When trying to inherit from the package which is no available in the
current module `make' may fail with issue to find the package, this
change convert the rlottie-for-telegram-desktop variant into independent
one.
* gnu/packages/telegram.scm (rlottie-for-telegram-desktop): Convert to
independate package.
[name]: Add it.
[arguments]: Copy from rlottie.
[native-inputs]: Likewise.
[description]: Add meaniglfull description of the package variant.
[license]: List mentioned in the project.
Change-Id: I5fd7209f9e03fe8071a8c55e413664745f85a2a8
Without these paths set, if they are unset in the environment, jobs that need
to read from/write to TEXMFVAR or TEXMFCONFIG will fail. If set, environment
variables take precedence.
* gnu/packages/tex.scm (texlive-libkpathsea): Add replacement, pointing to…
(texlive-libkpathsea/fixed): … this. Add definitions for XDG_CACHE_HOME and
XDG_CONFIG_HOME.
Reviewed-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
The exact same package is also defined in gnu/packages/telegram.scm
* gnu/packages/animation.scm (tgs2png): Remove variable.
* gnu/packages/emacs-xyz.scm: Add import (gnu packages telegram).
Change-Id: I53984b6ba0dbfe72e95ad0ec157b1c7b9ab81e15
Signed-off-by: Danny Milosavljevic <dannym@friendly-machines.com>
Contains fixes for:
CVE-2025-2817: Privilege escalation in Firefox Updater
CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for
macOS
CVE-2025-4083: Process isolation bypass using "javascript:" URI links
in cross-origin frames
CVE-2025-4085: Potential information leakage and privilege escalation
in UITour actor
CVE-2025-4086: Specially crafted filename could be used to obscure
download type
CVE-2025-4087: Unsafe attribute access during XPath parsing
CVE-2025-4088: Cross-site request forgery via storage access API
redirects
CVE-2025-4089: Potential local code execution in "copy as cURL"
command
CVE-2025-4090: Leaked library paths in Firefox for Android
CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird
138, Firefox ESR 128.10, and Thunderbird 128.10
CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird
138
* gnu/packages/librewolf.scm (librewolf): Update to 138.0.3-1.
* gnu/packages/patches/librewolf-compare-paths.patch: New file.
Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729
* gnu/packages/nss.scm (nss-rapid): Update to 3.110.
[phase 'check]: Use datefudge on 32-bit systems.
Change-Id: Ibdae3c70066a70cdde560c5d8f9bac797cd2cd99
* gnu/packages/guile.scm (guile-3.0)[arguments]: When building for MinGW,
relax gcc-14's strictness.
Change-Id: Ia94511273ab618d493bab428dbf3f6098276f289
* gnu/packages/crypto.scm (libxcrypt):[arguments]: When building for MinGW,
add CFLAGS to #:configure-flags to relax gcc's strictness and add a cache
value to #:configure-flags to help libtool build the shared library.
Change-Id: I60b67f8f1c77c949bcc902c4b388bc278585c81e
The import-gnu-release could crash with a "Wrong type (expecting pair): ()"
error, as seen when attempting to recursively refresh a package, e.g.:
$ guix refresh -r xdg-desktop-portal-gnome
It would crash on attempting to refresh 'bash-static'.
* guix/gnu-maintenance.scm (import-gnu-release): Guard against a potentially
empty VERSIONS list.
Change-Id: Ib4edb4b721e6053b09ef144a1b16fe23b35649b0
* gnu/packages/python-xyz.scm (python-slixmpp): Move from here ...
* gnu/packages/python-web.scm: ... to here.
Change-Id: I43511d6ebc6762ea84ae56966d62a0a10468e8b3
* gnu/packages/messaging.scm (poezio) [source]: Project has moved to
CodeBerg, adjust the source URL as seen on home page.
Change-Id: I77ae05237139c4beed11be206859fee5ca87b69e
* gnu/packages/python-xyz.scm (python-slixmpp) [source]: Project has
moved to CodeBerg, adjust the source URL as seen on home page.
Change-Id: I170cb8c2d42ef0cc97205e5e84851f261167a0f7
