"Ashish SHUKLA" <ashish.is@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.
Received: (at 78302) by debbugs.gnu.org; 11 Jun 2025 22:18:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 11 18:18:19 2025
Received: from localhost ([127.0.0.1]:52884 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1uPTly-0002Dm-UU
for submit <at> debbugs.gnu.org; Wed, 11 Jun 2025 18:18:19 -0400
Received: from anamika.lostca.se ([65.21.75.227]:41422)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>)
id 1uPTlw-0002Ca-Do
for 78302 <at> debbugs.gnu.org; Wed, 11 Jun 2025 18:18:17 -0400
Received: from localhost.localdomain
(2a02-9140-3881-5400-004b-3467-835f-7892.red-2a02-914.customerbaf.ipv6.rima-tde.net
[IPv6:2a02:9140:3881:5400:4b:3467:835f:7892])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested) (Authenticated sender: abbe)
by anamika.lostca.se (Postfix) with ESMTPSA id D6DE42886E;
Wed, 11 Jun 2025 22:18:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika;
t=1749680290;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=f71+NugiB5c+j4oiOlD2HMqO33Myz28AbC/UeLb6QQc=;
b=EUfqA3SRuZFvtD4OZtpxyN9iza2IKa9jv4tQkcwExGF8ATWmS/TL4txHa+oTHf9PMRY/H1
vj8hHSiyZ3wBSoP4OlMKPIDBChAQOwTRjiu8JTWtH+dtrgyC7BwlWrbdaiNTeT3mYB4HYJ
ZiPwcplLXMrSrrZuOx3nmkdMBnNxdIs=
From: Ashish SHUKLA <ashish.is@HIDDEN>
To: 78302 <at> debbugs.gnu.org
Subject: [PATCH v2 3/3] gnu: Add nginx-http3.
Date: Thu, 12 Jun 2025 00:17:42 +0200
Message-ID: <67fccf4293646c164ab3f9c01bb9de826f5a5caf.1749680261.git.ashish.is@HIDDEN>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <253854a2ccc50abdc0d6d8f534843fd91d7673e8.1749680261.git.ashish.is@HIDDEN>
References: <253854a2ccc50abdc0d6d8f534843fd91d7673e8.1749680261.git.ashish.is@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 78302
Cc: Ashish SHUKLA <ashish.is@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
This package uses boringssl for QUIC support in nginx.
* gnu/packages/web.scm: Add nginx-http3.
Change-Id: I05348d57d5fcd4be661c3500b186df5e05f24160
---
This revision addresses the lint warnings.
gnu/packages/web.scm | 48 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 48 insertions(+)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index cc1b8b5724..5725ba2b45 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -125,6 +125,7 @@ (define-module (gnu packages web)
#:use-module (gnu packages build-tools)
#:use-module (gnu packages certs)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crates-crypto)
@@ -714,6 +715,53 @@ (define-public nginx-documentation
"This package provides HTML documentation for the nginx web server.")
(license license:bsd-2))))
+(define-public nginx-http3
+ (let*
+ ((boringssl-commit "864a235afcf4d2575b1eab8de96fbf0d84f6cda9")
+ (boringssl
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://boringssl.googlesource.com/boringssl")
+ (commit boringssl-commit)))
+ (file-name (git-file-name "boringssl" boringssl-commit))
+ (sha256
+ (base32 "0ayd3519zyrwn9ccmlch3j7qvkg80az7z278n2vhrrl977dakyny")))))
+ (package
+ (inherit nginx)
+ (name "nginx-http3")
+ (inputs
+ (modify-inputs (package-inputs nginx)
+ (replace "openssl" boringssl)))
+ (native-inputs
+ (modify-inputs (package-native-inputs nginx)
+ (append cmake-minimal)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nginx)
+ ((#:phases phases #~(list))
+ #~(modify-phases #$phases
+ (add-before 'configure 'build-boringssl
+ (lambda* (#:key inputs parallel-build? #:allow-other-keys)
+ (mkdir-p "boringssl-build")
+ (let ((boringssl-build-dir (string-append (getcwd)
+ "/boringssl-build")))
+ (with-directory-excursion (assoc-ref inputs "openssl")
+ (invoke "cmake" (string-append "-B" boringssl-build-dir)
+ "-DCMAKE_BUILD_TYPE=RelWithDebInfo")
+ (invoke "make" "-C" boringssl-build-dir
+ (string-append "-j"
+ (if parallel-build?
+ (number->string (parallel-job-count))
+ "1")))))))))
+
+ ((#:configure-flags flags #~(list))
+ #~(cons* "--with-http_v3_module"
+ (string-append "--with-cc-opt=-I"
+ (assoc-ref %build-inputs "openssl") "/include")
+ (string-append "--with-ld-opt=-Lboringssl-build -lstdc++")
+ #$flags)))))))
+
(define-public nginx-accept-language-module
;; Upstream has never made a release; use current commit instead.
(let ((commit "2f69842f83dac77f7d98b41a2b31b13b87aeaba7")
--
2.49.0
guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.
Received: (at 78302) by debbugs.gnu.org; 11 Jun 2025 22:18:06 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 11 18:18:05 2025
Received: from localhost ([127.0.0.1]:52881 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1uPTll-0002BP-97
for submit <at> debbugs.gnu.org; Wed, 11 Jun 2025 18:18:05 -0400
Received: from anamika.lostca.se ([2a01:4f9:3b:505c::2]:36552)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>)
id 1uPTlg-00029D-Tw
for 78302 <at> debbugs.gnu.org; Wed, 11 Jun 2025 18:18:02 -0400
Received: from localhost.localdomain
(2a02-9140-3881-5400-004b-3467-835f-7892.red-2a02-914.customerbaf.ipv6.rima-tde.net
[IPv6:2a02:9140:3881:5400:4b:3467:835f:7892])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested) (Authenticated sender: abbe)
by anamika.lostca.se (Postfix) with ESMTPSA id 0E2292886C;
Wed, 11 Jun 2025 22:17:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika;
t=1749680274;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=cFUkcnfh2yarzuKosq4HbizQVV+h2WLV2VbimmTt1eM=;
b=OOXYMmQs9bk0c0Mw52KgudnEbibtEXr/l5Dx90rZwRf8xKBsq4sqVY/A3J4Y7XHSMLu2yL
dNGEuGHNIGFF9pZXIrshtS5YH+d1NKwnlD6pUK2g/Qq5WxKTxbYEPC3lJdj1LiAo0+9OHn
rDXc+Kz3GmIEWFV4lJUh0sm+b4b6EcY=
From: Ashish SHUKLA <ashish.is@HIDDEN>
To: 78302 <at> debbugs.gnu.org
Subject: [PATCH v2 2/3] gnu: nginx-documentation: Update to 1.27.5.
Date: Thu, 12 Jun 2025 00:17:40 +0200
Message-ID: <3b9726ba32fbc5be9ade0003e3813ed19356ea4f.1749680261.git.ashish.is@HIDDEN>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <253854a2ccc50abdc0d6d8f534843fd91d7673e8.1749680261.git.ashish.is@HIDDEN>
References: <253854a2ccc50abdc0d6d8f534843fd91d7673e8.1749680261.git.ashish.is@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 78302
Cc: Ashish SHUKLA <ashish.is@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
* gnu/packages/web.scm (nginx-documentation): Update to 1.27.5.
Change-Id: I2cb7f9c67284e509cc7b21653882593ad2321324
---
gnu/packages/web.scm | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 94a29e2a86..cc1b8b5724 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -665,9 +665,9 @@ (define-public nginx
(define-public nginx-documentation
;; This documentation should be relevant for the current nginx package.
- (let ((version "1.27.3")
- (revision 3156)
- (changeset "5c6ef6def8bc"))
+ (let ((version "1.27.5")
+ (revision 3198)
+ (changeset "5b736526489f"))
(package
(name "nginx-documentation")
(version (simple-format #f "~A-~A-~A" version revision changeset))
@@ -679,7 +679,7 @@ (define-public nginx-documentation
(file-name (string-append name "-" version))
(sha256
(base32
- "09wdvgvsr7ayjz3ypq8qsm12idb9z626j5ibmknc8phm10gh8cgk"))))
+ "04qbi7rczv28k4ainnvnv7xxf48jmh5ydxpnlzr4zdpkl7fjz0j3"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no test suite
--
2.49.0
guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.
Received: (at 78302) by debbugs.gnu.org; 11 Jun 2025 22:18:03 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Jun 11 18:18:03 2025
Received: from localhost ([127.0.0.1]:52877 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1uPTlh-0002AT-Ij
for submit <at> debbugs.gnu.org; Wed, 11 Jun 2025 18:18:03 -0400
Received: from anamika.lostca.se ([65.21.75.227]:48734)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>)
id 1uPTlc-00028R-94
for 78302 <at> debbugs.gnu.org; Wed, 11 Jun 2025 18:17:59 -0400
Received: from localhost.localdomain
(2a02-9140-3881-5400-004b-3467-835f-7892.red-2a02-914.customerbaf.ipv6.rima-tde.net
[IPv6:2a02:9140:3881:5400:4b:3467:835f:7892])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested) (Authenticated sender: abbe)
by anamika.lostca.se (Postfix) with ESMTPSA id 784A3288F0;
Wed, 11 Jun 2025 22:17:49 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika;
t=1749680269;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=i1Cjc7tOMoWvdwOzaSiJdRlO6Mlme+UuBSjafMkzSmU=;
b=oWUBL5XN0btxBe9rrCn0A3iik2meWS6Ky5EowZMmzz+L+XVjtNGI27T6TxhShskCpDwQgK
bWz+xN8oQiDotUffEf7E6xxQBmDqssPKhNrViwXvuAUDNj7WcRW2P4lH6q024rNlE47fJF
JiS+GLTiNAUhItO9bBomXGytVAXe+zw=
From: Ashish SHUKLA <ashish.is@HIDDEN>
To: 78302 <at> debbugs.gnu.org
Subject: [PATCH v2 1/3] gnu: nginx: Update to 1.27.5. [security fixes]
Date: Thu, 12 Jun 2025 00:17:39 +0200
Message-ID: <253854a2ccc50abdc0d6d8f534843fd91d7673e8.1749680261.git.ashish.is@HIDDEN>
X-Mailer: git-send-email 2.49.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 78302
Cc: Ashish SHUKLA <ashish.is@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
This release includes fix for (CVE-2025-23419).
* gnu/packages/web.scm (nginx): Update to 1.27.5.
Change-Id: I45e89fc97a3536843e5af80ffb072db705fb3f84
---
gnu/packages/web.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 22369cd3f5..94a29e2a86 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -567,14 +567,14 @@ (define-public nginx
;; Track the ‘mainline’ branch. Upstream considers it more reliable than
;; ’stable’ and recommends that “in general you deploy the NGINX mainline
;; branch at all times” (https://www.nginx.com/blog/nginx-1-6-1-7-released/)
- (version "1.27.3")
+ (version "1.27.5")
(source (origin
(method url-fetch)
(uri (string-append "https://nginx.org/download/nginx-"
version ".tar.gz"))
(sha256
(base32
- "00vrkdx0a6fpy8n0n7m9xws0dfa7dbb9pqnh3jv3c824ixbaj8xs"))))
+ "03nxfik3f7lj9lnj71nm1h7q26xsxhr1ppf302hbhv9akjxwwsp9"))))
(build-system gnu-build-system)
(inputs (list libxcrypt libxml2 libxslt openssl pcre zlib))
(arguments
base-commit: 60828ad981b9d0673704f7a57e01fb6269852007
--
2.49.0
guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.
Received: (at 78302) by debbugs.gnu.org; 7 May 2025 19:37:43 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 15:37:43 2025
Received: from localhost ([127.0.0.1]:48009 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1uCkaM-0001ZJ-AZ
for submit <at> debbugs.gnu.org; Wed, 07 May 2025 15:37:43 -0400
Received: from anamika.lostca.se ([2a01:4f9:3b:505c::2]:53642)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>)
id 1uCkaF-0001YJ-NA
for 78302 <at> debbugs.gnu.org; Wed, 07 May 2025 15:37:36 -0400
Received: from localhost.localdomain
(2a02-9140-3881-3600-1869-abbf-d3fd-8ceb.red-2a02-914.customerbaf.ipv6.rima-tde.net
[IPv6:2a02:9140:3881:3600:1869:abbf:d3fd:8ceb])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested) (Authenticated sender: abbe)
by anamika.lostca.se (Postfix) with ESMTPSA id CFF471FD4C;
Wed, 7 May 2025 19:37:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika;
t=1746646648;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=7Ca57ZSFuUgNlHysQwjfdljXA0weSqluHq/6TW5W0YY=;
b=r7pdwaR0lvzgEXoOVpi9RsPKL9h/qlmt9ss8Ss9BS1xYOaoFztHmb7hfgx/+v+CTdgLfbM
rROgGATRbvnUMd/qbJWeYD2bE4HqnmlU1G/iKj44wJskl2zS6NPsTlmdgjc+RFK3PF9mm7
xm+eOVgzUvV+zrfMzcoMmDYETpxD0FM=
From: Ashish SHUKLA <ashish.is@HIDDEN>
To: 78302 <at> debbugs.gnu.org
Subject: [PATCH 3/3] gnu: Add nginx-http3.
Date: Wed, 7 May 2025 21:37:14 +0200
Message-ID: <14148955ed0a90c32ce2daedd3854e9cc8391a6d.1746646353.git.ashish.is@HIDDEN>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <cover.1746646353.git.ashish.is@HIDDEN>
References: <cover.1746646353.git.ashish.is@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 78302
Cc: Ashish SHUKLA <ashish.is@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
This package uses boringssl for QUIC support in nginx.
* gnu/packages/web.scm: Add nginx-http3.
Change-Id: I05348d57d5fcd4be661c3500b186df5e05f24160
---
gnu/packages/web.scm | 44 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 44 insertions(+)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index cab378e582..b4b33fa2f4 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -123,6 +123,7 @@ (define-module (gnu packages web)
#:use-module (gnu packages build-tools)
#:use-module (gnu packages certs)
#:use-module (gnu packages check)
+ #:use-module (gnu packages cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crates-crypto)
@@ -712,6 +713,49 @@ (define-public nginx-documentation
"This package provides HTML documentation for the nginx web server.")
(license license:bsd-2))))
+(define-public nginx-http3
+ (let* ((boringssl-commit "864a235afcf4d2575b1eab8de96fbf0d84f6cda9")
+ (boringssl (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://boringssl.googlesource.com/boringssl")
+ (commit boringssl-commit)))
+ (file-name (git-file-name "boringssl" boringssl-commit))
+ (sha256 (base32 "0ayd3519zyrwn9ccmlch3j7qvkg80az7z278n2vhrrl977dakyny")))))
+ (package
+ (inherit nginx)
+ (name "nginx-http3")
+ (inputs
+ (modify-inputs (package-inputs nginx)
+ (replace "openssl" boringssl)))
+ (native-inputs
+ (modify-inputs (package-native-inputs nginx)
+ (append cmake-minimal)))
+ (arguments
+ (substitute-keyword-arguments (package-arguments nginx)
+ ((#:phases phases #~(list))
+ #~(modify-phases #$phases
+ (add-before 'configure 'build-boringssl
+ (lambda* (#:key inputs parallel-build? #:allow-other-keys)
+ (mkdir-p "boringssl-build")
+ (let ((boringssl-build-dir (string-append (getcwd) "/boringssl-build")))
+ (with-directory-excursion (assoc-ref inputs "openssl")
+ (invoke "cmake" (string-append "-B" boringssl-build-dir)
+ "-DCMAKE_BUILD_TYPE=RelWithDebInfo")
+ (invoke "make" "-C" boringssl-build-dir
+ (string-append "-j"
+ (if parallel-build?
+ (number->string (parallel-job-count))
+ "1")))))))))
+
+ ((#:configure-flags flags #~(list))
+ #~(cons* "--with-http_v3_module"
+ (string-append "--with-cc-opt=-I"
+ (assoc-ref %build-inputs "openssl") "/include")
+ (string-append "--with-ld-opt=-Lboringssl-build -lstdc++")
+ #$flags)))))))
+
(define-public nginx-accept-language-module
;; Upstream has never made a release; use current commit instead.
(let ((commit "2f69842f83dac77f7d98b41a2b31b13b87aeaba7")
--
2.49.0
guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.
Received: (at 78302) by debbugs.gnu.org; 7 May 2025 19:37:42 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 15:37:42 2025
Received: from localhost ([127.0.0.1]:48007 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1uCkaL-0001Z5-OA
for submit <at> debbugs.gnu.org; Wed, 07 May 2025 15:37:42 -0400
Received: from anamika.lostca.se ([65.21.75.227]:40092)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>)
id 1uCkaD-0001YH-QJ
for 78302 <at> debbugs.gnu.org; Wed, 07 May 2025 15:37:35 -0400
Received: from localhost.localdomain
(2a02-9140-3881-3600-1869-abbf-d3fd-8ceb.red-2a02-914.customerbaf.ipv6.rima-tde.net
[IPv6:2a02:9140:3881:3600:1869:abbf:d3fd:8ceb])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested) (Authenticated sender: abbe)
by anamika.lostca.se (Postfix) with ESMTPSA id 37A731FAEE;
Wed, 7 May 2025 19:37:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika;
t=1746646647;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=myul0/uy02zSsrbpTIRP10ZJOygCGn22lyKgCPVFA8M=;
b=K6lo1bQvoLr+6dY+xiy/rtAzwetlRju5Qa/U+cLy3dKbc9b+2/L21mdwqOLew1TOGZAI8E
Sk24e45RmRsrtMiVjDTTtiifkOt4e7fdFzCbj6OqZ+v3wvCvI+4lA3uYu6L4ve6F6h6e/c
OjIh+prtYtRUyODb4yV2xkWTgnbXwVI=
From: Ashish SHUKLA <ashish.is@HIDDEN>
To: 78302 <at> debbugs.gnu.org
Subject: [PATCH 2/3] gnu: nginx-documentation: Update to 1.27.5.
Date: Wed, 7 May 2025 21:37:13 +0200
Message-ID: <5abcd2523b269bd83f7b6f28c78cdbe77e7e6779.1746646353.git.ashish.is@HIDDEN>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <cover.1746646353.git.ashish.is@HIDDEN>
References: <cover.1746646353.git.ashish.is@HIDDEN>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 78302
Cc: Ashish SHUKLA <ashish.is@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
* gnu/packages/web.scm (nginx-documentation): Update to 1.27.5.
Change-Id: I2cb7f9c67284e509cc7b21653882593ad2321324
---
gnu/packages/web.scm | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index df7d376d9a..cab378e582 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -663,9 +663,9 @@ (define-public nginx
(define-public nginx-documentation
;; This documentation should be relevant for the current nginx package.
- (let ((version "1.27.3")
- (revision 3156)
- (changeset "5c6ef6def8bc"))
+ (let ((version "1.27.5")
+ (revision 3198)
+ (changeset "5b736526489f"))
(package
(name "nginx-documentation")
(version (simple-format #f "~A-~A-~A" version revision changeset))
@@ -677,7 +677,7 @@ (define-public nginx-documentation
(file-name (string-append name "-" version))
(sha256
(base32
- "09wdvgvsr7ayjz3ypq8qsm12idb9z626j5ibmknc8phm10gh8cgk"))))
+ "04qbi7rczv28k4ainnvnv7xxf48jmh5ydxpnlzr4zdpkl7fjz0j3"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no test suite
--
2.49.0
guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.
Received: (at 78302) by debbugs.gnu.org; 7 May 2025 19:37:42 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 15:37:41 2025
Received: from localhost ([127.0.0.1]:48005 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1uCkaH-0001Yk-DR
for submit <at> debbugs.gnu.org; Wed, 07 May 2025 15:37:41 -0400
Received: from anamika.lostca.se ([65.21.75.227]:40080)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>)
id 1uCkaD-0001YF-Px
for 78302 <at> debbugs.gnu.org; Wed, 07 May 2025 15:37:34 -0400
Received: from localhost.localdomain
(2a02-9140-3881-3600-1869-abbf-d3fd-8ceb.red-2a02-914.customerbaf.ipv6.rima-tde.net
[IPv6:2a02:9140:3881:3600:1869:abbf:d3fd:8ceb])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested) (Authenticated sender: abbe)
by anamika.lostca.se (Postfix) with ESMTPSA id 540141FD4A;
Wed, 7 May 2025 19:37:26 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika;
t=1746646646;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=5IWTk9VRuBKWrUEP1q2uX+dG5iBmE23Aa3F8KPuepMk=;
b=dquITkcvYin6tBNPHsWzb2NKBbpO6g5IdPMD4Pg+NCM1vqCBE1Ud/wJlgUyVqDOmevgV8K
yLNWzdABF80Ni0yPkx+rUHDaT7X3hQj/dMiFlRGxUqdDs6t1i5YisTFY2JD/zhtaNV+/6g
8mgtfO0RGQ/RJxw+qFW4wbcPsWJ5lG4=
From: Ashish SHUKLA <ashish.is@HIDDEN>
To: 78302 <at> debbugs.gnu.org
Subject: [PATCH 1/3] gnu: nginx: Update to 1.27.5. [security fixes]
Date: Wed, 7 May 2025 21:37:12 +0200
Message-ID: <87fe7bfc35852c873a499052bb5eaf4892f2a4dc.1746646353.git.ashish.is@HIDDEN>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <cover.1746646353.git.ashish.is@HIDDEN>
References: <cover.1746646353.git.ashish.is@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 78302
Cc: Ashish SHUKLA <ashish.is@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
This release includes fix for (CVE-2025-23419).
* gnu/packages/web.scm (nginx): Update to 1.27.5.
Change-Id: I45e89fc97a3536843e5af80ffb072db705fb3f84
---
gnu/packages/web.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index b3f998aca9..df7d376d9a 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -565,14 +565,14 @@ (define-public nginx
;; Track the ‘mainline’ branch. Upstream considers it more reliable than
;; ’stable’ and recommends that “in general you deploy the NGINX mainline
;; branch at all times” (https://www.nginx.com/blog/nginx-1-6-1-7-released/)
- (version "1.27.3")
+ (version "1.27.5")
(source (origin
(method url-fetch)
(uri (string-append "https://nginx.org/download/nginx-"
version ".tar.gz"))
(sha256
(base32
- "00vrkdx0a6fpy8n0n7m9xws0dfa7dbb9pqnh3jv3c824ixbaj8xs"))))
+ "03nxfik3f7lj9lnj71nm1h7q26xsxhr1ppf302hbhv9akjxwwsp9"))))
(build-system gnu-build-system)
(inputs (list libxcrypt libxml2 libxslt openssl pcre zlib))
(arguments
--
2.49.0
guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.Received: (at submit) by debbugs.gnu.org; 7 May 2025 19:35:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 15:35:45 2025 Received: from localhost ([127.0.0.1]:47984 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uCkYT-0001T0-3v for submit <at> debbugs.gnu.org; Wed, 07 May 2025 15:35:45 -0400 Received: from lists.gnu.org ([2001:470:142::17]:51182) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ashish.is@HIDDEN>) id 1uCkYO-0001Sj-5h for submit <at> debbugs.gnu.org; Wed, 07 May 2025 15:35:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ashish.is@HIDDEN>) id 1uCkYG-0005nY-NF for guix-patches@HIDDEN; Wed, 07 May 2025 15:35:33 -0400 Received: from anamika.lostca.se ([65.21.75.227]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <ashish.is@HIDDEN>) id 1uCkYA-0002PQ-F3 for guix-patches@HIDDEN; Wed, 07 May 2025 15:35:32 -0400 Received: from localhost.localdomain (2a02-9140-3881-3600-1869-abbf-d3fd-8ceb.red-2a02-914.customerbaf.ipv6.rima-tde.net [IPv6:2a02:9140:3881:3600:1869:abbf:d3fd:8ceb]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: abbe) by anamika.lostca.se (Postfix) with ESMTPSA id 302611FD46; Wed, 7 May 2025 19:35:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; t=1746646520; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ZGfMmgMwG9+ffR1uW2Clq2Jh3rJYMgeI3Y41gH0TvjM=; b=CC2CuDPfeV3vw887uDIIBGVeG171ZsG2++732DkMT0Le1fhHwI1uVJe5ig4l5J4pwDfW0z 5Jmynhr3B1hNTLPZaILO5XEo5Xr+qd9qYhp21f3WqNpsU0Yr6u6Y21JSd6z81FhQyKL0Lv ZmWZhuGQ2FMYSe5Z15oQG6lT38uxrnw= From: Ashish SHUKLA <ashish.is@HIDDEN> To: guix-patches@HIDDEN Subject: [PATCH] Update nginx to 1.27.5, and add QUIC support [security-fixes] Date: Wed, 7 May 2025 21:35:10 +0200 Message-ID: <cover.1746646353.git.ashish.is@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=65.21.75.227; envelope-from=ashish.is@HIDDEN; helo=anamika.lostca.se X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.9 (/) X-Debbugs-Envelope-To: submit Cc: Ashish SHUKLA <ashish.is@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.1 (/) This patch updates nginx to 1.27.5, and adds another package "nginx-http3" for HTTP3/QUIC support[0]. References: [0] https://issues.guix.gnu.org/77536 Ashish SHUKLA (3): gnu: nginx: Update to 1.27.5. [security fixes] gnu: nginx-documentation: Update to 1.27.5. gnu: Add nginx-http3. gnu/packages/web.scm | 56 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 50 insertions(+), 6 deletions(-) base-commit: 295a35ba20257e965c4eba8488de99fce7bf027f -- 2.49.0
Ashish SHUKLA <ashish.is@HIDDEN>:guix-patches@HIDDEN.
Full text available.guix-patches@HIDDEN:bug#78302; Package guix-patches.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.