Fixes CVE-2024-9936 and, in previous versions since 130.0.1, CVE-2024-9680,
CVE-2024-9391, CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9395,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, and CVE-2024-9403.
Upstream removed firefox.desktop files which can be generated from their mach
tool. However, this will try to download various dependencies. So, for now
at least, use a patch which reverts that commit so we can use the included
desktop file. In Arch, for example, they include a separate pre-generated
desktop file rather than doing this at build time.
* nongnu/packages/mozilla.scm (firefox): Update to 131.0.3.
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: Delete patch.
* nongnu/packages/patches/firefox-restore-desktop-files.patch: Add patch.
* nongnu/packages/wine.scm (winetricks)[inputs]: Use label-less style.
[arguments]: Use G-expressions.
<#:make-flags>: Replace '(assoc-ref %outputs "out")' with '#$output'.
<#:phases>: In 'wrap-program' and 'patch-perl-path', Replace
'(assoc-ref inputs ...)' with 'this-package-input'.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
This halves the size of the firmware collection from 1.1 GiB to 509 MiB.
* nongnu/packages/linux.scm (linux-firmware)[phases]: Override install phase.
[native-inputs]: Add zstd.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: New file.
* nongnu/packages/mozilla.scm (firefox)[source]<patches>: Add it.
(%firefox-build-id): Update.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
No visible version change but all the other Apple font packages got an
update to a newer internet archive timestamp so New York gets one too.
* nongnu/packages/fonts (font-apple-new-york): Update source archive.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (sof-firmware)[arguments]<#:install-plan>: Also
install sof-ace-tplg.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
Use it by launching Chrome with '--gtk-version=4'. (At the time of this
writing, at least; Google changes these flags often.)
* nongnu/packages/chrome (google-chrome):
[inputs]: Add gtk.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
* nongnu/packages/nvidia.scm (%nvidia-driver-hashes,%nvidia-settings-hashes):
New variables.
(nvidia-source,nvidia-settings): Use them.
(nvidia-source-hash): Delete procedure.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
This resolves the 'amdgpu [drm] *ERROR* dc_dmub_srv_log_diagnostic_data: DMCUB
error - collecting diagnostic data' visible in `dmesg' when using the
integrated GPU of an AMD 9950x CPU (see:
<https://lore.kernel.org/amd-gfx/Zo4Z2yCK4RrYtJKo@glanzmann.de/>).
* nongnu/packages/linux.scm (linux-firmware): Update to 20240909.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
%gnu-build-system-modules is deprecated, so let us use
%default-gnu-imported-modules instead as the warning suggests.
* nongnu/packages/dyalog.scm (dyalog-apl)[arguments]<#:modules>: Use
%default-gnu-imported-modules instead of %gnu-build-system-modules.
Signed-off-by: Jelle Licht <jlicht@fsfe.org>
%gnu-build-system-modules is deprecated, so let us use
%default-gnu-imported-modules instead as the warning suggests.
* nongnu/packages/mozilla.scm (firefox-esr)[arguments]<#:modules>: Use
%default-gnu-imported-modules instead of %gnu-build-system-modules.
Signed-off-by: Jelle Licht <jlicht@fsfe.org>
It is unclear why steam failed to build post-core-updates merge in Guix, with
errors like:
In guix/build/utils.scm:
761:4 0 (alist-cons-after patch-dot-desktop-files # #<procedur?> ?)
guix/build/utils.scm:761:4: In procedure alist-cons-after:
Throw to key `match-error' with args `("match" "no matching pattern" ())'.
The fix is to reorder and rename some phases which apparently don't exist.
* nongnu/packages/game-client.scm (steam-client)[arguments]<phases>: Reorder
the deletion of 'patch-dot-desktop-files to after 'patch-desktop-file (which
tried to add after this now deleted phases). Change the 'post-install phase
to add after 'install ('install-binaries doesn't exist').
This version of icu4c is in Guix and made public in
cf842e9b20b89ecb08ac3456a91780ec07b5a201. This also failed to build on the
core-updates nonguix build due to a test failure which should be fixed in Guix
with 7937c8827b8d23347a3159b4696335bd19fc17aa.
* nongnu/packages/mozilla.scm (icu4c-73): Delete variable.
