From 9a49129651f4c53f42b31a2c44e4f299eb82708b Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Sun, 2 Apr 2017 11:36:47 -0400 Subject: gnu: audacity: Update to 2.1.3. * gnu/packages/audacity.scm (audacity): Update to 2.1.3. [source]: Fetch gzipped tar archive instead of a zip archive; remove unnecessary patch. [native-inputs]: Add autoconf, automake and libtool. [arguments]: Add autoreconf phase to detect system libraries. * gnu/packages/patches/audacity-fix-ffmpeg-binding.patch: Delete patch. * gnu/local.mk: Remove reference to removed patch. --- gnu/local.mk | 1 - 1 file changed, 1 deletion(-) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 9035753673..5da3590375 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -495,7 +495,6 @@ dist_patch_DATA = \ %D%/packages/patches/ath9k-htc-firmware-binutils.patch \ %D%/packages/patches/ath9k-htc-firmware-gcc.patch \ %D%/packages/patches/ath9k-htc-firmware-objcopy.patch \ - %D%/packages/patches/audacity-fix-ffmpeg-binding.patch \ %D%/packages/patches/automake-skip-amhello-tests.patch \ %D%/packages/patches/automake-regexp-syntax.patch \ %D%/packages/patches/automake-test-gzip-warning.patch \ -- cgit v1.2.3 From b7506f74dffd86b93a07ef2c6dfc6517897afea6 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 4 Apr 2017 13:44:23 +0200 Subject: gnu: glog: Fix name demangling for GCC 5. * gnu/packages/patches/glog-gcc-5-demangling.patch: New file. * gnu/packages/logging.scm (glog)[sources]: Add it. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/logging.scm | 6 ++- gnu/packages/patches/glog-gcc-5-demangling.patch | 64 ++++++++++++++++++++++++ 3 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/glog-gcc-5-demangling.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5da3590375..15087b1183 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -608,6 +608,7 @@ dist_patch_DATA = \ %D%/packages/patches/glibc-locales.patch \ %D%/packages/patches/glibc-o-largefile.patch \ %D%/packages/patches/glibc-versioned-locpath.patch \ + %D%/packages/patches/glog-gcc-5-demangling.patch \ %D%/packages/patches/gmp-arm-asm-nothumb.patch \ %D%/packages/patches/gmp-faulty-test.patch \ %D%/packages/patches/gnome-tweak-tool-search-paths.patch \ diff --git a/gnu/packages/logging.scm b/gnu/packages/logging.scm index c40d6ebbaf..d28094c3a8 100644 --- a/gnu/packages/logging.scm +++ b/gnu/packages/logging.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Ricardo Wurmus -;;; Copyright © 2016 Ludovic Courtès +;;; Copyright © 2016, 2017 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -24,6 +24,7 @@ #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system gnu) + #:use-module (gnu packages) #:use-module (gnu packages perl) #:use-module (gnu packages autotools)) @@ -62,7 +63,8 @@ staying as close to their API as is reasonable.") (sha256 (base32 "0ym5g15m7c8kjfr2c3zq6bz08ghin2d1r1nb6v2vnkfh1vn945x1")) - (file-name (string-append name "-" version "-checkout")))) + (file-name (string-append name "-" version "-checkout")) + (patches (search-patches "glog-gcc-5-demangling.patch")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl) ;for tests diff --git a/gnu/packages/patches/glog-gcc-5-demangling.patch b/gnu/packages/patches/glog-gcc-5-demangling.patch new file mode 100644 index 0000000000..7f3f42ceca --- /dev/null +++ b/gnu/packages/patches/glog-gcc-5-demangling.patch @@ -0,0 +1,64 @@ +Fix symbol demangling for GCC 5, as reported at: + + https://github.com/google/glog/issues/14 + +Patch from: + + https://github.com/google/glog/pull/50 + +From b1639e3014996fbc7635870e013559c54e7e3b2f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?David=20Mart=C3=ADnez=20Moreno?= +Date: Thu, 13 Aug 2015 09:31:26 -0700 +Subject: [PATCH] Fix ABI demangling for the GCC 5.x case. + +When glog is compiled with gcc-5.2 in cxx11 ABI mode, it barfs about unmangled symbols. This patches it getting inspiration from binutils and demangle.cc itself, although it may be totally wrong or maybe have to use ParseAbiTag in more places. I haven't read the spec for the symbols, though. + +This patch makes the demangle unit test pass correctly. +--- + src/demangle.cc | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/src/demangle.cc b/src/demangle.cc +index e858181..0f0c831 100644 +--- a/src/demangle.cc ++++ b/src/demangle.cc +@@ -439,6 +439,7 @@ static bool ParseExprPrimary(State *state); + static bool ParseLocalName(State *state); + static bool ParseDiscriminator(State *state); + static bool ParseSubstitution(State *state); ++static bool ParseAbiTag(State *state); + + // Implementation note: the following code is a straightforward + // translation of the Itanium C++ ABI defined in BNF with a couple of +@@ -567,6 +568,8 @@ static bool ParseNestedName(State *state) { + static bool ParsePrefix(State *state) { + bool has_something = false; + while (true) { ++ if (ParseAbiTag(state)) ++ continue; + MaybeAppendSeparator(state); + if (ParseTemplateParam(state) || + ParseSubstitution(state) || +@@ -585,6 +588,22 @@ static bool ParsePrefix(State *state) { + return true; + } + ++// ::= B ++static bool ParseAbiTag(State *state) { ++ State copy = *state; ++ ++ Append(state, "[", 1); ++ if (ParseOneCharToken(state, 'B') && ++ ParseSourceName(state)) ++ { ++ Append(state, "]", 1); ++ return true; ++ } ++ ++ *state = copy; ++ return false; ++} ++ + // ::= + // ::= + // ::= -- cgit v1.2.3 From a3dea99107e20e3e50e9b766850254c87accde49 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 4 Apr 2017 17:35:35 +0200 Subject: gnu: python2-cython: Fix build on 32-bit platforms. * gnu/packages/python.scm (python-cython, python2-cython)[source]: Add patch. * gnu/packages/patches/python-cython-fix-tests-32bit.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + .../patches/python-cython-fix-tests-32bit.patch | 27 ++++++++++++++++++++++ gnu/packages/python.scm | 1 + 3 files changed, 29 insertions(+) create mode 100644 gnu/packages/patches/python-cython-fix-tests-32bit.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 15087b1183..425c233979 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -878,6 +878,7 @@ dist_patch_DATA = \ %D%/packages/patches/python2-rdflib-drop-sparqlwrapper.patch \ %D%/packages/patches/python-statsmodels-fix-tests.patch \ %D%/packages/patches/python-configobj-setuptools.patch \ + %D%/packages/patches/python-cython-fix-tests-32bit.patch \ %D%/packages/patches/python-fake-factory-fix-build-32bit.patch \ %D%/packages/patches/python-faker-fix-build-32bit.patch \ %D%/packages/patches/python-pandas-skip-failing-tests.patch \ diff --git a/gnu/packages/patches/python-cython-fix-tests-32bit.patch b/gnu/packages/patches/python-cython-fix-tests-32bit.patch new file mode 100644 index 0000000000..7ccc11dd4c --- /dev/null +++ b/gnu/packages/patches/python-cython-fix-tests-32bit.patch @@ -0,0 +1,27 @@ +This fixes a test failure on 32-bit platforms. + +Upstream bug URL: https://github.com/cython/cython/issues/1548 + +Patch copied from upstream source repository: + +https://github.com/cython/cython/commit/d92a718a26c9354fbf35f31a17de5c069865a447 + +From d92a718a26c9354fbf35f31a17de5c069865a447 Mon Sep 17 00:00:00 2001 +From: Robert Bradshaw +Date: Tue, 24 Jan 2017 16:57:00 -0800 +Subject: [PATCH] Normalize possible L suffix. + +--- + tests/run/cpdef_enums.pyx | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/run/cpdef_enums.pyx b/tests/run/cpdef_enums.pyx +index 167c762..c264ec5 100644 +--- a/tests/run/cpdef_enums.pyx ++++ b/tests/run/cpdef_enums.pyx +@@ -93,4 +93,4 @@ def verify_resolution_GH1533(): + 3 + """ + THREE = 100 +- return PyxEnum.THREE ++ return int(PyxEnum.THREE) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index e9ccc7db28..0746af24a1 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -3406,6 +3406,7 @@ is designed to have a low barrier to entry.") (origin (method url-fetch) (uri (pypi-uri "Cython" version)) + (patches (search-patches "python-cython-fix-tests-32bit.patch")) (sha256 (base32 "01h3lrf6d98j07iakifi81qjszh6faa37ibx7ylva1vsqbwx2hgi")))) -- cgit v1.2.3 From 4dc12417d2f982016832726b3e644eb3adb43262 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 4 Apr 2017 17:44:57 +0200 Subject: gnu: gnupg: Update to 2.1.20. * gnu/packages/gnupg.scm (gnupg): Update to 2.1.20. [source]: Remove patch. * gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/gnupg.scm | 5 +- .../patches/gnupg-2.1-fix-Y2038-test-failure.patch | 67 ---------------------- 3 files changed, 2 insertions(+), 71 deletions(-) delete mode 100644 gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 425c233979..969bcefeb1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -613,7 +613,6 @@ dist_patch_DATA = \ %D%/packages/patches/gmp-faulty-test.patch \ %D%/packages/patches/gnome-tweak-tool-search-paths.patch \ %D%/packages/patches/gnucash-price-quotes-perl.patch \ - %D%/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index 532dbf88f7..0c20f9ae54 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -217,15 +217,14 @@ compatible to GNU Pth.") (define-public gnupg (package (name "gnupg") - (version "2.1.19") + (version "2.1.20") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/gnupg/gnupg-" version ".tar.bz2")) - (patches (search-patches "gnupg-2.1-fix-Y2038-test-failure.patch")) (sha256 (base32 - "1w4vccmb5l50lm4yrz9vkdj7whbfvzx543r55362kkj1aqgyvk26")))) + "03cnd6gz8f4lf69inskssw57idrswcdimhccdyglmrlv6rlrmkr4")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch b/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch deleted file mode 100644 index b3a198c499..0000000000 --- a/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix a Y2038 test failure on systems where time_t is a signed 32-bit value: - -https://bugs.gnupg.org/gnupg/issue2988 - -Patch copied from upstream source repository: - -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=de3838372ae3cdecbd83eea2c53c8e2656d93052 - -From de3838372ae3cdecbd83eea2c53c8e2656d93052 Mon Sep 17 00:00:00 2001 -From: Justus Winter -Date: Tue, 7 Mar 2017 12:18:59 +0100 -Subject: [PATCH] tests: Avoid overflowing signed 32 bit time_t. - -* tests/openpgp/quick-key-manipulation.scm: Use expiration times in -the year 2038 instead of 2105 to avoid overflowing 32 bit time_t. -time_t is used internally to parse the expiraton time from the iso -timestamp. - -GnuPG-bug-id: 2988 -Signed-off-by: Justus Winter ---- - tests/openpgp/quick-key-manipulation.scm | 15 +++++++++++---- - 1 file changed, 11 insertions(+), 4 deletions(-) - -diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm -index 10f0bfe21..08ef62613 100755 ---- a/tests/openpgp/quick-key-manipulation.scm -+++ b/tests/openpgp/quick-key-manipulation.scm -@@ -125,8 +125,13 @@ - (default default never) - (rsa "sign auth encr" "seconds=600") ;; GPGME uses this - (rsa "auth,encr" "2") ;; "without a letter, days is assumed" -- (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" -- (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" -+ ;; Sadly, the timestamp is truncated by the use of time_t on -+ ;; systems where time_t is a signed 32 bit value. -+ (rsa "sign" "2038-01-01") ;; unix millennium -+ (rsa "sign" "20380101T115500") ;; unix millennium -+ ;; Once fixed, we can use later timestamps: -+ ;; (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" -+ ;; (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" - (rsa sign "2d") - (rsa1024 sign "2w") - (rsa2048 encr "2m") -@@ -157,7 +162,8 @@ - (lambda (subkey) - (assert (= 1 (:alg subkey))) - (assert (string-contains? (:cap subkey) "s")) -- (assert (time-matches? 4260207600 ;; 2105-01-01 -+ (assert (time-matches? 2145916800 ;; 2038-01-01 -+ ;; 4260207600 ;; 2105-01-01 - (string->number (:expire subkey)) - ;; This is off by 12h, but I guess it just - ;; choses the middle of the day. -@@ -165,7 +171,8 @@ - (lambda (subkey) - (assert (= 1 (:alg subkey))) - (assert (string-contains? (:cap subkey) "s")) -- (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00 -+ (assert (time-matches? 2145959700 ;; UTC 2038-01-01 11:55:00 -+ ;; 4260254100 ;; UTC 2105-01-01 11:55:00 - (string->number (:expire subkey)) - (minutes->seconds 5)))) - (lambda (subkey) --- -2.12.0 - -- cgit v1.2.3 From cd381c317b03d7ff4936e0006c277e7126500602 Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Tue, 4 Apr 2017 16:08:15 -0400 Subject: gnu: Move audacity to audio.scm. * gnu/packages/audacity.scm: Remove file and move audacity... * gnu/packages/audio.scm: ...here. * gnu/local.mk: Remove reference to removed file. --- gnu/local.mk | 1 - gnu/packages/audacity.scm | 112 ---------------------------------------------- gnu/packages/audio.scm | 75 +++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+), 113 deletions(-) delete mode 100644 gnu/packages/audacity.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 969bcefeb1..f54ab2a455 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -53,7 +53,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/assembly.scm \ %D%/packages/astronomy.scm \ %D%/packages/attr.scm \ - %D%/packages/audacity.scm \ %D%/packages/audio.scm \ %D%/packages/augeas.scm \ %D%/packages/autogen.scm \ diff --git a/gnu/packages/audacity.scm b/gnu/packages/audacity.scm deleted file mode 100644 index 1ef5048f9e..0000000000 --- a/gnu/packages/audacity.scm +++ /dev/null @@ -1,112 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu packages audacity) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module ((guix licenses) #:prefix license:) - #:use-module (guix build-system gnu) - #:use-module (gnu packages) - #:use-module (gnu packages audio) - #:use-module (gnu packages autotools) - #:use-module (gnu packages base) - #:use-module (gnu packages gettext) - #:use-module (gnu packages gtk) - #:use-module (gnu packages linux) - #:use-module (gnu packages mp3) - #:use-module (gnu packages pkg-config) - #:use-module (gnu packages pulseaudio) - #:use-module (gnu packages python) - #:use-module (gnu packages xiph) - #:use-module (gnu packages xml) - #:use-module (gnu packages video) - #:use-module (gnu packages wxwidgets)) - -(define-public audacity - (package - (name "audacity") - (version "2.1.3") - (source - (origin - (method url-fetch) - (uri (string-append "https://github.com/audacity/audacity/archive" - "/Audacity-" version ".tar.gz")) - (sha256 - (base32 "11mx7gb4dbqrgfp7hm0154x3m76ddnmhf2675q5zkxn7jc5qfc6b")))) - (build-system gnu-build-system) - (inputs - ;; TODO: Add portSMF and libwidgetextra once they're packaged. In-tree - ;; versions shipping with Audacity are used for now. - `(("wxwidgets" ,wxwidgets-gtk2) - ("gtk" ,gtk+-2) - ("alsa-lib" ,alsa-lib) - ("jack" ,jack-1) - ("expat" ,expat) - ("ffmpeg" ,ffmpeg) - ("lame" ,lame) - ("flac" ,flac) - ("libid3tag" ,libid3tag) - ("libmad" ,libmad) - ("libsbsms" ,libsbsms) - ("libsndfile" ,libsndfile) - ("soundtouch" ,soundtouch) - ("soxr" ,soxr) ;replaces libsamplerate - ("twolame" ,twolame) - ("vamp" ,vamp) - ("libvorbis" ,libvorbis) - ("lv2" ,lv2) - ("lilv" ,lilv) - ("portaudio" ,portaudio))) - (native-inputs - `(("autoconf" ,autoconf) - ("automake" ,automake) - ("gettext" ,gettext-minimal) ;for msgfmt - ("libtool" ,libtool) - ("pkg-config" ,pkg-config) - ("python" ,python-2) - ("which" ,which))) - (arguments - '(#:configure-flags - (let ((libid3tag (assoc-ref %build-inputs "libid3tag")) - (libmad (assoc-ref %build-inputs "libmad"))) - (list - ;; Loading FFmpeg dynamically is problematic. - "--disable-dynamic-loading" - ;; libid3tag and libmad provide no .pc files, so pkg-config fails to - ;; find them. Force their inclusion. - (string-append "ID3TAG_CFLAGS=-I" libid3tag "/include") - (string-append "ID3TAG_LIBS=-L" libid3tag "/lib -lid3tag -lz") - (string-append "LIBMAD_CFLAGS=-I" libmad "/include") - (string-append "LIBMAD_LIBS=-L" libmad "/lib -lmad"))) - #:phases - (modify-phases %standard-phases - ;; FFmpeg is only detected if autoreconf runs. - (add-before 'configure 'autoreconf - (lambda _ - (zero? (system* "autoreconf" "-vfi"))))) - ;; The test suite is not "well exercised" according to the developers, - ;; and fails with various errors. See - ;; . - #:tests? #f)) - (home-page "http://audacity.sourceforge.net/") - (synopsis "Software for recording and editing sounds") - (description - "Audacity is a multi-track audio editor designed for recording, playing -and editing digital audio. It features digital effects and spectrum analysis -tools.") - (license license:gpl2+))) diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index d9fdd6c6b3..9dc6797343 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -75,6 +75,7 @@ #:use-module (gnu packages video) #:use-module (gnu packages vim) ;xxd #:use-module (gnu packages webkit) + #:use-module (gnu packages wxwidgets) #:use-module (gnu packages xiph) #:use-module (gnu packages xml) #:use-module (gnu packages xorg) @@ -269,6 +270,80 @@ record, edit, mix and master audio and MIDI projects. It is targeted at audio engineers, musicians, soundtrack editors and composers.") (license license:gpl2+))) +(define-public audacity + (package + (name "audacity") + (version "2.1.3") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/audacity/audacity/archive" + "/Audacity-" version ".tar.gz")) + (sha256 + (base32 "11mx7gb4dbqrgfp7hm0154x3m76ddnmhf2675q5zkxn7jc5qfc6b")))) + (build-system gnu-build-system) + (inputs + ;; TODO: Add portSMF and libwidgetextra once they're packaged. In-tree + ;; versions shipping with Audacity are used for now. + `(("wxwidgets" ,wxwidgets-gtk2) + ("gtk" ,gtk+-2) + ("alsa-lib" ,alsa-lib) + ("jack" ,jack-1) + ("expat" ,expat) + ("ffmpeg" ,ffmpeg) + ("lame" ,lame) + ("flac" ,flac) + ("libid3tag" ,libid3tag) + ("libmad" ,libmad) + ("libsbsms" ,libsbsms) + ("libsndfile" ,libsndfile) + ("soundtouch" ,soundtouch) + ("soxr" ,soxr) ;replaces libsamplerate + ("twolame" ,twolame) + ("vamp" ,vamp) + ("libvorbis" ,libvorbis) + ("lv2" ,lv2) + ("lilv" ,lilv) + ("portaudio" ,portaudio))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("gettext" ,gettext-minimal) ;for msgfmt + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("python" ,python-2) + ("which" ,which))) + (arguments + '(#:configure-flags + (let ((libid3tag (assoc-ref %build-inputs "libid3tag")) + (libmad (assoc-ref %build-inputs "libmad"))) + (list + ;; Loading FFmpeg dynamically is problematic. + "--disable-dynamic-loading" + ;; libid3tag and libmad provide no .pc files, so pkg-config fails to + ;; find them. Force their inclusion. + (string-append "ID3TAG_CFLAGS=-I" libid3tag "/include") + (string-append "ID3TAG_LIBS=-L" libid3tag "/lib -lid3tag -lz") + (string-append "LIBMAD_CFLAGS=-I" libmad "/include") + (string-append "LIBMAD_LIBS=-L" libmad "/lib -lmad"))) + #:phases + (modify-phases %standard-phases + ;; FFmpeg is only detected if autoreconf runs. + (add-before 'configure 'autoreconf + (lambda _ + (zero? (system* "autoreconf" "-vfi"))))) + ;; The test suite is not "well exercised" according to the developers, + ;; and fails with various errors. See + ;; . + #:tests? #f)) + (home-page "http://audacity.sourceforge.net/") + (synopsis "Software for recording and editing sounds") + (description + "Audacity is a multi-track audio editor designed for recording, playing +and editing digital audio. It features digital effects and spectrum analysis +tools.") + (license license:gpl2+))) + (define-public azr3 (package (name "azr3") -- cgit v1.2.3 From fbd6fb1a9d75bd7b5d1df24cb805b7df335b0223 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 7 Apr 2017 00:16:18 -0400 Subject: gnu: qemu: Update to 2.8.1 [security fixes]. Fixes CVE-2016-{9602,9603} and CVE-2017-{2615,2620,2630,5667,5931}. * gnu/packages/qemu.scm (qemu): Update to 2.8.1. * gnu/packages/patches/qemu-CVE-2017-2615.patch, gnu/packages/patches/qemu-CVE-2017-2620.patch, gnu/packages/patches/qemu-CVE-2017-2630.patch, gnu/packages/patches/qemu-CVE-2017-5667.patch, gnu/packages/patches/qemu-CVE-2017-5931.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 5 - gnu/packages/patches/qemu-CVE-2017-2615.patch | 52 ---------- gnu/packages/patches/qemu-CVE-2017-2620.patch | 134 -------------------------- gnu/packages/patches/qemu-CVE-2017-2630.patch | 47 --------- gnu/packages/patches/qemu-CVE-2017-5667.patch | 46 --------- gnu/packages/patches/qemu-CVE-2017-5931.patch | 55 ----------- gnu/packages/qemu.scm | 12 +-- 7 files changed, 4 insertions(+), 347 deletions(-) delete mode 100644 gnu/packages/patches/qemu-CVE-2017-2615.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-2620.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-2630.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5667.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5931.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f54ab2a455..93bafa282d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -890,18 +890,13 @@ dist_patch_DATA = \ %D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \ %D%/packages/patches/python2-subprocess32-disable-input-test.patch \ %D%/packages/patches/qemu-CVE-2016-10155.patch \ - %D%/packages/patches/qemu-CVE-2017-2615.patch \ - %D%/packages/patches/qemu-CVE-2017-2620.patch \ - %D%/packages/patches/qemu-CVE-2017-2630.patch \ %D%/packages/patches/qemu-CVE-2017-5525.patch \ %D%/packages/patches/qemu-CVE-2017-5526.patch \ %D%/packages/patches/qemu-CVE-2017-5552.patch \ %D%/packages/patches/qemu-CVE-2017-5578.patch \ %D%/packages/patches/qemu-CVE-2017-5579.patch \ - %D%/packages/patches/qemu-CVE-2017-5667.patch \ %D%/packages/patches/qemu-CVE-2017-5856.patch \ %D%/packages/patches/qemu-CVE-2017-5898.patch \ - %D%/packages/patches/qemu-CVE-2017-5931.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2017-2615.patch b/gnu/packages/patches/qemu-CVE-2017-2615.patch deleted file mode 100644 index ede1f8c89d..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-2615.patch +++ /dev/null @@ -1,52 +0,0 @@ -http://git.qemu.org/?p=qemu.git;a=patch;h=62d4c6bd5263bb8413a06c80144fc678df6dfb64 -this patch is from qemu-git. - - -From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 1 Feb 2017 09:35:01 +0100 -Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615) - -When doing bitblt copy in backward mode, we should minus the -blt width first just like the adding in the forward mode. This -can avoid the oob access of the front of vga's vram. - -Signed-off-by: Li Qiang - -{ kraxel: with backward blits (negative pitch) addr is the topmost - address, so check it as-is against vram size ] - -Cc: qemu-stable@nongnu.org -Cc: P J P -Cc: Laszlo Ersek -Cc: Paolo Bonzini -Cc: Wolfgang Bumiller -Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106) -Signed-off-by: Gerd Hoffmann -Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com -Reviewed-by: Laszlo Ersek ---- - hw/display/cirrus_vga.c | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c -index 7db6409dc5..16f27e8ac5 100644 ---- a/hw/display/cirrus_vga.c -+++ b/hw/display/cirrus_vga.c -@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, - { - if (pitch < 0) { - int64_t min = addr -- + ((int64_t)s->cirrus_blt_height-1) * pitch; -- int32_t max = addr -- + s->cirrus_blt_width; -- if (min < 0 || max > s->vga.vram_size) { -+ + ((int64_t)s->cirrus_blt_height - 1) * pitch -+ - s->cirrus_blt_width; -+ if (min < -1 || addr >= s->vga.vram_size) { - return true; - } - } else { --- -2.11.0 - diff --git a/gnu/packages/patches/qemu-CVE-2017-2620.patch b/gnu/packages/patches/qemu-CVE-2017-2620.patch deleted file mode 100644 index d3111827b7..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-2620.patch +++ /dev/null @@ -1,134 +0,0 @@ -Fix CVE-2017-2620: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2620 -https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html - -Both patches copied from upstream source repository: - -Fixes CVE-2017-2620: -http://git.qemu-project.org/?p=qemu.git;a=commit;h=92f2b88cea48c6aeba8de568a45f2ed958f3c298 - -The CVE-2017-2620 bug-fix depends on this earlier patch: -http://git.qemu-project.org/?p=qemu.git;a=commit;h=913a87885f589d263e682c2eb6637c6e14538061 - -From 92f2b88cea48c6aeba8de568a45f2ed958f3c298 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Wed, 8 Feb 2017 11:18:36 +0100 -Subject: [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo - (CVE-2017-2620) - -CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination -and blit width, at all. Oops. Fix it. - -Security impact: high. - -The missing blit destination check allows to write to host memory. -Basically same as CVE-2014-8106 for the other blit variants. - -Cc: qemu-stable@nongnu.org -Signed-off-by: Gerd Hoffmann ---- - hw/display/cirrus_vga.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c -index 1deb52070a..b9e7cb1df1 100644 ---- a/hw/display/cirrus_vga.c -+++ b/hw/display/cirrus_vga.c -@@ -900,6 +900,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s) - { - int w; - -+ if (blit_is_unsafe(s, true)) { -+ return 0; -+ } -+ - s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC; - s->cirrus_srcptr = &s->cirrus_bltbuf[0]; - s->cirrus_srcptr_end = &s->cirrus_bltbuf[0]; -@@ -925,6 +929,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s) - } - s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height; - } -+ -+ /* the blit_is_unsafe call above should catch this */ -+ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE); -+ - s->cirrus_srcptr = s->cirrus_bltbuf; - s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch; - cirrus_update_memory_access(s); --- -2.12.0 - -From 913a87885f589d263e682c2eb6637c6e14538061 Mon Sep 17 00:00:00 2001 -From: Bruce Rogers -Date: Mon, 9 Jan 2017 13:35:20 -0700 -Subject: [PATCH] display: cirrus: ignore source pitch value as needed in - blit_is_unsafe - -Commit 4299b90 added a check which is too broad, given that the source -pitch value is not required to be initialized for solid fill operations. -This patch refines the blit_is_unsafe() check to ignore source pitch in -that case. After applying the above commit as a security patch, we -noticed the SLES 11 SP4 guest gui failed to initialize properly. - -Signed-off-by: Bruce Rogers -Message-id: 20170109203520.5619-1-brogers@suse.com -Signed-off-by: Gerd Hoffmann ---- - hw/display/cirrus_vga.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c -index bdb092ee9d..379910db2d 100644 ---- a/hw/display/cirrus_vga.c -+++ b/hw/display/cirrus_vga.c -@@ -294,7 +294,7 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, - return false; - } - --static bool blit_is_unsafe(struct CirrusVGAState *s) -+static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) - { - /* should be the case, see cirrus_bitblt_start */ - assert(s->cirrus_blt_width > 0); -@@ -308,6 +308,9 @@ static bool blit_is_unsafe(struct CirrusVGAState *s) - s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) { - return true; - } -+ if (dst_only) { -+ return false; -+ } - if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch, - s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) { - return true; -@@ -673,7 +676,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s, - - dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask); - -- if (blit_is_unsafe(s)) -+ if (blit_is_unsafe(s, false)) - return 0; - - (*s->cirrus_rop) (s, dst, src, -@@ -691,7 +694,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) - { - cirrus_fill_t rop_func; - -- if (blit_is_unsafe(s)) { -+ if (blit_is_unsafe(s, true)) { - return 0; - } - rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; -@@ -795,7 +798,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) - - static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) - { -- if (blit_is_unsafe(s)) -+ if (blit_is_unsafe(s, false)) - return 0; - - return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, --- -2.12.0 - diff --git a/gnu/packages/patches/qemu-CVE-2017-2630.patch b/gnu/packages/patches/qemu-CVE-2017-2630.patch deleted file mode 100644 index b154d171f1..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-2630.patch +++ /dev/null @@ -1,47 +0,0 @@ -Fix CVE-2017-2630: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2630 -https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html - -Patch copied from upstream source repository: - -http://git.qemu-project.org/?p=qemu.git;a=commit;h=2563c9c6b8670400c48e562034b321a7cf3d9a85 - -From 2563c9c6b8670400c48e562034b321a7cf3d9a85 Mon Sep 17 00:00:00 2001 -From: Vladimir Sementsov-Ogievskiy -Date: Tue, 7 Mar 2017 09:16:27 -0600 -Subject: [PATCH] nbd/client: fix drop_sync [CVE-2017-2630] -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Comparison symbol is misused. It may lead to memory corruption. -Introduced in commit 7d3123e. - -Signed-off-by: Vladimir Sementsov-Ogievskiy -Message-Id: <20170203154757.36140-6-vsementsov@virtuozzo.com> -[eblake: add CVE details, update conditional] -Signed-off-by: Eric Blake -Reviewed-by: Marc-André Lureau -Message-Id: <20170307151627.27212-1-eblake@redhat.com> -Signed-off-by: Paolo Bonzini ---- - nbd/client.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/nbd/client.c b/nbd/client.c -index 5c9dee37fa..3dc2564cd0 100644 ---- a/nbd/client.c -+++ b/nbd/client.c -@@ -94,7 +94,7 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size) - char small[1024]; - char *buffer; - -- buffer = sizeof(small) < size ? small : g_malloc(MIN(65536, size)); -+ buffer = sizeof(small) >= size ? small : g_malloc(MIN(65536, size)); - while (size > 0) { - ssize_t count = read_sync(ioc, buffer, MIN(65536, size)); - --- -2.12.0 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5667.patch b/gnu/packages/patches/qemu-CVE-2017-5667.patch deleted file mode 100644 index 5adea0d278..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5667.patch +++ /dev/null @@ -1,46 +0,0 @@ -Fix CVE-2017-5667 (sdhci OOB access during multi block SDMA transfer): - -http://seclists.org/oss-sec/2017/q1/243 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667 - -Patch copied from upstream source repository: - -http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=42922105beb14c2fc58185ea022b9f72fb5465e9 - -From 42922105beb14c2fc58185ea022b9f72fb5465e9 Mon Sep 17 00:00:00 2001 -From: Prasad J Pandit -Date: Tue, 7 Feb 2017 18:29:59 +0000 -Subject: [PATCH] sd: sdhci: check data length during dma_memory_read - -While doing multi block SDMA transfer in routine -'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting -index 'begin' and data length 's->data_count' could end up to be same. -This could lead to an OOB access issue. Correct transfer data length -to avoid it. - -Cc: qemu-stable@nongnu.org -Reported-by: Jiang Xin -Signed-off-by: Prasad J Pandit -Reviewed-by: Peter Maydell -Message-id: 20170130064736.9236-1-ppandit@redhat.com -Signed-off-by: Peter Maydell ---- - hw/sd/sdhci.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c -index 01fbf228be..5bd5ab6319 100644 ---- a/hw/sd/sdhci.c -+++ b/hw/sd/sdhci.c -@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) - boundary_count -= block_size - begin; - } - dma_memory_read(&address_space_memory, s->sdmasysad, -- &s->fifo_buffer[begin], s->data_count); -+ &s->fifo_buffer[begin], s->data_count - begin); - s->sdmasysad += s->data_count - begin; - if (s->data_count == block_size) { - for (n = 0; n < block_size; n++) { --- -2.11.1 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5931.patch b/gnu/packages/patches/qemu-CVE-2017-5931.patch deleted file mode 100644 index 08910e5fac..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5931.patch +++ /dev/null @@ -1,55 +0,0 @@ -Fix CVE-2017-5931 (integer overflow in handling virtio-crypto requests): - -http://seclists.org/oss-sec/2017/q1/337 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931 - -Patch copied from upstream source repository: - -http://git.qemu-project.org/?p=qemu.git;a=commit;h=a08aaff811fb194950f79711d2afe5a892ae03a4 - -From a08aaff811fb194950f79711d2afe5a892ae03a4 Mon Sep 17 00:00:00 2001 -From: Gonglei -Date: Tue, 3 Jan 2017 14:50:03 +0800 -Subject: [PATCH] virtio-crypto: fix possible integer and heap overflow - -Because the 'size_t' type is 4 bytes in 32-bit platform, which -is the same with 'int'. It's easy to make 'max_len' to zero when -integer overflow and then cause heap overflow if 'max_len' is zero. - -Using uint_64 instead of size_t to avoid the integer overflow. - -Cc: qemu-stable@nongnu.org -Reported-by: Li Qiang -Signed-off-by: Gonglei -Tested-by: Li Qiang -Reviewed-by: Michael S. Tsirkin -Signed-off-by: Michael S. Tsirkin ---- - hw/virtio/virtio-crypto.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c -index 2f2467e859..c23e1ad458 100644 ---- a/hw/virtio/virtio-crypto.c -+++ b/hw/virtio/virtio-crypto.c -@@ -416,7 +416,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev, - uint32_t hash_start_src_offset = 0, len_to_hash = 0; - uint32_t cipher_start_src_offset = 0, len_to_cipher = 0; - -- size_t max_len, curr_size = 0; -+ uint64_t max_len, curr_size = 0; - size_t s; - - /* Plain cipher */ -@@ -441,7 +441,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev, - return NULL; - } - -- max_len = iv_len + aad_len + src_len + dst_len + hash_result_len; -+ max_len = (uint64_t)iv_len + aad_len + src_len + dst_len + hash_result_len; - if (unlikely(max_len > vcrypto->conf.max_size)) { - virtio_error(vdev, "virtio-crypto too big length"); - return NULL; --- -2.11.1 - diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index aa12b2c493..e0b4695f3a 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -69,27 +69,23 @@ (define-public qemu (package (name "qemu") - (version "2.8.0") + (version "2.8.1") (source (origin (method url-fetch) (uri (string-append "http://wiki.qemu-project.org/download/qemu-" - version ".tar.bz2")) + version ".tar.xz")) (sha256 (base32 - "0qjy3rcrn89n42y5iz60kgr0rrl29hpnj8mq2yvbc1wrcizmvzfs")) + "0h342v4n44kh89yyfas4iazvhhsy5m5qk94vsjqpz5zpq1i2ykad")) (patches (search-patches "qemu-CVE-2016-10155.patch" - "qemu-CVE-2017-2615.patch" - "qemu-CVE-2017-2620.patch" - "qemu-CVE-2017-2630.patch" "qemu-CVE-2017-5525.patch" "qemu-CVE-2017-5526.patch" "qemu-CVE-2017-5552.patch" "qemu-CVE-2017-5578.patch" "qemu-CVE-2017-5579.patch" - "qemu-CVE-2017-5667.patch" "qemu-CVE-2017-5856.patch" "qemu-CVE-2017-5898.patch" - "qemu-CVE-2017-5931.patch")))) + )))) (build-system gnu-build-system) (arguments '(;; Running tests in parallel can occasionally lead to failures, like: -- cgit v1.2.3 From b496bfea415750d710dd3ead4bc2ded9d4a6e71d Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 25 Jan 2017 00:22:19 -0500 Subject: gnu: lz4: Update to 1.7.5. * gnu/packages/compression.scm (lz4): Update to 1.7.5. [source]: Update source URL. Use patch 'lz4-fix-test-failures.patch'. [home-page]: Update URL. * gnu/packages/patches/lz4-fix-test-failures.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/compression.scm | 12 +- gnu/packages/patches/lz4-fix-test-failures.patch | 136 +++++++++++++++++++++++ 3 files changed, 144 insertions(+), 5 deletions(-) create mode 100644 gnu/packages/patches/lz4-fix-test-failures.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 93bafa282d..ac6a596923 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -759,6 +759,7 @@ dist_patch_DATA = \ %D%/packages/patches/luit-posix.patch \ %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/lxsession-use-gapplication.patch \ + %D%/packages/patches/lz4-fix-test-failures.patch \ %D%/packages/patches/make-impure-dirs.patch \ %D%/packages/patches/mars-install.patch \ %D%/packages/patches/mars-sfml-2.3.patch \ diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index 5404f66ecf..4793755c21 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -5,7 +5,7 @@ ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2015, 2016 Eric Bavier ;;; Copyright © 2015, 2016 Ricardo Wurmus -;;; Copyright © 2015 Leo Famulari +;;; Copyright © 2015, 2017 Leo Famulari ;;; Copyright © 2015 Jeff Mickey ;;; Copyright © 2015, 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Ben Woodcroft @@ -673,14 +673,16 @@ writing of compressed data created with the zlib and bzip2 libraries.") (define-public lz4 (package (name "lz4") - (version "1.7.4.2") + (version "1.7.5") (source (origin (method url-fetch) - (uri (string-append "https://github.com/Cyan4973/lz4/archive/" + (uri (string-append "https://github.com/lz4/lz4/archive/" "v" version ".tar.gz")) + (patches (search-patches "lz4-fix-test-failures.patch")) (sha256 - (base32 "0l39bymif15rmmfz7h6wvrr853rix4wj8wbqq8z8fm49xa7gx9fb")) + (base32 + "0zkykqqjfa1q3ji0qmb1ml3l9063qqfh99agyj3cnb02cg6wm401")) (file-name (string-append name "-" version ".tar.gz")))) (build-system gnu-build-system) (native-inputs `(("valgrind" ,valgrind))) ; for tests @@ -691,7 +693,7 @@ writing of compressed data created with the zlib and bzip2 libraries.") (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:phases (modify-phases %standard-phases (delete 'configure)))) ; no configure script - (home-page "https://github.com/Cyan4973/lz4") + (home-page "https://github.com/lz4/lz4") (synopsis "Compression algorithm focused on speed") (description "LZ4 is a lossless compression algorithm, providing compression speed at 400 MB/s per core (0.16 Bytes/cycle). It also features an diff --git a/gnu/packages/patches/lz4-fix-test-failures.patch b/gnu/packages/patches/lz4-fix-test-failures.patch new file mode 100644 index 0000000000..d38357d402 --- /dev/null +++ b/gnu/packages/patches/lz4-fix-test-failures.patch @@ -0,0 +1,136 @@ +These two patches fix some bugs in lz4's test suite: + +https://github.com/lz4/lz4/issues/308 + +Patches copied from upstream source repository: + +https://github.com/lz4/lz4/commit/b89cac7b2e92b792af98bb0a12e4d14684d07629 +https://github.com/lz4/lz4/commit/0dfb0b9dad2a8cb7cc347d2139bf9b84de7e1481 + +From b89cac7b2e92b792af98bb0a12e4d14684d07629 Mon Sep 17 00:00:00 2001 +From: Eric Siegerman +Date: Tue, 14 Feb 2017 14:17:06 -0500 +Subject: [PATCH] Don't use "foo && false || true" + +Replace it with either: + test ! -f $FILE_THAT_SHOULD_NOT_EXIST +or: + ! $COMMAND_THAT_SHOULD_FAIL + +as appropriate. +--- + tests/Makefile | 38 +++++++++++++++++++------------------- + 1 file changed, 19 insertions(+), 19 deletions(-) + +diff --git a/tests/Makefile b/tests/Makefile +index 77e6ae7..ebab278 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -236,17 +236,17 @@ test-lz4-basic: lz4 datagen unlz4 lz4cat + ./datagen -g256MB | $(LZ4) -vqB4D | $(LZ4) -t + @echo "hello world" > tmp + $(LZ4) --rm -f tmp +- ls -ls tmp && false || true # must fail (--rm) +- ls -ls tmp.lz4 +- $(PRGDIR)/lz4cat tmp.lz4 # must display hello world +- ls -ls tmp.lz4 ++ test ! -f tmp # must fail (--rm) ++ test -f tmp.lz4 ++ $(PRGDIR)/lz4cat tmp.lz4 # must display hello world ++ test -f tmp.lz4 + $(PRGDIR)/unlz4 --rm tmp.lz4 +- ls -ls tmp +- ls -ls tmp.lz4 && false || true # must fail (--rm) +- ls -ls tmp.lz4.lz4 && false || true # must fail (unlz4) +- $(PRGDIR)/lz4cat tmp # pass-through mode +- ls -ls tmp +- ls -ls tmp.lz4 && false || true # must fail (lz4cat) ++ test -f tmp ++ test ! -f tmp.lz4 # must fail (--rm) ++ test ! -f tmp.lz4.lz4 # must fail (unlz4) ++ $(PRGDIR)/lz4cat tmp # pass-through mode ++ test -f tmp ++ test ! -f tmp.lz4 # must fail (lz4cat) + $(LZ4) tmp # creates tmp.lz4 + $(PRGDIR)/lz4cat < tmp.lz4 > tmp3 # checks lz4cat works with stdin (#285) + $(DIFF) -q tmp tmp3 +@@ -262,22 +262,22 @@ test-lz4-hugefile: lz4 datagen + + test-lz4-testmode: lz4 datagen + @echo "\n ---- bench mode ----" +- $(LZ4) -bi1 ++ $(LZ4) -bi1 + @echo "\n ---- test mode ----" +- ./datagen | $(LZ4) -t && false || true +- ./datagen | $(LZ4) -tf && false || true ++ ! ./datagen | $(LZ4) -t ++ ! ./datagen | $(LZ4) -tf + @echo "\n ---- pass-through mode ----" +- ./datagen | $(LZ4) -d > $(VOID) && false || true +- ./datagen | $(LZ4) -df > $(VOID) ++ ! ./datagen | $(LZ4) -d > $(VOID) ++ ./datagen | $(LZ4) -df > $(VOID) + @echo "Hello World !" > tmp1 + $(LZ4) -dcf tmp1 + @echo "from underground..." > tmp2 + $(LZ4) -dcfm tmp1 tmp2 + @echo "\n ---- test cli ----" +- $(LZ4) file-does-not-exist && false || true +- $(LZ4) -f file-does-not-exist && false || true +- $(LZ4) -fm file1-dne file2-dne && false || true +- $(LZ4) -fm file1-dne file2-dne && false || true ++ ! $(LZ4) file-does-not-exist ++ ! $(LZ4) -f file-does-not-exist ++ ! $(LZ4) -fm file1-dne file2-dne ++ ! $(LZ4) -fm file1-dne file2-dne + + test-lz4-opt-parser: lz4 datagen + @echo "\n ---- test opt-parser ----" +-- +2.12.2 + +From 0dfb0b9dad2a8cb7cc347d2139bf9b84de7e1481 Mon Sep 17 00:00:00 2001 +From: "Dmitry V. Levin" +Date: Sun, 5 Mar 2017 23:20:10 +0000 +Subject: [PATCH] Fix test-lz4-basic + +When no output filename is specified and stdout is not a terminal, +lz4 doesn't attempt to guess an output filename and uses stdout for +output. + +This change fixes test-lz4-basic when run without a terminal +by specifying output filenames. +--- + tests/Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/Makefile b/tests/Makefile +index ebab278..d68c700 100644 +--- a/tests/Makefile ++++ b/tests/Makefile +@@ -235,19 +235,19 @@ test-lz4-basic: lz4 datagen unlz4 lz4cat + ./datagen -g33M | $(LZ4) --no-frame-crc | $(LZ4) -t + ./datagen -g256MB | $(LZ4) -vqB4D | $(LZ4) -t + @echo "hello world" > tmp +- $(LZ4) --rm -f tmp ++ $(LZ4) --rm -f tmp tmp.lz4 + test ! -f tmp # must fail (--rm) + test -f tmp.lz4 + $(PRGDIR)/lz4cat tmp.lz4 # must display hello world + test -f tmp.lz4 +- $(PRGDIR)/unlz4 --rm tmp.lz4 ++ $(PRGDIR)/unlz4 --rm tmp.lz4 tmp + test -f tmp + test ! -f tmp.lz4 # must fail (--rm) + test ! -f tmp.lz4.lz4 # must fail (unlz4) + $(PRGDIR)/lz4cat tmp # pass-through mode + test -f tmp + test ! -f tmp.lz4 # must fail (lz4cat) +- $(LZ4) tmp # creates tmp.lz4 ++ $(LZ4) tmp tmp.lz4 # creates tmp.lz4 + $(PRGDIR)/lz4cat < tmp.lz4 > tmp3 # checks lz4cat works with stdin (#285) + $(DIFF) -q tmp tmp3 + $(PRGDIR)/lz4cat < tmp > tmp2 # checks lz4cat works with stdin (#285) +-- +2.12.2 + -- cgit v1.2.3 From ea240de4af85ae8ecc0c1afcd4778e01a88e6f5c Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 8 Apr 2017 15:52:13 -0400 Subject: screen: Fix info page build failure. * gnu/packages/patches/screen-fix-info-syntax-error.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/screen.scm (screen)[source]: Use it. --- gnu/local.mk | 1 + .../patches/screen-fix-info-syntax-error.patch | 47 ++++++++++++++++++++++ gnu/packages/screen.scm | 1 + 3 files changed, 49 insertions(+) create mode 100644 gnu/packages/patches/screen-fix-info-syntax-error.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ac6a596923..a8d0066019 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -916,6 +916,7 @@ dist_patch_DATA = \ %D%/packages/patches/ruby-tzinfo-data-ignore-broken-test.patch\ %D%/packages/patches/scheme48-tests.patch \ %D%/packages/patches/scotch-test-threading.patch \ + %D%/packages/patches/screen-fix-info-syntax-error.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ %D%/packages/patches/serf-comment-style-fix.patch \ diff --git a/gnu/packages/patches/screen-fix-info-syntax-error.patch b/gnu/packages/patches/screen-fix-info-syntax-error.patch new file mode 100644 index 0000000000..6ee9091daa --- /dev/null +++ b/gnu/packages/patches/screen-fix-info-syntax-error.patch @@ -0,0 +1,47 @@ +Fix errors when building the info manual: + +[...] +./screen.texinfo:5799: unknown command `suse' +./screen.texinfo:5800: unknown command `deuxchevaux' +make[2]: *** [Makefile:31: screen.info] Error 1 +[...] + +Patch copied from upstream source repository: + +http://git.savannah.gnu.org/cgit/screen.git/commit/?id=a7d2f9e6ecfa794dd0bd3dbeaf6780c88a6f3152 + +From a7d2f9e6ecfa794dd0bd3dbeaf6780c88a6f3152 Mon Sep 17 00:00:00 2001 +From: Andreas Stieger +Date: Tue, 28 Feb 2017 19:23:01 +0100 +Subject: [PATCH] fix texinfo syntax errors + +thanks to Andreas Stieger +--- + src/doc/screen.texinfo | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/doc/screen.texinfo b/src/doc/screen.texinfo +index bc4cbae..aadad33 100644 +--- a/doc/screen.texinfo ++++ b/doc/screen.texinfo +@@ -5795,7 +5795,7 @@ and Alexander Naumov . + Contributors @* + ============ + +-@example ++@verbatim + Thomas Renninger , + Axel Beckert , + Ken Beal , +@@ -5826,7 +5826,7 @@ Contributors @* + Jason Merrill , + Johannes Zellner , + Pablo Averbuj . +-@end example ++@end verbatim + + @noindent + Version @* +-- +cgit v1.0-41-gc330 + diff --git a/gnu/packages/screen.scm b/gnu/packages/screen.scm index f5c914e88a..5ab5351e35 100644 --- a/gnu/packages/screen.scm +++ b/gnu/packages/screen.scm @@ -40,6 +40,7 @@ (method url-fetch) (uri (string-append "mirror://gnu/screen/screen-" version ".tar.gz")) + (patches (search-patches "screen-fix-info-syntax-error.patch")) (sha256 (base32 "0bbv16gpxrh64sn4bvjy3qjy7jsxjlqlilyysin02fwnvla23nwp")))) (build-system gnu-build-system) -- cgit v1.2.3 From 18d0cec29e22cdbc27c486129d1a1425de27f03f Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 10 Apr 2017 15:29:28 +0200 Subject: gnu: pcre2: Patch CVE-2017-7186. * gnu/packages/patches/pcre2-CVE-2017-7186.patch: New file. * gnu/packages/pcre.scm (pcre2)[source]: Use it. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/patches/pcre2-CVE-2017-7186.patch | 68 ++++++++++++++++++++++++++ gnu/packages/pcre.scm | 3 +- 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/pcre2-CVE-2017-7186.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index a8d0066019..c3a65789a3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -825,6 +825,7 @@ dist_patch_DATA = \ %D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchutils-xfail-gendiff-tests.patch \ %D%/packages/patches/patch-hurd-path-max.patch \ + %D%/packages/patches/pcre2-CVE-2017-7186.patch \ %D%/packages/patches/perl-autosplit-default-time.patch \ %D%/packages/patches/perl-deterministic-ordering.patch \ %D%/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \ diff --git a/gnu/packages/patches/pcre2-CVE-2017-7186.patch b/gnu/packages/patches/pcre2-CVE-2017-7186.patch new file mode 100644 index 0000000000..5c16955aaa --- /dev/null +++ b/gnu/packages/patches/pcre2-CVE-2017-7186.patch @@ -0,0 +1,68 @@ +Patch for +taken from . + +--- trunk/src/pcre2_internal.h 2016/11/19 12:46:24 600 ++++ trunk/src/pcre2_internal.h 2017/02/24 18:25:32 670 +@@ -1774,10 +1774,17 @@ + /* UCD access macros */ + + #define UCD_BLOCK_SIZE 128 +-#define GET_UCD(ch) (PRIV(ucd_records) + \ ++#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \ + PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \ + UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE]) + ++#if PCRE2_CODE_UNIT_WIDTH == 32 ++#define GET_UCD(ch) ((ch > MAX_UTF_CODE_POINT)? \ ++ PRIV(dummy_ucd_record) : REAL_GET_UCD(ch)) ++#else ++#define GET_UCD(ch) REAL_GET_UCD(ch) ++#endif ++ + #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype + #define UCD_SCRIPT(ch) GET_UCD(ch)->script + #define UCD_CATEGORY(ch) PRIV(ucp_gentype)[UCD_CHARTYPE(ch)] +@@ -1834,6 +1841,9 @@ + #define _pcre2_default_compile_context PCRE2_SUFFIX(_pcre2_default_compile_context_) + #define _pcre2_default_match_context PCRE2_SUFFIX(_pcre2_default_match_context_) + #define _pcre2_default_tables PCRE2_SUFFIX(_pcre2_default_tables_) ++#if PCRE2_CODE_UNIT_WIDTH == 32 ++#define _pcre2_dummy_ucd_record PCRE2_SUFFIX(_pcre2_dummy_ucd_record_) ++#endif + #define _pcre2_hspace_list PCRE2_SUFFIX(_pcre2_hspace_list_) + #define _pcre2_vspace_list PCRE2_SUFFIX(_pcre2_vspace_list_) + #define _pcre2_ucd_caseless_sets PCRE2_SUFFIX(_pcre2_ucd_caseless_sets_) +@@ -1858,6 +1868,9 @@ + extern const uint32_t PRIV(vspace_list)[]; + extern const uint32_t PRIV(ucd_caseless_sets)[]; + extern const ucd_record PRIV(ucd_records)[]; ++#if PCRE2_CODE_UNIT_WIDTH == 32 ++extern const ucd_record PRIV(dummy_ucd_record)[]; ++#endif + extern const uint8_t PRIV(ucd_stage1)[]; + extern const uint16_t PRIV(ucd_stage2)[]; + extern const uint32_t PRIV(ucp_gbtable)[]; + +--- trunk/src/pcre2_ucd.c 2015/07/17 15:44:51 316 ++++ trunk/src/pcre2_ucd.c 2017/02/24 18:25:32 670 +@@ -41,6 +41,20 @@ + + const char *PRIV(unicode_version) = "8.0.0"; + ++/* If the 32-bit library is run in non-32-bit mode, character values ++greater than 0x10ffff may be encountered. For these we set up a ++special record. */ ++ ++#if PCRE2_CODE_UNIT_WIDTH == 32 ++const ucd_record PRIV(dummy_ucd_record)[] = {{ ++ ucp_Common, /* script */ ++ ucp_Cn, /* type unassigned */ ++ ucp_gbOther, /* grapheme break property */ ++ 0, /* case set */ ++ 0, /* other case */ ++ }}; ++#endif ++ + /* When recompiling tables with a new Unicode version, please check the + types in this structure definition from pcre2_internal.h (the actual + field names will be different): diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm index 011a30dd38..9f610e59fd 100644 --- a/gnu/packages/pcre.scm +++ b/gnu/packages/pcre.scm @@ -81,7 +81,8 @@ POSIX regular expression API.") (sha256 (base32 - "0vn5g0mkkp99mmzpissa06hpyj6pk9s4mlwbjqrjvw3ihy8rpiyz")))) + "0vn5g0mkkp99mmzpissa06hpyj6pk9s4mlwbjqrjvw3ihy8rpiyz")) + (patches (search-patches "pcre2-CVE-2017-7186.patch")))) (build-system gnu-build-system) (inputs `(("bzip2" ,bzip2) ("readline" ,readline) -- cgit v1.2.3 From a97f0ee1368499dc40ea30002fcb6e06c7880acb Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 10 Apr 2017 15:35:24 +0200 Subject: gnu: pcre: Patch CVE-2017-7186. * gnu/packages/patches/pcre-CVE-2017-7186.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pcre.scm (pcre)[replacement]: New field. (pcre/fixed): New variable. --- gnu/local.mk | 1 + gnu/packages/patches/pcre-CVE-2017-7186.patch | 56 +++++++++++++++++++++++++++ gnu/packages/pcre.scm | 10 +++++ 3 files changed, 67 insertions(+) create mode 100644 gnu/packages/patches/pcre-CVE-2017-7186.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c3a65789a3..5782f83908 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -825,6 +825,7 @@ dist_patch_DATA = \ %D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchutils-xfail-gendiff-tests.patch \ %D%/packages/patches/patch-hurd-path-max.patch \ + %D%/packages/patches/pcre-CVE-2017-7186.patch \ %D%/packages/patches/pcre2-CVE-2017-7186.patch \ %D%/packages/patches/perl-autosplit-default-time.patch \ %D%/packages/patches/perl-deterministic-ordering.patch \ diff --git a/gnu/packages/patches/pcre-CVE-2017-7186.patch b/gnu/packages/patches/pcre-CVE-2017-7186.patch new file mode 100644 index 0000000000..d23aa10374 --- /dev/null +++ b/gnu/packages/patches/pcre-CVE-2017-7186.patch @@ -0,0 +1,56 @@ +Patch for +from . + +--- trunk/pcre_internal.h 2016/05/21 13:34:44 1649 ++++ trunk/pcre_internal.h 2017/02/24 17:30:30 1688 +@@ -2772,6 +2772,9 @@ + extern const pcre_uint16 PRIV(ucd_stage2)[]; + extern const pcre_uint32 PRIV(ucp_gentype)[]; + extern const pcre_uint32 PRIV(ucp_gbtable)[]; ++#ifdef COMPILE_PCRE32 ++extern const ucd_record PRIV(dummy_ucd_record)[]; ++#endif + #ifdef SUPPORT_JIT + extern const int PRIV(ucp_typerange)[]; + #endif +@@ -2780,9 +2783,15 @@ + /* UCD access macros */ + + #define UCD_BLOCK_SIZE 128 +-#define GET_UCD(ch) (PRIV(ucd_records) + \ ++#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \ + PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \ + UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE]) ++ ++#ifdef COMPILE_PCRE32 ++#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch)) ++#else ++#define GET_UCD(ch) REAL_GET_UCD(ch) ++#endif + + #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype + #define UCD_SCRIPT(ch) GET_UCD(ch)->script + +--- trunk/pcre_ucd.c 2014/06/19 07:51:39 1490 ++++ trunk/pcre_ucd.c 2017/02/24 17:30:30 1688 +@@ -38,6 +38,20 @@ + const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0}; + #else + ++/* If the 32-bit library is run in non-32-bit mode, character values ++greater than 0x10ffff may be encountered. For these we set up a ++special record. */ ++ ++#ifdef COMPILE_PCRE32 ++const ucd_record PRIV(dummy_ucd_record)[] = {{ ++ ucp_Common, /* script */ ++ ucp_Cn, /* type unassigned */ ++ ucp_gbOther, /* grapheme break property */ ++ 0, /* case set */ ++ 0, /* other case */ ++ }}; ++#endif ++ + /* When recompiling tables with a new Unicode version, please check the + types in this structure definition from pcre_internal.h (the actual + field names will be different): diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm index 9f610e59fd..1946f5229c 100644 --- a/gnu/packages/pcre.scm +++ b/gnu/packages/pcre.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2015 Ricardo Wurmus ;;; Copyright © 2016 Leo Famulari ;;; Copyright © 2017 Marius Bakke +;;; Copyright © 2017 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -33,6 +34,7 @@ (package (name "pcre") (version "8.40") + (replacement pcre/fixed) (source (origin (method url-fetch) (uri (list @@ -70,6 +72,14 @@ POSIX regular expression API.") (license license:bsd-3) (home-page "http://www.pcre.org/"))) +(define pcre/fixed + (package + (inherit pcre) + (replacement #f) + (source (origin + (inherit (package-source pcre)) + (patches (search-patches "pcre-CVE-2017-7186.patch")))))) + (define-public pcre2 (package (name "pcre2") -- cgit v1.2.3 From 0c3953ea603e6abd885a5a91b84f7f7788d0829f Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Mon, 10 Apr 2017 17:49:47 -0400 Subject: gnu: Move dillo to web-browsers.scm. * gnu/packages/dillo.scm: Remove file and move dillo... * gnu/packages/web-browsers.scm: ...here. New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Remove dillo.scm and add web-browsers.scm. --- gnu/local.mk | 2 +- gnu/packages/dillo.scm | 63 ------------------------------------------- gnu/packages/web-browsers.scm | 63 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 64 insertions(+), 64 deletions(-) delete mode 100644 gnu/packages/dillo.scm create mode 100644 gnu/packages/web-browsers.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5782f83908..d755d8248e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -105,7 +105,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/dejagnu.scm \ %D%/packages/dico.scm \ %D%/packages/dictionaries.scm \ - %D%/packages/dillo.scm \ %D%/packages/disk.scm \ %D%/packages/display-managers.scm \ %D%/packages/django.scm \ @@ -389,6 +388,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/w3m.scm \ %D%/packages/wdiff.scm \ %D%/packages/web.scm \ + %D%/packages/web-browsers.scm \ %D%/packages/webkit.scm \ %D%/packages/wget.scm \ %D%/packages/wicd.scm \ diff --git a/gnu/packages/dillo.scm b/gnu/packages/dillo.scm deleted file mode 100644 index 6e0c4d17a9..0000000000 --- a/gnu/packages/dillo.scm +++ /dev/null @@ -1,63 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2016 Kei Kebreau -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu packages dillo) - #:use-module ((guix licenses) #:prefix license:) - #:use-module (guix packages) - #:use-module (gnu packages) - #:use-module (gnu packages compression) - #:use-module (gnu packages fltk) - #:use-module (gnu packages fontutils) - #:use-module (gnu packages perl) - #:use-module (gnu packages pkg-config) - #:use-module (gnu packages image) - #:use-module (gnu packages tls) - #:use-module (gnu packages xorg) - #:use-module (guix download) - #:use-module (guix build-system gnu)) - -(define-public dillo - (package - (name "dillo") - (version "3.0.5") - (source (origin - (method url-fetch) - (uri (string-append "http://www.dillo.org/download/" - name "-" version ".tar.bz2")) - (sha256 - (base32 - "12ql8n1lypv3k5zqgwjxlw1md90ixz3ag6j1gghfnhjq3inf26yv")))) - (build-system gnu-build-system) - (arguments `(#:configure-flags '("--enable-ssl" "--enable-ipv6"))) - (native-inputs `(("pkg-config" ,pkg-config))) - (inputs `(("fltk" ,fltk) - ("fontconfig" ,fontconfig) - ("libjpeg" ,libjpeg) - ("libpng" ,libpng) - ("libxcursor" ,libxcursor) - ("libxft" ,libxft) - ("libxi" ,libxi) - ("libxinerama" ,libxinerama) - ("openssl" ,openssl) - ("perl" ,perl) - ("zlib" ,zlib))) - (synopsis "Very small and fast graphical web browser") - (description "Dillo is a minimalistic web browser particularly intended for -older or slower computers and embedded systems.") - (home-page "http://www.dillo.org") - (license license:gpl3+))) diff --git a/gnu/packages/web-browsers.scm b/gnu/packages/web-browsers.scm new file mode 100644 index 0000000000..3ff69611bf --- /dev/null +++ b/gnu/packages/web-browsers.scm @@ -0,0 +1,63 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Kei Kebreau +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages web-browsers) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (gnu packages) + #:use-module (gnu packages compression) + #:use-module (gnu packages fltk) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages perl) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages image) + #:use-module (gnu packages tls) + #:use-module (gnu packages xorg) + #:use-module (guix download) + #:use-module (guix build-system gnu)) + +(define-public dillo + (package + (name "dillo") + (version "3.0.5") + (source (origin + (method url-fetch) + (uri (string-append "http://www.dillo.org/download/" + name "-" version ".tar.bz2")) + (sha256 + (base32 + "12ql8n1lypv3k5zqgwjxlw1md90ixz3ag6j1gghfnhjq3inf26yv")))) + (build-system gnu-build-system) + (arguments `(#:configure-flags '("--enable-ssl" "--enable-ipv6"))) + (native-inputs `(("pkg-config" ,pkg-config))) + (inputs `(("fltk" ,fltk) + ("fontconfig" ,fontconfig) + ("libjpeg" ,libjpeg) + ("libpng" ,libpng) + ("libxcursor" ,libxcursor) + ("libxft" ,libxft) + ("libxi" ,libxi) + ("libxinerama" ,libxinerama) + ("openssl" ,openssl) + ("perl" ,perl) + ("zlib" ,zlib))) + (synopsis "Very small and fast graphical web browser") + (description "Dillo is a minimalistic web browser particularly intended for +older or slower computers and embedded systems.") + (home-page "http://www.dillo.org") + (license license:gpl3+))) -- cgit v1.2.3 From e79bfa181a91f15e93d7de6bd8691e4b77fbe678 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 11 Apr 2017 15:37:48 +0200 Subject: gnu: Add Luminance HDR. * gnu/packages/image-viewers.scm (luminance-hdr): New variable. * gnu/packages/patches/luminance-hdr-qt-printer.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/image-viewers.scm | 74 +++++++++++++++++++++- .../patches/luminance-hdr-qt-printer.patch | 28 ++++++++ 3 files changed, 101 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/luminance-hdr-qt-printer.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index d755d8248e..f3a4e54afa 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -757,6 +757,7 @@ dist_patch_DATA = \ %D%/packages/patches/luajit-no_ldconfig.patch \ %D%/packages/patches/luajit-symlinks.patch \ %D%/packages/patches/luit-posix.patch \ + %D%/packages/patches/luminance-hdr-qt-printer.patch \ %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/lxsession-use-gapplication.patch \ %D%/packages/patches/lz4-fix-test-failures.patch \ diff --git a/gnu/packages/image-viewers.scm b/gnu/packages/image-viewers.scm index a7e108a292..830ce10ea6 100644 --- a/gnu/packages/image-viewers.scm +++ b/gnu/packages/image-viewers.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013 Ludovic Courtès +;;; Copyright © 2013, 2017 Ludovic Courtès ;;; Copyright © 2014 Ian Denhardt ;;; Copyright © 2015, 2016 Alex Kost ;;; Copyright © 2016 Efraim Flashner @@ -29,17 +29,24 @@ #:use-module (guix build-system gnu) #:use-module (guix build-system cmake) #:use-module (gnu packages autotools) + #:use-module (gnu packages algebra) #:use-module (gnu packages base) + #:use-module (gnu packages boost) + #:use-module (gnu packages compression) #:use-module (gnu packages curl) #:use-module (gnu packages ghostscript) #:use-module (gnu packages glib) #:use-module (gnu packages gnome) #:use-module (gnu packages gtk) + #:use-module (gnu packages graphics) #:use-module (gnu packages image) #:use-module (gnu packages imagemagick) + #:use-module (gnu packages maths) #:use-module (gnu packages photo) #:use-module (gnu packages pkg-config) - #:use-module (gnu packages xorg)) + #:use-module (gnu packages qt) + #:use-module (gnu packages xorg) + #:use-module (gnu packages)) (define-public feh (package @@ -290,3 +297,66 @@ your images. Among its features are: "Catimg is a little program that prints images in the terminal. It supports JPEG, PNG and GIF formats.") (license license:expat))) + +(define-public luminance-hdr + (package + (name "luminance-hdr") + (version "2.4.0") + (source (origin + (method url-fetch) + (uri (string-append + "mirror://sourceforge/qtpfsgui/luminance/" + version "/luminance-hdr-" version ".tar.bz2")) + (sha256 + (base32 + "00fldbcizrx8jcnjgq74n3zmbm27dxzl96fxa7q49689mfnlw08l")) + (patches (search-patches "luminance-hdr-qt-printer.patch")))) + (build-system cmake-build-system) + (native-inputs + `(("pkg-config" ,pkg-config) + ("qttools" ,qttools))) + (inputs + `(("qtbase" ,qtbase) + ("qtdeclarative" ,qtdeclarative) + ("qtwebkit" ,qtwebkit) + ("boost" ,boost) + ;; ("gtest" ,gtest) + ("libraw" ,libraw) + ("zlib" ,zlib) + ("exiv2" ,exiv2) + ("libpng" ,libpng) + ("libjpeg" ,libjpeg) + ("lcms" ,lcms) + ("openexr" ,openexr) + ("fftw" ,fftwf) + ("gsl" ,gsl) + ("libtiff" ,libtiff))) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'set-paths 'add-ilmbase-include-path + (lambda* (#:key inputs #:allow-other-keys) + ;; 'OpenEXR.pc' has a -I for IlmBase but 'FindOpenEXR.cmake' does + ;; not use 'OpenEXR.pc'. Thus, we need to add + ;; "$ilmbase/include/OpenEXR/" to the CPATH. + (setenv "CPATH" + (string-append (assoc-ref inputs "ilmbase") + "/include/OpenEXR" + ":" (or (getenv "CPATH") ""))) + #t))))) + (home-page "http://qtpfsgui.sourceforge.net") + (synopsis "High dynamic range (HDR) imaging application") + (description + "Luminance HDR (formerly QtPFSGui) is a graphical user interface +application that aims to provide a workflow for high dynamic range (HDR) +imaging. It supports several HDR and LDR image formats, and it can: + +@itemize +@item Create an HDR file from a set of images (formats: JPEG, TIFF 8bit and +16bit, RAW) of the same scene taken at different exposure setting; +@item Save load HDR images; +@item Rotate, resize and crop HDR images; +@item Tone-map HDR images; +@item Copy EXIF data between sets of images. +@end itemize\n") + (license license:gpl2+))) diff --git a/gnu/packages/patches/luminance-hdr-qt-printer.patch b/gnu/packages/patches/luminance-hdr-qt-printer.patch new file mode 100644 index 0000000000..c65f9537cd --- /dev/null +++ b/gnu/packages/patches/luminance-hdr-qt-printer.patch @@ -0,0 +1,28 @@ +Allow the 'QtPrinter' header to be found, as described +at . + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index fbad8a2..8379c8a 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -29,6 +29,7 @@ find_package(Qt5Xml) + find_package(Qt5Sql) + find_package(Qt5Network) + find_package(Qt5LinguistTools) ++find_package(Qt5PrintSupport REQUIRED) + IF(WIN32) + find_package(Qt5WinExtras) + ENDIF() +diff --git a/src/HelpBrowser/CMakeLists.txt b/src/HelpBrowser/CMakeLists.txt +index 04319a8..5537dae 100644 +--- a/src/HelpBrowser/CMakeLists.txt ++++ b/src/HelpBrowser/CMakeLists.txt +@@ -29,7 +29,7 @@ QT5_WRAP_UI(FILES_UI_H ${FILES_UI}) + + + ADD_LIBRARY(helpbrowser ${FILES_H} ${FILES_CPP} ${FILES_MOC} ${FILES_UI_H} ${FILES_HXX}) +-qt5_use_modules(helpbrowser Core Concurrent Gui Widgets Xml WebKit WebKitWidgets) ++qt5_use_modules(helpbrowser Core Concurrent Gui Widgets Xml WebKit WebKitWidgets PrintSupport) + + SET(FILES_TO_TRANSLATE ${FILES_TO_TRANSLATE} ${FILES_CPP} ${FILES_H} ${FILES_UI} ${FILES_HXX} PARENT_SCOPE) + SET(LUMINANCE_MODULES_GUI ${LUMINANCE_MODULES_GUI} helpbrowser PARENT_SCOPE) -- cgit v1.2.3 From 0adb47bdc7d15e53b8c4c443ad19ebdfcc4177a0 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 11 Apr 2017 00:36:07 -0400 Subject: gnu: dovecot: Update to 2.2.29 [fixes CVE-2017-2669]. * gnu/packages/mail.scm (dovecot): Update to 2.2.29. [source]: Use 'dovecot-fix-failing-test.patch'. * gnu/packages/patches/dovecot-fix-failing-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/mail.scm | 8 +- .../patches/dovecot-fix-failing-test.patch | 118 +++++++++++++++++++++ 3 files changed, 124 insertions(+), 3 deletions(-) create mode 100644 gnu/packages/patches/dovecot-fix-failing-test.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f3a4e54afa..212228d5c2 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -539,6 +539,7 @@ dist_patch_DATA = \ %D%/packages/patches/diffutils-gets-undeclared.patch \ %D%/packages/patches/doc++-include-directives.patch \ %D%/packages/patches/doc++-segfault-fix.patch \ + %D%/packages/patches/dovecot-fix-failing-test.patch \ %D%/packages/patches/doxygen-test.patch \ %D%/packages/patches/elfutils-tests-ptrace.patch \ %D%/packages/patches/elixir-disable-failing-tests.patch \ diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 49fdb32e8d..1a6c505efd 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1086,15 +1086,17 @@ facilities for checking incoming mail.") (define-public dovecot (package (name "dovecot") - (version "2.2.28") + (version "2.2.29") (source (origin (method url-fetch) (uri (string-append "https://www.dovecot.org/releases/" (version-major+minor version) "/" name "-" version ".tar.gz")) - (sha256 (base32 - "098zpkmkk93372qnv6drgbfg8hp5mynspzc1735qgar6wdcqya70")))) + (patches (search-patches "dovecot-fix-failing-test.patch")) + (sha256 + (base32 + "19irf7b5mjqq68mrpdd38gxc0zp2nqib942kjp3aif3f2acylffr")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/patches/dovecot-fix-failing-test.patch b/gnu/packages/patches/dovecot-fix-failing-test.patch new file mode 100644 index 0000000000..343bab03f9 --- /dev/null +++ b/gnu/packages/patches/dovecot-fix-failing-test.patch @@ -0,0 +1,118 @@ +This patch fixes a test failure in dovecot 2.2.29, like this [0]: + +------ +Making check in lib-imap-client +make[2]: Entering directory +`/builddir/build/BUILD/dovecot-2.2.29/src/lib-imap-client' +for bin in test-imapc-client; do \ + if ! ./$bin; then exit 1; fi; \ + done +Warning: imapc(127.0.0.1:0): connect(127.0.0.1, 0) failed: Connection +refused - reconnecting (delay 10 ms) +Error: imapc(127.0.0.1:0): connect(127.0.0.1, 0) failed: Connection +refused - disconnecting +test: random seed #1 was 1492054294 +imapc connect failed ................................................. : ok +Warning: imapc(127.0.0.1:42704): connect(127.0.0.1, 42704) timed out +after 0 seconds - reconnecting (delay 0 ms) +Error: imapc(127.0.0.1:42704): connect(127.0.0.1, 42704) timed out after +0 seconds - disconnecting +imapc banner hangs ................................................... : ok +Warning: imapc(127.0.0.1:36762): Authentication timed out after 0 +seconds - reconnecting (delay 0 ms) +Error: imapc(127.0.0.1:36762): Authentication failed: Disconnected from +server +imapc login hangs .................................................... : ok +test-imapc-client.c:358: Assert failed: test_imapc_cmd_last_reply_pop() +== IMAPC_COMMAND_STATE_OK +imapc reconnect ...................................................... : +FAILED +imapc reconnect resend commands ...................................... : ok +imapc reconnect resend commands failed ............................... : ok +imapc reconnect mailbox .............................................. : ok +1 / 7 tests failed +------ + +Patch copied from upstream source repository: + +https://github.com/dovecot/core/commit/3a1c64363a64cdfe9153eb6292d8923f38955d82 + +[0] +https://dovecot.org/pipermail/dovecot/2017-April/107751.html + +From 3a1c64363a64cdfe9153eb6292d8923f38955d82 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Mon, 10 Apr 2017 17:07:28 +0300 +Subject: [PATCH] lib-imap-client: Fix reconnection + +There was already code for reconnection. We just shouldn't have gone very +far in imapc_connection_connect() if we were still waiting for reconnection +delay to pass. +--- + src/lib-imap-client/imapc-connection.c | 25 +++++++++---------------- + 1 file changed, 9 insertions(+), 16 deletions(-) + +diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c +index 95067e6..6eaf1ab 100644 +--- a/src/lib-imap-client/imapc-connection.c ++++ b/src/lib-imap-client/imapc-connection.c +@@ -130,6 +130,7 @@ struct imapc_connection { + struct timeout *to_throttle, *to_throttle_shrink; + + unsigned int reconnecting:1; ++ unsigned int reconnect_waiting:1; + unsigned int reconnect_ok:1; + unsigned int idling:1; + unsigned int idle_stopping:1; +@@ -504,6 +505,7 @@ static bool imapc_connection_can_reconnect(struct imapc_connection *conn) + static void imapc_connection_reconnect(struct imapc_connection *conn) + { + conn->reconnect_ok = FALSE; ++ conn->reconnect_waiting = FALSE; + + if (conn->selected_box != NULL) + imapc_client_mailbox_reconnect(conn->selected_box); +@@ -536,6 +538,7 @@ imapc_connection_try_reconnect(struct imapc_connection *conn, + imapc_connection_disconnect_full(conn, TRUE); + conn->to = timeout_add(delay_msecs, imapc_connection_reconnect, conn); + conn->reconnect_count++; ++ conn->reconnect_waiting = TRUE; + } + } + } +@@ -1785,6 +1788,12 @@ void imapc_connection_connect(struct imapc_connection *conn) + + if (conn->fd != -1 || conn->dns_lookup != NULL) + return; ++ if (conn->reconnect_waiting) { ++ /* wait for the reconnection delay to finish before ++ doing anything. */ ++ return; ++ } ++ + conn->reconnecting = FALSE; + /* if we get disconnected before we've finished all the pending + commands, don't reconnect */ +@@ -1792,22 +1801,6 @@ void imapc_connection_connect(struct imapc_connection *conn) + array_count(&conn->cmd_send_queue); + + imapc_connection_input_reset(conn); +- +- int msecs_since_last_connect = +- timeval_diff_msecs(&ioloop_timeval, &conn->last_connect); +- if (!conn->reconnect_ok && +- msecs_since_last_connect < (int)conn->client->set.connect_retry_interval_msecs) { +- if (conn->to != NULL) +- timeout_remove(&conn->to); +- conn->reconnecting = TRUE; +- imapc_connection_set_disconnected(conn); +- /* don't wait longer than necessary */ +- unsigned int delay_msecs = +- conn->client->set.connect_retry_interval_msecs - +- msecs_since_last_connect; +- conn->to = timeout_add(delay_msecs, imapc_connection_reconnect, conn); +- return; +- } + conn->last_connect = ioloop_timeval; + + if (conn->client->set.debug) { -- cgit v1.2.3 From 0eb0fe2d302028b51185b98ac55e45b483a5ea82 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Wed, 12 Apr 2017 06:19:56 +0300 Subject: gnu: jasper: Fixx CVE-2017-6850. * gnu/packages/image.scm (jasper)[source]: Add patch. * gnu/packages/patches/jasper-CVE-2017-6850.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 +- gnu/packages/patches/jasper-CVE-2017-6850.patch | 284 ++++++++++++++++++++++++ 3 files changed, 287 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/jasper-CVE-2017-6850.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 212228d5c2..006dbe7997 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -661,6 +661,7 @@ dist_patch_DATA = \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ %D%/packages/patches/isl-0.11.1-aarch64-support.patch \ + %D%/packages/patches/jasper-CVE-2017-6850.patch \ %D%/packages/patches/jbig2dec-ignore-testtest.patch \ %D%/packages/patches/jbig2dec-CVE-2016-9601.patch \ %D%/packages/patches/jq-CVE-2015-8863.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index b5b3a7283d..2725c168b6 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -905,7 +905,8 @@ convert, manipulate, filter and display a wide variety of image formats.") "/software/jasper-" version ".tar.gz")) (sha256 (base32 - "1njdbxv7d4anzrd476wjww2qsi96dd8vfnp4hri0srrqxpszl92v")))) + "1njdbxv7d4anzrd476wjww2qsi96dd8vfnp4hri0srrqxpszl92v")) + (patches (search-patches "jasper-CVE-2017-6850.patch")))) (build-system cmake-build-system) (inputs `(("libjpeg" ,libjpeg))) (synopsis "JPEG-2000 library") diff --git a/gnu/packages/patches/jasper-CVE-2017-6850.patch b/gnu/packages/patches/jasper-CVE-2017-6850.patch new file mode 100644 index 0000000000..07672762a1 --- /dev/null +++ b/gnu/packages/patches/jasper-CVE-2017-6850.patch @@ -0,0 +1,284 @@ +This patch is from upstream and should be fixed included in the next release + +From e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d Mon Sep 17 00:00:00 2001 +From: Michael Adams +Date: Sat, 4 Mar 2017 14:43:24 -0800 +Subject: [PATCH] Fixed bugs due to uninitialized data in the JP2 decoder. + Also, added some comments marking I/O stream interfaces that probably need to + be changed (in the long term) to fix integer overflow problems. + +--- + src/libjasper/base/jas_stream.c | 18 +++++++++++++++++ + src/libjasper/jp2/jp2_cod.c | 44 ++++++++++++++++++++++++++++------------- + 2 files changed, 48 insertions(+), 14 deletions(-) + +diff --git a/src/libjasper/base/jas_stream.c b/src/libjasper/base/jas_stream.c +index 327ee57..d70408f 100644 +--- a/src/libjasper/base/jas_stream.c ++++ b/src/libjasper/base/jas_stream.c +@@ -664,6 +664,7 @@ int jas_stream_ungetc(jas_stream_t *stream, int c) + return 0; + } + ++/* FIXME integral type */ + int jas_stream_read(jas_stream_t *stream, void *buf, int cnt) + { + int n; +@@ -690,6 +691,7 @@ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt) + return n; + } + ++/* FIXME integral type */ + int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt) + { + int n; +@@ -742,6 +744,7 @@ int jas_stream_puts(jas_stream_t *stream, const char *s) + return 0; + } + ++/* FIXME integral type */ + char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize) + { + int c; +@@ -765,6 +768,7 @@ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize) + return buf; + } + ++/* FIXME integral type */ + int jas_stream_gobble(jas_stream_t *stream, int n) + { + int m; +@@ -783,6 +787,7 @@ int jas_stream_gobble(jas_stream_t *stream, int n) + return n; + } + ++/* FIXME integral type */ + int jas_stream_pad(jas_stream_t *stream, int n, int c) + { + int m; +@@ -885,6 +890,7 @@ long jas_stream_tell(jas_stream_t *stream) + * Buffer initialization code. + \******************************************************************************/ + ++/* FIXME integral type */ + static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf, + int bufsize) + { +@@ -1060,6 +1066,7 @@ static int jas_strtoopenmode(const char *s) + return openmode; + } + ++/* FIXME integral type */ + int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n) + { + int all; +@@ -1085,6 +1092,7 @@ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n) + return 0; + } + ++/* FIXME integral type */ + long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt) + { + int old; +@@ -1094,6 +1102,7 @@ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt) + return old; + } + ++/* FIXME integral type */ + int jas_stream_display(jas_stream_t *stream, FILE *fp, int n) + { + unsigned char buf[16]; +@@ -1168,6 +1177,7 @@ long jas_stream_length(jas_stream_t *stream) + * Memory stream object. + \******************************************************************************/ + ++/* FIXME integral type */ + static int mem_read(jas_stream_obj_t *obj, char *buf, int cnt) + { + ssize_t n; +@@ -1209,6 +1219,7 @@ static int mem_resize(jas_stream_memobj_t *m, size_t bufsize) + return 0; + } + ++/* FIXME integral type */ + static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt) + { + size_t n; +@@ -1264,6 +1275,7 @@ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt) + return ret; + } + ++/* FIXME integral type */ + static long mem_seek(jas_stream_obj_t *obj, long offset, int origin) + { + jas_stream_memobj_t *m = (jas_stream_memobj_t *)obj; +@@ -1310,6 +1322,7 @@ static int mem_close(jas_stream_obj_t *obj) + * File stream object. + \******************************************************************************/ + ++/* FIXME integral type */ + static int file_read(jas_stream_obj_t *obj, char *buf, int cnt) + { + jas_stream_fileobj_t *fileobj; +@@ -1318,6 +1331,7 @@ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt) + return read(fileobj->fd, buf, cnt); + } + ++/* FIXME integral type */ + static int file_write(jas_stream_obj_t *obj, char *buf, int cnt) + { + jas_stream_fileobj_t *fileobj; +@@ -1326,6 +1340,7 @@ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt) + return write(fileobj->fd, buf, cnt); + } + ++/* FIXME integral type */ + static long file_seek(jas_stream_obj_t *obj, long offset, int origin) + { + jas_stream_fileobj_t *fileobj; +@@ -1352,6 +1367,7 @@ static int file_close(jas_stream_obj_t *obj) + * Stdio file stream object. + \******************************************************************************/ + ++/* FIXME integral type */ + static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt) + { + FILE *fp; +@@ -1367,6 +1383,7 @@ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt) + return result; + } + ++/* FIXME integral type */ + static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt) + { + FILE *fp; +@@ -1377,6 +1394,7 @@ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt) + return (n != JAS_CAST(size_t, cnt)) ? (-1) : cnt; + } + ++/* FIXME integral type */ + static long sfile_seek(jas_stream_obj_t *obj, long offset, int origin) + { + FILE *fp; +diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c +index 7f3608a..8d98a2c 100644 +--- a/src/libjasper/jp2/jp2_cod.c ++++ b/src/libjasper/jp2/jp2_cod.c +@@ -183,15 +183,28 @@ jp2_boxinfo_t jp2_boxinfo_unk = { + * Box constructor. + \******************************************************************************/ + +-jp2_box_t *jp2_box_create(int type) ++jp2_box_t *jp2_box_create0() + { + jp2_box_t *box; +- jp2_boxinfo_t *boxinfo; +- + if (!(box = jas_malloc(sizeof(jp2_box_t)))) { + return 0; + } + memset(box, 0, sizeof(jp2_box_t)); ++ box->type = 0; ++ box->len = 0; ++ // Mark the box data as never having been constructed ++ // so that we will not errantly attempt to destroy it later. ++ box->ops = &jp2_boxinfo_unk.ops; ++ return box; ++} ++ ++jp2_box_t *jp2_box_create(int type) ++{ ++ jp2_box_t *box; ++ jp2_boxinfo_t *boxinfo; ++ if (!(box = jp2_box_create0())) { ++ return 0; ++ } + box->type = type; + box->len = 0; + if (!(boxinfo = jp2_boxinfolookup(type))) { +@@ -248,14 +261,9 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) + box = 0; + tmpstream = 0; + +- if (!(box = jas_malloc(sizeof(jp2_box_t)))) { ++ if (!(box = jp2_box_create0())) { + goto error; + } +- +- // Mark the box data as never having been constructed +- // so that we will not errantly attempt to destroy it later. +- box->ops = &jp2_boxinfo_unk.ops; +- + if (jp2_getuint32(in, &len) || jp2_getuint32(in, &box->type)) { + goto error; + } +@@ -263,10 +271,12 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) + box->info = boxinfo; + box->len = len; + JAS_DBGLOG(10, ( +- "preliminary processing of JP2 box: type=%c%s%c (0x%08x); length=%d\n", ++ "preliminary processing of JP2 box: " ++ "type=%c%s%c (0x%08x); length=%"PRIuFAST32"\n", + '"', boxinfo->name, '"', box->type, box->len + )); + if (box->len == 1) { ++ JAS_DBGLOG(10, ("big length\n")); + if (jp2_getuint64(in, &extlen)) { + goto error; + } +@@ -382,6 +392,7 @@ static int jp2_bpcc_getdata(jp2_box_t *box, jas_stream_t *in) + { + jp2_bpcc_t *bpcc = &box->data.bpcc; + unsigned int i; ++ bpcc->bpcs = 0; + bpcc->numcmpts = box->datalen; + if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) { + return -1; +@@ -462,6 +473,7 @@ static int jp2_cdef_getdata(jp2_box_t *box, jas_stream_t *in) + jp2_cdef_t *cdef = &box->data.cdef; + jp2_cdefchan_t *chan; + unsigned int channo; ++ cdef->ents = 0; + if (jp2_getuint16(in, &cdef->numchans)) { + return -1; + } +@@ -518,7 +530,9 @@ int jp2_box_put(jp2_box_t *box, jas_stream_t *out) + } + + if (dataflag) { +- if (jas_stream_copy(out, tmpstream, box->len - JP2_BOX_HDRLEN(false))) { ++ if (jas_stream_copy(out, tmpstream, box->len - ++ JP2_BOX_HDRLEN(false))) { ++ jas_eprintf("cannot copy box data\n"); + goto error; + } + jas_stream_close(tmpstream); +@@ -777,6 +791,7 @@ static int jp2_cmap_getdata(jp2_box_t *box, jas_stream_t *in) + jp2_cmap_t *cmap = &box->data.cmap; + jp2_cmapent_t *ent; + unsigned int i; ++ cmap->ents = 0; + + cmap->numchans = (box->datalen) / 4; + if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) { +@@ -835,6 +850,7 @@ static int jp2_pclr_getdata(jp2_box_t *box, jas_stream_t *in) + int_fast32_t x; + + pclr->lutdata = 0; ++ pclr->bpc = 0; + + if (jp2_getuint16(in, &pclr->numlutents) || + jp2_getuint8(in, &pclr->numchans)) { +@@ -869,9 +885,9 @@ static int jp2_pclr_putdata(jp2_box_t *box, jas_stream_t *out) + #if 0 + jp2_pclr_t *pclr = &box->data.pclr; + #endif +-/* Eliminate warning about unused variable. */ +-box = 0; +-out = 0; ++ /* Eliminate warning about unused variable. */ ++ box = 0; ++ out = 0; + return -1; + } + -- cgit v1.2.3 From 4467c2d1dcbf88e26767616a49ed49de8ee48f57 Mon Sep 17 00:00:00 2001 From: Hartmut Goebel Date: Tue, 28 Mar 2017 17:49:41 +0200 Subject: gnu: Update kde-frameworks to 5.32.0 * gnu/packages/kde-frameworks.scm (breeze-icons): Update to 5.32.0. [arguments]: Re-enable tests. (kio): Update to 5.32.0. [source]: Remove patch. (ktexteditor): Update to 5.32.0. [inputs]: Add ksyntaxhighlighting. (networkmanager-qt): Update to 5.32.0. [source]: Add patches. (kunitconversion): Update to 5.32.0. [arguments] : New phase. (ksyntaxhighlighting): Update to 5.32.0.[native-iputs]: Add qtools. (knewstuff): Update to 5.32.0. [inputs]: Add qtdeclarative. (attica, baloo, bluez-qt, extra-cmake-modules, kactivities, kactivities-stats, kapidox, karchive, kauth, kbookmarks, kcmutils, kcodecs, kcompletion, kconfig, kconfigwidgets, kcoreaddons, kcrash, kdbusaddons, kdeclarative, kded, kdesignerplugin, kdesu, kdnssd, kdoctools, kemoticons, kfilemetadata, kglobalaccel, kguiaddons, ki18n, kiconthemes, kidletime, kimageformats, kinit, kitemmodels, kitemviews, kjobwidgets, knotifications, knotifyconfig, kpackage, kparts, kpeople, kplotting, kpty, krunner, kservice, ktextwidgets, kwallet, kwayland, kwidgetsaddons, kwindowsystem, kxmlgui, kxmlrpcclient, modemmanager-qt, oxygen-icons, plasma-framework, solid, sonnet, threadweaver): Update to 5.32.0. * gnu/packages/patches/kio-CVE-2017-6410.patch: Delete file. * gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch, gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch: New files. * gnu/local.mk (dist_patch_DATA): Remove resp. add the patch files. --- gnu/local.mk | 3 +- gnu/packages/kde-frameworks.scm | 286 +++++++++++---------- gnu/packages/patches/kio-CVE-2017-6410.patch | 53 ---- ...networkmanager-qt-activeconnection-test-1.patch | 60 +++++ ...networkmanager-qt-activeconnection-test-2.patch | 57 ++++ 5 files changed, 268 insertions(+), 191 deletions(-) delete mode 100644 gnu/packages/patches/kio-CVE-2017-6410.patch create mode 100644 gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch create mode 100644 gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 006dbe7997..98dffff648 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -667,7 +667,6 @@ dist_patch_DATA = \ %D%/packages/patches/jq-CVE-2015-8863.patch \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/khmer-use-libraries.patch \ - %D%/packages/patches/kio-CVE-2017-6410.patch \ %D%/packages/patches/kmod-module-directory.patch \ %D%/packages/patches/kobodeluxe-paths.patch \ %D%/packages/patches/kobodeluxe-enemies-pipe-decl.patch \ @@ -796,6 +795,8 @@ dist_patch_DATA = \ %D%/packages/patches/netsurf-system-utf8proc.patch \ %D%/packages/patches/netsurf-y2038-tests.patch \ %D%/packages/patches/netsurf-longer-test-timeout.patch \ + %D%/packages/patches/networkmanager-qt-activeconnection-test-1.patch \ + %D%/packages/patches/networkmanager-qt-activeconnection-test-2.patch \ %D%/packages/patches/ngircd-handle-zombies.patch \ %D%/packages/patches/ninja-zero-mtime.patch \ %D%/packages/patches/node-9077.patch \ diff --git a/gnu/packages/kde-frameworks.scm b/gnu/packages/kde-frameworks.scm index b431a85604..2c263e4718 100644 --- a/gnu/packages/kde-frameworks.scm +++ b/gnu/packages/kde-frameworks.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Andreas Enge ;;; Copyright © 2016 Efraim Flashner -;;; Copyright © 2016 Hartmut Goebel +;;; Copyright © 2016,2017 Hartmut Goebel ;;; Copyright © 2016 David Craven ;;; Copyright © 2017 Thomas Danckaert ;;; @@ -59,7 +59,7 @@ (define-public extra-cmake-modules (package (name "extra-cmake-modules") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -68,7 +68,7 @@ name "-" version ".tar.xz")) (sha256 (base32 - "0yi60qd08x5093wb8dv9cx370iaabn44hzcang92g9ssfmz0zd2h")))) + "1iqakxzr6bcs9wgyi8if1smpq6px0bvlcyddyk0hxhindzl7pn5i")))) (build-system cmake-build-system) (native-inputs `(("qtbase" ,qtbase))) ; For tests (needs qmake) @@ -240,7 +240,7 @@ Phonon-GStreamer is a backend based on the GStreamer multimedia library.") (define-public attica (package (name "attica") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -249,7 +249,7 @@ Phonon-GStreamer is a backend based on the GStreamer multimedia library.") name "-" version ".tar.xz")) (sha256 (base32 - "14v6vi8awk1m58l9svpjd54ckd6milzavgfbkdspsz0km1cpqlks")))) + "16vl3gpwqcvfms82grv1bvqlxj085bqssv5ixjx007826pd8qhp5")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -272,7 +272,7 @@ http://freedesktop.org/wiki/Specifications/open-collaboration-services/") (define-public bluez-qt (package (name "bluez-qt") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -281,7 +281,7 @@ http://freedesktop.org/wiki/Specifications/open-collaboration-services/") name "-" version ".tar.xz")) (sha256 (base32 - "1rfzwrvvkc5f4l943f4r235gdniqc7njyw4fx36v00daj2r4aqi9")))) + "0pl6cp0rgjkh7d06ik35rw7qd96j5sh2flgjx4vi21zl5vf3vgyh")))) (build-system cmake-build-system) (native-inputs `(("dbus" ,dbus) @@ -306,7 +306,7 @@ Bluetooth stack. It is used by the KDE Bluetooth stack, BlueDevil.") (define-public breeze-icons (package (name "breeze-icons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -315,7 +315,7 @@ Bluetooth stack. It is used by the KDE Bluetooth stack, BlueDevil.") name "-" version ".tar.xz")) (sha256 (base32 - "06zwg2g0157ac6xsgxs5f8s1sk8rh2j3y057iqmfg2ng2sh9byh2")))) + "1n51kahzk09v52yhi7k4kqgavqlz3ghqv5cx2ssz2djpyavs18r3")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -323,11 +323,6 @@ Bluetooth stack. It is used by the KDE Bluetooth stack, BlueDevil.") ("libxml2" ,libxml2))) (inputs `(("qtbase" ,qtbase))) - ;; FIXME: Dupes test fails. Issue is fixed upstream - ;; Remove when updating to 5.28. - ;; https://github.com/KDE/breeze-icons/commit/22b383359e3a0e02d4828e6fa8ed8a3d213440b1 - (arguments - `(#:tests? #f)) (home-page "https://community.kde.org/Frameworks") (synopsis "Default KDE Plasma 5 icon theme") (description "Breeze provides a freedesktop.org compatible icon theme. @@ -340,7 +335,7 @@ It is the default icon theme for the KDE Plasma 5 desktop.") (define-public kapidox (package (name "kapidox") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -349,7 +344,7 @@ It is the default icon theme for the KDE Plasma 5 desktop.") name "-" version ".tar.xz")) (sha256 (base32 - "1whkl9rzhjnnmpj532d23mlrwhp5wcfxfvq4z4bxyr64g9plbzyq")))) + "1z6hdsppwrmqkcanrppxhqcrjvblg9i02rh3bz5m3pn66wwz0sdw")))) (build-system cmake-build-system) (arguments `(#:tests? #f)) ; has no test target @@ -382,7 +377,7 @@ documentation.") (define-public karchive (package (name "karchive") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -391,7 +386,7 @@ documentation.") name "-" version ".tar.xz")) (sha256 (base32 - "1s068z0ih6qk3m4lm10wm28y0nq5qwn4gpnx9vckar51xbrl4bb7")))) + "1dzvphqnc09mmaydqggpxg6zwwyr56p6l4jdf1rf6ns90fzxy0m4")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -416,7 +411,7 @@ GZip format, via a subclass of QIODevice.") (define-public kcodecs (package (name "kcodecs") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -425,7 +420,7 @@ GZip format, via a subclass of QIODevice.") name "-" version ".tar.xz")) (sha256 (base32 - "0r01raiva4iddiz5qqshmbmidgkf4q6illanz6zwmc4n66c6s3q3")))) + "0yybkp52i8nm4qjady6jqswn6v70cqbvjqwgrghjnc88b2cly253")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -451,7 +446,7 @@ Internet).") (define-public kconfig (package (name "kconfig") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -460,7 +455,7 @@ Internet).") name "-" version ".tar.xz")) (sha256 (base32 - "0kdsaqv880wihxv6il8wailmymh0rh0jrbhg8iz2ljf3ir7g56zy")))) + "1pajh1l08b995shp6l75ri9z4vr6wjapvrkmrmv8hksnxvfi97dp")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -518,7 +513,7 @@ propagate their changes to their respective configuration files.") (define-public kcoreaddons (package (name "kcoreaddons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -527,7 +522,7 @@ propagate their changes to their respective configuration files.") name "-" version ".tar.xz")) (sha256 (base32 - "10x2sgd1acsg1kmb741zk8sbss1j9nncfr1ac2pq0fc236ivkiyb")))) + "1n1xzvwwji9pwyxrvwp4rmpc7qzp9nlis26xmn81k607jn587ksx")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -557,7 +552,7 @@ many more.") (define-public kdbusaddons (package (name "kdbusaddons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -566,7 +561,7 @@ many more.") name "-" version ".tar.xz")) (sha256 (base32 - "07mzb1xr8wyiid25p8kg6mjp6vq8ngvv1ikhq75zvd2cbax530c8")) + "1a15jjsrkza0ll2viyk834pgdxsdgdacm0982xxwl5z937f75609")) (patches (search-patches "kdbusaddons-kinit-file-name.patch")))) (build-system cmake-build-system) (native-inputs @@ -602,7 +597,7 @@ as well as an API to create KDED modules.") (define-public kdnssd (package (name "kdnssd") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -611,7 +606,7 @@ as well as an API to create KDED modules.") name "-" version ".tar.xz")) (sha256 (base32 - "1gkqfcz8glfa6krbayaay4kyq3zazcyr21zjg78la76vfnranh0r")))) + "1xakbs2wm627zn01ni8fyrz64xl5jw4by0pdrb70aad7w37dijrw")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -629,7 +624,7 @@ infrastructure.") (define-public kguiaddons (package (name "kguiaddons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -638,7 +633,7 @@ infrastructure.") name "-" version ".tar.xz")) (sha256 (base32 - "1f3k6g8cqgq49ka9wsfflp0vnqgk81nlp012lb5v875yil6f9m3f")))) + "0rbfd0rykmwl9hs1q22pqg2by8vi9y1pgs2ishgnan4sc4w87wjb")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -662,7 +657,7 @@ interfaces in the areas of colors, fonts, text, images, keyboard input.") (define-public ki18n (package (name "ki18n") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -671,7 +666,7 @@ interfaces in the areas of colors, fonts, text, images, keyboard input.") name "-" version ".tar.xz")) (sha256 (base32 - "0ymg8mnpvas101war3pgm3wv8ssf1wxa6mxg9ym1xx24mx7xzhzw")))) + "068xvw2hy4hlpj85wgjjdj0nc37fygpd8wb1dnpqcvzzy8rc1rsf")))) (build-system cmake-build-system) (propagated-inputs `(("gettext" ,gettext-minimal) @@ -705,7 +700,7 @@ translation scripting.") (define-public kidletime (package (name "kidletime") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -714,7 +709,7 @@ translation scripting.") name "-" version ".tar.xz")) (sha256 (base32 - "0cwq8jvsimxriiazivls8yix9jyglk2giqwv34a1ic1cnackhwq7")))) + "0rkxx3bnspjwm4vcy4rdfahk6vcfpkh8fldww0zfdn7s7pigqwch")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -732,7 +727,7 @@ or user activity.") (define-public kitemmodels (package (name "kitemmodels") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -741,7 +736,7 @@ or user activity.") name "-" version ".tar.xz")) (sha256 (base32 - "0zi7wsqcmjd7fms8r2vqvwwvzw75p275qyn6whpgblb09l0pn78z")))) + "0lxld7jdixpq23sycv8n4ckzmdr34aycrsf2zffziw6r59f0mzki")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -793,7 +788,7 @@ model to observers (define-public kitemviews (package (name "kitemviews") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -802,7 +797,7 @@ model to observers name "-" version ".tar.xz")) (sha256 (base32 - "0wrlwawgnz1yjav4hfirc3lcki0hqy0cgr8bwhr9nhm27ndgv28p")))) + "1h1zgawdi4vbgymdl5215lx7hpcx9jqxy7vjf5hwgs6b2cls1sws")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -834,7 +829,7 @@ to flat and hierarchical lists.") (define-public kplotting (package (name "kplotting") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -843,7 +838,7 @@ to flat and hierarchical lists.") name "-" version ".tar.xz")) (sha256 (base32 - "1vmwxj03qhrfnz3jg30ka28afpqg0hlgm46dbzyg86kg8hc2hgb2")))) + "0a0pfmdlx84526lb2jvx94i2pf85km57fm2ygis4z5mjgbzsmb6v")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -872,7 +867,7 @@ pixel units.") (define-public ksyntaxhighlighting (package (name "ksyntaxhighlighting") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -881,11 +876,12 @@ pixel units.") "syntax-highlighting-" version ".tar.xz")) (sha256 (base32 - "0gf1ldlk4gav6bg5b1231hphaal4simyngirvr1yizcb1rrlygdy")))) + "1d9m7x53mwggwmhhba1c7b8v4f8qjql889y674ldpzs2nrk5y7x3")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) ("perl" ,perl) + ("qttools" ,qttools) ;; Optional, for compile-time validation of syntax definition files: ("qtxmlpatterns" ,qtxmlpatterns))) (inputs @@ -923,7 +919,7 @@ integration with a custom editor as well as a ready-to-use (define-public kwayland (package (name "kwayland") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -932,7 +928,7 @@ integration with a custom editor as well as a ready-to-use name "-" version ".tar.xz")) (sha256 (base32 - "0xm4agsv8hyx8aaiv4zpa121s08ayhbps3pbfbds2ckk57k6ba8k")))) + "1kzvq7qx102rfdv975x5sd37lsl6wn0mzm2m1f9fnnn2rvii3h5d")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -962,7 +958,7 @@ represented by a QPoint or a QSize.") (define-public kwidgetsaddons (package (name "kwidgetsaddons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -971,7 +967,7 @@ represented by a QPoint or a QSize.") name "-" version ".tar.xz")) (sha256 (base32 - "1p22s1cbwpwbm03qxs0wqb1i7w1s19b119diwkmb8xl90cqfdwnn")))) + "1aksy326ppdfcx20zl9hxsd8j0br32j6dlx4i1xxbd976csys9b2")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1011,7 +1007,7 @@ configuration pages, message boxes, and password requests.") (define-public kwindowsystem (package (name "kwindowsystem") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1020,7 +1016,7 @@ configuration pages, message boxes, and password requests.") name "-" version ".tar.xz")) (sha256 (base32 - "0lzafiwj58gg5vccnvwrhiwjq67y8cn3gllirgw13vz3f69sbr3i")))) + "1c3kd23c4wwzdhfcyhv41czw3y2kk1492xn6ah9n3r98akrhgar1")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1051,7 +1047,7 @@ lower level classes for interaction with the X Windowing System.") (define-public modemmanager-qt (package (name "modemmanager-qt") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1060,7 +1056,7 @@ lower level classes for interaction with the X Windowing System.") name "-" version ".tar.xz")) (sha256 (base32 - "1yfqqp596srvsi0yqrkpm5gzlwjf4szk6hy0wszr12gjjzqprilq")))) + "0ywyiq1kj4ya5knn0r12j9m1ig9mlyfypnrzihlvipddjrqs7jyd")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1089,7 +1085,7 @@ messages.") (define-public networkmanager-qt (package (name "networkmanager-qt") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1098,7 +1094,12 @@ messages.") name "-" version ".tar.xz")) (sha256 (base32 - "1iq8xrw55k2k9af57l4lfrw72gjxgk7pp7k3m7amjfp0hdqw8602")))) + "0bcy7nzfvx2xah3kxklmrjn08qbjddiny7wf7nkxsbc3kkhrxqyd")) + ;; TODO: Remove these patches when updating to 5.33. + (patches + (search-patches + "networkmanager-qt-activeconnection-test-1.patch" + "networkmanager-qt-activeconnection-test-2.patch")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1128,7 +1129,7 @@ which are used in DBus communication.") (define-public oxygen-icons (package (name "oxygen-icons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1137,7 +1138,7 @@ which are used in DBus communication.") name "5" "-" version ".tar.xz")) (sha256 (base32 - "05bypc4k86lsjp7d4lpbpsnms7k1gnjyahdbks420585ca0v4qkp")))) + "05v3blgs4qbjl8s6470baahy9a98cfi3mplzp462axcgkqdj1nwf")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1153,7 +1154,7 @@ which are used in DBus communication.") (define-public solid (package (name "solid") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1162,7 +1163,7 @@ which are used in DBus communication.") name "-" version ".tar.xz")) (sha256 (base32 - "0g6frc7hckbkvzgq40qrymllgp56a3v39l5d2ajqipwb4kabhdpy")))) + "1jhymivravgix0sa0szkax50j09l5fl55xi3fbyjxlb4cil114v5")))) (build-system cmake-build-system) (native-inputs `(("bison" ,bison) @@ -1182,7 +1183,7 @@ system.") (define-public sonnet (package (name "sonnet") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1191,7 +1192,7 @@ system.") name "-" version ".tar.xz")) (sha256 (base32 - "1vzn3kvi126jnkq2s5110yii8946kaxp452735fx0l0jqjn92dy8")))) + "17sjv48b3z5fgplsy16ilcw6p7mlqjs61ib6jqd1mqzv4xrr27yi")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1208,7 +1209,7 @@ ASpell and HUNSPELL.") (define-public threadweaver (package (name "threadweaver") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1217,7 +1218,7 @@ ASpell and HUNSPELL.") name "-" version ".tar.xz")) (sha256 (base32 - "10hy4pvw84l2z8778gsfv5i8pqrfjidvlgd5rc8xffx65s3f28b5")))) + "1qpy2rzqyd4ap5fibkfk87z66ijh2h79cd7f0h506jh2dbx20g0h")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1238,7 +1239,7 @@ uses a job-based interface to queue tasks and execute them in an efficient way." (define-public kauth (package (name "kauth") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1247,7 +1248,7 @@ uses a job-based interface to queue tasks and execute them in an efficient way." name "-" version ".tar.xz")) (sha256 (base32 - "09m7dipkykw75dbka6mhsvrikbniwshl1l0qxcny3ywc0fkzgf40")))) + "00kdq16n9w6nf1bpwzl5lp5c2xq74g8nn6081kvnjcd4ld66ncmq")))) (build-system cmake-build-system) (native-inputs `(("dbus" ,dbus) @@ -1285,7 +1286,7 @@ utilities.") (define-public kcompletion (package (name "kcompletion") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1294,7 +1295,7 @@ utilities.") name "-" version ".tar.xz")) (sha256 (base32 - "1yrlhf6n7xlkid3xbpirf8n6kybc3sqp5fnb01kr1rcl89qs273f")))) + "0fn8imr3m219r38a0rafbnylcpjq4rqhz1w66mx80sc7l10mhcni")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1322,7 +1323,7 @@ integrated it into your application's other widgets.") (define-public kcrash (package (name "kcrash") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1331,7 +1332,7 @@ integrated it into your application's other widgets.") name "-" version ".tar.xz")) (sha256 (base32 - "0gsly5wvyh0d6yfk5yyv1pgaazwlwvahz245y9sliwzrbxhgj1yv")))) + "1zrkjrpj88ymdy5vbn9db73vxppswvmbn2gkn4gpx773dsmflhz3")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1360,7 +1361,7 @@ application crashes.") (define-public kdoctools (package (name "kdoctools") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1369,7 +1370,7 @@ application crashes.") name "-" version ".tar.xz")) (sha256 (base32 - "1mndmxy7vgdkii8axzkzclqqimg0ksn2dmwiqsljcjcik0zfx47c")))) + "0i7zgg7iw6w0sdr6cv3yf4blcr61i8zczgmyqa964ka6p3ywwjs9")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1408,7 +1409,7 @@ from DocBook files.") (define-public kfilemetadata (package (name "kfilemetadata") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1417,7 +1418,7 @@ from DocBook files.") name "-" version ".tar.xz")) (sha256 (base32 - "0sxifxzyqq0haxfira8ldq9gwali7p5vbbh8jslj8wlxm0dczyw6")))) + "01d91gmrxlax0g13ib841vc4qwmv6r4qdr10wfs77rrxsvw7z08f")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1438,7 +1439,7 @@ by applications to write metadata.") (define-public kimageformats (package (name "kimageformats") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1447,7 +1448,7 @@ by applications to write metadata.") name "-" version ".tar.xz")) (sha256 (base32 - "1h17jm55r9ijmng5mb1w9nqk2hw6h965j9c2nrd8wl9dzy616kra")))) + "05hn8n4sc3rj5c30ki068f76k1gfgvq19zcw5jlqpnn1l5db5fvz")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1475,7 +1476,7 @@ formats.") (define-public kjobwidgets (package (name "kjobwidgets") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1484,7 +1485,7 @@ formats.") name "-" version ".tar.xz")) (sha256 (base32 - "0xh62bjd6qqbmx1jbv9qac1ng0h056mwrs8rkdqd8k10ghmsfx6a")))) + "0lhv3mg2liija0g8x14jpv1mdhb0zjh868p1cs24bs9xrw1l8984")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1503,7 +1504,7 @@ asynchronous jobs.") (define-public knotifications (package (name "knotifications") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1512,7 +1513,7 @@ asynchronous jobs.") name "-" version ".tar.xz")) (sha256 (base32 - "1a55c0abs9yg7qaajgidj8bmfbwkysf24300532lnia71n1ms25s")))) + "06ap7m8c2py49pqrnhadbyl69y3nsyamzahbpwipqgh9k62sy34y")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1546,7 +1547,7 @@ covers feedback and persistent events.") (define-public kpackage (package (name "kpackage") - (version "5.28.1") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1555,7 +1556,7 @@ covers feedback and persistent events.") name "-" version ".tar.xz")) (sha256 (base32 - "0ym5fhhigp7argk7c1zyn2fvfjykgxh3miipidf142c8y3d98vbp")))) + "070zasl5c58n01fk18mjgccfizymc9griwicxizqjgzzbgvkns3r")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1584,7 +1585,7 @@ were traditional plugins.") (define-public kpty (package (name "kpty") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1593,7 +1594,7 @@ were traditional plugins.") name "-" version ".tar.xz")) (sha256 (base32 - "1q22wzx5xpmbj56xg4miiscb1xqqk2lfkljfdi87zl05vwmnc7hn")))) + "0h4318rc9902cvqj69capb8lh7s84y44jd59d11fyhq21jhy152s")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1621,7 +1622,7 @@ and communicating with them using a pty.") (define-public kunitconversion (package (name "kunitconversion") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1630,8 +1631,18 @@ and communicating with them using a pty.") name "-" version ".tar.xz")) (sha256 (base32 - "0n6ndy1yarilnk2l09h92qk32v02hknafif1i9mmwcibldvc963q")))) + "0crc8riwafcx6fwhgrc8vfbwmdygd6vlz1fbbgni09gamm8mbcin")))) (build-system cmake-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'disable-a-failing-test-case + (lambda _ + ;; TODO: Re-enable this test-case. It was committed with the + ;; message: "tsan says it's clean, apart from issues in Qt + ;; (reported upstream)" + (substitute* "autotests/convertertest.cpp" + (("const int numThreads = 2") "const int numThreads = 0"))))))) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) (inputs @@ -1654,7 +1665,7 @@ gallons).") (define-public baloo (package (name "baloo") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1663,7 +1674,7 @@ gallons).") name "-" version ".tar.xz")) (sha256 (base32 - "071in785y1qplm59fmsmifzbmczvlvkf5gxdb6d0iw93pb36r7h5")))) + "0a4qwinkp4gmcbx4j0qxbj5qb40h7594s39za7sc7bymadicasy1")))) (build-system cmake-build-system) (propagated-inputs `(("kcoreaddons" ,kcoreaddons) @@ -1712,7 +1723,7 @@ maintaining an index of the contents of your files.") (define-public kactivities (package (name "kactivities") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1721,7 +1732,7 @@ maintaining an index of the contents of your files.") name "-" version ".tar.xz")) (sha256 (base32 - "162ilqcfp8b3lb3gpzbw94ppsdqzn6i6ymiwh12xy5nrxixdpagb")))) + "0xin4shaj0zsfsww84mwk5n4ldaqy730jhc369px2j2nq57sg9g7")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1759,7 +1770,7 @@ with other frameworks.") (define-public kactivities-stats (package (name "kactivities-stats") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1768,7 +1779,7 @@ with other frameworks.") name "-" version ".tar.xz")) (sha256 (base32 - "0pjgjl5bwmq0n23nwcqjp3b412fsibnvwsr3s3l67k9scmdpbm4v")))) + "1b3z7bcap3vjc0155y0a9xkbd477fklmpj8dr3rs0ccyc6qxxbvw")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1789,7 +1800,7 @@ by which applications, and what documents have been linked to which activity.") (define-public kbookmarks (package (name "kbookmarks") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1798,7 +1809,7 @@ by which applications, and what documents have been linked to which activity.") name "-" version ".tar.xz")) (sha256 (base32 - "1lfvps0xzpzn42n7rpsdcmsiryclykz6h1hk8sp6nsbhqwzd0r65")))) + "03a024phcjv46afbp5lbmj2p8hb6srfzyaslc6ln6ms473bf5k4w")))) (build-system cmake-build-system) (propagated-inputs `(("kwidgetsaddons" ,kwidgetsaddons))) @@ -1832,7 +1843,7 @@ using the XBEL format.") (define-public kcmutils (package (name "kcmutils") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1841,7 +1852,7 @@ using the XBEL format.") name "-" version ".tar.xz")) (sha256 (base32 - "0wj3f5ykzb7q9536y9wk8mnfcb6zay2mmc25dg67mdznzwdy36aa")))) + "1mr9h7wc22bfrbm92ajsjfcs16c5xpkrxbxzcma3a0s7jhy6qrm9")))) (build-system cmake-build-system) (propagated-inputs `(("kconfigwidgets" ,kconfigwidgets) @@ -1871,7 +1882,7 @@ KCModules can be created with the KConfigWidgets framework.") (define-public kconfigwidgets (package (name "kconfigwidgets") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1880,7 +1891,7 @@ KCModules can be created with the KConfigWidgets framework.") name "-" version ".tar.xz")) (sha256 (base32 - "0cy53jaq15n8hw2m67l0y6x722ywg0ijfz5ak5vq3fjjhc9fmq8d")))) + "1cq0a3k6pvl9f098ssqqk2rddxh0xn1kk4p5kfyd7w0m3c604zw3")))) (build-system cmake-build-system) (propagated-inputs `(("kauth" ,kauth) @@ -1913,7 +1924,7 @@ their settings.") (define-public kdeclarative (package (name "kdeclarative") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1922,7 +1933,7 @@ their settings.") name "-" version ".tar.xz")) (sha256 (base32 - "1g7bf3smdiwgfhdzwskp3l7l4bn838q1cdy4hp9mzqdssz956wmn")))) + "1y5g3yi1l0g1mkqhhakg265r25zm23qc2fqg55rq0g7l9ss7w7g9")))) (build-system cmake-build-system) (propagated-inputs `(("kconfig" ,kconfig) @@ -1973,7 +1984,7 @@ that offer bindings to some of the Frameworks.") (define-public kded (package (name "kded") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -1982,7 +1993,7 @@ that offer bindings to some of the Frameworks.") name "-" version ".tar.xz")) (sha256 (base32 - "115ywk3vdyhwzna59bpiqfffcc128vafl823yh5fzkwbp8w7qdn5")))) + "0pmmsvqwkw86yvxxf9i6lg13vg80m0kmhjjs88lbm60cgvr5jhq6")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2006,7 +2017,7 @@ started on demand.") (define-public kdesignerplugin (package (name "kdesignerplugin") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2015,7 +2026,7 @@ started on demand.") name "-" version ".tar.xz")) (sha256 (base32 - "12v9pbfniljp23bllxxq6hfv6qnp2q8yjsix6fy6hwf8yrsq42m3")))) + "1hapj8x8nky3m6lx2ianmxwprf00jqyjsknjz3pi4vk3i714vhnf")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -2044,7 +2055,7 @@ ini-style description files.") (define-public kdesu (package (name "kdesu") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2053,7 +2064,7 @@ ini-style description files.") name "-" version ".tar.xz")) (sha256 (base32 - "1f6awbnqs14si13n1ryibb0z3mj90bg0vk320hgabd2zxma00vwp")))) + "0zsy1hivy5bbczrpkpgj72mlx0km2nm53kpgrj2hfdy3ss0vn3hl")))) (build-system cmake-build-system) (propagated-inputs `(("kpty" ,kpty))) @@ -2075,7 +2086,7 @@ with su and ssh respectively.") (define-public kemoticons (package (name "kemoticons") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2084,7 +2095,7 @@ with su and ssh respectively.") name "-" version ".tar.xz")) (sha256 (base32 - "10qxm9q7bsbbg419f8d0703mikd8w99a8fh501fpm3sgh6k7pbyv")))) + "1ncjs9iy6z6rhk83ff7fj1b68rkylnry0h698rh4jvs98gpw8sgj")))) (build-system cmake-build-system) (propagated-inputs `(("kservice" ,kservice))) @@ -2117,7 +2128,7 @@ emoticons coming from different providers.") (define-public kglobalaccel (package (name "kglobalaccel") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2126,7 +2137,7 @@ emoticons coming from different providers.") name "-" version ".tar.xz")) (sha256 (base32 - "0a60f2bs7dhx0rsrgva2p97dcala6jrjfg4z2nv0m4bv82i4kchc")))) + "0dxwjznnqlgnvn15pl34rxlzk3i21cvzn8xbgqmxakny8qiib9ry")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -2160,7 +2171,7 @@ window does not need focus for them to be activated.") (define-public kiconthemes (package (name "kiconthemes") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2169,7 +2180,7 @@ window does not need focus for them to be activated.") name "-" version ".tar.xz")) (sha256 (base32 - "1i5cpsqfn1vcch8izbrgig2km580gdxf02qmib4ynbwzcfvrnbqc")))) + "00azbyk5y3jgdqv03a2nd0627kdkhq1bkghvw7w62kcnih9k8lq5")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -2209,7 +2220,7 @@ in applications using the KDE Frameworks.") (define-public kinit (package (name "kinit") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2218,7 +2229,7 @@ in applications using the KDE Frameworks.") name "-" version ".tar.xz")) (sha256 (base32 - "0hwa4anljh5v53gswziacwr6ryvhp136k6y85d10074lrckdr912")))) + "0103lflppdw55l9xiqs68lzaq9897m5qnkmy6fp7dm9wfh9aplqn")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2253,17 +2264,16 @@ makes starting KDE applications faster and reduces memory consumption.") (define-public kio (package (name "kio") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append "mirror://kde/stable/frameworks/" (version-major+minor version) "/" name "-" version ".tar.xz")) - (patches (search-patches "kio-CVE-2017-6410.patch")) (sha256 (base32 - "1hqc88c2idi9fkb7jy82csb0i740lghv0p2fg1gaglcarjdz7nia")))) + "19da02l0aj0l07x9bbklhvx9slci3v1d8q80jvam4vyzs4qdyjin")))) (build-system cmake-build-system) (propagated-inputs `(("kbookmarks" ,kbookmarks) @@ -2328,7 +2338,7 @@ KIO enabled infrastructure.") (define-public knewstuff (package (name "knewstuff") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2337,7 +2347,7 @@ KIO enabled infrastructure.") name "-" version ".tar.xz")) (sha256 (base32 - "0p5a6zprqfnhiim0l0qigjy7kky0m4w2nykhllwvr6lda1rg8qs3")))) + "1i3ldy9wwnjhpgdd2d0bg4304k88riin89zqzdl52lpqa6hjl3fp")))) (build-system cmake-build-system) (propagated-inputs `(("attica" ,attica) @@ -2362,6 +2372,7 @@ KIO enabled infrastructure.") ("ktextwidgets" ,ktextwidgets) ("kwidgetsaddons" ,kwidgetsaddons) ("qtbase" ,qtbase) + ("qtdeclarative" ,qtdeclarative) ("solid" ,solid) ("sonnet" ,sonnet))) (arguments @@ -2385,7 +2396,7 @@ specification.") (define-public knotifyconfig (package (name "knotifyconfig") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2394,7 +2405,7 @@ specification.") name "-" version ".tar.xz")) (sha256 (base32 - "0riia9lvp33lqh8ld5r1r0adnfnxikbvmdi4k7kfc4pzra93h10f")))) + "14qc6wj4j5i45vzqsvl2wlc07c6x30hb2680gwfqsvwgiaszkzv4")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2427,7 +2438,7 @@ notifications which can be embedded in your application.") (define-public kparts (package (name "kparts") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2436,7 +2447,7 @@ notifications which can be embedded in your application.") name "-" version ".tar.xz")) (sha256 (base32 - "1jghgddgz0ghq6n51l1i6jc1s10g0ckda5nlwh4myziv229g9pik")))) + "0hrx0mdvw301nbdyw5fkvgkw60ya6kmfw6hfzmj48bws8mi33rs5")))) (build-system cmake-build-system) (propagated-inputs `(("kio" ,kio) @@ -2478,7 +2489,7 @@ widgets with a user-interface defined in terms of actions.") (define-public kpeople (package (name "kpeople") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2487,7 +2498,7 @@ widgets with a user-interface defined in terms of actions.") name "-" version ".tar.xz")) (sha256 (base32 - "0dqz6varz3nrnp8jfysdsp2r2mm46hn3vfcqcyyqk3nmv6sd9mpp")))) + "1xqi8zr76hajgyv016iaqlmnr5b84s71fbx412q153g92jglp4mk")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2522,7 +2533,7 @@ to easily extend the contacts collection.") (define-public krunner (package (name "krunner") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2531,7 +2542,7 @@ to easily extend the contacts collection.") name "-" version ".tar.xz")) (sha256 (base32 - "1mmbrpgw090z41l2vg350hmm3ya2qkfkjmq7v5d90jpb7z7y6pr9")))) + "1k4rg9vqr6h5aj7v51fx3i5z9kxlfpacahs81hkwksi6if8ik4kr")))) (build-system cmake-build-system) (propagated-inputs `(("plasma-framework" ,plasma-framework))) @@ -2578,7 +2589,7 @@ typed.") (define-public kservice (package (name "kservice") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2587,7 +2598,7 @@ typed.") name "-" version ".tar.xz")) (sha256 (base32 - "0mlc3vw0vq1rwcg803dsybzlwxj1n6hg13z9sg0h28wsbyss3l4l")))) + "02xk3ajspprmx964zhwh2l3axm4gns9h0m0pvcb1v5j8pfh9v70q")))) (build-system cmake-build-system) (propagated-inputs `(("kconfig" ,kconfig) @@ -2624,7 +2635,7 @@ types or handled by application specific code.") (define-public ktexteditor (package (name "ktexteditor") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2633,7 +2644,7 @@ types or handled by application specific code.") name "-" version ".tar.xz")) (sha256 (base32 - "1sl152xasbhgpph4f6apkc54b26smgxbd3cxbvch2hfi5cxgb8fq")))) + "1sybw8k3f36mcs5qh3b51v7ynbqn4pbiiabkyxfmyi82i09m2jgw")))) (build-system cmake-build-system) (propagated-inputs `(("kparts" ,kparts))) @@ -2655,6 +2666,7 @@ types or handled by application specific code.") ("ki18n" ,ki18n) ("kjobwidgets" ,kjobwidgets) ("kservice" ,kservice) + ("ksyntaxhighlighting" ,ksyntaxhighlighting) ("ktextwidgets" ,ktextwidgets) ("kwidgetsaddons" ,kwidgetsaddons) ("kxmlgui" ,kxmlgui) @@ -2692,7 +2704,7 @@ library.") (define-public ktextwidgets (package (name "ktextwidgets") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2701,7 +2713,7 @@ library.") name "-" version ".tar.xz")) (sha256 (base32 - "0gwjb0isjfrqd15lvln6bwql1lpk2r1vp5f72zxygz2ay8ar1wxp")))) + "1s2fd4n4hfkzscxv0cdfjynjzi1f57pfi9a3fp6rrm5c5645zk7r")))) (build-system cmake-build-system) (propagated-inputs `(("ki18n" ,ki18n) @@ -2738,7 +2750,7 @@ It supports rich text as well as plain text.") (define-public kwallet (package (name "kwallet") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2747,7 +2759,7 @@ It supports rich text as well as plain text.") name "-" version ".tar.xz")) (sha256 (base32 - "0n25mvjwy3sv5bg2x75psz6d6f8yl53j3wfmx9ayh57jk4rq24rm")))) + "0psc4n6lck9gbx2nn7mgv33x4z2r0xp1mx1xcsgy8smvalrfv5xa")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2779,7 +2791,7 @@ the passwords on KDE work spaces.") (define-public kxmlgui (package (name "kxmlgui") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2788,7 +2800,7 @@ the passwords on KDE work spaces.") name "-" version ".tar.xz")) (sha256 (base32 - "0plw6fckpssgwf18f5i4vhfp55jmdvfh2rc5lg8fwmlqgqkvrbac")))) + "1pxi4z7z3bzwcnfwq0pvjsmds401fkisyr353lyxf4rvcpwj3a65")))) (build-system cmake-build-system) (propagated-inputs `(("kconfig" ,kconfig) @@ -2832,7 +2844,7 @@ descriptions for integrating actions from plugins.") (define-public kxmlrpcclient (package (name "kxmlrpcclient") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2841,7 +2853,7 @@ descriptions for integrating actions from plugins.") name "-" version ".tar.xz")) (sha256 (base32 - "1xrdh5ipldahcv0pxp7dnzjz1ihnkg4r2hpylg6bwvq81clw8xd1")))) + "1kaczibdfdph5mpg1dldsmqb1six57w7ch3v0v7av5h6j6sx0xaq")))) (build-system cmake-build-system) (propagated-inputs `(("kio" ,kio))) @@ -2875,7 +2887,7 @@ setUrl, setUserAgent and call.") (define-public plasma-framework (package (name "plasma-framework") - (version "5.28.0") + (version "5.32.0") (source (origin (method url-fetch) (uri (string-append @@ -2884,7 +2896,7 @@ setUrl, setUserAgent and call.") name "-" version ".tar.xz")) (sha256 (base32 - "0j4mfd8wzrspvyy281lww981fly2rkbhnixb9b0pj5k9i8gvkh7q")))) + "1hrnmilc30d1kh20cky329i5ji3qyy7m4f8jzax5cgl7nrjca31h")))) (build-system cmake-build-system) (propagated-inputs `(("kpackage" ,kpackage) diff --git a/gnu/packages/patches/kio-CVE-2017-6410.patch b/gnu/packages/patches/kio-CVE-2017-6410.patch deleted file mode 100644 index 748636f806..0000000000 --- a/gnu/packages/patches/kio-CVE-2017-6410.patch +++ /dev/null @@ -1,53 +0,0 @@ -Fix CVE-2017-6410, "Information Leak when accessing https when using a -malicious PAC file": - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410 -https://www.kde.org/info/security/advisory-20170228-1.txt - -Patch copied from upstream source repository: - -https://cgit.kde.org/kio.git/commit/?id=f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 - -From f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid -Date: Tue, 28 Feb 2017 19:00:48 +0100 -Subject: Sanitize URLs before passing them to FindProxyForURL - -Remove user/password information -For https: remove path and query - -Thanks to safebreach.com for reporting the problem - -CCMAIL: yoni.fridburg@safebreach.com -CCMAIL: amit.klein@safebreach.com -CCMAIL: itzik.kotler@safebreach.com ---- - src/kpac/script.cpp | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/src/kpac/script.cpp b/src/kpac/script.cpp -index a0235f7..2485c54 100644 ---- a/src/kpac/script.cpp -+++ b/src/kpac/script.cpp -@@ -754,9 +754,16 @@ QString Script::evaluate(const QUrl &url) - } - } - -+ QUrl cleanUrl = url; -+ cleanUrl.setUserInfo(QString()); -+ if (cleanUrl.scheme() == QLatin1String("https")) { -+ cleanUrl.setPath(QString()); -+ cleanUrl.setQuery(QString()); -+ } -+ - QScriptValueList args; -- args << url.url(); -- args << url.host(); -+ args << cleanUrl.url(); -+ args << cleanUrl.host(); - - QScriptValue result = func.call(QScriptValue(), args); - if (result.isError()) { --- -cgit v0.11.2 - diff --git a/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch b/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch new file mode 100644 index 0000000000..2dd39294ea --- /dev/null +++ b/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch @@ -0,0 +1,60 @@ +From 61337983ba74361938b7d5323de5d2819a235fdc Mon Sep 17 00:00:00 2001 +From: Jan Grulich +Date: Mon, 3 Apr 2017 12:53:12 +0200 +Subject: Fix unit test for active connections + +Instead of sending PropertiesChanged signal for an active connection we +added recently we should set all properties initially and just advertise +that we have a new active connection once everything is set +--- + src/fakenetwork/fakenetwork.cpp | 26 +++++++------------------- + 1 file changed, 7 insertions(+), 19 deletions(-) + +diff --git a/src/fakenetwork/fakenetwork.cpp b/src/fakenetwork/fakenetwork.cpp +index bc1144e..261fe8e 100644 +--- a/src/fakenetwork/fakenetwork.cpp ++++ b/src/fakenetwork/fakenetwork.cpp +@@ -215,8 +215,14 @@ void FakeNetwork::unregisterService() + + QDBusObjectPath FakeNetwork::ActivateConnection(const QDBusObjectPath &connection, const QDBusObjectPath &device, const QDBusObjectPath &specific_object) + { +- ActiveConnection *newActiveConnection = new ActiveConnection(this); + QString newActiveConnectionPath = QString("/org/kde/fakenetwork/ActiveConnection/") + QString::number(m_activeConnectionsCounter++); ++ ActiveConnection *newActiveConnection = new ActiveConnection(this); ++ newActiveConnection->addDevice(device); ++ newActiveConnection->setActiveConnectionPath(newActiveConnectionPath); ++ newActiveConnection->setConnection(connection); ++ newActiveConnection->setSpecificObject(specific_object); ++ newActiveConnection->setState(NetworkManager::ActiveConnection::Activating); ++ + m_activeConnections.insert(QDBusObjectPath(newActiveConnectionPath), newActiveConnection); + QDBusConnection::sessionBus().registerObject(newActiveConnectionPath, newActiveConnection, QDBusConnection::ExportScriptableContents); + +@@ -227,24 +233,6 @@ QDBusObjectPath FakeNetwork::ActivateConnection(const QDBusObjectPath &connectio + map.insert(QLatin1Literal("ActivatingConnection"), QVariant::fromValue(QDBusObjectPath(newActiveConnectionPath))); + Q_EMIT PropertiesChanged(map); + +- newActiveConnection->addDevice(device); +- newActiveConnection->setActiveConnectionPath(newActiveConnectionPath); +- newActiveConnection->setConnection(connection); +- newActiveConnection->setSpecificObject(specific_object); +- newActiveConnection->setState(NetworkManager::ActiveConnection::Activating); +- +- map.clear(); +- const QList deviceList { device }; +- map.insert(QLatin1Literal("Devices"), QVariant::fromValue >(deviceList)); +- map.insert(QLatin1Literal("Connection"), QVariant::fromValue(connection)); +- if (!specific_object.path().isEmpty()) { +- map.insert(QLatin1Literal("SpecificObject"), QVariant::fromValue(connection)); +- } +- map.insert(QLatin1Literal("State"), NetworkManager::ActiveConnection::Activating); +- QDBusMessage message = QDBusMessage::createSignal(newActiveConnectionPath, QLatin1Literal("org.kde.fakenetwork.Connection.Active"), QLatin1Literal("PropertiesChanged")); +- message << map; +- QDBusConnection::sessionBus().send(message); +- + Device *usedDevice = static_cast(QDBusConnection::sessionBus().objectRegisteredAt(device.path())); + if (usedDevice) { + m_activatedDevice = usedDevice->devicePath(); +-- +cgit v0.11.2 + diff --git a/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch b/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch new file mode 100644 index 0000000000..af3cdff729 --- /dev/null +++ b/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch @@ -0,0 +1,57 @@ +From 3f6155389abc8e2b3dafc5eefa1ce0c929b007fa Mon Sep 17 00:00:00 2001 +From: Jan Grulich +Date: Mon, 3 Apr 2017 14:13:54 +0200 +Subject: One more attempt to fix unit test for active connections + +--- + src/activeconnection.cpp | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/activeconnection.cpp b/src/activeconnection.cpp +index 05582fa..3a8e6b2 100644 +--- a/src/activeconnection.cpp ++++ b/src/activeconnection.cpp +@@ -79,11 +79,13 @@ NetworkManager::ActiveConnection::ActiveConnection(const QString &path, QObject + connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged); + #endif + ++#ifndef NMQT_STATIC + /* + * Workaround: Re-check connection state before we watch changes in case it gets changed too quickly + * BUG:352326 + */ + d->recheckProperties(); ++#endif + } + + NetworkManager::ActiveConnection::ActiveConnection(ActiveConnectionPrivate &dd, QObject *parent) +@@ -91,18 +93,26 @@ NetworkManager::ActiveConnection::ActiveConnection(ActiveConnectionPrivate &dd, + { + Q_D(ActiveConnection); + ++#ifndef NMQT_STATIC + #if NM_CHECK_VERSION(1, 4, 0) + QDBusConnection::systemBus().connect(NetworkManagerPrivate::DBUS_SERVICE, d->path, NetworkManagerPrivate::FDO_DBUS_PROPERTIES, + QLatin1String("PropertiesChanged"), d, SLOT(dbusPropertiesChanged(QString,QVariantMap,QStringList))); + #else + connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged); + #endif ++#endif ++ ++#ifdef NMQT_STATIC ++ connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged); ++#endif + ++#ifndef NMQT_STATIC + /* + * Workaround: Re-check connection state before we watch changes in case it gets changed too quickly + * BUG:352326 + */ + d->recheckProperties(); ++#endif + } + + NetworkManager::ActiveConnection::~ActiveConnection() +-- +cgit v0.11.2 + -- cgit v1.2.3 From 4d6ce834bb32aedc0ecd52e67ab3f96603f54d31 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Wed, 12 Apr 2017 14:20:30 +0200 Subject: gnu: dovecot: Update to 2.2.29.1. * gnu/packages/mail.scm (dovecot): Update to 2.2.29.1. [source]: Remove 'dovecot-fix-failing-test.patch'. * gnu/packages/patches/dovecot-fix-failing-test.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/mail.scm | 8 +- .../patches/dovecot-fix-failing-test.patch | 118 --------------------- 3 files changed, 3 insertions(+), 124 deletions(-) delete mode 100644 gnu/packages/patches/dovecot-fix-failing-test.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 98dffff648..0f3b4bd7a8 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -539,7 +539,6 @@ dist_patch_DATA = \ %D%/packages/patches/diffutils-gets-undeclared.patch \ %D%/packages/patches/doc++-include-directives.patch \ %D%/packages/patches/doc++-segfault-fix.patch \ - %D%/packages/patches/dovecot-fix-failing-test.patch \ %D%/packages/patches/doxygen-test.patch \ %D%/packages/patches/elfutils-tests-ptrace.patch \ %D%/packages/patches/elixir-disable-failing-tests.patch \ diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 1a6c505efd..255837198b 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1086,17 +1086,15 @@ facilities for checking incoming mail.") (define-public dovecot (package (name "dovecot") - (version "2.2.29") + (version "2.2.29.1") (source (origin (method url-fetch) (uri (string-append "https://www.dovecot.org/releases/" (version-major+minor version) "/" name "-" version ".tar.gz")) - (patches (search-patches "dovecot-fix-failing-test.patch")) - (sha256 - (base32 - "19irf7b5mjqq68mrpdd38gxc0zp2nqib942kjp3aif3f2acylffr")))) + (sha256 (base32 + "127kn3fgmahw9fvgz2w3zaghq98ip4j8640wqa3rw7mrgvxrzync")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/patches/dovecot-fix-failing-test.patch b/gnu/packages/patches/dovecot-fix-failing-test.patch deleted file mode 100644 index 343bab03f9..0000000000 --- a/gnu/packages/patches/dovecot-fix-failing-test.patch +++ /dev/null @@ -1,118 +0,0 @@ -This patch fixes a test failure in dovecot 2.2.29, like this [0]: - ------- -Making check in lib-imap-client -make[2]: Entering directory -`/builddir/build/BUILD/dovecot-2.2.29/src/lib-imap-client' -for bin in test-imapc-client; do \ - if ! ./$bin; then exit 1; fi; \ - done -Warning: imapc(127.0.0.1:0): connect(127.0.0.1, 0) failed: Connection -refused - reconnecting (delay 10 ms) -Error: imapc(127.0.0.1:0): connect(127.0.0.1, 0) failed: Connection -refused - disconnecting -test: random seed #1 was 1492054294 -imapc connect failed ................................................. : ok -Warning: imapc(127.0.0.1:42704): connect(127.0.0.1, 42704) timed out -after 0 seconds - reconnecting (delay 0 ms) -Error: imapc(127.0.0.1:42704): connect(127.0.0.1, 42704) timed out after -0 seconds - disconnecting -imapc banner hangs ................................................... : ok -Warning: imapc(127.0.0.1:36762): Authentication timed out after 0 -seconds - reconnecting (delay 0 ms) -Error: imapc(127.0.0.1:36762): Authentication failed: Disconnected from -server -imapc login hangs .................................................... : ok -test-imapc-client.c:358: Assert failed: test_imapc_cmd_last_reply_pop() -== IMAPC_COMMAND_STATE_OK -imapc reconnect ...................................................... : -FAILED -imapc reconnect resend commands ...................................... : ok -imapc reconnect resend commands failed ............................... : ok -imapc reconnect mailbox .............................................. : ok -1 / 7 tests failed ------- - -Patch copied from upstream source repository: - -https://github.com/dovecot/core/commit/3a1c64363a64cdfe9153eb6292d8923f38955d82 - -[0] -https://dovecot.org/pipermail/dovecot/2017-April/107751.html - -From 3a1c64363a64cdfe9153eb6292d8923f38955d82 Mon Sep 17 00:00:00 2001 -From: Timo Sirainen -Date: Mon, 10 Apr 2017 17:07:28 +0300 -Subject: [PATCH] lib-imap-client: Fix reconnection - -There was already code for reconnection. We just shouldn't have gone very -far in imapc_connection_connect() if we were still waiting for reconnection -delay to pass. ---- - src/lib-imap-client/imapc-connection.c | 25 +++++++++---------------- - 1 file changed, 9 insertions(+), 16 deletions(-) - -diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c -index 95067e6..6eaf1ab 100644 ---- a/src/lib-imap-client/imapc-connection.c -+++ b/src/lib-imap-client/imapc-connection.c -@@ -130,6 +130,7 @@ struct imapc_connection { - struct timeout *to_throttle, *to_throttle_shrink; - - unsigned int reconnecting:1; -+ unsigned int reconnect_waiting:1; - unsigned int reconnect_ok:1; - unsigned int idling:1; - unsigned int idle_stopping:1; -@@ -504,6 +505,7 @@ static bool imapc_connection_can_reconnect(struct imapc_connection *conn) - static void imapc_connection_reconnect(struct imapc_connection *conn) - { - conn->reconnect_ok = FALSE; -+ conn->reconnect_waiting = FALSE; - - if (conn->selected_box != NULL) - imapc_client_mailbox_reconnect(conn->selected_box); -@@ -536,6 +538,7 @@ imapc_connection_try_reconnect(struct imapc_connection *conn, - imapc_connection_disconnect_full(conn, TRUE); - conn->to = timeout_add(delay_msecs, imapc_connection_reconnect, conn); - conn->reconnect_count++; -+ conn->reconnect_waiting = TRUE; - } - } - } -@@ -1785,6 +1788,12 @@ void imapc_connection_connect(struct imapc_connection *conn) - - if (conn->fd != -1 || conn->dns_lookup != NULL) - return; -+ if (conn->reconnect_waiting) { -+ /* wait for the reconnection delay to finish before -+ doing anything. */ -+ return; -+ } -+ - conn->reconnecting = FALSE; - /* if we get disconnected before we've finished all the pending - commands, don't reconnect */ -@@ -1792,22 +1801,6 @@ void imapc_connection_connect(struct imapc_connection *conn) - array_count(&conn->cmd_send_queue); - - imapc_connection_input_reset(conn); -- -- int msecs_since_last_connect = -- timeval_diff_msecs(&ioloop_timeval, &conn->last_connect); -- if (!conn->reconnect_ok && -- msecs_since_last_connect < (int)conn->client->set.connect_retry_interval_msecs) { -- if (conn->to != NULL) -- timeout_remove(&conn->to); -- conn->reconnecting = TRUE; -- imapc_connection_set_disconnected(conn); -- /* don't wait longer than necessary */ -- unsigned int delay_msecs = -- conn->client->set.connect_retry_interval_msecs - -- msecs_since_last_connect; -- conn->to = timeout_add(delay_msecs, imapc_connection_reconnect, conn); -- return; -- } - conn->last_connect = ioloop_timeval; - - if (conn->client->set.debug) { -- cgit v1.2.3 From bd71525b7ad1bb4f6896793ca7f6283e178b3a06 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 12 Apr 2017 11:28:01 +0200 Subject: gnu: Add kiki. * gnu/packages/games.scm (kiki): New variable. * gnu/packages/patches/kiki-level-selection-crash.patch, gnu/packages/patches/kiki-makefile.patch, gnu/packages/patches/kiki-missing-includes.patch, gnu/packages/patches/kiki-portability-64bit.patch: New patches. * gnu/local.mk (dist_patch_DATA): Add them. --- gnu/local.mk | 4 + gnu/packages/games.scm | 97 ++++++ .../patches/kiki-level-selection-crash.patch | 19 ++ gnu/packages/patches/kiki-makefile.patch | 57 ++++ gnu/packages/patches/kiki-missing-includes.patch | 55 ++++ gnu/packages/patches/kiki-portability-64bit.patch | 328 +++++++++++++++++++++ 6 files changed, 560 insertions(+) create mode 100644 gnu/packages/patches/kiki-level-selection-crash.patch create mode 100644 gnu/packages/patches/kiki-makefile.patch create mode 100644 gnu/packages/patches/kiki-missing-includes.patch create mode 100644 gnu/packages/patches/kiki-portability-64bit.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 0f3b4bd7a8..9385b3df94 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -666,6 +666,10 @@ dist_patch_DATA = \ %D%/packages/patches/jq-CVE-2015-8863.patch \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/khmer-use-libraries.patch \ + %D%/packages/patches/kiki-level-selection-crash.patch \ + %D%/packages/patches/kiki-makefile.patch \ + %D%/packages/patches/kiki-missing-includes.patch \ + %D%/packages/patches/kiki-portability-64bit.patch \ %D%/packages/patches/kmod-module-directory.patch \ %D%/packages/patches/kobodeluxe-paths.patch \ %D%/packages/patches/kobodeluxe-enemies-pipe-decl.patch \ diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 71f35e2fef..710b2746c9 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -89,6 +89,7 @@ #:use-module (gnu packages pkg-config) #:use-module (gnu packages databases) #:use-module (gnu packages sdl) + #:use-module (gnu packages swig) #:use-module (gnu packages texinfo) #:use-module (gnu packages check) #:use-module (gnu packages fonts) @@ -3552,3 +3553,99 @@ over 100 user-created campaigns.") license:cc0 license:cc-by3.0 license:cc-by-sa3.0)))) + +(define-public kiki + (package + (name "kiki") + (version "1.0.2") + (source (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/kiki/kiki-src/" + version "/kiki-" version "-src.tgz")) + (sha256 + (base32 + "0ihjdsxbn8z3cz0gpcprafiipcqaiskgdnh1rhmw4qff8dszalbn")) + (modules '((guix build utils))) + (snippet + '(begin + (for-each delete-file (find-files "." "\\.dll$")) + #t)) + (patches + (search-patches "kiki-level-selection-crash.patch" + "kiki-makefile.patch" + "kiki-missing-includes.patch" + "kiki-portability-64bit.patch")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; there are no tests + #:make-flags '("CXX=g++") + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key inputs outputs #:allow-other-keys) + (setenv "CPLUS_INCLUDE_PATH" + (string-append (assoc-ref inputs "sdl-union") + "/include/SDL:" + (assoc-ref inputs "python") + "/include/python2.7:" + (getenv "CPLUS_INCLUDE_PATH"))) + (substitute* "src/main/main.cpp" + (("#include " line) + (string-append line " +#define K_INCLUDE_GLUT +#include \"KIncludeTools.h\"")) + (("// initialize SDL" line) + (string-append "glutInit(&argc,argv);\n" line))) + (substitute* "src/main/KikiController.cpp" + (("getenv\\(\"KIKI_HOME\"\\)") + (string-append "\"" (assoc-ref outputs "out") "/share/kiki/\""))) + (substitute* "linux/Makefile" + (("CXXOPTS =" line) + (string-append line " -fpermissive")) + (("PYTHON_VERSION=.*") "PYTHON_VERSION=2.7") + (("PYTHONHOME =.*") + (string-append "PYTHONHOME = " + (assoc-ref inputs "python") + "/lib/python2.7/")) + (("\\$\\(GLLIBS\\)" line) + (string-append line " -lm -lpython2.7"))) + (substitute* "src/main/KikiPythonWidget.h" + (("#define __KikiPythonWidget" line) + (string-append line "\n#include \"KikiPython.h\""))) + #t)) + (add-before 'build 'build-kodilib + (lambda* (#:key make-flags #:allow-other-keys) + (with-directory-excursion "kodilib/linux" + (zero? (apply system* "make" make-flags))))) + (add-after 'build-kodilib 'chdir + (lambda _ (chdir "linux") #t)) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (share (string-append out "/share/kiki"))) + (mkdir-p bin) + (mkdir-p share) + (install-file "kiki" bin) + (copy-recursively "../py" (string-append share "/py")) + (copy-recursively "../sound" (string-append share "/sound")) + #t)))))) + (inputs + `(("glu" ,glu) + ;; Kiki builds fine with freeglut 3.0.0 but segfaults on start. + ("freeglut" ,freeglut-2.8) + ("sdl-union" ,(sdl-union (list sdl + sdl-mixer + sdl-image))) + ("python" ,python-2))) + (native-inputs + `(("swig" ,swig))) + (home-page "http://kiki.sourceforge.net/") + (synopsis "3D puzzle game") + (description "Kiki the nano bot is a 3D puzzle game. It is basically a +mixture of the games Sokoban and Kula-World. Your task is to help Kiki, a +small robot living in the nano world, repair its maker.") + ;; See + ;; for a statement from the author. + (license license:public-domain))) diff --git a/gnu/packages/patches/kiki-level-selection-crash.patch b/gnu/packages/patches/kiki-level-selection-crash.patch new file mode 100644 index 0000000000..8cc6478509 --- /dev/null +++ b/gnu/packages/patches/kiki-level-selection-crash.patch @@ -0,0 +1,19 @@ +Downloaded from https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/level-selection-with-no-levels-solved.patch?revision=8291&view=co + +Kiki crashes if the user tries to use the level selection menu before +finishing any level. + +Peter De Wachter (pdewacht@gmail.com) +placed in the public domain + +--- a/py/levelselection.py ++++ b/py/levelselection.py +@@ -25,6 +25,8 @@ + # ............................................................................................................ + + last_level = highscore.getLastAvailableLevel() ++ if last_level < 0: ++ last_level = 0 + current_level = (level_index >= 0) and level_index or last_level + + world.max_level_index = last_level diff --git a/gnu/packages/patches/kiki-makefile.patch b/gnu/packages/patches/kiki-makefile.patch new file mode 100644 index 0000000000..7329301f2c --- /dev/null +++ b/gnu/packages/patches/kiki-makefile.patch @@ -0,0 +1,57 @@ +Downloaded from https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/Makefile.patch?revision=15681&view=co + +Makefile fixes: + - Make CXXFLAGS, CPPFLAGS, LDFLAGS available for user-specified flags. + - run SWIG before compiling + +Peter De Wachter (pdewacht@gmail.com) +placed in the public domain + +--- a/kodilib/linux/Makefile ++++ b/kodilib/linux/Makefile +@@ -21,7 +21,7 @@ + + INCLUDES = $(KODI_INCLUDES) $(X11_INCLUDES) $(SDL_INCLUDES) + +-CXXFLAGS = $(INCLUDES) $(SDL_CFLAGS) ++CXXOPTS = -Wall $(INCLUDES) $(SDL_CFLAGS) $(CPPFLAGS) $(CXXFLAGS) + + src = \ + $(KODISRCDIR)/handler/KEventHandler.cpp \ +@@ -95,4 +95,4 @@ + $(RM) -f $(obj) libkodi.a + + %.o: %.cpp +- $(CXX) -c $(CXXFLAGS) -o $@ $< ++ $(CXX) -c $(CXXOPTS) -o $@ $< +--- a/linux/Makefile ++++ b/linux/Makefile +@@ -46,7 +46,7 @@ + + INCLUDES = $(KIKI_INCLUDES) $(X11_INCLUDES) $(PYTHON_INCLUDES) + +-CXXFLAGS = $(INCLUDES) $(SDLCFLAGS) ++CXXOPTS = -Wall $(INCLUDES) $(SDLCFLAGS) $(CPPFLAGS) $(CXXFLAGS) + + src = \ + $(KIKISRC)/base/KikiAction.cpp \ +@@ -105,8 +105,10 @@ + obj = $(src:.cpp=.o) + + kiki: $(KIKISRC)/../SWIG/KikiPy_wrap.cpp $(obj) +- -(cd ../SWIG; swig -c++ -python -globals kiki -o KikiPy_wrap.cpp KikiPy.i; cp kiki.py ../py) +- $(CXX) $(obj) $(KODILIB) -o kiki $(GLLIBS) $(SDLLIBS) $(PYTHONLIBS) ++ $(CXX) $(LDFLAGS) $(obj) $(KODILIB) -o kiki $(GLLIBS) $(SDLLIBS) $(PYTHONLIBS) ++ ++$(KIKISRC)/../SWIG/KikiPy_wrap.cpp: $(wildcard ../SWIG/*.i) ++ (cd ../SWIG && swig -c++ -python -globals kiki -DSWIG_PYTHON_LEGACY_BOOL -o KikiPy_wrap.cpp KikiPy.i && cp kiki.py ../py) + + obj-clean: + $(RM) -f $(obj) +@@ -115,5 +117,5 @@ + $(RM) -f $(obj) kiki + + %.o: %.cpp +- $(CXX) -c $(CXXFLAGS) -o $@ $< ++ $(CXX) -c $(CXXOPTS) -o $@ $< + diff --git a/gnu/packages/patches/kiki-missing-includes.patch b/gnu/packages/patches/kiki-missing-includes.patch new file mode 100644 index 0000000000..e5ee74f3ee --- /dev/null +++ b/gnu/packages/patches/kiki-missing-includes.patch @@ -0,0 +1,55 @@ +Downloaded from https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/missing-includes.patch?revision=7984&view=co + +Status: in upstream CVS + +--- a/kodilib/src/handler/KPickable.h ++++ b/kodilib/src/handler/KPickable.h +@@ -8,6 +8,7 @@ + + #include "KIntrospection.h" + #include ++#include + + #define DEBUG_PICKING false + +--- a/kodilib/src/tools/KIntrospection.h ++++ b/kodilib/src/tools/KIntrospection.h +@@ -11,6 +11,7 @@ + #endif + + #include ++#include + + // -------------------------------------------------------------------------------------------------------- + class KClassInfo +--- a/kodilib/src/tools/KStringTools.cpp ++++ b/kodilib/src/tools/KStringTools.cpp +@@ -6,7 +6,7 @@ + #include "KStringTools.h" + #include "KVector.h" + +-#include // INT_MAX ++#include // INT_MAX + #include + + // -------------------------------------------------------------------------------------------------------- +--- a/kodilib/src/tools/KStringTools.h ++++ b/kodilib/src/tools/KStringTools.h +@@ -9,6 +9,7 @@ + #include + #include + #include ++#include + + // -------------------------------------------------------------------------------------------------------- + +--- a/kodilib/src/tools/KXMLTools.cpp ++++ b/kodilib/src/tools/KXMLTools.cpp +@@ -7,6 +7,7 @@ + #include "KConsole.h" + #include "KSeparatedMatrix.h" + #include ++#include + + // -------------------------------------------------------------------------------------------------------- + std::string kXMLTag ( const std::string & name, const std::string & attributes, int depth ) diff --git a/gnu/packages/patches/kiki-portability-64bit.patch b/gnu/packages/patches/kiki-portability-64bit.patch new file mode 100644 index 0000000000..456c008915 --- /dev/null +++ b/gnu/packages/patches/kiki-portability-64bit.patch @@ -0,0 +1,328 @@ +This patch was downloaded from Debian: +https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/portability-64bit.patch?revision=7984&view=co + +Make 64-bit clean (string positions don't fit in an int on 64-bit machines) + +Peter De Wachter (pdewacht@gmail.com) +placed in the public domain + +Status: in upstream CVS + +--- a/kodilib/src/tools/KFileTools.cpp ++++ b/kodilib/src/tools/KFileTools.cpp +@@ -214,8 +214,8 @@ + // -------------------------------------------------------------------------------------------------------- + string kFileSuffix ( const string & path ) + { +- unsigned int lastDotPos = path.rfind("."); +- unsigned int lastSlashPos = path.rfind(kPathSep); ++ std::string::size_type lastDotPos = path.rfind("."); ++ std::string::size_type lastSlashPos = path.rfind(kPathSep); + + if (lastDotPos < path.size() - 1 && (lastDotPos > lastSlashPos || lastSlashPos == string::npos)) + { +@@ -228,7 +228,7 @@ + string kFileDirName ( const string & path ) + { + string native = kFileNativePath(path); +- unsigned int lastSlashPos = native.rfind(kPathSep); ++ std::string::size_type lastSlashPos = native.rfind(kPathSep); + if (lastSlashPos < native.size()) + { + return native.substr(0, lastSlashPos+1); +@@ -241,7 +241,7 @@ + { + string native = kFileNativePath(path); + string baseName = native; +- unsigned int lastSlashPos = native.rfind(kPathSep); ++ std::string::size_type lastSlashPos = native.rfind(kPathSep); + if (lastSlashPos < native.size() - 1) + { + baseName = native.substr(lastSlashPos+1); +--- a/kodilib/src/tools/KKeyTools.cpp ++++ b/kodilib/src/tools/KKeyTools.cpp +@@ -170,7 +170,7 @@ + // -------------------------------------------------------------------------------------------------------- + int kKeyGetDisplayWidthForKey ( const std::string & keyName ) + { +- unsigned int keyPos = keyName.find('_', 0); ++ std::string::size_type keyPos = keyName.find('_', 0); + if (keyPos == std::string::npos) + { + return kKeyGetDisplayWidthForPureKey(keyName) + KDL_MOD_KEY_SPACING; +@@ -313,7 +313,7 @@ + int kKeyDisplayKey ( const std::string & keyName, const KPosition & pos ) + { + KPosition start = pos; +- unsigned int keyPos = keyName.find('_', 0); ++ std::string::size_type keyPos = keyName.find('_', 0); + if (keyPos == std::string::npos) + { + return start.x + kKeyDisplayPureKey(keyName, start) + KDL_MOD_KEY_SPACING; +@@ -380,7 +380,7 @@ + // -------------------------------------------------------------------------------------------------------- + SDL_keysym kKeyGetKeysymForKeyName ( const std::string & keyName ) + { +- unsigned int pos = keyName.find('_'); ++ std::string::size_type pos = keyName.find('_'); + + std::string modString; + std::string symString = keyName; +--- a/kodilib/src/tools/KStringTools.cpp ++++ b/kodilib/src/tools/KStringTools.cpp +@@ -13,7 +13,7 @@ + void kStringInsertStringBehindTags ( std::string & str, const std::string & insertString, + const std::string & tag ) + { +- unsigned int oldPos = 0; ++ std::string::size_type oldPos = 0; + while ((oldPos = str.find(tag, oldPos)) != std::string::npos) + { + oldPos += tag.size(); +@@ -34,8 +34,8 @@ + { + std::vector components; + +- unsigned int dividerLength = divider.size(); +- unsigned int oldpos = 0, pos; ++ std::string::size_type dividerLength = divider.size(); ++ std::string::size_type oldpos = 0, pos; + + while ((pos = str.find(divider, oldpos)) != std::string::npos) + { +@@ -50,7 +50,7 @@ + // -------------------------------------------------------------------------------------------------------- + void kStringReplace ( std::string & str, const std::string & toReplace, const std::string & replacement ) + { +- unsigned int pos = 0, chars = toReplace.size(); ++ std::string::size_type pos = 0, chars = toReplace.size(); + while ((pos = str.find(toReplace, pos)) != std::string::npos) + { + str.replace(pos, chars, replacement); +@@ -60,11 +60,11 @@ + // -------------------------------------------------------------------------------------------------------- + void kStringReplaceTabs ( std::string & str, unsigned int tabWidth ) + { +- unsigned int tabPos; ++ std::string::size_type tabPos; + while ((tabPos = str.find('\t')) != std::string::npos) + { +- unsigned int lastNewlinePos = str.rfind('\n', tabPos-1); +- unsigned int relPos = (lastNewlinePos == std::string::npos) ? tabPos : tabPos - lastNewlinePos; ++ std::string::size_type lastNewlinePos = str.rfind('\n', tabPos-1); ++ std::string::size_type relPos = (lastNewlinePos == std::string::npos) ? tabPos : tabPos - lastNewlinePos; + str.replace(tabPos, 1, std::string(tabWidth-(relPos % tabWidth), ' ')); + } + } +@@ -114,7 +114,7 @@ + // -------------------------------------------------------------------------------------------------------- + unsigned int kStringNthCharPos ( const std::string & str, unsigned int n, char c ) + { +- unsigned int loc = n, oloc = 0; ++ std::string::size_type loc = n, oloc = 0; + while (n > 0 && (loc = str.find(c, oloc)) != std::string::npos) + { + n--; +@@ -138,7 +138,7 @@ + // -------------------------------------------------------------------------------------------------------- + void kStringCropCols ( std::string & str, unsigned int columns ) + { +- unsigned int oloc = 0, nloc = 0; ++ std::string::size_type oloc = 0, nloc = 0; + while ((nloc = str.find('\n', oloc)) != std::string::npos) + { + if ((nloc - oloc) > columns) +@@ -160,10 +160,10 @@ + unsigned int kStringCols ( const std::string & str ) + { + if (str.size() == 0) return 0; +- int oloc = 0, nloc; ++ long oloc = 0, nloc; + std::string substring; + int maxlength = 0, length; +- while ((nloc = str.find('\n', oloc)) != (int)std::string::npos) ++ while ((nloc = str.find('\n', oloc)) != (long)std::string::npos) + { + substring = str.substr(oloc, nloc - oloc); + length = substring.size(); +@@ -181,7 +181,7 @@ + unsigned int kStringRows ( const std::string & str ) + { + if (str.size() == 0) return 1; +- unsigned int loc = 0, lines = 0; ++ std::string::size_type loc = 0, lines = 0; + while ((loc = str.find('\n', loc)) != std::string::npos) { lines++; loc++; } + if (str[str.size()-1] == '\n') return lines; + return lines+1; +@@ -204,8 +204,8 @@ + { + static char str[256]; + std::string format(fmt), subformat, text; +- unsigned int oloc = 0; +- unsigned int nloc = 0; ++ std::string::size_type oloc = 0; ++ std::string::size_type nloc = 0; + + kStringReplaceTabs(format); + +@@ -260,7 +260,7 @@ + // -------------------------------------------------------------------------------------------------------- + bool kStringHasSuffix ( const std::string & str, const std::string & suffix ) + { +- unsigned int result = str.rfind(suffix); ++ std::string::size_type result = str.rfind(suffix); + if (result == std::string::npos) return false; + return (result == str.size()-suffix.size()); + } +--- a/kodilib/src/tools/KXMLTools.cpp ++++ b/kodilib/src/tools/KXMLTools.cpp +@@ -58,11 +58,11 @@ + std::string kXMLParseToTagsInVector ( std::string & xml, const std::vector & tags ) + { + std::string open("<"); +- unsigned int minLoc = std::string::npos; ++ std::string::size_type minLoc = std::string::npos; + std::vector::const_iterator iter = tags.begin(); + while (iter != tags.end()) + { +- unsigned int loc = xml.find(open+(*iter)); ++ std::string::size_type loc = xml.find(open+(*iter)); + if (loc < minLoc) minLoc = loc; + iter++; + } +@@ -77,7 +77,7 @@ + std::string value; + std::string nameStr(name); + nameStr += "='"; +- unsigned int loc = xml.find(nameStr); ++ std::string::size_type loc = xml.find(nameStr); + if (loc != std::string::npos) + { + loc += nameStr.size(); +@@ -90,7 +90,7 @@ + // -------------------------------------------------------------------------------------------------------- + bool kXMLParseNamedCloseTag ( std::string & xml, const std::string & name, bool printError ) + { +- unsigned int loc = xml.find('<'); ++ std::string::size_type loc = xml.find('<'); + if (loc == std::string::npos) + { + if (printError) KConsole::printError(kStringPrintf("invalid XML:\nmissing close tag '%s'", +@@ -117,7 +117,7 @@ + // -------------------------------------------------------------------------------------------------------- + bool kXMLReadNamedOpenTag ( const std::string & xml, const std::string & name, std::string * attributes ) + { +- unsigned int loc = xml.find('<'), endloc; ++ std::string::size_type loc = xml.find('<'), endloc; + + if (loc == std::string::npos || xml[loc+1] == '/') return false; + +@@ -140,7 +140,7 @@ + // -------------------------------------------------------------------------------------------------------- + std::string kXMLParseNamedOpenTag ( std::string & xml, const std::string & name, std::string * attributes, bool printError ) + { +- unsigned int loc = xml.find('<'); ++ std::string::size_type loc = xml.find('<'); + if (loc == std::string::npos || xml[loc+1] == '/') + { + if (printError) KConsole::printError(kStringPrintf("invalid XML:\nmissing tag '%s'", name.c_str())); +@@ -191,7 +191,7 @@ + // -------------------------------------------------------------------------------------------------------- + bool kXMLParseOpenTag ( std::string & xml, std::string & name, std::string * attributes, bool printError ) + { +- unsigned int loc = xml.find('<'); ++ std::string::size_type loc = xml.find('<'); + if (loc == std::string::npos || xml[loc+1] == '/') + { + if (printError) KConsole::printError("invalid XML:\nmissing open tag"); +@@ -295,7 +295,7 @@ + // -------------------------------------------------------------------------------------------------------- + bool kXMLParseValue( std::string & xml, const std::string & name, int type, void * value, bool printError ) + { +- unsigned int loc = xml.find('<'); ++ std::string::size_type loc = xml.find('<'); + if (loc == std::string::npos || xml[loc+1] == '/') + { + if (printError) KConsole::printError(kStringPrintf("invalid XML:\nmissing value '%s'", name.c_str())); +@@ -379,8 +379,8 @@ + } + else if (typeString == "string") + { +- unsigned int first = substring.find("\"")+1; +- unsigned int last = substring.rfind("\"", std::string::npos); ++ std::string::size_type first = substring.find("\"")+1; ++ std::string::size_type last = substring.rfind("\"", std::string::npos); + *((std::string*)value) = substring.substr(first, last-first); + } + +--- a/kodilib/src/types/KKey.cpp ++++ b/kodilib/src/types/KKey.cpp +@@ -31,7 +31,7 @@ + // -------------------------------------------------------------------------------------------------------- + std::string KKey::getUnmodifiedName () const + { +- unsigned int keyPos = name.find('_', 0); ++ std::string::size_type keyPos = name.find('_', 0); + if (keyPos == std::string::npos) + { + return name; +@@ -42,7 +42,7 @@ + // -------------------------------------------------------------------------------------------------------- + std::string KKey::getModifierName () const + { +- unsigned int keyPos = name.find('_', 0); ++ std::string::size_type keyPos = name.find('_', 0); + if (keyPos == std::string::npos) + { + return ""; +--- a/kodilib/src/widgets/KFileNameField.cpp ++++ b/kodilib/src/widgets/KFileNameField.cpp +@@ -41,7 +41,7 @@ + std::string restPath; // path behind cursor + + // map cropped path to current directory and rest path to file prefix +- unsigned int lastSlashPos = croppedPath.rfind("/"); ++ std::string::size_type lastSlashPos = croppedPath.rfind("/"); + if (lastSlashPos < croppedPath.size()-1) + { + restPath = croppedPath.substr(lastSlashPos+1); +@@ -88,7 +88,7 @@ + } + + // ............................collect list of entries in searchDir that match prefix restPath +- unsigned int restLength = restPath.size(); ++ std::string::size_type restLength = restPath.size(); + std::vector matchingEntries; + std::vector::iterator iter = dir_entries.begin(); + while (iter != dir_entries.end()) +@@ -223,7 +223,7 @@ + // -------------------------------------------------------------------------------------------------------- + void KFileNameField::selectLastPathComponent () + { +- unsigned int lastSlashPos = text.rfind("/"); ++ std::string::size_type lastSlashPos = text.rfind("/"); + if (lastSlashPos == text.size()-1) lastSlashPos = text.rfind("/", lastSlashPos-1); + if (lastSlashPos < text.size()) cursor_pos = lastSlashPos+1; + else cursor_pos = 0; +--- a/src/gui/KikiMenu.cpp ++++ b/src/gui/KikiMenu.cpp +@@ -54,7 +54,7 @@ + { + std::string item_text (itemText); + std::string event_name (itemText); +- unsigned int pos; ++ std::string::size_type pos; + float scale_factor = 1.0; + + KikiMenuItem * menu_item = new KikiMenuItem (); +--- a/src/gui/KikiTextLine.cpp ++++ b/src/gui/KikiTextLine.cpp +@@ -46,7 +46,7 @@ + void KikiTextLine::setText ( const std::string & str ) + { + text = str; +- unsigned int pos; ++ std::string::size_type pos; + + if ((pos = text.find ("$scale(")) != std::string::npos) + { -- cgit v1.2.3 From 4264db22095882b7706ae2b9680bde2d355987b3 Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Thu, 13 Apr 2017 16:50:22 +0530 Subject: gnu: password-store: Update to 1.7.1. * gnu/packages/password-utils.scm (password-store): Update to 1.7.1. [source]: Remove "password-store-gnupg-compat.patch". * gnu/packages/patches/password-store-gnupg-compat.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/password-utils.scm | 5 +- .../patches/password-store-gnupg-compat.patch | 53 ---------------------- 3 files changed, 2 insertions(+), 57 deletions(-) delete mode 100644 gnu/packages/patches/password-store-gnupg-compat.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 9385b3df94..c97a0ed3b6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -827,7 +827,6 @@ dist_patch_DATA = \ %D%/packages/patches/ots-no-include-missing-file.patch \ %D%/packages/patches/p7zip-CVE-2016-9296.patch \ %D%/packages/patches/p7zip-remove-unused-code.patch \ - %D%/packages/patches/password-store-gnupg-compat.patch \ %D%/packages/patches/patchelf-page-size.patch \ %D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchutils-xfail-gendiff-tests.patch \ diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm index 66d5f8cf88..9daacd871e 100644 --- a/gnu/packages/password-utils.scm +++ b/gnu/packages/password-utils.scm @@ -284,7 +284,7 @@ any X11 window.") (define-public password-store (package (name "password-store") - (version "1.7") + (version "1.7.1") (source (origin (method url-fetch) (uri @@ -292,8 +292,7 @@ any X11 window.") name "-" version ".tar.xz")) (sha256 (base32 - "002mw7j0m33bw483rllzhcf41wp3ixka8yma6kqrfaj57jyw66hn")) - (patches (search-patches "password-store-gnupg-compat.patch")))) + "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn")))) (build-system gnu-build-system) (arguments '(#:phases diff --git a/gnu/packages/patches/password-store-gnupg-compat.patch b/gnu/packages/patches/password-store-gnupg-compat.patch deleted file mode 100644 index c314ba6647..0000000000 --- a/gnu/packages/patches/password-store-gnupg-compat.patch +++ /dev/null @@ -1,53 +0,0 @@ -Copied from upstream mailing list: -https://lists.zx2c4.com/pipermail/password-store/2017-March/002844.html. - -The patch actually restores compatibility with GnuPG 2.1.19, the '2.2.19' in -the commit message is a typo. - -From 8723d8e8192683891904aff321446b0fac37d1ad Mon Sep 17 00:00:00 2001 -From: Andreas Stieger -Date: Fri, 10 Mar 2017 15:43:26 +0100 -Subject: [PATCH] Fix compatibility with GnuPG 2.2.19 - -GnuPG 2.2.19 added a warning when no command was given. - -* src/password-store.sh (reencrypt_path): Add --decrypt to --list-only -* tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same - -https://bugs.gnupg.org/gnupg/msg9873 -http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb -https://bugzilla.suse.com/show_bug.cgi?id=1028867 ---- - src/password-store.sh | 2 +- - tests/t0300-reencryption.sh | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/password-store.sh b/src/password-store.sh -index 1ab6fb5..bad8d4f 100755 ---- a/src/password-store.sh -+++ b/src/password-store.sh -@@ -125,7 +125,7 @@ reencrypt_path() { - done - gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)" - fi -- current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)" -+ current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)" - - if [[ $gpg_keys != "$current_keys" ]]; then - echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }" -diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh -index 9d46580..6d5811d 100755 ---- a/tests/t0300-reencryption.sh -+++ b/tests/t0300-reencryption.sh -@@ -10,7 +10,7 @@ canonicalize_gpg_keys() { - $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u - } - gpg_keys_from_encrypted_file() { -- $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u -+ $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u - } - gpg_keys_from_group() { - local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)" --- -2.12.0 - -- cgit v1.2.3 From 33f79a74b8f97fc39587ca66d38f0d82548bfe28 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 12 Apr 2017 22:28:40 +0200 Subject: gnu: Add bam. * gnu/packages/build-tools.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/packages/build-tools.scm | 64 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 gnu/packages/build-tools.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c97a0ed3b6..779cb0dfd5 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -70,6 +70,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/boost.scm \ %D%/packages/bootloaders.scm \ %D%/packages/bootstrap.scm \ + %D%/packages/build-tools.scm \ %D%/packages/busybox.scm \ %D%/packages/c.scm \ %D%/packages/calcurse.scm \ diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm new file mode 100644 index 0000000000..8901a46576 --- /dev/null +++ b/gnu/packages/build-tools.scm @@ -0,0 +1,64 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Ricardo Wurmus +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages build-tools) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix utils) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (gnu packages) + #:use-module (gnu packages python) + #:use-module (guix build-system gnu)) + +(define-public bam + (package + (name "bam") + (version "0.4.0") + (source (origin + (method url-fetch) + (uri (string-append "http://github.com/downloads/matricks/" + "bam/bam-" version ".tar.bz2")) + (sha256 + (base32 + "0z90wvyd4nfl7mybdrv9dsd4caaikc6fxw801b72gqi1m9q0c0sn")))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (delete 'configure) + (replace 'build + (lambda _ + (zero? (system* "bash" "make_unix.sh")))) + (replace 'check + (lambda _ + (zero? (system* "python" "scripts/test.py")))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let ((bin (string-append (assoc-ref outputs "out") "/bin"))) + (mkdir-p bin) + (install-file "bam" bin) + #t)))))) + (native-inputs + `(("python" ,python-2))) + (home-page "https://matricks.github.io/bam/") + (synopsis "Fast and flexible build system") + (description "Bam is a fast and flexible build system. Bam uses Lua to +describe the build process. It takes its inspiration for the script files +from scons. While scons focuses on being 100% correct when building, bam +makes a few sacrifices to acquire fast full and incremental build times.") + (license license:bsd-3))) -- cgit v1.2.3 From b77e3a1c4eabbd6010083a6cb9aad7cf5a9a4d45 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 12 Apr 2017 22:27:16 +0200 Subject: gnu: Add teeworlds. * gnu/packages/games.scm (teeworlds): New variable. * gnu/packages/patches/teeworlds-use-latest-wavpack.patch: New file. * gnu/local.mk (dist_patch_DATA): Add patch. --- gnu/local.mk | 1 + gnu/packages/games.scm | 89 ++++++++++++++++++++++ .../patches/teeworlds-use-latest-wavpack.patch | 84 ++++++++++++++++++++ 3 files changed, 174 insertions(+) create mode 100644 gnu/packages/patches/teeworlds-use-latest-wavpack.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 779cb0dfd5..45df0eba8a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -957,6 +957,7 @@ dist_patch_DATA = \ %D%/packages/patches/tcsh-fix-autotest.patch \ %D%/packages/patches/tcsh-fix-out-of-bounds-read.patch \ %D%/packages/patches/teensy-loader-cli-help.patch \ + %D%/packages/patches/teeworlds-use-latest-wavpack.patch \ %D%/packages/patches/texlive-texmf-CVE-2016-10243.patch \ %D%/packages/patches/texi2html-document-encoding.patch \ %D%/packages/patches/texi2html-i18n.patch \ diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 710b2746c9..a956f0ca44 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -56,6 +56,7 @@ #:use-module (gnu packages autotools) #:use-module (gnu packages backup) #:use-module (gnu packages base) + #:use-module (gnu packages build-tools) #:use-module (gnu packages admin) #:use-module (gnu packages audio) #:use-module (gnu packages avahi) @@ -3649,3 +3650,91 @@ small robot living in the nano world, repair its maker.") ;; kiki-the-nano-bot/kiki-the-nano-bot_1.0.2+dfsg1-4_copyright> ;; for a statement from the author. (license license:public-domain))) + +(define-public teeworlds + (package + (name "teeworlds") + (version "0.6.4") + (source (origin + (method url-fetch) + (uri (string-append "https://github.com/teeworlds/teeworlds/" + "archive/" version "-release.tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "1mqhp6xjl75l49050cid36wxyjn1qr0vjx1c709dfg1lkvmgs6l3")) + (modules '((guix build utils))) + (snippet + '(begin + (for-each delete-file-recursively + '("src/engine/external/wavpack/" + "src/engine/external/zlib/")) + #t)) + (patches + (search-patches "teeworlds-use-latest-wavpack.patch")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; no tests included + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + ;; Embed path to assets. + (substitute* "src/engine/shared/storage.cpp" + (("#define DATA_DIR.*") + (string-append "#define DATA_DIR \"" + (assoc-ref outputs "out") + "/share/teeworlds/data" + "\""))) + + ;; Bam expects all files to have a recent time stamp. + (for-each (lambda (file) + (utime file 1 1)) + (find-files ".")) + + ;; Do not use bundled libraries. + (substitute* "bam.lua" + (("if config.zlib.value == 1 then") + "if true then") + (("wavpack = .*") + "wavpack = {} +settings.link.libs:Add(\"wavpack\")\n")) + (substitute* "src/engine/client/sound.cpp" + (("#include ") + "#include ")) + #t)) + (replace 'build + (lambda _ + (zero? (system* "bam" "-a" "-v" "release")))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (data (string-append out "/share/teeworlds/data"))) + (mkdir-p bin) + (mkdir-p data) + (for-each (lambda (file) + (install-file file bin)) + '("teeworlds" "teeworlds_srv")) + (copy-recursively "data" data) + #t)))))) + ;; FIXME: teeworlds bundles the sources of "pnglite", a two-file PNG + ;; library without a build system. + (inputs + `(("freetype" ,freetype) + ("glu" ,glu) + ("mesa" ,mesa) + ("sdl-union" ,(sdl-union (list sdl + sdl-mixer + sdl-image))) + ("wavpack" ,wavpack) + ("zlib" ,zlib))) + (native-inputs + `(("bam" ,bam) + ("python" ,python-2))) + (home-page "https://www.teeworlds.com") + (synopsis "2D retro multiplayer shooter game") + (description "Teeworlds is an online multiplayer game. Battle with up to +16 players in a variety of game modes, including Team Deathmatch and Capture +The Flag. You can even design your own maps!") + (license license:bsd-3))) diff --git a/gnu/packages/patches/teeworlds-use-latest-wavpack.patch b/gnu/packages/patches/teeworlds-use-latest-wavpack.patch new file mode 100644 index 0000000000..e9fd991087 --- /dev/null +++ b/gnu/packages/patches/teeworlds-use-latest-wavpack.patch @@ -0,0 +1,84 @@ +Downloaded from https://anonscm.debian.org/cgit/pkg-games/teeworlds.git/plain/debian/patches/new-wavpack.patch. + +This patch lets us build teeworlds with wavpack 5.1.0. + +--- a/src/engine/client/sound.cpp ++++ b/src/engine/client/sound.cpp +@@ -328,17 +328,14 @@ void CSound::RateConvert(int SampleID) + pSample->m_NumFrames = NumFrames; + } + +-int CSound::ReadData(void *pBuffer, int Size) +-{ +- return io_read(ms_File, pBuffer, Size); +-} +- + int CSound::LoadWV(const char *pFilename) + { + CSample *pSample; + int SampleID = -1; + char aError[100]; + WavpackContext *pContext; ++ char aWholePath[1024]; ++ IOHANDLE File; + + // don't waste memory on sound when we are stress testing + if(g_Config.m_DbgStress) +@@ -351,19 +348,23 @@ int CSound::LoadWV(const char *pFilename + if(!m_pStorage) + return -1; + +- ms_File = m_pStorage->OpenFile(pFilename, IOFLAG_READ, IStorage::TYPE_ALL); +- if(!ms_File) ++ File = m_pStorage->OpenFile(pFilename, IOFLAG_READ, IStorage::TYPE_ALL, aWholePath, sizeof(aWholePath)); ++ if(!File) + { + dbg_msg("sound/wv", "failed to open file. filename='%s'", pFilename); + return -1; + } ++ else ++ { ++ io_close(File); ++ } + + SampleID = AllocID(); + if(SampleID < 0) + return -1; + pSample = &m_aSamples[SampleID]; + +- pContext = WavpackOpenFileInput(ReadData, aError); ++ pContext = WavpackOpenFileInput(aWholePath, aError, OPEN_2CH_MAX, 0); + if (pContext) + { + int m_aSamples = WavpackGetNumSamples(pContext); +@@ -419,9 +420,6 @@ int CSound::LoadWV(const char *pFilename + dbg_msg("sound/wv", "failed to open %s: %s", pFilename, aError); + } + +- io_close(ms_File); +- ms_File = NULL; +- + if(g_Config.m_Debug) + dbg_msg("sound/wv", "loaded %s", pFilename); + +@@ -527,7 +525,5 @@ void CSound::StopAll() + lock_unlock(m_SoundLock); + } + +-IOHANDLE CSound::ms_File = 0; +- + IEngineSound *CreateEngineSound() { return new CSound; } + +--- a/src/engine/client/sound.h ++++ b/src/engine/client/sound.h +@@ -21,10 +21,6 @@ public: + + static void RateConvert(int SampleID); + +- // TODO: Refactor: clean this mess up +- static IOHANDLE ms_File; +- static int ReadData(void *pBuffer, int Size); +- + virtual bool IsSoundEnabled() { return m_SoundEnabled != 0; } + + virtual int LoadWV(const char *pFilename); -- cgit v1.2.3 From 960887b2974ff5c3e63f58a1d89cd8d0dcb5e045 Mon Sep 17 00:00:00 2001 From: Mathieu Othacehe Date: Fri, 14 Apr 2017 12:14:51 +0200 Subject: build: Stop building gnu/build/svg.scm. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Makefile.am (EXTRA_DIST): Add gnu/build/svg.scm. * gnu/local.mk (GNU_SYSTEM_MODULES): Remove gnu/build/svg.scm. It fixes the following build warnings: gnu/build/svg.scm:36:12: warning: possibly unbound variable `cairo-create' gnu/build/svg.scm:36:26: warning: possibly unbound variable `cairo-image-surface-create' gnu/build/svg.scm:38:4: warning: possibly unbound variable `cairo-scale' gnu/build/svg.scm:39:4: warning: possibly unbound variable `cairo-set-source-surface' Signed-off-by: Ludovic Courtès --- Makefile.am | 2 ++ gnu/local.mk | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'gnu/local.mk') diff --git a/Makefile.am b/Makefile.am index 99b4556056..c9671e2d14 100644 --- a/Makefile.am +++ b/Makefile.am @@ -4,6 +4,7 @@ # Copyright © 2015, 2017 Alex Kost # Copyright © 2016 Mathieu Lirzin # Copyright © 2016, 2017 Mark H Weaver +# Copyright © 2017 Mathieu Othacehe # # This file is part of GNU Guix. # @@ -394,6 +395,7 @@ EXTRA_DIST = \ TODO \ CODE-OF-CONDUCT \ .dir-locals.el \ + gnu/build/svg.scm \ build-aux/build-self.scm \ build-aux/compile-all.scm \ build-aux/hydra/evaluate.scm \ diff --git a/gnu/local.mk b/gnu/local.mk index 45df0eba8a..82e94171b8 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -460,7 +460,6 @@ GNU_SYSTEM_MODULES = \ %D%/build/linux-modules.scm \ %D%/build/marionette.scm \ %D%/build/shepherd.scm \ - %D%/build/svg.scm \ %D%/build/vm.scm \ \ %D%/tests.scm \ -- cgit v1.2.3 From e5da4d8b4027a8300ee80a970e8628266609c126 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Fri, 14 Apr 2017 11:52:11 +0200 Subject: gnu: mupdf: Update to 1.11. Also delete two stray patches that were added in 92ae98e2a0c2ffc807111dbf7616df47a9d3b31c and lost in a subsequent merge (mupdf/fixed was already gone at e90e0fad1b3ba79d81f02424e143ee6f4f736e8b). * gnu/packages/patches/mupdf-CVE-2017-5896.patch, gnu/packages/patches/mupdf-CVE-2017-5991.patch, gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch, gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch: Adjust. * gnu/packages/pdf.scm (mupdf): Update to 1.11. [source]: Remove mujs patches. Adjust snippet to source rename. --- gnu/local.mk | 4 - gnu/packages/patches/mupdf-CVE-2017-5896.patch | 63 ------- gnu/packages/patches/mupdf-CVE-2017-5991.patch | 101 ----------- .../patches/mupdf-build-with-openjpeg-2.1.patch | 16 +- .../patches/mupdf-mujs-CVE-2016-10132.patch | 188 --------------------- .../patches/mupdf-mujs-CVE-2016-10133.patch | 36 ---- gnu/packages/pdf.scm | 10 +- 7 files changed, 11 insertions(+), 407 deletions(-) delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-5896.patch delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-5991.patch delete mode 100644 gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch delete mode 100644 gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 82e94171b8..c78eeb5e8d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -785,10 +785,6 @@ dist_patch_DATA = \ %D%/packages/patches/multiqc-fix-git-subprocess-error.patch \ %D%/packages/patches/mumps-build-parallelism.patch \ %D%/packages/patches/mupdf-build-with-openjpeg-2.1.patch \ - %D%/packages/patches/mupdf-mujs-CVE-2016-10132.patch \ - %D%/packages/patches/mupdf-mujs-CVE-2016-10133.patch \ - %D%/packages/patches/mupdf-CVE-2017-5896.patch \ - %D%/packages/patches/mupdf-CVE-2017-5991.patch \ %D%/packages/patches/mupen64plus-ui-console-notice.patch \ %D%/packages/patches/musl-CVE-2016-8859.patch \ %D%/packages/patches/mutt-store-references.patch \ diff --git a/gnu/packages/patches/mupdf-CVE-2017-5896.patch b/gnu/packages/patches/mupdf-CVE-2017-5896.patch deleted file mode 100644 index 1537ecc896..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-5896.patch +++ /dev/null @@ -1,63 +0,0 @@ -Fix CVE-2017-5896: - -https://bugs.ghostscript.com/show_bug.cgi?id=697515 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5896 -http://www.openwall.com/lists/oss-security/2017/02/10/1 -https://security-tracker.debian.org/tracker/CVE-2017-5896 -https://blogs.gentoo.org/ago/2017/02/09/mupdf-use-after-free-in-fz_subsample_pixmap-pixmap-c/ - -Patch lifted from upstream source repository: - -http://git.ghostscript.com/?p=mupdf.git;h=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27 - -From 2c4e5867ee699b1081527bc6c6ea0e99a35a5c27 Mon Sep 17 00:00:00 2001 -From: Robin Watts -Date: Thu, 9 Feb 2017 07:12:16 -0800 -Subject: [PATCH] bug 697515: Fix out of bounds read in fz_subsample_pixmap - -Pointer arithmetic for final special case was going wrong. ---- - source/fitz/pixmap.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/source/fitz/pixmap.c b/source/fitz/pixmap.c -index a8317127..f1291dc2 100644 ---- a/source/fitz/pixmap.c -+++ b/source/fitz/pixmap.c -@@ -1104,6 +1104,7 @@ fz_subsample_pixmap_ARM(unsigned char *ptr, int w, int h, int f, int factor, - "@STACK:r1,<9>,factor,n,fwd,back,back2,fwd2,divX,back4,fwd4,fwd3,divY,back5,divXY\n" - "ldr r4, [r13,#4*22] @ r4 = divXY \n" - "ldr r5, [r13,#4*11] @ for (nn = n; nn > 0; n--) { \n" -+ "ldr r8, [r13,#4*17] @ r8 = back4 \n" - "18: @ \n" - "mov r14,#0 @ r14= v = 0 \n" - "sub r5, r5, r1, LSL #8 @ for (xx = x; xx > 0; x--) { \n" -@@ -1120,7 +1121,7 @@ fz_subsample_pixmap_ARM(unsigned char *ptr, int w, int h, int f, int factor, - "mul r14,r4, r14 @ r14= v *= divX \n" - "mov r14,r14,LSR #16 @ r14= v >>= 16 \n" - "strb r14,[r9], #1 @ *d++ = r14 \n" -- "sub r0, r0, r8 @ s -= back2 \n" -+ "sub r0, r0, r8 @ s -= back4 \n" - "subs r5, r5, #1 @ n-- \n" - "bgt 18b @ } \n" - "21: @ \n" -@@ -1249,6 +1250,7 @@ fz_subsample_pixmap(fz_context *ctx, fz_pixmap *tile, int factor) - x += f; - if (x > 0) - { -+ int back4 = x * n - 1; - div = x * y; - for (nn = n; nn > 0; nn--) - { -@@ -1263,7 +1265,7 @@ fz_subsample_pixmap(fz_context *ctx, fz_pixmap *tile, int factor) - s -= back5; - } - *d++ = v / div; -- s -= back2; -+ s -= back4; - } - } - } --- -2.12.0 - diff --git a/gnu/packages/patches/mupdf-CVE-2017-5991.patch b/gnu/packages/patches/mupdf-CVE-2017-5991.patch deleted file mode 100644 index 1fa6dc3466..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-5991.patch +++ /dev/null @@ -1,101 +0,0 @@ -Fix CVE-2017-5991: - -https://bugs.ghostscript.com/show_bug.cgi?id=697500 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5991 -https://security-tracker.debian.org/tracker/CVE-2017-5991 - -Patch lifted from upstream source repository: - -http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465 - -From 1912de5f08e90af1d9d0a9791f58ba3afdb9d465 Mon Sep 17 00:00:00 2001 -From: Robin Watts -Date: Thu, 9 Feb 2017 15:49:15 +0000 -Subject: [PATCH] Bug 697500: Fix NULL ptr access. - -Cope better with errors during rendering - avoid letting the -gstate stack get out of sync. - -This avoids us ever getting into the situation of popping -a clip when we should be popping a mask or a group. This was -causing an unexpected case in the painting. ---- - source/pdf/pdf-op-run.c | 26 ++++++++++++++++++-------- - 1 file changed, 18 insertions(+), 8 deletions(-) - -diff --git a/source/pdf/pdf-op-run.c b/source/pdf/pdf-op-run.c -index a3ea895d..f1eac8d3 100644 ---- a/source/pdf/pdf-op-run.c -+++ b/source/pdf/pdf-op-run.c -@@ -1213,6 +1213,7 @@ pdf_run_xobject(fz_context *ctx, pdf_run_processor *proc, pdf_xobject *xobj, pdf - pdf_run_processor *pr = (pdf_run_processor *)proc; - pdf_gstate *gstate = NULL; - int oldtop = 0; -+ int oldbot = -1; - fz_matrix local_transform = *transform; - softmask_save softmask = { NULL }; - int gparent_save; -@@ -1232,16 +1233,17 @@ pdf_run_xobject(fz_context *ctx, pdf_run_processor *proc, pdf_xobject *xobj, pdf - fz_var(cleanup_state); - fz_var(gstate); - fz_var(oldtop); -+ fz_var(oldbot); - - gparent_save = pr->gparent; - pr->gparent = pr->gtop; -+ oldtop = pr->gtop; - - fz_try(ctx) - { - pdf_gsave(ctx, pr); - - gstate = pr->gstate + pr->gtop; -- oldtop = pr->gtop; - - pdf_xobject_bbox(ctx, xobj, &xobj_bbox); - pdf_xobject_matrix(ctx, xobj, &xobj_matrix); -@@ -1302,12 +1304,25 @@ pdf_run_xobject(fz_context *ctx, pdf_run_processor *proc, pdf_xobject *xobj, pdf - - doc = pdf_get_bound_document(ctx, xobj->obj); - -+ oldbot = pr->gbot; -+ pr->gbot = pr->gtop; -+ - pdf_process_contents(ctx, (pdf_processor*)pr, doc, resources, xobj->obj, NULL); - } - fz_always(ctx) - { -+ /* Undo any gstate mismatches due to the pdf_process_contents call */ -+ if (oldbot != -1) -+ { -+ while (pr->gtop > pr->gbot) -+ { -+ pdf_grestore(ctx, pr); -+ } -+ pr->gbot = oldbot; -+ } -+ - if (cleanup_state >= 3) -- pdf_grestore(ctx, pr); /* Remove the clippath */ -+ pdf_grestore(ctx, pr); /* Remove the state we pushed for the clippath */ - - /* wrap up transparency stacks */ - if (transparency) -@@ -1341,13 +1356,8 @@ pdf_run_xobject(fz_context *ctx, pdf_run_processor *proc, pdf_xobject *xobj, pdf - pr->gstate[pr->gparent].ctm = gparent_save_ctm; - pr->gparent = gparent_save; - -- if (gstate) -- { -- while (oldtop < pr->gtop) -- pdf_grestore(ctx, pr); -- -+ while (oldtop < pr->gtop) - pdf_grestore(ctx, pr); -- } - - pdf_unmark_obj(ctx, xobj->obj); - } --- -2.12.0 - diff --git a/gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch b/gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch index d97c1cb348..0b5b735ff3 100644 --- a/gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch +++ b/gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch @@ -13,17 +13,15 @@ diff --git a/source/fitz/load-jpx.c b/source/fitz/load-jpx.c index 6b92e5c..72dea50 100644 --- a/source/fitz/load-jpx.c +++ b/source/fitz/load-jpx.c -@@ -1,13 +1,5 @@ - #include "mupdf/fitz.h" +@@ -444,11 +444,6 @@ + + #else /* HAVE_LURATECH */ --/* Without the definition of OPJ_STATIC, compilation fails on windows -- * due to the use of __stdcall. We believe it is required on some -- * linux toolchains too. */ -#define OPJ_STATIC --#ifndef _MSC_VER +-#define OPJ_HAVE_INTTYPES_H +-#if !defined(_WIN32) && !defined(_WIN64) -#define OPJ_HAVE_STDINT_H -#endif -- - #include + #define USE_JPIP - static void fz_opj_error_callback(const char *msg, void *client_data) + #include diff --git a/gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch b/gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch deleted file mode 100644 index e752e57ec5..0000000000 --- a/gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch +++ /dev/null @@ -1,188 +0,0 @@ -Fix CVE-2016-10132: - -https://bugs.ghostscript.com/show_bug.cgi?id=697381 -http://seclists.org/oss-sec/2017/q1/74 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10132 - -Patch lifted from upstream source repository: - -http://git.ghostscript.com/?p=mujs.git;h=fd003eceda531e13fbdd1aeb6e9c73156496e569 - -From fd003eceda531e13fbdd1aeb6e9c73156496e569 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Fri, 2 Dec 2016 14:56:20 -0500 -Subject: [PATCH] Fix 697381: check allocation when compiling regular - expressions. - -Also use allocator callback function. ---- - thirdparty/mujs/jsgc.c | 2 +- - thirdparty/mujs/jsregexp.c | 2 +- - thirdparty/mujs/jsstate.c | 6 ------ - thirdparty/mujs/regexp.c | 45 +++++++++++++++++++++++++++++++++++---------- - thirdparty/mujs/regexp.h | 7 +++++++ - 5 files changed, 44 insertions(+), 18 deletions(-) - -diff --git a/thirdparty/mujs/jsgc.c b/thirdparty/mujs/jsgc.c -index 4f7e7dc..f80111e 100644 ---- a/thirdparty/mujs/jsgc.c -+++ b/thirdparty/mujs/jsgc.c -@@ -46,7 +46,7 @@ static void jsG_freeobject(js_State *J, js_Object *obj) - jsG_freeproperty(J, obj->head); - if (obj->type == JS_CREGEXP) { - js_free(J, obj->u.r.source); -- js_regfree(obj->u.r.prog); -+ js_regfreex(J->alloc, J->actx, obj->u.r.prog); - } - if (obj->type == JS_CITERATOR) - jsG_freeiterator(J, obj->u.iter.head); -diff --git a/thirdparty/mujs/jsregexp.c b/thirdparty/mujs/jsregexp.c -index a2d5156..7b09c06 100644 ---- a/thirdparty/mujs/jsregexp.c -+++ b/thirdparty/mujs/jsregexp.c -@@ -16,7 +16,7 @@ void js_newregexp(js_State *J, const char *pattern, int flags) - if (flags & JS_REGEXP_I) opts |= REG_ICASE; - if (flags & JS_REGEXP_M) opts |= REG_NEWLINE; - -- prog = js_regcomp(pattern, opts, &error); -+ prog = js_regcompx(J->alloc, J->actx, pattern, opts, &error); - if (!prog) - js_syntaxerror(J, "regular expression: %s", error); - -diff --git a/thirdparty/mujs/jsstate.c b/thirdparty/mujs/jsstate.c -index 638cab3..fd5bcf6 100644 ---- a/thirdparty/mujs/jsstate.c -+++ b/thirdparty/mujs/jsstate.c -@@ -9,12 +9,6 @@ - - static void *js_defaultalloc(void *actx, void *ptr, int size) - { -- if (size == 0) { -- free(ptr); -- return NULL; -- } -- if (!ptr) -- return malloc((size_t)size); - return realloc(ptr, (size_t)size); - } - -diff --git a/thirdparty/mujs/regexp.c b/thirdparty/mujs/regexp.c -index 9852be2..01c18a3 100644 ---- a/thirdparty/mujs/regexp.c -+++ b/thirdparty/mujs/regexp.c -@@ -807,23 +807,31 @@ static void dumpprog(Reprog *prog) - } - #endif - --Reprog *regcomp(const char *pattern, int cflags, const char **errorp) -+Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, -+ const char *pattern, int cflags, const char **errorp) - { - struct cstate g; - Renode *node; - Reinst *split, *jump; - int i; - -- g.prog = malloc(sizeof (Reprog)); -- g.pstart = g.pend = malloc(sizeof (Renode) * strlen(pattern) * 2); -+ g.pstart = NULL; -+ g.prog = NULL; - - if (setjmp(g.kaboom)) { - if (errorp) *errorp = g.error; -- free(g.pstart); -- free(g.prog); -+ alloc(ctx, g.pstart, 0); -+ alloc(ctx, g.prog, 0); - return NULL; - } - -+ g.prog = alloc(ctx, NULL, sizeof (Reprog)); -+ if (!g.prog) -+ die(&g, "cannot allocate regular expression"); -+ g.pstart = g.pend = alloc(ctx, NULL, sizeof (Renode) * strlen(pattern) * 2); -+ if (!g.pstart) -+ die(&g, "cannot allocate regular expression parse list"); -+ - g.source = pattern; - g.ncclass = 0; - g.nsub = 1; -@@ -840,7 +848,9 @@ Reprog *regcomp(const char *pattern, int cflags, const char **errorp) - die(&g, "syntax error"); - - g.prog->nsub = g.nsub; -- g.prog->start = g.prog->end = malloc((count(node) + 6) * sizeof (Reinst)); -+ g.prog->start = g.prog->end = alloc(ctx, NULL, (count(node) + 6) * sizeof (Reinst)); -+ if (!g.prog->start) -+ die(&g, "cannot allocate regular expression instruction list"); - - split = emit(g.prog, I_SPLIT); - split->x = split + 3; -@@ -859,20 +869,35 @@ Reprog *regcomp(const char *pattern, int cflags, const char **errorp) - dumpprog(g.prog); - #endif - -- free(g.pstart); -+ alloc(ctx, g.pstart, 0); - - if (errorp) *errorp = NULL; - return g.prog; - } - --void regfree(Reprog *prog) -+void regfreex(void *(*alloc)(void *ctx, void *p, int n), void *ctx, Reprog *prog) - { - if (prog) { -- free(prog->start); -- free(prog); -+ alloc(ctx, prog->start, 0); -+ alloc(ctx, prog, 0); - } - } - -+static void *default_alloc(void *ctx, void *p, int n) -+{ -+ return realloc(p, (size_t)n); -+} -+ -+Reprog *regcomp(const char *pattern, int cflags, const char **errorp) -+{ -+ return regcompx(default_alloc, NULL, pattern, cflags, errorp); -+} -+ -+void regfree(Reprog *prog) -+{ -+ regfreex(default_alloc, NULL, prog); -+} -+ - /* Match */ - - static int isnewline(int c) -diff --git a/thirdparty/mujs/regexp.h b/thirdparty/mujs/regexp.h -index 4bb4615..6bb73e8 100644 ---- a/thirdparty/mujs/regexp.h -+++ b/thirdparty/mujs/regexp.h -@@ -1,6 +1,8 @@ - #ifndef regexp_h - #define regexp_h - -+#define regcompx js_regcompx -+#define regfreex js_regfreex - #define regcomp js_regcomp - #define regexec js_regexec - #define regfree js_regfree -@@ -8,6 +10,11 @@ - typedef struct Reprog Reprog; - typedef struct Resub Resub; - -+Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, -+ const char *pattern, int cflags, const char **errorp); -+void regfreex(void *(*alloc)(void *ctx, void *p, int n), void *ctx, -+ Reprog *prog); -+ - Reprog *regcomp(const char *pattern, int cflags, const char **errorp); - int regexec(Reprog *prog, const char *string, Resub *sub, int eflags); - void regfree(Reprog *prog); --- -2.9.1 - diff --git a/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch b/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch deleted file mode 100644 index d73849262c..0000000000 --- a/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2016-10133: - -https://bugs.ghostscript.com/show_bug.cgi?id=697401 -http://seclists.org/oss-sec/2017/q1/74 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10133 - -Patch lifted from upstream source repository: - -https://git.ghostscript.com/?p=mujs.git;h=77ab465f1c394bb77f00966cd950650f3f53cb24 - -From 77ab465f1c394bb77f00966cd950650f3f53cb24 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Thu, 12 Jan 2017 14:47:01 +0100 -Subject: [PATCH] Fix 697401: Error when dropping extra arguments to - lightweight functions. - ---- - thirdparty/mujs/jsrun.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/thirdparty/mujs/jsrun.c b/thirdparty/mujs/jsrun.c -index ee80845..782a6f9 100644 ---- a/thirdparty/mujs/jsrun.c -+++ b/thirdparty/mujs/jsrun.c -@@ -937,7 +937,7 @@ static void jsR_calllwfunction(js_State *J, int n, js_Function *F, js_Environmen - jsR_savescope(J, scope); - - if (n > F->numparams) { -- js_pop(J, F->numparams - n); -+ js_pop(J, n - F->numparams); - n = F->numparams; - } - for (i = n; i < F->varlen; ++i) --- -2.9.1 - diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 0882d3b942..5ccaa38eea 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -531,7 +531,7 @@ extracting content or merging files.") (define-public mupdf (package (name "mupdf") - (version "1.10a") + (version "1.11") (source (origin (method url-fetch) @@ -539,10 +539,8 @@ extracting content or merging files.") name "-" version "-source.tar.gz")) (sha256 (base32 - "0dm8wcs8i29aibzkqkrn8kcnk4q0kd1v66pg48h5c3qqp4v1zk5a")) - (patches (search-patches "mupdf-build-with-openjpeg-2.1.patch" - "mupdf-mujs-CVE-2016-10132.patch" - "mupdf-mujs-CVE-2016-10133.patch")) + "02phamcchgsmvjnb3ir7r5sssvx9fcrscn297z73b82n1jl79510")) + (patches (search-patches "mupdf-build-with-openjpeg-2.1.patch")) (modules '((guix build utils))) (snippet ;; Delete all the bundled libraries except for mujs, which is @@ -554,7 +552,7 @@ extracting content or merging files.") "thirdparty/glfw" "thirdparty/harfbuzz" "thirdparty/jbig2dec" - "thirdparty/jpeg" + "thirdparty/libjpeg" "thirdparty/openjpeg" "thirdparty/zlib"))))) (build-system gnu-build-system) -- cgit v1.2.3 From 8c326cf644b2fda3f33eb8816387ff1bd2acc640 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 15 Apr 2017 00:09:24 +0200 Subject: gnu: ceph: Disable failing test. * gnu/packages/patches/ceph-disable-unittest-throttle.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/storage.scm (ceph)[source]: Use it. --- gnu/local.mk | 1 + .../patches/ceph-disable-unittest-throttle.patch | 52 ++++++++++++++++++++++ gnu/packages/storage.scm | 1 + 3 files changed, 54 insertions(+) create mode 100644 gnu/packages/patches/ceph-disable-unittest-throttle.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c78eeb5e8d..cf9f5c7197 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -512,6 +512,7 @@ dist_patch_DATA = \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/cdparanoia-fpic.patch \ %D%/packages/patches/ceph-disable-cpu-optimizations.patch \ + %D%/packages/patches/ceph-disable-unittest-throttle.patch \ %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \ %D%/packages/patches/ceph-skip-unittest_blockdev.patch \ %D%/packages/patches/chicken-CVE-2017-6949.patch \ diff --git a/gnu/packages/patches/ceph-disable-unittest-throttle.patch b/gnu/packages/patches/ceph-disable-unittest-throttle.patch new file mode 100644 index 0000000000..08ae5f9e24 --- /dev/null +++ b/gnu/packages/patches/ceph-disable-unittest-throttle.patch @@ -0,0 +1,52 @@ +FIXME: This test broke after the gcc-5/glibc-2.25 core-updates merge. +Not sure what's going on here, it hangs after spawning the first thread. + +diff --git a/src/test/common/Throttle.cc b/src/test/common/Throttle.cc +index 5b6d73217d..40a477b2a3 100644 +--- a/src/test/common/Throttle.cc ++++ b/src/test/common/Throttle.cc +@@ -216,44 +216,6 @@ TEST_F(ThrottleTest, wait) { + } while(!waited); + } + +-TEST_F(ThrottleTest, destructor) { +- Thread_get *t; +- { +- int64_t throttle_max = 10; +- Throttle *throttle = new Throttle(g_ceph_context, "throttle", throttle_max); +- +- ASSERT_FALSE(throttle->get(5)); +- +- t = new Thread_get(*throttle, 7); +- t->create("t_throttle"); +- bool blocked; +- useconds_t delay = 1; +- do { +- usleep(delay); +- if (throttle->get_or_fail(1)) { +- throttle->put(1); +- blocked = false; +- } else { +- blocked = true; +- } +- delay *= 2; +- } while(!blocked); +- delete throttle; +- } +- +- { // +- // The thread is left hanging, otherwise it will abort(). +- // Deleting the Throttle on which it is waiting creates a +- // inconsistency that will be detected: the Throttle object that +- // it references no longer exists. +- // +- pthread_t id = t->get_thread_id(); +- ASSERT_EQ(pthread_kill(id, 0), 0); +- delete t; +- ASSERT_EQ(pthread_kill(id, 0), 0); +- } +-} +- + std::pair > test_backoff( + double low_threshhold, + double high_threshhold, diff --git a/gnu/packages/storage.scm b/gnu/packages/storage.scm index 7288a0f790..388eb10444 100644 --- a/gnu/packages/storage.scm +++ b/gnu/packages/storage.scm @@ -59,6 +59,7 @@ (patches (search-patches "ceph-skip-unittest_blockdev.patch" "ceph-skip-collect-sys-info-test.patch" + "ceph-disable-unittest-throttle.patch" "ceph-disable-cpu-optimizations.patch")) (modules '((guix build utils))) (snippet -- cgit v1.2.3 From a408e757663a1f2cb075a9918bb49708906aaca4 Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Tue, 11 Apr 2017 22:59:44 +0200 Subject: gnu: icu4c: Fix crashes in programs using system ICU. Fixes . * gnu/packages/patches/icu4c-reset-keyword-list-iterator.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/icu4c.scm (icu4c)[replacement]: New field. (icu4c/fixed): New variable. --- gnu/local.mk | 1 + gnu/packages/icu4c.scm | 11 ++ .../icu4c-reset-keyword-list-iterator.patch | 130 +++++++++++++++++++++ 3 files changed, 142 insertions(+) create mode 100644 gnu/packages/patches/icu4c-reset-keyword-list-iterator.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index cf9f5c7197..5822add4c8 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -658,6 +658,7 @@ dist_patch_DATA = \ %D%/packages/patches/icu4c-CVE-2014-6585.patch \ %D%/packages/patches/icu4c-CVE-2015-1270.patch \ %D%/packages/patches/icu4c-CVE-2015-4760.patch \ + %D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ %D%/packages/patches/isl-0.11.1-aarch64-support.patch \ diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index d842f03b4e..2b51441002 100644 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2013 Andreas Enge ;;; Copyright © 2015, 2016 Mark H Weaver ;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2017 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,6 +31,7 @@ (package (name "icu4c") (version "58.2") + (replacement icu4c/fixed) (source (origin (method url-fetch) (uri (string-append @@ -63,3 +65,12 @@ globalisation support for software applications. This package contains the C/C++ part.") (license x11) (home-page "http://site.icu-project.org/"))) + +(define icu4c/fixed + (package + (inherit icu4c) + (replacement #f) + (source (origin + (inherit (package-source icu4c)) + (patches + (search-patches "icu4c-reset-keyword-list-iterator.patch")))))) diff --git a/gnu/packages/patches/icu4c-reset-keyword-list-iterator.patch b/gnu/packages/patches/icu4c-reset-keyword-list-iterator.patch new file mode 100644 index 0000000000..17970aa4a8 --- /dev/null +++ b/gnu/packages/patches/icu4c-reset-keyword-list-iterator.patch @@ -0,0 +1,130 @@ +Copied from upstream: http://bugs.icu-project.org/trac/changeset/39484/. + +Fixes (crashes). + +Paths and line endings have been adapted. + +Index: icu/source/common/ulist.c +=================================================================== +--- icu/source/common/ulist.c (revision 39483) ++++ icu/source/common/ulist.c (revision 39484) +@@ -30,5 +30,4 @@ + + int32_t size; +- int32_t currentIndex; + }; + +@@ -52,5 +51,4 @@ + newList->tail = NULL; + newList->size = 0; +- newList->currentIndex = -1; + + return newList; +@@ -81,6 +79,7 @@ + p->next->previous = p->previous; + } +- list->curr = NULL; +- list->currentIndex = 0; ++ if (p == list->curr) { ++ list->curr = p->next; ++ } + --list->size; + if (p->forceDelete) { +@@ -151,5 +150,4 @@ + list->head->previous = newItem; + list->head = newItem; +- list->currentIndex++; + } + +@@ -194,5 +192,4 @@ + curr = list->curr; + list->curr = curr->next; +- list->currentIndex++; + + return curr->data; +@@ -210,5 +207,4 @@ + if (list != NULL) { + list->curr = list->head; +- list->currentIndex = 0; + } + } +@@ -273,3 +269,2 @@ + return (UList *)(en->context); + } +- +Index: icu/source/i18n/ucol_res.cpp +=================================================================== +--- icu/source/i18n/ucol_res.cpp (revision 39483) ++++ icu/source/i18n/ucol_res.cpp (revision 39484) +@@ -681,4 +681,5 @@ + } + memcpy(en, &defaultKeywordValues, sizeof(UEnumeration)); ++ ulist_resetList(sink.values); // Initialize the iterator. + en->context = sink.values; + sink.values = NULL; // Avoid deletion in the sink destructor. +Index: icu/source/test/intltest/apicoll.cpp +=================================================================== +--- icu/source/test/intltest/apicoll.cpp (revision 39483) ++++ icu/source/test/intltest/apicoll.cpp (revision 39484) +@@ -82,14 +82,7 @@ + col = Collator::createInstance(Locale::getEnglish(), success); + if (U_FAILURE(success)){ +- errcheckln(success, "Default Collator creation failed. - %s", u_errorName(success)); +- return; +- } +- +- StringEnumeration* kwEnum = col->getKeywordValuesForLocale("", Locale::getEnglish(),true,success); +- if (U_FAILURE(success)){ +- errcheckln(success, "Get Keyword Values for Locale failed. - %s", u_errorName(success)); +- return; +- } +- delete kwEnum; ++ errcheckln(success, "English Collator creation failed. - %s", u_errorName(success)); ++ return; ++ } + + col->getVersion(versionArray); +@@ -230,4 +223,27 @@ + delete aFrCol; + delete junk; ++} ++ ++void CollationAPITest::TestKeywordValues() { ++ IcuTestErrorCode errorCode(*this, "TestKeywordValues"); ++ LocalPointer col(Collator::createInstance(Locale::getEnglish(), errorCode)); ++ if (errorCode.logIfFailureAndReset("English Collator creation failed")) { ++ return; ++ } ++ ++ LocalPointer kwEnum( ++ col->getKeywordValuesForLocale("collation", Locale::getEnglish(), TRUE, errorCode)); ++ if (errorCode.logIfFailureAndReset("Get Keyword Values for English Collator failed")) { ++ return; ++ } ++ assertTrue("expect at least one collation tailoring for English", kwEnum->count(errorCode) > 0); ++ const char *kw; ++ UBool hasStandard = FALSE; ++ while ((kw = kwEnum->next(NULL, errorCode)) != NULL) { ++ if (strcmp(kw, "standard") == 0) { ++ hasStandard = TRUE; ++ } ++ } ++ assertTrue("expect at least the 'standard' collation tailoring for English", hasStandard); + } + +@@ -2467,4 +2483,5 @@ + TESTCASE_AUTO_BEGIN; + TESTCASE_AUTO(TestProperty); ++ TESTCASE_AUTO(TestKeywordValues); + TESTCASE_AUTO(TestOperators); + TESTCASE_AUTO(TestDuplicate); +Index: icu/source/test/intltest/apicoll.h +=================================================================== +--- icu/source/test/intltest/apicoll.h (revision 39483) ++++ icu/source/test/intltest/apicoll.h (revision 39484) +@@ -36,4 +36,5 @@ + */ + void TestProperty(/* char* par */); ++ void TestKeywordValues(); + + /** -- cgit v1.2.3 From 0315b20a2c5d68d6b6d53ecd0f80964c5ca91d70 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 17 Apr 2017 20:48:43 +0200 Subject: gnu: mesa: Update to 17.0.4. * gnu/packages/patches/mesa-skip-disk-cache-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gl.scm (mesa): Update to 17.0.4. [source]: Adapt URI to new directory structure. [arguments]: End phases on #t. Remove stray whitespaces. [home-page]: Use HTTPS. --- gnu/local.mk | 1 + gnu/packages/gl.scm | 23 +++++++++++++--------- .../patches/mesa-skip-disk-cache-test.patch | 20 +++++++++++++++++++ 3 files changed, 35 insertions(+), 9 deletions(-) create mode 100644 gnu/packages/patches/mesa-skip-disk-cache-test.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 82e94171b8..35f5cc64a6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -773,6 +773,7 @@ dist_patch_DATA = \ %D%/packages/patches/mcrypt-CVE-2012-4409.patch \ %D%/packages/patches/mcrypt-CVE-2012-4426.patch \ %D%/packages/patches/mcrypt-CVE-2012-4527.patch \ + %D%/packages/patches/mesa-skip-disk-cache-test.patch \ %D%/packages/patches/mesa-wayland-egl-symbols-check-mips.patch \ %D%/packages/patches/metabat-remove-compilation-date.patch \ %D%/packages/patches/mhash-keygen-test-segfault.patch \ diff --git a/gnu/packages/gl.scm b/gnu/packages/gl.scm index bb2eb768ea..f43f464390 100644 --- a/gnu/packages/gl.scm +++ b/gnu/packages/gl.scm @@ -217,17 +217,20 @@ also known as DXTn or DXTC) for Mesa.") (define-public mesa (package (name "mesa") - (version "13.0.5") + (version "17.0.4") (source (origin (method url-fetch) - (uri (string-append "ftp://ftp.freedesktop.org/pub/mesa/" - version "/mesa-" version ".tar.xz")) + (uri (list (string-append "ftp://ftp.freedesktop.org/pub/mesa/" + "mesa-" version ".tar.xz") + (string-append "ftp://ftp.freedesktop.org/pub/mesa/" + version "/mesa-" version ".tar.xz"))) (sha256 (base32 - "11zgynii1wz17131ml1mmblpwib8m88zz2jwi5h5llh1r3iagkmz")) + "0im3ca1vwwmkjf5w761vh7vabr4vrrdxpckr0wm974x18n2xqs8j")) (patches - (search-patches "mesa-wayland-egl-symbols-check-mips.patch")))) + (search-patches "mesa-wayland-egl-symbols-check-mips.patch" + "mesa-skip-disk-cache-test.patch")))) (build-system gnu-build-system) (propagated-inputs `(("glproto" ,glproto) @@ -281,7 +284,7 @@ also known as DXTn or DXTC) for Mesa.") ;; Without floating point texture support, drivers such as Nouveau ;; are stuck at OpenGL 2.1 instead of OpenGL 3.0+. "--enable-texture-float" - + ;; Also enable the tests. "--enable-gallium-tests" @@ -301,7 +304,8 @@ also known as DXTn or DXTC) for Mesa.") (substitute* "src/compiler/glsl/tests/lower_jumps/create_test_cases.py" (("/usr/bin/env bash") (which "bash"))) (substitute* "src/intel/genxml/gen_pack_header.py" - (("/usr/bin/env python2") (which "python"))))) + (("/usr/bin/env python2") (which "python"))) + #t)) (add-before 'build 'fix-dlopen-libnames (lambda* (#:key inputs outputs #:allow-other-keys) @@ -325,8 +329,9 @@ also known as DXTn or DXTC) for Mesa.") ;; it's never installed since Mesa removed its ;; egl_gallium support. (("\"gbm_dri\\.so") - (string-append "\"" out "/lib/dri/gbm_dri.so"))))))))) - (home-page "http://mesa3d.org/") + (string-append "\"" out "/lib/dri/gbm_dri.so"))) + #t)))))) + (home-page "https://mesa3d.org/") (synopsis "OpenGL implementation") (description "Mesa is a free implementation of the OpenGL specification - a system for rendering interactive 3D graphics. A variety of device drivers diff --git a/gnu/packages/patches/mesa-skip-disk-cache-test.patch b/gnu/packages/patches/mesa-skip-disk-cache-test.patch new file mode 100644 index 0000000000..4377110475 --- /dev/null +++ b/gnu/packages/patches/mesa-skip-disk-cache-test.patch @@ -0,0 +1,20 @@ +disk_cache_create() here looks up the users home directory from +which resolves to "/" in the build environment. I could not find an easy +way to set the home directory to something else, so we disable this test +for now. + +--- a/src/compiler/glsl/tests/cache_test.c ++++ b/src/compiler/glsl/tests/cache_test.c +@@ -137,11 +137,6 @@ + unsetenv("MESA_GLSL_CACHE_DIR"); + unsetenv("XDG_CACHE_HOME"); + +- cache = disk_cache_create(); +- expect_non_null(cache, "disk_cache_create with no environment variables"); +- +- disk_cache_destroy(cache); +- + /* Test with XDG_CACHE_HOME set */ + setenv("XDG_CACHE_HOME", CACHE_TEST_TMP "/xdg-cache-home", 1); + cache = disk_cache_create(); + -- cgit v1.2.3 From fbdd3526a1cab61602da1fcbfbc3ff02d99b23fe Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 18 Apr 2017 17:52:21 +0200 Subject: gnu: libsndfile: Fix build failure on armhf. * gnu/packages/patches/libsndfile-armhf-type-checks.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pulseaudio.scm (libsndfile)[source]: Use it. --- gnu/local.mk | 1 + .../patches/libsndfile-armhf-type-checks.patch | 42 ++++++++++++++++++++++ gnu/packages/pulseaudio.scm | 1 + 3 files changed, 44 insertions(+) create mode 100644 gnu/packages/patches/libsndfile-armhf-type-checks.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 552dd05498..e6dee58397 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -710,6 +710,7 @@ dist_patch_DATA = \ %D%/packages/patches/libmad-armv7-thumb-pt2.patch \ %D%/packages/patches/libmad-frame-length.patch \ %D%/packages/patches/libmad-mips-newgcc.patch \ + %D%/packages/patches/libsndfile-armhf-type-checks.patch \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ diff --git a/gnu/packages/patches/libsndfile-armhf-type-checks.patch b/gnu/packages/patches/libsndfile-armhf-type-checks.patch new file mode 100644 index 0000000000..7e0c71c3f6 --- /dev/null +++ b/gnu/packages/patches/libsndfile-armhf-type-checks.patch @@ -0,0 +1,42 @@ +This is a regression in 1.0.28 that causes a test failure on armhf. + +Upstream bug URL: + +https://github.com/erikd/libsndfile/issues/229 + +Patch copied from upstream source repository: + +https://github.com/erikd/libsndfile/commit/9d470ee5577d3ccedb1c28c7e0a7295ba17feaf5 + +From 9d470ee5577d3ccedb1c28c7e0a7295ba17feaf5 Mon Sep 17 00:00:00 2001 +From: Erik de Castro Lopo +Date: Sun, 16 Apr 2017 17:54:17 +1000 +Subject: [PATCH] src/rf64.c: Fix varargs related bug + +C's functionality isn't type checked so that passing an +`sf_count_t` (64 bits) by mistake in place of a `unit32_t` can cause +errors. This would be fine if it was an error on every architecture +and platform, but its not. This particular problem only manifested +on armhf and some other Arm architectures. It was not an issue on +32 bit x86. + +I have now fixed variants of this same bug several times. + +Closes: https://github.com/erikd/libsndfile/issues/229 +--- + src/rf64.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/rf64.c b/src/rf64.c +index b3d637f..02dd904 100644 +--- a/src/rf64.c ++++ b/src/rf64.c +@@ -742,7 +742,7 @@ rf64_write_header (SF_PRIVATE *psf, int calc_length) + + pad_size = psf->dataoffset - 16 - psf->header.indx ; + if (pad_size >= 0) +- psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ; ++ psf_binheader_writef (psf, "m4z", PAD_MARKER, (unsigned int) pad_size, make_size_t (pad_size)) ; + + if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES)) + psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ; diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm index cd796525c0..8231ce07ec 100644 --- a/gnu/packages/pulseaudio.scm +++ b/gnu/packages/pulseaudio.scm @@ -50,6 +50,7 @@ (method url-fetch) (uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-" version ".tar.gz")) + (patches (search-patches "libsndfile-armhf-type-checks.patch")) (sha256 (base32 "1afzm7jx34jhqn32clc5xghyjglccam2728yxlx37yj2y0lkkwqz")))) -- cgit v1.2.3 From 1b5b24c92d5176083ad749ba5d28f6ac31a3a0f7 Mon Sep 17 00:00:00 2001 From: Ben Sturmfels Date: Wed, 19 Apr 2017 02:24:57 +1000 Subject: gnu: fabric: Enable tests. * gnu/packages/patches/fabric-tests.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/admin.scm (fabric)[source]: Use it. [native-inputs]: Add PYTHON2-FUDGE, PYTHON2-JINJA2 and PYTHON2-NOSE. [arguments]<#:tests>: Remove. Signed-off-by: Marius Bakke --- gnu/local.mk | 1 + gnu/packages/admin.scm | 18 +++++++++++------- gnu/packages/patches/fabric-tests.patch | 15 +++++++++++++++ 3 files changed, 27 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/fabric-tests.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5822add4c8..c719f0427e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -552,6 +552,7 @@ dist_patch_DATA = \ %D%/packages/patches/eudev-conflicting-declaration.patch \ %D%/packages/patches/evilwm-lost-focus-bug.patch \ %D%/packages/patches/expat-CVE-2016-0718-fix-regression.patch \ + %D%/packages/patches/fabric-tests.patch \ %D%/packages/patches/fastcap-mulGlobal.patch \ %D%/packages/patches/fastcap-mulSetup.patch \ %D%/packages/patches/fasthenry-spAllocate.patch \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index 4daaddcfec..8f4a4cd41e 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -12,10 +12,10 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Peter Feigl ;;; Copyright © 2016 John J. Foerch -;;; Coypright © 2016, 2017 ng0 -;;; Coypright © 2016 Tobias Geerinckx-Rice -;;; Coypright © 2016 John Darrington -;;; Coypright © 2017 Ben Sturmfels +;;; Copyright © 2016, 2017 ng0 +;;; Copyright © 2016 Tobias Geerinckx-Rice +;;; Copyright © 2016 John Darrington +;;; Copyright © 2017 Ben Sturmfels ;;; ;;; This file is part of GNU Guix. ;;; @@ -2060,11 +2060,15 @@ Intel DRM Driver.") (uri (pypi-uri "Fabric" version)) (sha256 (base32 - "1z17hw0yiqp1blq217zxkg2jzkv8qd79saqhscgsw14mwlcqpwd0")))) + "1z17hw0yiqp1blq217zxkg2jzkv8qd79saqhscgsw14mwlcqpwd0")) + (patches (search-patches "fabric-tests.patch")))) (build-system python-build-system) (arguments - `(#:tests? #f ;XXX: Tests attempt to download Python "fudge" package. - #:python ,python-2)) ;Python 2 only + `(#:python ,python-2)) ;Python 2 only + (native-inputs + `(("python2-fudge" ,python2-fudge) ; Requires < 1.0 + ("python2-jinja2" ,python2-jinja2) ; Requires < 3.0 + ("python2-nose" ,python2-nose))) ; Requires < 2.0 (propagated-inputs ;; Required upgrading python-paramiko 1.17.4 to fix an incompatibility ;; between python-paramiko and newer python-pycrypto. Without this, the diff --git a/gnu/packages/patches/fabric-tests.patch b/gnu/packages/patches/fabric-tests.patch new file mode 100644 index 0000000000..4a0ca9f8f1 --- /dev/null +++ b/gnu/packages/patches/fabric-tests.patch @@ -0,0 +1,15 @@ +The `fab` excecutable doesn't exist during the test phase as it is created +dynamically during installation. Refer to the equivalent Python module +directly. + +--- a/tests/test_utils.py ++++ b/tests/test_utils.py +@@ -93,7 +93,7 @@ + # perform when they are allowed to bubble all the way to the top. So, we + # invoke a subprocess and look at its stderr instead. + with quiet(): +- result = local("fab -f tests/support/aborts.py kaboom", capture=True) ++ result = local("python -m fabric -f tests/support/aborts.py kaboom", capture=True) + # When error in #1318 is present, this has an extra "It burns!" at end of + # stderr string. + eq_(result.stderr, "Fatal error: It burns!\n\nAborting.") \ No newline at end of file -- cgit v1.2.3 From 5315fcfd773405506d38ec26dd85f05113611f70 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Sat, 15 Apr 2017 18:17:27 +0200 Subject: gnu: Add adb. * gnu/packages/android.scm: New file. * gnu/packages/patches/libbase-fix-includes.patch: New file. * gnu/packages/patches/libbase-use-own-logging.patch: New file. * gnu/local.mk (GNU_SYSTEM_MODULES, dist_patch_DATA): Add them. Co-Authored-By: Marius Bakke --- gnu/local.mk | 3 + gnu/packages/android.scm | 300 +++++++++++++++++++++ gnu/packages/patches/libbase-fix-includes.patch | 71 +++++ gnu/packages/patches/libbase-use-own-logging.patch | 80 ++++++ 4 files changed, 454 insertions(+) create mode 100644 gnu/packages/android.scm create mode 100644 gnu/packages/patches/libbase-fix-includes.patch create mode 100644 gnu/packages/patches/libbase-use-own-logging.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c719f0427e..9fd5b0f45c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -45,6 +45,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/adns.scm \ %D%/packages/algebra.scm \ %D%/packages/aidc.scm \ + %D%/packages/android.scm \ %D%/packages/animation.scm \ %D%/packages/anthy.scm \ %D%/packages/apl.scm \ @@ -689,6 +690,8 @@ dist_patch_DATA = \ %D%/packages/patches/liba52-link-with-libm.patch \ %D%/packages/patches/liba52-set-soname.patch \ %D%/packages/patches/liba52-use-mtune-not-mcpu.patch \ + %D%/packages/patches/libbase-fix-includes.patch \ + %D%/packages/patches/libbase-use-own-logging.patch \ %D%/packages/patches/libbonobo-activation-test-race.patch \ %D%/packages/patches/libcanberra-sound-theme-freedesktop.patch \ %D%/packages/patches/libdrm-symbol-check.patch \ diff --git a/gnu/packages/android.scm b/gnu/packages/android.scm new file mode 100644 index 0000000000..e23d0fd910 --- /dev/null +++ b/gnu/packages/android.scm @@ -0,0 +1,300 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2012 Stefan Handschuh +;;; Copyright © 2015 Kai-Chung Yan +;;; Copyright © 2016 Marius Bakke +;;; Copyright © 2017 Julien Lepiller +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages android) + #:use-module (guix packages) + #:use-module (guix git-download) + #:use-module (guix build-system gnu) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (gnu packages) + #:use-module (gnu packages tls)) + +;; The Makefiles that we add are largely based on the Debian +;; packages. They are licensed under GPL-2 and have copyright: +;; 2012, Stefan Handschuh +;; 2015, Kai-Chung Yan +;; Big thanks to them for laying the groundwork. + +;; The version tag is consistent between all repositories. +(define (android-platform-version) "7.1.2_r6") + +(define (android-platform-system-core version) + (origin + (method git-fetch) + (uri (git-reference + (url "https://android.googlesource.com/platform/system/core") + (commit (string-append "android-" version)))) + (file-name (string-append "android-platform-system-core-" + version "-checkout")) + (sha256 + (base32 + "0xc2n7jxrf1iw9cc278pijdfjix2fkiig5ws27f6rwp40zg5mrgg")))) + +(define liblog + (package + (name "liblog") + (version (android-platform-version)) + (source (android-platform-system-core version)) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; TODO. + #:make-flags '("CC=gcc") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'enter-source + (lambda _ (chdir "liblog") #t)) + (add-after 'enter-source 'create-Makefile + (lambda _ + ;; No useful makefile is shipped, so we create one. + (with-output-to-file "Makefile" + (lambda _ + (display + (string-append + "NAME = liblog\n" + "SOURCES = log_event_list.c log_event_write.c" + " logger_write.c config_write.c logger_name.c" + " logger_lock.c fake_log_device.c fake_writer.c" + " event_tag_map.c\n" + + "CFLAGS += -fvisibility=hidden -fPIC\n" + "CPPFLAGS += -I../include -DFAKE_LOG_DEVICE=1" + ;; Keep these two in sync with "liblog/Android.bp". + " -DLIBLOG_LOG_TAG=1005" + " -DSNET_EVENT_LOG_TAG=1397638484\n" + "LDFLAGS += -shared -Wl,-soname,$(NAME).so.0 -lpthread\n" + + "build: $(SOURCES)\n" + " $(CC) $^ -o $(NAME).so.0 $(CFLAGS) $(CPPFLAGS) $(LDFLAGS)\n")) + #t)))) + (delete 'configure) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib"))) + (install-file "liblog.so.0" lib) + (with-directory-excursion lib + (symlink "liblog.so.0" "liblog.so")) + #t)))))) + (home-page "https://developer.android.com/") + (synopsis "Logging library from the Android platform.") + (description "@code{liblog} represents an interface to the volatile Android +Logging system for NDK (Native) applications and libraries and contain +interfaces for either writing or reading logs. The log buffers are divided up +in Main, System, Radio and Events sub-logs.") + (license license:asl2.0))) + +(define libbase + (package + (name "libbase") + (version (android-platform-version)) + (source (origin + (inherit (android-platform-system-core version)) + (patches + (search-patches "libbase-use-own-logging.patch" + "libbase-fix-includes.patch")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; TODO. + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'enter-source + (lambda _ (chdir "base") #t)) + (add-after 'enter-source 'create-Makefile + (lambda _ + ;; No useful makefile is shipped, so we create one. + (with-output-to-file "Makefile" + (lambda _ + (display + (string-append + "NAME = libbase\n" + "SOURCES = file.cpp logging.cpp parsenetaddress.cpp" + " stringprintf.cpp strings.cpp errors_unix.cpp\n" + + "CXXFLAGS += -std=gnu++11 -fPIC\n" + "CPPFLAGS += -Iinclude -I../include\n" + "LDFLAGS += -shared -Wl,-soname,$(NAME).so.0" + " -L.. -llog\n" + + "build: $(SOURCES)\n" + " $(CXX) $^ -o $(NAME).so.0 $(CXXFLAGS) $(CPPFLAGS)" + " $(LDFLAGS)\n")) + #t)))) + (delete 'configure) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib"))) + (install-file "libbase.so.0" lib) + (with-directory-excursion lib + (symlink "libbase.so.0" "libbase.so")) + (copy-recursively "include" out) + #t)))))) + (inputs `(("liblog" ,liblog))) + (home-page "https://developer.android.com/") + (synopsis "Android platform base library") + (description "@code{libbase} is a library in common use by the +various Android core host applications.") + (license license:asl2.0))) + +(define libcutils + (package + (name "libcutils") + (version (android-platform-version)) + (source (android-platform-system-core version)) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; TODO. + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'enter-source + (lambda _ (chdir "libcutils") #t)) + (add-after 'enter-source 'create-Makefile + (lambda _ + ;; No useful makefile is shipped, so we create one. + (with-output-to-file "Makefile" + (lambda _ + (display + (string-append + "NAME = libcutils\n" + "SOURCES = load_file.o socket_local_client_unix.o" + " socket_loopback_client_unix.o socket_network_client_unix.o" + " socket_loopback_server_unix.o socket_local_server_unix.o" + " sockets_unix.o socket_inaddr_any_server_unix.o" + " sockets.o\n" + "CC = gcc\n" + + "CFLAGS += -fPIC\n" + "CXXFLAGS += -std=gnu++11 -fPIC\n" + "CPPFLAGS += -Iinclude -I../include\n" + "LDFLAGS += -shared -Wl,-soname,$(NAME).so.0\n" + + "build: $(SOURCES)\n" + " $(CXX) $^ -o $(NAME).so.0 $(CXXFLAGS) $(CPPFLAGS)" + " $(LDFLAGS)\n")) + #t)))) + (delete 'configure) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib"))) + (install-file "libcutils.so.0" lib) + (with-directory-excursion lib + (symlink "libcutils.so.0" "libcutils.so")) + #t)))))) + (home-page "https://developer.android.com/") + (synopsis "Android platform c utils library") + (description "@code{libcutils} is a library in common use by the +various Android core host applications.") + (license license:asl2.0))) + +(define-public adb + (package + (name "adb") + (version (android-platform-version)) + (source (origin + (inherit (android-platform-system-core version)) + (patches + (search-patches "libbase-use-own-logging.patch" + "libbase-fix-includes.patch")))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'enter-source + (lambda _ (chdir "adb") #t)) + (add-before 'build 'fix-clang + (lambda _ + ;; adb_client.h contains _Nonnull and _Nullable attributes, that + ;; are not understood by gcc. + (substitute* "adb_client.h" + (("_Nonnull") "") + (("_Nullable") "")) + #t)) + (add-before 'build 'fix-main + (lambda _ + ;; main.cpp used to be adb_main.cpp in the current directory + ;; rather than in its own subdirectory, but it was not fixed. + ;; This leads to some header files not being found anymore. + (copy-file "client/main.cpp" "adb_main.cpp") + #t)) + (add-after 'enter-source 'create-Makefile + (lambda* (#:key outputs #:allow-other-keys) + ;; No useful makefile is shipped, so we create one. + (with-output-to-file "Makefile" + (lambda _ + (display + (string-append + ;; Common for all components. + "CXXFLAGS += -std=gnu++14 -fpermissive\n" + "CPPFLAGS += -I../include -I../base/include -I. -DADB_HOST=1 " + "-DADB_REVISION='\"" ,version "\"' -fPIC\n" + "LDFLAGS += -lcrypto -lpthread -lbase -lcutils -L. -ladb\n" + + ;; Libadb specifics. + "LIBADB_SOURCES = adb.cpp adb_auth.cpp adb_io.cpp " + "adb_listeners.cpp adb_trace.cpp adb_utils.cpp fdevent.cpp " + "sockets.cpp transport.cpp transport_local.cpp transport_usb.cpp " + "get_my_path_linux.cpp sysdeps_unix.cpp usb_linux.cpp " + "adb_auth_host.cpp diagnose_usb.cpp services.cpp " + "shell_service_protocol.cpp bugreport.cpp line_printer.cpp\n" + + "LIBADB_LDFLAGS += -shared -Wl,-soname,libadb.so.0 " + "-lcrypto -lpthread -lbase\n" + + ;; Adb specifics. + "ADB_SOURCES = adb_main.cpp console.cpp commandline.cpp " + "adb_client.cpp file_sync_client.cpp\n" + "ADB_LDFLAGS += -Wl,-rpath=" (assoc-ref outputs "out") "/lib\n" + + "build: libadb $(ADB_SOURCES)\n" + " $(CXX) $(ADB_SOURCES) -o adb $(CXXFLAGS) $(CPPFLAGS) " + "$(ADB_LDFLAGS) $(LDFLAGS)\n" + + "libadb: $(LIBADB_SOURCES)\n" + " $(CXX) $^ -o libadb.so.0 $(CXXFLAGS) $(CPPFLAGS) " + "$(LIBADB_LDFLAGS)\n" + " ln -sv libadb.so.0 libadb.so\n")) + #t)))) + (delete 'configure) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (bin (string-append out "/bin"))) + (install-file "libadb.so.0" lib) + (install-file "adb" bin) + (with-directory-excursion lib + (symlink "libadb.so.0" "libadb.so")) + #t)))) + ;; Test suite must be run with attached devices + #:tests? #f)) + (inputs + `(("libbase" ,libbase) + ("libcutils" ,libcutils) + ("openssl" ,openssl))) + (home-page "https://developer.android.com/studio/command-line/adb.html") + (synopsis "Android Debug Bridge") + (description + "@command{adb} is a versatile command line tool that lets you communicate +with an emulator instance or connected Android device. It facilitates a variety +of device actions, such as installing and debugging apps, and it provides access +to a Unix shell that can run commands on the connected device or emulator.") + (license license:asl2.0))) diff --git a/gnu/packages/patches/libbase-fix-includes.patch b/gnu/packages/patches/libbase-fix-includes.patch new file mode 100644 index 0000000000..3071a0c400 --- /dev/null +++ b/gnu/packages/patches/libbase-fix-includes.patch @@ -0,0 +1,71 @@ +This patch fixes the build of adb on linux. + +Copied from archlinux repository: +https://git.archlinux.org/svntogit/community.git/tree/trunk/fix_build.patch?h=packages/android-tools + +diff --git a/adb/sysdeps.h b/adb/sysdeps.h +index 75dcc86..867f3ec 100644 +--- a/adb/sysdeps.h ++++ b/adb/sysdeps.h +@@ -25,6 +25,7 @@ + #endif + + #include ++#include + + #include + #include +@@ -831,7 +832,16 @@ static __inline__ int adb_is_absolute_host_path(const char* path) { + + static __inline__ unsigned long adb_thread_id() + { +- return (unsigned long)gettid(); ++ // TODO: this function should be merged with GetThreadId ++#if defined(__BIONIC__) ++ return gettid(); ++#elif defined(__APPLE__) ++ return syscall(SYS_thread_selfid); ++#elif defined(__linux__) ++ return syscall(__NR_gettid); ++#elif defined(_WIN32) ++ return GetCurrentThreadId(); ++#endif + } + + #endif /* !_WIN32 */ +diff --git a/base/errors_unix.cpp b/base/errors_unix.cpp +index 296995e..48269b6 100644 +--- a/base/errors_unix.cpp ++++ b/base/errors_unix.cpp +@@ -17,6 +17,7 @@ + #include "android-base/errors.h" + + #include ++#include + + namespace android { + namespace base { +diff --git a/base/file.cpp b/base/file.cpp +index da1adba..91a3901 100644 +--- a/base/file.cpp ++++ b/base/file.cpp +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + + #include + +diff --git a/base/logging.cpp b/base/logging.cpp +index 1741871..e97c7f1 100644 +--- a/base/logging.cpp ++++ b/base/logging.cpp +@@ -21,6 +21,7 @@ + #include "android-base/logging.h" + + #include ++#include + + // For getprogname(3) or program_invocation_short_name. + #if defined(__ANDROID__) || defined(__APPLE__) diff --git a/gnu/packages/patches/libbase-use-own-logging.patch b/gnu/packages/patches/libbase-use-own-logging.patch new file mode 100644 index 0000000000..f755bf9722 --- /dev/null +++ b/gnu/packages/patches/libbase-use-own-logging.patch @@ -0,0 +1,80 @@ +Patch copied from: +https://android.googlesource.com/platform/system/core/+/e5dd71a290f664d3f3bf0dd8a4bad411dc7ad416 + +From e5dd71a290f664d3f3bf0dd8a4bad411dc7ad416 Mon Sep 17 00:00:00 2001 +From: Elliott Hughes +Date: Thu, 28 Jul 2016 15:15:28 -0700 +Subject: [PATCH] libbase should use its own logging! + +Not doing so led to us using a bogus log tag. + +Bug: http://b/30281203 +Change-Id: I3ac91758a1a043146c65f2ae0f36fcfbe372c30f +--- + base/file.cpp | 11 +++++------ + base/logging.cpp | 3 +-- + 2 files changed, 6 insertions(+), 8 deletions(-) + +diff --git a/base/file.cpp b/base/file.cpp +index da1adba19..4e7ac82d1 100644 +--- a/base/file.cpp ++++ b/base/file.cpp +@@ -24,9 +24,8 @@ + #include + + #include "android-base/macros.h" // For TEMP_FAILURE_RETRY on Darwin. ++#include "android-base/logging.h" + #include "android-base/utf8.h" +-#define LOG_TAG "base.file" +-#include "cutils/log.h" + #include "utils/Compat.h" + + namespace android { +@@ -86,22 +85,22 @@ bool WriteStringToFile(const std::string& content, const std::string& path, + int flags = O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC | O_NOFOLLOW | O_BINARY; + int fd = TEMP_FAILURE_RETRY(open(path.c_str(), flags, mode)); + if (fd == -1) { +- ALOGE("android::WriteStringToFile open failed: %s", strerror(errno)); ++ PLOG(ERROR) << "android::WriteStringToFile open failed"; + return false; + } + + // We do an explicit fchmod here because we assume that the caller really + // meant what they said and doesn't want the umask-influenced mode. + if (fchmod(fd, mode) == -1) { +- ALOGE("android::WriteStringToFile fchmod failed: %s", strerror(errno)); ++ PLOG(ERROR) << "android::WriteStringToFile fchmod failed"; + return CleanUpAfterFailedWrite(path); + } + if (fchown(fd, owner, group) == -1) { +- ALOGE("android::WriteStringToFile fchown failed: %s", strerror(errno)); ++ PLOG(ERROR) << "android::WriteStringToFile fchown failed"; + return CleanUpAfterFailedWrite(path); + } + if (!WriteStringToFd(content, fd)) { +- ALOGE("android::WriteStringToFile write failed: %s", strerror(errno)); ++ PLOG(ERROR) << "android::WriteStringToFile write failed"; + return CleanUpAfterFailedWrite(path); + } + close(fd); +diff --git a/base/logging.cpp b/base/logging.cpp +index 769c266c9..959bb8b05 100644 +--- a/base/logging.cpp ++++ b/base/logging.cpp +@@ -43,12 +43,11 @@ + + #include "android-base/macros.h" + #include "android-base/strings.h" +-#include "cutils/threads.h" + + // Headers for LogMessage::LogLine. + #ifdef __ANDROID__ + #include +-#include "cutils/log.h" ++#include "log/log.h" + #else + #include + #include +-- +2.11.0 + -- cgit v1.2.3 From 165d45540a879c4b1d8b8aeb5a3c79bda91b7641 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 18 Apr 2017 20:35:08 -0400 Subject: gnu: mesa: Fix build for 32-bit systems. * gnu/packages/patches/mesa-fix-32bit-test-failures.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gl.scm (mesa)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gl.scm | 3 +- .../patches/mesa-fix-32bit-test-failures.patch | 58 ++++++++++++++++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/mesa-fix-32bit-test-failures.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index e6dee58397..265157a319 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -776,6 +776,7 @@ dist_patch_DATA = \ %D%/packages/patches/mcrypt-CVE-2012-4409.patch \ %D%/packages/patches/mcrypt-CVE-2012-4426.patch \ %D%/packages/patches/mcrypt-CVE-2012-4527.patch \ + %D%/packages/patches/mesa-fix-32bit-test-failures.patch \ %D%/packages/patches/mesa-skip-disk-cache-test.patch \ %D%/packages/patches/mesa-wayland-egl-symbols-check-mips.patch \ %D%/packages/patches/metabat-remove-compilation-date.patch \ diff --git a/gnu/packages/gl.scm b/gnu/packages/gl.scm index f43f464390..40b756394e 100644 --- a/gnu/packages/gl.scm +++ b/gnu/packages/gl.scm @@ -229,7 +229,8 @@ also known as DXTn or DXTC) for Mesa.") (base32 "0im3ca1vwwmkjf5w761vh7vabr4vrrdxpckr0wm974x18n2xqs8j")) (patches - (search-patches "mesa-wayland-egl-symbols-check-mips.patch" + (search-patches "mesa-fix-32bit-test-failures.patch" + "mesa-wayland-egl-symbols-check-mips.patch" "mesa-skip-disk-cache-test.patch")))) (build-system gnu-build-system) (propagated-inputs diff --git a/gnu/packages/patches/mesa-fix-32bit-test-failures.patch b/gnu/packages/patches/mesa-fix-32bit-test-failures.patch new file mode 100644 index 0000000000..e21e87cef6 --- /dev/null +++ b/gnu/packages/patches/mesa-fix-32bit-test-failures.patch @@ -0,0 +1,58 @@ +Fix a test failure when building for 32 bit architectures: + +http://lists.gnu.org/archive/html/guix-devel/2017-04/msg00381.html + +Patch copied from upstream source repository: + +https://cgit.freedesktop.org/mesa/mesa/commit/?id=61bbb25a080e48a8ca897ba7f6e73cc6a8e9b5b8 + +From 61bbb25a080e48a8ca897ba7f6e73cc6a8e9b5b8 Mon Sep 17 00:00:00 2001 +From: Grazvydas Ignotas +Date: Thu, 9 Mar 2017 02:54:53 +0200 +Subject: [PATCH] util/disk_cache: fix size subtraction on 32bit + +Negating size_t on 32bit produces a 32bit result. This was effectively +adding values close to UINT_MAX to the cache size (the files are usually +small) instead of intended subtraction. +Fixes 'make check' disk_cache failures on 32bit. + +Signed-off-by: Grazvydas Ignotas +Reviewed-by: Timothy Arceri +--- + src/util/disk_cache.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/util/disk_cache.c b/src/util/disk_cache.c +index 5470688df3..facdcecf7c 100644 +--- a/src/util/disk_cache.c ++++ b/src/util/disk_cache.c +@@ -603,7 +603,7 @@ evict_random_item(struct disk_cache *cache) + free(dir_path); + + if (size) { +- p_atomic_add(cache->size, - size); ++ p_atomic_add(cache->size, - (uint64_t)size); + return; + } + +@@ -624,7 +624,7 @@ evict_random_item(struct disk_cache *cache) + free(dir_path); + + if (size) +- p_atomic_add(cache->size, - size); ++ p_atomic_add(cache->size, - (uint64_t)size); + } + + void +#@@ -646,7 +646,7 @@ disk_cache_remove(struct disk_cache *cache, const cache_key key) +# free(filename); +# +# if (sb.st_size) +#- p_atomic_add(cache->size, - sb.st_size); +#+ p_atomic_add(cache->size, - (uint64_t)sb.st_size); +# } +# +# /* From the zlib docs: +-- +2.12.2 + -- cgit v1.2.3 From 90d118cab67c1171f78dbb8b0ef0282b12695579 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 19 Apr 2017 19:10:53 -0400 Subject: gnu: Delete unused patches. * gnu/packages/patches/icu4c-CVE-2014-6585.patch, gnu/packages/patches/icu4c-CVE-2015-1270.patch, gnu/packages/patches/icu4c-CVE-2015-4760.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 3 - gnu/packages/patches/icu4c-CVE-2014-6585.patch | 21 --- gnu/packages/patches/icu4c-CVE-2015-1270.patch | 15 -- gnu/packages/patches/icu4c-CVE-2015-4760.patch | 189 ------------------------- 4 files changed, 228 deletions(-) delete mode 100644 gnu/packages/patches/icu4c-CVE-2014-6585.patch delete mode 100644 gnu/packages/patches/icu4c-CVE-2015-1270.patch delete mode 100644 gnu/packages/patches/icu4c-CVE-2015-4760.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 9fd5b0f45c..6e0c3eb42a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -657,9 +657,6 @@ dist_patch_DATA = \ %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-binutils.patch \ - %D%/packages/patches/icu4c-CVE-2014-6585.patch \ - %D%/packages/patches/icu4c-CVE-2015-1270.patch \ - %D%/packages/patches/icu4c-CVE-2015-4760.patch \ %D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ diff --git a/gnu/packages/patches/icu4c-CVE-2014-6585.patch b/gnu/packages/patches/icu4c-CVE-2014-6585.patch deleted file mode 100644 index d21a0d0ba1..0000000000 --- a/gnu/packages/patches/icu4c-CVE-2014-6585.patch +++ /dev/null @@ -1,21 +0,0 @@ -Copied from Debian. - -description: out-of-bounds read -origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585 - ---- a/source/layout/LETableReference.h -+++ b/source/layout/LETableReference.h -@@ -322,7 +322,12 @@ LE_TRACE_TR("INFO: new RTAO") - } - - const T& operator()(le_uint32 i, LEErrorCode &success) const { -- return *getAlias(i,success); -+ const T *ret = getAlias(i,success); -+ if (LE_FAILURE(success) || ret==NULL) { -+ return *(new T()); -+ } else { -+ return *ret; -+ } - } - - size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const { diff --git a/gnu/packages/patches/icu4c-CVE-2015-1270.patch b/gnu/packages/patches/icu4c-CVE-2015-1270.patch deleted file mode 100644 index 2a7658d36e..0000000000 --- a/gnu/packages/patches/icu4c-CVE-2015-1270.patch +++ /dev/null @@ -1,15 +0,0 @@ -Copied from Debian. - -diff --git a/source/common/ucnv_io.cpp b/source/common/ucnv_io.cpp -index 5dd35d8..4424664 100644 ---- a/source/common/ucnv_io.cpp -+++ b/source/common/ucnv_io.cpp -@@ -744,7 +744,7 @@ ucnv_io_getConverterName(const char *alias, UBool *containsOption, UErrorCode *p - * the name begins with 'x-'. If it does, strip it off and try - * again. This behaviour is similar to how ICU4J does it. - */ -- if (aliasTmp[0] == 'x' || aliasTmp[1] == '-') { -+ if (aliasTmp[0] == 'x' && aliasTmp[1] == '-') { - aliasTmp = aliasTmp+2; - } else { - break; diff --git a/gnu/packages/patches/icu4c-CVE-2015-4760.patch b/gnu/packages/patches/icu4c-CVE-2015-4760.patch deleted file mode 100644 index 77da283b7b..0000000000 --- a/gnu/packages/patches/icu4c-CVE-2015-4760.patch +++ /dev/null @@ -1,189 +0,0 @@ -Copied from Debian. - -Description: missing boundary checks in layout engine - It was discovered that ICU Layout Engine was missing multiple boundary checks. - These could lead to buffer overflows and memory corruption. A specially - crafted file could cause an application using ICU to parse untrusted font - files to crash and, possibly, execute arbitrary code. -Author: Laszlo Boszormenyi (GCS) -Origin: upstream, http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/3f9845510b47 -Reviewed-By: srl, bae, mschoene -Forwarded: not-needed -Last-Update: 2015-07-30 - ---- - ---- icu-52.1.orig/source/layout/ContextualGlyphInsertionProc2.cpp -+++ icu-52.1/source/layout/ContextualGlyphInsertionProc2.cpp -@@ -82,6 +82,10 @@ le_uint16 ContextualGlyphInsertionProces - - le_int16 markIndex = SWAPW(entry->markedInsertionListIndex); - if (markIndex > 0) { -+ if (markGlyph < 0 || markGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } - le_int16 count = (flags & cgiMarkedInsertCountMask) >> 5; - le_bool isKashidaLike = (flags & cgiMarkedIsKashidaLike); - le_bool isBefore = (flags & cgiMarkInsertBefore); -@@ -90,6 +94,10 @@ le_uint16 ContextualGlyphInsertionProces - - le_int16 currIndex = SWAPW(entry->currentInsertionListIndex); - if (currIndex > 0) { -+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } - le_int16 count = flags & cgiCurrentInsertCountMask; - le_bool isKashidaLike = (flags & cgiCurrentIsKashidaLike); - le_bool isBefore = (flags & cgiCurrentInsertBefore); ---- icu-52.1.orig/source/layout/ContextualGlyphSubstProc.cpp -+++ icu-52.1/source/layout/ContextualGlyphSubstProc.cpp -@@ -51,6 +51,10 @@ ByteOffset ContextualGlyphSubstitutionPr - WordOffset currOffset = SWAPW(entry->currOffset); - - if (markOffset != 0 && LE_SUCCESS(success)) { -+ if (markGlyph < 0 || markGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } - LEGlyphID mGlyph = glyphStorage[markGlyph]; - TTGlyphID newGlyph = SWAPW(int16Table.getObject(markOffset + LE_GET_GLYPH(mGlyph), success)); // whew. - -@@ -58,6 +62,10 @@ ByteOffset ContextualGlyphSubstitutionPr - } - - if (currOffset != 0) { -+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } - LEGlyphID thisGlyph = glyphStorage[currGlyph]; - TTGlyphID newGlyph = SWAPW(int16Table.getObject(currOffset + LE_GET_GLYPH(thisGlyph), success)); // whew. - ---- icu-52.1.orig/source/layout/ContextualGlyphSubstProc2.cpp -+++ icu-52.1/source/layout/ContextualGlyphSubstProc2.cpp -@@ -45,17 +45,25 @@ le_uint16 ContextualGlyphSubstitutionPro - if(LE_FAILURE(success)) return 0; - le_uint16 newState = SWAPW(entry->newStateIndex); - le_uint16 flags = SWAPW(entry->flags); -- le_int16 markIndex = SWAPW(entry->markIndex); -- le_int16 currIndex = SWAPW(entry->currIndex); -+ le_uint16 markIndex = SWAPW(entry->markIndex); -+ le_uint16 currIndex = SWAPW(entry->currIndex); - -- if (markIndex != -1) { -+ if (markIndex != 0x0FFFF) { -+ if (markGlyph < 0 || markGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } - le_uint32 offset = SWAPL(perGlyphTable(markIndex, success)); - LEGlyphID mGlyph = glyphStorage[markGlyph]; - TTGlyphID newGlyph = lookup(offset, mGlyph, success); - glyphStorage[markGlyph] = LE_SET_GLYPH(mGlyph, newGlyph); - } - -- if (currIndex != -1) { -+ if (currIndex != 0x0FFFF) { -+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } - le_uint32 offset = SWAPL(perGlyphTable(currIndex, success)); - LEGlyphID thisGlyph = glyphStorage[currGlyph]; - TTGlyphID newGlyph = lookup(offset, thisGlyph, success); ---- icu-52.1.orig/source/layout/IndicRearrangementProcessor.cpp -+++ icu-52.1/source/layout/IndicRearrangementProcessor.cpp -@@ -45,6 +45,11 @@ ByteOffset IndicRearrangementProcessor:: - ByteOffset newState = SWAPW(entry->newStateOffset); - IndicRearrangementFlags flags = (IndicRearrangementFlags) SWAPW(entry->flags); - -+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } -+ - if (flags & irfMarkFirst) { - firstGlyph = currGlyph; - } ---- icu-52.1.orig/source/layout/IndicRearrangementProcessor2.cpp -+++ icu-52.1/source/layout/IndicRearrangementProcessor2.cpp -@@ -43,6 +43,11 @@ le_uint16 IndicRearrangementProcessor2:: - le_uint16 newState = SWAPW(entry->newStateIndex); // index to the new state - IndicRearrangementFlags flags = (IndicRearrangementFlags) SWAPW(entry->flags); - -+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) { -+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; -+ return 0; -+ } -+ - if (flags & irfMarkFirst) { - firstGlyph = currGlyph; - } ---- icu-52.1.orig/source/layout/LigatureSubstProc.cpp -+++ icu-52.1/source/layout/LigatureSubstProc.cpp -@@ -48,7 +48,7 @@ ByteOffset LigatureSubstitutionProcessor - const LigatureSubstitutionStateEntry *entry = entryTable.getAlias(index, success); - - ByteOffset newState = SWAPW(entry->newStateOffset); -- le_int16 flags = SWAPW(entry->flags); -+ le_uint16 flags = SWAPW(entry->flags); - - if (flags & lsfSetComponent) { - if (++m >= nComponents) { ---- icu-52.1.orig/source/layout/StateTableProcessor.cpp -+++ icu-52.1/source/layout/StateTableProcessor.cpp -@@ -60,6 +60,7 @@ void StateTableProcessor::process(LEGlyp - if (currGlyph == glyphCount) { - // XXX: How do we handle EOT vs. EOL? - classCode = classCodeEOT; -+ break; - } else { - TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(glyphStorage[currGlyph]); - ---- icu-52.1.orig/source/layout/StateTableProcessor2.cpp -+++ icu-52.1/source/layout/StateTableProcessor2.cpp -@@ -78,6 +78,7 @@ void StateTableProcessor2::process(LEGly - if (currGlyph == glyphCount || currGlyph == -1) { - // XXX: How do we handle EOT vs. EOL? - classCode = classCodeEOT; -+ break; - } else { - LEGlyphID gid = glyphStorage[currGlyph]; - TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(gid); -@@ -109,6 +110,7 @@ void StateTableProcessor2::process(LEGly - if (currGlyph == glyphCount || currGlyph == -1) { - // XXX: How do we handle EOT vs. EOL? - classCode = classCodeEOT; -+ break; - } else { - LEGlyphID gid = glyphStorage[currGlyph]; - TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(gid); -@@ -146,6 +148,7 @@ void StateTableProcessor2::process(LEGly - if (currGlyph == glyphCount || currGlyph == -1) { - // XXX: How do we handle EOT vs. EOL? - classCode = classCodeEOT; -+ break; - } else if(currGlyph > glyphCount) { - // note if > glyphCount, we've run off the end (bad font) - currGlyph = glyphCount; -@@ -186,6 +189,7 @@ void StateTableProcessor2::process(LEGly - if (currGlyph == glyphCount || currGlyph == -1) { - // XXX: How do we handle EOT vs. EOL? - classCode = classCodeEOT; -+ break; - } else { - TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(glyphStorage[currGlyph]); - if (glyphCode == 0xFFFF) { ---- icu-52.1.orig/source/layout/StateTables.h -+++ icu-52.1/source/layout/StateTables.h -@@ -101,7 +101,7 @@ typedef le_uint8 EntryTableIndex; - struct StateEntry - { - ByteOffset newStateOffset; -- le_int16 flags; -+ le_uint16 flags; - }; - - typedef le_uint16 EntryTableIndex2; -- cgit v1.2.3 From e795a3d2ce482d808f94e5be148e90d81c3765e0 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 19 Apr 2017 19:22:50 -0400 Subject: gnu: icu4c: Fix CVE-2017-{7867,7868}. * gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/icu4c.scm (icu4c/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/icu4c.scm | 3 +- .../icu4c-CVE-2017-7867-CVE-2017-7868.patch | 164 +++++++++++++++++++++ 3 files changed, 167 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 6e0c3eb42a..90268c4856 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -657,6 +657,7 @@ dist_patch_DATA = \ %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-binutils.patch \ + %D%/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch \ %D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 2b51441002..9f465b1022 100644 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -73,4 +73,5 @@ C/C++ part.") (source (origin (inherit (package-source icu4c)) (patches - (search-patches "icu4c-reset-keyword-list-iterator.patch")))))) + (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch" + "icu4c-reset-keyword-list-iterator.patch")))))) diff --git a/gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch b/gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch new file mode 100644 index 0000000000..4db8f27998 --- /dev/null +++ b/gnu/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch @@ -0,0 +1,164 @@ +Fix CVE-2017-7867 and CVE-2017-7868: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868 + +Patch copied from upstream source repository: + +http://bugs.icu-project.org/trac/changeset/39671 + +Index: icu/source/common/utext.cpp +=================================================================== +--- icu/source/common/utext.cpp (revision 39670) ++++ icu/source/common/utext.cpp (revision 39671) +@@ -848,7 +848,13 @@ + + // Chunk size. +-// Must be less than 85, because of byte mapping from UChar indexes to native indexes. +-// Worst case is three native bytes to one UChar. (Supplemenaries are 4 native bytes +-// to two UChars.) ++// Must be less than 42 (256/6), because of byte mapping from UChar indexes to native indexes. ++// Worst case there are six UTF-8 bytes per UChar. ++// obsolete 6 byte form fd + 5 trails maps to fffd ++// obsolete 5 byte form fc + 4 trails maps to fffd ++// non-shortest 4 byte forms maps to fffd ++// normal supplementaries map to a pair of utf-16, two utf8 bytes per utf-16 unit ++// mapToUChars array size must allow for the worst case, 6. ++// This could be brought down to 4, by treating fd and fc as pure illegal, ++// rather than obsolete lead bytes. But that is not compatible with the utf-8 access macros. + // + enum { UTF8_TEXT_CHUNK_SIZE=32 }; +@@ -890,5 +896,5 @@ + // one for a supplementary starting in the last normal position, + // and one for an entry for the buffer limit position. +- uint8_t mapToUChars[UTF8_TEXT_CHUNK_SIZE*3+6]; // Map native offset from bufNativeStart to ++ uint8_t mapToUChars[UTF8_TEXT_CHUNK_SIZE*6+6]; // Map native offset from bufNativeStart to + // correspoding offset in filled part of buf. + int32_t align; +@@ -1033,4 +1039,5 @@ + u8b = (UTF8Buf *)ut->p; // the current buffer + mapIndex = ix - u8b->toUCharsMapStart; ++ U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars)); + ut->chunkOffset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx; + return TRUE; +@@ -1299,4 +1306,8 @@ + // If index is at the end, there is no character there to look at. + if (ix != ut->b) { ++ // Note: this function will only move the index back if it is on a trail byte ++ // and there is a preceding lead byte and the sequence from the lead ++ // through this trail could be part of a valid UTF-8 sequence ++ // Otherwise the index remains unchanged. + U8_SET_CP_START(s8, 0, ix); + } +@@ -1312,5 +1323,8 @@ + uint8_t *mapToNative = u8b->mapToNative; + uint8_t *mapToUChars = u8b->mapToUChars; +- int32_t toUCharsMapStart = ix - (UTF8_TEXT_CHUNK_SIZE*3 + 1); ++ int32_t toUCharsMapStart = ix - sizeof(UTF8Buf::mapToUChars) + 1; ++ // Note that toUCharsMapStart can be negative. Happens when the remaining ++ // text from current position to the beginning is less than the buffer size. ++ // + 1 because mapToUChars must have a slot at the end for the bufNativeLimit entry. + int32_t destIx = UTF8_TEXT_CHUNK_SIZE+2; // Start in the overflow region + // at end of buffer to leave room +@@ -1339,4 +1353,5 @@ + // Special case ASCII range for speed. + buf[destIx] = (UChar)c; ++ U_ASSERT(toUCharsMapStart <= srcIx); + mapToUChars[srcIx - toUCharsMapStart] = (uint8_t)destIx; + mapToNative[destIx] = (uint8_t)(srcIx - toUCharsMapStart); +@@ -1368,4 +1383,5 @@ + mapToUChars[sIx-- - toUCharsMapStart] = (uint8_t)destIx; + } while (sIx >= srcIx); ++ U_ASSERT(toUCharsMapStart <= (srcIx+1)); + + // Set native indexing limit to be the current position. +@@ -1542,4 +1558,5 @@ + U_ASSERT(index<=ut->chunkNativeLimit); + int32_t mapIndex = index - u8b->toUCharsMapStart; ++ U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars)); + int32_t offset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx; + U_ASSERT(offset>=0 && offset<=ut->chunkLength); +Index: icu/source/test/intltest/utxttest.cpp +=================================================================== +--- icu/source/test/intltest/utxttest.cpp (revision 39670) ++++ icu/source/test/intltest/utxttest.cpp (revision 39671) +@@ -68,4 +68,6 @@ + case 7: name = "Ticket12130"; + if (exec) Ticket12130(); break; ++ case 8: name = "Ticket12888"; ++ if (exec) Ticket12888(); break; + default: name = ""; break; + } +@@ -1584,2 +1586,62 @@ + utext_close(&ut); + } ++ ++// Ticket 12888: bad handling of illegal utf-8 containing many instances of the archaic, now illegal, ++// six byte utf-8 forms. Original implementation had an assumption that ++// there would be at most three utf-8 bytes per UTF-16 code unit. ++// The five and six byte sequences map to a single replacement character. ++ ++void UTextTest::Ticket12888() { ++ const char *badString = ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80" ++ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"; ++ ++ UErrorCode status = U_ZERO_ERROR; ++ LocalUTextPointer ut(utext_openUTF8(NULL, badString, -1, &status)); ++ TEST_SUCCESS(status); ++ for (;;) { ++ UChar32 c = utext_next32(ut.getAlias()); ++ if (c == U_SENTINEL) { ++ break; ++ } ++ } ++ int32_t endIdx = utext_getNativeIndex(ut.getAlias()); ++ if (endIdx != (int32_t)strlen(badString)) { ++ errln("%s:%d expected=%d, actual=%d", __FILE__, __LINE__, strlen(badString), endIdx); ++ return; ++ } ++ ++ for (int32_t prevIndex = endIdx; prevIndex>0;) { ++ UChar32 c = utext_previous32(ut.getAlias()); ++ int32_t currentIndex = utext_getNativeIndex(ut.getAlias()); ++ if (c != 0xfffd) { ++ errln("%s:%d (expected, actual, index) = (%d, %d, %d)\n", ++ __FILE__, __LINE__, 0xfffd, c, currentIndex); ++ break; ++ } ++ if (currentIndex != prevIndex - 6) { ++ errln("%s:%d: wrong index. Expected, actual = %d, %d", ++ __FILE__, __LINE__, prevIndex - 6, currentIndex); ++ break; ++ } ++ prevIndex = currentIndex; ++ } ++} +Index: icu/source/test/intltest/utxttest.h +=================================================================== +--- icu/source/test/intltest/utxttest.h (revision 39670) ++++ icu/source/test/intltest/utxttest.h (revision 39671) +@@ -39,4 +39,5 @@ + void Ticket10983(); + void Ticket12130(); ++ void Ticket12888(); + + private: -- cgit v1.2.3 From dfa663c963a7c0745f18cbfab4b45eb335742602 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 7 Apr 2017 09:03:28 -0400 Subject: gnu: qemu: Update to 2.9.0 [security fixes]. Fixes CVE-2017-{5857,5973,5987,6058,6505,7377,7471,7718}. * gnu/packages/qemu.scm (qemu): Update to 2.9.0. [source]: Remove obsolete patches. * gnu/packages/patches/qemu-CVE-2016-10155.patch, gnu/packages/patches/qemu-CVE-2017-5525.patch, gnu/packages/patches/qemu-CVE-2017-5526.patch, gnu/packages/patches/qemu-CVE-2017-5552.patch, gnu/packages/patches/qemu-CVE-2017-5578.patch, gnu/packages/patches/qemu-CVE-2017-5579.patch, gnu/packages/patches/qemu-CVE-2017-5856.patch, gnu/packages/patches/qemu-CVE-2017-5898.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 8 --- gnu/packages/patches/qemu-CVE-2016-10155.patch | 49 ------------------- gnu/packages/patches/qemu-CVE-2017-5525.patch | 55 --------------------- gnu/packages/patches/qemu-CVE-2017-5526.patch | 58 ---------------------- gnu/packages/patches/qemu-CVE-2017-5552.patch | 44 ----------------- gnu/packages/patches/qemu-CVE-2017-5578.patch | 39 --------------- gnu/packages/patches/qemu-CVE-2017-5579.patch | 44 ----------------- gnu/packages/patches/qemu-CVE-2017-5856.patch | 68 -------------------------- gnu/packages/patches/qemu-CVE-2017-5898.patch | 44 ----------------- gnu/packages/qemu.scm | 13 +---- 10 files changed, 2 insertions(+), 420 deletions(-) delete mode 100644 gnu/packages/patches/qemu-CVE-2016-10155.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5525.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5526.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5552.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5578.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5579.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5856.patch delete mode 100644 gnu/packages/patches/qemu-CVE-2017-5898.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 90268c4856..f38126251f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -898,14 +898,6 @@ dist_patch_DATA = \ %D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \ %D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \ %D%/packages/patches/python2-subprocess32-disable-input-test.patch \ - %D%/packages/patches/qemu-CVE-2016-10155.patch \ - %D%/packages/patches/qemu-CVE-2017-5525.patch \ - %D%/packages/patches/qemu-CVE-2017-5526.patch \ - %D%/packages/patches/qemu-CVE-2017-5552.patch \ - %D%/packages/patches/qemu-CVE-2017-5578.patch \ - %D%/packages/patches/qemu-CVE-2017-5579.patch \ - %D%/packages/patches/qemu-CVE-2017-5856.patch \ - %D%/packages/patches/qemu-CVE-2017-5898.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2016-10155.patch b/gnu/packages/patches/qemu-CVE-2016-10155.patch deleted file mode 100644 index 825edaa815..0000000000 --- a/gnu/packages/patches/qemu-CVE-2016-10155.patch +++ /dev/null @@ -1,49 +0,0 @@ -From eb7a20a3616085d46aa6b4b4224e15587ec67e6e Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Mon, 28 Nov 2016 17:49:04 -0800 -Subject: [PATCH] watchdog: 6300esb: add exit function - -When the Intel 6300ESB watchdog is hot unplug. The timer allocated -in realize isn't freed thus leaking memory leak. This patch avoid -this through adding the exit function. - -http://git.qemu.org/?p=qemu.git;a=patch;h=eb7a20a3616085d46aa6b4b4224e15587ec67e6e -this patch is from qemu-git. - -Signed-off-by: Li Qiang -Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com> -Signed-off-by: Paolo Bonzini ---- - hw/watchdog/wdt_i6300esb.c | 9 +++++++++ - 1 files changed, 9 insertions(+), 0 deletions(-) - -diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c -index a83d951..49b3cd1 100644 ---- a/hw/watchdog/wdt_i6300esb.c -+++ b/hw/watchdog/wdt_i6300esb.c -@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp) - /* qemu_register_coalesced_mmio (addr, 0x10); ? */ - } - -+static void i6300esb_exit(PCIDevice *dev) -+{ -+ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev); -+ -+ timer_del(d->timer); -+ timer_free(d->timer); -+} -+ - static WatchdogTimerModel model = { - .wdt_name = "i6300esb", - .wdt_description = "Intel 6300ESB", -@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data) - k->config_read = i6300esb_config_read; - k->config_write = i6300esb_config_write; - k->realize = i6300esb_realize; -+ k->exit = i6300esb_exit; - k->vendor_id = PCI_VENDOR_ID_INTEL; - k->device_id = PCI_DEVICE_ID_INTEL_ESB_9; - k->class_id = PCI_CLASS_SYSTEM_OTHER; --- -1.7.0.4 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5525.patch b/gnu/packages/patches/qemu-CVE-2017-5525.patch deleted file mode 100644 index d0c0c82a4a..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5525.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 12351a91da97b414eec8cdb09f1d9f41e535a401 Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 14 Dec 2016 18:30:21 -0800 -Subject: [PATCH] audio: ac97: add exit function -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -http://git.qemu.org/?p=qemu.git;a=patch;h=12351a91da97b414eec8cdb09f1d9f41e535a401 -this patch is from qemu-git - -Currently the ac97 device emulation doesn't have a exit function, -hot unplug this device will leak some memory. Add a exit function to -avoid this. - -Signed-off-by: Li Qiang -Reviewed-by: Marc-André Lureau -Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com -Signed-off-by: Gerd Hoffmann ---- - hw/audio/ac97.c | 11 +++++++++++ - 1 files changed, 11 insertions(+), 0 deletions(-) - -diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c -index cbd959e..c306575 100644 ---- a/hw/audio/ac97.c -+++ b/hw/audio/ac97.c -@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp) - ac97_on_reset (&s->dev.qdev); - } - -+static void ac97_exit(PCIDevice *dev) -+{ -+ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev); -+ -+ AUD_close_in(&s->card, s->voice_pi); -+ AUD_close_out(&s->card, s->voice_po); -+ AUD_close_in(&s->card, s->voice_mc); -+ AUD_remove_card(&s->card); -+} -+ - static int ac97_init (PCIBus *bus) - { - pci_create_simple (bus, -1, "AC97"); -@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data) - PCIDeviceClass *k = PCI_DEVICE_CLASS (klass); - - k->realize = ac97_realize; -+ k->exit = ac97_exit; - k->vendor_id = PCI_VENDOR_ID_INTEL; - k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5; - k->revision = 0x01; --- -1.7.0.4 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5526.patch b/gnu/packages/patches/qemu-CVE-2017-5526.patch deleted file mode 100644 index 5a6d796458..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5526.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 14 Dec 2016 18:32:22 -0800 -Subject: [PATCH] audio: es1370: add exit function -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -http://git.qemu.org/?p=qemu.git;a=patch;h=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da -this patch is from qemu-git. - -Currently the es1370 device emulation doesn't have a exit function, -hot unplug this device will leak some memory. Add a exit function to -avoid this. - -Signed-off-by: Li Qiang -Reviewed-by: Marc-André Lureau -Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com -Signed-off-by: Gerd Hoffmann ---- - hw/audio/es1370.c | 14 ++++++++++++++ - 1 files changed, 14 insertions(+), 0 deletions(-) - -diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c -index 8449b5f..883ec69 100644 ---- a/hw/audio/es1370.c -+++ b/hw/audio/es1370.c -@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp) - es1370_reset (s); - } - -+static void es1370_exit(PCIDevice *dev) -+{ -+ ES1370State *s = ES1370(dev); -+ int i; -+ -+ for (i = 0; i < 2; ++i) { -+ AUD_close_out(&s->card, s->dac_voice[i]); -+ } -+ -+ AUD_close_in(&s->card, s->adc_voice); -+ AUD_remove_card(&s->card); -+} -+ - static int es1370_init (PCIBus *bus) - { - pci_create_simple (bus, -1, TYPE_ES1370); -@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data) - PCIDeviceClass *k = PCI_DEVICE_CLASS (klass); - - k->realize = es1370_realize; -+ k->exit = es1370_exit; - k->vendor_id = PCI_VENDOR_ID_ENSONIQ; - k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370; - k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO; --- -1.7.0.4 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5552.patch b/gnu/packages/patches/qemu-CVE-2017-5552.patch deleted file mode 100644 index 50911f4f36..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5552.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 33243031dad02d161225ba99d782616da133f689 Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Thu, 29 Dec 2016 03:11:26 -0500 -Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -If the virgl_renderer_resource_attach_iov function fails the -'res_iovs' will be leaked. Add check of the return value to -free the 'res_iovs' when failing. - -http://git.qemu.org/?p=qemu.git;a=patch;h=33243031dad02d161225ba99d782616da133f689 -this patch is from qemu-git. - -Signed-off-by: Li Qiang -Reviewed-by: Marc-André Lureau -Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com -Signed-off-by: Gerd Hoffmann ---- - hw/display/virtio-gpu-3d.c | 7 +++++-- - 1 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c -index e29f099..b13ced3 100644 ---- a/hw/display/virtio-gpu-3d.c -+++ b/hw/display/virtio-gpu-3d.c -@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g, - return; - } - -- virgl_renderer_resource_attach_iov(att_rb.resource_id, -- res_iovs, att_rb.nr_entries); -+ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id, -+ res_iovs, att_rb.nr_entries); -+ -+ if (ret != 0) -+ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries); - } - - static void virgl_resource_detach_backing(VirtIOGPU *g, --- -1.7.0.4 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5578.patch b/gnu/packages/patches/qemu-CVE-2017-5578.patch deleted file mode 100644 index 05655bcd98..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5578.patch +++ /dev/null @@ -1,39 +0,0 @@ -http://git.qemu.org/?p=qemu.git;a=patch;h=204f01b30975923c64006f8067f0937b91eea68b -this patch is from qemu-git. - - -From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Thu, 29 Dec 2016 04:28:41 -0500 -Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing - -In the resource attach backing function, everytime it will -allocate 'res->iov' thus can leading a memory leak. This -patch avoid this. - -Signed-off-by: Li Qiang -Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com -Signed-off-by: Gerd Hoffmann ---- - hw/display/virtio-gpu.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c -index 6a26258cac..ca88cf478d 100644 ---- a/hw/display/virtio-gpu.c -+++ b/hw/display/virtio-gpu.c -@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g, - return; - } - -+ if (res->iov) { -+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; -+ return; -+ } -+ - ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov); - if (ret != 0) { - cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; --- -2.11.0 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5579.patch b/gnu/packages/patches/qemu-CVE-2017-5579.patch deleted file mode 100644 index 7630012d54..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5579.patch +++ /dev/null @@ -1,44 +0,0 @@ -http://git.qemu.org/?p=qemu.git;a=patch;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b -this patch is from qemu-git. - - -From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001 -From: Li Qiang -Date: Wed, 4 Jan 2017 00:43:16 -0800 -Subject: [PATCH] serial: fix memory leak in serial exit - -The serial_exit_core function doesn't free some resources. -This can lead memory leak when hotplug and unplug. This -patch avoid this. - -Signed-off-by: Li Qiang -Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com> -Signed-off-by: Paolo Bonzini ---- - hw/char/serial.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/hw/char/serial.c b/hw/char/serial.c -index ffbacd8227..67b18eda12 100644 ---- a/hw/char/serial.c -+++ b/hw/char/serial.c -@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp) - void serial_exit_core(SerialState *s) - { - qemu_chr_fe_deinit(&s->chr); -+ -+ timer_del(s->modem_status_poll); -+ timer_free(s->modem_status_poll); -+ -+ timer_del(s->fifo_timeout_timer); -+ timer_free(s->fifo_timeout_timer); -+ -+ fifo8_destroy(&s->recv_fifo); -+ fifo8_destroy(&s->xmit_fifo); -+ - qemu_unregister_reset(serial_reset, s); - } - --- -2.11.0 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5856.patch b/gnu/packages/patches/qemu-CVE-2017-5856.patch deleted file mode 100644 index bee0824c0a..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5856.patch +++ /dev/null @@ -1,68 +0,0 @@ -http://git.qemu.org/?p=qemu.git;a=patch;h=765a707000e838c30b18d712fe6cb3dd8e0435f3 -this patch is from qemu-git. - - -From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001 -From: Paolo Bonzini -Date: Mon, 2 Jan 2017 11:03:33 +0100 -Subject: [PATCH] megasas: fix guest-triggered memory leak - -If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd -will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory. -Avoid this by returning only the status from map_dcmd, and loading -cmd->iov_size in the caller. - -Reported-by: Li Qiang -Signed-off-by: Paolo Bonzini ---- - hw/scsi/megasas.c | 11 ++++++----- - 1 files changed, 6 insertions(+), 5 deletions(-) - -diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c -index 67fc1e7..6233865 100644 ---- a/hw/scsi/megasas.c -+++ b/hw/scsi/megasas.c -@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd) - trace_megasas_dcmd_invalid_sge(cmd->index, - cmd->frame->header.sge_count); - cmd->iov_size = 0; -- return -1; -+ return -EINVAL; - } - iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl); - iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl); - pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1); - qemu_sglist_add(&cmd->qsg, iov_pa, iov_size); - cmd->iov_size = iov_size; -- return cmd->iov_size; -+ return 0; - } - - static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size) -@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t { - - static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd) - { -- int opcode, len; -+ int opcode; - int retval = 0; -+ size_t len; - const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl; - - opcode = le32_to_cpu(cmd->frame->dcmd.opcode); - trace_megasas_handle_dcmd(cmd->index, opcode); -- len = megasas_map_dcmd(s, cmd); -- if (len < 0) { -+ if (megasas_map_dcmd(s, cmd) < 0) { - return MFI_STAT_MEMORY_NOT_AVAILABLE; - } - while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) { - cmdptr++; - } -+ len = cmd->iov_size; - if (cmdptr->opcode == -1) { - trace_megasas_dcmd_unhandled(cmd->index, opcode, len); - retval = megasas_dcmd_dummy(s, cmd); --- -1.7.0.4 - diff --git a/gnu/packages/patches/qemu-CVE-2017-5898.patch b/gnu/packages/patches/qemu-CVE-2017-5898.patch deleted file mode 100644 index 5a94bb1ae4..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-5898.patch +++ /dev/null @@ -1,44 +0,0 @@ -Fix CVE-2017-5898 (integer overflow in emulated_apdu_from_guest): - -http://seclists.org/oss-sec/2017/q1/328 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5898 - -Patch copied from upstream source repository: - -http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=c7dfbf322595ded4e70b626bf83158a9f3807c6a - -From c7dfbf322595ded4e70b626bf83158a9f3807c6a Mon Sep 17 00:00:00 2001 -From: Prasad J Pandit -Date: Fri, 3 Feb 2017 00:52:28 +0530 -Subject: [PATCH] usb: ccid: check ccid apdu length - -CCID device emulator uses Application Protocol Data Units(APDU) -to exchange command and responses to and from the host. -The length in these units couldn't be greater than 65536. Add -check to ensure the same. It'd also avoid potential integer -overflow in emulated_apdu_from_guest. - -Reported-by: Li Qiang -Signed-off-by: Prasad J Pandit -Message-id: 20170202192228.10847-1-ppandit@redhat.com -Signed-off-by: Gerd Hoffmann ---- - hw/usb/dev-smartcard-reader.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c -index 89e11b68c4..1325ea1659 100644 ---- a/hw/usb/dev-smartcard-reader.c -+++ b/hw/usb/dev-smartcard-reader.c -@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv) - DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__, - recv->hdr.bSeq, len); - ccid_add_pending_answer(s, (CCID_Header *)recv); -- if (s->card) { -+ if (s->card && len <= BULK_OUT_DATA_SIZE) { - ccid_card_apdu_from_guest(s->card, recv->abData, len); - } else { - DPRINTF(s, D_WARN, "warning: discarded apdu\n"); --- -2.11.1 - diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index e0b4695f3a..82367269ff 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -69,23 +69,14 @@ (define-public qemu (package (name "qemu") - (version "2.8.1") + (version "2.9.0") (source (origin (method url-fetch) (uri (string-append "http://wiki.qemu-project.org/download/qemu-" version ".tar.xz")) (sha256 (base32 - "0h342v4n44kh89yyfas4iazvhhsy5m5qk94vsjqpz5zpq1i2ykad")) - (patches (search-patches "qemu-CVE-2016-10155.patch" - "qemu-CVE-2017-5525.patch" - "qemu-CVE-2017-5526.patch" - "qemu-CVE-2017-5552.patch" - "qemu-CVE-2017-5578.patch" - "qemu-CVE-2017-5579.patch" - "qemu-CVE-2017-5856.patch" - "qemu-CVE-2017-5898.patch" - )))) + "08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h")))) (build-system gnu-build-system) (arguments '(;; Running tests in parallel can occasionally lead to failures, like: -- cgit v1.2.3 From f920e79426f51f1320dd4ffc164fc473df2158c3 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Thu, 20 Apr 2017 22:06:00 -0500 Subject: gnu: hypre: Delete unused patches. * gnu/packages/patches/hypre-doc-tables.patch, gnu/packages/patches/hypre-ldflags.patch: Delete. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 2 -- gnu/packages/patches/hypre-doc-tables.patch | 25 ------------------------- gnu/packages/patches/hypre-ldflags.patch | 9 --------- 3 files changed, 36 deletions(-) delete mode 100644 gnu/packages/patches/hypre-doc-tables.patch delete mode 100644 gnu/packages/patches/hypre-ldflags.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f38126251f..d7dadf8296 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -653,8 +653,6 @@ dist_patch_DATA = \ %D%/packages/patches/hop-linker-flags.patch \ %D%/packages/patches/hubbub-sort-entities.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ - %D%/packages/patches/hypre-doc-tables.patch \ - %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-binutils.patch \ %D%/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch \ diff --git a/gnu/packages/patches/hypre-doc-tables.patch b/gnu/packages/patches/hypre-doc-tables.patch deleted file mode 100644 index 6a852ee78e..0000000000 --- a/gnu/packages/patches/hypre-doc-tables.patch +++ /dev/null @@ -1,25 +0,0 @@ -Fixes doc++'s treatment of tabular within a parameter block. - -From commit 883925f8a at http://github.com/LLNL/hypre - ---- hypre-2.10.1/src/parcsr_ls/HYPRE_parcsr_ls.h 2015-12-04 22:12:19.000000000 -0600 -+++ hypre-2.10.1/src/parcsr_ls/HYPRE_parcsr_ls.h 2016-03-16 09:02:58.547501336 -0500 -@@ -1154,8 +1154,6 @@ - * Set the symmetry parameter for the - * ParaSails preconditioner. - * -- * @param solver [IN] Preconditioner object for which to set symmetry parameter. -- * @param sym [IN] Value of the symmetry parameter: - * \begin{tabular}{|c|l|} \hline - * value & meaning \\ \hline - * 0 & nonsymmetric and/or indefinite problem, and nonsymmetric preconditioner\\ -@@ -1163,6 +1161,9 @@ - * 2 & nonsymmetric, definite problem, and SPD (factored) preconditioner \\ - * \hline - * \end{tabular} -+ * -+ * @param solver [IN] Preconditioner object for which to set symmetry parameter. -+ * @param sym [IN] Value of the symmetry parameter: - **/ - HYPRE_Int HYPRE_ParaSailsSetSym(HYPRE_Solver solver, - HYPRE_Int sym); diff --git a/gnu/packages/patches/hypre-ldflags.patch b/gnu/packages/patches/hypre-ldflags.patch deleted file mode 100644 index a94fafa463..0000000000 --- a/gnu/packages/patches/hypre-ldflags.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- hypre-2.10.1/src/lib/Makefile.orig 2016-03-11 16:04:03.740259228 -0600 -+++ hypre-2.10.1/src/lib/Makefile 2016-03-11 16:04:57.296260190 -0600 -@@ -107,5 +107,5 @@ - - libHYPRE.so: ${FILES_HYPRE} - @echo "Building $@ ... " -- ${BUILD_CC_SHARED} -o ${SONAME} ${FILES_HYPRE} ${SOLIBS} ${SHARED_SET_SONAME}${SONAME} ${SHARED_OPTIONS} -+ ${BUILD_CC_SHARED} ${LDFLAGS} -o ${SONAME} ${FILES_HYPRE} ${SOLIBS} ${SHARED_SET_SONAME}${SONAME} ${SHARED_OPTIONS} - ln -s ${SONAME} $@ -- cgit v1.2.3 From bab9a8ba0f285a811b7b36291bdc3db33b6c2b60 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 20 Apr 2017 15:10:54 -0400 Subject: gnu: graphite2: Add fixes for CVE-2017-5436 and other bugs. * gnu/packages/fontutils.scm (graphite2)[replacement]: New field. (graphite2/fixed): New variable. * gnu/packages/patches/graphite2-CVE-2017-5436.patch, gnu/packages/patches/graphite2-check-code-point-limit.patch, gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch, gnu/packages/patches/graphite2-non-linear-classes-even-number.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. --- gnu/local.mk | 4 + gnu/packages/fontutils.scm | 22 +++++ gnu/packages/patches/graphite2-CVE-2017-5436.patch | 25 ++++++ .../patches/graphite2-check-code-point-limit.patch | 50 ++++++++++++ .../graphite2-fix-32-bit-wrap-arounds.patch | 93 ++++++++++++++++++++++ .../graphite2-non-linear-classes-even-number.patch | 26 ++++++ 6 files changed, 220 insertions(+) create mode 100644 gnu/packages/patches/graphite2-CVE-2017-5436.patch create mode 100644 gnu/packages/patches/graphite2-check-code-point-limit.patch create mode 100644 gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch create mode 100644 gnu/packages/patches/graphite2-non-linear-classes-even-number.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index d7dadf8296..7681321ea3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -618,7 +618,11 @@ dist_patch_DATA = \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ + %D%/packages/patches/graphite2-CVE-2017-5436.patch \ + %D%/packages/patches/graphite2-check-code-point-limit.patch \ %D%/packages/patches/graphite2-ffloat-store.patch \ + %D%/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch \ + %D%/packages/patches/graphite2-non-linear-classes-even-number.patch \ %D%/packages/patches/grep-timing-sensitive-test.patch \ %D%/packages/patches/grub-CVE-2015-8370.patch \ %D%/packages/patches/grub-gets-undeclared.patch \ diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index 7e7234960d..cc6d1df597 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -376,6 +376,7 @@ applications should be.") (package (name "graphite2") (version "1.3.9") + (replacement graphite2/fixed) (source (origin (method url-fetch) @@ -400,6 +401,27 @@ and returns a sequence of positioned glyphids from the font.") (license license:lgpl2.1+) (home-page "https://github.com/silnrsi/graphite"))) +(define graphite2/fixed + (package + (inherit graphite2) + (name "graphite2") + (version "1.3.9") + (replacement #f) + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/silnrsi/graphite/releases/" + "download/" version "/" name "-" version ".tgz")) + (patches (search-patches + "graphite2-ffloat-store.patch" + "graphite2-check-code-point-limit.patch" + "graphite2-CVE-2017-5436.patch" + "graphite2-fix-32-bit-wrap-arounds.patch" + "graphite2-non-linear-classes-even-number.patch")) + (sha256 + (base32 + "0rs5h7m340z75kygx8d72cps0q6yvvqa9i788vym7585cfv8a0gc")))))) + (define-public potrace (package (name "potrace") diff --git a/gnu/packages/patches/graphite2-CVE-2017-5436.patch b/gnu/packages/patches/graphite2-CVE-2017-5436.patch new file mode 100644 index 0000000000..d7383ec8de --- /dev/null +++ b/gnu/packages/patches/graphite2-CVE-2017-5436.patch @@ -0,0 +1,25 @@ +From 1ce331d5548b98ed8b818532b2556d6f2c7a3b83 Mon Sep 17 00:00:00 2001 +From: Martin Hosken +Date: Thu, 9 Mar 2017 22:04:04 +0000 +Subject: [PATCH] Ensure features have enough space. Fix from Mozilla + +--- + src/FeatureMap.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/FeatureMap.cpp b/src/FeatureMap.cpp +index b8c8405..83bd5f6 100644 +--- a/src/FeatureMap.cpp ++++ b/src/FeatureMap.cpp +@@ -275,7 +275,7 @@ bool FeatureRef::applyValToFeature(uint32 val, Features & pDest) const + else + if (pDest.m_pMap!=&m_pFace->theSill().theFeatureMap()) + return false; //incompatible +- pDest.reserve(m_index); ++ pDest.reserve(m_index+1); + pDest[m_index] &= ~m_mask; + pDest[m_index] |= (uint32(val) << m_bits); + return true; +-- +2.12.2 + diff --git a/gnu/packages/patches/graphite2-check-code-point-limit.patch b/gnu/packages/patches/graphite2-check-code-point-limit.patch new file mode 100644 index 0000000000..a9b6caf53f --- /dev/null +++ b/gnu/packages/patches/graphite2-check-code-point-limit.patch @@ -0,0 +1,50 @@ +From 348c11e4571b534efdbd58a575bbea979c880b2f Mon Sep 17 00:00:00 2001 +From: Tim Eves +Date: Wed, 1 Mar 2017 14:23:46 +0700 +Subject: [PATCH] Fix decoding of USV greater than U+110000 + +Add test cases too +--- + src/inc/UtfCodec.h | 4 ++-- + tests/utftest/utftest.cpp | 3 +++ + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/src/inc/UtfCodec.h b/src/inc/UtfCodec.h +index 3417bac..9dc760f 100644 +--- a/src/inc/UtfCodec.h ++++ b/src/inc/UtfCodec.h +@@ -124,7 +124,7 @@ struct _utf_codec<8> + private: + static const int8 sz_lut[16]; + static const byte mask_lut[5]; +- ++ static const uchar_t limit = 0x110000; + + public: + typedef uint8 codeunit_t; +@@ -157,7 +157,7 @@ public: + case 0: l = -1; return 0xFFFD; + } + +- if (l != seq_sz || toolong) ++ if (l != seq_sz || toolong || u >= limit) + { + l = -l; + return 0xFFFD; +diff --git a/tests/utftest/utftest.cpp b/tests/utftest/utftest.cpp +index 21cb188..a23553a 100644 +--- a/tests/utftest/utftest.cpp ++++ b/tests/utftest/utftest.cpp +@@ -8,6 +8,9 @@ struct test8 + unsigned char str[12]; + }; + struct test8 tests8[] = { ++ { 0, 0, {0xF4, 0x90, 0x80, 0x80, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000] ++ { 0, 0, {0xC0, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000] ++ { 0, 0, {0xA0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000] + { 4, -1, {0x7F, 0xDF, 0xBF, 0xEF, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0, 0} }, // U+7F, U+7FF, U+FFFF, U+10FFF + { 2, 3, {0x7F, 0xDF, 0xBF, 0xF0, 0x8F, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0} }, // U+7F, U+7FF, long(U+FFFF), U+10FFF + { 1, 1, {0x7F, 0xE0, 0x9F, 0xBF, 0xEF, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0} }, // U+7F, long(U+7FF), U+FFFF, U+10FFF +-- +2.12.2 + diff --git a/gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch b/gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch new file mode 100644 index 0000000000..57d4ce2c6e --- /dev/null +++ b/gnu/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch @@ -0,0 +1,93 @@ +This patch incorporates the following 6 consecutive commits from the upstream +graphite2 repository: + +75b83cd..: Martin Hosken 2017-03-28 Fix 32-bit wrap arounds +1f97e36..: Martin Hosken 2017-03-28 balance comparisons in decompressor +9493785..: Martin Hosken 2017-03-29 Speculative rounding fix +09af043..: Tim Eves 2017-03-31 Move a MINMATCH to rhs of a comparisio +28cc60d..: Tim Eves 2017-03-31 Deal with similar wrap around in literal_len +8afc7d0..: Martin Hosken 2017-04-03 Fix 32-bit rollover in decompressor, again + +This diff was generated by the following command: + + git diff 1ce331d5548b98ed..8afc7d0081959866 + + +diff --git a/src/Decompressor.cpp b/src/Decompressor.cpp +index 084570f..56d531f 100644 +--- a/src/Decompressor.cpp ++++ b/src/Decompressor.cpp +@@ -51,7 +51,7 @@ bool read_sequence(u8 const * &src, u8 const * const end, u8 const * &literal, u + literal = src; + src += literal_len; + +- if (src > end - 2) ++ if (src > end - 2 || src < literal) + return false; + + match_dist = *src++; +@@ -85,7 +85,7 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size) + { + // Copy in literal. At this point the last full sequence must be at + // least MINMATCH + 5 from the end of the output buffer. +- if (dst + align(literal_len) > dst_end - (MINMATCH+5)) ++ if (align(literal_len) > unsigned(dst_end - dst - (MINMATCH+5)) || dst_end - dst < MINMATCH + 5) + return -1; + dst = overrun_copy(dst, literal, literal_len); + } +@@ -94,7 +94,8 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size) + // decoded output. + u8 const * const pcpy = dst - match_dist; + if (pcpy < static_cast(out) +- || dst + match_len + MINMATCH > dst_end - 5) ++ || match_len > unsigned(dst_end - dst - (MINMATCH+5)) ++ || dst_end - dst < MINMATCH + 5) + return -1; + if (dst > pcpy+sizeof(unsigned long) + && dst + align(match_len + MINMATCH) <= dst_end) +@@ -103,8 +104,8 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size) + dst = safe_copy(dst, pcpy, match_len + MINMATCH); + } + +- if (literal + literal_len > src_end +- || dst + literal_len > dst_end) ++ if (literal_len > src_end - literal ++ || literal_len > dst_end - dst) + return -1; + dst = fast_copy(dst, literal, literal_len); + +diff --git a/src/Pass.cpp b/src/Pass.cpp +index a4bac2e..683143c 100644 +--- a/src/Pass.cpp ++++ b/src/Pass.cpp +@@ -171,7 +171,7 @@ bool Pass::readPass(const byte * const pass_start, size_t pass_length, size_t su + const uint16 * const o_actions = reinterpret_cast(p); + be::skip(p, m_numRules + 1); + const byte * const states = p; +- if (e.test(p + 2u*m_numTransition*m_numColumns >= pass_end, E_BADPASSLENGTH)) return face.error(e); ++ if (e.test(2u*m_numTransition*m_numColumns >= (unsigned)(pass_end - p), E_BADPASSLENGTH)) return face.error(e); + be::skip(p, m_numTransition*m_numColumns); + be::skip(p); + if (e.test(p != pcCode, E_BADPASSCCODEPTR)) return face.error(e); +@@ -192,7 +192,7 @@ bool Pass::readPass(const byte * const pass_start, size_t pass_length, size_t su + m_cPConstraint = vm::Machine::Code(true, pcCode, pcCode + pass_constraint_len, + precontext[0], be::peek(sort_keys), *m_silf, face, PASS_TYPE_UNKNOWN); + if (e.test(!m_cPConstraint, E_OUTOFMEM) +- || e.test(!m_cPConstraint, m_cPConstraint.status() + E_CODEFAILURE)) ++ || e.test(m_cPConstraint.status() != Code::loaded, m_cPConstraint.status() + E_CODEFAILURE)) + return face.error(e); + face.error_context(face.error_context() - 1); + } +diff --git a/src/Silf.cpp b/src/Silf.cpp +index 72a22cd..d661992 100644 +--- a/src/Silf.cpp ++++ b/src/Silf.cpp +@@ -191,7 +191,7 @@ bool Silf::readGraphite(const byte * const silf_start, size_t lSilf, Face& face, + + const size_t clen = readClassMap(p, passes_start - p, version, e); + m_passes = new Pass[m_numPasses]; +- if (e || e.test(p + clen > passes_start, E_BADPASSESSTART) ++ if (e || e.test(clen > unsigned(passes_start - p), E_BADPASSESSTART) + || e.test(!m_passes, E_OUTOFMEM)) + { releaseBuffers(); return face.error(e); } + diff --git a/gnu/packages/patches/graphite2-non-linear-classes-even-number.patch b/gnu/packages/patches/graphite2-non-linear-classes-even-number.patch new file mode 100644 index 0000000000..2bb1c9f94e --- /dev/null +++ b/gnu/packages/patches/graphite2-non-linear-classes-even-number.patch @@ -0,0 +1,26 @@ +From 0646e4ee471183994f78a759269f0505617711f3 Mon Sep 17 00:00:00 2001 +From: Martin Hosken +Date: Tue, 18 Apr 2017 13:17:14 +0100 +Subject: [PATCH] Ensure non linear classes have even number of elements + +--- + src/Silf.cpp | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/Silf.cpp b/src/Silf.cpp +index d661992..9f2f954 100644 +--- a/src/Silf.cpp ++++ b/src/Silf.cpp +@@ -293,7 +293,8 @@ size_t Silf::readClassMap(const byte *p, size_t data_len, uint32 version, Error + if (e.test(*o + 4 > max_off, E_HIGHCLASSOFFSET) // LookupClass doesn't stretch over max_off + || e.test(lookup[0] == 0 // A LookupClass with no looks is a suspicious thing ... + || lookup[0] * 2 + *o + 4 > max_off // numIDs lookup pairs fits within (start of LookupClass' lookups array, max_off] +- || lookup[3] + lookup[1] != lookup[0], E_BADCLASSLOOKUPINFO)) // rangeShift: numIDs - searchRange ++ || lookup[3] + lookup[1] != lookup[0], E_BADCLASSLOOKUPINFO) // rangeShift: numIDs - searchRange ++ || e.test(((o[1] - *o) & 1) != 0, ERROROFFSET)) // glyphs are in pairs so difference must be even. + return ERROROFFSET; + } + +-- +2.12.2 + -- cgit v1.2.3 From 6be43d95b5844c119869f29451b78dd9f71511e1 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 20 Apr 2017 17:42:52 -0400 Subject: gnu: nss: Disable long b64 tests. Suggested by Marius Bakke in . * gnu/packages/patches/nss-disable-long-b64-tests.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnuzilla.scm (nss)[source]: Add patch. --- gnu/local.mk | 1 + gnu/packages/gnuzilla.scm | 1 + .../patches/nss-disable-long-b64-tests.patch | 34 ++++++++++++++++++++++ 3 files changed, 36 insertions(+) create mode 100644 gnu/packages/patches/nss-disable-long-b64-tests.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 7681321ea3..34a5f1e12f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -805,6 +805,7 @@ dist_patch_DATA = \ %D%/packages/patches/ngircd-handle-zombies.patch \ %D%/packages/patches/ninja-zero-mtime.patch \ %D%/packages/patches/node-9077.patch \ + %D%/packages/patches/nss-disable-long-b64-tests.patch \ %D%/packages/patches/nss-increase-test-timeout.patch \ %D%/packages/patches/nss-pkgconfig.patch \ %D%/packages/patches/ntfs-3g-CVE-2017-0358.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 59f790a6e3..fd058d0224 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -208,6 +208,7 @@ in the Mozilla clients.") "096frzvyp3z257x84rxknscfgsbavzh2a0gyibx7kvmw4vzpfjhd")) ;; Create nss.pc and nss-config. (patches (search-patches "nss-pkgconfig.patch" + "nss-disable-long-b64-tests.patch" "nss-increase-test-timeout.patch")))) (build-system gnu-build-system) (outputs '("out" "bin")) diff --git a/gnu/packages/patches/nss-disable-long-b64-tests.patch b/gnu/packages/patches/nss-disable-long-b64-tests.patch new file mode 100644 index 0000000000..612d94128d --- /dev/null +++ b/gnu/packages/patches/nss-disable-long-b64-tests.patch @@ -0,0 +1,34 @@ +Disable long b64 tests, which consistently fail on armhf. +This is based on an excerpt of the following upstream patch: + + https://hg.mozilla.org/projects/nss/rev/00b2cc2b33c7 + +(we exclude the part of the upstream patch that reverts +an earlier failed attempt, and adapt the file names) + +diff --git a/gtests/util_gtest/util_b64_unittest.cc b/gtests/util_gtest/util_b64_unittest.cc +--- a/nss/gtests/util_gtest/util_b64_unittest.cc ++++ b/nss/gtests/util_gtest/util_b64_unittest.cc +@@ -63,17 +63,19 @@ TEST_F(B64EncodeDecodeTest, EncDecTest) + + TEST_F(B64EncodeDecodeTest, FakeDecTest) { EXPECT_TRUE(TestFakeDecode(100)); } + + TEST_F(B64EncodeDecodeTest, FakeEncDecTest) { + EXPECT_TRUE(TestFakeEncode(100)); + } + + // These takes a while ... +-TEST_F(B64EncodeDecodeTest, LongFakeDecTest1) { ++TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeDecTest1) { + EXPECT_TRUE(TestFakeDecode(0x66666666)); + } +-TEST_F(B64EncodeDecodeTest, LongFakeEncDecTest1) { TestFakeEncode(0x3fffffff); } +-TEST_F(B64EncodeDecodeTest, LongFakeEncDecTest2) { ++TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeEncDecTest1) { ++ TestFakeEncode(0x3fffffff); ++} ++TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeEncDecTest2) { + EXPECT_FALSE(TestFakeEncode(0x40000000)); + } + + } // namespace nss_test -- cgit v1.2.3 From 002c3e6dd6709ba47823214111aa56aa6e0670c6 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 20 Apr 2017 00:41:32 -0400 Subject: gnu: icecat: Update to 52.0.2-gnu1; add fixes from ESR 52.1. * gnu/packages/gnuzilla.scm (icecat): Update to 52.0.2-gnu1. [source]: Remove all patches except "icecat-avoid-bundled-libraries.patch". Add selected fixes from the upstream mozilla-esr52 repository, up to 52.1. Remove "dom/devicestorage" in the snippet. [inputs]: Remove gstreamer and gst-plugins-base. Add ffmpeg and gtk+3. Move yasm to native-inputs. [native-inputs]: Add autoconf-2.13 and yasm. [arguments]: In configure-flags, remove the following switches which are no longer accepted: --enable-{pango,svg,canvas,mathml,gstreamer=1.0} and "--disable-gnomevfs". Use "--enable-default-toolkit=cairo-gtk3" to switch to Gtk+3. Remove the 'remove-h264parse-from-blacklist' phase. Adapt the 'arrange-to-link-libxul-with-libraries-it-might-dlopen' phase as needed. In the 'configure' phase, set the AUTOCONF environment variable. (mozilla-patch): Update the URL pattern to fetch from the mozilla-esr52 repository. * gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to mozilla-esr52. * gnu/packages/patches/icecat-binutils.patch: Remove file. * gnu/packages/patches/icecat-bug-1299500-pt10.patch: New file. * gnu/local.mk (dist_patch_DATA): Remove "icecat-binutils.patch". Add "icecat-bug-1299500-pt10.patch". --- gnu/local.mk | 2 +- gnu/packages/gnuzilla.scm | 265 ++-- .../patches/icecat-avoid-bundled-libraries.patch | 37 +- gnu/packages/patches/icecat-binutils.patch | 40 - gnu/packages/patches/icecat-bug-1299500-pt10.patch | 1639 ++++++++++++++++++++ 5 files changed, 1820 insertions(+), 163 deletions(-) delete mode 100644 gnu/packages/patches/icecat-binutils.patch create mode 100644 gnu/packages/patches/icecat-bug-1299500-pt10.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 34a5f1e12f..1fe46bfb5e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -658,7 +658,7 @@ dist_patch_DATA = \ %D%/packages/patches/hubbub-sort-entities.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ - %D%/packages/patches/icecat-binutils.patch \ + %D%/packages/patches/icecat-bug-1299500-pt10.patch \ %D%/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch \ %D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index fd058d0224..91bb0a6a74 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -31,10 +31,10 @@ #:use-module (guix download) #:use-module (guix utils) #:use-module (guix build-system gnu) + #:use-module (gnu packages autotools) #:use-module (gnu packages base) #:use-module (gnu packages databases) #:use-module (gnu packages glib) - #:use-module (gnu packages gstreamer) #:use-module (gnu packages gtk) #:use-module (gnu packages gnome) #:use-module (gnu packages libcanberra) @@ -302,10 +302,10 @@ standards.") (license license:mpl2.0))) (define (mozilla-patch file-name changeset hash) - "Return an origin for CHANGESET from the mozilla-esr45 repository." + "Return an origin for CHANGESET from the mozilla-esr52 repository." (origin (method url-fetch) - (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr45/raw-rev/" + (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/" changeset)) (sha256 (base32 hash)) (file-name file-name))) @@ -313,7 +313,7 @@ standards.") (define-public icecat (package (name "icecat") - (version "45.7.0-gnu1") + (version "52.0.2-gnu1") (source (origin (method url-fetch) @@ -322,77 +322,162 @@ standards.") "/" name "-" version ".tar.bz2")) (sha256 (base32 - "1mn73liylqzxk441f28wk326yglqs8zcwqs4zz51s8i2id2jsnv3")) + "0asaba04y6rwc7nx898p89jdxkbnsb3dxjvpdi8xb1rbgyms80c9")) (patches (list (search-patch "icecat-avoid-bundled-libraries.patch") - (search-patch "icecat-binutils.patch") - (mozilla-patch "icecat-CVE-2017-5398-pt01.patch" "1a39a54b5fea" "0k3sbf2w2yng2rpv6wl9zrm5cbsgq3pslr19xwrk8sk753as79fp") - (mozilla-patch "icecat-CVE-2017-5402.patch" "9828c3bb7b73" "0zgks0v9sqhwwkmry4daswvjwk6aqln6abx0iac1vwqqpg6swff6") - (mozilla-patch "icecat-CVE-2017-5398-pt02.patch" "fa3268a1147e" "1jyd1hvp42pz5l15agmb1jhw74b38x8xnj9ih5v4pskv41bgmyg5") - (mozilla-patch "icecat-CVE-2017-5400.patch" "347c10e4d6d1" "1w6yrm97l477q4ripbj0nimc87p4jscabvihpncxqbq9xzc4km7p") - (mozilla-patch "icecat-CVE-2017-5410.patch" "fe4a2cda54ad" "0spcs93hpz13d8670jgvww80f0ynrbhwbh62fkv27lpr6wmqwqh1") - (mozilla-patch "icecat-CVE-2017-5401.patch" "c38f8546be5f" "1sa22w9kzgynsn4c6zh4d66byskk5kffzbvlzrhyzvqjddypf9p8") - (mozilla-patch "icecat-CVE-2017-5398-pt03.patch" "41c80ecafa99" "0r33arr5wcgl00zgncasiyl65bmm6jy45clxnbb75nzjmsd1zx1s") - (mozilla-patch "icecat-CVE-2017-5405.patch" "381552c888b4" "1sjhh390cx1jqx74lxk6qd8f8ccppqgagqfhc9pnbm2m67hxvkj9") - (mozilla-patch "icecat-CVE-2017-5407.patch" "4ba337cdb998" "0vyknizid2z9nvl31m08c7fknizhv8dh8m54apm39k8lx77vf70p") - (mozilla-patch "icecat-CVE-2017-5398-pt04.patch" "886650fac531" "18fsr5dmav96ja0dah7mj34n8mjpckp0bbc32zjyaj5qx0m4h5cw") - (mozilla-patch "icecat-CVE-2017-5409.patch" "0a22becb23cd" "19fshrq4qkj5s0mjrads6by84gy7rsq3k57gha6sw6rvx8chjaz6") - (mozilla-patch "icecat-CVE-2017-5398-pt05.patch" "a0ead6ef09eb" "1hpsq81hhhq2a2dcq2dfndiwx93vvp5rfq0cgv6kwk2bsrq77wqq") - (mozilla-patch "icecat-CVE-2017-5398-pt06.patch" "d3fede027d06" "1aw02p367cm0ayijdiiawlb7qhab6jwqwkakj317yd1cjnmkalwr") - (mozilla-patch "icecat-CVE-2017-5398-pt07.patch" "ffca0f060bb4" "0qwisfp7idjj5nc1vp1afrf5lj66l2gp7rllkjmrqpz6cyfc708v") - (mozilla-patch "icecat-CVE-2017-5398-pt08.patch" "4aa65b44dcb9" "07j6dz2b7hp1bkfvkxwgpn2wc3hqrgjgwpaz96fcpz8yadg2fssw") - (mozilla-patch "icecat-bug-1318914.patch" "30e2382d800f" "0w8zky5i7zc5q943x37rdvi4wbcing0q7w9fcgvnnh5li2sbrsy8") - (mozilla-patch "icecat-CVE-2017-5408.patch" "403d2300adc2" "06r4j48rc1fd9gvmvqy68mlqah5xfxpkvwmxk0gnqc364kpq9slk") - (mozilla-patch "icecat-CVE-2017-5398-pt09.patch" "546ab5e99568" "05rdb9bm3n4lj0zq5a95xnwsb0vzirb9mbc2wf9xbi4xlamsgvvw") - (mozilla-patch "icecat-bug-1311380.patch" "ef6eeb7f8846" "1w19is5blbrwf3wlmy6wzgabih8sxp2kmkffqcj2g4jypfwyqn73") - (mozilla-patch "icecat-CVE-2017-5398-pt10.patch" "eec69810d80e" "1r20abhw7b38igsrdpkhcfwx9i9gmcxikv4y3sjr4wkbp684f7av") - (mozilla-patch "icecat-CVE-2017-5398-pt11.patch" "fec35ce6e68b" "1imdfrs8dxz44rhsmvydh29w5j64cij6g5ggrmhvz3386xvlil2v") - (mozilla-patch "icecat-CVE-2017-5398-pt12.patch" "725e2a217722" "06gfhi2ich279rjnxi15fb4igimsxnv5w6bx4g91js8wbvp2r3v0") - (mozilla-patch "icecat-CVE-2017-5398-pt13.patch" "d905a2e3a4d9" "1ibxi2s0czj47b739zmmjzbln8lpn27hdg4b17w58vhbhzkq31cx") - (mozilla-patch "icecat-CVE-2017-5398-pt14.patch" "0032560ae945" "0md3p5cix6nzbj5m199awc9gk52pygy5s9lx3a38vh3xvd92lsbj") - (mozilla-patch "icecat-CVE-2017-5398-pt15.patch" "91dda1e79ad8" "0b5h8fhagczfqkdgby982w6qgkw9y11zxxpdbn89rwmjpyp9nghx") - (mozilla-patch "icecat-CVE-2017-5404.patch" "556dd9e4a9e3" "0mbdx4xn1xs67n47ys9m42lc5ny96rz21ala848yajpdlxsz680g") - (mozilla-patch "icecat-bug-1341137-pt1.patch" "e86e0423dad1" "0dk1v7lcs61nx76qxcibha3ygqri15ldcvwwsrsayff9fq6k0v4y") - (mozilla-patch "icecat-bug-1341137-pt2.patch" "9aebee8b8cb9" "0m7p5iprhhwdv89aqqg7fla5szw6v7x2sll4ns0zg60pk4vm6izq") - (mozilla-patch "icecat-bug-1341137-pt3.patch" "69f3d44bdb48" "1ad7rw6nmg3c49ylqxlqqkb6cm2f0ygfzrigs6b60a2zkjqhbl0h") - (mozilla-patch "icecat-bug-1341137-pt4.patch" "22546e2cee64" "0gbwxa3p7qkq53hwnvxcqhx8h34qmnjdxy0h3ajik4mw76vrna9s") - (mozilla-patch "icecat-bug-1341137-pt5.patch" "e5083d8a855a" "1247vbpqzf007nigbxxqd6nwgr1dxd4p8cd0dr45afqh19vhlapj") - (mozilla-patch "icecat-bug-1339122.patch" "b0d156c7445e" "026jp5bb565yvhkmmicgygcn1lmak85p0466yl1vnjlx1rc8n724") - (mozilla-patch "icecat-bug-1319087.patch" "9cd44507fd65" "0mcfvby53r2150libazgrgaqrdyvl0g6cr1f01dsya3cgmc9mkcn") - (mozilla-patch "icecat-bug-1342661.patch" "d449995ef7d9" "1kz8k2jxvhqpjgrsj7r0kqq79036lrkfnx5pvdnsl59np9128j81") ; CVE-2017-5443 - (mozilla-patch "icecat-bug-1343261.patch" "9b5374019b58" "0v5w50r5ys4jjy1lpks280cq8paw7wdy9mrk7szzq7nlcxz90is7") ; CVE-2017-5429 (pt1) - (mozilla-patch "icecat-bug-1343552-pt1.patch" "08bc7a3330e4" "1hsvffscqc4zflni866ilylgi3a13wz0n882z85xplbhwhc9lcfj") ; CVE-2017-5447 (pt1) - (mozilla-patch "icecat-bug-1343552-pt2.patch" "8c61ebe37f1b" "1fjsr6bzfyd1zqzz2pglwh2ckys95h21wy3j4rlwkz66057z53qq") ; CVE-2017-5447 (pt2) - (mozilla-patch "icecat-bug-1340718.patch" "bfa75fc20c2b" "08gksd06lwbb5ykdrk9gh2cb9bximwxhbxl3rprz64jj2bnmd3dq") - (mozilla-patch "icecat-bug-1345461.patch" "bcd5e51251dd" "1ms2ad8j04lz761cvdwi9rj5qv3qbjmg0zwyp3fykcf01a323ygd") ; CVE-2017-5436 - (mozilla-patch "icecat-bug-1343505.patch" "290f10412f92" "1dsj22fkz60zfa6isnxj54clg32dwzapwh5f1vz6jsin9r67ik2p") ; CVE-2017-5446 - (mozilla-patch "icecat-bug-1346648.patch" "9369ede30cc1" "1wrdn2aixbzifz7wyqnfi65gaiva8i746pi53z6w62lmn1hwd3ji") ; CVE-2017-5448 - (mozilla-patch "icecat-bug-1347979.patch" "4ae2261bfab0" "1yi3jicwjy7w8f0sv5di4rx05bfpkhcwj3r6dhl5315yz4ifqy30") ; CVE-2017-5442 - (mozilla-patch "icecat-bug-1343795.patch" "dcf468969700" "0syfq35s2r86ajmnqsxlfanvxd9ax57qkfmxpkvmk447s3mxsk08") ; CVE-2017-5441 - (mozilla-patch "icecat-bug-1347168.patch" "5a6390274b64" "1lg5px4sncalh82y61ni9rlg50d83jmmrrvn0944x4zfrzlfaz8x") ; CVE-2017-5433 - (mozilla-patch "icecat-bug-1341096.patch" "64158495e5ae" "1lyh8m159hhzrxj5hr0yib2sb8rkd20qxpykrf398v18s3yc08cx") ; CVE-2017-5429 (pt2) - (mozilla-patch "icecat-bug-1346654.patch" "f359ec604627" "0j6rzbnzlz8x9sj2r79d1zr4p89c5zq7y49xa4kn6am5ay3ws0ri") ; CVE-2017-5432 - (mozilla-patch "icecat-bug-1344461.patch" "6f14d2ef7981" "0n24hqvjj7vxqdvxhk38swnmvcv7h7vvn5invbidhv22m0qqzs2c") ; CVE-2017-5444 - (mozilla-patch "icecat-bug-1292534.patch" "c709d4b36145" "18cdck3fr4a1ygszb6qk07g6fi3kv6i697pjfcipvqrk358qb0hq") ; CVE-2017-5469 - (mozilla-patch "icecat-bug-1336830.patch" "18e355831dd5" "042487xhq9zkky3pxiqy1rpy69z0j20w0jnl7kwg2j1bzfbnniip") ; CVE-2017-5439 - (mozilla-patch "icecat-bug-1336832.patch" "ebeb0b45a84b" "17ch2aqsrnkiwbnkf6x7a1cpi8jgfjhwr6wp0bsa89s8v1dax6w4") ; CVE-2017-5440 - (mozilla-patch "icecat-bug-1349946.patch" "ccbecbe17a45" "19vwmhvqarpzai8mcq6i7szkrp1h9m8v5lyimkmmdlmagrivjw7f") ; CVE-2017-5434 - (mozilla-patch "icecat-bug-1350683.patch" "00ed655efad1" "0nfk9345lshim8xl29qka5man73jgxcppv3pzfrgjhk97z7h6ifq") ; CVE-2017-5435 - (mozilla-patch "icecat-bug-1342823.patch" "609145968cfe" "1y5kw8khzxnx5cbrv4zmdd1nzha85r3cmxn3inami9fx8vikxjq8") ; CVE-2017-5429 (pt3) - (mozilla-patch "icecat-bug-1336828.patch" "982cfe33c513" "0amj3qx5399mrdcqakvfn5pabp562i1s87a8zd65jyqs4mwgcjap") ; CVE-2017-5438 - (mozilla-patch "icecat-bug-1348894.patch" "eed8086d0af7" "18p567nhj7nvh740fhh3l0mqx0b7370b45005j43ll08rf2nhygl") ; CVE-2017-5429 (pt4) - (mozilla-patch "icecat-bug-1344467.patch" "38664f88d8f5" "0zdkmiqjr6h1bfs4qw74p5bnw74kcx9fxr4mcnshpavv2gvc6dn4") ; CVE-2017-5445 - (mozilla-patch "icecat-bug-1350844.patch" "c071fab59d05" "16hf5c4appca8vwxl5yvl5ig5bw8cb8hl8apvknsn5rdsjwjlrpr") ; CVE-2017-5429 (pt5) - (mozilla-patch "icecat-bug-1352926.patch" "8fade3eebca2" "165v18545g4br1j6nbbhq2h9098iqvqpbd54zmgwwk9c973qhp3c") ; CVE-2017-5429 (pt6) - (mozilla-patch "icecat-bug-1343642.patch" "6172686bf59c" "0iwihvx11am28cbmgg68llf3mr4ghrclimr51vms1nq9ji767wdb") ; CVE-2017-5460 - (mozilla-patch "icecat-bug-1349340.patch" "260b50fb6d39" "0lq08bkj1ihhwmf0yhxcnvngzym222q3n66ql9fbda4n7prlfhzl") ; CVE-2017-5429 (pt7) - (mozilla-patch "icecat-bug-1353088.patch" "44a90ca714b9" "1rb27bnrm9a5nnwrsxx7z36yhhz8x6lv0df98jv1128zvd373blp") ; CVE-2017-5429 (pt8) - (mozilla-patch "icecat-bug-1347617.patch" "e40b00161221" "0nm6jqbkb6rdahzd39gnhmy1gwawa5jbd7i80c7g1igj3x8ab50y") ; CVE-2017-5465 - (mozilla-patch "icecat-bug-1278157.patch" "a7803c36d797" "10l8jbqlmfkvi4jj0vhkl0a9vdsh3niy5rjr26br3633nyyr4747") - (mozilla-patch "icecat-bug-1348941.patch" "4fe9b979b84d" "069rzn60vn90gcck2wakr6m83q0cy32x5r54ccia9nc26a01p6p5") ; CVE-2017-5429 (pt9) - (mozilla-patch "icecat-bug-1347075.patch" "a017569d3535" "1j7q02q2ybpfx9cr6dn9x27jva1d6dzs4pdxx2a1xmk5va03lrmq") ; CVE-2017-5464 - (mozilla-patch "icecat-bug-1333858.patch" "413dc18f25c8" "0g1q1y22m5gds8p07nq5c8f84jc152x4sac40b17gawj1005n5v9"))) ; CVE-2017-5459 + (mozilla-patch "icecat-CVE-2017-5443.patch" "6daaaff9f1f6" "0jvb6y5fiwr13fyx58k49n81kv6h03vcch502g57y6nsx2wsqng6") + (mozilla-patch "icecat-bug-1319087.patch" "82297fcc6f19" "02qcbg2r2smswgnwj7fs5bcrr3rlqbpsh2nmcbsjyblp5fk1ag36") + (mozilla-patch "icecat-CVE-2017-5429-pt01.patch" "dd526ebe7e58" "1rj0pz6iql59zrynz48njcfg8i0v55bjdndplss9wl37lfydl7ca") + (mozilla-patch "icecat-CVE-2017-5447-pt1.patch" "3bc981f85a17" "0am9k3mii2r05lp6xpizxp356mb8xrbqs9kmx0wx5wyy08wjzmks") + (mozilla-patch "icecat-CVE-2017-5447-pt2.patch" "4f752b0e5920" "183s5dwzd57b299grvyvn139fsp9am0smd3yb4shw8g0iwzz61nf") + (mozilla-patch "icecat-CVE-2017-5449.patch" "1714eda3de9b" "0ncngdpzvffvpw4c1mi0dda5l02lwyil4rnq3i6salnwlrq9x32z") + (mozilla-patch "icecat-CVE-2017-5455.patch" "b10922304d81" "0rglbavb8rx7hl53ksgypazz27263b1yn97gznpdsq89zhirfw3m") + (mozilla-patch "icecat-CVE-2017-5446.patch" "d98de46f8f27" "040agykr4w4wsbi0xm3rrrjxk48iwz8l1hn11vfv45nzsx2f1hzq") + ;; The next patch is for CVE-2017-5436 in the bundled graphite2. + ;; TODO: apply additional fixes from our system graphite2 to the + ;; bundled copy, or upgrade it in place. + (mozilla-patch "icecat-CVE-2017-5436.patch" "e6132f638311" "07w9pijx42psgmkj2i6i87lf30gl0yyb5caz6wz7fm8phi8wwy9p") + (mozilla-patch "icecat-bug-1342395.patch" "0e0e8abe2153" "1xlnq2fd50kf0rz9dibz5vlaa9zj2pifjvky2fdykcan62xz75hy") + (mozilla-patch "icecat-bug-1342841.patch" "623afac083f8" "1pv86j0dxdmi7g3rx4zqplz4gxq5lfyzpdssq83naypcxic6zafb") + (mozilla-patch "icecat-bug-1344644.patch" "cac0735c228f" "0695f0hvxnzgcirgxx3axn5nhkywqxjcvnrlhg7jwfann4mnbsfn") + (mozilla-patch "icecat-bug-1322660.patch" "9d6d60e64255" "0ds74ilhyc9qkkjgkm0xk7ay3926971rzwfh2avhhkfargn7idib") + (mozilla-patch "icecat-bug-1343330.patch" "6f23bd449bc7" "1igz6yhx803hygf7cii8bchx7bfw1niq8s0nc5l9i5rb8ml2b7f0") + (mozilla-patch "icecat-bug-1346961.patch" "3a2dc54cf986" "0dfp3s7d43zx3svajbkhvi73b71hhr7vrc9yz0iz37pykg40c4hn") + (mozilla-patch "icecat-bug-1318070.patch" "a68d6d9b87d0" "1yqgkgv7i0xy5dm0pgg1cbav4qglsdk8brzcjcpfz65bmn1pqrhh") + (mozilla-patch "icecat-CVE-2017-5448.patch" "6684a3c7f834" "0agyynvcjk28d7l2l4cqz67ddg9xw7ymiirb0npabd1si9zj27xb") + (mozilla-patch "icecat-bug-1336345.patch" "590416f46ec8" "1q2svqjd735rickr9i3kdkd0la6ikdphhmzr19h1r84nrl6a87ia") + (mozilla-patch "icecat-bug-1336356.patch" "00ba83ac39be" "1h6qsfv4r9mlc2ihjm9kmzi76aijdnnyx1g2r30ia87xha106pnk") + (mozilla-patch "icecat-bug-1342363.patch" "10285b4a6b71" "0l2ww19y6qbarcp9brjgbpf4vi3k38r6ak8is5736vqz0c17dim0") + (mozilla-patch "icecat-bug-1343787.patch" "28287b7f0938" "1w85s9rqh0dyfx6qn5plypbypz9casig03b6yiy9bpiq7ckrxz56") + (mozilla-patch "icecat-bug-1292803.patch" "adbf7b59a405" "1l1p0b5rc05czk6kr3k3k99m1fkwphj2jrd092gdbib8q4m4cvzv") + (mozilla-patch "icecat-bug-1313869.patch" "eba25396310b" "1ws0dr0kwclzbc2m0sihd3aqvbbg57ycia0fg6y294k6qipcxv38") + (mozilla-patch "icecat-bug-1141756-pt1.patch" "f7c262517722" "0r1zzbxf47q5w8vcy402yin105ngam3csb2q7h7n8axm97307ykp") + (mozilla-patch "icecat-bug-1141756-pt2.patch" "420396d5e26d" "0yv1pmpydzkirfwrxrgbw98dm4a9a4s0izha0wabrp4lb3655jv5") + (mozilla-patch "icecat-bug-1343210.patch" "ed9521749d6f" "1j2zzi00qyqjgh15ingvl6f88zlk4imp31m5jmf7w5f9jqi5ly3k") + (mozilla-patch "icecat-bug-1342442.patch" "775b6f85ef81" "00h9dgds7jv9n4cznj5qhh8liaf1b3wvnlqc2z7a3kj07ijllwzb") + (mozilla-patch "icecat-bug-1344527.patch" "d4612b14c907" "1n3a0mp351a7xgvshm6688gh89hg0xci3y621zs2pyqsfm114366") + (mozilla-patch "icecat-CVE-2017-5442.patch" "5f1aa2336998" "1y2marhrglc66vchd6z0jdmhg0pmkxp1cwim63bp9l6pj7lxyjma") + (mozilla-patch "icecat-CVE-2017-5430-pt01.patch" "512604631b23" "171nzxr4av4818d0fyg9hcsdxkai61sghl45xnsr2al34l28wsw3") + (mozilla-patch "icecat-CVE-2017-5430-pt02.patch" "16772200ad6f" "087j16rcbs5kgvpa096kd6jarwwwfrhwph54wzjn671wr1vnsvvd") + (mozilla-patch "icecat-CVE-2017-5441.patch" "c744e9d57250" "0m70157lczf17hxb2pabsl3grhcjqallbdfpsd58q8q6fk99k6x3") + (mozilla-patch "icecat-CVE-2017-5433.patch" "b4fc7a4cb5e0" "12q6mr5prpgqg5xnrww09qjm3jx2amb8zig62cd46ba8n9z2j9ab") + (mozilla-patch "icecat-CVE-2017-5429-pt02.patch" "21eac0b4fd2f" "1a6v0hwcc26gnlxygplc11dfzc8bykhh44j4gsz88kl5c5jqhlk9") + (mozilla-patch "icecat-CVE-2017-5432.patch" "62df7046e959" "1qvxbpkf87g4vnl8hxqvwb1ydrpkqq3rbkivr8q4029rvgalf4rf") + (mozilla-patch "icecat-bug-1350599.patch" "f6a978b2fcec" "0rkbbmw52mxgrmn1xny4jkn3slwb5jsqs4yr07ffhz7r801jy9iz") + (mozilla-patch "icecat-bug-1332839.patch" "2ad0f87f5dba" "04458jidri521hgf3r63pl736zz4gmgv6b8spa32anfb7gryj8fy") + (mozilla-patch "icecat-bug-1337548.patch" "29a1ad09a6ec" "0pld81bpc34w6g2ara54sx30msas55kwzr537pvxxc002lpvzs57") + (mozilla-patch "icecat-CVE-2017-5430-pt03.patch" "5dec7534760f" "1xh0y7srl7nznb6szpfiykd6r1ibyxrdvasc36w0chqjdmq7xr32") + (mozilla-patch "icecat-bug-1343851.patch" "e104d53316d7" "1yhv3qvzzi3kr881ji1dnm8ydnr3snh2vzl3c4vdzmvrjx8q5rcb") + (mozilla-patch "icecat-bug-1345222.patch" "864644fadcb0" "0qpplxyfn87bigzdkwlrhj9isd5gfafhjgqfckb239a09wwrblf3") + (mozilla-patch "icecat-bug-1348584.patch" "7cee9ad555af" "0856bpa3n71a3y5m4gilcdb9ghb60p545xkv9zbr245r20mj32ds") + (mozilla-patch "icecat-bug-1346720.patch" "6a597a9cd494" "091a5sanw3w3gl0jcmf8d60m59vwbh5v36vnar20m0hl7xrv4v7p") + (mozilla-patch "icecat-CVE-2017-5430-pt04.patch" "09693629803f" "18fhmsghq0232mhh8j10cy0a4979nmkbh43jlcyrg3l63l7795k4") + (mozilla-patch "icecat-CVE-2017-5430-pt05.patch" "2b8268ea97a9" "0l0f54krxdmqbgldikwjncxvn6irihcljldd3z039himrvplisjg") + (mozilla-patch "icecat-bug-1347700-pt1.patch" "ee706896916c" "0m85x80y98c154hyis08kcy81kbw3v34na1v862vxzs939d3mc0n") + (mozilla-patch "icecat-bug-1347700-pt2.patch" "08ecc2d92f81" "1s6411ccifw9l22hhmf32nhm8r5hbclnhy7jm2n228sqfr4h971g") + (mozilla-patch "icecat-bug-1337682.patch" "15af6a323161" "1nxbwd0574gscnkxfyhzv3yqvxiccb2d0rmba9vi6i62646l2pd5") + (mozilla-patch "icecat-CVE-2017-5451.patch" "d91260f0069a" "15w4rzz51hps2fr8djf5z1rzdwxshclk936mxv5anx1skkwms0y8") + (mozilla-patch "icecat-CVE-2017-5444.patch" "7740cf7e121b" "1706mx4zmnib336p2wmfp9ncyl66lk2da82f28xvcw262mg1c8lw") + (mozilla-patch "icecat-bug-1347164-pt1.patch" "b35a6d6dcdca" "077r0pns58fw3xd3qnbhib4q21vvw0aynpa8iyn1pycg8mppmd0f") + (mozilla-patch "icecat-bug-1347164-pt2.patch" "a42fc05969b9" "1ijq8ccsk5k56h77sv5kqv48w7csj3vbakzq98awgbvypzfdyhss") + (mozilla-patch "icecat-bug-1347164-pt3.patch" "f78ac1ac0a37" "0kj6jq482cqwyngy1kmb69zpq35xah8h33kml8i4l7andiyaq3zm") + (mozilla-patch "icecat-bug-1347164-pt4.patch" "795a3d48a775" "18lw99hmrr93k95hk6v6bx5rcf22aa902x2yf5p6wxdqg56nc0zp") + (mozilla-patch "icecat-bug-1338699.patch" "94ce63191069" "0rdivablincah3gbgl4wzjmqlraazivmr8bhqxdpy8dk0a6fvv4s") + (mozilla-patch "icecat-bug-1342301.patch" "e640e758a7cd" "17f36vvf82n6shlaip7ji8qsy9861f9a5r79h000p3wb3bb7lbfs") + (mozilla-patch "icecat-bug-1342170.patch" "df7ed78b7c0a" "1kq256i66hcm2k9d37i5ws354ksv3bbglmscdjv2v5f7wg3y967v") + (mozilla-patch "icecat-bug-1342634.patch" "d72e56823bbb" "0c186d77lyyg0hjxw15d44rybw6yr5aw8g9m3311xfdn5wiygijb") + (mozilla-patch "icecat-bug-1348796-pt1.patch" "cef01720769e" "0h57372lxanjs5zw9b3vwr2x36yz9gj73swyg50aqp13j4rcbpmy") + (mozilla-patch "icecat-bug-1348796-pt2.patch" "7d3584b75f20" "1a4hvpsvn39832g54hsxhqs24cq8v4nd69jqskkgc1ybs09ncmr3") + (mozilla-patch "icecat-bug-1192800.patch" "e56b0938ea0f" "1hlbxhjzj65s6p2v6f66zdfb3gw5yx77msgq5idsv9jip2w88mpq") + (mozilla-patch "icecat-bug-1309438.patch" "1f30d97563c8" "0rvq729fg9j959ha9qvw5wv7r6vw70qvpy7ynifgqhgrpa749n70") + (mozilla-patch "icecat-bug-1315332.patch" "66495c8d9459" "0vzlx8i0cidpymm6ar07h3yk63fxf64f0b2vb0pihd72h0jzd5s9") + (mozilla-patch "icecat-bug-1346439.patch" "a9fcc2dc324a" "13991jijwa84yczkmc212s23w269r8b1a4yiygqgwaily29l1dc5") + (mozilla-patch "icecat-CVE-2017-5469.patch" "3dcc5f5c2df4" "0b36m6rgxc05h39l6wkzi6dlmq9brcigk7xjrifs4786f0z564hz") + (mozilla-patch "icecat-CVE-2017-5430-pt06.patch" "ac0ca89b5a6b" "1646y9y2wmq8pxb081x3076dq9ana7hh5fxwbsnn17v5wqhi8gfb") + (mozilla-patch "icecat-CVE-2017-5467.patch" "6ed26e6c1a09" "0r1n1dwb4l8xwlns0aifyka6mldb6cy2crhh2qkap64cpj3bzl9s") + (mozilla-patch "icecat-CVE-2017-5439.patch" "2fde528ca7b6" "0iv0sjhnh7br0z3pcpk346wbj162ynacfk3p9309hg6kr1cd92fp") + (mozilla-patch "icecat-CVE-2017-5440.patch" "d88bd03d1234" "1pls63djh4w5023ag3fwjk79cpx816ilgajl5l1qlqyacl8c0v4p") + (mozilla-patch "icecat-bug-1349987.patch" "3282e8f6a121" "1dyc84h7v0l9gndmbiwfqk33f703zr3fv96mwbn58msdf20ma9l2") + (mozilla-patch "icecat-CVE-2017-5434.patch" "ee0a7b55e470" "01vs4p56p0ii0fvmg0kn7gaz6gwf2kwmv6v4pa6v68hwxx1phaag") + (mozilla-patch "icecat-CVE-2017-5430-pt07.patch" "a4e1e04c88ee" "0q07qwzxf2iisrhknjbn1zksv2rr6qzzh6w8ibzlj1sqbdg3h852") + (mozilla-patch "icecat-bug-1335043.patch" "a49419f75b9c" "0pkh5yimnj3p1sd2g9vndgcn11zdx6yhpa88s8vk7fqbs8gf1fz3") + (mozilla-patch "icecat-bug-1299500-pt01.patch" "5fdd36b4400a" "1gdrsbf03wf9v90f1bd2sp9ac38a9lzpzfrv8l8f7gvy70acjxmb") + (mozilla-patch "icecat-bug-1299500-pt02.patch" "34776df5ce44" "15mlf59ii0rk97j8mlf3wz1q0w28ma5mll47dvci6cv3dziai9f1") + (mozilla-patch "icecat-bug-1299500-pt03.patch" "26189af0f504" "1wh1s2xd1w03zi5jdaagk6j5i8v9xsm9360xmv446wdraygkqbci") + (mozilla-patch "icecat-bug-1299500-pt04.patch" "798a8fe17e7b" "0vlalanffq3paa7zab003v1d377x5pvcsy8nc8fr5pdlvi622jll") + (mozilla-patch "icecat-bug-1299500-pt05.patch" "daf2e4f2bd5c" "1rxbjbyr1a6dxjb0qj6900g3kqjphir40pis4qcfl8q811y18jwk") + (mozilla-patch "icecat-bug-1299500-pt06.patch" "1187091c3134" "0r8zz4zbglxg6sl0ybz9lyq1c5w2nqp0xcn2d3rz9bvyj8byqc7m") + (mozilla-patch "icecat-bug-1299500-pt07.patch" "a908f2c2fe30" "1fvwy3fxfrdi9y8hmf4f9aa72i0g6s55s8cp0w22gllsl1f6gvyf") + (mozilla-patch "icecat-bug-1299500-pt08.patch" "e95a26cf7a42" "0pd0kcn7dqd1gy1si85as5zzc96v7vq0v8n3g3gjzms5rdnk085l") + (mozilla-patch "icecat-bug-1299500-pt09.patch" "d63f3b14e571" "0cqd7dal6prsrj7bn2d699idbq4fzjry9vqlbmm9dkyn5683sdy1") + (search-patch "icecat-bug-1299500-pt10.patch") ; Adapted for GNU IceCat, based on: + ;"08f2bc167ae8" "07d1i23ffvi74a5558bb0645vbrap6qlrpcwfyb7dm3llbfnfycy") + (mozilla-patch "icecat-bug-1299500-pt11.patch" "263f27805689" "0nczkvyvlpdjif3xfvj7g2mfz6j06w99x2sblqfmqq6mwrlavpq0") + (mozilla-patch "icecat-CVE-2017-5456.patch" "538e0b382cc2" "0wq2ywn4a7i4ypcx03hl23a4xx3lavz7y505m9kw43fx15r4070r") + (mozilla-patch "icecat-bug-1280079.patch" "6fbcb6a4b91e" "0qcwz9js1bwlnwyv3vhkm0hvahd043lm2bijqsmm0jy20dbslga4") + (mozilla-patch "icecat-CVE-2017-5435.patch" "a362e1205ba4" "127i4ybfb4dk5axp4dxcl7ag7zyx7b517myvs6q4yd8981d1jjd3") + (mozilla-patch "icecat-bug-1341960.patch" "b24ce30e8cfa" "0a521wn8hbaliawmxs21b8wc1gkha8iih62j4zyrfg5rm7ff6p6s") + (mozilla-patch "icecat-CVE-2017-5454.patch" "ac40d4a4e414" "0dnzz95vpq32bsh6hajk4hrcrxwd4w6m7kayl2iziryny86jgak2") + (mozilla-patch "icecat-CVE-2017-5429-pt03.patch" "e469af8e9ccc" "0yn8zqakr9yw0jvysxyc8if09kqf4fr5rq4p9qdkb1p81p4dpmp5") + (mozilla-patch "icecat-bug-1351094.patch" "4c1383e76adc" "0wdldx88qabyhrwnnii44pggmfgqylzxy6ckwzgq86r2yipi4rsq") + (mozilla-patch "icecat-bug-1336527.patch" "b9f53baeabb3" "0y1l641ffbr4i85p0wc1ir6bcsy6h94bchbfc7ppxfijva4fjgvd") + (mozilla-patch "icecat-bug-1345716.patch" "2569af645a98" "1d6lx85ij90j6q6ixwp0h3w7y424yvkz0njsi0my727akbli5rsn") + (mozilla-patch "icecat-bug-1208957.patch" "2b68880d8f6b" "1pl0vkv7clyjchi9kg4995z82sr8xv7cbz1kvsg1v66md6pmp4s4") + (mozilla-patch "icecat-bug-1208957.patch" "bc646835442b" "0f29r5yvlb5w84nvvn6j9r9dq5314jgygjmsna3grzigpkb88gyj") + (mozilla-patch "icecat-bug-1347944.patch" "47cb652ddc25" "0n7871958zwndwz53xvzwjv41v5ar1vxaam8kzr5dkbqmprddimx") + (mozilla-patch "icecat-bug-1347632.patch" "7d8f7a52a108" "0gkbkzkz989j7pk3ia1rfvyjg3si8hnnadwkb2rw13qjxdzhx2zn") + (mozilla-patch "icecat-CVE-2017-5438.patch" "154c93b9435b" "00f8lr5s8h68392bb45zi0xfgqrgfkdxbzwdypp10d89784fvjvd") + (mozilla-patch "icecat-bug-1347486.patch" "15dbaf157058" "1mwgfnx1zsvhp0pgmc8577yw6lnf7g3ikdfj0r21fgffrn76bp69") + (mozilla-patch "icecat-bug-1218437.patch" "e13692bfd5f5" "10jrbs26m8l1vchw6svssrb5h8p82acrcmkx92ybvv4qbaq2bcl0") + (mozilla-patch "icecat-bug-1345853.patch" "5fa27dc4c4a3" "1sqqa4hir2bsnnwnlr34has62kpncmw6l9mylwprd09fxmzzgrd7") + (mozilla-patch "icecat-CVE-2017-5429-pt04.patch" "00c051cd38c7" "1d4aa4nqyjc01mg3jvdjjp7z05c2qhdjj85dhdrd9c18gfiyv4fi") + (mozilla-patch "icecat-bug-1349921.patch" "c6897adc4037" "0acvcdy8awdmpz84243jzf82agrm73wqa198fjbns1p1v3s425z2") + (mozilla-patch "icecat-bug-1338623.patch" "edcafd42dd52" "1xqgjy7a62jsyz1b5mibrcnd7zpb4gdaas0a6z5dwfvz52j4xa16") + (mozilla-patch "icecat-bug-1294799.patch" "0617b074ec3d" "19h7dj44shvdzzj87svpv5q97cikxyxhiwfzf9rnqj1b7fw0xrdh") + (mozilla-patch "icecat-bug-1345049.patch" "88466b911357" "16pgd13mw9a0snyhq6vxmjc7kr9mikvhazkgbc6vpykwi0i0z85b") + (mozilla-patch "icecat-bug-1339999.patch" "b7cb8f8b0877" "0zv1kxcva699ahb9s36l4d9mlrkm0b7hmh6g1422j6iijn136vxb") + (mozilla-patch "icecat-bug-1350868.patch" "ddd6c44790c0" "182ii4wsz2vdd1q4dszd5hka8i2n0ghmqk7l39bd02d3zfibhhvc") + (mozilla-patch "icecat-bug-1342360.patch" "416681a239ef" "0ngs8xgmdhz9ag4dlrqhr0vmanqxr9q2vf16jpm3cimyc06zjxz4") + (mozilla-patch "icecat-CVE-2017-5429-pt05.patch" "a76e626ae6db" "0zn2j8fmhp7502kx1jhrvh85vsys5x6x6gw3v4gl0h8px354v6yw") + (mozilla-patch "icecat-CVE-2017-5429-pt06.patch" "0ce4196ab86e" "0isczy8261qz2zsdxax4j51gypz0gi39q7nfwxg88sl81kc5vym8") + (mozilla-patch "icecat-CVE-2017-5429-pt07.patch" "39da731d80ed" "0vswnv1hqa7r8iz6y5ja7i6w3cyq5xrcd66c1q29ac6n4gn7x338") + (mozilla-patch "icecat-CVE-2017-5430-pt08.patch" "1b148cf9c545" "0ilrib0c2c7mfycpz2hq3vrfdf6sf8lcdbfjk6r4xyxv54vh3lwk") + (mozilla-patch "icecat-bug-1325841.patch" "74e9f13c554f" "0glzcgjsy71y78zaccn33w8djs96i6dd3gafyzkihnkpfddd5cij") + (mozilla-patch "icecat-CVE-2017-5445.patch" "d7d87adfe186" "02p705si2j69ya8n5a916x58nycs07ja0sfpxrwl16f4n2plc91h") + (mozilla-patch "icecat-bug-1346424.patch" "5ede402f494f" "0kbx8yn8ppv7099ic6nhw32f7h42pnwk6dpvb179ilw90ah902q7") + (mozilla-patch "icecat-CVE-2017-5430-pt09.patch" "da44c5cfab2e" "16i4dz5sfkhh3a0khrcf8zn5w20rkf4aqwygjj3cp4qhdh7wnr75") + (mozilla-patch "icecat-CVE-2017-5430-pt10.patch" "0f966927bd55" "07pkhc6l6ylwrzgfm7i1galrvjawqqrhvhk6jcw4b30sfhi0bxq1") + (mozilla-patch "icecat-CVE-2017-5429-pt08.patch" "f0f591f82cc0" "18p091503vpfpp4l3d7hkqj78zavv6qj1lynhlfx67zdp3xqcf8r") + (mozilla-patch "icecat-CVE-2017-5464.patch" "1852dc0beba4" "1zdnkrsqjfv1q2jhj4829ypiwyg78n4jv54yn3b74vwcf5zvzx8m") + (mozilla-patch "icecat-bug-1083140.patch" "6913f0537208" "0vaf61ryp0bzkz6l1w73alhglibbgm0jcgccxvvm43ni67pcxqbq") + ;; The patch commented out below updates the bundled tzdata, + ;; but we can't use it because it contains a GIT binary patch. + ;; TODO: Consider updating the bundled tzdata, or unbundling it. + ;; (mozilla-patch "icecat-bug-1343493.patch" "35496444b380" "1wa79az7121xw078cgpczxavrqy0fsp4ib2nb69giha6acxcaqas") + (mozilla-patch "icecat-CVE-2017-5430-pt11.patch" "64495dfa29db" "0m7vklnwnaf7sw97m87bm4lb9pjmlh1vvrbaf1931db8nhd6m737") + (mozilla-patch "icecat-bug-1350783.patch" "26cd34db3c14" "15vq3lrilg3n9j80cdjmk7xib2iq5gcx9ypq8xs7f5ya9ibasqlx") + (mozilla-patch "icecat-CVE-2017-5429-pt09.patch" "6cd77a0d7ac0" "0kxlbl5m3gffxqrv7ky3swsbyg1ykj0wjhlfl9amsb4g8gra3zkj") + (mozilla-patch "icecat-CVE-2017-5460-pt1.patch" "a803be74843c" "1ywwakzjkfr714i9pfn152n86c6rp427chzdys8phdkcvp5d5p45") + (mozilla-patch "icecat-CVE-2017-5460-pt2.patch" "73762c1392ae" "18jy9ccqvn6l6hznvq5xsqm1pc7i81svc2grgv21wfwg9sd6zwwh") + (mozilla-patch "icecat-bug-1337392-pt1.patch" "4ab6d5c43036" "07pygzngssra9wnmqqrs24d6gc5kfh20fkzvpcasxh4f2hi21z9b") + (mozilla-patch "icecat-bug-1337392-pt2.patch" "13f2d85da9a7" "1iwfz7dp5i93bhjspy4kyz0vqrl8x8ndg5kxdyzwb1b339xim9qy") + (mozilla-patch "icecat-CVE-2017-5429-pt10.patch" "7a30cddfcd54" "1773pijh6gi086l930cn1a0k7kvy7f3cnirfblw98sq7h9qfyy33") + (mozilla-patch "icecat-bug-1345873-pt1.patch" "75cea353ad78" "14cig2y7d3p033hx3096gxzlqwgddq8d0ig0g3l8p1b0xwvvyryl") + (mozilla-patch "icecat-bug-1345873-pt2.patch" "b08ef5a82f89" "0afz01jv850x09df85d7ycqkcdlafi4w2xi5k155lk2b92w8lhpj") + (mozilla-patch "icecat-bug-1340163.patch" "f3f2a995a239" "1ydsj4ja475jscalkw6ggdxgbsp5l2mam5109k0y7c98abzqraxk") + (mozilla-patch "icecat-bug-1348174-pt1.patch" "330904d6f0dc" "19wnp4d8481w86xkk78n7c7wrr99rq6cq3v09hd8am4n0mzwzaja") + (mozilla-patch "icecat-bug-1348174-pt2.patch" "c61b99483c4b" "0mjsahi8ly24415ri2sylas6g0kb8wawi095idqiq019c3r7q9cq") + (mozilla-patch "icecat-bug-1348601.patch" "1848bd238064" "1f5kadhn6w1rs26sdrcc3mq0zzlmmsm6ymqhshkzn57nrj6akm7b") + (mozilla-patch "icecat-bug-1345991.patch" "2008a4b89d9a" "07fkg9r2rxbk362ckv2h8inhd2dadvzigshm6zsjfjs2fyzp95hp") + (mozilla-patch "icecat-bug-1344498-pt1.patch" "9acd0103d67f" "1f0j667g05h9ydmc924cs8mzif1n7s56wixsgnyqc3s231dswhml") + (mozilla-patch "icecat-bug-1344498-pt2.patch" "49aadb25b1ec" "0s618m802b1x5pyqh5mj1azaxch7ggxq9503b7mwhg90vz8qw7ki") + (mozilla-patch "icecat-bug-1344205.patch" "34b453085dc0" "02h1bh24f9i5sm3my07m2q58cpzqfhagwwv11l9fidxcm9dmzmrd") + (mozilla-patch "icecat-bug-1349862.patch" "864ff0c36b6b" "1i3wmigv982x9hzkfg25jhyvkynmar69x6cj6r4g9zkk5f5ypdh5") + (mozilla-patch "icecat-CVE-2017-5459.patch" "5ec6fbedb420" "07flhha4rkjbry5590yr5by36ypb1k33qm3rzkbmw0vk5gyak8dp") + (mozilla-patch "icecat-CVE-2017-5465.patch" "2b95de78a92c" "0vvq1fz84yyw7za929x6ki25paivlwd4ng1ddkcb2bw6da6yp12k") + (mozilla-patch "icecat-CVE-2017-5466.patch" "a5ec5e70abf1" "1jjviyk6db8iccd7997mwmgs188fsyrzivap3ffjf8m6j4mf9cra") + (mozilla-patch "icecat-bug-1347646.patch" "1b50711a46ce" "1i3505zzgf0mvg2405y2gzq36xc8ic2ga8w6d3n9kqryxj0mc7bh"))) (modules '((guix build utils))) (snippet '(begin @@ -424,6 +509,7 @@ standards.") ;; ;; TODO: Use system graphite2. ;; + "dom/devicestorage" ; Removed in ESR 52.1, awkward to patch out "modules/freetype2" "modules/zlib" "modules/libbz2" @@ -450,9 +536,8 @@ standards.") ("dbus-glib" ,dbus-glib) ("gdk-pixbuf" ,gdk-pixbuf) ("glib" ,glib) - ("gstreamer" ,gstreamer) - ("gst-plugins-base" ,gst-plugins-base) - ("gtk+" ,gtk+-2) + ("gtk+" ,gtk+) + ("gtk+-2" ,gtk+-2) ("pango" ,pango) ("freetype" ,freetype) ("hunspell" ,hunspell) @@ -466,6 +551,7 @@ standards.") ("libxcomposite" ,libxcomposite) ("libxt" ,libxt) ("libffi" ,libffi) + ("ffmpeg" ,ffmpeg) ("libvpx" ,libvpx) ("icu4c" ,icu4c) ("pixman" ,pixman) @@ -477,14 +563,15 @@ standards.") ("sqlite" ,sqlite) ("startup-notification" ,startup-notification) ("unzip" ,unzip) - ("yasm" ,yasm) ("zip" ,zip) ("zlib" ,zlib))) (native-inputs `(("perl" ,perl) ("python" ,python-2) ; Python 3 not supported ("python2-pysqlite" ,python2-pysqlite) + ("yasm" ,yasm) ("pkg-config" ,pkg-config) + ("autoconf" ,autoconf-2.13) ("which" ,which))) (arguments `(#:tests? #f ; no check target @@ -496,17 +583,11 @@ standards.") ;; practice somehow. See . #:validate-runpath? #f - #:configure-flags '("--enable-default-toolkit=cairo-gtk2" - "--enable-pango" + #:configure-flags '("--enable-default-toolkit=cairo-gtk3" "--enable-gio" - "--enable-svg" - "--enable-canvas" - "--enable-mathml" "--enable-startup-notification" "--enable-pulseaudio" - "--enable-gstreamer=1.0" - "--disable-gnomevfs" "--disable-gconf" "--disable-gnomeui" @@ -563,16 +644,6 @@ standards.") (utime file early-1980 early-1980)) #t)) #t))) - (add-after - 'unpack 'remove-h264parse-from-blacklist - (lambda _ - ;; Remove h264parse from gstreamer format helper blacklist. It - ;; was put there to work around a bug in a pre-1.0 version of - ;; gstreamer. See: - ;; https://www.mozilla.org/en-US/security/advisories/mfsa2015-47/ - (substitute* "dom/media/gstreamer/GStreamerFormatHelper.cpp" - (("^ \"h264parse\",\n") "")) - #t)) (add-after 'unpack 'use-skia-by-default (lambda _ @@ -596,10 +667,11 @@ standards.") ;; calls to dlopen or PR_LoadLibrary, but that didn't seem to ;; work. More investigation is needed. (substitute* "toolkit/library/moz.build" - (("^# This needs to be last") - "OS_LIBS += [ + (("^# This library needs to be last" all) + (string-append "OS_LIBS += [ 'GL', 'gnome-2', 'canberra', 'Xss', 'cups', 'gssapi_krb5', - 'gstreamer-1.0', 'gstapp-1.0', 'gstvideo-1.0' ]\n\n")) + 'avcodec', 'avutil', 'pulse' ]\n\n" + all))) #t)) (replace 'configure @@ -616,6 +688,7 @@ standards.") ,@configure-flags))) (setenv "SHELL" bash) (setenv "CONFIG_SHELL" bash) + (setenv "AUTOCONF" (which "autoconf")) ; must be autoconf-2.13 (mkdir "../build") (chdir "../build") (format #t "build directory: ~s~%" (getcwd)) diff --git a/gnu/packages/patches/icecat-avoid-bundled-libraries.patch b/gnu/packages/patches/icecat-avoid-bundled-libraries.patch index 267f7b8aac..114631517a 100644 --- a/gnu/packages/patches/icecat-avoid-bundled-libraries.patch +++ b/gnu/packages/patches/icecat-avoid-bundled-libraries.patch @@ -1,8 +1,8 @@ Fixes needed when avoiding bundled libraries. ---- icecat-45.3.0/xpcom/build/moz.build.orig -+++ icecat-45.3.0/xpcom/build/moz.build -@@ -92,10 +92,5 @@ +--- icecat-52.0.2/xpcom/build/moz.build.orig ++++ icecat-52.0.2/xpcom/build/moz.build +@@ -93,10 +93,5 @@ '/docshell/base', ] @@ -13,38 +13,23 @@ Fixes needed when avoiding bundled libraries. - if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': CXXFLAGS += CONFIG['TK_CFLAGS'] ---- icecat-45.3.0/storage/moz.build.orig -+++ icecat-45.3.0/storage/moz.build -@@ -108,7 +108,6 @@ - DEFINES['SQLITE_MAX_LIKE_PATTERN_LENGTH'] = 50000 +--- icecat-52.0.2/storage/moz.build.orig ++++ icecat-52.0.2/storage/moz.build +@@ -114,7 +114,6 @@ + DEFINES['MOZ_MEMORY_TEMP_STORE_PRAGMA'] = True LOCAL_INCLUDES += [ - '/db/sqlite3/src', '/dom/base', ] ---- icecat-45.3.0/dom/indexedDB/moz.build.orig -+++ icecat-45.3.0/dom/indexedDB/moz.build -@@ -96,7 +96,6 @@ - SOURCES['Key.cpp'].flags += ['-Wno-error=type-limits'] +--- icecat-52.0.2/dom/indexedDB/moz.build.orig ++++ icecat-52.0.2/dom/indexedDB/moz.build +@@ -101,7 +101,6 @@ + CXXFLAGS += ['-Wno-error=shadow'] LOCAL_INCLUDES += [ - '/db/sqlite3/src', '/dom/base', '/dom/storage', '/dom/workers', ---- icecat-45.3.0/modules/libmar/tests/Makefile.in.orig -+++ icecat-45.3.0/modules/libmar/tests/Makefile.in -@@ -10,12 +10,5 @@ - ifndef MOZ_PROFILE_GENERATE - libs:: - $(INSTALL) ../tool/signmar$(BIN_SUFFIX) $(TESTROOT)/unit -- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)nss3$(DLL_SUFFIX) $(TESTROOT)/unit --ifndef MOZ_FOLD_LIBS -- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)nssutil3$(DLL_SUFFIX) $(TESTROOT)/unit -- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)plc4$(DLL_SUFFIX) $(TESTROOT)/unit -- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)nspr4$(DLL_SUFFIX) $(TESTROOT)/unit -- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)plds4$(DLL_SUFFIX) $(TESTROOT)/unit --endif - endif - endif # Not Android diff --git a/gnu/packages/patches/icecat-binutils.patch b/gnu/packages/patches/icecat-binutils.patch deleted file mode 100644 index 53a3ed9bb0..0000000000 --- a/gnu/packages/patches/icecat-binutils.patch +++ /dev/null @@ -1,40 +0,0 @@ - -# HG changeset patch -# User J. Brown -# Date 1476951900 14400 -# Node ID cca249d09ef600650e6127c18be438a37e9d4587 -# Parent d8bbf1a3957fd25ff24bfee51331c150b154cc39 -Bug 1242901 - Fix linking libxul.so with binutils/GNU ld >= 2.26. r=glandium - -The build fails with: - - /usr/bin/ld: ../../xpcom/components/nsComponentManager.o: relocation R_386_GOTOFF against protected data `start_kPStaticModules_NSModule' can not be used when making a shared object - /usr/bin/ld: final link failed: Bad value - collect2: error: ld returned 1 exit status - -This is a patch from 2016/04/27 16:36:50 ryoon found on -http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/www/firefox45/patches/#dirlist. - -diff --git a/xpcom/components/Module.h b/xpcom/components/Module.h ---- a/xpcom/components/Module.h -+++ b/xpcom/components/Module.h -@@ -133,17 +133,17 @@ struct Module - #if defined(MOZILLA_INTERNAL_API) - # define NSMODULE_NAME(_name) _name##_NSModule - # if defined(_MSC_VER) - # pragma section(".kPStaticModules$M", read) - # pragma comment(linker, "/merge:.kPStaticModules=.rdata") - # define NSMODULE_SECTION __declspec(allocate(".kPStaticModules$M"), dllexport) - # elif defined(__GNUC__) - # if defined(__ELF__) --# define NSMODULE_SECTION __attribute__((section(".kPStaticModules"), visibility("protected"))) -+# define NSMODULE_SECTION __attribute__((section(".kPStaticModules"), visibility("default"))) - # elif defined(__MACH__) - # define NSMODULE_SECTION __attribute__((section("__DATA, .kPStaticModules"), visibility("default"))) - # elif defined (_WIN32) - # define NSMODULE_SECTION __attribute__((section(".kPStaticModules"), dllexport)) - # endif - # endif - # if !defined(NSMODULE_SECTION) - # error Do not know how to define sections. - diff --git a/gnu/packages/patches/icecat-bug-1299500-pt10.patch b/gnu/packages/patches/icecat-bug-1299500-pt10.patch new file mode 100644 index 0000000000..406738b8a5 --- /dev/null +++ b/gnu/packages/patches/icecat-bug-1299500-pt10.patch @@ -0,0 +1,1639 @@ +Based on the following HG changeset, but adapted to GNU IceCat and +also assumes that the dom/devicestorage subtree is deleted by our +snippet. Note that the other parts of this patchset are downloaded +directly from the upstream mozilla-esr52 mercurial repository. + +# HG changeset patch +# User Andrea Marchesini +# Date 1489000545 -3600 +# Node ID 08f2bc167ae82a6f86e427283d8b972ba794b846 +# Parent d63f3b14e5718b62c0adad2eab81b785250f3d4a +Bug 1299500 - Get rid of DeviceStorage API - part 10 - DeviceStorage, r=ehsan, r=billm, a=jcristau + +diff --git a/dom/bindings/Bindings.conf b/dom/bindings/Bindings.conf +--- a/dom/bindings/Bindings.conf ++++ b/dom/bindings/Bindings.conf +@@ -228,21 +228,16 @@ DOMInterfaces = { + 'DeviceAcceleration': { + 'headerFile': 'mozilla/dom/DeviceMotionEvent.h', + }, + + 'DeviceRotationRate': { + 'headerFile': 'mozilla/dom/DeviceMotionEvent.h', + }, + +-'DeviceStorage': { +- 'nativeType': 'nsDOMDeviceStorage', +- 'headerFile': 'DeviceStorage.h', +-}, +- + 'Document': { + 'nativeType': 'nsIDocument', + 'binaryNames': { + 'documentURI': 'documentURIFromJS', + 'URL': 'documentURIFromJS' + } + }, + +diff --git a/dom/filesystem/DeviceStorageFileSystem.cpp b/dom/filesystem/DeviceStorageFileSystem.cpp +--- a/dom/filesystem/DeviceStorageFileSystem.cpp ++++ b/dom/filesystem/DeviceStorageFileSystem.cpp +@@ -1,26 +1,24 @@ + /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ + /* vim: set ts=8 sts=2 et sw=2 tw=80: */ + /* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + + #include "mozilla/dom/DeviceStorageFileSystem.h" + +-#include "DeviceStorage.h" + #include "mozilla/Preferences.h" + #include "mozilla/dom/Directory.h" + #include "mozilla/dom/File.h" + #include "mozilla/dom/FileSystemUtils.h" + #include "mozilla/ipc/BackgroundParent.h" + #include "mozilla/Unused.h" + #include "nsCOMPtr.h" + #include "nsDebug.h" +-#include "nsDeviceStorage.h" + #include "nsIFile.h" + #include "nsPIDOMWindow.h" + #include "nsGlobalWindow.h" + + using namespace mozilla::ipc; + + namespace mozilla { + namespace dom { +@@ -37,44 +35,16 @@ DeviceStorageFileSystem::DeviceStorageFi + if (mozilla::Preferences::GetBool("device.storage.prompt.testing", false)) { + mPermissionCheckType = ePermissionCheckNotRequired; + } else { + mPermissionCheckType = ePermissionCheckRequired; + } + } else { + AssertIsOnBackgroundThread(); + } +- +- // Get the permission name required to access the file system. +- DebugOnly rv = +- DeviceStorageTypeChecker::GetPermissionForType(mStorageType, mPermission); +- NS_WARNING_ASSERTION(NS_SUCCEEDED(rv), "GetPermissionForType failed"); +- +- // Get the local path of the file system root. +- nsCOMPtr rootFile; +- DeviceStorageFile::GetRootDirectoryForType(aStorageType, +- aStorageName, +- getter_AddRefs(rootFile)); +- +- Unused << +- NS_WARN_IF(!rootFile || +- NS_FAILED(rootFile->GetPath(mLocalOrDeviceStorageRootPath))); +- +- if (!XRE_IsParentProcess()) { +- return; +- } +- +- // DeviceStorageTypeChecker is a singleton object and must be initialized on +- // the main thread. We initialize it here so that we can use it on the worker +- // thread. +- if (NS_IsMainThread()) { +- DebugOnly typeChecker = +- DeviceStorageTypeChecker::CreateOrGet(); +- MOZ_ASSERT(typeChecker); +- } + } + + DeviceStorageFileSystem::~DeviceStorageFileSystem() + { + AssertIsOnOwningThread(); + } + + already_AddRefed +diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp +--- a/dom/ipc/ContentChild.cpp ++++ b/dom/ipc/ContentChild.cpp +@@ -168,44 +168,41 @@ + #include "mozilla/X11Util.h" + #endif + + #ifdef ACCESSIBILITY + #include "nsAccessibilityService.h" + #endif + + #include "mozilla/dom/File.h" +-#include "mozilla/dom/devicestorage/DeviceStorageRequestChild.h" + #include "mozilla/dom/PPresentationChild.h" + #include "mozilla/dom/PresentationIPCService.h" + #include "mozilla/ipc/InputStreamUtils.h" + + #ifdef MOZ_WEBSPEECH + #include "mozilla/dom/PSpeechSynthesisChild.h" + #endif + + #include "ProcessUtils.h" + #include "URIUtils.h" + #include "nsContentUtils.h" + #include "nsIPrincipal.h" +-#include "nsDeviceStorage.h" + #include "DomainPolicy.h" + #include "mozilla/dom/ipc/StructuredCloneData.h" + #include "mozilla/dom/time/DateCacheCleaner.h" + #include "mozilla/net/NeckoMessageUtils.h" + #include "mozilla/widget/PuppetBidiKeyboard.h" + #include "mozilla/RemoteSpellCheckEngineChild.h" + #include "GMPServiceChild.h" + #include "gfxPlatform.h" + #include "nscore.h" // for NS_FREE_PERMANENT_DATA + #include "VRManagerChild.h" + + using namespace mozilla; + using namespace mozilla::docshell; +-using namespace mozilla::dom::devicestorage; + using namespace mozilla::dom::ipc; + using namespace mozilla::dom::workers; + using namespace mozilla::media; + using namespace mozilla::embedding; + using namespace mozilla::gmp; + using namespace mozilla::hal_sandbox; + using namespace mozilla::ipc; + using namespace mozilla::layers; +@@ -1806,29 +1803,16 @@ ContentChild::GetCPOWManager() + } + + bool + ContentChild::RecvPTestShellConstructor(PTestShellChild* actor) + { + return true; + } + +-PDeviceStorageRequestChild* +-ContentChild::AllocPDeviceStorageRequestChild(const DeviceStorageParams& aParams) +-{ +- return new DeviceStorageRequestChild(); +-} +- +-bool +-ContentChild::DeallocPDeviceStorageRequestChild(PDeviceStorageRequestChild* aDeviceStorage) +-{ +- delete aDeviceStorage; +- return true; +-} +- + PNeckoChild* + ContentChild::AllocPNeckoChild() + { + return new NeckoChild(); + } + + bool + ContentChild::DeallocPNeckoChild(PNeckoChild* necko) +@@ -2531,38 +2515,16 @@ ContentChild::RecvVolumes(nsTArrayRecvVolumesFromParent(aVolumes); + } + #endif + return true; + } + + bool +-ContentChild::RecvFilePathUpdate(const nsString& aStorageType, +- const nsString& aStorageName, +- const nsString& aPath, +- const nsCString& aReason) +-{ +- if (nsDOMDeviceStorage::InstanceCount() == 0) { +- // No device storage instances in this process. Don't try and +- // and create a DeviceStorageFile since it will fail. +- +- return true; +- } +- +- RefPtr dsf = new DeviceStorageFile(aStorageType, aStorageName, aPath); +- +- nsString reason; +- CopyASCIItoUTF16(aReason, reason); +- nsCOMPtr obs = mozilla::services::GetObserverService(); +- obs->NotifyObservers(dsf, "file-watcher-update", reason.get()); +- return true; +-} +- +-bool + ContentChild::RecvFileSystemUpdate(const nsString& aFsName, + const nsString& aVolumeName, + const int32_t& aState, + const int32_t& aMountGeneration, + const bool& aIsMediaPresent, + const bool& aIsSharing, + const bool& aIsFormatting, + const bool& aIsFake, +diff --git a/dom/ipc/ContentChild.h b/dom/ipc/ContentChild.h +--- a/dom/ipc/ContentChild.h ++++ b/dom/ipc/ContentChild.h +@@ -193,22 +193,16 @@ public: + const IPCTabContext& aContext, + const uint32_t& aChromeFlags, + const ContentParentId& aCpID, + const bool& aIsForApp, + const bool& aIsForBrowser) override; + + virtual bool DeallocPBrowserChild(PBrowserChild*) override; + +- virtual PDeviceStorageRequestChild* +- AllocPDeviceStorageRequestChild(const DeviceStorageParams&) override; +- +- virtual bool +- DeallocPDeviceStorageRequestChild(PDeviceStorageRequestChild*) override; +- + virtual PBlobChild* + AllocPBlobChild(const BlobConstructorParams& aParams) override; + + virtual bool DeallocPBlobChild(PBlobChild* aActor) override; + + virtual PCrashReporterChild* + AllocPCrashReporterChild(const mozilla::dom::NativeThreadId& id, + const uint32_t& processType) override; +@@ -436,21 +430,16 @@ public: + + virtual bool + RecvInitBlobURLs(nsTArray&& aRegistations) override; + + virtual bool RecvLastPrivateDocShellDestroyed() override; + + virtual bool RecvVolumes(InfallibleTArray&& aVolumes) override; + +- virtual bool RecvFilePathUpdate(const nsString& aStorageType, +- const nsString& aStorageName, +- const nsString& aPath, +- const nsCString& aReason) override; +- + virtual bool RecvFileSystemUpdate(const nsString& aFsName, + const nsString& aVolumeName, + const int32_t& aState, + const int32_t& aMountGeneration, + const bool& aIsMediaPresent, + const bool& aIsSharing, + const bool& aIsFormatting, + const bool& aIsFake, +diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp +--- a/dom/ipc/ContentParent.cpp ++++ b/dom/ipc/ContentParent.cpp +@@ -23,17 +23,16 @@ + + #include "chrome/common/process_watcher.h" + + #include "mozilla/a11y/PDocAccessible.h" + #include "AppProcessChecker.h" + #include "AudioChannelService.h" + #include "BlobParent.h" + #include "CrashReporterParent.h" +-#include "DeviceStorageStatics.h" + #include "GMPServiceParent.h" + #include "HandlerServiceParent.h" + #include "IHistory.h" + #include "imgIContainer.h" + #include "mozIApplication.h" + #if defined(XP_WIN) && defined(ACCESSIBILITY) + #include "mozilla/a11y/AccessibleWrap.h" + #endif +@@ -50,17 +49,16 @@ + #include "mozilla/dom/GetFilesHelper.h" + #include "mozilla/dom/GeolocationBinding.h" + #include "mozilla/dom/Notification.h" + #include "mozilla/dom/PContentBridgeParent.h" + #include "mozilla/dom/PContentPermissionRequestParent.h" + #include "mozilla/dom/PCycleCollectWithLogsParent.h" + #include "mozilla/dom/PMemoryReportRequestParent.h" + #include "mozilla/dom/ServiceWorkerRegistrar.h" +-#include "mozilla/dom/devicestorage/DeviceStorageRequestParent.h" + #include "mozilla/dom/power/PowerManagerService.h" + #include "mozilla/dom/Permissions.h" + #include "mozilla/dom/PresentationParent.h" + #include "mozilla/dom/PPresentationParent.h" + #include "mozilla/dom/PushNotifier.h" + #include "mozilla/dom/FlyWebPublishedServerIPC.h" + #include "mozilla/dom/quota/QuotaManagerService.h" + #include "mozilla/dom/time/DateCacheCleaner.h" +@@ -272,17 +270,16 @@ using base::ChildPrivileges; + using base::KillProcess; + #ifdef MOZ_ENABLE_PROFILER_SPS + using mozilla::ProfileGatherer; + #endif + + #ifdef MOZ_CRASHREPORTER + using namespace CrashReporter; + #endif +-using namespace mozilla::dom::devicestorage; + using namespace mozilla::dom::power; + using namespace mozilla::media; + using namespace mozilla::embedding; + using namespace mozilla::gfx; + using namespace mozilla::gmp; + using namespace mozilla::hal; + using namespace mozilla::ipc; + using namespace mozilla::layers; +@@ -2775,22 +2772,16 @@ ContentParent::Observe(nsISupports* aSub + Unused << SendCycleCollect(); + } + else if (!strcmp(aTopic, "child-mmu-request")){ + Unused << SendMinimizeMemoryUsage(); + } + else if (!strcmp(aTopic, "last-pb-context-exited")) { + Unused << SendLastPrivateDocShellDestroyed(); + } +- else if (!strcmp(aTopic, "file-watcher-update")) { +- nsCString creason; +- CopyUTF16toUTF8(aData, creason); +- DeviceStorageFile* file = static_cast(aSubject); +- Unused << SendFilePathUpdate(file->mStorageType, file->mStorageName, file->mPath, creason); +- } + #ifdef MOZ_WIDGET_GONK + else if(!strcmp(aTopic, NS_VOLUME_STATE_CHANGED)) { + nsCOMPtr vol = do_QueryInterface(aSubject); + if (!vol) { + return NS_ERROR_NOT_AVAILABLE; + } + + nsString volName; +@@ -3021,35 +3012,16 @@ ContentParent::AllocPBrowserParent(const + } + + bool + ContentParent::DeallocPBrowserParent(PBrowserParent* frame) + { + return nsIContentParent::DeallocPBrowserParent(frame); + } + +-PDeviceStorageRequestParent* +-ContentParent::AllocPDeviceStorageRequestParent(const DeviceStorageParams& aParams) +-{ +- RefPtr result = new DeviceStorageRequestParent(aParams); +- if (!result->EnsureRequiredPermissions(this)) { +- return nullptr; +- } +- result->Dispatch(); +- return result.forget().take(); +-} +- +-bool +-ContentParent::DeallocPDeviceStorageRequestParent(PDeviceStorageRequestParent* doomed) +-{ +- DeviceStorageRequestParent *parent = static_cast(doomed); +- NS_RELEASE(parent); +- return true; +-} +- + PBlobParent* + ContentParent::AllocPBlobParent(const BlobConstructorParams& aParams) + { + return nsIContentParent::AllocPBlobParent(aParams); + } + + bool + ContentParent::DeallocPBlobParent(PBlobParent* aActor) +@@ -3871,35 +3843,16 @@ ContentParent::RecvAsyncMessage(const ns + InfallibleTArray&& aCpows, + const IPC::Principal& aPrincipal, + const ClonedMessageData& aData) + { + return nsIContentParent::RecvAsyncMessage(aMsg, Move(aCpows), aPrincipal, + aData); + } + +-bool +-ContentParent::RecvFilePathUpdateNotify(const nsString& aType, +- const nsString& aStorageName, +- const nsString& aFilePath, +- const nsCString& aReason) +-{ +- RefPtr dsf = new DeviceStorageFile(aType, +- aStorageName, +- aFilePath); +- +- nsCOMPtr obs = mozilla::services::GetObserverService(); +- if (!obs) { +- return false; +- } +- obs->NotifyObservers(dsf, "file-watcher-update", +- NS_ConvertASCIItoUTF16(aReason).get()); +- return true; +-} +- + static int32_t + AddGeolocationListener(nsIDOMGeoPositionCallback* watcher, + nsIDOMGeoPositionErrorCallback* errorCallBack, + bool highAccuracy) + { + nsCOMPtr geo = do_GetService("@mozilla.org/geolocation;1"); + if (!geo) { + return -1; +@@ -4943,35 +4896,16 @@ ContentParent::RecvBeginDriverCrashGuard + bool + ContentParent::RecvEndDriverCrashGuard(const uint32_t& aGuardType) + { + mDriverCrashGuard = nullptr; + return true; + } + + bool +-ContentParent::RecvGetDeviceStorageLocation(const nsString& aType, +- nsString* aPath) +-{ +-#ifdef MOZ_WIDGET_ANDROID +- mozilla::AndroidBridge::GetExternalPublicDirectory(aType, *aPath); +- return true; +-#else +- return false; +-#endif +-} +- +-bool +-ContentParent::RecvGetDeviceStorageLocations(DeviceStorageLocationInfo* info) +-{ +- DeviceStorageStatics::GetDeviceStorageLocationsForIPC(info); +- return true; +-} +- +-bool + ContentParent::RecvGetAndroidSystemInfo(AndroidSystemInfo* aInfo) + { + #ifdef MOZ_WIDGET_ANDROID + nsSystemInfo::GetAndroidSystemInfo(aInfo); + return true; + #else + MOZ_CRASH("wrong platform!"); + return false; +diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h +--- a/dom/ipc/ContentParent.h ++++ b/dom/ipc/ContentParent.h +@@ -726,22 +726,16 @@ private: + const IPCTabContext& aContext, + const uint32_t& aChromeFlags, + const ContentParentId& aCpId, + const bool& aIsForApp, + const bool& aIsForBrowser) override; + + virtual bool DeallocPBrowserParent(PBrowserParent* frame) override; + +- virtual PDeviceStorageRequestParent* +- AllocPDeviceStorageRequestParent(const DeviceStorageParams&) override; +- +- virtual bool +- DeallocPDeviceStorageRequestParent(PDeviceStorageRequestParent*) override; +- + virtual PBlobParent* + AllocPBlobParent(const BlobConstructorParams& aParams) override; + + virtual bool DeallocPBlobParent(PBlobParent* aActor) override; + + virtual bool + RecvPBlobConstructor(PBlobParent* aActor, + const BlobConstructorParams& params) override; +@@ -927,21 +921,16 @@ private: + const IPC::Principal& aPrincipal, + nsTArray* aRetvals) override; + + virtual bool RecvAsyncMessage(const nsString& aMsg, + InfallibleTArray&& aCpows, + const IPC::Principal& aPrincipal, + const ClonedMessageData& aData) override; + +- virtual bool RecvFilePathUpdateNotify(const nsString& aType, +- const nsString& aStorageName, +- const nsString& aFilePath, +- const nsCString& aReason) override; +- + virtual bool RecvAddGeolocationListener(const IPC::Principal& aPrincipal, + const bool& aHighAccuracy) override; + virtual bool RecvRemoveGeolocationListener() override; + + virtual bool RecvSetGeolocationHigherAccuracy(const bool& aEnable) override; + + virtual bool RecvConsoleMessage(const nsString& aMessage) override; + +@@ -1047,21 +1036,16 @@ private: + const uint32_t& aDropEffect) override; + + virtual bool RecvProfile(const nsCString& aProfile) override; + + virtual bool RecvGetGraphicsDeviceInitData(ContentDeviceData* aOut) override; + + void StartProfiler(nsIProfilerStartParams* aParams); + +- virtual bool RecvGetDeviceStorageLocation(const nsString& aType, +- nsString* aPath) override; +- +- virtual bool RecvGetDeviceStorageLocations(DeviceStorageLocationInfo* info) override; +- + virtual bool RecvGetAndroidSystemInfo(AndroidSystemInfo* aInfo) override; + + virtual bool RecvNotifyBenchmarkResult(const nsString& aCodecName, + const uint32_t& aDecodeFPS) override; + + virtual bool RecvNotifyPushObservers(const nsCString& aScope, + const IPC::Principal& aPrincipal, + const nsString& aMessageId) override; +diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl +--- a/dom/ipc/PContent.ipdl ++++ b/dom/ipc/PContent.ipdl +@@ -10,17 +10,16 @@ include protocol PBrowser; + include protocol PCompositorBridge; + include protocol PContentBridge; + include protocol PContentPermissionRequest; + include protocol PCycleCollectWithLogs; + include protocol PCrashReporter; + include protocol PPSMContentDownloader; + include protocol PExternalHelperApp; + include protocol PHandlerService; +-include protocol PDeviceStorageRequest; + include protocol PFileDescriptorSet; + include protocol PHal; + include protocol PHeapSnapshotTempFileHelper; + include protocol PProcessHangMonitor; + include protocol PImageBridge; + include protocol PMedia; + include protocol PMemoryReportRequest; + include protocol PNecko; +@@ -111,130 +110,16 @@ struct FontListEntry { + nsCString filepath; + uint16_t weight; + int16_t stretch; + uint8_t italic; + uint8_t index; + bool isHidden; + }; + +-struct DeviceStorageFreeSpaceParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageUsedSpaceParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageAvailableParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageStatusParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageFormatParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageMountParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageUnmountParams +-{ +- nsString type; +- nsString storageName; +-}; +- +-struct DeviceStorageAddParams +-{ +- nsString type; +- nsString storageName; +- nsString relpath; +- PBlob blob; +-}; +- +-struct DeviceStorageAppendParams +-{ +- nsString type; +- nsString storageName; +- nsString relpath; +- PBlob blob; +-}; +- +-struct DeviceStorageCreateFdParams +-{ +- nsString type; +- nsString storageName; +- nsString relpath; +-}; +- +-struct DeviceStorageGetParams +-{ +- nsString type; +- nsString storageName; +- nsString rootDir; +- nsString relpath; +-}; +- +-struct DeviceStorageDeleteParams +-{ +- nsString type; +- nsString storageName; +- nsString relpath; +-}; +- +-struct DeviceStorageEnumerationParams +-{ +- nsString type; +- nsString storageName; +- nsString rootdir; +- uint64_t since; +-}; +- +-union DeviceStorageParams +-{ +- DeviceStorageAddParams; +- DeviceStorageAppendParams; +- DeviceStorageCreateFdParams; +- DeviceStorageGetParams; +- DeviceStorageDeleteParams; +- DeviceStorageEnumerationParams; +- DeviceStorageFreeSpaceParams; +- DeviceStorageUsedSpaceParams; +- DeviceStorageAvailableParams; +- DeviceStorageStatusParams; +- DeviceStorageFormatParams; +- DeviceStorageMountParams; +- DeviceStorageUnmountParams; +-}; +- +-struct DeviceStorageLocationInfo { +- nsString music; +- nsString pictures; +- nsString videos; +- nsString sdcard; +- nsString apps; +- nsString crashes; +-}; +- + union PrefValue { + nsCString; + int32_t; + bool; + }; + + union MaybePrefValue { + PrefValue; +@@ -355,17 +240,16 @@ nested(upto inside_cpow) sync protocol P + parent opens PGMPService; + child opens PBackground; + + manages PBlob; + manages PBrowser; + manages PContentPermissionRequest; + manages PCrashReporter; + manages PCycleCollectWithLogs; +- manages PDeviceStorageRequest; + manages PPSMContentDownloader; + manages PExternalHelperApp; + manages PFileDescriptorSet; + manages PHal; + manages PHandlerService; + manages PHeapSnapshotTempFileHelper; + manages PMedia; + manages PMemoryReportRequest; +@@ -538,19 +422,16 @@ child: + /** + * Send BlobURLRegistrationData to child process. + */ + async InitBlobURLs(BlobURLRegistrationData[] registrations); + + // Notify child that last-pb-context-exited notification was observed + async LastPrivateDocShellDestroyed(); + +- async FilePathUpdate(nsString storageType, nsString storageName, nsString filepath, +- nsCString reasons); +- + // Note: Any changes to this structure should also be changed in + // VolumeInfo above. + async FileSystemUpdate(nsString fsName, nsString mountPoint, int32_t fsState, + int32_t mountGeneration, bool isMediaPresent, + bool isSharing, bool isFormatting, bool isFake, + bool isUnmounting, bool isRemovable, bool isHotSwappable); + + // Notify volume is removed. +@@ -738,17 +619,16 @@ parent: + * process. |newPluginEpoch| is the current epoch in the chrome process. If + * |pluginEpoch == newPluginEpoch|, then |plugins| will be left empty. + */ + sync FindPlugins(uint32_t pluginEpoch) returns (nsresult aResult, PluginTag[] plugins, uint32_t newPluginEpoch); + + async PJavaScript(); + + async PRemoteSpellcheckEngine(); +- async PDeviceStorageRequest(DeviceStorageParams params); + + sync PCrashReporter(NativeThreadId tid, uint32_t processType); + + /** + * Is this token compatible with the provided version? + * + * |version| The offered version to test + * Returns |True| if the offered version is compatible +@@ -921,21 +801,16 @@ parent: + async FirstIdle(); + + async AudioChannelServiceStatus(bool aActiveTelephonyChannel, + bool aContentOrNormalChannel, + bool aAnyActiveChannel); + + async AudioChannelChangeDefVolChannel(int32_t aChannel, bool aHidden); + +- async FilePathUpdateNotify(nsString aType, +- nsString aStorageName, +- nsString aFilepath, +- nsCString aReason); +- + // called by the child (test code only) to propagate volume changes to the parent + async CreateFakeVolume(nsString fsName, nsString mountPoint); + async SetFakeVolumeState(nsString fsName, int32_t fsState); + async RemoveFakeVolume(nsString fsName); + + sync KeywordToURI(nsCString keyword) + returns (nsString providerName, OptionalInputStreamParams postData, OptionalURIParams uri); + +@@ -1108,22 +983,16 @@ parent: + float aFullZoom) + returns (nsresult rv, + bool windowOpened, + FrameScriptInfo[] frameScripts, + nsCString urlToLoad, + TextureFactoryIdentifier textureFactoryIdentifier, + uint64_t layersId); + +- sync GetDeviceStorageLocation(nsString type) +- returns (nsString path); +- +- sync GetDeviceStorageLocations() +- returns (DeviceStorageLocationInfo info); +- + sync GetAndroidSystemInfo() + returns (AndroidSystemInfo info); + + /** + * Tells the parent to ungrab the pointer on the default display. + * + * This is for GTK platforms where we have to ensure the pointer ungrab happens in the + * chrome process as that's the process that receives the pointer event. +diff --git a/dom/ipc/moz.build b/dom/ipc/moz.build +--- a/dom/ipc/moz.build ++++ b/dom/ipc/moz.build +@@ -120,17 +120,16 @@ if CONFIG['MOZ_CONTENT_SANDBOX'] and CON + 'mozsandbox', + ] + + LOCAL_INCLUDES += [ + '/caps', + '/chrome', + '/docshell/base', + '/dom/base', +- '/dom/devicestorage', + '/dom/events', + '/dom/filesystem', + '/dom/geolocation', + '/dom/media/webspeech/synth/ipc', + '/dom/security', + '/dom/storage', + '/dom/workers', + '/embedding/components/printingui/ipc', +diff --git a/dom/moz.build b/dom/moz.build +--- a/dom/moz.build ++++ b/dom/moz.build +@@ -42,17 +42,16 @@ DIRS += [ + 'base', + 'archivereader', + 'bindings', + 'battery', + 'browser-element', + 'cache', + 'canvas', + 'crypto', +- 'devicestorage', + 'encoding', + 'events', + 'fetch', + 'filehandle', + 'filesystem', + 'flyweb', + 'gamepad', + 'geolocation', +diff --git a/dom/webidl/DeviceStorage.webidl b/dom/webidl/DeviceStorage.webidl +deleted file mode 100644 +--- a/dom/webidl/DeviceStorage.webidl ++++ /dev/null +@@ -1,95 +0,0 @@ +-/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +-/* This Source Code Form is subject to the terms of the Mozilla Public +- * License, v. 2.0. If a copy of the MPL was not distributed with this +- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +- +-dictionary DeviceStorageEnumerationParameters { +- Date since; +-}; +- +-[Pref="device.storage.enabled"] +-interface DeviceStorage : EventTarget { +- attribute EventHandler onchange; +- +- [Throws] +- DOMRequest? add(Blob? aBlob); +- [Throws] +- DOMRequest? addNamed(Blob? aBlob, DOMString aName); +- +- /** +- * Append data to a given file. +- * If the file doesn't exist, a "NotFoundError" event will be dispatched. +- * In the same time, it is a request.onerror case. +- * If the file exists, it will be opened with the following permission: +- * "PR_WRONLY|PR_CREATE_FILE|PR_APPEND". +- * The function will return null when blob file is null and other unexpected situations. +- * @parameter aBlob: A Blob object representing the data to append +- * @parameter aName: A string representing the full name (path + file name) of the file +- * to append data to. +- */ +- [Throws] +- DOMRequest? appendNamed(Blob? aBlob, DOMString aName); +- +- [Throws] +- DOMRequest get(DOMString aName); +- [Throws] +- DOMRequest getEditable(DOMString aName); +- [Throws] +- DOMRequest delete(DOMString aName); +- +- [Throws] +- DOMCursor enumerate(optional DeviceStorageEnumerationParameters options); +- [Throws] +- DOMCursor enumerate(DOMString path, +- optional DeviceStorageEnumerationParameters options); +- [Throws] +- DOMCursor enumerateEditable(optional DeviceStorageEnumerationParameters options); +- [Throws] +- DOMCursor enumerateEditable(DOMString path, +- optional DeviceStorageEnumerationParameters options); +- +- [Throws] +- DOMRequest freeSpace(); +- [Throws] +- DOMRequest usedSpace(); +- [Throws] +- DOMRequest available(); +- [Throws] +- DOMRequest storageStatus(); +- [Throws] +- DOMRequest format(); +- [Throws] +- DOMRequest mount(); +- [Throws] +- DOMRequest unmount(); +- +- // Note that the storageName is just a name (like sdcard), and doesn't +- // include any path information. +- readonly attribute DOMString storageName; +- +- // Indicates if the storage area denoted by storageName is capable of +- // being mounted and unmounted. +- readonly attribute boolean canBeMounted; +- +- // Indicates if the storage area denoted by storageName is capable of +- // being shared and unshared. +- readonly attribute boolean canBeShared; +- +- // Indicates if the storage area denoted by storageName is capable of +- // being formatted. +- readonly attribute boolean canBeFormatted; +- +- // Determines if this storage area is the one which will be used by default +- // for storing new files. +- readonly attribute boolean default; +- +- // Indicates if the storage area denoted by storageName is removable +- readonly attribute boolean isRemovable; +- +- // True if the storage area is close to being full +- readonly attribute boolean lowDiskSpace; +- +- [NewObject] +- // XXXbz what type does this really return? +- Promise getRoot(); +-}; +diff --git a/dom/webidl/moz.build b/dom/webidl/moz.build +--- a/dom/webidl/moz.build ++++ b/dom/webidl/moz.build +@@ -104,17 +104,16 @@ WEBIDL_FILES = [ + 'DataTransfer.webidl', + 'DataTransferItem.webidl', + 'DataTransferItemList.webidl', + 'DecoderDoctorNotification.webidl', + 'DedicatedWorkerGlobalScope.webidl', + 'DelayNode.webidl', + 'DesktopNotification.webidl', + 'DeviceMotionEvent.webidl', +- 'DeviceStorage.webidl', + 'Directory.webidl', + 'Document.webidl', + 'DocumentFragment.webidl', + 'DocumentTimeline.webidl', + 'DocumentType.webidl', + 'DOMCursor.webidl', + 'DOMError.webidl', + 'DOMException.webidl', +diff --git a/layout/build/nsLayoutStatics.cpp b/layout/build/nsLayoutStatics.cpp +--- a/layout/build/nsLayoutStatics.cpp ++++ b/layout/build/nsLayoutStatics.cpp +@@ -122,17 +122,16 @@ using namespace mozilla::system; + #include "mozilla/dom/CustomElementRegistry.h" + #include "mozilla/dom/time/DateCacheCleaner.h" + #include "mozilla/EventDispatcher.h" + #include "mozilla/IMEStateManager.h" + #include "mozilla/dom/HTMLVideoElement.h" + #include "TouchManager.h" + #include "MediaDecoder.h" + #include "MediaPrefs.h" +-#include "mozilla/dom/devicestorage/DeviceStorageStatics.h" + #include "mozilla/ServoBindings.h" + #include "mozilla/StaticPresData.h" + #include "mozilla/dom/WebIDLGlobalNameHash.h" + + using namespace mozilla; + using namespace mozilla::net; + using namespace mozilla::dom; + using namespace mozilla::dom::ipc; +@@ -303,18 +302,16 @@ nsLayoutStatics::Initialize() + nsStyleContext::Initialize(); + mozilla::LayerAnimationInfo::Initialize(); + #endif + + MediaDecoder::InitStatics(); + + PromiseDebugging::Init(); + +- mozilla::dom::devicestorage::DeviceStorageStatics::Initialize(); +- + mozilla::dom::WebCryptoThreadPool::Initialize(); + + // NB: We initialize servo in nsAppRunner.cpp, because we need to do it after + // creating the hidden DOM window to support some current stylo hacks. We + // should move initialization back here once those go away. + + #ifndef MOZ_WIDGET_ANDROID + // On Android, we instantiate it when constructing AndroidBridge. +diff --git a/mobile/android/components/ContentPermissionPrompt.js b/mobile/android/components/ContentPermissionPrompt.js +--- a/mobile/android/components/ContentPermissionPrompt.js ++++ b/mobile/android/components/ContentPermissionPrompt.js +@@ -8,20 +8,16 @@ const Cu = Components.utils; + const Cc = Components.classes; + + Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + Cu.import("resource://gre/modules/Services.jsm"); + + const kEntities = { + "contacts": "contacts", + "desktop-notification": "desktopNotification2", +- "device-storage:music": "deviceStorageMusic", +- "device-storage:pictures": "deviceStoragePictures", +- "device-storage:sdcard": "deviceStorageSdcard", +- "device-storage:videos": "deviceStorageVideos", + "geolocation": "geolocation", + "flyweb-publish-server": "flyWebPublishServer", + }; + + // For these types, prompt for permission if action is unknown. + const PROMPT_FOR_UNKNOWN = [ + "desktop-notification", + "geolocation", +diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java +--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java ++++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java +@@ -2198,54 +2198,16 @@ public class GeckoAppShell + return null; + } + + @WrapForJNI + private static String connectionGetMimeType(URLConnection connection) { + return connection.getContentType(); + } + +- /** +- * Retrieve the absolute path of an external storage directory. +- * +- * @param type The type of directory to return +- * @return Absolute path of the specified directory or null on failure +- */ +- @WrapForJNI(calledFrom = "gecko") +- private static String getExternalPublicDirectory(final String type) { +- final String state = Environment.getExternalStorageState(); +- if (!Environment.MEDIA_MOUNTED.equals(state) && +- !Environment.MEDIA_MOUNTED_READ_ONLY.equals(state)) { +- // External storage is not available. +- return null; +- } +- +- if ("sdcard".equals(type)) { +- // SD card has a separate path. +- return Environment.getExternalStorageDirectory().getAbsolutePath(); +- } +- +- final String systemType; +- if ("downloads".equals(type)) { +- systemType = Environment.DIRECTORY_DOWNLOADS; +- } else if ("pictures".equals(type)) { +- systemType = Environment.DIRECTORY_PICTURES; +- } else if ("videos".equals(type)) { +- systemType = Environment.DIRECTORY_MOVIES; +- } else if ("music".equals(type)) { +- systemType = Environment.DIRECTORY_MUSIC; +- } else if ("apps".equals(type)) { +- File appInternalStorageDirectory = getApplicationContext().getFilesDir(); +- return new File(appInternalStorageDirectory, "mozilla").getAbsolutePath(); +- } else { +- return null; +- } +- return Environment.getExternalStoragePublicDirectory(systemType).getAbsolutePath(); +- } +- + @WrapForJNI(calledFrom = "gecko") + private static int getMaxTouchPoints() { + PackageManager pm = getApplicationContext().getPackageManager(); + if (pm.hasSystemFeature(PackageManager.FEATURE_TOUCHSCREEN_MULTITOUCH_JAZZHAND)) { + // at least, 5+ fingers. + return 5; + } else if (pm.hasSystemFeature(PackageManager.FEATURE_TOUCHSCREEN_MULTITOUCH_DISTINCT)) { + // at least, 2+ fingers. +diff --git a/netwerk/test/mochitests/signed_web_packaged_app.sjs b/netwerk/test/mochitests/signed_web_packaged_app.sjs +--- a/netwerk/test/mochitests/signed_web_packaged_app.sjs ++++ b/netwerk/test/mochitests/signed_web_packaged_app.sjs +@@ -35,19 +35,16 @@ Content-Type: application/x-web-app-mani + "src": "scripts/library.js", + "integrity": "TN2ByXZiaBiBCvS4MeZ02UyNi44vED+KjdjLInUl4o8=" + } + ], + "moz-permissions": [ + { + "systemXHR": { + "description": "Needed to download stuff" +- }, +- "devicestorage:pictures": { +- "description": "Need to load pictures" + } + } + ], + "package-identifier": "09bc9714-7ab6-4320-9d20-fde4c237522c", + "description": "A great app!" + }\r + --NKWXJUAFXB\r + Content-Location: page2.html\r +diff --git a/toolkit/components/jsdownloads/src/DownloadIntegration.jsm b/toolkit/components/jsdownloads/src/DownloadIntegration.jsm +--- a/toolkit/components/jsdownloads/src/DownloadIntegration.jsm ++++ b/toolkit/components/jsdownloads/src/DownloadIntegration.jsm +@@ -268,53 +268,16 @@ this.DownloadIntegration = { + // Add the view used for detecting changes to downloads to be persisted. + // We must do this after the list of persistent downloads has been loaded, + // even if the load operation failed. We wait for a complete initialization + // so other callers cannot modify the list without being detected. The + // DownloadAutoSaveView is kept alive by the underlying DownloadList. + yield new DownloadAutoSaveView(list, this._store).initialize(); + }), + +-#ifdef MOZ_WIDGET_GONK +- /** +- * Finds the default download directory which can be either in the +- * internal storage or on the sdcard. +- * +- * @return {Promise} +- * @resolves The downloads directory string path. +- */ +- _getDefaultDownloadDirectory: Task.async(function* () { +- let directoryPath; +- let win = Services.wm.getMostRecentWindow("navigator:browser"); +- let storages = win.navigator.getDeviceStorages("sdcard"); +- let preferredStorageName; +- // Use the first one or the default storage. +- storages.forEach((aStorage) => { +- if (aStorage.default || !preferredStorageName) { +- preferredStorageName = aStorage.storageName; +- } +- }); +- +- // Now get the path for this storage area. +- if (preferredStorageName) { +- let volume = volumeService.getVolumeByName(preferredStorageName); +- if (volume && volume.state === Ci.nsIVolume.STATE_MOUNTED){ +- directoryPath = OS.Path.join(volume.mountPoint, "downloads"); +- yield OS.File.makeDir(directoryPath, { ignoreExisting: true }); +- } +- } +- if (directoryPath) { +- return directoryPath; +- } else { +- throw new Components.Exception("No suitable storage for downloads.", +- Cr.NS_ERROR_FILE_UNRECOGNIZED_PATH); +- } +- }), +-#endif +- + /** + * Determines if a Download object from the list of persistent downloads + * should be saved into a file, so that it can be restored across sessions. + * + * This function allows filtering out downloads that the host application is + * not interested in persisting across sessions, for example downloads that + * finished successfully. + * +@@ -377,18 +340,16 @@ this.DownloadIntegration = { + #ifdef MOZ_WIDGET_ANDROID + // Android doesn't have a $HOME directory, and by default we only have + // write access to /data/data/org.mozilla.{$APP} and /sdcard + directoryPath = gEnvironment.get("DOWNLOADS_DIRECTORY"); + if (!directoryPath) { + throw new Components.Exception("DOWNLOADS_DIRECTORY is not set.", + Cr.NS_ERROR_FILE_UNRECOGNIZED_PATH); + } +-#elifdef MOZ_WIDGET_GONK +- directoryPath = this._getDefaultDownloadDirectory(); + #else + // For Linux, use XDG download dir, with a fallback to Home/Downloads + // if the XDG user dirs are disabled. + try { + directoryPath = this._getDirectory("DfltDwnld"); + } catch(e) { + directoryPath = yield this._createDownloadsDirectory("Home"); + } +@@ -405,19 +366,16 @@ this.DownloadIntegration = { + /** + * Returns the user downloads directory asynchronously. + * + * @return {Promise} + * @resolves The downloads directory string path. + */ + getPreferredDownloadsDirectory: Task.async(function* () { + let directoryPath = null; +-#ifdef MOZ_WIDGET_GONK +- directoryPath = this._getDefaultDownloadDirectory(); +-#else + let prefValue = 1; + + try { + prefValue = Services.prefs.getIntPref("browser.download.folderList"); + } catch(e) {} + + switch(prefValue) { + case 0: // Desktop +@@ -435,17 +393,16 @@ this.DownloadIntegration = { + } catch(ex) { + // Either the preference isn't set or the directory cannot be created. + directoryPath = yield this.getSystemDownloadsDirectory(); + } + break; + default: + directoryPath = yield this.getSystemDownloadsDirectory(); + } +-#endif + return directoryPath; + }), + + /** + * Returns the temporary downloads directory asynchronously. + * + * @return {Promise} + * @resolves The downloads directory string path. +diff --git a/toolkit/components/jsdownloads/src/DownloadPlatform.cpp b/toolkit/components/jsdownloads/src/DownloadPlatform.cpp +--- a/toolkit/components/jsdownloads/src/DownloadPlatform.cpp ++++ b/toolkit/components/jsdownloads/src/DownloadPlatform.cpp +@@ -185,28 +185,16 @@ nsresult DownloadPlatform::DownloadDone( + if (sourceCFURL) { + ::CFRelease(sourceCFURL); + } + if (referrerCFURL) { + ::CFRelease(referrerCFURL); + } + } + #endif +- if (mozilla::Preferences::GetBool("device.storage.enabled", true)) { +- // Tell DeviceStorage that a new file may have been added. +- nsCOMPtr obs = mozilla::services::GetObserverService(); +- nsCOMPtr pathString +- = do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID); +- if (obs && pathString) { +- if (NS_SUCCEEDED(pathString->SetData(path))) { +- (void)obs->NotifyObservers(pathString, "download-watcher-notify", +- u"modified"); +- } +- } +- } + } + + #endif + + return NS_OK; + } + + nsresult DownloadPlatform::MapUrlToZone(const nsAString& aURL, +diff --git a/toolkit/components/jsdownloads/test/unit/common_test_Download.js b/toolkit/components/jsdownloads/test/unit/common_test_Download.js +--- a/toolkit/components/jsdownloads/test/unit/common_test_Download.js ++++ b/toolkit/components/jsdownloads/test/unit/common_test_Download.js +@@ -2315,103 +2315,16 @@ add_task(function* test_toSerializable_s + let download2 = yield Downloads.createDownload(reserialized); + + do_check_eq(download1.startTime.constructor.name, "Date"); + do_check_eq(download2.startTime.constructor.name, "Date"); + do_check_eq(download1.startTime.toJSON(), download2.startTime.toJSON()); + }); + + /** +- * This test will call the platform specific operations within +- * DownloadPlatform::DownloadDone. While there is no test to verify the +- * specific behaviours, this at least ensures that there is no error or crash. +- */ +-add_task(function* test_platform_integration() +-{ +- let downloadFiles = []; +- let oldDeviceStorageEnabled = false; +- try { +- oldDeviceStorageEnabled = Services.prefs.getBoolPref("device.storage.enabled"); +- } catch (e) { +- // This happens if the pref doesn't exist. +- } +- let downloadWatcherNotified = false; +- let observer = { +- observe: function(subject, topic, data) { +- do_check_eq(topic, "download-watcher-notify"); +- do_check_eq(data, "modified"); +- downloadWatcherNotified = true; +- } +- } +- Services.obs.addObserver(observer, "download-watcher-notify", false); +- Services.prefs.setBoolPref("device.storage.enabled", true); +- let downloadDoneCalled = false; +- let monitorFn = base => ({ +- __proto__: base, +- downloadDone() { +- return super.downloadDone(...arguments).then(() => { +- downloadDoneCalled = true; +- }); +- }, +- }); +- Integration.downloads.register(monitorFn); +- DownloadIntegration.allowDirectories = true; +- function cleanup() { +- for (let file of downloadFiles) { +- file.remove(true); +- } +- Services.obs.removeObserver(observer, "download-watcher-notify"); +- Services.prefs.setBoolPref("device.storage.enabled", oldDeviceStorageEnabled); +- Integration.downloads.unregister(monitorFn); +- DownloadIntegration.allowDirectories = false; +- } +- +- for (let isPrivate of [false, true]) { +- downloadDoneCalled = false; +- +- // Some platform specific operations only operate on files outside the +- // temporary directory or in the Downloads directory (such as setting +- // the Windows searchable attribute, and the Mac Downloads icon bouncing), +- // so use the system Downloads directory for the target file. +- let targetFilePath = yield DownloadIntegration.getSystemDownloadsDirectory(); +- targetFilePath = OS.Path.join(targetFilePath, +- "test" + (Math.floor(Math.random() * 1000000))); +- let targetFile = new FileUtils.File(targetFilePath); +- downloadFiles.push(targetFile); +- +- let download; +- if (gUseLegacySaver) { +- download = yield promiseStartLegacyDownload(httpUrl("source.txt"), +- { isPrivate, targetFile }); +- } +- else { +- download = yield Downloads.createDownload({ +- source: { url: httpUrl("source.txt"), isPrivate }, +- target: targetFile, +- }); +- download.start().catch(() => {}); +- } +- +- // Wait for the whenSucceeded promise to be resolved first. +- // downloadDone should be called before the whenSucceeded promise is resolved. +- yield download.whenSucceeded().then(function () { +- do_check_true(downloadDoneCalled); +- do_check_true(downloadWatcherNotified); +- }); +- +- // Then, wait for the promise returned by "start" to be resolved. +- yield promiseDownloadStopped(download); +- +- yield promiseVerifyTarget(download.target, TEST_DATA_SHORT); +- } +- +- cleanup(); +-}); +- +-/** + * Checks that downloads are added to browsing history when they start. + */ + add_task(function* test_history() + { + mustInterruptResponses(); + + // We will wait for the visit to be notified during the download. + yield PlacesTestUtils.clearHistory(); +diff --git a/toolkit/content/devicestorage.properties b/toolkit/content/devicestorage.properties +deleted file mode 100644 +--- a/toolkit/content/devicestorage.properties ++++ /dev/null +@@ -1,4 +0,0 @@ +-# Extensions we recognize for DeviceStorage storage areas +-pictures=*.jpe; *.jpg; *.jpeg; *.gif; *.png; *.bmp; +-music=*.mp3; *.oga; *.ogg; *.m4a; *.m4b; *.m4p; *.m4r; *.3gp; *.3gpp; *.mp4; *.m3u; *.pls; *.opus; *.amr; *.wav; *.lcka; *.mka; *.flac; +-videos=*.mp4; *.mpeg; *.mpg; *.ogv; *.ogx; *.webm; *.3gp; *.3gpp; *.3g2; *.ogg; *.m4v; *.ts; *.m2ts; *.avi; *.divx; *.mkv; +diff --git a/toolkit/content/jar.mn b/toolkit/content/jar.mn +--- a/toolkit/content/jar.mn ++++ b/toolkit/content/jar.mn +@@ -40,17 +40,16 @@ toolkit.jar: + content/global/browser-content.js + * content/global/buildconfig.html + content/global/contentAreaUtils.js + #ifndef MOZ_ICECATMOBILE + content/global/customizeToolbar.css + content/global/customizeToolbar.js + content/global/customizeToolbar.xul + #endif +- content/global/devicestorage.properties + #ifndef MOZ_ICECATMOBILE + content/global/editMenuOverlay.js + * content/global/editMenuOverlay.xul + content/global/finddialog.js + * content/global/finddialog.xul + content/global/findUtils.js + #endif + content/global/filepicker.properties +@@ -113,9 +112,9 @@ toolkit.jar: + content/global/bindings/videocontrols.css (widgets/videocontrols.css) + * content/global/bindings/wizard.xml (widgets/wizard.xml) + #ifdef XP_MACOSX + content/global/macWindowMenu.js + #endif + content/global/svg/svgBindings.xml (/layout/svg/resources/content/svgBindings.xml) + content/global/gmp-sources/eme-adobe.json (gmp-sources/eme-adobe.json) + content/global/gmp-sources/openh264.json (gmp-sources/openh264.json) +- content/global/gmp-sources/widevinecdm.json (gmp-sources/widevinecdm.json) +\ No newline at end of file ++ content/global/gmp-sources/widevinecdm.json (gmp-sources/widevinecdm.json) +diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp +--- a/uriloader/exthandler/nsExternalHelperAppService.cpp ++++ b/uriloader/exthandler/nsExternalHelperAppService.cpp +@@ -101,20 +101,16 @@ + + #ifdef MOZ_WIDGET_ANDROID + #include "IceCatMobileJNIWrappers.h" + #endif + + #include "mozilla/Preferences.h" + #include "mozilla/ipc/URIUtils.h" + +-#ifdef MOZ_WIDGET_GONK +-#include "nsDeviceStorage.h" +-#endif +- + using namespace mozilla; + using namespace mozilla::ipc; + + // Download Folder location constants + #define NS_PREF_DOWNLOAD_DIR "browser.download.dir" + #define NS_PREF_DOWNLOAD_FOLDERLIST "browser.download.folderList" + enum { + NS_FOLDER_VALUE_DESKTOP = 0 +@@ -321,65 +317,16 @@ static nsresult GetDownloadDirectory(nsI + } + + if (!dir) { + // If not, we default to the OS X default download location. + nsresult rv = NS_GetSpecialDirectory(NS_OSX_DEFAULT_DOWNLOAD_DIR, + getter_AddRefs(dir)); + NS_ENSURE_SUCCESS(rv, rv); + } +-#elif defined(MOZ_WIDGET_GONK) +- // On Gonk, store the files on the sdcard in the downloads directory. +- // We need to check with the volume manager which storage point is +- // available. +- +- // Pick the default storage in case multiple (internal and external) ones +- // are available. +- nsString storageName; +- nsDOMDeviceStorage::GetDefaultStorageName(NS_LITERAL_STRING("sdcard"), +- storageName); +- +- RefPtr dsf( +- new DeviceStorageFile(NS_LITERAL_STRING("sdcard"), +- storageName, +- NS_LITERAL_STRING("downloads"))); +- NS_ENSURE_TRUE(dsf->mFile, NS_ERROR_FILE_ACCESS_DENIED); +- +- // If we're not checking for availability we're done. +- if (aSkipChecks) { +- dsf->mFile.forget(_directory); +- return NS_OK; +- } +- +- // Check device storage status before continuing. +- nsString storageStatus; +- dsf->GetStatus(storageStatus); +- +- // If we get an "unavailable" status, it means the sd card is not present. +- // We'll also catch internal errors by looking for an empty string and assume +- // the SD card isn't present when this occurs. +- if (storageStatus.EqualsLiteral("unavailable") || +- storageStatus.IsEmpty()) { +- return NS_ERROR_FILE_NOT_FOUND; +- } +- +- // If we get a status other than 'available' here it means the card is busy +- // because it's mounted via USB or it is being formatted. +- if (!storageStatus.EqualsLiteral("available")) { +- return NS_ERROR_FILE_ACCESS_DENIED; +- } +- +- bool alreadyThere; +- nsresult rv = dsf->mFile->Exists(&alreadyThere); +- NS_ENSURE_SUCCESS(rv, rv); +- if (!alreadyThere) { +- rv = dsf->mFile->Create(nsIFile::DIRECTORY_TYPE, 0770); +- NS_ENSURE_SUCCESS(rv, rv); +- } +- dir = dsf->mFile; + #elif defined(ANDROID) + // We ask Java for the temporary download directory. The directory will be + // different depending on whether we have the permission to write to the + // public download directory or not. + // In the case where we do not have the permission we will start the + // download to the app cache directory and later move it to the final + // destination after prompting for the permission. + jni::String::LocalRef downloadDir; +diff --git a/widget/android/AndroidBridge.cpp b/widget/android/AndroidBridge.cpp +--- a/widget/android/AndroidBridge.cpp ++++ b/widget/android/AndroidBridge.cpp +@@ -1119,42 +1119,8 @@ nsresult AndroidBridge::InputStreamRead( + + if (read <= 0) { + *aRead = 0; + return NS_OK; + } + *aRead = read; + return NS_OK; + } +- +-nsresult AndroidBridge::GetExternalPublicDirectory(const nsAString& aType, nsAString& aPath) { +- if (XRE_IsContentProcess()) { +- nsString key(aType); +- nsAutoString path; +- if (AndroidBridge::sStoragePaths.Get(key, &path)) { +- aPath = path; +- return NS_OK; +- } +- +- // Lazily get the value from the parent. +- dom::ContentChild* child = dom::ContentChild::GetSingleton(); +- if (child) { +- nsAutoString type(aType); +- child->SendGetDeviceStorageLocation(type, &path); +- if (!path.IsEmpty()) { +- AndroidBridge::sStoragePaths.Put(key, path); +- aPath = path; +- return NS_OK; +- } +- } +- +- ALOG_BRIDGE("AndroidBridge::GetExternalPublicDirectory no cache for %s", +- NS_ConvertUTF16toUTF8(aType).get()); +- return NS_ERROR_NOT_AVAILABLE; +- } +- +- auto path = GeckoAppShell::GetExternalPublicDirectory(aType); +- if (!path) { +- return NS_ERROR_NOT_AVAILABLE; +- } +- aPath = path->ToString(); +- return NS_OK; +-} +diff --git a/widget/android/AndroidBridge.h b/widget/android/AndroidBridge.h +--- a/widget/android/AndroidBridge.h ++++ b/widget/android/AndroidBridge.h +@@ -197,18 +197,16 @@ public: + static jmethodID GetStaticMethodID(JNIEnv* env, jclass jClass, const char* methodName, const char* methodType); + + static jni::Object::LocalRef ChannelCreate(jni::Object::Param); + + static void InputStreamClose(jni::Object::Param obj); + static uint32_t InputStreamAvailable(jni::Object::Param obj); + static nsresult InputStreamRead(jni::Object::Param obj, char *aBuf, uint32_t aCount, uint32_t *aRead); + +- static nsresult GetExternalPublicDirectory(const nsAString& aType, nsAString& aPath); +- + protected: + static nsDataHashtable sStoragePaths; + + static AndroidBridge* sBridge; + + AndroidBridge(); + ~AndroidBridge(); + +diff --git a/widget/android/GeneratedJNIWrappers.cpp b/widget/android/GeneratedJNIWrappers.cpp +--- a/widget/android/GeneratedJNIWrappers.cpp ++++ b/widget/android/GeneratedJNIWrappers.cpp +@@ -274,24 +274,16 @@ auto GeckoAppShell::GetExceptionStackTra + constexpr char GeckoAppShell::GetExtensionFromMimeType_t::name[]; + constexpr char GeckoAppShell::GetExtensionFromMimeType_t::signature[]; + + auto GeckoAppShell::GetExtensionFromMimeType(mozilla::jni::String::Param a0) -> mozilla::jni::String::LocalRef + { + return mozilla::jni::Method::Call(GeckoAppShell::Context(), nullptr, a0); + } + +-constexpr char GeckoAppShell::GetExternalPublicDirectory_t::name[]; +-constexpr char GeckoAppShell::GetExternalPublicDirectory_t::signature[]; +- +-auto GeckoAppShell::GetExternalPublicDirectory(mozilla::jni::String::Param a0) -> mozilla::jni::String::LocalRef +-{ +- return mozilla::jni::Method::Call(GeckoAppShell::Context(), nullptr, a0); +-} +- + constexpr char GeckoAppShell::GetHWDecoderCapability_t::name[]; + constexpr char GeckoAppShell::GetHWDecoderCapability_t::signature[]; + + auto GeckoAppShell::GetHWDecoderCapability() -> bool + { + return mozilla::jni::Method::Call(GeckoAppShell::Context(), nullptr); + } + +diff --git a/widget/android/GeneratedJNIWrappers.h b/widget/android/GeneratedJNIWrappers.h +--- a/widget/android/GeneratedJNIWrappers.h ++++ b/widget/android/GeneratedJNIWrappers.h +@@ -724,36 +724,16 @@ public: + static const mozilla::jni::CallingThread callingThread = + mozilla::jni::CallingThread::GECKO; + static const mozilla::jni::DispatchTarget dispatchTarget = + mozilla::jni::DispatchTarget::CURRENT; + }; + + static auto GetExtensionFromMimeType(mozilla::jni::String::Param) -> mozilla::jni::String::LocalRef; + +- struct GetExternalPublicDirectory_t { +- typedef GeckoAppShell Owner; +- typedef mozilla::jni::String::LocalRef ReturnType; +- typedef mozilla::jni::String::Param SetterType; +- typedef mozilla::jni::Args< +- mozilla::jni::String::Param> Args; +- static constexpr char name[] = "getExternalPublicDirectory"; +- static constexpr char signature[] = +- "(Ljava/lang/String;)Ljava/lang/String;"; +- static const bool isStatic = true; +- static const mozilla::jni::ExceptionMode exceptionMode = +- mozilla::jni::ExceptionMode::ABORT; +- static const mozilla::jni::CallingThread callingThread = +- mozilla::jni::CallingThread::GECKO; +- static const mozilla::jni::DispatchTarget dispatchTarget = +- mozilla::jni::DispatchTarget::CURRENT; +- }; +- +- static auto GetExternalPublicDirectory(mozilla::jni::String::Param) -> mozilla::jni::String::LocalRef; +- + struct GetHWDecoderCapability_t { + typedef GeckoAppShell Owner; + typedef bool ReturnType; + typedef bool SetterType; + typedef mozilla::jni::Args<> Args; + static constexpr char name[] = "getHWDecoderCapability"; + static constexpr char signature[] = + "()Z"; +diff --git a/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp b/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp +--- a/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp ++++ b/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp +@@ -155,17 +155,16 @@ + #include "mozilla/dom/CSSValueBinding.h" + #include "mozilla/dom/CSSValueListBinding.h" + #include "mozilla/dom/CustomEventBinding.h" + #ifdef MOZ_WEBRTC + #include "mozilla/dom/DataChannelBinding.h" + #endif + #include "mozilla/dom/DataContainerEventBinding.h" + #include "mozilla/dom/DataTransferBinding.h" +-#include "mozilla/dom/DeviceStorageBinding.h" + #include "mozilla/dom/DOMCursorBinding.h" + #include "mozilla/dom/DOMExceptionBinding.h" + #include "mozilla/dom/DOMParserBinding.h" + #include "mozilla/dom/DOMRequestBinding.h" + #include "mozilla/dom/DocumentBinding.h" + #include "mozilla/dom/DocumentFragmentBinding.h" + #include "mozilla/dom/DocumentTypeBinding.h" + #include "mozilla/dom/DocumentBinding.h" + -- cgit v1.2.3 From 04b906799168008c41f62402eee74bd47c1c2681 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 21 Apr 2017 18:00:04 -0400 Subject: gnu: Remove unused patches. * gnu/packages/patches/gcc-libiberty-printf-decl.patch, gnu/packages/patches/grub-CVE-2015-8370.patch, gnu/packages/patches/grub-freetype.patch, gnu/packages/patches/grub-gets-undeclared.patch, gnu/packages/patches/guile-arm-fixes.patch, gnu/packages/patches/mplayer2-theora-fix.patch, gnu/packages/patches/soprano-find-clucene.patch, gnu/packages/patches/util-linux-CVE-2017-2616.patch, gnu/packages/patches/xf86-video-intel-compat-api.patch, gnu/packages/patches/xf86-video-intel-glibc-2.20.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 10 - .../patches/gcc-libiberty-printf-decl.patch | 28 -- gnu/packages/patches/grub-CVE-2015-8370.patch | 45 ---- gnu/packages/patches/grub-freetype.patch | 24 -- gnu/packages/patches/grub-gets-undeclared.patch | 42 --- gnu/packages/patches/guile-arm-fixes.patch | 203 --------------- gnu/packages/patches/mplayer2-theora-fix.patch | 286 --------------------- gnu/packages/patches/soprano-find-clucene.patch | 15 -- .../patches/util-linux-CVE-2017-2616.patch | 65 ----- .../patches/xf86-video-intel-compat-api.patch | 13 - .../patches/xf86-video-intel-glibc-2.20.patch | 15 -- 11 files changed, 746 deletions(-) delete mode 100644 gnu/packages/patches/gcc-libiberty-printf-decl.patch delete mode 100644 gnu/packages/patches/grub-CVE-2015-8370.patch delete mode 100644 gnu/packages/patches/grub-freetype.patch delete mode 100644 gnu/packages/patches/grub-gets-undeclared.patch delete mode 100644 gnu/packages/patches/guile-arm-fixes.patch delete mode 100644 gnu/packages/patches/mplayer2-theora-fix.patch delete mode 100644 gnu/packages/patches/soprano-find-clucene.patch delete mode 100644 gnu/packages/patches/util-linux-CVE-2017-2616.patch delete mode 100644 gnu/packages/patches/xf86-video-intel-compat-api.patch delete mode 100644 gnu/packages/patches/xf86-video-intel-glibc-2.20.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 1fe46bfb5e..af9a590e09 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -578,7 +578,6 @@ dist_patch_DATA = \ %D%/packages/patches/gcc-arm-bug-71399.patch \ %D%/packages/patches/gcc-arm-link-spec-fix.patch \ %D%/packages/patches/gcc-cross-environment-variables.patch \ - %D%/packages/patches/gcc-libiberty-printf-decl.patch \ %D%/packages/patches/gcc-libvtv-runpath.patch \ %D%/packages/patches/gcc-strmov-store-file-names.patch \ %D%/packages/patches/gcc-4.9.3-mingw-gthr-default.patch \ @@ -624,12 +623,8 @@ dist_patch_DATA = \ %D%/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch \ %D%/packages/patches/graphite2-non-linear-classes-even-number.patch \ %D%/packages/patches/grep-timing-sensitive-test.patch \ - %D%/packages/patches/grub-CVE-2015-8370.patch \ - %D%/packages/patches/grub-gets-undeclared.patch \ - %D%/packages/patches/grub-freetype.patch \ %D%/packages/patches/gsl-test-i686.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ - %D%/packages/patches/guile-arm-fixes.patch \ %D%/packages/patches/guile-default-utf8.patch \ %D%/packages/patches/guile-linux-syscalls.patch \ %D%/packages/patches/guile-present-coding.patch \ @@ -784,7 +779,6 @@ dist_patch_DATA = \ %D%/packages/patches/mhash-keygen-test-segfault.patch \ %D%/packages/patches/mingw-w64-5.0rc2-gcc-4.9.3.patch \ %D%/packages/patches/mpc123-initialize-ao.patch \ - %D%/packages/patches/mplayer2-theora-fix.patch \ %D%/packages/patches/module-init-tools-moduledir.patch \ %D%/packages/patches/mozjs17-aarch64-support.patch \ %D%/packages/patches/mozjs24-aarch64-support.patch \ @@ -932,7 +926,6 @@ dist_patch_DATA = \ %D%/packages/patches/slim-reset.patch \ %D%/packages/patches/slim-login.patch \ %D%/packages/patches/slurm-configure-remove-nonfree-contribs.patch \ - %D%/packages/patches/soprano-find-clucene.patch \ %D%/packages/patches/spice-CVE-2016-9577.patch \ %D%/packages/patches/spice-CVE-2016-9578-1.patch \ %D%/packages/patches/spice-CVE-2016-9578-2.patch \ @@ -981,7 +974,6 @@ dist_patch_DATA = \ %D%/packages/patches/unzip-remove-build-date.patch \ %D%/packages/patches/ustr-fix-build-with-gcc-5.patch \ %D%/packages/patches/util-linux-tests.patch \ - %D%/packages/patches/util-linux-CVE-2017-2616.patch \ %D%/packages/patches/upower-builddir.patch \ %D%/packages/patches/valgrind-enable-arm.patch \ %D%/packages/patches/virglrenderer-CVE-2017-6386.patch \ @@ -1012,8 +1004,6 @@ dist_patch_DATA = \ %D%/packages/patches/xf86-video-ast-remove-mibstore.patch \ %D%/packages/patches/xf86-video-geode-glibc-2.20.patch \ %D%/packages/patches/xf86-video-i128-remove-mibstore.patch \ - %D%/packages/patches/xf86-video-intel-compat-api.patch \ - %D%/packages/patches/xf86-video-intel-glibc-2.20.patch \ %D%/packages/patches/xf86-video-mach64-glibc-2.20.patch \ %D%/packages/patches/xf86-video-tga-remove-mibstore.patch \ %D%/packages/patches/xfce4-panel-plugins.patch \ diff --git a/gnu/packages/patches/gcc-libiberty-printf-decl.patch b/gnu/packages/patches/gcc-libiberty-printf-decl.patch deleted file mode 100644 index a612c9e00e..0000000000 --- a/gnu/packages/patches/gcc-libiberty-printf-decl.patch +++ /dev/null @@ -1,28 +0,0 @@ -This patch makes the exeception specifier of libiberty's 'asprintf' -and 'vasprintf' declarations match those of glibc to work around the -problem described at . - -The problem in part stems from the fact that libiberty is configured -without _GNU_SOURCE (thus, it sets HAVE_DECL_ASPRINTF to 0), whereas libcc1 -is configured and built with _GNU_SOURCE, hence the conflicting declarations. - ---- gcc-5.3.0/include/libiberty.h 2016-04-23 22:45:46.262709079 +0200 -+++ gcc-5.3.0/include/libiberty.h 2016-04-23 22:45:37.110635439 +0200 -@@ -625,7 +625,7 @@ extern int pwait (int, int *, int); - /* Like sprintf but provides a pointer to malloc'd storage, which must - be freed by the caller. */ - --extern int asprintf (char **, const char *, ...) ATTRIBUTE_PRINTF_2; -+extern int asprintf (char **, const char *, ...) __THROWNL ATTRIBUTE_PRINTF_2; - #endif - - /* Like asprintf but allocates memory without fail. This works like -@@ -637,7 +637,7 @@ extern char *xasprintf (const char *, .. - /* Like vsprintf but provides a pointer to malloc'd storage, which - must be freed by the caller. */ - --extern int vasprintf (char **, const char *, va_list) ATTRIBUTE_PRINTF(2,0); -+extern int vasprintf (char **, const char *, va_list) __THROWNL ATTRIBUTE_PRINTF(2,0); - #endif - - /* Like vasprintf but allocates memory without fail. This works like diff --git a/gnu/packages/patches/grub-CVE-2015-8370.patch b/gnu/packages/patches/grub-CVE-2015-8370.patch deleted file mode 100644 index 5701b54759..0000000000 --- a/gnu/packages/patches/grub-CVE-2015-8370.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 88c9657960a6c5d3673a25c266781e876c181add Mon Sep 17 00:00:00 2001 -From: Hector Marco-Gisbert -Date: Fri, 13 Nov 2015 16:21:09 +0100 -Subject: [PATCH] Fix security issue when reading username and password - - This patch fixes two integer underflows at: - * grub-core/lib/crypto.c - * grub-core/normal/auth.c - -Signed-off-by: Hector Marco-Gisbert -Signed-off-by: Ismael Ripoll-Ripoll ---- - grub-core/lib/crypto.c | 2 +- - grub-core/normal/auth.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c -index 010e550..524a3d8 100644 ---- a/grub-core/lib/crypto.c -+++ b/grub-core/lib/crypto.c -@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size) - break; - } - -- if (key == '\b') -+ if (key == '\b' && cur_len) - { - cur_len--; - continue; -diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c -index c6bd96e..5782ec5 100644 ---- a/grub-core/normal/auth.c -+++ b/grub-core/normal/auth.c -@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size) - break; - } - -- if (key == '\b') -+ if (key == '\b' && cur_len) - { - cur_len--; - grub_printf ("\b"); --- -1.9.1 - diff --git a/gnu/packages/patches/grub-freetype.patch b/gnu/packages/patches/grub-freetype.patch deleted file mode 100644 index 286830ccf8..0000000000 --- a/gnu/packages/patches/grub-freetype.patch +++ /dev/null @@ -1,24 +0,0 @@ -commit fd0df6d098b1e6a4f60275c48a3ec88d15ba1fbb -Author: Colin Watson -Date: Fri Nov 29 12:19:36 2013 +0000 - - Fix build with FreeType 2.5.1 - - * util/grub-gen-asciih.c: Include FT_SYNTHESIS_H rather than - , fixing build with FreeType 2.5.1. - * util/grub-gen-widthspec.c: Likewise. - * util/grub-mkfont.c: Likewise. - -diff --git a/util/grub-mkfont.c b/util/grub-mkfont.c -index 0d8eb78..242dd01 100644 ---- a/util/grub-mkfont.c -+++ b/util/grub-mkfont.c -@@ -43,7 +43,7 @@ - #include FT_FREETYPE_H - #include FT_TRUETYPE_TAGS_H - #include FT_TRUETYPE_TABLES_H --#include -+#include FT_SYNTHESIS_H - - #undef __FTERRORS_H__ - #define FT_ERROR_START_LIST const char *ft_errmsgs[] = { diff --git a/gnu/packages/patches/grub-gets-undeclared.patch b/gnu/packages/patches/grub-gets-undeclared.patch deleted file mode 100644 index 41dddbd9d0..0000000000 --- a/gnu/packages/patches/grub-gets-undeclared.patch +++ /dev/null @@ -1,42 +0,0 @@ -This patch is needed to allow builds with newer versions of -the GNU libc (2.16+). - - -commit 66712c23388e93e5c518ebc8515140fa0c807348 -Author: Eric Blake -Date: Thu Mar 29 13:30:41 2012 -0600 - - stdio: don't assume gets any more - - Gnulib intentionally does not have a gets module, and now that C11 - and glibc have dropped it, we should be more proactive about warning - any user on a platform that still has a declaration of this dangerous - interface. - - * m4/stdio_h.m4 (gl_STDIO_H, gl_STDIO_H_DEFAULTS): Drop gets - support. - * modules/stdio (Makefile.am): Likewise. - * lib/stdio-read.c (gets): Likewise. - * tests/test-stdio-c++.cc: Likewise. - * m4/warn-on-use.m4 (gl_WARN_ON_USE_PREPARE): Fix comment. - * lib/stdio.in.h (gets): Make warning occur in more places. - * doc/posix-functions/gets.texi (gets): Update documentation. - Reported by Christer Solskogen. - - Signed-off-by: Eric Blake - ---- grub-2.00/grub-core/gnulib/stdio.in.h 2013-02-10 16:17:09.000000000 +0100 -+++ grub-2.00/grub-core/gnulib/stdio.in.h 2013-02-10 16:17:11.000000000 +0100 -@@ -137,12 +137,6 @@ _GL_WARN_ON_USE (fflush, "fflush is not - "use gnulib module fflush for portable POSIX compliance"); - #endif - --/* It is very rare that the developer ever has full control of stdin, -- so any use of gets warrants an unconditional warning. Assume it is -- always declared, since it is required by C89. */ --#undef gets --_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); -- - #if @GNULIB_FOPEN@ - # if @REPLACE_FOPEN@ - # if !(defined __cplusplus && defined GNULIB_NAMESPACE) diff --git a/gnu/packages/patches/guile-arm-fixes.patch b/gnu/packages/patches/guile-arm-fixes.patch deleted file mode 100644 index 62bcf0fa7b..0000000000 --- a/gnu/packages/patches/guile-arm-fixes.patch +++ /dev/null @@ -1,203 +0,0 @@ -Apply fixes for ARM to Guile. - -From df8c52e93dfa3965e4714275f4b8cea2c8e0170b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= -Date: Fri, 4 Jul 2014 15:35:06 +0200 -Subject: [PATCH] Recognize arm-* target triplets. - -Reported by Sylvain Beucler . - -* module/system/base/target.scm (cpu-endianness): Add case where CPU is - "arm". -* test-suite/tests/asm-to-bytecode.test ("cross-compilation")["arm-unknown-linux-androideabi"]: - New test. ---- - module/system/base/target.scm | 4 +++- - test-suite/tests/asm-to-bytecode.test | 5 ++++- - 2 files changed, 7 insertions(+), 2 deletions(-) - -diff --git a/module/system/base/target.scm b/module/system/base/target.scm -index c74ae67..cefa951 100644 ---- a/module/system/base/target.scm -+++ b/module/system/base/target.scm -@@ -1,6 +1,6 @@ - ;;; Compilation targets - --;; Copyright (C) 2011, 2012, 2013 Free Software Foundation, Inc. -+;; Copyright (C) 2011, 2012, 2013, 2014 Free Software Foundation, Inc. - - ;; This library is free software; you can redistribute it and/or - ;; modify it under the terms of the GNU Lesser General Public -@@ -72,6 +72,8 @@ - (endianness big)) - ((string-match "^arm.*el" cpu) - (endianness little)) -+ ((string=? "arm" cpu) ;ARMs are LE by default -+ (endianness little)) - (else - (error "unknown CPU endianness" cpu))))) - -diff --git a/test-suite/tests/asm-to-bytecode.test b/test-suite/tests/asm-to-bytecode.test -index 6d2f20e..62ea0ed 100644 ---- a/test-suite/tests/asm-to-bytecode.test -+++ b/test-suite/tests/asm-to-bytecode.test -@@ -1,6 +1,6 @@ - ;;;; Assembly to bytecode compilation -*- mode: scheme; coding: utf-8; -*- - ;;;; --;;;; Copyright (C) 2010, 2011, 2012, 2013 Free Software Foundation, Inc. -+;;;; Copyright (C) 2010, 2011, 2012, 2013, 2014 Free Software Foundation, Inc. - ;;;; - ;;;; This library is free software; you can redistribute it and/or - ;;;; modify it under the terms of the GNU Lesser General Public -@@ -205,6 +205,9 @@ - (test-target "x86_64-unknown-linux-gnux32" ; x32 ABI (Debian tuplet) - (endianness little) 4) - -+ (test-target "arm-unknown-linux-androideabi" -+ (endianness little) 4) -+ - (pass-if-exception "unknown target" - exception:miscellaneous-error - (call-with-values (lambda () --- -2.1.2 - -From ffd3e55cfd12a3559621e3130d613d319243512d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= -Date: Fri, 4 Jul 2014 17:26:41 +0200 -Subject: [PATCH] Recognize more ARM targets. - -Suggested by Dale P. Smith. - -* module/system/base/target.scm (cpu-endianness): Add cases for - "arm.*eb", "^aarch64.*be", and "aarch64". Change "arm" case to - "arm.*". - (triplet-pointer-size): Allow underscore as in 'aarch64_be'. -* test-suite/tests/asm-to-bytecode.test ("cross-compilation")["armeb-unknown-linux-gnu", - "aarch64-linux-gnu", "aarch64_be-linux-gnu"]: New tests. ---- - module/system/base/target.scm | 10 ++++++++-- - test-suite/tests/asm-to-bytecode.test | 6 ++++++ - 2 files changed, 14 insertions(+), 2 deletions(-) - -diff --git a/module/system/base/target.scm b/module/system/base/target.scm -index cefa951..31e3fea 100644 ---- a/module/system/base/target.scm -+++ b/module/system/base/target.scm -@@ -72,7 +72,13 @@ - (endianness big)) - ((string-match "^arm.*el" cpu) - (endianness little)) -- ((string=? "arm" cpu) ;ARMs are LE by default -+ ((string-match "^arm.*eb" cpu) -+ (endianness big)) -+ ((string-prefix? "arm" cpu) ;ARMs are LE by default -+ (endianness little)) -+ ((string-match "^aarch64.*be" cpu) -+ (endianness big)) -+ ((string=? "aarch64" cpu) - (endianness little)) - (else - (error "unknown CPU endianness" cpu))))) -@@ -97,7 +103,7 @@ - ((string-match "^x86_64-.*-gnux32" triplet) 4) ; x32 - - ((string-match "64$" cpu) 8) -- ((string-match "64[lbe][lbe]$" cpu) 8) -+ ((string-match "64_?[lbe][lbe]$" cpu) 8) - ((member cpu '("sparc" "powerpc" "mips" "mipsel")) 4) - ((string-match "^arm.*" cpu) 4) - (else (error "unknown CPU word size" cpu))))) -diff --git a/test-suite/tests/asm-to-bytecode.test b/test-suite/tests/asm-to-bytecode.test -index 62ea0ed..8aeba84 100644 ---- a/test-suite/tests/asm-to-bytecode.test -+++ b/test-suite/tests/asm-to-bytecode.test -@@ -207,6 +207,12 @@ - - (test-target "arm-unknown-linux-androideabi" - (endianness little) 4) -+ (test-target "armeb-unknown-linux-gnu" -+ (endianness big) 4) -+ (test-target "aarch64-linux-gnu" -+ (endianness little) 8) -+ (test-target "aarch64_be-linux-gnu" -+ (endianness big) 8) - - (pass-if-exception "unknown target" - exception:miscellaneous-error --- -2.1.2 - -From a85c78ea1393985fdb6e6678dea19135c553d341 Mon Sep 17 00:00:00 2001 -From: Mark H Weaver -Date: Fri, 19 Sep 2014 21:18:09 -0400 -Subject: [PATCH] VM: ASM_MUL for ARM: Add earlyclobber constraint to the SMULL - outputs. - -Reported by Rob Browning . - -* libguile/vm-i-scheme.c (ASM_MUL)[ARM]: Add earlyclobber (&) constraint - to the SMULL output registers. ---- - libguile/vm-i-scheme.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/libguile/vm-i-scheme.c b/libguile/vm-i-scheme.c -index 587aa95..162efab 100644 ---- a/libguile/vm-i-scheme.c -+++ b/libguile/vm-i-scheme.c -@@ -1,5 +1,4 @@ --/* Copyright (C) 2001, 2009, 2010, 2011, 2012, 2013, -- * 2014 Free Software Foundation, Inc. -+/* Copyright (C) 2001, 2009-2014 Free Software Foundation, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License -@@ -363,7 +362,7 @@ VM_DEFINE_FUNCTION (149, ge, "ge?", 2) - { \ - scm_t_signed_bits rlo, rhi; \ - asm ("smull %0, %1, %2, %3\n" \ -- : "=r" (rlo), "=r" (rhi) \ -+ : "=&r" (rlo), "=&r" (rhi) \ - : "r" (SCM_UNPACK (x) - scm_tc2_int), \ - "r" (SCM_I_INUM (y))); \ - if (SCM_LIKELY (SCM_SRS (rlo, 31) == rhi)) \ --- -2.1.2 - -From bed025bd2569b1c033f24d7d9e660e39ebf65cac Mon Sep 17 00:00:00 2001 -From: Mark H Weaver -Date: Sat, 20 Sep 2014 03:59:51 -0400 -Subject: [PATCH] VM: Allow the C compiler to choose FP_REG on ARM. - -Reported by Rob Browning . - -* libguile/vm-engine.h (IP_REG)[__arm__]: Remove explicit register - choice ("r7") for FP_REG, which was reported to cause compilation - failures on ARM. ---- - libguile/vm-engine.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libguile/vm-engine.h b/libguile/vm-engine.h -index 46d4cff..e618be7 100644 ---- a/libguile/vm-engine.h -+++ b/libguile/vm-engine.h -@@ -1,4 +1,4 @@ --/* Copyright (C) 2001, 2009, 2010, 2011, 2012 Free Software Foundation, Inc. -+/* Copyright (C) 2001, 2009-2012, 2014 Free Software Foundation, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License -@@ -81,7 +81,7 @@ - #ifdef __arm__ - #define IP_REG asm("r9") - #define SP_REG asm("r8") --#define FP_REG asm("r7") -+#define FP_REG - #endif - #endif - --- -2.1.2 - diff --git a/gnu/packages/patches/mplayer2-theora-fix.patch b/gnu/packages/patches/mplayer2-theora-fix.patch deleted file mode 100644 index 982db5f57c..0000000000 --- a/gnu/packages/patches/mplayer2-theora-fix.patch +++ /dev/null @@ -1,286 +0,0 @@ -Fix libtheora linking issue with modern theora versions. - -Adapted from: -http://git.buildroot.net/buildroot/commit/?id=46b71cb0be27c0e6b7c93afb49fc80779bf310e3 - ---- a/libmpcodecs/vd_theora.c -+++ b/libmpcodecs/vd_theora.c -@@ -39,22 +39,23 @@ - - LIBVD_EXTERN(theora) - --#include -+#include - - #define THEORA_NUM_HEADER_PACKETS 3 - - typedef struct theora_struct_st { -- theora_state st; -- theora_comment cc; -- theora_info inf; -+ th_setup_info *tsi; -+ th_dec_ctx *tctx; -+ th_comment tc; -+ th_info ti; - } theora_struct_t; - - /** Convert Theora pixelformat to the corresponding IMGFMT_ */ --static uint32_t theora_pixelformat2imgfmt(theora_pixelformat fmt){ -+static uint32_t theora_pixelformat2imgfmt(th_pixel_fmt fmt){ - switch(fmt) { -- case OC_PF_420: return IMGFMT_YV12; -- case OC_PF_422: return IMGFMT_422P; -- case OC_PF_444: return IMGFMT_444P; -+ case TH_PF_420: return IMGFMT_YV12; -+ case TH_PF_422: return IMGFMT_422P; -+ case TH_PF_444: return IMGFMT_444P; - } - return 0; - } -@@ -64,7 +65,7 @@ - theora_struct_t *context = sh->context; - switch(cmd) { - case VDCTRL_QUERY_FORMAT: -- if (*(int*)arg == theora_pixelformat2imgfmt(context->inf.pixelformat)) -+ if (*(int*)arg == theora_pixelformat2imgfmt(context->ti.pixel_fmt)) - return CONTROL_TRUE; - return CONTROL_FALSE; - } -@@ -88,8 +89,9 @@ - if (!context) - goto err_out; - -- theora_info_init(&context->inf); -- theora_comment_init(&context->cc); -+ th_info_init(&context->ti); -+ th_comment_init(&context->tc); -+ context->tsi = NULL; - - /* Read all header packets, pass them to theora_decode_header. */ - for (i = 0; i < THEORA_NUM_HEADER_PACKETS; i++) -@@ -109,7 +111,7 @@ - op.b_o_s = 1; - } - -- if ( (errorCode = theora_decode_header (&context->inf, &context->cc, &op)) ) -+ if ( (errorCode = th_decode_headerin (&context->ti, &context->tc, &context->tsi, &op)) < 0) - { - mp_msg(MSGT_DECVIDEO, MSGL_ERR, "Broken Theora header; errorCode=%i!\n", errorCode); - goto err_out; -@@ -117,23 +119,25 @@ - } - - /* now init codec */ -- errorCode = theora_decode_init (&context->st, &context->inf); -- if (errorCode) -+ context->tctx = th_decode_alloc (&context->ti, context->tsi); -+ if (!context->tctx) - { -- mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode init failed: %i \n", errorCode); -+ mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode init failed\n"); - goto err_out; - } -+ /* free memory used for decoder setup information */ -+ th_setup_free(context->tsi); - -- if(sh->aspect==0.0 && context->inf.aspect_denominator!=0) -+ if(sh->aspect==0.0 && context->ti.aspect_denominator!=0) - { -- sh->aspect = ((double)context->inf.aspect_numerator * context->inf.width)/ -- ((double)context->inf.aspect_denominator * context->inf.height); -+ sh->aspect = ((double)context->ti.aspect_numerator * context->ti.frame_width)/ -+ ((double)context->ti.aspect_denominator * context->ti.frame_height); - } - - mp_msg(MSGT_DECVIDEO,MSGL_V,"INFO: Theora video init ok!\n"); -- mp_msg(MSGT_DECVIDEO,MSGL_INFO,"Frame: %dx%d, Picture %dx%d, Offset [%d,%d]\n", context->inf.width, context->inf.height, context->inf.frame_width, context->inf.frame_height, context->inf.offset_x, context->inf.offset_y); -+ mp_msg(MSGT_DECVIDEO,MSGL_INFO,"Frame: %dx%d, Picture %dx%d, Offset [%d,%d]\n", context->ti.frame_width, context->ti.frame_height, context->ti.pic_width, context->ti.pic_height, context->ti.pic_x, context->ti.pic_y); - -- return mpcodecs_config_vo (sh,context->inf.width,context->inf.height,theora_pixelformat2imgfmt(context->inf.pixelformat)); -+ return mpcodecs_config_vo (sh,context->ti.frame_width,context->ti.frame_height,theora_pixelformat2imgfmt(context->ti.pixel_fmt)); - - err_out: - free(context); -@@ -150,9 +154,9 @@ - - if (context) - { -- theora_info_clear(&context->inf); -- theora_comment_clear(&context->cc); -- theora_clear (&context->st); -+ th_info_clear(&context->ti); -+ th_comment_clear(&context->tc); -+ th_decode_free (context->tctx); - free (context); - } - } -@@ -165,7 +169,7 @@ - theora_struct_t *context = sh->context; - int errorCode = 0; - ogg_packet op; -- yuv_buffer yuv; -+ th_ycbcr_buffer ycbcrbuf; - mp_image_t* mpi; - - // no delayed frames -@@ -177,31 +181,31 @@ - op.packet = data; - op.granulepos = -1; - -- errorCode = theora_decode_packetin (&context->st, &op); -- if (errorCode) -+ errorCode = th_decode_packetin (context->tctx, &op, NULL); -+ if (errorCode < 0) - { - mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode packetin failed: %i \n", - errorCode); - return NULL; - } - -- errorCode = theora_decode_YUVout (&context->st, &yuv); -- if (errorCode) -+ errorCode = th_decode_ycbcr_out (context->tctx, ycbcrbuf); -+ if (errorCode < 0) - { - mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode YUVout failed: %i \n", - errorCode); - return NULL; - } - -- mpi = mpcodecs_get_image(sh, MP_IMGTYPE_EXPORT, 0, yuv.y_width, yuv.y_height); -+ mpi = mpcodecs_get_image(sh, MP_IMGTYPE_EXPORT, 0, ycbcrbuf[0].width, ycbcrbuf[0].height); - if(!mpi) return NULL; - -- mpi->planes[0]=yuv.y; -- mpi->stride[0]=yuv.y_stride; -- mpi->planes[1]=yuv.u; -- mpi->stride[1]=yuv.uv_stride; -- mpi->planes[2]=yuv.v; -- mpi->stride[2]=yuv.uv_stride; -+ mpi->planes[0]=ycbcrbuf[0].data; -+ mpi->stride[0]=ycbcrbuf[0].stride; -+ mpi->planes[1]=ycbcrbuf[1].data; -+ mpi->stride[1]=ycbcrbuf[1].stride; -+ mpi->planes[2]=ycbcrbuf[2].data; -+ mpi->stride[2]=ycbcrbuf[2].stride; - - return mpi; - } ---- a/libmpdemux/demux_ogg.c -+++ b/libmpdemux/demux_ogg.c -@@ -49,21 +49,21 @@ - #endif - - #ifdef CONFIG_OGGTHEORA --#include --int _ilog (unsigned int); /* defined in many places in theora/lib/ */ -+#include - #endif - - #define BLOCK_SIZE 4096 - - /* Theora decoder context : we won't be able to interpret granule positions -- * without using theora_granule_time with the theora_state of the stream. -+ * without using th_granule_time with the th_dec_ctx of the stream. - * This is duplicated in `vd_theora.c'; put this in a common header? - */ - #ifdef CONFIG_OGGTHEORA - typedef struct theora_struct_st { -- theora_state st; -- theora_comment cc; -- theora_info inf; -+ th_setup_info *tsi; -+ th_dec_ctx *tctx; -+ th_comment tc; -+ th_info ti; - } theora_struct_t; - #endif - -@@ -116,7 +116,7 @@ - float samplerate; /// granulpos 2 time - int64_t lastpos; - int32_t lastsize; -- int keyframe_frequency_force; -+ int keyframe_granule_shift; - - // Logical stream state - ogg_stream_state stream; -@@ -299,11 +299,10 @@ - have theora_state st, until all header packets were passed to the - decoder. */ - if (!pack->bytes || !(*data&0x80)) { -- int keyframe_granule_shift = _ilog(os->keyframe_frequency_force - 1); -- int64_t iframemask = (1 << keyframe_granule_shift) - 1; -+ int64_t iframemask = (1 << os->keyframe_granule_shift) - 1; - - if (pack->granulepos >= 0) { -- os->lastpos = pack->granulepos >> keyframe_granule_shift; -+ os->lastpos = pack->granulepos >> os->keyframe_granule_shift; - os->lastpos += pack->granulepos & iframemask; - *flags = (pack->granulepos & iframemask) == 0; - } else { -@@ -892,14 +891,15 @@ - #ifdef CONFIG_OGGTHEORA - } else if (pack.bytes >= 7 && !strncmp (&pack.packet[1], "theora", 6)) { - int errorCode = 0; -- theora_info inf; -- theora_comment cc; -+ th_info ti; -+ th_comment tc; -+ th_setup_info *tsi = NULL; - -- theora_info_init (&inf); -- theora_comment_init (&cc); -+ th_info_init (&ti); -+ th_comment_init (&tc); - -- errorCode = theora_decode_header (&inf, &cc, &pack); -- if (errorCode) { -+ errorCode = th_decode_headerin(&ti, &tc, &tsi, &pack); -+ if (errorCode < 0) { - mp_msg(MSGT_DEMUX, MSGL_ERR, - "Theora header parsing failed: %i \n", errorCode); - } else { -@@ -908,30 +908,32 @@ - sh_v->bih = calloc(1, sizeof(*sh_v->bih)); - sh_v->bih->biSize = sizeof(*sh_v->bih); - sh_v->bih->biCompression = sh_v->format = FOURCC_THEORA; -- sh_v->fps = ((double)inf.fps_numerator) / (double)inf.fps_denominator; -- sh_v->frametime = ((double)inf.fps_denominator) / (double)inf.fps_numerator; -- sh_v->disp_w = sh_v->bih->biWidth = inf.frame_width; -- sh_v->disp_h = sh_v->bih->biHeight = inf.frame_height; -+ sh_v->fps = ((double)ti.fps_numerator) / (double)ti.fps_denominator; -+ sh_v->frametime = ((double)ti.fps_denominator) / (double)ti.fps_numerator; -+ sh_v->i_bps = ti.target_bitrate / 8; -+ sh_v->disp_w = sh_v->bih->biWidth = ti.frame_width; -+ sh_v->disp_h = sh_v->bih->biHeight = ti.frame_height; - sh_v->bih->biBitCount = 24; - sh_v->bih->biPlanes = 3; - sh_v->bih->biSizeImage = ((sh_v->bih->biBitCount / 8) * sh_v->bih->biWidth * sh_v->bih->biHeight); - ogg_d->subs[ogg_d->num_sub].samplerate = sh_v->fps; - ogg_d->subs[ogg_d->num_sub].theora = 1; -- ogg_d->subs[ogg_d->num_sub].keyframe_frequency_force = inf.keyframe_frequency_force; -+ ogg_d->subs[ogg_d->num_sub].keyframe_granule_shift = ti.keyframe_granule_shift; - ogg_d->subs[ogg_d->num_sub].id = n_video; - n_video++; - mp_msg(MSGT_DEMUX, MSGL_INFO, - "[Ogg] stream %d: video (Theora v%d.%d.%d), -vid %d\n", - ogg_d->num_sub, -- (int)inf.version_major, -- (int)inf.version_minor, -- (int)inf.version_subminor, -+ (int)ti.version_major, -+ (int)ti.version_minor, -+ (int)ti.version_subminor, - n_video - 1); - if (mp_msg_test(MSGT_HEADER, MSGL_V)) - print_video_header(sh_v->bih, MSGL_V); - } -- theora_comment_clear(&cc); -- theora_info_clear(&inf); -+ th_comment_clear(&tc); -+ th_info_clear(&ti); -+ th_setup_free(tsi); - #endif /* CONFIG_OGGTHEORA */ - } else if (pack.bytes >= 4 && !strncmp (&pack.packet[0], "fLaC", 4)) { - sh_a = new_sh_audio_aid(demuxer, ogg_d->num_sub, n_audio, NULL); diff --git a/gnu/packages/patches/soprano-find-clucene.patch b/gnu/packages/patches/soprano-find-clucene.patch deleted file mode 100644 index cc2707853a..0000000000 --- a/gnu/packages/patches/soprano-find-clucene.patch +++ /dev/null @@ -1,15 +0,0 @@ -Search for clucene include file in the clucene include directory. - -diff -u -r soprano-2.9.4.orig/cmake/modules/FindCLucene.cmake soprano-2.9.4/cmake/modules/FindCLucene.cmake ---- soprano-2.9.4.orig/cmake/modules/FindCLucene.cmake 2013-10-09 19:22:28.000000000 +0200 -+++ soprano-2.9.4/cmake/modules/FindCLucene.cmake 2014-04-28 20:08:11.000000000 +0200 -@@ -77,7 +77,8 @@ - - get_filename_component(TRIAL_LIBRARY_DIR ${CLUCENE_LIBRARY} PATH) - find_path(CLUCENE_LIBRARY_DIR -- NAMES CLucene/clucene-config.h PATHS ${TRIAL_LIBRARY_DIR} ${TRIAL_LIBRARY_PATHS} ${TRIAL_INCLUDE_PATHS} NO_DEFAULT_PATH) -+ NAMES CLucene/clucene-config.h PATHS ${TRIAL_LIBRARY_DIR} ${TRIAL_LIBRARY_PATHS} ${TRIAL_INCLUDE_PATHS} ${CLUCENE_INCLUDE_DIR} NO_DEFAULT_PATH) -+message (STATUS "XXX ${CLUCENE_LIBRARY_DIR}") - if(CLUCENE_LIBRARY_DIR) - message(STATUS "Found CLucene library dir: ${CLUCENE_LIBRARY_DIR}") - file(READ ${CLUCENE_LIBRARY_DIR}/CLucene/clucene-config.h CLCONTENT) diff --git a/gnu/packages/patches/util-linux-CVE-2017-2616.patch b/gnu/packages/patches/util-linux-CVE-2017-2616.patch deleted file mode 100644 index 2c82fb06d2..0000000000 --- a/gnu/packages/patches/util-linux-CVE-2017-2616.patch +++ /dev/null @@ -1,65 +0,0 @@ -Fix CVE-2017-2616: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616 -http://seclists.org/oss-sec/2017/q1/474 - -Patch copied from upstream source repository: - -https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=dffab154d29a288aa171ff50263ecc8f2e14a891 - -From b018571132cb8c9fece3d75ed240cc74cdb5f0f7 Mon Sep 17 00:00:00 2001 -From: Karel Zak -Date: Wed, 1 Feb 2017 11:58:09 +0100 -Subject: [PATCH] su: properly clear child PID -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Reported-by: Tobias Stöckmann -Signed-off-by: Karel Zak ---- - login-utils/su-common.c | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/login-utils/su-common.c b/login-utils/su-common.c -index 0ea4e40bd..b1720f037 100644 ---- a/login-utils/su-common.c -+++ b/login-utils/su-common.c -@@ -376,6 +376,9 @@ create_watching_parent (void) - } - else - status = WEXITSTATUS (status); -+ -+ /* child is gone, don't use the PID anymore */ -+ child = (pid_t) -1; - } - else if (caught_signal) - status = caught_signal + 128; -@@ -385,7 +388,7 @@ create_watching_parent (void) - else - status = 1; - -- if (caught_signal) -+ if (caught_signal && child != (pid_t)-1) - { - fprintf (stderr, _("\nSession terminated, killing shell...")); - kill (child, SIGTERM); -@@ -395,9 +398,12 @@ create_watching_parent (void) - - if (caught_signal) - { -- sleep (2); -- kill (child, SIGKILL); -- fprintf (stderr, _(" ...killed.\n")); -+ if (child != (pid_t)-1) -+ { -+ sleep (2); -+ kill (child, SIGKILL); -+ fprintf (stderr, _(" ...killed.\n")); -+ } - - /* Let's terminate itself with the received signal. - * --- -2.11.1 - diff --git a/gnu/packages/patches/xf86-video-intel-compat-api.patch b/gnu/packages/patches/xf86-video-intel-compat-api.patch deleted file mode 100644 index 786de5c45d..0000000000 --- a/gnu/packages/patches/xf86-video-intel-compat-api.patch +++ /dev/null @@ -1,13 +0,0 @@ -This patch was copied from Debian. - ---- xserver-xorg-video-intel-2.21.15.orig/src/compat-api.h -+++ xserver-xorg-video-intel-2.21.15/src/compat-api.h -@@ -158,4 +158,8 @@ - if ((d)->pScreen->SourceValidate) (d)->pScreen->SourceValidate(d, x, y, w, h) - #endif - -+#if XORG_VERSION_CURRENT >= XORG_VERSION_NUMERIC(1,14,99,2,0) -+#define DamageUnregister(d, dd) DamageUnregister(dd) -+#endif -+ - #endif diff --git a/gnu/packages/patches/xf86-video-intel-glibc-2.20.patch b/gnu/packages/patches/xf86-video-intel-glibc-2.20.patch deleted file mode 100644 index aeebfacdcd..0000000000 --- a/gnu/packages/patches/xf86-video-intel-glibc-2.20.patch +++ /dev/null @@ -1,15 +0,0 @@ -Allow builds with glibc 2.20. -Based on a patch by Peter Hutterer . -See . - ---- xf86-video-intel-2.21.15/src/intel_device.c.~1~ 2013-08-09 16:58:48.000000000 -0400 -+++ xf86-video-intel-2.21.15/src/intel_device.c 2014-12-18 00:03:54.700759577 -0500 -@@ -33,6 +33,8 @@ - - #include - -+#include -+ - #include - #include - #include -- cgit v1.2.3 From f269ad2536366880c3d1fe6f9f4b5aad0e84414f Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Fri, 14 Apr 2017 11:37:58 +0200 Subject: gnu: Add libsepol. * gnu/packages/selinux.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/packages/selinux.scm | 71 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 gnu/packages/selinux.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index af9a590e09..2e38168a0b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -343,6 +343,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/sdl.scm \ %D%/packages/search.scm \ %D%/packages/security-token.scm \ + %D%/packages/selinux.scm \ %D%/packages/serialization.scm \ %D%/packages/serveez.scm \ %D%/packages/shells.scm \ diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm new file mode 100644 index 0000000000..f03c6d3e25 --- /dev/null +++ b/gnu/packages/selinux.scm @@ -0,0 +1,71 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016, 2017 Ricardo Wurmus +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages selinux) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix utils) + #:use-module (guix build-system gnu) + #:use-module (gnu packages) + #:use-module (gnu packages flex)) + +;; Update the SELinux packages together! + +(define-public libsepol + (package + (name "libsepol") + (version "2.6") + (source (let ((release "20161014")) + (origin + (method url-fetch) + (uri (string-append "https://github.com/SELinuxProject/selinux/" + "archive/" release ".tar.gz")) + (file-name (string-append "selinux-" release ".tar.gz")) + (sha256 + (base32 + "1dpwynfb6n31928343blac4159g4jbrwxdp61q5yffmxpy3c3czi"))))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; tests require checkpolicy, which requires libsepol + #:test-target "test" + #:make-flags + (let ((out (assoc-ref %outputs "out"))) + (list (string-append "PREFIX=" out) + (string-append "DESTDIR=" out) + (string-append "MAN3DIR=" out "/share/man/man3") + (string-append "MAN5DIR=" out "/share/man/man5") + (string-append "MAN8DIR=" out "/share/man/man8") + (string-append "LDFLAGS=-Wl,-rpath=" out "/lib") + "CC=gcc")) + #:phases + (modify-phases %standard-phases + (delete 'configure) + (add-after 'unpack 'enter-dir + (lambda _ (chdir ,name) #t))))) + (native-inputs + `(("flex" ,flex))) + (home-page "https://selinuxproject.org/") + (synopsis "Library for manipulating SELinux policies") + (description + "The libsepol library provides an API for the manipulation of SELinux +binary policies. It is used by @code{checkpolicy} (the policy compiler) and +similar tools, and programs such as @code{load_policy}, which must perform +specific transformations on binary policies (for example, customizing policy +boolean settings).") + (license license:lgpl2.1+))) -- cgit v1.2.3 From 6ef94ecbaa5112a1692b3c80423105b465f030a6 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Fri, 14 Apr 2017 13:52:22 +0200 Subject: gnu: Add policycoreutils. * gnu/packages/selinux.scm (policycoreutils): New variable. --- gnu/local.mk | 1 + ...policycoreutils-make-sepolicy-use-python3.patch | 335 +++++++++++++++++++++ gnu/packages/selinux.scm | 137 +++++++++ 3 files changed, 473 insertions(+) create mode 100644 gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 2e38168a0b..ee18517e22 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -855,6 +855,7 @@ dist_patch_DATA = \ %D%/packages/patches/plink-endian-detection.patch \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ %D%/packages/patches/polkit-drop-test.patch \ + %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch \ %D%/packages/patches/portaudio-audacity-compat.patch \ %D%/packages/patches/portmidi-modular-build.patch \ %D%/packages/patches/procmail-ambiguous-getline-debian.patch \ diff --git a/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch new file mode 100644 index 0000000000..befe9fbb2a --- /dev/null +++ b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch @@ -0,0 +1,335 @@ +Downloaded from https://anonscm.debian.org/cgit/selinux/policycoreutils.git/plain/debian/patches/policycoreutils-Make-sepolicy-work-with-python3.patch + +From 2d7ca0b862a35196d562f59bd098df011fd7f0e6 Mon Sep 17 00:00:00 2001 +From: Laurent Bigonville +Date: Mon, 7 Nov 2016 10:51:08 +0100 +Subject: [PATCH] policycoreutils: Make sepolicy work with python3 + +Add python3 support for sepolicy + +Signed-off-by: Laurent Bigonville +--- + policycoreutils/sepolicy/selinux_client.py | 6 ++-- + policycoreutils/sepolicy/sepolicy.py | 38 ++++++++++++------------ + policycoreutils/sepolicy/sepolicy/__init__.py | 16 ++++++---- + policycoreutils/sepolicy/sepolicy/communicate.py | 4 +-- + policycoreutils/sepolicy/sepolicy/generate.py | 30 +++++++++---------- + policycoreutils/sepolicy/sepolicy/interface.py | 14 ++++++--- + policycoreutils/sepolicy/sepolicy/manpage.py | 7 +++-- + 7 files changed, 65 insertions(+), 50 deletions(-) + +diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py +index 7f4a91c..dc29f28 100644 +--- a/sepolicy/selinux_client.py ++++ b/sepolicy/selinux_client.py +@@ -39,6 +39,6 @@ if __name__ == "__main__": + try: + dbus_proxy = SELinuxDBus() + resp = dbus_proxy.customized() +- print convert_customization(resp) +- except dbus.DBusException, e: +- print e ++ print(convert_customization(resp)) ++ except dbus.DBusException as e: ++ print(e) +diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py +index 3e502a7..5bf9b52 100755 +--- a/sepolicy/sepolicy.py ++++ b/sepolicy/sepolicy.py +@@ -262,7 +262,7 @@ def _print_net(src, protocol, perm): + if len(portdict) > 0: + bold_start = "\033[1m" + bold_end = "\033[0;0m" +- print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end ++ print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end) + port_strings = [] + boolean_text = "" + for p in portdict: +@@ -275,7 +275,7 @@ def _print_net(src, protocol, perm): + port_strings.append("%s (%s)" % (", ".join(recs), t)) + port_strings.sort(numcmp) + for p in port_strings: +- print "\t" + p ++ print("\t" + p) + + + def network(args): +@@ -286,7 +286,7 @@ def network(args): + if i[0] not in all_ports: + all_ports.append(i[0]) + all_ports.sort() +- print "\n".join(all_ports) ++ print("\n".join(all_ports)) + + for port in args.port: + found = False +@@ -297,18 +297,18 @@ def network(args): + else: + range = "%s-%s" % (i[0], i[1]) + found = True +- print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range) ++ print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)) + if not found: + if port < 500: +- print "Undefined reserved port type" ++ print("Undefined reserved port type") + else: +- print "Undefined port type" ++ print("Undefined port type") + + for t in args.type: + if (t, 'tcp') in portrecs.keys(): +- print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])) ++ print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))) + if (t, 'udp') in portrecs.keys(): +- print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])) ++ print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))) + + for a in args.applications: + d = sepolicy.get_init_transtype(a) +@@ -357,7 +357,7 @@ def manpage(args): + + for domain in test_domains: + m = ManPage(domain, path, args.root, args.source_files, args.web) +- print m.get_man_page_path() ++ print(m.get_man_page_path()) + + if args.web: + HTMLManPages(manpage_roles, manpage_domains, path, args.os) +@@ -418,7 +418,7 @@ def communicate(args): + out = list(set(writable) & set(readable)) + + for t in out: +- print t ++ print(t) + + + def gen_communicate_args(parser): +@@ -445,7 +445,7 @@ def booleans(args): + args.booleans.sort() + + for b in args.booleans: +- print "%s=_(\"%s\")" % (b, boolean_desc(b)) ++ print("%s=_(\"%s\")" % (b, boolean_desc(b))) + + + def gen_booleans_args(parser): +@@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""): + for i in interfaces: + if args.verbose: + try: +- print get_interface_format_text(i + append) ++ print(get_interface_format_text(i + append)) + except KeyError: +- print i ++ print(i) + if args.compile: + try: + interface_compile_test(i) + except KeyError: +- print i ++ print(i) + else: +- print i ++ print(i) + + + def interface(args): +@@ -565,7 +565,7 @@ def generate(args): + if args.policytype in APPLICATIONS: + mypolicy.gen_writeable() + mypolicy.gen_symbols() +- print mypolicy.generate(args.path) ++ print(mypolicy.generate(args.path)) + + + def gen_interface_args(parser): +@@ -698,12 +698,12 @@ if __name__ == '__main__': + args = parser.parse_args(args=parser_args) + args.func(args) + sys.exit(0) +- except ValueError, e: ++ except ValueError as e: + sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) + sys.exit(1) +- except IOError, e: ++ except IOError as e: + sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) + sys.exit(1) + except KeyboardInterrupt: +- print "Out" ++ print("Out") + sys.exit(0) +diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py +index 8fbd5b4..fee6438 100644 +--- a/sepolicy/sepolicy/__init__.py ++++ b/sepolicy/sepolicy/__init__.py +@@ -695,7 +695,7 @@ def get_methods(): + # List of per_role_template interfaces + ifs = interfaces.InterfaceSet() + ifs.from_file(fd) +- methods = ifs.interfaces.keys() ++ methods = list(ifs.interfaces.keys()) + fd.close() + except: + sys.stderr.write("could not open interface info [%s]\n" % fn) +@@ -752,7 +752,10 @@ def get_all_entrypoint_domains(): + + + def gen_interfaces(): +- import commands ++ try: ++ from commands import getstatusoutput ++ except ImportError: ++ from subprocess import getstatusoutput + ifile = defaults.interface_info() + headers = defaults.headers() + try: +@@ -763,7 +766,7 @@ def gen_interfaces(): + + if os.getuid() != 0: + raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen")) +- print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1]) ++ print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1]) + + + def gen_port_dict(): +@@ -1085,8 +1088,11 @@ def get_os_version(): + os_version = "" + pkg_name = "selinux-policy" + try: +- import commands +- rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name) ++ try: ++ from commands import getstatusoutput ++ except ImportError: ++ from subprocess import getstatusoutput ++ rc, output = getstatusoutput("rpm -q '%s'" % pkg_name) + if rc == 0: + os_version = output.split(".")[-2] + except: +diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py +index b96c4b9..299316e 100755 +--- a/sepolicy/sepolicy/communicate.py ++++ b/sepolicy/sepolicy/communicate.py +@@ -34,8 +34,8 @@ def usage(parser, msg): + + def expand_attribute(attribute): + try: +- return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"] +- except RuntimeError: ++ return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))["types"]) ++ except StopIteration: + return [attribute] + + +diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py +index 65b33b6..5696110 100644 +--- a/sepolicy/sepolicy/generate.py ++++ b/sepolicy/sepolicy/generate.py +@@ -31,21 +31,21 @@ import time + import types + import platform + +-from templates import executable +-from templates import boolean +-from templates import etc_rw +-from templates import unit_file +-from templates import var_cache +-from templates import var_spool +-from templates import var_lib +-from templates import var_log +-from templates import var_run +-from templates import tmp +-from templates import rw +-from templates import network +-from templates import script +-from templates import spec +-from templates import user ++from .templates import executable ++from .templates import boolean ++from .templates import etc_rw ++from .templates import unit_file ++from .templates import var_cache ++from .templates import var_spool ++from .templates import var_lib ++from .templates import var_log ++from .templates import var_run ++from .templates import tmp ++from .templates import rw ++from .templates import network ++from .templates import script ++from .templates import spec ++from .templates import user + import sepolgen.interfaces as interfaces + import sepolgen.defaults as defaults + +diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py +index c2cb971..8956f39 100644 +--- a/sepolicy/sepolicy/interface.py ++++ b/sepolicy/sepolicy/interface.py +@@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"): + def get_xml_file(if_file): + """ Returns xml format of interfaces for given .if policy file""" + import os +- import commands ++ try: ++ from commands import getstatusoutput ++ except ImportError: ++ from subprocess import getstatusoutput + basedir = os.path.dirname(if_file) + "/" + filename = os.path.basename(if_file).split(".")[0] +- rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename) ++ rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename) + if rc != 0: + sys.stderr.write("\n Could not proceed selected interface file.\n") + sys.stderr.write("\n%s" % output) +@@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml" + exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"] + exclude_interface_type = ["template"] + +- import commands ++ try: ++ from commands import getstatusoutput ++ except ImportError: ++ from subprocess import getstatusoutput + import os + policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"} + idict = get_interface_dict(path) +@@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml" + fd = open(policy_files['te'], "w") + fd.write(generate_compile_te(interface, idict)) + fd.close() +- rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp']) ++ rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp']) + if rc != 0: + sys.stderr.write(output) + sys.stderr.write(_("\nCompile test for %s failed.\n") % interface) +diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py +index 7365f93..773a9ab 100755 +--- a/sepolicy/sepolicy/manpage.py ++++ b/sepolicy/sepolicy/manpage.py +@@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d + import string + import selinux + import sepolicy +-import commands + import os + import time + +@@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list): + + + def convert_manpage_to_html(html_manpage, manpage): +- rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage) ++ try: ++ from commands import getstatusoutput ++ except ImportError: ++ from subprocess import getstatusoutput ++ rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage) + if rc == 0: + print(html_manpage, "has been created") + fd = open(html_manpage, 'w') +-- +2.10.2 + diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm index ee894c3126..81c899f841 100644 --- a/gnu/packages/selinux.scm +++ b/gnu/packages/selinux.scm @@ -28,6 +28,10 @@ #:use-module (gnu packages bison) #:use-module (gnu packages docbook) #:use-module (gnu packages flex) + #:use-module (gnu packages gettext) + #:use-module (gnu packages glib) + #:use-module (gnu packages linux) + #:use-module (gnu packages networking) #:use-module (gnu packages pcre) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) @@ -342,3 +346,136 @@ tools, and libraries designed to facilitate SELinux policy analysis.") ;; Some programs are under GPL, all libraries under LGPL. (license (list license:lgpl2.1+ license:gpl2+)))) + +(define-public policycoreutils + (package (inherit libsepol) + (name "policycoreutils") + (source + (origin (inherit (package-source libsepol)) + (patches (search-patches "policycoreutils-make-sepolicy-use-python3.patch")) + (patch-flags '("-p1" "-d" "policycoreutils")))) + (arguments + `(#:test-target "test" + #:make-flags + (let ((out (assoc-ref %outputs "out"))) + (list "CC=gcc" + (string-append "PREFIX=" out) + (string-append "LOCALEDIR=" out "/share/locale") + (string-append "BASHCOMPLETIONDIR=" out + "/share/bash-completion/completions") + "INSTALL=install -c -p" + "INSTALL_DIR=install -d" + ;; These ones are needed because some Makefiles define the + ;; directories relative to DESTDIR, not relative to PREFIX. + (string-append "SBINDIR=" out "/sbin") + (string-append "ETCDIR=" out "/etc") + (string-append "SYSCONFDIR=" out "/etc/sysconfig") + (string-append "MAN5DIR=" out "/share/man/man5") + (string-append "INSTALL_NLS_DIR=" out "/share/locale") + (string-append "AUTOSTARTDIR=" out "/etc/xdg/autostart") + (string-append "DBUSSERVICEDIR=" out "/share/dbus-1/services") + (string-append "SYSTEMDDIR=" out "/lib/systemd") + (string-append "INITDIR=" out "/etc/rc.d/init.d") + (string-append "SELINUXDIR=" out "/etc/selinux"))) + #:phases + (modify-phases %standard-phases + (delete 'configure) + (add-after 'unpack 'enter-dir + (lambda _ (chdir ,name) #t)) + (add-after 'enter-dir 'ignore-/usr-tests + (lambda* (#:key inputs #:allow-other-keys) + ;; The Makefile decides to build restorecond only if it finds the + ;; inotify header somewhere under /usr. + (substitute* "Makefile" + (("ifeq.*") "") + (("endif.*") "")) + ;; Rewrite lookup paths for header files. + (substitute* '("newrole/Makefile" + "setfiles/Makefile" + "run_init/Makefile") + (("/usr(/include/security/pam_appl.h)" _ file) + (string-append (assoc-ref inputs "pam") file)) + (("/usr(/include/libaudit.h)" _ file) + (string-append (assoc-ref inputs "audit") file))) + #t)) + (add-after 'enter-dir 'fix-glib-cflags + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "restorecond/Makefile" + (("/usr(/include/glib-2.0|/lib/glib-2.0/include)" _ path) + (string-append (assoc-ref inputs "glib") path)) + (("/usr(/include/dbus-1.0|/lib/dbus-1.0/include)" _ path) + (string-append (assoc-ref inputs "dbus") path + " -I" + (assoc-ref inputs "dbus-glib") path))) + #t)) + (add-after 'enter-dir 'fix-linkage-with-libsepol + (lambda* (#:key inputs #:allow-other-keys) + (substitute* '("semodule_deps/Makefile" + "sepolgen-ifgen/Makefile") + (("\\$\\(LIBDIR\\)") + (string-append (assoc-ref inputs "libsepol") "/lib/"))))) + (add-after 'enter-dir 'fix-target-paths + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (substitute* "audit2allow/sepolgen-ifgen" + (("ATTR_HELPER = \"/usr/bin/sepolgen-ifgen-attr-helper\"") + (string-append "ATTR_HELPER = \"" out + "/bin/sepolgen-ifgen-attr-helper\""))) + (substitute* "sepolicy/sepolicy/__init__.py" + (("/usr/bin/sepolgen-ifgen") + (string-append out "/bin/sepolgen-ifgen"))) + (substitute* "sepolicy/Makefile" + ;; By default all Python files would be installed to + ;; $out/gnu/store/...-python-.../. + (("setup.py install.*$") + (string-append "setup.py install --prefix=" out "\n")) + (("\\$\\(DESTDIR\\)/etc") + (string-append out "/etc")) + (("\\$\\(DESTDIR\\)/usr") out))) + #t)) + (add-after 'install 'wrap-python-tools + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (var (string-append out "/lib/python" + ,(version-major+minor (package-version python)) + "/site-packages:" + (getenv "PYTHONPATH")))) + ;; The scripts' shebangs tell Python to ignore the PYTHONPATH, + ;; so we need to patch them before wrapping. + (for-each (lambda (file) + (let ((path (string-append out "/" file))) + (substitute* path + (("bin/python -Es") "bin/python -s")) + (wrap-program path + `("PYTHONPATH" ":" prefix (,var))))) + '("bin/audit2allow" + "bin/chcat" + "bin/sandbox" + "bin/sepolgen-ifgen" + "bin/sepolicy" + "sbin/semanage"))) + #t))))) + (inputs + `(("python" ,python-wrapper) + ("audit" ,audit) + ("pam" ,linux-pam) + ("libsepol" ,libsepol) + ("libselinux" ,libselinux) + ("libsemanage" ,libsemanage) + ("python-sepolgen" ,python-sepolgen) + ("python-setools" ,python-setools) + ("python-ipy" ,python-ipy) + ("libcap-ng" ,libcap-ng) + ("pcre" ,pcre) + ("dbus" ,dbus) + ("dbus-glib" ,dbus-glib) + ("glib" ,glib))) + (native-inputs + `(("gettext" ,gettext-minimal))) + (synopsis "SELinux core utilities") + (description "The policycoreutils package contains the core utilities that +are required for the basic operation of an SELinux-enabled GNU system and its +policies. These utilities include @code{load_policy} to load policies, +@code{setfiles} to label file systems, @code{newrole} to switch roles, and +@code{run_init} to run service scripts in their proper context.") + (license license:gpl2+))) -- cgit v1.2.3 From cc4faa35f8fa8a64e39c62e77128ad880d0173fd Mon Sep 17 00:00:00 2001 From: Manolis Ragkousis Date: Sat, 8 Apr 2017 16:58:04 +0300 Subject: gnu: Add the Hurd. * gnu/packages/hurd.scm (hurd): New variable. * gnu/packages/patches/hurd-fix-eth-multiplexer-dependency.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/hurd.scm | 41 ++++++++++++++++++++++ .../hurd-fix-eth-multiplexer-dependency.patch | 26 ++++++++++++++ 3 files changed, 68 insertions(+) create mode 100644 gnu/packages/patches/hurd-fix-eth-multiplexer-dependency.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ee18517e22..29f6d3516c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -652,6 +652,7 @@ dist_patch_DATA = \ %D%/packages/patches/higan-remove-march-native-flag.patch \ %D%/packages/patches/hop-linker-flags.patch \ %D%/packages/patches/hubbub-sort-entities.patch \ + %D%/packages/patches/hurd-fix-eth-multiplexer-dependency.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-bug-1299500-pt10.patch \ diff --git a/gnu/packages/hurd.scm b/gnu/packages/hurd.scm index 12fce5453d..bd1eb4b085 100644 --- a/gnu/packages/hurd.scm +++ b/gnu/packages/hurd.scm @@ -245,3 +245,44 @@ Hurd-minimal package which are needed for both glibc and GCC.") (description "GNU Mach is the microkernel upon which a GNU Hurd system is based.") (license gpl2+))) + +(define-public hurd + (package + (name "hurd") + (version "0.9") + (source (origin + (method url-fetch) + (uri (hurd-source-url version)) + (sha256 + (base32 + "1nw9gly0n7pyv3cpfm4mmxy4yccrx4g0lyrvd3vk2vil26jpbggw")) + (patches (search-patches "hurd-fix-eth-multiplexer-dependency.patch")))) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-before 'build 'pre-build + (lambda _ + ;; Don't change the ownership of any file at this time. + (substitute* '("daemons/Makefile" "utils/Makefile") + (("-o root -m 4755") "")) + #t))) + #:configure-flags (list (string-append "LDFLAGS=-Wl,-rpath=" + %output "/lib") + "--disable-ncursesw" + "--without-libbz2" + "--without-libz" + "--without-parted"))) + (build-system gnu-build-system) + (inputs `(("glibc-hurd-headers" ,glibc/hurd-headers))) + (native-inputs + `(("mig" ,mig) + ("perl" ,perl))) + (supported-systems %hurd-systems) + (home-page "https://www.gnu.org/software/hurd/hurd.html") + (synopsis "The kernel servers for the GNU operating system") + (description + "The Hurd is the kernel for the GNU system, a replacement and +augmentation of standard Unix kernels. It is a collection of protocols for +system interaction (file systems, networks, authentication), and servers +implementing them.") + (license gpl2+))) diff --git a/gnu/packages/patches/hurd-fix-eth-multiplexer-dependency.patch b/gnu/packages/patches/hurd-fix-eth-multiplexer-dependency.patch new file mode 100644 index 0000000000..5f0da3eab3 --- /dev/null +++ b/gnu/packages/patches/hurd-fix-eth-multiplexer-dependency.patch @@ -0,0 +1,26 @@ +From ef0399bad41e60cb30d5073129abeb206076394a Mon Sep 17 00:00:00 2001 +From: Manolis Ragkousis +Date: Sat, 8 Apr 2017 16:44:52 +0300 +Subject: [PATCH] eth-multiplexer: Fix iohelp missing dependency. + +* eth-multiplexer/Makefile (HURDLIBS): Add iohelp. +--- + eth-multiplexer/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/eth-multiplexer/Makefile b/eth-multiplexer/Makefile +index 07f909e7..cefa0abd 100644 +--- a/eth-multiplexer/Makefile ++++ b/eth-multiplexer/Makefile +@@ -26,7 +26,7 @@ MIGSFLAGS = -imacros $(srcdir)/mig-mutate.h + device-MIGSFLAGS="-DMACH_PAYLOAD_TO_PORT=ports_payload_get_name" + OBJS = $(SRCS:.c=.o) $(MIGSTUBS) + LCLHDRS = ethernet.h util.h vdev.h netfs_impl.h +-HURDLIBS = ports ihash fshelp shouldbeinlibc netfs bpf ++HURDLIBS = ports ihash iohelp fshelp shouldbeinlibc netfs bpf + LDLIBS = -lpthread + + CFLAGS += -I$(top_srcdir)/libbpf +-- +2.12.2 + -- cgit v1.2.3 From 43acfcb2c77fd9d8b08e3e4366248bdc20c998e9 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 24 Apr 2017 01:03:34 -0400 Subject: libcroco: Fix CVE-2017-{7960,7961}. * gnu/packages/gnome.scm (libcroco)[replacement]: New field. (libcroco/fixed): New variable. * gnu/packages/patches/libcroco-CVE-2017-7960.patch, gnu/packages/patches/libcroco-CVE-2017-7961.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. --- gnu/local.mk | 2 + gnu/packages/gnome.scm | 14 +++++ gnu/packages/patches/libcroco-CVE-2017-7960.patch | 66 +++++++++++++++++++++++ gnu/packages/patches/libcroco-CVE-2017-7961.patch | 50 +++++++++++++++++ 4 files changed, 132 insertions(+) create mode 100644 gnu/packages/patches/libcroco-CVE-2017-7960.patch create mode 100644 gnu/packages/patches/libcroco-CVE-2017-7961.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 29f6d3516c..f7ffd4e94c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -691,6 +691,8 @@ dist_patch_DATA = \ %D%/packages/patches/libbase-use-own-logging.patch \ %D%/packages/patches/libbonobo-activation-test-race.patch \ %D%/packages/patches/libcanberra-sound-theme-freedesktop.patch \ + %D%/packages/patches/libcroco-CVE-2017-7960.patch \ + %D%/packages/patches/libcroco-CVE-2017-7961.patch \ %D%/packages/patches/libdrm-symbol-check.patch \ %D%/packages/patches/libetonyek-build-with-mdds-1.2.patch \ %D%/packages/patches/libevent-dns-tests.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 96dcbda72e..fc19318b91 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -945,6 +945,7 @@ the GNOME desktop environment.") (define-public libcroco (package (name "libcroco") + (replacement libcroco/fixed) (version "0.6.11") (source (origin (method url-fetch) @@ -972,6 +973,19 @@ XML/CSS rendering engine.") ;; LGPLv2.1-only. (license license:lgpl2.1))) +(define libcroco/fixed + (package + (inherit libcroco) + (replacement #f) + (source + (origin + (inherit (package-source libcroco)) + (patches + (append + (origin-patches (package-source libcroco)) + (search-patches "libcroco-CVE-2017-7960.patch" + "libcroco-CVE-2017-7961.patch"))))))) + (define-public libgsf (package (name "libgsf") diff --git a/gnu/packages/patches/libcroco-CVE-2017-7960.patch b/gnu/packages/patches/libcroco-CVE-2017-7960.patch new file mode 100644 index 0000000000..0319c7389f --- /dev/null +++ b/gnu/packages/patches/libcroco-CVE-2017-7960.patch @@ -0,0 +1,66 @@ +Fix CVE-2017-7960: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7960 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/libcroco/commit/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 + +From 898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 Mon Sep 17 00:00:00 2001 +From: Ignacio Casal Quinteiro +Date: Sun, 16 Apr 2017 13:13:43 +0200 +Subject: input: check end of input before reading a byte + +When reading bytes we weren't check that the index wasn't +out of bound and this could produce an invalid read which +could deal to a security bug. +--- + src/cr-input.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/src/cr-input.c b/src/cr-input.c +index 49000b1..3b63a88 100644 +--- a/src/cr-input.c ++++ b/src/cr-input.c +@@ -256,7 +256,7 @@ cr_input_new_from_uri (const gchar * a_file_uri, enum CREncoding a_enc) + *we should free buf here because it's own by CRInput. + *(see the last parameter of cr_input_new_from_buf(). + */ +- buf = NULL ; ++ buf = NULL; + } + + cleanup: +@@ -404,6 +404,8 @@ cr_input_get_nb_bytes_left (CRInput const * a_this) + enum CRStatus + cr_input_read_byte (CRInput * a_this, guchar * a_byte) + { ++ gulong nb_bytes_left = 0; ++ + g_return_val_if_fail (a_this && PRIVATE (a_this) + && a_byte, CR_BAD_PARAM_ERROR); + +@@ -413,6 +415,12 @@ cr_input_read_byte (CRInput * a_this, guchar * a_byte) + if (PRIVATE (a_this)->end_of_input == TRUE) + return CR_END_OF_INPUT_ERROR; + ++ nb_bytes_left = cr_input_get_nb_bytes_left (a_this); ++ ++ if (nb_bytes_left < 1) { ++ return CR_END_OF_INPUT_ERROR; ++ } ++ + *a_byte = PRIVATE (a_this)->in_buf[PRIVATE (a_this)->next_byte_index]; + + if (PRIVATE (a_this)->nb_bytes - +@@ -477,7 +485,6 @@ cr_input_read_char (CRInput * a_this, guint32 * a_char) + if (*a_char == '\n') { + PRIVATE (a_this)->end_of_line = TRUE; + } +- + } + + return status; +-- +cgit v0.12 + diff --git a/gnu/packages/patches/libcroco-CVE-2017-7961.patch b/gnu/packages/patches/libcroco-CVE-2017-7961.patch new file mode 100644 index 0000000000..675dbe4f08 --- /dev/null +++ b/gnu/packages/patches/libcroco-CVE-2017-7961.patch @@ -0,0 +1,50 @@ +Fix CVE-2017-7961: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7961 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/libcroco/commit/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 + +From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001 +From: Ignacio Casal Quinteiro +Date: Sun, 16 Apr 2017 13:56:09 +0200 +Subject: tknzr: support only max long rgb values + +This fixes a possible out of bound when reading rgbs which +are longer than the support MAXLONG +--- + src/cr-tknzr.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c +index 1a7cfeb..1548c35 100644 +--- a/src/cr-tknzr.c ++++ b/src/cr-tknzr.c +@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb) + status = cr_tknzr_parse_num (a_this, &num); + ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL)); + ++ if (num->val > G_MAXLONG) { ++ status = CR_PARSING_ERROR; ++ goto error; ++ } ++ + red = num->val; + cr_num_destroy (num); + num = NULL; +@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb) + status = cr_tknzr_parse_num (a_this, &num); + ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL)); + ++ if (num->val > G_MAXLONG) { ++ status = CR_PARSING_ERROR; ++ goto error; ++ } ++ + PEEK_BYTE (a_this, 1, &next_bytes[0]); + if (next_bytes[0] == '%') { + SKIP_CHARS (a_this, 1); +-- +cgit v0.12 + -- cgit v1.2.3 From 0611abff32ddf0dd6cfbbff74aee4c9a7abe1936 Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Sun, 23 Apr 2017 14:04:41 -0400 Subject: gnu: wmfire: Update source code for new GDK versions. * gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnustep.scm (wmfire)[source]: Add patch. --- gnu/local.mk | 1 + gnu/packages/gnustep.scm | 5 +- .../wmfire-update-for-new-gdk-versions.patch | 144 +++++++++++++++++++++ 3 files changed, 149 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f7ffd4e94c..cb94d27e99 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -996,6 +996,7 @@ dist_patch_DATA = \ %D%/packages/patches/wicd-urwid-1.3.patch \ %D%/packages/patches/wicd-wpa2-ttls.patch \ %D%/packages/patches/wmctrl-64-fix.patch \ + %D%/packages/patches/wmfire-update-for-new-gdk-versions.patch \ %D%/packages/patches/woff2-libbrotli.patch \ %D%/packages/patches/wordnet-CVE-2008-2149.patch \ %D%/packages/patches/wordnet-CVE-2008-3908-pt1.patch \ diff --git a/gnu/packages/gnustep.scm b/gnu/packages/gnustep.scm index 6e729165c9..e2ee4748ff 100644 --- a/gnu/packages/gnustep.scm +++ b/gnu/packages/gnustep.scm @@ -22,6 +22,7 @@ #:use-module (guix packages) #:use-module (guix build-system gnu) #:use-module (guix licenses) + #:use-module (gnu packages) #:use-module (gnu packages xorg) #:use-module (gnu packages gnome) #:use-module (gnu packages gtk) @@ -244,7 +245,9 @@ display, and can run a user-specified program on mouse click.") name "/" name "-" version ".tar.gz")) (sha256 (base32 - "101grahd80n97y2dczb629clmcgiavdpbbwy78kk5wgs362m12z3")))) + "101grahd80n97y2dczb629clmcgiavdpbbwy78kk5wgs362m12z3")) + (patches + (search-patches "wmfire-update-for-new-gdk-versions.patch")))) (build-system gnu-build-system) (inputs `(("gtk+" ,gtk+-2) diff --git a/gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch b/gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch new file mode 100644 index 0000000000..51d6c3e791 --- /dev/null +++ b/gnu/packages/patches/wmfire-update-for-new-gdk-versions.patch @@ -0,0 +1,144 @@ +This patch comes from Debian and was modified by Kei Kebreau . +Link: https://anonscm.debian.org/cgit/pkg-wmaker/wmfire.git/plain/debian/patches/gdk_updates.patch?h=debian/1.2.4-2&id=a272234fc5eecdbfc469adb12133196bc62f3059 + +Description: Update for newer versions of GDK. + In particular, the icon window was not receiving enter and leave events from + the pointer. To fix this, we get rid of the second GdkWindow iconwin entirely + and set win to be its own icon. + . + This also removes the need for the "broken window manager" fix, so we remove it + and all references to it. +Author: Doug Torrance + +diff -ur wmfire-1.2.4.old/src/wmfire.c wmfire-1.2.4/src/wmfire.c +--- wmfire-1.2.4.old/src/wmfire.c 2017-04-23 14:26:58.449487117 -0400 ++++ wmfire-1.2.4/src/wmfire.c 2017-04-23 14:32:10.785238671 -0400 +@@ -77,7 +77,6 @@ + typedef struct { + Display *display; /* X11 display */ + GdkWindow *win; /* Main window */ +- GdkWindow *iconwin; /* Icon window */ + GdkGC *gc; /* Drawing GC */ + GdkPixmap *pixmap; /* Main pixmap */ + GdkBitmap *mask; /* Dockapp mask */ +@@ -141,7 +140,6 @@ + int cmap = 0; + int lock = 0; + int proximity = 0; +-int broken_wm = 0; + + /******************************************/ + /* Main */ +@@ -262,12 +260,8 @@ + usleep(REFRESH); + + /* Draw the rgb buffer to screen */ +- if (!broken_wm) +- gdk_draw_rgb_image(bm.iconwin, bm.gc, 4, 4, XMAX, YMAX, GDK_RGB_DITHER_NONE, bm.rgb, XMAX * 3); +- else +- gdk_draw_rgb_image(bm.win, bm.gc, 4, 4, XMAX, YMAX, GDK_RGB_DITHER_NONE, bm.rgb, XMAX * 3); ++ gdk_draw_rgb_image(bm.win, bm.gc, 4, 4, XMAX, YMAX, GDK_RGB_DITHER_NONE, bm.rgb, XMAX * 3); + } +- + return 0; + } + +@@ -556,9 +550,7 @@ + #define MASK GDK_BUTTON_PRESS_MASK | GDK_ENTER_NOTIFY_MASK | GDK_LEAVE_NOTIFY_MASK | GDK_POINTER_MOTION_HINT_MASK + + GdkWindowAttr attr; +- GdkWindowAttr attri; + Window win; +- Window iconwin; + + GdkPixmap *icon; + +@@ -578,10 +570,6 @@ + attr.wmclass_class = "wmfire"; + attr.window_type = GDK_WINDOW_TOPLEVEL; + +- /* Make a copy for the iconwin - parameters are the same */ +- memcpy(&attri, &attr, sizeof (GdkWindowAttr)); +- attri.window_type = GDK_WINDOW_CHILD; +- + sizehints.flags = USSize; + sizehints.width = 64; + sizehints.height = 64; +@@ -592,18 +580,11 @@ + exit(1); + } + +- bm.iconwin = gdk_window_new(bm.win, &attri, GDK_WA_TITLE | GDK_WA_WMCLASS); +- if (!bm.iconwin) { +- fprintf(stderr, "FATAL: Cannot make icon window\n"); +- exit(1); +- } +- + win = GDK_WINDOW_XWINDOW(bm.win); +- iconwin = GDK_WINDOW_XWINDOW(bm.iconwin); + XSetWMNormalHints(GDK_WINDOW_XDISPLAY(bm.win), win, &sizehints); + + wmhints.initial_state = WithdrawnState; +- wmhints.icon_window = iconwin; ++ wmhints.icon_window = win; + wmhints.icon_x = 0; + wmhints.icon_y = 0; + wmhints.window_group = win; +@@ -613,10 +594,8 @@ + + bm.pixmap = gdk_pixmap_create_from_xpm_d(bm.win, &(bm.mask), NULL, master_xpm); + gdk_window_shape_combine_mask(bm.win, bm.mask, 0, 0); +- gdk_window_shape_combine_mask(bm.iconwin, bm.mask, 0, 0); + + gdk_window_set_back_pixmap(bm.win, bm.pixmap, False); +- gdk_window_set_back_pixmap(bm.iconwin, bm.pixmap, False); + + #if 0 + gdk_window_set_type_hint(bm.win, GDK_WINDOW_TYPE_HINT_DOCK); +@@ -626,7 +605,6 @@ + #endif + + icon = gdk_pixmap_create_from_xpm_d(bm.win, NULL, NULL, icon_xpm); +- gdk_window_set_icon(bm.win, bm.iconwin, icon, NULL); + + gdk_window_show(bm.win); + +@@ -721,9 +699,6 @@ + case 'l': + lock = 1; + break; +- case 'b': +- broken_wm = 1; +- break; + case 'h': + default: + do_help(); +@@ -766,6 +741,5 @@ + for (i = 0; i < NFLAMES; i++) + fprintf(stderr, "%d:%s ", i + 1, fire[i].text); + fprintf(stderr, "\n\t-l\t\t\tlock flame colour and monitor\n"); +- fprintf(stderr, "\t-b\t\t\tactivate broken window manager fix\n"); + fprintf(stderr, "\t-h\t\t\tprints this help\n"); + } +Only in wmfire-1.2.4/src: wmfire.c~ +diff -ur wmfire-1.2.4.old/wmfire.1 wmfire-1.2.4/wmfire.1 +--- wmfire-1.2.4.old/wmfire.1 2017-04-23 14:26:58.449487117 -0400 ++++ wmfire-1.2.4/wmfire.1 2017-04-23 14:41:20.697186114 -0400 +@@ -8,7 +8,6 @@ + + .SH SYNOPSIS + .B wmfire +-[-b] + [-c CPU] + [-f COLOUR] + [-F FILE] +@@ -54,9 +53,6 @@ + + .SH OPTIONS + .TP +-.B -b +-Activate broken window manager fix (if grey box diplayed) +-.TP + .B -c [0..3] + .br + Monitor SMP CPU number X -- cgit v1.2.3 From cd48a549025375bc03ddc0fd9a95ce3bcbf7f284 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Tue, 25 Apr 2017 21:18:42 +0300 Subject: gnu: fuse: Patch conflicting headers with the kernel. * gnu/packages/linux.scm (fuse)[source]: Add patch. * gnu/packages/patches/fuse-overlapping-headers.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 3 ++- .../patches/fuse-overlapping-headers.patch | 28 ++++++++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/fuse-overlapping-headers.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index cb94d27e99..f8a0dd783c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -575,6 +575,7 @@ dist_patch_DATA = \ %D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ + %D%/packages/patches/fuse-overlapping-headers.patch \ %D%/packages/patches/gawk-shell.patch \ %D%/packages/patches/gcc-arm-bug-71399.patch \ %D%/packages/patches/gcc-arm-link-spec-fix.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 42495a9e4f..0b299f9e55 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1459,7 +1459,8 @@ processes currently causing I/O.") "/fuse-" version ".tar.gz")) (sha256 (base32 - "0szi2vlsjxg03y4ji51jks34p269jqj5ify6l0ajsqq6f6y8pd0c")))) + "0szi2vlsjxg03y4ji51jks34p269jqj5ify6l0ajsqq6f6y8pd0c")) + (patches (search-patches "fuse-overlapping-headers.patch")))) (build-system gnu-build-system) (inputs `(("util-linux" ,util-linux))) (arguments diff --git a/gnu/packages/patches/fuse-overlapping-headers.patch b/gnu/packages/patches/fuse-overlapping-headers.patch new file mode 100644 index 0000000000..54f9c0e709 --- /dev/null +++ b/gnu/packages/patches/fuse-overlapping-headers.patch @@ -0,0 +1,28 @@ +This patch is from Debian, named '0006-arm64.patch' + +Author: Riku Voipio +Description: fuse_kernel.h: clean includes + Use for linux and define types used for other operating systems + using types (Closes: #752081). + +diff -Naurp fuse.orig/include/fuse_kernel.h fuse/include/fuse_kernel.h +--- fuse.orig/include/fuse_kernel.h ++++ fuse/include/fuse_kernel.h +@@ -88,12 +88,16 @@ + #ifndef _LINUX_FUSE_H + #define _LINUX_FUSE_H + +-#include ++#ifdef __linux__ ++#include ++#else ++#include + #define __u64 uint64_t + #define __s64 int64_t + #define __u32 uint32_t + #define __s32 int32_t + #define __u16 uint16_t ++#endif + + /* + * Version negotiation: -- cgit v1.2.3 From 244d4f48770ac3e8cac4da435ff6cf8a5a8e14b4 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 27 Apr 2017 17:52:48 +0200 Subject: gnu: serf: Update to 1.3.9. * gnu/packages/patches/serf-comment-style-fix.patch, gnu/packages/patches/serf-deflate-buckets-test-fix.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/web.scm (serf): Update to 1.3.9. [source]: Remove patches. --- gnu/local.mk | 2 - gnu/packages/patches/serf-comment-style-fix.patch | 23 -------- .../patches/serf-deflate-buckets-test-fix.patch | 69 ---------------------- gnu/packages/web.scm | 7 +-- 4 files changed, 2 insertions(+), 99 deletions(-) delete mode 100644 gnu/packages/patches/serf-comment-style-fix.patch delete mode 100644 gnu/packages/patches/serf-deflate-buckets-test-fix.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 31239933ce..40fd0f0619 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -925,8 +925,6 @@ dist_patch_DATA = \ %D%/packages/patches/screen-fix-info-syntax-error.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ - %D%/packages/patches/serf-comment-style-fix.patch \ - %D%/packages/patches/serf-deflate-buckets-test-fix.patch \ %D%/packages/patches/shadow-4.4-su-snprintf-fix.patch \ %D%/packages/patches/shadow-CVE-2017-2616.patch \ %D%/packages/patches/slim-session.patch \ diff --git a/gnu/packages/patches/serf-comment-style-fix.patch b/gnu/packages/patches/serf-comment-style-fix.patch deleted file mode 100644 index 5d336fb3c8..0000000000 --- a/gnu/packages/patches/serf-comment-style-fix.patch +++ /dev/null @@ -1,23 +0,0 @@ -r2443 | andreas.stieger@gmx.de | 2014-10-21 17:42:56 -0400 (Tue, 21 Oct 2014) | 7 lines - -Follow-up to r2419: Correct comment style - -* test/test_buckets.c - (deflate_compress): Correct comment style not supported by strict - compilers, fails on /branches/1.3.x - -Index: test/test_buckets.c -=================================================================== ---- test/test_buckets.c (revision 2442) -+++ test/test_buckets.c (revision 2443) -@@ -1323,9 +1323,9 @@ - - /* The largest buffer we should need is 0.1% larger than the - uncompressed data, + 12 bytes. This info comes from zlib.h. -+ buf_size = orig_len + (orig_len / 1000) + 12; - Note: This isn't sufficient when using Z_NO_FLUSH and extremely compressed - data. Use a buffer bigger than what we need. */ --// buf_size = orig_len + (orig_len / 1000) + 12; - buf_size = 100000; - - write_buf = apr_palloc(pool, buf_size); diff --git a/gnu/packages/patches/serf-deflate-buckets-test-fix.patch b/gnu/packages/patches/serf-deflate-buckets-test-fix.patch deleted file mode 100644 index be8be1b1e8..0000000000 --- a/gnu/packages/patches/serf-deflate-buckets-test-fix.patch +++ /dev/null @@ -1,69 +0,0 @@ -r2445 | chemodax | 2014-10-23 12:15:22 -0400 (Thu, 23 Oct 2014) | 6 lines - -Reduce memory usage by deflate buckets test. - -* test/test_buckets.c - (deflate_buckets): Add POOL argument and use it instead of tb->pool. - (test_deflate_buckets): Use iterpool for deflate_buckets() call. - -Index: test/test_buckets.c -=================================================================== ---- test/test_buckets.c (revision 2444) -+++ test/test_buckets.c (revision 2445) -@@ -1400,12 +1400,12 @@ - expected_len); - } - --static void deflate_buckets(CuTest *tc, int nr_of_loops) -+static void deflate_buckets(CuTest *tc, int nr_of_loops, apr_pool_t *pool) - { - const char *msg = "12345678901234567890123456789012345678901234567890"; - - test_baton_t *tb = tc->testBaton; -- serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL, -+ serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(pool, NULL, - NULL); - z_stream zdestr; - int i; -@@ -1424,8 +1424,8 @@ - { - serf_config_t *config; - -- serf_context_t *ctx = serf_context_create(tb->pool); -- /* status = */ serf__config_store_get_config(ctx, NULL, &config, tb->pool); -+ serf_context_t *ctx = serf_context_create(pool); -+ /* status = */ serf__config_store_get_config(ctx, NULL, &config, pool); - - serf_bucket_set_config(defbkt, config); - } -@@ -1447,11 +1447,11 @@ - if (i == nr_of_loops - 1) { - CuAssertIntEquals(tc, APR_SUCCESS, - deflate_compress(&data, &len, &zdestr, msg, -- strlen(msg), 1, tb->pool)); -+ strlen(msg), 1, pool)); - } else { - CuAssertIntEquals(tc, APR_SUCCESS, - deflate_compress(&data, &len, &zdestr, msg, -- strlen(msg), 0, tb->pool)); -+ strlen(msg), 0, pool)); - } - - if (len == 0) -@@ -1469,10 +1469,15 @@ - static void test_deflate_buckets(CuTest *tc) - { - int i; -+ apr_pool_t *iterpool; -+ test_baton_t *tb = tc->testBaton; - -+ apr_pool_create(&iterpool, tb->pool); - for (i = 1; i < 1000; i++) { -- deflate_buckets(tc, i); -+ apr_pool_clear(iterpool); -+ deflate_buckets(tc, i, iterpool); - } -+ apr_pool_destroy(iterpool); - } - - static apr_status_t discard_data(serf_bucket_t *bkt, diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 5c82cd575e..487366b4a5 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -809,17 +809,14 @@ from streaming URLs. It is a command-line wrapper for the libquvi library.") (define-public serf (package (name "serf") - (version "1.3.8") + (version "1.3.9") (source (origin (method url-fetch) (uri (string-append "https://archive.apache.org/dist/serf/serf-" version ".tar.bz2")) (sha256 - (base32 "14155g48gamcv5s0828bzij6vr14nqmbndwq8j8f9g6vcph0nl70")) - (patches (search-patches "serf-comment-style-fix.patch" - "serf-deflate-buckets-test-fix.patch")) - (patch-flags '("-p0")))) + (base32 "1k47gbgpp52049andr28y28nbwh9m36bbb0g8p0aka3pqlhjv72l")))) (build-system gnu-build-system) (native-inputs `(("scons" ,scons) -- cgit v1.2.3 From a01f15759a00503101baa23af87cbd6095a1fbd6 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 28 Apr 2017 16:34:05 -0400 Subject: gnu: ghostscript: Fix CVE-2017-8291. * gnu/packages/patches/ghostscript-CVE-2017-8291.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ghostscript.scm (ghostscript)[replacement]: New field. (ghostscript/fixed): New variable. (ghostscript-with-x)[replacement]: New field. --- gnu/local.mk | 1 + gnu/packages/ghostscript.scm | 13 ++++ .../patches/ghostscript-CVE-2017-8291.patch | 73 ++++++++++++++++++++++ 3 files changed, 87 insertions(+) create mode 100644 gnu/packages/patches/ghostscript-CVE-2017-8291.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 40fd0f0619..117da28fb3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -603,6 +603,7 @@ dist_patch_DATA = \ %D%/packages/patches/ghostscript-CVE-2016-7978.patch \ %D%/packages/patches/ghostscript-CVE-2016-7979.patch \ %D%/packages/patches/ghostscript-CVE-2016-8602.patch \ + %D%/packages/patches/ghostscript-CVE-2017-8291.patch \ %D%/packages/patches/ghostscript-runpath.patch \ %D%/packages/patches/glib-networking-ssl-cert-file.patch \ %D%/packages/patches/glib-tests-timer.patch \ diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index 076046e721..5340107f99 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -130,6 +130,7 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package (name "ghostscript") + (replacement ghostscript/fixed) (version "9.14.0") (source (origin (method url-fetch) @@ -209,11 +210,23 @@ output file formats and printers.") (define-public ghostscript/x (package (inherit ghostscript) + (replacement #f) (name (string-append (package-name ghostscript) "-with-x")) (inputs `(("libxext" ,libxext) ("libxt" ,libxt) ,@(package-inputs ghostscript))))) +(define ghostscript/fixed + (package + (inherit ghostscript) + (source + (origin + (inherit (package-source ghostscript)) + (patches + (append + (origin-patches (package-source ghostscript)) + (search-patches "ghostscript-CVE-2017-8291.patch"))))))) + (define-public ijs (package (name "ijs") diff --git a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch new file mode 100644 index 0000000000..db80b6ddec --- /dev/null +++ b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch @@ -0,0 +1,73 @@ +Fix CVE-2017-8291: + +https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8291 + +This patch is adapted from these two Artifex Ghostscript commits by Leo +Famulari : + +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d;hp=4f83478c88c2e05d6e8d79ca4557eb039354d2f3 +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3;hp=5603e8fc3e59c435318877efe627967ee6baebb8 + +diff --git a/psi/zfrsd.c b/psi/zfrsd.c +index fb4bce9..2629afa 100644 +--- a/psi/zfrsd.c ++++ b/psi/zfrsd.c +@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p) + ref *pFilter; + ref *pDecodeParms; + int Intent = 0; +- bool AsyncRead; ++ bool AsyncRead = false; + ref empty_array, filter1_array, parms1_array; + uint i; +- int code; ++ int code = 0; ++ ++ if (ref_stack_count(&o_stack) < 1) ++ return_error(e_stackunderflow); ++ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { ++ return_error(e_typecheck); ++ } + + make_empty_array(&empty_array, a_readonly); +- if (dict_find_string(op, "Filter", &pFilter) > 0) { ++ if (r_has_type(op, t_dictionary) ++ && dict_find_string(op, "Filter", &pFilter) > 0) { + if (!r_is_array(pFilter)) { + if (!r_has_type(pFilter, t_name)) + return_error(e_typecheck); +@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p) + return_error(e_typecheck); + } + } +- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); ++ if (r_has_type(op, t_dictionary)) ++ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); + if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */ + return code; +- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0 +- ) +- return code; ++ if (r_has_type(op, t_dictionary)) ++ if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0) ++ return code; + push(1); + op[-1] = *pFilter; + if (pDecodeParms) +diff --git a/psi/zmisc3.c b/psi/zmisc3.c +index 54b3042..0d357f1 100644 +--- a/psi/zmisc3.c ++++ b/psi/zmisc3.c +@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) + ref2_t stack[MAX_DEPTH + 1]; + ref2_t *top = stack; + ++ if (ref_stack_count(&o_stack) < 2) ++ return_error(e_stackunderflow); ++ if (!r_is_array(op - 1) || !r_is_array(op)) { ++ return_error(e_typecheck); ++ } ++ + make_array(&stack[0].proc1, 0, 1, op - 1); + make_array(&stack[0].proc2, 0, 1, op); + for (;;) { -- cgit v1.2.3 From 86f48a8dbff4528d1351676f429fa6a3d0afefd5 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 29 Apr 2017 11:55:33 -0400 Subject: gnu: freetype: Fix CVE-2017-{8105,8287}. * gnu/packages/patches/freetype-CVE-2017-8105.patch, gnu/packages/patches/freetype-CVE-2017-8287.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/fontutils.scm (freetype)[replacement]: New field. (freetype/fixed): New variable. --- gnu/local.mk | 2 + gnu/packages/fontutils.scm | 10 ++++ gnu/packages/patches/freetype-CVE-2017-8105.patch | 56 +++++++++++++++++++++++ gnu/packages/patches/freetype-CVE-2017-8287.patch | 44 ++++++++++++++++++ 4 files changed, 112 insertions(+) create mode 100644 gnu/packages/patches/freetype-CVE-2017-8105.patch create mode 100644 gnu/packages/patches/freetype-CVE-2017-8287.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 117da28fb3..da2e82f475 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -575,6 +575,8 @@ dist_patch_DATA = \ %D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ + %D%/packages/patches/freetype-CVE-2017-8105.patch \ + %D%/packages/patches/freetype-CVE-2017-8287.patch \ %D%/packages/patches/fuse-overlapping-headers.patch \ %D%/packages/patches/gawk-shell.patch \ %D%/packages/patches/gcc-arm-bug-71399.patch \ diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index cc6d1df597..1c4d7d07ff 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -48,6 +48,7 @@ (define-public freetype (package (name "freetype") + (replacement freetype/fixed) (version "2.7.1") (source (origin (method url-fetch) @@ -73,6 +74,15 @@ anti-aliased glyph bitmap generation with 256 gray levels.") (license license:freetype) ; some files have other licenses (home-page "https://www.freetype.org/"))) +(define freetype/fixed + (package + (inherit freetype) + (source + (origin + (inherit (package-source freetype)) + (patches (search-patches "freetype-CVE-2017-8105.patch" + "freetype-CVE-2017-8287.patch")))))) + (define-public ttfautohint (package (name "ttfautohint") diff --git a/gnu/packages/patches/freetype-CVE-2017-8105.patch b/gnu/packages/patches/freetype-CVE-2017-8105.patch new file mode 100644 index 0000000000..1891c4ab5f --- /dev/null +++ b/gnu/packages/patches/freetype-CVE-2017-8105.patch @@ -0,0 +1,56 @@ +Fix CVE-2017-8105: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105 +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 + +Patch copied from upstream source repository: + +https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 + +From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Fri, 24 Mar 2017 09:15:10 +0100 +Subject: [PATCH] [psaux] Better protect `flex' handling. + +Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 + +* src/psaux/t1decode.c (t1_decoder_parse_charstrings) +: Since there is not a single flex operator but a +series of subroutine calls, malformed fonts can call arbitrary other +operators after the start of a flex, possibly adding points. For +this reason we have to check the available number of points before +inserting a point. +--- + ChangeLog | 15 +++++++++++++++ + src/psaux/t1decode.c | 9 +++++++++ + 2 files changed, 24 insertions(+) + +diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c +index af7b465e..7dd45135 100644 +--- a/src/psaux/t1decode.c ++++ b/src/psaux/t1decode.c +@@ -780,10 +780,19 @@ + /* point without adding any point to the outline */ + idx = decoder->num_flex_vectors++; + if ( idx > 0 && idx < 7 ) ++ { ++ /* in malformed fonts it is possible to have other */ ++ /* opcodes in the middle of a flex (which don't */ ++ /* increase `num_flex_vectors'); we thus have to */ ++ /* check whether we can add a point */ ++ if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) ) ++ goto Syntax_Error; ++ + t1_builder_add_point( builder, + x, + y, + (FT_Byte)( idx == 3 || idx == 6 ) ); ++ } + } + break; + +-- +2.12.2 + diff --git a/gnu/packages/patches/freetype-CVE-2017-8287.patch b/gnu/packages/patches/freetype-CVE-2017-8287.patch new file mode 100644 index 0000000000..d1145a87ee --- /dev/null +++ b/gnu/packages/patches/freetype-CVE-2017-8287.patch @@ -0,0 +1,44 @@ +Fix CVE-2017-8287: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287 +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 + +Patch copied from upstream source repository: +https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 + +From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Sun, 26 Mar 2017 08:32:09 +0200 +Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety + guard. + +Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 +--- + ChangeLog | 8 ++++++++ + src/psaux/psobjs.c | 8 ++++++++ + 2 files changed, 16 insertions(+) + +diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c +index d18e821a..0baf8368 100644 +--- a/src/psaux/psobjs.c ++++ b/src/psaux/psobjs.c +@@ -1718,6 +1718,14 @@ + first = outline->n_contours <= 1 + ? 0 : outline->contours[outline->n_contours - 2] + 1; + ++ /* in malformed fonts it can happen that a contour was started */ ++ /* but no points were added */ ++ if ( outline->n_contours && first == outline->n_points ) ++ { ++ outline->n_contours--; ++ return; ++ } ++ + /* We must not include the last point in the path if it */ + /* is located on the first point. */ + if ( outline->n_points > 1 ) +-- +2.12.2 + -- cgit v1.2.3 From b2fd8f63679aa4f244c36fdca62f23c00b8eded9 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 26 Apr 2017 13:03:48 +0200 Subject: gnu: glibc/linux: Fix runtime crashes on i686 systems. * gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash)[native-inputs]: Add the patch conditionally for i686 systems. * gnu/packages/base.scm (glibc/linux)[native-inputs]: Add the patch conditionally for i686 systems. [arguments]: Apply the patch conditionally on i686 systems. --- gnu/local.mk | 1 + gnu/packages/base.scm | 20 +++++- gnu/packages/commencement.scm | 10 ++- .../patches/glibc-memchr-overflow-i686.patch | 74 ++++++++++++++++++++++ 4 files changed, 103 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/glibc-memchr-overflow-i686.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index da2e82f475..f5574ecd80 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -612,6 +612,7 @@ dist_patch_DATA = \ %D%/packages/patches/glibc-bootstrap-system.patch \ %D%/packages/patches/glibc-ldd-x86_64.patch \ %D%/packages/patches/glibc-locales.patch \ + %D%/packages/patches/glibc-memchr-overflow-i686.patch \ %D%/packages/patches/glibc-o-largefile.patch \ %D%/packages/patches/glibc-versioned-locpath.patch \ %D%/packages/patches/glog-gcc-5-demangling.patch \ diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 9fcca45a54..6dc9e97c34 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -666,6 +666,16 @@ store.") ;; 4.7.1. ((" -lgcc_s") "")) + ;; Apply patch only on i686. + ;; TODO: Move the patch to 'patches' in the next update cycle. + ,@(if (string-prefix? "i686" (or (%current-target-system) + (%current-system))) + `(zero? (system* "patch" "-p1" "--force" + "--input" + (assoc-ref native-inputs + "glibc-memchr-overflow-i686.patch"))) + '()) + ;; Have `system' use that Bash. (substitute* "sysdeps/posix/system.c" (("#define[[:blank:]]+SHELL_PATH.*$") @@ -709,7 +719,15 @@ store.") ;; install the message catalogs, with 'msgfmt'. (native-inputs `(("texinfo" ,texinfo) ("perl" ,perl) - ("gettext" ,gettext-minimal))) + ("gettext" ,gettext-minimal) + + ;; Apply this patch only on i686 to avoid a full rebuild. + ;; TODO: Move to 'patches' in the next update cycle. + ,@(if (string-prefix? "i686" (or (%current-target-system) + (%current-system))) + `(("glibc-memchr-overflow-i686.patch" + ,(search-patch "glibc-memchr-overflow-i686.patch"))) + '()))) (native-search-paths ;; Search path for packages that provide locale data. This is useful diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm index 92f6e6c2ea..4fa34c93b1 100644 --- a/gnu/packages/commencement.scm +++ b/gnu/packages/commencement.scm @@ -22,6 +22,7 @@ (define-module (gnu packages commencement) #:use-module ((guix licenses) #:select (gpl3+ lgpl2.0+ public-domain)) + #:use-module (gnu packages) #:use-module (gnu packages bootstrap) #:use-module (gnu packages base) #:use-module (gnu packages bash) @@ -509,7 +510,14 @@ the bootstrap environment." (propagated-inputs `(("kernel-headers" ,(kernel-headers-boot0)))) (native-inputs `(("texinfo" ,texinfo-boot0) - ("perl" ,perl-boot0))) + ("perl" ,perl-boot0) + ;; Apply this patch only on i686 to avoid a full rebuild. + ;; TODO: Remove in the next update cycle. + ,@(if (string-prefix? "i686" (or (%current-target-system) + (%current-system))) + `(("glibc-memchr-overflow-i686.patch" + ,(search-patch "glibc-memchr-overflow-i686.patch"))) + '()))) (inputs `(;; The boot inputs. That includes the bootstrap libc. We don't want ;; it in $CPATH, hence the 'pre-configure' phase above. diff --git a/gnu/packages/patches/glibc-memchr-overflow-i686.patch b/gnu/packages/patches/glibc-memchr-overflow-i686.patch new file mode 100644 index 0000000000..0b1b5b9f96 --- /dev/null +++ b/gnu/packages/patches/glibc-memchr-overflow-i686.patch @@ -0,0 +1,74 @@ +Extracted from glibc upstream git repository. Changes to the ChangeLog have +been removed. This patch is needed to fix spurious segmentation faults on +i686. + +From 3abeeec5f46ff036bd9df60bb096e20314ccd078 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 14 Mar 2017 14:16:13 -0300 +Subject: [PATCH] Fix i686 memchr overflow calculation (BZ#21182) + +This patch fixes the regression added by 23d2770 for final address +overflow calculation. The subtraction of the considered size (16) +at line 120 is at wrong place, for sizes less than 16 subsequent +overflow check will not take in consideration an invalid size (since +the subtraction will be negative). Also, the lea instruction also +does not raise the carry flag (CF) that is used in subsequent jbe +to check for overflow. + +The fix is to follow x86_64 logic from 3daef2c where the overflow +is first check and a sub instruction is issued. In case of resulting +negative size, CF will be set by the sub instruction and a NULL +result will be returned. The patch also add similar tests reported +in bug report. + +Checked on i686-linux-gnu and x86_64-linux-gnu. + + * string/test-memchr.c (do_test): Add BZ#21182 checks for address + near end of a page. + * sysdeps/i386/i686/multiarch/memchr-sse2.S (__memchr): Fix + overflow calculation. +--- + string/test-memchr.c | 6 ++++++ + sysdeps/i386/i686/multiarch/memchr-sse2.S | 2 +- + 3 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/string/test-memchr.c b/string/test-memchr.c +index 2403c9242b..669e092e7d 100644 +--- a/string/test-memchr.c ++++ b/string/test-memchr.c +@@ -210,6 +210,12 @@ test_main (void) + do_test (0, i, i + 1, i + 1, 0); + } + ++ /* BZ#21182 - wrong overflow calculation for i686 implementation ++ with address near end of the page. */ ++ for (i = 2; i < 16; ++i) ++ /* page_size is in fact getpagesize() * 2. */ ++ do_test (page_size / 2 - i, i, i, 1, 0x9B); ++ + do_random_tests (); + return ret; + } +diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2.S b/sysdeps/i386/i686/multiarch/memchr-sse2.S +index 910679cfc0..e41f324a77 100644 +--- a/sysdeps/i386/i686/multiarch/memchr-sse2.S ++++ b/sysdeps/i386/i686/multiarch/memchr-sse2.S +@@ -117,7 +117,6 @@ L(crosscache): + + # ifndef USE_AS_RAWMEMCHR + jnz L(match_case2_prolog1) +- lea -16(%edx), %edx + /* Calculate the last acceptable address and check for possible + addition overflow by using satured math: + edx = ecx + edx +@@ -125,6 +124,7 @@ L(crosscache): + add %ecx, %edx + sbb %eax, %eax + or %eax, %edx ++ sub $16, %edx + jbe L(return_null) + lea 16(%edi), %edi + # else +-- +2.12.2 + -- cgit v1.2.3 From 1c4a500aae53b8cd33d1266eb3809b859ae2555d Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 1 May 2017 14:24:50 -0400 Subject: gnu: libsndfile: Fix CVE-2017-{8361,8362,8363,8365}. * gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch, gnu/packages/patches/libsndfile-CVE-2017-8362.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field. (libsndfile/fixed): New variable. --- gnu/local.mk | 2 + .../libsndfile-CVE-2017-8361-8363-8365.patch | 77 ++++++++++++++++++++++ .../patches/libsndfile-CVE-2017-8362.patch | 61 +++++++++++++++++ gnu/packages/pulseaudio.scm | 13 ++++ 4 files changed, 153 insertions(+) create mode 100644 gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch create mode 100644 gnu/packages/patches/libsndfile-CVE-2017-8362.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f5574ecd80..52000a2c53 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -719,6 +719,8 @@ dist_patch_DATA = \ %D%/packages/patches/libmad-frame-length.patch \ %D%/packages/patches/libmad-mips-newgcc.patch \ %D%/packages/patches/libsndfile-armhf-type-checks.patch \ + %D%/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch \ + %D%/packages/patches/libsndfile-CVE-2017-8362.patch \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ diff --git a/gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch b/gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch new file mode 100644 index 0000000000..5f63231af0 --- /dev/null +++ b/gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch @@ -0,0 +1,77 @@ +Fix CVE-2017-{8361,8363,8365}: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8361 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8363 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8365 + +Patch copied from upstream source repository: + +https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3 + +From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001 +From: Erik de Castro Lopo +Date: Wed, 12 Apr 2017 19:45:30 +1000 +Subject: [PATCH] FLAC: Fix a buffer read overrun + +Buffer read overrun occurs when reading a FLAC file that switches +from 2 channels to one channel mid-stream. Only option is to +abort the read. + +Closes: https://github.com/erikd/libsndfile/issues/230 +--- + src/common.h | 1 + + src/flac.c | 13 +++++++++++++ + src/sndfile.c | 1 + + 3 files changed, 15 insertions(+) + +diff --git a/src/common.h b/src/common.h +index 0bd810c3..e2669b6a 100644 +--- a/src/common.h ++++ b/src/common.h +@@ -725,6 +725,7 @@ enum + SFE_FLAC_INIT_DECODER, + SFE_FLAC_LOST_SYNC, + SFE_FLAC_BAD_SAMPLE_RATE, ++ SFE_FLAC_CHANNEL_COUNT_CHANGED, + SFE_FLAC_UNKOWN_ERROR, + + SFE_WVE_NOT_WVE, +diff --git a/src/flac.c b/src/flac.c +index 84de0e26..986a7b8f 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -434,6 +434,19 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_ + + switch (metadata->type) + { case FLAC__METADATA_TYPE_STREAMINFO : ++ if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels) ++ { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n" ++ "Nothing to be but to error out.\n" , ++ psf->sf.channels, metadata->data.stream_info.channels) ; ++ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; ++ return ; ++ } ; ++ ++ if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate) ++ { psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n" ++ "Carrying on as if nothing happened.", ++ psf->sf.samplerate, metadata->data.stream_info.sample_rate) ; ++ } ; + psf->sf.channels = metadata->data.stream_info.channels ; + psf->sf.samplerate = metadata->data.stream_info.sample_rate ; + psf->sf.frames = metadata->data.stream_info.total_samples ; +diff --git a/src/sndfile.c b/src/sndfile.c +index 41875610..e2a87be8 100644 +--- a/src/sndfile.c ++++ b/src/sndfile.c +@@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] = + { SFE_FLAC_INIT_DECODER , "Error : problem with initialization of the flac decoder." }, + { SFE_FLAC_LOST_SYNC , "Error : flac decoder lost sync." }, + { SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support this sample rate." }, ++ { SFE_FLAC_CHANNEL_COUNT_CHANGED, "Error : flac channel changed mid stream." }, + { SFE_FLAC_UNKOWN_ERROR , "Error : unknown error in flac decoder." }, + + { SFE_WVE_NOT_WVE , "Error : not a WVE file." }, +-- +2.12.2 + diff --git a/gnu/packages/patches/libsndfile-CVE-2017-8362.patch b/gnu/packages/patches/libsndfile-CVE-2017-8362.patch new file mode 100644 index 0000000000..5fc52a377a --- /dev/null +++ b/gnu/packages/patches/libsndfile-CVE-2017-8362.patch @@ -0,0 +1,61 @@ +Fix CVE-2017-8362: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8362 + +Patch copied from upstream source repository: + +https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808 + +From ef1dbb2df1c0e741486646de40bd638a9c4cd808 Mon Sep 17 00:00:00 2001 +From: Erik de Castro Lopo +Date: Fri, 14 Apr 2017 15:19:16 +1000 +Subject: [PATCH] src/flac.c: Fix a buffer read overflow + +A file (generated by a fuzzer) which increased the number of channels +from one frame to the next could cause a read beyond the end of the +buffer provided by libFLAC. Only option is to abort the read. + +Closes: https://github.com/erikd/libsndfile/issues/231 +--- + src/flac.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/src/flac.c b/src/flac.c +index 5a4f8c21..e4f9aaa0 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -169,6 +169,14 @@ flac_buffer_copy (SF_PRIVATE *psf) + const int32_t* const *buffer = pflac->wbuffer ; + unsigned i = 0, j, offset, channels, len ; + ++ if (psf->sf.channels != (int) frame->header.channels) ++ { psf_log_printf (psf, "Error: FLAC frame changed from %d to %d channels\n" ++ "Nothing to do but to error out.\n" , ++ psf->sf.channels, frame->header.channels) ; ++ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; ++ return 0 ; ++ } ; ++ + /* + ** frame->header.blocksize is variable and we're using a constant blocksize + ** of FLAC__MAX_BLOCK_SIZE. +@@ -202,7 +210,6 @@ flac_buffer_copy (SF_PRIVATE *psf) + return 0 ; + } ; + +- + len = SF_MIN (pflac->len, frame->header.blocksize) ; + + if (pflac->remain % channels != 0) +@@ -436,7 +443,7 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_ + { case FLAC__METADATA_TYPE_STREAMINFO : + if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels) + { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n" +- "Nothing to be but to error out.\n" , ++ "Nothing to do but to error out.\n" , + psf->sf.channels, metadata->data.stream_info.channels) ; + psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; + return ; +-- +2.12.2 + diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm index c52f265cc1..92ebe6f3eb 100644 --- a/gnu/packages/pulseaudio.scm +++ b/gnu/packages/pulseaudio.scm @@ -45,6 +45,7 @@ (define-public libsndfile (package (name "libsndfile") + (replacement libsndfile/fixed) (version "1.0.28") (source (origin (method url-fetch) @@ -76,6 +77,18 @@ SPARC. Hopefully the design of the library will also make it easy to extend for reading and writing new sound file formats.") (license l:gpl2+))) +(define libsndfile/fixed + (package + (inherit libsndfile) + (source + (origin + (inherit (package-source libsndfile)) + (patches + (append + (origin-patches (package-source libsndfile)) + (search-patches "libsndfile-CVE-2017-8361-8363-8365.patch" + "libsndfile-CVE-2017-8362.patch"))))))) + (define-public libsamplerate (package (name "libsamplerate") ; aka. Secret Rabbit Code (SRC) -- cgit v1.2.3 From 693f12ce2326f82020e90e58e69cf2b54808c19b Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 2 May 2017 15:10:05 +0200 Subject: build: 'check-system' now depends on the bootstrap Guile tarballs. Reported by Chris Marusich . * gnu/local.mk (BOOTSTRAP_GUILE_TARBALLS): New variable. (DISTCLEANFILES): Define as an alias for 'BOOTSTRAP_GUILE_TARBALLS'. * Makefile.am (check-system): Depend on $(BOOTSTRAP_GUILE_TARBALLS). --- Makefile.am | 2 +- gnu/local.mk | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'gnu/local.mk') diff --git a/Makefile.am b/Makefile.am index 9484ba75aa..c75be9c842 100644 --- a/Makefile.am +++ b/Makefile.am @@ -379,7 +379,7 @@ check-local: endif !CAN_RUN_TESTS -check-system: $(GOBJECTS) +check-system: $(GOBJECTS) $(BOOTSTRAP_GUILE_TARBALLS) $(AM_V_at)$(top_builddir)/pre-inst-env \ $(GUILE) --no-auto-compile \ -e '(@@ (run-system-tests) run-system-tests)' \ diff --git a/gnu/local.mk b/gnu/local.mk index 52000a2c53..28ab73aed3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1087,13 +1087,15 @@ nodist_bootstrap_mips64el_linux_DATA = \ set-bootstrap-executable-permissions: chmod +x $(DESTDIR)$(bootstrapdir)/*/{bash,mkdir,tar,xz} -DISTCLEANFILES = \ +BOOTSTRAP_GUILE_TARBALLS = \ $(nodist_bootstrap_x86_64_linux_DATA) \ $(nodist_bootstrap_i686_linux_DATA) \ $(nodist_bootstrap_armhf_linux_DATA) \ - $(nodist_bootstrap_aarch64_linux_DATA) \ + $(nodist_bootstrap_aarch64_linux_DATA) \ $(nodist_bootstrap_mips64el_linux_DATA) +DISTCLEANFILES = $(BOOTSTRAP_GUILE_TARBALLS) + # Method to download a file from an external source. DOWNLOAD_FILE = \ GUILE_LOAD_COMPILED_PATH="$(top_builddir):$$GUILE_LOAD_COMPILED_PATH" \ -- cgit v1.2.3 From 4aabc8eaa22314b412d8c5517e05085aa1b38498 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 2 May 2017 15:43:01 +0200 Subject: build: Install gnu/build/svg.scm. Fixes a regression introduced in commit 960887b2974ff5c3e63f58a1d89cd8d0dcb5e045. * Makefile.am (MODULES_NOT_COMPILED): New variable. (nobase_dist_guilemodule_DATA): Add $(MODULES_NOT_COMPILED). (EXTRA_DIST): Remove gnu/build/svg.scm. * gnu/local.mk (MODULES_NOT_COMPILED): New variable. --- Makefile.am | 9 ++++++--- gnu/local.mk | 3 +++ 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'gnu/local.mk') diff --git a/Makefile.am b/Makefile.am index c75be9c842..426f8327d9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -28,6 +28,10 @@ nodist_noinst_SCRIPTS = \ pre-inst-env \ test-env +# Modules that are not compiled but are installed nonetheless, such as +# build-side modules with unusual dependencies. +MODULES_NOT_COMPILED = + include gnu/local.mk MODULES = \ @@ -222,8 +226,8 @@ EXAMPLES = \ GOBJECTS = $(MODULES:%.scm=%.go) guix/config.go $(dist_noinst_DATA:%.scm=%.go) -nobase_dist_guilemodule_DATA = \ - $(MODULES) $(AUX_FILES) $(EXAMPLES) \ +nobase_dist_guilemodule_DATA = \ + $(MODULES) $(MODULES_NOT_COMPILED) $(AUX_FILES) $(EXAMPLES) \ $(MISC_DISTRO_FILES) nobase_nodist_guilemodule_DATA = guix/config.scm nobase_nodist_guileobject_DATA = $(GOBJECTS) @@ -400,7 +404,6 @@ EXTRA_DIST = \ TODO \ CODE-OF-CONDUCT \ .dir-locals.el \ - gnu/build/svg.scm \ build-aux/build-self.scm \ build-aux/compile-all.scm \ build-aux/hydra/evaluate.scm \ diff --git a/gnu/local.mk b/gnu/local.mk index 28ab73aed3..2017868891 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -475,6 +475,9 @@ GNU_SYSTEM_MODULES = \ %D%/tests/ssh.scm \ %D%/tests/web.scm +# Modules that do not need to be compiled. +MODULES_NOT_COMPILED += \ + %D%/build/svg.scm patchdir = $(guilemoduledir)/%D%/packages/patches dist_patch_DATA = \ -- cgit v1.2.3 From 1c7a78f157062c796f6779da645be6212d6cd592 Mon Sep 17 00:00:00 2001 From: Jan Nieuwenhuizen Date: Thu, 27 Apr 2017 15:43:22 +0200 Subject: gnu: Add mes. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/mes.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. Signed-off-by: Ludovic Courtès --- gnu/local.mk | 1 + gnu/packages/mes.scm | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 gnu/packages/mes.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 2017868891..4c6e8af16c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -256,6 +256,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/maths.scm \ %D%/packages/mc.scm \ %D%/packages/mcrypt.scm \ + %D%/packages/mes.scm \ %D%/packages/messaging.scm \ %D%/packages/mingw.scm \ %D%/packages/mg.scm \ diff --git a/gnu/packages/mes.scm b/gnu/packages/mes.scm new file mode 100644 index 0000000000..aaa00f78a6 --- /dev/null +++ b/gnu/packages/mes.scm @@ -0,0 +1,74 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Jan Nieuwenhuizen +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages mes) + #:use-module (gnu packages) + #:use-module (gnu packages base) + #:use-module (gnu packages commencement) + #:use-module (gnu packages cross-base) + #:use-module (gnu packages gcc) + #:use-module (gnu packages guile) + #:use-module (gnu packages package-management) + #:use-module (gnu packages perl) + #:use-module (guix build-system gnu) + #:use-module (guix git-download) + #:use-module (guix licenses) + #:use-module (guix packages)) + +(define-public mes + (let ((commit "a437c173b9da1949ad966fd50dd4f26e522a910a") + (revision "0") + (triplet "i686-unknown-linux-gnu")) + (package + (name "mes") + (version (string-append "0.5-" revision "." (string-take commit 7))) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://gitlab.com/janneke/mes") + (commit commit))) + (file-name (string-append name "-" version)) + ;; TODO: Unbundle nyacc. + (sha256 + (base32 "1ynr0hc0k15307sgzv09k3y5rvy46h0wbh7zcblx1f9v7y8k90zv")))) + (build-system gnu-build-system) + (supported-systems '("x86_64-linux")) + (native-inputs + `(("guile" ,guile-2.2) + ;; Use cross-compiler rather than #:system "i686-linux" to get + ;; MesCC 64 bit .go files installed ready for use with Guile. + ("i686-linux-binutils" ,(cross-binutils triplet)) + ("i686-linux-gcc" ,(let ((triplet triplet)) (cross-gcc triplet))) + ("perl" ,perl))) ;build-aux/gitlog-to-changelog + (arguments + `(#:phases + (modify-phases %standard-phases + (add-before 'install 'generate-changelog + (lambda _ + (with-output-to-file "ChangeLog" + (lambda () + (display "Please run + build-aux/gitlog-to-changelog --srcdir= > ChangeLog\n"))) + #t))))) + (synopsis "Maxwell Equations of Software") + (description + "Mes aims to create full source bootstrapping for GuixSD. It +consists of a mutual self-hosting [close to Guile-] Scheme interpreter +prototype in C and a Nyacc-based C compiler in [Guile] Scheme.") + (home-page "https://gitlab.com/janneke/mes") + (license gpl3+)))) -- cgit v1.2.3 From 6ba4eca234470c2151755b071e8a06c9e4e49b1b Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 4 May 2017 14:18:38 +0200 Subject: gnu: llvm-3.5: Fix build of clang-3.5. * gnu/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch: New file * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/llvm.scm (llvm-3.5)[source]: Add patch. --- gnu/local.mk | 1 + gnu/packages/llvm.scm | 2 ++ .../llvm-3.5-fix-clang-build-with-gcc5.patch | 35 ++++++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 gnu/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 4c6e8af16c..ce7ecc36cf 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -768,6 +768,7 @@ dist_patch_DATA = \ %D%/packages/patches/libxt-guix-search-paths.patch \ %D%/packages/patches/linux-pam-no-setfsuid.patch \ %D%/packages/patches/lirc-localstatedir.patch \ + %D%/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch \ %D%/packages/patches/llvm-for-extempore.patch \ %D%/packages/patches/lm-sensors-hwmon-attrs.patch \ %D%/packages/patches/lua-CVE-2014-5461.patch \ diff --git a/gnu/packages/llvm.scm b/gnu/packages/llvm.scm index 04a2b39af9..52a78467a8 100644 --- a/gnu/packages/llvm.scm +++ b/gnu/packages/llvm.scm @@ -268,6 +268,8 @@ code analysis tools.") (method url-fetch) (uri (string-append "http://llvm.org/releases/" version "/llvm-" version ".src.tar.xz")) + (patches + (search-patches "llvm-3.5-fix-clang-build-with-gcc5.patch")) (sha256 (base32 "0xf5q17kkxsrm2gsi93h4pwlv663kji73r2g4asb97klsmb626a4")))))) diff --git a/gnu/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch b/gnu/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch new file mode 100644 index 0000000000..faa8252c43 --- /dev/null +++ b/gnu/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch @@ -0,0 +1,35 @@ +This patch was downloaded from https://sft.its.cern.ch/jira/browse/ROOT-7047. +It fixes the build of clang 3.5 with GCC 5. File paths have been adjusted. + +From 00f3ed6eee41da871799ad0fd19153c7682d61fe Mon Sep 17 00:00:00 2001 +From: Alexander Klimov +Date: Mon, 26 Jan 2015 18:45:23 +0200 +Subject: [PATCH] [ADT/IntrusiveRefCntPtr] Give friend access to + IntrusiveRefCntPtr so the relevant move constructor can + access 'Obj'. + +From LLVM upstream: +Author: Argyrios Kyrtzidis +Date: Tue Sep 23 06:06:43 2014 +0000 +git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@218295 91177308-0d34-0410-b5e6-96231b3b80d8 +--- + interpreter/llvm/src/include/llvm/ADT/IntrusiveRefCntPtr.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/include/llvm/ADT/IntrusiveRefCntPtr.h b/include/llvm/ADT/IntrusiveRefCntPtr.h +index f9df378..c859c98 100644 +--- a/include/llvm/ADT/IntrusiveRefCntPtr.h ++++ b/include/llvm/ADT/IntrusiveRefCntPtr.h +@@ -197,6 +197,9 @@ public: + private: + void retain() { if (Obj) IntrusiveRefCntPtrInfo::retain(Obj); } + void release() { if (Obj) IntrusiveRefCntPtrInfo::release(Obj); } ++ ++ template ++ friend class IntrusiveRefCntPtr; + }; + + template +-- +1.7.10.4 + -- cgit v1.2.3 From f9ff014bf623071b9343265e8a5aa994a10ec9d4 Mon Sep 17 00:00:00 2001 From: Petter Date: Sun, 23 Apr 2017 13:46:41 +0200 Subject: gnu: Add cool-retro-term. * gnu/packages/terminals.scm (cool-retro-term): New variable. * gnu/packages/patches/cool-retro-term-remove-non-free-fonts.patch, gnu/packages/patches/cool-retro-term-fix-array-size.patch, gnu/packages/patches/cool-retro-term-memory-leak-1.patch, gnu/packages/patches/cool-retro-term-remove-non-free-fonts.patch: New patches. * gnu/local.mk (dist_patch_DATA): Add them. Co-authored-by: Eric Bavier --- gnu/local.mk | 4 + .../cool-retro-term-dont-check-uninit-member.patch | 33 ++++ .../patches/cool-retro-term-fix-array-size.patch | 25 +++ .../patches/cool-retro-term-memory-leak-1.patch | 32 ++++ .../cool-retro-term-remove-non-free-fonts.patch | 205 +++++++++++++++++++++ gnu/packages/terminals.scm | 110 +++++++++++ 6 files changed, 409 insertions(+) create mode 100644 gnu/packages/patches/cool-retro-term-dont-check-uninit-member.patch create mode 100644 gnu/packages/patches/cool-retro-term-fix-array-size.patch create mode 100644 gnu/packages/patches/cool-retro-term-memory-leak-1.patch create mode 100644 gnu/packages/patches/cool-retro-term-remove-non-free-fonts.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ce7ecc36cf..61f2534e91 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -529,6 +529,10 @@ dist_patch_DATA = \ %D%/packages/patches/clx-remove-demo.patch \ %D%/packages/patches/cmake-fix-tests.patch \ %D%/packages/patches/coda-use-system-libs.patch \ + %D%/packages/patches/cool-retro-term-dont-check-uninit-member.patch \ + %D%/packages/patches/cool-retro-term-fix-array-size.patch \ + %D%/packages/patches/cool-retro-term-memory-leak-1.patch \ + %D%/packages/patches/cool-retro-term-remove-non-free-fonts.patch \ %D%/packages/patches/coreutils-cut-huge-range-test.patch \ %D%/packages/patches/coreutils-fix-cross-compilation.patch \ %D%/packages/patches/cpio-CVE-2016-2037.patch \ diff --git a/gnu/packages/patches/cool-retro-term-dont-check-uninit-member.patch b/gnu/packages/patches/cool-retro-term-dont-check-uninit-member.patch new file mode 100644 index 0000000000..c6e1d27315 --- /dev/null +++ b/gnu/packages/patches/cool-retro-term-dont-check-uninit-member.patch @@ -0,0 +1,33 @@ +From 126a97d1f22f7d784d392b2b7d5aadf0a4e18c0d Mon Sep 17 00:00:00 2001 +From: Petter +Date: Thu, 27 Apr 2017 20:28:02 +0200 +Subject: [PATCH] Avoid checking uninitialized member + simplify condition + +--- + qmltermwidget/lib/TerminalDisplay.cpp | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/qmltermwidget/lib/TerminalDisplay.cpp b/qmltermwidget/lib/TerminalDisplay.cpp +index 189a609..36d2cd2 100644 +--- a/qmltermwidget/lib/TerminalDisplay.cpp ++++ b/qmltermwidget/lib/TerminalDisplay.cpp +@@ -325,6 +325,7 @@ TerminalDisplay::TerminalDisplay(QQuickItem *parent) + ,_terminalSizeHint(false) + ,_terminalSizeStartup(true) + ,_bidiEnabled(false) ++,_mouseMarks(false) + ,_actSel(0) + ,_wordSelectionMode(false) + ,_lineSelectionMode(false) +@@ -1846,7 +1847,7 @@ void TerminalDisplay::mousePressEvent(QMouseEvent* ev) + } + else if ( ev->button() == Qt::MidButton ) + { +- if ( _mouseMarks || (!_mouseMarks && (ev->modifiers() & Qt::ShiftModifier)) ) ++ if ( _mouseMarks || (ev->modifiers() & Qt::ShiftModifier) ) + emitSelection(true,ev->modifiers() & Qt::ControlModifier); + else + emit mouseSignal( 1, charColumn +1, charLine +1 +_scrollBar->value() -_scrollBar->maximum() , 0); +-- +2.12.2 + diff --git a/gnu/packages/patches/cool-retro-term-fix-array-size.patch b/gnu/packages/patches/cool-retro-term-fix-array-size.patch new file mode 100644 index 0000000000..04a2a27971 --- /dev/null +++ b/gnu/packages/patches/cool-retro-term-fix-array-size.patch @@ -0,0 +1,25 @@ +From c91d7ae5dbb00c8392a9f93283dc56c3e296cccd Mon Sep 17 00:00:00 2001 +From: Petter +Date: Thu, 27 Apr 2017 20:19:21 +0200 +Subject: [PATCH] Fix size of the array passed to memset() + +--- + qmltermwidget/lib/History.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/qmltermwidget/lib/History.cpp b/qmltermwidget/lib/History.cpp +index 0f9c13f..ab6f7be 100644 +--- a/qmltermwidget/lib/History.cpp ++++ b/qmltermwidget/lib/History.cpp +@@ -515,7 +515,7 @@ void HistoryScrollBlockArray::addCells(const Character a[], int count) + // put cells in block's data + assert((count * sizeof(Character)) < ENTRIES); + +- memset(b->data, 0, ENTRIES); ++ memset(b->data, 0, sizeof(b->data)); + + memcpy(b->data, a, count * sizeof(Character)); + b->size = count * sizeof(Character); +-- +2.12.2 + diff --git a/gnu/packages/patches/cool-retro-term-memory-leak-1.patch b/gnu/packages/patches/cool-retro-term-memory-leak-1.patch new file mode 100644 index 0000000000..f3fbac17de --- /dev/null +++ b/gnu/packages/patches/cool-retro-term-memory-leak-1.patch @@ -0,0 +1,32 @@ +From 08628fda19128b75248548357e416bc373f14f91 Mon Sep 17 00:00:00 2001 +From: Yen Chi Hsuan +Date: Sat, 18 Mar 2017 02:50:34 +0800 +Subject: [PATCH] Fix memory leak in hotspot (URLs & emails) detection + +--- + qmltermwidget/lib/Filter.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/qmltermwidget/lib/Filter.cpp b/qmltermwidget/lib/Filter.cpp +index 5ca7bee..2e8d2fb 100644 +--- a/qmltermwidget/lib/Filter.cpp ++++ b/qmltermwidget/lib/Filter.cpp +@@ -26,6 +26,7 @@ + // Qt + #include + #include ++#include + #include + #include + #include +@@ -194,6 +195,7 @@ Filter::~Filter() + } + void Filter::reset() + { ++ qDeleteAll(_hotspotList); + _hotspots.clear(); + _hotspotList.clear(); + } +-- +2.12.2 + diff --git a/gnu/packages/patches/cool-retro-term-remove-non-free-fonts.patch b/gnu/packages/patches/cool-retro-term-remove-non-free-fonts.patch new file mode 100644 index 0000000000..7a033df413 --- /dev/null +++ b/gnu/packages/patches/cool-retro-term-remove-non-free-fonts.patch @@ -0,0 +1,205 @@ +From 96ceffdfdcedd3ae33c46b11357aa2518e0a6152 Mon Sep 17 00:00:00 2001 +From: Petter +Date: Thu, 27 Apr 2017 18:55:10 +0200 +Subject: [PATCH] Remove non-free fonts from settings menu + +--- a/app/qml/ApplicationSettings.qml ++++ b/app/qml/ApplicationSettings.qml +@@ -409,7 +409,7 @@ + obj_string: '{"ambientLight":0.16,"backgroundColor":"#000000","bloom":0.4,"brightness":0.5,"flickering":0.1,"contrast":0.85,"fontName":"TERMINUS_SCALED","fontColor":"#0ccc68","frameName":"SIMPLE_WHITE_FRAME","glowingLine":0.2,"horizontalSync":0.16,"jitter":0.18,"burnIn":0.45,"staticNoise":0.1,"rasterization":0,"screenCurvature":0.1,"windowOpacity":1,"chromaColor":0,"saturationColor":0,"rbgShift":0,"fontWidth":1.0,"useCustomCommand":false,"customCommand":""}' + builtin: true + } +- ListElement{ ++ /*ListElement{ + text: "Default Scanlines" + obj_string: '{"ambientLight":0.16,"backgroundColor":"#000000","bloom":0.4,"brightness":0.5,"flickering":0.1,"contrast":0.85,"fontName":"COMMODORE_PET","fontColor":"#00ff5b","frameName":"SIMPLE_WHITE_FRAME","glowingLine":0.2,"horizontalSync":0.14,"jitter":0.11,"burnIn":0.4,"staticNoise":0.05,"rasterization":1,"screenCurvature":0.1,"windowOpacity":1,"chromaColor":0,"saturationColor":0,"rbgShift":0,"fontWidth":1.0,"useCustomCommand":false,"customCommand":""}' + builtin: true +@@ -433,7 +433,7 @@ + text: "IBM Dos" + obj_string: '{"ambientLight":0.16,"backgroundColor":"#000000","bloom":0.4,"brightness":0.5,"flickering":0.07,"contrast":0.85,"fontName":"IBM_DOS","fontColor":"#ffffff","frameName":"SIMPLE_WHITE_FRAME","glowingLine":0.13,"horizontalSync":0,"jitter":0.16,"burnIn":0.3,"staticNoise":0.03,"rasterization":0,"screenCurvature":0.1,"windowOpacity":1,"chromaColor":1,"saturationColor":0,"rbgShift":0.35,"fontWidth":1.0,"useCustomCommand":false,"customCommand":""}' + builtin: true +- } ++ }*/ + ListElement{ + text: "IBM 3278" + obj_string: '{"ambientLight":0.1,"backgroundColor":"#000000","bloom":0.15,"brightness":0.5,"flickering":0,"contrast":0.85,"fontName":"IBM_3278","fontColor":"#0ccc68","frameName":"SIMPLE_WHITE_FRAME","glowingLine":0,"horizontalSync":0,"jitter":0,"burnIn":0.6,"staticNoise":0,"rasterization":0,"screenCurvature":0.1,"windowOpacity":1,"chromaColor":0,"saturationColor":0,"rbgShift":0,"fontWidth":1.0,"useCustomCommand":false,"customCommand":""}' +diff --git a/app/qml/FontPixels.qml b/app/qml/FontPixels.qml +index 6ff85da..6f0d0ba 100644 +--- a/app/qml/FontPixels.qml ++++ b/app/qml/FontPixels.qml +@@ -32,7 +32,7 @@ QtObject{ + property bool lowResolutionFont: true + + property ListModel fontlist: ListModel{ +- ListElement{ ++ /*ListElement{ + name: "COMMODORE_PET" + text: "Commodore PET (1977)" + source: "fonts/1977-commodore-pet/COMMODORE_PET.ttf" +@@ -40,7 +40,7 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.8 +- } ++ }*/ + ListElement{ + name: "PROGGY_TINY" + text: "Proggy Tiny (Modern)" +@@ -68,7 +68,7 @@ QtObject{ + baseScaling: 3.0 + fontWidth: 1.0 + } +- ListElement{ ++ /*ListElement{ + name: "APPLE_II" + text: "Apple ][ (1977)" + source: "fonts/1977-apple2/PrintChar21.ttf" +@@ -76,8 +76,8 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.9 +- } +- ListElement{ ++ }*/ ++ /*ListElement{ + name: "ATARI_400" + text: "Atari 400-800 (1979)" + source: "fonts/1979-atari-400-800/ATARI400800_original.TTF" +@@ -85,8 +85,8 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.8 +- } +- ListElement{ ++ }*/ ++ /*ListElement{ + name: "COMMODORE_64" + text: "Commodore 64 (1982)" + source: "fonts/1982-commodore64/C64_Pro_Mono_v1.0-STYLE.ttf" +@@ -94,6 +94,6 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.8 +- } ++ }*/ + } + } +diff --git a/app/qml/FontScanlines.qml b/app/qml/FontScanlines.qml +index eebf00b..410d7b6 100644 +--- a/app/qml/FontScanlines.qml ++++ b/app/qml/FontScanlines.qml +@@ -32,7 +32,7 @@ QtObject{ + property bool lowResolutionFont: true + + property ListModel fontlist: ListModel{ +- ListElement{ ++ /*ListElement{ + name: "COMMODORE_PET" + text: "Commodore PET (1977)" + source: "fonts/1977-commodore-pet/COMMODORE_PET.ttf" +@@ -40,7 +40,7 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.7 +- } ++ }*/ + ListElement{ + name: "PROGGY_TINY" + text: "Proggy Tiny (Modern)" +@@ -68,7 +68,7 @@ QtObject{ + baseScaling: 3.0 + fontWidth: 1.0 + } +- ListElement{ ++ /*ListElement{ + name: "APPLE_II" + text: "Apple ][ (1977)" + source: "fonts/1977-apple2/PrintChar21.ttf" +@@ -76,8 +76,8 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.8 +- } +- ListElement{ ++ }*/ ++ /*ListElement{ + name: "ATARI_400" + text: "Atari 400-800 (1979)" + source: "fonts/1979-atari-400-800/ATARI400800_original.TTF" +@@ -85,8 +85,8 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.7 +- } +- ListElement{ ++ }*/ ++ /*ListElement{ + name: "COMMODORE_64" + text: "Commodore 64 (1982)" + source: "fonts/1982-commodore64/C64_Pro_Mono_v1.0-STYLE.ttf" +@@ -94,6 +94,6 @@ QtObject{ + pixelSize: 8 + baseScaling: 4.0 + fontWidth: 0.7 +- } ++ }*/ + } + } +diff --git a/app/qml/Fonts.qml b/app/qml/Fonts.qml +index ad20844..882808a 100644 +--- a/app/qml/Fonts.qml ++++ b/app/qml/Fonts.qml +@@ -80,7 +80,7 @@ + fontWidth: 1.0 + lowResolutionFont: true + } +- ListElement{ ++ /*ListElement{ + name: "COMMODORE_PET_SCALED" + text: "Commodore PET (1977)" + source: "fonts/1977-commodore-pet/COMMODORE_PET.ttf" +@@ -89,7 +89,7 @@ + baseScaling: 3.5 + fontWidth: 0.7 + lowResolutionFont: true +- } ++ }*/ + ListElement{ + name: "PROGGY_TINY_SCALED" + text: "Proggy Tiny (Modern)" +@@ -100,7 +100,7 @@ + fontWidth: 0.9 + lowResolutionFont: true + } +- ListElement{ ++ /*ListElement{ + name: "APPLE_II_SCALED" + text: "Apple ][ (1977)" + source: "fonts/1977-apple2/PrintChar21.ttf" +@@ -149,7 +149,7 @@ + baseScaling: 2.0 + fontWidth: 1.0 + lowResolutionFont: true +- } ++ }*/ + ListElement{ + name: "HERMIT" + text: "HD: Hermit (Modern)" +@@ -177,7 +177,7 @@ + fontWidth: 1.0 + lowResolutionFont: false + } +- ListElement{ ++ /*ListElement{ + name: "MONACO" + text: "HD: Monaco (Modern)" + source: "fonts/modern-monaco/monaco.ttf" +@@ -185,7 +185,7 @@ + pixelSize: 30 + fontWidth: 1.0 + lowResolutionFont: false +- } ++ }*/ + ListElement{ + name: "INCONSOLATA" + text: "HD: Inconsolata (Modern)" diff --git a/gnu/packages/terminals.scm b/gnu/packages/terminals.scm index 979278a53b..a8007586c9 100644 --- a/gnu/packages/terminals.scm +++ b/gnu/packages/terminals.scm @@ -7,6 +7,7 @@ ;;; Copyright © 2016, 2017 José Miguel Sánchez García ;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; Copyright © 2017 Ricardo Wurmus +;;; Copyright © 2017 Petter ;;; ;;; This file is part of GNU Guix. ;;; @@ -31,6 +32,7 @@ #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix packages) + #:use-module (gnu packages) #:use-module (gnu packages autotools) #:use-module (gnu packages freedesktop) #:use-module (gnu packages gettext) @@ -49,6 +51,7 @@ #:use-module (gnu packages xdisorg) #:use-module (gnu packages xml) #:use-module (gnu packages docbook) + #:use-module (gnu packages qt) #:use-module (srfi srfi-26)) (define-public tilda @@ -433,3 +436,110 @@ its embedding program should provide it to draw on its behalf. It avoids calling @code{malloc} during normal running state, allowing it to be used in embedded kernel situations.") (license license:expat))) + +(define-public cool-retro-term + (let ((commit "e48719fa44e5307df71dbd0fad234f8a6a53f863") + (revision "1")) + (package + (name "cool-retro-term") + (version (string-append "1.0.0-" revision "." (string-take commit 7))) + (source (origin + (method git-fetch) + (file-name (string-append name "-" version "-checkout")) + (uri (git-reference + (url (string-append "https://github.com/Swordfish90/" name)) + (commit commit) + (recursive? #t))) + (sha256 + (base32 "1sgqbirninkvgwchr35zgn5vzqvsmrf3cp7lqady1xgrawb8lsz3")) + (patches + (search-patches "cool-retro-term-remove-non-free-fonts.patch" + "cool-retro-term-fix-array-size.patch" + "cool-retro-term-dont-check-uninit-member.patch" + "cool-retro-term-memory-leak-1.patch")) + (modules '((guix build utils))) + (snippet + '(for-each (lambda (font) + (delete-file-recursively + (string-append "app/qml/fonts/" font)) + (substitute* '("app/qml/resources.qrc") + (((string-append "fonts/" font ".*")) + ""))) + '(;"1971-ibm-3278" ; BSD 3-clause + "1977-apple2" ; Non-Free + "1977-commodore-pet" ; Non-Free + "1979-atari-400-800" ; Non-Free + "1982-commodore64" ; Non-Free + "1985-atari-st" ; ? + "1985-ibm-pc-vga" ; Unclear + ;"modern-fixedsys-excelsior" ; Redistributable + ;"modern-hermit" ; SIL + ;"modern-inconsolata"; SIL + ;"modern-pro-font-win-tweaked" ; X11 + ;"modern-proggy-tiny"; X11 + ;"modern-terminus" ; SIL + "modern-monaco"))))) ; Apple non-free + (build-system gnu-build-system) + (inputs + `(("qtbase" ,qtbase) + ("qtdeclarative" ,qtdeclarative) + ("qtgraphicaleffects" ,qtgraphicaleffects) + ("qtquickcontrols" ,qtquickcontrols))) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (share (string-append out "/share"))) + (substitute* '("qmltermwidget/qmltermwidget.pro") + (("INSTALL_DIR = \\$\\$\\[QT_INSTALL_QML\\]") + (string-append "INSTALL_DIR = " out "/qml"))) + (substitute* '("app/app.pro") + (("target.path \\+= /usr") + (string-append "target.path += " out)) + (("icon32.path = /usr/share") + (string-append "icon32.path = " share)) + (("icon64.path = /usr/share") + (string-append "icon64.path = " share)) + (("icon128.path = /usr/share") + (string-append "icon128.path = " share)) + (("icon256.path = /usr/share") + (string-append "icon256.path = " share))) + (zero? (system* "qmake"))))) + (add-before 'install 'fix-Makefiles + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out"))) + (substitute* '("Makefile") + (("\\$\\(INSTALL_ROOT\\)/usr") out))))) + (add-after 'install 'wrap-executable + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (qml "/qml")) + (wrap-program (string-append out "/bin/cool-retro-term") + `("QML2_IMPORT_PATH" ":" prefix + (,(string-append out qml) + ,(string-append + (assoc-ref inputs "qtdeclarative") qml) + ,(string-append + (assoc-ref inputs "qtgraphicaleffects") qml) + ,(string-append + (assoc-ref inputs "qtquickcontrols") qml))))))) + (add-after 'install 'add-alternate-name + (lambda* (#:key outputs #:allow-other-keys) + (let* ((bin (string-append (assoc-ref outputs "out") "/bin"))) + (symlink (string-append bin "/cool-retro-term") + (string-append bin "/crt")))))))) + (synopsis "Terminal emulator") + (description + "Cool-retro-term (crt) is a terminal emulator which mimics the look and +feel of the old cathode ray tube (CRT) screens. It has been designed to be +eye-candy, customizable, and reasonably lightweight.") + (home-page "https://github.com/Swordfish90/cool-retro-term") + (license (list + license:gpl2+ ; qmltermwidget + license:gpl3+ ; cool-retro-term + ;; Fonts + license:silofl1.1 + license:x11 + license:bsd-3))))) -- cgit v1.2.3 From 5c97ce1ea9378ee01688ede3837ab6a76964da9a Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Fri, 5 May 2017 13:25:56 +0200 Subject: gnu: abiword: Update to 3.0.2. * gnu/packages/patches/abiword-explictly-cast-bools.patch: Update patch. * gnu/packages/patches/abiword-black-drawing-with-gtk322.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/abiword.scm (abiword): Update to 3.0.2. [source]: Remove outdated snippet; add new patch. [arguments]: Pass CXXFLAGS. --- gnu/local.mk | 1 + gnu/packages/abiword.scm | 18 ++++---- .../abiword-black-drawing-with-gtk322.patch | 49 ++++++++++++++++++++++ .../patches/abiword-explictly-cast-bools.patch | 14 +++---- 4 files changed, 65 insertions(+), 17 deletions(-) create mode 100644 gnu/packages/patches/abiword-black-drawing-with-gtk322.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 61f2534e91..97c291d27a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -487,6 +487,7 @@ dist_patch_DATA = \ %D%/packages/patches/a2ps-CVE-2014-0466.patch \ %D%/packages/patches/abiword-explictly-cast-bools.patch \ %D%/packages/patches/abiword-wmf-version-lookup-fix.patch \ + %D%/packages/patches/abiword-black-drawing-with-gtk322.patch \ %D%/packages/patches/acl-hurd-path-max.patch \ %D%/packages/patches/aegis-constness-error.patch \ %D%/packages/patches/aegis-perl-tempdir1.patch \ diff --git a/gnu/packages/abiword.scm b/gnu/packages/abiword.scm index 514ac0ceb5..30c2411df3 100644 --- a/gnu/packages/abiword.scm +++ b/gnu/packages/abiword.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Marek Benc ;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2017 Ricardo Wurmus ;;; ;;; This file is part of GNU Guix. ;;; @@ -44,7 +45,7 @@ (define-public abiword (package (name "abiword") - (version "3.0.1") + (version "3.0.2") (source (origin (method url-fetch) @@ -52,16 +53,11 @@ (string-append "http://abisource.org/downloads/" name "/" version "/source/" name "-" version ".tar.gz")) (sha256 - (base32 "1ik591rx15nn3n1297cwykl8wvrlgj78i528id9wbidgy3xzd570")) - (modules '((guix build utils))) - (snippet - ;; Ensure reproducibility. - '(substitute* "src/wp/main/xp/abi_ver.cpp" - (("__DATE__") "\"2017\"") - (("__TIME__") "\"00:00\""))) + (base32 "08imry821g81apdwym3gcs4nss0l9j5blqk31j5rv602zmcd9gxg")) (patches (search-patches "abiword-wmf-version-lookup-fix.patch" - "abiword-explictly-cast-bools.patch")))) + "abiword-explictly-cast-bools.patch" + "abiword-black-drawing-with-gtk322.patch")))) (build-system glib-or-gtk-build-system) (arguments ;; NOTE: rsvg is disabled, since Abiword @@ -84,7 +80,9 @@ ;; assertion 'G_IS_OBJECT (object)' failed ;; Manually starting the X server before the test phase did not help ;; the tests to pass. - #:tests? #f)) + #:tests? #f + #:make-flags + (list "CXXFLAGS=-std=c++11"))) (inputs `(("boost" ,boost) ("enchant" ,enchant) diff --git a/gnu/packages/patches/abiword-black-drawing-with-gtk322.patch b/gnu/packages/patches/abiword-black-drawing-with-gtk322.patch new file mode 100644 index 0000000000..88a5ca4c38 --- /dev/null +++ b/gnu/packages/patches/abiword-black-drawing-with-gtk322.patch @@ -0,0 +1,49 @@ +commit 2ee38d1881aeea27bb49acc450631d813d1f28ba +Author: Hubert Figuière +Date: Wed Dec 7 09:44:01 2016 -0500 + + Bug 13815 - draw event should return TRUE + + This fix the black drawing regression witj Gtk3.22 + +diff --git a/src/af/xap/gtk/xap_UnixFrameImpl.cpp b/src/af/xap/gtk/xap_UnixFrameImpl.cpp +index 780000e..10f8e00 100644 +--- a/src/af/xap/gtk/xap_UnixFrameImpl.cpp ++++ b/src/af/xap/gtk/xap_UnixFrameImpl.cpp +@@ -1208,9 +1208,9 @@ gint XAP_UnixFrameImpl::_fe::delete_event(GtkWidget * w, GdkEvent * /*event*/, g + } + + #if GTK_CHECK_VERSION(3,0,0) +-gint XAP_UnixFrameImpl::_fe::draw(GtkWidget * w, cairo_t * cr) ++gboolean XAP_UnixFrameImpl::_fe::draw(GtkWidget * w, cairo_t * cr) + #else +-gint XAP_UnixFrameImpl::_fe::expose(GtkWidget * w, GdkEventExpose* pExposeEvent) ++gboolean XAP_UnixFrameImpl::_fe::expose(GtkWidget * w, GdkEventExpose* pExposeEvent) + #endif + { + XAP_UnixFrameImpl * pUnixFrameImpl = static_cast(g_object_get_data(G_OBJECT(w), "user_data")); +@@ -1243,7 +1243,7 @@ gint XAP_UnixFrameImpl::_fe::expose(GtkWidget * w, GdkEventExpose* pExposeEvent) + pView->draw(&rClip); + #endif + } +- return FALSE; ++ return TRUE; + } + + static bool bScrollWait = false; +diff --git a/src/af/xap/gtk/xap_UnixFrameImpl.h b/src/af/xap/gtk/xap_UnixFrameImpl.h +index 30ee5d8..a0ff57f 100644 +--- a/src/af/xap/gtk/xap_UnixFrameImpl.h ++++ b/src/af/xap/gtk/xap_UnixFrameImpl.h +@@ -152,9 +152,9 @@ protected: + static gint key_release_event(GtkWidget* w, GdkEventKey* e); + static gint delete_event(GtkWidget * w, GdkEvent * /*event*/, gpointer /*data*/); + #if GTK_CHECK_VERSION(3,0,0) +- static gint draw(GtkWidget * w, cairo_t * cr); ++ static gboolean draw(GtkWidget * w, cairo_t * cr); + #else +- static gint expose(GtkWidget * w, GdkEventExpose* pExposeEvent); ++ static gboolean expose(GtkWidget * w, GdkEventExpose* pExposeEvent); + #endif + static gint do_ZoomUpdate( gpointer /* xap_UnixFrame * */ p); + static void vScrollChanged(GtkAdjustment * w, gpointer /*data*/); diff --git a/gnu/packages/patches/abiword-explictly-cast-bools.patch b/gnu/packages/patches/abiword-explictly-cast-bools.patch index 7927a180ba..97ae6653c2 100644 --- a/gnu/packages/patches/abiword-explictly-cast-bools.patch +++ b/gnu/packages/patches/abiword-explictly-cast-bools.patch @@ -2,18 +2,18 @@ As of JPEG-9, the type 'boolean' is an enumeration, but since glib defines TRUE and FALSE as numeric constants and this is C++, they need to be explicitly casted. ---- a/src/af/util/xp/ut_jpeg.cpp 2009-07-08 19:33:53.000000000 +0200 -+++ b/src/af/util/xp/ut_jpeg.cpp 2014-09-06 19:55:55.876997404 +0200 -@@ -102,7 +102,7 @@ +--- a/src/af/util/xp/ut_jpeg.cpp ++++ b/src/af/util/xp/ut_jpeg.cpp +@@ -102,7 +102,7 @@ static boolean _jpegFillInputBuffer (j_decompress_ptr cinfo) src->pub.next_input_byte = src->sourceBuf->getPointer (src->pos); src->pub.bytes_in_buffer = src->sourceBuf->getLength (); - -- return TRUE; + +- return 1; // boolean is a libjpeg type that is an int. + return (boolean)TRUE; } /* -@@ -161,7 +161,7 @@ +@@ -161,7 +161,7 @@ bool UT_JPEG_getDimensions(const UT_ByteBuf* pBB, UT_sint32& iImageWidth, /* set the data source */ _JPEG_ByteBufSrc (&cinfo, pBB); @@ -22,7 +22,7 @@ casted. jpeg_start_decompress(&cinfo); iImageWidth = cinfo.output_width; iImageHeight = cinfo.output_height; -@@ -189,7 +189,7 @@ +@@ -189,7 +189,7 @@ bool UT_JPEG_getRGBData(const UT_ByteBuf* pBB, UT_Byte* pDest, UT_sint32 iDestRo /* set the data source */ _JPEG_ByteBufSrc (&cinfo, pBB); -- cgit v1.2.3 From c39a54f431cc6ae61a09f8b06f3593939dd14c9b Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 4 May 2017 21:26:03 -0400 Subject: gnu: rpcbind, libtirpc: Fix CVE-2017-8779. * gnu/packages/patches/libtirpc-CVE-2017-8779.patch, gnu/packages/patches/rpcbind-CVE-2017-8779.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/onc-rpc.scm (rpcbind, libtirpc)[source]: Use them. --- gnu/local.mk | 2 + gnu/packages/onc-rpc.scm | 3 + gnu/packages/patches/libtirpc-CVE-2017-8779.patch | 263 ++++++++++++++++++++++ gnu/packages/patches/rpcbind-CVE-2017-8779.patch | 29 +++ 4 files changed, 297 insertions(+) create mode 100644 gnu/packages/patches/libtirpc-CVE-2017-8779.patch create mode 100644 gnu/packages/patches/rpcbind-CVE-2017-8779.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 97c291d27a..03412c65fb 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -749,6 +749,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-invalid-read.patch \ %D%/packages/patches/libtiff-null-dereference.patch \ %D%/packages/patches/libtiff-tiffcp-underflow.patch \ + %D%/packages/patches/libtirpc-CVE-2017-8779.patch \ %D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ @@ -929,6 +930,7 @@ dist_patch_DATA = \ %D%/packages/patches/readline-6.2-CVE-2014-2524.patch \ %D%/packages/patches/readline-7.0-mingw.patch \ %D%/packages/patches/ripperx-missing-file.patch \ + %D%/packages/patches/rpcbind-CVE-2017-8779.patch \ %D%/packages/patches/rpm-CVE-2014-8118.patch \ %D%/packages/patches/rsem-makefile.patch \ %D%/packages/patches/ruby-concurrent-ignore-broken-test.patch \ diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm index c852f9a4a8..a76ac36eab 100644 --- a/gnu/packages/onc-rpc.scm +++ b/gnu/packages/onc-rpc.scm @@ -22,6 +22,7 @@ #:use-module (guix licenses) #:use-module (guix packages) #:use-module (guix download) + #:use-module (gnu packages) #:use-module (gnu packages kerberos) #:use-module (gnu packages pkg-config) #:use-module (guix build-system gnu)) @@ -35,6 +36,7 @@ (uri (string-append "mirror://sourceforge/libtirpc/libtirpc/" version "/libtirpc-" version ".tar.bz2")) + (patches (search-patches "libtirpc-CVE-2017-8779.patch")) (sha256 (base32 "17mqrdgsgp9m92pmq7bvr119svdg753prqqxmg4cnz5y657rfmji")))) @@ -74,6 +76,7 @@ IPv4 and IPv6. ONC RPC is notably used by the network file system (NFS).") (uri (string-append "mirror://sourceforge/" name "/" name "/" version "/" name "-" version ".tar.bz2")) + (patches (search-patches "rpcbind-CVE-2017-8779.patch")) (sha256 (base32 "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7")))) diff --git a/gnu/packages/patches/libtirpc-CVE-2017-8779.patch b/gnu/packages/patches/libtirpc-CVE-2017-8779.patch new file mode 100644 index 0000000000..742e64df25 --- /dev/null +++ b/gnu/packages/patches/libtirpc-CVE-2017-8779.patch @@ -0,0 +1,263 @@ +Fix CVE-2017-8779: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779 + +Patch copied from the bug reporter's 3rd-party repository: + +https://github.com/guidovranken/rpcbomb/blob/master/libtirpc_patch.txt + +diff --git a/src/rpc_generic.c b/src/rpc_generic.c +index 2f09a8f..589cbd5 100644 +--- a/src/rpc_generic.c ++++ b/src/rpc_generic.c +@@ -615,6 +615,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) + + switch (af) { + case AF_INET: ++ if (nbuf->len < sizeof(*sin)) { ++ return NULL; ++ } + sin = nbuf->buf; + if (inet_ntop(af, &sin->sin_addr, namebuf, sizeof namebuf) + == NULL) +@@ -626,6 +629,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) + break; + #ifdef INET6 + case AF_INET6: ++ if (nbuf->len < sizeof(*sin6)) { ++ return NULL; ++ } + sin6 = nbuf->buf; + if (inet_ntop(af, &sin6->sin6_addr, namebuf6, sizeof namebuf6) + == NULL) +@@ -667,6 +673,8 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr) + + port = 0; + sin = NULL; ++ if (uaddr == NULL) ++ return NULL; + addrstr = strdup(uaddr); + if (addrstr == NULL) + return NULL; +diff --git a/src/rpcb_prot.c b/src/rpcb_prot.c +index 43fd385..a923c8e 100644 +--- a/src/rpcb_prot.c ++++ b/src/rpcb_prot.c +@@ -41,6 +41,7 @@ + #include + #include + #include ++#include "rpc_com.h" + + bool_t + xdr_rpcb(xdrs, objp) +@@ -53,13 +54,13 @@ xdr_rpcb(xdrs, objp) + if (!xdr_u_int32_t(xdrs, &objp->r_vers)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_netid, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_addr, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_addr, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_owner, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_owner, RPC_MAXDATASIZE)) { + return (FALSE); + } + return (TRUE); +@@ -159,19 +160,19 @@ xdr_rpcb_entry(xdrs, objp) + XDR *xdrs; + rpcb_entry *objp; + { +- if (!xdr_string(xdrs, &objp->r_maddr, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_maddr, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_nc_netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_nc_netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_u_int32_t(xdrs, &objp->r_nc_semantics)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_nc_protofmly, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_nc_protofmly, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_nc_proto, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_nc_proto, RPC_MAXDATASIZE)) { + return (FALSE); + } + return (TRUE); +@@ -292,7 +293,7 @@ xdr_rpcb_rmtcallres(xdrs, p) + bool_t dummy; + struct r_rpcb_rmtcallres *objp = (struct r_rpcb_rmtcallres *)(void *)p; + +- if (!xdr_string(xdrs, &objp->addr, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->addr, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_u_int(xdrs, &objp->results.results_len)) { +@@ -312,6 +313,11 @@ xdr_netbuf(xdrs, objp) + if (!xdr_u_int32_t(xdrs, (u_int32_t *) &objp->maxlen)) { + return (FALSE); + } ++ ++ if (objp->maxlen > RPC_MAXDATASIZE) { ++ return (FALSE); ++ } ++ + dummy = xdr_bytes(xdrs, (char **)&(objp->buf), + (u_int *)&(objp->len), objp->maxlen); + return (dummy); +diff --git a/src/rpcb_st_xdr.c b/src/rpcb_st_xdr.c +index 08db745..28e6a48 100644 +--- a/src/rpcb_st_xdr.c ++++ b/src/rpcb_st_xdr.c +@@ -37,6 +37,7 @@ + + + #include ++#include "rpc_com.h" + + /* Link list of all the stats about getport and getaddr */ + +@@ -58,7 +59,7 @@ xdr_rpcbs_addrlist(xdrs, objp) + if (!xdr_int(xdrs, &objp->failure)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + +@@ -109,7 +110,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) + IXDR_PUT_INT32(buf, objp->failure); + IXDR_PUT_INT32(buf, objp->indirect); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_pointer(xdrs, (char **)&objp->next, +@@ -147,7 +148,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) + objp->failure = (int)IXDR_GET_INT32(buf); + objp->indirect = (int)IXDR_GET_INT32(buf); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_pointer(xdrs, (char **)&objp->next, +@@ -175,7 +176,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) + if (!xdr_int(xdrs, &objp->indirect)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_pointer(xdrs, (char **)&objp->next, +diff --git a/src/xdr.c b/src/xdr.c +index f3fb9ad..b9a1558 100644 +--- a/src/xdr.c ++++ b/src/xdr.c +@@ -42,8 +42,10 @@ + #include + #include + ++#include + #include + #include ++#include + + typedef quad_t longlong_t; /* ANSI long long type */ + typedef u_quad_t u_longlong_t; /* ANSI unsigned long long type */ +@@ -53,7 +55,6 @@ typedef u_quad_t u_longlong_t; /* ANSI unsigned long long type */ + */ + #define XDR_FALSE ((long) 0) + #define XDR_TRUE ((long) 1) +-#define LASTUNSIGNED ((u_int) 0-1) + + /* + * for unit alignment +@@ -629,6 +630,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) + { + char *sp = *cpp; /* sp is the actual string pointer */ + u_int nodesize; ++ bool_t ret, allocated = FALSE; + + /* + * first deal with the length since xdr bytes are counted +@@ -652,6 +654,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) + } + if (sp == NULL) { + *cpp = sp = mem_alloc(nodesize); ++ allocated = TRUE; + } + if (sp == NULL) { + warnx("xdr_bytes: out of memory"); +@@ -660,7 +663,14 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) + /* FALLTHROUGH */ + + case XDR_ENCODE: +- return (xdr_opaque(xdrs, sp, nodesize)); ++ ret = xdr_opaque(xdrs, sp, nodesize); ++ if ((xdrs->x_op == XDR_DECODE) && (ret == FALSE)) { ++ if (allocated == TRUE) { ++ free(sp); ++ *cpp = NULL; ++ } ++ } ++ return (ret); + + case XDR_FREE: + if (sp != NULL) { +@@ -754,6 +764,7 @@ xdr_string(xdrs, cpp, maxsize) + char *sp = *cpp; /* sp is the actual string pointer */ + u_int size; + u_int nodesize; ++ bool_t ret, allocated = FALSE; + + /* + * first deal with the length since xdr strings are counted-strings +@@ -793,8 +804,10 @@ xdr_string(xdrs, cpp, maxsize) + switch (xdrs->x_op) { + + case XDR_DECODE: +- if (sp == NULL) ++ if (sp == NULL) { + *cpp = sp = mem_alloc(nodesize); ++ allocated = TRUE; ++ } + if (sp == NULL) { + warnx("xdr_string: out of memory"); + return (FALSE); +@@ -803,7 +816,14 @@ xdr_string(xdrs, cpp, maxsize) + /* FALLTHROUGH */ + + case XDR_ENCODE: +- return (xdr_opaque(xdrs, sp, size)); ++ ret = xdr_opaque(xdrs, sp, size); ++ if ((xdrs->x_op == XDR_DECODE) && (ret == FALSE)) { ++ if (allocated == TRUE) { ++ free(sp); ++ *cpp = NULL; ++ } ++ } ++ return (ret); + + case XDR_FREE: + mem_free(sp, nodesize); +@@ -823,7 +843,7 @@ xdr_wrapstring(xdrs, cpp) + XDR *xdrs; + char **cpp; + { +- return xdr_string(xdrs, cpp, LASTUNSIGNED); ++ return xdr_string(xdrs, cpp, RPC_MAXDATASIZE); + } + + /* diff --git a/gnu/packages/patches/rpcbind-CVE-2017-8779.patch b/gnu/packages/patches/rpcbind-CVE-2017-8779.patch new file mode 100644 index 0000000000..6ca93ff12b --- /dev/null +++ b/gnu/packages/patches/rpcbind-CVE-2017-8779.patch @@ -0,0 +1,29 @@ +Fix CVE-2017-8779: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779 + +Patch copied from the bug reporter's 3rd-party repository: + +https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 5862c26..e11f61b 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -48,6 +48,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/, + static bool_t + xdr_encap_parms(XDR *xdrs, struct encap_parms *epp) + { +- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0)); ++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE)); + } + + /* -- cgit v1.2.3 From cc3bc027ebbc924cc60fdcd8e7c8572bd0adf90c Mon Sep 17 00:00:00 2001 From: rennes Date: Tue, 2 May 2017 22:46:56 -0500 Subject: gnu: gnome-shell: Fix CVE-2017-8288. * gnu/packages/patches/gnome-shell-CVE-2017-8288.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnome.scm (gnome-shell)[source]: Use it. Co-authored-by: Leo Famulari --- gnu/local.mk | 1 + gnu/packages/gnome.scm | 3 +- .../patches/gnome-shell-CVE-2017-8288.patch | 54 ++++++++++++++++++++++ 3 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/gnome-shell-CVE-2017-8288.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 03412c65fb..558239f7a9 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -627,6 +627,7 @@ dist_patch_DATA = \ %D%/packages/patches/glog-gcc-5-demangling.patch \ %D%/packages/patches/gmp-arm-asm-nothumb.patch \ %D%/packages/patches/gmp-faulty-test.patch \ + %D%/packages/patches/gnome-shell-CVE-2017-8288.patch \ %D%/packages/patches/gnome-tweak-tool-search-paths.patch \ %D%/packages/patches/gnucash-price-quotes-perl.patch \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index be11442ede..ef67961ab8 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -12,7 +12,7 @@ ;;; Copyright © 2015, 2016, 2017 Mark H Weaver ;;; Copyright © 2015 David Thompson ;;; Copyright © 2015, 2016 Efraim Flashner -;;; Copyright © 2016 Rene Saavedra +;;; Copyright © 2016, 2017 Rene Saavedra ;;; Copyright © 2016 Jochem Raat ;;; Copyright © 2016 Kei Kebreau ;;; Copyright © 2016 Jan Nieuwenhuizen @@ -5000,6 +5000,7 @@ properties, screen resolution, and other GNOME parameters.") (uri (string-append "mirror://gnome/sources/" name "/" (version-major+minor version) "/" name "-" version ".tar.xz")) + (patches (search-patches "gnome-shell-CVE-2017-8288.patch")) (sha256 (base32 "16smvjfrpyfphv479hjky5261hgl4kli4q86bcb2b8xdcav4w3yq")))) diff --git a/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch b/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch new file mode 100644 index 0000000000..5d8e31563f --- /dev/null +++ b/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch @@ -0,0 +1,54 @@ +Fix CVE-2017-8288: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8288 +http://seclists.org/oss-sec/2017/q2/136 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/gnome-shell/commit/?id=ff425d1db7082e2755d2a405af53861552acf2a1 + +From ff425d1db7082e2755d2a405af53861552acf2a1 Mon Sep 17 00:00:00 2001 +From: Emilio Pozuelo Monfort +Date: Tue, 25 Apr 2017 17:27:42 +0200 +Subject: extensionSystem: handle reloading broken extensions + +Some extensions out there may fail to reload. When that happens, +we need to catch any exceptions so that we don't leave things in +a broken state that could lead to leaving extensions enabled in +the screen shield. + +https://bugzilla.gnome.org/show_bug.cgi?id=781728 +--- + js/ui/extensionSystem.js | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/js/ui/extensionSystem.js b/js/ui/extensionSystem.js +index a4dc29e..fc352b8 100644 +--- a/js/ui/extensionSystem.js ++++ b/js/ui/extensionSystem.js +@@ -282,12 +282,20 @@ function _onVersionValidationChanged() { + // temporarily disable them all + enabledExtensions = []; + for (let uuid in ExtensionUtils.extensions) +- reloadExtension(ExtensionUtils.extensions[uuid]); ++ try { ++ reloadExtension(ExtensionUtils.extensions[uuid]); ++ } catch(e) { ++ logExtensionError(uuid, e); ++ } + enabledExtensions = getEnabledExtensions(); + + if (Main.sessionMode.allowExtensions) { + enabledExtensions.forEach(function(uuid) { +- enableExtension(uuid); ++ try { ++ enableExtension(uuid); ++ } catch(e) { ++ logExtensionError(uuid, e); ++ } + }); + } + } +-- +cgit v0.12 + -- cgit v1.2.3 From 99c1554c9ba1fd22d7dfdeba221088a3849ee27b Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Fri, 5 May 2017 19:40:31 +0530 Subject: gnu: Add linuxdcpp. * gnu/packages/direct-connect.scm (linuxdcpp): New variable. --- gnu/local.mk | 1 + gnu/packages/direct-connect.scm | 82 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 gnu/packages/direct-connect.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 558239f7a9..c93dca64c5 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -107,6 +107,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/dejagnu.scm \ %D%/packages/dico.scm \ %D%/packages/dictionaries.scm \ + %D%/packages/direct-connect.scm \ %D%/packages/disk.scm \ %D%/packages/display-managers.scm \ %D%/packages/django.scm \ diff --git a/gnu/packages/direct-connect.scm b/gnu/packages/direct-connect.scm new file mode 100644 index 0000000000..6796bf3bc8 --- /dev/null +++ b/gnu/packages/direct-connect.scm @@ -0,0 +1,82 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Arun Isaac +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages direct-connect) + #:use-module (guix build-system python) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (gnu packages boost) + #:use-module (gnu packages compression) + #:use-module (gnu packages gettext) + #:use-module (gnu packages gnome) + #:use-module (gnu packages gtk) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages python) + #:use-module (gnu packages tls) + #:use-module (gnu packages version-control)) + +(define-public linuxdcpp + (package + (name "linuxdcpp") + (version "1.1.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://launchpad.net/linuxdcpp/1.1/1.1.0/+download/linuxdcpp-" + version ".tar.bz2")) + (sha256 + (base32 + "12i92hirmwryl1qy0n3jfrpziwzb82f61xca9jcjwyilx502f0b6")))) + (build-system python-build-system) + (arguments + `(#:python ,python-2 + #:tests? #f ; no tests + #:phases + ;; TODO: Add scons-build-system and use it here. + (modify-phases %standard-phases + (delete 'configure) + (replace 'build + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (mkdir-p out) + (zero? (system* "scons" (string-append "PREFIX=" out) + "-j" (number->string (parallel-job-count))))))) + (replace 'install + (lambda _ + (zero? (system* "scons" "install"))))))) + (inputs + `(("boost" ,boost) + ("bzip2" ,bzip2) + ("gtk+" ,gtk+-2) + ("libglade" ,libglade) + ("libnotify" ,libnotify) + ("openssl" ,openssl))) + (native-inputs + `(("bazaar" ,bazaar) + ("gettext-minimal" ,gettext-minimal) + ("pkg-config" ,pkg-config) + ("scons" ,scons))) + (home-page "https://launchpad.net/linuxdcpp/") + (synopsis "Direct Connect client") + (description "LinuxDC++ is a Direct Connect (DC) client. Direct Connect +is a peer-to-peer file-sharing protocol. Clients connect to a central hub +where they can chat or share files with one another. Users can view other +users' list of shared files or search the hub for files.") + (license license:gpl2+))) -- cgit v1.2.3 From 0fd8e6d39f3d1ac818795e1cddf65da27a505be4 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sat, 6 May 2017 21:09:48 -0400 Subject: gnu: icecat: Update to 52.1.0-gnu1. Add fixes from upstream ESR 52.1.1. * gnu/packages/gnuzilla.scm (icecat): Update to 52.1.0-gnu1. Remove patches that are included in the new release. In the snippet, don't try to remove dom/devicestorage, which has since been removed upstream. Add selected fixes from upstream mozilla-esr52, up to the ESR 52.1.1 release. * gnu/packages/patches/icecat-bug-1299500-pt10.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/gnuzilla.scm | 197 +-- gnu/packages/patches/icecat-bug-1299500-pt10.patch | 1639 -------------------- 3 files changed, 29 insertions(+), 1808 deletions(-) delete mode 100644 gnu/packages/patches/icecat-bug-1299500-pt10.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c93dca64c5..c17fc18a13 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,7 +671,6 @@ dist_patch_DATA = \ %D%/packages/patches/hurd-fix-eth-multiplexer-dependency.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ - %D%/packages/patches/icecat-bug-1299500-pt10.patch \ %D%/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch \ %D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 3865cf83b0..9309237bd7 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -323,7 +323,7 @@ standards.") (define-public icecat (package (name "icecat") - (version "52.0.2-gnu1") + (version "52.1.0-gnu1") (source (origin (method url-fetch) @@ -332,176 +332,38 @@ standards.") "/" name "-" version ".tar.bz2")) (sha256 (base32 - "0asaba04y6rwc7nx898p89jdxkbnsb3dxjvpdi8xb1rbgyms80c9")) + "1wr4bc5806xzyqpi6m4rjaf61za6ylpx4g0kfk95c6yw9yhg5vqb")) (patches (list (search-patch "icecat-avoid-bundled-libraries.patch") - (mozilla-patch "icecat-CVE-2017-5443.patch" "6daaaff9f1f6" "0jvb6y5fiwr13fyx58k49n81kv6h03vcch502g57y6nsx2wsqng6") - (mozilla-patch "icecat-bug-1319087.patch" "82297fcc6f19" "02qcbg2r2smswgnwj7fs5bcrr3rlqbpsh2nmcbsjyblp5fk1ag36") - (mozilla-patch "icecat-CVE-2017-5429-pt01.patch" "dd526ebe7e58" "1rj0pz6iql59zrynz48njcfg8i0v55bjdndplss9wl37lfydl7ca") - (mozilla-patch "icecat-CVE-2017-5447-pt1.patch" "3bc981f85a17" "0am9k3mii2r05lp6xpizxp356mb8xrbqs9kmx0wx5wyy08wjzmks") - (mozilla-patch "icecat-CVE-2017-5447-pt2.patch" "4f752b0e5920" "183s5dwzd57b299grvyvn139fsp9am0smd3yb4shw8g0iwzz61nf") - (mozilla-patch "icecat-CVE-2017-5449.patch" "1714eda3de9b" "0ncngdpzvffvpw4c1mi0dda5l02lwyil4rnq3i6salnwlrq9x32z") - (mozilla-patch "icecat-CVE-2017-5455.patch" "b10922304d81" "0rglbavb8rx7hl53ksgypazz27263b1yn97gznpdsq89zhirfw3m") - (mozilla-patch "icecat-CVE-2017-5446.patch" "d98de46f8f27" "040agykr4w4wsbi0xm3rrrjxk48iwz8l1hn11vfv45nzsx2f1hzq") - ;; The next patch is for CVE-2017-5436 in the bundled graphite2. - ;; TODO: apply additional fixes from our system graphite2 to the - ;; bundled copy, or upgrade it in place. - (mozilla-patch "icecat-CVE-2017-5436.patch" "e6132f638311" "07w9pijx42psgmkj2i6i87lf30gl0yyb5caz6wz7fm8phi8wwy9p") - (mozilla-patch "icecat-bug-1342395.patch" "0e0e8abe2153" "1xlnq2fd50kf0rz9dibz5vlaa9zj2pifjvky2fdykcan62xz75hy") - (mozilla-patch "icecat-bug-1342841.patch" "623afac083f8" "1pv86j0dxdmi7g3rx4zqplz4gxq5lfyzpdssq83naypcxic6zafb") - (mozilla-patch "icecat-bug-1344644.patch" "cac0735c228f" "0695f0hvxnzgcirgxx3axn5nhkywqxjcvnrlhg7jwfann4mnbsfn") - (mozilla-patch "icecat-bug-1322660.patch" "9d6d60e64255" "0ds74ilhyc9qkkjgkm0xk7ay3926971rzwfh2avhhkfargn7idib") - (mozilla-patch "icecat-bug-1343330.patch" "6f23bd449bc7" "1igz6yhx803hygf7cii8bchx7bfw1niq8s0nc5l9i5rb8ml2b7f0") - (mozilla-patch "icecat-bug-1346961.patch" "3a2dc54cf986" "0dfp3s7d43zx3svajbkhvi73b71hhr7vrc9yz0iz37pykg40c4hn") - (mozilla-patch "icecat-bug-1318070.patch" "a68d6d9b87d0" "1yqgkgv7i0xy5dm0pgg1cbav4qglsdk8brzcjcpfz65bmn1pqrhh") - (mozilla-patch "icecat-CVE-2017-5448.patch" "6684a3c7f834" "0agyynvcjk28d7l2l4cqz67ddg9xw7ymiirb0npabd1si9zj27xb") - (mozilla-patch "icecat-bug-1336345.patch" "590416f46ec8" "1q2svqjd735rickr9i3kdkd0la6ikdphhmzr19h1r84nrl6a87ia") - (mozilla-patch "icecat-bug-1336356.patch" "00ba83ac39be" "1h6qsfv4r9mlc2ihjm9kmzi76aijdnnyx1g2r30ia87xha106pnk") - (mozilla-patch "icecat-bug-1342363.patch" "10285b4a6b71" "0l2ww19y6qbarcp9brjgbpf4vi3k38r6ak8is5736vqz0c17dim0") - (mozilla-patch "icecat-bug-1343787.patch" "28287b7f0938" "1w85s9rqh0dyfx6qn5plypbypz9casig03b6yiy9bpiq7ckrxz56") - (mozilla-patch "icecat-bug-1292803.patch" "adbf7b59a405" "1l1p0b5rc05czk6kr3k3k99m1fkwphj2jrd092gdbib8q4m4cvzv") - (mozilla-patch "icecat-bug-1313869.patch" "eba25396310b" "1ws0dr0kwclzbc2m0sihd3aqvbbg57ycia0fg6y294k6qipcxv38") - (mozilla-patch "icecat-bug-1141756-pt1.patch" "f7c262517722" "0r1zzbxf47q5w8vcy402yin105ngam3csb2q7h7n8axm97307ykp") - (mozilla-patch "icecat-bug-1141756-pt2.patch" "420396d5e26d" "0yv1pmpydzkirfwrxrgbw98dm4a9a4s0izha0wabrp4lb3655jv5") - (mozilla-patch "icecat-bug-1343210.patch" "ed9521749d6f" "1j2zzi00qyqjgh15ingvl6f88zlk4imp31m5jmf7w5f9jqi5ly3k") - (mozilla-patch "icecat-bug-1342442.patch" "775b6f85ef81" "00h9dgds7jv9n4cznj5qhh8liaf1b3wvnlqc2z7a3kj07ijllwzb") - (mozilla-patch "icecat-bug-1344527.patch" "d4612b14c907" "1n3a0mp351a7xgvshm6688gh89hg0xci3y621zs2pyqsfm114366") - (mozilla-patch "icecat-CVE-2017-5442.patch" "5f1aa2336998" "1y2marhrglc66vchd6z0jdmhg0pmkxp1cwim63bp9l6pj7lxyjma") - (mozilla-patch "icecat-CVE-2017-5430-pt01.patch" "512604631b23" "171nzxr4av4818d0fyg9hcsdxkai61sghl45xnsr2al34l28wsw3") - (mozilla-patch "icecat-CVE-2017-5430-pt02.patch" "16772200ad6f" "087j16rcbs5kgvpa096kd6jarwwwfrhwph54wzjn671wr1vnsvvd") - (mozilla-patch "icecat-CVE-2017-5441.patch" "c744e9d57250" "0m70157lczf17hxb2pabsl3grhcjqallbdfpsd58q8q6fk99k6x3") - (mozilla-patch "icecat-CVE-2017-5433.patch" "b4fc7a4cb5e0" "12q6mr5prpgqg5xnrww09qjm3jx2amb8zig62cd46ba8n9z2j9ab") - (mozilla-patch "icecat-CVE-2017-5429-pt02.patch" "21eac0b4fd2f" "1a6v0hwcc26gnlxygplc11dfzc8bykhh44j4gsz88kl5c5jqhlk9") - (mozilla-patch "icecat-CVE-2017-5432.patch" "62df7046e959" "1qvxbpkf87g4vnl8hxqvwb1ydrpkqq3rbkivr8q4029rvgalf4rf") - (mozilla-patch "icecat-bug-1350599.patch" "f6a978b2fcec" "0rkbbmw52mxgrmn1xny4jkn3slwb5jsqs4yr07ffhz7r801jy9iz") - (mozilla-patch "icecat-bug-1332839.patch" "2ad0f87f5dba" "04458jidri521hgf3r63pl736zz4gmgv6b8spa32anfb7gryj8fy") - (mozilla-patch "icecat-bug-1337548.patch" "29a1ad09a6ec" "0pld81bpc34w6g2ara54sx30msas55kwzr537pvxxc002lpvzs57") - (mozilla-patch "icecat-CVE-2017-5430-pt03.patch" "5dec7534760f" "1xh0y7srl7nznb6szpfiykd6r1ibyxrdvasc36w0chqjdmq7xr32") - (mozilla-patch "icecat-bug-1343851.patch" "e104d53316d7" "1yhv3qvzzi3kr881ji1dnm8ydnr3snh2vzl3c4vdzmvrjx8q5rcb") - (mozilla-patch "icecat-bug-1345222.patch" "864644fadcb0" "0qpplxyfn87bigzdkwlrhj9isd5gfafhjgqfckb239a09wwrblf3") - (mozilla-patch "icecat-bug-1348584.patch" "7cee9ad555af" "0856bpa3n71a3y5m4gilcdb9ghb60p545xkv9zbr245r20mj32ds") - (mozilla-patch "icecat-bug-1346720.patch" "6a597a9cd494" "091a5sanw3w3gl0jcmf8d60m59vwbh5v36vnar20m0hl7xrv4v7p") - (mozilla-patch "icecat-CVE-2017-5430-pt04.patch" "09693629803f" "18fhmsghq0232mhh8j10cy0a4979nmkbh43jlcyrg3l63l7795k4") - (mozilla-patch "icecat-CVE-2017-5430-pt05.patch" "2b8268ea97a9" "0l0f54krxdmqbgldikwjncxvn6irihcljldd3z039himrvplisjg") - (mozilla-patch "icecat-bug-1347700-pt1.patch" "ee706896916c" "0m85x80y98c154hyis08kcy81kbw3v34na1v862vxzs939d3mc0n") - (mozilla-patch "icecat-bug-1347700-pt2.patch" "08ecc2d92f81" "1s6411ccifw9l22hhmf32nhm8r5hbclnhy7jm2n228sqfr4h971g") - (mozilla-patch "icecat-bug-1337682.patch" "15af6a323161" "1nxbwd0574gscnkxfyhzv3yqvxiccb2d0rmba9vi6i62646l2pd5") - (mozilla-patch "icecat-CVE-2017-5451.patch" "d91260f0069a" "15w4rzz51hps2fr8djf5z1rzdwxshclk936mxv5anx1skkwms0y8") - (mozilla-patch "icecat-CVE-2017-5444.patch" "7740cf7e121b" "1706mx4zmnib336p2wmfp9ncyl66lk2da82f28xvcw262mg1c8lw") - (mozilla-patch "icecat-bug-1347164-pt1.patch" "b35a6d6dcdca" "077r0pns58fw3xd3qnbhib4q21vvw0aynpa8iyn1pycg8mppmd0f") - (mozilla-patch "icecat-bug-1347164-pt2.patch" "a42fc05969b9" "1ijq8ccsk5k56h77sv5kqv48w7csj3vbakzq98awgbvypzfdyhss") - (mozilla-patch "icecat-bug-1347164-pt3.patch" "f78ac1ac0a37" "0kj6jq482cqwyngy1kmb69zpq35xah8h33kml8i4l7andiyaq3zm") - (mozilla-patch "icecat-bug-1347164-pt4.patch" "795a3d48a775" "18lw99hmrr93k95hk6v6bx5rcf22aa902x2yf5p6wxdqg56nc0zp") - (mozilla-patch "icecat-bug-1338699.patch" "94ce63191069" "0rdivablincah3gbgl4wzjmqlraazivmr8bhqxdpy8dk0a6fvv4s") - (mozilla-patch "icecat-bug-1342301.patch" "e640e758a7cd" "17f36vvf82n6shlaip7ji8qsy9861f9a5r79h000p3wb3bb7lbfs") - (mozilla-patch "icecat-bug-1342170.patch" "df7ed78b7c0a" "1kq256i66hcm2k9d37i5ws354ksv3bbglmscdjv2v5f7wg3y967v") - (mozilla-patch "icecat-bug-1342634.patch" "d72e56823bbb" "0c186d77lyyg0hjxw15d44rybw6yr5aw8g9m3311xfdn5wiygijb") - (mozilla-patch "icecat-bug-1348796-pt1.patch" "cef01720769e" "0h57372lxanjs5zw9b3vwr2x36yz9gj73swyg50aqp13j4rcbpmy") - (mozilla-patch "icecat-bug-1348796-pt2.patch" "7d3584b75f20" "1a4hvpsvn39832g54hsxhqs24cq8v4nd69jqskkgc1ybs09ncmr3") - (mozilla-patch "icecat-bug-1192800.patch" "e56b0938ea0f" "1hlbxhjzj65s6p2v6f66zdfb3gw5yx77msgq5idsv9jip2w88mpq") - (mozilla-patch "icecat-bug-1309438.patch" "1f30d97563c8" "0rvq729fg9j959ha9qvw5wv7r6vw70qvpy7ynifgqhgrpa749n70") - (mozilla-patch "icecat-bug-1315332.patch" "66495c8d9459" "0vzlx8i0cidpymm6ar07h3yk63fxf64f0b2vb0pihd72h0jzd5s9") - (mozilla-patch "icecat-bug-1346439.patch" "a9fcc2dc324a" "13991jijwa84yczkmc212s23w269r8b1a4yiygqgwaily29l1dc5") - (mozilla-patch "icecat-CVE-2017-5469.patch" "3dcc5f5c2df4" "0b36m6rgxc05h39l6wkzi6dlmq9brcigk7xjrifs4786f0z564hz") - (mozilla-patch "icecat-CVE-2017-5430-pt06.patch" "ac0ca89b5a6b" "1646y9y2wmq8pxb081x3076dq9ana7hh5fxwbsnn17v5wqhi8gfb") - (mozilla-patch "icecat-CVE-2017-5467.patch" "6ed26e6c1a09" "0r1n1dwb4l8xwlns0aifyka6mldb6cy2crhh2qkap64cpj3bzl9s") - (mozilla-patch "icecat-CVE-2017-5439.patch" "2fde528ca7b6" "0iv0sjhnh7br0z3pcpk346wbj162ynacfk3p9309hg6kr1cd92fp") - (mozilla-patch "icecat-CVE-2017-5440.patch" "d88bd03d1234" "1pls63djh4w5023ag3fwjk79cpx816ilgajl5l1qlqyacl8c0v4p") - (mozilla-patch "icecat-bug-1349987.patch" "3282e8f6a121" "1dyc84h7v0l9gndmbiwfqk33f703zr3fv96mwbn58msdf20ma9l2") - (mozilla-patch "icecat-CVE-2017-5434.patch" "ee0a7b55e470" "01vs4p56p0ii0fvmg0kn7gaz6gwf2kwmv6v4pa6v68hwxx1phaag") - (mozilla-patch "icecat-CVE-2017-5430-pt07.patch" "a4e1e04c88ee" "0q07qwzxf2iisrhknjbn1zksv2rr6qzzh6w8ibzlj1sqbdg3h852") - (mozilla-patch "icecat-bug-1335043.patch" "a49419f75b9c" "0pkh5yimnj3p1sd2g9vndgcn11zdx6yhpa88s8vk7fqbs8gf1fz3") - (mozilla-patch "icecat-bug-1299500-pt01.patch" "5fdd36b4400a" "1gdrsbf03wf9v90f1bd2sp9ac38a9lzpzfrv8l8f7gvy70acjxmb") - (mozilla-patch "icecat-bug-1299500-pt02.patch" "34776df5ce44" "15mlf59ii0rk97j8mlf3wz1q0w28ma5mll47dvci6cv3dziai9f1") - (mozilla-patch "icecat-bug-1299500-pt03.patch" "26189af0f504" "1wh1s2xd1w03zi5jdaagk6j5i8v9xsm9360xmv446wdraygkqbci") - (mozilla-patch "icecat-bug-1299500-pt04.patch" "798a8fe17e7b" "0vlalanffq3paa7zab003v1d377x5pvcsy8nc8fr5pdlvi622jll") - (mozilla-patch "icecat-bug-1299500-pt05.patch" "daf2e4f2bd5c" "1rxbjbyr1a6dxjb0qj6900g3kqjphir40pis4qcfl8q811y18jwk") - (mozilla-patch "icecat-bug-1299500-pt06.patch" "1187091c3134" "0r8zz4zbglxg6sl0ybz9lyq1c5w2nqp0xcn2d3rz9bvyj8byqc7m") - (mozilla-patch "icecat-bug-1299500-pt07.patch" "a908f2c2fe30" "1fvwy3fxfrdi9y8hmf4f9aa72i0g6s55s8cp0w22gllsl1f6gvyf") - (mozilla-patch "icecat-bug-1299500-pt08.patch" "e95a26cf7a42" "0pd0kcn7dqd1gy1si85as5zzc96v7vq0v8n3g3gjzms5rdnk085l") - (mozilla-patch "icecat-bug-1299500-pt09.patch" "d63f3b14e571" "0cqd7dal6prsrj7bn2d699idbq4fzjry9vqlbmm9dkyn5683sdy1") - (search-patch "icecat-bug-1299500-pt10.patch") ; Adapted for GNU IceCat, based on: - ;"08f2bc167ae8" "07d1i23ffvi74a5558bb0645vbrap6qlrpcwfyb7dm3llbfnfycy") - (mozilla-patch "icecat-bug-1299500-pt11.patch" "263f27805689" "0nczkvyvlpdjif3xfvj7g2mfz6j06w99x2sblqfmqq6mwrlavpq0") - (mozilla-patch "icecat-CVE-2017-5456.patch" "538e0b382cc2" "0wq2ywn4a7i4ypcx03hl23a4xx3lavz7y505m9kw43fx15r4070r") - (mozilla-patch "icecat-bug-1280079.patch" "6fbcb6a4b91e" "0qcwz9js1bwlnwyv3vhkm0hvahd043lm2bijqsmm0jy20dbslga4") - (mozilla-patch "icecat-CVE-2017-5435.patch" "a362e1205ba4" "127i4ybfb4dk5axp4dxcl7ag7zyx7b517myvs6q4yd8981d1jjd3") - (mozilla-patch "icecat-bug-1341960.patch" "b24ce30e8cfa" "0a521wn8hbaliawmxs21b8wc1gkha8iih62j4zyrfg5rm7ff6p6s") - (mozilla-patch "icecat-CVE-2017-5454.patch" "ac40d4a4e414" "0dnzz95vpq32bsh6hajk4hrcrxwd4w6m7kayl2iziryny86jgak2") - (mozilla-patch "icecat-CVE-2017-5429-pt03.patch" "e469af8e9ccc" "0yn8zqakr9yw0jvysxyc8if09kqf4fr5rq4p9qdkb1p81p4dpmp5") - (mozilla-patch "icecat-bug-1351094.patch" "4c1383e76adc" "0wdldx88qabyhrwnnii44pggmfgqylzxy6ckwzgq86r2yipi4rsq") - (mozilla-patch "icecat-bug-1336527.patch" "b9f53baeabb3" "0y1l641ffbr4i85p0wc1ir6bcsy6h94bchbfc7ppxfijva4fjgvd") - (mozilla-patch "icecat-bug-1345716.patch" "2569af645a98" "1d6lx85ij90j6q6ixwp0h3w7y424yvkz0njsi0my727akbli5rsn") - (mozilla-patch "icecat-bug-1208957.patch" "2b68880d8f6b" "1pl0vkv7clyjchi9kg4995z82sr8xv7cbz1kvsg1v66md6pmp4s4") - (mozilla-patch "icecat-bug-1208957.patch" "bc646835442b" "0f29r5yvlb5w84nvvn6j9r9dq5314jgygjmsna3grzigpkb88gyj") - (mozilla-patch "icecat-bug-1347944.patch" "47cb652ddc25" "0n7871958zwndwz53xvzwjv41v5ar1vxaam8kzr5dkbqmprddimx") - (mozilla-patch "icecat-bug-1347632.patch" "7d8f7a52a108" "0gkbkzkz989j7pk3ia1rfvyjg3si8hnnadwkb2rw13qjxdzhx2zn") - (mozilla-patch "icecat-CVE-2017-5438.patch" "154c93b9435b" "00f8lr5s8h68392bb45zi0xfgqrgfkdxbzwdypp10d89784fvjvd") - (mozilla-patch "icecat-bug-1347486.patch" "15dbaf157058" "1mwgfnx1zsvhp0pgmc8577yw6lnf7g3ikdfj0r21fgffrn76bp69") - (mozilla-patch "icecat-bug-1218437.patch" "e13692bfd5f5" "10jrbs26m8l1vchw6svssrb5h8p82acrcmkx92ybvv4qbaq2bcl0") - (mozilla-patch "icecat-bug-1345853.patch" "5fa27dc4c4a3" "1sqqa4hir2bsnnwnlr34has62kpncmw6l9mylwprd09fxmzzgrd7") - (mozilla-patch "icecat-CVE-2017-5429-pt04.patch" "00c051cd38c7" "1d4aa4nqyjc01mg3jvdjjp7z05c2qhdjj85dhdrd9c18gfiyv4fi") - (mozilla-patch "icecat-bug-1349921.patch" "c6897adc4037" "0acvcdy8awdmpz84243jzf82agrm73wqa198fjbns1p1v3s425z2") - (mozilla-patch "icecat-bug-1338623.patch" "edcafd42dd52" "1xqgjy7a62jsyz1b5mibrcnd7zpb4gdaas0a6z5dwfvz52j4xa16") - (mozilla-patch "icecat-bug-1294799.patch" "0617b074ec3d" "19h7dj44shvdzzj87svpv5q97cikxyxhiwfzf9rnqj1b7fw0xrdh") - (mozilla-patch "icecat-bug-1345049.patch" "88466b911357" "16pgd13mw9a0snyhq6vxmjc7kr9mikvhazkgbc6vpykwi0i0z85b") - (mozilla-patch "icecat-bug-1339999.patch" "b7cb8f8b0877" "0zv1kxcva699ahb9s36l4d9mlrkm0b7hmh6g1422j6iijn136vxb") - (mozilla-patch "icecat-bug-1350868.patch" "ddd6c44790c0" "182ii4wsz2vdd1q4dszd5hka8i2n0ghmqk7l39bd02d3zfibhhvc") - (mozilla-patch "icecat-bug-1342360.patch" "416681a239ef" "0ngs8xgmdhz9ag4dlrqhr0vmanqxr9q2vf16jpm3cimyc06zjxz4") - (mozilla-patch "icecat-CVE-2017-5429-pt05.patch" "a76e626ae6db" "0zn2j8fmhp7502kx1jhrvh85vsys5x6x6gw3v4gl0h8px354v6yw") - (mozilla-patch "icecat-CVE-2017-5429-pt06.patch" "0ce4196ab86e" "0isczy8261qz2zsdxax4j51gypz0gi39q7nfwxg88sl81kc5vym8") - (mozilla-patch "icecat-CVE-2017-5429-pt07.patch" "39da731d80ed" "0vswnv1hqa7r8iz6y5ja7i6w3cyq5xrcd66c1q29ac6n4gn7x338") - (mozilla-patch "icecat-CVE-2017-5430-pt08.patch" "1b148cf9c545" "0ilrib0c2c7mfycpz2hq3vrfdf6sf8lcdbfjk6r4xyxv54vh3lwk") - (mozilla-patch "icecat-bug-1325841.patch" "74e9f13c554f" "0glzcgjsy71y78zaccn33w8djs96i6dd3gafyzkihnkpfddd5cij") - (mozilla-patch "icecat-CVE-2017-5445.patch" "d7d87adfe186" "02p705si2j69ya8n5a916x58nycs07ja0sfpxrwl16f4n2plc91h") - (mozilla-patch "icecat-bug-1346424.patch" "5ede402f494f" "0kbx8yn8ppv7099ic6nhw32f7h42pnwk6dpvb179ilw90ah902q7") - (mozilla-patch "icecat-CVE-2017-5430-pt09.patch" "da44c5cfab2e" "16i4dz5sfkhh3a0khrcf8zn5w20rkf4aqwygjj3cp4qhdh7wnr75") - (mozilla-patch "icecat-CVE-2017-5430-pt10.patch" "0f966927bd55" "07pkhc6l6ylwrzgfm7i1galrvjawqqrhvhk6jcw4b30sfhi0bxq1") - (mozilla-patch "icecat-CVE-2017-5429-pt08.patch" "f0f591f82cc0" "18p091503vpfpp4l3d7hkqj78zavv6qj1lynhlfx67zdp3xqcf8r") - (mozilla-patch "icecat-CVE-2017-5464.patch" "1852dc0beba4" "1zdnkrsqjfv1q2jhj4829ypiwyg78n4jv54yn3b74vwcf5zvzx8m") - (mozilla-patch "icecat-bug-1083140.patch" "6913f0537208" "0vaf61ryp0bzkz6l1w73alhglibbgm0jcgccxvvm43ni67pcxqbq") - ;; The patch commented out below updates the bundled tzdata, - ;; but we can't use it because it contains a GIT binary patch. - ;; TODO: Consider updating the bundled tzdata, or unbundling it. - ;; (mozilla-patch "icecat-bug-1343493.patch" "35496444b380" "1wa79az7121xw078cgpczxavrqy0fsp4ib2nb69giha6acxcaqas") - (mozilla-patch "icecat-CVE-2017-5430-pt11.patch" "64495dfa29db" "0m7vklnwnaf7sw97m87bm4lb9pjmlh1vvrbaf1931db8nhd6m737") - (mozilla-patch "icecat-bug-1350783.patch" "26cd34db3c14" "15vq3lrilg3n9j80cdjmk7xib2iq5gcx9ypq8xs7f5ya9ibasqlx") - (mozilla-patch "icecat-CVE-2017-5429-pt09.patch" "6cd77a0d7ac0" "0kxlbl5m3gffxqrv7ky3swsbyg1ykj0wjhlfl9amsb4g8gra3zkj") - (mozilla-patch "icecat-CVE-2017-5460-pt1.patch" "a803be74843c" "1ywwakzjkfr714i9pfn152n86c6rp427chzdys8phdkcvp5d5p45") - (mozilla-patch "icecat-CVE-2017-5460-pt2.patch" "73762c1392ae" "18jy9ccqvn6l6hznvq5xsqm1pc7i81svc2grgv21wfwg9sd6zwwh") - (mozilla-patch "icecat-bug-1337392-pt1.patch" "4ab6d5c43036" "07pygzngssra9wnmqqrs24d6gc5kfh20fkzvpcasxh4f2hi21z9b") - (mozilla-patch "icecat-bug-1337392-pt2.patch" "13f2d85da9a7" "1iwfz7dp5i93bhjspy4kyz0vqrl8x8ndg5kxdyzwb1b339xim9qy") - (mozilla-patch "icecat-CVE-2017-5429-pt10.patch" "7a30cddfcd54" "1773pijh6gi086l930cn1a0k7kvy7f3cnirfblw98sq7h9qfyy33") - (mozilla-patch "icecat-bug-1345873-pt1.patch" "75cea353ad78" "14cig2y7d3p033hx3096gxzlqwgddq8d0ig0g3l8p1b0xwvvyryl") - (mozilla-patch "icecat-bug-1345873-pt2.patch" "b08ef5a82f89" "0afz01jv850x09df85d7ycqkcdlafi4w2xi5k155lk2b92w8lhpj") - (mozilla-patch "icecat-bug-1340163.patch" "f3f2a995a239" "1ydsj4ja475jscalkw6ggdxgbsp5l2mam5109k0y7c98abzqraxk") - (mozilla-patch "icecat-bug-1348174-pt1.patch" "330904d6f0dc" "19wnp4d8481w86xkk78n7c7wrr99rq6cq3v09hd8am4n0mzwzaja") - (mozilla-patch "icecat-bug-1348174-pt2.patch" "c61b99483c4b" "0mjsahi8ly24415ri2sylas6g0kb8wawi095idqiq019c3r7q9cq") - (mozilla-patch "icecat-bug-1348601.patch" "1848bd238064" "1f5kadhn6w1rs26sdrcc3mq0zzlmmsm6ymqhshkzn57nrj6akm7b") - (mozilla-patch "icecat-bug-1345991.patch" "2008a4b89d9a" "07fkg9r2rxbk362ckv2h8inhd2dadvzigshm6zsjfjs2fyzp95hp") - (mozilla-patch "icecat-bug-1344498-pt1.patch" "9acd0103d67f" "1f0j667g05h9ydmc924cs8mzif1n7s56wixsgnyqc3s231dswhml") - (mozilla-patch "icecat-bug-1344498-pt2.patch" "49aadb25b1ec" "0s618m802b1x5pyqh5mj1azaxch7ggxq9503b7mwhg90vz8qw7ki") - (mozilla-patch "icecat-bug-1344205.patch" "34b453085dc0" "02h1bh24f9i5sm3my07m2q58cpzqfhagwwv11l9fidxcm9dmzmrd") - (mozilla-patch "icecat-bug-1349862.patch" "864ff0c36b6b" "1i3wmigv982x9hzkfg25jhyvkynmar69x6cj6r4g9zkk5f5ypdh5") - (mozilla-patch "icecat-CVE-2017-5459.patch" "5ec6fbedb420" "07flhha4rkjbry5590yr5by36ypb1k33qm3rzkbmw0vk5gyak8dp") - (mozilla-patch "icecat-CVE-2017-5465.patch" "2b95de78a92c" "0vvq1fz84yyw7za929x6ki25paivlwd4ng1ddkcb2bw6da6yp12k") - (mozilla-patch "icecat-CVE-2017-5466.patch" "a5ec5e70abf1" "1jjviyk6db8iccd7997mwmgs188fsyrzivap3ffjf8m6j4mf9cra") - (mozilla-patch "icecat-bug-1347646.patch" "1b50711a46ce" "1i3505zzgf0mvg2405y2gzq36xc8ic2ga8w6d3n9kqryxj0mc7bh") - (mozilla-patch "icecat-bug-1344558.patch" "4147826407e8" "1hgyq21r4qphlvnhvlwbwy4mb2kjalnmksg4fnqbwcb478vb75z2") - (mozilla-patch "icecat-bug-1340718.patch" "3aae8d906162" "033d0j54z2lmkmkyiwjdqd5ddpi5mz52qb16f8aj85h0d5hz7aq0") - (mozilla-patch "icecat-bug-1322112.patch" "01f58e0bfe9d" "0ghm4y5ayr50klq443ffpa8gjphh8ywbil1phzx0bxmnn5d21gb5") - (mozilla-patch "icecat-bug-1339782.patch" "584b974b9913" "1vbya8vanla7y7g7058193pd5mrds9ps879i7ng91n929n86dfsa") - (mozilla-patch "icecat-bug-1335992.patch" "fe579c64db03" "0cvdsl9kkhmgdii45bqnzxvljvfaj769zai6h9pqw49k6wd5xyqa") - (mozilla-patch "icecat-bug-1330012.patch" "31630bd9db47" "18y86fc1bmpfkz1vx73i620z8h586za40i80mj5507szqian9pdp") - (mozilla-patch "icecat-bug-1343446.patch" "29121ef13331" "1j1wkm8gfri897kmpvncr7dn6nfn864kk4km7dknprvh458wdkws") - (mozilla-patch "icecat-bug-1344265.patch" "405bba2d38b1" "0qdf7d3wrickfga30bz1pky8rpycgr69dc2n858bm30qk7yxhv1x") - (mozilla-patch "icecat-bug-1346392.patch" "955ee0340ab7" "0hghj38qqmh4qpr6c60689za3fl59f56yjajdpxn75hmab7b35r2") - (mozilla-patch "icecat-bug-1356292.patch" "04e42829d115" "1lfvki38k7svlc2abis2nbr4773bwnn7x8gbnc19v6csc93z2ijq") - (mozilla-patch "icecat-bug-1354294-pt1.patch" "9e17e0266d21" "1iwnkaxyx6ph6bsy0y3bllmc63f4322pbm7zllaxrsy443g7iixa") - (mozilla-patch "icecat-bug-1354294-pt2.patch" "3ea0e0752031" "0v2aa78g540lwqsc95cchydg1wjy4c04ldnrcccav3dgqlz14l7v") (mozilla-patch "icecat-bug-1342366.patch" "fb43f6690a26" "1vnkjpq2bcqwzmjkgyqv8wj0ndrrsyix3qy1rsb5is6pjmi9sbaa") - (mozilla-patch "icecat-bug-1343818.patch" "90f870bbec29" "0mbki955f71n4yr9p0yc7kh5jwq7vs4bs4rhaazdncirbr564hm6"))) + (mozilla-patch "icecat-bug-1343818.patch" "90f870bbec29" "0mbki955f71n4yr9p0yc7kh5jwq7vs4bs4rhaazdncirbr564hm6") + (mozilla-patch "icecat-bug-1348454.patch" "c1cd8a02669f" "1wf0107763rw45kxkak7478vlax06ay7076cbm7ysxl7vijbr52w") + (mozilla-patch "icecat-bug-1297111.patch" "2553531f83b9" "0ibf59pa8czdyhc25sas6zhh2gf1k8vr8fklis2b1ms3n1qnzrha") + (mozilla-patch "icecat-bug-1355873.patch" "9ee455ddcd68" "0d38hi4556635g9ag805vfyffdgfsp4a8v3d9ldffdp99ypv2ixj") + (mozilla-patch "icecat-bug-1348424-pt1.patch" "6472c7006a73" "1fgydas23fzj49n4g43133bgjn98b2h38bii4knl7z7pm3fs2wws") + (mozilla-patch "icecat-bug-1348424-pt2.patch" "0d5a26b29816" "03mkghl9i83jk1axr8bvw8la6shbggkabf23if8a9vi5jdv8182x") + (mozilla-patch "icecat-bug-1357092.patch" "e78c943af07f" "0r830k6hja8z9rjk2nqjg8zfzr0wjcnic8rddh7jmc1inr1w3crm") + (mozilla-patch "icecat-bug-1352093.patch" "d7c06f2d0d13" "1ahyns5v37w91bilvb3pa8kkdzkkn3fcxmi49jr5bycjlawljrm4") + (mozilla-patch "icecat-bug-1349595.patch" "9071c7d4cc9c" "12128sf8s3zwv2w16kfl5jry9d6ky7hvps2006184rg23p32aj6n") + (mozilla-patch "icecat-bug-1336979.patch" "8bbc7b586d68" "0c13imyp1nq18in3yb1zcyi41b69svh4fn8msyj0c2lhbf8qnqcw") + (mozilla-patch "icecat-bug-1352556.patch" "6d80ca63ff8b" "0s893fn6v0p323lcnl4cbkg1zd7gs1p0bw76ki6cmiapkn63gs13") + (mozilla-patch "icecat-bug-1359547.patch" "43d7b98d8743" "1dhgy1jkvn3c4k27hbv8p16w7l09b8hd4w9zzpk8dpn4h78ncs3h") + (mozilla-patch "icecat-CVE-2017-5031.patch" "bd4fcdee9a06" "0xz1r342023a0bsllhjbzn6v75lpqznwacqyikb7q8i4hxkxh78a") + (mozilla-patch "icecat-bug-1346499.patch" "747fd6c81983" "00iscyn4wr69205ppiaghlnd32845f5lcsl303v0fcdd4d1v04vc") + (mozilla-patch "icecat-bug-1334443-pt1.patch" "16201e8478df" "1k91xaai25vn1svkaldnsd2s8br3fgvnk5l54k3n3lk3m5vj55hv") + (mozilla-patch "icecat-bug-1334443-pt2.patch" "f100e5cf3bcb" "1cgbbbnkrd3ydfw99rhnpqdp5zq65537mg8sa1s9ajxkjjd1dkwj") + (mozilla-patch "icecat-bug-1354810.patch" "e579ef6e8d11" "0cmrh8dl85lzjxpbni08xbs8qq15sljnpg70a7rsl0jdbgih3mdx") + (mozilla-patch "icecat-bug-1356755.patch" "4a3fce67b52d" "126i9nwxsb3sjwb7dvhafacq86glnhx7r7jjv0h9v21s1w0kx4wj") + (mozilla-patch "icecat-bug-1273265.patch" "7902fea300b8" "1jkrl8hdycsi17dd1m1vvl6gm1skhpf10q2m29zwfr8l40fd6a3q") + (mozilla-patch "icecat-bug-1353204.patch" "b5a21502aeff" "13rbrhvr37w95av9d4hkgi913nq0j6k2iijydylvprcn18cwibp0") + (mozilla-patch "icecat-bug-1028195.patch" "69a5ca2bf867" "0q8cgi6837ikpg7gsvywmzhq0i102845apcbrd6mw0205qqsnw5c") + (mozilla-patch "icecat-bug-1347835.patch" "bc635f45af37" "1fny422l6yc80901x6swybr8nk0in1wxfgy97ky4bdkcqlnmzpqv") + (mozilla-patch "icecat-bug-1241066.patch" "b922ca70cce5" "09hcf9rm7ng3vj5y267w0c9h6pqinnz8gjlkwx1337xh43mdvqjv") + (mozilla-patch "icecat-bug-1346012.patch" "1ce6d0652921" "163ji64a86h682frh1jq016w1mjf8g24r8cni0irsdmiihis7zxc") + (mozilla-patch "icecat-bug-1324140.patch" "8886f9cd5dd3" "0byabs9md8r3pc4r67sv2759427n1za0gfayln40nx47n2p52kmg") + (mozilla-patch "icecat-bug-1342552.patch" "ad995e90916b" "02nq9sg675p26z99nr2pykbz51hi2phf0gmrb1bjpq9pjbll7gsa") + (mozilla-patch "icecat-bug-1355039.patch" "4ae71415fecf" "0yfkkdkkimad9a3w734xx85lb7hrl870c8k8an7w78fq3vl3fjnd"))) (modules '((guix build utils))) (snippet '(begin @@ -533,7 +395,6 @@ standards.") ;; ;; TODO: Use system graphite2. ;; - "dom/devicestorage" ; Removed in ESR 52.1, awkward to patch out "modules/freetype2" "modules/zlib" "modules/libbz2" diff --git a/gnu/packages/patches/icecat-bug-1299500-pt10.patch b/gnu/packages/patches/icecat-bug-1299500-pt10.patch deleted file mode 100644 index 406738b8a5..0000000000 --- a/gnu/packages/patches/icecat-bug-1299500-pt10.patch +++ /dev/null @@ -1,1639 +0,0 @@ -Based on the following HG changeset, but adapted to GNU IceCat and -also assumes that the dom/devicestorage subtree is deleted by our -snippet. Note that the other parts of this patchset are downloaded -directly from the upstream mozilla-esr52 mercurial repository. - -# HG changeset patch -# User Andrea Marchesini -# Date 1489000545 -3600 -# Node ID 08f2bc167ae82a6f86e427283d8b972ba794b846 -# Parent d63f3b14e5718b62c0adad2eab81b785250f3d4a -Bug 1299500 - Get rid of DeviceStorage API - part 10 - DeviceStorage, r=ehsan, r=billm, a=jcristau - -diff --git a/dom/bindings/Bindings.conf b/dom/bindings/Bindings.conf ---- a/dom/bindings/Bindings.conf -+++ b/dom/bindings/Bindings.conf -@@ -228,21 +228,16 @@ DOMInterfaces = { - 'DeviceAcceleration': { - 'headerFile': 'mozilla/dom/DeviceMotionEvent.h', - }, - - 'DeviceRotationRate': { - 'headerFile': 'mozilla/dom/DeviceMotionEvent.h', - }, - --'DeviceStorage': { -- 'nativeType': 'nsDOMDeviceStorage', -- 'headerFile': 'DeviceStorage.h', --}, -- - 'Document': { - 'nativeType': 'nsIDocument', - 'binaryNames': { - 'documentURI': 'documentURIFromJS', - 'URL': 'documentURIFromJS' - } - }, - -diff --git a/dom/filesystem/DeviceStorageFileSystem.cpp b/dom/filesystem/DeviceStorageFileSystem.cpp ---- a/dom/filesystem/DeviceStorageFileSystem.cpp -+++ b/dom/filesystem/DeviceStorageFileSystem.cpp -@@ -1,26 +1,24 @@ - /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ - /* vim: set ts=8 sts=2 et sw=2 tw=80: */ - /* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. */ - - #include "mozilla/dom/DeviceStorageFileSystem.h" - --#include "DeviceStorage.h" - #include "mozilla/Preferences.h" - #include "mozilla/dom/Directory.h" - #include "mozilla/dom/File.h" - #include "mozilla/dom/FileSystemUtils.h" - #include "mozilla/ipc/BackgroundParent.h" - #include "mozilla/Unused.h" - #include "nsCOMPtr.h" - #include "nsDebug.h" --#include "nsDeviceStorage.h" - #include "nsIFile.h" - #include "nsPIDOMWindow.h" - #include "nsGlobalWindow.h" - - using namespace mozilla::ipc; - - namespace mozilla { - namespace dom { -@@ -37,44 +35,16 @@ DeviceStorageFileSystem::DeviceStorageFi - if (mozilla::Preferences::GetBool("device.storage.prompt.testing", false)) { - mPermissionCheckType = ePermissionCheckNotRequired; - } else { - mPermissionCheckType = ePermissionCheckRequired; - } - } else { - AssertIsOnBackgroundThread(); - } -- -- // Get the permission name required to access the file system. -- DebugOnly rv = -- DeviceStorageTypeChecker::GetPermissionForType(mStorageType, mPermission); -- NS_WARNING_ASSERTION(NS_SUCCEEDED(rv), "GetPermissionForType failed"); -- -- // Get the local path of the file system root. -- nsCOMPtr rootFile; -- DeviceStorageFile::GetRootDirectoryForType(aStorageType, -- aStorageName, -- getter_AddRefs(rootFile)); -- -- Unused << -- NS_WARN_IF(!rootFile || -- NS_FAILED(rootFile->GetPath(mLocalOrDeviceStorageRootPath))); -- -- if (!XRE_IsParentProcess()) { -- return; -- } -- -- // DeviceStorageTypeChecker is a singleton object and must be initialized on -- // the main thread. We initialize it here so that we can use it on the worker -- // thread. -- if (NS_IsMainThread()) { -- DebugOnly typeChecker = -- DeviceStorageTypeChecker::CreateOrGet(); -- MOZ_ASSERT(typeChecker); -- } - } - - DeviceStorageFileSystem::~DeviceStorageFileSystem() - { - AssertIsOnOwningThread(); - } - - already_AddRefed -diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp ---- a/dom/ipc/ContentChild.cpp -+++ b/dom/ipc/ContentChild.cpp -@@ -168,44 +168,41 @@ - #include "mozilla/X11Util.h" - #endif - - #ifdef ACCESSIBILITY - #include "nsAccessibilityService.h" - #endif - - #include "mozilla/dom/File.h" --#include "mozilla/dom/devicestorage/DeviceStorageRequestChild.h" - #include "mozilla/dom/PPresentationChild.h" - #include "mozilla/dom/PresentationIPCService.h" - #include "mozilla/ipc/InputStreamUtils.h" - - #ifdef MOZ_WEBSPEECH - #include "mozilla/dom/PSpeechSynthesisChild.h" - #endif - - #include "ProcessUtils.h" - #include "URIUtils.h" - #include "nsContentUtils.h" - #include "nsIPrincipal.h" --#include "nsDeviceStorage.h" - #include "DomainPolicy.h" - #include "mozilla/dom/ipc/StructuredCloneData.h" - #include "mozilla/dom/time/DateCacheCleaner.h" - #include "mozilla/net/NeckoMessageUtils.h" - #include "mozilla/widget/PuppetBidiKeyboard.h" - #include "mozilla/RemoteSpellCheckEngineChild.h" - #include "GMPServiceChild.h" - #include "gfxPlatform.h" - #include "nscore.h" // for NS_FREE_PERMANENT_DATA - #include "VRManagerChild.h" - - using namespace mozilla; - using namespace mozilla::docshell; --using namespace mozilla::dom::devicestorage; - using namespace mozilla::dom::ipc; - using namespace mozilla::dom::workers; - using namespace mozilla::media; - using namespace mozilla::embedding; - using namespace mozilla::gmp; - using namespace mozilla::hal_sandbox; - using namespace mozilla::ipc; - using namespace mozilla::layers; -@@ -1806,29 +1803,16 @@ ContentChild::GetCPOWManager() - } - - bool - ContentChild::RecvPTestShellConstructor(PTestShellChild* actor) - { - return true; - } - --PDeviceStorageRequestChild* --ContentChild::AllocPDeviceStorageRequestChild(const DeviceStorageParams& aParams) --{ -- return new DeviceStorageRequestChild(); --} -- --bool --ContentChild::DeallocPDeviceStorageRequestChild(PDeviceStorageRequestChild* aDeviceStorage) --{ -- delete aDeviceStorage; -- return true; --} -- - PNeckoChild* - ContentChild::AllocPNeckoChild() - { - return new NeckoChild(); - } - - bool - ContentChild::DeallocPNeckoChild(PNeckoChild* necko) -@@ -2531,38 +2515,16 @@ ContentChild::RecvVolumes(nsTArrayRecvVolumesFromParent(aVolumes); - } - #endif - return true; - } - - bool --ContentChild::RecvFilePathUpdate(const nsString& aStorageType, -- const nsString& aStorageName, -- const nsString& aPath, -- const nsCString& aReason) --{ -- if (nsDOMDeviceStorage::InstanceCount() == 0) { -- // No device storage instances in this process. Don't try and -- // and create a DeviceStorageFile since it will fail. -- -- return true; -- } -- -- RefPtr dsf = new DeviceStorageFile(aStorageType, aStorageName, aPath); -- -- nsString reason; -- CopyASCIItoUTF16(aReason, reason); -- nsCOMPtr obs = mozilla::services::GetObserverService(); -- obs->NotifyObservers(dsf, "file-watcher-update", reason.get()); -- return true; --} -- --bool - ContentChild::RecvFileSystemUpdate(const nsString& aFsName, - const nsString& aVolumeName, - const int32_t& aState, - const int32_t& aMountGeneration, - const bool& aIsMediaPresent, - const bool& aIsSharing, - const bool& aIsFormatting, - const bool& aIsFake, -diff --git a/dom/ipc/ContentChild.h b/dom/ipc/ContentChild.h ---- a/dom/ipc/ContentChild.h -+++ b/dom/ipc/ContentChild.h -@@ -193,22 +193,16 @@ public: - const IPCTabContext& aContext, - const uint32_t& aChromeFlags, - const ContentParentId& aCpID, - const bool& aIsForApp, - const bool& aIsForBrowser) override; - - virtual bool DeallocPBrowserChild(PBrowserChild*) override; - -- virtual PDeviceStorageRequestChild* -- AllocPDeviceStorageRequestChild(const DeviceStorageParams&) override; -- -- virtual bool -- DeallocPDeviceStorageRequestChild(PDeviceStorageRequestChild*) override; -- - virtual PBlobChild* - AllocPBlobChild(const BlobConstructorParams& aParams) override; - - virtual bool DeallocPBlobChild(PBlobChild* aActor) override; - - virtual PCrashReporterChild* - AllocPCrashReporterChild(const mozilla::dom::NativeThreadId& id, - const uint32_t& processType) override; -@@ -436,21 +430,16 @@ public: - - virtual bool - RecvInitBlobURLs(nsTArray&& aRegistations) override; - - virtual bool RecvLastPrivateDocShellDestroyed() override; - - virtual bool RecvVolumes(InfallibleTArray&& aVolumes) override; - -- virtual bool RecvFilePathUpdate(const nsString& aStorageType, -- const nsString& aStorageName, -- const nsString& aPath, -- const nsCString& aReason) override; -- - virtual bool RecvFileSystemUpdate(const nsString& aFsName, - const nsString& aVolumeName, - const int32_t& aState, - const int32_t& aMountGeneration, - const bool& aIsMediaPresent, - const bool& aIsSharing, - const bool& aIsFormatting, - const bool& aIsFake, -diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp ---- a/dom/ipc/ContentParent.cpp -+++ b/dom/ipc/ContentParent.cpp -@@ -23,17 +23,16 @@ - - #include "chrome/common/process_watcher.h" - - #include "mozilla/a11y/PDocAccessible.h" - #include "AppProcessChecker.h" - #include "AudioChannelService.h" - #include "BlobParent.h" - #include "CrashReporterParent.h" --#include "DeviceStorageStatics.h" - #include "GMPServiceParent.h" - #include "HandlerServiceParent.h" - #include "IHistory.h" - #include "imgIContainer.h" - #include "mozIApplication.h" - #if defined(XP_WIN) && defined(ACCESSIBILITY) - #include "mozilla/a11y/AccessibleWrap.h" - #endif -@@ -50,17 +49,16 @@ - #include "mozilla/dom/GetFilesHelper.h" - #include "mozilla/dom/GeolocationBinding.h" - #include "mozilla/dom/Notification.h" - #include "mozilla/dom/PContentBridgeParent.h" - #include "mozilla/dom/PContentPermissionRequestParent.h" - #include "mozilla/dom/PCycleCollectWithLogsParent.h" - #include "mozilla/dom/PMemoryReportRequestParent.h" - #include "mozilla/dom/ServiceWorkerRegistrar.h" --#include "mozilla/dom/devicestorage/DeviceStorageRequestParent.h" - #include "mozilla/dom/power/PowerManagerService.h" - #include "mozilla/dom/Permissions.h" - #include "mozilla/dom/PresentationParent.h" - #include "mozilla/dom/PPresentationParent.h" - #include "mozilla/dom/PushNotifier.h" - #include "mozilla/dom/FlyWebPublishedServerIPC.h" - #include "mozilla/dom/quota/QuotaManagerService.h" - #include "mozilla/dom/time/DateCacheCleaner.h" -@@ -272,17 +270,16 @@ using base::ChildPrivileges; - using base::KillProcess; - #ifdef MOZ_ENABLE_PROFILER_SPS - using mozilla::ProfileGatherer; - #endif - - #ifdef MOZ_CRASHREPORTER - using namespace CrashReporter; - #endif --using namespace mozilla::dom::devicestorage; - using namespace mozilla::dom::power; - using namespace mozilla::media; - using namespace mozilla::embedding; - using namespace mozilla::gfx; - using namespace mozilla::gmp; - using namespace mozilla::hal; - using namespace mozilla::ipc; - using namespace mozilla::layers; -@@ -2775,22 +2772,16 @@ ContentParent::Observe(nsISupports* aSub - Unused << SendCycleCollect(); - } - else if (!strcmp(aTopic, "child-mmu-request")){ - Unused << SendMinimizeMemoryUsage(); - } - else if (!strcmp(aTopic, "last-pb-context-exited")) { - Unused << SendLastPrivateDocShellDestroyed(); - } -- else if (!strcmp(aTopic, "file-watcher-update")) { -- nsCString creason; -- CopyUTF16toUTF8(aData, creason); -- DeviceStorageFile* file = static_cast(aSubject); -- Unused << SendFilePathUpdate(file->mStorageType, file->mStorageName, file->mPath, creason); -- } - #ifdef MOZ_WIDGET_GONK - else if(!strcmp(aTopic, NS_VOLUME_STATE_CHANGED)) { - nsCOMPtr vol = do_QueryInterface(aSubject); - if (!vol) { - return NS_ERROR_NOT_AVAILABLE; - } - - nsString volName; -@@ -3021,35 +3012,16 @@ ContentParent::AllocPBrowserParent(const - } - - bool - ContentParent::DeallocPBrowserParent(PBrowserParent* frame) - { - return nsIContentParent::DeallocPBrowserParent(frame); - } - --PDeviceStorageRequestParent* --ContentParent::AllocPDeviceStorageRequestParent(const DeviceStorageParams& aParams) --{ -- RefPtr result = new DeviceStorageRequestParent(aParams); -- if (!result->EnsureRequiredPermissions(this)) { -- return nullptr; -- } -- result->Dispatch(); -- return result.forget().take(); --} -- --bool --ContentParent::DeallocPDeviceStorageRequestParent(PDeviceStorageRequestParent* doomed) --{ -- DeviceStorageRequestParent *parent = static_cast(doomed); -- NS_RELEASE(parent); -- return true; --} -- - PBlobParent* - ContentParent::AllocPBlobParent(const BlobConstructorParams& aParams) - { - return nsIContentParent::AllocPBlobParent(aParams); - } - - bool - ContentParent::DeallocPBlobParent(PBlobParent* aActor) -@@ -3871,35 +3843,16 @@ ContentParent::RecvAsyncMessage(const ns - InfallibleTArray&& aCpows, - const IPC::Principal& aPrincipal, - const ClonedMessageData& aData) - { - return nsIContentParent::RecvAsyncMessage(aMsg, Move(aCpows), aPrincipal, - aData); - } - --bool --ContentParent::RecvFilePathUpdateNotify(const nsString& aType, -- const nsString& aStorageName, -- const nsString& aFilePath, -- const nsCString& aReason) --{ -- RefPtr dsf = new DeviceStorageFile(aType, -- aStorageName, -- aFilePath); -- -- nsCOMPtr obs = mozilla::services::GetObserverService(); -- if (!obs) { -- return false; -- } -- obs->NotifyObservers(dsf, "file-watcher-update", -- NS_ConvertASCIItoUTF16(aReason).get()); -- return true; --} -- - static int32_t - AddGeolocationListener(nsIDOMGeoPositionCallback* watcher, - nsIDOMGeoPositionErrorCallback* errorCallBack, - bool highAccuracy) - { - nsCOMPtr geo = do_GetService("@mozilla.org/geolocation;1"); - if (!geo) { - return -1; -@@ -4943,35 +4896,16 @@ ContentParent::RecvBeginDriverCrashGuard - bool - ContentParent::RecvEndDriverCrashGuard(const uint32_t& aGuardType) - { - mDriverCrashGuard = nullptr; - return true; - } - - bool --ContentParent::RecvGetDeviceStorageLocation(const nsString& aType, -- nsString* aPath) --{ --#ifdef MOZ_WIDGET_ANDROID -- mozilla::AndroidBridge::GetExternalPublicDirectory(aType, *aPath); -- return true; --#else -- return false; --#endif --} -- --bool --ContentParent::RecvGetDeviceStorageLocations(DeviceStorageLocationInfo* info) --{ -- DeviceStorageStatics::GetDeviceStorageLocationsForIPC(info); -- return true; --} -- --bool - ContentParent::RecvGetAndroidSystemInfo(AndroidSystemInfo* aInfo) - { - #ifdef MOZ_WIDGET_ANDROID - nsSystemInfo::GetAndroidSystemInfo(aInfo); - return true; - #else - MOZ_CRASH("wrong platform!"); - return false; -diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h ---- a/dom/ipc/ContentParent.h -+++ b/dom/ipc/ContentParent.h -@@ -726,22 +726,16 @@ private: - const IPCTabContext& aContext, - const uint32_t& aChromeFlags, - const ContentParentId& aCpId, - const bool& aIsForApp, - const bool& aIsForBrowser) override; - - virtual bool DeallocPBrowserParent(PBrowserParent* frame) override; - -- virtual PDeviceStorageRequestParent* -- AllocPDeviceStorageRequestParent(const DeviceStorageParams&) override; -- -- virtual bool -- DeallocPDeviceStorageRequestParent(PDeviceStorageRequestParent*) override; -- - virtual PBlobParent* - AllocPBlobParent(const BlobConstructorParams& aParams) override; - - virtual bool DeallocPBlobParent(PBlobParent* aActor) override; - - virtual bool - RecvPBlobConstructor(PBlobParent* aActor, - const BlobConstructorParams& params) override; -@@ -927,21 +921,16 @@ private: - const IPC::Principal& aPrincipal, - nsTArray* aRetvals) override; - - virtual bool RecvAsyncMessage(const nsString& aMsg, - InfallibleTArray&& aCpows, - const IPC::Principal& aPrincipal, - const ClonedMessageData& aData) override; - -- virtual bool RecvFilePathUpdateNotify(const nsString& aType, -- const nsString& aStorageName, -- const nsString& aFilePath, -- const nsCString& aReason) override; -- - virtual bool RecvAddGeolocationListener(const IPC::Principal& aPrincipal, - const bool& aHighAccuracy) override; - virtual bool RecvRemoveGeolocationListener() override; - - virtual bool RecvSetGeolocationHigherAccuracy(const bool& aEnable) override; - - virtual bool RecvConsoleMessage(const nsString& aMessage) override; - -@@ -1047,21 +1036,16 @@ private: - const uint32_t& aDropEffect) override; - - virtual bool RecvProfile(const nsCString& aProfile) override; - - virtual bool RecvGetGraphicsDeviceInitData(ContentDeviceData* aOut) override; - - void StartProfiler(nsIProfilerStartParams* aParams); - -- virtual bool RecvGetDeviceStorageLocation(const nsString& aType, -- nsString* aPath) override; -- -- virtual bool RecvGetDeviceStorageLocations(DeviceStorageLocationInfo* info) override; -- - virtual bool RecvGetAndroidSystemInfo(AndroidSystemInfo* aInfo) override; - - virtual bool RecvNotifyBenchmarkResult(const nsString& aCodecName, - const uint32_t& aDecodeFPS) override; - - virtual bool RecvNotifyPushObservers(const nsCString& aScope, - const IPC::Principal& aPrincipal, - const nsString& aMessageId) override; -diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl ---- a/dom/ipc/PContent.ipdl -+++ b/dom/ipc/PContent.ipdl -@@ -10,17 +10,16 @@ include protocol PBrowser; - include protocol PCompositorBridge; - include protocol PContentBridge; - include protocol PContentPermissionRequest; - include protocol PCycleCollectWithLogs; - include protocol PCrashReporter; - include protocol PPSMContentDownloader; - include protocol PExternalHelperApp; - include protocol PHandlerService; --include protocol PDeviceStorageRequest; - include protocol PFileDescriptorSet; - include protocol PHal; - include protocol PHeapSnapshotTempFileHelper; - include protocol PProcessHangMonitor; - include protocol PImageBridge; - include protocol PMedia; - include protocol PMemoryReportRequest; - include protocol PNecko; -@@ -111,130 +110,16 @@ struct FontListEntry { - nsCString filepath; - uint16_t weight; - int16_t stretch; - uint8_t italic; - uint8_t index; - bool isHidden; - }; - --struct DeviceStorageFreeSpaceParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageUsedSpaceParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageAvailableParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageStatusParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageFormatParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageMountParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageUnmountParams --{ -- nsString type; -- nsString storageName; --}; -- --struct DeviceStorageAddParams --{ -- nsString type; -- nsString storageName; -- nsString relpath; -- PBlob blob; --}; -- --struct DeviceStorageAppendParams --{ -- nsString type; -- nsString storageName; -- nsString relpath; -- PBlob blob; --}; -- --struct DeviceStorageCreateFdParams --{ -- nsString type; -- nsString storageName; -- nsString relpath; --}; -- --struct DeviceStorageGetParams --{ -- nsString type; -- nsString storageName; -- nsString rootDir; -- nsString relpath; --}; -- --struct DeviceStorageDeleteParams --{ -- nsString type; -- nsString storageName; -- nsString relpath; --}; -- --struct DeviceStorageEnumerationParams --{ -- nsString type; -- nsString storageName; -- nsString rootdir; -- uint64_t since; --}; -- --union DeviceStorageParams --{ -- DeviceStorageAddParams; -- DeviceStorageAppendParams; -- DeviceStorageCreateFdParams; -- DeviceStorageGetParams; -- DeviceStorageDeleteParams; -- DeviceStorageEnumerationParams; -- DeviceStorageFreeSpaceParams; -- DeviceStorageUsedSpaceParams; -- DeviceStorageAvailableParams; -- DeviceStorageStatusParams; -- DeviceStorageFormatParams; -- DeviceStorageMountParams; -- DeviceStorageUnmountParams; --}; -- --struct DeviceStorageLocationInfo { -- nsString music; -- nsString pictures; -- nsString videos; -- nsString sdcard; -- nsString apps; -- nsString crashes; --}; -- - union PrefValue { - nsCString; - int32_t; - bool; - }; - - union MaybePrefValue { - PrefValue; -@@ -355,17 +240,16 @@ nested(upto inside_cpow) sync protocol P - parent opens PGMPService; - child opens PBackground; - - manages PBlob; - manages PBrowser; - manages PContentPermissionRequest; - manages PCrashReporter; - manages PCycleCollectWithLogs; -- manages PDeviceStorageRequest; - manages PPSMContentDownloader; - manages PExternalHelperApp; - manages PFileDescriptorSet; - manages PHal; - manages PHandlerService; - manages PHeapSnapshotTempFileHelper; - manages PMedia; - manages PMemoryReportRequest; -@@ -538,19 +422,16 @@ child: - /** - * Send BlobURLRegistrationData to child process. - */ - async InitBlobURLs(BlobURLRegistrationData[] registrations); - - // Notify child that last-pb-context-exited notification was observed - async LastPrivateDocShellDestroyed(); - -- async FilePathUpdate(nsString storageType, nsString storageName, nsString filepath, -- nsCString reasons); -- - // Note: Any changes to this structure should also be changed in - // VolumeInfo above. - async FileSystemUpdate(nsString fsName, nsString mountPoint, int32_t fsState, - int32_t mountGeneration, bool isMediaPresent, - bool isSharing, bool isFormatting, bool isFake, - bool isUnmounting, bool isRemovable, bool isHotSwappable); - - // Notify volume is removed. -@@ -738,17 +619,16 @@ parent: - * process. |newPluginEpoch| is the current epoch in the chrome process. If - * |pluginEpoch == newPluginEpoch|, then |plugins| will be left empty. - */ - sync FindPlugins(uint32_t pluginEpoch) returns (nsresult aResult, PluginTag[] plugins, uint32_t newPluginEpoch); - - async PJavaScript(); - - async PRemoteSpellcheckEngine(); -- async PDeviceStorageRequest(DeviceStorageParams params); - - sync PCrashReporter(NativeThreadId tid, uint32_t processType); - - /** - * Is this token compatible with the provided version? - * - * |version| The offered version to test - * Returns |True| if the offered version is compatible -@@ -921,21 +801,16 @@ parent: - async FirstIdle(); - - async AudioChannelServiceStatus(bool aActiveTelephonyChannel, - bool aContentOrNormalChannel, - bool aAnyActiveChannel); - - async AudioChannelChangeDefVolChannel(int32_t aChannel, bool aHidden); - -- async FilePathUpdateNotify(nsString aType, -- nsString aStorageName, -- nsString aFilepath, -- nsCString aReason); -- - // called by the child (test code only) to propagate volume changes to the parent - async CreateFakeVolume(nsString fsName, nsString mountPoint); - async SetFakeVolumeState(nsString fsName, int32_t fsState); - async RemoveFakeVolume(nsString fsName); - - sync KeywordToURI(nsCString keyword) - returns (nsString providerName, OptionalInputStreamParams postData, OptionalURIParams uri); - -@@ -1108,22 +983,16 @@ parent: - float aFullZoom) - returns (nsresult rv, - bool windowOpened, - FrameScriptInfo[] frameScripts, - nsCString urlToLoad, - TextureFactoryIdentifier textureFactoryIdentifier, - uint64_t layersId); - -- sync GetDeviceStorageLocation(nsString type) -- returns (nsString path); -- -- sync GetDeviceStorageLocations() -- returns (DeviceStorageLocationInfo info); -- - sync GetAndroidSystemInfo() - returns (AndroidSystemInfo info); - - /** - * Tells the parent to ungrab the pointer on the default display. - * - * This is for GTK platforms where we have to ensure the pointer ungrab happens in the - * chrome process as that's the process that receives the pointer event. -diff --git a/dom/ipc/moz.build b/dom/ipc/moz.build ---- a/dom/ipc/moz.build -+++ b/dom/ipc/moz.build -@@ -120,17 +120,16 @@ if CONFIG['MOZ_CONTENT_SANDBOX'] and CON - 'mozsandbox', - ] - - LOCAL_INCLUDES += [ - '/caps', - '/chrome', - '/docshell/base', - '/dom/base', -- '/dom/devicestorage', - '/dom/events', - '/dom/filesystem', - '/dom/geolocation', - '/dom/media/webspeech/synth/ipc', - '/dom/security', - '/dom/storage', - '/dom/workers', - '/embedding/components/printingui/ipc', -diff --git a/dom/moz.build b/dom/moz.build ---- a/dom/moz.build -+++ b/dom/moz.build -@@ -42,17 +42,16 @@ DIRS += [ - 'base', - 'archivereader', - 'bindings', - 'battery', - 'browser-element', - 'cache', - 'canvas', - 'crypto', -- 'devicestorage', - 'encoding', - 'events', - 'fetch', - 'filehandle', - 'filesystem', - 'flyweb', - 'gamepad', - 'geolocation', -diff --git a/dom/webidl/DeviceStorage.webidl b/dom/webidl/DeviceStorage.webidl -deleted file mode 100644 ---- a/dom/webidl/DeviceStorage.webidl -+++ /dev/null -@@ -1,95 +0,0 @@ --/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ --/* This Source Code Form is subject to the terms of the Mozilla Public -- * License, v. 2.0. If a copy of the MPL was not distributed with this -- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -- --dictionary DeviceStorageEnumerationParameters { -- Date since; --}; -- --[Pref="device.storage.enabled"] --interface DeviceStorage : EventTarget { -- attribute EventHandler onchange; -- -- [Throws] -- DOMRequest? add(Blob? aBlob); -- [Throws] -- DOMRequest? addNamed(Blob? aBlob, DOMString aName); -- -- /** -- * Append data to a given file. -- * If the file doesn't exist, a "NotFoundError" event will be dispatched. -- * In the same time, it is a request.onerror case. -- * If the file exists, it will be opened with the following permission: -- * "PR_WRONLY|PR_CREATE_FILE|PR_APPEND". -- * The function will return null when blob file is null and other unexpected situations. -- * @parameter aBlob: A Blob object representing the data to append -- * @parameter aName: A string representing the full name (path + file name) of the file -- * to append data to. -- */ -- [Throws] -- DOMRequest? appendNamed(Blob? aBlob, DOMString aName); -- -- [Throws] -- DOMRequest get(DOMString aName); -- [Throws] -- DOMRequest getEditable(DOMString aName); -- [Throws] -- DOMRequest delete(DOMString aName); -- -- [Throws] -- DOMCursor enumerate(optional DeviceStorageEnumerationParameters options); -- [Throws] -- DOMCursor enumerate(DOMString path, -- optional DeviceStorageEnumerationParameters options); -- [Throws] -- DOMCursor enumerateEditable(optional DeviceStorageEnumerationParameters options); -- [Throws] -- DOMCursor enumerateEditable(DOMString path, -- optional DeviceStorageEnumerationParameters options); -- -- [Throws] -- DOMRequest freeSpace(); -- [Throws] -- DOMRequest usedSpace(); -- [Throws] -- DOMRequest available(); -- [Throws] -- DOMRequest storageStatus(); -- [Throws] -- DOMRequest format(); -- [Throws] -- DOMRequest mount(); -- [Throws] -- DOMRequest unmount(); -- -- // Note that the storageName is just a name (like sdcard), and doesn't -- // include any path information. -- readonly attribute DOMString storageName; -- -- // Indicates if the storage area denoted by storageName is capable of -- // being mounted and unmounted. -- readonly attribute boolean canBeMounted; -- -- // Indicates if the storage area denoted by storageName is capable of -- // being shared and unshared. -- readonly attribute boolean canBeShared; -- -- // Indicates if the storage area denoted by storageName is capable of -- // being formatted. -- readonly attribute boolean canBeFormatted; -- -- // Determines if this storage area is the one which will be used by default -- // for storing new files. -- readonly attribute boolean default; -- -- // Indicates if the storage area denoted by storageName is removable -- readonly attribute boolean isRemovable; -- -- // True if the storage area is close to being full -- readonly attribute boolean lowDiskSpace; -- -- [NewObject] -- // XXXbz what type does this really return? -- Promise getRoot(); --}; -diff --git a/dom/webidl/moz.build b/dom/webidl/moz.build ---- a/dom/webidl/moz.build -+++ b/dom/webidl/moz.build -@@ -104,17 +104,16 @@ WEBIDL_FILES = [ - 'DataTransfer.webidl', - 'DataTransferItem.webidl', - 'DataTransferItemList.webidl', - 'DecoderDoctorNotification.webidl', - 'DedicatedWorkerGlobalScope.webidl', - 'DelayNode.webidl', - 'DesktopNotification.webidl', - 'DeviceMotionEvent.webidl', -- 'DeviceStorage.webidl', - 'Directory.webidl', - 'Document.webidl', - 'DocumentFragment.webidl', - 'DocumentTimeline.webidl', - 'DocumentType.webidl', - 'DOMCursor.webidl', - 'DOMError.webidl', - 'DOMException.webidl', -diff --git a/layout/build/nsLayoutStatics.cpp b/layout/build/nsLayoutStatics.cpp ---- a/layout/build/nsLayoutStatics.cpp -+++ b/layout/build/nsLayoutStatics.cpp -@@ -122,17 +122,16 @@ using namespace mozilla::system; - #include "mozilla/dom/CustomElementRegistry.h" - #include "mozilla/dom/time/DateCacheCleaner.h" - #include "mozilla/EventDispatcher.h" - #include "mozilla/IMEStateManager.h" - #include "mozilla/dom/HTMLVideoElement.h" - #include "TouchManager.h" - #include "MediaDecoder.h" - #include "MediaPrefs.h" --#include "mozilla/dom/devicestorage/DeviceStorageStatics.h" - #include "mozilla/ServoBindings.h" - #include "mozilla/StaticPresData.h" - #include "mozilla/dom/WebIDLGlobalNameHash.h" - - using namespace mozilla; - using namespace mozilla::net; - using namespace mozilla::dom; - using namespace mozilla::dom::ipc; -@@ -303,18 +302,16 @@ nsLayoutStatics::Initialize() - nsStyleContext::Initialize(); - mozilla::LayerAnimationInfo::Initialize(); - #endif - - MediaDecoder::InitStatics(); - - PromiseDebugging::Init(); - -- mozilla::dom::devicestorage::DeviceStorageStatics::Initialize(); -- - mozilla::dom::WebCryptoThreadPool::Initialize(); - - // NB: We initialize servo in nsAppRunner.cpp, because we need to do it after - // creating the hidden DOM window to support some current stylo hacks. We - // should move initialization back here once those go away. - - #ifndef MOZ_WIDGET_ANDROID - // On Android, we instantiate it when constructing AndroidBridge. -diff --git a/mobile/android/components/ContentPermissionPrompt.js b/mobile/android/components/ContentPermissionPrompt.js ---- a/mobile/android/components/ContentPermissionPrompt.js -+++ b/mobile/android/components/ContentPermissionPrompt.js -@@ -8,20 +8,16 @@ const Cu = Components.utils; - const Cc = Components.classes; - - Cu.import("resource://gre/modules/XPCOMUtils.jsm"); - Cu.import("resource://gre/modules/Services.jsm"); - - const kEntities = { - "contacts": "contacts", - "desktop-notification": "desktopNotification2", -- "device-storage:music": "deviceStorageMusic", -- "device-storage:pictures": "deviceStoragePictures", -- "device-storage:sdcard": "deviceStorageSdcard", -- "device-storage:videos": "deviceStorageVideos", - "geolocation": "geolocation", - "flyweb-publish-server": "flyWebPublishServer", - }; - - // For these types, prompt for permission if action is unknown. - const PROMPT_FOR_UNKNOWN = [ - "desktop-notification", - "geolocation", -diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java ---- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java -+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java -@@ -2198,54 +2198,16 @@ public class GeckoAppShell - return null; - } - - @WrapForJNI - private static String connectionGetMimeType(URLConnection connection) { - return connection.getContentType(); - } - -- /** -- * Retrieve the absolute path of an external storage directory. -- * -- * @param type The type of directory to return -- * @return Absolute path of the specified directory or null on failure -- */ -- @WrapForJNI(calledFrom = "gecko") -- private static String getExternalPublicDirectory(final String type) { -- final String state = Environment.getExternalStorageState(); -- if (!Environment.MEDIA_MOUNTED.equals(state) && -- !Environment.MEDIA_MOUNTED_READ_ONLY.equals(state)) { -- // External storage is not available. -- return null; -- } -- -- if ("sdcard".equals(type)) { -- // SD card has a separate path. -- return Environment.getExternalStorageDirectory().getAbsolutePath(); -- } -- -- final String systemType; -- if ("downloads".equals(type)) { -- systemType = Environment.DIRECTORY_DOWNLOADS; -- } else if ("pictures".equals(type)) { -- systemType = Environment.DIRECTORY_PICTURES; -- } else if ("videos".equals(type)) { -- systemType = Environment.DIRECTORY_MOVIES; -- } else if ("music".equals(type)) { -- systemType = Environment.DIRECTORY_MUSIC; -- } else if ("apps".equals(type)) { -- File appInternalStorageDirectory = getApplicationContext().getFilesDir(); -- return new File(appInternalStorageDirectory, "mozilla").getAbsolutePath(); -- } else { -- return null; -- } -- return Environment.getExternalStoragePublicDirectory(systemType).getAbsolutePath(); -- } -- - @WrapForJNI(calledFrom = "gecko") - private static int getMaxTouchPoints() { - PackageManager pm = getApplicationContext().getPackageManager(); - if (pm.hasSystemFeature(PackageManager.FEATURE_TOUCHSCREEN_MULTITOUCH_JAZZHAND)) { - // at least, 5+ fingers. - return 5; - } else if (pm.hasSystemFeature(PackageManager.FEATURE_TOUCHSCREEN_MULTITOUCH_DISTINCT)) { - // at least, 2+ fingers. -diff --git a/netwerk/test/mochitests/signed_web_packaged_app.sjs b/netwerk/test/mochitests/signed_web_packaged_app.sjs ---- a/netwerk/test/mochitests/signed_web_packaged_app.sjs -+++ b/netwerk/test/mochitests/signed_web_packaged_app.sjs -@@ -35,19 +35,16 @@ Content-Type: application/x-web-app-mani - "src": "scripts/library.js", - "integrity": "TN2ByXZiaBiBCvS4MeZ02UyNi44vED+KjdjLInUl4o8=" - } - ], - "moz-permissions": [ - { - "systemXHR": { - "description": "Needed to download stuff" -- }, -- "devicestorage:pictures": { -- "description": "Need to load pictures" - } - } - ], - "package-identifier": "09bc9714-7ab6-4320-9d20-fde4c237522c", - "description": "A great app!" - }\r - --NKWXJUAFXB\r - Content-Location: page2.html\r -diff --git a/toolkit/components/jsdownloads/src/DownloadIntegration.jsm b/toolkit/components/jsdownloads/src/DownloadIntegration.jsm ---- a/toolkit/components/jsdownloads/src/DownloadIntegration.jsm -+++ b/toolkit/components/jsdownloads/src/DownloadIntegration.jsm -@@ -268,53 +268,16 @@ this.DownloadIntegration = { - // Add the view used for detecting changes to downloads to be persisted. - // We must do this after the list of persistent downloads has been loaded, - // even if the load operation failed. We wait for a complete initialization - // so other callers cannot modify the list without being detected. The - // DownloadAutoSaveView is kept alive by the underlying DownloadList. - yield new DownloadAutoSaveView(list, this._store).initialize(); - }), - --#ifdef MOZ_WIDGET_GONK -- /** -- * Finds the default download directory which can be either in the -- * internal storage or on the sdcard. -- * -- * @return {Promise} -- * @resolves The downloads directory string path. -- */ -- _getDefaultDownloadDirectory: Task.async(function* () { -- let directoryPath; -- let win = Services.wm.getMostRecentWindow("navigator:browser"); -- let storages = win.navigator.getDeviceStorages("sdcard"); -- let preferredStorageName; -- // Use the first one or the default storage. -- storages.forEach((aStorage) => { -- if (aStorage.default || !preferredStorageName) { -- preferredStorageName = aStorage.storageName; -- } -- }); -- -- // Now get the path for this storage area. -- if (preferredStorageName) { -- let volume = volumeService.getVolumeByName(preferredStorageName); -- if (volume && volume.state === Ci.nsIVolume.STATE_MOUNTED){ -- directoryPath = OS.Path.join(volume.mountPoint, "downloads"); -- yield OS.File.makeDir(directoryPath, { ignoreExisting: true }); -- } -- } -- if (directoryPath) { -- return directoryPath; -- } else { -- throw new Components.Exception("No suitable storage for downloads.", -- Cr.NS_ERROR_FILE_UNRECOGNIZED_PATH); -- } -- }), --#endif -- - /** - * Determines if a Download object from the list of persistent downloads - * should be saved into a file, so that it can be restored across sessions. - * - * This function allows filtering out downloads that the host application is - * not interested in persisting across sessions, for example downloads that - * finished successfully. - * -@@ -377,18 +340,16 @@ this.DownloadIntegration = { - #ifdef MOZ_WIDGET_ANDROID - // Android doesn't have a $HOME directory, and by default we only have - // write access to /data/data/org.mozilla.{$APP} and /sdcard - directoryPath = gEnvironment.get("DOWNLOADS_DIRECTORY"); - if (!directoryPath) { - throw new Components.Exception("DOWNLOADS_DIRECTORY is not set.", - Cr.NS_ERROR_FILE_UNRECOGNIZED_PATH); - } --#elifdef MOZ_WIDGET_GONK -- directoryPath = this._getDefaultDownloadDirectory(); - #else - // For Linux, use XDG download dir, with a fallback to Home/Downloads - // if the XDG user dirs are disabled. - try { - directoryPath = this._getDirectory("DfltDwnld"); - } catch(e) { - directoryPath = yield this._createDownloadsDirectory("Home"); - } -@@ -405,19 +366,16 @@ this.DownloadIntegration = { - /** - * Returns the user downloads directory asynchronously. - * - * @return {Promise} - * @resolves The downloads directory string path. - */ - getPreferredDownloadsDirectory: Task.async(function* () { - let directoryPath = null; --#ifdef MOZ_WIDGET_GONK -- directoryPath = this._getDefaultDownloadDirectory(); --#else - let prefValue = 1; - - try { - prefValue = Services.prefs.getIntPref("browser.download.folderList"); - } catch(e) {} - - switch(prefValue) { - case 0: // Desktop -@@ -435,17 +393,16 @@ this.DownloadIntegration = { - } catch(ex) { - // Either the preference isn't set or the directory cannot be created. - directoryPath = yield this.getSystemDownloadsDirectory(); - } - break; - default: - directoryPath = yield this.getSystemDownloadsDirectory(); - } --#endif - return directoryPath; - }), - - /** - * Returns the temporary downloads directory asynchronously. - * - * @return {Promise} - * @resolves The downloads directory string path. -diff --git a/toolkit/components/jsdownloads/src/DownloadPlatform.cpp b/toolkit/components/jsdownloads/src/DownloadPlatform.cpp ---- a/toolkit/components/jsdownloads/src/DownloadPlatform.cpp -+++ b/toolkit/components/jsdownloads/src/DownloadPlatform.cpp -@@ -185,28 +185,16 @@ nsresult DownloadPlatform::DownloadDone( - if (sourceCFURL) { - ::CFRelease(sourceCFURL); - } - if (referrerCFURL) { - ::CFRelease(referrerCFURL); - } - } - #endif -- if (mozilla::Preferences::GetBool("device.storage.enabled", true)) { -- // Tell DeviceStorage that a new file may have been added. -- nsCOMPtr obs = mozilla::services::GetObserverService(); -- nsCOMPtr pathString -- = do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID); -- if (obs && pathString) { -- if (NS_SUCCEEDED(pathString->SetData(path))) { -- (void)obs->NotifyObservers(pathString, "download-watcher-notify", -- u"modified"); -- } -- } -- } - } - - #endif - - return NS_OK; - } - - nsresult DownloadPlatform::MapUrlToZone(const nsAString& aURL, -diff --git a/toolkit/components/jsdownloads/test/unit/common_test_Download.js b/toolkit/components/jsdownloads/test/unit/common_test_Download.js ---- a/toolkit/components/jsdownloads/test/unit/common_test_Download.js -+++ b/toolkit/components/jsdownloads/test/unit/common_test_Download.js -@@ -2315,103 +2315,16 @@ add_task(function* test_toSerializable_s - let download2 = yield Downloads.createDownload(reserialized); - - do_check_eq(download1.startTime.constructor.name, "Date"); - do_check_eq(download2.startTime.constructor.name, "Date"); - do_check_eq(download1.startTime.toJSON(), download2.startTime.toJSON()); - }); - - /** -- * This test will call the platform specific operations within -- * DownloadPlatform::DownloadDone. While there is no test to verify the -- * specific behaviours, this at least ensures that there is no error or crash. -- */ --add_task(function* test_platform_integration() --{ -- let downloadFiles = []; -- let oldDeviceStorageEnabled = false; -- try { -- oldDeviceStorageEnabled = Services.prefs.getBoolPref("device.storage.enabled"); -- } catch (e) { -- // This happens if the pref doesn't exist. -- } -- let downloadWatcherNotified = false; -- let observer = { -- observe: function(subject, topic, data) { -- do_check_eq(topic, "download-watcher-notify"); -- do_check_eq(data, "modified"); -- downloadWatcherNotified = true; -- } -- } -- Services.obs.addObserver(observer, "download-watcher-notify", false); -- Services.prefs.setBoolPref("device.storage.enabled", true); -- let downloadDoneCalled = false; -- let monitorFn = base => ({ -- __proto__: base, -- downloadDone() { -- return super.downloadDone(...arguments).then(() => { -- downloadDoneCalled = true; -- }); -- }, -- }); -- Integration.downloads.register(monitorFn); -- DownloadIntegration.allowDirectories = true; -- function cleanup() { -- for (let file of downloadFiles) { -- file.remove(true); -- } -- Services.obs.removeObserver(observer, "download-watcher-notify"); -- Services.prefs.setBoolPref("device.storage.enabled", oldDeviceStorageEnabled); -- Integration.downloads.unregister(monitorFn); -- DownloadIntegration.allowDirectories = false; -- } -- -- for (let isPrivate of [false, true]) { -- downloadDoneCalled = false; -- -- // Some platform specific operations only operate on files outside the -- // temporary directory or in the Downloads directory (such as setting -- // the Windows searchable attribute, and the Mac Downloads icon bouncing), -- // so use the system Downloads directory for the target file. -- let targetFilePath = yield DownloadIntegration.getSystemDownloadsDirectory(); -- targetFilePath = OS.Path.join(targetFilePath, -- "test" + (Math.floor(Math.random() * 1000000))); -- let targetFile = new FileUtils.File(targetFilePath); -- downloadFiles.push(targetFile); -- -- let download; -- if (gUseLegacySaver) { -- download = yield promiseStartLegacyDownload(httpUrl("source.txt"), -- { isPrivate, targetFile }); -- } -- else { -- download = yield Downloads.createDownload({ -- source: { url: httpUrl("source.txt"), isPrivate }, -- target: targetFile, -- }); -- download.start().catch(() => {}); -- } -- -- // Wait for the whenSucceeded promise to be resolved first. -- // downloadDone should be called before the whenSucceeded promise is resolved. -- yield download.whenSucceeded().then(function () { -- do_check_true(downloadDoneCalled); -- do_check_true(downloadWatcherNotified); -- }); -- -- // Then, wait for the promise returned by "start" to be resolved. -- yield promiseDownloadStopped(download); -- -- yield promiseVerifyTarget(download.target, TEST_DATA_SHORT); -- } -- -- cleanup(); --}); -- --/** - * Checks that downloads are added to browsing history when they start. - */ - add_task(function* test_history() - { - mustInterruptResponses(); - - // We will wait for the visit to be notified during the download. - yield PlacesTestUtils.clearHistory(); -diff --git a/toolkit/content/devicestorage.properties b/toolkit/content/devicestorage.properties -deleted file mode 100644 ---- a/toolkit/content/devicestorage.properties -+++ /dev/null -@@ -1,4 +0,0 @@ --# Extensions we recognize for DeviceStorage storage areas --pictures=*.jpe; *.jpg; *.jpeg; *.gif; *.png; *.bmp; --music=*.mp3; *.oga; *.ogg; *.m4a; *.m4b; *.m4p; *.m4r; *.3gp; *.3gpp; *.mp4; *.m3u; *.pls; *.opus; *.amr; *.wav; *.lcka; *.mka; *.flac; --videos=*.mp4; *.mpeg; *.mpg; *.ogv; *.ogx; *.webm; *.3gp; *.3gpp; *.3g2; *.ogg; *.m4v; *.ts; *.m2ts; *.avi; *.divx; *.mkv; -diff --git a/toolkit/content/jar.mn b/toolkit/content/jar.mn ---- a/toolkit/content/jar.mn -+++ b/toolkit/content/jar.mn -@@ -40,17 +40,16 @@ toolkit.jar: - content/global/browser-content.js - * content/global/buildconfig.html - content/global/contentAreaUtils.js - #ifndef MOZ_ICECATMOBILE - content/global/customizeToolbar.css - content/global/customizeToolbar.js - content/global/customizeToolbar.xul - #endif -- content/global/devicestorage.properties - #ifndef MOZ_ICECATMOBILE - content/global/editMenuOverlay.js - * content/global/editMenuOverlay.xul - content/global/finddialog.js - * content/global/finddialog.xul - content/global/findUtils.js - #endif - content/global/filepicker.properties -@@ -113,9 +112,9 @@ toolkit.jar: - content/global/bindings/videocontrols.css (widgets/videocontrols.css) - * content/global/bindings/wizard.xml (widgets/wizard.xml) - #ifdef XP_MACOSX - content/global/macWindowMenu.js - #endif - content/global/svg/svgBindings.xml (/layout/svg/resources/content/svgBindings.xml) - content/global/gmp-sources/eme-adobe.json (gmp-sources/eme-adobe.json) - content/global/gmp-sources/openh264.json (gmp-sources/openh264.json) -- content/global/gmp-sources/widevinecdm.json (gmp-sources/widevinecdm.json) -\ No newline at end of file -+ content/global/gmp-sources/widevinecdm.json (gmp-sources/widevinecdm.json) -diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp ---- a/uriloader/exthandler/nsExternalHelperAppService.cpp -+++ b/uriloader/exthandler/nsExternalHelperAppService.cpp -@@ -101,20 +101,16 @@ - - #ifdef MOZ_WIDGET_ANDROID - #include "IceCatMobileJNIWrappers.h" - #endif - - #include "mozilla/Preferences.h" - #include "mozilla/ipc/URIUtils.h" - --#ifdef MOZ_WIDGET_GONK --#include "nsDeviceStorage.h" --#endif -- - using namespace mozilla; - using namespace mozilla::ipc; - - // Download Folder location constants - #define NS_PREF_DOWNLOAD_DIR "browser.download.dir" - #define NS_PREF_DOWNLOAD_FOLDERLIST "browser.download.folderList" - enum { - NS_FOLDER_VALUE_DESKTOP = 0 -@@ -321,65 +317,16 @@ static nsresult GetDownloadDirectory(nsI - } - - if (!dir) { - // If not, we default to the OS X default download location. - nsresult rv = NS_GetSpecialDirectory(NS_OSX_DEFAULT_DOWNLOAD_DIR, - getter_AddRefs(dir)); - NS_ENSURE_SUCCESS(rv, rv); - } --#elif defined(MOZ_WIDGET_GONK) -- // On Gonk, store the files on the sdcard in the downloads directory. -- // We need to check with the volume manager which storage point is -- // available. -- -- // Pick the default storage in case multiple (internal and external) ones -- // are available. -- nsString storageName; -- nsDOMDeviceStorage::GetDefaultStorageName(NS_LITERAL_STRING("sdcard"), -- storageName); -- -- RefPtr dsf( -- new DeviceStorageFile(NS_LITERAL_STRING("sdcard"), -- storageName, -- NS_LITERAL_STRING("downloads"))); -- NS_ENSURE_TRUE(dsf->mFile, NS_ERROR_FILE_ACCESS_DENIED); -- -- // If we're not checking for availability we're done. -- if (aSkipChecks) { -- dsf->mFile.forget(_directory); -- return NS_OK; -- } -- -- // Check device storage status before continuing. -- nsString storageStatus; -- dsf->GetStatus(storageStatus); -- -- // If we get an "unavailable" status, it means the sd card is not present. -- // We'll also catch internal errors by looking for an empty string and assume -- // the SD card isn't present when this occurs. -- if (storageStatus.EqualsLiteral("unavailable") || -- storageStatus.IsEmpty()) { -- return NS_ERROR_FILE_NOT_FOUND; -- } -- -- // If we get a status other than 'available' here it means the card is busy -- // because it's mounted via USB or it is being formatted. -- if (!storageStatus.EqualsLiteral("available")) { -- return NS_ERROR_FILE_ACCESS_DENIED; -- } -- -- bool alreadyThere; -- nsresult rv = dsf->mFile->Exists(&alreadyThere); -- NS_ENSURE_SUCCESS(rv, rv); -- if (!alreadyThere) { -- rv = dsf->mFile->Create(nsIFile::DIRECTORY_TYPE, 0770); -- NS_ENSURE_SUCCESS(rv, rv); -- } -- dir = dsf->mFile; - #elif defined(ANDROID) - // We ask Java for the temporary download directory. The directory will be - // different depending on whether we have the permission to write to the - // public download directory or not. - // In the case where we do not have the permission we will start the - // download to the app cache directory and later move it to the final - // destination after prompting for the permission. - jni::String::LocalRef downloadDir; -diff --git a/widget/android/AndroidBridge.cpp b/widget/android/AndroidBridge.cpp ---- a/widget/android/AndroidBridge.cpp -+++ b/widget/android/AndroidBridge.cpp -@@ -1119,42 +1119,8 @@ nsresult AndroidBridge::InputStreamRead( - - if (read <= 0) { - *aRead = 0; - return NS_OK; - } - *aRead = read; - return NS_OK; - } -- --nsresult AndroidBridge::GetExternalPublicDirectory(const nsAString& aType, nsAString& aPath) { -- if (XRE_IsContentProcess()) { -- nsString key(aType); -- nsAutoString path; -- if (AndroidBridge::sStoragePaths.Get(key, &path)) { -- aPath = path; -- return NS_OK; -- } -- -- // Lazily get the value from the parent. -- dom::ContentChild* child = dom::ContentChild::GetSingleton(); -- if (child) { -- nsAutoString type(aType); -- child->SendGetDeviceStorageLocation(type, &path); -- if (!path.IsEmpty()) { -- AndroidBridge::sStoragePaths.Put(key, path); -- aPath = path; -- return NS_OK; -- } -- } -- -- ALOG_BRIDGE("AndroidBridge::GetExternalPublicDirectory no cache for %s", -- NS_ConvertUTF16toUTF8(aType).get()); -- return NS_ERROR_NOT_AVAILABLE; -- } -- -- auto path = GeckoAppShell::GetExternalPublicDirectory(aType); -- if (!path) { -- return NS_ERROR_NOT_AVAILABLE; -- } -- aPath = path->ToString(); -- return NS_OK; --} -diff --git a/widget/android/AndroidBridge.h b/widget/android/AndroidBridge.h ---- a/widget/android/AndroidBridge.h -+++ b/widget/android/AndroidBridge.h -@@ -197,18 +197,16 @@ public: - static jmethodID GetStaticMethodID(JNIEnv* env, jclass jClass, const char* methodName, const char* methodType); - - static jni::Object::LocalRef ChannelCreate(jni::Object::Param); - - static void InputStreamClose(jni::Object::Param obj); - static uint32_t InputStreamAvailable(jni::Object::Param obj); - static nsresult InputStreamRead(jni::Object::Param obj, char *aBuf, uint32_t aCount, uint32_t *aRead); - -- static nsresult GetExternalPublicDirectory(const nsAString& aType, nsAString& aPath); -- - protected: - static nsDataHashtable sStoragePaths; - - static AndroidBridge* sBridge; - - AndroidBridge(); - ~AndroidBridge(); - -diff --git a/widget/android/GeneratedJNIWrappers.cpp b/widget/android/GeneratedJNIWrappers.cpp ---- a/widget/android/GeneratedJNIWrappers.cpp -+++ b/widget/android/GeneratedJNIWrappers.cpp -@@ -274,24 +274,16 @@ auto GeckoAppShell::GetExceptionStackTra - constexpr char GeckoAppShell::GetExtensionFromMimeType_t::name[]; - constexpr char GeckoAppShell::GetExtensionFromMimeType_t::signature[]; - - auto GeckoAppShell::GetExtensionFromMimeType(mozilla::jni::String::Param a0) -> mozilla::jni::String::LocalRef - { - return mozilla::jni::Method::Call(GeckoAppShell::Context(), nullptr, a0); - } - --constexpr char GeckoAppShell::GetExternalPublicDirectory_t::name[]; --constexpr char GeckoAppShell::GetExternalPublicDirectory_t::signature[]; -- --auto GeckoAppShell::GetExternalPublicDirectory(mozilla::jni::String::Param a0) -> mozilla::jni::String::LocalRef --{ -- return mozilla::jni::Method::Call(GeckoAppShell::Context(), nullptr, a0); --} -- - constexpr char GeckoAppShell::GetHWDecoderCapability_t::name[]; - constexpr char GeckoAppShell::GetHWDecoderCapability_t::signature[]; - - auto GeckoAppShell::GetHWDecoderCapability() -> bool - { - return mozilla::jni::Method::Call(GeckoAppShell::Context(), nullptr); - } - -diff --git a/widget/android/GeneratedJNIWrappers.h b/widget/android/GeneratedJNIWrappers.h ---- a/widget/android/GeneratedJNIWrappers.h -+++ b/widget/android/GeneratedJNIWrappers.h -@@ -724,36 +724,16 @@ public: - static const mozilla::jni::CallingThread callingThread = - mozilla::jni::CallingThread::GECKO; - static const mozilla::jni::DispatchTarget dispatchTarget = - mozilla::jni::DispatchTarget::CURRENT; - }; - - static auto GetExtensionFromMimeType(mozilla::jni::String::Param) -> mozilla::jni::String::LocalRef; - -- struct GetExternalPublicDirectory_t { -- typedef GeckoAppShell Owner; -- typedef mozilla::jni::String::LocalRef ReturnType; -- typedef mozilla::jni::String::Param SetterType; -- typedef mozilla::jni::Args< -- mozilla::jni::String::Param> Args; -- static constexpr char name[] = "getExternalPublicDirectory"; -- static constexpr char signature[] = -- "(Ljava/lang/String;)Ljava/lang/String;"; -- static const bool isStatic = true; -- static const mozilla::jni::ExceptionMode exceptionMode = -- mozilla::jni::ExceptionMode::ABORT; -- static const mozilla::jni::CallingThread callingThread = -- mozilla::jni::CallingThread::GECKO; -- static const mozilla::jni::DispatchTarget dispatchTarget = -- mozilla::jni::DispatchTarget::CURRENT; -- }; -- -- static auto GetExternalPublicDirectory(mozilla::jni::String::Param) -> mozilla::jni::String::LocalRef; -- - struct GetHWDecoderCapability_t { - typedef GeckoAppShell Owner; - typedef bool ReturnType; - typedef bool SetterType; - typedef mozilla::jni::Args<> Args; - static constexpr char name[] = "getHWDecoderCapability"; - static constexpr char signature[] = - "()Z"; -diff --git a/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp b/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp ---- a/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp -+++ b/xpcom/reflect/xptinfo/ShimInterfaceInfo.cpp -@@ -155,17 +155,16 @@ - #include "mozilla/dom/CSSValueBinding.h" - #include "mozilla/dom/CSSValueListBinding.h" - #include "mozilla/dom/CustomEventBinding.h" - #ifdef MOZ_WEBRTC - #include "mozilla/dom/DataChannelBinding.h" - #endif - #include "mozilla/dom/DataContainerEventBinding.h" - #include "mozilla/dom/DataTransferBinding.h" --#include "mozilla/dom/DeviceStorageBinding.h" - #include "mozilla/dom/DOMCursorBinding.h" - #include "mozilla/dom/DOMExceptionBinding.h" - #include "mozilla/dom/DOMParserBinding.h" - #include "mozilla/dom/DOMRequestBinding.h" - #include "mozilla/dom/DocumentBinding.h" - #include "mozilla/dom/DocumentFragmentBinding.h" - #include "mozilla/dom/DocumentTypeBinding.h" - #include "mozilla/dom/DocumentBinding.h" - -- cgit v1.2.3 From 484f7a886219ed6d7633c6ee71fc802d677d14ed Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Sat, 6 May 2017 10:45:57 -0400 Subject: gnu: libtiff: Add fixes several security flaws. Fixes CVE-2017-{7593, 7594, 7595, 7596, 7597, 7598, 7599, 7600, 7601, 7602}. * gnu/packages/patches/libtiff-CVE-2017-7593.patch, gnu/packages/patches/libtiff-CVE-2017-7594.patch, gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff)[replacement]: New field. (libtiff/fixed): New variable. --- gnu/local.mk | 3 + gnu/packages/image.scm | 16 +- gnu/packages/patches/libtiff-CVE-2017-7593.patch | 113 ++++++ gnu/packages/patches/libtiff-CVE-2017-7594.patch | 54 +++ .../patches/libtiff-multiple-UBSAN-crashes.patch | 449 +++++++++++++++++++++ 5 files changed, 634 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2017-7593.patch create mode 100644 gnu/packages/patches/libtiff-CVE-2017-7594.patch create mode 100644 gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c17fc18a13..ce7fb68416 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -738,6 +738,9 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-10093.patch \ %D%/packages/patches/libtiff-CVE-2016-10094.patch \ %D%/packages/patches/libtiff-CVE-2017-5225.patch \ + %D%/packages/patches/libtiff-CVE-2017-7593.patch \ + %D%/packages/patches/libtiff-CVE-2017-7594.patch \ + %D%/packages/patches/libtiff-multiple-UBSAN-crashes.patch \ %D%/packages/patches/libtiff-assertion-failure.patch \ %D%/packages/patches/libtiff-divide-by-zero-ojpeg.patch \ %D%/packages/patches/libtiff-divide-by-zero-tiffcp.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 2027395ca6..1a1108563d 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; Copyright © 2016 Eric Bavier ;;; Copyright © 2016 Arun Isaac -;;; Copyright © 2016 Kei Kebreau +;;; Copyright © 2016, 2017 Kei Kebreau ;;; Copyright © 2017 ng0 ;;; ;;; This file is part of GNU Guix. @@ -299,6 +299,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") + (replacement libtiff/fixed) (version "4.0.7") (source (origin (method url-fetch) @@ -347,6 +348,19 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.simplesystems.org/libtiff/"))) +(define libtiff/fixed + (package + (inherit libtiff) + (source + (origin + (inherit (package-source libtiff)) + (patches + (append + (origin-patches (package-source libtiff)) + (search-patches "libtiff-CVE-2017-7593.patch" + "libtiff-CVE-2017-7594.patch" + "libtiff-multiple-UBSAN-crashes.patch"))))))) + (define-public libwmf (package (name "libwmf") diff --git a/gnu/packages/patches/libtiff-CVE-2017-7593.patch b/gnu/packages/patches/libtiff-CVE-2017-7593.patch new file mode 100644 index 0000000000..496efb73b9 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2017-7593.patch @@ -0,0 +1,113 @@ +Fixes CVE-2017-7593 (Potential uninitialized-memory access from tif_rawdata): + +http://bugzilla.maptools.org/show_bug.cgi?id=2651 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593 +https://security-tracker.debian.org/tracker/CVE-2017-7593 + +2017-01-11 Even Rouault + + * libtiff/tiffio.h, tif_unix.c, tif_win32.c, tif_vms.c: add + _TIFFcalloc() + + * libtiff/tif_read.c: TIFFReadBufferSetup(): use _TIFFcalloc() to zero + initialize tif_rawdata. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651 + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1208; previous revision: 1.1207 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c +new revision: 1.53; previous revision: 1.52 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_unix.c,v <-- libtiff/tif_unix.c +new revision: 1.28; previous revision: 1.27 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_vms.c,v <-- libtiff/tif_vms.c +new revision: 1.14; previous revision: 1.13 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_win32.c,v <-- libtiff/tif_win32.c +new revision: 1.42; previous revision: 1.41 +/cvs/maptools/cvsroot/libtiff/libtiff/tiffio.h,v <-- libtiff/tiffio.h +new revision: 1.94; previous revision: 1.93 + +diff -ru tiff-4.0.7/libtiff/tiffio.h tiff-4.0.7.new/libtiff/tiffio.h +--- tiff-4.0.7/libtiff/tiffio.h 1969-12-31 19:00:00.000000000 -0500 ++++ tiff-4.0.7.new/libtiff/tiffio.h 2017-05-05 19:08:03.772999790 -0400 +@@ -1,4 +1,4 @@ +-/* $Id: tiffio.h,v 1.92 2016-01-23 21:20:34 erouault Exp $ */ ++/* $Id: tiffio.h,v 1.94 2017-01-11 19:02:49 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -293,6 +293,7 @@ + */ + + extern void* _TIFFmalloc(tmsize_t s); ++extern void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz); + extern void* _TIFFrealloc(void* p, tmsize_t s); + extern void _TIFFmemset(void* p, int v, tmsize_t c); + extern void _TIFFmemcpy(void* d, const void* s, tmsize_t c); +diff -ru tiff-4.0.7/libtiff/tif_read.c tiff-4.0.7.new/libtiff/tif_read.c +--- tiff-4.0.7/libtiff/tif_read.c 2017-05-05 19:04:09.740966642 -0400 ++++ tiff-4.0.7.new/libtiff/tif_read.c 2017-05-05 18:59:11.070709441 -0400 +@@ -1,4 +1,4 @@ +-/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */ ++/* $Id: tif_read.c,v 1.53 2017-01-11 19:02:49 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -976,7 +976,9 @@ + "Invalid buffer size"); + return (0); + } +- tif->tif_rawdata = (uint8*) _TIFFmalloc(tif->tif_rawdatasize); ++ /* Initialize to zero to avoid uninitialized buffers in case of */ ++ /* short reads (http://bugzilla.maptools.org/show_bug.cgi?id=2651) */ ++ tif->tif_rawdata = (uint8*) _TIFFcalloc(1, tif->tif_rawdatasize); + tif->tif_flags |= TIFF_MYBUFFER; + } + if (tif->tif_rawdata == NULL) { +diff -ru tiff-4.0.7/libtiff/tif_unix.c tiff-4.0.7.new/libtiff/tif_unix.c +--- tiff-4.0.7/libtiff/tif_unix.c 1969-12-31 19:00:00.000000000 -0500 ++++ tiff-4.0.7.new/libtiff/tif_unix.c 2017-05-05 19:10:48.302645187 -0400 +@@ -1,4 +1,4 @@ +-/* $Id: tif_unix.c,v 1.27 2015-08-19 02:31:04 bfriesen Exp $ */ ++/* $Id: tif_unix.c,v 1.28 2017-01-11 19:02:49 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -316,6 +316,14 @@ + return (malloc((size_t) s)); + } + ++void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz) ++{ ++ if( nmemb == 0 || siz == 0 ) ++ return ((void *) NULL); ++ ++ return calloc((size_t) nmemb, (size_t)siz); ++} ++ + void + _TIFFfree(void* p) + { +diff -ru tiff-4.0.7/libtiff/tif_win32.c tiff-4.0.7.new/libtiff/tif_win32.c +--- tiff-4.0.7/libtiff/tif_win32.c 1969-12-31 19:00:00.000000000 -0500 ++++ tiff-4.0.7.new/libtiff/tif_win32.c 2017-05-05 19:13:06.903399627 -0400 +@@ -1,4 +1,4 @@ +-/* $Id: tif_win32.c,v 1.41 2015-08-23 20:12:44 bfriesen Exp $ */ ++/* $Id: tif_win32.c,v 1.42 2017-01-11 19:02:49 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -360,6 +360,14 @@ + return (malloc((size_t) s)); + } + ++void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz) ++{ ++ if( nmemb == 0 || siz == 0 ) ++ return ((void *) NULL); ++ ++ return calloc((size_t) nmemb, (size_t)siz); ++} ++ + void + _TIFFfree(void* p) + { diff --git a/gnu/packages/patches/libtiff-CVE-2017-7594.patch b/gnu/packages/patches/libtiff-CVE-2017-7594.patch new file mode 100644 index 0000000000..d17997d447 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2017-7594.patch @@ -0,0 +1,54 @@ +Fixes CVE-2017-7594 (Direct leak in tif_ojpeg.c): + +http://bugzilla.maptools.org/show_bug.cgi?id=2659 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594 +https://security-tracker.debian.org/tracker/CVE-2017-7594 + +2017-01-12 Even Rouault + + * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable + when read fails. + Patch by Nicolás Peña. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659 + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1212; previous revision: 1.1211 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c +new revision: 1.67; previous revision: 1.66 + +Index: libtiff/libtiff/tif_ojpeg.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v +retrieving revision 1.67 +retrieving revision 1.68 +diff -u -r1.67 -r1.68 +--- libtiff/libtiff/tif_ojpeg.c 12 Jan 2017 17:43:26 -0000 1.67 ++++ libtiff/libtiff/tif_ojpeg.c 12 Jan 2017 19:23:20 -0000 1.68 +@@ -1,4 +1,4 @@ +-/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */ ++/* $Id: tif_ojpeg.c,v 1.68 2017-01-12 19:23:20 erouault Exp $ */ + + /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0 + specification is now totally obsolete and deprecated for new applications and +@@ -1790,7 +1790,10 @@ + TIFFSeekFile(tif,sp->qtable_offset[m],SEEK_SET); + p=(uint32)TIFFReadFile(tif,&ob[sizeof(uint32)+5],64); + if (p!=64) ++ { ++ _TIFFfree(ob); + return(0); ++ } + sp->qtable[m]=ob; + sp->sof_tq[m]=m; + } +@@ -1854,7 +1857,10 @@ + rb[sizeof(uint32)+5+n]=o[n]; + p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q); + if (p!=q) ++ { ++ _TIFFfree(rb); + return(0); ++ } + sp->dctable[m]=rb; + sp->sos_tda[m]=(m<<4); + } diff --git a/gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch b/gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch new file mode 100644 index 0000000000..2f4509f386 --- /dev/null +++ b/gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch @@ -0,0 +1,449 @@ +Fixes CVE-2017-{7595,7596,7597,7598,7599,7600,7601,7602}: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602 + +2017-01-11 Even Rouault + + * libtiff/tif_dir.c, tif_dirread.c, tif_dirwrite.c: implement various + clampings + of double to other data types to avoid undefined behaviour if the + output range + isn't big enough to hold the input value. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2643 + http://bugzilla.maptools.org/show_bug.cgi?id=2642 + http://bugzilla.maptools.org/show_bug.cgi?id=2646 + http://bugzilla.maptools.org/show_bug.cgi?id=2647 + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1204; previous revision: 1.1203 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c +new revision: 1.129; previous revision: 1.128 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c +new revision: 1.207; previous revision: 1.206 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v <-- libtiff/tif_dirwrite.c +new revision: 1.85; previous revision: 1.84 + +2017-01-11 Even Rouault + + * libtiff/tif_dirread.c: avoid division by floating point 0 in + TIFFReadDirEntryCheckedRational() and + TIFFReadDirEntryCheckedSrational(), + and return 0 in that case (instead of infinity as before presumably) + Apparently some sanitizers do not like those divisions by zero. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2644 + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1203; previous revision: 1.1202 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c +new revision: 1.206; previous revision: 1.205 + +2017-01-11 Even Rouault + + * libtiff/tif_jpeg.c: validate BitsPerSample in JPEGSetupEncode() to + avoid undefined behaviour caused by invalid shift exponent. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2648 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1205; previous revision: 1.1204 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_jpeg.c,v <-- libtiff/tif_jpeg.c +new revision: 1.126; previous revision: 1.125 + +2017-01-11 Even Rouault + + * libtiff/tif_read.c: avoid potential undefined behaviour on signed + integer addition in TIFFReadRawStrip1() in isMapped() case. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2650 + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1206; previous revision: 1.1205 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c +new revision: 1.51; previous revision: 1.50 + +Index: libtiff/libtiff/tif_dir.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v +retrieving revision 1.128 +retrieving revision 1.129 +diff -u -r1.128 -r1.129 +--- libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128 ++++ libtiff/libtiff/tif_dir.c 11 Jan 2017 16:09:02 -0000 1.129 +@@ -1,4 +1,4 @@ +-/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */ ++/* $Id: tif_dir.c,v 1.129 2017-01-11 16:09:02 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -31,6 +31,7 @@ + * (and also some miscellaneous stuff) + */ + #include "tiffiop.h" ++#include + + /* + * These are used in the backwards compatibility code... +@@ -154,6 +155,15 @@ + return (0); + } + ++static float TIFFClampDoubleToFloat( double val ) ++{ ++ if( val > FLT_MAX ) ++ return FLT_MAX; ++ if( val < -FLT_MAX ) ++ return -FLT_MAX; ++ return (float)val; ++} ++ + static int + _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) + { +@@ -312,13 +322,13 @@ + dblval = va_arg(ap, double); + if( dblval < 0 ) + goto badvaluedouble; +- td->td_xresolution = (float) dblval; ++ td->td_xresolution = TIFFClampDoubleToFloat( dblval ); + break; + case TIFFTAG_YRESOLUTION: + dblval = va_arg(ap, double); + if( dblval < 0 ) + goto badvaluedouble; +- td->td_yresolution = (float) dblval; ++ td->td_yresolution = TIFFClampDoubleToFloat( dblval ); + break; + case TIFFTAG_PLANARCONFIG: + v = (uint16) va_arg(ap, uint16_vap); +@@ -327,10 +337,10 @@ + td->td_planarconfig = (uint16) v; + break; + case TIFFTAG_XPOSITION: +- td->td_xposition = (float) va_arg(ap, double); ++ td->td_xposition = TIFFClampDoubleToFloat( va_arg(ap, double) ); + break; + case TIFFTAG_YPOSITION: +- td->td_yposition = (float) va_arg(ap, double); ++ td->td_yposition = TIFFClampDoubleToFloat( va_arg(ap, double) ); + break; + case TIFFTAG_RESOLUTIONUNIT: + v = (uint16) va_arg(ap, uint16_vap); +Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.206 +retrieving revision 1.207 +diff -u -r1.206 -r1.207 +--- libtiff/libtiff/tif_dirread.c 11 Jan 2017 13:28:01 -0000 1.206 ++++ libtiff/libtiff/tif_dirread.c 11 Jan 2017 16:09:02 -0000 1.207 +@@ -1,4 +1,4 @@ +-/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */ ++/* $Id: tif_dirread.c,v 1.207 2017-01-11 16:09:02 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -40,6 +40,7 @@ + */ + + #include "tiffiop.h" ++#include + + #define IGNORE 0 /* tag placeholder used below */ + #define FAILED_FII ((uint32) -1) +@@ -2406,7 +2407,14 @@ + ma=(double*)origdata; + mb=data; + for (n=0; n FLT_MAX ) ++ val = FLT_MAX; ++ else if( val < -FLT_MAX ) ++ val = -FLT_MAX; ++ *mb++=(float)val; ++ } + } + break; + } +Index: libtiff/libtiff/tif_dirwrite.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v +retrieving revision 1.84 +retrieving revision 1.85 +diff -u -r1.84 -r1.85 +--- libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 12:51:59 -0000 1.84 ++++ libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 16:09:02 -0000 1.85 +@@ -1,4 +1,4 @@ +-/* $Id: tif_dirwrite.c,v 1.83 2016-10-25 21:35:15 erouault Exp $ */ ++/* $Id: tif_dirwrite.c,v 1.85 2017-01-11 16:09:02 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -30,6 +30,7 @@ + * Directory Write Support Routines. + */ + #include "tiffiop.h" ++#include + + #ifdef HAVE_IEEEFP + #define TIFFCvtNativeToIEEEFloat(tif, n, fp) +@@ -939,6 +940,69 @@ + return(0); + } + ++static float TIFFClampDoubleToFloat( double val ) ++{ ++ if( val > FLT_MAX ) ++ return FLT_MAX; ++ if( val < -FLT_MAX ) ++ return -FLT_MAX; ++ return (float)val; ++} ++ ++static int8 TIFFClampDoubleToInt8( double val ) ++{ ++ if( val > 127 ) ++ return 127; ++ if( val < -128 || val != val ) ++ return -128; ++ return (int8)val; ++} ++ ++static int16 TIFFClampDoubleToInt16( double val ) ++{ ++ if( val > 32767 ) ++ return 32767; ++ if( val < -32768 || val != val ) ++ return -32768; ++ return (int16)val; ++} ++ ++static int32 TIFFClampDoubleToInt32( double val ) ++{ ++ if( val > 0x7FFFFFFF ) ++ return 0x7FFFFFFF; ++ if( val < -0x7FFFFFFF-1 || val != val ) ++ return -0x7FFFFFFF-1; ++ return (int32)val; ++} ++ ++static uint8 TIFFClampDoubleToUInt8( double val ) ++{ ++ if( val < 0 ) ++ return 0; ++ if( val > 255 || val != val ) ++ return 255; ++ return (uint8)val; ++} ++ ++static uint16 TIFFClampDoubleToUInt16( double val ) ++{ ++ if( val < 0 ) ++ return 0; ++ if( val > 65535 || val != val ) ++ return 65535; ++ return (uint16)val; ++} ++ ++static uint32 TIFFClampDoubleToUInt32( double val ) ++{ ++ if( val < 0 ) ++ return 0; ++ if( val > 0xFFFFFFFFU || val != val ) ++ return 0xFFFFFFFFU; ++ return (uint32)val; ++} ++ + static int + TIFFWriteDirectoryTagSampleformatArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value) + { +@@ -959,7 +1023,7 @@ + if (tif->tif_dir.td_bitspersample<=32) + { + for (i = 0; i < count; ++i) +- ((float*)conv)[i] = (float)value[i]; ++ ((float*)conv)[i] = TIFFClampDoubleToFloat(value[i]); + ok = TIFFWriteDirectoryTagFloatArray(tif,ndir,dir,tag,count,(float*)conv); + } + else +@@ -971,19 +1035,19 @@ + if (tif->tif_dir.td_bitspersample<=8) + { + for (i = 0; i < count; ++i) +- ((int8*)conv)[i] = (int8)value[i]; ++ ((int8*)conv)[i] = TIFFClampDoubleToInt8(value[i]); + ok = TIFFWriteDirectoryTagSbyteArray(tif,ndir,dir,tag,count,(int8*)conv); + } + else if (tif->tif_dir.td_bitspersample<=16) + { + for (i = 0; i < count; ++i) +- ((int16*)conv)[i] = (int16)value[i]; ++ ((int16*)conv)[i] = TIFFClampDoubleToInt16(value[i]); + ok = TIFFWriteDirectoryTagSshortArray(tif,ndir,dir,tag,count,(int16*)conv); + } + else + { + for (i = 0; i < count; ++i) +- ((int32*)conv)[i] = (int32)value[i]; ++ ((int32*)conv)[i] = TIFFClampDoubleToInt32(value[i]); + ok = TIFFWriteDirectoryTagSlongArray(tif,ndir,dir,tag,count,(int32*)conv); + } + break; +@@ -991,19 +1055,19 @@ + if (tif->tif_dir.td_bitspersample<=8) + { + for (i = 0; i < count; ++i) +- ((uint8*)conv)[i] = (uint8)value[i]; ++ ((uint8*)conv)[i] = TIFFClampDoubleToUInt8(value[i]); + ok = TIFFWriteDirectoryTagByteArray(tif,ndir,dir,tag,count,(uint8*)conv); + } + else if (tif->tif_dir.td_bitspersample<=16) + { + for (i = 0; i < count; ++i) +- ((uint16*)conv)[i] = (uint16)value[i]; ++ ((uint16*)conv)[i] = TIFFClampDoubleToUInt16(value[i]); + ok = TIFFWriteDirectoryTagShortArray(tif,ndir,dir,tag,count,(uint16*)conv); + } + else + { + for (i = 0; i < count; ++i) +- ((uint32*)conv)[i] = (uint32)value[i]; ++ ((uint32*)conv)[i] = TIFFClampDoubleToUInt32(value[i]); + ok = TIFFWriteDirectoryTagLongArray(tif,ndir,dir,tag,count,(uint32*)conv); + } + break; +@@ -2102,7 +2102,7 @@ + m[0]=0; + m[1]=1; + } +- else if (value==(double)(uint32)value) ++ else if (value <= 0xFFFFFFFFU && value==(double)(uint32)value) + { + m[0]=(uint32)value; + m[1]=1; +@@ -2148,12 +2217,13 @@ + } + for (na=value, nb=m, nc=0; nc= 0 && *na <= (float)0xFFFFFFFFU && ++ *na==(float)(uint32)(*na)) + { + nb[0]=(uint32)(*na); + nb[1]=1; +Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.205 +retrieving revision 1.206 +diff -u -r1.205 -r1.206 +--- libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205 ++++ libtiff/libtiff/tif_dirread.c 11 Jan 2017 13:28:01 -0000 1.206 +@@ -2872,7 +2872,10 @@ + m.l = direntry->tdir_offset.toff_long8; + if (tif->tif_flags&TIFF_SWAB) + TIFFSwabArrayOfLong(m.i,2); +- if (m.i[0]==0) ++ /* Not completely sure what we should do when m.i[1]==0, but some */ ++ /* sanitizers do not like division by 0.0: */ ++ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */ ++ if (m.i[0]==0 || m.i[1]==0) + *value=0.0; + else + *value=(double)m.i[0]/(double)m.i[1]; +@@ -2900,7 +2903,10 @@ + m.l=direntry->tdir_offset.toff_long8; + if (tif->tif_flags&TIFF_SWAB) + TIFFSwabArrayOfLong(m.i,2); +- if ((int32)m.i[0]==0) ++ /* Not completely sure what we should do when m.i[1]==0, but some */ ++ /* sanitizers do not like division by 0.0: */ ++ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */ ++ if ((int32)m.i[0]==0 || m.i[1]==0) + *value=0.0; + else + *value=(double)((int32)m.i[0])/(double)m.i[1]; +Index: libtiff/libtiff/tif_jpeg.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_jpeg.c,v +retrieving revision 1.125 +retrieving revision 1.126 +diff -u -r1.125 -r1.126 +--- libtiff/libtiff/tif_jpeg.c 11 Jan 2017 12:15:01 -0000 1.125 ++++ libtiff/libtiff/tif_jpeg.c 11 Jan 2017 16:13:50 -0000 1.126 +@@ -1,4 +1,4 @@ +-/* $Id: tif_jpeg.c,v 1.123 2016-01-23 21:20:34 erouault Exp $ */ ++/* $Id: tif_jpeg.c,v 1.126 2017-01-11 16:13:50 erouault Exp $ */ + + /* + * Copyright (c) 1994-1997 Sam Leffler +@@ -1632,6 +1632,13 @@ + "Invalig horizontal/vertical sampling value"); + return (0); + } ++ if( td->td_bitspersample > 16 ) ++ { ++ TIFFErrorExt(tif->tif_clientdata, module, ++ "BitsPerSample %d not allowed for JPEG", ++ td->td_bitspersample); ++ return (0); ++ } + + /* + * A ReferenceBlackWhite field *must* be present since the +Index: libtiff/libtiff/tif_read.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v +retrieving revision 1.50 +retrieving revision 1.51 +diff -u -r1.50 -r1.51 +--- libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50 ++++ libtiff/libtiff/tif_read.c 11 Jan 2017 16:33:34 -0000 1.51 +@@ -420,16 +420,25 @@ + return ((tmsize_t)(-1)); + } + } else { +- tmsize_t ma,mb; ++ tmsize_t ma; + tmsize_t n; +- ma=(tmsize_t)td->td_stripoffset[strip]; +- mb=ma+size; +- if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)||(ma>tif->tif_size)) +- n=0; +- else if ((mbtif->tif_size)) +- n=tif->tif_size-ma; +- else +- n=size; ++ if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)|| ++ ((ma=(tmsize_t)td->td_stripoffset[strip])>tif->tif_size)) ++ { ++ n=0; ++ } ++ else if( ma > TIFF_TMSIZE_T_MAX - size ) ++ { ++ n=0; ++ } ++ else ++ { ++ tmsize_t mb=ma+size; ++ if (mb>tif->tif_size) ++ n=tif->tif_size-ma; ++ else ++ n=size; ++ } + if (n!=size) { + #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFErrorExt(tif->tif_clientdata, module, -- cgit v1.2.3 From 37f46a4bc51886c0d0df797bfbb13a50fe647567 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 7 May 2017 17:13:38 -0400 Subject: gnu: pcre2: Fix CVE-2017-8786. * gnu/packages/patches/pcre2-CVE-2017-8786.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/pcre.scm (pcre2)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/pcre2-CVE-2017-8786.patch | 155 +++++++++++++++++++++++++ gnu/packages/pcre.scm | 3 +- 3 files changed, 158 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/pcre2-CVE-2017-8786.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ce7fb68416..dcf9b14cec 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -859,6 +859,7 @@ dist_patch_DATA = \ %D%/packages/patches/patch-hurd-path-max.patch \ %D%/packages/patches/pcre-CVE-2017-7186.patch \ %D%/packages/patches/pcre2-CVE-2017-7186.patch \ + %D%/packages/patches/pcre2-CVE-2017-8786.patch \ %D%/packages/patches/perl-autosplit-default-time.patch \ %D%/packages/patches/perl-deterministic-ordering.patch \ %D%/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \ diff --git a/gnu/packages/patches/pcre2-CVE-2017-8786.patch b/gnu/packages/patches/pcre2-CVE-2017-8786.patch new file mode 100644 index 0000000000..6071d58f07 --- /dev/null +++ b/gnu/packages/patches/pcre2-CVE-2017-8786.patch @@ -0,0 +1,155 @@ +Fix CVE-2017-8786: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8786 +https://bugs.exim.org/show_bug.cgi?id=2079 +https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/ + +Patch copied from upstream source repository: + +https://vcs.pcre.org/pcre2?view=revision&revision=696 +https://vcs.pcre.org/pcre2?view=revision&revision=697 + +--- trunk/doc/pcre2api.3 2017/03/21 16:48:40 695 ++++ trunk/doc/pcre2api.3 2017/03/21 17:46:21 696 +@@ -1,4 +1,4 @@ +-.TH PCRE2API 3 "24 December 2016" "PCRE2 10.23" ++.TH PCRE2API 3 "21 March 2017" "PCRE2 10.30" + .SH NAME + PCRE2 - Perl-compatible regular expressions (revised API) + .sp +@@ -2633,8 +2633,8 @@ + A text message for an error code from any PCRE2 function (compile, match, or + auxiliary) can be obtained by calling \fBpcre2_get_error_message()\fP. The code + is passed as the first argument, with the remaining two arguments specifying a +-code unit buffer and its length, into which the text message is placed. Note +-that the message is returned in code units of the appropriate width for the ++code unit buffer and its length in code units, into which the text message is ++placed. The message is returned in code units of the appropriate width for the + library that is being used. + .P + The returned message is terminated with a trailing zero, and the function +@@ -3321,6 +3321,6 @@ + .rs + .sp + .nf +-Last updated: 23 December 2016 +-Copyright (c) 1997-2016 University of Cambridge. ++Last updated: 21 March 2017 ++Copyright (c) 1997-2017 University of Cambridge. + .fi +--- trunk/src/pcre2_error.c 2017/03/21 16:48:40 695 ++++ trunk/src/pcre2_error.c 2017/03/21 17:46:21 696 +@@ -271,7 +271,7 @@ + Arguments: + enumber error number + buffer where to put the message (zero terminated) +- size size of the buffer ++ size size of the buffer in code units + + Returns: length of message if all is well + negative on error +--- trunk/src/pcre2test.c 2017/03/21 17:46:21 696 ++++ trunk/src/pcre2test.c 2017/03/21 18:36:13 697 +@@ -1017,9 +1017,9 @@ + if (test_mode == PCRE8_MODE) \ + r = pcre2_get_error_message_8(a,G(b,8),G(G(b,8),_size)); \ + else if (test_mode == PCRE16_MODE) \ +- r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size)); \ ++ r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size/2)); \ + else \ +- r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size)) ++ r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size/4)) + + #define PCRE2_GET_OVECTOR_COUNT(a,b) \ + if (test_mode == PCRE8_MODE) \ +@@ -1399,6 +1399,9 @@ + + /* ----- Common macros for two-mode cases ----- */ + ++#define BYTEONE (BITONE/8) ++#define BYTETWO (BITTWO/8) ++ + #define CASTFLD(t,a,b) \ + ((test_mode == G(G(PCRE,BITONE),_MODE))? (t)(G(a,BITONE)->b) : \ + (t)(G(a,BITTWO)->b)) +@@ -1481,9 +1484,9 @@ + + #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \ + if (test_mode == G(G(PCRE,BITONE),_MODE)) \ +- r = G(pcre2_get_error_message_,BITONE)(a,G(b,BITONE),G(G(b,BITONE),_size)); \ ++ r = G(pcre2_get_error_message_,BITONE)(a,G(b,BITONE),G(G(b,BITONE),_size/BYTEONE)); \ + else \ +- r = G(pcre2_get_error_message_,BITTWO)(a,G(b,BITTWO),G(G(b,BITTWO),_size)) ++ r = G(pcre2_get_error_message_,BITTWO)(a,G(b,BITTWO),G(G(b,BITTWO),_size/BYTETWO)) + + #define PCRE2_GET_OVECTOR_COUNT(a,b) \ + if (test_mode == G(G(PCRE,BITONE),_MODE)) \ +@@ -1904,7 +1907,7 @@ + #define PCRE2_DFA_MATCH(a,b,c,d,e,f,g,h,i,j) \ + a = pcre2_dfa_match_16(G(b,16),(PCRE2_SPTR16)c,d,e,f,G(g,16),h,i,j) + #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \ +- r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size)) ++ r = pcre2_get_error_message_16(a,G(b,16),G(G(b,16),_size/2)) + #define PCRE2_GET_OVECTOR_COUNT(a,b) a = pcre2_get_ovector_count_16(G(b,16)) + #define PCRE2_GET_STARTCHAR(a,b) a = pcre2_get_startchar_16(G(b,16)) + #define PCRE2_JIT_COMPILE(r,a,b) r = pcre2_jit_compile_16(G(a,16),b) +@@ -2000,7 +2003,7 @@ + #define PCRE2_DFA_MATCH(a,b,c,d,e,f,g,h,i,j) \ + a = pcre2_dfa_match_32(G(b,32),(PCRE2_SPTR32)c,d,e,f,G(g,32),h,i,j) + #define PCRE2_GET_ERROR_MESSAGE(r,a,b) \ +- r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size)) ++ r = pcre2_get_error_message_32(a,G(b,32),G(G(b,32),_size/4)) + #define PCRE2_GET_OVECTOR_COUNT(a,b) a = pcre2_get_ovector_count_32(G(b,32)) + #define PCRE2_GET_STARTCHAR(a,b) a = pcre2_get_startchar_32(G(b,32)) + #define PCRE2_JIT_COMPILE(r,a,b) r = pcre2_jit_compile_32(G(a,32),b) +--- trunk/src/pcre2test.c 2017/03/21 16:48:40 695 ++++ trunk/src/pcre2test.c 2017/03/21 17:46:21 696 +@@ -2889,7 +2889,7 @@ + { + if (pbuffer32 != NULL) free(pbuffer32); + pbuffer32_size = 4*len + 4; +- if (pbuffer32_size < 256) pbuffer32_size = 256; ++ if (pbuffer32_size < 512) pbuffer32_size = 512; + pbuffer32 = (uint32_t *)malloc(pbuffer32_size); + if (pbuffer32 == NULL) + { +@@ -7600,7 +7600,8 @@ + int errcode; + char *endptr; + +-/* Ensure the relevant non-8-bit buffer is available. */ ++/* Ensure the relevant non-8-bit buffer is available. Ensure that it is at ++least 128 code units, because it is used for retrieving error messages. */ + + #ifdef SUPPORT_PCRE2_16 + if (test_mode == PCRE16_MODE) +@@ -7620,7 +7621,7 @@ + #ifdef SUPPORT_PCRE2_32 + if (test_mode == PCRE32_MODE) + { +- pbuffer32_size = 256; ++ pbuffer32_size = 512; + pbuffer32 = (uint32_t *)malloc(pbuffer32_size); + if (pbuffer32 == NULL) + { +--- trunk/testdata/testinput2 2017/03/21 16:48:40 695 ++++ trunk/testdata/testinput2 2017/03/21 17:46:21 696 +@@ -5017,4 +5017,6 @@ + + /(? Date: Mon, 8 May 2017 11:47:28 +0200 Subject: gnu: perl-net-dns-resolver-programmable: Shorten patch file name. This avoids a warning from GNU tar upon "make dist" about file names that are too long for POSIX tar. * gnu/packages/patches/perl-net-dns-resolver-programmable-Fix-broken-interface.patch: Rename to... * gnu/packages/patches/perl-net-dns-resolver-programmable-fix.patch: ... this. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/networking.scm (perl-net-dns-resolver-programmable)[source]: Likewise. --- gnu/local.mk | 2 +- gnu/packages/networking.scm | 3 +-- ...esolver-programmable-Fix-broken-interface.patch | 30 ---------------------- .../perl-net-dns-resolver-programmable-fix.patch | 30 ++++++++++++++++++++++ 4 files changed, 32 insertions(+), 33 deletions(-) delete mode 100644 gnu/packages/patches/perl-net-dns-resolver-programmable-Fix-broken-interface.patch create mode 100644 gnu/packages/patches/perl-net-dns-resolver-programmable-fix.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index dcf9b14cec..55abf5c888 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -867,7 +867,7 @@ dist_patch_DATA = \ %D%/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch \ %D%/packages/patches/perl-net-amazon-s3-moose-warning.patch \ %D%/packages/patches/perl-net-ssleay-disable-ede-test.patch \ - %D%/packages/patches/perl-net-dns-resolver-programmable-Fix-broken-interface.patch \ + %D%/packages/patches/perl-net-dns-resolver-programmable-fix.patch \ %D%/packages/patches/perl-no-sys-dirs.patch \ %D%/packages/patches/perl-module-pluggable-search.patch \ %D%/packages/patches/perl-reproducible-build-date.patch \ diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index f0d5bb75bf..94152226da 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -727,8 +727,7 @@ definitions and structure manipulators for Perl.") (base32 "1v3nl2kaj4fs55n1617n53q8sa3mir06898vpy1rq98zjih24h4d")) (patches - (search-patches - "perl-net-dns-resolver-programmable-Fix-broken-interface.patch")))) + (search-patches "perl-net-dns-resolver-programmable-fix.patch")))) (build-system perl-build-system) (native-inputs `(("perl-module-build" ,perl-module-build))) diff --git a/gnu/packages/patches/perl-net-dns-resolver-programmable-Fix-broken-interface.patch b/gnu/packages/patches/perl-net-dns-resolver-programmable-Fix-broken-interface.patch deleted file mode 100644 index 371693dca1..0000000000 --- a/gnu/packages/patches/perl-net-dns-resolver-programmable-Fix-broken-interface.patch +++ /dev/null @@ -1,30 +0,0 @@ -perl-net-dns-resolver-programmable used the undocumented and internal -method Net::DNS::rcodesbyname [0], and that interface is no longer -exposed. - -This patch, copied from [1], makes the program check for the existence -of the method before trying to use it. - -[0] - - -[1] - - -diff --git a/lib/Net/DNS/Resolver/Programmable.pm b/lib/Net/DNS/Resolver/Programmable.pm -index 1af72ce..e09a2f0 100644 ---- a/lib/Net/DNS/Resolver/Programmable.pm -+++ b/lib/Net/DNS/Resolver/Programmable.pm -@@ -203,8 +203,10 @@ sub send { - if (defined(my $resolver_code = $self->{resolver_code})) { - ($result, $aa, @answer_rrs) = $resolver_code->($domain, $rr_type, $class); - } -- -- if (not defined($result) or defined($Net::DNS::rcodesbyname{$result})) { -+ -+ if (not defined($result) -+ or defined($Net::DNS::Parameters::rcodebyname{$result}) -+ or defined($Net::DNS::rcodesbyname{$result})) { - # Valid RCODE, return a packet: - - $aa = TRUE if not defined($aa); diff --git a/gnu/packages/patches/perl-net-dns-resolver-programmable-fix.patch b/gnu/packages/patches/perl-net-dns-resolver-programmable-fix.patch new file mode 100644 index 0000000000..371693dca1 --- /dev/null +++ b/gnu/packages/patches/perl-net-dns-resolver-programmable-fix.patch @@ -0,0 +1,30 @@ +perl-net-dns-resolver-programmable used the undocumented and internal +method Net::DNS::rcodesbyname [0], and that interface is no longer +exposed. + +This patch, copied from [1], makes the program check for the existence +of the method before trying to use it. + +[0] + + +[1] + + +diff --git a/lib/Net/DNS/Resolver/Programmable.pm b/lib/Net/DNS/Resolver/Programmable.pm +index 1af72ce..e09a2f0 100644 +--- a/lib/Net/DNS/Resolver/Programmable.pm ++++ b/lib/Net/DNS/Resolver/Programmable.pm +@@ -203,8 +203,10 @@ sub send { + if (defined(my $resolver_code = $self->{resolver_code})) { + ($result, $aa, @answer_rrs) = $resolver_code->($domain, $rr_type, $class); + } +- +- if (not defined($result) or defined($Net::DNS::rcodesbyname{$result})) { ++ ++ if (not defined($result) ++ or defined($Net::DNS::Parameters::rcodebyname{$result}) ++ or defined($Net::DNS::rcodesbyname{$result})) { + # Valid RCODE, return a packet: + + $aa = TRUE if not defined($aa); -- cgit v1.2.3 From 29f381bac72d207e8bf0a2c73c82d7a77b45b597 Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Fri, 14 Apr 2017 13:52:43 +0200 Subject: gnu: Add mozjs-38 (Mozilla SpiderMonkey 38). * gnu/packages/gnuzilla.scm (mozjs-38): New variable. * gnu/packages/patches/mozjs38-pkg-config-version.patch, gnu/packages/patches/mozjs38-shell-version.patch, gnu/packages/patches/mozjs38-tracelogger.patch, gnu/packages/patches/mozjs38-version-detection.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. Co-authored-by: ng0 --- gnu/local.mk | 4 + gnu/packages/gnuzilla.scm | 90 ++- .../patches/mozjs38-pkg-config-version.patch | 24 + gnu/packages/patches/mozjs38-shell-version.patch | 67 +++ gnu/packages/patches/mozjs38-tracelogger.patch | 608 +++++++++++++++++++++ .../patches/mozjs38-version-detection.patch | 180 ++++++ 6 files changed, 972 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/mozjs38-pkg-config-version.patch create mode 100644 gnu/packages/patches/mozjs38-shell-version.patch create mode 100644 gnu/packages/patches/mozjs38-tracelogger.patch create mode 100644 gnu/packages/patches/mozjs38-version-detection.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 55abf5c888..cc2d35e436 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -811,6 +811,10 @@ dist_patch_DATA = \ %D%/packages/patches/module-init-tools-moduledir.patch \ %D%/packages/patches/mozjs17-aarch64-support.patch \ %D%/packages/patches/mozjs24-aarch64-support.patch \ + %D%/packages/patches/mozjs38-pkg-config-version.patch \ + %D%/packages/patches/mozjs38-shell-version.patch \ + %D%/packages/patches/mozjs38-tracelogger.patch \ + %D%/packages/patches/mozjs38-version-detection.patch \ %D%/packages/patches/multiqc-fix-git-subprocess-error.patch \ %D%/packages/patches/mumps-build-parallelism.patch \ %D%/packages/patches/mupdf-build-with-openjpeg-2.1.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 9309237bd7..d9901fd0fb 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -6,6 +6,7 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Alex Griffin ;;; Copyright © 2017 Clément Lassieur +;;; Copyright © 2017 ng0 ;;; ;;; This file is part of GNU Guix. ;;; @@ -57,7 +58,8 @@ #:use-module (gnu packages icu4c) #:use-module (gnu packages video) #:use-module (gnu packages xdisorg) - #:use-module (gnu packages zip)) + #:use-module (gnu packages zip) + #:use-module (gnu packages readline)) (define-public mozjs (package @@ -159,6 +161,92 @@ in C/C++.") `(("libffi" ,libffi) ("zlib" ,zlib))))) +(define-public mozjs-38 + (package + (inherit mozjs) + (name "mozjs") + (version "38.2.1.rc0") + (source (origin + (method url-fetch) + (uri (string-append + "https://people.mozilla.org/~sstangl/" + name "-" version ".tar.bz2")) + (sha256 + (base32 + "0p4bmbpgkfsj54xschcny0a118jdrdgg0q29rwxigg3lh5slr681")) + (patches + (search-patches + ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1269317 for + ;; GCC 6 compatibility. + + "mozjs38-version-detection.patch" ; for 0ad + "mozjs38-tracelogger.patch" + + ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1339931. + "mozjs38-pkg-config-version.patch" + "mozjs38-shell-version.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Fix incompatibility with sed 4.4. + (substitute* "js/src/configure" + (("\\^\\[:space:\\]") "^[[:space:]]")) + + ;; The headers are symlinks to files that are in /tmp, so they + ;; end up broken. Copy them instead. + (substitute* + "python/mozbuild/mozbuild/backend/recursivemake.py" + (("\\['dist_include'\\].add_symlink") + "['dist_include'].add_copy")) + + ;; Remove bundled libraries. + (for-each delete-file-recursively + '("intl" + "js/src/ctypes/libffi" + "js/src/ctypes/libffi-patches" + "modules/zlib")) + #t)))) + (arguments + `(;; XXX: parallel build fails, lacking: + ;; mkdir -p "system_wrapper_js/" + #:parallel-build? #f + ;; See https://bugzilla.mozilla.org/show_bug.cgi?id=1008470. + #:tests? #f + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (chdir "js/src") + (setenv "SHELL" (which "sh")) + (setenv "CONFIG_SHELL" (which "sh")) + (zero? (system* "./configure" + (string-append "--prefix=" out) + "--enable-ctypes" + "--enable-gcgenerational" + "--enable-optimize" + "--enable-pie" + "--enable-readline" + "--enable-shared-js" + "--enable-system-ffi" + "--enable-threadsafe" + "--enable-xterm-updates" + "--with-system-icu" + "--with-system-nspr" + "--with-system-zlib" + + ;; Intl API requires bundled ICU. + "--without-intl-api")))))))) + (native-inputs + `(("perl" ,perl) + ("pkg-config" ,pkg-config) + ("python-2" ,python-2))) + (inputs + `(("libffi" ,libffi) + ("readline" ,readline) + ("icu4c" ,icu4c) + ("zlib" ,zlib))))) + (define-public nspr (package (name "nspr") diff --git a/gnu/packages/patches/mozjs38-pkg-config-version.patch b/gnu/packages/patches/mozjs38-pkg-config-version.patch new file mode 100644 index 0000000000..49ff6f6f8d --- /dev/null +++ b/gnu/packages/patches/mozjs38-pkg-config-version.patch @@ -0,0 +1,24 @@ +Taken from https://bug1339931.bmoattachments.org/attachment.cgi?id=8837770. + +Add major version to pkg-config filename. +Author: Rico Tzschichholz +Forwarded: no +Last-Update: 2015-05-04 + +Index: b/js/src/Makefile.in +=================================================================== +--- a/js/src/Makefile.in ++++ b/js/src/Makefile.in +@@ -214,10 +214,10 @@ + $(JS_CONFIG_NAME): js-config + cp $^ $@ + +-$(LIBRARY_NAME).pc: js.pc ++$(JS_LIBRARY_NAME).pc: js.pc + cp $^ $@ + +-install:: $(LIBRARY_NAME).pc ++install:: $(JS_LIBRARY_NAME).pc + $(SYSINSTALL) $^ $(DESTDIR)$(libdir)/pkgconfig + + install:: js-config.h diff --git a/gnu/packages/patches/mozjs38-shell-version.patch b/gnu/packages/patches/mozjs38-shell-version.patch new file mode 100644 index 0000000000..e7d3d19c85 --- /dev/null +++ b/gnu/packages/patches/mozjs38-shell-version.patch @@ -0,0 +1,67 @@ +Taken from https://bug1339931.bmoattachments.org/attachment.cgi?id=8837771. + +# HG changeset patch +# Parent 4732a0e5d22bc7e5c1f1ace7a182d537d9cc2c6a +Add major version to shell and js-config filenames. +Author: Rico Tzschichholz +Forwarded: no +Last-Update: 2014-10-29 + +--- +diff --git a/js/src/configure b/js/src/configure +--- a/js/src/configure ++++ b/js/src/configure +@@ -1696,8 +1696,13 @@ + MOZJS_PATCH_VERSION=`echo $MOZILLA_VERSION | sed "s|^[0-9]*\.[0-9]*[^0-9]*||"` + IS_ALPHA=`echo $MOZILLA_VERSION | grep '[ab]'` + ++if test -n "$JS_STANDALONE"; then ++JS_SHELL_NAME=js$MOZJS_MAJOR_VERSION ++JS_CONFIG_NAME=js$MOZJS_MAJOR_VERSION-config ++else + JS_SHELL_NAME=js + JS_CONFIG_NAME=js-config ++fi + + + if test -n "$IS_ALPHA"; then + +diff --git a/js/src/configure.in b/js/src/configure.in +--- a/js/src/configure.in ++++ b/js/src/configure.in +@@ -234,16 +234,13 @@ MOZJS_MINOR_VERSION=`echo $MOZILLA_VERSI + MOZJS_PATCH_VERSION=`echo $MOZILLA_VERSION | sed "s|^[0-9]*\.[0-9]*[^0-9]*||"` + IS_ALPHA=`echo $MOZILLA_VERSION | grep '[ab]'` + +-dnl XXX in a temporary bid to avoid developer anger at renaming files +-dnl XXX before "js" symlinks exist, don't change names. +-dnl +-dnl if test -n "$JS_STANDALONE"; then +-dnl JS_SHELL_NAME=js$MOZJS_MAJOR_VERSION +-dnl JS_CONFIG_NAME=js$MOZJS_MAJOR_VERSION-config +-dnl else ++if test -n "$JS_STANDALONE"; then ++JS_SHELL_NAME=js$MOZJS_MAJOR_VERSION ++JS_CONFIG_NAME=js$MOZJS_MAJOR_VERSION-config ++else + JS_SHELL_NAME=js + JS_CONFIG_NAME=js-config +-dnl fi ++fi + + changequote([,]) + if test -n "$IS_ALPHA"; then + +diff -r 80a9e64d75f5 js/src/Makefile.in +--- a/js/src/Makefile.in Wed Jun 25 15:11:42 2014 +0200 ++++ b/js/src/Makefile.in Sat Jul 05 14:08:38 2014 +0200 +@@ -273,6 +273,9 @@ + SCRIPTS = $(JS_CONFIG_NAME) + SDK_BINARY = $(JS_CONFIG_NAME) + ++$(JS_CONFIG_NAME): js-config ++ cp $^ $@ ++ + $(JS_LIBRARY_NAME).pc: js.pc + cp $^ $@ + diff --git a/gnu/packages/patches/mozjs38-tracelogger.patch b/gnu/packages/patches/mozjs38-tracelogger.patch new file mode 100644 index 0000000000..0375ec36cc --- /dev/null +++ b/gnu/packages/patches/mozjs38-tracelogger.patch @@ -0,0 +1,608 @@ +Squashed version of several commits to fix the tracelogger. + +Taken from +https://github.com/GNOME/jhbuild/blob/master/patches/mozjs38-fix-tracelogger.patch. + +# === Fix the SM38 tracelogger === +# This patch is a squashed version of several patches that were adapted +# to fix failing hunks. +# +# Applied in the following order, they are: +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1223767 +# Assertion failure: i < size_, at js/src/vm/TraceLoggingTypes.h:210 +# Also fix stop-information to make reduce.py work correctly. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1227914 +# Limit the memory tracelogger can take. +# This causes tracelogger to flush data to the disk regularly and prevents out of +# memory issues if a lot of data gets logged. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1155618 +# Fix tracelogger destructor that touches possibly uninitialised hash table. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1223636 +# Don't treat extraTextId as containing only extra ids. +# This fixes an assertion failure: id == nextTextId at js/src/vm/TraceLoggingGraph.cpp +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1227028 +# Fix when to keep the payload of a TraceLogger event. +# This fixes an assertion failure: textId < uint32_t(1 << 31) at js/src/vm/TraceLoggingGraph.h +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1266649 +# Handle failing to add to pointermap gracefully. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1280648 +# Don't cache based on pointers to movable GC things. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1224123 +# Fix the use of LastEntryId in tracelogger.h. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1231170 +# Use size in debugger instead of the current id to track last logged item. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1221844 +# Move TraceLogger_Invalidation to LOG_ITEM. +# Add some debug checks to logTimestamp. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1255766 +# Also mark resizing of memory. +# * https://bugzilla.mozilla.org/show_bug.cgi?id=1259403 +# Only increase capacity by multiples of 2. +# Always make sure there are 3 free slots for events. +# === + +diff --git a/js/src/jit-test/tests/tracelogger/bug1231170.js b/js/src/jit-test/tests/tracelogger/bug1231170.js +new file mode 100644 +index 0000000..023e93e +--- /dev/null ++++ b/js/src/jit-test/tests/tracelogger/bug1231170.js +@@ -0,0 +1,3 @@ ++var du = new Debugger(); ++if (typeof du.drainTraceLogger === "function") ++ du.drainTraceLogger(); +diff --git a/js/src/jit-test/tests/tracelogger/bug1266649.js b/js/src/jit-test/tests/tracelogger/bug1266649.js +new file mode 100644 +index 0000000..81ae7ad +--- /dev/null ++++ b/js/src/jit-test/tests/tracelogger/bug1266649.js +@@ -0,0 +1,10 @@ ++ ++var du = new Debugger(); ++if (typeof du.setupTraceLogger === "function" && ++ typeof oomTest === 'function') ++{ ++ du.setupTraceLogger({ ++ Scripts: true ++ }) ++ oomTest(() => function(){}); ++} +diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp +index 93e2fda..09049d6 100644 +--- a/js/src/jit/Ion.cpp ++++ b/js/src/jit/Ion.cpp +@@ -1055,6 +1055,8 @@ IonScript::Destroy(FreeOp* fop, IonScript* script) + + script->destroyCaches(); + script->unlinkFromRuntime(fop); ++ // Frees the potential event we have set. ++ script->traceLoggerScriptEvent_ = TraceLoggerEvent(); + fop->free_(script); + } + +diff --git a/js/src/vm/Debugger.cpp b/js/src/vm/Debugger.cpp +index 26262fd..af7f313 100644 +--- a/js/src/vm/Debugger.cpp ++++ b/js/src/vm/Debugger.cpp +@@ -369,10 +369,10 @@ Debugger::Debugger(JSContext* cx, NativeObject* dbg) + objects(cx), + environments(cx), + #ifdef NIGHTLY_BUILD +- traceLoggerLastDrainedId(0), ++ traceLoggerLastDrainedSize(0), + traceLoggerLastDrainedIteration(0), + #endif +- traceLoggerScriptedCallsLastDrainedId(0), ++ traceLoggerScriptedCallsLastDrainedSize(0), + traceLoggerScriptedCallsLastDrainedIteration(0) + { + assertSameCompartment(cx, dbg); +@@ -3907,9 +3907,9 @@ Debugger::drainTraceLogger(JSContext* cx, unsigned argc, Value* vp) + size_t num; + TraceLoggerThread* logger = TraceLoggerForMainThread(cx->runtime()); + bool lostEvents = logger->lostEvents(dbg->traceLoggerLastDrainedIteration, +- dbg->traceLoggerLastDrainedId); ++ dbg->traceLoggerLastDrainedSize); + EventEntry* events = logger->getEventsStartingAt(&dbg->traceLoggerLastDrainedIteration, +- &dbg->traceLoggerLastDrainedId, ++ &dbg->traceLoggerLastDrainedSize, + &num); + + RootedObject array(cx, NewDenseEmptyArray(cx)); +@@ -4002,10 +4002,10 @@ Debugger::drainTraceLoggerScriptCalls(JSContext* cx, unsigned argc, Value* vp) + size_t num; + TraceLoggerThread* logger = TraceLoggerForMainThread(cx->runtime()); + bool lostEvents = logger->lostEvents(dbg->traceLoggerScriptedCallsLastDrainedIteration, +- dbg->traceLoggerScriptedCallsLastDrainedId); ++ dbg->traceLoggerScriptedCallsLastDrainedSize); + EventEntry* events = logger->getEventsStartingAt( + &dbg->traceLoggerScriptedCallsLastDrainedIteration, +- &dbg->traceLoggerScriptedCallsLastDrainedId, ++ &dbg->traceLoggerScriptedCallsLastDrainedSize, + &num); + + RootedObject array(cx, NewDenseEmptyArray(cx)); +diff --git a/js/src/vm/Debugger.h b/js/src/vm/Debugger.h +index 8cac36a..c92d685 100644 +--- a/js/src/vm/Debugger.h ++++ b/js/src/vm/Debugger.h +@@ -314,10 +314,10 @@ class Debugger : private mozilla::LinkedListElement + * lost events. + */ + #ifdef NIGHTLY_BUILD +- uint32_t traceLoggerLastDrainedId; ++ uint32_t traceLoggerLastDrainedSize; + uint32_t traceLoggerLastDrainedIteration; + #endif +- uint32_t traceLoggerScriptedCallsLastDrainedId; ++ uint32_t traceLoggerScriptedCallsLastDrainedSize; + uint32_t traceLoggerScriptedCallsLastDrainedIteration; + + class FrameRange; +diff --git a/js/src/vm/TraceLogging.cpp b/js/src/vm/TraceLogging.cpp +index 6715b36..9766a6f 100644 +--- a/js/src/vm/TraceLogging.cpp ++++ b/js/src/vm/TraceLogging.cpp +@@ -131,7 +131,7 @@ TraceLoggerThread::init() + { + if (!pointerMap.init()) + return false; +- if (!extraTextId.init()) ++ if (!textIdPayloads.init()) + return false; + if (!events.init()) + return false; +@@ -185,10 +185,10 @@ TraceLoggerThread::~TraceLoggerThread() + graph = nullptr; + } + +- for (TextIdHashMap::Range r = extraTextId.all(); !r.empty(); r.popFront()) +- js_delete(r.front().value()); +- extraTextId.finish(); +- pointerMap.finish(); ++ if (textIdPayloads.initialized()) { ++ for (TextIdHashMap::Range r = textIdPayloads.all(); !r.empty(); r.popFront()) ++ js_delete(r.front().value()); ++ } + } + + bool +@@ -287,7 +287,7 @@ TraceLoggerThread::eventText(uint32_t id) + if (id < TraceLogger_Last) + return TLTextIdString(static_cast(id)); + +- TextIdHashMap::Ptr p = extraTextId.lookup(id); ++ TextIdHashMap::Ptr p = textIdPayloads.lookup(id); + MOZ_ASSERT(p); + + return p->value()->string(); +@@ -341,13 +341,15 @@ TraceLoggerThread::extractScriptDetails(uint32_t textId, const char** filename, + TraceLoggerEventPayload* + TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId textId) + { +- TextIdHashMap::AddPtr p = extraTextId.lookupForAdd(textId); +- if (p) ++ TextIdHashMap::AddPtr p = textIdPayloads.lookupForAdd(textId); ++ if (p) { ++ MOZ_ASSERT(p->value()->textId() == textId); // Sanity check. + return p->value(); ++ } + + TraceLoggerEventPayload* payload = js_new(textId, (char*)nullptr); + +- if (!extraTextId.add(p, textId, payload)) ++ if (!textIdPayloads.add(p, textId, payload)) + return nullptr; + + return payload; +@@ -357,8 +359,10 @@ TraceLoggerEventPayload* + TraceLoggerThread::getOrCreateEventPayload(const char* text) + { + PointerHashMap::AddPtr p = pointerMap.lookupForAdd((const void*)text); +- if (p) ++ if (p) { ++ MOZ_ASSERT(p->value()->textId() < nextTextId); // Sanity check. + return p->value(); ++ } + + size_t len = strlen(text); + char* str = js_pod_malloc(len + 1); +@@ -369,7 +373,7 @@ TraceLoggerThread::getOrCreateEventPayload(const char* text) + MOZ_ASSERT(ret == len); + MOZ_ASSERT(strlen(str) == len); + +- uint32_t textId = extraTextId.count() + TraceLogger_Last; ++ uint32_t textId = nextTextId; + + TraceLoggerEventPayload* payload = js_new(textId, str); + if (!payload) { +@@ -377,17 +381,19 @@ TraceLoggerThread::getOrCreateEventPayload(const char* text) + return nullptr; + } + +- if (!extraTextId.putNew(textId, payload)) { ++ if (!textIdPayloads.putNew(textId, payload)) { + js_delete(payload); + return nullptr; + } + +- if (!pointerMap.add(p, text, payload)) +- return nullptr; +- + if (graph.get()) + graph->addTextId(textId, str); + ++ nextTextId++; ++ ++ if (!pointerMap.add(p, text, payload)) ++ return nullptr; ++ + return payload; + } + +@@ -407,9 +413,14 @@ TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, const char* f + if (!traceLoggerState->isTextIdEnabled(type)) + return getOrCreateEventPayload(type); + +- PointerHashMap::AddPtr p = pointerMap.lookupForAdd(ptr); +- if (p) +- return p->value(); ++ PointerHashMap::AddPtr p; ++ if (ptr) { ++ p = pointerMap.lookupForAdd(ptr); ++ if (p) { ++ MOZ_ASSERT(p->value()->textId() < nextTextId); // Sanity check. ++ return p->value(); ++ } ++ } + + // Compute the length of the string to create. + size_t lenFilename = strlen(filename); +@@ -428,24 +439,28 @@ TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, const char* f + MOZ_ASSERT(ret == len); + MOZ_ASSERT(strlen(str) == len); + +- uint32_t textId = extraTextId.count() + TraceLogger_Last; ++ uint32_t textId = nextTextId; + TraceLoggerEventPayload* payload = js_new(textId, str); + if (!payload) { + js_free(str); + return nullptr; + } + +- if (!extraTextId.putNew(textId, payload)) { ++ if (!textIdPayloads.putNew(textId, payload)) { + js_delete(payload); + return nullptr; + } + +- if (!pointerMap.add(p, ptr, payload)) +- return nullptr; +- + if (graph.get()) + graph->addTextId(textId, str); + ++ nextTextId++; ++ ++ if (ptr) { ++ if (!pointerMap.add(p, ptr, payload)) ++ return nullptr; ++ } ++ + return payload; + } + +@@ -453,14 +468,14 @@ TraceLoggerEventPayload* + TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, JSScript* script) + { + return getOrCreateEventPayload(type, script->filename(), script->lineno(), script->column(), +- script); ++ nullptr); + } + + TraceLoggerEventPayload* + TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, + const JS::ReadOnlyCompileOptions& script) + { +- return getOrCreateEventPayload(type, script.filename(), script.lineno, script.column, &script); ++ return getOrCreateEventPayload(type, script.filename(), script.lineno, script.column, nullptr); + } + + void +@@ -485,7 +500,7 @@ TraceLoggerThread::startEvent(uint32_t id) + if (!traceLoggerState->isTextIdEnabled(id)) + return; + +- logTimestamp(id); ++ log(id); + } + + void +@@ -510,7 +525,7 @@ TraceLoggerThread::stopEvent(uint32_t id) + if (!traceLoggerState->isTextIdEnabled(id)) + return; + +- logTimestamp(TraceLogger_Stop); ++ log(TraceLogger_Stop); + } + + void +@@ -522,23 +537,57 @@ TraceLoggerThread::logTimestamp(TraceLoggerTextId id) + void + TraceLoggerThread::logTimestamp(uint32_t id) + { ++ MOZ_ASSERT(id > TraceLogger_LastTreeItem && id < TraceLogger_Last); ++ log(id); ++} ++ ++void ++TraceLoggerThread::log(uint32_t id) ++{ + if (enabled == 0) + return; + + MOZ_ASSERT(traceLoggerState); +- if (!events.ensureSpaceBeforeAdd()) { ++ ++ // We request for 3 items to add, since if we don't have enough room ++ // we record the time it took to make more place. To log this information ++ // we need 2 extra free entries. ++ if (!events.hasSpaceForAdd(3)) { + uint64_t start = rdtsc() - traceLoggerState->startupTime; + +- if (graph.get()) +- graph->log(events); ++ if (!events.ensureSpaceBeforeAdd(3)) { ++ if (graph.get()) ++ graph->log(events); ++ ++ iteration_++; ++ events.clear(); ++ ++ // Remove the item in the pointerMap for which the payloads ++ // have no uses anymore ++ for (PointerHashMap::Enum e(pointerMap); !e.empty(); e.popFront()) { ++ if (e.front().value()->uses() != 0) ++ continue; ++ ++ TextIdHashMap::Ptr p = textIdPayloads.lookup(e.front().value()->textId()); ++ MOZ_ASSERT(p); ++ textIdPayloads.remove(p); ++ ++ e.removeFront(); ++ } + +- iteration_++; +- events.clear(); ++ // Free all payloads that have no uses anymore. ++ for (TextIdHashMap::Enum e(textIdPayloads); !e.empty(); e.popFront()) { ++ if (e.front().value()->uses() == 0) { ++ js_delete(e.front().value()); ++ e.removeFront(); ++ } ++ } ++ } + + // Log the time it took to flush the events as being from the + // Tracelogger. + if (graph.get()) { +- MOZ_ASSERT(events.capacity() > 2); ++ MOZ_ASSERT(events.hasSpaceForAdd(2)); + EventEntry& entryStart = events.pushUninitialized(); + entryStart.time = start; + entryStart.textId = TraceLogger_Internal; +@@ -548,13 +597,6 @@ TraceLoggerThread::logTimestamp(uint32_t id) + entryStop.textId = TraceLogger_Stop; + } + +- // Free all TextEvents that have no uses anymore. +- for (TextIdHashMap::Enum e(extraTextId); !e.empty(); e.popFront()) { +- if (e.front().value()->uses() == 0) { +- js_delete(e.front().value()); +- e.removeFront(); +- } +- } + } + + uint64_t time = rdtsc() - traceLoggerState->startupTime; +@@ -956,3 +998,16 @@ TraceLoggerEvent::~TraceLoggerEvent() + if (payload_) + payload_->release(); + } ++ ++TraceLoggerEvent& ++TraceLoggerEvent::operator=(const TraceLoggerEvent& other) ++{ ++ if (hasPayload()) ++ payload()->release(); ++ if (other.hasPayload()) ++ other.payload()->use(); ++ ++ payload_ = other.payload_; ++ ++ return *this; ++} +diff --git a/js/src/vm/TraceLogging.h b/js/src/vm/TraceLogging.h +index a124dcb..91a1eb0 100644 +--- a/js/src/vm/TraceLogging.h ++++ b/js/src/vm/TraceLogging.h +@@ -110,6 +110,9 @@ class TraceLoggerEvent { + bool hasPayload() const { + return !!payload_; + } ++ ++ TraceLoggerEvent& operator=(const TraceLoggerEvent& other); ++ TraceLoggerEvent(const TraceLoggerEvent& event) = delete; + }; + + /** +@@ -130,6 +133,10 @@ class TraceLoggerEventPayload { + uses_(0) + { } + ++ ~TraceLoggerEventPayload() { ++ MOZ_ASSERT(uses_ == 0); ++ } ++ + uint32_t textId() { + return textId_; + } +@@ -166,7 +173,8 @@ class TraceLoggerThread + mozilla::UniquePtr graph; + + PointerHashMap pointerMap; +- TextIdHashMap extraTextId; ++ TextIdHashMap textIdPayloads; ++ uint32_t nextTextId; + + ContinuousSpace events; + +@@ -181,6 +189,7 @@ class TraceLoggerThread + : enabled(0), + failed(false), + graph(), ++ nextTextId(TraceLogger_Last), + iteration_(0), + top(nullptr) + { } +@@ -195,22 +204,22 @@ class TraceLoggerThread + bool enable(JSContext* cx); + bool disable(); + +- // Given the previous iteration and lastEntryId, return an array of events ++ // Given the previous iteration and size, return an array of events + // (there could be lost events). At the same time update the iteration and +- // lastEntry and gives back how many events there are. +- EventEntry* getEventsStartingAt(uint32_t* lastIteration, uint32_t* lastEntryId, size_t* num) { ++ // size and gives back how many events there are. ++ EventEntry* getEventsStartingAt(uint32_t* lastIteration, uint32_t* lastSize, size_t* num) { + EventEntry* start; + if (iteration_ == *lastIteration) { +- MOZ_ASSERT(events.lastEntryId() >= *lastEntryId); +- *num = events.lastEntryId() - *lastEntryId; +- start = events.data() + *lastEntryId + 1; ++ MOZ_ASSERT(*lastSize <= events.size()); ++ *num = events.size() - *lastSize; ++ start = events.data() + *lastSize; + } else { +- *num = events.lastEntryId() + 1; ++ *num = events.size(); + start = events.data(); + } + + *lastIteration = iteration_; +- *lastEntryId = events.lastEntryId(); ++ *lastSize = events.size(); + return start; + } + +@@ -220,16 +229,16 @@ class TraceLoggerThread + const char** lineno, size_t* lineno_len, const char** colno, + size_t* colno_len); + +- bool lostEvents(uint32_t lastIteration, uint32_t lastEntryId) { ++ bool lostEvents(uint32_t lastIteration, uint32_t lastSize) { + // If still logging in the same iteration, there are no lost events. + if (lastIteration == iteration_) { +- MOZ_ASSERT(lastEntryId <= events.lastEntryId()); ++ MOZ_ASSERT(lastSize <= events.size()); + return false; + } + +- // When proceeded to the next iteration and lastEntryId points to +- // the maximum capacity there are no logs that are lost. +- if (lastIteration + 1 == iteration_ && lastEntryId == events.capacity()) ++ // If we are in a consecutive iteration we are only sure we didn't lose any events, ++ // when the lastSize equals the maximum size 'events' can get. ++ if (lastIteration == iteration_ - 1 && lastSize == events.maxSize()) + return false; + + return true; +@@ -268,6 +277,7 @@ class TraceLoggerThread + void stopEvent(uint32_t id); + private: + void stopEvent(); ++ void log(uint32_t id); + + public: + static unsigned offsetOfEnabled() { +diff --git a/js/src/vm/TraceLoggingGraph.cpp b/js/src/vm/TraceLoggingGraph.cpp +index d1b7f2e..a4eb273 100644 +--- a/js/src/vm/TraceLoggingGraph.cpp ++++ b/js/src/vm/TraceLoggingGraph.cpp +@@ -276,7 +276,7 @@ TraceLoggerGraph::flush() + if (bytesWritten < tree.size()) + return false; + +- treeOffset += tree.lastEntryId(); ++ treeOffset += tree.size(); + tree.clear(); + } + +@@ -359,7 +359,7 @@ TraceLoggerGraph::startEventInternal(uint32_t id, uint64_t timestamp) + + if (parent.lastChildId() == 0) { + MOZ_ASSERT(!entry.hasChildren()); +- MOZ_ASSERT(parent.treeId() == tree.lastEntryId() + treeOffset); ++ MOZ_ASSERT(parent.treeId() == treeOffset + tree.size() - 1); + + if (!updateHasChildren(parent.treeId())) + return false; +diff --git a/js/src/vm/TraceLoggingTypes.h b/js/src/vm/TraceLoggingTypes.h +index f1c9d0c..10b76d6 100644 +--- a/js/src/vm/TraceLoggingTypes.h ++++ b/js/src/vm/TraceLoggingTypes.h +@@ -21,7 +21,6 @@ + _(Internal) \ + _(Interpreter) \ + _(InlinedScripts) \ +- _(Invalidation) \ + _(IonCompilation) \ + _(IonCompilationPaused) \ + _(IonLinking) \ +@@ -60,6 +59,7 @@ + + #define TRACELOGGER_LOG_ITEMS(_) \ + _(Bailout) \ ++ _(Invalidation) \ + _(Disable) \ + _(Enable) \ + _(Stop) +@@ -130,6 +130,9 @@ class ContinuousSpace { + uint32_t size_; + uint32_t capacity_; + ++ // The maximum amount of ram memory a continuous space structure can take (in bytes). ++ static const uint32_t LIMIT = 200 * 1024 * 1024; ++ + public: + ContinuousSpace () + : data_(nullptr) +@@ -151,6 +154,10 @@ class ContinuousSpace { + data_ = nullptr; + } + ++ static uint32_t maxSize() { ++ return LIMIT / sizeof(T); ++ } ++ + T* data() { + return data_; + } +@@ -187,11 +194,14 @@ class ContinuousSpace { + if (hasSpaceForAdd(count)) + return true; + ++ // Limit the size of a continuous buffer. ++ if (size_ + count > maxSize()) ++ return false; ++ + uint32_t nCapacity = capacity_ * 2; +- if (size_ + count > nCapacity) +- nCapacity = size_ + count; +- T* entries = (T*) js_realloc(data_, nCapacity * sizeof(T)); ++ nCapacity = (nCapacity < maxSize()) ? nCapacity : maxSize(); + ++ T* entries = (T*) js_realloc(data_, nCapacity * sizeof(T)); + if (!entries) + return false; + diff --git a/gnu/packages/patches/mozjs38-version-detection.patch b/gnu/packages/patches/mozjs38-version-detection.patch new file mode 100644 index 0000000000..ec2d264ccc --- /dev/null +++ b/gnu/packages/patches/mozjs38-version-detection.patch @@ -0,0 +1,180 @@ +Taken from +https://trac.wildfiregames.com/export/18656/ps/trunk/libraries/source/spidermonkey/FixVersionDetectionConfigure.diff. + +Fixes a version detection issue in 0ad. See +https://lists.gnu.org/archive/html/guix-devel/2017-01/msg00625.html. + +diff --git a/js/src/configure b/js/src/configure +--- a/js/src/configure ++++ b/js/src/configure +@@ -1662,70 +1662,6 @@ esac + + fi + +-MOZILLA_VERSION=`$PYTHON $srcdir/python/mozbuild/mozbuild/milestone.py --topsrcdir $srcdir` +-MOZILLA_UAVERSION=`$PYTHON $srcdir/python/mozbuild/mozbuild/milestone.py --topsrcdir $srcdir --uaversion` +-MOZILLA_SYMBOLVERSION=`$PYTHON $srcdir/python/mozbuild/mozbuild/milestone.py --topsrcdir $srcdir --symbolversion` +- +-cat >> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> confdefs.pytmp <> confdefs.h <> $CONFIG_STATUS <> $CONFIG_STATUS < Date: Mon, 8 May 2017 12:21:30 -0400 Subject: gnu: Move links to web-browsers.scm. * gnu/packages/links.scm: Remove file and move links... * gnu/packages/web-browsers.scm: ...here. * gnu/local.mk (GNU_SYSTEM_MODULES): Remove links.scm. --- gnu/local.mk | 1 - gnu/packages/links.scm | 81 ------------------------------------------- gnu/packages/web-browsers.scm | 54 +++++++++++++++++++++++++++++ 3 files changed, 54 insertions(+), 82 deletions(-) delete mode 100644 gnu/packages/links.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index cc2d35e436..1922bb46ce 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -233,7 +233,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/libunwind.scm \ %D%/packages/libupnp.scm \ %D%/packages/lighting.scm \ - %D%/packages/links.scm \ %D%/packages/linux.scm \ %D%/packages/lirc.scm \ %D%/packages/lisp.scm \ diff --git a/gnu/packages/links.scm b/gnu/packages/links.scm deleted file mode 100644 index 145ed761ee..0000000000 --- a/gnu/packages/links.scm +++ /dev/null @@ -1,81 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014 John Darrington -;;; Copyright © 2015, 2016 Efraim Flashner -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu packages links) - #:use-module ((guix licenses) #:prefix license:) - #:use-module (guix packages) - #:use-module (gnu packages) - #:use-module (gnu packages compression) - #:use-module (gnu packages pkg-config) - #:use-module (gnu packages image) - #:use-module (gnu packages libevent) - #:use-module (gnu packages tls) - #:use-module (gnu packages xorg) - #:use-module (guix download) - #:use-module (guix build-system gnu)) - -(define-public links - (package - (name "links") - (version "2.14") - (source (origin - (method url-fetch) - (uri (string-append "http://links.twibright.com/download/" - name "-" version ".tar.bz2")) - (sha256 - (base32 "1f24y83wa1vzzjq5kp857gjqdpnmf8pb29yw7fam0m8wxxw0c3gp")))) - (build-system gnu-build-system) - (arguments - `(#:phases - (modify-phases %standard-phases - (replace 'configure - (lambda* (#:key outputs #:allow-other-keys) - ;; The tarball uses a very old version of autconf. It doesn't - ;; understand extra flags like `--enable-fast-install', so - ;; we need to invoke it with just what it understands. - (let ((out (assoc-ref outputs "out"))) - ;; 'configure' doesn't understand '--host'. - ,@(if (%current-target-system) - `((setenv "CHOST" ,(%current-target-system))) - '()) - (setenv "CONFIG_SHELL" (which "bash")) - (zero? - (system* "./configure" - (string-append "--prefix=" out) - "--enable-graphics")))))))) - (native-inputs `(("pkg-config" ,pkg-config))) - (inputs `(("zlib" ,zlib) - ("openssl" ,openssl) - ("libjpeg" ,libjpeg) - ("libtiff" ,libtiff) - ("libevent" ,libevent) - ("libpng" ,libpng) - ("libxt" ,libxt))) - (synopsis "Text and graphics mode web browser") - (description "Links is a graphics and text mode web browser, with many -features including, tables, builtin image display, bookmarks, SSL and more.") - (home-page "http://links.twibright.com") - ;; The distribution contains a copy of GPLv2 - ;; However, the copyright notices simply say: - ;; "This file is a part of the Links program, released under GPL." - ;; Therefore, under the provisions of Section 9, we can choose - ;; any version ever published by the FSF. - ;; One file (https.c) contains an exception permitting - ;; linking of the program with openssl. - (license license:gpl1+))) diff --git a/gnu/packages/web-browsers.scm b/gnu/packages/web-browsers.scm index 07b61dd25e..4cbd5fbe06 100644 --- a/gnu/packages/web-browsers.scm +++ b/gnu/packages/web-browsers.scm @@ -1,4 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2014 John Darrington +;;; Copyright © 2015, 2016 Efraim Flashner ;;; Copyright © 2016 Kei Kebreau ;;; Copyright © 2017 Eric Bavier ;;; @@ -25,6 +27,7 @@ #:use-module (gnu packages documentation) #:use-module (gnu packages fltk) #:use-module (gnu packages fontutils) + #:use-module (gnu packages libevent) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) @@ -67,6 +70,57 @@ older or slower computers and embedded systems.") (home-page "http://www.dillo.org") (license license:gpl3+))) +(define-public links + (package + (name "links") + (version "2.14") + (source (origin + (method url-fetch) + (uri (string-append "http://links.twibright.com/download/" + name "-" version ".tar.bz2")) + (sha256 + (base32 + "1f24y83wa1vzzjq5kp857gjqdpnmf8pb29yw7fam0m8wxxw0c3gp")))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + ;; The tarball uses a very old version of autconf. It doesn't + ;; understand extra flags like `--enable-fast-install', so + ;; we need to invoke it with just what it understands. + (let ((out (assoc-ref outputs "out"))) + ;; 'configure' doesn't understand '--host'. + ,@(if (%current-target-system) + `((setenv "CHOST" ,(%current-target-system))) + '()) + (setenv "CONFIG_SHELL" (which "bash")) + (zero? + (system* "./configure" + (string-append "--prefix=" out) + "--enable-graphics")))))))) + (native-inputs `(("pkg-config" ,pkg-config))) + (inputs `(("zlib" ,zlib) + ("openssl" ,openssl) + ("libjpeg" ,libjpeg) + ("libtiff" ,libtiff) + ("libevent" ,libevent) + ("libpng" ,libpng) + ("libxt" ,libxt))) + (synopsis "Text and graphics mode web browser") + (description "Links is a graphics and text mode web browser, with many +features including, tables, builtin image display, bookmarks, SSL and more.") + (home-page "http://links.twibright.com") + ;; The distribution contains a copy of GPLv2 + ;; However, the copyright notices simply say: + ;; "This file is a part of the Links program, released under GPL." + ;; Therefore, under the provisions of Section 9, we can choose + ;; any version ever published by the FSF. + ;; One file (https.c) contains an exception permitting + ;; linking of the program with openssl. + (license license:gpl1+))) + (define-public qutebrowser (package (name "qutebrowser") -- cgit v1.2.3 From c5196ac7ee668a65c0cfda25ce354b826b15435c Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Mon, 8 May 2017 15:16:24 -0400 Subject: gnu: Move lynx to web-browsers.scm. * gnu/packages/lynx.scm: Remove file and move lynx... * gnu/packages/web-browsers.scm: ...here. * gnu/packages/man.scm (define-module): Remove unused module import of (gnu packages lynx). * gnu/packages/ocaml.scm (define-module): Adjust module import to use (gnu packages web-browsers). * gnu/local.mk (GNU_SYSTEM_MODULES): Remove lynx.scm. --- gnu/local.mk | 1 - gnu/packages/lynx.scm | 91 ------------------------------------------- gnu/packages/man.scm | 1 - gnu/packages/ocaml.scm | 2 +- gnu/packages/web-browsers.scm | 62 +++++++++++++++++++++++++++++ 5 files changed, 63 insertions(+), 94 deletions(-) delete mode 100644 gnu/packages/lynx.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 1922bb46ce..af37e67647 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -244,7 +244,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/lua.scm \ %D%/packages/lxde.scm \ %D%/packages/lxqt.scm \ - %D%/packages/lynx.scm \ %D%/packages/m4.scm \ %D%/packages/machine-learning.scm \ %D%/packages/man.scm \ diff --git a/gnu/packages/lynx.scm b/gnu/packages/lynx.scm deleted file mode 100644 index b212dca388..0000000000 --- a/gnu/packages/lynx.scm +++ /dev/null @@ -1,91 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014 Mark H Weaver -;;; Copyright © 2016 Kei Kebreau -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu packages lynx) - #:use-module ((guix licenses) #:select (gpl2)) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module (guix build-system gnu) - #:use-module (gnu packages pkg-config) - #:use-module (gnu packages perl) - #:use-module (gnu packages ncurses) - #:use-module (gnu packages libidn) - #:use-module (gnu packages gnupg) - #:use-module (gnu packages tls) - #:use-module (gnu packages zip) - #:use-module (gnu packages compression)) - -(define-public lynx - (package - (name "lynx") - (version "2.8.9dev.11") - (source (origin - (method url-fetch) - (uri (string-append - "http://invisible-mirror.net/archives/lynx/tarballs" - "/lynx" version ".tar.bz2")) - (sha256 - (base32 - "1cqm1i7d209brkrpzaqqf2x951ra3l67dw8x9yg10vz7rpr9441a")))) - (build-system gnu-build-system) - (native-inputs `(("pkg-config" ,pkg-config) - ("perl" ,perl))) - (inputs `(("ncurses" ,ncurses) - ("libidn" ,libidn) - ("gnutls" ,gnutls) - ("libgcrypt" ,libgcrypt) - ("unzip" ,unzip) - ("zlib" ,zlib) - ("gzip" ,gzip) - ("bzip2" ,bzip2))) - (arguments - `(#:configure-flags - (let ((gnutls (assoc-ref %build-inputs "gnutls"))) - `("--with-pkg-config" - "--with-screen=ncurses" - "--with-zlib" - "--with-bzlib" - ,(string-append "--with-gnutls=" gnutls) - ;; "--with-socks5" ; XXX TODO - "--enable-widec" - "--enable-ascii-ctypes" - "--enable-local-docs" - "--enable-htmlized-cfg" - "--enable-gzip-help" - "--enable-nls" - "--enable-ipv6")) - #:tests? #f ; no check target - #:phases (alist-replace - 'install - (lambda* (#:key (make-flags '()) #:allow-other-keys) - (zero? (apply system* "make" "install-full" make-flags))) - %standard-phases))) - (synopsis "Text Web Browser") - (description - "Lynx is a fully-featured World Wide Web (WWW) client for users running -cursor-addressable, character-cell display devices. It will display Hypertext -Markup Language (HTML) documents containing links to files on the local -system, as well as files on remote systems running http, gopher, ftp, wais, -nntp, finger, or cso/ph/qi servers. Lynx can be used to access information on -the WWW, or to build information systems intended primarily for local -access.") - (home-page "http://lynx.isc.org/") - (license gpl2))) - -;;; lynx.scm ends here diff --git a/gnu/packages/man.scm b/gnu/packages/man.scm index 2cc685deed..8319a7e41b 100644 --- a/gnu/packages/man.scm +++ b/gnu/packages/man.scm @@ -30,7 +30,6 @@ #:use-module (gnu packages gawk) #:use-module (gnu packages groff) #:use-module (gnu packages less) - #:use-module (gnu packages lynx) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages linux)) diff --git a/gnu/packages/ocaml.scm b/gnu/packages/ocaml.scm index 0c21a74da6..e5e599358e 100644 --- a/gnu/packages/ocaml.scm +++ b/gnu/packages/ocaml.scm @@ -37,7 +37,6 @@ #:use-module (gnu packages gnome) #:use-module (gnu packages gtk) #:use-module (gnu packages libevent) - #:use-module (gnu packages lynx) #:use-module (gnu packages m4) #:use-module (gnu packages multiprecision) #:use-module (gnu packages ncurses) @@ -50,6 +49,7 @@ #:use-module (gnu packages time) #:use-module (gnu packages tls) #:use-module (gnu packages version-control) + #:use-module (gnu packages web-browsers) #:use-module (gnu packages xml) #:use-module (gnu packages xorg) #:use-module (guix build-system gnu) diff --git a/gnu/packages/web-browsers.scm b/gnu/packages/web-browsers.scm index 4cbd5fbe06..a10b1367ef 100644 --- a/gnu/packages/web-browsers.scm +++ b/gnu/packages/web-browsers.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 John Darrington +;;; Copyright © 2014 Mark H Weaver ;;; Copyright © 2015, 2016 Efraim Flashner ;;; Copyright © 2016 Kei Kebreau ;;; Copyright © 2017 Eric Bavier @@ -27,7 +28,10 @@ #:use-module (gnu packages documentation) #:use-module (gnu packages fltk) #:use-module (gnu packages fontutils) + #:use-module (gnu packages gnupg) #:use-module (gnu packages libevent) + #:use-module (gnu packages libidn) + #:use-module (gnu packages ncurses) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) @@ -35,6 +39,7 @@ #:use-module (gnu packages image) #:use-module (gnu packages tls) #:use-module (gnu packages xorg) + #:use-module (gnu packages zip) #:use-module (guix download) #:use-module (guix build-system gnu) #:use-module (guix build-system python)) @@ -121,6 +126,63 @@ features including, tables, builtin image display, bookmarks, SSL and more.") ;; linking of the program with openssl. (license license:gpl1+))) +(define-public lynx + (package + (name "lynx") + (version "2.8.9dev.11") + (source (origin + (method url-fetch) + (uri (string-append + "http://invisible-mirror.net/archives/lynx/tarballs" + "/lynx" version ".tar.bz2")) + (sha256 + (base32 + "1cqm1i7d209brkrpzaqqf2x951ra3l67dw8x9yg10vz7rpr9441a")))) + (build-system gnu-build-system) + (native-inputs `(("pkg-config" ,pkg-config) + ("perl" ,perl))) + (inputs `(("ncurses" ,ncurses) + ("libidn" ,libidn) + ("gnutls" ,gnutls) + ("libgcrypt" ,libgcrypt) + ("unzip" ,unzip) + ("zlib" ,zlib) + ("gzip" ,gzip) + ("bzip2" ,bzip2))) + (arguments + `(#:configure-flags + (let ((gnutls (assoc-ref %build-inputs "gnutls"))) + `("--with-pkg-config" + "--with-screen=ncurses" + "--with-zlib" + "--with-bzlib" + ,(string-append "--with-gnutls=" gnutls) + ;; "--with-socks5" ; XXX TODO + "--enable-widec" + "--enable-ascii-ctypes" + "--enable-local-docs" + "--enable-htmlized-cfg" + "--enable-gzip-help" + "--enable-nls" + "--enable-ipv6")) + #:tests? #f ; no check target + #:phases (alist-replace + 'install + (lambda* (#:key (make-flags '()) #:allow-other-keys) + (zero? (apply system* "make" "install-full" make-flags))) + %standard-phases))) + (synopsis "Text Web Browser") + (description + "Lynx is a fully-featured World Wide Web (WWW) client for users running +cursor-addressable, character-cell display devices. It will display Hypertext +Markup Language (HTML) documents containing links to files on the local +system, as well as files on remote systems running http, gopher, ftp, wais, +nntp, finger, or cso/ph/qi servers. Lynx can be used to access information on +the WWW, or to build information systems intended primarily for local +access.") + (home-page "http://lynx.isc.org/") + (license license:gpl2))) + (define-public qutebrowser (package (name "qutebrowser") -- cgit v1.2.3 From 8775fc10c61f493c9363ca288402f5f764b6d949 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 9 May 2017 13:02:12 -0400 Subject: gnu: lxterminal: Fix CVE-2016-10369. * gnu/packages/patches/lxterminal-CVE-2016-10369.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/lxde.scm (lxterminal)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/lxde.scm | 1 + .../patches/lxterminal-CVE-2016-10369.patch | 37 ++++++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 gnu/packages/patches/lxterminal-CVE-2016-10369.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index af37e67647..0d8daf766a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -790,6 +790,7 @@ dist_patch_DATA = \ %D%/packages/patches/luminance-hdr-qt-printer.patch \ %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/lxsession-use-gapplication.patch \ + %D%/packages/patches/lxterminal-CVE-2016-10369.patch \ %D%/packages/patches/lz4-fix-test-failures.patch \ %D%/packages/patches/make-impure-dirs.patch \ %D%/packages/patches/mars-install.patch \ diff --git a/gnu/packages/lxde.scm b/gnu/packages/lxde.scm index 1164ba8cbb..cc1156ae60 100644 --- a/gnu/packages/lxde.scm +++ b/gnu/packages/lxde.scm @@ -162,6 +162,7 @@ toolkit. It allows users to monitor and control of running processes.") (uri (string-append "mirror://sourceforge/lxde/LXTerminal" "%20%28terminal%20emulator%29/LXTerminal%20" version "/" name "-" version ".tar.xz")) + (patches (search-patches "lxterminal-CVE-2016-10369.patch")) (sha256 (base32 "1yf76s15zvfw0h42b0ay1slpq47khgjmcry8ki2z812zar9lchia")))) diff --git a/gnu/packages/patches/lxterminal-CVE-2016-10369.patch b/gnu/packages/patches/lxterminal-CVE-2016-10369.patch new file mode 100644 index 0000000000..809eef08da --- /dev/null +++ b/gnu/packages/patches/lxterminal-CVE-2016-10369.patch @@ -0,0 +1,37 @@ +Fix CVE-2016-10369: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10369 + +Patch copied from upstream source repository: + +https://git.lxde.org/gitweb/?p=lxde/lxterminal.git;a=commit;h=f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648 + +From f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648 Mon Sep 17 00:00:00 2001 +From: Yao Wei +Date: Mon, 8 May 2017 00:47:55 +0800 +Subject: [PATCH] fix: use g_get_user_runtime_dir for socket directory + +This bug is pointed out by stackexchange user that putting socket file in +/tmp is a potential risk. Putting the socket dir in user directory could +mitigate the risk. +--- + src/unixsocket.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/unixsocket.c b/src/unixsocket.c +index 4c660ac..f88284c 100644 +--- a/src/unixsocket.c ++++ b/src/unixsocket.c +@@ -140,7 +140,8 @@ gboolean lxterminal_socket_initialize(LXTermWindow * lxtermwin, gint argc, gchar + * This function returns TRUE if this process should keep running and FALSE if it should exit. */ + + /* Formulate the path for the Unix domain socket. */ +- gchar * socket_path = g_strdup_printf("/tmp/.lxterminal-socket%s-%s", gdk_display_get_name(gdk_display_get_default()), g_get_user_name()); ++ gchar * socket_path = g_strdup_printf("%s/.lxterminal-socket-%s", g_get_user_runtime_dir(), gdk_display_get_name(gdk_display_get_default())); ++ printf("%s\n", socket_path); + + /* Create socket. */ + int fd = socket(PF_UNIX, SOCK_STREAM, 0); +-- +2.1.4 + -- cgit v1.2.3 From ded5966585cc75da53ad7bfb266f9b861aa71ed3 Mon Sep 17 00:00:00 2001 From: Thomas Danckaert Date: Fri, 21 Apr 2017 15:54:20 +0200 Subject: gnu: Add cdrtools. * gnu/packages/cdrom.scm (cdrtools): New variable. * gnu/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/cdrom.scm | 59 ++- .../patches/cdrtools-3.01-mkisofs-isoinfo.patch | 514 +++++++++++++++++++++ 3 files changed, 573 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 0d8daf766a..33e1c775fd 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -517,6 +517,7 @@ dist_patch_DATA = \ %D%/packages/patches/calibre-drop-unrar.patch \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/cdparanoia-fpic.patch \ + %D%/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch \ %D%/packages/patches/ceph-disable-cpu-optimizations.patch \ %D%/packages/patches/ceph-disable-unittest-throttle.patch \ %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \ diff --git a/gnu/packages/cdrom.scm b/gnu/packages/cdrom.scm index 7e86753abe..c0ba337da1 100644 --- a/gnu/packages/cdrom.scm +++ b/gnu/packages/cdrom.scm @@ -26,7 +26,7 @@ (define-module (gnu packages cdrom) #:use-module (guix download) #:use-module (guix packages) - #:use-module ((guix licenses) #:select (lgpl2.1+ gpl2 gpl2+ gpl3+)) + #:use-module ((guix licenses) #:select (lgpl2.1+ gpl2 gpl2+ gpl3+ cddl1.0)) #:use-module (guix build-system cmake) #:use-module (guix build-system gnu) #:use-module (guix build-system glib-or-gtk) @@ -197,6 +197,63 @@ extra-robust data verification, synchronization, error handling and scratch reconstruction capability.") (license gpl2))) ; libraries under lgpl2.1 +(define-public cdrtools + (package + (name "cdrtools") + (version "3.01") + (source (origin + (method url-fetch) + (uri (string-append + "mirror://sourceforge/cdrtools/cdrtools-" version ".tar.bz2")) + (sha256 + (base32 + "03w6ypsmwwy4d7vh6zgwpc60v541vc5ywp8bdb758hbc4yv2wa7d")) + (patches (search-patches "cdrtools-3.01-mkisofs-isoinfo.patch")))) + (build-system gnu-build-system) + ;; XXX cdrtools bundles a modified, relicensed early version of cdparanoia. + (inputs + `(("linux-headers" ,linux-libre-headers))) + (arguments + `(#:phases + (modify-phases %standard-phases + (delete 'configure) + (add-before 'build 'set-linux-headers + (lambda _ + (substitute* "autoconf/configure" + (("/usr/src/linux") + (assoc-ref %build-inputs "linux-headers"))) + #t)) + (add-before 'build 'substitute-dirs + (lambda _ + (substitute* (append (find-files "DEFAULTS" "^Defaults\\.") + (find-files "DEFAULTS_ENG" "^Defaults\\.") + (find-files "TEMPLATES" "^Defaults\\.")) + (("/opt/schily") (assoc-ref %outputs "out"))) + #t)) + (replace 'build + (lambda _ + (zero? + (system* "make" "CONFIG_SHELL=sh" "CCOM=gcc" "RM=rm")))) + (replace 'install + (lambda _ + (zero? + (system* "make" + "RM=rm" "LN=ln" "SYMLINK=ln -s" + (string-append "INS_BASE=" (assoc-ref %outputs "out")) + (string-append "INS_RBASE=" (assoc-ref %outputs "out")) + "install" ))))) + #:tests? #f)) ; no tests + (synopsis "Command line utilities to manipulate and burn CD/DVD/BD images") + (description "cdrtools is a collection of command line utilities to create +CD's, DVD's or Blue Ray discs. The most important components are +@command{cdrecord}, a burning program, @command{cdda2wav}, a CD audio ripper +which uses libparanoia, and @command{mkisofs}, which can create various disc +images.") + (home-page "http://cdrtools.sourceforge.net/private/cdrecord.html") + + ;; mkisofs is GPL, the other programs are CDDL. + (license (list cddl1.0 gpl2)))) + (define-public dvdisaster (package (name "dvdisaster") diff --git a/gnu/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch b/gnu/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch new file mode 100644 index 0000000000..9c817d4198 --- /dev/null +++ b/gnu/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch @@ -0,0 +1,514 @@ +Patch for version 3.01, taken from upstream at +https://sourceforge.net/projects/cdrtools/files/cdrtools-3.01-fix-20151126-mkisofs-isoinfo.patch + +--- cdrtools-3.01.orig/mkisofs/diag/isoinfo.c 2015-07-22 20:36:45.000000000 +0000 ++++ cdrtools-3.01/mkisofs/diag/isoinfo.c 2015-11-17 19:35:40.000000000 +0000 +@@ -1,8 +1,8 @@ +-/* @(#)isoinfo.c 1.95 15/07/22 joerg */ ++/* @(#)isoinfo.c 1.100 15/11/17 joerg */ + #include + #ifndef lint + static UConst char sccsid[] = +- "@(#)isoinfo.c 1.95 15/07/22 joerg"; ++ "@(#)isoinfo.c 1.100 15/11/17 joerg"; + #endif + /* + * File isodump.c - dump iso9660 directory information. +@@ -148,8 +148,10 @@ LOCAL char er_id[256]; + LOCAL int su_version = 0; + LOCAL int rr_version = 0; + LOCAL int aa_version = 0; ++LOCAL int cl_extent = 0; + LOCAL int ucs_level = 0; + LOCAL BOOL iso9660_inodes = FALSE; ++LOCAL uid_t myuid; + + #ifdef USE_FIND + LOCAL findn_t *find_node; /* syntaxtree from find_parse() */ +@@ -208,6 +210,9 @@ LOCAL void extract __PR((char *rootname + LOCAL void extract_file __PR((int f, + struct iso_directory_record * idr, + char *fname)); ++LOCAL void parse_cl_dir __PR((struct iso_directory_record *idr, ++ int extent)); ++LOCAL BOOL parse_de __PR((struct iso_directory_record *idr)); + LOCAL void parse_dir __PR((char * rootname, int extent, int len)); + LOCAL void usage __PR((int excode)); + EXPORT int main __PR((int argc, char *argv[])); +@@ -459,7 +464,6 @@ parse_rr(pnt, len, cont_flag) + int slen; + int xlen; + int ncount; +- int cl_extent; + int pl_extent; + int cont_extent, cont_offset, cont_size; + int flag1, flag2; +@@ -469,7 +473,7 @@ parse_rr(pnt, len, cont_flag) + + symlinkname[0] = 0; + +- cont_extent = cont_offset = cont_size = 0; ++ cl_extent = cont_extent = cont_offset = cont_size = 0; + + ncount = 0; + flag1 = -1; +@@ -714,6 +718,7 @@ struct todo + }; + + LOCAL struct todo *todo_idr = NULL; ++LOCAL struct todo **todo_pp = &todo_idr; + + LOCAL char *months[12] = {"Jan", "Feb", "Mar", "Apr", + "May", "Jun", "Jul", +@@ -962,8 +967,14 @@ static BOOL isfirst = TRUE; + close(f); + return; + setmode: +- fchmodat(AT_FDCWD, fname, fstat_buf.st_mode, AT_SYMLINK_NOFOLLOW); + fchownat(AT_FDCWD, fname, fstat_buf.st_uid, fstat_buf.st_gid, AT_SYMLINK_NOFOLLOW); ++ if (myuid != 0 && S_ISDIR(fstat_buf.st_mode)) { ++ /* ++ * Temporary hack until we have a dirstack like star. ++ */ ++ fstat_buf.st_mode |= S_IWUSR; ++ } ++ fchmodat(AT_FDCWD, fname, fstat_buf.st_mode, AT_SYMLINK_NOFOLLOW); + times[0].tv_sec = fstat_buf.st_atime; + times[0].tv_nsec = stat_ansecs(&fstat_buf); + times[1].tv_sec = fstat_buf.st_mtime; +@@ -1001,6 +1012,143 @@ extract_file(f, idr, fname) + } + } + ++ ++LOCAL void ++parse_cl_dir(idr, extent) ++ struct iso_directory_record *idr; ++ int extent; ++{ ++ char cl_name_buf[256*3]; ++ ++ strlcpy(cl_name_buf, name_buf, sizeof (cl_name_buf)); ++#ifdef USE_SCG ++ readsecs(extent - sector_offset, idr, 1); ++#else ++ lseek(fileno(infile), ((off_t)(extent - sector_offset)) << 11, SEEK_SET); ++ read(fileno(infile), idr, 2048); ++#endif ++ ++ if (parse_de(idr) && use_rock) ++ dump_rr(idr); ++ strlcpy(name_buf, cl_name_buf, sizeof (name_buf)); ++} ++ ++LOCAL BOOL ++parse_de(idr) ++ struct iso_directory_record *idr; ++{ ++ unsigned char uc; ++ ++ if (idr->length[0] == 0) ++ return (FALSE); ++ memset(&fstat_buf, 0, sizeof (fstat_buf)); ++ found_rr = 0; ++ name_buf[0] = xname[0] = 0; ++ fstat_buf.st_size = (off_t)(unsigned)isonum_733((unsigned char *)idr->size); ++ if (idr->flags[0] & 2) ++ fstat_buf.st_mode |= S_IFDIR; ++ else ++ fstat_buf.st_mode |= S_IFREG; ++ if (idr->name_len[0] == 1 && idr->name[0] == 0) ++ strcpy(name_buf, "."); ++ else if (idr->name_len[0] == 1 && idr->name[0] == 1) ++ strcpy(name_buf, ".."); ++ else { ++ switch (ucs_level) { ++ case 3: ++ case 2: ++ case 1: ++ /* ++ * Unicode name. Convert as best we can. ++ */ ++ { ++ int j; ++ name_buf[0] = '\0'; ++#ifdef USE_ICONV ++ if (use_iconv(unls)) { ++ int u; ++ char *to = name_buf; ++ ++ for (j = 0, u = 0; j < (int)idr->name_len[0] / 2; j++) { ++ char *ibuf = (char *)&idr->name[j*2]; ++ size_t isize = 2; /* UCS-2 character size */ ++ size_t osize = 4; ++ ++ if (iconv(unls->sic_uni2cd, (__IC_CONST char **)&ibuf, &isize, ++ (char **)&to, &osize) == -1) { ++ int err = geterrno(); ++ ++ if ((err == EINVAL || err == EILSEQ) && ++ osize == 4) { ++ *to = '_'; ++ u += 1; ++ to++; ++ } ++ } else { ++ u += 4 - osize; ++ to = &name_buf[u]; ++ } ++ } ++ j = u; ++ } else ++#endif ++ for (j = 0; j < (int)idr->name_len[0] / 2; j++) { ++ UInt16_t unichar; ++ ++ unichar = (idr->name[j*2] & 0xFF) * 256 + ++ (idr->name[j*2+1] & 0xFF); ++ ++ /* ++ * Get the backconverted char ++ */ ++ if (unls) ++ uc = sic_uni2c(unls, unichar); ++ else ++ uc = unichar > 255 ? '_' : unichar; ++ ++ name_buf[j] = uc ? uc : '_'; ++ } ++ name_buf[j] = '\0'; ++ } ++ break; ++ case 0: ++ /* ++ * Normal non-Unicode name. ++ */ ++ strncpy(name_buf, idr->name, idr->name_len[0]); ++ name_buf[idr->name_len[0]] = 0; ++ break; ++ default: ++ /* ++ * Don't know how to do these yet. Maybe they are the same ++ * as one of the above. ++ */ ++ exit(1); ++ } ++ } ++ memcpy(date_buf, idr->date, 9); ++ /* ++ * Always first set up time stamps and file modes from ++ * ISO-9660. This is used as a fallback in case that ++ * there is no related Rock Ridge based data. ++ */ ++ fstat_buf.st_atime = ++ fstat_buf.st_mtime = ++ fstat_buf.st_ctime = iso9660_time(date_buf, NULL, FALSE); ++ fstat_buf.st_mode |= S_IRUSR|S_IXUSR | ++ S_IRGRP|S_IXGRP | ++ S_IROTH|S_IXOTH; ++ fstat_buf.st_nlink = 1; ++ fstat_buf.st_ino = 0; ++ fstat_buf.st_uid = 0; ++ fstat_buf.st_gid = 0; ++ if (iso9660_inodes) { ++ fstat_buf.st_ino = (unsigned long) ++ isonum_733((unsigned char *)idr->extent); ++ } ++ return (TRUE); ++} ++ + LOCAL void + parse_dir(rootname, extent, len) + char *rootname; +@@ -1012,12 +1160,13 @@ parse_dir(rootname, extent, len) + struct iso_directory_record * idr; + struct iso_directory_record didr; + struct stat dstat; +- unsigned char uc; ++ unsigned char cl_buffer[2048]; + unsigned char flags = 0; + Llong size = 0; + int sextent = 0; + int rlen; + int blen; ++ int rr_flags = 0; + static char *n = 0; + static int nlen = 0; + +@@ -1039,115 +1188,23 @@ static int nlen = 0; + i = 0; + while (1 == 1) { + idr = (struct iso_directory_record *) &buffer[i]; +- if (idr->length[0] == 0) break; +- memset(&fstat_buf, 0, sizeof (fstat_buf)); +- found_rr = 0; +- name_buf[0] = xname[0] = 0; +- fstat_buf.st_size = (off_t)(unsigned)isonum_733((unsigned char *)idr->size); +- if (idr->flags[0] & 2) +- fstat_buf.st_mode |= S_IFDIR; +- else +- fstat_buf.st_mode |= S_IFREG; +- if (idr->name_len[0] == 1 && idr->name[0] == 0) +- strcpy(name_buf, "."); +- else if (idr->name_len[0] == 1 && idr->name[0] == 1) +- strcpy(name_buf, ".."); +- else { +- switch (ucs_level) { +- case 3: +- case 2: +- case 1: +- /* +- * Unicode name. Convert as best we can. +- */ +- { +- int j; +- +- name_buf[0] = '\0'; +-#ifdef USE_ICONV +- if (use_iconv(unls)) { +- int u; +- char *to = name_buf; +- +- for (j = 0, u = 0; j < (int)idr->name_len[0] / 2; j++) { +- char *ibuf = (char *)&idr->name[j*2]; +- size_t isize = 2; /* UCS-2 character size */ +- size_t osize = 4; +- +- if (iconv(unls->sic_uni2cd, (__IC_CONST char **)&ibuf, &isize, +- (char **)&to, &osize) == -1) { +- int err = geterrno(); +- +- if ((err == EINVAL || err == EILSEQ) && +- osize == 4) { +- *to = '_'; +- u += 1; +- to++; +- } +- } else { +- u += 4 - osize; +- to = &name_buf[u]; +- } +- } +- j = u; +- } else +-#endif +- for (j = 0; j < (int)idr->name_len[0] / 2; j++) { +- UInt16_t unichar; +- +- unichar = (idr->name[j*2] & 0xFF) * 256 + +- (idr->name[j*2+1] & 0xFF); +- +- /* +- * Get the backconverted char +- */ +- if (unls) +- uc = sic_uni2c(unls, unichar); +- else +- uc = unichar > 255 ? '_' : unichar; ++ if (idr->length[0] == 0) ++ break; ++ parse_de(idr); ++ if (use_rock) { ++ rr_flags = dump_rr(idr); + +- name_buf[j] = uc ? uc : '_'; +- } +- name_buf[j] = '\0'; +- } +- break; +- case 0: ++ if (rr_flags & RR_FLAG_CL) { + /* +- * Normal non-Unicode name. ++ * Need to reparse the child link ++ * but note that we parse "CL/." ++ * so we get no usable file name. + */ +- strncpy(name_buf, idr->name, idr->name_len[0]); +- name_buf[idr->name_len[0]] = 0; +- break; +- default: +- /* +- * Don't know how to do these yet. Maybe they are the same +- * as one of the above. +- */ +- exit(1); +- } ++ idr = (struct iso_directory_record *) cl_buffer; ++ parse_cl_dir(idr, cl_extent); ++ } else if (rr_flags & RR_FLAG_RE) ++ goto cont; /* skip rr_moved */ + } +- memcpy(date_buf, idr->date, 9); +- /* +- * Always first set up time stamps and file modes from +- * ISO-9660. This is used as a fallback in case that +- * there is no related Rock Ridge based data. +- */ +- fstat_buf.st_atime = +- fstat_buf.st_mtime = +- fstat_buf.st_ctime = iso9660_time(date_buf, NULL, FALSE); +- fstat_buf.st_mode |= S_IRUSR|S_IXUSR | +- S_IRGRP|S_IXGRP | +- S_IROTH|S_IXOTH; +- fstat_buf.st_nlink = 1; +- fstat_buf.st_ino = 0; +- fstat_buf.st_uid = 0; +- fstat_buf.st_gid = 0; +- if (iso9660_inodes) { +- fstat_buf.st_ino = (unsigned long) +- isonum_733((unsigned char *)idr->extent); +- } +- if (use_rock) +- dump_rr(idr); + if (Xtract && + (idr->flags[0] & 2) != 0 && + idr->name_len[0] == 1 && +@@ -1170,30 +1227,30 @@ static int nlen = 0; + n[rlen] = '\0'; + + if ((idr->flags[0] & 2) != 0 && +- (idr->name_len[0] != 1 || ++ ((rr_flags & RR_FLAG_CL) || ++ idr->name_len[0] != 1 || + (idr->name[0] != 0 && idr->name[0] != 1))) { + /* + * This is a plain directory (neither "xxx/." + * nor "xxx/.."). + * Add this directory to the todo list. + */ +- td = todo_idr; +- if (td != NULL) { +- while (td->next != NULL) +- td = td->next; +- td->next = (struct todo *) malloc(sizeof (*td)); +- td = td->next; +- } else { +- todo_idr = td = (struct todo *) malloc(sizeof (*td)); +- } ++ td = (struct todo *) malloc(sizeof (*td)); ++ if (td == NULL) ++ comerr(_("No memory.\n")); + td->next = NULL; + td->extent = isonum_733((unsigned char *)idr->extent); + td->length = isonum_733((unsigned char *)idr->size); + td->name = (char *) malloc(strlen(rootname) + + strlen(name_buf) + 2); ++ if (td->name == NULL) ++ comerr(_("No memory.\n")); + strcpy(td->name, rootname); + strcat(td->name, name_buf); + strcat(td->name, "/"); ++ ++ *todo_pp = td; ++ todo_pp = &td->next; + } else { + if (xtract && strcmp(xtract, n) == 0) { + extract_file(STDOUT_FILENO, idr, "stdout"); +@@ -1253,6 +1310,7 @@ static int nlen = 0; + if ((idr->flags[0] & ISO_MULTIEXTENT) == 0) + size = 0; + } ++ cont: + i += buffer[i]; + if (i > 2048 - offsetof(struct iso_directory_record, name[0])) break; + } +@@ -1381,12 +1439,13 @@ main(argc, argv) + usage(0); + if (prvers) { + printf(_("isoinfo %s (%s-%s-%s) Copyright (C) 1993-1999 %s (C) 1999-2015 %s\n"), +- VERSION, ++ "3.02a02", + HOST_CPU, HOST_VENDOR, HOST_OS, + _("Eric Youngdale"), + _("Joerg Schilling")); + exit(0); + } ++ myuid = getuid(); + #ifdef USE_FIND + if (do_find) { + finda_t fa; +--- cdrtools-3.01.orig/mkisofs/udf.c 2013-04-24 20:45:18.000000000 +0000 ++++ cdrtools-3.01/mkisofs/udf.c 2015-11-25 22:07:30.000000000 +0000 +@@ -1,15 +1,15 @@ +-/* @(#)udf.c 1.42 13/04/24 Copyright 2001-2013 J. Schilling */ ++/* @(#)udf.c 1.43 15/11/25 Copyright 2001-2015 J. Schilling */ + #include + #ifndef lint + static UConst char sccsid[] = +- "@(#)udf.c 1.42 13/04/24 Copyright 2001-2013 J. Schilling"; ++ "@(#)udf.c 1.43 15/11/25 Copyright 2001-2015 J. Schilling"; + #endif + /* + * udf.c - UDF support for mkisofs + * + * Written by Ben Rudiak-Gould (2001). + * +- * Copyright 2001-2013 J. Schilling. ++ * Copyright 2001-2015 J. Schilling. + */ + /* + * This program is free software; you can redistribute it and/or modify +@@ -98,7 +98,7 @@ static UConst char sccsid[] = + extern int use_sparcboot; + + extern struct directory *root; +-extern time_t begun; ++extern struct timeval tv_begun; + + static unsigned lba_main_seq; + static unsigned lba_main_seq_copy; +@@ -110,7 +110,7 @@ static unsigned lba_end_anchor_vol_desc; + static unsigned num_udf_files; + static unsigned num_udf_directories; + +-static unsigned volume_set_id[2]; ++static unsigned volume_set_id[2] = { 0, 0 }; + + #define UDF_MAIN_SEQ_LENGTH (16) + #define UDF_INTEG_SEQ_LENGTH (2) +@@ -723,7 +723,7 @@ set_primary_vol_desc(buf, lba) + /*pvd->volume_abstract;*/ + /*pvd->volume_copyright_notice;*/ + /*pvd->application_ident;*/ +- set_timestamp_from_time_t(&pvd->recording_date_and_time, begun); ++ set_timestamp_from_time_t(&pvd->recording_date_and_time, tv_begun.tv_sec); + set_impl_ident(&pvd->impl_ident); + set_tag(&pvd->desc_tag, UDF_TAGID_PRIMARY_VOLUME_DESC, lba, 512); + } +@@ -831,7 +831,7 @@ set_logical_vol_integrity_desc(buf, lba) + udf_logical_volume_integrity_desc *lvid = + (udf_logical_volume_integrity_desc *)buf; + +- set_timestamp_from_time_t(&lvid->recording_date, begun); ++ set_timestamp_from_time_t(&lvid->recording_date, tv_begun.tv_sec); + set32(&lvid->integrity_type, UDF_INTEGRITY_TYPE_CLOSE); + /*lvid->next_integrity_extent;*/ + set64(&lvid->logical_volume_contents_use.unique_id, +@@ -859,7 +859,7 @@ set_file_set_desc(buf, rba) + { + udf_file_set_desc *fsd = (udf_file_set_desc *)buf; + +- set_timestamp_from_time_t(&fsd->recording_date_and_time, begun); ++ set_timestamp_from_time_t(&fsd->recording_date_and_time, tv_begun.tv_sec); + set16(&fsd->interchange_level, 3); + set16(&fsd->maximum_interchange_level, 3); + set32(&fsd->character_set_list, 1); +@@ -1986,8 +1986,10 @@ udf_main_seq_write(out) + * volume_set_id needs to be set to a (64-bit) "unique" number. + * This will have to do for now. + */ +- volume_set_id[0] = begun; +- volume_set_id[1] = (unsigned)clock(); /* XXX Maybe non-portable */ ++ if (volume_set_id[0] == 0) { ++ volume_set_id[0] = tv_begun.tv_sec; ++ volume_set_id[1] = (unsigned)tv_begun.tv_usec; ++ } + + memset(buf, 0, sizeof (buf)); + set_primary_vol_desc(buf, last_extent_written++); +--- cdrtools-3.01.orig/mkisofs/mkisofs.c 2015-01-01 14:19:51.000000000 +0000 ++++ cdrtools-3.01/mkisofs/mkisofs.c +@@ -69 +69 @@ int path_ind; +-char version_string[] = VERSION; ++char version_string[] = "3.01-fix-20151126"; -- cgit v1.2.3 From 76e98457347207459417f46c2f542b6a9f03fb7f Mon Sep 17 00:00:00 2001 From: Thomas Danckaert Date: Thu, 20 Apr 2017 17:58:24 +0200 Subject: gnu: Add dvd+rw-tools. * gnu/packages/cdrom.scm (dvd+rw-tools): New variable. * gnu/packages/patches/dvd+rw-tools-add-include.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/cdrom.scm | 43 ++++++++++++++++++++++ .../patches/dvd+rw-tools-add-include.patch | 14 +++++++ 3 files changed, 58 insertions(+) create mode 100644 gnu/packages/patches/dvd+rw-tools-add-include.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 33e1c775fd..e7c670793c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -552,6 +552,7 @@ dist_patch_DATA = \ %D%/packages/patches/doc++-include-directives.patch \ %D%/packages/patches/doc++-segfault-fix.patch \ %D%/packages/patches/doxygen-test.patch \ + %D%/packages/patches/dvd+rw-tools-add-include.patch \ %D%/packages/patches/elfutils-tests-ptrace.patch \ %D%/packages/patches/elixir-disable-failing-tests.patch \ %D%/packages/patches/einstein-build.patch \ diff --git a/gnu/packages/cdrom.scm b/gnu/packages/cdrom.scm index c0ba337da1..759375e45d 100644 --- a/gnu/packages/cdrom.scm +++ b/gnu/packages/cdrom.scm @@ -7,6 +7,7 @@ ;;; Copyright © 2016 Alex Kost ;;; Copyright © 2016 Marius Bakke ;;; Copyright © 2017 John Darrington +;;; Copyright © 2017 Thomas Danckaert ;;; ;;; This file is part of GNU Guix. ;;; @@ -41,6 +42,7 @@ #:use-module (gnu packages gtk) #:use-module (gnu packages glib) #:use-module (gnu packages man) + #:use-module (gnu packages m4) #:use-module (gnu packages mp3) #:use-module (gnu packages ncurses) #:use-module (gnu packages elf) @@ -254,6 +256,47 @@ images.") ;; mkisofs is GPL, the other programs are CDDL. (license (list cddl1.0 gpl2)))) +(define-public dvd+rw-tools + (package + (name "dvd+rw-tools") + (version "7.1") + (source (origin + (method url-fetch) + (uri (string-append + "http://fy.chalmers.se/~appro/linux/DVD+RW/tools/dvd+rw-tools-" + version ".tar.gz")) + (sha256 + (base32 + "1jkjvvnjcyxpql97xjjx0kwvy70kxpiznr2zpjy2hhci5s10zmpq")) + (patches (search-patches "dvd+rw-tools-add-include.patch")))) + (build-system gnu-build-system) + (inputs + `(("cdrtools" ,cdrtools))) + (native-inputs + `(("m4" ,m4))) + (arguments + `(#:tests? #f ; No tests. + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda _ (setenv "prefix" (assoc-ref %outputs "out")) #t)) + (add-before 'build 'embed-mkisofs + (lambda* (#:key inputs #:allow-other-keys) + ;; We use sed --in-place because substitute* cannot handle the + ;; character encoding used by growisofs.c. + (zero? (system* "sed" "-i" "-e" + (string-append + "s,\"mkisofs\"," + "\"" (which "mkisofs") "\",") + "growisofs.c"))))))) + (home-page "http://fy.chalmers.se/~appro/linux/DVD+RW/") + (synopsis "DVD and Blu-ray Disc burning tools") + (description "dvd+rw-tools, mostly known for its command +@command{growisofs}, is a collection of DVD and Blu-ray Disc burning tools. +It requires another program, such as @command{mkisofs}, @command{genisoimage}, +or @command{xorrisofs} to create ISO 9660 images.") + (license gpl2))) + (define-public dvdisaster (package (name "dvdisaster") diff --git a/gnu/packages/patches/dvd+rw-tools-add-include.patch b/gnu/packages/patches/dvd+rw-tools-add-include.patch new file mode 100644 index 0000000000..800f8f30ba --- /dev/null +++ b/gnu/packages/patches/dvd+rw-tools-add-include.patch @@ -0,0 +1,14 @@ +Without , INT_MAX is not defined. + +diff --git a/transport.hxx b/transport.hxx +index 35a57a7..838add6 100644 +--- a/transport.hxx ++++ b/transport.hxx +@@ -11,6 +11,7 @@ + #include + #include + #include ++#include + #include + #include + #include -- cgit v1.2.3 From 62b28c0e7b4b20e22c24cd5ba09ce439b73dd236 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Thu, 11 May 2017 17:48:58 +0200 Subject: gnu: Add PRoot. * gnu/packages/linux.scm (proot): New variable. * gnu/packages/patches/proot-test-fhs.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 103 ++++++++++++++++++++++++++++++ gnu/packages/patches/proot-test-fhs.patch | 98 ++++++++++++++++++++++++++++ 3 files changed, 202 insertions(+) create mode 100644 gnu/packages/patches/proot-test-fhs.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index e7c670793c..5c48e1ba46 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -894,6 +894,7 @@ dist_patch_DATA = \ %D%/packages/patches/portmidi-modular-build.patch \ %D%/packages/patches/procmail-ambiguous-getline-debian.patch \ %D%/packages/patches/procmail-CVE-2014-3618.patch \ + %D%/packages/patches/proot-test-fhs.patch \ %D%/packages/patches/pt-scotch-build-parallelism.patch \ %D%/packages/patches/pulseaudio-fix-mult-test.patch \ %D%/packages/patches/pulseaudio-longer-test-timeout.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 61aaf53329..94464d592a 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -80,6 +80,7 @@ #:use-module (gnu packages python) #:use-module (gnu packages readline) #:use-module (gnu packages rrdtool) + #:use-module (gnu packages samba) #:use-module (gnu packages slang) #:use-module (gnu packages storage) #:use-module (gnu packages texinfo) @@ -3782,3 +3783,105 @@ programming interface to the in-kernel nf_tables subsystem. The library libnftnl has been previously known as libnftables. This library is currently used by nftables.") (license license:gpl2+))) + +(define-public proot + (package + (name "proot") + (version "5.1.0") + (home-page "https://github.com/proot-me/PRoot") + (source (origin + (method url-fetch) + (uri (string-append home-page "/archive/v" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "11h30i83vdhc3khlj6hrh3a21sbmmz8nhfv09vkf6b9bcs1biz2h")) + (patches (search-patches "proot-test-fhs.patch")))) + (build-system gnu-build-system) + (arguments + '(#:make-flags '("-C" "src") + + #:phases (modify-phases %standard-phases + (delete 'configure) + (add-before 'build 'set-shell-file-name + (lambda* (#:key inputs #:allow-other-keys) + (substitute* (find-files "src" "\\.[ch]$") + (("\"/bin/sh\"") + (string-append "\"" + (assoc-ref inputs "bash") + "/bin/sh\""))) + #t)) + (add-before 'check 'fix-fhs-assumptions-in-tests + (lambda _ + (substitute* "tests/test-c6b77b77.mk" + (("/bin/bash") (which "bash")) + (("/usr/bin/test") (which "test"))) + (substitute* '("tests/test-16573e73.c") + (("/bin/([a-z-]+)" _ program) + (which program))) + + (substitute* (find-files "tests" "\\.sh$") + ;; Some of the tests try to "bind-mount" /bin/true. + (("-b /bin/true:") + (string-append "-b " (which "true") ":")) + ;; Likewise for /bin. + (("-b /bin:") "-b /gnu:") + ;; Others try to run /bin/sh. + (("/bin/sh") (which "sh")) + ;; Others assume /etc/fstab exists. + (("/etc/fstab") "/etc/passwd")) + + (substitute* "tests/GNUmakefile" + (("-b /bin:") "-b /gnu:")) + + ;; XXX: This test fails in an obscure corner case, just + ;; skip it. + (delete-file "tests/test-kkkkkkkk.c") + + #t)) + (replace 'check + (lambda _ + (let ((n (parallel-job-count))) + ;; For some reason we get lots of segfaults with + ;; seccomp support (x86_64, Linux-libre 4.11.0). + (setenv "PROOT_NO_SECCOMP" "1") + + ;; Most of the tests expect "/bin" to be in $PATH so + ;; they can run things that live in $ROOTFS/bin. + (setenv "PATH" + (string-append (getenv "PATH") ":/bin")) + + (zero? (system* "make" "check" "-C" "tests" + ;;"V=1" + "-j" (number->string n)))))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + ;; The 'install' rule does nearly nothing. + (let ((out (assoc-ref outputs "out"))) + (and (zero? + ;; TODO: 'make install-care' (does not even + ;; build currently.) + (system* "make" "-C" "src" "install" + (string-append "PREFIX=" out))) + (begin + (install-file "doc/proot/man.1" + (string-append out "/share" + "/man/man1")) + #t)))))))) + (native-inputs `(("which" ,which) + + ;; For 'mcookie', used by some of the tests. + ("util-linux" ,util-linux))) + (inputs `(("talloc" ,talloc))) + (synopsis "Unprivileged chroot, bind mount, and binfmt_misc") + (description + "PRoot is a user-space implementation of @code{chroot}, @code{mount --bind}, +and @code{binfmt_misc}. This means that users don't need any privileges or +setup to do things like using an arbitrary directory as the new root +filesystem, making files accessible somewhere else in the file system +hierarchy, or executing programs built for another CPU architecture +transparently through QEMU user-mode. Also, developers can use PRoot as a +generic process instrumentation engine thanks to its extension mechanism. +Technically PRoot relies on @code{ptrace}, an unprivileged system-call +available in the kernel Linux.") + (license license:gpl2+))) diff --git a/gnu/packages/patches/proot-test-fhs.patch b/gnu/packages/patches/proot-test-fhs.patch new file mode 100644 index 0000000000..d3896addd6 --- /dev/null +++ b/gnu/packages/patches/proot-test-fhs.patch @@ -0,0 +1,98 @@ +The test suite of PRoot makes many FHS assumptions, such as assuming +that /bin, /bin/true, and /usr exist. This patch fixes these assumptions. + +--- source/tests/GNUmakefile 2017-05-11 15:26:36.899115484 +0200 ++++ source/tests/GNUmakefile 2017-05-11 15:26:46.143063166 +0200 +@@ -121,7 +121,7 @@ $(ROOTFS_DIR): + setup: $(ROOTFS_BIN) + + $(ROOTFS)/bin/abs-true: +- @ln -fs /bin/true $@ ++ @ln -fs `which true` $@ + + $(ROOTFS)/bin/rel-true: + @ln -fs ./true $@ + +--- source/tests/test-d2175fc3.sh 2017-05-11 15:36:53.727617010 +0200 ++++ source/tests/test-d2175fc3.sh 2017-05-11 15:37:10.155523637 +0200 +@@ -2,8 +2,8 @@ if [ ! -x ${ROOTFS}/bin/readlink ] || [ + exit 125; + fi + +-${PROOT} -r ${ROOTFS} /bin/readlink /bin/abs-true | grep '^/bin/true$' ++${PROOT} -r ${ROOTFS} /bin/readlink /bin/abs-true | grep "`which true`" + ${PROOT} -r ${ROOTFS} /bin/readlink /bin/rel-true | grep '^\./true$' + +-${PROOT} -b /:/host-rootfs -r ${ROOTFS} /bin/readlink /bin/abs-true | grep '^/bin/true$' ++${PROOT} -b /:/host-rootfs -r ${ROOTFS} /bin/readlink /bin/abs-true | grep "`which true`" + ${PROOT} -b /:/host-rootfs -r ${ROOTFS} /bin/readlink /bin/rel-true | grep '^./true$' + +--- source/tests/test-d1be631a.sh 2017-05-11 15:41:36.458008715 +0200 ++++ source/tests/test-d1be631a.sh 2017-05-11 15:41:38.921994686 +0200 +@@ -1,4 +1,4 @@ +-if [ -z `which mknod`] || [ `id -u` -eq 0 ]; then ++if [ -z `which mknod` ] || [ `id -u` -eq 0 ]; then + exit 125; + fi + +--- source/tests/test-5bed7141.c 2017-05-11 15:34:23.088472743 +0200 ++++ source/tests/test-5bed7141.c 2017-05-11 15:34:27.052450235 +0200 +@@ -80,7 +80,7 @@ int main(int argc, char *argv[]) + exit(EXIT_FAILURE); + + case 0: /* child */ +- status = chdir("/usr"); ++ status = chdir("/gnu"); + if (status < 0) { + perror("chdir"); + exit(EXIT_FAILURE); + +--- a/tests/test-092c5e26.sh ++++ b/tests/test-092c5e26.sh +@@ -24,7 +24,7 @@ fi + + unset LD_LIBRARY_PATH + +-env PROOT_FORCE_FOREIGN_BINARY=1 PATH=/tmp:/bin:/usr/bin ${PROOT} -r ${ROOTFS} -q echo ${TMP} | grep "^-U LD_LIBRARY_PATH ${EXTRA}-0 /bin/argv0 /bin/argv0 ${TMP_ABS}$" ++env PROOT_FORCE_FOREIGN_BINARY=1 PATH=/tmp:/bin:/usr/bin:$(dirname $(which echo)) ${PROOT} -r ${ROOTFS} -q echo ${TMP} | grep "^-U LD_LIBRARY_PATH ${EXTRA}-0 /bin/argv0 /bin/argv0 ${TMP_ABS}$" + env PROOT_FORCE_FOREIGN_BINARY=1 ${PROOT} -r ${ROOTFS} -q echo ${TMP_ABS} | grep "^-U LD_LIBRARY_PATH ${EXTRA}-0 /bin/argv0 /bin/argv0 ${TMP_ABS}$" + + cat > ${ROOTFS}/${TMP_ABS} < Date: Fri, 12 May 2017 00:32:41 +0200 Subject: gnu: miniupnpc: Fix CVE-2017-8798. * gnu/packages/patches/miniupnpc-CVE-2017-8798.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/upnp.scm (miniupnpc)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/miniupnpc-CVE-2017-8798.patch | 55 ++++++++++++++++++++++ gnu/packages/upnp.scm | 1 + 3 files changed, 57 insertions(+) create mode 100644 gnu/packages/patches/miniupnpc-CVE-2017-8798.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5c48e1ba46..b7800a4205 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -807,6 +807,7 @@ dist_patch_DATA = \ %D%/packages/patches/mesa-wayland-egl-symbols-check-mips.patch \ %D%/packages/patches/metabat-remove-compilation-date.patch \ %D%/packages/patches/mhash-keygen-test-segfault.patch \ + %D%/packages/patches/miniupnpc-CVE-2017-8798.patch \ %D%/packages/patches/mingw-w64-5.0rc2-gcc-4.9.3.patch \ %D%/packages/patches/mpc123-initialize-ao.patch \ %D%/packages/patches/module-init-tools-moduledir.patch \ diff --git a/gnu/packages/patches/miniupnpc-CVE-2017-8798.patch b/gnu/packages/patches/miniupnpc-CVE-2017-8798.patch new file mode 100644 index 0000000000..24eed60af9 --- /dev/null +++ b/gnu/packages/patches/miniupnpc-CVE-2017-8798.patch @@ -0,0 +1,55 @@ +Fix CVE-2017-8798. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8798 +http://seclists.org/oss-sec/2017/q2/247 + +Patch copied from upstream source repository, with Changelog entry removed: + +https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229 + +diff --git a/miniwget.c b/miniwget.c +index 37cb47b..1eda57c 100644 +--- a/miniwget.c ++++ b/miniwget.c +@@ -284,11 +284,12 @@ getHTTPResponse(int s, int * size, int * status_code) + goto end_of_stream; + } + } +- bytestocopy = ((int)chunksize < (n - i))?chunksize:(unsigned int)(n - i); ++ /* it is guaranteed that (n >= i) */ ++ bytestocopy = (chunksize < (unsigned int)(n - i))?chunksize:(unsigned int)(n - i); + if((content_buf_used + bytestocopy) > content_buf_len) + { + char * tmp; +- if(content_length >= (int)(content_buf_used + bytestocopy)) { ++ if((content_length >= 0) && ((unsigned int)content_length >= (content_buf_used + bytestocopy))) { + content_buf_len = content_length; + } else { + content_buf_len = content_buf_used + bytestocopy; +@@ -313,14 +314,15 @@ getHTTPResponse(int s, int * size, int * status_code) + { + /* not chunked */ + if(content_length > 0 +- && (int)(content_buf_used + n) > content_length) { ++ && (content_buf_used + n) > (unsigned int)content_length) { + /* skipping additional bytes */ + n = content_length - content_buf_used; + } + if(content_buf_used + n > content_buf_len) + { + char * tmp; +- if(content_length >= (int)(content_buf_used + n)) { ++ if(content_length >= 0 ++ && (unsigned int)content_length >= (content_buf_used + n)) { + content_buf_len = content_length; + } else { + content_buf_len = content_buf_used + n; +@@ -340,7 +342,7 @@ getHTTPResponse(int s, int * size, int * status_code) + } + } + /* use the Content-Length header value if available */ +- if(content_length > 0 && (int)content_buf_used >= content_length) ++ if(content_length > 0 && content_buf_used >= (unsigned int)content_length) + { + #ifdef DEBUG + printf("End of HTTP content\n"); diff --git a/gnu/packages/upnp.scm b/gnu/packages/upnp.scm index a3a6e848fb..645e9a6573 100644 --- a/gnu/packages/upnp.scm +++ b/gnu/packages/upnp.scm @@ -34,6 +34,7 @@ (method url-fetch) (uri (string-append "https://miniupnp.tuxfamily.org/files/" name "-" version ".tar.gz")) + (patches (search-patches "miniupnpc-CVE-2017-8798.patch")) (sha256 (base32 "0n11m2wq812zms5b21h8ihw1kbyaihj9nqjiida0hskf4dmw4m13")))) (build-system gnu-build-system) -- cgit v1.2.3 From ffed9eabcc1dd368d28f89728b2b901a180f5e19 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 24 Apr 2017 00:41:49 +0200 Subject: gnu: Add lierolibre. * gnu/packages/patches/lierolibre-check-unaligned-access.patch, gnu/packages/patches/lierolibre-is-free-software.patch, gnu/packages/patches/lierolibre-remove-arch-warning.patch, gnu/packages/patches/lierolibre-try-building-other-arch.patch, gnu/packages/patches/lierolibre-newer-libconfig.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/games.scm (lierolibre): New variable. --- gnu/local.mk | 5 + gnu/packages/games.scm | 65 +++++++ .../lierolibre-check-unaligned-access.patch | 30 ++++ .../patches/lierolibre-is-free-software.patch | 38 +++++ .../patches/lierolibre-newer-libconfig.patch | 190 +++++++++++++++++++++ .../patches/lierolibre-remove-arch-warning.patch | 30 ++++ .../lierolibre-try-building-other-arch.patch | 56 ++++++ 7 files changed, 414 insertions(+) create mode 100644 gnu/packages/patches/lierolibre-check-unaligned-access.patch create mode 100644 gnu/packages/patches/lierolibre-is-free-software.patch create mode 100644 gnu/packages/patches/lierolibre-newer-libconfig.patch create mode 100644 gnu/packages/patches/lierolibre-remove-arch-warning.patch create mode 100644 gnu/packages/patches/lierolibre-try-building-other-arch.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index b7800a4205..8599e6d3a0 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -776,6 +776,11 @@ dist_patch_DATA = \ %D%/packages/patches/libxslt-generated-ids.patch \ %D%/packages/patches/libxslt-CVE-2016-4738.patch \ %D%/packages/patches/libxt-guix-search-paths.patch \ + %D%/packages/patches/lierolibre-check-unaligned-access.patch \ + %D%/packages/patches/lierolibre-is-free-software.patch \ + %D%/packages/patches/lierolibre-newer-libconfig.patch \ + %D%/packages/patches/lierolibre-remove-arch-warning.patch \ + %D%/packages/patches/lierolibre-try-building-other-arch.patch \ %D%/packages/patches/linux-pam-no-setfsuid.patch \ %D%/packages/patches/lirc-localstatedir.patch \ %D%/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch \ diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index b47a661935..3517f06acf 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -29,6 +29,7 @@ ;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; Copyright © 2017 nee ;;; Copyright © 2017 Clément Lassieur +;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -90,6 +91,7 @@ #:use-module (gnu packages ocaml) #:use-module (gnu packages python) #:use-module (gnu packages readline) + #:use-module (gnu packages textutils) #:use-module (gnu packages xorg) #:use-module (gnu packages pkg-config) #:use-module (gnu packages databases) @@ -2693,6 +2695,69 @@ your way through an underground cave system in search of the Grue. Can you capture it and get out alive?") (license license:agpl3+))) +(define-public lierolibre + (package + (name "lierolibre") + (version "0.5") + (source (origin + (method url-fetch) + (uri (string-append "https://launchpad.net/lierolibre/trunk/" + version "/+download/lierolibre-" + version ".tar.xz")) + (sha256 + (base32 + "1cf1gvsn4qq190lrf9k5bpjnqwlcfw7pajvdnh7z5r4jqw0rsbl9")) + (patches + (search-patches "lierolibre-check-unaligned-access.patch" + "lierolibre-try-building-other-arch.patch" + "lierolibre-remove-arch-warning.patch" + "lierolibre-newer-libconfig.patch" + "lierolibre-is-free-software.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete pre-compiled files. + (delete-file "data/LIERO.CHR") + (delete-file "data/LIERO.SND") + #t)))) + (build-system gnu-build-system) + (native-inputs + `(("imagemagick" ,imagemagick) + ("pkg-config" ,pkg-config) + ("util-linux" ,util-linux) + ("sox" ,sox))) + (inputs + `(("boost" ,boost) + ("libconfig" ,libconfig) + ("sdl-union" ,(sdl-union (list sdl sdl-image sdl-mixer))) + ("zlib" ,zlib))) + (home-page "https://gitlab.com/lierolibre/lierolibre") + (synopsis "Old-school earthworm action game") + (description + "lierolibre is an earthworm action game where you fight another player +(or the computer) underground using a wide array of weapons. + +Features: +@itemize +@item 2 worms, 40 weapons, great playability, two game modes: Kill'em All +and Game of Tag, plus AI-players without true intelligence! +@item Dat nostalgia. +@item Extensions via a hidden F1 menu: +@itemize +@item Replays +@item Game controller support +@item Powerlevel palettes +@end itemize +@item Ability to write game variables to plain text files. +@item Ability to load game variables from both EXE and plain text files. +@item Scripts to extract and repack graphics, sounds and levels. +@end itemize + +To switch between different window sizes, use F6, F7 and F8, to switch to +fullscreen, use F5 or Alt+Enter.") + ;; Code mainly BSD-2, some parts under Boost 1.0. All assets are WTFPL2. + (license (list license:bsd-2 license:boost1.0 license:wtfpl2)))) + (define-public warzone2100 (package (name "warzone2100") diff --git a/gnu/packages/patches/lierolibre-check-unaligned-access.patch b/gnu/packages/patches/lierolibre-check-unaligned-access.patch new file mode 100644 index 0000000000..b720c9eb3b --- /dev/null +++ b/gnu/packages/patches/lierolibre-check-unaligned-access.patch @@ -0,0 +1,30 @@ +Patch copied from Debian: + +https://anonscm.debian.org/cgit/pkg-games/lierolibre.git/tree/debian/patches/0001-Use-unaligned-access-define-over-checking-arch.patch?id=82910748906855f6e6bfe30b3f077e8c793ae424 + +From 396f19b6b7743d394307f70f0c0108419824437b Mon Sep 17 00:00:00 2001 +From: Martin Erik Werner +Date: Sun, 28 Jun 2015 16:31:34 +0200 +Subject: [PATCH 1/3] Use unaligned access define over checking arch + +This todo item seems like it done, and just needed implementing... +--- + io/encoding.hpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/gvl/io/encoding.hpp b/src/gvl/io/encoding.hpp +index c491677..89bb612 100644 +--- a/src/gvl/io/encoding.hpp ++++ b/src/gvl/io/encoding.hpp +@@ -374,7 +374,7 @@ struct octet_stream_writer + // inlining of the common case + if(std::size_t(end_ - cur_) >= len) + { +-#if GVL_X86 || GVL_X86_64 // TODO: A define that says whether unaligned access is allowed ++#if GVL_UNALIGNED_ACCESS + if(len < 64) // TODO: Tweak this limit + { + while(len > 4) +-- +2.4.6 + diff --git a/gnu/packages/patches/lierolibre-is-free-software.patch b/gnu/packages/patches/lierolibre-is-free-software.patch new file mode 100644 index 0000000000..626a24dd8c --- /dev/null +++ b/gnu/packages/patches/lierolibre-is-free-software.patch @@ -0,0 +1,38 @@ +Remove outdated license text. See COPYING and the description +at http://liero.be/ for more information. + +--- a/data/LIEROENG.TXT ++++ b/data/LIEROENG.TXT +@@ -11,14 +11,6 @@ + ----------------------------------------------------------------------------- + + GENERAL STUFF +- +- Liero is freeware. What that means is that you don't have to pay +- for it and using it has not been restricted in any way. You may +- distribute it to anyone and anyhow WITHOUT ANY CHANGES MADE TO IT'S +- CONTAINMENTS. +- +- The source code of this game is not distributed freely (neither +- commercially). So if you thought that maybe you could... forget it. + + Liero is a wormgame with weapons for 2 players. The object of the + game is definately what you think it is. Liero is excellent for +--- a/data/LIERO.TXT ++++ b/data/LIERO.TXT +@@ -12,15 +12,6 @@ + + YLEISTŽ + +- Liero on freeware, mik„ tarkoittaa ett„ sen k„yt”st„ ei tarvitse +- maksaa mit„„n eik„ k„ytt”„ ole rajoitettu mitenk„„n. Lieroa saa +- kopioida kelle tahansa ja miten tahansa SISŽLT™Ž MITENKŽŽN +- MUUTTAMATTA. +- +- Todettakoon t„ss„ ett„ Lieron l„hdekoodi ei ole vapaassa (sen +- enenp„„ kuin kaupallisessakaan) jakelussa. Joten jos ajattelit +- ett„... niin j„t„ ajatukset sikseen. +- + Liero on kahden pelattava aseellinen matosimulaatiopeli. Pelin + p„„m„„r„n„ on ep„ilem„tt„ se mit„ luuletkin. Liero sopii + erinomaisen hyvin aggressioiden purkuun ja kaverin rokitt„miseen diff --git a/gnu/packages/patches/lierolibre-newer-libconfig.patch b/gnu/packages/patches/lierolibre-newer-libconfig.patch new file mode 100644 index 0000000000..662d0f90fa --- /dev/null +++ b/gnu/packages/patches/lierolibre-newer-libconfig.patch @@ -0,0 +1,190 @@ +Fix compatibility with newer libconfig. + +Patch copied from upstream source repository: + +https://gitlab.com/lierolibre/lierolibre/commit/b27e3604aa6bfbfcc50db1000b394d06c87ae2f2 + +diff --git a/src/common.cpp b/src/common.cpp +index 2d6ada5..4942b05 100644 +--- a/src/common.cpp ++++ b/src/common.cpp +@@ -162,7 +162,7 @@ void Texts::loadFromCFG(std::string cfgFilePath) + const libconfig::Setting &sgmodes = texts["gameModes"]; + for(int i = 0; i < 4; ++i) + { +- gameModes[i] = (char const*)sgmodes["gameModes" + to_string(i)]; ++ gameModes[i] = (char const*)sgmodes[("gameModes" + to_string(i)).c_str()]; + } + + const libconfig::Setting &sgmspec = texts["gameModeSpec"]; +@@ -181,13 +181,13 @@ void Texts::loadFromCFG(std::string cfgFilePath) + const libconfig::Setting &swstates = texts["weapStates"]; + for(int i = 0; i < 3; ++i) + { +- weapStates[i] = (char const*)swstates["weapStates" + to_string(i)]; ++ weapStates[i] = (char const*)swstates[("weapStates" + to_string(i)).c_str()]; + } + + const libconfig::Setting &sknames = texts["keyNames"]; + for(int i = 1; i < 177; ++i) // First key starts at 1 + { +- keyNames[i] = (char const*)sknames["keyNames" + to_string(i)]; ++ keyNames[i] = (char const*)sknames[("keyNames" + to_string(i)).c_str()]; + } + + selWeap = (char const*)texts["selWeap"]; +@@ -315,8 +315,8 @@ void Common::loadPaletteFromCFG(std::string cfgFilePath) + const libconfig::Setting &scanim = palette["colorAnim"]; + for(int i = 0; i < 4; ++i) + { +- colorAnim[i].from = (int)scanim["colorAnim" + to_string(i) + "from"]; +- colorAnim[i].to = (int)scanim["colorAnim" + to_string(i) + "to"]; ++ colorAnim[i].from = (int)scanim[("colorAnim" + to_string(i) + "from").c_str()]; ++ colorAnim[i].to = (int)scanim[("colorAnim" + to_string(i) + "to").c_str()]; + } + } + +@@ -383,7 +383,7 @@ void Common::loadMaterialsFromCFG(std::string cfgFilePath) + + for(int i = 0; i < 256; ++i) + { +- const libconfig::Setting &smflags = smaterials["flags" + to_string(i)]; ++ const libconfig::Setting &smflags = smaterials[("flags" + to_string(i)).c_str()]; + materials[i].flags = smflags; + } + } +diff --git a/src/configCompat.cpp b/src/configCompat.cpp +index 1aeb262..a72c40f 100644 +--- a/src/configCompat.cpp ++++ b/src/configCompat.cpp +@@ -160,19 +160,19 @@ void Common::loadConstantsFromCFGVer0(string cfgFilePath) + const Setting &vconstants = constants["Values"]; + for(int i = 0; i < MaxC; ++i) + { +- C[i] = (int)vconstants[valueConstantsNamesCFGVer0[i]]; ++ C[i] = (int)vconstants[valueConstantsNamesCFGVer0[i].c_str()]; + } + + const Setting &sconstants = constants["Strings"]; + for(int i = 0; i < MaxS; ++i) + { +- S[i]= (char const*)sconstants[stringConstantsNamesCFGVer0[i]]; ++ S[i]= (char const*)sconstants[stringConstantsNamesCFGVer0[i].c_str()]; + } + + const Setting &hconstants = constants["Hacks"]; + for(int i = 0; i < MaxH; ++i) + { +- H[i] = (bool)hconstants[hackConstantsNamesVer0[i]]; ++ H[i] = (bool)hconstants[hackConstantsNamesVer0[i].c_str()]; + } + } + +diff --git a/src/configHelper.cpp b/src/configHelper.cpp +index fcd1f3f..a63bddc 100644 +--- a/src/configHelper.cpp ++++ b/src/configHelper.cpp +@@ -54,15 +54,11 @@ template Uint8 ConfigHelper::getValue(const Setting & + + template Uint8 ConfigHelper::getValue(const Setting &node, char const* index); + +-template Uint8 ConfigHelper::getValue(const Setting &node, string index); +- + // Non-const + template Uint8 ConfigHelper::getValue(Setting &node, int index); + + template Uint8 ConfigHelper::getValue(Setting &node, char const* index); + +-template Uint8 ConfigHelper::getValue(Setting &node, string index); +- + + // Since we still need specialisation per value type (Setting::Type), + // no need to templateify these +@@ -72,7 +68,7 @@ void ConfigHelper::put(Setting &node, string variable, string value) + { + node.add(variable, Setting::TypeString) = value; + } else { +- Setting &var = node[variable]; ++ Setting &var = node[variable.c_str()]; + var = value; + } + } +@@ -83,7 +79,7 @@ void ConfigHelper::put(Setting &node, string variable, int value) + { + node.add(variable, Setting::TypeInt) = value; + } else { +- Setting &var = node[variable]; ++ Setting &var = node[variable.c_str()]; + var = value; + } + } +@@ -94,7 +90,7 @@ void ConfigHelper::put(Setting &node, string variable, Uint8 value) + { + node.add(variable, Setting::TypeInt) = value; + } else { +- Setting &var = node[variable]; ++ Setting &var = node[variable.c_str()]; + var = value; + } + } +@@ -105,7 +101,7 @@ void ConfigHelper::put(Setting &node, string variable, bool value) + { + node.add(variable, Setting::TypeBoolean) = value; + } else { +- Setting &var = node[variable]; ++ Setting &var = node[variable.c_str()]; + var = value; + } + } +@@ -135,6 +131,6 @@ Setting& ConfigHelper::getSubgroup(Setting &node, string groupName) + { + node.add(groupName, Setting::TypeGroup); + } +- return node[groupName]; ++ return node[groupName.c_str()]; + } + +diff --git a/src/constants.cpp b/src/constants.cpp +index 7fced6a..cf7bbfc 100644 +--- a/src/constants.cpp ++++ b/src/constants.cpp +@@ -523,19 +523,19 @@ void Common::loadConstantsFromCFG(std::string cfgFilePath) + const libconfig::Setting &vconstants = constants["Values"]; + for(int i = 0; i < MaxC; ++i) + { +- C[i] = (int)vconstants[valueConstantsNames[i]]; ++ C[i] = (int)vconstants[valueConstantsNames[i].c_str()]; + } + + const libconfig::Setting &sconstants = constants["Strings"]; + for(int i = 0; i < MaxS; ++i) + { +- S[i]= (char const*)sconstants[stringConstantsNames[i]]; ++ S[i]= (char const*)sconstants[stringConstantsNames[i].c_str()]; + } + + const libconfig::Setting &hconstants = constants["Hacks"]; + for(int i = 0; i < MaxH; ++i) + { +- H[i] = (bool)hconstants[hackConstantsNames[i]]; ++ H[i] = (bool)hconstants[hackConstantsNames[i].c_str()]; + } + } + +diff --git a/src/gfx/palette.cpp b/src/gfx/palette.cpp +index 3fd08c4..3d3bf22 100644 +--- a/src/gfx/palette.cpp ++++ b/src/gfx/palette.cpp +@@ -124,9 +124,9 @@ void Palette::readFromCFG(std::string cfgFilePath) + + for(int i = 0; i < 256; ++i) + { +- entries[i].r = cfgHelp.getValue(spentries, "entries" + to_string(i) + "r"); +- entries[i].g = cfgHelp.getValue(spentries, "entries" + to_string(i) + "g"); +- entries[i].b = cfgHelp.getValue(spentries, "entries" + to_string(i) + "b"); ++ entries[i].r = cfgHelp.getValue(spentries, ("entries" + to_string(i) + "r").c_str()); ++ entries[i].g = cfgHelp.getValue(spentries, ("entries" + to_string(i) + "g").c_str()); ++ entries[i].b = cfgHelp.getValue(spentries, ("entries" + to_string(i) + "b").c_str()); + } + } + diff --git a/gnu/packages/patches/lierolibre-remove-arch-warning.patch b/gnu/packages/patches/lierolibre-remove-arch-warning.patch new file mode 100644 index 0000000000..ca92b72546 --- /dev/null +++ b/gnu/packages/patches/lierolibre-remove-arch-warning.patch @@ -0,0 +1,30 @@ +Copied from Debian: + +https://anonscm.debian.org/cgit/pkg-games/lierolibre.git/tree/debian/patches/0003-Remove-unknown-arch-warning.patch?id=82910748906855f6e6bfe30b3f077e8c793ae424 + +From a9592533eeabed075b13d11c64f63f503dc13343 Mon Sep 17 00:00:00 2001 +From: Martin Erik Werner +Date: Sun, 28 Jun 2015 19:31:30 +0200 +Subject: [PATCH 3/3] Remove unknown arch warning + +The warning was just excessivley spammy, remove it. +--- + support/platform.h | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/src/gvl/support/platform.h b/src/gvl/support/platform.h +index 1857b7c..ff6a7d2 100644 +--- a/src/gvl/support/platform.h ++++ b/src/gvl/support/platform.h +@@ -87,8 +87,6 @@ + # define GVL_X86_64 1 + # elif defined(__i386__) || defined(_M_IX86) || defined(i386) || defined(i486) || defined(intel) || defined(x86) || defined(i86pc) + # define GVL_X86 1 +-# else +-# warning "Unknown architecture, please add it" + # endif + #endif + +-- +2.4.6 + diff --git a/gnu/packages/patches/lierolibre-try-building-other-arch.patch b/gnu/packages/patches/lierolibre-try-building-other-arch.patch new file mode 100644 index 0000000000..a40dfe6110 --- /dev/null +++ b/gnu/packages/patches/lierolibre-try-building-other-arch.patch @@ -0,0 +1,56 @@ +Copied from Debian: + +https://anonscm.debian.org/cgit/pkg-games/lierolibre.git/tree/debian/patches/0001-Use-unaligned-access-define-over-checking-arch.patch?id=82910748906855f6e6bfe30b3f077e8c793ae424 + +From a70691fb003cae1a33f06d682269285f9baa2dd9 Mon Sep 17 00:00:00 2001 +From: Martin Erik Werner +Date: Sun, 28 Jun 2015 19:00:23 +0200 +Subject: [PATCH 2/3] At least try building for other archs than x86* + +Allow attempting to build for other architectures than x86 and x86_64, +whether or not the build will succeed or produce sane output is another +question... It emits plenty of warnings about it now though... + +Configuration of the FPU controller is disabled on all but x86*, and the +uninformed hope and prayer is that defaults will be fine without messing +with them. +--- + math/ieee.cpp | 2 ++ + support/platform.h | 4 ++-- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/gvl/math/ieee.cpp b/src/gvl/math/ieee.cpp +index 8b740d4..e0803d2 100644 +--- a/src/gvl/math/ieee.cpp ++++ b/src/gvl/math/ieee.cpp +@@ -54,6 +54,8 @@ void gvl_init_ieee() + { + #if GVL_MSVCPP + // Nothing needs to be done, TODO: we should however check that the x87 state is right ++#elif !GVL_X86 && !GVL_X86_64 ++// No idea what to do, but run with defaults and pray it doesn't mess things up + #elif GVL_GCC && GVL_WIN32 + unsigned int const flags = _RC_NEAR | _PC_53 | _EM_INVALID | _EM_DENORMAL | _EM_ZERODIVIDE | _EM_OVERFLOW | _EM_UNDERFLOW | _EM_INEXACT; + _control87(flags, _MCW_EM | _MCW_PC | _MCW_RC); +diff --git a/src/gvl/support/platform.h b/src/gvl/support/platform.h +index 86dcaa6..1857b7c 100644 +--- a/src/gvl/support/platform.h ++++ b/src/gvl/support/platform.h +@@ -88,12 +88,12 @@ + # elif defined(__i386__) || defined(_M_IX86) || defined(i386) || defined(i486) || defined(intel) || defined(x86) || defined(i86pc) + # define GVL_X86 1 + # else +-# error "Unknown architecture, please add it" ++# warning "Unknown architecture, please add it" + # endif + #endif + + #if !GVL_LITTLE_ENDIAN && !GVL_BIG_ENDIAN +-# if GVL_X86 || GVL_X86_64 ++# if GVL_X86 || GVL_X86_64 || __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN + # define GVL_LITTLE_ENDIAN 1 + # else + # define GVL_BIG_ENDIAN 1 +-- +2.4.6 + -- cgit v1.2.3 From 2088513214cc6d03bcb303a951d2df14ec6b57b5 Mon Sep 17 00:00:00 2001 From: Mathieu Othacehe Date: Fri, 12 May 2017 18:40:45 +0200 Subject: gnu: reptry: Fix build. * gnu/packages/patches/reptyr-fix-gcc-7.patch: New file. * gnu/local.mk (dist_patch_DATA): Add new patch. * gnu/packages/screen.scm (reptyr): Use patch. --- gnu/local.mk | 1 + gnu/packages/patches/reptyr-fix-gcc-7.patch | 38 +++++++++++++++++++++++++++++ gnu/packages/screen.scm | 3 +++ 3 files changed, 42 insertions(+) create mode 100644 gnu/packages/patches/reptyr-fix-gcc-7.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 8599e6d3a0..28a283ab70 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -946,6 +946,7 @@ dist_patch_DATA = \ %D%/packages/patches/readline-link-ncurses.patch \ %D%/packages/patches/readline-6.2-CVE-2014-2524.patch \ %D%/packages/patches/readline-7.0-mingw.patch \ + %D%/packages/patches/reptyr-fix-gcc-7.patch \ %D%/packages/patches/ripperx-missing-file.patch \ %D%/packages/patches/rpcbind-CVE-2017-8779.patch \ %D%/packages/patches/rpm-CVE-2014-8118.patch \ diff --git a/gnu/packages/patches/reptyr-fix-gcc-7.patch b/gnu/packages/patches/reptyr-fix-gcc-7.patch new file mode 100644 index 0000000000..5e0e581218 --- /dev/null +++ b/gnu/packages/patches/reptyr-fix-gcc-7.patch @@ -0,0 +1,38 @@ +This patch allows reptyr to build with gcc 7. It is taken from reptyr mainline patches +fa0d63f and b45fd92. + +https://github.com/nelhage/reptyr/commit/fa0d63ff8c488be15976e5353580b565e85586a1 +https://github.com/nelhage/reptyr/commit/b45fd9238958fcf2d8f3d6fc23e6d491febea2ac + +Patch by Nelson Elhage . + +diff --git a/attach.c b/attach.c +index bd8ef8c..8d9cbf8 100644 +--- a/attach.c ++++ b/attach.c +@@ -389,8 +389,11 @@ int setup_steal_socket(struct steal_pty_state *steal) { + return errno; + + steal->addr_un.sun_family = AF_UNIX; +- snprintf(steal->addr_un.sun_path, sizeof(steal->addr_un.sun_path), +- "%s/reptyr.sock", steal->tmpdir); ++ if (snprintf(steal->addr_un.sun_path, sizeof(steal->addr_un.sun_path), ++ "%s/reptyr.sock", steal->tmpdir) >= sizeof(steal->addr_un.sun_path)) { ++ error("tmpdir path too long!"); ++ return ENAMETOOLONG; ++ } + + if ((steal->sockfd = socket(AF_UNIX, SOCK_DGRAM, 0)) < 0) + return errno; +diff --git a/platform/linux/linux.h b/platform/linux/linux.h +index 9e6b78a..3ec5a99 100644 +--- a/platform/linux/linux.h ++++ b/platform/linux/linux.h +@@ -40,6 +40,7 @@ + #include + #include + #include ++#include + #include + #include + #include diff --git a/gnu/packages/screen.scm b/gnu/packages/screen.scm index 1bdfcd0110..49584662b1 100644 --- a/gnu/packages/screen.scm +++ b/gnu/packages/screen.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2015 Eric Bavier ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Alex Griffin +;;; Copyright © 2017 Mathieu Othacehe ;;; ;;; This file is part of GNU Guix. ;;; @@ -155,6 +156,8 @@ window manager as well as the Tmux terminal multiplexer.") (method url-fetch) (uri (string-append "https://github.com/nelhage/reptyr/archive" "/reptyr-" version ".tar.gz")) + ;; XXX: To be removed on next reptyr release. + (patches (search-patches "reptyr-fix-gcc-7.patch")) (sha256 (base32 "07pfl0rkgm8m3f3jy8r9l2yvnhf8lgllpsk3mh57mhzdxq8fagf7")))) -- cgit v1.2.3 From 9eb0f43031c76afcb678f4473861456c3dd32633 Mon Sep 17 00:00:00 2001 From: Hartmut Goebel Date: Mon, 15 May 2017 11:46:05 +0200 Subject: gnu: Update kde frameworks to 5.34.0. * gnu/packages/kde-frameworks.scm (solid): Update to 5.34.0 [native-inputs]: Add dbus. : Replace standard phase. (networkmanager-qt): Update to 5.34.0. [source]: Remove patches. (kfilemetadata) Update to 5.32.0. : New phase Move phase after install phase. [inputs] Add catdoc, exiv2, ffmpeg, poppler, taglib. (attica, baloo, bluez-qt, breeze-icons, extra-cmake-modules, kactivities, kactivities-stats, kapidox, karchive, kauth, kbookmarks, kcmutils, kcodecs, kcompletion, kconfig, kconfigwidgets, kcoreaddons, kcrash, kdbusaddons, kdeclarative, kded, kdesignerplugin, kdesu, kdnssd, kdoctools, kemoticons, kglobalaccel, kguiaddons, ki18n, kiconthemes, kidletime, kimageformats, kinit, kio, kitemmodels, kitemviews, kjobwidgets, knewstuff, knotification, knotifyconfig, kpackages, kparts, kpeople, kplotting, kpty, krunner, kservice, ksyntaxhighlighting, ktexteditor, ktextwidgets, kunitconversion, kwallet, kwayland, kwidgetsaddons, kwindowsystem, kxmlgui, kxmlrpcclient, modemmanager-qt, networkmanager-qt, oxygen-icons, plasma-framework, sonnet, threadweaver): Update to 5.34.0. * gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch, gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch: Remove files. * gnu/local.mk (dist_patch_DATA): Remove the patch files. --- gnu/local.mk | 2 - gnu/packages/kde-frameworks.scm | 302 +++++++++++---------- ...networkmanager-qt-activeconnection-test-1.patch | 60 ---- ...networkmanager-qt-activeconnection-test-2.patch | 57 ---- 4 files changed, 166 insertions(+), 255 deletions(-) delete mode 100644 gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch delete mode 100644 gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 28a283ab70..be818604f7 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -834,8 +834,6 @@ dist_patch_DATA = \ %D%/packages/patches/netsurf-system-utf8proc.patch \ %D%/packages/patches/netsurf-y2038-tests.patch \ %D%/packages/patches/netsurf-longer-test-timeout.patch \ - %D%/packages/patches/networkmanager-qt-activeconnection-test-1.patch \ - %D%/packages/patches/networkmanager-qt-activeconnection-test-2.patch \ %D%/packages/patches/ngircd-handle-zombies.patch \ %D%/packages/patches/ninja-zero-mtime.patch \ %D%/packages/patches/node-9077.patch \ diff --git a/gnu/packages/kde-frameworks.scm b/gnu/packages/kde-frameworks.scm index 2ec176422c..07943e1e5e 100644 --- a/gnu/packages/kde-frameworks.scm +++ b/gnu/packages/kde-frameworks.scm @@ -44,13 +44,18 @@ #:use-module (gnu packages gnome) #:use-module (gnu packages gnupg) #:use-module (gnu packages gstreamer) + #:use-module (gnu packages image) #:use-module (gnu packages linux) + #:use-module (gnu packages mp3) + #:use-module (gnu packages pdf) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages polkit) #:use-module (gnu packages python) #:use-module (gnu packages qt) + #:use-module (gnu packages textutils) #:use-module (gnu packages version-control) + #:use-module (gnu packages video) #:use-module (gnu packages web) #:use-module (gnu packages xml) #:use-module (gnu packages xorg) @@ -59,7 +64,7 @@ (define-public extra-cmake-modules (package (name "extra-cmake-modules") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -68,7 +73,7 @@ name "-" version ".tar.xz")) (sha256 (base32 - "1iqakxzr6bcs9wgyi8if1smpq6px0bvlcyddyk0hxhindzl7pn5i")))) + "1r3dyvrv77xrpjlzpa6yazwkknirvx1ccvdyj9x0mlk4vfi05nh5")))) (build-system cmake-build-system) (native-inputs `(("qtbase" ,qtbase))) ; For tests (needs qmake) @@ -240,7 +245,7 @@ Phonon-GStreamer is a backend based on the GStreamer multimedia library.") (define-public attica (package (name "attica") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -249,7 +254,7 @@ Phonon-GStreamer is a backend based on the GStreamer multimedia library.") name "-" version ".tar.xz")) (sha256 (base32 - "16vl3gpwqcvfms82grv1bvqlxj085bqssv5ixjx007826pd8qhp5")))) + "0l8gmsmpwzg6nzwwlnsdl6r6qkhnhirpmrkag9xpd2sbmy734x53")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -272,7 +277,7 @@ http://freedesktop.org/wiki/Specifications/open-collaboration-services/") (define-public bluez-qt (package (name "bluez-qt") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -281,7 +286,7 @@ http://freedesktop.org/wiki/Specifications/open-collaboration-services/") name "-" version ".tar.xz")) (sha256 (base32 - "0pl6cp0rgjkh7d06ik35rw7qd96j5sh2flgjx4vi21zl5vf3vgyh")))) + "040gs2a1fx996gqdx2pwxh00szb1vb85055z946nqvqfn01921df")))) (build-system cmake-build-system) (native-inputs `(("dbus" ,dbus) @@ -306,7 +311,7 @@ Bluetooth stack. It is used by the KDE Bluetooth stack, BlueDevil.") (define-public breeze-icons (package (name "breeze-icons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -315,7 +320,7 @@ Bluetooth stack. It is used by the KDE Bluetooth stack, BlueDevil.") name "-" version ".tar.xz")) (sha256 (base32 - "1n51kahzk09v52yhi7k4kqgavqlz3ghqv5cx2ssz2djpyavs18r3")))) + "1znzlggb6yrkw5rr2n75g7cfv9x5p9d55hss09c4i79lxrh1bk4a")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -335,7 +340,7 @@ It is the default icon theme for the KDE Plasma 5 desktop.") (define-public kapidox (package (name "kapidox") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -344,7 +349,7 @@ It is the default icon theme for the KDE Plasma 5 desktop.") name "-" version ".tar.xz")) (sha256 (base32 - "1z6hdsppwrmqkcanrppxhqcrjvblg9i02rh3bz5m3pn66wwz0sdw")))) + "190d5z6i71jrvfna6vnlim2p9rgc33s1fxl0zarn276683i1rwvg")))) (build-system cmake-build-system) (arguments `(#:tests? #f)) ; has no test target @@ -377,7 +382,7 @@ documentation.") (define-public karchive (package (name "karchive") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -386,7 +391,7 @@ documentation.") name "-" version ".tar.xz")) (sha256 (base32 - "1dzvphqnc09mmaydqggpxg6zwwyr56p6l4jdf1rf6ns90fzxy0m4")))) + "0g8jskdar2znviwh9bs3kia093wgfnhl04x4jcg2rvh78ylkpvxw")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -411,7 +416,7 @@ GZip format, via a subclass of QIODevice.") (define-public kcodecs (package (name "kcodecs") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -420,7 +425,7 @@ GZip format, via a subclass of QIODevice.") name "-" version ".tar.xz")) (sha256 (base32 - "0yybkp52i8nm4qjady6jqswn6v70cqbvjqwgrghjnc88b2cly253")))) + "0k51s4qlf0kq6i8f3wrsz5lrkzjqb1j26hrmlmg57vn91r58iash")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -446,7 +451,7 @@ Internet).") (define-public kconfig (package (name "kconfig") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -455,7 +460,7 @@ Internet).") name "-" version ".tar.xz")) (sha256 (base32 - "1pajh1l08b995shp6l75ri9z4vr6wjapvrkmrmv8hksnxvfi97dp")))) + "0blbx6b3fk6p8cv2iywk2avn9w1411bb0g5wwv456a9ggi01988x")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -513,7 +518,7 @@ propagate their changes to their respective configuration files.") (define-public kcoreaddons (package (name "kcoreaddons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -522,7 +527,7 @@ propagate their changes to their respective configuration files.") name "-" version ".tar.xz")) (sha256 (base32 - "1n1xzvwwji9pwyxrvwp4rmpc7qzp9nlis26xmn81k607jn587ksx")))) + "1ybr4bv8rhp4cxpf8mfsc4dk0klzrfh1z8g2cw6zasmksxmmwi90")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -551,7 +556,7 @@ many more.") (define-public kdbusaddons (package (name "kdbusaddons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -560,7 +565,7 @@ many more.") name "-" version ".tar.xz")) (sha256 (base32 - "1a15jjsrkza0ll2viyk834pgdxsdgdacm0982xxwl5z937f75609")) + "1skblxfnjhbyiwavsfhksc2ybc2sikw3xr0js6mlfbpmvqzghn6h")) (patches (search-patches "kdbusaddons-kinit-file-name.patch")))) (build-system cmake-build-system) (native-inputs @@ -596,7 +601,7 @@ as well as an API to create KDED modules.") (define-public kdnssd (package (name "kdnssd") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -605,7 +610,7 @@ as well as an API to create KDED modules.") name "-" version ".tar.xz")) (sha256 (base32 - "1xakbs2wm627zn01ni8fyrz64xl5jw4by0pdrb70aad7w37dijrw")))) + "082mdim9wykdap4fmjfayk443rbarsk1p8cn3mspx2nw047yja80")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -623,7 +628,7 @@ infrastructure.") (define-public kguiaddons (package (name "kguiaddons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -632,7 +637,7 @@ infrastructure.") name "-" version ".tar.xz")) (sha256 (base32 - "0rbfd0rykmwl9hs1q22pqg2by8vi9y1pgs2ishgnan4sc4w87wjb")))) + "1nmlwvy2jdmh0m6bmahvk68vl2rs9s28c10dkncpi6gvhsdkigqx")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -656,7 +661,7 @@ interfaces in the areas of colors, fonts, text, images, keyboard input.") (define-public ki18n (package (name "ki18n") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -665,7 +670,7 @@ interfaces in the areas of colors, fonts, text, images, keyboard input.") name "-" version ".tar.xz")) (sha256 (base32 - "068xvw2hy4hlpj85wgjjdj0nc37fygpd8wb1dnpqcvzzy8rc1rsf")))) + "0glvmmy01mp6hnix79aichgwjq842kgf5q5zynkg6mch85y4ary7")))) (build-system cmake-build-system) (propagated-inputs `(("gettext" ,gettext-minimal) @@ -699,7 +704,7 @@ translation scripting.") (define-public kidletime (package (name "kidletime") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -708,7 +713,7 @@ translation scripting.") name "-" version ".tar.xz")) (sha256 (base32 - "0rkxx3bnspjwm4vcy4rdfahk6vcfpkh8fldww0zfdn7s7pigqwch")))) + "0z8x6iz52y2m8llsp2q4qayxswkzay7ksimzy47crfag442bw24g")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -726,7 +731,7 @@ or user activity.") (define-public kitemmodels (package (name "kitemmodels") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -735,7 +740,7 @@ or user activity.") name "-" version ".tar.xz")) (sha256 (base32 - "0lxld7jdixpq23sycv8n4ckzmdr34aycrsf2zffziw6r59f0mzki")))) + "1liq1ppa7xb1dcncv25c2a0xy3l9bvb2a56cff90c0b0vwr239q5")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -787,7 +792,7 @@ model to observers (define-public kitemviews (package (name "kitemviews") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -796,7 +801,7 @@ model to observers name "-" version ".tar.xz")) (sha256 (base32 - "1h1zgawdi4vbgymdl5215lx7hpcx9jqxy7vjf5hwgs6b2cls1sws")))) + "054accbis471zj1gbfxbc99062r2hvpb04i6w3r8fa4ml8s6brqk")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -828,7 +833,7 @@ to flat and hierarchical lists.") (define-public kplotting (package (name "kplotting") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -837,7 +842,7 @@ to flat and hierarchical lists.") name "-" version ".tar.xz")) (sha256 (base32 - "0a0pfmdlx84526lb2jvx94i2pf85km57fm2ygis4z5mjgbzsmb6v")))) + "1ffy9b08128ym024wlfgnzk52vpy0mbaa91dhndpr40qcz0i67sh")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -866,7 +871,7 @@ pixel units.") (define-public ksyntaxhighlighting (package (name "ksyntaxhighlighting") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -875,7 +880,7 @@ pixel units.") "syntax-highlighting-" version ".tar.xz")) (sha256 (base32 - "1d9m7x53mwggwmhhba1c7b8v4f8qjql889y674ldpzs2nrk5y7x3")))) + "0ryfwblvzj9rd5jj7l8scmbb49ygzk77ng05hrznsipczin2cjw8")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -914,7 +919,7 @@ integration with a custom editor as well as a ready-to-use (define-public kwayland (package (name "kwayland") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -923,7 +928,7 @@ integration with a custom editor as well as a ready-to-use name "-" version ".tar.xz")) (sha256 (base32 - "1kzvq7qx102rfdv975x5sd37lsl6wn0mzm2m1f9fnnn2rvii3h5d")))) + "1zxb9ram47vbiik8h0czyvacrdiijhnslkpcm61l4r1rb0ybb0ib")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -953,7 +958,7 @@ represented by a QPoint or a QSize.") (define-public kwidgetsaddons (package (name "kwidgetsaddons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -962,7 +967,7 @@ represented by a QPoint or a QSize.") name "-" version ".tar.xz")) (sha256 (base32 - "1aksy326ppdfcx20zl9hxsd8j0br32j6dlx4i1xxbd976csys9b2")))) + "0hw87iig75mfgl5p3ph6zkwap31h357bm7rlyv5d9nnp10bq0hfg")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1001,7 +1006,7 @@ configuration pages, message boxes, and password requests.") (define-public kwindowsystem (package (name "kwindowsystem") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1010,7 +1015,7 @@ configuration pages, message boxes, and password requests.") name "-" version ".tar.xz")) (sha256 (base32 - "1c3kd23c4wwzdhfcyhv41czw3y2kk1492xn6ah9n3r98akrhgar1")))) + "1sp2x7afhw19vmhdp2qyrmljz8h0875xjk95n8c5gzypk7sr0l83")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1041,7 +1046,7 @@ lower level classes for interaction with the X Windowing System.") (define-public modemmanager-qt (package (name "modemmanager-qt") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1050,7 +1055,7 @@ lower level classes for interaction with the X Windowing System.") name "-" version ".tar.xz")) (sha256 (base32 - "0ywyiq1kj4ya5knn0r12j9m1ig9mlyfypnrzihlvipddjrqs7jyd")))) + "1cf5nsc8h7djvr19fm5dphzplh1wm3asvn0a7r71spg0i7lzi89h")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1079,7 +1084,7 @@ messages.") (define-public networkmanager-qt (package (name "networkmanager-qt") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1088,12 +1093,7 @@ messages.") name "-" version ".tar.xz")) (sha256 (base32 - "0bcy7nzfvx2xah3kxklmrjn08qbjddiny7wf7nkxsbc3kkhrxqyd")) - ;; TODO: Remove these patches when updating to 5.33. - (patches - (search-patches - "networkmanager-qt-activeconnection-test-1.patch" - "networkmanager-qt-activeconnection-test-2.patch")))) + "05s0irvkg0g57acriablyha2wb9c7w3xhq223vdddjqpcdx0pnkl")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1123,7 +1123,7 @@ which are used in DBus communication.") (define-public oxygen-icons (package (name "oxygen-icons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1132,7 +1132,7 @@ which are used in DBus communication.") name "5" "-" version ".tar.xz")) (sha256 (base32 - "05v3blgs4qbjl8s6470baahy9a98cfi3mplzp462axcgkqdj1nwf")))) + "0cmxxssir5zbp5nlxq81h2xfd6wrxbbkydyw93dby7r56isl7ga5")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1148,7 +1148,7 @@ which are used in DBus communication.") (define-public solid (package (name "solid") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1157,10 +1157,18 @@ which are used in DBus communication.") name "-" version ".tar.xz")) (sha256 (base32 - "1jhymivravgix0sa0szkax50j09l5fl55xi3fbyjxlb4cil114v5")))) + "02kz21p3p1s1rg7gf34fr6ynhji6x97yvsfdpvbfxbhijabbh4ib")))) (build-system cmake-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ + (setenv "DBUS_FATAL_WARNINGS" "0") + (zero? (system* "dbus-launch" "ctest" "."))))))) (native-inputs `(("bison" ,bison) + ("dbus" ,dbus) ("extra-cmake-modules" ,extra-cmake-modules) ("flex" ,flex) ("qttools" ,qttools))) @@ -1177,7 +1185,7 @@ system.") (define-public sonnet (package (name "sonnet") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1186,7 +1194,7 @@ system.") name "-" version ".tar.xz")) (sha256 (base32 - "17sjv48b3z5fgplsy16ilcw6p7mlqjs61ib6jqd1mqzv4xrr27yi")))) + "06gxrh8rb75ydkqxk5dhlmwndnczp264jx588ryfwlf3vlnk99vs")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1203,7 +1211,7 @@ ASpell and HUNSPELL.") (define-public threadweaver (package (name "threadweaver") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1212,7 +1220,7 @@ ASpell and HUNSPELL.") name "-" version ".tar.xz")) (sha256 (base32 - "1qpy2rzqyd4ap5fibkfk87z66ijh2h79cd7f0h506jh2dbx20g0h")))) + "1gylpl283qf1jcfyib4q5xwnpdq13hnd2cp2i7xjazdw2jp40zhr")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1233,7 +1241,7 @@ uses a job-based interface to queue tasks and execute them in an efficient way." (define-public kauth (package (name "kauth") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1242,7 +1250,7 @@ uses a job-based interface to queue tasks and execute them in an efficient way." name "-" version ".tar.xz")) (sha256 (base32 - "00kdq16n9w6nf1bpwzl5lp5c2xq74g8nn6081kvnjcd4ld66ncmq")))) + "06cw1bsp7inh5wglajm8aahy17p35ixgnijb7d74gjqzbj4cv93d")))) (build-system cmake-build-system) (native-inputs `(("dbus" ,dbus) @@ -1280,7 +1288,7 @@ utilities.") (define-public kcompletion (package (name "kcompletion") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1289,7 +1297,7 @@ utilities.") name "-" version ".tar.xz")) (sha256 (base32 - "0fn8imr3m219r38a0rafbnylcpjq4rqhz1w66mx80sc7l10mhcni")))) + "18hvdk5b1nkh6b3vx0jajri57rl266b0qjsiwirh5wmjc81xbpcw")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1317,7 +1325,7 @@ integrated it into your application's other widgets.") (define-public kcrash (package (name "kcrash") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1326,7 +1334,7 @@ integrated it into your application's other widgets.") name "-" version ".tar.xz")) (sha256 (base32 - "1zrkjrpj88ymdy5vbn9db73vxppswvmbn2gkn4gpx773dsmflhz3")))) + "1cshay7dhbqgh62nq85vd9sm20gq9s9f70mdnzjjh1q7cajybkp3")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1355,7 +1363,7 @@ application crashes.") (define-public kdoctools (package (name "kdoctools") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1364,7 +1372,7 @@ application crashes.") name "-" version ".tar.xz")) (sha256 (base32 - "0i7zgg7iw6w0sdr6cv3yf4blcr61i8zczgmyqa964ka6p3ywwjs9")))) + "145jjhsd0whmcj91zbjz2b1jyj4wasw60hbwyd4xvqds8cp0l02h")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1403,7 +1411,7 @@ from DocBook files.") (define-public kfilemetadata (package (name "kfilemetadata") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1412,8 +1420,23 @@ from DocBook files.") name "-" version ".tar.xz")) (sha256 (base32 - "01d91gmrxlax0g13ib841vc4qwmv6r4qdr10wfs77rrxsvw7z08f")))) + "1rvlg6by8daiq5ff3qlxcw9k2iq4qicsj0c8a00xfy3w4h9ip9h5")))) (build-system cmake-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + ;; Need to check after install and to set QT_PLUGIN_PATH for the test + ;; suite to finds the plugins. + (delete 'check) + (add-after 'install 'check + (assoc-ref %standard-phases 'check)) + (add-before 'check 'check-setup + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (setenv "QT_PLUGIN_PATH" + (string-append out "/lib/plugins:" + (getenv "QT_PLUGIN_PATH")))) + #t))))) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) ("python-2" ,python-2))) @@ -1421,7 +1444,14 @@ from DocBook files.") `(("attr" ,attr) ("karchive" ,karchive) ("ki18n" ,ki18n) - ("qtbase" ,qtbase))) + ("qtbase" ,qtbase) + ;; Required run-time packages + ("catdoc" ,catdoc) + ;; Optional run-time packages + ("exiv2" ,exiv2) + ("ffmpeg" ,ffmpeg) + ("poppler" ,poppler) + ("taglib" ,taglib))) (home-page "https://community.kde.org/Frameworks") (synopsis "Extract metadata from different fileformats") (description "KFileMetaData provides a simple library for extracting the @@ -1433,7 +1463,7 @@ by applications to write metadata.") (define-public kimageformats (package (name "kimageformats") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1442,7 +1472,7 @@ by applications to write metadata.") name "-" version ".tar.xz")) (sha256 (base32 - "05hn8n4sc3rj5c30ki068f76k1gfgvq19zcw5jlqpnn1l5db5fvz")))) + "0q9ng4clqk2dqw43nk1pmq1d61rahc3qr4dmg4y3kjvz3ahnnijw")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1470,7 +1500,7 @@ formats.") (define-public kjobwidgets (package (name "kjobwidgets") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1479,7 +1509,7 @@ formats.") name "-" version ".tar.xz")) (sha256 (base32 - "0lhv3mg2liija0g8x14jpv1mdhb0zjh868p1cs24bs9xrw1l8984")))) + "0lrx761vf947mb2q1l2jgi0wgwj8cz2nn1xg0j38bh99sgddmzpf")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1498,7 +1528,7 @@ asynchronous jobs.") (define-public knotifications (package (name "knotifications") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1507,7 +1537,7 @@ asynchronous jobs.") name "-" version ".tar.xz")) (sha256 (base32 - "06ap7m8c2py49pqrnhadbyl69y3nsyamzahbpwipqgh9k62sy34y")))) + "12z5hza0n5zr6mv3gkwhzb8zkrmk6dvgq8hrzwm8rzkgphjr6pi9")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -1541,7 +1571,7 @@ covers feedback and persistent events.") (define-public kpackage (package (name "kpackage") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1550,7 +1580,7 @@ covers feedback and persistent events.") name "-" version ".tar.xz")) (sha256 (base32 - "070zasl5c58n01fk18mjgccfizymc9griwicxizqjgzzbgvkns3r")))) + "0wdymhcrjggxb7andz36cfk9f240vvbq5yahlxyhfp9z69lriw5q")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1578,7 +1608,7 @@ were traditional plugins.") (define-public kpty (package (name "kpty") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1587,7 +1617,7 @@ were traditional plugins.") name "-" version ".tar.xz")) (sha256 (base32 - "0h4318rc9902cvqj69capb8lh7s84y44jd59d11fyhq21jhy152s")))) + "00k5hhz7nf3nf47xb003ni1chi03imyrfajap6ay4zp90l8fr950")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1614,7 +1644,7 @@ and communicating with them using a pty.") (define-public kunitconversion (package (name "kunitconversion") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1623,7 +1653,7 @@ and communicating with them using a pty.") name "-" version ".tar.xz")) (sha256 (base32 - "0crc8riwafcx6fwhgrc8vfbwmdygd6vlz1fbbgni09gamm8mbcin")))) + "0v4x0flbfavrzfiqh71mdkqgp1fzk4f52msvq6w60i2s3sz7hcsm")))) (build-system cmake-build-system) (arguments `(#:phases @@ -1657,7 +1687,7 @@ gallons).") (define-public baloo (package (name "baloo") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1666,7 +1696,7 @@ gallons).") name "-" version ".tar.xz")) (sha256 (base32 - "0a4qwinkp4gmcbx4j0qxbj5qb40h7594s39za7sc7bymadicasy1")))) + "0z53lnniq9xdk09d73z0p1xs1qmaf71m4znm4hmq956yg4yqa1ya")))) (build-system cmake-build-system) (propagated-inputs `(("kcoreaddons" ,kcoreaddons) @@ -1715,7 +1745,7 @@ maintaining an index of the contents of your files.") (define-public kactivities (package (name "kactivities") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1724,7 +1754,7 @@ maintaining an index of the contents of your files.") name "-" version ".tar.xz")) (sha256 (base32 - "0xin4shaj0zsfsww84mwk5n4ldaqy730jhc369px2j2nq57sg9g7")))) + "0dg6bkdxf4sicij4szmi55npn6chp0sfmw27qi1s582ymqzjgf5m")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1762,7 +1792,7 @@ with other frameworks.") (define-public kactivities-stats (package (name "kactivities-stats") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1771,7 +1801,7 @@ with other frameworks.") name "-" version ".tar.xz")) (sha256 (base32 - "1b3z7bcap3vjc0155y0a9xkbd477fklmpj8dr3rs0ccyc6qxxbvw")))) + "1dfaq4hsd9wm1ka45dkxbl9wwr7s5ixbnnghqwxhl7a60imc680r")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -1792,7 +1822,7 @@ by which applications, and what documents have been linked to which activity.") (define-public kbookmarks (package (name "kbookmarks") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1801,7 +1831,7 @@ by which applications, and what documents have been linked to which activity.") name "-" version ".tar.xz")) (sha256 (base32 - "03a024phcjv46afbp5lbmj2p8hb6srfzyaslc6ln6ms473bf5k4w")))) + "0ggn4rz8ch82ph64q6yik9fb1mp6kmsd7n33p769zl1lw7fldn0v")))) (build-system cmake-build-system) (propagated-inputs `(("kwidgetsaddons" ,kwidgetsaddons))) @@ -1835,7 +1865,7 @@ using the XBEL format.") (define-public kcmutils (package (name "kcmutils") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1844,7 +1874,7 @@ using the XBEL format.") name "-" version ".tar.xz")) (sha256 (base32 - "1mr9h7wc22bfrbm92ajsjfcs16c5xpkrxbxzcma3a0s7jhy6qrm9")))) + "1b52lwn7qjqrn06va7j1jswlzs6bx0drs90myf3607k52ffbf4hy")))) (build-system cmake-build-system) (propagated-inputs `(("kconfigwidgets" ,kconfigwidgets) @@ -1874,7 +1904,7 @@ KCModules can be created with the KConfigWidgets framework.") (define-public kconfigwidgets (package (name "kconfigwidgets") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1883,7 +1913,7 @@ KCModules can be created with the KConfigWidgets framework.") name "-" version ".tar.xz")) (sha256 (base32 - "1cq0a3k6pvl9f098ssqqk2rddxh0xn1kk4p5kfyd7w0m3c604zw3")))) + "0h4kappsffrp2qgg8wza1ybgah2dlcgpz591llfvaz31ldsml9hk")))) (build-system cmake-build-system) (propagated-inputs `(("kauth" ,kauth) @@ -1916,7 +1946,7 @@ their settings.") (define-public kdeclarative (package (name "kdeclarative") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1925,7 +1955,7 @@ their settings.") name "-" version ".tar.xz")) (sha256 (base32 - "1y5g3yi1l0g1mkqhhakg265r25zm23qc2fqg55rq0g7l9ss7w7g9")))) + "1mfj32p631zvwz9ldk8536ifb4n825zxbhx69bfllhw2vn1am7z2")))) (build-system cmake-build-system) (propagated-inputs `(("kconfig" ,kconfig) @@ -1976,7 +2006,7 @@ that offer bindings to some of the Frameworks.") (define-public kded (package (name "kded") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -1985,7 +2015,7 @@ that offer bindings to some of the Frameworks.") name "-" version ".tar.xz")) (sha256 (base32 - "0pmmsvqwkw86yvxxf9i6lg13vg80m0kmhjjs88lbm60cgvr5jhq6")))) + "0qy4w7bcg60gyf6y6c11kqcshnld55a8w4fzglpwgqfbliyi5yzq")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2009,7 +2039,7 @@ started on demand.") (define-public kdesignerplugin (package (name "kdesignerplugin") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2018,7 +2048,7 @@ started on demand.") name "-" version ".tar.xz")) (sha256 (base32 - "1hapj8x8nky3m6lx2ianmxwprf00jqyjsknjz3pi4vk3i714vhnf")))) + "1jnarg7wrhdjfq73q4wplazxsz927mpf0l6m0i4akq4dlp1b7aah")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -2047,7 +2077,7 @@ ini-style description files.") (define-public kdesu (package (name "kdesu") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2056,7 +2086,7 @@ ini-style description files.") name "-" version ".tar.xz")) (sha256 (base32 - "0zsy1hivy5bbczrpkpgj72mlx0km2nm53kpgrj2hfdy3ss0vn3hl")))) + "04mx0d6kf8slgkkgbna3cyv4c491jvlwcwqxc7zikz0i03l341id")))) (build-system cmake-build-system) (propagated-inputs `(("kpty" ,kpty))) @@ -2078,7 +2108,7 @@ with su and ssh respectively.") (define-public kemoticons (package (name "kemoticons") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2087,7 +2117,7 @@ with su and ssh respectively.") name "-" version ".tar.xz")) (sha256 (base32 - "1ncjs9iy6z6rhk83ff7fj1b68rkylnry0h698rh4jvs98gpw8sgj")))) + "02h12qy0w6mcgkczi3md1znnvp7r47l8h416nd080ljpsydalgx8")))) (build-system cmake-build-system) (propagated-inputs `(("kservice" ,kservice))) @@ -2119,7 +2149,7 @@ emoticons coming from different providers.") (define-public kglobalaccel (package (name "kglobalaccel") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2128,7 +2158,7 @@ emoticons coming from different providers.") name "-" version ".tar.xz")) (sha256 (base32 - "0dxwjznnqlgnvn15pl34rxlzk3i21cvzn8xbgqmxakny8qiib9ry")))) + "1i32dq70qxjbfvlw0wqxvqvl6ysydmpg3zbiflff4z1qrmvmpw6a")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -2162,7 +2192,7 @@ window does not need focus for them to be activated.") (define-public kiconthemes (package (name "kiconthemes") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2171,7 +2201,7 @@ window does not need focus for them to be activated.") name "-" version ".tar.xz")) (sha256 (base32 - "00azbyk5y3jgdqv03a2nd0627kdkhq1bkghvw7w62kcnih9k8lq5")))) + "0hbl82r6qc8dh9v9n9xjkx966czkq5yjxx2rx7sbilj2p9v3saii")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) @@ -2210,7 +2240,7 @@ in applications using the KDE Frameworks.") (define-public kinit (package (name "kinit") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2219,7 +2249,7 @@ in applications using the KDE Frameworks.") name "-" version ".tar.xz")) (sha256 (base32 - "0103lflppdw55l9xiqs68lzaq9897m5qnkmy6fp7dm9wfh9aplqn")))) + "08429kjihpaip73wszr3rsii8sdlwgm3kxx7g0hpjhkj9d2jq3m1")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2254,7 +2284,7 @@ makes starting KDE applications faster and reduces memory consumption.") (define-public kio (package (name "kio") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2263,7 +2293,7 @@ makes starting KDE applications faster and reduces memory consumption.") name "-" version ".tar.xz")) (sha256 (base32 - "19da02l0aj0l07x9bbklhvx9slci3v1d8q80jvam4vyzs4qdyjin")))) + "1i23ld5b9gafh2x3lv79jbggbd92xyhk7rg3n765w3bsfpg2ijva")))) (build-system cmake-build-system) (propagated-inputs `(("kbookmarks" ,kbookmarks) @@ -2327,7 +2357,7 @@ KIO enabled infrastructure.") (define-public knewstuff (package (name "knewstuff") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2336,7 +2366,7 @@ KIO enabled infrastructure.") name "-" version ".tar.xz")) (sha256 (base32 - "1i3ldy9wwnjhpgdd2d0bg4304k88riin89zqzdl52lpqa6hjl3fp")))) + "19d53ylwr92dzl9agk4j765zvb897rcm55z7pr6841aj58jk9b82")))) (build-system cmake-build-system) (propagated-inputs `(("attica" ,attica) @@ -2384,7 +2414,7 @@ specification.") (define-public knotifyconfig (package (name "knotifyconfig") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2393,7 +2423,7 @@ specification.") name "-" version ".tar.xz")) (sha256 (base32 - "14qc6wj4j5i45vzqsvl2wlc07c6x30hb2680gwfqsvwgiaszkzv4")))) + "0lwl22vq770jyp45j32s0ss8yiqdwbink6cdhkbapg3pzbiwklyk")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2426,7 +2456,7 @@ notifications which can be embedded in your application.") (define-public kparts (package (name "kparts") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2435,7 +2465,7 @@ notifications which can be embedded in your application.") name "-" version ".tar.xz")) (sha256 (base32 - "0hrx0mdvw301nbdyw5fkvgkw60ya6kmfw6hfzmj48bws8mi33rs5")))) + "1a5n0f7ljdc2bm6vggzwbvpblyxjqn9m9pam70iab964pqqalgp7")))) (build-system cmake-build-system) (propagated-inputs `(("kio" ,kio) @@ -2477,7 +2507,7 @@ widgets with a user-interface defined in terms of actions.") (define-public kpeople (package (name "kpeople") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2486,7 +2516,7 @@ widgets with a user-interface defined in terms of actions.") name "-" version ".tar.xz")) (sha256 (base32 - "1xqi8zr76hajgyv016iaqlmnr5b84s71fbx412q153g92jglp4mk")))) + "0krm74dl80s48nhiygga4dvkvqqimxdx4nczbk4qvj7j1g9p2rsh")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2520,7 +2550,7 @@ to easily extend the contacts collection.") (define-public krunner (package (name "krunner") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2529,7 +2559,7 @@ to easily extend the contacts collection.") name "-" version ".tar.xz")) (sha256 (base32 - "1k4rg9vqr6h5aj7v51fx3i5z9kxlfpacahs81hkwksi6if8ik4kr")))) + "0n527p708k719zgmvvbmp20xmg72f85cll05q05p4h317g7wz6i5")))) (build-system cmake-build-system) (propagated-inputs `(("plasma-framework" ,plasma-framework))) @@ -2575,7 +2605,7 @@ typed.") (define-public kservice (package (name "kservice") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2584,7 +2614,7 @@ typed.") name "-" version ".tar.xz")) (sha256 (base32 - "02xk3ajspprmx964zhwh2l3axm4gns9h0m0pvcb1v5j8pfh9v70q")))) + "0sikwn49s2iq1nj518q55m2p0hvdvwm98cpf0dkjb1z1v6fgjc37")))) (build-system cmake-build-system) (propagated-inputs `(("kconfig" ,kconfig) @@ -2620,7 +2650,7 @@ types or handled by application specific code.") (define-public ktexteditor (package (name "ktexteditor") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2629,7 +2659,7 @@ types or handled by application specific code.") name "-" version ".tar.xz")) (sha256 (base32 - "1sybw8k3f36mcs5qh3b51v7ynbqn4pbiiabkyxfmyi82i09m2jgw")))) + "182a0swfgdqr0faq3ksk6hlfvdi1afd0hpys5vayjjf263m19xxw")))) (build-system cmake-build-system) (propagated-inputs `(("kparts" ,kparts))) @@ -2688,7 +2718,7 @@ library.") (define-public ktextwidgets (package (name "ktextwidgets") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2697,7 +2727,7 @@ library.") name "-" version ".tar.xz")) (sha256 (base32 - "1s2fd4n4hfkzscxv0cdfjynjzi1f57pfi9a3fp6rrm5c5645zk7r")))) + "1hri34b373bww5gv14qli2nm77k05pk170nbb2vv2zvzv93g25gw")))) (build-system cmake-build-system) (propagated-inputs `(("ki18n" ,ki18n) @@ -2734,7 +2764,7 @@ It supports rich text as well as plain text.") (define-public kwallet (package (name "kwallet") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2743,7 +2773,7 @@ It supports rich text as well as plain text.") name "-" version ".tar.xz")) (sha256 (base32 - "0psc4n6lck9gbx2nn7mgv33x4z2r0xp1mx1xcsgy8smvalrfv5xa")))) + "08z3ddsam5n5qn2svscp4hgksf6qd1h8lqw1v382p01nnmhxadz5")))) (build-system cmake-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules))) @@ -2775,7 +2805,7 @@ the passwords on KDE work spaces.") (define-public kxmlgui (package (name "kxmlgui") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2784,7 +2814,7 @@ the passwords on KDE work spaces.") name "-" version ".tar.xz")) (sha256 (base32 - "1pxi4z7z3bzwcnfwq0pvjsmds401fkisyr353lyxf4rvcpwj3a65")))) + "1v8m6qzjqg3ic14a5ki37bf13kifzcbhly68zcxgs5b92hr953iy")))) (build-system cmake-build-system) (propagated-inputs `(("kconfig" ,kconfig) @@ -2827,7 +2857,7 @@ descriptions for integrating actions from plugins.") (define-public kxmlrpcclient (package (name "kxmlrpcclient") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2836,7 +2866,7 @@ descriptions for integrating actions from plugins.") name "-" version ".tar.xz")) (sha256 (base32 - "1kaczibdfdph5mpg1dldsmqb1six57w7ch3v0v7av5h6j6sx0xaq")))) + "0kp3ab50m5jl2jgw883ip67s6gs0l3saprzrqa9r3hydn2c4s3md")))) (build-system cmake-build-system) (propagated-inputs `(("kio" ,kio))) @@ -2870,7 +2900,7 @@ setUrl, setUserAgent and call.") (define-public plasma-framework (package (name "plasma-framework") - (version "5.32.0") + (version "5.34.0") (source (origin (method url-fetch) (uri (string-append @@ -2879,7 +2909,7 @@ setUrl, setUserAgent and call.") name "-" version ".tar.xz")) (sha256 (base32 - "1hrnmilc30d1kh20cky329i5ji3qyy7m4f8jzax5cgl7nrjca31h")))) + "0waicqskfwc8xpmrym165hwlfv6nzbwc783sac5vrhbyk4bwk8x9")))) (build-system cmake-build-system) (propagated-inputs `(("kpackage" ,kpackage) diff --git a/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch b/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch deleted file mode 100644 index 2dd39294ea..0000000000 --- a/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 61337983ba74361938b7d5323de5d2819a235fdc Mon Sep 17 00:00:00 2001 -From: Jan Grulich -Date: Mon, 3 Apr 2017 12:53:12 +0200 -Subject: Fix unit test for active connections - -Instead of sending PropertiesChanged signal for an active connection we -added recently we should set all properties initially and just advertise -that we have a new active connection once everything is set ---- - src/fakenetwork/fakenetwork.cpp | 26 +++++++------------------- - 1 file changed, 7 insertions(+), 19 deletions(-) - -diff --git a/src/fakenetwork/fakenetwork.cpp b/src/fakenetwork/fakenetwork.cpp -index bc1144e..261fe8e 100644 ---- a/src/fakenetwork/fakenetwork.cpp -+++ b/src/fakenetwork/fakenetwork.cpp -@@ -215,8 +215,14 @@ void FakeNetwork::unregisterService() - - QDBusObjectPath FakeNetwork::ActivateConnection(const QDBusObjectPath &connection, const QDBusObjectPath &device, const QDBusObjectPath &specific_object) - { -- ActiveConnection *newActiveConnection = new ActiveConnection(this); - QString newActiveConnectionPath = QString("/org/kde/fakenetwork/ActiveConnection/") + QString::number(m_activeConnectionsCounter++); -+ ActiveConnection *newActiveConnection = new ActiveConnection(this); -+ newActiveConnection->addDevice(device); -+ newActiveConnection->setActiveConnectionPath(newActiveConnectionPath); -+ newActiveConnection->setConnection(connection); -+ newActiveConnection->setSpecificObject(specific_object); -+ newActiveConnection->setState(NetworkManager::ActiveConnection::Activating); -+ - m_activeConnections.insert(QDBusObjectPath(newActiveConnectionPath), newActiveConnection); - QDBusConnection::sessionBus().registerObject(newActiveConnectionPath, newActiveConnection, QDBusConnection::ExportScriptableContents); - -@@ -227,24 +233,6 @@ QDBusObjectPath FakeNetwork::ActivateConnection(const QDBusObjectPath &connectio - map.insert(QLatin1Literal("ActivatingConnection"), QVariant::fromValue(QDBusObjectPath(newActiveConnectionPath))); - Q_EMIT PropertiesChanged(map); - -- newActiveConnection->addDevice(device); -- newActiveConnection->setActiveConnectionPath(newActiveConnectionPath); -- newActiveConnection->setConnection(connection); -- newActiveConnection->setSpecificObject(specific_object); -- newActiveConnection->setState(NetworkManager::ActiveConnection::Activating); -- -- map.clear(); -- const QList deviceList { device }; -- map.insert(QLatin1Literal("Devices"), QVariant::fromValue >(deviceList)); -- map.insert(QLatin1Literal("Connection"), QVariant::fromValue(connection)); -- if (!specific_object.path().isEmpty()) { -- map.insert(QLatin1Literal("SpecificObject"), QVariant::fromValue(connection)); -- } -- map.insert(QLatin1Literal("State"), NetworkManager::ActiveConnection::Activating); -- QDBusMessage message = QDBusMessage::createSignal(newActiveConnectionPath, QLatin1Literal("org.kde.fakenetwork.Connection.Active"), QLatin1Literal("PropertiesChanged")); -- message << map; -- QDBusConnection::sessionBus().send(message); -- - Device *usedDevice = static_cast(QDBusConnection::sessionBus().objectRegisteredAt(device.path())); - if (usedDevice) { - m_activatedDevice = usedDevice->devicePath(); --- -cgit v0.11.2 - diff --git a/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch b/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch deleted file mode 100644 index af3cdff729..0000000000 --- a/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 3f6155389abc8e2b3dafc5eefa1ce0c929b007fa Mon Sep 17 00:00:00 2001 -From: Jan Grulich -Date: Mon, 3 Apr 2017 14:13:54 +0200 -Subject: One more attempt to fix unit test for active connections - ---- - src/activeconnection.cpp | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/src/activeconnection.cpp b/src/activeconnection.cpp -index 05582fa..3a8e6b2 100644 ---- a/src/activeconnection.cpp -+++ b/src/activeconnection.cpp -@@ -79,11 +79,13 @@ NetworkManager::ActiveConnection::ActiveConnection(const QString &path, QObject - connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged); - #endif - -+#ifndef NMQT_STATIC - /* - * Workaround: Re-check connection state before we watch changes in case it gets changed too quickly - * BUG:352326 - */ - d->recheckProperties(); -+#endif - } - - NetworkManager::ActiveConnection::ActiveConnection(ActiveConnectionPrivate &dd, QObject *parent) -@@ -91,18 +93,26 @@ NetworkManager::ActiveConnection::ActiveConnection(ActiveConnectionPrivate &dd, - { - Q_D(ActiveConnection); - -+#ifndef NMQT_STATIC - #if NM_CHECK_VERSION(1, 4, 0) - QDBusConnection::systemBus().connect(NetworkManagerPrivate::DBUS_SERVICE, d->path, NetworkManagerPrivate::FDO_DBUS_PROPERTIES, - QLatin1String("PropertiesChanged"), d, SLOT(dbusPropertiesChanged(QString,QVariantMap,QStringList))); - #else - connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged); - #endif -+#endif -+ -+#ifdef NMQT_STATIC -+ connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged); -+#endif - -+#ifndef NMQT_STATIC - /* - * Workaround: Re-check connection state before we watch changes in case it gets changed too quickly - * BUG:352326 - */ - d->recheckProperties(); -+#endif - } - - NetworkManager::ActiveConnection::~ActiveConnection() --- -cgit v0.11.2 - -- cgit v1.2.3 From 504c285d1092c9b7a2ef25c7a436da02bef70dc2 Mon Sep 17 00:00:00 2001 From: John Darrington Date: Wed, 15 Mar 2017 21:05:20 +0100 Subject: gnu: Add dcmtk. * gnu/packages/image-processing.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. Co-authored-by: Ricardo Wurmus --- gnu/local.mk | 1 + gnu/packages/image-processing.scm | 65 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 gnu/packages/image-processing.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index be818604f7..067f6b0593 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -194,6 +194,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/idris.scm \ %D%/packages/idutils.scm \ %D%/packages/image.scm \ + %D%/packages/image-processing.scm \ %D%/packages/image-viewers.scm \ %D%/packages/imagemagick.scm \ %D%/packages/indent.scm \ diff --git a/gnu/packages/image-processing.scm b/gnu/packages/image-processing.scm new file mode 100644 index 0000000000..21ee52e7fb --- /dev/null +++ b/gnu/packages/image-processing.scm @@ -0,0 +1,65 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 John Darrington +;;; Copyright © 2017 Ricardo Wurmus +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages image-processing) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix utils) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module (gnu packages) + #:use-module (gnu packages compression) + #:use-module (gnu packages documentation) + #:use-module (gnu packages image) + #:use-module (gnu packages perl)) + +;; We use the latest snapshot of this package because the latest release is +;; from 2011 and has known vulnerabilities that cannot easily be fixed by +;; applying patches. +(define-public dcmtk + (package + (name "dcmtk") + (version "3.6.1_20170228") + (source (origin + (method url-fetch) + (uri (string-append "ftp://dicom.offis.de/pub/dicom/offis/" + "software/dcmtk/snapshot/dcmtk-" + version ".tar.gz")) + (sha256 + (base32 + "04cwfx8yrscqcd59mxk2fh6314ckayi9cp68iql5a57pf2pg5qld")))) + (build-system gnu-build-system) + (inputs + `(("libtiff" ,libtiff) + ("libpng" ,libpng) + ("doxygen" ,doxygen) + ("zlib" ,zlib))) + (native-inputs + `(("perl" ,perl))) + (home-page "http://dcmtk.org") + (synopsis "Libraries and programs implementing parts of the DICOM standard") + (description "DCMTK is a collection of libraries and applications +implementing large parts the DICOM standard. It includes software for +examining, constructing and converting DICOM image files, handling offline +media, sending and receiving images over a network connection, as well as +demonstrative image storage and worklist servers.") + (license (license:fsf-free + "file://COPYRIGHT" + "A union of the Apache 2.0 licence and various non-copyleft +licences similar to the Modified BSD licence.")))) -- cgit v1.2.3 From dbe874dcbf349b1629a7222db3d7c14241ad5606 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 15 May 2017 16:01:21 +0200 Subject: gnu: Add ding-libs. * gnu/packages/sssd.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/packages/sssd.scm | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 gnu/packages/sssd.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 067f6b0593..f6e911b61a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -357,6 +357,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/speech.scm \ %D%/packages/spice.scm \ %D%/packages/ssh.scm \ + %D%/packages/sssd.scm \ %D%/packages/stalonetray.scm \ %D%/packages/statistics.scm \ %D%/packages/storage.scm \ diff --git a/gnu/packages/sssd.scm b/gnu/packages/sssd.scm new file mode 100644 index 0000000000..bf16e6b002 --- /dev/null +++ b/gnu/packages/sssd.scm @@ -0,0 +1,51 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016, 2017 Ricardo Wurmus +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages sssd) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix utils) + #:use-module (guix build-system gnu) + #:use-module (gnu packages)) + +(define-public ding-libs + (package + (name "ding-libs") + (version "0.6.0") + (source (origin + (method url-fetch) + (uri (string-append "https://releases.pagure.org/SSSD/ding-libs/" + "ding-libs-" version ".tar.gz")) + (sha256 + (base32 + "1bczkvq7cblp75kqn6r2d7j5x7brfw6wxirzc6d2rkyb80gj2jkn")))) + (build-system gnu-build-system) + (home-page "https://pagure.io/SSSD/ding-libs/") + (synopsis "Libraries for SSSD") + (description + "DING-LIBS (DING Is Not Glib) are a set of small, useful libraries that +the @dfn{System Security Services Daemon} (SSSD) uses and makes available to +other projects. They include: libdhash, an implementation of a dynamic hash +table which will dynamically resize to achieve optimal storage and access time +properties; ini_config, a library for parsing and managing @code{INI} files; +path_utils, a library to manage UNIX paths and subsets of paths; collection, a +generic, hierarchical grouping mechanism for complex data sets; ref_array, a +dynamically-growing, reference-counted array; libbasicobjects, a set of +fundamental object types for C.") + (license license:lgpl3+))) -- cgit v1.2.3 From 5a3429bcc52a47ca9c879b9ace092eecddeed300 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 16 May 2017 14:15:59 +0200 Subject: gnu: guile-ssh: Fix bug in 'node-guile-version'. * gnu/packages/patches/guile-ssh-rexec-bug.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (guile-ssh)[source](patches): New field. --- gnu/local.mk | 1 + gnu/packages/patches/guile-ssh-rexec-bug.patch | 16 ++++++++++++++++ gnu/packages/ssh.scm | 1 + 3 files changed, 18 insertions(+) create mode 100644 gnu/packages/patches/guile-ssh-rexec-bug.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f6e911b61a..c560c71725 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -649,6 +649,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-present-coding.patch \ %D%/packages/patches/guile-relocatable.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ + %D%/packages/patches/guile-ssh-rexec-bug.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ %D%/packages/patches/gtk2-theme-paths.patch \ diff --git a/gnu/packages/patches/guile-ssh-rexec-bug.patch b/gnu/packages/patches/guile-ssh-rexec-bug.patch new file mode 100644 index 0000000000..363fea38c9 --- /dev/null +++ b/gnu/packages/patches/guile-ssh-rexec-bug.patch @@ -0,0 +1,16 @@ +Fix a bug whereby 'node-guile-version' would pass a node instead of +a session to 'rexec'. + +diff --git a/modules/ssh/dist/node.scm b/modules/ssh/dist/node.scm +index 9c065c7..29a3906 100644 +--- a/modules/ssh/dist/node.scm ++++ b/modules/ssh/dist/node.scm +@@ -411,7 +411,8 @@ procedure returns the 1st evaluated value if multiple values were returned." + "Get Guile version installed on a NODE, return the version string. Return + #f if Guile is not installed." + (receive (result rc) +- (rexec node "which guile > /dev/null && guile --version") ++ (rexec (node-session node) ++ "which guile > /dev/null && guile --version") + (and (zero? rc) + (car result)))) diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 1fd395049a..6a074d10fa 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -226,6 +226,7 @@ Additionally, various channel-specific options can be negotiated.") (sha256 (base32 "0r261i8kc3avbmbwgyzak2vnqwssjlgz37g2y2fwm80w9bmn2m7j")) + (patches (search-patches "guile-ssh-rexec-bug.patch")) (modules '((guix build utils))) (snippet ;; 'configure.ac' mistakenly tries to link files from examples/ -- cgit v1.2.3 From b09a8da4a2e50845a297e041762f3ff9e649c047 Mon Sep 17 00:00:00 2001 From: Mathieu Othacehe Date: Mon, 15 May 2017 22:24:18 +0200 Subject: bootloader: Add extlinux support. * gnu/bootloader.scm: New file. * gnu/bootloader/extlinux.scm: New file. * gnu/bootloader/grub.scm: New file. * gnu/local.mk: Build new files. * gnu/system.scm: Adapt to new bootloader api. * gnu/scripts/system.scm: Adapt to new bootloader api. * gnu.scm: Remove (gnu system grub) and replace by (gnu bootloader) and (gnu bootloader grub) modules. * gnu/system/grub.scm: Moved content to gnu/bootloader/grub.scm. * gnu/system/vm: Replace (gnu system grub) module by (gnu bootloader). * gnu/tests.scm: Ditto. * gnu/tests/nfs.scm: Ditto. --- gnu.scm | 4 +- gnu/bootloader.scm | 127 +++++++++++++ gnu/bootloader/extlinux.scm | 123 ++++++++++++ gnu/bootloader/grub.scm | 448 ++++++++++++++++++++++++++++++++++++++++++++ gnu/local.mk | 4 +- gnu/system.scm | 14 +- gnu/system/grub.scm | 407 ---------------------------------------- gnu/system/vm.scm | 2 +- gnu/tests.scm | 3 +- gnu/tests/nfs.scm | 3 +- guix/scripts/system.scm | 20 +- 11 files changed, 728 insertions(+), 427 deletions(-) create mode 100644 gnu/bootloader.scm create mode 100644 gnu/bootloader/extlinux.scm create mode 100644 gnu/bootloader/grub.scm delete mode 100644 gnu/system/grub.scm (limited to 'gnu/local.mk') diff --git a/gnu.scm b/gnu.scm index 932e4cdd58..913ce61600 100644 --- a/gnu.scm +++ b/gnu.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014, 2015, 2016 Ludovic Courtès ;;; Copyright © 2015 Joshua S. Grant +;;; Copyright © 2017 Mathieu Othacehe ;;; ;;; This file is part of GNU Guix. ;;; @@ -34,7 +35,8 @@ '((gnu system) (gnu system mapped-devices) (gnu system file-systems) - (gnu system grub) ; 'grub-configuration' + (gnu bootloader) + (gnu bootloader grub) (gnu system pam) (gnu system shadow) ; 'user-account' (gnu system linux-initrd) diff --git a/gnu/bootloader.scm b/gnu/bootloader.scm new file mode 100644 index 0000000000..4e77974d31 --- /dev/null +++ b/gnu/bootloader.scm @@ -0,0 +1,127 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 David Craven +;;; Copyright © 2017 Mathieu Othacehe +;;; Copyright © 2017 Leo Famulari +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu bootloader) + #:use-module (guix discovery) + #:use-module (guix records) + #:use-module (guix ui) + #:use-module (srfi srfi-1) + #:export (bootloader + bootloader? + bootloader-name + bootloader-package + bootloader-installer + bootloader-configuration-file + bootloader-configuration-file-generator + + bootloader-configuration + bootloader-configuration? + bootloader-configuration-bootloader + bootloader-configuration-device + bootloader-configuration-menu-entries + bootloader-configuration-default-entry + bootloader-configuration-timeout + bootloader-configuration-theme + bootloader-configuration-terminal-outputs + bootloader-configuration-terminal-inputs + bootloader-configuration-serial-unit + bootloader-configuration-serial-speed + bootloader-configuration-additional-configuration + + %bootloaders + lookup-bootloader-by-name)) + + +;;; +;;; Bootloader record. +;;; + +;; The record contains fields expressing how the bootloader +;; should be installed. Every bootloader in gnu/bootloader/ directory +;; has to be described by this record. + +(define-record-type* + bootloader make-bootloader + bootloader? + (name bootloader-name) + (package bootloader-package) + (installer bootloader-installer) + (configuration-file bootloader-configuration-file) + (configuration-file-generator bootloader-configuration-file-generator)) + + +;;; +;;; Bootloader configuration record. +;;; + +;; The record contains bootloader independant +;; configuration used to fill bootloader configuration file. + +(define-record-type* + bootloader-configuration make-bootloader-configuration + bootloader-configuration? + (bootloader bootloader-configuration-bootloader) ; + (device bootloader-configuration-device ; string + (default #f)) + (menu-entries bootloader-configuration-menu-entries ; list of + (default '())) + (default-entry bootloader-configuration-default-entry ; integer + (default 0)) + (timeout bootloader-configuration-timeout ; seconds as integer + (default 5)) + (theme bootloader-configuration-theme ; bootloader-specific theme + (default #f)) + (terminal-outputs bootloader-configuration-terminal-outputs ; list of symbols + (default '(gfxterm))) + (terminal-inputs bootloader-configuration-terminal-inputs ; list of symbols + (default '())) + (serial-unit bootloader-configuration-serial-unit ; integer | #f + (default #f)) + (serial-speed bootloader-configuration-serial-speed ; integer | #f + (default #f)) + (additional-configuration bootloader-configuration-additional-configuration ; record + (default #f))) + + +;;; +;;; Bootloaders. +;;; + +(define (bootloader-modules) + "Return the list of bootloader modules." + (all-modules (map (lambda (entry) + `(,entry . "gnu/bootloader")) + %load-path))) + +(define %bootloaders + ;; The list of publically-known bootloaders. + (delay (fold-module-public-variables (lambda (obj result) + (if (bootloader? obj) + (cons obj result) + result)) + '() + (bootloader-modules)))) + +(define (lookup-bootloader-by-name name) + "Return the bootloader called NAME." + (or (find (lambda (bootloader) + (eq? name (bootloader-name bootloader))) + (force %bootloaders)) + (leave (G_ "~a: no such bootloader~%") name))) diff --git a/gnu/bootloader/extlinux.scm b/gnu/bootloader/extlinux.scm new file mode 100644 index 0000000000..a002001071 --- /dev/null +++ b/gnu/bootloader/extlinux.scm @@ -0,0 +1,123 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 David Craven +;;; Copyright © 2017 Mathieu Othacehe +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu bootloader extlinux) + #:use-module (gnu bootloader) + #:use-module (gnu system) + #:use-module (gnu packages bootloaders) + #:use-module (guix gexp) + #:use-module (guix monads) + #:use-module (guix records) + #:use-module (guix utils) + #:export (extlinux-bootloader + syslinux-bootloader + + extlinux-configuration + syslinux-configuration)) + +(define* (extlinux-configuration-file config entries + #:key + (system (%current-system)) + (old-entries '())) + "Return the U-Boot configuration file corresponding to CONFIG, a + object, and where the store is available at STORE-FS, a + object. OLD-ENTRIES is taken to be a list of menu entries +corresponding to old generations of the system." + + (define all-entries + (append entries (bootloader-configuration-menu-entries config))) + + (define (boot-parameters->gexp params) + (let ((label (boot-parameters-label params)) + (kernel (boot-parameters-kernel params)) + (kernel-arguments (boot-parameters-kernel-arguments params)) + (initrd (boot-parameters-initrd params))) + #~(format port "LABEL ~a + MENU LABEL ~a + KERNEL ~a + FDTDIR ~a/lib/dtbs + INITRD ~a + APPEND ~a +~%" + #$label #$label + #$kernel #$kernel #$initrd + (string-join (list #$@kernel-arguments))))) + + (define builder + #~(call-with-output-file #$output + (lambda (port) + (let ((timeout #$(bootloader-configuration-timeout config))) + (format port " +UI menu.c32 +PROMPT ~a +TIMEOUT ~a~%" + (if (> timeout 0) 1 0) + ;; timeout is expressed in 1/10s of seconds. + (* 10 timeout)) + #$@(map boot-parameters->gexp all-entries) + + #$@(if (pair? old-entries) + #~((format port "~%") + #$@(map boot-parameters->gexp old-entries) + (format port "~%")) + #~()))))) + + (gexp->derivation "extlinux.conf" builder)) + + + + +;;; +;;; Install procedures. +;;; + +(define dd + #~(lambda (bs count if of) + (zero? (system* "dd" + (string-append "bs=" (number->string bs)) + (string-append "count=" (number->string count)) + (string-append "if=" if) + (string-append "of=" of))))) + +(define install-extlinux + #~(lambda (bootloader device mount-point) + (let ((extlinux (string-append bootloader "/sbin/extlinux")) + (install-dir (string-append mount-point "/boot/extlinux")) + (syslinux-dir (string-append bootloader "/share/syslinux"))) + (for-each (lambda (file) + (install-file file install-dir)) + (find-files syslinux-dir "\\.c32$")) + + (unless (and (zero? (system* extlinux "--install" install-dir)) + (#$dd 440 1 (string-append syslinux-dir "/mbr.bin") device)) + (error "failed to install SYSLINUX"))))) + + + +;;; +;;; Bootloader definitions. +;;; + +(define extlinux-bootloader + (bootloader + (name 'extlinux) + (package syslinux) + (installer install-extlinux) + (configuration-file "/boot/extlinux/extlinux.conf") + (configuration-file-generator extlinux-configuration-file))) diff --git a/gnu/bootloader/grub.scm b/gnu/bootloader/grub.scm new file mode 100644 index 0000000000..49616b7164 --- /dev/null +++ b/gnu/bootloader/grub.scm @@ -0,0 +1,448 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès +;;; Copyright © 2016 Chris Marusich +;;; Copyright © 2017 Leo Famulari +;;; Copyright © 2017 Mathieu Othacehe +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu bootloader grub) + #:use-module (guix store) + #:use-module (guix packages) + #:use-module (guix derivations) + #:use-module (guix records) + #:use-module (guix monads) + #:use-module (guix gexp) + #:use-module (guix download) + #:use-module (gnu artwork) + #:use-module (gnu system) + #:use-module (gnu bootloader) + #:use-module (gnu system file-systems) + #:autoload (gnu packages bootloaders) (grub) + #:autoload (gnu packages compression) (gzip) + #:autoload (gnu packages gtk) (guile-cairo guile-rsvg) + #:use-module (ice-9 match) + #:use-module (ice-9 regex) + #:use-module (srfi srfi-1) + #:use-module (rnrs bytevectors) + #:export (grub-image + grub-image? + grub-image-aspect-ratio + grub-image-file + + grub-theme + grub-theme? + grub-theme-images + grub-theme-color-normal + grub-theme-color-highlight + + %background-image + %default-theme + + grub-bootloader + grub-efi-bootloader + + grub-configuration)) + +;;; Commentary: +;;; +;;; Configuration of GNU GRUB. +;;; +;;; Code: + +(define (strip-mount-point mount-point file) + "Strip MOUNT-POINT from FILE, which is a gexp or other lowerable object +denoting a file name." + (if (string=? mount-point "/") + file + #~(let ((file #$file)) + (if (string-prefix? #$mount-point file) + (substring #$file #$(string-length mount-point)) + file)))) + +(define-record-type* + grub-image make-grub-image + grub-image? + (aspect-ratio grub-image-aspect-ratio ;rational number + (default 4/3)) + (file grub-image-file)) ;file-valued gexp (SVG) + +(define-record-type* + grub-theme make-grub-theme + grub-theme? + (images grub-theme-images + (default '())) ;list of + (color-normal grub-theme-color-normal + (default '((fg . cyan) (bg . blue)))) + (color-highlight grub-theme-color-highlight + (default '((fg . white) (bg . blue))))) + +(define %background-image + (grub-image + (aspect-ratio 4/3) + (file (file-append %artwork-repository + "/grub/GuixSD-fully-black-4-3.svg")))) + +(define %default-theme + ;; Default theme contributed by Felipe López. + (grub-theme + (images (list %background-image)) + (color-highlight '((fg . yellow) (bg . black))) + (color-normal '((fg . light-gray) (bg . black))))) ;XXX: #x303030 + +(define-record-type* + menu-entry make-menu-entry + menu-entry? + (label menu-entry-label) + (device menu-entry-device ; file system uuid, label, or #f + (default #f)) + (device-mount-point menu-entry-device-mount-point + (default "/")) + (linux menu-entry-linux) + (linux-arguments menu-entry-linux-arguments + (default '())) ; list of string-valued gexps + (initrd menu-entry-initrd)) ; file name of the initrd as a gexp + + +;;; +;;; Background image & themes. +;;; + +(define (bootloader-theme config) + "Return user defined theme in CONFIG if defined or %default-theme +otherwise." + (or (bootloader-configuration-theme config) %default-theme)) + +(define* (svg->png svg #:key width height) + "Build a PNG of HEIGHT x WIDTH from SVG." + (gexp->derivation "grub-image.png" + (with-imported-modules '((gnu build svg)) + #~(begin + ;; We need these two libraries. + (add-to-load-path (string-append #+guile-rsvg + "/share/guile/site/" + (effective-version))) + (add-to-load-path (string-append #+guile-cairo + "/share/guile/site/" + (effective-version))) + + (use-modules (gnu build svg)) + (svg->png #+svg #$output + #:width #$width + #:height #$height))))) + +(define* (grub-background-image config #:key (width 1024) (height 768)) + "Return the GRUB background image defined in CONFIG with a ratio of +WIDTH/HEIGHT, or #f if none was found." + (let* ((ratio (/ width height)) + (image (find (lambda (image) + (= (grub-image-aspect-ratio image) ratio)) + (grub-theme-images + (bootloader-theme config))))) + (if image + (svg->png (grub-image-file image) + #:width width #:height height) + (with-monad %store-monad + (return #f))))) + +(define* (eye-candy config store-device store-mount-point + #:key system port) + "Return in %STORE-MONAD a gexp that writes to PORT (a port-valued gexp) the +'grub.cfg' part concerned with graphics mode, background images, colors, and +all that. STORE-DEVICE designates the device holding the store, and +STORE-MOUNT-POINT is its mount point; these are used to determine where the +background image and fonts must be searched for. SYSTEM must be the target +system string---e.g., \"x86_64-linux\"." + (define setup-gfxterm-body + ;; Intel and EFI systems need to be switched into graphics mode, whereas + ;; most other modern architectures have no other mode and therefore don't + ;; need to be switched. + (if (string-match "^(x86_64|i[3-6]86)-" system) + " + # Leave 'gfxmode' to 'auto'. + insmod video_bochs + insmod video_cirrus + insmod gfxterm + + if [ \"${grub_platform}\" == efi ]; then + # This is for (U)EFI systems (these modules are unavailable in the + # non-EFI GRUB.) If we don't load them, GRUB boots in \"blind mode\", + # which isn't convenient. + insmod efi_gop + insmod efi_uga + else + # These are specific to non-EFI Intel machines. + insmod vbe + insmod vga + fi +" + "")) + + (define (setup-gfxterm config font-file) + (if (memq 'gfxterm (bootloader-configuration-terminal-outputs config)) + #~(format #f "if loadfont ~a; then + setup_gfxterm +fi~%" #$font-file) + "")) + + (define (theme-colors type) + (let* ((theme (bootloader-theme config)) + (colors (type theme))) + (string-append (symbol->string (assoc-ref colors 'fg)) "/" + (symbol->string (assoc-ref colors 'bg))))) + + (define font-file + (strip-mount-point store-mount-point + (file-append grub "/share/grub/unicode.pf2"))) + + (mlet* %store-monad ((image (grub-background-image config))) + (return (and image + #~(format #$port " +function setup_gfxterm {~a} + +# Set 'root' to the partition that contains /gnu/store. +~a + +~a +~a + +insmod png +if background_image ~a; then + set color_normal=~a + set color_highlight=~a +else + set menu_color_normal=cyan/blue + set menu_color_highlight=white/blue +fi~%" + #$setup-gfxterm-body + #$(grub-root-search store-device font-file) + #$(setup-gfxterm config font-file) + #$(grub-setup-io config) + + #$(strip-mount-point store-mount-point image) + #$(theme-colors grub-theme-color-normal) + #$(theme-colors grub-theme-color-highlight)))))) + + +;;; +;;; Configuration file. +;;; + +(define (grub-setup-io config) + "Return GRUB commands to configure the input / output interfaces. The result +is a string that can be inserted in grub.cfg." + (let* ((symbols->string (lambda (list) + (string-join (map symbol->string list) " "))) + (outputs (bootloader-configuration-terminal-outputs config)) + (inputs (bootloader-configuration-terminal-inputs config)) + (unit (bootloader-configuration-serial-unit config)) + (speed (bootloader-configuration-serial-speed config)) + + ;; Respectively, GRUB_TERMINAL_OUTPUT and GRUB_TERMINAL_INPUT, + ;; as documented in GRUB manual section "Simple Configuration + ;; Handling". + (valid-outputs '(console serial serial_0 serial_1 serial_2 serial_3 + gfxterm vga_text mda_text morse spkmodem)) + (valid-inputs '(console serial serial_0 serial_1 serial_2 serial_3 + at_keyboard usb_keyboard)) + + (io (string-append + "terminal_output " + (symbols->string + (map + (lambda (output) + (if (memq output valid-outputs) output #f)) outputs)) "\n" + (if (null? inputs) + "" + (string-append + "terminal_input " + (symbols->string + (map + (lambda (input) + (if (memq input valid-inputs) input #f)) inputs)) "\n")) + ;; UNIT and SPEED are arguments to the same GRUB command + ;; ("serial"), so we process them together. + (if (or unit speed) + (string-append + "serial" + (if unit + ;; COM ports 1 through 4 + (if (and (exact-integer? unit) (<= unit 3) (>= unit 0)) + (string-append " --unit=" (number->string unit)) + #f) + "") + (if speed + (if (exact-integer? speed) + (string-append " --speed=" (number->string speed)) + #f) + "")) + "")))) + (format #f "~a" io))) + +(define (grub-root-search device file) + "Return the GRUB 'search' command to look for DEVICE, which contains FILE, +a gexp. The result is a gexp that can be inserted in the grub.cfg-generation +code." + ;; Usually FILE is a file name gexp like "/gnu/store/…-linux/vmlinuz", but + ;; it can also be something like "(hd0,msdos1)/vmlinuz" in the case of + ;; custom menu entries. In the latter case, don't emit a 'search' command. + (if (and (string? file) (not (string-prefix? "/" file))) + "" + (match device + ;; Preferably refer to DEVICE by its UUID or label. This is more + ;; efficient and less ambiguous, see . + ((? bytevector? uuid) + (format #f "search --fs-uuid --set ~a" + (uuid->string device))) + ((? string? label) + (format #f "search --label --set ~a" label)) + (#f + #~(format #f "search --file --set ~a" #$file))))) + +(define (boot-parameters->menu-entry conf) + "Convert a instance to a corresponding ." + (menu-entry + (label (boot-parameters-label conf)) + (device (boot-parameters-store-device conf)) + (device-mount-point (boot-parameters-store-mount-point conf)) + (linux (boot-parameters-kernel conf)) + (linux-arguments (boot-parameters-kernel-arguments conf)) + (initrd (boot-parameters-initrd conf)))) + +(define* (grub-configuration-file config entries + #:key + (system (%current-system)) + (old-entries '())) + "Return the GRUB configuration file corresponding to CONFIG, a + object, and where the store is available at +STORE-FS, a object. OLD-ENTRIES is taken to be a list of menu +entries corresponding to old generations of the system." + (define all-entries + (map boot-parameters->menu-entry + (append entries + (bootloader-configuration-menu-entries config)))) + + (define entry->gexp + (match-lambda + (($ label device device-mount-point + linux arguments initrd) + ;; Here DEVICE is the store and DEVICE-MOUNT-POINT is its mount point. + ;; Use the right file names for LINUX and INITRD in case + ;; DEVICE-MOUNT-POINT is not "/", meaning that the store is on a + ;; separate partition. + (let ((linux (strip-mount-point device-mount-point linux)) + (initrd (strip-mount-point device-mount-point initrd))) + #~(format port "menuentry ~s { + ~a + linux ~a ~a + initrd ~a +}~%" + #$label + #$(grub-root-search device linux) + #$linux (string-join (list #$@arguments)) + #$initrd))))) + + (mlet %store-monad ((sugar (eye-candy config + (menu-entry-device (first all-entries)) + (menu-entry-device-mount-point + (first all-entries)) + #:system system + #:port #~port))) + (define builder + #~(call-with-output-file #$output + (lambda (port) + (format port + "# This file was generated from your GuixSD configuration. Any changes +# will be lost upon reconfiguration. +") + #$sugar + (format port " +set default=~a +set timeout=~a~%" + #$(bootloader-configuration-default-entry config) + #$(bootloader-configuration-timeout config)) + #$@(map entry->gexp all-entries) + + #$@(if (pair? old-entries) + #~((format port " +submenu \"GNU system, old configurations...\" {~%") + #$@(map entry->gexp (map boot-parameters->menu-entry old-entries)) + (format port "}~%")) + #~())))) + + (gexp->derivation "grub.cfg" builder))) + + + +;;; +;;; Install procedures. +;;; + +(define install-grub + #~(lambda (bootloader device mount-point) + ;; Install GRUB on DEVICE which is mounted at MOUNT-POINT. + (let ((grub (string-append bootloader "/sbin/grub-install")) + (install-dir (string-append mount-point "/boot"))) + ;; Tell 'grub-install' that there might be a LUKS-encrypted /boot or + ;; root partition. + (setenv "GRUB_ENABLE_CRYPTODISK" "y") + + (unless (zero? (system* grub "--no-floppy" + "--boot-directory" install-dir + device)) + (error "failed to install GRUB"))))) + + + +;;; +;;; Bootloader definitions. +;;; + +(define grub-bootloader + (bootloader + (name 'grub) + (package grub) + (installer install-grub) + (configuration-file "/boot/grub/grub.cfg") + (configuration-file-generator grub-configuration-file))) + +(define* grub-efi-bootloader + (bootloader + (inherit grub-bootloader) + (name 'grub-efi) + (package grub-efi))) + + +;;; +;;; Compatibility macros. +;;; + +(define-syntax grub-configuration + (syntax-rules (grub) + ((_ (grub package) fields ...) + (if (eq? package grub) + (bootloader-configuration + (bootloader grub-bootloader) + fields ...) + (bootloader-configuration + (bootloader grub-efi-bootloader) + fields ...))) + ((_ fields ...) + (bootloader-configuration + (bootloader grub-bootloader) + fields ...)))) + +;;; grub.scm ends here diff --git a/gnu/local.mk b/gnu/local.mk index c560c71725..d0c5b9daf8 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -36,6 +36,9 @@ GNU_SYSTEM_MODULES = \ gnu.scm \ %D%/artwork.scm \ + %D%/bootloader.scm \ + %D%/bootloader/grub.scm \ + %D%/bootloader/extlinux.scm \ %D%/packages.scm \ %D%/packages/abduco.scm \ %D%/packages/abiword.scm \ @@ -443,7 +446,6 @@ GNU_SYSTEM_MODULES = \ \ %D%/system.scm \ %D%/system/file-systems.scm \ - %D%/system/grub.scm \ %D%/system/install.scm \ %D%/system/linux-container.scm \ %D%/system/linux-initrd.scm \ diff --git a/gnu/system.scm b/gnu/system.scm index f9a0da9a75..a705bf6900 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -48,6 +48,7 @@ #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu services base) + #:use-module (gnu bootloader) #:use-module (gnu system shadow) #:use-module (gnu system nss) #:use-module (gnu system locale) @@ -139,7 +140,7 @@ booted from ROOT-DEVICE" (default linux-libre)) (kernel-arguments operating-system-user-kernel-arguments (default '())) ; list of gexps/strings - (bootloader operating-system-bootloader) ; + (bootloader operating-system-bootloader) ; (initrd operating-system-initrd ; (list fs) -> M derivation (default base-initrd)) @@ -847,12 +848,11 @@ populate the \"old entries\" menu." (root-device -> (if (eq? 'uuid (file-system-title root-fs)) (uuid->string (file-system-device root-fs)) (file-system-device root-fs))) - (entry (operating-system-boot-parameters os system root-device))) - ((module-ref (resolve-interface '(gnu system grub)) - 'grub-configuration-file) - (operating-system-bootloader os) - (list entry) - #:old-entries old-entries))) + (entry (operating-system-boot-parameters os system root-device)) + (bootloader-conf -> (operating-system-bootloader os))) + ((bootloader-configuration-file-generator + (bootloader-configuration-bootloader bootloader-conf)) + bootloader-conf (list entry) #:old-entries old-entries))) (define (fs->boot-device fs) "Given FS, a object, return a value suitable for use as the diff --git a/gnu/system/grub.scm b/gnu/system/grub.scm deleted file mode 100644 index 85878de85c..0000000000 --- a/gnu/system/grub.scm +++ /dev/null @@ -1,407 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès -;;; Copyright © 2016 Chris Marusich -;;; Copyright © 2017 Leo Famulari -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu system grub) - #:use-module (guix store) - #:use-module (guix packages) - #:use-module (guix derivations) - #:use-module (guix records) - #:use-module (guix monads) - #:use-module (guix gexp) - #:use-module (guix download) - #:use-module (gnu artwork) - #:use-module (gnu system) - #:use-module (gnu system file-systems) - #:autoload (gnu packages bootloaders) (grub) - #:autoload (gnu packages compression) (gzip) - #:autoload (gnu packages gtk) (guile-cairo guile-rsvg) - #:use-module (ice-9 match) - #:use-module (ice-9 regex) - #:use-module (srfi srfi-1) - #:use-module (rnrs bytevectors) - #:export (grub-image - grub-image? - grub-image-aspect-ratio - grub-image-file - - grub-theme - grub-theme? - grub-theme-images - grub-theme-color-normal - grub-theme-color-highlight - - %background-image - %default-theme - - grub-configuration - grub-configuration? - grub-configuration-device - grub-configuration-grub - - menu-entry - menu-entry? - - grub-configuration-file)) - -;;; Commentary: -;;; -;;; Configuration of GNU GRUB. -;;; -;;; Code: - -(define (strip-mount-point mount-point file) - "Strip MOUNT-POINT from FILE, which is a gexp or other lowerable object -denoting a file name." - (if (string=? mount-point "/") - file - #~(let ((file #$file)) - (if (string-prefix? #$mount-point file) - (substring #$file #$(string-length mount-point)) - file)))) - -(define-record-type* - grub-image make-grub-image - grub-image? - (aspect-ratio grub-image-aspect-ratio ;rational number - (default 4/3)) - (file grub-image-file)) ;file-valued gexp (SVG) - -(define-record-type* - grub-theme make-grub-theme - grub-theme? - (images grub-theme-images - (default '())) ;list of - (color-normal grub-theme-color-normal - (default '((fg . cyan) (bg . blue)))) - (color-highlight grub-theme-color-highlight - (default '((fg . white) (bg . blue))))) - -(define %background-image - (grub-image - (aspect-ratio 4/3) - (file (file-append %artwork-repository - "/grub/GuixSD-fully-black-4-3.svg")))) - -(define %default-theme - ;; Default theme contributed by Felipe López. - (grub-theme - (images (list %background-image)) - (color-highlight '((fg . yellow) (bg . black))) - (color-normal '((fg . light-gray) (bg . black))))) ;XXX: #x303030 - -(define-record-type* - grub-configuration make-grub-configuration - grub-configuration? - (grub grub-configuration-grub ; package - (default (@ (gnu packages bootloaders) grub))) - (device grub-configuration-device) ; string - (menu-entries grub-configuration-menu-entries ; list - (default '())) - (default-entry grub-configuration-default-entry ; integer - (default 0)) - (timeout grub-configuration-timeout ; integer - (default 5)) - (theme grub-configuration-theme ; - (default %default-theme)) - (terminal-outputs grub-configuration-terminal-outputs ; list of symbols - (default '(gfxterm))) - (terminal-inputs grub-configuration-terminal-inputs ; list of symbols - (default '())) - (serial-unit grub-configuration-serial-unit ; integer | #f - (default #f)) - (serial-speed grub-configuration-serial-speed ; integer | #f - (default #f))) - -(define-record-type* - menu-entry make-menu-entry - menu-entry? - (label menu-entry-label) - (device menu-entry-device ; file system uuid, label, or #f - (default #f)) - (device-mount-point menu-entry-device-mount-point - (default "/")) - (linux menu-entry-linux) - (linux-arguments menu-entry-linux-arguments - (default '())) ; list of string-valued gexps - (initrd menu-entry-initrd)) ; file name of the initrd as a gexp - - -;;; -;;; Background image & themes. -;;; - -(define* (svg->png svg #:key width height) - "Build a PNG of HEIGHT x WIDTH from SVG." - (gexp->derivation "grub-image.png" - (with-imported-modules '((gnu build svg)) - #~(begin - ;; We need these two libraries. - (add-to-load-path (string-append #+guile-rsvg - "/share/guile/site/" - (effective-version))) - (add-to-load-path (string-append #+guile-cairo - "/share/guile/site/" - (effective-version))) - - (use-modules (gnu build svg)) - (svg->png #+svg #$output - #:width #$width - #:height #$height))))) - -(define* (grub-background-image config #:key (width 1024) (height 768)) - "Return the GRUB background image defined in CONFIG with a ratio of -WIDTH/HEIGHT, or #f if none was found." - (let* ((ratio (/ width height)) - (image (find (lambda (image) - (= (grub-image-aspect-ratio image) ratio)) - (grub-theme-images (grub-configuration-theme config))))) - (if image - (svg->png (grub-image-file image) - #:width width #:height height) - (with-monad %store-monad - (return #f))))) - -(define* (eye-candy config store-device store-mount-point - #:key system port) - "Return in %STORE-MONAD a gexp that writes to PORT (a port-valued gexp) the -'grub.cfg' part concerned with graphics mode, background images, colors, and -all that. STORE-DEVICE designates the device holding the store, and -STORE-MOUNT-POINT is its mount point; these are used to determine where the -background image and fonts must be searched for. SYSTEM must be the target -system string---e.g., \"x86_64-linux\"." - (define setup-gfxterm-body - ;; Intel and EFI systems need to be switched into graphics mode, whereas - ;; most other modern architectures have no other mode and therefore don't - ;; need to be switched. - (if (string-match "^(x86_64|i[3-6]86)-" system) - " - # Leave 'gfxmode' to 'auto'. - insmod video_bochs - insmod video_cirrus - insmod gfxterm - - if [ \"${grub_platform}\" == efi ]; then - # This is for (U)EFI systems (these modules are unavailable in the - # non-EFI GRUB.) If we don't load them, GRUB boots in \"blind mode\", - # which isn't convenient. - insmod efi_gop - insmod efi_uga - else - # These are specific to non-EFI Intel machines. - insmod vbe - insmod vga - fi -" - "")) - - (define (setup-gfxterm config font-file) - (if (memq 'gfxterm (grub-configuration-terminal-outputs config)) - #~(format #f "if loadfont ~a; then - setup_gfxterm -fi~%" #$font-file) - "")) - - (define (theme-colors type) - (let* ((theme (grub-configuration-theme config)) - (colors (type theme))) - (string-append (symbol->string (assoc-ref colors 'fg)) "/" - (symbol->string (assoc-ref colors 'bg))))) - - (define font-file - (strip-mount-point store-mount-point - (file-append grub "/share/grub/unicode.pf2"))) - - (mlet* %store-monad ((image (grub-background-image config))) - (return (and image - #~(format #$port " -function setup_gfxterm {~a} - -# Set 'root' to the partition that contains /gnu/store. -~a - -~a -~a - -insmod png -if background_image ~a; then - set color_normal=~a - set color_highlight=~a -else - set menu_color_normal=cyan/blue - set menu_color_highlight=white/blue -fi~%" - #$setup-gfxterm-body - #$(grub-root-search store-device font-file) - #$(setup-gfxterm config font-file) - #$(grub-setup-io config) - - #$(strip-mount-point store-mount-point image) - #$(theme-colors grub-theme-color-normal) - #$(theme-colors grub-theme-color-highlight)))))) - - -;;; -;;; Configuration file. -;;; - -(define (grub-setup-io config) - "Return GRUB commands to configure the input / output interfaces. The result -is a string that can be inserted in grub.cfg." - (let* ((symbols->string (lambda (list) - (string-join (map symbol->string list) " "))) - (outputs (grub-configuration-terminal-outputs config)) - (inputs (grub-configuration-terminal-inputs config)) - (unit (grub-configuration-serial-unit config)) - (speed (grub-configuration-serial-speed config)) - - ;; Respectively, GRUB_TERMINAL_OUTPUT and GRUB_TERMINAL_INPUT, - ;; as documented in GRUB manual section "Simple Configuration - ;; Handling". - (valid-outputs '(console serial serial_0 serial_1 serial_2 serial_3 - gfxterm vga_text mda_text morse spkmodem)) - (valid-inputs '(console serial serial_0 serial_1 serial_2 serial_3 - at_keyboard usb_keyboard)) - - (io (string-append - "terminal_output " - (symbols->string - (map - (lambda (output) - (if (memq output valid-outputs) output #f)) outputs)) "\n" - (if (null? inputs) - "" - (string-append - "terminal_input " - (symbols->string - (map - (lambda (input) - (if (memq input valid-inputs) input #f)) inputs)) "\n")) - ;; UNIT and SPEED are arguments to the same GRUB command - ;; ("serial"), so we process them together. - (if (or unit speed) - (string-append - "serial" - (if unit - ;; COM ports 1 through 4 - (if (and (exact-integer? unit) (<= unit 3) (>= unit 0)) - (string-append " --unit=" (number->string unit)) - #f) - "") - (if speed - (if (exact-integer? speed) - (string-append " --speed=" (number->string speed)) - #f) - "")) - "")))) - (format #f "~a" io))) - -(define (grub-root-search device file) - "Return the GRUB 'search' command to look for DEVICE, which contains FILE, -a gexp. The result is a gexp that can be inserted in the grub.cfg-generation -code." - ;; Usually FILE is a file name gexp like "/gnu/store/…-linux/vmlinuz", but - ;; it can also be something like "(hd0,msdos1)/vmlinuz" in the case of - ;; custom menu entries. In the latter case, don't emit a 'search' command. - (if (and (string? file) (not (string-prefix? "/" file))) - "" - (match device - ;; Preferably refer to DEVICE by its UUID or label. This is more - ;; efficient and less ambiguous, see . - ((? bytevector? uuid) - (format #f "search --fs-uuid --set ~a" - (uuid->string device))) - ((? string? label) - (format #f "search --label --set ~a" label)) - (#f - #~(format #f "search --file --set ~a" #$file))))) - -(define (boot-parameters->menu-entry conf) - "Convert a instance to a corresponding ." - (menu-entry - (label (boot-parameters-label conf)) - (device (boot-parameters-store-device conf)) - (device-mount-point (boot-parameters-store-mount-point conf)) - (linux (boot-parameters-kernel conf)) - (linux-arguments (boot-parameters-kernel-arguments conf)) - (initrd (boot-parameters-initrd conf)))) - -(define* (grub-configuration-file config entries - #:key - (system (%current-system)) - (old-entries '())) - "Return the GRUB configuration file corresponding to CONFIG, a - object, and where the store is available at STORE-FS, a - object. OLD-ENTRIES is taken to be a list of menu entries -corresponding to old generations of the system." - (define all-entries - (append (map boot-parameters->menu-entry entries) - (grub-configuration-menu-entries config))) - - (define entry->gexp - (match-lambda - (($ label device device-mount-point - linux arguments initrd) - ;; Here DEVICE is the store and DEVICE-MOUNT-POINT is its mount point. - ;; Use the right file names for LINUX and INITRD in case - ;; DEVICE-MOUNT-POINT is not "/", meaning that the store is on a - ;; separate partition. - (let ((linux (strip-mount-point device-mount-point linux)) - (initrd (strip-mount-point device-mount-point initrd))) - #~(format port "menuentry ~s { - ~a - linux ~a ~a - initrd ~a -}~%" - #$label - #$(grub-root-search device linux) - #$linux (string-join (list #$@arguments)) - #$initrd))))) - - (mlet %store-monad ((sugar (eye-candy config - (menu-entry-device (first all-entries)) - (menu-entry-device-mount-point - (first all-entries)) - #:system system - #:port #~port))) - (define builder - #~(call-with-output-file #$output - (lambda (port) - (format port - "# This file was generated from your GuixSD configuration. Any changes -# will be lost upon reconfiguration. -") - #$sugar - (format port " -set default=~a -set timeout=~a~%" - #$(grub-configuration-default-entry config) - #$(grub-configuration-timeout config)) - #$@(map entry->gexp all-entries) - - #$@(if (pair? old-entries) - #~((format port " -submenu \"GNU system, old configurations...\" {~%") - #$@(map entry->gexp (map boot-parameters->menu-entry old-entries)) - (format port "}~%")) - #~())))) - - (gexp->derivation "grub.cfg" builder))) - -;;; grub.scm ends here diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 2c8b954c80..080014cde4 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -49,7 +49,7 @@ #:use-module (gnu system shadow) #:use-module (gnu system pam) #:use-module (gnu system linux-initrd) - #:use-module (gnu system grub) + #:use-module (gnu bootloader) #:use-module (gnu system file-systems) #:use-module (gnu system) #:use-module (gnu services) diff --git a/gnu/tests.scm b/gnu/tests.scm index 810711ab91..2886a982f4 100644 --- a/gnu/tests.scm +++ b/gnu/tests.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016, 2017 Ludovic Courtès +;;; Copyright © 2017 Mathieu Othacehe ;;; ;;; This file is part of GNU Guix. ;;; @@ -20,8 +21,8 @@ #:use-module (guix gexp) #:use-module (guix utils) #:use-module (guix records) + #:use-module (gnu bootloader grub) #:use-module (gnu system) - #:use-module (gnu system grub) #:use-module (gnu system file-systems) #:use-module (gnu system shadow) #:use-module (gnu services) diff --git a/gnu/tests/nfs.scm b/gnu/tests/nfs.scm index 1f28f5a5b8..9e1ac1d55a 100644 --- a/gnu/tests/nfs.scm +++ b/gnu/tests/nfs.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Ludovic Courtès ;;; Copyright © 2016 John Darrington +;;; Copyright © 2017 Mathieu Othacehe ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,8 +20,8 @@ (define-module (gnu tests nfs) #:use-module (gnu tests) + #:use-module (gnu bootloader grub) #:use-module (gnu system) - #:use-module (gnu system grub) #:use-module (gnu system file-systems) #:use-module (gnu system shadow) #:use-module (gnu system vm) diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm index 9c09767508..5fd0d7600c 100644 --- a/guix/scripts/system.scm +++ b/guix/scripts/system.scm @@ -38,10 +38,10 @@ #:use-module (guix build utils) #:use-module (gnu build install) #:use-module (gnu system) + #:use-module (gnu bootloader) #:use-module (gnu system file-systems) #:use-module (gnu system linux-container) #:use-module (gnu system vm) - #:use-module (gnu system grub) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu services herd) @@ -598,8 +598,12 @@ output when building a system derivation, such as a disk image." #:image-size image-size #:full-boot? full-boot? #:mappings mappings)) - (grub (package->derivation (grub-configuration-grub - (operating-system-bootloader os)))) + (bootloader (let ((bootloader (bootloader-package + (bootloader-configuration-bootloader + (operating-system-bootloader os))))) + (if bootloader + (package->derivation bootloader) + (return #f)))) (grub.cfg (if (eq? 'container action) (return #f) (operating-system-bootcfg os @@ -611,8 +615,8 @@ output when building a system derivation, such as a disk image." ;; --no-grub is passed, because GRUB.CFG because we then use it as a GC ;; root. See . (drvs -> (if (memq action '(init reconfigure)) - (if bootloader? - (list sys grub.cfg grub) + (if (and bootloader? bootloader) + (list sys grub.cfg bootloader) (list sys grub.cfg)) (list sys))) (% (if derivations-only? @@ -628,8 +632,8 @@ output when building a system derivation, such as a disk image." drvs) ;; Make sure GRUB is accessible. - (when bootloader? - (let ((prefix (derivation->output-path grub))) + (when (and bootloader? bootloader) + (let ((prefix (derivation->output-path bootloader))) (setenv "PATH" (string-append prefix "/bin:" prefix "/sbin:" (getenv "PATH"))))) @@ -832,7 +836,7 @@ resulting from command-line parsing." ((first second) second) (_ #f))) (device (and bootloader? - (grub-configuration-device + (bootloader-configuration-device (operating-system-bootloader os))))) (with-store store -- cgit v1.2.3 From e7620b649c2351a3f01b5201e6e9f0b0996e78f5 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 17 May 2017 07:28:09 -0400 Subject: gnu: qemu: Fix CVE-2017-7493. * gnu/packages/patches/qemu-CVE-2017-7493.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/qemu.scm (qemu)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/qemu-CVE-2017-7493.patch | 182 ++++++++++++++++++++++++++ gnu/packages/qemu.scm | 1 + 3 files changed, 184 insertions(+) create mode 100644 gnu/packages/patches/qemu-CVE-2017-7493.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index d0c5b9daf8..daa67b1aa9 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -941,6 +941,7 @@ dist_patch_DATA = \ %D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \ %D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \ %D%/packages/patches/python2-subprocess32-disable-input-test.patch \ + %D%/packages/patches/qemu-CVE-2017-7493.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2017-7493.patch b/gnu/packages/patches/qemu-CVE-2017-7493.patch new file mode 100644 index 0000000000..67b26fad81 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-7493.patch @@ -0,0 +1,182 @@ +Fix CVE-2017-7493: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7493 + +Patch copied from upstream source repository: + +http://git.qemu.org/?p=qemu.git;a=commit;h=7a95434e0ca8a037fd8aa1a2e2461f92585eb77b + +From 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b Mon Sep 17 00:00:00 2001 +From: Greg Kurz +Date: Fri, 5 May 2017 14:48:08 +0200 +Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493) + +When using the mapped-file security mode, we shouldn't let the client mess +with the metadata. The current code already tries to hide the metadata dir +from the client by skipping it in local_readdir(). But the client can still +access or modify it through several other operations. This can be used to +escalate privileges in the guest. + +Affected backend operations are: +- local_mknod() +- local_mkdir() +- local_open2() +- local_symlink() +- local_link() +- local_unlinkat() +- local_renameat() +- local_rename() +- local_name_to_path() + +Other operations are safe because they are only passed a fid path, which +is computed internally in local_name_to_path(). + +This patch converts all the functions listed above to fail and return +EINVAL when being passed the name of the metadata dir. This may look +like a poor choice for errno, but there's no such thing as an illegal +path name on Linux and I could not think of anything better. + +This fixes CVE-2017-7493. + +Reported-by: Leo Gaspard +Signed-off-by: Greg Kurz +Reviewed-by: Eric Blake +--- + hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 56 insertions(+), 2 deletions(-) + +diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c +index f3ebca4f7a..a2486566af 100644 +--- a/hw/9pfs/9p-local.c ++++ b/hw/9pfs/9p-local.c +@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs) + return telldir(fs->dir.stream); + } + ++static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name) ++{ ++ return !strcmp(name, VIRTFS_META_DIR); ++} ++ + static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs) + { + struct dirent *entry; +@@ -465,8 +470,8 @@ again: + if (ctx->export_flags & V9FS_SM_MAPPED) { + entry->d_type = DT_UNKNOWN; + } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) { +- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) { +- /* skp the meta data directory */ ++ if (local_is_mapped_file_metadata(ctx, entry->d_name)) { ++ /* skip the meta data directory */ + goto again; + } + entry->d_type = DT_UNKNOWN; +@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + /* + * Mark all the open to not follow symlinks + */ +@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath, + int ret = -1; + int odirfd, ndirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + odirfd = local_opendir_nofollow(ctx, odirpath); + if (odirfd == -1) { + goto out; +@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path, + static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path, + const char *name, V9fsPath *target) + { ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + if (dir_path) { + v9fs_path_sprintf(target, "%s/%s", dir_path->data, name); + } else if (strcmp(name, "/")) { +@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir, + int ret; + int odirfd, ndirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ (local_is_mapped_file_metadata(ctx, old_name) || ++ local_is_mapped_file_metadata(ctx, new_name))) { ++ errno = EINVAL; ++ return -1; ++ } ++ + odirfd = local_opendir_nofollow(ctx, olddir->data); + if (odirfd == -1) { + return -1; +@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir, + int ret; + int dirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(ctx, dir->data); + if (dirfd == -1) { + return -1; +-- +2.13.0 + diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index 30b9908aa0..0734b6d0f7 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -74,6 +74,7 @@ (method url-fetch) (uri (string-append "http://wiki.qemu-project.org/download/qemu-" version ".tar.xz")) + (patches (search-patches "qemu-CVE-2017-7493.patch")) (sha256 (base32 "08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h")))) -- cgit v1.2.3 From 6d35b1c99c15f87a30fdf1a38c88db844b3e8303 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Wed, 17 May 2017 16:10:48 +0200 Subject: gnu: aspell: 'dict-dir' set to ~/.guix-profile/lib/aspell or $ASPELL_DICT_DIR. See for background. * gnu/packages/patches/aspell-default-dict-dir.patch: New file. * gnu/packages/aspell.scm (aspell)[source](patches): New field. [native-search-paths]: New field. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/aspell.scm | 18 +++++++++++++++--- gnu/packages/patches/aspell-default-dict-dir.patch | 20 ++++++++++++++++++++ 3 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 gnu/packages/patches/aspell-default-dict-dir.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index daa67b1aa9..f02d18e0dd 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -501,6 +501,7 @@ dist_patch_DATA = \ %D%/packages/patches/antiword-CVE-2014-8123.patch \ %D%/packages/patches/apr-skip-getservbyname-test.patch \ %D%/packages/patches/artanis-fix-Makefile.in.patch \ + %D%/packages/patches/aspell-default-dict-dir.patch \ %D%/packages/patches/ath9k-htc-firmware-binutils.patch \ %D%/packages/patches/ath9k-htc-firmware-gcc.patch \ %D%/packages/patches/ath9k-htc-firmware-objcopy.patch \ diff --git a/gnu/packages/aspell.scm b/gnu/packages/aspell.scm index 06ba2ce472..509d428f64 100644 --- a/gnu/packages/aspell.scm +++ b/gnu/packages/aspell.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015 Ludovic Courtès +;;; Copyright © 2013, 2014, 2015, 2017 Ludovic Courtès ;;; Copyright © 2015, 2016 Alex Kost ;;; Copyright © 2016 John Darrington ;;; Copyright © 2016 Efraim Flashner @@ -26,6 +26,7 @@ #:use-module (guix download) #:use-module (guix build-system gnu) #:use-module (guix licenses) + #:use-module (gnu packages) #:use-module (gnu packages perl) #:use-module (gnu packages base)) @@ -40,7 +41,8 @@ version ".tar.gz")) (sha256 (base32 - "1qgn5psfyhbrnap275xjfrzppf5a83fb67gpql0kfqv37al869gm")))) + "1qgn5psfyhbrnap275xjfrzppf5a83fb67gpql0kfqv37al869gm")) + (patches (search-patches "aspell-default-dict-dir.patch")))) (build-system gnu-build-system) (arguments `(#:phases @@ -53,6 +55,15 @@ '("ASPELL_CONF" "" = ("${ASPELL_CONF:-\"dict-dir ${GUIX_PROFILE:-$HOME/.guix-profile}/lib/aspell\"}"))))))))) (inputs `(("perl" ,perl))) + + (native-search-paths + ;; This is a Guix-specific environment variable that takes a single + ;; entry, not an actual search path. + (list (search-path-specification + (variable "ASPELL_DICT_DIR") + (separator #f) + (files '("lib/aspell"))))) + (home-page "http://aspell.net/") (synopsis "Spell checker") (description @@ -66,7 +77,8 @@ dictionaries, including personal ones.") ;;; Dictionaries. ;;; ;;; Use 'export ASPELL_CONF="dict-dir $HOME/.guix-profile/lib/aspell"' to use -;;; them. +;;; them, or set the Guix-specific 'ASPELL_DICT_DIR', or just do nothing (as +;;; long as 'HOME' is set, that's fine!). ;;; (define* (aspell-dictionary dict-name full-name diff --git a/gnu/packages/patches/aspell-default-dict-dir.patch b/gnu/packages/patches/aspell-default-dict-dir.patch new file mode 100644 index 0000000000..17a6ff606f --- /dev/null +++ b/gnu/packages/patches/aspell-default-dict-dir.patch @@ -0,0 +1,20 @@ +This patch changes the default value of 'dict-dir' to correspond +to ~/.guix-profile/lib/aspell rather than $prefix/lib/aspell-X.Y. + +This is not strictly necessary for the 'aspell' program itself since +one can simply set "ASPELL_CONF=dict-dir $HOME/.guix-profile/lib/aspell". +However it is necessary for applications that use libaspell since +'ASPELL_CONF' is not honored in this case. See . + +--- a/common/config.cpp ++++ b/common/config.cpp +@@ -1349,6 +1349,9 @@ namespace acommon { + # define REPL ".aspell..prepl" + #endif + ++#undef DICT_DIR ++#define DICT_DIR "<$ASPELL_DICT_DIR|home-dir/.guix-profile/lib/aspell>" ++ + static const KeyInfo config_keys[] = { + // the description should be under 50 chars + {"actual-dict-dir", KeyInfoString, "", 0} -- cgit v1.2.3 From 411ba511893feca223656122059cb12378b95c91 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Wed, 17 May 2017 16:16:15 +0200 Subject: gnu: Add gspell. * gnu/packages/patches/gspell-dash-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnome.scm (gspell): New variable. Co-authored-by: humanitiesNerd --- gnu/local.mk | 1 + gnu/packages/gnome.scm | 54 +++++++++++++++++++++++++++++ gnu/packages/patches/gspell-dash-test.patch | 16 +++++++++ 3 files changed, 71 insertions(+) create mode 100644 gnu/packages/patches/gspell-dash-test.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f02d18e0dd..1be412db3a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -646,6 +646,7 @@ dist_patch_DATA = \ %D%/packages/patches/graphite2-non-linear-classes-even-number.patch \ %D%/packages/patches/grep-timing-sensitive-test.patch \ %D%/packages/patches/gsl-test-i686.patch \ + %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ %D%/packages/patches/guile-default-utf8.patch \ %D%/packages/patches/guile-linux-syscalls.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index cec8baebfe..47dcc91dcd 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -51,6 +51,7 @@ #:use-module (guix build-system trivial) #:use-module (gnu packages) #:use-module (gnu packages admin) + #:use-module (gnu packages aspell) #:use-module (gnu packages autotools) #:use-module (gnu packages avahi) #:use-module (gnu packages base) @@ -6136,3 +6137,56 @@ accessibility infrastructure.") via speech and refreshable braille. Orca works with applications and toolkits that support the Assistive Technology Service Provider Interface (AT-SPI).") (license license:lgpl2.1+))) + +(define-public gspell + (package + (name "gspell") + (version "1.3.2") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnome/sources/" name "/" + (version-major+minor version) "/" + name "-" version ".tar.xz")) + (sha256 + (base32 + "1n4kd5i11l79h8bpvx3cz79ww0b4z89y99h4czvyg80qlarn585w")) + (patches (search-patches "gspell-dash-test.patch")))) + (build-system glib-or-gtk-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-before 'check 'pre-check + (lambda* (#:key inputs #:allow-other-keys) + ;; Tests require a running X server. + (system "Xvfb :1 &") + (setenv "DISPLAY" ":1") + + ;; For the missing /etc/machine-id. + (setenv "DBUS_FATAL_WARNINGS" "0") + + ;; Allow Enchant and its Aspell backend to find the en_US + ;; dictionary. + (setenv "ASPELL_DICT_DIR" + (string-append (assoc-ref inputs "aspell-dict-en") + "/lib/aspell")) + #t))))) + (inputs + `(("enchant" ,enchant) + ("iso-codes" ,iso-codes) + ("gtk+" ,gtk+) + ("glib" ,glib))) + (native-inputs + `(("glib" ,glib "bin") + ("pkg-config" ,pkg-config) + ("xmllint" ,libxml2) + + ;; For tests. + ("xorg-server" ,xorg-server) + ("aspell-dict-en" ,aspell-dict-en))) + (home-page "https://wiki.gnome.org/Projects/gspell") + (synopsis "GNOME's alternative spell checker") + (description + "gspell provides a flexible API to add spell-checking to a GTK+ +application. It provides a GObject API, spell-checking to text entries and +text views, and buttons to choose the language.") + (license license:gpl2+))) diff --git a/gnu/packages/patches/gspell-dash-test.patch b/gnu/packages/patches/gspell-dash-test.patch new file mode 100644 index 0000000000..e737921c4b --- /dev/null +++ b/gnu/packages/patches/gspell-dash-test.patch @@ -0,0 +1,16 @@ +Somehow, Aspell 0.60.6.1 and aspell-dict-en-2016.11.20-0 don't consider +this a valid spelling. Skip it. + +--- gspell-1.3.2/testsuite/test-checker.c 2017-05-17 16:02:40.832415940 +0200 ++++ gspell-1.3.2/testsuite/test-checker.c 2017-05-17 16:02:50.768351895 +0200 +@@ -101,9 +101,6 @@ test_dashes (void) + + checker = gspell_checker_new (lang); + +- correctly_spelled = gspell_checker_check_word (checker, "spell-checking", -1, &error); +- g_assert_no_error (error); +- g_assert (correctly_spelled); + + correctly_spelled = gspell_checker_check_word (checker, "nrst-auie", -1, &error); + g_assert_no_error (error); + -- cgit v1.2.3 From b193fb2851eaa64e20cc4c01f7298c0a8a076a8c Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 17 May 2017 19:20:11 -0400 Subject: gnu: shadow: Update to 4.5. This fixes a regression introduced by the fix for CVE-2017-2616. See for more information. * gnu/packages/admin.scm (shadow): Update to 4.5. [source]: Remove patches. * gnu/packages/patches/shadow-4.4-su-snprintf-fix.patch, gnu/packages/patches/shadow-CVE-2017-2616.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 2 - gnu/packages/admin.scm | 6 +- .../patches/shadow-4.4-su-snprintf-fix.patch | 31 ---------- gnu/packages/patches/shadow-CVE-2017-2616.patch | 72 ---------------------- 4 files changed, 2 insertions(+), 109 deletions(-) delete mode 100644 gnu/packages/patches/shadow-4.4-su-snprintf-fix.patch delete mode 100644 gnu/packages/patches/shadow-CVE-2017-2616.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 1be412db3a..7dd45c892e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -967,8 +967,6 @@ dist_patch_DATA = \ %D%/packages/patches/screen-fix-info-syntax-error.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ - %D%/packages/patches/shadow-4.4-su-snprintf-fix.patch \ - %D%/packages/patches/shadow-CVE-2017-2616.patch \ %D%/packages/patches/slim-session.patch \ %D%/packages/patches/slim-config.patch \ %D%/packages/patches/slim-sigusr1.patch \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index 1610729c44..aa6ccc0a73 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -281,17 +281,15 @@ client and server, a telnet client and server, and an rsh client and server.") (define-public shadow (package (name "shadow") - (version "4.4") + (version "4.5") (source (origin (method url-fetch) (uri (string-append "https://github.com/shadow-maint/shadow/releases/" "download/" version "/shadow-" version ".tar.xz")) - (patches (search-patches "shadow-4.4-su-snprintf-fix.patch" - "shadow-CVE-2017-2616.patch")) (sha256 (base32 - "0g7hf55ar2pafg5g3ldx0fwzjk36wf4xb21p4ndanbjm3c2a9ab1")))) + "0hdpai78n63l3v3fgr3kkiqzhd0awrpfnnzz4mf7lmxdh61qb37w")))) (build-system gnu-build-system) (arguments '(;; Assume System V `setpgrp (void)', which is the default on GNU diff --git a/gnu/packages/patches/shadow-4.4-su-snprintf-fix.patch b/gnu/packages/patches/shadow-4.4-su-snprintf-fix.patch deleted file mode 100644 index 3f357c4924..0000000000 --- a/gnu/packages/patches/shadow-4.4-su-snprintf-fix.patch +++ /dev/null @@ -1,31 +0,0 @@ -Patch copied from upstream source repository: - -https://github.com/shadow-maint/shadow/commit/67d2bb6e0a5ac124ce1f026dd5723217b1493194 - -From 67d2bb6e0a5ac124ce1f026dd5723217b1493194 Mon Sep 17 00:00:00 2001 -From: Serge Hallyn -Date: Sun, 18 Sep 2016 21:31:18 -0500 -Subject: [PATCH] su.c: fix missing length argument to snprintf - ---- - src/su.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/su.c b/src/su.c -index 0c50a9456afd..93ffd2fbe2b4 100644 ---- a/src/su.c -+++ b/src/su.c -@@ -373,8 +373,8 @@ static void prepare_pam_close_session (void) - stderr); - (void) kill (-pid_child, caught); - -- snprintf (kill_msg, _(" ...killed.\n")); -- snprintf (wait_msg, _(" ...waiting for child to terminate.\n")); -+ snprintf (kill_msg, 256, _(" ...killed.\n")); -+ snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n")); - - (void) signal (SIGALRM, kill_child); - (void) alarm (2); --- -2.11.0.rc2 - diff --git a/gnu/packages/patches/shadow-CVE-2017-2616.patch b/gnu/packages/patches/shadow-CVE-2017-2616.patch deleted file mode 100644 index f88aac40bc..0000000000 --- a/gnu/packages/patches/shadow-CVE-2017-2616.patch +++ /dev/null @@ -1,72 +0,0 @@ -Fix CVE-2017-2616: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616 -http://seclists.org/oss-sec/2017/q1/490 -http://seclists.org/oss-sec/2017/q1/474 - -Patch copied from upstream source repository: - -https://github.com/shadow-maint/shadow/commit/08fd4b69e84364677a10e519ccb25b71710ee686 - -From 08fd4b69e84364677a10e519ccb25b71710ee686 Mon Sep 17 00:00:00 2001 -From: Tobias Stoeckmann -Date: Thu, 23 Feb 2017 09:47:29 -0600 -Subject: [PATCH] su: properly clear child PID - -If su is compiled with PAM support, it is possible for any local user -to send SIGKILL to other processes with root privileges. There are -only two conditions. First, the user must be able to perform su with -a successful login. This does NOT have to be the root user, even using -su with the same id is enough, e.g. "su $(whoami)". Second, SIGKILL -can only be sent to processes which were executed after the su process. -It is not possible to send SIGKILL to processes which were already -running. I consider this as a security vulnerability, because I was -able to write a proof of concept which unlocked a screen saver of -another user this way. ---- - src/su.c | 19 +++++++++++++++++-- - 1 file changed, 17 insertions(+), 2 deletions(-) - -diff --git a/src/su.c b/src/su.c -index f20d230..d86aa86 100644 ---- a/src/su.c -+++ b/src/su.c -@@ -379,11 +379,13 @@ static void prepare_pam_close_session (void) - /* wake child when resumed */ - kill (pid, SIGCONT); - stop = false; -+ } else { -+ pid_child = 0; - } - } while (!stop); - } - -- if (0 != caught) { -+ if (0 != caught && 0 != pid_child) { - (void) fputs ("\n", stderr); - (void) fputs (_("Session terminated, terminating shell..."), - stderr); -@@ -393,9 +395,22 @@ static void prepare_pam_close_session (void) - snprintf (wait_msg, sizeof wait_msg, _(" ...waiting for child to terminate.\n")); - - (void) signal (SIGALRM, kill_child); -+ (void) signal (SIGCHLD, catch_signals); - (void) alarm (2); - -- (void) wait (&status); -+ sigemptyset (&ourset); -+ if ((sigaddset (&ourset, SIGALRM) != 0) -+ || (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0)) { -+ fprintf (stderr, _("%s: signal masking malfunction\n"), Prog); -+ kill_child (0); -+ } else { -+ while (0 == waitpid (pid_child, &status, WNOHANG)) { -+ sigsuspend (&ourset); -+ } -+ pid_child = 0; -+ (void) sigprocmask (SIG_UNBLOCK, &ourset, NULL); -+ } -+ - (void) fputs (_(" ...terminated.\n"), stderr); - } - -- cgit v1.2.3 From 7c5cf7a29df880c1011642d1c3e14c9e203f6c9d Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 18 May 2017 09:25:35 +0300 Subject: gnu: qtscript: Fix building on aarch64. * gnu/packages/patches/qtscript-disable-tests.patch: New file. * gnu/packages/qt.scm (qtscript)[source]: Use it. * gnu/local.am (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/patches/qtscript-disable-tests.patch | 64 +++++++++++++++++++++++ gnu/packages/qt.scm | 3 +- 3 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/qtscript-disable-tests.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 7dd45c892e..922fb1a6bf 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -945,6 +945,7 @@ dist_patch_DATA = \ %D%/packages/patches/python2-subprocess32-disable-input-test.patch \ %D%/packages/patches/qemu-CVE-2017-7493.patch \ %D%/packages/patches/qt4-ldflags.patch \ + %D%/packages/patches/qtscript-disable-tests.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ %D%/packages/patches/ratpoison-shell.patch \ diff --git a/gnu/packages/patches/qtscript-disable-tests.patch b/gnu/packages/patches/qtscript-disable-tests.patch new file mode 100644 index 0000000000..41a017d864 --- /dev/null +++ b/gnu/packages/patches/qtscript-disable-tests.patch @@ -0,0 +1,64 @@ +In all of these tests the result wraps around and comes out the negative of the exptected value. + +--- + tests/auto/qscriptjstestsuite/tests/ecma/Expressions/11.4.7-02.js | 2 +- + tests/auto/qscriptjstestsuite/tests/ecma/TypeConversion/9.3.1-3.js | 5 ++++- + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/tests/auto/qscriptjstestsuite/tests/ecma/Expressions/11.4.7-02.js b/tests/auto/qscriptjstestsuite/tests/ecma/Expressions/11.4.7-02.js +index 43bd923..103f251 100644 +--- a/tests/auto/qscriptjstestsuite/tests/ecma/Expressions/11.4.7-02.js ++++ b/tests/auto/qscriptjstestsuite/tests/ecma/Expressions/11.4.7-02.js +@@ -74,7 +74,7 @@ test_negation(-1073741823, 1073741823); + + //2147483648 == (1 << 31) + test_negation(2147483648, -2147483648); +-test_negation(-2147483648, 2147483648); ++//test_negation(-2147483648, 2147483648); + + //2147483648 == (1 << 31) - 1 + test_negation(2147483647, -2147483647); +diff --git a/tests/auto/qscriptjstestsuite/tests/ecma/TypeConversion/9.3.1-3.js b/tests/auto/qscriptjstestsuite/tests/ecma/TypeConversion/9.3.1-3.js +index dc56427..c1a4bf3 100644 +--- a/tests/auto/qscriptjstestsuite/tests/ecma/TypeConversion/9.3.1-3.js ++++ b/tests/auto/qscriptjstestsuite/tests/ecma/TypeConversion/9.3.1-3.js +@@ -86,11 +86,12 @@ new TestCase( + // test cases from bug http://scopus.mcom.com/bugsplat/show_bug.cgi?id=122882 + + +- ++/* + new TestCase( SECTION, + '- -"0x80000000"', + 2147483648, + - -"0x80000000" ); ++*/ + + new TestCase( SECTION, + '- -"0x100000000"', +@@ -280,10 +281,12 @@ new TestCase( SECTION, + 305419896, + 0x12345678 ); + ++/* + new TestCase( SECTION, + "0x80000000", + 2147483648, + 0x80000000 ); ++*/ + + new TestCase( SECTION, + "0xffffffff", +@@ -681,10 +681,12 @@ new TestCase( SECTION, + NaN, + -"+Infiniti" ); + ++/* + new TestCase( SECTION, + "- -\"0x80000000\"", + 2147483648, + - -"0x80000000" ); ++*/ + + new TestCase( SECTION, + "- -\"0x100000000\"", diff --git a/gnu/packages/qt.scm b/gnu/packages/qt.scm index 074ef0b466..65e50060a4 100644 --- a/gnu/packages/qt.scm +++ b/gnu/packages/qt.scm @@ -909,7 +909,8 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "09m41n95448pszr7inlg03ycb66s1a9hzfylaka92382acf1myav")))) + "09m41n95448pszr7inlg03ycb66s1a9hzfylaka92382acf1myav")) + (patches (search-patches "qtscript-disable-tests.patch")))) (native-inputs `(("perl" ,perl) ("qttools" ,qttools))) -- cgit v1.2.3 From e7fbd49132406bb9ec12141ac77ac401f58ee267 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 19 May 2017 10:50:20 +0200 Subject: gnu: guile-ssh: Fix potential double-free/use-after-free issue. Fixes . Reported by Mark H Weaver . * gnu/packages/patches/guile-ssh-double-free.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (guile-ssh)[source](patches): Add it. --- gnu/local.mk | 1 + gnu/packages/patches/guile-ssh-double-free.patch | 37 ++++++++++++++++++++++++ gnu/packages/ssh.scm | 3 +- 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/guile-ssh-double-free.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 922fb1a6bf..a1530af790 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -654,6 +654,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-relocatable.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ %D%/packages/patches/guile-ssh-rexec-bug.patch \ + %D%/packages/patches/guile-ssh-double-free.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ %D%/packages/patches/gtk2-theme-paths.patch \ diff --git a/gnu/packages/patches/guile-ssh-double-free.patch b/gnu/packages/patches/guile-ssh-double-free.patch new file mode 100644 index 0000000000..9692b81d39 --- /dev/null +++ b/gnu/packages/patches/guile-ssh-double-free.patch @@ -0,0 +1,37 @@ +Fix a double-free or use-after-free issue with Guile-SSH used +with Guile 2.2. See . + +diff --git a/libguile-ssh/channel-type.c b/libguile-ssh/channel-type.c +index 3dd641f..0839854 100644 +--- a/libguile-ssh/channel-type.c ++++ b/libguile-ssh/channel-type.c +@@ -229,10 +229,11 @@ ptob_close (SCM channel) + ssh_channel_free (ch->ssh_channel); + } + ++ SCM_SETSTREAM (channel, NULL); ++ + #if USING_GUILE_BEFORE_2_2 + scm_gc_free (pt->write_buf, pt->write_buf_size, "port write buffer"); + scm_gc_free (pt->read_buf, pt->read_buf_size, "port read buffer"); +- SCM_SETSTREAM (channel, NULL); + + return 0; + #endif +diff --git a/libguile-ssh/sftp-file-type.c b/libguile-ssh/sftp-file-type.c +index 8879924..f87cf03 100644 +--- a/libguile-ssh/sftp-file-type.c ++++ b/libguile-ssh/sftp-file-type.c +@@ -224,10 +224,11 @@ ptob_close (SCM sftp_file) + sftp_close (fd->file); + } + ++ SCM_SETSTREAM (sftp_file, NULL); ++ + #if USING_GUILE_BEFORE_2_2 + scm_gc_free (pt->write_buf, pt->write_buf_size, "port write buffer"); + scm_gc_free (pt->read_buf, pt->read_buf_size, "port read buffer"); +- SCM_SETSTREAM (sftp_file, NULL); + + return 1; + #endif diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 6a074d10fa..bb1898774b 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -226,7 +226,8 @@ Additionally, various channel-specific options can be negotiated.") (sha256 (base32 "0r261i8kc3avbmbwgyzak2vnqwssjlgz37g2y2fwm80w9bmn2m7j")) - (patches (search-patches "guile-ssh-rexec-bug.patch")) + (patches (search-patches "guile-ssh-rexec-bug.patch" + "guile-ssh-double-free.patch")) (modules '((guix build utils))) (snippet ;; 'configure.ac' mistakenly tries to link files from examples/ -- cgit v1.2.3 From 7010d231dbef94b09c310a8ad44889bcabb2161a Mon Sep 17 00:00:00 2001 From: Brendan Tildesley Date: Sat, 13 May 2017 21:40:24 +1000 Subject: gnu: calibre: Import dont-load-icons patch from debian. * gnu/packages/patches/calibre-dont-load-remote-icons.patch: New file. * gnu/packages/ebooks.scm (calibre)[source]: Add reference to patch file. * gnu/local.mk (dist_path_DATA): Add it. Signed-off-by: Marius Bakke --- gnu/local.mk | 1 + gnu/packages/ebook.scm | 1 + .../patches/calibre-dont-load-remote-icons.patch | 45 ++++++++++++++++++++++ 3 files changed, 47 insertions(+) create mode 100644 gnu/packages/patches/calibre-dont-load-remote-icons.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index a1530af790..8cfb89ff1b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -520,6 +520,7 @@ dist_patch_DATA = \ %D%/packages/patches/byobu-writable-status.patch \ %D%/packages/patches/cairo-CVE-2016-9082.patch \ %D%/packages/patches/calibre-drop-unrar.patch \ + %D%/packages/patches/calibre-dont-load-remote-icons.patch \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/cdparanoia-fpic.patch \ %D%/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch \ diff --git a/gnu/packages/ebook.scm b/gnu/packages/ebook.scm index a2b26c931f..cc43259e26 100644 --- a/gnu/packages/ebook.scm +++ b/gnu/packages/ebook.scm @@ -80,6 +80,7 @@ (delete-file-recursively "src/unrar") (delete-file "src/odf/thumbnail.py"))) (patches (search-patches "calibre-drop-unrar.patch" + "calibre-dont-load-remote-icons.patch" "calibre-no-updates-dialog.patch")))) (build-system python-build-system) (native-inputs diff --git a/gnu/packages/patches/calibre-dont-load-remote-icons.patch b/gnu/packages/patches/calibre-dont-load-remote-icons.patch new file mode 100644 index 0000000000..2168263072 --- /dev/null +++ b/gnu/packages/patches/calibre-dont-load-remote-icons.patch @@ -0,0 +1,45 @@ +From: Martin Pitt +Date: Mon, 14 Nov 2016 22:41:24 +0100 +Subject: content-server: Don't load external URLs for privacy + +Spotted by lintian. +--- + resources/content_server/browse/browse.html | 4 +--- + resources/content_server/index.html | 2 +- + 2 files changed, 2 insertions(+), 4 deletions(-) + +diff --git a/resources/content_server/browse/browse.html b/resources/content_server/browse/browse.html +index 36f7199..e615707 100644 +--- a/resources/content_server/browse/browse.html ++++ b/resources/content_server/browse/browse.html +@@ -7,7 +7,7 @@ + ..:: calibre {library} ::.. {title} + + +- ++ + + + +@@ -63,8 +63,6 @@ + +- + + + +diff --git a/resources/content_server/index.html b/resources/content_server/index.html +index 51cc33a..e71d0e8 100644 +--- a/resources/content_server/index.html ++++ b/resources/content_server/index.html +@@ -9,7 +9,7 @@ + + + +- ++ + + +