gnu: newsbeuter: Fix CVE-2017-14500.
* gnu/packages/syndication.scm (newsbeuter)[source]: Add patch.
* gnu/packages/patches/newsbeuter-CVE-2017-14500.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
gnu: httpd: Patch "options bleed" [fixes CVE-2017-9798].
* gnu/packages/patches/httpd-CVE-2017-9798.patch: New file.
* gnu/packages/web.scm (httpd)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
gnu: certbot: Fix build with python-pyopenssl >= 17.3.0.
* gnu/packages/patches/python-acme-dont-use-openssl-rand.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/tls.scm (python-acme)[source]: Use it.
gnu: ruby-2.2: Update to 2.2.8. Fix CVE-2017-{0898,10784,14033,14064}.
* gnu/packages/ruby.scm (ruby-2.2): Update to 2.2.8.
[source]: Remove patch.
* gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
gnu: ruby-2.3: Update to 2.3.5. Fix CVE-2017-{0898,10784,14033,14064}.
* gnu/packages/ruby.scm (ruby-2.3): Update to 2.3.5.
[source]: Remove patch.
* gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
ruby: Update replacement to 2.4.2. Fix CVE-2017-{0898,10784,14033,14064}.
* gnu/packages/ruby.scm (ruby): Update replacement to 2.4.2.
(ruby-2.4.1): Rename to ...
(ruby-2.4.2): ... this.
[source]: Remove patches.
* gnu/packages/patches/ruby-rubygems-2612-ruby24.patch,
gnu/packages/patches/ruby-rubygems-2613-ruby24.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
gnu: Add meson-for-build.
* gnu/packages/build-tools.scm (meson-for-build): New variable.
* gnu/packages/patches/meson-for-build-rpath.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
gnu: Add openfoam.
*gnu/packages/patches/openfoam-4.1-cleanup.patch: New file
*gnu/packages/simulation.scm: New file
*gnu/local.mk (GNU_SYSTEM_MODULES): Add module.
(dist_patch_DATA): Add patch.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
gnu: Add gnucobol.
* gnu/packages/cobol.scm (gnucobol): New variable.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
gnu: graphicsmagick: Fix CVE-2017-{11403,14103}.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patch.
* gnu/packages/patches/graphicsmagick-CVE-2017-11403+CVE-2017-14103.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Register it.
gnu: bluez: Add replacement to fix CVE-2017-1000250.
* gnu/packages/patches/bluez-CVE-2017-1000250.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (bluez)[replacement]: New field.
(bluez/fixed): New variable.
file-systems: Introduce (gnu system uuid).
* gnu/build/file-systems.scm (sub-bytevector)
(latin1->string, %fat32-endianness, fat32-uuid->string)
(%iso9660-uuid-rx, string->iso9660-uuid)
(iso9660-uuid->string, %network-byte-order)
(dce-uuid->string, %uuid-rx, string->dce-uuid)
(string->ext2-uuid, string->ext3-uuid, string->ext4-uuid)
(vhashq, %uuid-parsers, %uuid-printers, string->uuid)
(uuid->string): Move to...
* gnu/system/uuid.scm: ... here. New file.
* gnu/system/file-systems.scm (uuid): Move to the above file.
* gnu/system/vm.scm: Adjust accordingly.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add uuid.scm.
gnu: emacs: Patch message-mode enriched text translation [security fix].
* gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch:
New file.
* gnu/packages/emacs.scm (emacs)[source](patches): Add it.
* gnu/local.mk (dist_patch_DATA): Add it.
gnu: openjpeg: Fix CVE-2017-14164.
* gnu/packages/image.scm (openjpeg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-14164.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
gnu: graphicsmagick: Fix CVE-2017-14165.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patch.
* gnu/packages/patches/graphicsmagick-CVE-2017-14165.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
gnu: graphicsmagick: Fix CVE-2017-14042.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Add patch.
* gnu/packages/patches/graphicsmagick-CVE-2017-14042.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
gnu: foomatic-filters: Add missing patches.
This is a followup to commit d02aabaf1b57eda3ef052c70df1322f915e7c736.
* gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
* gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.
gnu: elogind: Use itself as the cgroup controller.
Fixes a regression introduced in
fa67d5654176b4b815832eaf259188e1486c65ab whereby elogind would fail to
start with:
Cannot determine cgroup we are running in: No data available
Out of memory.
thereby preventing log-in altogether.
* gnu/packages/freedesktop.scm (elogind)[arguments]: Pass
"--with-cgroup-controller=elogind".
* gnu/tests/desktop.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
gnu: tcpdump: Update to 4.9.2 [security fixes].
Fixes CVE-2017-{12893,12894,12895,12896,12897,12898,12899,12900,12901,12902,
12985,12986,12987,12988,12989,12990,12991,12992,12993,12994,12995,12996,12997,
12998,12999,13000,13001,13002,13003,13004,13005,13006,13007,13008,13009,13010,
13012,13013,13014,13015,13016,13017,13018,13019,13020,13021,13022,13023,13024,
13025,13026,13027,13028,13029,13030,13031,13032,13033,13034,13035,13036,13037,
13038,13039,13040,13041,13042,13043,13044,13045,13046,13047,13048,13049,13050,
13051,13052,13053,13054,13055,13687,13688,13689,13690,13725}.
* gnu/packages/admin.scm (tcpdump): Update to 4.9.2.
[source]: Remove patches and add alternate source URL.
* gnu/packages/patches/tcpdump-CVE-2017-11541.patch,
gnu/packages/patches/tcpdump-CVE-2017-11542.patch,
gnu/packages/patches/tcpdump-CVE-2017-11543.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
gnu: qemu: Fix CVE-2017-{13711,14167}.
* gnu/packages/patches/qemu-CVE-2017-14167.patch
gnu/packages/patches/qemu-CVE-2017-13711.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.