Merge branch 'core-updates'

10 files changed, 222 insertions, 79 deletions

diff --git a/gnu/packages/patches/coreutils-dummy-man.patch b/gnu/packages/patches/coreutils-dummy-man.patch
deleted file mode 100644
index a43cfc47c3..0000000000
--- a/gnu/packages/patches/coreutils-dummy-man.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Patch adapted from <http://git.yoctoproject.org/cgit.cgi/poky/plain/meta/recipes-core/coreutils/coreutils-8.22/fix-for-dummy-man-usage.patch>.
-
-Fix for 'dummy-man' usage, when cross-compiling.
-
-The options should be before the final argument, otherwise, the following error
-would appear when compiling:
-
-  dummy-man: too many non-option arguments
-
---- coreutils-8.23/Makefile.in	2014-07-18 18:22:24.000000000 -0400
-+++ coreutils-8.23/Makefile.in	2014-08-03 20:21:10.849158313 -0400
-@@ -14076,8 +14076,8 @@
- 	  && $(run_help2man)						\
- 		     --source='$(PACKAGE_STRING)'			\
- 		     --include=$(srcdir)/man/$$name.x			\
--		     --output=$$t/$$name.1 $$t/$$argv			\
- 		     --info-page='coreutils \(aq'$$name' invocation\(aq' \
-+		     --output=$$t/$$name.1 $$t/$$argv			\
- 	  && sed \
- 	       -e 's|$*\.td/||g' \
- 	       -e '/For complete documentation/d' \
diff --git a/gnu/packages/patches/gettext-msgunfmt.patch b/gnu/packages/patches/gettext-msgunfmt.patch
deleted file mode 100644
index 4a50abddc2..0000000000
--- a/gnu/packages/patches/gettext-msgunfmt.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From <http://git.savannah.gnu.org/cgit/gettext.git/patch/?id=5d3eeaa0d3b7f4f6932bd29d859925a940b69459>.
-
-2015-03-11  Daiki Ueno  <ueno@gnu.org>
-
-	msgunfmt: Check allocated size for static segment
-	Reported by Max Lin in:
-	http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html
-	* read-mo.c (get_sysdep_string): Check if the embedded segment
-	size is valid, before adding it to the string length.
-
-diff --git a/gettext-tools/src/read-mo.c b/gettext-tools/src/read-mo.c
-index b97bbad..1c024a8 100644
---- a/gettext-tools/src/read-mo.c
-+++ b/gettext-tools/src/read-mo.c
-@@ -149,6 +149,7 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
-   nls_uint32 s_offset;
- 
-   /* Compute the length.  */
-+  s_offset = get_uint32 (bfp, offset);
-   length = 0;
-   for (i = 4; ; i += 8)
-     {
-@@ -158,9 +159,14 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
-       nls_uint32 ss_length;
-       nls_uint32 ss_offset;
-       size_t ss_end;
-+      size_t s_end;
-       size_t n;
- 
-+      s_end = xsum (s_offset, segsize);
-+      if (size_overflow_p (s_end) || s_end > bfp->size)
-+        error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
-       length += segsize;
-+      s_offset += segsize;
- 
-       if (sysdepref == SEGMENTS_END)
-         break;
-@@ -175,7 +181,7 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
-       ss_end = xsum (ss_offset, ss_length);
-       if (size_overflow_p (ss_end) || ss_end > bfp->size)
-         error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
--      if (!(ss_length > 0 && bfp->data[ss_offset + ss_length - 1] == '\0'))
-+      if (!(ss_length > 0 && bfp->data[ss_end - 1] == '\0'))
-         {
-           char location[30];
-           sprintf (location, "sysdep_segment[%u]", (unsigned int) sysdepref);
-@@ -198,11 +204,8 @@ get_sysdep_string (const struct binary_mo_file *bfp, size_t offset,
-       nls_uint32 sysdep_segment_offset;
-       nls_uint32 ss_length;
-       nls_uint32 ss_offset;
--      size_t s_end = xsum (s_offset, segsize);
-       size_t n;
- 
--      if (size_overflow_p (s_end) || s_end > bfp->size)
--        error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
-       memcpy (p, bfp->data + s_offset, segsize);
-       p += segsize;
-       s_offset += segsize;
diff --git a/gnu/packages/patches/icecat-freetype-2.6.patch b/gnu/packages/patches/icecat-freetype-2.6.patch
new file mode 100644
index 0000000000..ef69f2f715
--- /dev/null
+++ b/gnu/packages/patches/icecat-freetype-2.6.patch
@@ -0,0 +1,14 @@
+Adapt to freetype 2.6.  This patch copied from upstream, see:
+https://bugzilla.mozilla.org/show_bug.cgi?id=1143411
+https://hg.mozilla.org/mozilla-central/rev/afd840d66e6a
+
+--- a/config/system-headers
++++ b/config/system-headers
+@@ -415,6 +415,7 @@ freetype/ftbitmap.h
+ freetype/ftxf86.h
+ freetype.h
+ ftcache.h
++ftfntfmt.h
+ ftglyph.h
+ ftsynth.h
+ ftoutln.h
diff --git a/gnu/packages/patches/ninja-zero-mtime.patch b/gnu/packages/patches/ninja-zero-mtime.patch
new file mode 100644
index 0000000000..c9b9e8d798
--- /dev/null
+++ b/gnu/packages/patches/ninja-zero-mtime.patch
@@ -0,0 +1,19 @@
+Work around a design defect in Ninja whereby a zero mtime is used to
+denote missing files (we happen to produce files that have a zero mtime
+and yet really do exist.)
+
+--- ninja-1.5.3/src/disk_interface.cc	2014-11-24 18:37:47.000000000 +0100
++++ ninja-1.5.3/src/disk_interface.cc	2015-07-18 23:20:38.572290139 +0200
+@@ -194,6 +194,12 @@ TimeStamp RealDiskInterface::Stat(const
+     }
+     return -1;
+   }
++
++  if (st.st_mtime == 0)
++    // All the code assumes that mtime == 0 means "file missing".  Here we
++    // know the file is not missing, so tweak the mtime.
++    st.st_mtime = 1;
++
+   return st.st_mtime;
+ #endif
+ }
diff --git a/gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch b/gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch
index 92d8a85c8f..2f7bcee344 100644
--- a/gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch
+++ b/gnu/packages/patches/subversion-sqlite-3.8.9-fix.patch
@@ -1,7 +1,25 @@
+Despite all the efforts below, the 'wc-queries-test.c' still fails,
+both with SQLite 3.8.9 and 3.8.10.2.  We choose to just skip it
+until a better solution arises.
+
+--- subversion/tests/libsvn_wc/wc-queries-test.c	2015-07-16 23:24:03.458279053 +0200
++++ subversion/tests/libsvn_wc/wc-queries-test.c	2015-07-16 23:24:18.866423439 +0200
+@@ -898,8 +898,6 @@ struct svn_test_descriptor_t test_funcs[
+                    "sqlite up-to-date"),
+     SVN_TEST_PASS2(test_parsable,
+                    "queries are parsable"),
+-    SVN_TEST_PASS2(test_query_expectations,
+-                   "test query expectations"),
+     SVN_TEST_PASS2(test_schema_statistics,
+                    "test schema statistics"),
+     SVN_TEST_NULL
+
+
 This upstream patch (r1672295) is needed to fix a test failure when built
 against sqlite 3.8.9.  See:
 
   https://mail-archives.apache.org/mod_mbox/subversion-dev/201504.mbox/%3C5526D197.6020808@gmx.de%3E
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785496
 
 
 r1672295 | rhuijben | 2015-04-09 07:31:12 -0400 (Thu, 09 Apr 2015) | 15 lines
@@ -57,3 +75,58 @@ Index: subversion/libsvn_wc/wc-metadata.sql
  /* sqlite_autoindex_WORK_QUEUE_1 doesn't exist because WORK_QUEUE is
     a INTEGER PRIMARY KEY AUTOINCREMENT table */
  
+
+r1673691 | rhuijben | 2015-04-15 05:30:04 -0400 (Wed, 15 Apr 2015) | 5 lines
+
+* subversion/libsvn_wc/wc-metadata.sql
+  (STMT_INSTALL_SCHEMA_STATISTICS): Delete existing sqlite_stat1 rows for
+    the externals table before installing new rows to avoid duplicate entries.
+    Remove unneeded 'OR REPLACE' from all inserts.
+
+
+Index: subversion/libsvn_wc/wc-metadata.sql
+===================================================================
+--- subversion/libsvn_wc/wc-metadata.sql	(revision 1673690)
++++ subversion/libsvn_wc/wc-metadata.sql	(revision 1673691)
+@@ -598,30 +598,30 @@
+ ANALYZE sqlite_master; /* Creates empty sqlite_stat1 if necessary */
+ 
+ DELETE FROM sqlite_stat1
+-WHERE tbl in ('NODES', 'ACTUAL_NODE', 'LOCK', 'WC_LOCK');
++WHERE tbl in ('NODES', 'ACTUAL_NODE', 'LOCK', 'WC_LOCK', 'EXTERNALS');
+ 
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('NODES', 'sqlite_autoindex_NODES_1',               '8000 8000 2 1');
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('NODES', 'I_NODES_PARENT',                         '8000 8000 10 2 1');
+ /* Tell a lie: We ignore that 99.9% of all moved_to values are NULL */
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('NODES', 'I_NODES_MOVED',                          '8000 8000 1 1');
+ 
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('ACTUAL_NODE', 'sqlite_autoindex_ACTUAL_NODE_1',   '8000 8000 1');
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('ACTUAL_NODE', 'I_ACTUAL_PARENT',                  '8000 8000 10 1');
+ 
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('LOCK', 'sqlite_autoindex_LOCK_1',                 '100 100 1');
+ 
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('WC_LOCK', 'sqlite_autoindex_WC_LOCK_1',           '100 100 1');
+ 
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('EXTERNALS','sqlite_autoindex_EXTERNALS_1',        '100 100 1');
+-INSERT OR REPLACE INTO sqlite_stat1(tbl, idx, stat) VALUES
++INSERT INTO sqlite_stat1(tbl, idx, stat) VALUES
+     ('EXTERNALS','I_EXTERNALS_DEFINED',                 '100 100 3 1');
+ 
+ /* sqlite_autoindex_WORK_QUEUE_1 doesn't exist because WORK_QUEUE is
+
diff --git a/gnu/packages/patches/unzip-CVE-2014-9636.patch b/gnu/packages/patches/unzip-CVE-2014-9636.patch
new file mode 100644
index 0000000000..a38c3da51c
--- /dev/null
+++ b/gnu/packages/patches/unzip-CVE-2014-9636.patch
@@ -0,0 +1,41 @@
+Copied from Debian.
+
+From: mancha <mancha1 AT zoho DOT com>
+Date: Mon, 3 Nov 2014
+Subject: Info-ZIP UnZip buffer overflow
+Bug-Debian: http://bugs.debian.org/776589
+
+By carefully crafting a corrupt ZIP archive with "extra fields" that
+purport to have compressed blocks larger than the corresponding
+uncompressed blocks in STORED no-compression mode, an attacker can
+trigger a heap overflow that can result in application crash or
+possibly have other unspecified impact.
+
+This patch ensures that when extra fields use STORED mode, the
+"compressed" and uncompressed block sizes match.
+
+--- a/extract.c
++++ b/extract.c
+@@ -2228,6 +2228,7 @@
+     ulg eb_ucsize;
+     uch *eb_ucptr;
+     int r;
++    ush eb_compr_method;
+ 
+     if (compr_offset < 4)                /* field is not compressed: */
+         return PK_OK;                    /* do nothing and signal OK */
+@@ -2244,6 +2245,14 @@
+      ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
+         return IZ_EF_TRUNC;             /* no/bad compressed data! */
+ 
++    /* 2014-11-03 Michal Zalewski, SMS.
++     * For STORE method, compressed and uncompressed sizes must agree.
++     * http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=450
++     */
++    eb_compr_method = makeword( eb + (EB_HEADSIZE + compr_offset));
++    if ((eb_compr_method == STORED) && (eb_size - compr_offset != eb_ucsize))
++        return PK_ERR;
++
+     if (
+ #ifdef INT_16BIT
+         (((ulg)(extent)eb_ucsize) != eb_ucsize) ||
diff --git a/gnu/packages/patches/unzip-allow-greater-hostver-values.patch b/gnu/packages/patches/unzip-allow-greater-hostver-values.patch
new file mode 100644
index 0000000000..d98937f1cb
--- /dev/null
+++ b/gnu/packages/patches/unzip-allow-greater-hostver-values.patch
@@ -0,0 +1,16 @@
+Copied from Debian.
+
+From: Santiago Vila <sanvila@debian.org>
+Subject: zipinfo.c: Do not crash when hostver byte is >= 100
+
+--- a/zipinfo.c
++++ b/zipinfo.c
+@@ -2114,7 +2114,7 @@
+             else
+                 attribs[9] = (xattr & UNX_ISVTX)? 'T' : '-';  /* T==undefined */
+ 
+-            sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10);
++            sprintf(&attribs[11], "%2u.%u", hostver/10, hostver%10);
+             break;
+ 
+     } /* end switch (hostnum: external attributes format) */
diff --git a/gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch b/gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch
new file mode 100644
index 0000000000..3417ad873d
--- /dev/null
+++ b/gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch
@@ -0,0 +1,18 @@
+Copied from Debian.
+
+From: sms
+Subject: Increase size of cfactorstr array to avoid buffer overflow
+Bug-Debian: http://bugs.debian.org/741384
+X-Debian-version: 6.0-11
+
+--- a/list.c
++++ b/list.c
+@@ -97,7 +97,7 @@
+ {
+     int do_this_file=FALSE, cfactor, error, error_in_archive=PK_COOL;
+ #ifndef WINDLL
+-    char sgn, cfactorstr[10];
++    char sgn, cfactorstr[12];
+     int longhdr=(uO.vflag>1);
+ #endif
+     int date_format;
diff --git a/gnu/packages/patches/unzip-initialize-symlink-flag.patch b/gnu/packages/patches/unzip-initialize-symlink-flag.patch
new file mode 100644
index 0000000000..3b0f391300
--- /dev/null
+++ b/gnu/packages/patches/unzip-initialize-symlink-flag.patch
@@ -0,0 +1,22 @@
+Copied from Debian.
+
+From: Andreas Schwab <schwab@linux-m68k.org>
+Subject: Initialize the symlink flag
+Bug-Debian: http://bugs.debian.org/717029
+X-Debian-version: 6.0-10
+
+--- a/process.c
++++ b/process.c
+@@ -1758,6 +1758,12 @@
+         = (G.crec.general_purpose_bit_flag & (1 << 11)) == (1 << 11);
+ #endif
+ 
++#ifdef SYMLINKS
++    /* Initialize the symlink flag, may be set by the platform-specific
++       mapattr function.  */
++    G.pInfo->symlink = 0;
++#endif
++
+     return PK_COOL;
+ 
+ } /* end function process_cdir_file_hdr() */
diff --git a/gnu/packages/patches/unzip-remove-build-date.patch b/gnu/packages/patches/unzip-remove-build-date.patch
new file mode 100644
index 0000000000..8beff92d1a
--- /dev/null
+++ b/gnu/packages/patches/unzip-remove-build-date.patch
@@ -0,0 +1,19 @@
+Copied from Debian.
+
+From: Jérémy Bobbio <lunar@debian.org>
+Subject: Remove build date
+Bug-Debian: http://bugs.debian.org/782851
+ In order to make unzip build reproducibly, we remove the
+ (already optional) build date from the binary.
+
+--- a/unix/unix.c
++++ b/unix/unix.c
+@@ -1705,7 +1705,7 @@
+ #endif /* Sun */
+ #endif /* SGI */
+ 
+-#ifdef __DATE__
++#if 0
+       " on ", __DATE__
+ #else
+       "", ""