guix (1.4.0-3+deb12u2) bookworm-security; urgency=medium * debian/patches: Add patches to fix Build User Takeover Vulnerability. -- Vagrant Cascadian Tue, 05 Nov 2024 16:22:53 -0800 guix (1.4.0-3+deb12u1) bookworm-security; urgency=medium * debian/patches: guix-daemon: Protect against file descriptor escape when building fixed-output derivations (CVE-2024-27297). (Closes: #1066113) -- Vagrant Cascadian Wed, 17 Apr 2024 14:23:27 -0700 guix (1.4.0-3) unstable; urgency=medium * debian/rules: Fix syntax of /etc/guix/acl file. -- Vagrant Cascadian Fri, 21 Apr 2023 18:35:03 -0700 guix (1.4.0-2) unstable; urgency=medium * debian/rules: Add "bordeaux" substitute server to /etc/guix/acl. -- Vagrant Cascadian Thu, 20 Apr 2023 22:15:09 -0700 guix (1.4.0-1) unstable; urgency=medium * New upstream release. * debian/watch: Switch back to checking ftp.gnu.org. * debian/copyright: Update for 1.4.0. -- Vagrant Cascadian Sun, 18 Dec 2022 16:22:23 -0800 guix (1.4.0~rc2-1) unstable; urgency=medium * debian/control: Update versioned dependency on guile-json. * debian/watch: Add uversionmangle to handle release candidate versions. * debian/watch: Update comments regarding release candidate vs. release versions. * debian/watch: Look for release candidate versions. * debian/source/lintian-overrides: Override source-is-missing and source-contains-prebuilt-javascript-object. * debian/control: Enable building on riscv64. * debian/patches: Remove fix-missing-sanity-check-next.py, fixed upstream. -- Vagrant Cascadian Sun, 11 Dec 2022 11:07:18 -0800 guix (1.4.0~rc1-2) experimental; urgency=medium * debian/patches: Add missing sanity-check-next.py file not present in rc1 tarball. * debian/patches: Re-enable more tests. * debian/control: Update dependencies to guile-ssh 0.16.0. -- Vagrant Cascadian Sun, 04 Dec 2022 18:57:28 -0800 guix (1.4.0~rc1-1) experimental; urgency=medium * debian/patches: Refresh for 1.4.0~rc1. * Revert "debian/patches: Disable 32-bit test failures." * debian/patches: Refresh another patch for 1.4.0~rc1. * debian/copyright: Update for 1.4.0~rc1. * debian/patches: Add patches to skip tests broken with "scm_to_utf8_stringn" guile issues. * debian/control: Update dependency on guile-gcrypt to 0.4.0. -- Vagrant Cascadian Fri, 02 Dec 2022 23:28:46 -0800 guix (1.3.0+26756.c07b5-2) experimental; urgency=medium * debian/copyright: Update MIT -> Expat. * debian/patches: Disable 32-bit test failures. -- Vagrant Cascadian Mon, 31 Oct 2022 13:32:30 -0700 guix (1.3.0+26756.c07b5-1) experimental; urgency=medium * New upstream git snapshot 1.3.0+26756.c07b5 from commit c07b55eb94f8cfa9d0f56cfd97a16f2f7d842652 * debian/patches: Disable more tests requiring bootstrap binaries. -- Vagrant Cascadian Wed, 26 Oct 2022 13:05:58 -0700 guix (1.3.0+26720.a2e4e-1) experimental; urgency=medium * New upstream git snapshot from commit a2e4e3489b4fdec6e270c93fcd9724abe983217e. * debian/copyright: Updated for new version. * debian/patches: Refresh patches. * debian/control: Add locales-all to Build-Depends. * debian/patches: Disable tests that depend on network and bootstrap binaries. * Add lintian override for spelling errors in "guix lint". * Install guix-gc service in examples. * debian/patches: Disable test of "guix hash -S git" which depends on "disarchive" which is not yet in Debian. * debian/patches: Re-adjust patches to use the _guixbuild group. * debian/control: Update to Standards-Version 4.6.1. * debian/patches: Remove tests-Ensure-test-OpenPGP-keys-never-expire, applied upstream. * Update lintian overrides for new lintian. * debian/patches: Skip git related tests with unknown failures. * debian/control: Update versioned Build-Depends on guile-ssh to 0.15.1 and guile-json 4.7. -- Vagrant Cascadian Tue, 25 Oct 2022 16:40:35 -0700 guix (1.3.0-5) unstable; urgency=medium * debian/patches: Remove expiration dates on openpgp keys used in test suite. (Closes: #1011863) * debian/patches: Use C.UTF-8 locale for guix-daemon and guix-publish. Thanks to Maxime Devos. (Closes: #1012536) * debian/control: Add ca-certificates to Recommends. Thanks to Felix Lechner. (Closes: #1010930) * debian/control: Recommend less. Thanks to Taiju HIGASHI. (Closes: #1012405) -- Vagrant Cascadian Wed, 08 Jun 2022 19:42:49 -0700 guix (1.3.0-4) unstable; urgency=medium * Upload to unstable. -- Vagrant Cascadian Sun, 19 Dec 2021 19:49:34 -0800 guix (1.3.0-3) experimental; urgency=medium * Update to guile 3.0. -- Vagrant Cascadian Wed, 08 Sep 2021 17:55:59 -0700 guix (1.3.0-2) unstable; urgency=medium * debian/patches: Adjust openrc script to use /usr/bin/guix-daemon and the _guixbuild group. * debian/control: Update Standards-Version to 4.6.0, no changes. * debian/control: Add Build-Depends on guile-semver. -- Vagrant Cascadian Wed, 08 Sep 2021 16:49:58 -0700 guix (1.3.0-1) experimental; urgency=medium * New upstream version 1.3.0 * debian/copyright: Updates for new release. * debian/control: Update versioned dependencies on guile-git. * debian/rules: Force the test suite to run under C.UTF-8 locale. * debian/watch: Add comment regarding Release Candidates, which are hosted at a different location. * debian/control: Update guile-json dependencies to 4.5.2. * debian/patches: Drop patches disabling swh tests, fixed in 1.3.0. -- Vagrant Cascadian Wed, 12 May 2021 21:01:11 -0700 guix (1.3.0~rc1-1) experimental; urgency=medium * debian/control: Add versioned Build-Depends/Depends on guile-zlib 0.1.0. * debian/control: Add Build-Depends on guile-zstd. * debian/control: Add Build-Depends on guile-library. * debian/copyright: Update for new upstream version. * debian/changelog: Fix "when when" typo in version 1.1.0+67260.9e2523-2. * debian/control: Update Standards-Version to 4.5.1. * debian/control: Drop explicit branch from Vcs-Git, it is now the default branch. * debian/patches: Remove patch to avoid embedding build path in gnu/ci.scm, fixed upstream. * debian/patches: Refresh guix-services-from-usr-bin * debian/patches: Refresh fix-version-string. * debian/patches: Remove security patch to guix-daemon, applied upstream. * debian/control: Enable building on ppc64el. * debian/patches/series: Disable patches to prepare to rebase them. * debian/patches: Refresh patches against new upstream version. * debian/patches: Disable several more tests requiring network. * debian/patches: Fix disabling of swh test. * debian/upstream/signing-key.asc: Add key for Maxim Cournoyer. -- Vagrant Cascadian Fri, 30 Apr 2021 23:09:54 -0700 guix (1.2.0-4) unstable; urgency=medium * debian/patches: Fix privilege escalation issue in guix-daemon. (Closes: #985467) * debian/patches: Update init script to fix guix-daemon path. Thanks to florine forine. (Closes: #983248) * Add README.Debian documenting running with sysvinit and describing differences with other methods of installing guix. (Closes: #983248) * debian/patches: Adjust init script to use the _guixbuild group. * sysusers.d/guix-daemon.conf: Explicitly create _guixbuild group to workaround a bug in opensysusers. * Install /etc/profile.d/guix.sh to ensure proper functioning of guix profiles. (Closes: #985916) -- Vagrant Cascadian Sat, 27 Mar 2021 19:18:29 -0700 guix (1.2.0-3) unstable; urgency=medium * Upload to unstable. * Fix lintian overrides to be independent of architecture or guile version. -- Vagrant Cascadian Fri, 22 Jan 2021 18:29:29 -0800 guix (1.2.0-2) experimental; urgency=medium * debian/patches: Add description for skip-use-of-bootstrap-binary. * debian/patches: Patch init script to use /usr/bin/guix-daemon. * debian/patches: Patch init script to use /lib/lsb/init-functions. * debian/rules: Disable parallel builds, as guile may embed the names of files being concurrently compiled into each resulting binary. * Add lintian overrides for various false positives about spelling, man pages, license files, and documentation. * sysusers.d/guix-daemon.conf: Quote the GECOS field. * debian/control: Update Build-Depends/Depends to guile-git 0.4.0-2. * debian/patches: Reenable tests that break with guile-git built against old libgit2 version. * debian/control: Drop Build-Depends and Depends on libgit2-dev, as this is pulled in from the versioned guile-git dependency. * debian/control: Update guile-gcrypt version that Depends on libgcrypt-dev. * debian/control: Update Build-Depends and Depends to versions of guile-sqlite3 that Depend on libsqlite3-dev. * debian/patches: Add patch to remove embedded build path. * Switch to guile-2.2. * debian/patches: Disable container tests. * debian/patches: Disable guix environment test for containers. * debian/patches: Disable syscall tests relying on user namespaces. * debian/patches: Disable lint tests that fail with guile-2.2. * debian/patches: Disable software heritage tests that fail with guile-2.2. -- Vagrant Cascadian Thu, 21 Jan 2021 00:00:05 -0800 guix (1.2.0-1) experimental; urgency=medium [ Vagrant Cascadian ] * New upstream version 1.2.0 * debian/copyright: Update for 1.2.0. * debian/patches: - Use proper comments in patch for tests/graph.scm, and drop patch disabling tests/graph.scm. - Disable some channels tests due to failures on 32bit architectures. * debian/rules: Pass GZIP and BZIP2 in the configure target to avoid embedding different paths on usrmerge systems. * debian/control: Bump versioned Build-Depends on libgit2-dev >= 1.0.1. -- Vagrant Cascadian Mon, 23 Nov 2020 12:52:35 -0800 guix (1.2.0~rc2-1) experimental; urgency=medium * sysusers.d/guix-daemon.conf: Fix spelling of "empty" in home directories (Closes: #974818). Thanks to Axel Beckert. * debian/patches: Disable script using bootstrap binaries. * debian/patches: Update tests-that-fail-with-tilde-in-build-path, partly fixed upstream. * debian/copyright: Refresh for 1.2.0~rc2. -- Vagrant Cascadian Wed, 18 Nov 2020 15:40:40 -0800 guix (1.2.0~rc1-2) experimental; urgency=medium * debian/guix.postinst: Only call systemd-sysusers if installed. (Closes: #974751). Thanks to Axel Beckert. * debian/control: - Recommend systemd for systemd-sysusers command. - Build-Depends/Depends: Allow slightly older versions of guile-gnutls. * debian/rules: Adjust guix architecture for armhf. -- Vagrant Cascadian Sat, 14 Nov 2020 20:06:42 -0800 guix (1.2.0~rc1-1) experimental; urgency=medium * debian/control: - Depends on libgit2-dev >= 1.0. - Recommend nscd. - Restrict architecture to amd64 arm64 armhf i386. * debian/rules: - Increase verbosity of test suite. - Add a default /etc/guix/acl. * debian/patches: - Disable tests that fail when build path contains a tilde. * debian/guix.postinst: - Run systemd-sysusers. -- Vagrant Cascadian Fri, 13 Nov 2020 19:27:03 -0800 guix (1.1.0+67260.9e2523-2) experimental; urgency=medium * debian/control: - Update description. Thanks to Paul Wise! - Add git and gnupg to Build-Depends for tests. - Update Vcs-* headers. * debian/patches: - Drop ineffective patch to use /bin/guile. - Drop patch to tests using git, was fixed upstream. - Update patches to disable tests when network is unavailable. - Disable some non-deterministic tests. * debian/rules: - Disable network tests by passing RES_OPTIONS=attempts:0 instead of bespoke variable, effectively disabling hostname resolution. Thanks to jwilk! - Copy copy system binaries for tests, to avoid downloading bootstrap binaries over the network. - Disable parallelism in dh_auto_test. * Add lintian override for wrong-path-for-interpreter. -- Vagrant Cascadian Wed, 11 Nov 2020 17:21:48 -0800 guix (1.1.0+67260.9e2523-1) experimental; urgency=medium * Initial release. Closes: #850644. * git snapshot from commit 9e2523c25f7b8d6e8c29c679ad899703a120eed8. -- Vagrant Cascadian Sat, 07 Nov 2020 16:27:55 -0800