Fixes CVE-2022-40982, CVE-2022-41804 and CVE-2023-23908.
* nongnu/packages/linux.scm (intel-microcode): Update to 20230808.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
Fix launching signal-desktop via its .desktop file (e.g. in a desktop
environment or launcher). This also affects element-desktop (to be fixed in
next commit).
Fixes#274.
* nongnu/packages/messaging.scm (signal-desktop)[phases]{unpack}: Fix the
.desktop file binary location to be 'bin' rather than 'lib/Signal'.
Inherited hplip package was updated to 3.23.5 in commit
57fe5b2338dfbb150d3921e9da3d9719fef6c9d9 of guix.
* nongnu/packages/printers.scm (hplip-plugin)[native-inputs]: Update sha256
hash for hplip-plugin.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
Adding linux@6.4 but not changing the default linux to this version until
upstream does as well.
* nongnu/packages/linux.scm (linux-6.4): New variable.
* nongnu/packages/firmware.scm (dump-file-chunk): New function.
(facetimehd-firmware): New variable.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-xanmod-lts-version,linux-xanmod-lts-source):
Update to 6.1.38.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-xanmod-version,linux-xanmod-source): Update
to 6.4.3.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/electron.scm (define-module): Remove no longer
required modules
(electron)[build-system]: Use chromium-binary-build-system.
[patchelf-plan]: Drop it since the build system figures it out from the
wrapper plan;
[wrapper-plan]: New argument;
[phases]: Adjust to chromium-build-system;
[inputs]: Drop the inputs provided by the build system.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/engineering.scm (lycheeslicer) [build-system]: Use
chromium-binary-build-system;
[patchelf-plan]: Drop it since the build system figures it out from the
wrapper plan;
[wrapper-plan]: New argument;
[phases]: Adjust to chromium-build-system;
[inputs]: Drop the inputs provided by the build system.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/messaging.scm (signal-desktop) [build-system]: Use
chromium-binary-build-system;
[patchelf-plan]: Drop it since the build system figures it out from the
wrapper plan;
[wrapper-plan]: New argument;
[phases]: Adjust to chromium-build-system;
[inputs]: Drop the inputs provided by the build system.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/messaging.scm (element-desktop) [build-system]: Use
chromium-binary-build-system;
[patchelf-plan]: Drop it since the build system figures it out from the
wrapper plan;
[wrapper-plan]: New argument;
[phases]: Adjust to chromium-build-system;
[inputs]: Drop the inputs provided by the build system.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/chrome.scm (make-google-chrome) [patchelf-inputs]:
Drop them since the build system adds all inputs to the patchelf plan;
[build-system]: Use chromium-binary-build-system;
[patchelf-plan]: Drop it since the build system figures it out from the
wrapper plan;
[wrapper-plan]: New argument;
[phases]: Adjust to chromium-build-system;
[inputs]: Drop the inputs provided by the build system.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/ncurses.scm (ncurses-rollup-patch): New variable.
(ncurses-5): Backport changes from upstream guix repo. Note that ncurses-5
fails to build with the new C++17 default, so we also need to explicitly force
C++11.
(ncurses/tinfo-5): Use gexp and remove outdated comment.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-xanmod-lts-version)
(linux-xanmod-lts-revision,linux-xanmod-lts-source,linux-xanmod-lts): New
variables.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
There is a warning spammed about missing 'xdg-user-dir' which doesn't seem to
cause any problems but let's add the missing input just in case.
* nongnu/packages/steam-client.scm (steam-client-libs): Add xdg-user-dirs.
This is needed to fix `guix pull' on non-x86 platforms.
* nongnu/packages/nvidia.scm (nvidia-driver)[arguments]: Add catch-all for
match install-plan.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
nonguix: Make container actually respect the ngc-shared and ngc-exposed fields.
* nongnu/packages/steam-client.scm (steam-container): New variable. This is to
export the container definition from steam.
(steam-nvidia-container): New variable. This is the container for steam-nvidia
and now inherits from steam-container.
(steam, steam-nvidia): Container definitions moved to steam-container and
steam-nvidia-container.
* nonguix/multiarch-container.scm (make-container-wrapper): Add ngc-exposed and
ngc-shared to expose and share lists.
Signed-off-by: ison <ison@airmail.cc>
The linux-lts commit introduced a breaking change by referring to the
nonexistent linux-libre-arm64-generic package variants. Even before that all
of nonguix's linux-arm64-generic package variants were based on the same
kernel version.
* nongnu/packages/linux.scm (linux-arm64-generic-6.0): Remove package variant.
(linux-arm64-generic-5.15): Ditto.
(linux-arm64-generic-lts): Ditto.
(linux-arm64-generic-5.10): New package variant.
(linux-arm64-generic-5.4): New package variant.
(linux-arm64-generic): Match version to most recent kernel in guix.
6.1 is the newest long-term support version of the kernel.
* nongnu/packages/linux.scm (linux-lts): Use linux-6.1
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (rtl8812au-aircrack-ng-linux-module): Update
to 5.6.4.2-11.35308f4.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Fixes CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208,
CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212,
CVE-2023-32213, CVE-2023-32214, CVE-2023-32215, CVE-2023-32216 and
MFSA-TMP-2023-0002.
* nongnu/packages/mozilla.scm (firefox): Update to 113.0.
(rust-firefox): Set to `rust` as this is now `rust-1.67`.
The needed library libstdc++ was no longer found with the gcc updates in Guix.
* nongnu/packages/messaging.scm (signal-desktop)[inputs]: Remove gcc:lib. Add
libgccjit and libstdc++.
[phases]{wrap-where-patchelf-does-not-work}: Adjust for these inputs.
* nongnu/packages/steam-client.scm (steam-client-libs): Rename
fontconfig-fixed to fontconfig. The upstream bug has not been fixed but expat
has been ungrafted in core-updates so we no longer need to rewrite fontconfig.
Remove fontconfig-fixed as expat/fixed no longer exists in core-updates.
Piggy-back off of the patch list in Nixpkgs instead of maintaining our
own. This should make it easier to keep up to date so there's no need to
advise users to stick with Linux LTS releases any longer.
Though our existing patch list and Nixpkgs' differ the cumulative effect
is exactly the same except for two patches we have that Nix doesn't,
neither of which seem critical:
- broadcom-sta-debian-fix-kernel-warnings.patch
- broadcom-sta-fix_mac_profile_discrepancy.patch
Closes#246
* nongnu/packages/linux.scm (broadcom-sta): Replace patches
with code to fetch them from Nixpkgs.
[arguments]: Replace `linux-lts` with `linux`.
[description]: Remove Linux LTS recommendation.
* nongnu/packages/patches/broadcom-sta-debian-fix-kernel-warnings.patch: Remove.
* nongnu/packages/patches/broadcom-sta-fix_mac_profile_discrepancy.patch: Remove.
* nongnu/packages/patches/broadcom-sta-gcc.patch: Remove.
* nongnu/packages/patches/broadcom-sta-license.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.11.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.12.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.15.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.7.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.8.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.1.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.10.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.6.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.9.patch: Remove.
* nongnu/packages/patches/broadcom-sta-null-pointer-fix.patch: Remove.
* nongnu/packages/patches/broadcom-sta-rdtscl.patch: Remove.
* README.org (Broadcom Wireless): Removed recommendation from
Broadcom Wireless section.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
There is a long list of libraries for LD_LIBRARY_PATH that could be refactored
into a LET form, but alas could not figure out with the many quotes and gexps
how right now. Or aomhost may only need a subset of these.
* nongnu/packages/messaging.scm (zoom)[patchelf-plan]: Add aomhost.
[phases]{wrap-where-patchelf-does-not-work}: Wrap it.
Adding linux@6.2 but not changing the default linux to this version until
upstream does as well.
* nongnu/packages/linux.scm (linux-6.2): New variable.
This allows access to the "configs" keyword argument from the 'corrupt-linux'
procedure. This simplifies creation of kernels with custom modules.
* nongnu/packages/linux.scm (corrupt-linux): Add 'configs' argument.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-firmware)[source]: Use mirror://kernel.org
instead and switch to xz compressed tarball.
Downloading tarball from https://git.kernel.org is
too slow in some country.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/wasm.scm (llvm-monorepo): New variable.
(wasm32-wasi-libcxx): Update to 15.
[source]: Use llvm-monorepo.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/wasm.scm (wasm32-wasi-clang-runtime): Update to 15.
[native-inputs]: Use clang-15.
[inputs]: Use llvm-15.
[arguments]<#:configure-flags>: Adapt path to LLVM monorepo.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-urls): Rename to ...
(linux-url): ... this. Return single url with mirror prefix like guix does.
(corrupt-linux): Use implementation details to dig up original hash of
upstream linux kernel sources.
It was already present as revision 8.
* nongnu/packages/linux.scm (rtl8821ce-linux-module)[revision]: Raise to 9.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (rtl8812au-aircrack-ng-linux-module): Update to
5.6.4.2-10.08589e2.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>