* gnu/packages/patches/superlu-dist-fix-mpi-deprecations.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/maths.scm (superlu-dist)[source]: Use it.
This is a followup to commit 564cf93f2a.
* gnu/packages/patches/ocaml-graph-honor-source-date-epoch.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This is a followup to commit bff6739d5e.
* gnu/packages/patches/ocaml-findlib-make-install.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This is a followup to commit 47415332d7.
* gnu/packages/patches/openldap-CVE-2017-9287.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This is a followup to commit 67d527e35e.
* gnu/packages/patches/glibc-memchr-overflow-i686.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This is a followup to commit 28f4d56dd3.
* gnu/packages/patches/ao-cad-aarch64-support.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This patch was introduced in commit ae12d58627,
but it was never used.
See <https://bugs.gnu.org/26581> for more information.
* gnu/packages/patches/readline-7.0-mingw.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Includes fixes for CVE-2018-18500, CVE-2018-18501, and CVE-2018-18505.
* gnu/packages/gnuzilla.scm (icecat): Update to 60.5.0-guix1.
[version]: Use %icecat-version.
[source]: Inherit from 'icecat-source'. Remove obsolete patches.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch,
gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch,
gnu/packages/patches/icecat-use-system-media-libs.patch: Adapt to 60.5.0.
* gnu/packages/gnuzilla.scm (computed-origin-method): New variable.
(%icecat-version, icecat-source): New variables.
* gnu/packages/patches/icecat-makeicecat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Add a patch to skip more tests that require the network. Along with some other
changes, this gets all but of one of the tests passing.
The remaining test is broken due to a problem with the Python package in Guix,
which is fixed by [1] which is currently on the core-updates branch. This
patch doesn't work on core-updates due to python2-miniboa not being present.
1: d453b0e11d
* gnu/packages/python.scm (linkchecker)[source]: Add patch.
[native-inputs]: Add more inputs required for the tests.
[arguments]: Enable the tests, move the 'check phase after 'install. Test
using the installed software, and use py.test.
* gnu/packages/patches/superlu-dist-awpm-grid.patch: New file.
* gnu/packages/maths.scm (superlu-dist)[source]: Upgrade to 6.0.0. Remove
extraneous 'use-modules' in snippet.
[build-system]: Change to cmake-build-system.
[propagated-inputs]: Replace pt-scotch with pt-scotch32 to match integer
sizes. Add "parmetis" input, from pt-scotch32. Move lapack to ...
[inputs]: ...here. Add openblas and combinatorial-blas.
[arguments]: Replace 'configure' phase with #:configure-flags. Add
'set-c++-standard' and 'omp-setup' phases. Remove
'create-install-directories, 'check', and 'install' phases, which are now
handled by cmake.
* gnu/local.mk (dist_patch_DATA): Add patch.
The qof test is also reinstated; it was failing because the needed locales
were not installed.
* gnu/packages/patches/gnucash-disable-failing-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Unregister it.
* gnu/packages/gnucash.scm (gnucash)[patches]: Remove it.
[phases]{disable-stress-options-test}: Implement it using SUBSTITUTES*.
{install-locales}: New phase.
* gnu/packages/patches/gnucash-price-quotes-perl.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Unregister it.
* gnu/packages/gnucash.scm (gnucash)[patches]: Remove it.
[phases]{fix-finance-quote-check}: Implement it using SUBSTITUTES*.
* gnu/packages/patches/openssh-CVE-2018-20685.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (openssh)[source]: Use it.
Using LIBRARY_PATH was introduced in
16b8aff85b, but is wrong since
this variable is used by the compiler (gcc) at link time.
* gnu/packages/patches/kinit-kdeinit-libpath.patch: Change
LIBRARY_PATH to KDEINIT5_LIBRARY_PATH.
* gnu/packages/kde-frameworks.scm (kinit)[native-search-paths]:
New field.
* gnu/packages/patches/aria2-CVE-2019-3500.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/bittorrent.scm (aria2)[source]: Use it.
Transfer the NixOS patches for kpackage as of 2018-02-17:
- Allow external paths.
- Make QDirIterator follow symlinks.
Decided to use a patch for one of the "allow external paths" changes since
'substitute*' seems not to be robust enough.
* gnu/packages/patches/kpackage-allow-external-paths.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kde-frameworks.scm(kpackage)[source]: Use it. <patch>: New
phase.
Transfer the NixOS "kdeinit-libpath" patch for kinit as of
2018-02-17.
* gnu/packages/patches/kinit-kdeinit-libpath.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kde-frameworks.scm (kinit)[source]: Use it.
Transfer the NixOS "kdeinit-extra_libs" patch for kinit as of
2018-02-17.
* gnu/packages/patches/kinit-kdeinit-extra_libs.patch: New filee.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kde-frameworks.scm (kinit)[source]: Use it.
<patch-paths>: New phase.
[inputs]: Add kparts, plasma-framework.
Transfer the remaining NixOS patch for kio as of 2018-02-17.
* gnu/packages/patches/kio-search-smbd-on-PATH.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kde-frameworks.scm(kio)<source>: Use it.
Fixes issue #32057 (see: https://issues.guix.info/issue/32057).
* gnu/packages/patches/gnucash-fix-test-transaction-failure.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnucash.scm (gnucash): Use it.
* gnu/packages/patches/efl-mesa-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/enlightenment.scm (efl)[source](patches): Use it.
* gnu/packages/patches/sssd-curl-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/sssd.scm (sssd)[source](patches): Use it.
* gnu/packages/patches/file-CVE-2018-10360.patch: New file.
* gnu/packages/file.scm (file)[replacement]: New field.
(file/fixed): New variable.
* gnu/packages/commencement.scm (file-boot0): Use 'package/inherit' to
receive security fixes.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/games.scm (pingus)[source]: Use 'git-fetch'. Add patch to
update used boost headers.
* gnu/packages/patches/pingus-boost-headers.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
The new release of StumpWM broken the interactive 'gnew' command. It was
fixed upstream [0] and will be part of the next release.
0: https://github.com/stumpwm/stumpwm/pull/538
* gnu/packages/patches/stumpwm-fix-broken-read-one-line.patch: New file.
* gnu/packages/lisp.scm (stumpwm)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Register it.
This patch is missing from glibc 2.28 and is needed to support
/proc/self lookup when using the Hurd's procfs, which in turn is needed
for our 'guile-relocatable.patch'.
See <https://lists.gnu.org/archive/html/bug-hurd/2018-12/msg00024.html>.
* gnu/packages/patches/glibc-hurd-magic-pid.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[arguments]: Add 'apply-hurd-patch'
phase.
[native-inputs]: Add "hurd-magic-pid-patch" input.
* gnu/packages/cross-base.scm (cross-libc)[arguments]: Duplicate
'apply-hurd-patch' phase.
* gnu/packages/patches/openjdk-10-idlj-reproducibility.patch: New file.
* gnu/packages/java.scm (openjdk10)[source]: Use it.
* gnu/locale.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/polkit-CVE-2018-19788.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/polkit.scm (polkit)[source]: Use it.
* gnu/packages/patches/beets-python-3.7-fix.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/music.scm (beets)[source]: Use it.
* gnu/packages/video.scm (handbrake): Update to 1.1.2.
[source]: Use direct download url. Remove upstreamed patch. Patch make
fragments in snippet.
[inputs]: Use latest ffmpeg. Add jansson and opus.
[arguments]: Remove 'disable-contrib phase, which is now in source snippet.
Move 'fix-x265-linking phase fix to #:configure-flags.
[license]: Use 'gpl2' as clarified in LICENSE.
* gnu/packages/patches/handbrake-pkg-config-path.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/lirc-reproducible-build.patch: New file.
* gnu/packages/lirc.scm (lirc)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
This file name was too long to fit in a tar archive.
* gnu/packages/patches/rust-mdbook-support-reproducible-builds-by-forcing-window.search.patch:
Rename to...
* gnu/packages/patches/rust-reproducible-builds.patch: ... this.
* gnu/packages/rust.scm (rust-1.27, rust): Adjust accordingly.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
Suggested by ngz on #guix.
* gnu/packages/patches/scribus-poppler.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/scribus.scm (scribus)[source]: Add patch.
* gnu/packages/video.scm (x265)[patches]: Add patch.
[arguments]: Add a configure-flag to disable assembly. Adjust a custom
phase to recognize armv8 as 32-bit arm when masquerading as armhf-linux.
* gnu/packages/video.scm (libopenshot): New variable.
* gnu/packages/patches/libopenshot-tests-with-system-libs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/mono-mdoc-timestamping.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mono.scm (mono)[source]: Use patch.
[arguments]<#:phases>[make-reproducible]: New phase.
<#:phases>[set-env]: Set SOURCE_DATE_EPOCH.
* gnu/packages/patches/randomjungle-disable-static-build.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/machine-learning.scm (randomjungle)[source](patches): Add it.
[arguments]: Add "--disable-static" to #:configure-flags.
* gnu/packages/patches/python-scikit-learn-fix-test-non-determinism.patch:
Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/machine-learning.scm (python-scikit-learn): Update to 0.20.1.
[source](patches): Remove.
[arguments]: Skip network tests with pytest instead of deleting files. Make
sure $HOME is writable.
(python2-scikit-learn): Rewrite in terms of PACKAGE-WITH-PYTHON2.
* gnu/packages/games.scm (teeworlds): Update to 0.7.0.
[source]: Switch to git-fetch. Remove all bundled libraries except md5.
[arguments]: Adjust accordingly.
[inputs]: Use sdl2 instead of sdl and python-wrapper instead of python-2.
Add json-parser and pnglite.
* gnu/packages/patches/teeworlds-use-latest-wavpack.patch: Update it.
* gnu/packages/patches/emacs-pdf-tools-poppler.patch: New file.
* gnu/packages/emacs.scm (emacs-pdf-tools)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/casync-renameat2-declaration.patch: New file.
* gnu/packages/sync.scm (casync)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (pinentry-efl): New variable.
* gnu/packages/patches/pinentry-efl.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/multiprecision.scm (tomsfastmath): New variable.
* gnu/packages/patches/tomsfastmath-constness.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add it.
This fixes https://bugs.gnu.org/33196, a build problem caused by a defective
Elisp snippet in a check in configure.ac.
* gnu/packages/patches/emacs-realgud-fix-configure-ac.patch: Add patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/emacs.scm (emacs-realgud)[source]: Use it.
* gnu/packages/patches/poppler-CVE-2018-19149.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler)[replacement]: New field.
(poppler/fixed): New variable.
(poppler-qt4, poppler-qt5): Use package/inherit.
* gnu/packages/patches/python-cffi-x87-stack-clean.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/libffi.scm (python-cffi)[source](patches): Add it.
* gnu/packages/gnuzilla.scm (icecat): Update to 60.3.0-gnu1.
[source]: Switch back to the normal source URI. Remove patches that
are no longer applicable.
* gnu/packages/patches/icecat-CVE-2018-12383.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/ceph-skip-unittest_blockdev.patch: Adjust for 13.2.2.
* gnu/packages/patches/ceph-rocksdb-compat.patch: Delete file.
* gnu/packages/patches/ceph-detect-rocksdb.patch,
gnu/packages/patches/ceph-volume-respect-PATH.patch: New files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/storage.scm (ceph): Update to 13.2.2.
[source]: Don't remove src/dpdk, which has been moved to src/spdk/dpdk and
is purged elsewhere. Drop bundled rapidjson. Adjust patch list.
[arguments]: Add "-DWITH_MGR_DASHBOARD_FRONTEND=OFF" and "-DWITH_SPDK=OFF" to
#:configure-flags. Drop obsolete "-DWITH_EMBEDDED". Add workaround for
<https://bugs.gnu.org/30756>. Remove obsolete test substitution. Rework
'wrap-python-script' to be less verbose and wrap more scripts.
[native-inputs]: Add GCC-7.
[inputs]: Add OATH-TOOLKIT, RAPIDJSON and PYTHON2-SIX.
* gnu/packages/patches/libgit2-oom-test.patch: New file.
* gnu/packages/version-control.scm (libgit2)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
This patch is no longer needed since 7930cfc989
was merged to core-updates.
* gnu/packages/patches/qtbase-glibc-compat.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/qt.scm (qtbase)[source](patches): Drop it.
* gnu/packages/patches/rust-mdbook-support-reproducible-builds-by-forcing-window.search.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add new patch file.
* gnu/packages/rust.scm (rust-1.19): Use system libssh2 library.
during cargo build. Note: libgit2 still bundled, because cargo
tests assume specific libgit2 minor release.
(rust-1.23): Inherit native-inputs from previous package.
(rust-1.25): Switch back to llvm 3.9.1 as workaround for
https://github.com/rust-lang/rust/issues/50556 issue.
(rust-1.27): Apply changes from
https://github.com/rust-lang-nursery/mdBook/pull/692 to make
generation of "searchindex.js" files reproducible. Disable cargo
test that required llvm 6.
* gnu/packages/gnome.scm (soundconverter): New variable.
* gnu/packages/patches/soundconverter-remove-gconf-dependency.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/swig-guile-gc.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/swig.scm (swig)[source](patches): Use it.
This adjust the grafts from a55ebe2e3a and
90aeaee861 to apply to Python 2.7.15 and 3.7.0.
* gnu/packages/patches/python2-CVE-2018-1060.patch,
gnu/packages/patches/python2-CVE-2018-1061.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/python.scm (python-2/fixed): Remove patches that are already
present in 2.7.15.
(python-3/fixed): Remove obsolete phase.
This addresses CVE-2018-{1060,1061,14647,1000802}.
* gnu/packages/patches/python2-CVE-2018-1000802.patch,
gnu/packages/patches/python2-CVE-2018-1060.patch,
gnu/packages/patches/python2-CVE-2018-1061.patch,
gnu/packages/patches/python2-CVE-2018-14647.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/python.scm (python-2/fixed): New variable.
(python-2.7)[replacement]: New field.
(python2-minimal): Use PACKAGE/INHERIT.
* gnu/packages/patches/python-CVE-2018-14647.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/python.scm (python-3/fixed): New variable.
(python-3.6)[replacement]: New field.
(python-minimal, python-debug, wrap-python3): Use PACKAGE/INHERIT instead of
standard inheritance.
This is a follow-up to 0627f93db6.
* gnu/packages/patches/libsantitizer-ustat-fix.patch: Rename to
gnu/packages/patches/libsanitizer-ustat-fix.patch.
* gnu/packages/llvm.scm (clang-runtime@3.7, clang-runtime@3.8,
clang-runtime@3.9)[patches]: Fix patch name.
* gnu/packages/llvm.scm (clang-runtime@3.7, clang-runtime@3.8,
clang-runtime@3.9)[patches]: Add patch to work around removed ustat.h.
* gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/video.scm (x265)[source]: Update list of patches.
[arguments]: Change configure flag to ensure PIC for all architectures.
* gnu/packages/patches/x265-arm-asm-primitives.patch: Remove file.
* gnu/packages/patches/x265-detect512-all-arches.patch: New file.
* gnu/local.mk (dist_patch_DATA): Update patch registry.
* gnu/packages/lisp.scm (clisp): Update to 2.49.92.
[source]: Switch to git-fetch. Remove unneeded patch.
[arguments]: Remove '--enable-portability' flag, add CFLAGS for
armhf-linux. Update list of files needing substitutions in custom
'patch-sh-and-pwd phase.
[home-page]: Update to new home-page.
* gnu/packages/patches/clisp-glibc-2.26.patch: Remove file.
& gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/borg-respect-storage-quota.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/backup.scm (borg)[source]: Use it.
* gnu/packages/games.scm (bastet): New public variable.
* gnu/packages/patches/bastet-change-source-of-unordered_set.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/postgresql-disable-resolve_symlinks.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/databases.scm (postgresql)[source]: Use it.
* gnu/packages/patches/quilt-test-fix-regex.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patchutils.scm (quilt)[version]: Upgrade to 0.65.
[source]: Use patch.
[arguments]: Adjust 'patch-tests' phase for new tests. Re-enable "mail"
test.
* gnu/packages/patches/ghc-haddock-library-unbundle.patch: New file.
* gnu/packages/haskell.scm (ghc-haddock-library): Update to 1.5.0.1.
[source]: Add the patch; add a snippet to remove the bundled library.
[arguments]: Add a phase to relax test suite dependency constraints and
another to add a missing directory required for tests.
[native-inputs]: Add ghc-base-compat, ghc-optparse-applicative, and
ghc-tree-diff.
* gnu/packages/patches/icecat-use-system-media-libs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Add
another hunk to enable removal of libevent.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. In the snippet, add
libevent, libogg, libvorbis, and libtremor to the list of bundled libraries to
remove. Add a comment regarding theora. Remove comments regarding unbundling
cairo, which is no longer supported.
[inputs]: Add libevent, libogg, and libvorbis.
[arguments]: Add --with-system-{libevent,ogg,vorbis} to configure flags.
Add custom bootstrap phase. Add comments.
Includes fixes for CVE-2018-12383 and CVE-2018-12385.
* gnu/packages/patches/icecat-CVE-2018-12383.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to apply
cleanly to IceCat 60.
* gnu/packages/gnuzilla.scm (mozilla-patch): Update to fetch from
mozilla-esr60.
(icecat): Add selected changesets from upstream mozilla-esr60.
* gnu/packages/gnuzilla.scm (icecat): Update to 60.2.0-gnu1.
[source]: Download pre-release from alpha.gnu.org. Remove obsolete patches.
Comment out the code to delete the bundled copies of libevent, cairo,
harfbuzz, and graphite2.
[inputs]: Use the latest ffmpeg. Comment out libevent, cairo, harfbuzz, and
graphite2.
[native-inputs]: Add rust and cargo.
[arguments]: Remove --enable-gio and --disable-gnomeui. Add --disable-stylo.
Comment out --with-system-{libevent,harfbuzz,graphite2}, --enable-system-cairo.
Import %cargo-build-system-modules. Add 'patch-cargo-checksums' phase.
* gnu/packages/patches/icecat-CVE-2018-5157-and-CVE-2018-5158.patch,
gnu/packages/patches/icecat-bug-1413868-pt1.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/patches/xf86-video-ast-remove-mibstore.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/xorg.scm (xf86-video-ast): New public variable.
* gnu/packages/patches/rust-1.25-accept-more-detailed-gdb-lines.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/rust.scm (rust-1.25): Use it.
(rust-1.26): Use it.
(rust): Use it.
* gnu/packages/patches/gd-CVE-2018-1000222.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gd.scm (gd/fixed): New variable.
* gnu/packages/php.scm (gd-for-php)[source]: Use 'gd-CVE-2018-1000222.patch'.
* gnu/packages/patches/oath-toolkit-glibc-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/authentication.scm (oath-toolkit)[source](patches): New field.
The following CVEs are fixed with this release: CVE-2018-15908,
CVE-2018-15909, CVE-2018-15910, CVE-2018-15911, CVE-2018-16509,
CVE-2018-16510, CVE-2018-16511, CVE-2018-16513, CVE-2018-16539,
CVE-2018-16540, CVE-2018-16541, CVE-2018-16542, CVE-2018-16543.
* gnu/packages/patches/ghostscript-CVE-2018-10194.patch: Delete file.
* gnu/packages/patches/ghostscript-CVE-2018-16509.patch,
gnu/packages/patches/ghostscript-bug-699708.patch: New files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Update to 9.24.
[source](patches): Remove 'ghostscript-CVE-2018-10194.patch' and
'ghostscript-runpath.patch'. Add 'ghostscript-CVE-2018-16509.patch' and
'ghostscript-bug-699708.patch'.
[arguments]: Add LDFLAGS to #:configure-flags, and a phase to create output
directory.
Fixes <https://bugs.gnu.org/31726>.
Thanks to Jack Hill <jackhill@jackhill.us> for exploring different solutions
at <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=31726>.
* gnu/packages/patches/haskell-mode-unused-variables.patch,
gnu/packages/patches/haskell-mode-make-check.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/emacs.scm (haskell-mode)[source]: Use them.
[arguments]: Adjust 'pre-build' phase to embed file name.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/qtbase-glibc-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/qt.scm (qtbase)[source](patches): Use it.
[arguments]: Remove "--no-feature-renameat2" from #:configure-flags.
* gnu/packages/patches/texinfo-5-perl-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/texinfo.scm (texinfo-5)[source](patches): New field.
* gnu/packages/patches/netsurf-message-timestamp.patch: New patch.
* gnu/packages/patches/netsurf-system-utf8proc.patch: Adjust to new source.
* gnu/packages/web.scm (netsurf): Upgrade to 3.8.
[source]: Add the new patch.
* gnu/packages/compression.scm (snappy)[source]: Build with ‘-O2’.
* gnu/package/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/compression.scm (snappy)[source]: Build with ‘-O2’.
* gnu/package/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/dropbear-CVE-2018-15599.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (dropbear)[source]: Use it.
* gnu/packages/patches/grub-binutils-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/bootloaders.scm (grub)[source](patches): Add it.
* gnu/packages/patches/grub-check-error-efibootmgr.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/bootloaders.scm (grub)[source](patches): New field.
This fixes <https://bugs.freedesktop.org/show_bug.cgi?id=104325> which showed
up in Guix as an infinite loop during cairocffi tests.
* gnu/packages/patches/cairo-setjmp-wrapper.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gtk.scm (cairo)[source](patches): Add it.
* gnu/packages/patches/parted-glibc-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/disk.scm (parted)[source](patches): New field.
* gnu/packages/patches/findutils-gnulib-libio.patch,
gnu/packages/patches/findutils-makedev.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm (findutils)[source](patches): Use them.
* gnu/packages/patches/m4-gnulib-libio.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/m4.scm (m4)[source](patches): New field.
* gnu/packages/patches/gcc-libsanitizer-ustat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gcc.scm (gcc-5)[source](patches): Add it.
* gnu/packages/patches/openssh-CVE-2018-15473.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (openssh)[source]: Use it.
Fixes <https://bugs.gnu.org/32397>.
Reported by fis trivial <ybbs.daans@hotmail.com>.
* gnu/packages/patches/gcc-4.8-libsanitizer-fix.patch: New file.
* gnu/packages/gcc.scm (gcc-4.8)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (libgcrypt)[source]: Use it.
Signed-off-by: Leo Famulari <leo@famulari.name>