* gnu/packages/patches/unzip-fix-overflows-and-infloop.patch: Delete
file. Its contents are now split into the following new files:
* gnu/packages/patches/unzip-CVE-2015-7696.patch,
gnu/packages/patches/unzip-CVE-2015-7697.patch,
gnu/packages/patches/unzip-overflow-on-invalid-input.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zip.scm (unzip)[source]: Adjust patches accordingly.
* gnu/packages/patches/dbus-helper-search-path.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/glib.scm (dbus/activation): New variable.
GLib doesn't allow duplicate test case paths any more.
* gnu/packages/patches/librsvg-tests.patch: New file.
* gnu/packages/gnome.scm (librsvg)[source]: Add patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch: Delete
file. Replace with ...
* gnu/packages/patches/unzip-overflow-long-fsize.patch: ... this new file.
* gnu/packages/patches/unzip-attribs-overflow.patch,
gnu/packages/patches/unzip-fix-overflows-and-infloop.patch,
gnu/packages/patches/unzip-format-secure.patch: New files.
* gnu/packages/patches/unzip-CVE-2014-9636.patch: Replace contents with
fixed patch from Fedora.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zip.scm (unzip)[source]: Adjust list of patches.
* gnu/packages/patches/python-2.7-search-paths.patch,
gnu/packages/patches/python-3-search-paths.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/python.scm (python-2)[source]: Use first patch.
[arguments]: Remove now unneeded CPPFLAGS and LDFLAGS.
(python)[source]: Use second patch.
(python-minimal)[arguments]: Remove CPPFLAGS and LDFLAGS.
* gnu/packages/patches/gmp-faulty-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/multiprecision.scm (gmp)[source]: Use it.
Suggested by Mark H Weaver <mhw@netris.org>.
* gnu/packages/patches/glibc-versioned-locpath.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Use it.
[arguments]: Add explicit version sub-directory to
libc_cv_localedir.
[native-search-paths]: Use 'GUIX_LOCPATH' instead of 'LOCPATH'.
(glibc-locales, glibc-utf8-locales): Write to a VERSION
sub-directory.
* gnu/packages/qt.scm (qt)[source]: Add snippet to remove the qtwebengine
code, which was already not built anymore, and drop one patch used
previously only for qtwebengine.
[arguments]: Drop the configuration flag "-skip qtwebengine", since
deleted modules cannot be skipped.
* gnu/packages/patches/qt5-runpath.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
Partially fixes <http://bugs.gnu.org/21288>.
* gnu/packages/qt.scm (qt-4)[source]: Add snippet to remove the webkit code
and drop one patch used previously for webkit.
[arguments]: Add configure flag to disable building the webkit module.
* gnu/packages/patches/qt4-tests.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
Partially fixes <http://bugs.gnu.org/21288>.
* gnu/packages/patches/glibc-guix-locpath.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Use it.
[native-search-paths]: Use 'GUIX_LOCPATH' instead of 'LOCPATH'.
* doc/guix.texi (Application Setup): Introduce the term "foreign
distro". Document 'GUIX_LOCPATH'.
* gnu/packages/patches/glibc-locale-incompatibility.patch: New file.
* gnu/packages/base.scm (glibc)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/qemu-CVE-2015-3209.patch,
gnu/packages/patches/qemu-CVE-2015-4037.patch,
gnu/packages/patches/qemu-CVE-2015-4103.patch,
gnu/packages/patches/qemu-CVE-2015-4104.patch,
gnu/packages/patches/qemu-CVE-2015-4105.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt4.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt6.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt7.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt8.patch,
gnu/packages/patches/qemu-CVE-2015-5745.patch: Delete files.
* gnu/packages/patches/qemu-CVE-2015-6855.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new patch and delete the old ones.
* gnu/packages/qemu.scm (qemu-headless): Update to 2.4.0.1. Add the new patch
and delete the old ones.
* gnu/packages/patches/pixman-pointer-arithmetic.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (pixman)[source]: Use it.
* gnu/packages/patches/valgrind-glibc-2.21.patch: Rename to ...
gnu/packages/patches/valgrind-glibc-2.22.patch: ... this, and add a case for
glibc-2.22.
* gnu/packages/patches/valgrind-linux-libre-4.x.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new file, and rename the other one.
* gnu/packages/valgrind.scm (valgrind)[source]: Add new patch.
This works around <http://bugs.gnu.org/21460>.
* gnu/packages/patches/coreutils-racy-tail-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (coreutils): Use it.
* gnu/packages/patches/perl-autosplit-default-time.patch: New patch.
* gnu/packages/perl.scm (perl): Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-finance-quote): New variable.
* gnu/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
This shrinks the closure of OpenSSL from 154 MiB to 73 MiB.
* gnu/packages/patches/openssl-c-rehash.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (openssl)[source]: Use it.
[arguments]: Add 'remove-miscellany' phase.
* gnu/packages/certs.scm (nss-certs)[native-inputs]: Add PERL.
* gnu/packages/patches/glibc-o-largefile.patch: New file.
* gnu/packages/base.scm (glibc)[source]: Add it to 'patches'.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gtk.scm (guile-rsvg): New variable.
* gnu/packages/patches/guile-rsvg-pkgconfig.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/gnutls-doc-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (gnutls): Update to 3.4.4.1. Add patch.
[arguments]: Add 'delete-prebuilt-unfixed-info-file' phase.
In 'move-doc' phase, copy man pages to the correct directory.
[native-inputs]: Add 'texinfo'.
* gnu/packages/patches/qemu-CVE-2015-5745.patch: New file.
* gnu/packages/patches/qemu-CVE-2015-3456.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-5158.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Add new file and remove the deleted ones.
* gnu/packages/qemu.scm (qemu): Update to 2.3.1. Add new patch and remove the
deleted ones.
This is an improvement over commit af6100f.
* gnu/packages/gnome.scm (glib-networking)[source](patches): New field.
[arguments]: Pass '/etc/ssl/certs/ca-certificates.crt' to configure.
Set 'SSL_CERT_FILE' to '/dev/null' in 'use-empty-ssl-cert-file' phase.
(libsoup)[arguments]: Set 'SSL_CERT_FILE' to '/dev/null' in
'pre-check' phase.
* gnu/packages/patches/glib-networking-ssl-cert-file.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable
to backport some of the patches (for upstream bugs 1182711 and 1146213). I
was also unable to backport CVE-2015-4484 (upstream bug 1171540) and
CVE-2015-4487 (upstream bug 1171603). I was unable to find any commit in the
upstream repository that claims to address bug 1105914 (CVE-2015-4478).
* gnu/packages/patches/icecat-CVE-2015-4473-partial.patch,
gnu/packages/patches/icecat-CVE-2015-4482.patch,
gnu/packages/patches/icecat-CVE-2015-4488.patch,
gnu/packages/patches/icecat-CVE-2015-4489.patch,
gnu/packages/patches/icecat-CVE-2015-4491.patch,
gnu/packages/patches/icecat-CVE-2015-4492.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Move the 'patches'
field above the snippet.
* gnu/packages/patches/pidgin-add-search-path.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (pidgin): New variable.
* gnu/packages/qt.scm (qt): Update to 5.5.0. Update download location.
Drop patch and snippet.
[arguments]: Add configure flag to drop qtwebengine module bundling
chromium.
[native-inputs]: Drop ninja, needed only for qtwebengine.
[inputs]: Add harfbuzz to avoid use of bundled copy.
(qt-4)[inputs]: Remove inherited harfbuzz again.
* gnu/packages/patches/qt5-conflicting-typedefs.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
* gnu/packages/patches/qt5-runpath.patch: Adapt patch.
* gnu/packages/video.scm (avidemux)[source]: Add patch to install to lib
directory instead of lib64 or lib32 depending on the architecture.
[arguments]: Use the lib instead of the lib64 directory for flags in the
build phase, so that these flags should now also work on i686.
* gnu/packages/patches/avidemux-install-to-lib.patch: New file.
* gnu-system.am (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (ripperx): Update to 2.8.0. Drop one patch and
add another one.
* gnu/packages/patches/ripperx-libm.patch: Remove file.
* gnu/packages/patches/ripperx-missing-file.patch: New file.
* gnu-system.am (dist_patch_DATA): Register one patch and unregister the
other.
* gnu/packages/patches/clang-libc-search-path.patch: Disable distro detection
and remove hard-coded FHS file names, both of which would lead to breakage
on non-GuixSD systems.
* gnu/packages/fontutils.scm (teckit): Update to 2.5.4. Drop patch.
Use svn-fetch for download.
[arguments]: Add phase to call autogen.
[native-inputs]: New field.
* gnu/packages/patches/teckit-cstdio.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
* gnu/packages/julia.scm (julia): Update to 0.3.10.
* gnu/packages/patches/julia-0.3.10-fix-empty-array.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
This is a followup to 47f315a.
* gnu/packages/patches/ninja-zero-mtime.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/ninja.scm (ninja)[source]: Reinstate 'patches' field and add
this patch.
[arguments]: Remove 'apply-ninja-tests.patch' phase.
This file should have been added as part of commit cc205da.
* gnu/packages/patches/crda-optional-gcrypt.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
The added patch from upstream didn't help, nor did downgrading to SQLite
3.8.9. Thus, shamelessly skip the offending test.
* gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch: Add one hunk to skip
the faulty test, and another one from upstream.
* gnu/packages/patches/boost-mips-avoid-m32.patch: New file.
* gnu-system.am (dist_patch_DATA): Register patch.
* gnu/packages/boost.scm (boost): Use it.
This is a followup to commit c803ffcb3a.
* gnu/packages/patches/icecat-libvpx-1.4.patch: Augment existing patch to
include fixes for content/media/encoder/VP8TrackEncoder.cpp.
* gnu/packages/patches/mutt-store-references.patch: New file.
* gnu/packages/mail.scm (mutt)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/maths.scm (dealii, dealii-openmpi): New variables.
* gnu/packages/patches/dealii-p4est-interface.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/maths.scm (scotch): Update to 6.0.4.
[arguments]: Add -fPIC to CFLAGS.
* gnu/packages/patches/scotch-test-threading.patch: Adjust patch for a
new set of test fixes.
* gnu/packages/patches/pt-scotch-build-parallelism.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/clang-libc-search-path.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/llvm.scm (clang-from-llvm)[source]: Use it.
[inputs]: Add "gcc-lib".
[arguments]. Add -DGCC_INSTALL_PREFIX and -DC_INCLUDE_DIRS to
#:configure-flags. Add #:phases argument.
Rather than expecting a pointer, the version of 'mount' in
guile-static-stripped now takes a string for the 'options' argument, just like
the 'mount' procedure in (guix build syscalls).
* gnu/packages/patches/guile-linux-syscalls.patch (mount): Expect a string or
#f for 'options' argument.
* gnu/build/file-systems.scm (mount-file-system): Use new 'mount' interface.
Fixes <http://bugs.gnu.org/20597>.
Reported by Andrew Patterson <ajpatter@uwaterloo.ca>.
* gnu/packages/patches/tar-skip-unreliable-tests.patch: New file.
* gnu/packages/base.scm (tar)[source](patches): Add it.
* gnu-system.am (dist_patch_DATA): Add it.
Suggested by Alírio Eyng <alirioeyng@gmail.com>.
* gnu/packages/patches/gettext-msgunfmt.patch: New file.
* gnu/packages/gettext.scm (gnu-gettext)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/findutils-localstatedir.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (findutils)[source]: Use it.
[arguments]: Pass --localstatedir=/var.
* gnu/packages/webkit.scm (webkitgtk-2.4): Update to 2.8.9, build with gtk3.
Move flex and which to 'native-inputs'. Remove #:configure-flags.
(webkitgtk/gtk+-2): New variable.
* gnu/packages/gnucash.scm (gnucash): Use webkitgtk/gtk+-2.
* gnu/packages/patches/webkitgtk-2.4.8-gmutexlocker.patch: Remove file.
* gnu-system.am (dist_patch_DATA): Remove it.
Co-authored-by: Feng Shu <tumashu@163.com>