Includes fixes for CVE-2020-6463, CVE-2020-6514, CVE-2020-15652, and
CVE-2020-15659.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
This version tracks emacs-spaceline from git... the latest stable release is
several years old and has various bugs related to the ERC track bar, amongst
other things.
* gnu/packages/emacs-xyz.scm (emacs-spaceline-next): New variable.
Previously it would silently fail to create the /gnu/store symlink when
the host has a read-only /gnu as is the case in these tests.
* gnu/packages/aux-files/run-in-namespace.c (exec_with_loader): Unlink
the ancestor of ORIGINAL_STORE under NEW_ROOT. Check the return value
of 'symlink' when creating NEW_STORE.
* tests/guix-pack-relocatable.sh: Check the contents of the store as
seen by the wrapped executable, with all three engines, and with both
"/gnu" and "/gnu/store" erased.
Fixes <https://bugs.gnu.org/42558>.
Until now, loading 'pack-audit.so' in a truly non-Guix environment would
usually fail because 'pack-audit.so' depends on 'libgcc_s.so' and
'libc.so', none of which could be found.
Furthermore, the test was not working as expected: the trick
unshare -mrf sh -c 'mount -t tmpfs none /gnu ; ...'
would allow the fakechroot engine to make its store available as
/gnu/store as a result of another bug.
* gnu/packages/aux-files/run-in-namespace.c (relocated_search_path): New
function.
(exec_with_loader): Pass "--library-path" to the loader.
* guix/scripts/pack.scm (wrapped-package)[build](runpath): New procedure.
(elf-loader-compile-flags): Pass "-DLOADER_AUDIT_RUNPATH".
* tests/guix-pack-relocatable.sh: Remove 'STORE_PARENT'.
(run_without_store): New function. Erase $NIX_STORE_DIR instead of
$STORE_PARENT.
Use 'run_without_store' throughout.
scandir* uses readdir, which means that the file type property can be 'unknown
if the underlying file-system does not support d_type. Make sure to fallback
to lstat in that case.
Fixes: https://issues.guix.gnu.org/issue/42579.
* guix/store/deduplication.scm (deduplicate): Handle the case where properties
is 'unknown because the underlying file-system does not support d_type.
* doc/guix.texi (Writing Channel News): Explain the issue with using the .scm
extension and possible workarounds; fix the example to use the .txt extension instead.
There were still two tests failing on aarch64-linux:
1. rotated-rect-test,
2. ellipse-test.
The first one was removed along with the RotatedRect class in latest upstream,
while the second one is yet numerical accuracy related. It gets fixed by
updating the already existing 'lib2geom-fix-tests' patch.
* gnu/packages/graphics.scm (lib2geom): Bump revision to "2", and update
commit hash to the latest one available.
* gnu/packages/patches/lib2geom-fix-tests.patch: Update patch.
Fixes <https://bugs.gnu.org/42504>.
Reported by Alexandru-Sergiu Marton <brown121407@posteo.ro>.
* guix/upstream.scm (package-update/url-fetch): Handle the case where the
file name has no extension.
