gnu: openjpeg: Add fixes for CVE-2016-{9850,9851}.
* gnu/packages/image.scm (openjpeg)[replacement]: New field.
(openjpeg/fixed): New variable, patch against CVE-2016-9850,
CVE-2016-9851.
* gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
gnu: jasper: Update to 2.0.6.
* gnu/packages/image.scm (jasper): Update to 2.0.6.
gnu: password-store: Don't run tests in parallel.
* gnu/packages/password-utils.scm (password-store): Don't run tests in
parallel, as it causes them to hang and the build to timeout.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
gnu: password-store: Delete build phase
* gnu/packages/password-utils.scm (password-store): Remove the build
phase, as it is unused.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
gnu: openssl-next: Update to 1.1.0c [fixes CVE-{7053,7054,7055}].
* gnu/packages/tls.scm (openssl-next): Update to 1.1.0c.
[arguments]: Duplicate 'configure' to add rpath flag previously handled by
now-defunct 'patch-runpath' phase. Duplicate 'remove-miscellany' phase.
gnu: windowmaker: Fix invocation of 'wmsetbg'.
* gnu/packages/gnustep.scm (windowmaker)[arguments]: Add substitution of
40-character limit with a 107-character limit.
gnu: vsearch: Update to 2.3.4.
* gnu/packages/bioinformatics.scm (vsearch): Update to 2.3.4.
gnu: pardre: Update to 1.1.5-1.
* gnu/packages/bioinformatics.scm (pardre): update to 1.1.5-1.
[source]: Update source hash.
gnu: linux-libre: Add fixes for CVE-2016-8655 et al.
* gnu/packages/linux.scm (linux-libre, linux-libre-arm-generic):
Add patches for CVE-2016-8655 and the vulnerability described in
<http://seclists.org/oss-sec/2016/q4/644>.
offload: Allow testing machines that match a regexp.
* guix/scripts/offload.scm (check-machine-availability): Add 'pred'
parameter and honor it.
(guix-offload): for the "test" sub-command, accept an extra 'regexp'
parameter. Pass a second argument to 'check-machine-availability'.
offload: Test each machine only once.
* guix/scripts/offload.scm (check-machine-availability)[build-machine=?]:
New procedure.
Add call to 'delete-duplicates'.
offload: Do not read ~/.ssh/known_hosts.
* guix/scripts/offload.scm (open-ssh-session): Pass #:knownhosts to
'make-session'.
gnu: linux-libre: Update to 4.8.13.
* gnu/packages/linux.scm (%linux-libre-version, %linux-libre-hash)
(linux-libre): Update to 4.8.13.
gnu: linux-libre@4.4: Update to 4.4.37.
* gnu/packages/linux.scm (linux-libre-4.4): Update to 4.4.37.
gnu: gmsh: Update to 2.15.0.
* gnu/packages/maths.scm (gmsh): Update to 2.15.0.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
gnu: libev: Update to 4.23.
* gnu/packages/libevent.scm (libev): Update to 4.23.
daemon: Set ownership of kept build directories to the calling user.
Fixes <http://bugs.gnu.org/15890>.
* nix/libstore/globals.hh (Settings) Add clientUid and clientGid.
* nix/nix-daemon/nix-daemon.cc (daemonLoop] Store UID and GID of the
caller in settings.
* nix/libstore/build.cc (_chown): New function.
(DerivationGoal::deleteTmpDir): Use it, change ownership of build
directory if it is kept and the new owner is not root.
gnu: python-pyqt: Fix build by explicitly setting the stubsdir.
* gnu/packages.qt.scm (python-pyqt, python2-pyqt)[arguments]: In phase
'configure' pass option --stubsdir.