aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* services: urandom-seed: Set umask to 077 while shutting down.Leo Famulari2016-05-31
| | | | * gnu/services/base.scm (urandom-seed-shepherd-service): Call 'umask'.
* gnu: libxml2: Update replacement to 2.9.4 [security fixes].Leo Famulari2016-05-30
| | | | | | | | | | | This fixes CVE-2016-{1762, 1833, 1834, 1835, 1836, 1837, 1838, 1839, 1840, 3627, 3705, 4483}. * gnu/packages/patches/libxml2-CVE-2016-3627.patch, gnu/packages/patches/libxml2-CVE-2016-3705.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/xml.scm (libxml2/fixed): Update to 2.9.4. [source]: Remove patches.
* container: Gracefully report mount errors in the child process.Ludovic Courtès2016-05-31
| | | | | | | | | | | | | Fixes <http://bugs.gnu.org/23306>. * gnu/build/linux-container.scm (run-container): Use 'socketpair' instead of 'pipe'. Rename 'in' to 'child' and 'out' to 'parent'. Send a 'ready message or an exception argument list from the child to the parent; adjust the parent accordingly. * tests/containers.scm ("call-with-container, mnt namespace, wrong bind mount"): New test. * tests/guix-environment-container.sh: Add test with --expose=/does-not-exist.
* container: Gracefully handle failure to set up user namespaces.Ludovic Courtès2016-05-31
| | | | | * gnu/build/linux-container.scm (run-container): Exit when the parent process doesn't say 'ready.
* download: Update CPAN mirrors.Efraim Flashner2016-05-31
| | | | * guix/download.scm (mirrors)[cpan]: Add to mirror list.
* gnu: vapoursynth: Update to 32.Efraim Flashner2016-05-30
| | | | * gnu/packages/video.scm (vapoursynth): Update to 32.
* gnu: Add zimg.Efraim Flashner2016-05-30
| | | | * gnu/packages/image.scm (zimg): New variable.
* gnu: mcrypt: Fix CVE-2012-4409, CVE-2012-4426, CVE-2012-4527.Efraim Flashner2016-05-30
| | | | | | | | * gnu/packages/mcrypt.scm (mcrypt)[source]: Add patches. * gnu/packages/patches/mcrypt-CVE-2012-4409.patch, gnu/packages/patches/mcrypt-CVE-2012-4426.patch, gnu/packages/patches/mcrypt-CVE-2012-4527.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
* gnu: imagemagick: Update to 6.9.4-5.Leo Famulari2016-05-30
| | | | * gnu/packages/imagemagick.scm (imagemagick): Update to 6.9.4-5.
* gnu: Remove xgcc-avr.David Thompson2016-05-30
| | | | | | | We now have a dedicated package module for the AVR toolchain with important modifications on top of what cross-gcc produces. * gnu/packages/cross-base.scm (xgcc-avr): Delete.
* gnu: Add avr-toolchain.David Thompson2016-05-30
| | | | | * gnu/packages/avr.scm (avr-toolchain): New procedure. (avr-toolchain-4.9, avr-toolchain-5): New variables.
* gnu: avr-libc: Update to 2.0.0.David Thompson2016-05-30
| | | | * gnu/packages/avr.scm (avr-libc): Update to 2.0.0.
* gnu: avr-libc: Fix build.David Thompson2016-05-30
| | | | | | * gnu/packages/avr.scm (avr-libc): Update to 2.0.0. [native-inputs]: Use new avr-gcc and avr-binutils. [arguments]: Add phase to unset C_INCLUDE_PATH.
* gnu: Add avr-gcc-5.David Thompson2016-05-30
| | | | * gnu/packages/avr.scm (avr-gcc-5): New variable.
* gnu: Add avr-gcc.David Thompson2016-05-30
| | | | * gnu/packages/avr.scm (avr-gcc): New variable.
* gnu: Add avr-binutils.David Thompson2016-05-30
| | | | * gnu/packages/avr.scm (avr-binutils): New variable.
* gnu: wordnet: Use 'modify-phases'.Efraim Flashner2016-05-30
| | | | * gnu/packages/wordnet.scm (wordnet)[arguments]: Use 'modify-phases'.
* gnu: wordnet: Fix CVE-2008-2149, CVE-2008-3908.Efraim Flashner2016-05-30
| | | | | | | | * gnu/packages/wordnet.scm (wordnet)[source]: Add patches. * gnu/packages/patches/wordnet-CVE-2008-2149.patch, gnu/packages/patches/wordnet-CVE-2008-3908-pt1.patch, gnu/packages/patches/wordnet-CVE-2008-3908-pt2.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
* gnu: id3lib: Fix CVE-2007-4460.Efraim Flashner2016-05-30
| | | | | | * gnu/packages/mp3.scm (id3lib)[source]: Add patch. * gnu/packages/patches/id3lib-CVE-2007-4460.patch: New variable. * gnu/local.mk (dist_patch_DATA): Add it.
* gnu: cyrus-sasl: Update URLs.Leo Famulari2016-05-30
| | | | | * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[source]: Use HTTPS URL. [home-page]: Update home-page URL.
* gnu: devil: Fix CVE-2009-3994.Leo Famulari2016-05-30
| | | | | | * gnu/packages/patches/devil-CVE-2009-3994.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (devil): Use it.
* gnu: iptables: Update to 1.4.21.Leo Famulari2016-05-30
| | | | * gnu/packages/linux.scm (iptables): Update to 1.4.21.
* gnu: Add emacs-better-defaults.David Thompson2016-05-30
| | | | * gnu/packages/emacs.scm (emacs-better-defaults): New variable.
* gnu: emacs: Remove uncompressed-file-fetch.David Thompson2016-05-30
| | | | | | * gnu/packages/emacs.scm (uncompressed-file-fetch): Delete. (emacs-rfcview, emacs-ffap-rfc-space, emacs-queue, emacs-spinner): Replace uncompressed-file-fetch with url-fetch.
* build: emacs: Handle sources that are a single elisp file.David Thompson2016-05-30
| | | | | | * guix/build/emacs-build-system.scm (gnu:unpack) (store-file->elisp-source-file, unpack): New procedures. (%standard-phases): Use the new unpack procedure.
* gnu: Add emacs-seq.humanitiesNerd2016-05-30
| | | | | | * gnu/packages/emacs.scm (emacs-seq): New variable. Signed-off-by: Alex Kost <alezost@gmail.com>
* gnu: Add emacs-spinner.humanitiesNerd2016-05-30
| | | | | | * gnu/packages/emacs.scm (emacs-spinner): New variable. Signed-off-by: Alex Kost <alezost@gmail.com>
* gnu: Add emacs-pkg-info.humanitiesNerd2016-05-30
| | | | | | * gnu/packages/emacs.scm (emacs-pkg-info): New variable. Signed-off-by: Alex Kost <alezost@gmail.com>
* gnu: Add emacs-queue.humanitiesNerd2016-05-30
| | | | | | * gnu/packages/emacs.scm (emacs-queue): New variable. Signed-off-by: Alex Kost <alezost@gmail.com>
* gnu: emacs: Fix indentation of scheme keyword lists.Alex Kost2016-05-30
| | | | | | * gnu/packages/patches/emacs-fix-scheme-indent-function.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/emacs.scm (emacs)[source]: Use it.
* gnu: gegl: Fix CVE-2012-4433.Efraim Flashner2016-05-30
| | | | | | * gnu/packages/gimp.scm (gegl)[source]: Add patch. * gnu/packages/patches/gegl-CVE-2012-4433.patch: New variable. * gnu/local.mk (dist_patch_DATA): Add it.
* gnu: vte-0.28: Fix CVE-2012-2738.Efraim Flashner2016-05-30
| | | | | | | * gnu/packages/gnome.scm (vte-0.28)[source]: Add patches. * gnu/packages/patches/vte-CVE-2012-2738-pt1.patch, gnu/packages/patches/vte-CVE-2012-2738-pt2.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
* gnu: t1lib: Fix CVE-2010-2642, CVE-2011-{0764, 1552, 1553, 1554}.Efraim Flashner2016-05-30
| | | | | | | | * gnu/packages/fontutils.scm (t1lib)[source]: Add patches. * gnu/packages/patches/t1lib-CVE-2010-2642.patch, gnu/packages/patches/t1lib-CVE-2011-0764.patch, gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
* download: Update Sourceforge mirrors.Efraim Flashner2016-05-30
| | | | * guix/download.scm (mirrors)[sourceforge]: Update mirror list.
* gnu: dtach: Use 'modify-phases'.Efraim Flashner2016-05-30
| | | | * gnu/packages/screen.scm (dtach)[arguments]: Use 'modify-phases'.
* gnu: dtach: Update to 0.9 [Fixes CVE-2012-3368].Efraim Flashner2016-05-30
| | | | * gnu/packages/screen.scm (dtach): Update to 0.9.
* gnu: tinyproxy: Update to 1.8.4 [Fixes CVE-2012-3505].Efraim Flashner2016-05-30
| | | | | | * gnu/packages/web.scm (tinyproxy): Update to 1.8.4. [source]: Download from new location. [home-page]: Project has moved to Github.
* gnu: jansson: Fix CVE-2016-4425.Efraim Flashner2016-05-30
| | | | | | * gnu/packages/web.scm (jansson)[source]: Add patch. * gnu/packages/patches/jansson-CVE-2016-4425.patch: New variable. * gnu/local.mk (dist_patch_DATA): Add it.
* gnu: antiword: Fix CVE-2014-8123.Efraim Flashner2016-05-30
| | | | | | * gnu/packages/textutils.scm (antiword)[source]: Add patch. * gnu/packages/patches/antiword-CVE-2014-8123: New variable. * gnu/local.mk (dist_patch_DATA): Add it.
* gnu: a2ps: Use 'modify-phases'.Efraim Flashner2016-05-30
| | | | * gnu/packages/pretty-print.scm (a2ps)[arguments]: Use 'modify-phases'.
* gnu: a2ps: Fix CVE-2001-1593, CVE-2014-0466.Efraim Flashner2016-05-30
| | | | | | | * gnu/packages/pretty-print.scm (a2ps)[source]: Add patches. * gnu/packages/patches/a2ps-CVE-2001-1593.patch, gnu/packages/patches/a2ps-CVE-2014-0466.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
* gnu: pcre2: Fix CVE-2016-3191.Leo Famulari2016-05-29
| | | | | | * gnu/packages/patches/pcre2-CVE-2016-3191.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pcre.scm (pcre2): Use it.
* gnu: libyaml: Fix CVE-2014-9130.Leo Famulari2016-05-29
| | | | | | * gnu/packages/patches/libyaml-CVE-2014-9130.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/web.scm (libyaml): Use it.
* gnu: graphicsmagick: Fix CVE-2016-5118.Leo Famulari2016-05-29
| | | | | | * gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/imagemagick.scm (graphicsmagick): Use it.
* gnu: vorbis-tools: Fix CVE-2014-9638, CVE-2014-9639, CVE-2014-9640.Efraim Flashner2016-05-30
| | | | | | | * gnu/packages/xiph.scm (vorbis-tools)[source]: Add patches. * gnu/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch, gnu/packages/patches/vorbis-tools-CVE-2014-9640.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
* gnu: libtar: Fix CVE-2013-4420.Efraim Flashner2016-05-30
| | | | | | | | * gnu/packages/compression.scm (libtar)[source]: Add patch. * gnu/packages/patches/libtar-CVE-2013-4420.patch: New variable. * gnu/local.mk (dist_patch_DATA): Add it. This is a follow-up to 89d80159b1da81c4017b46a575c3ec5dd9a96c90.
* gnu: glibc: Refer to the target kernel headers when cross-compiling.Ludovic Courtès2016-05-30
| | | | | | | | | | | | | | | | | | | | | This fixes a regression introduced in efc4eb147512fa7a2c6d74d9b296cfc22b1ef198 whereby the build process corresponding to 'guix build glibc --target=mips64el-linux-gnu' would refer to the native headers instead of the target headers, leading to a build failure: ../sysdeps/unix/sysv/linux/statfs64.c: In function ‘__statfs64’: ../sysdeps/unix/sysv/linux/statfs64.c:73:1: error: control reaches end of non-void function [-Werror=return-type] } ^ When we were using CROSS_CPATH instead of CROSS_C_INCLUDE_PATH, the problem was hidden by the fact that CPATH corresponds to '-I' whereas C_INCLUDE_PATH corresponds to '-isystem', and '-isystem' directories are searched after '-I' directories. * gnu/packages/base.scm (glibc)[arguments]: Refer to the kernel headers from '%build-target-inputs' when cross-building.
* gnu: libtar: Update to 1.2.20 [fixes CVE-2013-4397, CVE-2013-4420].Efraim Flashner2016-05-29
| | | | | | | | | * gnu/packages/compression.scm (libtar): Update to 1.2.20. [source]: Add Debian mirror. [arguments]: Add 'autoconf phase. [native-inputs]: Add autoconf, automake, libtool. [inputs]: Add zlib. [home-page]: Point to temporary home.
* gnu: pciutils: Add kmod support.Efraim Flashner2016-05-29
| | | | * gnu/packages/pciutils.scm (pciutils)[inputs]: Add kmod.
* gnu: pciutils: Use 'modify-phases'.Efraim Flashner2016-05-29
| | | | * gnu/packages/pciutils.scm (pciutils)[arguments]: Use 'modify-phases'.