From aac148a87b9a79b9992b8b1a9d76c217175d4a88 Mon Sep 17 00:00:00 2001 From: Felix Gruber Date: Wed, 4 Mar 2020 22:41:08 +0100 Subject: gnu: SuiteSparse: Update to 5.7.1. * gnu/packages/maths.scm (suitesparse): Update to 5.7.1. [source]: The latest releases of SuiteSparse have only been published on GitHub. Fetch from git tag as GitHub releases page only contains autogenerated tarballs that guix lint complains about. Apply new patch for Mongoose's CMakeList.txt to find SuiteSparse_config. [arguments]: Add CMake flags used by new components GraphBLAS and Mongoose. [native-inputs]: Add CMake and m4 needed to build GraphBLAS and Mongoose. * gnu/packages/patches/suitesparse-mongoose-cmake.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. Signed-off-by: Leo Famulari --- .../patches/suitesparse-mongoose-cmake.patch | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 gnu/packages/patches/suitesparse-mongoose-cmake.patch (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/suitesparse-mongoose-cmake.patch b/gnu/packages/patches/suitesparse-mongoose-cmake.patch new file mode 100644 index 0000000000..e5062f9aaa --- /dev/null +++ b/gnu/packages/patches/suitesparse-mongoose-cmake.patch @@ -0,0 +1,27 @@ +Fix required by suitesparse to build Mongoose + +The CMakeLists.txt of Mongoose assumes that SuiteSparse_config has been +installed into the suitesparse source directory, which is not the case +for us, as we are building suitesparse out-of-tree. + +SuiteSparse_config can instead be found in the ${CMAKE_INSTALL_PREFIX} +directory. + +diff --git a/Mongoose/CMakeLists.txt b/Mongoose/CMakeLists.txt +index 7e134ab..76fa9e2 100644 +--- a/Mongoose/CMakeLists.txt ++++ b/Mongoose/CMakeLists.txt +@@ -148,10 +148,10 @@ set(CMAKE_CXX_STANDARD 11) + #set(CMAKE_CXX_STANDARD_REQUIRED ON) + + # determine which SuiteSparse_config to use +-if (EXISTS ${PROJECT_SOURCE_DIR}/../SuiteSparse_config) +- message(STATUS "External ../SuiteSparse_config" ${BoldBlue} " found" ${ColourReset} ".") ++if (EXISTS ${CMAKE_INSTALL_PREFIX}) ++ message(STATUS "External SuiteSparse_config" ${BoldBlue} " found" ${ColourReset} ".") + set ( SUITESPARSE_CONFIG_DIR ${PROJECT_SOURCE_DIR}/../SuiteSparse_config ) +- link_directories ( ${PROJECT_SOURCE_DIR}/../lib ) ++ link_directories ( ${CMAKE_INSTALL_PREFIX}/lib ) + message ( STATUS "Note: ../SuiteSparse_config must be compiled before compiling Mongoose" ) + set ( SUITESPARSE_CONFIG_LIBRARY suitesparseconfig ) + else () -- cgit v1.2.3 From 789c02478a9ea78dc4fe416e3a3bd82a8c2b8024 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Fri, 6 Mar 2020 16:43:18 -0800 Subject: gnu: akonadi: Rename patch to fix guix lint warning about patch filename size. * gnu/packages/patches/akonadi-Revert-Make-installation-properly-relocatabl.patch: Rename to ... * gnu/packages/patches/akonadi-Revert-Make-installation-properly-relo.patch: ... this. * gnu/packages/kde-pim (akonadi) Update accordingly. * gnu/local.mk: Update accordingly. --- gnu/local.mk | 2 +- gnu/packages/kde-pim.scm | 2 +- ...di-Revert-Make-installation-properly-relo.patch | 49 ++++++++++++++++++++++ ...ert-Make-installation-properly-relocatabl.patch | 49 ---------------------- 4 files changed, 51 insertions(+), 51 deletions(-) create mode 100644 gnu/packages/patches/akonadi-Revert-Make-installation-properly-relo.patch delete mode 100644 gnu/packages/patches/akonadi-Revert-Make-installation-properly-relocatabl.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index f6c56ceb28..e542cc1bd7 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -714,7 +714,7 @@ dist_patch_DATA = \ %D%/packages/patches/aegisub-boost68.patch \ %D%/packages/patches/agg-am_c_prototype.patch \ %D%/packages/patches/akonadi-paths.patch \ - %D%/packages/patches/akonadi-Revert-Make-installation-properly-relocatabl.patch \ + %D%/packages/patches/akonadi-Revert-Make-installation-properly-relo.patch \ %D%/packages/patches/akonadi-timestamps.patch \ %D%/packages/patches/allegro-mesa-18.2.5-and-later.patch \ %D%/packages/patches/amule-crypto-6.patch \ diff --git a/gnu/packages/kde-pim.scm b/gnu/packages/kde-pim.scm index 9d48475a17..b4fc8745dd 100644 --- a/gnu/packages/kde-pim.scm +++ b/gnu/packages/kde-pim.scm @@ -52,7 +52,7 @@ (define-public akonadi (patches (search-patches "akonadi-paths.patch" "akonadi-timestamps.patch" - "akonadi-Revert-Make-installation-properly-relocatabl.patch")))) + "akonadi-Revert-Make-installation-properly-relo.patch")))) (build-system qt-build-system) (native-inputs `(("extra-cmake-modules" ,extra-cmake-modules) diff --git a/gnu/packages/patches/akonadi-Revert-Make-installation-properly-relo.patch b/gnu/packages/patches/akonadi-Revert-Make-installation-properly-relo.patch new file mode 100644 index 0000000000..c3964c5c05 --- /dev/null +++ b/gnu/packages/patches/akonadi-Revert-Make-installation-properly-relo.patch @@ -0,0 +1,49 @@ +From bc018b4bc816a3b51deb9739bedbf8a2268d0684 Mon Sep 17 00:00:00 2001 +From: gnidorah +Date: Fri, 22 Dec 2017 17:36:03 +0300 +Subject: [PATCH] Revert "Make Akonadi installation properly relocatable" + +This reverts commit b2bb55f13f2ac783f89cc414de8c39f62fa2096a. +--- + CMakeLists.txt | 3 --- + KF5AkonadiConfig.cmake.in | 6 +++--- + 2 files changed, 3 insertions(+), 6 deletions(-) + +Index: akonadi-19.08.0/CMakeLists.txt +=================================================================== +--- akonadi-19.08.0.orig/CMakeLists.txt ++++ akonadi-19.08.0/CMakeLists.txt +@@ -306,9 +306,6 @@ configure_package_config_file( + "${CMAKE_CURRENT_SOURCE_DIR}/KF5AkonadiConfig.cmake.in" + "${CMAKE_CURRENT_BINARY_DIR}/KF5AkonadiConfig.cmake" + INSTALL_DESTINATION ${CMAKECONFIG_INSTALL_DIR} +- PATH_VARS AKONADI_DBUS_INTERFACES_INSTALL_DIR +- AKONADI_INCLUDE_DIR +- KF5Akonadi_DATA_DIR + ) + + install(FILES +Index: akonadi-19.08.0/KF5AkonadiConfig.cmake.in +=================================================================== +--- akonadi-19.08.0.orig/KF5AkonadiConfig.cmake.in ++++ akonadi-19.08.0/KF5AkonadiConfig.cmake.in +@@ -26,8 +26,8 @@ if(BUILD_TESTING) + find_dependency(Qt5Test "@QT_REQUIRED_VERSION@") + endif() + +-set_and_check(AKONADI_DBUS_INTERFACES_DIR "@PACKAGE_AKONADI_DBUS_INTERFACES_INSTALL_DIR@") +-set_and_check(AKONADI_INCLUDE_DIR "@PACKAGE_AKONADI_INCLUDE_DIR@") ++set_and_check(AKONADI_DBUS_INTERFACES_DIR "@AKONADI_DBUS_INTERFACES_INSTALL_DIR@") ++set_and_check(AKONADI_INCLUDE_DIR "@AKONADI_INCLUDE_DIR@") + + find_dependency(Boost "@Boost_MINIMUM_VERSION@") + +@@ -35,7 +35,7 @@ include(${CMAKE_CURRENT_LIST_DIR}/KF5Ako + include(${CMAKE_CURRENT_LIST_DIR}/KF5AkonadiMacros.cmake) + + # The directory where akonadi-xml.xsd and kcfg2dbus.xsl are installed +-set(KF5Akonadi_DATA_DIR "@PACKAGE_KF5Akonadi_DATA_DIR@") ++set(KF5Akonadi_DATA_DIR "@KF5Akonadi_DATA_DIR@") + + #################################################################################### + # CMAKE_AUTOMOC diff --git a/gnu/packages/patches/akonadi-Revert-Make-installation-properly-relocatabl.patch b/gnu/packages/patches/akonadi-Revert-Make-installation-properly-relocatabl.patch deleted file mode 100644 index c3964c5c05..0000000000 --- a/gnu/packages/patches/akonadi-Revert-Make-installation-properly-relocatabl.patch +++ /dev/null @@ -1,49 +0,0 @@ -From bc018b4bc816a3b51deb9739bedbf8a2268d0684 Mon Sep 17 00:00:00 2001 -From: gnidorah -Date: Fri, 22 Dec 2017 17:36:03 +0300 -Subject: [PATCH] Revert "Make Akonadi installation properly relocatable" - -This reverts commit b2bb55f13f2ac783f89cc414de8c39f62fa2096a. ---- - CMakeLists.txt | 3 --- - KF5AkonadiConfig.cmake.in | 6 +++--- - 2 files changed, 3 insertions(+), 6 deletions(-) - -Index: akonadi-19.08.0/CMakeLists.txt -=================================================================== ---- akonadi-19.08.0.orig/CMakeLists.txt -+++ akonadi-19.08.0/CMakeLists.txt -@@ -306,9 +306,6 @@ configure_package_config_file( - "${CMAKE_CURRENT_SOURCE_DIR}/KF5AkonadiConfig.cmake.in" - "${CMAKE_CURRENT_BINARY_DIR}/KF5AkonadiConfig.cmake" - INSTALL_DESTINATION ${CMAKECONFIG_INSTALL_DIR} -- PATH_VARS AKONADI_DBUS_INTERFACES_INSTALL_DIR -- AKONADI_INCLUDE_DIR -- KF5Akonadi_DATA_DIR - ) - - install(FILES -Index: akonadi-19.08.0/KF5AkonadiConfig.cmake.in -=================================================================== ---- akonadi-19.08.0.orig/KF5AkonadiConfig.cmake.in -+++ akonadi-19.08.0/KF5AkonadiConfig.cmake.in -@@ -26,8 +26,8 @@ if(BUILD_TESTING) - find_dependency(Qt5Test "@QT_REQUIRED_VERSION@") - endif() - --set_and_check(AKONADI_DBUS_INTERFACES_DIR "@PACKAGE_AKONADI_DBUS_INTERFACES_INSTALL_DIR@") --set_and_check(AKONADI_INCLUDE_DIR "@PACKAGE_AKONADI_INCLUDE_DIR@") -+set_and_check(AKONADI_DBUS_INTERFACES_DIR "@AKONADI_DBUS_INTERFACES_INSTALL_DIR@") -+set_and_check(AKONADI_INCLUDE_DIR "@AKONADI_INCLUDE_DIR@") - - find_dependency(Boost "@Boost_MINIMUM_VERSION@") - -@@ -35,7 +35,7 @@ include(${CMAKE_CURRENT_LIST_DIR}/KF5Ako - include(${CMAKE_CURRENT_LIST_DIR}/KF5AkonadiMacros.cmake) - - # The directory where akonadi-xml.xsd and kcfg2dbus.xsl are installed --set(KF5Akonadi_DATA_DIR "@PACKAGE_KF5Akonadi_DATA_DIR@") -+set(KF5Akonadi_DATA_DIR "@KF5Akonadi_DATA_DIR@") - - #################################################################################### - # CMAKE_AUTOMOC -- cgit v1.2.3 From 374540ff6556d4d5d76d48adfc5140eefd40f6d8 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Fri, 6 Mar 2020 16:50:23 -0800 Subject: gnu: sdl-pango: Rename patch to fix guix lint warning about patch filename size. * gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch: Rename to ... * gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch: ... this. * gnu/local.mk: Update accordingly. * gnu/packages/sdl.scm: Update accordingly. --- gnu/local.mk | 2 +- ...-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch | 20 ++++++++++++++++++++ ...fix-explicit-SDLPango_CopyFTBitmapToSurface.patch | 20 -------------------- gnu/packages/sdl.scm | 2 +- 4 files changed, 22 insertions(+), 22 deletions(-) create mode 100644 gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch delete mode 100644 gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index e542cc1bd7..4e3f4261d1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1256,7 +1256,7 @@ dist_patch_DATA = \ %D%/packages/patches/sdl-pango-api_additions.patch \ %D%/packages/patches/sdl-pango-blit_overflow.patch \ %D%/packages/patches/sdl-pango-fillrect_crash.patch \ - %D%/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch \ + %D%/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch \ %D%/packages/patches/sdl-pango-matrix_declarations.patch \ %D%/packages/patches/sdl-pango-sans-serif.patch \ %D%/packages/patches/patchutils-test-perms.patch \ diff --git a/gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch b/gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch new file mode 100644 index 0000000000..3d4b10cc10 --- /dev/null +++ b/gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch @@ -0,0 +1,20 @@ +--- a/src/SDL_Pango.h ++++ b/src/SDL_Pango.h +@@ -171,7 +171,7 @@ + SDLPango_Direction direction); + + +-#ifdef __FT2_BUILD_UNIX_H__ ++#ifdef FT2BUILD_H_ + + extern DECLSPEC void SDLCALL SDLPango_CopyFTBitmapToSurface( + const FT_Bitmap *bitmap, +@@ -179,7 +179,7 @@ + const SDLPango_Matrix *matrix, + SDL_Rect *rect); + +-#endif /* __FT2_BUILD_UNIX_H__ */ ++#endif + + + #ifdef __PANGO_H__ diff --git a/gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch b/gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch deleted file mode 100644 index 3d4b10cc10..0000000000 --- a/gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/src/SDL_Pango.h -+++ b/src/SDL_Pango.h -@@ -171,7 +171,7 @@ - SDLPango_Direction direction); - - --#ifdef __FT2_BUILD_UNIX_H__ -+#ifdef FT2BUILD_H_ - - extern DECLSPEC void SDLCALL SDLPango_CopyFTBitmapToSurface( - const FT_Bitmap *bitmap, -@@ -179,7 +179,7 @@ - const SDLPango_Matrix *matrix, - SDL_Rect *rect); - --#endif /* __FT2_BUILD_UNIX_H__ */ -+#endif - - - #ifdef __PANGO_H__ diff --git a/gnu/packages/sdl.scm b/gnu/packages/sdl.scm index 26c9bd5eb3..90719f7e5e 100644 --- a/gnu/packages/sdl.scm +++ b/gnu/packages/sdl.scm @@ -345,7 +345,7 @@ (define-public sdl-pango "sdl-pango-api_additions.patch" "sdl-pango-blit_overflow.patch" "sdl-pango-fillrect_crash.patch" - "sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch" + "sdl-pango-fix-explicit-SDLPango_CopyFTBitmapTo.patch" "sdl-pango-matrix_declarations.patch" "sdl-pango-sans-serif.patch")))) (build-system gnu-build-system) -- cgit v1.2.3 From c0dc4179091f85fe4b8a2bbdb07c154a7f0408ed Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sat, 7 Mar 2020 12:02:22 +0100 Subject: gnu: spice: Update to 0.14.3. * gnu/packages/spice.scm (spice): Update to 0.14.3. [source]: Remove obsolete patch. * gnu/packages/patches/spice-fix-test-armhf.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/image.scm | 2 +- gnu/packages/patches/spice-fix-test-armhf.patch | 19 ------------------- gnu/packages/spice.scm | 7 +++---- gnu/packages/video.scm | 4 ++-- 5 files changed, 6 insertions(+), 27 deletions(-) delete mode 100644 gnu/packages/patches/spice-fix-test-armhf.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 4e3f4261d1..7dd65ac001 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1407,7 +1407,6 @@ dist_patch_DATA = \ %D%/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch \ %D%/packages/patches/sooperlooper-build-with-wx-30.patch \ %D%/packages/patches/soundconverter-remove-gconf-dependency.patch \ - %D%/packages/patches/spice-fix-test-armhf.patch \ %D%/packages/patches/steghide-fixes.patch \ %D%/packages/patches/suitesparse-mongoose-cmake.patch \ %D%/packages/patches/superlu-dist-awpm-grid.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index c26e0dc338..101fe0dc2a 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -1300,7 +1300,7 @@ (define-public zimg (commit (string-append "release-" version)))) (file-name (git-file-name name version)) (sha256 - (base32 "1dqyrq3p8bkgvj4ci50ac342hjnhyz6xxvhiwp7wpi3v3nbj7s02")))) + (base32 "12bs2rfmmy021087i10vxibdbbvd5vld0vk3h5hymhpz7rgszcmg")))) (build-system gnu-build-system) (native-inputs `(("autoconf" ,autoconf) diff --git a/gnu/packages/patches/spice-fix-test-armhf.patch b/gnu/packages/patches/spice-fix-test-armhf.patch deleted file mode 100644 index 5c51bd6ede..0000000000 --- a/gnu/packages/patches/spice-fix-test-armhf.patch +++ /dev/null @@ -1,19 +0,0 @@ -Fix test failure on armhf and ppc64el: -https://gitlab.freedesktop.org/spice/spice-server/issues/31 - -Taken from upstream: -https://gitlab.freedesktop.org/spice/spice/commit/19f9f454e0777d851f26d14df0c7984267c57015 - -diff --git a/server/tests/test-qxl-parsing.c b/server/tests/test-qxl-parsing.c -index 60ca8f88c62441e02577ced21e4f60a08ad4171a..234bdabc9ce619d0799b5136f1d72357b0b2f490 100644 ---- a/server/tests/test-qxl-parsing.c -+++ b/server/tests/test-qxl-parsing.c -@@ -96,7 +96,7 @@ static void test_memslot_invalid_slot_id(void) - RedMemSlotInfo mem_info; - init_meminfo(&mem_info); - -- memslot_get_virt(&mem_info, 1 << mem_info.memslot_id_shift, 16, 0); -+ memslot_get_virt(&mem_info, UINT64_C(1) << mem_info.memslot_id_shift, 16, 0); - } - - static void test_memslot_invalid_addresses(void) diff --git a/gnu/packages/spice.scm b/gnu/packages/spice.scm index a57e0151ca..404b2a7a05 100644 --- a/gnu/packages/spice.scm +++ b/gnu/packages/spice.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 David Craven -;;; Copyright © 2018, 2019 Tobias Geerinckx-Rice +;;; Copyright © 2018, 2019, 2020 Tobias Geerinckx-Rice ;;; Copyright © 2019 Rutger Helling ;;; Copyright © 2019 Marius Bakke ;;; @@ -191,16 +191,15 @@ (define-public spice-gtk (define-public spice (package (name "spice") - (version "0.14.2") + (version "0.14.3") (source (origin (method url-fetch) (uri (string-append "https://www.spice-space.org/download/releases/" "spice-server/spice-" version ".tar.bz2")) - (patches (search-patches "spice-fix-test-armhf.patch")) (sha256 (base32 - "19r999py9v9c7md2bb8ysj809ag1hh6djl1ik8jcgx065s4b60xj")))) + "05512vkfayw18ypg4acqbbpr72nsnsz9bj7k8c2wyrvnl3j4n7am")))) (build-system gnu-build-system) (propagated-inputs `(("openssl" ,openssl) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 6719e1e047..e7929727d1 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -1548,7 +1548,7 @@ (define-public libvpx-1.7 (define-public youtube-dl (package (name "youtube-dl") - (version "2020.02.16") + (version "2020.03.06") (source (origin (method url-fetch) (uri (string-append "https://github.com/ytdl-org/youtube-dl/" @@ -1556,7 +1556,7 @@ (define-public youtube-dl version ".tar.gz")) (sha256 (base32 - "1ip0p7gifwmkls8ppfvz89j1lh82dg60zmvabj8njnhj170ikkdb")))) + "16c10rgkjrjv115w4r7gsr9hcakqq5s2cg250b1hwvxdsxqp8vnv")))) (build-system python-build-system) (arguments ;; The problem here is that the directory for the man page and completion -- cgit v1.2.3 From 880a316591650a06c18aeaef1703800784d2c196 Mon Sep 17 00:00:00 2001 From: Robert Smith Date: Fri, 6 Mar 2020 17:00:19 +0100 Subject: gnu: anki: Fix mpv audio playback MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/patches/anki-mpv-args.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/education.scm (anki): Adjust accordingly, wrap anki's PATH to include mpv executable. Signed-off-by: Jakub Kądziołka --- gnu/local.mk | 1 + gnu/packages/education.scm | 6 ++++- gnu/packages/patches/anki-mpv-args.patch | 42 ++++++++++++++++++++++++++++++++ 3 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/anki-mpv-args.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 7dd65ac001..a88a0102f6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -718,6 +718,7 @@ dist_patch_DATA = \ %D%/packages/patches/akonadi-timestamps.patch \ %D%/packages/patches/allegro-mesa-18.2.5-and-later.patch \ %D%/packages/patches/amule-crypto-6.patch \ + %D%/packages/patches/anki-mpv-args.patch \ %D%/packages/patches/antiword-CVE-2014-8123.patch \ %D%/packages/patches/antlr3-3_1-fix-java8-compilation.patch \ %D%/packages/patches/antlr3-3_3-fix-java8-compilation.patch \ diff --git a/gnu/packages/education.scm b/gnu/packages/education.scm index b2501f2c7b..7c84d832c0 100644 --- a/gnu/packages/education.scm +++ b/gnu/packages/education.scm @@ -738,7 +738,8 @@ (define-public anki (uri (string-append "https://apps.ankiweb.net/downloads/archive/anki-" version "-source.tgz")) (sha256 - (base32 "1gfr51rnllkyzli73p4r51h5ypzfa3m7lic3m3rzpywmqwrxs07k")))) + (base32 "1gfr51rnllkyzli73p4r51h5ypzfa3m7lic3m3rzpywmqwrxs07k")) + (patches (search-patches "anki-mpv-args.patch")))) (build-system gnu-build-system) (arguments `(#:make-flags (list (string-append "PREFIX=" %output)) @@ -779,6 +780,9 @@ (define-public anki (wrap-program program `("QTWEBENGINEPROCESS_PATH" = (,qtwebengineprocess)) + `("PATH" prefix (,(string-append + (assoc-ref inputs "mpv") + "/bin"))) `("PYTHONPATH" = ,site-packages))) (find-files bin "."))) #t))))) diff --git a/gnu/packages/patches/anki-mpv-args.patch b/gnu/packages/patches/anki-mpv-args.patch new file mode 100644 index 0000000000..21b9bd0aba --- /dev/null +++ b/gnu/packages/patches/anki-mpv-args.patch @@ -0,0 +1,42 @@ +Modified from upstream commit: +https://github.com/ankitects/anki/commit/ccd715013609133c55e83924734efa78abc03326 +Fixes mpv argument syntax (support for old syntax removed in mpv 0.31): +https://anki.tenderapp.com/discussions/ankidesktop/38186-mpvprocesserror-unable-to-start-process +Necessary because we are currently unable to upgrade anki to the +latest version in guix (NPM dependencies currently unpackaged). +--- + anki/mpv.py | 4 ++-- + anki/sound.py | 1 - + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/anki/mpv.py b/anki/mpv.py +index f53d9d0..563fddc 100644 +--- a/anki/mpv.py ++++ b/anki/mpv.py +@@ -104,9 +104,9 @@ class MPVBase: + """ + self.argv = [self.executable] + self.argv += self.default_argv +- self.argv += ["--input-ipc-server", self._sock_filename] ++ self.argv += ["--input-ipc-server="+self._sock_filename] + if self.window_id is not None: +- self.argv += ["--wid", str(self.window_id)] ++ self.argv += ["--wid="+str(self.window_id)] + + def _start_process(self): + """Start the mpv process. +diff --git a/anki/sound.py b/anki/sound.py +index aa3431b..a5fce44 100644 +--- a/anki/sound.py ++++ b/anki/sound.py +@@ -124,7 +124,6 @@ class MpvManager(MPV): + def setMpvConfigBase(base): + mpvConfPath = os.path.join(base, "mpv.conf") + MpvManager.default_argv += [ +- "--no-config", + "--include="+mpvConfPath, + ] + +-- +2.25.1 + -- cgit v1.2.3 From 8ab060b68b3d01ae8546741b77f3df779a8dc61c Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 7 Mar 2020 21:42:34 +0100 Subject: gnu: guile: Add 2.2.7. * gnu/packages/guile.scm (guile-2.2.7): New variable. (guile-2.2/bug-fix): Redefine as a deprecated alias for GUILE-2.2.7. * gnu/packages/admin.scm (shepherd)[native-inputs, inputs]: Use GUILE-2.2.7. * gnu/packages/patches/guile-finalization-crash.patch: Remove. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/admin.scm | 4 +- gnu/packages/guile.scm | 16 +++--- .../patches/guile-finalization-crash.patch | 61 ---------------------- 4 files changed, 12 insertions(+), 70 deletions(-) delete mode 100644 gnu/packages/patches/guile-finalization-crash.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index a88a0102f6..bd4522162b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -980,7 +980,6 @@ dist_patch_DATA = \ %D%/packages/patches/guile-2.2-skip-oom-test.patch \ %D%/packages/patches/guile-default-utf8.patch \ %D%/packages/patches/guile-gdbm-ffi-support-gdbm-1.14.patch \ - %D%/packages/patches/guile-finalization-crash.patch \ %D%/packages/patches/guile-linux-syscalls.patch \ %D%/packages/patches/guile-present-coding.patch \ %D%/packages/patches/guile-relocatable.patch \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index 3079114492..51a74302e4 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -211,10 +211,10 @@ (define-public shepherd `(("pkg-config" ,pkg-config) ;; This is the Guile we use as a cross-compiler... - ("guile" ,guile-2.2/bug-fix))) + ("guile" ,guile-2.2.7))) (inputs ;; ... and this is the one that appears in shebangs when cross-compiling. - `(("guile" ,guile-2.2/bug-fix) ;for + `(("guile" ,guile-2.2.7) ;for ;; The 'shepherd' command uses Readline when used interactively. It's ;; an unusual use case though, so we don't propagate it. diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index a5466f8672..9c83f3339b 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -250,17 +250,21 @@ (define-public guile-2.2 (variable "GUILE_LOAD_COMPILED_PATH") (files '("lib/guile/2.2/site-ccache"))))))) -(define-public guile-2.2/bug-fix - ;; This variant contains a bug fix for a relatively rare crash that could +(define-public guile-2.2.7 + ;; This version contains a bug fix for a relatively rare crash that could ;; affect shepherd as PID 1: . (package (inherit guile-2.2) - (version (string-append (package-version guile-2.2) "-1")) + (version "2.2.7") (source (origin (inherit (package-source guile-2.2)) - (patches - (append (search-patches "guile-finalization-crash.patch") - (origin-patches (package-source guile-2.2)))))))) + (uri (string-append "mirror://gnu/guile/guile-" version + ".tar.xz")) + (sha256 + (base32 + "013mydzhfswqci6xmyc1ajzd59pfbdak15i0b090nhr9bzm7dxyd")))))) + +(define-deprecated guile-2.2/bug-fix guile-2.2.7) (define-public guile-2.2/fixed ;; A package of Guile 2.2 that's rarely changed. It is the one used diff --git a/gnu/packages/patches/guile-finalization-crash.patch b/gnu/packages/patches/guile-finalization-crash.patch deleted file mode 100644 index 098249e49f..0000000000 --- a/gnu/packages/patches/guile-finalization-crash.patch +++ /dev/null @@ -1,61 +0,0 @@ -commit edf5aea7ac852db2356ef36cba4a119eb0c81ea9 -Author: Ludovic Courtès -Date: Mon Dec 9 14:44:59 2019 +0100 - - Fix non-deterministic crash in 'finalization_thread_proc'. - - Fixes . - Reported by Jesse Gibbons . - - * libguile/finalizers.c (finalization_thread_proc): Do not enter the - "switch (data.byte)" condition when data.n <= 0. - -diff --git a/libguile/finalizers.c b/libguile/finalizers.c -index c5d69e8e3..94a6e6b0a 100644 ---- a/libguile/finalizers.c -+++ b/libguile/finalizers.c -@@ -1,4 +1,4 @@ --/* Copyright (C) 2012, 2013, 2014 Free Software Foundation, Inc. -+/* Copyright (C) 2012, 2013, 2014, 2019 Free Software Foundation, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License -@@ -211,21 +211,26 @@ finalization_thread_proc (void *unused) - - scm_without_guile (read_finalization_pipe_data, &data); - -- if (data.n <= 0 && data.err != EINTR) -+ if (data.n <= 0) - { -- perror ("error in finalization thread"); -- return NULL; -+ if (data.err != EINTR) -+ { -+ perror ("error in finalization thread"); -+ return NULL; -+ } - } -- -- switch (data.byte) -+ else - { -- case 0: -- scm_run_finalizers (); -- break; -- case 1: -- return NULL; -- default: -- abort (); -+ switch (data.byte) -+ { -+ case 0: -+ scm_run_finalizers (); -+ break; -+ case 1: -+ return NULL; -+ default: -+ abort (); -+ } - } - } - } -- cgit v1.2.3 From d9476a3700e23b2fad145cb3f90d84a7fcf3ed59 Mon Sep 17 00:00:00 2001 From: Lars-Dominik Braun Date: Wed, 4 Mar 2020 10:46:36 +0100 Subject: gnu: woff2: Update to 1.0.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/fontutils.scm (woff2): Update to 1.0.2 and switch to cmake * gnu/packages/patches/woff2-libbrotli.patch: Remove * gnu/local.mk (dist_patch_DATA): Remove patch Signed-off-by: Ludovic Courtès --- gnu/local.mk | 1 - gnu/packages/fontutils.scm | 65 ++++++++++------------- gnu/packages/patches/woff2-libbrotli.patch | 84 ------------------------------ 3 files changed, 28 insertions(+), 122 deletions(-) delete mode 100644 gnu/packages/patches/woff2-libbrotli.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index bd4522162b..50a2602a44 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1488,7 +1488,6 @@ dist_patch_DATA = \ %D%/packages/patches/wicd-wpa2-ttls.patch \ %D%/packages/patches/wmctrl-64-fix.patch \ %D%/packages/patches/wmfire-update-for-new-gdk-versions.patch \ - %D%/packages/patches/woff2-libbrotli.patch \ %D%/packages/patches/wordnet-CVE-2008-2149.patch \ %D%/packages/patches/wordnet-CVE-2008-3908-pt1.patch \ %D%/packages/patches/wordnet-CVE-2008-3908-pt2.patch \ diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index d802feb1da..3daa5187b9 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -257,44 +257,35 @@ (define-public ttf2pt1 (license license:bsd-3))) (define-public woff2 - (let ((commit "4e698b8c6c5e070d53c340db9ddf160e21070ede") - (revision "1")) - (package - (name "woff2") - (version (string-append "20160306-" revision "." - (string-take commit 7))) - (source (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/google/woff2.git") - (commit commit))) - (file-name (string-append name "-" version ".tar.xz")) - (sha256 - (base32 - "0wka0yhf0cjmd4rv2jckxpyv6lb5ckj4nj0k1ajq5hrjy7f30lcp")) - (patches (list (search-patch "woff2-libbrotli.patch"))))) - (build-system gnu-build-system) - (native-inputs - `(("pkg-config" ,pkg-config))) - (inputs - `(("brotli" ,brotli))) - (arguments - `(#:tests? #f ;no tests - #:phases (modify-phases %standard-phases - (delete 'configure) - (replace 'install - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append out "/bin"))) - (install-file "woff2_compress" bin) - (install-file "woff2_decompress" bin) - #t)))))) - (synopsis "Compress TrueType fonts to WOFF2") - (description - "This package provides utilities for compressing/decompressing TrueType + (package + (name "woff2") + (version "1.0.2") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/google/woff2.git") + (commit (string-append "v" version)))) + (file-name (string-append name "-" version ".git")) + (sha256 + (base32 + "13l4g536h0pr84ww4wxs2za439s0xp1va55g6l478rfbb1spp44y")))) + (build-system cmake-build-system) + (native-inputs + `(("pkg-config" ,pkg-config))) + (inputs + `(("google-brotli" ,google-brotli))) + (arguments + ;; package has no tests + `(#:tests? #f + ;; we can’t have both, shared libraries and binaries, so turn off the + ;; former + #:configure-flags (list "-DBUILD_SHARED_LIBS=OFF"))) + (synopsis "Compress TrueType fonts to WOFF2") + (description + "This package provides utilities for compressing/decompressing TrueType fonts to/from the WOFF2 format.") - (license license:asl2.0) - (home-page "https://github.com/google/woff2")))) + (license license:asl2.0) + (home-page "https://github.com/google/woff2"))) (define-public fontconfig (package diff --git a/gnu/packages/patches/woff2-libbrotli.patch b/gnu/packages/patches/woff2-libbrotli.patch deleted file mode 100644 index ffa941cf92..0000000000 --- a/gnu/packages/patches/woff2-libbrotli.patch +++ /dev/null @@ -1,84 +0,0 @@ -From: Eric Bavier -Date: Sat, 2 Apr 2016 01:31:03 -0500 -Subject: [PATCH] Build against external libbrotli. - ---- - Makefile | 20 ++++---------------- - src/woff2_dec.cc | 2 +- - src/woff2_enc.cc | 2 +- - 3 files changed, 6 insertions(+), 18 deletions(-) - -diff --git a/Makefile b/Makefile -index 92b8d54..618a751 100644 ---- a/Makefile -+++ b/Makefile -@@ -1,6 +1,6 @@ - OS := $(shell uname) - --CPPFLAGS = -I./brotli/dec/ -I./brotli/enc/ -I./src -+CPPFLAGS := -I./src $(shell pkg-config --cflags libbrotlienc libbrotlidec) - - CC ?= gcc - CXX ?= g++ -@@ -22,29 +22,17 @@ OUROBJ = font.o glyph.o normalize.o table_tags.o transform.o \ - woff2_dec.o woff2_enc.o woff2_common.o woff2_out.o \ - variable_length.o - --BROTLI = brotli --ENCOBJ = $(BROTLI)/enc/*.o --DECOBJ = $(BROTLI)/dec/*.o -+BROTLI_LIBS := $(shell pkg-config --libs libbrotlienc libbrotlidec) - - OBJS = $(patsubst %, $(SRCDIR)/%, $(OUROBJ)) - EXECUTABLES=woff2_compress woff2_decompress - - EXE_OBJS=$(patsubst %, $(SRCDIR)/%.o, $(EXECUTABLES)) - --ifeq (,$(wildcard $(BROTLI)/*)) -- $(error Brotli dependency not found : you must initialize the Git submodule) --endif -- - all : $(OBJS) $(EXECUTABLES) - --$(EXECUTABLES) : $(EXE_OBJS) deps -- $(CXX) $(LFLAGS) $(OBJS) $(ENCOBJ) $(DECOBJ) $(SRCDIR)/$@.o -o $@ -- --deps : -- $(MAKE) -C $(BROTLI)/dec -- $(MAKE) -C $(BROTLI)/enc -+$(EXECUTABLES) : $(EXE_OBJS) $(OBJS) -+ $(CXX) $(LDFLAGS) $(OBJS) $(SRCDIR)/$@.o -o $@ $(BROTLI_LIBS) $(LIBS) - - clean : - rm -f $(OBJS) $(EXE_OBJS) $(EXECUTABLES) -- $(MAKE) -C $(BROTLI)/dec clean -- $(MAKE) -C $(BROTLI)/enc clean -diff --git a/src/woff2_dec.cc b/src/woff2_dec.cc -index 837eede..98c01ce 100644 ---- a/src/woff2_dec.cc -+++ b/src/woff2_dec.cc -@@ -27,7 +27,7 @@ - #include - #include - --#include "./decode.h" -+#include "brotli/dec/decode.h" - #include "./buffer.h" - #include "./port.h" - #include "./round.h" -diff --git a/src/woff2_enc.cc b/src/woff2_enc.cc -index 920c614..00d74da 100644 ---- a/src/woff2_enc.cc -+++ b/src/woff2_enc.cc -@@ -23,7 +23,7 @@ - #include - #include - --#include "./encode.h" -+#include "brotli/enc/encode.h" - #include "./buffer.h" - #include "./font.h" - #include "./normalize.h" --- -2.7.3 - -- cgit v1.2.3 From be3908fa145b72da9fd53a30751383a69fbedcb0 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 7 Mar 2020 08:30:52 -0500 Subject: gnu: QEMU: Fix CVE-2020-8608. * gnu/packages/patches/qemu-CVE-2020-8608.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/virtualization.scm (qemu)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/qemu-CVE-2020-8608.patch | 269 ++++++++++++++++++++++++++ gnu/packages/virtualization.scm | 1 + 3 files changed, 271 insertions(+) create mode 100644 gnu/packages/patches/qemu-CVE-2020-8608.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 50a2602a44..2f0768f036 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1349,6 +1349,7 @@ dist_patch_DATA = \ %D%/packages/patches/qemu-CVE-2020-1711.patch \ %D%/packages/patches/qemu-CVE-2020-7039.patch \ %D%/packages/patches/qemu-CVE-2020-7211.patch \ + %D%/packages/patches/qemu-CVE-2020-8608.patch \ %D%/packages/patches/qemu-fix-documentation-build-failure.patch \ %D%/packages/patches/qrcodegen-cpp-make-install.patch \ %D%/packages/patches/qt4-ldflags.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2020-8608.patch b/gnu/packages/patches/qemu-CVE-2020-8608.patch new file mode 100644 index 0000000000..4cb017c795 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2020-8608.patch @@ -0,0 +1,269 @@ +Fix CVE-2020-8608: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608 +https://www.openwall.com/lists/oss-security/2020/02/06/2 + +Patches copied from upstream dependency repository: + +https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843 +https://gitlab.freedesktop.org/slirp/libslirp/commit/30648c03b27fb8d9611b723184216cd3174b6775 + +From 68ccb8021a838066f0951d4b2817eb6b6f10a843 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Mon, 27 Jan 2020 10:24:14 +0100 +Subject: [PATCH] tcp_emu: fix unsafe snprintf() usages +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Various calls to snprintf() assume that snprintf() returns "only" the +number of bytes written (excluding terminating NUL). + +https://pubs.opengroup.org/onlinepubs/9699919799/functions/snprintf.html#tag_16_159_04 + +"Upon successful completion, the snprintf() function shall return the +number of bytes that would be written to s had n been sufficiently +large excluding the terminating null byte." + +Before patch ce131029, if there isn't enough room in "m_data" for the +"DCC ..." message, we overflow "m_data". + +After the patch, if there isn't enough room for the same, we don't +overflow "m_data", but we set "m_len" out-of-bounds. The next time an +access is bounded by "m_len", we'll have a buffer overflow then. + +Use slirp_fmt*() to fix potential OOB memory access. + +Reported-by: Laszlo Ersek +Signed-off-by: Marc-André Lureau +Reviewed-by: Samuel Thibault +Message-Id: <20200127092414.169796-7-marcandre.lureau@redhat.com> +--- + src/tcp_subr.c | 44 +++++++++++++++++++++----------------------- + 1 file changed, 21 insertions(+), 23 deletions(-) + +diff --git a/src/tcp_subr.c b/src/tcp_subr.c +index a699117..a72c86b 100644 +--- a/slirp/src/tcp_subr.c ++++ b/slirp/src/tcp_subr.c +@@ -643,8 +643,7 @@ int tcp_emu(struct socket *so, struct mbuf *m) + NTOHS(n1); + NTOHS(n2); + m_inc(m, snprintf(NULL, 0, "%d,%d\r\n", n1, n2) + 1); +- m->m_len = snprintf(m->m_data, M_ROOM(m), "%d,%d\r\n", n1, n2); +- assert(m->m_len < M_ROOM(m)); ++ m->m_len = slirp_fmt(m->m_data, M_ROOM(m), "%d,%d\r\n", n1, n2); + } else { + *eol = '\r'; + } +@@ -684,9 +683,9 @@ int tcp_emu(struct socket *so, struct mbuf *m) + n4 = (laddr & 0xff); + + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, M_FREEROOM(m), +- "ORT %d,%d,%d,%d,%d,%d\r\n%s", n1, n2, n3, n4, +- n5, n6, x == 7 ? buff : ""); ++ m->m_len += slirp_fmt(bptr, M_FREEROOM(m), ++ "ORT %d,%d,%d,%d,%d,%d\r\n%s", ++ n1, n2, n3, n4, n5, n6, x == 7 ? buff : ""); + return 1; + } else if ((bptr = (char *)strstr(m->m_data, "27 Entering")) != NULL) { + /* +@@ -719,10 +718,9 @@ int tcp_emu(struct socket *so, struct mbuf *m) + n4 = (laddr & 0xff); + + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, M_FREEROOM(m), +- "27 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n%s", +- n1, n2, n3, n4, n5, n6, x == 7 ? buff : ""); +- ++ m->m_len += slirp_fmt(bptr, M_FREEROOM(m), ++ "27 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n%s", ++ n1, n2, n3, n4, n5, n6, x == 7 ? buff : ""); + return 1; + } + +@@ -745,8 +743,8 @@ int tcp_emu(struct socket *so, struct mbuf *m) + if (m->m_data[m->m_len - 1] == '\0' && lport != 0 && + (so = tcp_listen(slirp, INADDR_ANY, 0, so->so_laddr.s_addr, + htons(lport), SS_FACCEPTONCE)) != NULL) +- m->m_len = snprintf(m->m_data, M_ROOM(m), +- "%d", ntohs(so->so_fport)) + 1; ++ m->m_len = slirp_fmt0(m->m_data, M_ROOM(m), ++ "%d", ntohs(so->so_fport)); + return 1; + + case EMU_IRC: +@@ -765,10 +763,10 @@ int tcp_emu(struct socket *so, struct mbuf *m) + return 1; + } + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, M_FREEROOM(m), +- "DCC CHAT chat %lu %u%c\n", +- (unsigned long)ntohl(so->so_faddr.s_addr), +- ntohs(so->so_fport), 1); ++ m->m_len += slirp_fmt(bptr, M_FREEROOM(m), ++ "DCC CHAT chat %lu %u%c\n", ++ (unsigned long)ntohl(so->so_faddr.s_addr), ++ ntohs(so->so_fport), 1); + } else if (sscanf(bptr, "DCC SEND %256s %u %u %u", buff, &laddr, &lport, + &n1) == 4) { + if ((so = tcp_listen(slirp, INADDR_ANY, 0, htonl(laddr), +@@ -776,10 +774,10 @@ int tcp_emu(struct socket *so, struct mbuf *m) + return 1; + } + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, M_FREEROOM(m), +- "DCC SEND %s %lu %u %u%c\n", buff, +- (unsigned long)ntohl(so->so_faddr.s_addr), +- ntohs(so->so_fport), n1, 1); ++ m->m_len += slirp_fmt(bptr, M_FREEROOM(m), ++ "DCC SEND %s %lu %u %u%c\n", buff, ++ (unsigned long)ntohl(so->so_faddr.s_addr), ++ ntohs(so->so_fport), n1, 1); + } else if (sscanf(bptr, "DCC MOVE %256s %u %u %u", buff, &laddr, &lport, + &n1) == 4) { + if ((so = tcp_listen(slirp, INADDR_ANY, 0, htonl(laddr), +@@ -787,10 +785,10 @@ int tcp_emu(struct socket *so, struct mbuf *m) + return 1; + } + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, M_FREEROOM(m), +- "DCC MOVE %s %lu %u %u%c\n", buff, +- (unsigned long)ntohl(so->so_faddr.s_addr), +- ntohs(so->so_fport), n1, 1); ++ m->m_len += slirp_fmt(bptr, M_FREEROOM(m), ++ "DCC MOVE %s %lu %u %u%c\n", buff, ++ (unsigned long)ntohl(so->so_faddr.s_addr), ++ ntohs(so->so_fport), n1, 1); + } + return 1; + +-- +2.25.1 + +From 30648c03b27fb8d9611b723184216cd3174b6775 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Mon, 27 Jan 2020 10:24:09 +0100 +Subject: [PATCH] util: add slirp_fmt() helpers +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Various calls to snprintf() in libslirp assume that snprintf() returns +"only" the number of bytes written (excluding terminating NUL). + +https://pubs.opengroup.org/onlinepubs/9699919799/functions/snprintf.html#tag_16_159_04 + +"Upon successful completion, the snprintf() function shall return the +number of bytes that would be written to s had n been sufficiently +large excluding the terminating null byte." + +Introduce slirp_fmt() that handles several pathological cases the +way libslirp usually expect: + +- treat error as fatal (instead of silently returning -1) + +- fmt0() will always \0 end + +- return the number of bytes actually written (instead of what would +have been written, which would usually result in OOB later), including +the ending \0 for fmt0() + +- warn if truncation happened (instead of ignoring) + +Other less common cases can still be handled with strcpy/snprintf() etc. + +Signed-off-by: Marc-André Lureau +Reviewed-by: Samuel Thibault +Message-Id: <20200127092414.169796-2-marcandre.lureau@redhat.com> +--- + src/util.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + src/util.h | 3 +++ + 2 files changed, 65 insertions(+) + +diff --git a/src/util.c b/src/util.c +index e596087..e3b6257 100644 +--- a/slirp/src/util.c ++++ b/slirp/src/util.c +@@ -364,3 +364,65 @@ void slirp_pstrcpy(char *buf, int buf_size, const char *str) + } + *q = '\0'; + } ++ ++static int slirp_vsnprintf(char *str, size_t size, ++ const char *format, va_list args) ++{ ++ int rv = vsnprintf(str, size, format, args); ++ ++ if (rv < 0) { ++ g_error("vsnprintf() failed: %s", g_strerror(errno)); ++ } ++ ++ return rv; ++} ++ ++/* ++ * A snprintf()-like function that: ++ * - returns the number of bytes written (excluding optional \0-ending) ++ * - dies on error ++ * - warn on truncation ++ */ ++int slirp_fmt(char *str, size_t size, const char *format, ...) ++{ ++ va_list args; ++ int rv; ++ ++ va_start(args, format); ++ rv = slirp_vsnprintf(str, size, format, args); ++ va_end(args); ++ ++ if (rv > size) { ++ g_critical("vsnprintf() truncation"); ++ } ++ ++ return MIN(rv, size); ++} ++ ++/* ++ * A snprintf()-like function that: ++ * - always \0-end (unless size == 0) ++ * - returns the number of bytes actually written, including \0 ending ++ * - dies on error ++ * - warn on truncation ++ */ ++int slirp_fmt0(char *str, size_t size, const char *format, ...) ++{ ++ va_list args; ++ int rv; ++ ++ va_start(args, format); ++ rv = slirp_vsnprintf(str, size, format, args); ++ va_end(args); ++ ++ if (rv >= size) { ++ g_critical("vsnprintf() truncation"); ++ if (size > 0) ++ str[size - 1] = '\0'; ++ rv = size; ++ } else { ++ rv += 1; /* include \0 */ ++ } ++ ++ return rv; ++} +diff --git a/src/util.h b/src/util.h +index e9c3073..5530c46 100644 +--- a/slirp/src/util.h ++++ b/slirp/src/util.h +@@ -181,4 +181,7 @@ static inline int slirp_socket_set_fast_reuse(int fd) + + void slirp_pstrcpy(char *buf, int buf_size, const char *str); + ++int slirp_fmt(char *str, size_t size, const char *format, ...); ++int slirp_fmt0(char *str, size_t size, const char *format, ...); ++ + #endif +-- +2.25.1 + diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 91b2d2bd34..03f0ceaeee 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -122,6 +122,7 @@ (define-public qemu (patches (search-patches "qemu-CVE-2020-1711.patch" "qemu-CVE-2020-7039.patch" "qemu-CVE-2020-7211.patch" + "qemu-CVE-2020-8608.patch" "qemu-fix-documentation-build-failure.patch")) (sha256 (base32 -- cgit v1.2.3 From c3bde0b7af30a7d228e74bee44ddc4c4b1f4532c Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 9 Mar 2020 04:23:45 +0100 Subject: gnu: libseccomp: Update to 2.4.3. * gnu/packages/linux.scm (libseccomp): Update to 2.4.3. [source]: Remove upstreamed patch. * gnu/packages/patches/libseccomp-open-aarch64.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/linux.scm | 5 ++-- gnu/packages/patches/libseccomp-open-aarch64.patch | 27 ---------------------- 3 files changed, 2 insertions(+), 31 deletions(-) delete mode 100644 gnu/packages/patches/libseccomp-open-aarch64.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 2f0768f036..16d7cd9529 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1114,7 +1114,6 @@ dist_patch_DATA = \ %D%/packages/patches/libmpeg2-global-symbol-test.patch \ %D%/packages/patches/libmygpo-qt-fix-qt-5.11.patch \ %D%/packages/patches/libmygpo-qt-missing-qt5-modules.patch \ - %D%/packages/patches/libseccomp-open-aarch64.patch \ %D%/packages/patches/libsndfile-armhf-type-checks.patch \ %D%/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch \ %D%/packages/patches/libsndfile-CVE-2017-8362.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index a8b74bda22..489cd55e6e 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -5030,7 +5030,7 @@ (define-public mtd-utils (define-public libseccomp (package (name "libseccomp") - (version "2.4.2") + (version "2.4.3") (source (origin (method url-fetch) (uri (string-append "https://github.com/seccomp/libseccomp/" @@ -5038,8 +5038,7 @@ (define-public libseccomp "/libseccomp-" version ".tar.gz")) (sha256 (base32 - "0nsq81acrbkdr8zairxbwa33bj2a6126npp76b4srjl472sjfkxm")) - (patches (search-patches "libseccomp-open-aarch64.patch")))) + "07crwxqzvl5k2b90a47ii9wgvi09s9hsy5b5jddw9ylp351d25fg")))) (build-system gnu-build-system) (native-inputs `(("which" ,which))) diff --git a/gnu/packages/patches/libseccomp-open-aarch64.patch b/gnu/packages/patches/libseccomp-open-aarch64.patch deleted file mode 100644 index 6e62825892..0000000000 --- a/gnu/packages/patches/libseccomp-open-aarch64.patch +++ /dev/null @@ -1,27 +0,0 @@ -This patch fixes the build failure on AArch64 reported -at . - -From cc21c1b48d35f9d34ef2da0e184af3855bfeee5f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 20 Nov 2019 14:11:12 -0500 -Subject: [PATCH] tests: use openat instead of open - -On arm64, __NR_open is not defined, openat is always used. Let's use openat -instead, which is defined for architectures currently. ---- - tests/15-basic-resolver.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c -index 6badef1..4884faf 100644 ---- a/tests/15-basic-resolver.c -+++ b/tests/15-basic-resolver.c -@@ -55,7 +55,7 @@ int main(int argc, char *argv[]) - unsigned int arch; - char *name = NULL; - -- if (seccomp_syscall_resolve_name("open") != __NR_open) -+ if (seccomp_syscall_resolve_name("openat") != __NR_openat) - goto fail; - if (seccomp_syscall_resolve_name("read") != __NR_read) - goto fail; -- cgit v1.2.3 From ef617dedd28ffa5c32cf9e0ee2482ce32aa195f4 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 9 Mar 2020 22:41:01 +0100 Subject: gnu: csvkit: Update to 1.0.5. * gnu/packages/wireservice.scm (csvkit): Update to 1.0.5. [source]: Remove upstreamed patch. * gnu/packages/patches/csvkit-fix-tests.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/patches/csvkit-fix-tests.patch | 45 ----------------------------- gnu/packages/wireservice.scm | 8 ++--- 3 files changed, 4 insertions(+), 50 deletions(-) delete mode 100644 gnu/packages/patches/csvkit-fix-tests.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 16d7cd9529..a0e013aead 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -798,7 +798,6 @@ dist_patch_DATA = \ %D%/packages/patches/cpufrequtils-fix-aclocal.patch \ %D%/packages/patches/crawl-upgrade-saves.patch \ %D%/packages/patches/crda-optional-gcrypt.patch \ - %D%/packages/patches/csvkit-fix-tests.patch \ %D%/packages/patches/clucene-contribs-lib.patch \ %D%/packages/patches/cube-nocheck.patch \ %D%/packages/patches/cursynth-wave-rand.patch \ diff --git a/gnu/packages/patches/csvkit-fix-tests.patch b/gnu/packages/patches/csvkit-fix-tests.patch deleted file mode 100644 index cb9ec39cb0..0000000000 --- a/gnu/packages/patches/csvkit-fix-tests.patch +++ /dev/null @@ -1,45 +0,0 @@ -diff --git a/tests/test_utilities/test_csvsql.py b/tests/test_utilities/test_csvsql.py -index e6ec4af..4f47980 100644 ---- a/tests/test_utilities/test_csvsql.py -+++ b/tests/test_utilities/test_csvsql.py -@@ -197,7 +197,7 @@ class TestCSVSQL(CSVKitTestCase, EmptyFileTests): - utility.run() - output = output_file.getvalue() - output_file.close() -- self.assertEqual(output, 'a,b,c\n1,2,3\n0,5,6\n') -+ self.assertEqual(output, 'a,b,c\n1,2.0,3.0\n0,5.0,6.0\n') - - def test_no_prefix_unique_constraint(self): - self.get_output(['--db', 'sqlite:///' + self.db_file, '--insert', 'examples/dummy.csv', '--unique-constraint', 'a']) -diff --git a/tests/test_utilities/test_sql2csv.py b/tests/test_utilities/test_sql2csv.py -index a0c3d3e..babcfd6 100644 ---- a/tests/test_utilities/test_sql2csv.py -+++ b/tests/test_utilities/test_sql2csv.py -@@ -121,23 +121,23 @@ class TestSQL2CSV(CSVKitTestCase, EmptyFileTests): - input_file.close() - - def test_unicode(self): -- expected = self.csvsql('examples/test_utf8.csv') -+ self.csvsql('examples/test_utf8.csv') - csv = self.get_output(['--db', 'sqlite:///' + self.db_file, '--query', 'select * from foo']) -- self.assertEqual(csv.strip(), expected) -+ self.assertEqual(csv.strip(), 'foo,bar,baz\n1.0,2.0,3\n4.0,5.0,ʤ') - - def test_no_header_row(self): - self.csvsql('examples/dummy.csv') - csv = self.get_output(['--db', 'sqlite:///' + self.db_file, '--no-header-row', '--query', 'select * from foo']) - - self.assertTrue('a,b,c' not in csv) -- self.assertTrue('1,2,3' in csv) -+ self.assertTrue('1,2.0,3.0' in csv) - - def test_linenumbers(self): - self.csvsql('examples/dummy.csv') - csv = self.get_output(['--db', 'sqlite:///' + self.db_file, '--linenumbers', '--query', 'select * from foo']) - - self.assertTrue('line_number,a,b,c' in csv) -- self.assertTrue('1,1,2,3' in csv) -+ self.assertTrue('1,1,2.0,3.0' in csv) - - def test_wildcard_on_sqlite(self): - self.csvsql('examples/iris.csv') diff --git a/gnu/packages/wireservice.scm b/gnu/packages/wireservice.scm index eab76970f4..0d772b54d1 100644 --- a/gnu/packages/wireservice.scm +++ b/gnu/packages/wireservice.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2019 Pierre Langlois +;;; Copyright © 2020 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -198,17 +199,16 @@ (define-public python-agate-excel (define-public csvkit (package (name "csvkit") - (version "1.0.4") + (version "1.0.5") (source (origin (method url-fetch) (uri (pypi-uri "csvkit" version)) (sha256 (base32 - "1830lb95rh1iyi3drlwxzb6y3pqkii0qiyzd40c1kvhvaf1s6lqk")) - (patches (search-patches "csvkit-fix-tests.patch")))) + "1ffmbzk4rxnl1yhqfl58v7kvl5m9cbvjm8v7xp4mvr00sgs91lvv")))) (build-system python-build-system) (native-inputs - `(("python-psycopg2" ,python-psycopg2) ;; Used to test PostgreSQL support. + `(("python-psycopg2" ,python-psycopg2) ; to test PostgreSQL support ("python-sphinx" ,python-sphinx) ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme))) (inputs -- cgit v1.2.3 From 98619142b8c54287136216d0008871f9170a1808 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 9 Mar 2020 17:31:00 +0100 Subject: gnu: guile-next: Update to 3.0.1 with bug-fix for crash. * gnu/packages/guile.scm (guile-3.0): Update to 3.0.1 with "guile-3.0-crash.patch". * gnu/packages/patches/guile-3.0-crash.patch: New file. * gnu/local.mk (dist_patch_DATA): Use it. --- gnu/local.mk | 1 + gnu/packages/guile.scm | 8 ++++++-- gnu/packages/patches/guile-3.0-crash.patch | 17 +++++++++++++++++ 3 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/guile-3.0-crash.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index a0e013aead..99baddea92 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -977,6 +977,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ %D%/packages/patches/guile-2.2-default-utf8.patch \ %D%/packages/patches/guile-2.2-skip-oom-test.patch \ + %D%/packages/patches/guile-3.0-crash.patch \ %D%/packages/patches/guile-default-utf8.patch \ %D%/packages/patches/guile-gdbm-ffi-support-gdbm-1.14.patch \ %D%/packages/patches/guile-linux-syscalls.patch \ diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 3116f3c30a..1d9d93d774 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -292,14 +292,18 @@ (define-public guile-3.0 (package (inherit guile-2.2) (name "guile-next") ;to be renamed to "guile" - (version "3.0.0") + (version "3.0.1") (source (origin (inherit (package-source guile-2.2)) (uri (string-append "mirror://gnu/guile/guile-" version ".tar.xz")) (sha256 (base32 - "0x8ca6q1qdmk29lh12gj6ngvgn7kp79w42rxfgwrpxm9jmjqs4y9")))) + "1jakps3127h8g69ixgb4zwc8v2g29dmwql1vi3pwg30kzp8fm5nn")) + (patches + (append (search-patches "guile-3.0-crash.patch") + (origin-patches (package-source guile-2.2)))))) + (arguments (substitute-keyword-arguments (package-arguments guile-2.2) ;; XXX: On ARMv7, work around by disabling diff --git a/gnu/packages/patches/guile-3.0-crash.patch b/gnu/packages/patches/guile-3.0-crash.patch new file mode 100644 index 0000000000..510834ab57 --- /dev/null +++ b/gnu/packages/patches/guile-3.0-crash.patch @@ -0,0 +1,17 @@ +Fix crash due to: . + +diff --git a/libguile/struct.c b/libguile/struct.c +index 3dbcc71d4..ddcbe46d2 100644 +--- a/libguile/struct.c ++++ b/libguile/struct.c +@@ -139,7 +139,9 @@ set_vtable_access_fields (SCM vtable) + nfields = len / 2; + + bitmask_size = (nfields + 31U) / 32U; +- unboxed_fields = scm_gc_malloc_pointerless (bitmask_size, "unboxed fields"); ++ unboxed_fields = ++ scm_gc_malloc_pointerless (bitmask_size * sizeof (*unboxed_fields), ++ "unboxed fields"); + memset (unboxed_fields, 0, bitmask_size * sizeof(*unboxed_fields)); + + /* Update FLAGS according to LAYOUT. */ -- cgit v1.2.3 From c90c0bd53865dd76b5fa3a8a1cd42eea5a565e7a Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Mon, 9 Mar 2020 14:48:21 -0400 Subject: gnu: icecat: Update to 68.6.0-guix0-preview1 [security fixes]. Includes fixes for CVE-2019-20503, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, and CVE-2020-6814. * gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update. (icecat-source): Update gnuzilla commit, base version, and hashes. * gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version. --- gnu/packages/gnuzilla.scm | 12 ++++++------ gnu/packages/patches/icecat-makeicecat.patch | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'gnu/packages/patches') diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index fea50625b6..c69a4e7e03 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -554,8 +554,8 @@ (define* (computed-origin-method gexp-promise hash-algo hash #:system system #:guile-for-build guile))) -(define %icecat-version "68.5.0-guix0-preview1") -(define %icecat-build-id "20200211000000") ;must be of the form YYYYMMDDhhmmss +(define %icecat-version "68.6.0-guix0-preview1") +(define %icecat-build-id "20200309000000") ;must be of the form YYYYMMDDhhmmss ;; 'icecat-source' is a "computed" origin that generates an IceCat tarball ;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat' @@ -577,11 +577,11 @@ (define icecat-source "firefox-" upstream-firefox-version ".source.tar.xz")) (sha256 (base32 - "1ld6jinnln0si6p8qy93v5nzd21ckhl266vz425lwqipibwq9rsj")))) + "17qwfq9hwra8jarawy8k2sqfa6hdhwa9qk84ndr6gjvmxcy22a14")))) - (upstream-icecat-base-version "68.5.0") ; maybe older than base-version + (upstream-icecat-base-version "68.6.0") ; maybe older than base-version ;;(gnuzilla-commit (string-append "v" upstream-icecat-base-version)) - (gnuzilla-commit "2dc3c0bed6f8a41a8426ae66db92729af5c27c70") + (gnuzilla-commit "9dcb24d885eae5973eb2245b532b158c685d707a") (gnuzilla-source (origin (method git-fetch) @@ -593,7 +593,7 @@ (define icecat-source (string-take gnuzilla-commit 8))) (sha256 (base32 - "1xwr1xjs4j2i6skm8hknh37gzsd6r396n0lchbwlahig7w6z506y")))) + "1y3jmh055vmx44gsjgwxvwv3zcyvz8pc5mhgrwkzm0ybbwpp2pqi")))) (makeicecat-patch (local-file (search-patch "icecat-makeicecat.patch")))) diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch index beaddf9437..a90d7fdee8 100644 --- a/gnu/packages/patches/icecat-makeicecat.patch +++ b/gnu/packages/patches/icecat-makeicecat.patch @@ -25,7 +25,7 @@ index 8be2362..48716f2 100755 -wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc -gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 -gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc --echo -n 52e784f98a37624e8b207f1b23289c2c88f66dd923798cae891a586a6d94a6d1 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +-echo -n 2428213ceb75cb6772b3044d9c14870d1ae5b0161379aeb29248650e13761c9f firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - - -echo Extracting Firefox tarball -tar -xf firefox-${FFVERSION}esr.source.tar.xz @@ -37,7 +37,7 @@ index 8be2362..48716f2 100755 +# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc +# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 +# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc -+# echo -n 52e784f98a37624e8b207f1b23289c2c88f66dd923798cae891a586a6d94a6d1 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - ++# echo -n 2428213ceb75cb6772b3044d9c14870d1ae5b0161379aeb29248650e13761c9f firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +# +# echo Extracting Firefox tarball +# tar -xf firefox-${FFVERSION}esr.source.tar.xz -- cgit v1.2.3