* gnu/packages/package-management.scm (toys): Update to 0.1.1.
[arguments]<#:phases>{set-load-paths-in-entry-point}: Substitute on
the ';;@load-paths@' marker.
Change-Id: I5b018e54ab37c2ec5c851352fa33a638b41ab849
* gnu/packages/rust.scm (rust-1.94)[arguments]: Use new 'install phase
with the rmeta files not removed.
Fixes: guix/guix#8082
Change-Id: I2ec26aea7fb6e0c91cacf57787e5c15e7a154bff
The memory requirements seem to have increased, the test now consistently
fails with 1.2 GB.
Change-Id: I766cbe75fa6f09e513157f6f9e954dd2502d8c7a
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Merges: #6248
The desktop install tests are currently failing due to lack of packages in
their store. These packages have been added in b01968f654.
* gnu/tests/install.scm
(%extra-packages): Renamed to %extra-encrypted-packages.
(%extra-encrypted-packages): New variable.
(%extra-desktop-packages): New variable.
(%extra-mandb-packages): New variable.
(installation-os-for-gui-tests): Use them in packages.
Change-Id: Ib49fd65651e94bfd05215773eef5046064d7815a
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
This is a followup of 7e7487166b.
* gnu/build/file-systems.scm (canonicalize-device-spec):
Do not wait for bcachefs multi-devices such as /dev/sda1:/dev/sdb1.
Fixes: #7647
Change-Id: I1b1228cc2040a9f76a984efe4f7f4c69b17f66e9
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Merges: #7685
Fixes CVEs:
2026-6296: Heap buffer overflow in ANGLE. Reported by cinzinga.
2026-6297: Use after free in Proxy. Reported by heapracer.
2026-6298: Heap buffer overflow in Skia.
Reported by 86ac1f1587b71893ed2ad792cd7dde32.
2026-6299: Use after free in Prerender. Reported by Google.
2026-6358: Use after free in XR. Reported by Jihyeon Jeong
(Compsec Lab, Seoul National University / Research Intern).
2026-6359: Use after free in Video.
Reported by 86ac1f1587b71893ed2ad792cd7dde32.
2026-6300: Use after free in CSS.
Reported by c6eed09fc8b174b0f3eebedcceb1e792.
2026-6301: Type Confusion in Turbofan. Reported by qymag1c.
2026-6302: Use after free in Video. Reported by Syn4pse.
2026-6303: Use after free in Codecs. Reported by Google.
2026-6304: Use after free in Graphite. Reported by Google.
2026-6305: Heap buffer overflow in PDFium.
Reported by 86ac1f1587b71893ed2ad792cd7dde32.
2026-6306: Heap buffer overflow in PDFium.
Reported by 86ac1f1587b71893ed2ad792cd7dde32.
2026-6307: Type Confusion in Turbofan.
Reported by Project WhatForLunch (@pjwhatforlunch).
2026-6308: Out of bounds read in Media. Reported by Google.
2026-6309: Use after free in Viz. Reported by Google.
2026-6360: Use after free in FileSystem. Reported by asjidkalam.
2026-6310: Use after free in Dawn. Reported by Google.
2026-6311: Uninitialized Use in Accessibility. Reported by Google.
2026-6312: Insufficient policy enforcement in Passwords.
Reported by Google.
2026-6313: Insufficient policy enforcement in CORS.
Reported by Google.
2026-6314: Out of bounds write in GPU. Reported by Google.
2026-6315: Use after free in Permissions. Reported by Google.
2026-6316: Use after free in Forms. Reported by Google.
2026-6361: Heap buffer overflow in PDFium. Reported by Google.
2026-6362: Use after free in Codecs.
Reported by c6eed09fc8b174b0f3eebedcceb1e792.
2026-6317: Use after free in Cast. Reported by Google.
2026-6363: Type Confusion in V8. Reported by Google.
2026-6318: Use after free in Codecs. Reported by Syn4pse.
2026-6319: Use after free in Payments. Reported by pwn2addr.
2026-6364: Out of bounds read in Skia.
Reported by Google Threat Intelligence.
CVE-2026-6919: Use after free in DevTools.
Reported by c6eed09fc8b174b0f3eebedcceb1e792.
CVE-2026-6920: Out of bounds read in GPU.
Reported by tatiwari of Microsoft.
CVE-2026-6921: Race in GPU. Reported by soiax.
See:
<https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html>
and
<https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_22.html>
* gnu/packages/chromium.scm (%chromium-version): Update to 147.0.7727.116.
(%ungoogled-origin, %debian-origin): Update hashes.
(ungoogled-chromium) [arguments] <#:configure-flags>: Add
build_tflite_with_xnnpack flag and set it to false. Without this flag the
build is unable to locate pthreadpool.h. See:
services/webnn/webnn_graph_builder_impl.cc.
<#:phases> {include-pthreadpool}: Remove this workaround phase.
{install}: Fix regexes to the manpage and desktop file which were not
matching anymore.
Closes: guix/guix#7949
Change-Id: I4c3d58b72fc804b96137833e1e4c3060b314560d
Signed-off-by: Andreas Enge <andreas@enge.fr>
* gnu/packages/benchmark.scm (kdiskmark): Update to 3.2.0.
[build-system]: Switch to qt-build-system.
[arguments]<#:qtbase>: Set to qtbase.
<#:configure-flags>: Remove unused flag.
<#:phases>: In 'patch-paths phase, symlink to the source of single-application
instead of single-application-qt5.
[inputs]: Remove polkit-qt, qtbase-5, and single-application-qt5; add
polkit-qt6, single-application, and qtwayland.
[native-inputs]: Remove qttools-5; add qttools.
Change-Id: I8931f00a77f1bac9116938a570068b9025579bc7
* gnu/packages/dlang.scm (ldc)[native-inputs]:
Switch to using modify-inputs macro.
Change-Id: I65a66ec393f34f6463285b55112b70169a9cd6e7
Reviewed-by: Nicolas Graves <ngraves@ngraves.fr>
Signed-off-by: Nguyễn Gia Phong <cnx@loang.net>
* gnu/packages/golang-xyz.scm
(go-github-com-hashicorp-go-immutable-radix-v2)[propagated-inputs]:
Refer to inherited field value. Indent.
Change-Id: Ibb597d68ba6d754d0db740b659b7b379e23a81e7
Reviewed-by: Nicolas Graves <ngraves@ngraves.fr>
Signed-off-by: Nguyễn Gia Phong <cnx@loang.net>
Includes fixes for CVE-2026-7320, CVE-2026-7321, CVE-2026-7322,
and CVE-2026-7323.
* gnu/packages/gnuzilla.scm (%icecat-base-version, %icecat-build-id): Update.
(icecat-source): Update 'gnuzilla-commit' and hashes.
* gnu/packages/kde-utils.scm (kate): Unbundle SingleApplication.
[source]: Add snippet to delete the bundled SingleApplication and patch source
files in order to use the system single-application.
[inputs]: Add single-application.
[arguments]<#:phases>: Add 'link-single-application phase.
Change-Id: Ie10164dab77c8629028907bdc12ac8aef88d2a68
Closes: guix/guix#5928
* packages/patches/cvc5-symfpu-compatibility.patch: New patch.
* gnu/local.mk (dist_patch_DATA) Register it.
* gnu/packages/maths.scm (cvc5)[patches]: Use it.
Change-Id: Ie8b9b24efed45365a1e974396d6e3d9c5367bf1e
Also export guix-data-service-extra-options and
guix-data-service-extra-process-jobs-options since this was missed previously.
* gnu/services/guix.scm (<guix-data-service-configuration>): Add
extra-environment-variables and extra-process-jobs-environment-variables.
(guix-data-service-shepherd-services): Use them.
* doc/guix.texi (Guix Services): Document them.
Change-Id: I60f1371a86a01c4fb3dbde204dba84b9a8657ace
Hilton Chain