patches + "libtiff-oob-accesses-in-decode.patch" + "libtiff-oob-write-in-nextdecode.patch" + "libtiff-CVE-2015-8665+CVE-2015-8683.patch" + "libtiff-CVE-2016-3623.patch" + "libtiff-CVE-2016-3945.patch" + "libtiff-CVE-2016-3990.patch" + "libtiff-CVE-2016-3991.patch" + "libtiff-CVE-2016-5314.patch" + "libtiff-CVE-2016-5321.patch" + "libtiff-CVE-2016-5323.patch" + "libtiff-CVE-2016-5652.patch")))))) + (define-public libwmf (package (name "libwmf") diff --git a/gnu/packages/libusb.scm b/gnu/packages/libusb.scm index fe1bed1768..2c66eca372 100644 --- a/gnu/packages/libusb.scm +++ b/gnu/packages/libusb.scm @@ -105,7 +105,8 @@ version of libusb to run with newer libusb.") (build-system python-build-system) (arguments `(#:tests? #f ;no tests - #:modules ((srfi srfi-26) + #:modules ((srfi srfi-1) + (srfi srfi-26) (guix build utils) (guix build python-build-system)) #:phases @@ -116,11 +117,9 @@ version of libusb to run with newer libusb.") (("lib = locate_library\\(candidates, find_library\\)") (string-append "lib = \"" - (car (find-files (assoc-ref inputs "libusb") - (lambda (file stat) - (and ((file-name-predicate - "^libusb-.*\\.so\\..*") file stat) - (not (symbolic-link? file)))))) + (find (negate symbolic-link?) + (find-files (assoc-ref inputs "libusb") + "^libusb-.*\\.so\\..*")) "\""))) #t))))) (inputs diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index a348d07609..1bcdecf22a 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -991,3 +991,37 @@ the bandwidth, loss, and other parameters.") license:ncsa ; src/{units,iperf_locale,tcp_window_size}.c license:expat ; src/{cjson,net}.[ch] license:public-domain)))) ; src/portable_endian.h + +(define-public nethogs + (package + (name "nethogs") + (version "0.8.5") + (source (origin + (method url-fetch) + (uri (string-append "https://github.com/raboof/nethogs/archive/v" + version ".tar.gz")) + (sha256 + (base32 + "1k4x8r7s4dgcb6n2rjn28h2yyij92mwm69phncl3597cdxr954va")) + (file-name (string-append name "-" version ".tar.gz")))) + (build-system gnu-build-system) + (inputs + `(("libpcap" ,libpcap) + ("ncurses" ,ncurses))) + (arguments + `(#:make-flags `("CC=gcc" + ,(string-append "PREFIX=" %output)) + #:phases + (modify-phases %standard-phases + (delete 'configure)))) ; No ./configure script. + (home-page "https://github.com/raboof/nethogs") + (synopsis "Per-process bandwidth monitor") + (description "NetHogs is a small 'net top' tool for Linux. Instead of +breaking the traffic down per protocol or per subnet, like most tools do, it +groups bandwidth by process. + +NetHogs does not rely on a special kernel module to be loaded. If there's +suddenly a lot of network traffic, you can fire up NetHogs and immediately see +which PID is causing this. This makes it easy to identify programs that have +gone wild and are suddenly taking up your bandwidth.") + (license license:gpl2+))) diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 591f60307e..7c1ba846c9 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -159,7 +159,17 @@ #t)))))) (native-inputs `(("pkg-config" ,pkg-config) - ("emacs" ,emacs-minimal))) ;for guix.el + ("emacs" ,emacs-minimal) ;for guix.el + + ;; XXX: Keep the development inputs here even though + ;; they're unnecessary, just so that 'guix environment + ;; guix' always contains them. + ("autoconf" ,(autoconf-wrapper)) + ("automake" ,automake) + ("gettext" ,gnu-gettext) + ("texinfo" ,texinfo) + ("graphviz" ,graphviz) + ("help2man" ,help2man))) (inputs (let ((boot-guile (lambda (arch hash) (origin @@ -243,15 +253,7 @@ the Nix package manager.") (chmod po #o666)) (find-files "." "\\.po$")) - (zero? (system* "sh" "bootstrap")))))))) - (native-inputs - `(("autoconf" ,(autoconf-wrapper)) - ("automake" ,automake) - ("gettext" ,gettext-minimal) - ("texinfo" ,texinfo) - ("graphviz" ,graphviz) - ("help2man" ,help2man) - ,@(package-native-inputs guix-0.11.0)))))) + (zero? (system* "sh" "bootstrap"))))))))))) (define-public guix guix-devel) diff --git a/gnu/packages/patches/libtiff-CVE-2016-5652.patch b/gnu/packages/patches/libtiff-CVE-2016-5652.patch new file mode 100644 index 0000000000..54b87d0185 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-5652.patch @@ -0,0 +1,47 @@ +Fix CVE-2016-5652 (buffer overflow in t2p_readwrite_pdf_image_tile()). + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652 + +Patches exfiltrated from upstream CVS repo with: +cvs diff -u -r 1.92 -r 1.94 tools/tiff2pdf.c + +Index: tools/tiff2pdf.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v +retrieving revision 1.92 +retrieving revision 1.94 +diff -u -r1.92 -r1.94 +--- a/tools/tiff2pdf.c 23 Sep 2016 22:12:18 -0000 1.92 ++++ b/tools/tiff2pdf.c 9 Oct 2016 11:03:36 -0000 1.94 +@@ -2887,21 +2887,24 @@ + return(0); + } + if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { +- if (count > 0) { +- _TIFFmemcpy(buffer, jpt, count); ++ if (count >= 4) { ++ /* Ignore EOI marker of JpegTables */ ++ _TIFFmemcpy(buffer, jpt, count - 2); + bufferoffset += count - 2; ++ /* Store last 2 bytes of the JpegTables */ + table_end[0] = buffer[bufferoffset-2]; + table_end[1] = buffer[bufferoffset-1]; +- } +- if (count > 0) { + xuint32 = bufferoffset; ++ bufferoffset -= 2; + bufferoffset += TIFFReadRawTile( + input, + tile, +- (tdata_t) &(((unsigned char*)buffer)[bufferoffset-2]), ++ (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), + -1); +- buffer[xuint32-2]=table_end[0]; +- buffer[xuint32-1]=table_end[1]; ++ /* Overwrite SOI marker of image scan with previously */ ++ /* saved end of JpegTables */ ++ buffer[xuint32-2]=table_end[0]; ++ buffer[xuint32-1]=table_end[1]; + } else { + bufferoffset += TIFFReadRawTile( + input, diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 9c7320f41e..5df774fd10 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -5307,7 +5307,7 @@ connection to each user.") (version "1.9.5") (source (origin (method url-fetch) - (uri (string-append "http://waf.io/" + (uri (string-append "https://waf.io/" "waf-" version ".tar.bz2")) (sha256 (base32 @@ -11569,3 +11569,30 @@ useful as a validator for JSON data.") (define-public python2-pyev (package-with-python2 python-pyev)) + +(define-public python-imagesize + (package + (name "python-imagesize") + (version "0.7.1") + (source + (origin + (method url-fetch) + (uri (pypi-uri "imagesize" version)) + (sha256 + (base32 + "0qk07k0z4241lkzzjji7z4da04pcvg7bfc4xz1934zlqhwmwdcha")))) + (build-system python-build-system) + (home-page "https://github.com/shibukawa/imagesize_py") + (synopsis "Gets image size of files in variaous formats in Python") + (description + "This package allows determination of image size from +PNG, JPEG, JPEG2000 and GIF files in pure Python.") + (license license:expat) + (properties `((python2-variant . ,(delay python2-imagesize)))))) + +(define-public python2-imagesize + (let ((base (package-with-python2 (strip-python2-variant python-imagesize)))) + (package + (inherit base) + (native-inputs `(("python2-setuptools" ,python2-setuptools) + ,@(package-native-inputs base)))))) diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm index 45fa47b3c8..1706ec3030 100644 --- a/gnu/packages/samba.scm +++ b/gnu/packages/samba.scm @@ -98,14 +98,14 @@ anywhere.") (define-public samba (package (name "samba") - (version "4.5.0") + (version "4.5.1") (source (origin (method url-fetch) - (uri (string-append "https://download.samba.org/pub/samba/stable/samba-" - version ".tar.gz")) + (uri (string-append "https://download.samba.org/pub/samba/stable/" + "samba-" version ".tar.gz")) (sha256 (base32 - "11mmyqag2i4yy6dikcggw776n0laxxr0rxhry72x5pa6nwws9afk")))) + "11ghsfvqxzfv8gnl62jfnpil9cwd04gak8sx5qcg6zv7d7h079xh")))) (build-system gnu-build-system) (arguments '(#:phases diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index 4ca5a97311..1f7d60148c 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -112,14 +112,14 @@ as well as the classic centralized workflow.") (define-public git (package (name "git") - (version "2.10.1") + (version "2.10.2") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/software/scm/git/git-" version ".tar.xz")) (sha256 (base32 - "1ijd1b6szvfw0dmqa3dz1m5g5hbkl9xkb86a9qcjrz0w0vwjvhx9")))) + "0wc64dzcxrzgi6kwcljz6y3cwm3ajdgf6aws7g58azbhvl1jk04l")))) (build-system gnu-build-system) (native-inputs `(("native-perl" ,perl) @@ -132,7 +132,7 @@ as well as the classic centralized workflow.") version ".tar.xz")) (sha256 (base32 - "049n4ashc1i0rzg19zw1h4hf1qhv1vhpjr5c3jqdcljj4yp7mzw9")))))) + "0vxaz23vf3ki0q5zgn6mxr9x1hjryqn1hsmgyrgdk6h3yqbs7c43")))))) (inputs `(("curl" ,curl) ("expat" ,expat) |