Reported by Jan Synáček <jan.synacek@gmail.com>
at <https://lists.gnu.org/archive/html/guix-devel/2015-11/msg00522.html>.
* gnu/packages/patches/libarchive-bsdtar-test.patch: New file.
* gnu/packages/backup.scm (libarchive)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-configobj, python2-configobj): New
variables.
* gnu/packages/patches/python-configobj-setuptools.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-matplotlib, python2-matplotlib): Do it.
* gnu/packages/patches/matplotlib-setupext-tk.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new patch.
* gnu/packages/patches/python-2.7-source-date-epoch.patch: New file.
* gnu/packages/python.scm (python-2)[source]: Use it.
[arguments]: Set SOURCE_DATE_EPOCH in 'patch-lib-shells' phase.
* guix/build/python-build-system.scm (set-SOURCE-DATE-EPOCH): New
procedure.
(%standard-phases): Add it.
* gnu-system.am (dist_patch_DATA): Add patch.
* gnu/packages/patches/tcl-mkindex-deterministic.patch: New patch.
* gnu/packages/tcl.scm (tcl)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/weechat-python.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/weechat.scm (weechat)[source]: Use it.
* gnu/packages/patches/jasper-CVE-2008-3522.patch: New file.
* gnu/packages/image.scm (jasper)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/dico-libtool-deterministic.patch: New file.
* gnu/packages/dico.scm (dico)[source]: Use it.
[arguments]: Add #:make-flags.
* gnu-system.am (dist_patch_DATA): Add the patch.
* gnu/packages/animation.scm (synfig): New variable.
* gnu/packages/patches/synfig-build-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
Suggested by Ludovic Courtès <ludo@gnu.org>.
* gnu/packages/patches/emacs-source-date-epoch.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/emacs.scm (emacs)[source]: Use it.
* gnu/packages/tor.scm (torsocks): Update to 2.0.0.
[source]: Fetch from git.torproject.org. Use
'torsocks-dns-test.patch'.
[arguments, native-inputs]: New fields.
[license]: Change to GPL2.
* gnu/packages/patches/torsocks-dns-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/games.scm (mupen64plus-ui-console): New variable.
* gnu/packages/patches/mupen64plus-ui-console-notice.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/screen.scm (byobu): New variable.
* gnu/packages/patches/byobu-writable-status.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/guitarix-c++11.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/audio.scm (guitarix)[source]: Use it.
[arguments]: Add --cxxflags to #:configure-flags.
* gnu/packages/patches/unzip-fix-overflows-and-infloop.patch: Delete
file. Its contents are now split into the following new files:
* gnu/packages/patches/unzip-CVE-2015-7696.patch,
gnu/packages/patches/unzip-CVE-2015-7697.patch,
gnu/packages/patches/unzip-overflow-on-invalid-input.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zip.scm (unzip)[source]: Adjust patches accordingly.
* gnu/packages/patches/unzip-fix-overflows-and-infloop.patch: Delete
file. Its contents are now split into the following new files:
* gnu/packages/patches/unzip-CVE-2015-7696.patch,
gnu/packages/patches/unzip-CVE-2015-7697.patch,
gnu/packages/patches/unzip-overflow-on-invalid-input.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zip.scm (unzip)[source]: Adjust patches accordingly.
* gnu/packages/patches/evilwm-lost-focus-bug.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/wm.scm (evilwm)[source]: Use it.
* gnu/packages/patches/unzip-fix-overflows-and-infloop.patch: Delete
file. Its contents are now split into the following new files:
* gnu/packages/patches/unzip-CVE-2015-7696.patch,
gnu/packages/patches/unzip-CVE-2015-7697.patch,
gnu/packages/patches/unzip-overflow-on-invalid-input.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zip.scm (unzip)[source]: Adjust patches accordingly.
* gnu/packages/patches/dbus-helper-search-path.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/glib.scm (dbus/activation): New variable.
GLib doesn't allow duplicate test case paths any more.
* gnu/packages/patches/librsvg-tests.patch: New file.
* gnu/packages/gnome.scm (librsvg)[source]: Add patch.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch: Delete
file. Replace with ...
* gnu/packages/patches/unzip-overflow-long-fsize.patch: ... this new file.
* gnu/packages/patches/unzip-attribs-overflow.patch,
gnu/packages/patches/unzip-fix-overflows-and-infloop.patch,
gnu/packages/patches/unzip-format-secure.patch: New files.
* gnu/packages/patches/unzip-CVE-2014-9636.patch: Replace contents with
fixed patch from Fedora.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zip.scm (unzip)[source]: Adjust list of patches.
* gnu/packages/patches/python-2.7-search-paths.patch,
gnu/packages/patches/python-3-search-paths.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/python.scm (python-2)[source]: Use first patch.
[arguments]: Remove now unneeded CPPFLAGS and LDFLAGS.
(python)[source]: Use second patch.
(python-minimal)[arguments]: Remove CPPFLAGS and LDFLAGS.
* gnu/packages/patches/gmp-faulty-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/multiprecision.scm (gmp)[source]: Use it.
Suggested by Mark H Weaver <mhw@netris.org>.
* gnu/packages/patches/glibc-versioned-locpath.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Use it.
[arguments]: Add explicit version sub-directory to
libc_cv_localedir.
[native-search-paths]: Use 'GUIX_LOCPATH' instead of 'LOCPATH'.
(glibc-locales, glibc-utf8-locales): Write to a VERSION
sub-directory.
* gnu/packages/qt.scm (qt)[source]: Add snippet to remove the qtwebengine
code, which was already not built anymore, and drop one patch used
previously only for qtwebengine.
[arguments]: Drop the configuration flag "-skip qtwebengine", since
deleted modules cannot be skipped.
* gnu/packages/patches/qt5-runpath.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
Partially fixes <http://bugs.gnu.org/21288>.
* gnu/packages/qt.scm (qt-4)[source]: Add snippet to remove the webkit code
and drop one patch used previously for webkit.
[arguments]: Add configure flag to disable building the webkit module.
* gnu/packages/patches/qt4-tests.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
Partially fixes <http://bugs.gnu.org/21288>.
* gnu/packages/patches/glibc-guix-locpath.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Use it.
[native-search-paths]: Use 'GUIX_LOCPATH' instead of 'LOCPATH'.
* doc/guix.texi (Application Setup): Introduce the term "foreign
distro". Document 'GUIX_LOCPATH'.
* gnu/packages/patches/glibc-locale-incompatibility.patch: New file.
* gnu/packages/base.scm (glibc)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/qemu-CVE-2015-3209.patch,
gnu/packages/patches/qemu-CVE-2015-4037.patch,
gnu/packages/patches/qemu-CVE-2015-4103.patch,
gnu/packages/patches/qemu-CVE-2015-4104.patch,
gnu/packages/patches/qemu-CVE-2015-4105.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt4.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt6.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt7.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt8.patch,
gnu/packages/patches/qemu-CVE-2015-5745.patch: Delete files.
* gnu/packages/patches/qemu-CVE-2015-6855.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new patch and delete the old ones.
* gnu/packages/qemu.scm (qemu-headless): Update to 2.4.0.1. Add the new patch
and delete the old ones.
* gnu/packages/patches/pixman-pointer-arithmetic.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (pixman)[source]: Use it.
* gnu/packages/patches/valgrind-glibc-2.21.patch: Rename to ...
gnu/packages/patches/valgrind-glibc-2.22.patch: ... this, and add a case for
glibc-2.22.
* gnu/packages/patches/valgrind-linux-libre-4.x.patch: New file.
* gnu-system.am (dist_patch_DATA): Add the new file, and rename the other one.
* gnu/packages/valgrind.scm (valgrind)[source]: Add new patch.
This works around <http://bugs.gnu.org/21460>.
* gnu/packages/patches/coreutils-racy-tail-test.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (coreutils): Use it.
* gnu/packages/patches/perl-autosplit-default-time.patch: New patch.
* gnu/packages/perl.scm (perl): Use it.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-finance-quote): New variable.
* gnu/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
This shrinks the closure of OpenSSL from 154 MiB to 73 MiB.
* gnu/packages/patches/openssl-c-rehash.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (openssl)[source]: Use it.
[arguments]: Add 'remove-miscellany' phase.
* gnu/packages/certs.scm (nss-certs)[native-inputs]: Add PERL.
* gnu/packages/patches/glibc-o-largefile.patch: New file.
* gnu/packages/base.scm (glibc)[source]: Add it to 'patches'.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gtk.scm (guile-rsvg): New variable.
* gnu/packages/patches/guile-rsvg-pkgconfig.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/patches/gnutls-doc-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (gnutls): Update to 3.4.4.1. Add patch.
[arguments]: Add 'delete-prebuilt-unfixed-info-file' phase.
In 'move-doc' phase, copy man pages to the correct directory.
[native-inputs]: Add 'texinfo'.
* gnu/packages/patches/qemu-CVE-2015-5745.patch: New file.
* gnu/packages/patches/qemu-CVE-2015-3456.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-5154-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-5158.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Add new file and remove the deleted ones.
* gnu/packages/qemu.scm (qemu): Update to 2.3.1. Add new patch and remove the
deleted ones.
This is an improvement over commit af6100f.
* gnu/packages/gnome.scm (glib-networking)[source](patches): New field.
[arguments]: Pass '/etc/ssl/certs/ca-certificates.crt' to configure.
Set 'SSL_CERT_FILE' to '/dev/null' in 'use-empty-ssl-cert-file' phase.
(libsoup)[arguments]: Set 'SSL_CERT_FILE' to '/dev/null' in
'pre-check' phase.
* gnu/packages/patches/glib-networking-ssl-cert-file.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable
to backport some of the patches (for upstream bugs 1182711 and 1146213). I
was also unable to backport CVE-2015-4484 (upstream bug 1171540) and
CVE-2015-4487 (upstream bug 1171603). I was unable to find any commit in the
upstream repository that claims to address bug 1105914 (CVE-2015-4478).
* gnu/packages/patches/icecat-CVE-2015-4473-partial.patch,
gnu/packages/patches/icecat-CVE-2015-4482.patch,
gnu/packages/patches/icecat-CVE-2015-4488.patch,
gnu/packages/patches/icecat-CVE-2015-4489.patch,
gnu/packages/patches/icecat-CVE-2015-4491.patch,
gnu/packages/patches/icecat-CVE-2015-4492.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Move the 'patches'
field above the snippet.
* gnu/packages/patches/pidgin-add-search-path.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/messaging.scm (pidgin): New variable.
* gnu/packages/qt.scm (qt): Update to 5.5.0. Update download location.
Drop patch and snippet.
[arguments]: Add configure flag to drop qtwebengine module bundling
chromium.
[native-inputs]: Drop ninja, needed only for qtwebengine.
[inputs]: Add harfbuzz to avoid use of bundled copy.
(qt-4)[inputs]: Remove inherited harfbuzz again.
* gnu/packages/patches/qt5-conflicting-typedefs.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
* gnu/packages/patches/qt5-runpath.patch: Adapt patch.
* gnu/packages/video.scm (avidemux)[source]: Add patch to install to lib
directory instead of lib64 or lib32 depending on the architecture.
[arguments]: Use the lib instead of the lib64 directory for flags in the
build phase, so that these flags should now also work on i686.
* gnu/packages/patches/avidemux-install-to-lib.patch: New file.
* gnu-system.am (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (ripperx): Update to 2.8.0. Drop one patch and
add another one.
* gnu/packages/patches/ripperx-libm.patch: Remove file.
* gnu/packages/patches/ripperx-missing-file.patch: New file.
* gnu-system.am (dist_patch_DATA): Register one patch and unregister the
other.
* gnu/packages/patches/clang-libc-search-path.patch: Disable distro detection
and remove hard-coded FHS file names, both of which would lead to breakage
on non-GuixSD systems.
* gnu/packages/fontutils.scm (teckit): Update to 2.5.4. Drop patch.
Use svn-fetch for download.
[arguments]: Add phase to call autogen.
[native-inputs]: New field.
* gnu/packages/patches/teckit-cstdio.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Unregister patch.
* gnu/packages/julia.scm (julia): Update to 0.3.10.
* gnu/packages/patches/julia-0.3.10-fix-empty-array.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
This is a followup to 47f315a.
* gnu/packages/patches/ninja-zero-mtime.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/ninja.scm (ninja)[source]: Reinstate 'patches' field and add
this patch.
[arguments]: Remove 'apply-ninja-tests.patch' phase.
This file should have been added as part of commit cc205da.
* gnu/packages/patches/crda-optional-gcrypt.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
The added patch from upstream didn't help, nor did downgrading to SQLite
3.8.9. Thus, shamelessly skip the offending test.
* gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch: Add one hunk to skip
the faulty test, and another one from upstream.
* gnu/packages/patches/boost-mips-avoid-m32.patch: New file.
* gnu-system.am (dist_patch_DATA): Register patch.
* gnu/packages/boost.scm (boost): Use it.
This is a followup to commit c803ffcb3a.
* gnu/packages/patches/icecat-libvpx-1.4.patch: Augment existing patch to
include fixes for content/media/encoder/VP8TrackEncoder.cpp.