On Sat, Aug 27, 2016 at 11:48:10PM +0200, Ludovic Courtès wrote:
> Hello!
>
> Leo Famulari skribis:
>
> > On Fri, Aug 26, 2016 at 06:14:26PM -0400, Leo Famulari wrote:
> >> Subject: [PATCH] gnu: flex: Fix CVE-2016-6354.
> >>
> >> * gnu/pac
On Sun, Aug 28, 2016 at 01:02:41PM +, David Craven wrote:
> dvc pushed a commit to branch core-updates
> in repository guix.
>
> commit 25d1b3107fc7ebdc155649722fc257f4dbc4b04a
> Author: David Craven
> Date: Sun Aug 28 15:00:49 2016 +0200
>
> gnu: linux-pam: Add cracklib to inputs.
>
On Sun, Aug 28, 2016 at 11:32:48PM -0400, Troy Sankey wrote:
> Builds don't seem to be deterministic when I use --check. Not sure where to
> start looking in order to fix that.
I use the diffoscope program to inspect the differences.
Currently, all of our Python 3 packages embed timestamps in th
On Thu, Aug 25, 2016 at 06:29:19PM +0200, David Craven wrote:
> LGTM. I didn't look at the patches, but adding a libtiff/fixed package
> and using the replacement field in libtiff is my understanding of how
> security updates should be done.
Thanks!
Pushed as ed5940b617, along with another fix fo
On Fri, Aug 26, 2016 at 09:59:44AM +, ng0 wrote:
> Patches to use prefix license: in gnu packages version-control, adding
> stagit in a second patch requiring the license: prefix.
Thanks, pushed as 1062f2451f!
On Fri, Aug 26, 2016 at 07:55:59PM +0200, Jelle Licht wrote:
>
> This patch builds reproducible, although that was also the case for me
> with the previous Node 6.3.1. patch. It would be great if someone could
> verify this.
>
> This patch supercedes the 'gnu: node: Update to 6.3.1.' patch at [0]
On Sun, Aug 28, 2016 at 12:37:42PM +0200, Ricardo Wurmus wrote:
> LuaSec is found by “util/dependencies.lua” or else we would see a
> complaint printed to stdout upon application start.
>
> Archlinux users also reported problems with latest prosody and latest
> luasec: https://bugs.archlinux.org/t
On Sun, Aug 21, 2016 at 01:58:51PM -0400, Leo Famulari wrote:
> I picked this up. I've attached two patches. They upgrade python-3.4 to
> 3.4.5, and then upgrade python-3 to 3.5.2 while preserving a python-3.4.
> These are the latest releases in their respective series.
>
> I
On Sun, Aug 28, 2016 at 11:52:52AM +0200, John Darrington wrote:
> On Sun, Aug 28, 2016 at 12:19:15PM +0300, Efraim Flashner wrote:
> On Sat, Aug 27, 2016 at 08:19:37PM +0200, John Darrington wrote:
> > +++ b/CODE-OF-CONDUCT
> > @@ -21,7 +21,7 @@ Examples of unacceptable behavior by
On Mon, Aug 29, 2016 at 12:45:44PM -0400, Kei Kebreau wrote:
> Subject: [PATCH] gnu: Add telepathy-idle.
>
> * gnu/packages/freedesktop.scm (telepathy-idle): New variable.
> +(version "0.2.0")
Looks good, but why use this release when there appears to be a newer
version, 0.99.11?
https://te
On Wed, Aug 24, 2016 at 01:08:33PM +0200, Vincent Legoll wrote:
> The attached patch updates nss-certs to latest 3.26
>
> WDYT?
Looks good, but can you send a revised patch that also updates NSS?
nss-certs used to inherit from nss, but we stopped doing that for the
reasons described here:
http:/
On Tue, Aug 23, 2016 at 02:02:40AM +0200, gno wrote:
> On Mon, 22 Aug 2016 21:39:12 +0200
> Ricardo Wurmus wrote:
> > + #:make-flags
> > + '("CFLAGS=-fPIC -DLUA_DL_DLOPEN -DLUA_USE_POSIX"
> > + "linux")
>
> This doesn't work for me - lua-lgi still complains about lua not being
On Thu, Aug 25, 2016 at 03:09:33AM +0200, gno wrote:
> Sure hope I'm doing this right as I'm new to this.
> These patches add Awesome 3.5.9 to the repository. I decided against
> updating since it may break peoples configurations. Awesome had API
> changes in between 3.4 and 3.5.
>
> Please have a
On Fri, Aug 26, 2016 at 03:49:36PM +, ng0 wrote:
> TL;DR: only run the test suite if you own a cluster, super computer or
> otherwise much computation power which will be bored by this
> hashing. Everyone else will spend MANY hours on this, which is why make
> check/test is disabled.
How many
On Sat, Aug 27, 2016 at 02:23:12PM +, ng0 wrote:
> From a9367fd2dbe5bb77d67ee3ee38594ed7bddaf9a2 Mon Sep 17 00:00:00 2001
> From: ng0
> Date: Sat, 27 Aug 2016 13:47:19 +
> Subject: [PATCH 4/4] gnu: grub: Use https URL.
>
> * gnu/packages/grub.scm (grub)[home-page]: Use https URL.
Thanks,
On Sat, Aug 27, 2016 at 02:21:38PM +, ng0 wrote:
> From f4bcc1e6aeee861ee9dc11c1803ca94146c5d86c Mon Sep 17 00:00:00 2001
> From: ng0
> Date: Sat, 27 Aug 2016 13:38:36 +
> Subject: [PATCH 2/4] gnu: guile-gnunet: Use https URL.
>
> * gnu/packages/gnunet.scm (guile-gnunet)[home-page]: Use h
On Tue, Aug 30, 2016 at 09:43:23AM -0400, Kei Kebreau wrote:
> Leo Famulari writes:
>
> > On Mon, Aug 29, 2016 at 12:45:44PM -0400, Kei Kebreau wrote:
> >> Subject: [PATCH] gnu: Add telepathy-idle.
> >>
> >> * gnu/packages/freedesktop.scm (telepathy-idle
On Tue, Aug 30, 2016 at 10:52:08AM +0200, gno wrote:
> > Let's fix our Lua packaging. And, can you send revised versions of
> > patches 2 and 3 from this series?
>
> Working on it. I might nag you with questions soon. The snippet is just a
> lazy copy-paste from awesome 3.4 since my knowledge isn'
On Sun, Aug 28, 2016 at 01:12:09AM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
> > I wonder, are there any drawbacks of making the linter check that the
> > URL provides the data named by the hash?
>
> The rationale so far was that ‘guix lint foo’ should be fast (
On Sun, Aug 21, 2016 at 12:10:23PM -0400, Matthew Jordan wrote:
> Subject: [PATCH 1/2] gnu: Add python-feedparser
>
> * gnu/packages/python.scm (python-feedparser): New variable.
Thanks for these patches!
> + (uri (string-append
> +
> "https://pypi.python.org/packages/91/d8/7d
On Sun, Aug 21, 2016 at 12:13:45PM -0400, Matthew Jordan wrote:
> Subject: [PATCH 2/2] gnu: Add feed2maildir
>
> * gnu/packages/mail.scm (python-feed2maildir): New variable.
Thanks!
I have the same feedback for this package as I did for
python-feedparser. Additional comments below.
> +(argu
On Sun, Aug 21, 2016 at 12:18:15PM -0400, Matthew Jordan wrote:
> Good Day,
>
> This patch moves entr to the shellutils file. And updates the version.
>
> From 4cae2720568bab62785bd48ae0536a49eafabb81 Mon Sep 17 00:00:00 2001
> From: "Matthew O'N.S Jordan"
> Date: Sat, 20 Aug 2016 11:32:25 -04
On Tue, Aug 30, 2016 at 03:14:35PM -0400, Kei Kebreau wrote:
> 2016-08-30 15:00 Hello all! Visitor from #guix here.
> 2016-08-30 15:01 For clarity's sake, the latest stable
> version of telepathy-idle is 0.2.0, yes?
> 2016-08-30 15:02 I would assume that the 0.99.x
>
On Tue, Aug 30, 2016 at 09:21:12PM +0200, John Darrington wrote:
> * gnu/packages/astronomy.scm (gnuastro): New variable.
> +(source
> + (origin
I would shift this one column to the right, and the rest of (source)
accordingly.
> + (method url-fetch)
> + (uri (string-append "mi
On Tue, Aug 30, 2016 at 09:21:10PM +0200, John Darrington wrote:
> + (uri (string-append
> +"http://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/"; name version
> +".tar.gz"))
I would indent this based on (string-append).
> + (add-after 'unpack 'replace-slash-bin
I
On Tue, Aug 30, 2016 at 09:21:11PM +0200, John Darrington wrote:
> * gnu/packages/astronomy.scm (wcslib): New variable.
LGTM
On Tue, Aug 30, 2016 at 11:43:13PM +0300, Efraim Flashner wrote:
> Subject: [PATCH] gnu: Add bambam.
>
> * gnu/packages/games.scm (bambam): New variable.
Looks good!
I had to use my phone to look up how to exit the game :p
signature.asc
Description: PGP signature
On Wed, Aug 31, 2016 at 04:17:29PM +0200, Ludovic Courtès wrote:
> I believe this is fixed by commit
> d4f8884fdb897e648fd7f4262b2142d8c363ac76 (and now we have proper
> tests!).
>
> Could you or Leo retry the previous scenario (you need to revert the
> revert) and report back?
It works for me on
On Tue, Aug 30, 2016 at 01:33:10PM +0200, Vincent Legoll wrote:
> Here it is...
> I test-installed the 2 packages, but nothing more
> From 966dd703fea7754d18fbe609215eff8381435458 Mon Sep 17 00:00:00 2001
> From: Vincent Legoll
> Date: Wed, 24 Aug 2016 13:03:48 +0200
> Subject: [PATCH] gnu: nss &
On Tue, Aug 30, 2016 at 06:36:04PM +0200, John Darrington wrote:
> * gnu/packages/networking.scm (bind): New variable.
Hi, thanks for this patch! I think it can go in the DNS module.
I wonder, how does it relate to the BIND that replaces the bundled BIND
in isc-dhcp, which I've noticed often requ
On Tue, Aug 30, 2016 at 06:51:59PM +0200, Danny Milosavljevic wrote:
> * gnu/packages/python.scm (python-lit, python2-lit): New variables.
> +(license license:bsd-3)
This package looks good, although I'm not sure about the license. It
doesn't contain a license text that I could find. 'setup.p
On Tue, Aug 30, 2016 at 06:52:00PM +0200, Danny Milosavljevic wrote:
> * gnu/packages/ldc.scm (ldc): Update to 0.17.1.
> * gnu/packages/patches/ldc-0.17.1-disable-tests.patch: New patch.
> * gnu/local.mk: Added reference to patch.
Thanks for this! Somebody needs to review it. Maybe you can ping
so
On Wed, Aug 31, 2016 at 04:00:06PM +0100, Marius Bakke wrote:
> Greetings Guix,
>
> I am the maintainer of this package in NixOS and figured I could update
> it here as well, since it was non-trivial.
Thanks!
> The libx11 dependency is dropped in favour of a new xcb-util-xrm module.
> I added th
On Wed, Aug 31, 2016 at 01:34:31AM +0200, David Craven wrote:
> * gnu/packages/databases.scm (sqlite): Update to 3.14.1.
Thanks! I noticed that Efraim did the same update on core-updates with
66a2a01ad3ad21a5b192814a71b899036ccc001
On Wed, Aug 31, 2016 at 01:34:30AM +0200, David Craven wrote:
> * gnu/packages/databases.scm (sqlite)[arguments]: Enable configure-flag
> -DSQLITE_ENABLE_DBSTAT_VTAB.
> ---
> gnu/packages/databases.scm | 10 ++
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/gnu/packa
On Tue, Aug 30, 2016 at 03:43:05PM +0100, Marius Bakke wrote:
> Shogun failed to build in this run. I don't have time to investigate
> further, so picking the OpenBLAS update is not very appealing.
>
> Instead I opted to disable the test that fails with lapack (and without,
> on Hydra), since it's
On Wed, Aug 31, 2016 at 08:09:07PM +0100, Marius Bakke wrote:
>
> > Done and done! New patches attached.
>
> Oops, forgot to refresh my local branch. Here are the actual new
> patches.
> Subject: [PATCH 1/2] gnu: Add xcb-util-xrm.
> * gnu/packages/xdisorg.scm (xcb-util-xrm): New variable.
> Sub
On Mon, Aug 22, 2016 at 10:47:38PM +, ng0 wrote:
> > On Sat, Aug 20, 2016 at 07:44:21PM +, ng0 wrote:
> >> This adds another mirror for font-un, this time with tls
> >> enabled. Leaving the sdf.org mirror in the list in case dl.n0.is goes
> >> down.
> >
> > Hi, can you remind us why this is
On Sun, Aug 28, 2016 at 11:25:23PM +0200, John Darrington wrote:
> From: John Darrington
>
> * gnu/packages/linux.scm (rpcbind): New variable.
The patch looks good, but I think it depends on some context that we
don't have in Guix:
[...]
> + "The rpcbind utility is a server that converts R
On Tue, Aug 30, 2016 at 06:54:49PM +0100, Marius Bakke wrote:
> * gnu/packages/bioinformatics.scm (mash): New variable.
Thanks!
> + (add-after 'unpack 'fix-includes
> + (lambda _
> + (substitute* '("src/mash/Sketch.cpp" "src/mash/CommandFind.cpp")
> + (
On Tue, Aug 30, 2016 at 05:43:40PM -0400, Kei Kebreau wrote:
> Next package in the quest for Polari.
> From de2bb9e63d26ec539f8425c7d1b39ba91f987dfa Mon Sep 17 00:00:00 2001
> From: Kei Kebreau
> Date: Tue, 30 Aug 2016 17:40:17 -0400
> Subject: [PATCH] gnu: Add telepathy-mission-control.
>
> * g
On Thu, Sep 01, 2016 at 12:28:51AM +0200, Clément Lassieur wrote:
> The Kernel Recipes talk by Greg KH [4] about why the Linux kernel
> developers rely on plain text email instead of using "modern"
> development tools might be of some interest too. It'll happen in Paris
> on September 28 [5].
I am
* gnu/packages/tls.scm (openssl): Update to 1.1.0.
[source]: Remove deleted patches.
[arguments]: Add 'patch-runpath' phase. Remove 'patch-Makefile.org' and
'patch-tests' phases.
* gnu/packages/patches/openssl-c-rehash-in.patch: Adjust patch.
* gnu/packages/patches/openssl-CVE-2016-2177.patch,
gnu/
issue26470
Leo Famulari (1):
gnu: openssl: Update to 1.1.0.
gnu/local.mk | 3 -
gnu/packages/patches/openssl-CVE-2016-2177.patch | 286 ---
gnu/packages/patches/openssl-CVE-2016-2178.patch | 112 -
gnu/packages/patches/openss
On Thu, Sep 01, 2016 at 10:19:00PM +, Kete Foy wrote:
> I found a typo in the info documentation. In the Garbage collection
> section (chp 3), it says /computse/.
Fixed in commit 7414de0a84bfc37c30f4f789a6d4b61477a1e352.
Thanks for the report!
... and the patch.
From 217f444aa56ec292ddfaacfabcbb6ddea8d1f262 Mon Sep 17 00:00:00 2001
From: Leo Famulari
Date: Fri, 2 Sep 2016 02:11:49 -0400
Subject: [PATCH] gnu: libidn: Replace with 1.33 [fixes CVE-2015-8948 and
CVE-2016-{6261,6263}].
* gnu/packages/libidn.scm (libidn)[replacement]: New
The last release of libidn, 1.33, fixed this bugs:
https://security-tracker.debian.org/tracker/CVE-2015-8948
https://security-tracker.debian.org/tracker/CVE-2016-6261
https://security-tracker.debian.org/tracker/CVE-2016-6263
We already have libidn 1.33 on core-updates.
Quoted from the release an
On Fri, Sep 02, 2016 at 02:47:35PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
>
> > From 217f444aa56ec292ddfaacfabcbb6ddea8d1f262 Mon Sep 17 00:00:00 2001
> > From: Leo Famulari
> > Date: Fri, 2 Sep 2016 02:11:49 -0400
> > Subject: [PATCH] gnu: libidn
ms with this name.
https://kristaps.bsd.lv/acme-client/
Some attempt has been made to reduce the risks inherent to running the
program as root, as described on the home page.
And, I did a minimal test: I was able to get a new certificate.
Leo Famulari (1):
gnu: Add acme-client.
* gnu/packages/tls.scm (acme-client): New variable.
---
gnu/packages/tls.scm | 35 +++
1 file changed, 35 insertions(+)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 4b87150..eeb15ca 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -
On Thu, Sep 01, 2016 at 05:57:03PM +0200, David Craven wrote:
> * gnu/system/vm.scm (common-qemu-options): Remove -net user flag.
Can the VM still "dial out" with this change?
On Fri, Sep 02, 2016 at 08:01:55PM +0200, Hartmut Goebel wrote:
> Am 02.09.2016 um 16:49 schrieb Leo Famulari:
> > +(name "acme-client")
>
> I strongly suggest using a different name, as this is *one* of many
> implementations and it is not the "official&qu
On Fri, Sep 02, 2016 at 02:50:28PM -0400, Leo Famulari wrote:
> > *shiver* Why would one implement this in an language like C, which is
> > prone to buffer overflows, if there are implementations available in
> > more secure languages?
>
> I wouldn't propose this
sl" in the 'name' field, as attached, `guix build
openssl` gives me 1.1.0, which is not right. The other *-next packages
all seem to use "name-next" as the name.
From b09132baa7181542b82804985aac7d5f030ec545 Mon Sep 17 00:00:00 2001
From: Leo Famulari
Date: Fri, 2 Sep 2016
On Fri, Sep 02, 2016 at 04:14:22PM -0400, Leo Famulari wrote:
> +(define-public openssl-next
> + (package
> +(inherit openssl)
Also, I wonder if this should inherit from openssl?
Presumably there will be more security updates to openssl@1.0.2 before
openssl@1.1.0 is ready for ge
On Sat, Sep 03, 2016 at 12:51:44PM +0200, John Darrington wrote:
> * gnu/packages/version-control.scm (git): Update to 2.10.0.
Looks good, please push.
On Sat, Sep 03, 2016 at 03:50:55PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
> > When I put "openssl" in the 'name' field, as attached, `guix build
> > openssl` gives me 1.1.0, which is not right. The other *-next packages
> > all seem to u
The Attic backup program [0] has a serious problem, and I think we
should consider removing our package of it.
The problem is that Attic appears to be unmaintained since it was forked
as "Borg". For almost 11 months, there has been no response from the
Attic maintainer to a bug that unrecoverably
;ve attached a patch for review.
>From 2e6f500c7876733206e231fd98ebe7419d9b076f Mon Sep 17 00:00:00 2001
From: Leo Famulari
Date: Fri, 2 Sep 2016 16:07:29 -0400
Subject: [PATCH] gnu: Add openssl-next.
* gnu/packages/tls.scm (openssl-next): New variable.
* gnu/packages/patches/openssl-1.1.0-c-reh
On Sat, Sep 03, 2016 at 12:04:13PM +0200, Andreas Enge wrote:
> Is there other reasonably widely used software with this name? Our package
> guidelines say to use the upstream name.
Here is what I found:
https://github.com/kristapsdz/acme-client
The program I have proposed to package.
https://gi
On Sat, Sep 03, 2016 at 11:32:20AM +0100, Marius Bakke wrote:
> Many distros prefix OpenBSD projects with ambigous names with
> "openbsd-". E.g. "openbsd-netcat", "openbsd-ntpd" etc. We don't appear
> to have that problem yet, but I think this could be a good precedent.
Is "openbsd-ntpd" the same
On Sat, Sep 03, 2016 at 10:20:49PM -0400, Leo Famulari wrote:
> On Sat, Sep 03, 2016 at 04:34:51PM +0200, Ludovic Courtès wrote:
> > Yes, but as long the ‘openssl’ refers to 1.0.x, it doesn’t really matter
> > than the “openssl” package points to the latest one, no? Use can stil
On Sun, Sep 04, 2016 at 07:37:21PM +0200, John Darrington wrote:
> On Sun, Sep 04, 2016 at 12:02:49PM -0400, Mark H Weaver wrote:
> John Darrington writes:
> > * gnu/packages/version-control.scm (git): Update to 2.10.0.
>
> This update seems to have broken 'cgit' and maybe als
On Sun, Sep 04, 2016 at 01:10:39PM +, ng0 wrote:
> There has been no update since 2015. Can the current status of the bug
> (solved? unsolved? wontfix? work in progress?) be requested from the
> upstream developer(s)?
The upstream developer has not replied to the bug report [0]. I think we
can
On Sun, Sep 04, 2016 at 02:14:47PM -0400, Leo Famulari wrote:
> > On Sun, Sep 04, 2016 at 12:02:49PM -0400, Mark H Weaver wrote:
> > This update seems to have broken 'cgit' and maybe also 'ruby-puma'.
> Relevant upstream discussion:
> https://lists.zx2c4
On Sun, Sep 04, 2016 at 08:35:11PM +0200, Hartmut Goebel wrote:
> Hello Leo,
>
> why did you revert this patch? Having these aliases helps a lot when
> packaging python (extension) modules. Please reapply!
Hi,
I reverted the commit in response to this request from Andreas:
http://lists.gnu.org/a
This updates QEMU to the latest release, 2.7.0.
It fixes at least one security bug (I think that every new QEMU release
fixes security bugs):
http://seclists.org/oss-sec/2016/q3/394
Tested on x86-64.
From a46d80d697e2ed93596a69b9f170b645f8b608a0 Mon Sep 17 00:00:00 2001
From: Leo Famulari
Date
On Sun, Sep 04, 2016 at 12:13:43AM -0500, ren...@openmailbox.org wrote:
> From 285a74b1de29f4aa97cfbaf95c3d9ab2d9a4b955 Mon Sep 17 00:00:00 2001
> From: Rene Saavedra
> Date: Sun, 4 Sep 2016 00:05:11 -0500
> Subject: [PATCH] gnu: nano: Update to 2.7.0.
>
> * gnu/packages/nano.scm (nano): Up
On Fri, Sep 02, 2016 at 04:02:46AM -0400, Mark H Weaver wrote:
> From a50f358b083cff4d156cd7116fee516952fc9bcf Mon Sep 17 00:00:00 2001
> From: Mark H Weaver
> Date: Fri, 2 Sep 2016 02:26:43 -0400
> Subject: [PATCH] system: grub: Use librsvg to convert SVG to PNG.
>
> * guix/build/svg.scm: New fi
On Sun, Sep 04, 2016 at 04:17:35PM +, ng0 wrote:
> * gnu/packages/haskell.scm (ghc-chell-quickcheck-bootstrap): New variable.
> +(arguments
> + `(#:tests? #f))
This will need a comment explaining why.
On Sun, Sep 04, 2016 at 04:17:18PM +, ng0 wrote:
> * gnu/packages/haskell.scm (ghc-bytestring): New variable.
> +(arguments
> + `(#:tests? #f)) ; Test number two becomes non-responsive for 20+ minutes
I have used `strace -f` to check if long-running quiet tests are
actually working or
On Mon, Sep 05, 2016 at 04:29:13PM +0200, David Craven wrote:
> Nixos uses multi_v7_defconfig as a default. It should work at least on
> the beaglebone black and raspberry pi 2 - which are probably the most
> common boards?
I'd expect the Allwinner A20 (Cortex-A7) to be another very popular
system
On Mon, Sep 05, 2016 at 01:36:43PM +0200, Jan Nieuwenhuizen wrote:
> Vincent Legoll writes:
>
> >> Added an -g/--exclude-.git option for guix hash. It is very specific:
> >> it skips toplevel .git directory. WDYT?
> >
> > I'd rather name it "--exclude-git" or something less strange than
> > --ex
On Mon, Sep 05, 2016 at 10:49:23PM +0200, Danny Milosavljevic wrote:
> Hi Jan,
>
> On Mon, 05 Sep 2016 10:43:28 +0200
> Jan Nieuwenhuizen wrote:
> > Added an -g/--exclude-.git option for guix hash. It is very specific:
> > it skips toplevel .git directory.
>
> Why?
To calculate the hash of a
On Mon, Sep 05, 2016 at 11:04:11PM +0200, Jan Nieuwenhuizen wrote:
> Efraim Flashner writes:
>
> > Can this be generalized? `grep \\-download\) gnu/packages/*scm' shows also
> > svn-download, cvs-download and a lone hg-download.
>
> Okay. What about simply having non-default
>
>--exclude=FI
tput. Is this change desired?
We can deal with breakage when it breaks :)
>From 83405a4ea3628cababd2ee5904c8d0628a002d05 Mon Sep 17 00:00:00 2001
From: Leo Famulari
Date: Fri, 2 Sep 2016 16:07:29 -0400
Subject: [PATCH] gnu: Add openssl-next.
* gnu/packages/tls.scm (openssl-next): New varia
On Tue, Sep 06, 2016 at 12:35:29AM +, Leo Famulari wrote:
> commit 43bec6d06d8dcc4c0f865e492d370a8724bba2ce
> Author: Leo Famulari
> Date: Sun Sep 4 02:53:37 2016 -0400
>
> gnu: qemu: Update to 2.7.0 [fixes CVE-2016-7116].
>
> * gnu/packages/qemu.scm (q
On Tue, Sep 06, 2016 at 08:05:03PM +0300, Efraim Flashner wrote:
> I pushed a fix to remove the 'disable-test-qga phase, since in all these
> cases we already had #:tests? #f.
Oh, right :)
> At the same time I pushed an update to orc, which caused
> gst-plugins-good on i686-linux to be rebuilt,
On Tue, Sep 06, 2016 at 02:29:16PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
>
> > On Mon, Sep 05, 2016 at 10:35:09PM +0200, Ludovic Courtès wrote:
> >> Seems like most of the arguments and phases are shared with ‘openssl’,
> >> right? What about using
On Tue, Sep 06, 2016 at 03:53:17PM +, David Craven wrote:
> commit 6526d43ea4fb0cd151a0d5e9a072c651c1c963d1
> Author: David Craven
> Date: Fri Aug 26 21:45:57 2016 +0200
>
> activation: Allow home directories to be created under /var/lib.
>
> * gnu/build/activation.scm (activat
On Tue, Sep 06, 2016 at 07:14:32PM +, Efraim Flashner wrote:
> gnu: go: Update to 1.7.
>
> * gnu/packages/golang.scm (go-1.6): Update to 1.7, with corresponding
> minor changes to prebuild phase, and rename variable to...
> (go-1.7): ...this new variable.
> (go):
On Thu, Sep 01, 2016 at 11:00:39AM +0100, Marius Bakke wrote:
> I had these in inputs initially and was surprised to see no references.
> Both seems to be compiled into the final program[0]: when running "mash
> info" on an invalid file (the provided data/refseq.msh), a generic
> capnproto exceptio
On Tue, Aug 30, 2016 at 06:45:35PM +, ng0 wrote:
> From 5eea0ec3a7b1f94912f18e32d3e9bedff64f3ecb Mon Sep 17 00:00:00 2001
> From: ng0
> Date: Fri, 26 Aug 2016 15:41:33 +
> Subject: [PATCH] gnu: Add eschalot.
>
> * gnu/packages/crypto.scm (eschalot): New variable.
Pushed!
> + (sourc
On Thu, Sep 01, 2016 at 05:16:12PM +0200, Hartmut Goebel wrote:
> * gnu/packages/tsl.scm (asn1c): New variable.
Thanks! Pushed after changing the commit message with s/tsl/tls
e a
minor adjustment to the description.
What do you think?
>From dd00ffc45982b393cb458445e875188baf77175f Mon Sep 17 00:00:00 2001
From: Danny Milosavljevic
Date: Thu, 1 Sep 2016 14:33:57 +0200
Subject: [PATCH] gnu: Add mtd-utils.
* gnu/packages/linux.scm (mtd-utils): New variable.
Signed-off-by:
On Tue, Sep 06, 2016 at 10:22:42PM +, ng0 wrote:
> Leo Famulari writes:
>
> > On Sun, Sep 04, 2016 at 04:17:18PM +, ng0 wrote:
> >> * gnu/packages/haskell.scm (ghc-bytestring): New variable.
> >
> >> +(arguments
> >> + `(#:tests? #f))
On Tue, Sep 06, 2016 at 10:24:16PM +, ng0 wrote:
> Leo Famulari writes:
>
> > On Sun, Sep 04, 2016 at 04:17:35PM +, ng0 wrote:
> >> * gnu/packages/haskell.scm (ghc-chell-quickcheck-bootstrap): New variable.
> >
> >> +(arguments
> >> +
* gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.2
(curl-7.50.1): Replace with ...
(curl-7.50.2): ... this.
---
gnu/packages/curl.scm | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index a250bb1..f3c0ade 100644
-
source of free software source code (`guix build
--source`) may be vulnerable.
[0]
http://seclists.org/oss-sec/2016/q3/433
https://curl.haxx.se/docs/vuln-7.50.1.html
Leo Famulari (1):
gnu: curl: Update replacement to 7.50.2 [fixes CVE-2016-7141].
gnu/packages/curl.scm | 8
1 file changed
On Thu, Sep 08, 2016 at 08:40:12AM +0300, Efraim Flashner wrote:
> On Wed, Sep 07, 2016 at 06:04:23PM -0400, Leo Famulari wrote:
> > * gnu/packages/curl.scm (curl)[replacement]: Update to 7.50.2
> > (curl-7.50.1): Replace with ...
> > (curl-7.50.2): ... this.
> Loo
On Fri, Sep 09, 2016 at 12:45:13AM +0200, David Craven wrote:
> I reworked the patches for the linux-libre package and made some other
> improvements that make customizing the linux-libre package easier. I
> tested that everything builds and that there wasn't any breakage on
> x86_64, but testing t
On Thu, Sep 08, 2016 at 04:08:48PM +, John Darrington wrote:
> jmd pushed a commit to branch master
> in repository guix.
>
> commit fdf14c64f1dc7526e84b7e0ce41bf99e5b31c3f8
> Author: John Darrington
> Date: Thu Sep 8 14:56:14 2016 +0200
>
> gnu: Add edit warning to generated grub.cfg
* gnu/packages/patches/openjpeg-CVE-2016-7163.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg, openjpeg-2.0): Use it.
---
gnu/local.mk | 1 +
gnu/packages/image.scm| 6 +-
gnu/packages/
* gnu/packages/patches/openjpeg-CVE-2016-5157.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg, openjpeg-2.0): Use it.
---
gnu/local.mk | 1 +
gnu/packages/image.scm| 2 +
gnu/packages/p
Two bugs disclosed in OpenJPEG, CVE-2016-5157 and CVE-2016-7163. Both
can be used to execute arbitrary code, apparently.
CVE-2016-7163:
http://seclists.org/oss-sec/2016/q3/442
CVE-2016-5157:
http://seclists.org/oss-sec/2016/q3/441
Leo Famulari (2):
gnu: openjpeg-2.*: Fix CVE-2016-7163.
gnu
On Fri, Sep 09, 2016 at 10:15:58AM +0300, Efraim Flashner wrote:
> On Fri, Sep 09, 2016 at 02:04:40AM -0400, Leo Famulari wrote:
> > diff --git a/gnu/packages/patches/openjpeg-CVE-2016-7163.patch
> > b/gnu/packages/patches/openjpeg-CVE-2016-7163.patch
[...]
> Was from here
On Fri, Sep 09, 2016 at 02:04:41AM -0400, Leo Famulari wrote:
> * gnu/packages/patches/openjpeg-CVE-2016-5157.patch: New file.
This patch doesn't apply. I'm checking if we need to upgrade to 2.1.1.
signature.asc
Description: PGP signature
On Fri, Sep 09, 2016 at 02:04:39AM -0400, Leo Famulari wrote:
> Two bugs disclosed in OpenJPEG, CVE-2016-5157 and CVE-2016-7163. Both
> can be used to execute arbitrary code, apparently.
>
> CVE-2016-7163:
> http://seclists.org/oss-sec/2016/q3/442
>
> CVE-2016-5157:
> htt
On Fri, Sep 09, 2016 at 02:04:58PM -0400, Leo Famulari wrote:
> Also, the fix for CVE-2016-5157 does not apply to openjpeg-2.0. I'd like
> to investigate this issue separately. The only user of openjpeg-2.0 is
> mupdf.
I think the best thing to do is update mupdf to the latest up
On Sat, Sep 10, 2016 at 01:26:23AM +0530, Arun Isaac wrote:
> * gnu/packages/web.scm (darkhttpd): New variable.
Hi, thank you for this patch!
> + `(#:tests? #f
When we disable the tests, we have to leave a comment explaining why. It
can be as simple as "No test suite" if that is the case.
>
1 - 100 of 3825 matches
Mail list logo
