From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: =?utf-8?Q?Let=E2=80=99s_freeze_and_bui?= =?utf-8?B?bGQg4oCYY29yZS11cGRhdGVz4oCZIQ==?= Date: Wed, 8 Mar 2017 00:43:40 -0500 Message-ID: <20170308054340.GA5881@jasmine> References: <87zihoizr4.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <87tw7wspwp.fsf@gnu.org> <87zihfwshj.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <20170221173201.GA9718@jasmine> <20170221174149.GA5944@jasmine> <87innmzrrt.fsf@gnu.org> <87lgsi60z5.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <87wpc2s9bn.fsf@gnu.org> <20170306222658.GA10869@jasmine> <87fuipchmc.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="4bRzO86E/ozDv8r1" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:53356) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1clUO2-0000YY-5N for guix-devel@gnu.org; Wed, 08 Mar 2017 00:43:47 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1clUNz-0007ey-1T for guix-devel@gnu.org; Wed, 08 Mar 2017 00:43:46 -0500 Content-Disposition: inline In-Reply-To: <87fuipchmc.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ludovic =?iso-8859-1?Q?Court=E8s?= Cc: guix-devel@gnu.org --4bRzO86E/ozDv8r1 Content-Type: multipart/mixed; boundary="C7zPtVaVf+AK4Oqc" Content-Disposition: inline --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 07, 2017 at 02:59:39PM +0100, Ludovic Court=C3=A8s wrote: > I guess it could be called =E2=80=98xorg-server-1.9.12=E2=80=99 and techn= ically inherit > from =E2=80=98xorg-server=E2=80=99 but override the version and source. I've attached patches updating xorg-server and creating a special package to be used for building GTK+. --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="0001-gnu-xorg-server-Update-to-1.19.2-fixes-CVE-2017-2624.patch" Content-Transfer-Encoding: quoted-printable =46rom 5e6cc8caaf7de4d8863f8f4ab64d8c9e7cbbfcaf Mon Sep 17 00:00:00 2001 =46rom: Leo Famulari Date: Fri, 3 Mar 2017 13:44:48 -0500 Subject: [PATCH 1/2] gnu: xorg-server: Update to 1.19.2 [fixes CVE-2017-262= 4]. * gnu/packages/xorg.scm (xorg-server): Update to 1.19.2. [native-inputs]: Add font-util, libtool, autoconf, and automake. [arguments]: Add 'bootstrap' phase. --- gnu/packages/xorg.scm | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index 31ea296d4..5c9300e20 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -4982,7 +4982,7 @@ over Xlib, including: (define-public xorg-server (package (name "xorg-server") - (version "1.19.1") + (version "1.19.2") (source (origin (method url-fetch) @@ -4991,7 +4991,7 @@ over Xlib, including: name "-" version ".tar.bz2")) (sha256 (base32 - "1yx7cnlhl14hsdq5lg0740s4nxqxkmaav38x428llv1zkprjrbkr")))) + "1fw4b2lf75nsqkiyhn95b1c2if1l3cw5a188a1szx1d8l7sbk2jg")))) (build-system gnu-build-system) (propagated-inputs `(("dri2proto" ,dri2proto) @@ -5050,7 +5050,12 @@ over Xlib, including: ("xcb-util-wm" ,xcb-util-wm))) (native-inputs `(("python" ,python-minimal-wrapper) - ("pkg-config" ,pkg-config))) + ("pkg-config" ,pkg-config) + ;; XXX Bootstrapping inputs for 1.19.2. Remove for > 1.19.2. + ("font-util" ,font-util) + ("libtool" ,libtool) + ("autoconf" ,autoconf) + ("automake" ,automake))) (arguments `(#:parallel-tests? #f #:configure-flags @@ -5077,6 +5082,10 @@ over Xlib, including: =20 #:phases (modify-phases %standard-phases + ;; XXX The 1.19.2 release of xorg-server was not bootstrapped: + ;; + (add-before 'configure 'bootstrap + (lambda _ (zero? (system* "autoreconf" "-vfi")))) (add-before 'configure 'pre-configure (lambda _ --=20 2.12.0 --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="0002-gnu-gtk-Build-GTK-with-its-own-xorg-server-package.patch" Content-Transfer-Encoding: quoted-printable =46rom 3601571063aa0317720d19d83f1cb42745abd5f8 Mon Sep 17 00:00:00 2001 =46rom: Leo Famulari Date: Wed, 8 Mar 2017 00:40:37 -0500 Subject: [PATCH 2/2] gnu: gtk+: Build GTK+ with its own xorg-server package. This will allow us to update xorg-server directly on the master branch. * gnu/packages/xorg.scm (xorg-server-1.19.2): New variable. * gnu/packages/gtk.scm (gtk+) [native-inputs]: Use xorg-server-1.19.2 inste= ad of xorg-server. (arguments): Add xorg-server-1.19.2 to #:disallowed-references. --- gnu/packages/gtk.scm | 7 +++++-- gnu/packages/xorg.scm | 16 ++++++++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index 92f399ecb..057c80859 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -689,9 +689,12 @@ application suites.") ("pkg-config" ,pkg-config) ("gobject-introspection" ,gobject-introspection) ("python-wrapper" ,python-wrapper) - ("xorg-server" ,xorg-server))) + ;; By using a special xorg-server for GTK+'s tests, we reduce the im= pact + ;; of updating xorg-server directly on the master branch. + ("xorg-server" ,xorg-server-1.19.2))) (arguments - `(;; 47 MiB goes to "out" (24 of which is locale data!), and 26 MiB go= es + `(#:disallowed-references (,xorg-server-1.19.2) + ;; 47 MiB goes to "out" (24 of which is locale data!), and 26 MiB go= es ;; to "doc". #:configure-flags (list (string-append "--with-html-dir=3D" (assoc-ref %outputs "doc") diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index 5c9300e20..bd8f38c39 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -5111,6 +5111,22 @@ communicates with the user via graphical controls su= ch as buttons and draggable titlebars and borders.") (license license:x11))) =20 +;;; This package is intended to be used when building GTK+. +(define-public xorg-server-1.19.2 + (package + (inherit xorg-server) + (name "xorg-server") + (version "1.19.2") + (source + (origin + (method url-fetch) + (uri (string-append + "mirror://xorg/individual/xserver/" + name "-" version ".tar.bz2")) + (sha256 + (base32 + "1fw4b2lf75nsqkiyhn95b1c2if1l3cw5a188a1szx1d8l7sbk2jg")))))) + (define-public xorg-server-xwayland (package (inherit xorg-server) --=20 2.12.0 --C7zPtVaVf+AK4Oqc-- --4bRzO86E/ozDv8r1 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAli/mgwACgkQJkb6MLrK fwjZVw/8CZh2FgP9FdopZsgfSbVc7PEKDO79C1bNjq0KXUyZ/sIK+o7ansn4cj4a pC352hfOC601+WJWO9jk9ya85KPkjWzukg6uOys9/J+ntQ2nr7Gf4BDiyGRDb8s5 JdT400PY47/5e9SuCCirysl04X+t/qQwX111GDNafrYdEwk4h6cnkRc/2WZyFeYi PLLVUxu3Q0fC1tchYLm8IKUWSHAbCBY24wB7abE022xL2D8uumYtfqH/AJ1AiEyo CpfZDH+i4xMWJp8CrKDrp8o+JWoQq4FrkrUvavSLRi/i2AC1H0JzfpYnyY0K1Wm2 SJOvSPjwyl/1d/KlqKzYhI9BdcUM/jwsjcUu3lVIR3/v6nrQ4tLjibO1LLK0XtFI C8jCjwDNWqA5VeZu24jJgxS4GQXggGg1pMpsvEowmafQQ4G9jy/ZC+N/yYLsZsAN CrtaxwtOsMejJF8g3/wOqR8SbXrWMfqHfjPwGzsnyxhqh/Fnh1hVAL4uRMenju8r rtoOb/n+AJ7pNADAXUXxzGRHY3axRJKGU8GX+G+0FoQ9hefUC96wXo0ab6a+GUv2 XlfrayfD2aAlUh8SJ2cWv5R8vurLasXW7Iik40B9At5GwjgfyAnSOG0RGl+7HgCe X4CuMRF9gsm9Pd/Obs9AYDGikvEa1jrGqYgio3cmAfVC0SHvpOQ= =S152 -----END PGP SIGNATURE----- --4bRzO86E/ozDv8r1--