* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libpng)[replacement]: New field.
(libpng/fixed): New variable.
* gnu/packages/patches/libxml2-CVE-2016-5131.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxml2/fixed)[source]: Add it.
* gnu/packages/xml.scm (libxml2)[replacement]: New field.
(libxml2/fixed): New variable.
* gnu/packages/patches/libxml2-CVE-2016-4658.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnupg.scm (gnupg)[source]: Use it.
kdbusaddons needs to know the location of the kdeinit5 executable,
provided by kinit. kinit depends on kdbusaddons, so we add bootstrap
versions of all packages in the dependency chain from kinit to
kdbusaddons to avoid cyclic dependencies.
* gnu/packages/kde-frameworks.scm (kinit-bootstrap,
kdbusaddons-bootstrap): New variables.
(kdbusaddons)[inputs]: Add kinit-bootstrap.
[source,arguments]: Add patch and substitution to embed
kinit-bootstrap's store directory in the code.
* gnu/packages/patches/kdbusaddons-kinit-file-name.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/libupnp-CVE-2016-8863.patch: New file.
* gnu/local.mk (dist_patch_DATA): Use it.
* gnu/packages/libupnp.scm (libupnp)[source]: Use it.
* gnu/packages/image.scm (openjpeg)[replacement]: New field.
(openjpeg/fixed): New variable, patch against CVE-2016-9850,
CVE-2016-9851.
* gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/libepoxy-gl-null-checks.patch: New file.
* gnu/packages/gl.scm (libepoxy)[source]: Add it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/tcsh-fix-out-of-bounds-read.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/shells.scm (tcsh)[replacement]: New field.
(tcsh/fixed): New variable.
* gnu/packages/cross-base.scm (cross-gcc-arguments) <#:phases>: Use
'cross-gcc-build-phases', and move body cross-toolchain.scm.
(cross-gcc): Add #:imported-modules. Add (gnu build cross-toolchain) to
#:modules.
* gnu/build/cross-toolchain.scm: New file, with code from
'cross-gcc-arguments'.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/patches/readline-7.0-mingw.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/readline.scm (readline): Support MinGW.
* gnu/packages/gnuzilla.scm (icecat): Update to 45.5.1-gnu1.
[source]: Remove temporary URI for 45.3 beta. Fix URI computation. Remove
outdated patches. Add more cherry-picked bug fixes from upstream
mozilla-esr45. Use 'list' instead of quasiquote in 'patches' field.
* gnu/packages/assembly.scm (nasm)[source]: Remove patch.
[arguments]: Disable ps and pdf doc outputs in new phase.
* gnu/packages/patches/nasm-no-ps-pdf.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/gtk.scm (cairo)[replacement]: New field.
(cairo/fixed): New variable.
(cairo-xcb)[source]: Use patch.
[replacement]: New field, set false.
* gnu/packages/pdf.scm (poppler)[inputs]: Custom cairo should be
replaced by a new custom patched cairo.
* gnu/packages/patches/cairo-CVE-2016-9082.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field.
(cyrus-sasl/fixed): New variable.
[source]: Use patch.
* gnu/packages/patches/lvm2-static-link.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (lvm2)[source](patches): New field.
(lvm2-static): New variable.
* gnu/packages/patches/libtiff-CVE-2016-9448.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
* gnu/packages/patches/guile-repl-server-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/guile.scm (guile-2.0.13)[source]: Use it.
* gnu/packages/video.scm (handbrake): New variable.
* gnu/packages/patches/handbrake-pkg-config-path.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/libtiff-uint32-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
* gnu/packages/patches/libtiff-CVE-2016-9297.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
Includes fixes for CVE-2016-5290, CVE-2016-5291, CVE-2016-5297, CVE-2016-9064,
and CVE-2016-9066.
* gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add fixes for
aforementioned CVEs and other selected fixes from Firefox ESR 45.5.0. Note
that the first six patches of CVE-2016-5290 and the patch for CVE-2016-9066
were already present, but were labeled by mozilla bug number instead of CVE.
* gnu/packages/patches/icecat-CVE-2016-9064.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/pixman-CVE-2016-5296.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (pixman)[replacement]: New field.
(pixman/fixed): New variable.
* gnu/packages/patches/python-2.7-site-prefixes.patch: New file.
* gnu/packages/python.scm (python-2)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add patch.
* gnu/packages/patches/readline-6.2-CVE-2014-2524.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/readline.scm (readline-6.2): Use it.
* gnu/packages/patches/libtiff-CVE-2016-9273.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed): Use it.
Partly addresses <http://bugs.gnu.org/24703>.
Reported by Mark H Weaver <mhw@netris.org>.
* gnu/packages/patches/gcc-strmov-store-file-names.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gcc.scm (gcc-5)[sources](patches): Add it.
(gcc-6)[sources](patches): Add it.
* gnu/packages/patches/libxslt-CVE-2016-4738.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxslt)[replacement]: New field.
(libxslt/fixed): New variable.
* gnu/packages/patches/lua52-liblua-so.patch: Rename to ...
* gnu/packages/patches/lua-liblua-so.patch: ... this. Add version comment.
* gnu/local.mk (dist_patch_DATA): Adjust patch name.
* gnu/packages/lua.scm (lua): Update to 5.3.3.
[source]: Use https URL. Use new patch name.
[home-page]: Use https URL.
(lua-5.2): New variable.
(lua-5.1)[source]: Use https URL.
* gnu/packages/python.scm (python-ipython): Update to 4.0.0.
[inputs]: Keep only "readline" and "which"; move the remaining inputs
to propagated-inputs, except for "python-requests" and "python-nose"
which are moved to native-inputs.
[propagated-inputs]: Add "python-pexpect", "python-pickleshare",
"python-simplegeneric", "python-traitlets", "python-ipykernel".
[native-inputs]: Add "python-testpath".
[arguments]: Enable building of HTML documentation.
[source]: Remove patch.
* gnu/packages/patches/python-ipython-inputhook-ctype.patch: Remove
patch.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/icecat-binutils.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Use it.
* gnu/packages/patches/libtiff-CVE-2016-5652.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-fixed)[source]: Use it.
* gnu/packages/embedded.scm (openocd): New variable.
* gnu/packages/patches/openocd-nrf52.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the patch.
* gnu/packages/patches/libwebp-CVE-2016-9085.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libwebp)[source]: Use it.
This is a followup to commit aa6c09ed71.
* gnu/local.mk (dist_patch_DATA):
"python-python-parse-too-many-fields.patch" =>
"python-parse-too-many-fields.patch".
* gnu/packages/patches/perl-www-curl-remove-symbol.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-www-curl)[source]: Use it.
Ben Woodcroft