* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg-2.1.2)[source]: Use it.
* gnu/packages/patches/lcms-fix-out-of-bounds-read.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ghostscript.scm (lcms)[replacement]: New field.
[properties]: Specify the 'cpe-name'.
(lcms/fixed): New variable.
* gnu/packages/patches/libtiff-CVE-2017-5225.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
* gnu/packages/patches/cracklib-fix-buffer-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/password-utils.scm (cracklib)[source]: Use it.
* gnu/packages/ruby.scm (ruby-yard): Update to 0.9.6.
[source]: Use 'GitHub' source.
[arguments]: Run tests without 'Rakefile'.
[native-inputs]: Replace 'ruby-rspec-2' with ruby-rspec'.
* gnu/packages/patches/ruby-yard-fix-skip-of-markdown-tests.patch: Delete
file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/python-pygpgme-fix-pinentry-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (python-pygpgme, python2-pygpgme)[source]: Use it.
* gnu/packages/patches/python-pycrypto-CVE-2013-7459.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-pycrypto, python2-pycrypto)[source]: Use the
patch. Use pypi-uri.
* gnu/packages/patches/khal-disable-failing-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/calendar.scm (khal): Use it.
* gnu/packages/patches/unrtf-CVE-2016-10091.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/unrtf.scm (unrtf)[source]: Use it.
* gnu/packages/ocaml.scm (ocaml-bitstring): New variable.
* gnu/packages/patches/ocaml-bitstring-fix-configure.patch: New file.
* gnu/local.mk (dist_patch_DATA): New patch.
Signed-off-by: David Craven <david@craven.ch>
This fixes CVE-2012-{4409,4527}.
This is a followup to commit fd1461879c.
* gnu/packages/patches/mcrypt-CVE-2012-4409.patch,
gnu/packages/patches/mcrypt-CVE-2012-4527.patch: Apply the patches to the mcrypt
source code.
* gnu/packages/patches/chicken-CVE-2016-6830+CVE-2016-6831.patch: New file.
* gnu/local.mk (dist_patch_DATA): Use it.
* gnu/packages/scheme.scm (chicken)[source]: Use it.
* gnu/packages/bioinformatics.scm (python-dendropy): Update to 4.2.0.
[source]: Remove patch.
(python2-dendropy)[source]: Use the same source as python-dendropy.
* gnu/packages/patches/python-dendropy-exclude-failing-tests.patch: Remove
file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libpng)[replacement]: New field.
(libpng/fixed): New variable.
* gnu/packages/patches/libxml2-CVE-2016-5131.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxml2/fixed)[source]: Add it.
* gnu/packages/xml.scm (libxml2)[replacement]: New field.
(libxml2/fixed): New variable.
* gnu/packages/patches/libxml2-CVE-2016-4658.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnupg.scm (gnupg)[source]: Use it.
kdbusaddons needs to know the location of the kdeinit5 executable,
provided by kinit. kinit depends on kdbusaddons, so we add bootstrap
versions of all packages in the dependency chain from kinit to
kdbusaddons to avoid cyclic dependencies.
* gnu/packages/kde-frameworks.scm (kinit-bootstrap,
kdbusaddons-bootstrap): New variables.
(kdbusaddons)[inputs]: Add kinit-bootstrap.
[source,arguments]: Add patch and substitution to embed
kinit-bootstrap's store directory in the code.
* gnu/packages/patches/kdbusaddons-kinit-file-name.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/libupnp-CVE-2016-8863.patch: New file.
* gnu/local.mk (dist_patch_DATA): Use it.
* gnu/packages/libupnp.scm (libupnp)[source]: Use it.
* gnu/packages/image.scm (openjpeg)[replacement]: New field.
(openjpeg/fixed): New variable, patch against CVE-2016-9850,
CVE-2016-9851.
* gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/libepoxy-gl-null-checks.patch: New file.
* gnu/packages/gl.scm (libepoxy)[source]: Add it.
* gnu/local.mk (dist_patch_DATA): Add it.