~ruther/guix-local: 4f3e02f198719c98a46aa3060fbd9bececa20f87

4f3e02f1 — Efraim Flashner 10 years ago

gnu: t1lib: Fix CVE-2010-2642, CVE-2011-{0764, 1552, 1553, 1554}.

* gnu/packages/fontutils.scm (t1lib)[source]: Add patches.
* gnu/packages/patches/t1lib-CVE-2010-2642.patch,
gnu/packages/patches/t1lib-CVE-2011-0764.patch,
gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.

321dc4df — Efraim Flashner 10 years ago

download: Update Sourceforge mirrors.

* guix/download.scm (mirrors)[sourceforge]: Update mirror list.

f228aa15 — Efraim Flashner 10 years ago

gnu: dtach: Use 'modify-phases'.

* gnu/packages/screen.scm (dtach)[arguments]: Use 'modify-phases'.

4b23c4b3 — Efraim Flashner 10 years ago

gnu: dtach: Update to 0.9 [Fixes CVE-2012-3368].

* gnu/packages/screen.scm (dtach): Update to 0.9.

b5076461 — Efraim Flashner 10 years ago

gnu: tinyproxy: Update to 1.8.4 [Fixes CVE-2012-3505].

* gnu/packages/web.scm (tinyproxy): Update to 1.8.4.
[source]: Download from new location.
[home-page]: Project has moved to Github.

538884cc — Efraim Flashner 10 years ago

gnu: jansson: Fix CVE-2016-4425.

* gnu/packages/web.scm (jansson)[source]: Add patch.
* gnu/packages/patches/jansson-CVE-2016-4425.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.

9116f126 — Efraim Flashner 10 years ago

gnu: antiword: Fix CVE-2014-8123.

* gnu/packages/textutils.scm (antiword)[source]: Add patch.
* gnu/packages/patches/antiword-CVE-2014-8123: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.

d01f680c — Efraim Flashner 10 years ago

gnu: a2ps: Use 'modify-phases'.

* gnu/packages/pretty-print.scm (a2ps)[arguments]: Use 'modify-phases'.

6447e191 — Efraim Flashner 10 years ago

gnu: a2ps: Fix CVE-2001-1593, CVE-2014-0466.

* gnu/packages/pretty-print.scm (a2ps)[source]: Add patches.
* gnu/packages/patches/a2ps-CVE-2001-1593.patch,
gnu/packages/patches/a2ps-CVE-2014-0466.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.

ccda7c83 — Leo Famulari 10 years ago

gnu: pcre2: Fix CVE-2016-3191.

* gnu/packages/patches/pcre2-CVE-2016-3191.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pcre.scm (pcre2): Use it.

0d567b55 — Leo Famulari 10 years ago

gnu: libyaml: Fix CVE-2014-9130.

* gnu/packages/patches/libyaml-CVE-2014-9130.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/web.scm (libyaml): Use it.

d8862778 — Leo Famulari 10 years ago

gnu: graphicsmagick: Fix CVE-2016-5118.

* gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/imagemagick.scm (graphicsmagick): Use it.

b3d20b82 — Efraim Flashner 10 years ago

gnu: vorbis-tools: Fix CVE-2014-9638, CVE-2014-9639, CVE-2014-9640.

* gnu/packages/xiph.scm (vorbis-tools)[source]: Add patches.
* gnu/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch,
gnu/packages/patches/vorbis-tools-CVE-2014-9640.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.

e99dd67a — Efraim Flashner 10 years ago

gnu: libtar: Fix CVE-2013-4420.

* gnu/packages/compression.scm (libtar)[source]: Add patch.
* gnu/packages/patches/libtar-CVE-2013-4420.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.

This is a follow-up to 89d80159b1da81c4017b46a575c3ec5dd9a96c90.

28dc10a4 — Ludovic Courtès 10 years ago

gnu: glibc: Refer to the target kernel headers when cross-compiling.

This fixes a regression introduced in
efc4eb147512fa7a2c6d74d9b296cfc22b1ef198 whereby the build process
corresponding to 'guix build glibc --target=mips64el-linux-gnu' would
refer to the native headers instead of the target headers, leading to a
build failure:

  ../sysdeps/unix/sysv/linux/statfs64.c: In function ‘__statfs64’:
  ../sysdeps/unix/sysv/linux/statfs64.c:73:1: error: control reaches end of non-void function [-Werror=return-type]
   }
   ^

When we were using CROSS_CPATH instead of CROSS_C_INCLUDE_PATH, the
problem was hidden by the fact that CPATH corresponds to '-I' whereas
C_INCLUDE_PATH corresponds to '-isystem', and '-isystem' directories are
searched after '-I' directories.

* gnu/packages/base.scm (glibc)[arguments]: Refer to the kernel headers
from '%build-target-inputs' when cross-building.

89d80159 — Efraim Flashner 10 years ago

gnu: libtar: Update to 1.2.20 [fixes CVE-2013-4397, CVE-2013-4420].

* gnu/packages/compression.scm (libtar): Update to 1.2.20.
[source]: Add Debian mirror.
[arguments]: Add 'autoconf phase.
[native-inputs]: Add autoconf, automake, libtool.
[inputs]: Add zlib.
[home-page]: Point to temporary home.

43ec6ca0 — Efraim Flashner 10 years ago

gnu: pciutils: Add kmod support.

* gnu/packages/pciutils.scm (pciutils)[inputs]: Add kmod.

0ef7a93d — Efraim Flashner 10 years ago

gnu: pciutils: Use 'modify-phases'.

* gnu/packages/pciutils.scm (pciutils)[arguments]: Use 'modify-phases'.

fb3c8553 — Efraim Flashner 10 years ago

gnu: pciutils: Update to 3.5.1.

* gnu/packages/pciutils.scm (pciutils): Update to 3.5.1.

65da8dd0 — Leo Famulari 10 years ago

gnu: rpm: Fix CVE-2014-8118.

* gnu/packages/patches/rpm-CVE-2014-8118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/package-management.scm (rpm): Use it.