Suggested by Mark H Weaver <mhw@netris.org>.
* gnu/packages/patches/glibc-versioned-locpath.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Use it.
[arguments]: Add explicit version sub-directory to
libc_cv_localedir.
[native-search-paths]: Use 'GUIX_LOCPATH' instead of 'LOCPATH'.
(glibc-locales, glibc-utf8-locales): Write to a VERSION
sub-directory.
* gnu/packages/qt.scm (qt)[source]: Add snippet to remove the qtwebengine
code, which was already not built anymore, and drop one patch used
previously only for qtwebengine.
[arguments]: Drop the configuration flag "-skip qtwebengine", since
deleted modules cannot be skipped.
* gnu/packages/patches/qt5-runpath.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
Partially fixes <http://bugs.gnu.org/21288>.
* gnu/packages/qt.scm (qt-4)[source]: Add snippet to remove the webkit code
and drop one patch used previously for webkit.
[arguments]: Add configure flag to disable building the webkit module.
* gnu/packages/patches/qt4-tests.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
Partially fixes <http://bugs.gnu.org/21288>.
* gnu/packages/patches/glibc-guix-locpath.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Use it.
[native-search-paths]: Use 'GUIX_LOCPATH' instead of 'LOCPATH'.
* doc/guix.texi (Application Setup): Introduce the term "foreign
distro". Document 'GUIX_LOCPATH'.
* gnu/packages/patches/glibc-locale-incompatibility.patch: New file.
* gnu/packages/base.scm (glibc)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/qemu-CVE-2015-3209.patch,
gnu/packages/patches/qemu-CVE-2015-4037.patch,
gnu/packages/patches/qemu-CVE-2015-4103.patch,
gnu/packages/patches/qemu-CVE-2015-4104.patch,
gnu/packages/patches/qemu-CVE-2015-4105.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt4.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt6.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt7.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt8.patch,
gnu/packages/patches/qemu-CVE-2015-5745.patch: Delete files.
* gnu/packages/patches/qemu-CVE-2015-6855.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new patch and delete the old ones.
* gnu/packages/qemu.scm (qemu-headless): Update to 2.4.0.1. Add the new patch
and delete the old ones.
* gnu/packages/patches/pixman-pointer-arithmetic.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (pixman)[source]: Use it.
* gnu/packages/patches/valgrind-glibc-2.21.patch: Rename to ...
gnu/packages/patches/valgrind-glibc-2.22.patch: ... this, and add a case for
glibc-2.22.
* gnu/packages/patches/valgrind-linux-libre-4.x.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new file, and rename the other one.
* gnu/packages/valgrind.scm (valgrind)[source]: Add new patch.
This works around <http://bugs.gnu.org/21460>.
* gnu/packages/patches/coreutils-racy-tail-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (coreutils): Use it.
* gnu/packages/patches/perl-autosplit-default-time.patch: New patch.
* gnu/packages/perl.scm (perl): Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-finance-quote): New variable.
* gnu/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
This shrinks the closure of OpenSSL from 154 MiB to 73 MiB.
* gnu/packages/patches/openssl-c-rehash.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (openssl)[source]: Use it.
[arguments]: Add 'remove-miscellany' phase.
* gnu/packages/certs.scm (nss-certs)[native-inputs]: Add PERL.
* gnu/packages/patches/glibc-o-largefile.patch: New file.
* gnu/packages/base.scm (glibc)[source]: Add it to 'patches'.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gtk.scm (guile-rsvg): New variable.
* gnu/packages/patches/guile-rsvg-pkgconfig.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/gnutls-doc-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (gnutls): Update to 3.4.4.1. Add patch.
[arguments]: Add 'delete-prebuilt-unfixed-info-file' phase.
In 'move-doc' phase, copy man pages to the correct directory.
[native-inputs]: Add 'texinfo'.
* gnu/packages/patches/qemu-CVE-2015-5745.patch: New file.
* gnu/packages/patches/qemu-CVE-2015-3456.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-5158.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Add new file and remove the deleted ones.
* gnu/packages/qemu.scm (qemu): Update to 2.3.1. Add new patch and remove the
deleted ones.
This is an improvement over commit af6100f.
* gnu/packages/gnome.scm (glib-networking)[source](patches): New field.
[arguments]: Pass '/etc/ssl/certs/ca-certificates.crt' to configure.
Set 'SSL_CERT_FILE' to '/dev/null' in 'use-empty-ssl-cert-file' phase.
(libsoup)[arguments]: Set 'SSL_CERT_FILE' to '/dev/null' in
'pre-check' phase.
* gnu/packages/patches/glib-networking-ssl-cert-file.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable
to backport some of the patches (for upstream bugs 1182711 and 1146213). I
was also unable to backport CVE-2015-4484 (upstream bug 1171540) and
CVE-2015-4487 (upstream bug 1171603). I was unable to find any commit in the
upstream repository that claims to address bug 1105914 (CVE-2015-4478).
* gnu/packages/patches/icecat-CVE-2015-4473-partial.patch,
gnu/packages/patches/icecat-CVE-2015-4482.patch,
gnu/packages/patches/icecat-CVE-2015-4488.patch,
gnu/packages/patches/icecat-CVE-2015-4489.patch,
gnu/packages/patches/icecat-CVE-2015-4491.patch,
gnu/packages/patches/icecat-CVE-2015-4492.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Move the 'patches'
field above the snippet.
* gnu/packages/patches/pidgin-add-search-path.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (pidgin): New variable.
* gnu/packages/qt.scm (qt): Update to 5.5.0. Update download location.
Drop patch and snippet.
[arguments]: Add configure flag to drop qtwebengine module bundling
chromium.
[native-inputs]: Drop ninja, needed only for qtwebengine.
[inputs]: Add harfbuzz to avoid use of bundled copy.
(qt-4)[inputs]: Remove inherited harfbuzz again.
* gnu/packages/patches/qt5-conflicting-typedefs.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
* gnu/packages/patches/qt5-runpath.patch: Adapt patch.
* gnu/packages/video.scm (avidemux)[source]: Add patch to install to lib
directory instead of lib64 or lib32 depending on the architecture.
[arguments]: Use the lib instead of the lib64 directory for flags in the
build phase, so that these flags should now also work on i686.
* gnu/packages/patches/avidemux-install-to-lib.patch: New file.
* gnu-system.am (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (ripperx): Update to 2.8.0. Drop one patch and
add another one.
* gnu/packages/patches/ripperx-libm.patch: Remove file.
* gnu/packages/patches/ripperx-missing-file.patch: New file.
* gnu-system.am (dist_patch_DATA): Register one patch and unregister the
other.
* gnu/packages/fontutils.scm (teckit): Update to 2.5.4. Drop patch.
Use svn-fetch for download.
[arguments]: Add phase to call autogen.
[native-inputs]: New field.
* gnu/packages/patches/teckit-cstdio.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
* gnu/packages/julia.scm (julia): Update to 0.3.10.
* gnu/packages/patches/julia-0.3.10-fix-empty-array.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
This is a followup to 47f315a.
* gnu/packages/patches/ninja-zero-mtime.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/ninja.scm (ninja)[source]: Reinstate 'patches' field and add
this patch.
[arguments]: Remove 'apply-ninja-tests.patch' phase.
This file should have been added as part of commit cc205da.
* gnu/packages/patches/crda-optional-gcrypt.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/boost-mips-avoid-m32.patch: New file.
* gnu-system.am (dist_patch_DATA): Register patch.
* gnu/packages/boost.scm (boost): Use it.
* gnu/build/linux-container.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
* .dir-locals.el: Add Scheme indent rules for 'call-with-container', and
'container-excursion'.
* tests/containers.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
* gnu/packages/patches/mutt-store-references.patch: New file.
* gnu/packages/mail.scm (mutt)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.