gnu: Add mozjs-24 (Mozilla SpiderMonkey 24).
* gnu/packages/gnuzilla.scm (mozjs-24): New variable.
gnu: icecat: Add several security fixes.
* gnu/packages/patches/icecat-CVE-2015-4513-pt01.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt02.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt03.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt04.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt05.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt06.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt07.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt08.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt09.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt10.patch,
gnu/packages/patches/icecat-CVE-2015-4513-pt11.patch,
gnu/packages/patches/icecat-CVE-2015-7188.patch,
gnu/packages/patches/icecat-CVE-2015-7189.patch,
gnu/packages/patches/icecat-CVE-2015-7193.patch,
gnu/packages/patches/icecat-CVE-2015-7194.patch,
gnu/packages/patches/icecat-CVE-2015-7196.patch,
gnu/packages/patches/icecat-CVE-2015-7197.patch,
gnu/packages/patches/icecat-CVE-2015-7198.patch,
gnu/packages/patches/icecat-CVE-2015-7199.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
gnu: nss: Update to 3.20.1.
* gnu/packages/gnuzilla.scm (nss): Update to 3.20.1.
[source]: Switch to https URI.
gnu: nspr: Update to 4.10.10.
* gnu/packages/gnuzilla.scm (nspr): Update to 4.10.10.
gnu: icecat: Update to 38.3.0-gnu1.
* gnu/packages/patches/icecat-CVE-2015-4473-partial.patch,
gnu/packages/patches/icecat-CVE-2015-4482.patch,
gnu/packages/patches/icecat-CVE-2015-4488.patch,
gnu/packages/patches/icecat-CVE-2015-4489.patch,
gnu/packages/patches/icecat-CVE-2015-4491.patch,
gnu/packages/patches/icecat-CVE-2015-4492.patch,
gnu/packages/patches/icecat-CVE-2015-4495.patch,
gnu/packages/patches/icecat-enable-acceleration-and-webgl.patch,
gnu/packages/patches/icecat-libvpx-1.4.patch: Delete files.
* gnu/packages/patches/icecat-avoid-bundled-includes.patch: New file.
* gnu-system.am (dist_patch_DATA): Add new patch. Remove the deleted ones.
* gnu/packages/gnuzilla.scm (icecat): Update to 38.3.0-gnu1.
[source]: Add new patch. Remove the deleted ones.
[inputs]: Add libxcomposite.
[arguments]: Add 'ensure-no-mtimes-pre-1980' phase. Adapt
'remove-h264parse-from-blacklist' and
'arrange-to-link-libxul-with-libraries-it-might-dlopen' phases to the
new version.
Merge branch 'core-updates'
gnu: Use 'install-file' instead of 'mkdir-p' and 'copy-file' in obvious cases.
* gnu/packages/bioinformatics.scm (bedtools, bowtie, bwa, hisat, samtools,
plink, star): Use 'install-file' instead of 'mkdir-p' + 'copy-file'.
* gnu/packages/check.scm (catch-framework): Likewise.
* gnu/packages/code.scm (global): Likewise.
* gnu/packages/emacs.scm (magit-svn, haskell-mode, emacs-pdf-tools):
Likewise.
* gnu/packages/engineering.scm (fastcap, fasthenry): Likewise.
* gnu/packages/gnuzilla.scm (nss): Likewise.
* gnu/packages/guile.scm (guile-minikanren): Likewise.
* gnu/packages/java.scm (swt): Likewise.
* gnu/packages/make-bootstrap.scm (%static-binaries): Likewise.
* gnu/packages/maths.scm (lpsolve): Likewise.
* gnu/packages/mp3.scm (mpc123): Likewise.
* gnu/packages/ninja.scm (ninja): Likewise.
* gnu/packages/python.scm (python-numpy, python-pyparsing): Likewise.
* gnu/packages/screen.scm (dtach): Likewise.
* gnu/packages/synergy.scm (synergy): Likewise.
* gnu/packages/textutils.scm (utf8proc): Likewise.
* gnu/packages/version-control.scm (git-test-sequence): Likewise.
* gnu/packages/wicd.scm (wicd): Likewise.
gnu: icecat: Add fixes for CVE-2015-{4473,4482,4488,4489,4491,4492}.
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable
to backport some of the patches (for upstream bugs 1182711 and 1146213). I
was also unable to backport CVE-2015-4484 (upstream bug 1171540) and
CVE-2015-4487 (upstream bug 1171603). I was unable to find any commit in the
upstream repository that claims to address bug 1105914 (CVE-2015-4478).
* gnu/packages/patches/icecat-CVE-2015-4473-partial.patch,
gnu/packages/patches/icecat-CVE-2015-4482.patch,
gnu/packages/patches/icecat-CVE-2015-4488.patch,
gnu/packages/patches/icecat-CVE-2015-4489.patch,
gnu/packages/patches/icecat-CVE-2015-4491.patch,
gnu/packages/patches/icecat-CVE-2015-4492.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
gnu: icecat: Add fix for CVE-2015-4495.
* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Move the 'patches'
field above the snippet.
Merge branch 'core-updates'
gnu: icecat: Add patch to adapt to freetype 2.6.
* gnu/packages/patches/icecat-freetype-2.6.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.
Merge branch 'master' into core-updates
gnu: icecat: Update to 31.8.0-gnu1.
* gnu/packages/patches/icecat-enable-acceleration-and-webgl.patch: New file.
* gnu/packages/patches/icecat-CVE-2015-2722-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2722-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt3.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt4.patch,
gnu/packages/patches/icecat-CVE-2015-2728-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2728-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2733-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2733-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2735.patch,
gnu/packages/patches/icecat-CVE-2015-2736.patch,
gnu/packages/patches/icecat-CVE-2015-2738.patch,
gnu/packages/patches/icecat-CVE-2015-2739.patch,
gnu/packages/patches/icecat-CVE-2015-2740.patch,
gnu/packages/patches/icecat-CVE-2015-2743.patch: Remove files.
* gnu-system.am (dist_patch_DATA): Remove them, and add the new file.
* gnu/packages/gnuzilla.scm (icecat): Update to 31.8.0-gnu1. Remove the
outdated patches and add the new one.
gnu: nss: Upgrade to 3.19.2.
* gnu/packages/gnuzilla.scm (nss): Upgrade to 3.19.2.
gnu: nss: Update to 3.19.2.
* gnu/packages/gnuzilla.scm (nss): Update to 3.19.2.
gnu: icecat: Fix build against libvpx 1.4.
* gnu/packages/patches/icecat-libvpx-1.4.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.
gnu: icecat: Add support for WebGL, CUPS, Hunspell, startup-notification, etc.
Also remove most bundled libraries from the source, add comments about
libraries yet to be unbundled, explicitly link libxul.so with libraries that
might try (and fail) to dlopen, and remove the h264parse gstreamer module from
the blacklist.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add snippet.
[inputs]: Add cups, gdk-pixbuf, glib, hunspell, libcanberra, libgnome,
libxinerama, libxscrnsaver, mit-krb5, and startup-notification.
[arguments]<#:configure-flags>: add "--enable-default-toolkit=cairo-gtk2",
"--enable-pango", "--enable-gio", "--enable-svg", "--enable-canvas",
"--enable-mathml", "--enable-startup-notification", "--disable-gnomevfs",
"--disable-gconf", "--disable-gnomeui", and "--enable-system-hunspell".
Remove outdated comment about "--with-system-bz2" not being used.
<#:phases>: Use 'modify-phases'. Add 'remove-h264parse-from-blacklist'
and 'arrange-to-link-libxul-with-libraries-it-might-dlopen' phases.
gnu: icecat: Fix CVE-2015-{2722,2724,2728,2733,2735,2736,2738,2739,2740,2743}.
* gnu/packages/patches/icecat-CVE-2015-2722-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2722-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt3.patch,
gnu/packages/patches/icecat-CVE-2015-2724-pt4.patch,
gnu/packages/patches/icecat-CVE-2015-2728-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2728-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2733-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2733-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2735.patch,
gnu/packages/patches/icecat-CVE-2015-2736.patch,
gnu/packages/patches/icecat-CVE-2015-2738.patch,
gnu/packages/patches/icecat-CVE-2015-2739.patch,
gnu/packages/patches/icecat-CVE-2015-2740.patch,
gnu/packages/patches/icecat-CVE-2015-2743.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
Merge branch 'master' into core-updates
gnu: icecat: Update to 31.7.0-gnu1.
* gnu/packages/patches/icecat-CVE-2015-0797.patch,
gnu/packages/patches/icecat-CVE-2015-2708-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2708-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2708-pt3.patch,
gnu/packages/patches/icecat-CVE-2015-2708-pt4.patch,
gnu/packages/patches/icecat-CVE-2015-2710-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2710-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2710-pt3.patch,
gnu/packages/patches/icecat-CVE-2015-2713-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-2713-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-2716.patch: Remove files.
* gnu-system.am (dist_patch_DATA): Remove them.
* gnu/packages/gnuzilla.scm (icecat): Update to 31.7.0-gnu1. Remove patches.