aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk34
-rw-r--r--gnu/packages/algebra.scm2
-rw-r--r--gnu/packages/backup.scm5
-rw-r--r--gnu/packages/base.scm189
-rw-r--r--gnu/packages/bash.scm50
-rw-r--r--gnu/packages/bdw-gc.scm20
-rw-r--r--gnu/packages/boost.scm4
-rw-r--r--gnu/packages/bootloaders.scm7
-rw-r--r--gnu/packages/commencement.scm30
-rw-r--r--gnu/packages/compression.scm142
-rw-r--r--gnu/packages/curl.scm18
-rw-r--r--gnu/packages/databases.scm8
-rw-r--r--gnu/packages/ed.scm4
-rw-r--r--gnu/packages/embedded.scm4
-rw-r--r--gnu/packages/file.scm4
-rw-r--r--gnu/packages/flex.scm21
-rw-r--r--gnu/packages/fontutils.scm35
-rw-r--r--gnu/packages/gcc.scm2
-rw-r--r--gnu/packages/gettext.scm9
-rw-r--r--gnu/packages/ghostscript.scm223
-rw-r--r--gnu/packages/gnome.scm22
-rw-r--r--gnu/packages/gnupg.scm10
-rw-r--r--gnu/packages/gtk.scm4
-rw-r--r--gnu/packages/guile.scm29
-rw-r--r--gnu/packages/icu4c.scm14
-rw-r--r--gnu/packages/image.scm39
-rw-r--r--gnu/packages/kerberos.scm14
-rw-r--r--gnu/packages/ld-wrapper.in40
-rw-r--r--gnu/packages/libffi.scm3
-rw-r--r--gnu/packages/libidn.scm38
-rw-r--r--gnu/packages/libsigsegv.scm17
-rw-r--r--gnu/packages/libunistring.scm8
-rw-r--r--gnu/packages/linux.scm4
-rw-r--r--gnu/packages/maths.scm2
-rw-r--r--gnu/packages/netpbm.scm20
-rw-r--r--gnu/packages/package-management.scm4
-rw-r--r--gnu/packages/patches/binutils-mips-bash-bug.patch22
-rw-r--r--gnu/packages/patches/coreutils-cut-huge-range-test.patch29
-rw-r--r--gnu/packages/patches/coreutils-fix-cross-compilation.patch15
-rw-r--r--gnu/packages/patches/findutils-gnulib-multi-core.patch294
-rw-r--r--gnu/packages/patches/freetype-CVE-2017-8105.patch56
-rw-r--r--gnu/packages/patches/freetype-CVE-2017-8287.patch44
-rw-r--r--gnu/packages/patches/gettext-gnulib-multi-core.patch178
-rw-r--r--gnu/packages/patches/gettext-multi-core.patch185
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2013-5653.patch85
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2015-3228.patch32
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-7976.patch185
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-7978.patch25
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-7979.patch48
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-8602.patch47
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2017-8291.patch166
-rw-r--r--gnu/packages/patches/ghostscript-runpath.patch17
-rw-r--r--gnu/packages/patches/grep-gnulib-lock.patch32
-rw-r--r--gnu/packages/patches/libffi-3.2.1-complex-alpha.patch28
-rw-r--r--gnu/packages/patches/libtasn1-CVE-2017-6891.patch51
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-10092.patch42
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-10093.patch53
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-10094.patch34
-rw-r--r--gnu/packages/patches/libtiff-CVE-2017-5225.patch86
-rw-r--r--gnu/packages/patches/libtiff-assertion-failure.patch60
-rw-r--r--gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch63
-rw-r--r--gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch104
-rw-r--r--gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch57
-rw-r--r--gnu/packages/patches/libtiff-divide-by-zero.patch67
-rw-r--r--gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch131
-rw-r--r--gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch132
-rw-r--r--gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch67
-rw-r--r--gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch60
-rw-r--r--gnu/packages/patches/libtiff-invalid-read.patch64
-rw-r--r--gnu/packages/patches/libtiff-null-dereference.patch42
-rw-r--r--gnu/packages/patches/libtiff-tiffcp-underflow.patch41
-rw-r--r--gnu/packages/patches/libunistring-gnulib-multi-core.patch178
-rw-r--r--gnu/packages/patches/python-file-double-encoding-bug.patch50
-rw-r--r--gnu/packages/pcre.scm10
-rw-r--r--gnu/packages/perl.scm4
-rw-r--r--gnu/packages/pkg-config.scm4
-rw-r--r--gnu/packages/pulseaudio.scm17
-rw-r--r--gnu/packages/python.scm4
-rw-r--r--gnu/packages/tls.scm50
-rw-r--r--gnu/packages/wine.scm3
-rw-r--r--gnu/packages/xdisorg.scm4
-rw-r--r--gnu/packages/xorg.scm8
-rw-r--r--gnu/system.scm2
-rw-r--r--guix/build-system/cmake.scm160
-rw-r--r--guix/build-system/gnu.scm1
-rw-r--r--guix/build/cmake-build-system.scm11
-rw-r--r--guix/build/gnu-build-system.scm36
-rw-r--r--guix/build/utils.scm17
-rw-r--r--guix/packages.scm7
89 files changed, 1736 insertions, 2551 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index e7d5ee2f41..8b73f7e64c 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -519,7 +519,6 @@ dist_patch_DATA = \
%D%/packages/patches/bigloo-gc-shebangs.patch \
%D%/packages/patches/binutils-ld-new-dtags.patch \
%D%/packages/patches/binutils-loongson-workaround.patch \
- %D%/packages/patches/binutils-mips-bash-bug.patch \
%D%/packages/patches/byobu-writable-status.patch \
%D%/packages/patches/cairo-CVE-2016-9082.patch \
%D%/packages/patches/calibre-drop-unrar.patch \
@@ -545,7 +544,6 @@ dist_patch_DATA = \
%D%/packages/patches/cool-retro-term-memory-leak-1.patch \
%D%/packages/patches/cool-retro-term-remove-non-free-fonts.patch \
%D%/packages/patches/coreutils-cut-huge-range-test.patch \
- %D%/packages/patches/coreutils-fix-cross-compilation.patch \
%D%/packages/patches/cpio-CVE-2016-2037.patch \
%D%/packages/patches/cpufrequtils-fix-aclocal.patch \
%D%/packages/patches/cracklib-CVE-2016-6318.patch \
@@ -585,6 +583,7 @@ dist_patch_DATA = \
%D%/packages/patches/fcgi-2.4.0-gcc44-fixes.patch \
%D%/packages/patches/fcgi-2.4.0-poll.patch \
%D%/packages/patches/findutils-localstatedir.patch \
+ %D%/packages/patches/findutils-gnulib-multi-core.patch \
%D%/packages/patches/findutils-test-xargs.patch \
%D%/packages/patches/flint-ldconfig.patch \
%D%/packages/patches/fltk-shared-lib-defines.patch \
@@ -595,8 +594,6 @@ dist_patch_DATA = \
%D%/packages/patches/freeimage-CVE-2015-0852.patch \
%D%/packages/patches/freeimage-CVE-2016-5684.patch \
%D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \
- %D%/packages/patches/freetype-CVE-2017-8105.patch \
- %D%/packages/patches/freetype-CVE-2017-8287.patch \
%D%/packages/patches/fuse-overlapping-headers.patch \
%D%/packages/patches/gajim-CVE-2016-10376.patch \
%D%/packages/patches/gawk-shell.patch \
@@ -618,13 +615,9 @@ dist_patch_DATA = \
%D%/packages/patches/gd-php-73968-Fix-109-XBM-reading.patch \
%D%/packages/patches/gegl-CVE-2012-4433.patch \
%D%/packages/patches/geoclue-config.patch \
+ %D%/packages/patches/gettext-multi-core.patch \
+ %D%/packages/patches/gettext-gnulib-multi-core.patch \
%D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \
- %D%/packages/patches/ghostscript-CVE-2013-5653.patch \
- %D%/packages/patches/ghostscript-CVE-2015-3228.patch \
- %D%/packages/patches/ghostscript-CVE-2016-7976.patch \
- %D%/packages/patches/ghostscript-CVE-2016-7978.patch \
- %D%/packages/patches/ghostscript-CVE-2016-7979.patch \
- %D%/packages/patches/ghostscript-CVE-2016-8602.patch \
%D%/packages/patches/ghostscript-CVE-2017-8291.patch \
%D%/packages/patches/ghostscript-runpath.patch \
%D%/packages/patches/glib-networking-ssl-cert-file.patch \
@@ -645,6 +638,7 @@ dist_patch_DATA = \
%D%/packages/patches/gobject-introspection-cc.patch \
%D%/packages/patches/gobject-introspection-girepository.patch \
%D%/packages/patches/graphite2-ffloat-store.patch \
+ %D%/packages/patches/grep-gnulib-lock.patch \
%D%/packages/patches/grep-timing-sensitive-test.patch \
%D%/packages/patches/gsl-test-i686.patch \
%D%/packages/patches/gspell-dash-test.patch \
@@ -730,6 +724,7 @@ dist_patch_DATA = \
%D%/packages/patches/libevent-2.1-skip-failing-test.patch \
%D%/packages/patches/libextractor-ffmpeg-3.patch \
%D%/packages/patches/libgit2-use-after-free.patch \
+ %D%/packages/patches/libffi-3.2.1-complex-alpha.patch \
%D%/packages/patches/libjxr-fix-function-signature.patch \
%D%/packages/patches/libjxr-fix-typos.patch \
%D%/packages/patches/liboop-mips64-deplibs-fix.patch \
@@ -744,28 +739,12 @@ dist_patch_DATA = \
%D%/packages/patches/libsndfile-CVE-2017-8362.patch \
%D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \
%D%/packages/patches/libtar-CVE-2013-4420.patch \
- %D%/packages/patches/libtasn1-CVE-2017-6891.patch \
%D%/packages/patches/libtheora-config-guess.patch \
- %D%/packages/patches/libtiff-CVE-2016-10092.patch \
- %D%/packages/patches/libtiff-CVE-2016-10093.patch \
- %D%/packages/patches/libtiff-CVE-2016-10094.patch \
- %D%/packages/patches/libtiff-CVE-2017-5225.patch \
- %D%/packages/patches/libtiff-assertion-failure.patch \
- %D%/packages/patches/libtiff-divide-by-zero-ojpeg.patch \
- %D%/packages/patches/libtiff-divide-by-zero-tiffcp.patch \
- %D%/packages/patches/libtiff-divide-by-zero-tiffcrop.patch \
- %D%/packages/patches/libtiff-divide-by-zero.patch \
- %D%/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch \
- %D%/packages/patches/libtiff-heap-overflow-tif-dirread.patch \
- %D%/packages/patches/libtiff-heap-overflow-tiffcp.patch \
- %D%/packages/patches/libtiff-heap-overflow-tiffcrop.patch \
- %D%/packages/patches/libtiff-invalid-read.patch \
- %D%/packages/patches/libtiff-null-dereference.patch \
- %D%/packages/patches/libtiff-tiffcp-underflow.patch \
%D%/packages/patches/libtirpc-CVE-2017-8779.patch \
%D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \
%D%/packages/patches/libtool-skip-tests2.patch \
%D%/packages/patches/libunwind-CVE-2015-3239.patch \
+ %D%/packages/patches/libunistring-gnulib-multi-core.patch \
%D%/packages/patches/libvpx-CVE-2016-2818.patch \
%D%/packages/patches/libwmf-CAN-2004-0941.patch \
%D%/packages/patches/libwmf-CVE-2006-3376.patch \
@@ -927,7 +906,6 @@ dist_patch_DATA = \
%D%/packages/patches/python-3.5-fix-tests.patch \
%D%/packages/patches/python-3.5-getentropy-on-old-kernels.patch \
%D%/packages/patches/python-dendropy-fix-tests.patch \
- %D%/packages/patches/python-file-double-encoding-bug.patch \
%D%/packages/patches/python-fix-tests.patch \
%D%/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch \
%D%/packages/patches/python-genshi-buildable-on-python-2.7.patch \
diff --git a/gnu/packages/algebra.scm b/gnu/packages/algebra.scm
index a3016fe7b3..a6960ae79b 100644
--- a/gnu/packages/algebra.scm
+++ b/gnu/packages/algebra.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016, 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
@@ -479,7 +480,6 @@ binary.")
(base32
"0amh9ik44jfg66csyvf4zz1l878c4755kjndq9j0270akflgrbb2"))))
(build-system gnu-build-system)
- (inputs `(("readline" ,readline)))
(native-inputs
`(("ed" ,ed)
("flex" ,flex)
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 035ef8c32c..b62438e4f1 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -179,8 +179,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
(define-public libarchive
(package
(name "libarchive")
- (replacement libarchive-3.3.1)
- (version "3.2.2")
+ (version "3.3.1")
(source
(origin
(method url-fetch)
@@ -188,7 +187,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
version ".tar.gz"))
(sha256
(base32
- "03q6y428rg723c9fj1vidzjw46w1vf8z0h95lkvz1l9jw571j739"))))
+ "1rr40hxlm9vy5z2zb5w7pyfkgd1a4s061qapm83s19accb8mpji9"))))
(build-system gnu-build-system)
;; TODO: Add -L/path/to/nettle in libarchive.pc.
(inputs
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index d135a18bf8..b9364f81f5 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -5,8 +5,10 @@
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014 Alex Kost <alezost@gmail.com>
;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
-;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
+;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
+;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
@@ -87,7 +89,8 @@ command-line arguments, multiple languages, and so on.")
(sha256
(base32
"1dcasjp3a578nrvzrcn38mpizb8w1q6mvfzhjmcqqgkf0nsivj72"))
- (patches (search-patches "grep-timing-sensitive-test.patch"))))
+ (patches (search-patches "grep-timing-sensitive-test.patch"
+ "grep-gnulib-lock.patch"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl))) ;some of the tests require it
(arguments
@@ -228,14 +231,14 @@ differences.")
(define-public diffutils
(package
(name "diffutils")
- (version "3.5")
+ (version "3.6")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/diffutils/diffutils-"
version ".tar.xz"))
(sha256
(base32
- "0csmqfz8ks23kdjsq0v2ll1acqiz8lva06dj19mwmymrsp69ilys"))))
+ "1mivg0fy3a6fcn535ln8nkgfj6vxh5hsxxs5h6692wxmsjyyh8fn"))))
(build-system gnu-build-system)
(synopsis "Comparing and merging files")
(description
@@ -258,8 +261,13 @@ interactive means to merge two files.")
(sha256
(base32
"178nn4dl7wbcw499czikirnkniwnx36argdnqgz4ik9i6zvwkm6y"))
- (patches (search-patches "findutils-localstatedir.patch"
- "findutils-test-xargs.patch"))))
+ (patches (search-patches
+ "findutils-localstatedir.patch"
+ "findutils-test-xargs.patch"
+ ;; test-lock has performance issues on multi-core
+ ;; machines, it hangs or takes a long time to complete.
+ ;; This is a commit from gnulib to fix this issue.
+ "findutils-gnulib-multi-core.patch"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags (list
@@ -285,15 +293,15 @@ used to apply commands with arbitrarily long arguments.")
(define-public coreutils
(package
(name "coreutils")
- (version "8.26")
+ (version "8.27")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/coreutils/coreutils-"
version ".tar.xz"))
(sha256
(base32
- "13lspazc7xkviy93qz7ks9jv4sldvgmwpq36ghrbrqpq93br8phm"))
- (patches (search-patches "coreutils-fix-cross-compilation.patch"))))
+ "0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8"))
+ (patches (search-patches "coreutils-cut-huge-range-test.patch"))))
(build-system gnu-build-system)
(inputs `(("acl" ,acl) ; TODO: add SELinux
("gmp" ,gmp) ;bignums in 'expr', yay!
@@ -308,21 +316,12 @@ used to apply commands with arbitrarily long arguments.")
;; copy of help2man. However, don't pass it when cross-compiling since
;; that would lead it to try to run programs to get their '--help' output
;; for help2man.
- `(,@(if (%current-target-system)
- '()
- `(("perl" ,perl)))
-
- ;; Apply this patch only on ARM to avoid a full rebuild.
- ;; TODO: Move to 'patches' in the next update cycle.
- ,@(if (string-prefix? "arm" (or (%current-target-system)
- (%current-system)))
- `(("cut-test.patch"
- ,(search-patch "coreutils-cut-huge-range-test.patch")))
- '())))
+ (if (%current-target-system)
+ '()
+ `(("perl" ,perl))))
(outputs '("out" "debug"))
(arguments
`(#:parallel-build? #f ; help2man may be called too early
- #:parallel-tests? #f ; race condition fixed after 8.26
#:phases (alist-cons-before
'build 'patch-shell-references
(lambda* (#:key inputs #:allow-other-keys)
@@ -337,22 +336,7 @@ used to apply commands with arbitrarily long arguments.")
(substitute* (find-files "tests" "\\.sh$")
(("#!/bin/sh")
(format #f "#!~a/bin/sh" bash)))))
-
- ,@(if (string-prefix? "arm" (or (%current-target-system)
- (%current-system)))
- '((alist-cons-before
- 'build 'patch-cut-test
- (lambda* (#:key inputs native-inputs
- #:allow-other-keys)
- (let ((patch (or (assoc-ref inputs
- "cut-test.patch")
- (assoc-ref native-inputs
- "cut-test.patch"))))
- (zero?
- (system* "patch" "-p1" "--force"
- "--input" patch))))
- %standard-phases))
- '(%standard-phases)))))
+ %standard-phases)))
(synopsis "Core GNU utilities (file, text, shell)")
(description
"GNU Coreutils includes all of the basic command-line tools that are
@@ -362,29 +346,6 @@ functionality beyond that which is outlined in the POSIX standard.")
(license gpl3+)
(home-page "https://www.gnu.org/software/coreutils/")))
-;; We add version 8.27 here for use in (gnu system) due to a time
-;; zone bug in `date' versions 8.25 - 8.26.
-;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23035
-;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26238
-(define-public coreutils-8.27
- (package
- (inherit coreutils)
- (version "8.27")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/coreutils/coreutils-"
- version ".tar.xz"))
- (sha256
- (base32
- "0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8"))))
- (arguments
- (if (string-prefix? "arm" (or (%current-target-system)
- (%current-system)))
- (substitute-keyword-arguments (package-arguments coreutils)
- ((#:phases phases)
- `(alist-delete 'patch-cut-test ,phases)))
- (package-arguments coreutils)))))
-
(define-public coreutils-minimal
;; Coreutils without its optional dependencies.
(package
@@ -434,17 +395,16 @@ change. GNU make offers many powerful extensions over the standard utility.")
(define-public binutils
(package
(name "binutils")
- (version "2.27")
+ (version "2.28")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/binutils/binutils-"
version ".tar.bz2"))
(sha256
(base32
- "125clslv17xh1sab74343fg6v31msavpmaa1c1394zsqa773g5rn"))
+ "0wiasgns7i8km8nrxas265sh2dfpsw93b3qw195ipc90w4z475v2"))
(patches (search-patches "binutils-ld-new-dtags.patch"
- "binutils-loongson-workaround.patch"
- "binutils-mips-bash-bug.patch"))))
+ "binutils-loongson-workaround.patch"))))
(build-system gnu-build-system)
;; TODO: Add dependency on zlib + those for Gold.
@@ -456,10 +416,6 @@ change. GNU make offers many powerful extensions over the standard utility.")
;; Don't search under /usr/lib & co.
"--with-lib-path=/no-ld-lib-path"
- ;; Glibc 2.17 has a "comparison of unsigned
- ;; expression >= 0 is always true" in wchar.h.
- "--disable-werror"
-
;; Install BFD. It ends up in a hidden directory,
;; but it's here.
"--enable-install-libbfd"
@@ -482,7 +438,7 @@ included.")
(define* (make-ld-wrapper name #:key
(target (const #f))
binutils
- (guile (canonical-package guile-2.0))
+ (guile (canonical-package guile-2.2))
(bash (canonical-package bash))
(guile-for-build guile))
"Return a package called NAME that contains a wrapper for the 'ld' program
@@ -575,7 +531,8 @@ store.")
(modules '((guix build utils)))
(patches (search-patches "glibc-ldd-x86_64.patch"
"glibc-versioned-locpath.patch"
- "glibc-o-largefile.patch"))))
+ "glibc-o-largefile.patch"
+ "glibc-memchr-overflow-i686.patch"))))
(build-system gnu-build-system)
;; Glibc's <limits.h> refers to <linux/limit.h>, for instance, so glibc
@@ -587,10 +544,6 @@ store.")
(arguments
`(#:out-of-source? #t
- ;; In version 2.21, there a race in the 'elf' directory, see
- ;; <http://lists.gnu.org/archive/html/guix-devel/2015-02/msg00709.html>.
- #:parallel-build? #f
-
;; The libraries have an empty RUNPATH, but some, such as the versioned
;; libraries (libdl-2.24.so, etc.) have ld.so marked as NEEDED. Since
;; these libraries are always going to be found anyway, just skip
@@ -666,19 +619,6 @@ store.")
;; 4.7.1.
((" -lgcc_s") ""))
- ;; Apply patch only on i686.
- ;; TODO: Move the patch to 'patches' in the next update cycle.
- ,@(if (string-prefix? "i686" (or (%current-target-system)
- (%current-system)))
- `((unless (zero? (system* "patch" "-p1" "--force"
- "--input"
- (or (assoc-ref native-inputs
- "glibc-memchr-overflow-i686.patch")
- (assoc-ref inputs
- "glibc-memchr-overflow-i686.patch"))))
- (error "patch failed for glibc-memchr-overflow-i686.patch")))
- '())
-
;; Have `system' use that Bash.
(substitute* "sysdeps/posix/system.c"
(("#define[[:blank:]]+SHELL_PATH.*$")
@@ -722,15 +662,7 @@ store.")
;; install the message catalogs, with 'msgfmt'.
(native-inputs `(("texinfo" ,texinfo)
("perl" ,perl)
- ("gettext" ,gettext-minimal)
-
- ;; Apply this patch only on i686 to avoid a full rebuild.
- ;; TODO: Move to 'patches' in the next update cycle.
- ,@(if (string-prefix? "i686" (or (%current-target-system)
- (%current-system)))
- `(("glibc-memchr-overflow-i686.patch"
- ,(search-patch "glibc-memchr-overflow-i686.patch")))
- '())))
+ ("gettext" ,gettext-minimal)))
(native-search-paths
;; Search path for packages that provide locale data. This is useful
@@ -779,71 +711,6 @@ with the Linux kernel.")
;; Add libmachuser.so and libhurduser.so to libc.so's search path.
;; See <http://lists.gnu.org/archive/html/bug-hurd/2015-07/msg00051.html>.
`(modify-phases ,original-phases
- ;; TODO: This is almost an exact copy of the phase of the same name
- ;; in glibc/linux. The only difference is that the i686 patch is
- ;; not applied here. In the next update cycle the patch moves to
- ;; the patches field and this overwritten phase won't be needed any
- ;; more.
- (replace 'pre-configure
- (lambda* (#:key inputs native-inputs outputs
- #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (bin (string-append out "/bin"))
- ;; FIXME: Normally we would look it up only in INPUTS
- ;; but cross-base uses it as a native input.
- (bash (or (assoc-ref inputs "static-bash")
- (assoc-ref native-inputs "static-bash"))))
- ;; Install the rpc data base file under `$out/etc/rpc'.
- ;; FIXME: Use installFlags = [ "sysconfdir=$(out)/etc" ];
- (substitute* "sunrpc/Makefile"
- (("^\\$\\(inst_sysconfdir\\)/rpc(.*)$" _ suffix)
- (string-append out "/etc/rpc" suffix "\n"))
- (("^install-others =.*$")
- (string-append "install-others = " out "/etc/rpc\n")))
-
- (substitute* "Makeconfig"
- ;; According to
- ;; <http://www.linuxfromscratch.org/lfs/view/stable/chapter05/glibc.html>,
- ;; linking against libgcc_s is not needed with GCC
- ;; 4.7.1.
- ((" -lgcc_s") ""))
-
- ;; Have `system' use that Bash.
- (substitute* "sysdeps/posix/system.c"
- (("#define[[:blank:]]+SHELL_PATH.*$")
- (format #f "#define SHELL_PATH \"~a/bin/bash\"\n"
- bash)))
-
- ;; Same for `popen'.
- (substitute* "libio/iopopen.c"
- (("/bin/sh")
- (string-append bash "/bin/sh")))
-
- ;; Same for the shell used by the 'exec' functions for
- ;; scripts that lack a shebang.
- (substitute* (find-files "." "^paths\\.h$")
- (("#define[[:blank:]]+_PATH_BSHELL[[:blank:]].*$")
- (string-append "#define _PATH_BSHELL \""
- bash "/bin/sh\"\n")))
-
- ;; Nscd uses __DATE__ and __TIME__ to create a string to
- ;; make sure the client and server come from the same
- ;; libc. Use something deterministic instead.
- (substitute* "nscd/nscd_stat.c"
- (("static const char compilation\\[21\\] =.*$")
- (string-append
- "static const char compilation[21] = \""
- (string-take (basename out) 20) "\";\n")))
-
- ;; Make sure we don't retain a reference to the
- ;; bootstrap Perl.
- (substitute* "malloc/mtrace.pl"
- (("^#!.*")
- ;; The shebang can be omitted, because there's the
- ;; "bilingual" eval/exec magic at the top of the file.
- "")
- (("exec @PERL@")
- "exec perl")))))
(add-after 'install 'augment-libc.so
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out")))
diff --git a/gnu/packages/bash.scm b/gnu/packages/bash.scm
index ef22728a92..b1966e5675 100644
--- a/gnu/packages/bash.scm
+++ b/gnu/packages/bash.scm
@@ -211,33 +211,33 @@ without modification.")
(outputs (delete "include" (package-outputs bash)))
(arguments
- (let ((args `(#:modules ((guix build gnu-build-system)
- (guix build utils)
- (srfi srfi-1)
- (srfi srfi-26))
- ,@(package-arguments bash))))
- (substitute-keyword-arguments args
- ((#:configure-flags flags)
- `(list "--without-bash-malloc"
- "--disable-readline"
- "--disable-history"
- "--disable-help-builtin"
- "--disable-progcomp"
- "--disable-net-redirections"
- "--disable-nls"
+ (substitute-keyword-arguments (package-arguments bash)
+ ((#:modules _ '())
+ '((guix build gnu-build-system)
+ (guix build utils)
+ (srfi srfi-1)
+ (srfi srfi-26)))
+ ((#:configure-flags flags '())
+ `(list "--without-bash-malloc"
+ "--disable-readline"
+ "--disable-history"
+ "--disable-help-builtin"
+ "--disable-progcomp"
+ "--disable-net-redirections"
+ "--disable-nls"
- ;; Pretend 'dlopen' is missing so we don't build loadable
- ;; modules and related code.
- "ac_cv_func_dlopen=no"
+ ;; Pretend 'dlopen' is missing so we don't build loadable
+ ;; modules and related code.
+ "ac_cv_func_dlopen=no"
- ,@(if (%current-target-system)
- '("bash_cv_job_control_missing=no"
- "bash_cv_getcwd_malloc=yes")
- '())))
- ((#:phases phases)
- `(modify-phases ,phases
- ;; No loadable modules.
- (delete 'move-development-files))))))))
+ ,@(if (%current-target-system)
+ '("bash_cv_job_control_missing=no"
+ "bash_cv_getcwd_malloc=yes")
+ '())))
+ ((#:phases phases)
+ `(modify-phases ,phases
+ ;; No loadable modules.
+ (delete 'move-development-files)))))))
(define-public static-bash
;; Statically-linked Bash that contains nothing but the 'bash' binary and
diff --git a/gnu/packages/bdw-gc.scm b/gnu/packages/bdw-gc.scm
index b9732374d7..790a238579 100644
--- a/gnu/packages/bdw-gc.scm
+++ b/gnu/packages/bdw-gc.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2012, 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -23,7 +24,8 @@
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
- #:use-module (gnu packages pkg-config))
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages hurd))
(define-public libgc
(package
@@ -38,8 +40,20 @@
"143x7g0d0k6250ai6m2x3l4y352mzizi4wbgrmahxscv2aqjhjm1"))))
(build-system gnu-build-system)
(arguments
- '(#:configure-flags '(;; Install gc_cpp.h et al.
- "--enable-cplusplus")))
+ `(#:configure-flags
+ (list
+ ;; Install gc_cpp.h et al.
+ "--enable-cplusplus"
+ ;; In GNU/Hurd systems during the 'Check' phase,
+ ;; there is a deadlock caused by the 'gctest' test.
+ ;; To disable the error set "--disable-gcj-support"
+ ;; to configure script. See bug report and discussion:
+ ;; <https://lists.opendylan.org/pipermail/bdwgc/2017-April/006275.html>
+ ;; <https://lists.gnu.org/archive/html/bug-hurd/2017-01/msg00008.html>
+ ,@(if (hurd-triplet? (or (%current-system)
+ (%current-target-system)))
+ '("--disable-gcj-support")
+ '()))))
(native-inputs `(("pkg-config" ,pkg-config)))
(inputs `(("libatomic-ops" ,libatomic-ops)))
(outputs '("out" "debug"))
diff --git a/gnu/packages/boost.scm b/gnu/packages/boost.scm
index dfaa853533..5d2056fc7d 100644
--- a/gnu/packages/boost.scm
+++ b/gnu/packages/boost.scm
@@ -35,7 +35,7 @@
(define-public boost
(package
(name "boost")
- (version "1.63.0")
+ (version "1.64.0")
(source (origin
(method url-fetch)
(uri (string-append
@@ -44,7 +44,7 @@
".tar.bz2"))
(sha256
(base32
- "1c5kzhcqahnic55dxcnw7r80qvwx5sfa2sa97yzv7xjrywljbbmy"))))
+ "0cikd35xfkpg9nnl76yqqnqxnf3hyfjjww8xjd4akflprsm5rk3v"))))
(build-system gnu-build-system)
(inputs `(("zlib" ,zlib)))
(native-inputs
diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm
index dec462b0cb..c4be211f1a 100644
--- a/gnu/packages/bootloaders.scm
+++ b/gnu/packages/bootloaders.scm
@@ -114,10 +114,7 @@
(native-inputs
`(("unifont" ,unifont)
("bison" ,bison)
- ;; Due to a bug in flex >= 2.6.2, GRUB must be built with an older flex:
- ;; <http://lists.gnu.org/archive/html/grub-devel/2017-02/msg00133.html>
- ;; TODO Try building with flex > 2.6.3.
- ("flex" ,flex-2.6.1)
+ ("flex" ,flex)
("texinfo" ,texinfo)
("help2man" ,help2man)
@@ -240,7 +237,7 @@ menu to select one of the installed operating systems.")
(build-system gnu-build-system)
(native-inputs
`(("bison" ,bison)
- ("flex" ,flex-2.6.1))) ; A bug in flex prevents building with flex-2.6.3.
+ ("flex" ,flex)))
(arguments
`(#:make-flags
(list "CC=gcc"
diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index 1b41feac1f..f672ef45eb 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -510,14 +510,7 @@ the bootstrap environment."
(propagated-inputs `(("kernel-headers" ,(kernel-headers-boot0))))
(native-inputs
`(("texinfo" ,texinfo-boot0)
- ("perl" ,perl-boot0)
- ;; Apply this patch only on i686 to avoid a full rebuild.
- ;; TODO: Remove in the next update cycle.
- ,@(if (string-prefix? "i686" (or (%current-target-system)
- (%current-system)))
- `(("glibc-memchr-overflow-i686.patch"
- ,(search-patch "glibc-memchr-overflow-i686.patch")))
- '())))
+ ("perl" ,perl-boot0)))
(inputs
`(;; The boot inputs. That includes the bootstrap libc. We don't want
;; it in $CPATH, hence the 'pre-configure' phase above.
@@ -807,13 +800,14 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(define bash-final
;; Link with `-static-libgcc' to make sure we don't retain a reference
- ;; to the bootstrap GCC.
+ ;; to the bootstrap GCC. Use "bash-minimal" to avoid an extra dependency
+ ;; on Readline and ncurses.
(let ((bash (package
- (inherit bash)
+ (inherit bash-minimal)
(arguments
`(#:disallowed-references
,(assoc-ref %boot3-inputs "coreutils&co")
- ,@(package-arguments bash))))))
+ ,@(package-arguments bash-minimal))))))
(package-with-bootstrap-guile
(package-with-explicit-inputs (static-libgcc-package bash)
%boot3-inputs
@@ -829,7 +823,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
;; This package must be public because other modules refer to it. However,
;; mark it as hidden so that 'fold-packages' ignores it.
(package-with-bootstrap-guile
- (package-with-explicit-inputs (hidden-package guile-2.0/fixed)
+ (package-with-explicit-inputs (hidden-package guile-2.2/fixed)
%boot4-inputs
(current-source-location)
#:guile %bootstrap-guile)))
@@ -850,12 +844,10 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(define-public ld-wrapper
;; The final 'ld' wrapper, which uses the final Guile and Binutils.
- (package (inherit ld-wrapper-boot3)
- (name "ld-wrapper")
- (inputs `(("guile" ,guile-final)
- ("bash" ,bash-final)
- ,@(fold alist-delete (package-inputs ld-wrapper-boot3)
- '("guile" "bash"))))))
+ (make-ld-wrapper "ld-wrapper"
+ #:binutils binutils-final
+ #:guile guile-final
+ #:bash bash-final))
(define %boot5-inputs
;; Now with UTF-8 locales. Remember that the bootstrap binaries were built
@@ -948,7 +940,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
the implicit inputs of 'gnu-build-system', return that one, otherwise return
PACKAGE.
-The goal is to avoid duplication in cases like GUILE-FINAL vs. GUILE-2.0,
+The goal is to avoid duplication in cases like GUILE-FINAL vs. GUILE-2.2,
COREUTILS-FINAL vs. COREUTILS, etc."
;; XXX: This doesn't handle dependencies of the final inputs, such as
;; libunistring, GMP, etc.
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 11db2a66f7..2b576743d6 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -207,84 +207,78 @@ file; as a result, it is often used in conjunction with \"tar\", resulting in
(home-page "https://www.gnu.org/software/gzip/")))
(define-public bzip2
- (let ((build-shared-lib
- ;; Build a shared library.
- '(lambda* (#:key inputs #:allow-other-keys)
- (patch-makefile-SHELL "Makefile-libbz2_so")
- (zero? (system* "make" "-f" "Makefile-libbz2_so"))))
- (install-shared-lib
- '(lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (libdir (string-append out "/lib")))
- (for-each (lambda (file)
- (let ((base (basename file)))
- (format #t "installing `~a' to `~a'~%"
- base libdir)
- (copy-file file
- (string-append libdir "/" base))))
- (find-files "." "^libbz2\\.so")))))
- (set-cross-environment
- '(lambda* (#:key target #:allow-other-keys)
- (substitute* (find-files "." "Makefile")
- (("CC=.*$")
- (string-append "CC = " target "-gcc\n"))
- (("AR=.*$")
- (string-append "AR = " target "-ar\n"))
- (("RANLIB=.*$")
- (string-append "RANLIB = " target "-ranlib\n"))
- (("^all:(.*)test" _ prerequisites)
- ;; Remove 'all' -> 'test' dependency.
- (string-append "all:" prerequisites "\n"))))))
- (package
- (name "bzip2")
- (version "1.0.6")
- (source (origin
- (method url-fetch)
- (uri (string-append "http://www.bzip.org/" version "/bzip2-"
- version ".tar.gz"))
- (sha256
- (base32
- "1kfrc7f0ja9fdn6j1y6yir6li818npy6217hvr3wzmnmzhs8z152"))))
- (build-system gnu-build-system)
- (arguments
- `(#:modules ((guix build gnu-build-system)
- (guix build utils)
- (srfi srfi-1))
- #:phases
- ,(if (%current-target-system)
-
- ;; Cross-compilation: use the cross tools.
- `(alist-cons-before
- 'build 'build-shared-lib ,build-shared-lib
- (alist-cons-after
- 'install 'install-shared-lib ,install-shared-lib
- (alist-replace 'configure ,set-cross-environment
- %standard-phases)))
-
- ;; Native compilation: build the shared library.
- `(alist-cons-before
- 'build 'build-shared-lib ,build-shared-lib
- (alist-cons-after
- 'install 'install-shared-lib ,install-shared-lib
- (alist-delete 'configure %standard-phases))))
+ (package
+ (name "bzip2")
+ (version "1.0.6")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "http://www.bzip.org/" version "/bzip2-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1kfrc7f0ja9fdn6j1y6yir6li818npy6217hvr3wzmnmzhs8z152"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:modules ((guix build gnu-build-system)
+ (guix build utils)
+ (srfi srfi-1))
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key target #:allow-other-keys)
+ (if ,(%current-target-system)
+ ;; Cross-compilation: use the cross tools.
+ (substitute* (find-files "." "Makefile")
+ (("CC=.*$")
+ (string-append "CC = " target "-gcc\n"))
+ (("AR=.*$")
+ (string-append "AR = " target "-ar\n"))
+ (("RANLIB=.*$")
+ (string-append "RANLIB = " target "-ranlib\n"))
+ (("^all:(.*)test" _ prerequisites)
+ ;; Remove 'all' -> 'test' dependency.
+ (string-append "all:" prerequisites "\n")))
+ #t)))
+ (add-before 'build 'build-shared-lib
+ (lambda* (#:key inputs #:allow-other-keys)
+ (patch-makefile-SHELL "Makefile-libbz2_so")
+ (zero? (system* "make" "-f" "Makefile-libbz2_so"))))
+ (add-after 'install 'install-shared-lib
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (libdir (string-append out "/lib")))
+ (for-each (lambda (file)
+ (let ((base (basename file)))
+ (format #t "installing `~a' to `~a'~%"
+ base libdir)
+ (copy-file file
+ (string-append libdir "/" base))))
+ (find-files "." "^libbz2\\.so")))
+ #t))
+ (add-after 'install-shared-lib 'patch-scripts
+ (lambda* (#:key outputs inputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out")))
+ (substitute* (string-append out "/bin/bzdiff")
+ (("/bin/rm") "rm")))
+ #t)))
- #:make-flags (list (string-append "PREFIX="
- (assoc-ref %outputs "out")))
+ #:make-flags (list (string-append "PREFIX="
+ (assoc-ref %outputs "out")))
- ;; Don't attempt to run the tests when cross-compiling.
- ,@(if (%current-target-system)
- '(#:tests? #f)
- '())))
- (synopsis "High-quality data compression program")
- (description
- "bzip2 is a freely available, patent free (see below), high-quality data
+ ;; Don't attempt to run the tests when cross-compiling.
+ ,@(if (%current-target-system)
+ '(#:tests? #f)
+ '())))
+ (synopsis "High-quality data compression program")
+ (description
+ "bzip2 is a freely available, patent free (see below), high-quality data
compressor. It typically compresses files to within 10% to 15% of the best
available techniques (the PPM family of statistical compressors), whilst
being around twice as fast at compression and six times faster at
decompression.")
- (license (license:non-copyleft "file://LICENSE"
- "See LICENSE in the distribution."))
- (home-page "http://www.bzip.org/"))))
+ (license (license:non-copyleft "file://LICENSE"
+ "See LICENSE in the distribution."))
+ (home-page "http://www.bzip.org/")))
(define-public lbzip2
(package
@@ -457,14 +451,14 @@ some compression ratio).")
(define-public lzip
(package
(name "lzip")
- (version "1.16")
+ (version "1.18")
(source (origin
(method url-fetch)
(uri (string-append "mirror://savannah/lzip/lzip-"
version ".tar.gz"))
(sha256
(base32
- "0l9724rw1l3hg2ldr3n7ihqich4m9nc6y7l302bvdj4jmxdw530j"))))
+ "1p8lvc22sv3damld9ng8y6i8z2dvvpsbi9v7yhr5bc2a20m8iya7"))))
(build-system gnu-build-system)
(home-page "http://www.nongnu.org/lzip/lzip.html")
(synopsis "Lossless data compressor based on the LZMA algorithm")
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 73d402ce18..420b9bacc1 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -40,15 +40,14 @@
(define-public curl
(package
(name "curl")
- (replacement curl-7.54.0)
- (version "7.53.0")
+ (version "7.54.0")
(source (origin
(method url-fetch)
(uri (string-append "https://curl.haxx.se/download/curl-"
version ".tar.lzma"))
(sha256
(base32
- "1k0i31xygb804c61llhin5wbpcscg4gfqmbxcfkpdr1alwh7igrq"))))
+ "02h7qhl8ynp75g1vcaw18ks0gp7nahvvkqck19pb1q0kkw1scsnd"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.2 MiB of man3 pages
@@ -120,16 +119,3 @@ tunneling, and so on.")
(license (license:non-copyleft "file://COPYING"
"See COPYING in the distribution."))
(home-page "https://curl.haxx.se/")))
-
-(define curl-7.54.0
- (package
- (inherit curl)
- (version "7.54.0")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "https://curl.haxx.se/download/curl-"
- version ".tar.lzma"))
- (sha256
- (base32
- "02h7qhl8ynp75g1vcaw18ks0gp7nahvvkqck19pb1q0kkw1scsnd"))))))
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index c46e917b89..cd5f53daa3 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -125,14 +125,14 @@ either single machines or networked clusters.")
(define-public gdbm
(package
(name "gdbm")
- (version "1.12")
+ (version "1.13")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/gdbm/gdbm-"
version ".tar.gz"))
(sha256
(base32
- "1smwz4x5qa4js0zf1w3asq6z7mh20zlgwbh2bk5dczw6xrk22yyr"))))
+ "0lx201q20dvc70f8a3c9s7s18z15inlxvbffph97ngvrgnyjq9cx"))))
(arguments `(#:configure-flags '("--enable-libgdbm-compat")))
(build-system gnu-build-system)
(home-page "http://www.gnu.org.ua/software/gdbm")
@@ -721,7 +721,7 @@ for example from a shell script.")
(define-public sqlite
(package
(name "sqlite")
- (version "3.17.0")
+ (version "3.19.2")
(source (origin
(method url-fetch)
(uri (let ((numeric-version
@@ -737,7 +737,7 @@ for example from a shell script.")
numeric-version ".tar.gz")))
(sha256
(base32
- "0k472gq0p706jq4529p60znvw02hdf172qxgbdv59q0n7anqbr54"))))
+ "1z1gmiyx68g1yxc3avc9jnan53irnsq2rsyldwyxcfnc07xn2lya"))))
(build-system gnu-build-system)
(inputs `(("readline" ,readline)))
(arguments
diff --git a/gnu/packages/ed.scm b/gnu/packages/ed.scm
index 5014229952..d30d7bcfa8 100644
--- a/gnu/packages/ed.scm
+++ b/gnu/packages/ed.scm
@@ -28,14 +28,14 @@
(define-public ed
(package
(name "ed")
- (version "1.14.1")
+ (version "1.14.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/ed/ed-"
version ".tar.lz"))
(sha256
(base32
- "0ajm69pma7gigddlrq2qi4dsllz9vhm8gqwpkcdagdd2yaw7xfgz"))))
+ "1nqhk3n1s1p77g2bjnj55acicsrlyb2yasqxqwpx0w0djfx64ygm"))))
(build-system gnu-build-system)
(native-inputs `(("lzip" ,lzip)))
(arguments
diff --git a/gnu/packages/embedded.scm b/gnu/packages/embedded.scm
index 70541540e5..b9b8e84685 100644
--- a/gnu/packages/embedded.scm
+++ b/gnu/packages/embedded.scm
@@ -447,7 +447,7 @@ with a layered architecture of JTAG interface and TAP support.")
,@(package-arguments xbinutils)))
(native-inputs
`(("bison" ,bison)
- ("flex" ,flex-2.6.1) ; needed because of yywrap error
+ ("flex" ,flex)
("texinfo" ,texinfo)
("dejagnu" ,dejagnu)
,@(package-native-inputs xbinutils))))))
@@ -799,7 +799,7 @@ simulator.")
(base32
"14b3h2ji740s8zq5vwm4qdcxs4aa4wxi6wb9di3bv1h39x14nyr9"))))
("texinfo" ,texinfo)
- ("flex" ,flex-2.6.1) ; A bug in flex prevents building with flex-2.6.3.
+ ("flex" ,flex)
("bison" ,bison)
("guile-1.8" ,guile-1.8)
("which" ,base:which)))
diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm
index a6239877a0..050e6715b1 100644
--- a/gnu/packages/file.scm
+++ b/gnu/packages/file.scm
@@ -28,14 +28,14 @@
(define-public file
(package
(name "file")
- (version "5.28")
+ (version "5.30")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.astron.com/pub/file/file-"
version ".tar.gz"))
(sha256
(base32
- "04p0w9ggqq6cqvwhyni0flji1z0rwrz896hmhkxd2mc6dca5xjqf"))))
+ "057jpcyy8ws7q4s4sm8r1rxb8xycdbng2z4y9i98f094wlr28k39"))))
(build-system gnu-build-system)
;; When cross-compiling, this package depends upon a native install of
diff --git a/gnu/packages/flex.scm b/gnu/packages/flex.scm
index 1470b967da..fdda5f365d 100644
--- a/gnu/packages/flex.scm
+++ b/gnu/packages/flex.scm
@@ -32,7 +32,7 @@
(define-public flex
(package
(name "flex")
- (version "2.6.3")
+ (version "2.6.4")
(source (origin
(method url-fetch)
(uri (string-append
@@ -41,7 +41,7 @@
"flex-" version ".tar.gz"))
(sha256
(base32
- "1an2cn2z85mkpgqcinh1fhhcd7993qm2lil1yxic8iz76ci79ck8"))))
+ "15g9bv236nzi665p9ggqjlfn4dwck5835vf0bbw2cz7h5c1swyp8"))))
(build-system gnu-build-system)
(inputs
(let ((bison-for-tests
@@ -85,20 +85,3 @@ regular expressions for each rule. Whenever it finds a match, it
executes the corresponding C code.")
(license (non-copyleft "file://COPYING"
"See COPYING in the distribution."))))
-
-;;; Many packages fail to build with flex > 2.6.1, due to this bug in flex:
-;;; <https://github.com/westes/flex/issues/162>
-;;; We must not use a flex before 2.6.1, due to CVE-2016-6354.
-;;; TODO Try using flex > 2.6.3.
-(define-public flex-2.6.1
- (package
- (inherit flex)
- (version "2.6.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://github.com/westes/flex"
- "/releases/download/v" version "/"
- "flex-" version ".tar.xz"))
- (sha256
- (base32
- "0gqhk4vkwy4gl9xbpgkljph8c0a5kpijz6wd0p5r9q202qn42yic"))))))
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index efea81dc11..c5a69232ca 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -48,14 +48,13 @@
(define-public freetype
(package
(name "freetype")
- (replacement freetype/fixed)
- (version "2.7.1")
+ (version "2.8")
(source (origin
(method url-fetch)
(uri (string-append "mirror://savannah/freetype/freetype-"
version ".tar.bz2"))
(sha256 (base32
- "121gm15ayfg3rglby8ifh8384mcjb9dhmx9j40zl7yszw72b4frs"))))
+ "02xlj611alpvl3h33hvfw1jyxc1vp9mzwcckkiglkhn3hknh7im3"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
@@ -74,15 +73,6 @@ anti-aliased glyph bitmap generation with 256 gray levels.")
(license license:freetype) ; some files have other licenses
(home-page "https://www.freetype.org/")))
-(define freetype/fixed
- (package
- (inherit freetype)
- (source
- (origin
- (inherit (package-source freetype))
- (patches (search-patches "freetype-CVE-2017-8105.patch"
- "freetype-CVE-2017-8287.patch"))))))
-
(define-public ttfautohint
(package
(name "ttfautohint")
@@ -385,8 +375,7 @@ applications should be.")
(define-public graphite2
(package
(name "graphite2")
- (version "1.3.9")
- (replacement graphite2/fixed)
+ (version "1.3.10")
(source
(origin
(method url-fetch)
@@ -395,7 +384,7 @@ applications should be.")
(patches (search-patches "graphite2-ffloat-store.patch"))
(sha256
(base32
- "0rs5h7m340z75kygx8d72cps0q6yvvqa9i788vym7585cfv8a0gc"))))
+ "1bm1rl2ww0m8rvmknh8fpajyz9xqv43qs9qrzf7xd5gaz6rf7zch"))))
(build-system cmake-build-system)
(native-inputs
`(("python" ,python-2) ; because of "import imap" in tests
@@ -411,22 +400,6 @@ and returns a sequence of positioned glyphids from the font.")
(license license:lgpl2.1+)
(home-page "https://github.com/silnrsi/graphite")))
-(define graphite2/fixed
- (package
- (inherit graphite2)
- (name "graphite2")
- (replacement #f)
- (source
- (origin
- (method url-fetch)
- (uri (let ((version "1.3.10"))
- (string-append "https://github.com/silnrsi/graphite/releases/"
- "download/" version "/" name "-" version ".tgz")))
- (patches (search-patches "graphite2-ffloat-store.patch"))
- (sha256
- (base32
- "1bm1rl2ww0m8rvmknh8fpajyz9xqv43qs9qrzf7xd5gaz6rf7zch"))))))
-
(define-public potrace
(package
(name "potrace")
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index 866f8478ff..45b86fcc7e 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -213,7 +213,7 @@ where the OS part is overloaded to denote a specific ABI---into GCC
;; Fix the dynamic linker's file name.
(substitute* (find-files "gcc/config"
"^(linux|gnu|sysv4)(64|-elf|-eabi)?\\.h$")
- (("#define (GLIBC|GNU_USER)_DYNAMIC_LINKER([^ ]*).*$"
+ (("#define (GLIBC|GNU_USER)_DYNAMIC_LINKER([^ \t]*).*$"
_ gnu-user suffix)
(format #f "#define ~a_DYNAMIC_LINKER~a \"~a\"~%"
gnu-user suffix
diff --git a/gnu/packages/gettext.scm b/gnu/packages/gettext.scm
index f583d1c2c2..2a749e3a6d 100644
--- a/gnu/packages/gettext.scm
+++ b/gnu/packages/gettext.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,13 @@
version ".tar.gz"))
(sha256
(base32
- "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z"))))
+ "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z"))
+ ;; test-lock has performance issues on multi-core machines,
+ ;; it hangs or takes a long time to complete.
+ ;; There is one commit in gettext and one commit
+ ;; in gettext's embedded gnulib to fix this issue.
+ (patches (search-patches "gettext-multi-core.patch"
+ "gettext-gnulib-multi-core.patch"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;8 MiB of HTML
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index 1cb651c96b..e0ae9bab6f 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2013, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -129,85 +130,98 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript
(package
- (name "ghostscript")
- (replacement ghostscript/fixed)
- (version "9.14.0")
- ;; XXX Try removing the bundled copy of jbig2dec.
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-"
- version ".tar.xz"))
- (sha256
- (base32
- "0q4jj41p0qbr4mgcc9q78f5zs8cm1g57wgryhsm2yq4lfslm3ib1"))
- (patches (search-patches "ghostscript-CVE-2013-5653.patch"
- "ghostscript-CVE-2015-3228.patch"
- "ghostscript-CVE-2016-7976.patch"
- "ghostscript-CVE-2016-7978.patch"
- "ghostscript-CVE-2016-7979.patch"
- "ghostscript-CVE-2016-8602.patch"
- "ghostscript-runpath.patch"))
- (modules '((guix build utils)))
- (snippet
- ;; Honor --docdir.
- '(substitute* "Makefile.in"
- (("^docdir=.*$") "docdir = @docdir@\n")
- (("^exdir=.*$") "exdir = $(docdir)/examples\n")))))
- (build-system gnu-build-system)
- (outputs '("out" "doc")) ;16 MiB of HTML/PS doc + examples
- (inputs `(("freetype" ,freetype)
- ("lcms" ,lcms)
- ("libjpeg-8" ,libjpeg-8)
- ("libpng" ,libpng)
- ("libpaper" ,libpaper)
- ("libtiff" ,libtiff)
- ("zlib" ,zlib)))
- (native-inputs
- `(("perl" ,perl)
- ("pkg-config" ,pkg-config) ; needed to find libtiff
- ("python" ,python-wrapper)
- ("tcl" ,tcl)))
- (arguments
- `(#:disallowed-references ("doc")
- #:phases
- (modify-phases %standard-phases
- (add-after 'configure 'patch-config-files
- (lambda _
- (substitute* "base/all-arch.mak"
- (("/bin/sh") (which "sh")))
- (substitute* "base/unixhead.mak"
- (("/bin/sh") (which "sh")))))
- (add-after 'configure 'remove-doc-reference
- (lambda _
- ;; Don't retain a reference to the 'doc' output in 'gs'.
- ;; The only use of this definition is in the output of
- ;; 'gs --help', so this change is fine.
- (substitute* "base/gscdef.c"
- (("GS_DOCDIR")
- "\"~/.guix-profile/share/doc/ghostscript\""))))
- (replace 'build
+ (name "ghostscript")
+ (version "9.21")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/ArtifexSoftware/"
+ "ghostpdl-downloads/releases/download/gs"
+ (string-delete #\. version)
+ "/ghostscript-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0lyhjcrkmd5fcmh8h56bs4xr9k4jasmikv5vsix1hd4ai0ad1q9b"))
+ (patches (search-patches "ghostscript-runpath.patch"
+ "ghostscript-CVE-2017-8291.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so
+ ;; we leave it, at least for now.
+ ;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
+ '(begin
+ (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
+ "lcms2" "libpng"
+ "tiff" "zlib"))))))
+ (build-system gnu-build-system)
+ (outputs '("out" "doc")) ;19 MiB of HTML/PS doc + examples
+ (arguments
+ `(#:disallowed-references ("doc")
+ #:configure-flags
+ (list "--with-system-libtiff"
+ "LIBS=-lz"
+ (string-append "ZLIBDIR="
+ (assoc-ref %build-inputs "zlib") "/include")
+ "--enable-dynamic")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'fix-doc-dir
(lambda _
- ;; Build 'libgs.so', but don't build the statically-linked 'gs'
- ;; binary (saves 18 MiB).
- (zero? (system* "make" "so" "-j"
- (number->string (parallel-job-count))))))
- (replace 'install
+ ;; Honor --docdir.
+ (substitute* "Makefile.in"
+ (("^docdir=.*$") "docdir = @docdir@\n")
+ (("^exdir=.*$") "exdir = $(docdir)/examples\n"))
+ #t))
+ (add-after 'configure 'remove-doc-reference
(lambda _
- (zero? (system* "make" "soinstall"))))
- (add-after 'install 'create-gs-symlink
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- ;; some programs depend on having a 'gs' binary available
- (symlink "gsc" (string-append out "/bin/gs"))))))))
- (synopsis "PostScript and PDF interpreter")
- (description
- "Ghostscript is an interpreter for the PostScript language and the PDF
+ ;; Don't retain a reference to the 'doc' output in 'gs'.
+ ;; The only use of this definition is in the output of
+ ;; 'gs --help', so this change is fine.
+ (substitute* "base/gscdef.c"
+ (("GS_DOCDIR")
+ "\"~/.guix-profile/share/doc/ghostscript\""))
+ #t))
+ (add-after 'configure 'patch-config-files
+ (lambda _
+ (substitute* "base/unixhead.mak"
+ (("/bin/sh") (which "sh")))
+ #t))
+ (replace 'build
+ (lambda _
+ ;; Build 'libgs.so', but don't build the statically-linked 'gs'
+ ;; binary (saves 22 MiB).
+ (zero? (system* "make" "so" "-j"
+ (number->string (parallel-job-count))))))
+ (replace 'install
+ (lambda _
+ (zero? (system* "make" "soinstall"))))
+ (add-after 'install 'create-gs-symlink
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ ;; Some programs depend on having a 'gs' binary available.
+ (symlink "gsc" (string-append out "/bin/gs"))
+ #t))))))
+ (native-inputs
+ `(("perl" ,perl)
+ ("python" ,python-wrapper)
+ ("tcl" ,tcl)))
+ (inputs
+ `(("freetype" ,freetype)
+ ("jbig2dec" ,jbig2dec)
+ ("lcms2" ,lcms)
+ ("libjpeg" ,libjpeg)
+ ("libpaper" ,libpaper)
+ ("libpng" ,libpng)
+ ("libtiff" ,libtiff)
+ ("zlib" ,zlib)))
+ (synopsis "PostScript and PDF interpreter")
+ (description
+ "Ghostscript is an interpreter for the PostScript language and the PDF
file format. It also includes a C library that implements the graphics
capabilities of the PostScript language. It supports a wide variety of
output file formats and printers.")
- (license license:agpl3+)
- (home-page "https://www.gnu.org/software/ghostscript/")
- (properties '((upstream-name . "gnu-ghostscript")))))
+ (home-page "https://www.ghostscript.com/")
+ (license license:agpl3+)))
(define-public ghostscript/x
(package/inherit ghostscript
@@ -216,28 +230,11 @@ output file formats and printers.")
("libxt" ,libxt)
,@(package-inputs ghostscript)))))
-(define ghostscript/fixed
- (package
- (inherit ghostscript)
- (replacement #f)
- (source
- (origin
- (inherit (package-source ghostscript))
- (patches
- (append
- (origin-patches (package-source ghostscript))
- (search-patches "ghostscript-CVE-2017-8291.patch")))))))
-
(define-public ijs
(package
(name "ijs")
- (version "9.14.0")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-"
- version ".tar.xz"))
- (sha256 (base32
- "0q4jj41p0qbr4mgcc9q78f5zs8cm1g57wgryhsm2yq4lfslm3ib1"))))
+ (version (package-version ghostscript))
+ (source (package-source ghostscript))
(build-system gnu-build-system)
(native-inputs
`(("libtool" ,libtool)
@@ -245,31 +242,29 @@ output file formats and printers.")
("autoconf" ,autoconf)))
(arguments
`(#:phases
- (alist-cons-after
- 'unpack 'autogen
- (lambda _
- ;; need to regenerate macros
- (system* "autoreconf" "-if")
- ;; do not run configure
- (substitute* "autogen.sh"
- (("^.*\\$srcdir/configure.*") ""))
- (system* "bash" "autogen.sh")
-
- ;; create configure script in ./ijs/
- (chdir "ijs")
- ;; do not run configure
- (substitute* "autogen.sh"
- (("^.*\\$srcdir/configure.*") "")
- (("^ + && echo Now type.*$") ""))
- (zero? (system* "bash" "autogen.sh")))
- %standard-phases)))
+ (modify-phases %standard-phases
+ (add-after 'unpack 'autogen
+ (lambda _
+ ;; need to regenerate macros
+ (system* "autoreconf" "-if")
+ ;; do not run configure
+ (substitute* "autogen.sh"
+ (("^.*\\$srcdir/configure.*") ""))
+ (system* "bash" "autogen.sh")
+ ;; create configure script in ./ijs/
+ (chdir "ijs")
+ ;; do not run configure
+ (substitute* "autogen.sh"
+ (("^.*\\$srcdir/configure.*") "")
+ (("^ + && echo Now type.*$") ""))
+ (zero? (system* "bash" "autogen.sh")))))))
(synopsis "IJS driver framework for inkjet and other raster devices")
(description
"IJS is a protocol for transmission of raster page images. This package
provides the reference implementation of the raster printer driver
architecture.")
(license license:expat)
- (home-page "https://www.gnu.org/software/ghostscript/")))
+ (home-page (package-home-page ghostscript))))
(define-public gs-fonts
(package
@@ -287,6 +282,10 @@ architecture.")
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; nothing to check, just files to copy
+
+ #:modules ((guix build gnu-build-system)
+ (guix build utils)
+ (srfi srfi-1))
#:phases
(modify-phases %standard-phases
(delete 'configure)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index c1c73f0f74..7f7880429a 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -954,7 +954,6 @@ the GNOME desktop environment.")
(define-public libcroco
(package
(name "libcroco")
- (replacement libcroco/fixed)
(version "0.6.11")
(source (origin
(method url-fetch)
@@ -963,7 +962,9 @@ the GNOME desktop environment.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0mm0wldbi40am5qn0nv7psisbg01k42rwzjxl3gv11l5jj554aqk"))))
+ "0mm0wldbi40am5qn0nv7psisbg01k42rwzjxl3gv11l5jj554aqk"))
+ (patches (search-patches "libcroco-CVE-2017-7960.patch"
+ "libcroco-CVE-2017-7961.patch"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
@@ -982,19 +983,6 @@ XML/CSS rendering engine.")
;; LGPLv2.1-only.
(license license:lgpl2.1)))
-(define libcroco/fixed
- (package
- (inherit libcroco)
- (replacement #f)
- (source
- (origin
- (inherit (package-source libcroco))
- (patches
- (append
- (origin-patches (package-source libcroco))
- (search-patches "libcroco-CVE-2017-7960.patch"
- "libcroco-CVE-2017-7961.patch")))))))
-
(define-public libgsf
(package
(name "libgsf")
@@ -1031,7 +1019,7 @@ dealing with different structured file formats.")
(define-public librsvg
(package
(name "librsvg")
- (version "2.40.16")
+ (version "2.40.17")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@@ -1039,7 +1027,7 @@ dealing with different structured file formats.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0bpz6gsq8xi1pb5k9ax6vinph460v14znch3y5yz167s0dmwz2yl"))))
+ "1k39gyf7f5m9x0jvpcxvfcqswdb04xhm1lbwbjabn1f4xk5wbxp6"))))
(build-system gnu-build-system)
(arguments
`(#:phases
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index c2b02789bf..5c04745ff5 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -4,7 +4,7 @@
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
-;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
@@ -58,7 +58,7 @@
(define-public libgpg-error
(package
(name "libgpg-error")
- (version "1.26")
+ (version "1.27")
(source
(origin
(method url-fetch)
@@ -66,7 +66,7 @@
version ".tar.bz2"))
(sha256
(base32
- "0sgfia0syq78k1c9h10rkhc1nfv5v097icrprlx2x4qn074wnjsc"))))
+ "1li95ni122fzinzlmxbln63nmgij63irxfvi52ws4zfbzv3am4sg"))))
(build-system gnu-build-system)
(home-page "https://gnupg.org")
(synopsis "Library of error values for GnuPG components")
@@ -82,14 +82,14 @@ Daemon and possibly more in the future.")
(define-public libgcrypt
(package
(name "libgcrypt")
- (version "1.7.6")
+ (version "1.7.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "1g05prhgqw4ryd0w433q8nhds0h93kf47hfjagi2r7dghkpaysk2"))))
+ "16ndaj93asw122mwjz172x2ilpm03w1yp5mqcrp3xslk0yx5xf5r"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error-host" ,libgpg-error)))
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
index dffa2baf30..d250caff4a 100644
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@@ -208,7 +208,7 @@ affine transformation (scale, rotation, shear, etc.).")
(define-public pango
(package
(name "pango")
- (version "1.40.3")
+ (version "1.40.5")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/pango/"
@@ -216,7 +216,7 @@ affine transformation (scale, rotation, shear, etc.).")
name "-" version ".tar.xz"))
(sha256
(base32
- "1lqi4yncw5q0v7g5makzxyp18g5cksqyld8m1wx0qli8wxf8pfmb"))))
+ "1j81kmdq2kndayahfck60myd05hj5qd7mixj0w5kchkc8m082x14"))))
(build-system gnu-build-system)
(propagated-inputs
`(("cairo" ,cairo)
diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm
index 5b85a61c12..bcfbe65aec 100644
--- a/gnu/packages/guile.scm
+++ b/gnu/packages/guile.scm
@@ -153,7 +153,11 @@ without requiring the source code to be rewritten.")
(inputs `(("libffi" ,libffi)
("readline" ,readline)
,@(libiconv-if-needed)
- ,@(if (target-mingw?) '() `(("bash" ,bash)))))
+
+ ;; We need Bash when cross-compiling because some of the scripts
+ ;; in bin/ refer to it. Use 'bash-minimal' because we don't need
+ ;; an interactive Bash with Readline and all.
+ ,@(if (target-mingw?) '() `(("bash" ,bash-minimal)))))
(propagated-inputs
`( ;; These ones aren't normally needed here, but since `libguile-2.0.la'
;; reads `-lltdl -lunistring', adding them here will add the needed
@@ -212,14 +216,6 @@ without requiring the source code to be rewritten.")
(home-page "https://www.gnu.org/software/guile/")
(license license:lgpl3+)))
-(define-public guile-2.0/fixed
- ;; A package of Guile 2.0 that's rarely changed. It is the one used
- ;; in the `base' module, and thus changing it entails a full rebuild.
- (package
- (inherit guile-2.0)
- (properties '((hidden? . #t))) ;people should install 'guile-2.0'
- (replacement #f)))
-
(define-public guile-2.2
(package (inherit guile-2.0)
(name "guile")
@@ -227,11 +223,14 @@ without requiring the source code to be rewritten.")
(replacement #f)
(source (origin
(method url-fetch)
+
+ ;; Note: we are limited to one of the compression formats
+ ;; supported by the bootstrap binaries, so no lzip here.
(uri (string-append "mirror://gnu/guile/guile-" version
- ".tar.lz"))
+ ".tar.xz"))
(sha256
(base32
- "1dnh75h4rkx1zflpsngznkwcd6afn6zrc5x3xq7n946pm5bnx5bq"))
+ "1azm25zcmxif0skxfrp11d2wc89nrzpjaann9yxdw6pvjxhs948w"))
(modules '((guix build utils)))
;; Remove the pre-built object files. Instead, build everything
@@ -250,6 +249,14 @@ without requiring the source code to be rewritten.")
(files '("lib/guile/2.2/site-ccache"
"share/guile/site/2.2")))))))
+(define-public guile-2.2/fixed
+ ;; A package of Guile 2.2 that's rarely changed. It is the one used
+ ;; in the `base' module, and thus changing it entails a full rebuild.
+ (package
+ (inherit guile-2.2)
+ (properties '((hidden? . #t))) ;people should install 'guile-2.2'
+ (replacement #f)))
+
(define-public guile-next
(deprecated-package "guile-next" guile-2.2))
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 3e96520054..3461285850 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -33,7 +33,6 @@
(package
(name "icu4c")
(version "58.2")
- (replacement icu4c/fixed)
(source (origin
(method url-fetch)
(uri (string-append
@@ -42,6 +41,9 @@
"/icu4c-"
(string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
"-src.tgz"))
+ (patches
+ (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch"
+ "icu4c-reset-keyword-list-iterator.patch"))
(sha256
(base32 "036shcb3f8bm1lynhlsb4kpjm9s9c2vdiir01vg216rs2l8482ib"))))
(build-system gnu-build-system)
@@ -68,16 +70,6 @@ C/C++ part.")
(license x11)
(home-page "http://site.icu-project.org/")))
-(define icu4c/fixed
- (package
- (inherit icu4c)
- (replacement #f)
- (source (origin
- (inherit (package-source icu4c))
- (patches
- (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch"
- "icu4c-reset-keyword-list-iterator.patch"))))))
-
(define-public java-icu4j
(package
(name "java-icu4j")
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index f6337e0fc2..da05c64545 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -67,7 +67,7 @@
(define-public libpng
(package
(name "libpng")
- (version "1.6.28")
+ (version "1.6.29")
(source (origin
(method url-fetch)
(uri (list (string-append "mirror://sourceforge/libpng/libpng16/"
@@ -79,7 +79,8 @@
"ftp://ftp.simplesystems.org/pub/libpng/png/src/history"
"/libpng16/libpng-" version ".tar.xz")))
(sha256
- (base32 "0ylgyx93hnk38haqrh8prd3ax5ngzwvjqw5cxw7p9nxmwsfyrlyq"))))
+ (base32
+ "0fgjqp7x6jynacmqh6dj72cn6nnf6yxjfqqqfsxrx0pyx22bcia2"))))
(build-system gnu-build-system)
;; libpng.la says "-lz", so propagate it.
@@ -335,31 +336,14 @@ extracting icontainer icon files.")
(define-public libtiff
(package
(name "libtiff")
- (replacement libtiff-4.0.8)
- (version "4.0.7")
+ (version "4.0.8")
(source (origin
(method url-fetch)
(uri (string-append "ftp://download.osgeo.org/libtiff/tiff-"
version ".tar.gz"))
- (patches (search-patches "libtiff-heap-overflow-tiffcp.patch"
- "libtiff-null-dereference.patch"
- "libtiff-heap-overflow-tif-dirread.patch"
- "libtiff-heap-overflow-pixarlog-luv.patch"
- "libtiff-divide-by-zero.patch"
- "libtiff-divide-by-zero-ojpeg.patch"
- "libtiff-tiffcp-underflow.patch"
- "libtiff-invalid-read.patch"
- "libtiff-CVE-2016-10092.patch"
- "libtiff-heap-overflow-tiffcrop.patch"
- "libtiff-divide-by-zero-tiffcrop.patch"
- "libtiff-CVE-2016-10093.patch"
- "libtiff-divide-by-zero-tiffcp.patch"
- "libtiff-assertion-failure.patch"
- "libtiff-CVE-2016-10094.patch"
- "libtiff-CVE-2017-5225.patch"))
(sha256
(base32
- "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz"))))
+ "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.3 MiB of HTML documentation
@@ -384,19 +368,6 @@ collection of tools for doing simple manipulations of TIFF images.")
"See COPYRIGHT in the distribution."))
(home-page "http://www.simplesystems.org/libtiff/")))
-(define libtiff-4.0.8
- (package
- (inherit libtiff)
- (version "4.0.8")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-"
- version ".tar.gz"))
- (sha256
- (base32
- "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))))
-
(define-public libwmf
(package
(name "libwmf")
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index 6be7c82bc0..e40ddb2bb2 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2012, 2013 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2012, 2017 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -42,7 +43,7 @@
(define-public mit-krb5
(package
(name "mit-krb5")
- (version "1.14.4")
+ (version "1.15.1")
(source (origin
(method url-fetch)
(uri (string-append "http://web.mit.edu/kerberos/dist/krb5/"
@@ -50,20 +51,13 @@
"/krb5-" version ".tar.gz"))
(sha256
(base32
- "158bgq9xcg5ljgzia1880ak7m9g6vf2r009rzdqif5n9h111m9h3"))))
+ "0igbi5d095c2hgpn2cixpc4q2ij8vgg2bx7yjfly5zfmvlqqhz23"))))
(build-system gnu-build-system)
(native-inputs
`(("bison" ,bison)
("perl" ,perl)))
(arguments
- `(;; Work around "No rule to make target '../../include/gssapi/gssapi.h',
- ;; needed by 'authgss_prot.so'."
- #:parallel-build? #f
-
- ;; Likewise with tests.
- #:parallel-tests? #f
-
- ;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call
+ `(;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call
;; while running the tests in 'src/tests'.
#:tests? ,(string=? (%current-system) "x86_64-linux")
diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in
index ebfd8332c4..82bd2196cf 100644
--- a/gnu/packages/ld-wrapper.in
+++ b/gnu/packages/ld-wrapper.in
@@ -15,7 +15,7 @@ main="(@ (gnu build-support ld-wrapper) ld-wrapper)"
exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line)))" "$@"
!#
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -35,6 +35,7 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line))
(define-module (gnu build-support ld-wrapper)
#:use-module (srfi srfi-1)
#:use-module (ice-9 match)
+ #:autoload (ice-9 rdelim) (read-string)
#:export (ld-wrapper))
;;; Commentary:
@@ -222,9 +223,44 @@ impure library ~s~%"
'()
library-files))
+(define (expand-arguments args)
+ ;; Expand ARGS such that "response file" arguments, such as "@args.txt", are
+ ;; expanded (info "(gcc) Overall Options").
+ (define (response-file-arguments file)
+ (when %debug?
+ (format (current-error-port)
+ "ld-wrapper: attempting to read arguments from '~a'~%" file))
+
+ ;; FIXME: Options can contain whitespace if they are protected by single
+ ;; or double quotes; this is not implemented here.
+ (string-tokenize (call-with-input-file file read-string)))
+
+ (define result
+ (fold-right (lambda (arg result)
+ (if (string-prefix? "@" arg)
+ (let ((file (string-drop arg 1)))
+ (append (catch 'system-error
+ (lambda ()
+ (response-file-arguments file))
+ (lambda args
+ ;; FILE doesn't exist or cannot be read so
+ ;; leave ARG as is.
+ (list arg)))
+ result))
+ (cons arg result)))
+ '()
+ args))
+
+ ;; If there are "@" arguments in RESULT *and* we can expand them (they don't
+ ;; refer to nonexistent files), then recurse.
+ (if (equal? result args)
+ result
+ (expand-arguments result)))
+
(define (ld-wrapper . args)
;; Invoke the real `ld' with ARGS, augmented with `-rpath' switches.
- (let* ((path (library-search-path args))
+ (let* ((args (expand-arguments args))
+ (path (library-search-path args))
(libs (library-files-linked args path))
(args (append args (rpath-arguments libs))))
(when %debug?
diff --git a/gnu/packages/libffi.scm b/gnu/packages/libffi.scm
index 13938f7ee8..16475affe6 100644
--- a/gnu/packages/libffi.scm
+++ b/gnu/packages/libffi.scm
@@ -42,7 +42,8 @@
name "-" version ".tar.gz"))
(sha256
(base32
- "0dya49bnhianl0r65m65xndz6ls2jn1xngyn72gd28ls3n7bnvnh"))))
+ "0dya49bnhianl0r65m65xndz6ls2jn1xngyn72gd28ls3n7bnvnh"))
+ (patches (search-patches "libffi-3.2.1-complex-alpha.patch"))))
(build-system gnu-build-system)
(arguments `(#:phases (alist-cons-after 'install 'post-install
,post-install-phase
diff --git a/gnu/packages/libidn.scm b/gnu/packages/libidn.scm
index da6c7efb6f..fc91fe263e 100644
--- a/gnu/packages/libidn.scm
+++ b/gnu/packages/libidn.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
@@ -20,6 +20,7 @@
(define-module (gnu packages libidn)
#:use-module (gnu packages)
+ #:use-module (gnu packages compression)
#:use-module (gnu packages libunistring)
#:use-module (guix licenses)
#:use-module (guix packages)
@@ -53,42 +54,19 @@ Java libraries.")
(define-public libidn2
(package
(name "libidn2")
- (version "0.16")
+ (version "2.0.2")
(source (origin
(method url-fetch)
- (uri (string-append "ftp://alpha.gnu.org/gnu/libidn/libidn2-"
- version ".tar.gz"))
+ (uri (string-append "mirror://gnu/libidn/" name "-" version
+ ".tar.lz"))
(sha256
(base32
- "13v8kh4d5nfkymai88zlw3h7k4x9khrpdpv97waf4ah8ykzrxb9g"))))
- ;; XXX: Make sure to remove the 'create-pkg-config' phase
- ;; below when this package is updated to >= 0.17.
+ "0pqaj8d01aj4i110669fincqs10kgynyqcrmq2q7pss8v9dcd1jq"))))
+ (native-inputs
+ `(("lzip" ,lzip)))
(inputs
`(("libunistring" ,libunistring)))
(build-system gnu-build-system)
- (arguments
- `(#:phases
- (modify-phases %standard-phases
- (add-after 'install 'create-pkgconfig-file
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (pkgconfig (string-append out "/lib/pkgconfig")))
- (mkdir-p pkgconfig)
- (call-with-output-file (string-append pkgconfig "/libidn2.pc")
- (lambda (port)
- (format port "prefix=~a
-exec_prefix=${prefix}
-libdir=${exec_prefix}/lib
-includedir=${prefix}/include
-
-Name: Libidn2
-Description: Library implementing IDNA2008 and TR46
-Version: ~a
-Libs: -L${libdir} -lidn2
-Cflags: -I${includedir}
-"
- out ,version)))
- #t))))))
(synopsis "Internationalized domain name library for IDNA2008")
(description "Libidn2 is an internationalized domain library implementing
the IDNA2008 specifications. Libidn2 is believed to be a complete IDNA2008
diff --git a/gnu/packages/libsigsegv.scm b/gnu/packages/libsigsegv.scm
index 41e7345351..2a44819820 100644
--- a/gnu/packages/libsigsegv.scm
+++ b/gnu/packages/libsigsegv.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,14 +26,14 @@
(define-public libsigsegv
(package
(name "libsigsegv")
- (version "2.10")
+ (version "2.11")
(source (origin
(method url-fetch)
(uri (string-append
"mirror://gnu/libsigsegv/libsigsegv-"
version ".tar.gz"))
(sha256
- (base32 "16hrs8k3nmc7a8jam5j1fpspd6sdpkamskvsdpcw6m29vnis8q44"))))
+ (base32 "063swdvq7mbmc1clv0rnh20grwln1zfc2qnm0sa1hivcxyr2wz6x"))))
(build-system gnu-build-system)
(home-page "https://www.gnu.org/software/libsigsegv/")
(synopsis "Library for handling page faults")
@@ -44,12 +45,12 @@
;; linux-libre-headers-cross-mips64el-linux-gnu-3.3.8/include/asm/sigcontext.h:57:8: error: redefinition of 'struct sigcontext'
(if (string-contains (or (%current-target-system) (%current-system))
"mips64el")
- `(#:phases (alist-cons-before
- 'configure 'patch-mips-old-h
- (lambda _
- (substitute* "src/fault-linux-mips-old.h"
- (("#include <asm/sigcontext\\.h>") "")))
- %standard-phases))
+ `(#:phases (modify-phases %standard-phases
+ (add-before 'configure 'patch-mips-old-h
+ (lambda _
+ (substitute* "src/fault-linux-mips-old.h"
+ (("#include <asm/sigcontext\\.h>") ""))
+ #t))))
'()))
(description
"GNU libsigsegv is a library to handle page faults, which occur when a
diff --git a/gnu/packages/libunistring.scm b/gnu/packages/libunistring.scm
index 212bec4b49..df02f68cea 100644
--- a/gnu/packages/libunistring.scm
+++ b/gnu/packages/libunistring.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
+;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,6 +25,7 @@
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
#:use-module (gnu packages base))
(define-public libunistring
@@ -37,7 +39,11 @@
version ".tar.xz"))
(sha256
(base32
- "15z76qrmrvkc3c6hfq2lzzqysgd21s682f2smycfab5g598n8drf"))))
+ "15z76qrmrvkc3c6hfq2lzzqysgd21s682f2smycfab5g598n8drf"))
+ ;; test-lock has performance issues on multi-core machines,
+ ;; it hangs or takes a long time to complete.
+ ;; This is a commit from gnulib to fix this issue.
+ (patches (search-patches "libunistring-gnulib-multi-core.patch"))))
(propagated-inputs (libiconv-if-needed))
(build-system gnu-build-system)
(arguments
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index d085e8f6f7..5a3490fdf1 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -494,7 +494,7 @@ providing the system administrator with some help in common tasks.")
(define-public util-linux
(package
(name "util-linux")
- (version "2.29.2")
+ (version "2.30")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/linux/utils/"
@@ -502,7 +502,7 @@ providing the system administrator with some help in common tasks.")
name "-" version ".tar.xz"))
(sha256
(base32
- "1qz81w8vzrmy8xn9yx7ls4amkbgwx6vr62pl6kv9g7r0g3ba9kmc"))
+ "13d0ax8bcapga8phj2nclx86w57ddqxbr98ajibpzjq6d7zs8262"))
(patches (search-patches "util-linux-tests.patch"))
(modules '((guix build utils)))
(snippet
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 88a46f8e9b..16896502ea 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -1835,7 +1835,7 @@ implemented in ANSI C, and MPI for communications.")
(build-system gnu-build-system)
(inputs
`(("zlib" ,zlib)
- ("flex" ,flex-2.6.1) ; A bug in flex prevents building with flex-2.6.3.
+ ("flex" ,flex)
("bison" ,bison)))
(arguments
`(#:phases
diff --git a/gnu/packages/netpbm.scm b/gnu/packages/netpbm.scm
index cd0c3d950d..c7be4b13e0 100644
--- a/gnu/packages/netpbm.scm
+++ b/gnu/packages/netpbm.scm
@@ -36,7 +36,7 @@
(define-public netpbm
(package
(name "netpbm")
- (version "10.61.01")
+ (version "10.78.3")
(source (origin
(method svn-fetch)
;; At the time of first packaging, the "super-stable" and
@@ -48,10 +48,10 @@
;; To determine the correct release: "svn log version.mk".
(uri (svn-reference
(url "http://svn.code.sf.net/p/netpbm/code/advanced")
- (revision 1832)))
+ (revision 2965)))
(sha256
(base32
- "1mj1pqq18yj0yb6l24zfjls7axhqmiv0pvcaabl5xvc4a0dm543j"))
+ "1k7as9qi1942wyjxpvbf02wg0h4braw44m3m3vvi8sm9y5z1m967"))
(file-name (string-append name "-" version "-checkout"))
(modules '((guix build utils)))
(snippet
@@ -124,8 +124,8 @@
(let ((rgb (string-append (assoc-ref inputs "xorg-rgb")
"/share/X11/rgb.txt")))
- (substitute* "pm_config.in.h"
- (("/usr/share/X11/rgb.txt") rgb))
+ (substitute* "config.mk"
+ (("/usr/share/netpbm/rgb.txt") rgb))
;; Our Ghostscript no longer provides the 'gs' command, only
;; 'gsc', so look for that instead.
@@ -146,7 +146,15 @@
(("all-in-place.test") "")
(("pnmpsnr.test") "")
(("pnmremap1.test") "")
- (("gif-roundtrip.test") ""))
+ (("gif-roundtrip.test") "")
+
+ ;; These two tests started failing in netpbm-10.78.3.
+ (("jpeg-roundtrip.test") "")
+ (("pbmtext.test") "")
+
+ ;; Skip tests that use nonfree programs that we don't build.
+ (("ps-alt-roundtrip.test") "" )
+ (("pbm-misc-converters.test") ""))
#t))
(replace 'install
(lambda* (#:key outputs make-flags #:allow-other-keys)
diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm
index 12e1f9e6c0..eb3a15e080 100644
--- a/gnu/packages/package-management.scm
+++ b/gnu/packages/package-management.scm
@@ -248,7 +248,7 @@
(base32
"1giy2aprjmn5fp9c4s9r125fljw4wv6ixy5739i5bffw4jgr0f9r"))))))
(propagated-inputs
- `(("gnutls" ,gnutls/guile-2.2) ;for 'guix download' & co.
+ `(("gnutls" ,gnutls)
("guile-json" ,guile-json)
("guile-ssh" ,guile-ssh)))
@@ -274,7 +274,7 @@ the Nix package manager.")
`(("guile" ,guile-2.0)
,@(alist-delete "guile" (package-inputs guix))))
(propagated-inputs
- `(("gnutls" ,gnutls)
+ `(("gnutls" ,gnutls/guile-2.0)
("guile-json" ,guile2.0-json)
("guile-ssh" ,guile2.0-ssh)))))
diff --git a/gnu/packages/patches/binutils-mips-bash-bug.patch b/gnu/packages/patches/binutils-mips-bash-bug.patch
deleted file mode 100644
index 08d3a79749..0000000000
--- a/gnu/packages/patches/binutils-mips-bash-bug.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Bash 4.2.0(1)-release, which we use during bootstrap, does not yield the
-"x" case in:
-
- case x"$EMULATION_NAME" in x) ;; *) ;; esac
-
-when 'EMULATION_NAME' is undefined. Bash 4.3.30(1)-release doesn't have this
-problem. Work around it.
-
-This Bash bug was fixed
-in <http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-007>.
-
---- a/ld/emulparams/elf32bmipn32-defs.sh
-+++ b/ld/emulparams/elf32bmipn32-defs.sh
-@@ -13,7 +13,7 @@ LITTLE_OUTPUT_FORMAT="elf32-littlemips"
- TEMPLATE_NAME=elf32
- EXTRA_EM_FILE=mipself
-
--case x"$EMULATION_NAME" in
-+case "x$EMULATION_NAME" in
- xelf32*n32*) ELFSIZE=32 ;;
- xelf64*) ELFSIZE=64 ;;
- x) ;;
diff --git a/gnu/packages/patches/coreutils-cut-huge-range-test.patch b/gnu/packages/patches/coreutils-cut-huge-range-test.patch
index 0be2cef2b8..e3a0ef28eb 100644
--- a/gnu/packages/patches/coreutils-cut-huge-range-test.patch
+++ b/gnu/packages/patches/coreutils-cut-huge-range-test.patch
@@ -1,22 +1,33 @@
This patch fixes 100% reproducible test failures on arm-linux-gnueabihf in our
-the build environment chroot, as reported at <https://bugs.gnu.org/26253>.
-It is a followup to this upstream patch:
+the build environment chroot, as reported at <https://bugs.gnu.org/26253>,
+and now on x86_64-linux-gnu as well. It is a variant of this upstream patch:
- commit 28803c8a3144d5d4363cdbd148bbe067af1a67c2
- Author: Pádraig Brady <P@draigBrady.com>
- Date: Fri Mar 3 00:25:54 2017 -0800
+ commit f5422009389678680dba9ff4ecb7d33632ee3383
+ Author: Ludovic Courtès <ludo@gnu.org>
+ Date: Mon Mar 27 20:34:39 2017 -0700
- tests: avoid a spurious failure on older debian
+ tests: avoid false ulimit failure on some systems
+
+ * tests/misc/cut-huge-range.sh: On some systems returns_ may
+ use more memory, so incorporate that in the determination
+ of the ulimit value to use. Noticed on ARMv7 with bash-4.4.12,
+ and x86_64 with bash-4.2.37.
+ Fixes http://bugs.gnu.org/26253
... which appeared to be insufficient.
+diff --git a/tests/misc/cut-huge-range.sh b/tests/misc/cut-huge-range.sh
+index 6b3c5b6ed..55b7b640e 100755
--- a/tests/misc/cut-huge-range.sh
+++ b/tests/misc/cut-huge-range.sh
-@@ -22,6 +22,7 @@ getlimits_
+@@ -20,9 +20,9 @@
+ print_ver_ cut
+ getlimits_
- vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \
+-vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \
++vm=$(get_min_ulimit_v_ sh -c 'cut -b1 /dev/null') \
|| skip_ "this shell lacks ulimit support"
-+vm=$(($vm + $(getconf PAGESIZE))) # avoid spurious failures
+ vm=$(($vm + 1000)) # avoid spurious failures
# sed script to subtract one from the input.
# Each input line should consist of a positive decimal number.
diff --git a/gnu/packages/patches/coreutils-fix-cross-compilation.patch b/gnu/packages/patches/coreutils-fix-cross-compilation.patch
deleted file mode 100644
index 3f0d35c33e..0000000000
--- a/gnu/packages/patches/coreutils-fix-cross-compilation.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Coreutils fails to cross compile for other platforms because cu_install_program
-is not being evaluated properly. This patch fixes it.
-See <https://lists.gnu.org/archive/html/coreutils/2017-01/msg00039.html>
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -5023,7 +5023,7 @@ pr = progs-readme
- @CROSS_COMPILING_FALSE@cu_install_program = src/ginstall
-
- # Use the just-built 'ginstall', when not cross-compiling.
--@CROSS_COMPILING_TRUE@cu_install_program = @INSTALL_PROGRAM@
-+@CROSS_COMPILING_TRUE@cu_install_program := @INSTALL@
- info_TEXINFOS = doc/coreutils.texi
- doc_coreutils_TEXINFOS = \
- doc/perm.texi \
-
diff --git a/gnu/packages/patches/findutils-gnulib-multi-core.patch b/gnu/packages/patches/findutils-gnulib-multi-core.patch
new file mode 100644
index 0000000000..5a37f4f1f9
--- /dev/null
+++ b/gnu/packages/patches/findutils-gnulib-multi-core.patch
@@ -0,0 +1,294 @@
+This patch fixes performance problems on multi-core machines
+as reported at <https://bugs.gnu.org/26441>.
+
+See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib
+by Bruno Haible <bruno@clisp.org>.
+
+diff --git a/tests/test-lock.c b/tests/test-lock.c
+index a992f64..fb18dee 100644
+--- a/tests/test-lock.c
++++ b/tests/test-lock.c
+@@ -1,5 +1,5 @@
+ /* Test of locking in multithreaded situations.
+- Copyright (C) 2005, 2008-2015 Free Software Foundation, Inc.
++ Copyright (C) 2005, 2008-2017 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+@@ -50,6 +50,28 @@
+ Uncomment this to see if the operating system has a fair scheduler. */
+ #define EXPLICIT_YIELD 1
+
++/* Whether to use 'volatile' on some variables that communicate information
++ between threads. If set to 0, a semaphore or a lock is used to protect
++ these variables. If set to 1, 'volatile' is used; this is theoretically
++ equivalent but can lead to much slower execution (e.g. 30x slower total
++ run time on a 40-core machine), because 'volatile' does not imply any
++ synchronization/communication between different CPUs. */
++#define USE_VOLATILE 0
++
++#if USE_POSIX_THREADS && HAVE_SEMAPHORE_H
++/* Whether to use a semaphore to communicate information between threads.
++ If set to 0, a lock is used. If set to 1, a semaphore is used.
++ Uncomment this to reduce the dependencies of this test. */
++# define USE_SEMAPHORE 1
++/* Mac OS X provides only named semaphores (sem_open); its facility for
++ unnamed semaphores (sem_init) does not work. */
++# if defined __APPLE__ && defined __MACH__
++# define USE_NAMED_SEMAPHORE 1
++# else
++# define USE_UNNAMED_SEMAPHORE 1
++# endif
++#endif
++
+ /* Whether to print debugging messages. */
+ #define ENABLE_DEBUGGING 0
+
+@@ -90,6 +112,12 @@
+
+ #include "glthread/thread.h"
+ #include "glthread/yield.h"
++#if USE_SEMAPHORE
++# include <errno.h>
++# include <fcntl.h>
++# include <semaphore.h>
++# include <unistd.h>
++#endif
+
+ #if ENABLE_DEBUGGING
+ # define dbgprintf printf
+@@ -103,6 +131,132 @@
+ # define yield()
+ #endif
+
++#if USE_VOLATILE
++struct atomic_int {
++ volatile int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ return ai->value;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ ai->value = new_value;
++}
++#elif USE_SEMAPHORE
++/* This atomic_int implementation can only support the values 0 and 1.
++ It is initially 0 and can be set to 1 only once. */
++# if USE_UNNAMED_SEMAPHORE
++struct atomic_int {
++ sem_t semaphore;
++};
++#define atomic_int_semaphore(ai) (&(ai)->semaphore)
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++ sem_init (&ai->semaphore, 0, 0);
++}
++# endif
++# if USE_NAMED_SEMAPHORE
++struct atomic_int {
++ sem_t *semaphore;
++};
++#define atomic_int_semaphore(ai) ((ai)->semaphore)
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++ sem_t *s;
++ unsigned int count;
++ for (count = 0; ; count++)
++ {
++ char name[80];
++ /* Use getpid() in the name, so that different processes running at the
++ same time will not interfere. Use ai in the name, so that different
++ atomic_int in the same process will not interfere. Use a count in
++ the name, so that even in the (unlikely) case that a semaphore with
++ the specified name already exists, we can try a different name. */
++ sprintf (name, "test-lock-%lu-%p-%u",
++ (unsigned long) getpid (), ai, count);
++ s = sem_open (name, O_CREAT | O_EXCL, 0600, 0);
++ if (s == SEM_FAILED)
++ {
++ if (errno == EEXIST)
++ /* Retry with a different name. */
++ continue;
++ else
++ {
++ perror ("sem_open failed");
++ abort ();
++ }
++ }
++ else
++ {
++ /* Try not to leave a semaphore hanging around on the file system
++ eternally, if we can avoid it. */
++ sem_unlink (name);
++ break;
++ }
++ }
++ ai->semaphore = s;
++}
++# endif
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ if (sem_trywait (atomic_int_semaphore (ai)) == 0)
++ {
++ if (sem_post (atomic_int_semaphore (ai)))
++ abort ();
++ return 1;
++ }
++ else if (errno == EAGAIN)
++ return 0;
++ else
++ abort ();
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ if (new_value == 0)
++ /* It's already initialized with 0. */
++ return;
++ /* To set the value 1: */
++ if (sem_post (atomic_int_semaphore (ai)))
++ abort ();
++}
++#else
++struct atomic_int {
++ gl_lock_define (, lock)
++ int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++ gl_lock_init (ai->lock);
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ gl_lock_lock (ai->lock);
++ int ret = ai->value;
++ gl_lock_unlock (ai->lock);
++ return ret;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ gl_lock_lock (ai->lock);
++ ai->value = new_value;
++ gl_lock_unlock (ai->lock);
++}
++#endif
++
+ #define ACCOUNT_COUNT 4
+
+ static int account[ACCOUNT_COUNT];
+@@ -170,12 +324,12 @@ lock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int lock_checker_done;
++static struct atomic_int lock_checker_done;
+
+ static void *
+ lock_checker_thread (void *arg)
+ {
+- while (!lock_checker_done)
++ while (get_atomic_int_value (&lock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_lock_lock (my_lock);
+@@ -200,7 +354,8 @@ test_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- lock_checker_done = 0;
++ init_atomic_int (&lock_checker_done);
++ set_atomic_int_value (&lock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (lock_checker_thread, NULL);
+@@ -210,7 +365,7 @@ test_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- lock_checker_done = 1;
++ set_atomic_int_value (&lock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
+@@ -254,12 +409,12 @@ rwlock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int rwlock_checker_done;
++static struct atomic_int rwlock_checker_done;
+
+ static void *
+ rwlock_checker_thread (void *arg)
+ {
+- while (!rwlock_checker_done)
++ while (get_atomic_int_value (&rwlock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ());
+ gl_rwlock_rdlock (my_rwlock);
+@@ -284,7 +439,8 @@ test_rwlock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- rwlock_checker_done = 0;
++ init_atomic_int (&rwlock_checker_done);
++ set_atomic_int_value (&rwlock_checker_done, 0);
+
+ /* Spawn the threads. */
+ for (i = 0; i < THREAD_COUNT; i++)
+@@ -295,7 +451,7 @@ test_rwlock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- rwlock_checker_done = 1;
++ set_atomic_int_value (&rwlock_checker_done, 1);
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (checkerthreads[i], NULL);
+ check_accounts ();
+@@ -356,12 +512,12 @@ reclock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int reclock_checker_done;
++static struct atomic_int reclock_checker_done;
+
+ static void *
+ reclock_checker_thread (void *arg)
+ {
+- while (!reclock_checker_done)
++ while (get_atomic_int_value (&reclock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_recursive_lock_lock (my_reclock);
+@@ -386,7 +542,8 @@ test_recursive_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- reclock_checker_done = 0;
++ init_atomic_int (&reclock_checker_done);
++ set_atomic_int_value (&reclock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (reclock_checker_thread, NULL);
+@@ -396,7 +553,7 @@ test_recursive_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- reclock_checker_done = 1;
++ set_atomic_int_value (&reclock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
diff --git a/gnu/packages/patches/freetype-CVE-2017-8105.patch b/gnu/packages/patches/freetype-CVE-2017-8105.patch
deleted file mode 100644
index 1891c4ab5f..0000000000
--- a/gnu/packages/patches/freetype-CVE-2017-8105.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Fix CVE-2017-8105:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
-
-Patch copied from upstream source repository:
-
-https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
-
-From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001
-From: Werner Lemberg <wl@gnu.org>
-Date: Fri, 24 Mar 2017 09:15:10 +0100
-Subject: [PATCH] [psaux] Better protect `flex' handling.
-
-Reported as
-
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
-
-* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
-<callothersubr>: Since there is not a single flex operator but a
-series of subroutine calls, malformed fonts can call arbitrary other
-operators after the start of a flex, possibly adding points. For
-this reason we have to check the available number of points before
-inserting a point.
----
- ChangeLog | 15 +++++++++++++++
- src/psaux/t1decode.c | 9 +++++++++
- 2 files changed, 24 insertions(+)
-
-diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c
-index af7b465e..7dd45135 100644
---- a/src/psaux/t1decode.c
-+++ b/src/psaux/t1decode.c
-@@ -780,10 +780,19 @@
- /* point without adding any point to the outline */
- idx = decoder->num_flex_vectors++;
- if ( idx > 0 && idx < 7 )
-+ {
-+ /* in malformed fonts it is possible to have other */
-+ /* opcodes in the middle of a flex (which don't */
-+ /* increase `num_flex_vectors'); we thus have to */
-+ /* check whether we can add a point */
-+ if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) )
-+ goto Syntax_Error;
-+
- t1_builder_add_point( builder,
- x,
- y,
- (FT_Byte)( idx == 3 || idx == 6 ) );
-+ }
- }
- break;
-
---
-2.12.2
-
diff --git a/gnu/packages/patches/freetype-CVE-2017-8287.patch b/gnu/packages/patches/freetype-CVE-2017-8287.patch
deleted file mode 100644
index d1145a87ee..0000000000
--- a/gnu/packages/patches/freetype-CVE-2017-8287.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-Fix CVE-2017-8287:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
-
-Patch copied from upstream source repository:
-https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0
-
-From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
-From: Werner Lemberg <wl@gnu.org>
-Date: Sun, 26 Mar 2017 08:32:09 +0200
-Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety
- guard.
-
-Reported as
-
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
----
- ChangeLog | 8 ++++++++
- src/psaux/psobjs.c | 8 ++++++++
- 2 files changed, 16 insertions(+)
-
-diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
-index d18e821a..0baf8368 100644
---- a/src/psaux/psobjs.c
-+++ b/src/psaux/psobjs.c
-@@ -1718,6 +1718,14 @@
- first = outline->n_contours <= 1
- ? 0 : outline->contours[outline->n_contours - 2] + 1;
-
-+ /* in malformed fonts it can happen that a contour was started */
-+ /* but no points were added */
-+ if ( outline->n_contours && first == outline->n_points )
-+ {
-+ outline->n_contours--;
-+ return;
-+ }
-+
- /* We must not include the last point in the path if it */
- /* is located on the first point. */
- if ( outline->n_points > 1 )
---
-2.12.2
-
diff --git a/gnu/packages/patches/gettext-gnulib-multi-core.patch b/gnu/packages/patches/gettext-gnulib-multi-core.patch
new file mode 100644
index 0000000000..5ccdbe4ca1
--- /dev/null
+++ b/gnu/packages/patches/gettext-gnulib-multi-core.patch
@@ -0,0 +1,178 @@
+This patch fixes performance problems on multi-core machines
+as reported at <https://bugs.gnu.org/26441>.
+
+See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib
+by Bruno Haible <bruno@clisp.org>.
+
+diff --git a/gettext-tools/gnulib-tests/test-lock.c b/gettext-tools/gnulib-tests/test-lock.c
+index cb734b4e6..aa6de2739 100644
+--- a/gettext-tools/gnulib-tests/test-lock.c
++++ b/gettext-tools/gnulib-tests/test-lock.c
+@@ -50,6 +50,13 @@
+ Uncomment this to see if the operating system has a fair scheduler. */
+ #define EXPLICIT_YIELD 1
+
++/* Whether to use 'volatile' on some variables that communicate information
++ between threads. If set to 0, a lock is used to protect these variables.
++ If set to 1, 'volatile' is used; this is theoretically equivalent but can
++ lead to much slower execution (e.g. 30x slower total run time on a 40-core
++ machine. */
++#define USE_VOLATILE 0
++
+ /* Whether to print debugging messages. */
+ #define ENABLE_DEBUGGING 0
+
+@@ -103,6 +110,51 @@
+ # define yield()
+ #endif
+
++#if USE_VOLATILE
++struct atomic_int {
++ volatile int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ return ai->value;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ ai->value = new_value;
++}
++#else
++struct atomic_int {
++ gl_lock_define (, lock)
++ int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++ gl_lock_init (ai->lock);
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ gl_lock_lock (ai->lock);
++ int ret = ai->value;
++ gl_lock_unlock (ai->lock);
++ return ret;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ gl_lock_lock (ai->lock);
++ ai->value = new_value;
++ gl_lock_unlock (ai->lock);
++}
++#endif
++
+ #define ACCOUNT_COUNT 4
+
+ static int account[ACCOUNT_COUNT];
+@@ -170,12 +222,12 @@ lock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int lock_checker_done;
++static struct atomic_int lock_checker_done;
+
+ static void *
+ lock_checker_thread (void *arg)
+ {
+- while (!lock_checker_done)
++ while (get_atomic_int_value (&lock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_lock_lock (my_lock);
+@@ -200,7 +252,8 @@ test_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- lock_checker_done = 0;
++ init_atomic_int (&lock_checker_done);
++ set_atomic_int_value (&lock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (lock_checker_thread, NULL);
+@@ -210,7 +263,7 @@ test_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- lock_checker_done = 1;
++ set_atomic_int_value (&lock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
+@@ -254,12 +307,12 @@ rwlock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int rwlock_checker_done;
++static struct atomic_int rwlock_checker_done;
+
+ static void *
+ rwlock_checker_thread (void *arg)
+ {
+- while (!rwlock_checker_done)
++ while (get_atomic_int_value (&rwlock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ());
+ gl_rwlock_rdlock (my_rwlock);
+@@ -284,7 +337,8 @@ test_rwlock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- rwlock_checker_done = 0;
++ init_atomic_int (&rwlock_checker_done);
++ set_atomic_int_value (&rwlock_checker_done, 0);
+
+ /* Spawn the threads. */
+ for (i = 0; i < THREAD_COUNT; i++)
+@@ -295,7 +349,7 @@ test_rwlock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- rwlock_checker_done = 1;
++ set_atomic_int_value (&rwlock_checker_done, 1);
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (checkerthreads[i], NULL);
+ check_accounts ();
+@@ -356,12 +410,12 @@ reclock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int reclock_checker_done;
++static struct atomic_int reclock_checker_done;
+
+ static void *
+ reclock_checker_thread (void *arg)
+ {
+- while (!reclock_checker_done)
++ while (get_atomic_int_value (&reclock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_recursive_lock_lock (my_reclock);
+@@ -386,7 +440,8 @@ test_recursive_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- reclock_checker_done = 0;
++ init_atomic_int (&reclock_checker_done);
++ set_atomic_int_value (&reclock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (reclock_checker_thread, NULL);
+@@ -396,7 +451,7 @@ test_recursive_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- reclock_checker_done = 1;
++ set_atomic_int_value (&reclock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
diff --git a/gnu/packages/patches/gettext-multi-core.patch b/gnu/packages/patches/gettext-multi-core.patch
new file mode 100644
index 0000000000..31a378cfd0
--- /dev/null
+++ b/gnu/packages/patches/gettext-multi-core.patch
@@ -0,0 +1,185 @@
+This patch fixes performance problems on multi-core machines
+as reported at <https://bugs.gnu.org/26441>.
+
+See commit 1afbcb06fded2a427b761dd1615b1e48e1e853cc in Gettext
+by Bruno Haible <bruno@clisp.org>.
+
+diff --git a/gettext-runtime/tests/test-lock.c b/gettext-runtime/tests/test-lock.c
+index d279d1d60..51cec3d6b 100644
+--- a/gettext-runtime/tests/test-lock.c
++++ b/gettext-runtime/tests/test-lock.c
+@@ -1,5 +1,5 @@
+ /* Test of locking in multithreaded situations.
+- Copyright (C) 2005, 2008-2016 Free Software Foundation, Inc.
++ Copyright (C) 2005, 2008-2017 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as published by
+@@ -50,6 +50,13 @@
+ Uncomment this to see if the operating system has a fair scheduler. */
+ #define EXPLICIT_YIELD 1
+
++/* Whether to use 'volatile' on some variables that communicate information
++ between threads. If set to 0, a lock is used to protect these variables.
++ If set to 1, 'volatile' is used; this is theoretically equivalent but can
++ lead to much slower execution (e.g. 30x slower total run time on a 40-core
++ machine. */
++#define USE_VOLATILE 0
++
+ /* Whether to print debugging messages. */
+ #define ENABLE_DEBUGGING 0
+
+@@ -214,6 +221,51 @@ static inline void * gl_thread_self_pointer (void)
+ # define yield()
+ #endif
+
++#if USE_VOLATILE
++struct atomic_int {
++ volatile int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ return ai->value;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ ai->value = new_value;
++}
++#else
++struct atomic_int {
++ gl_lock_define (, lock)
++ int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++ gl_lock_init (ai->lock);
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ gl_lock_lock (ai->lock);
++ int ret = ai->value;
++ gl_lock_unlock (ai->lock);
++ return ret;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ gl_lock_lock (ai->lock);
++ ai->value = new_value;
++ gl_lock_unlock (ai->lock);
++}
++#endif
++
+ #define ACCOUNT_COUNT 4
+
+ static int account[ACCOUNT_COUNT];
+@@ -281,12 +333,12 @@ lock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int lock_checker_done;
++static struct atomic_int lock_checker_done;
+
+ static void *
+ lock_checker_thread (void *arg)
+ {
+- while (!lock_checker_done)
++ while (get_atomic_int_value (&lock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_lock_lock (my_lock);
+@@ -311,7 +363,8 @@ test_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- lock_checker_done = 0;
++ init_atomic_int (&lock_checker_done);
++ set_atomic_int_value (&lock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (lock_checker_thread, NULL);
+@@ -321,7 +374,7 @@ test_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- lock_checker_done = 1;
++ set_atomic_int_value (&lock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
+@@ -365,12 +418,12 @@ rwlock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int rwlock_checker_done;
++static struct atomic_int rwlock_checker_done;
+
+ static void *
+ rwlock_checker_thread (void *arg)
+ {
+- while (!rwlock_checker_done)
++ while (get_atomic_int_value (&rwlock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ());
+ gl_rwlock_rdlock (my_rwlock);
+@@ -395,7 +448,8 @@ test_rwlock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- rwlock_checker_done = 0;
++ init_atomic_int (&rwlock_checker_done);
++ set_atomic_int_value (&rwlock_checker_done, 0);
+
+ /* Spawn the threads. */
+ for (i = 0; i < THREAD_COUNT; i++)
+@@ -406,7 +460,7 @@ test_rwlock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- rwlock_checker_done = 1;
++ set_atomic_int_value (&rwlock_checker_done, 1);
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (checkerthreads[i], NULL);
+ check_accounts ();
+@@ -467,12 +521,12 @@ reclock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int reclock_checker_done;
++static struct atomic_int reclock_checker_done;
+
+ static void *
+ reclock_checker_thread (void *arg)
+ {
+- while (!reclock_checker_done)
++ while (get_atomic_int_value (&reclock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_recursive_lock_lock (my_reclock);
+@@ -497,7 +551,8 @@ test_recursive_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- reclock_checker_done = 0;
++ init_atomic_int (&reclock_checker_done);
++ set_atomic_int_value (&reclock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (reclock_checker_thread, NULL);
+@@ -507,7 +562,7 @@ test_recursive_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- reclock_checker_done = 1;
++ set_atomic_int_value (&reclock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
diff --git a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch b/gnu/packages/patches/ghostscript-CVE-2013-5653.patch
deleted file mode 100644
index 622266b176..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8
-
-From ab109aaeb3ddba59518b036fb288402a65cf7ce8 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Sat, 5 Mar 2016 14:56:03 -0800
-Subject: [PATCH] Bug 694724: Have filenameforall and getenv honor SAFER
-
----
- Resource/Init/gs_init.ps | 2 ++
- psi/zfile.c | 36 ++++++++++++++++++++----------------
- 2 files changed, 22 insertions(+), 16 deletions(-)
-
-diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
-index fa33d88..99888ac 100644
---- a/Resource/Init/gs_init.ps
-+++ b/Resource/Init/gs_init.ps
-@@ -2018,6 +2018,7 @@ readonly def
-
- /.locksafe {
- .locksafe_userparams
-+ systemdict /getenv {pop //false} put
- % setpagedevice has the side effect of clearing the page, but
- % we will just document that. Using setpagedevice keeps the device
- % properties and pagedevice .LockSafetyParams in agreement even
-@@ -2036,6 +2037,7 @@ readonly def
- %%
- /.locksafeglobal {
- .locksafe_userparams
-+ systemdict /getenv {pop //false} put
- % setpagedevice has the side effect of clearing the page, but
- % we will just document that. Using setpagedevice keeps the device
- % properties and pagedevice .LockSafetyParams in agreement even
-diff --git a/psi/zfile.c b/psi/zfile.c
-index 320ecd5..0b9f299 100644
---- a/psi/zfile.c
-+++ b/psi/zfile.c
-@@ -371,22 +371,26 @@ file_continue(i_ctx_t *i_ctx_p)
-
- if (len < devlen)
- return_error(e_rangecheck); /* not even room for device len */
-- memcpy((char *)pscratch->value.bytes, iodev->dname, devlen);
-- code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen,
-- len - devlen);
-- if (code == ~(uint) 0) { /* all done */
-- esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
-- return o_pop_estack;
-- } else if (code > len) /* overran string */
-- return_error(e_rangecheck);
-- else {
-- push(1);
-- ref_assign(op, pscratch);
-- r_set_size(op, code + devlen);
-- push_op_estack(file_continue); /* come again */
-- *++esp = pscratch[2]; /* proc */
-- return o_push_estack;
-- }
-+
-+ do {
-+ memcpy((char *)pscratch->value.bytes, iodev->dname, devlen);
-+ code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen,
-+ len - devlen);
-+ if (code == ~(uint) 0) { /* all done */
-+ esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
-+ return o_pop_estack;
-+ } else if (code > len) /* overran string */
-+ return_error(e_rangecheck);
-+ else if (iodev != iodev_default(imemory)
-+ || (check_file_permissions_reduced(i_ctx_p, (char *)pscratch->value.bytes, code + devlen, "PermitFileReading")) == 0) {
-+ push(1);
-+ ref_assign(op, pscratch);
-+ r_set_size(op, code + devlen);
-+ push_op_estack(file_continue); /* come again */
-+ *++esp = pscratch[2]; /* proc */
-+ return o_push_estack;
-+ }
-+ } while(1);
- }
- /* Cleanup procedure for enumerating files */
- static int
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch b/gnu/packages/patches/ghostscript-CVE-2015-3228.patch
deleted file mode 100644
index c19fdb1d43..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-The file names in the upstream patch below were modified to apply to GNU
-ghostscript.
-
-From 0c0b0859ae1aba64861599f0e7f74f143f305932 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 7 Jul 2015 16:57:41 +0100
-Subject: [PATCH] Bug 696041: sanity check for memory allocation.
-
-In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the
-variable holding the actual number of bytes we allocate.
-
-No cluster differences
----
- gs/base/gsmalloc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/base/gsmalloc.c b/base/gsmalloc.c
-index 624552d..cad79c2 100644
---- a/base/gsmalloc.c
-+++ b/base/gsmalloc.c
-@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size, client_name_t cname)
- } else {
- uint added = size + sizeof(gs_malloc_block_t);
-
-- if (mmem->limit - added < mmem->used)
-+ if (added <= size || mmem->limit - added < mmem->used)
- set_msg("exceeded limit");
- else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
- set_msg("failed");
---
-2.4.6
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch b/gnu/packages/patches/ghostscript-CVE-2016-7976.patch
deleted file mode 100644
index 0a09f89016..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d
-
-From 6d444c273da5499a4cd72f21cb6d4c9a5256807d Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Wed, 5 Oct 2016 09:55:55 +0100
-Subject: [PATCH] Bug 697178: Add a file permissions callback
-
-For the rare occasions when the graphics library directly opens a file
-(currently for reading), this allows us to apply any restrictions on
-file access normally applied in the interpteter.
----
- base/gsicc_manage.c | 10 ++++++----
- base/gslibctx.c | 12 +++++++++++-
- base/gslibctx.h | 7 +++++++
- psi/imain.c | 2 ++
- psi/int.mak | 2 +-
- psi/zfile.c | 19 +++++++++++++++++++
- psi/zfile.h | 7 +++++++
- 7 files changed, 53 insertions(+), 6 deletions(-)
-
-diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c
-index 931c2a6..e9c09c3 100644
---- a/base/gsicc_manage.c
-+++ b/base/gsicc_manage.c
-@@ -1028,10 +1028,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc,
- }
-
- /* First just try it like it is */
-- str = sfopen(pname, "rb", mem_gc);
-- if (str != NULL) {
-- *strp = str;
-- return 0;
-+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) {
-+ str = sfopen(pname, "rb", mem_gc);
-+ if (str != NULL) {
-+ *strp = str;
-+ return 0;
-+ }
- }
-
- /* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */
-diff --git a/base/gslibctx.c b/base/gslibctx.c
-index eaa0458..37ce1ca 100644
---- a/base/gslibctx.c
-+++ b/base/gslibctx.c
-@@ -121,7 +121,7 @@ int gs_lib_ctx_init( gs_memory_t *mem )
- mem->gs_lib_ctx = NULL;
- return -1;
- }
--
-+ pio->client_check_file_permission = NULL;
- gp_get_realtime(pio->real_time_0);
-
- return 0;
-@@ -262,3 +262,13 @@ void errflush(const gs_memory_t *mem)
- fflush(mem->gs_lib_ctx->fstderr);
- /* else nothing to flush */
- }
-+
-+int
-+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission)
-+{
-+ int code = 0;
-+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) {
-+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission);
-+ }
-+ return code;
-+}
-diff --git a/base/gslibctx.h b/base/gslibctx.h
-index 7a4e110..020e2d9 100644
---- a/base/gslibctx.h
-+++ b/base/gslibctx.h
-@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server;
- # define gs_font_dir_DEFINED
- typedef struct gs_font_dir_s gs_font_dir;
- #endif
-+
-+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission);
-+
- typedef struct gs_lib_ctx_s
- {
- gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */
-@@ -59,6 +62,7 @@ typedef struct gs_lib_ctx_s
- bool dict_auto_expand; /* ps dictionary: false level 1 true level 2 or 3 */
- /* A table of local copies of the IODevices */
- struct gx_io_device_s **io_device_table;
-+ client_check_file_permission_t client_check_file_permission;
- /* Define the default value of AccurateScreens that affects setscreen
- and setcolorscreen. */
- bool screen_accurate_screens;
-@@ -108,6 +112,9 @@ int
- void gs_lib_ctx_set_icc_directory(const gs_memory_t *mem_gc, const char* pname,
- int dir_namelen);
-
-+int
-+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission);
-+
- #define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout)
- #define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr)
-
-diff --git a/psi/imain.c b/psi/imain.c
-index 9a9bb5d..6874128 100644
---- a/psi/imain.c
-+++ b/psi/imain.c
-@@ -57,6 +57,7 @@
- #include "ivmspace.h"
- #include "idisp.h" /* for setting display device callback */
- #include "iplugin.h"
-+#include "zfile.h"
-
- #ifdef PACIFY_VALGRIND
- #include "valgrind.h"
-@@ -215,6 +216,7 @@ gs_main_init1(gs_main_instance * minst)
- "the_gs_name_table");
- if (code < 0)
- return code;
-+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions;
- }
- code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */
- if (code < 0)
-diff --git a/psi/int.mak b/psi/int.mak
-index 4654afc..bb30d51 100644
---- a/psi/int.mak
-+++ b/psi/int.mak
-@@ -1868,7 +1868,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\
- $(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\
- $(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\
- $(iinit_h) $(main_h) $(oper_h) $(ostack_h)\
-- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h)
-+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h)
- $(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c
-
- #****** $(CCINT) interp.c
-diff --git a/psi/zfile.c b/psi/zfile.c
-index 2c6c958..2f27f82 100644
---- a/psi/zfile.c
-+++ b/psi/zfile.c
-@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len,
- return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup);
- }
-
-+/* z_check_file_permissions: see zfile.h for explanation
-+ */
-+int
-+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission)
-+{
-+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p;
-+ gs_parsed_file_name_t pname;
-+ const char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting";
-+ int code = gs_parse_file_name(&pname, fname, len, imemory);
-+ if (code < 0)
-+ return code;
-+
-+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0)
-+ return e_invalidfileaccess;
-+
-+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup);
-+ return code;
-+}
-+
- /* <name_string> <access_string> file <file> */
- int /* exported for zsysvm.c */
- zfile(i_ctx_t *i_ctx_p)
-diff --git a/psi/zfile.h b/psi/zfile.h
-index fdf1373..a9399c7 100644
---- a/psi/zfile.h
-+++ b/psi/zfile.h
-@@ -22,4 +22,11 @@
- int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn,
- const char *file_access, stream **ps, gs_memory_t *mem);
-
-+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission)
-+ * to allow applying the above permissions checks when opening file(s) from
-+ * the graphics library
-+ */
-+int
-+z_check_file_permissions(gs_memory_t *mem, const char *fname,
-+ const int len, const char *permission);
- #endif
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch b/gnu/packages/patches/ghostscript-CVE-2016-7978.patch
deleted file mode 100644
index 81cb26e9ed..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 6f749c0c44e7b9e09737b9f29edf29925a34f0cf Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Wed, 5 Oct 2016 09:59:25 +0100
-Subject: [PATCH] Bug 697179: Reference count device icc profile
-
-when copying a device
----
- base/gsdevice.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/base/gsdevice.c b/base/gsdevice.c
-index 778106f..aea986a 100644
---- a/base/gsdevice.c
-+++ b/base/gsdevice.c
-@@ -614,6 +614,7 @@ gx_device_init(gx_device * dev, const gx_device * proto, gs_memory_t * mem,
- dev->memory = mem;
- dev->retained = !internal;
- rc_init(dev, mem, (internal ? 0 : 1));
-+ rc_increment(dev->icc_struct);
- }
-
- void
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch b/gnu/packages/patches/ghostscript-CVE-2016-7979.patch
deleted file mode 100644
index a557adfdea..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=875a0095f37626a721c7ff57d606a0f95af03913
-
-From 875a0095f37626a721c7ff57d606a0f95af03913 Mon Sep 17 00:00:00 2001
-From: Ken Sharp <ken.sharp@artifex.com>
-Date: Wed, 5 Oct 2016 10:10:58 +0100
-Subject: [PATCH] DSC parser - validate parameters
-
-Bug #697190 ".initialize_dsc_parser doesn't validate the parameter is a dict type before using it."
-
-Regardless of any security implications, its simply wrong for a PostScript
-operator not to validate its parameter(s).
-
-No differences expected.
----
- psi/zdscpars.c | 13 +++++++++----
- 1 file changed, 9 insertions(+), 4 deletions(-)
-
-diff --git a/psi/zdscpars.c b/psi/zdscpars.c
-index c05e154..9b4b605 100644
---- a/psi/zdscpars.c
-+++ b/psi/zdscpars.c
-@@ -150,11 +150,16 @@ zinitialize_dsc_parser(i_ctx_t *i_ctx_p)
- ref local_ref;
- int code;
- os_ptr const op = osp;
-- dict * const pdict = op->value.pdict;
-- gs_memory_t * const mem = (gs_memory_t *)dict_memory(pdict);
-- dsc_data_t * const data =
-- gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init");
-+ dict *pdict;
-+ gs_memory_t *mem;
-+ dsc_data_t *data;
-
-+ check_read_type(*op, t_dictionary);
-+
-+ pdict = op->value.pdict;
-+ mem = (gs_memory_t *)dict_memory(pdict);
-+
-+ data = gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init");
- if (!data)
- return_error(e_VMerror);
- data->document_level = 0;
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch b/gnu/packages/patches/ghostscript-CVE-2016-8602.patch
deleted file mode 100644
index aaf20b6c6c..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78
-
-From f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Sat, 8 Oct 2016 16:10:27 +0100
-Subject: [PATCH] Bug 697203: check for sufficient params in .sethalftone5
-
-and param types
----
- psi/zht2.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/psi/zht2.c b/psi/zht2.c
-index fb4a264..dfa27a4 100644
---- a/psi/zht2.c
-+++ b/psi/zht2.c
-@@ -82,14 +82,22 @@ zsethalftone5(i_ctx_t *i_ctx_p)
- gs_memory_t *mem;
- uint edepth = ref_stack_count(&e_stack);
- int npop = 2;
-- int dict_enum = dict_first(op);
-+ int dict_enum;
- ref rvalue[2];
- int cname, colorant_number;
- byte * pname;
- uint name_size;
- int halftonetype, type = 0;
- gs_state *pgs = igs;
-- int space_index = r_space_index(op - 1);
-+ int space_index;
-+
-+ if (ref_stack_count(&o_stack) < 2)
-+ return_error(e_stackunderflow);
-+ check_type(*op, t_dictionary);
-+ check_type(*(op - 1), t_dictionary);
-+
-+ dict_enum = dict_first(op);
-+ space_index = r_space_index(op - 1);
-
- mem = (gs_memory_t *) idmemory->spaces_indexed[space_index];
-
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
index db80b6ddec..d38bd593c0 100644
--- a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
+++ b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
@@ -1,15 +1,60 @@
Fix CVE-2017-8291:
-https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8291
+https://bugs.ghostscript.com/show_bug.cgi?id=697799
+https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate)
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291
-This patch is adapted from these two Artifex Ghostscript commits by Leo
-Famulari <leo@famulari.name>:
+Patches copied from upstream source repository:
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d;hp=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3;hp=5603e8fc3e59c435318877efe627967ee6baebb8
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad
+
+From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 27 Apr 2017 13:03:33 +0100
+Subject: [PATCH] Bug 697799: have .eqproc check its parameters
+
+The Ghostscript custom operator .eqproc was not check the number or type of
+the parameters it was given.
+---
+ psi/zmisc3.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/psi/zmisc3.c b/psi/zmisc3.c
+index 54b304246..37293ff4b 100644
+--- a/psi/zmisc3.c
++++ b/psi/zmisc3.c
+@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
+ ref2_t stack[MAX_DEPTH + 1];
+ ref2_t *top = stack;
+
++ if (ref_stack_count(&o_stack) < 2)
++ return_error(gs_error_stackunderflow);
++ if (!r_is_array(op - 1) || !r_is_array(op)) {
++ return_error(gs_error_typecheck);
++ }
++
+ make_array(&stack[0].proc1, 0, 1, op - 1);
+ make_array(&stack[0].proc2, 0, 1, op);
+ for (;;) {
+--
+2.13.0
+
+From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 27 Apr 2017 13:21:31 +0100
+Subject: [PATCH] Bug 697799: have .rsdparams check its parameters
+
+The Ghostscript internal operator .rsdparams wasn't checking the number or
+type of the operands it was being passed. Do so.
+---
+ psi/zfrsd.c | 22 +++++++++++++++-------
+ 1 file changed, 15 insertions(+), 7 deletions(-)
diff --git a/psi/zfrsd.c b/psi/zfrsd.c
-index fb4bce9..2629afa 100644
+index 191107d8a..950588d69 100644
--- a/psi/zfrsd.c
+++ b/psi/zfrsd.c
@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
@@ -24,9 +69,9 @@ index fb4bce9..2629afa 100644
+ int code = 0;
+
+ if (ref_stack_count(&o_stack) < 1)
-+ return_error(e_stackunderflow);
++ return_error(gs_error_stackunderflow);
+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
-+ return_error(e_typecheck);
++ return_error(gs_error_typecheck);
+ }
make_empty_array(&empty_array, a_readonly);
@@ -35,15 +80,15 @@ index fb4bce9..2629afa 100644
+ && dict_find_string(op, "Filter", &pFilter) > 0) {
if (!r_is_array(pFilter)) {
if (!r_has_type(pFilter, t_name))
- return_error(e_typecheck);
+ return_error(gs_error_typecheck);
@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
- return_error(e_typecheck);
+ return_error(gs_error_typecheck);
}
}
- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
+ if (r_has_type(op, t_dictionary))
+ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
- if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */
+ if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
return code;
- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
- )
@@ -54,20 +99,97 @@ index fb4bce9..2629afa 100644
push(1);
op[-1] = *pFilter;
if (pDecodeParms)
+--
+2.13.0
+
+From 57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Wed, 3 May 2017 12:05:45 +0100
+Subject: [PATCH] Bug 697846: revision to commit 4f83478c88 (.eqproc)
+
+When using the "DELAYBIND" feature, it turns out that .eqproc can be called with
+parameters that are not both procedures. In this case, it turns out, the
+expectation is for the operator to return 'false', rather than throw an error.
+---
+ psi/zmisc3.c | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
diff --git a/psi/zmisc3.c b/psi/zmisc3.c
-index 54b3042..0d357f1 100644
+index 37293ff4b..3f01d39a3 100644
--- a/psi/zmisc3.c
+++ b/psi/zmisc3.c
-@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
- ref2_t stack[MAX_DEPTH + 1];
- ref2_t *top = stack;
+@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p)
+ return gs_cliprestore(igs);
+ }
-+ if (ref_stack_count(&o_stack) < 2)
-+ return_error(e_stackunderflow);
-+ if (!r_is_array(op - 1) || !r_is_array(op)) {
-+ return_error(e_typecheck);
-+ }
++static inline bool
++eqproc_check_type(ref *r)
++{
++ return r_has_type(r, t_array)
++ || r_has_type(r, t_mixedarray)
++ || r_has_type(r, t_shortarray)
++ || r_has_type(r, t_oparray);
++}
+
+ /* <proc1> <proc2> .eqproc <bool> */
+ /*
+ * Test whether two procedures are equal to depth 10.
+@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p)
+
+ if (ref_stack_count(&o_stack) < 2)
+ return_error(gs_error_stackunderflow);
+- if (!r_is_array(op - 1) || !r_is_array(op)) {
+- return_error(gs_error_typecheck);
++ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
++ make_false(op - 1);
++ pop(1);
++ return 0;
+ }
+
make_array(&stack[0].proc1, 0, 1, op - 1);
- make_array(&stack[0].proc2, 0, 1, op);
- for (;;) {
+--
+2.13.0
+
+From ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 11 May 2017 14:07:48 +0100
+Subject: [PATCH] Bug 697892: fix check for op stack underflow.
+
+In the original fix, I used the wrong method to check for stack underflow, this
+is using the correct method.
+---
+ psi/zfrsd.c | 3 +--
+ psi/zmisc3.c | 3 +--
+ 2 files changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/psi/zfrsd.c b/psi/zfrsd.c
+index 950588d69..9c035b96d 100644
+--- a/psi/zfrsd.c
++++ b/psi/zfrsd.c
+@@ -54,8 +54,7 @@ zrsdparams(i_ctx_t *i_ctx_p)
+ uint i;
+ int code = 0;
+
+- if (ref_stack_count(&o_stack) < 1)
+- return_error(gs_error_stackunderflow);
++ check_op(1);
+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
+ return_error(gs_error_typecheck);
+ }
+diff --git a/psi/zmisc3.c b/psi/zmisc3.c
+index 3f01d39a3..43803b55b 100644
+--- a/psi/zmisc3.c
++++ b/psi/zmisc3.c
+@@ -65,8 +65,7 @@ zeqproc(i_ctx_t *i_ctx_p)
+ ref2_t stack[MAX_DEPTH + 1];
+ ref2_t *top = stack;
+
+- if (ref_stack_count(&o_stack) < 2)
+- return_error(gs_error_stackunderflow);
++ check_op(2);
+ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
+ make_false(op - 1);
+ pop(1);
+--
+2.13.0
+
diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch
index c7dcfd4529..9f161e45b3 100644
--- a/gnu/packages/patches/ghostscript-runpath.patch
+++ b/gnu/packages/patches/ghostscript-runpath.patch
@@ -1,17 +1,18 @@
-This patch adds $(libdir) to the RUNPATH of 'gsc' and 'gsx'.
-
---- gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:45.386957927 +0200
-+++ gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:49.222982359 +0200
-@@ -91,11 +91,11 @@ $(GS_SO_MAJOR): $(GS_SO_MAJOR_MINOR)
+diff --git a/base/unix-dll.mak b/base/unix-dll.mak
+index 9d57a99..36ef1ff 100644
+--- a/base/unix-dll.mak
++++ b/base/unix-dll.mak
+@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS)
# Build the small Ghostscript loaders, with Gtk+ and without
- $(GSSOC_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER)
+ $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
$(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \
- -L$(BINDIR) -l$(GS_SO_BASE)
+ -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir)
- $(GSSOX_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER)
+ $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
$(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \
- -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS)
+ -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir)
- # ------------------------- Recursive make targets ------------------------- #
+ $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS)
+ $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE)
diff --git a/gnu/packages/patches/grep-gnulib-lock.patch b/gnu/packages/patches/grep-gnulib-lock.patch
new file mode 100644
index 0000000000..68c33f1031
--- /dev/null
+++ b/gnu/packages/patches/grep-gnulib-lock.patch
@@ -0,0 +1,32 @@
+This patch fix error on 'gnulib' library required to build
+'grep' package on GNU/Hurd.
+The patch was adapted from upstream source repository:
+'<http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commit;h=4084b3a1094372b960ce4a97634e08f4538c8bdd>'
+
+Commit: 4084b3a1094372b960ce4a97634e08f4538c8bdd
+
+diff --git a/lib/glthread/lock.c b/lib/glthread/lock.c
+index 061562b..afc86f4 100644
+--- a/lib/glthread/lock.c
++++ b/lib/glthread/lock.c
+@@ -30,7 +30,7 @@
+
+ /* ------------------------- gl_rwlock_t datatype ------------------------- */
+
+-# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1))
++# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1)))
+
+ # ifdef PTHREAD_RWLOCK_INITIALIZER
+
+diff --git a/lib/glthread/lock.h b/lib/glthread/lock.h
+index ec16d39..67932aa 100644
+--- a/lib/glthread/lock.h
++++ b/lib/glthread/lock.h
+@@ -179,7 +179,7 @@ typedef pthread_mutex_t gl_lock_t;
+
+ /* ------------------------- gl_rwlock_t datatype ------------------------- */
+
+-# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1))
++# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1)))
+
+ # ifdef PTHREAD_RWLOCK_INITIALIZER
diff --git a/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch b/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch
new file mode 100644
index 0000000000..ebbc0635a5
--- /dev/null
+++ b/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch
@@ -0,0 +1,28 @@
+The patch fixes build failure of form:
+ ../src/alpha/osf.S:298:2: error: #error "osf.S out of sync with ffi.h"
+Upstream fixed the bug in a more invasive way
+but didn't have releases since 3.2.1.
+
+The patch is taken from Gentoo:
+https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/libffi/files/libffi-3.2.1-complex_alpha.patch
+
+--- libffi-3.2.1/src/alpha/osf.S 2015-01-16 10:46:15.000000000 +0100
++++ libffi-3.2.1/src/alpha/osf.S 2015-01-16 10:46:24.000000000 +0100
+@@ -279,6 +279,7 @@
+ .gprel32 $load_64 # FFI_TYPE_SINT64
+ .gprel32 $load_none # FFI_TYPE_STRUCT
+ .gprel32 $load_64 # FFI_TYPE_POINTER
++ .gprel32 $load_none # FFI_TYPE_COMPLEX
+
+ /* Assert that the table above is in sync with ffi.h. */
+
+@@ -294,7 +295,8 @@
+ || FFI_TYPE_SINT64 != 12 \
+ || FFI_TYPE_STRUCT != 13 \
+ || FFI_TYPE_POINTER != 14 \
+- || FFI_TYPE_LAST != 14
++ || FFI_TYPE_COMPLEX != 15 \
++ || FFI_TYPE_LAST != 15
+ #error "osf.S out of sync with ffi.h"
+ #endif
+
diff --git a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch b/gnu/packages/patches/libtasn1-CVE-2017-6891.patch
deleted file mode 100644
index 1f847ed025..0000000000
--- a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-Fix CVE-2017-6891:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891
-
-Patch copied from upstream source repository:
-
-https://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=5520704d075802df25ce4ffccc010ba1641bd484
-
-From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Thu, 18 May 2017 18:03:34 +0200
-Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node()
-
-This prevents a stack overflow in asn1_find_node() which
-is triggered by too long variable names in the definitions
-files. That means that applications have to deliberately
-pass a too long 'name' constant to asn1_write_value()
-and friends. Reported by Jakub Jirasek.
-
-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
----
- lib/parser_aux.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/lib/parser_aux.c b/lib/parser_aux.c
-index b4a7370..976ab38 100644
---- a/lib/parser_aux.c
-+++ b/lib/parser_aux.c
-@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name)
- if (n_end)
- {
- nsize = n_end - n_start;
-+ if (nsize >= sizeof(n))
-+ return NULL;
-+
- memcpy (n, n_start, nsize);
- n[nsize] = 0;
- n_start = n_end;
-@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name)
- if (n_end)
- {
- nsize = n_end - n_start;
-+ if (nsize >= sizeof(n))
-+ return NULL;
-+
- memcpy (n, n_start, nsize);
- n[nsize] = 0;
- n_start = n_end;
---
-2.13.0
-
diff --git a/gnu/packages/patches/libtiff-CVE-2016-10092.patch b/gnu/packages/patches/libtiff-CVE-2016-10092.patch
deleted file mode 100644
index d5fd796169..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2016-10092.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Fix CVE-2016-10092:
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2620
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092
-https://security-tracker.debian.org/tracker/CVE-2016-10092
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcrop.c: fix readContigStripsIntoBuffer() in -i (ignore)
- mode so that the output buffer is correctly incremented to avoid write
- outside bounds.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1178; previous revision: 1.1177
-/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c
-new revision: 1.47; previous revision: 1.46
-
-Index: libtiff/tools/tiffcrop.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
-retrieving revision 1.46
-retrieving revision 1.47
-diff -u -r1.46 -r1.47
---- libtiff/tools/tiffcrop.c 18 Nov 2016 14:58:46 -0000 1.46
-+++ libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47
-@@ -1,4 +1,4 @@
--/* $Id: tiffcrop.c,v 1.46 2016-11-18 14:58:46 erouault Exp $ */
-+/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */
-
- /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of
- * the image data through additional options listed below
-@@ -3698,7 +3698,7 @@
- (unsigned long) strip, (unsigned long)rows);
- return 0;
- }
-- bufp += bytes_read;
-+ bufp += stripsize;
- }
-
- return 1;
diff --git a/gnu/packages/patches/libtiff-CVE-2016-10093.patch b/gnu/packages/patches/libtiff-CVE-2016-10093.patch
deleted file mode 100644
index 5897ec1029..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2016-10093.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-Fix CVE-2016-10093:
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2610
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093
-https://security-tracker.debian.org/tracker/CVE-2016-10093
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcp.c: fix uint32 underflow/overflow that can cause
- heap-based buffer overflow.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1187; previous revision: 1.1186
-/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
-new revision: 1.59; previous revision: 1.58
-
-Index: libtiff/tools/tiffcp.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
-retrieving revision 1.58
-retrieving revision 1.59
-diff -u -r1.58 -r1.59
---- libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58
-+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59
-@@ -1163,7 +1163,7 @@
-
- static void
- cpStripToTile(uint8* out, uint8* in,
-- uint32 rows, uint32 cols, int outskew, int inskew)
-+ uint32 rows, uint32 cols, int outskew, int64 inskew)
- {
- while (rows-- > 0) {
- uint32 j = cols;
-@@ -1320,7 +1320,7 @@
- tdata_t tilebuf;
- uint32 imagew = TIFFScanlineSize(in);
- uint32 tilew = TIFFTileRowSize(in);
-- int iskew = imagew - tilew;
-+ int64 iskew = (int64)imagew - (int64)tilew;
- uint8* bufp = (uint8*) buf;
- uint32 tw, tl;
- uint32 row;
-@@ -1348,7 +1348,7 @@
- status = 0;
- goto done;
- }
-- if (colb + tilew > imagew) {
-+ if (colb > iskew) {
- uint32 width = imagew - colb;
- uint32 oskew = tilew - width;
- cpStripToTile(bufp + colb,
diff --git a/gnu/packages/patches/libtiff-CVE-2016-10094.patch b/gnu/packages/patches/libtiff-CVE-2016-10094.patch
deleted file mode 100644
index 9018773565..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2016-10094.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Fix CVE-2016-10094:
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2640
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094
-https://security-tracker.debian.org/tracker/CVE-2016-10094
-
-2016-12-20 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiff2pdf.c: avoid potential heap-based overflow in
- t2p_readwrite_pdf_image_tile().
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1199; previous revision: 1.1198
-/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c
-new revision: 1.101; previous revision: 1.100
-
-Index: libtiff/tools/tiff2pdf.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v
-retrieving revision 1.100
-retrieving revision 1.101
-diff -u -r1.100 -r1.101
---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100
-+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:28:17 -0000 1.101
-@@ -2895,7 +2895,7 @@
- return(0);
- }
- if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) {
-- if (count >= 4) {
-+ if (count > 4) {
- int retTIFFReadRawTile;
- /* Ignore EOI marker of JpegTables */
- _TIFFmemcpy(buffer, jpt, count - 2);
diff --git a/gnu/packages/patches/libtiff-CVE-2017-5225.patch b/gnu/packages/patches/libtiff-CVE-2017-5225.patch
deleted file mode 100644
index 3158b49360..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2017-5225.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-Fix CVE-2017-5225 (Heap based buffer overflow in tools/tiffcp):
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2656
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225
-https://security-tracker.debian.org/tracker/CVE-2017-5225
-
-2017-01-11 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and
- cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based
-overflow.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and
- http://bugzilla.maptools.org/show_bug.cgi?id=2657
-
-
-less C/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1210; previous revision: 1.1209
-/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
-new revision: 1.61; previous revision: 1.60
-
-Index: libtiff/tools/tiffcp.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
-retrieving revision 1.60
-retrieving revision 1.61
-diff -u -r1.60 -r1.61
---- libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60
-+++ libtiff/tools/tiffcp.c 11 Jan 2017 19:26:14 -0000 1.61
-#@@ -1,4 +1,4 @@
-#-/* $Id: tiffcp.c,v 1.60 2016-12-03 16:50:02 erouault Exp $ */
-#+/* $Id: tiffcp.c,v 1.61 2017-01-11 19:26:14 erouault Exp $ */
-#
-# /*
-# * Copyright (c) 1988-1997 Sam Leffler
-@@ -591,7 +591,7 @@
- static int
- tiffcp(TIFF* in, TIFF* out)
- {
-- uint16 bitspersample, samplesperpixel = 1;
-+ uint16 bitspersample = 1, samplesperpixel = 1;
- uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK;
- copyFunc cf;
- uint32 width, length;
-@@ -1067,6 +1067,16 @@
- register uint32 n;
- uint32 row;
- tsample_t s;
-+ uint16 bps = 0;
-+
-+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
-+ if( bps != 8 )
-+ {
-+ TIFFError(TIFFFileName(in),
-+ "Error, can only handle BitsPerSample=8 in %s",
-+ "cpContig2SeparateByRow");
-+ return 0;
-+ }
-
- inbuf = _TIFFmalloc(scanlinesizein);
- outbuf = _TIFFmalloc(scanlinesizeout);
-@@ -1120,6 +1130,16 @@
- register uint32 n;
- uint32 row;
- tsample_t s;
-+ uint16 bps = 0;
-+
-+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
-+ if( bps != 8 )
-+ {
-+ TIFFError(TIFFFileName(in),
-+ "Error, can only handle BitsPerSample=8 in %s",
-+ "cpSeparate2ContigByRow");
-+ return 0;
-+ }
-
- inbuf = _TIFFmalloc(scanlinesizein);
- outbuf = _TIFFmalloc(scanlinesizeout);
-@@ -1784,7 +1804,7 @@
- uint32 w, l, tw, tl;
- int bychunk;
-
-- (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, &shortv);
-+ (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &shortv);
- if (shortv != config && bitspersample != 8 && samplesperpixel > 1) {
- fprintf(stderr,
- "%s: Cannot handle different planar configuration w/ bits/sample != 8\n",
diff --git a/gnu/packages/patches/libtiff-assertion-failure.patch b/gnu/packages/patches/libtiff-assertion-failure.patch
deleted file mode 100644
index ef747fbdd7..0000000000
--- a/gnu/packages/patches/libtiff-assertion-failure.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-Fix assertion failure in readSeparateTilesIntoBuffer():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2605
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcp.c: replace assert( (bps % 8) == 0 ) by a non assert
-check.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1188; previous revision: 1.1187
-/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
-new revision: 1.60; previous revision: 1.59
-
-Index: libtiff/tools/tiffcp.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
-retrieving revision 1.59
-retrieving revision 1.60
-diff -u -r1.59 -r1.60
---- libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59
-+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60
-@@ -45,7 +45,6 @@
- #include <string.h>
-
- #include <ctype.h>
--#include <assert.h>
-
- #ifdef HAVE_UNISTD_H
- # include <unistd.h>
-@@ -1393,7 +1392,12 @@
- status = 0;
- goto done;
- }
-- assert( bps % 8 == 0 );
-+ if( (bps % 8) != 0 )
-+ {
-+ TIFFError(TIFFFileName(in), "Error, cannot handle BitsPerSample that is not a multiple of 8");
-+ status = 0;
-+ goto done;
-+ }
- bytes_per_sample = bps/8;
-
- for (row = 0; row < imagelength; row += tl) {
-@@ -1584,7 +1588,12 @@
- _TIFFfree(obuf);
- return 0;
- }
-- assert( bps % 8 == 0 );
-+ if( (bps % 8) != 0 )
-+ {
-+ TIFFError(TIFFFileName(out), "Error, cannot handle BitsPerSample that is not a multiple of 8");
-+ _TIFFfree(obuf);
-+ return 0;
-+ }
- bytes_per_sample = bps/8;
-
- for (row = 0; row < imagelength; row += tl) {
diff --git a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch b/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch
deleted file mode 100644
index 2a96b68521..0000000000
--- a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-Fix divide-by-zero in OJPEGDecodeRaw():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2611
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case of failure
-in
- OJPEGPreDecode(). This will avoid a divide by zero, and potential other
-issues.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1177; previous revision: 1.1176
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c
-new revision: 1.66; previous revision: 1.65
-
-Index: libtiff/libtiff/tif_ojpeg.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v
-retrieving revision 1.65
-retrieving revision 1.66
-diff -u -r1.65 -r1.66
---- libtiff/libtiff/tif_ojpeg.c 4 Sep 2016 21:32:56 -0000 1.65
-+++ libtiff/libtiff/tif_ojpeg.c 3 Dec 2016 11:15:18 -0000 1.66
-@@ -1,4 +1,4 @@
--/* $Id: tif_ojpeg.c,v 1.65 2016-09-04 21:32:56 erouault Exp $ */
-+/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */
-
- /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0
- specification is now totally obsolete and deprecated for new applications and
-@@ -244,6 +244,7 @@
-
- typedef struct {
- TIFF* tif;
-+ int decoder_ok;
- #ifndef LIBJPEG_ENCAP_EXTERNAL
- JMP_BUF exit_jmpbuf;
- #endif
-@@ -722,6 +723,7 @@
- }
- sp->write_curstrile++;
- }
-+ sp->decoder_ok = 1;
- return(1);
- }
-
-@@ -784,8 +786,14 @@
- static int
- OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s)
- {
-+ static const char module[]="OJPEGDecode";
- OJPEGState* sp=(OJPEGState*)tif->tif_data;
- (void)s;
-+ if( !sp->decoder_ok )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized");
-+ return 0;
-+ }
- if (sp->libjpeg_jpeg_query_style==0)
- {
- if (OJPEGDecodeRaw(tif,buf,cc)==0)
diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch
deleted file mode 100644
index d3f1c2b60e..0000000000
--- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-Fix two divide-by-zero bugs in readSeparateTilesIntoBuffer():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2597
-http://bugzilla.maptools.org/show_bug.cgi?id=2607
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples
-tag is
- missing.
- Reported by Agostino sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1183; previous revision: 1.1182
-/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
-new revision: 1.57; previous revision: 1.56
-
-Index: libtiff/tools/tiffcp.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
-retrieving revision 1.56
-retrieving revision 1.57
-diff -u -r1.56 -r1.57
---- libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56
-+++ libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57
-@@ -1,4 +1,4 @@
--/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */
-+/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -1378,7 +1378,7 @@
- uint8* bufp = (uint8*) buf;
- uint32 tw, tl;
- uint32 row;
-- uint16 bps, bytes_per_sample;
-+ uint16 bps = 0, bytes_per_sample;
-
- tilebuf = _TIFFmalloc(tilesize);
- if (tilebuf == 0)
-@@ -1387,6 +1387,12 @@
- (void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw);
- (void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
- (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
-+ if( bps == 0 )
-+ {
-+ TIFFError(TIFFFileName(in), "Error, cannot read BitsPerSample");
-+ status = 0;
-+ goto done;
-+ }
- assert( bps % 8 == 0 );
- bytes_per_sample = bps/8;
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples
-tag is
- missing.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607
-
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1186; previous revision: 1.1185
-/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
-new revision: 1.58; previous revision: 1.57
-
-Index: libtiff/tools/tiffcp.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
-retrieving revision 1.57
-retrieving revision 1.58
-diff -u -r1.57 -r1.58
---- libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57
-+++ libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58
-@@ -1,4 +1,4 @@
--/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */
-+/* $Id: tiffcp.c,v 1.58 2016-12-03 15:44:15 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -1569,7 +1569,7 @@
- uint8* bufp = (uint8*) buf;
- uint32 tl, tw;
- uint32 row;
-- uint16 bps, bytes_per_sample;
-+ uint16 bps = 0, bytes_per_sample;
-
- obuf = _TIFFmalloc(TIFFTileSize(out));
- if (obuf == NULL)
-@@ -1578,6 +1578,12 @@
- (void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl);
- (void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw);
- (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps);
-+ if( bps == 0 )
-+ {
-+ TIFFError(TIFFFileName(out), "Error, cannot read BitsPerSample");
-+ _TIFFfree(obuf);
-+ return 0;
-+ }
- assert( bps % 8 == 0 );
- bytes_per_sample = bps/8;
-
diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch
deleted file mode 100644
index 823293f1cf..0000000000
--- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-Fix divide-by-zero in readSeparateStripsIntoBuffer():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2619
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcrop.c: fix integer division by zero when BitsPerSample is
-missing.
- Reported by Agostina Sarubo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1180; previous revision: 1.1179
-/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c
-new revision: 1.49; previous revision: 1.48
-
-Index: libtiff/tools/tiffcrop.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
-retrieving revision 1.48
-retrieving revision 1.49
-diff -u -r1.48 -r1.49
---- libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48
-+++ libtiff/tools/tiffcrop.c 3 Dec 2016 13:00:04 -0000 1.49
-@@ -1,4 +1,4 @@
--/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */
-+/* $Id: tiffcrop.c,v 1.49 2016-12-03 13:00:04 erouault Exp $ */
-
- /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of
- * the image data through additional options listed below
-@@ -1164,7 +1164,7 @@
- tdata_t obuf;
-
- (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
-- (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps);
-+ (void) TIFFGetFieldDefaulted(out, TIFFTAG_BITSPERSAMPLE, &bps);
- bytes_per_sample = (bps + 7) / 8;
- if( width == 0 ||
- (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width ||
-@@ -4760,7 +4760,7 @@
- int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1;
- uint32 j;
- int32 bytes_read = 0;
-- uint16 bps, planar;
-+ uint16 bps = 0, planar;
- uint32 nstrips;
- uint32 strips_per_sample;
- uint32 src_rowsize, dst_rowsize, rows_processed, rps;
-@@ -4780,7 +4780,7 @@
- }
-
- memset (srcbuffs, '\0', sizeof(srcbuffs));
-- TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
-+ TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, &bps);
- TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &planar);
- TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps);
- if (rps > length)
diff --git a/gnu/packages/patches/libtiff-divide-by-zero.patch b/gnu/packages/patches/libtiff-divide-by-zero.patch
deleted file mode 100644
index 6dbd4666cd..0000000000
--- a/gnu/packages/patches/libtiff-divide-by-zero.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-Fix an integer overflow in TIFFReadEncodedStrip() that led to division-by-zero:
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2596
-
-2016-12-02 Even Rouault <even.rouault at spatialys.com>
-
- * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in
- TIFFReadEncodedStrip() that caused an integer division by zero.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596
-
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1173; previous revision: 1.1172
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c
-new revision: 1.50; previous revision: 1.49
-/cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v <-- libtiff/tiffiop.h
-new revision: 1.90; previous revision: 1.89
-
-Index: libtiff/libtiff/tif_read.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v
-retrieving revision 1.49
-retrieving revision 1.50
-diff -u -r1.49 -r1.50
---- libtiff/libtiff/tif_read.c 10 Jul 2016 18:00:21 -0000 1.49
-+++ libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50
-@@ -1,4 +1,4 @@
--/* $Id: tif_read.c,v 1.49 2016-07-10 18:00:21 erouault Exp $ */
-+/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -346,7 +346,7 @@
- rowsperstrip=td->td_rowsperstrip;
- if (rowsperstrip>td->td_imagelength)
- rowsperstrip=td->td_imagelength;
-- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip);
-+ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip);
- stripinplane=(strip%stripsperplane);
- plane=(uint16)(strip/stripsperplane);
- rows=td->td_imagelength-stripinplane*rowsperstrip;
-Index: libtiff/libtiff/tiffiop.h
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v
-retrieving revision 1.89
-retrieving revision 1.90
-diff -u -r1.89 -r1.90
---- libtiff/libtiff/tiffiop.h 23 Jan 2016 21:20:34 -0000 1.89
-+++ libtiff/libtiff/tiffiop.h 2 Dec 2016 21:56:56 -0000 1.90
-@@ -1,4 +1,4 @@
--/* $Id: tiffiop.h,v 1.89 2016-01-23 21:20:34 erouault Exp $ */
-+/* $Id: tiffiop.h,v 1.90 2016-12-02 21:56:56 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -250,6 +250,10 @@
- #define TIFFhowmany_32(x, y) (((uint32)x < (0xffffffff - (uint32)(y-1))) ? \
- ((((uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \
- 0U)
-+/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */
-+/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */
-+#define TIFFhowmany_32_maxuint_compat(x, y) \
-+ (((uint32)(x) / (uint32)(y)) + ((((uint32)(x) % (uint32)(y)) != 0) ? 1 : 0))
- #define TIFFhowmany8_32(x) (((x)&0x07)?((uint32)(x)>>3)+1:(uint32)(x)>>3)
- #define TIFFroundup_32(x, y) (TIFFhowmany_32(x,y)*(y))
- #define TIFFhowmany_64(x, y) ((((uint64)(x))+(((uint64)(y))-1))/((uint64)(y)))
diff --git a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch b/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch
deleted file mode 100644
index 2d5e23586d..0000000000
--- a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-Fix heap-based buffer overflow in _TIFFmemcpy():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2604
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based buffer
- overflow on generation of PixarLog / LUV compressed files, with
- ColorMap, TransferFunction attached and nasty plays with bitspersample.
- The fix for LUV has not been tested, but suffers from the same kind
- of issue of PixarLog.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1175; previous revision: 1.1174
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v <-- libtiff/tif_luv.c
-new revision: 1.44; previous revision: 1.43
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v <--
-libtiff/tif_pixarlog.c
-new revision: 1.49; previous revision: 1.48
-
-Index: libtiff/libtiff/tif_luv.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v
-retrieving revision 1.43
-retrieving revision 1.44
-diff -u -r1.43 -r1.44
---- libtiff/libtiff/tif_luv.c 4 Sep 2016 21:32:56 -0000 1.43
-+++ libtiff/libtiff/tif_luv.c 2 Dec 2016 23:05:51 -0000 1.44
-@@ -1,4 +1,4 @@
--/* $Id: tif_luv.c,v 1.43 2016-09-04 21:32:56 erouault Exp $ */
-+/* $Id: tif_luv.c,v 1.44 2016-12-02 23:05:51 erouault Exp $ */
-
- /*
- * Copyright (c) 1997 Greg Ward Larson
-@@ -158,6 +158,7 @@
- typedef struct logLuvState LogLuvState;
-
- struct logLuvState {
-+ int encoder_state; /* 1 if encoder correctly initialized */
- int user_datafmt; /* user data format */
- int encode_meth; /* encoding method */
- int pixel_size; /* bytes per pixel */
-@@ -1552,6 +1553,7 @@
- td->td_photometric, "must be either LogLUV or LogL");
- break;
- }
-+ sp->encoder_state = 1;
- return (1);
- notsupported:
- TIFFErrorExt(tif->tif_clientdata, module,
-@@ -1563,19 +1565,27 @@
- static void
- LogLuvClose(TIFF* tif)
- {
-+ LogLuvState* sp = (LogLuvState*) tif->tif_data;
- TIFFDirectory *td = &tif->tif_dir;
-
-+ assert(sp != 0);
- /*
- * For consistency, we always want to write out the same
- * bitspersample and sampleformat for our TIFF file,
- * regardless of the data format being used by the application.
- * Since this routine is called after tags have been set but
- * before they have been recorded in the file, we reset them here.
-+ * Note: this is really a nasty approach. See PixarLogClose
- */
-- td->td_samplesperpixel =
-- (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3;
-- td->td_bitspersample = 16;
-- td->td_sampleformat = SAMPLEFORMAT_INT;
-+ if( sp->encoder_state )
-+ {
-+ /* See PixarLogClose. Might avoid issues with tags whose size depends
-+ * on those below, but not completely sure this is enough. */
-+ td->td_samplesperpixel =
-+ (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3;
-+ td->td_bitspersample = 16;
-+ td->td_sampleformat = SAMPLEFORMAT_INT;
-+ }
- }
-
- static void
-Index: libtiff/libtiff/tif_pixarlog.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
-retrieving revision 1.48
-retrieving revision 1.49
-diff -u -r1.48 -r1.49
---- libtiff/libtiff/tif_pixarlog.c 23 Sep 2016 22:12:18 -0000 1.48
-+++ libtiff/libtiff/tif_pixarlog.c 2 Dec 2016 23:05:51 -0000 1.49
-@@ -1,4 +1,4 @@
--/* $Id: tif_pixarlog.c,v 1.48 2016-09-23 22:12:18 erouault Exp $ */
-+/* $Id: tif_pixarlog.c,v 1.49 2016-12-02 23:05:51 erouault Exp $ */
-
- /*
- * Copyright (c) 1996-1997 Sam Leffler
-@@ -1233,8 +1233,10 @@
- static void
- PixarLogClose(TIFF* tif)
- {
-+ PixarLogState* sp = (PixarLogState*) tif->tif_data;
- TIFFDirectory *td = &tif->tif_dir;
-
-+ assert(sp != 0);
- /* In a really sneaky (and really incorrect, and untruthful, and
- * troublesome, and error-prone) maneuver that completely goes against
- * the spirit of TIFF, and breaks TIFF, on close, we covertly
-@@ -1243,8 +1245,19 @@
- * readers that don't know about PixarLog, or how to set
- * the PIXARLOGDATFMT pseudo-tag.
- */
-- td->td_bitspersample = 8;
-- td->td_sampleformat = SAMPLEFORMAT_UINT;
-+
-+ if (sp->state&PLSTATE_INIT) {
-+ /* We test the state to avoid an issue such as in
-+ * http://bugzilla.maptools.org/show_bug.cgi?id=2604
-+ * What appends in that case is that the bitspersample is 1 and
-+ * a TransferFunction is set. The size of the TransferFunction
-+ * depends on 1<<bitspersample. So if we increase it, an access
-+ * out of the buffer will happen at directory flushing.
-+ * Another option would be to clear those targs.
-+ */
-+ td->td_bitspersample = 8;
-+ td->td_sampleformat = SAMPLEFORMAT_UINT;
-+ }
- }
-
- static void
diff --git a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch b/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch
deleted file mode 100644
index 68889b121b..0000000000
--- a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch
+++ /dev/null
@@ -1,132 +0,0 @@
-Fix heap-based buffer overflow in TIFFFillStrip():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2608
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * libtiff/tif_dirread.c: modify ChopUpSingleUncompressedStrip() to
- instanciate compute ntrips as TIFFhowmany_32(td->td_imagelength,
-rowsperstrip),
- instead of a logic based on the total size of data. Which is faulty is
- the total size of data is not sufficient to fill the whole image, and
-thus
- results in reading outside of the StripByCounts/StripOffsets arrays
-when
- using TIFFReadScanline().
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608.
-
- * libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done
- for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273
-since
- the above change is a better fix that makes it unnecessary.
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1176; previous revision: 1.1175
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <--
-libtiff/tif_dirread.c
-new revision: 1.205; previous revision: 1.204
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v <-- libtiff/tif_strip.c
-new revision: 1.38; previous revision: 1.37
-
-Index: libtiff/libtiff/tif_dirread.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v
-retrieving revision 1.204
-retrieving revision 1.205
-diff -u -r1.204 -r1.205
---- libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204
-+++ libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205
-@@ -1,4 +1,4 @@
--/* $Id: tif_dirread.c,v 1.204 2016-11-16 15:14:15 erouault Exp $ */
-+/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -5502,8 +5502,7 @@
- uint64 rowblockbytes;
- uint64 stripbytes;
- uint32 strip;
-- uint64 nstrips64;
-- uint32 nstrips32;
-+ uint32 nstrips;
- uint32 rowsperstrip;
- uint64* newcounts;
- uint64* newoffsets;
-@@ -5534,18 +5533,17 @@
- return;
-
- /*
-- * never increase the number of strips in an image
-+ * never increase the number of rows per strip
- */
- if (rowsperstrip >= td->td_rowsperstrip)
- return;
-- nstrips64 = TIFFhowmany_64(bytecount, stripbytes);
-- if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */
-- return;
-- nstrips32 = (uint32)nstrips64;
-+ nstrips = TIFFhowmany_32(td->td_imagelength, rowsperstrip);
-+ if( nstrips == 0 )
-+ return;
-
-- newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
-+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
- "for chopped \"StripByteCounts\" array");
-- newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
-+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
- "for chopped \"StripOffsets\" array");
- if (newcounts == NULL || newoffsets == NULL) {
- /*
-@@ -5562,18 +5560,18 @@
- * Fill the strip information arrays with new bytecounts and offsets
- * that reflect the broken-up format.
- */
-- for (strip = 0; strip < nstrips32; strip++) {
-+ for (strip = 0; strip < nstrips; strip++) {
- if (stripbytes > bytecount)
- stripbytes = bytecount;
- newcounts[strip] = stripbytes;
-- newoffsets[strip] = offset;
-+ newoffsets[strip] = stripbytes ? offset : 0;
- offset += stripbytes;
- bytecount -= stripbytes;
- }
- /*
- * Replace old single strip info with multi-strip info.
- */
-- td->td_stripsperimage = td->td_nstrips = nstrips32;
-+ td->td_stripsperimage = td->td_nstrips = nstrips;
- TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip);
-
- _TIFFfree(td->td_stripbytecount);
-Index: libtiff/libtiff/tif_strip.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v
-retrieving revision 1.37
-retrieving revision 1.38
-diff -u -r1.37 -r1.38
---- libtiff/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37
-+++ libtiff/libtiff/tif_strip.c 3 Dec 2016 11:02:15 -0000 1.38
-@@ -1,4 +1,4 @@
--/* $Id: tif_strip.c,v 1.37 2016-11-09 23:00:49 erouault Exp $ */
-+/* $Id: tif_strip.c,v 1.38 2016-12-03 11:02:15 erouault Exp $ */
-
- /*
- * Copyright (c) 1991-1997 Sam Leffler
-@@ -63,15 +63,6 @@
- TIFFDirectory *td = &tif->tif_dir;
- uint32 nstrips;
-
-- /* If the value was already computed and store in td_nstrips, then return it,
-- since ChopUpSingleUncompressedStrip might have altered and resized the
-- since the td_stripbytecount and td_stripoffset arrays to the new value
-- after the initial affectation of td_nstrips = TIFFNumberOfStrips() in
-- tif_dirread.c ~line 3612.
-- See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */
-- if( td->td_nstrips )
-- return td->td_nstrips;
--
- nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 :
- TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip));
- if (td->td_planarconfig == PLANARCONFIG_SEPARATE)
diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch
deleted file mode 100644
index f0fef08bf3..0000000000
--- a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-Fix heap buffer overflow in tiffcp when parsing number of inks:
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2599
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tif_dir.c: when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is
-called,
- limit the return number of inks to SamplesPerPixel, so that code that
-parses
- ink names doesn't go past the end of the buffer.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599
-
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1184; previous revision: 1.1183
-/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c
-new revision: 1.128; previous revision: 1.127
-
-Index: libtiff/libtiff/tif_dir.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v
-retrieving revision 1.127
-retrieving revision 1.128
-diff -u -r1.127 -r1.128
---- libtiff/libtiff/tif_dir.c 25 Oct 2016 21:35:15 -0000 1.127
-+++ libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128
-@@ -1,4 +1,4 @@
--/* $Id: tif_dir.c,v 1.127 2016-10-25 21:35:15 erouault Exp $ */
-+/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -854,6 +854,32 @@
- if( fip == NULL ) /* cannot happen since TIFFGetField() already checks it */
- return 0;
-
-+ if( tag == TIFFTAG_NUMBEROFINKS )
-+ {
-+ int i;
-+ for (i = 0; i < td->td_customValueCount; i++) {
-+ uint16 val;
-+ TIFFTagValue *tv = td->td_customValues + i;
-+ if (tv->info->field_tag != tag)
-+ continue;
-+ val = *(uint16 *)tv->value;
-+ /* Truncate to SamplesPerPixel, since the */
-+ /* setting code for INKNAMES assume that there are SamplesPerPixel */
-+ /* inknames. */
-+ /* Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 */
-+ if( val > td->td_samplesperpixel )
-+ {
-+ TIFFWarningExt(tif->tif_clientdata,"_TIFFVGetField",
-+ "Truncating NumberOfInks from %u to %u",
-+ val, td->td_samplesperpixel);
-+ val = td->td_samplesperpixel;
-+ }
-+ *va_arg(ap, uint16*) = val;
-+ return 1;
-+ }
-+ return 0;
-+ }
-+
- /*
- * We want to force the custom code to be used for custom
- * fields even if the tag happens to match a well known
diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch
deleted file mode 100644
index 8166c55758..0000000000
--- a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-Fix heap-based buffer overflow in combineSeparateSamples16bits():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2621
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcrop.c: add 3 extra bytes at end of strip buffer in
- readSeparateStripsIntoBuffer() to avoid read outside of heap allocated
-buffer.
- Reported by Agostina Sarubo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1179; previous revision: 1.1178
-/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c
-new revision: 1.48; previous revision: 1.47
-
-Index: libtiff/tools/tiffcrop.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
-retrieving revision 1.47
-retrieving revision 1.48
-diff -u -r1.47 -r1.48
---- libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47
-+++ libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48
-@@ -1,4 +1,4 @@
--/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */
-+/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */
-
- /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of
- * the image data through additional options listed below
-@@ -4815,10 +4815,17 @@
- nstrips = TIFFNumberOfStrips(in);
- strips_per_sample = nstrips /spp;
-
-+ /* Add 3 padding bytes for combineSeparateSamples32bits */
-+ if( (size_t) stripsize > 0xFFFFFFFFU - 3U )
-+ {
-+ TIFFError("readSeparateStripsIntoBuffer", "Integer overflow when calculating buffer size.");
-+ exit(-1);
-+ }
-+
- for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- {
- srcbuffs[s] = NULL;
-- buff = _TIFFmalloc(stripsize);
-+ buff = _TIFFmalloc(stripsize + 3);
- if (!buff)
- {
- TIFFError ("readSeparateStripsIntoBuffer",
-@@ -4827,6 +4834,9 @@
- _TIFFfree (srcbuffs[i]);
- return 0;
- }
-+ buff[stripsize] = 0;
-+ buff[stripsize+1] = 0;
-+ buff[stripsize+2] = 0;
- srcbuffs[s] = buff;
- }
-
diff --git a/gnu/packages/patches/libtiff-invalid-read.patch b/gnu/packages/patches/libtiff-invalid-read.patch
deleted file mode 100644
index 92742d8757..0000000000
--- a/gnu/packages/patches/libtiff-invalid-read.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-Fix invalid read in t2p_writeproc():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2639
-
-2016-12-20 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiff2pdf.c: avoid potential invalid memory read in
- t2p_writeproc.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639
-
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1198; previous revision: 1.1197
-/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c
-new revision: 1.100; previous revision: 1.99
-
-Index: libtiff/tools/tiff2pdf.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v
-retrieving revision 1.99
-retrieving revision 1.100
-diff -u -r1.99 -r1.100
---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:13:26 -0000 1.99
-+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100
-@@ -2896,6 +2896,7 @@
- }
- if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) {
- if (count >= 4) {
-+ int retTIFFReadRawTile;
- /* Ignore EOI marker of JpegTables */
- _TIFFmemcpy(buffer, jpt, count - 2);
- bufferoffset += count - 2;
-@@ -2903,22 +2904,23 @@
- table_end[0] = buffer[bufferoffset-2];
- table_end[1] = buffer[bufferoffset-1];
- xuint32 = bufferoffset;
-- bufferoffset -= 2;
-- bufferoffset += TIFFReadRawTile(
-+ bufferoffset -= 2;
-+ retTIFFReadRawTile= TIFFReadRawTile(
- input,
- tile,
- (tdata_t) &(((unsigned char*)buffer)[bufferoffset]),
- -1);
-+ if( retTIFFReadRawTile < 0 )
-+ {
-+ _TIFFfree(buffer);
-+ t2p->t2p_error = T2P_ERR_ERROR;
-+ return(0);
-+ }
-+ bufferoffset += retTIFFReadRawTile;
- /* Overwrite SOI marker of image scan with previously */
- /* saved end of JpegTables */
- buffer[xuint32-2]=table_end[0];
- buffer[xuint32-1]=table_end[1];
-- } else {
-- bufferoffset += TIFFReadRawTile(
-- input,
-- tile,
-- (tdata_t) &(((unsigned char*)buffer)[bufferoffset]),
-- -1);
- }
- }
- t2pWriteFile(output, (tdata_t) buffer, bufferoffset);
diff --git a/gnu/packages/patches/libtiff-null-dereference.patch b/gnu/packages/patches/libtiff-null-dereference.patch
deleted file mode 100644
index 8c6345b804..0000000000
--- a/gnu/packages/patches/libtiff-null-dereference.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Fix NULL pointer dereference in TIFFReadRawData():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2594
-
-
-2016-12-03 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffinfo.c: fix null pointer dereference in -r mode when
- * the
-image has
- no StripByteCount tag.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1182; previous revision: 1.1181
-/cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v <-- tools/tiffinfo.c
-new revision: 1.26; previous revision: 1.25
-
-Index: libtiff/tools/tiffinfo.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v
-retrieving revision 1.25
-retrieving revision 1.26
-diff -u -r1.25 -r1.26
---- libtiff/tools/tiffinfo.c 12 Nov 2016 20:06:05 -0000 1.25
-+++ libtiff/tools/tiffinfo.c 3 Dec 2016 14:18:49 -0000 1.26
-@@ -1,4 +1,4 @@
--/* $Id: tiffinfo.c,v 1.25 2016-11-12 20:06:05 bfriesen Exp $ */
-+/* $Id: tiffinfo.c,v 1.26 2016-12-03 14:18:49 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -417,7 +417,7 @@
- uint64* stripbc=NULL;
-
- TIFFGetField(tif, TIFFTAG_STRIPBYTECOUNTS, &stripbc);
-- if (nstrips > 0) {
-+ if (stripbc != NULL && nstrips > 0) {
- uint32 bufsize = (uint32) stripbc[0];
- tdata_t buf = _TIFFmalloc(bufsize);
- tstrip_t s;
diff --git a/gnu/packages/patches/libtiff-tiffcp-underflow.patch b/gnu/packages/patches/libtiff-tiffcp-underflow.patch
deleted file mode 100644
index 5615cbb3e1..0000000000
--- a/gnu/packages/patches/libtiff-tiffcp-underflow.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-Fix a integer underflow in tiffcp that led to heap overflows in
-TIFFReverseBits():
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2598
-
-2016-12-02 Even Rouault <even.rouault at spatialys.com>
-
- * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that
- can cause various issues, such as buffer overflows in the library.
- Reported by Agostino Sarubbo.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598
-
-
-/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
-new revision: 1.1174; previous revision: 1.1173
-/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
-new revision: 1.56; previous revision: 1.55
-
-Index: libtiff/tools/tiffcp.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
-retrieving revision 1.55
-retrieving revision 1.56
-diff -u -r1.55 -r1.56
---- libtiff/tools/tiffcp.c 8 Oct 2016 15:54:57 -0000 1.55
-+++ libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56
-@@ -1,4 +1,4 @@
--/* $Id: tiffcp.c,v 1.55 2016-10-08 15:54:57 erouault Exp $ */
-+/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */
-
- /*
- * Copyright (c) 1988-1997 Sam Leffler
-@@ -985,7 +985,7 @@
- tstrip_t s, ns = TIFFNumberOfStrips(in);
- uint32 row = 0;
- _TIFFmemset(buf, 0, stripsize);
-- for (s = 0; s < ns; s++) {
-+ for (s = 0; s < ns && row < imagelength; s++) {
- tsize_t cc = (row + rowsperstrip > imagelength) ?
- TIFFVStripSize(in, imagelength - row) : stripsize;
- if (TIFFReadEncodedStrip(in, s, buf, cc) < 0
diff --git a/gnu/packages/patches/libunistring-gnulib-multi-core.patch b/gnu/packages/patches/libunistring-gnulib-multi-core.patch
new file mode 100644
index 0000000000..709b20c6d2
--- /dev/null
+++ b/gnu/packages/patches/libunistring-gnulib-multi-core.patch
@@ -0,0 +1,178 @@
+This patch fixes performance problems on multi-core machines
+as reported at <https://bugs.gnu.org/26441>.
+
+See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib
+by Bruno Haible <bruno@clisp.org>.
+
+diff --git a/tests/test-lock.c b/tests/test-lock.c
+index cb734b4e6..aa6de2739 100644
+--- a/tests/test-lock.c
++++ b/tests/test-lock.c
+@@ -50,6 +50,13 @@
+ Uncomment this to see if the operating system has a fair scheduler. */
+ #define EXPLICIT_YIELD 1
+
++/* Whether to use 'volatile' on some variables that communicate information
++ between threads. If set to 0, a lock is used to protect these variables.
++ If set to 1, 'volatile' is used; this is theoretically equivalent but can
++ lead to much slower execution (e.g. 30x slower total run time on a 40-core
++ machine. */
++#define USE_VOLATILE 0
++
+ /* Whether to print debugging messages. */
+ #define ENABLE_DEBUGGING 0
+
+@@ -103,6 +110,51 @@
+ # define yield()
+ #endif
+
++#if USE_VOLATILE
++struct atomic_int {
++ volatile int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ return ai->value;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ ai->value = new_value;
++}
++#else
++struct atomic_int {
++ gl_lock_define (, lock)
++ int value;
++};
++static void
++init_atomic_int (struct atomic_int *ai)
++{
++ gl_lock_init (ai->lock);
++}
++static int
++get_atomic_int_value (struct atomic_int *ai)
++{
++ gl_lock_lock (ai->lock);
++ int ret = ai->value;
++ gl_lock_unlock (ai->lock);
++ return ret;
++}
++static void
++set_atomic_int_value (struct atomic_int *ai, int new_value)
++{
++ gl_lock_lock (ai->lock);
++ ai->value = new_value;
++ gl_lock_unlock (ai->lock);
++}
++#endif
++
+ #define ACCOUNT_COUNT 4
+
+ static int account[ACCOUNT_COUNT];
+@@ -170,12 +222,12 @@ lock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int lock_checker_done;
++static struct atomic_int lock_checker_done;
+
+ static void *
+ lock_checker_thread (void *arg)
+ {
+- while (!lock_checker_done)
++ while (get_atomic_int_value (&lock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_lock_lock (my_lock);
+@@ -200,7 +252,8 @@ test_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- lock_checker_done = 0;
++ init_atomic_int (&lock_checker_done);
++ set_atomic_int_value (&lock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (lock_checker_thread, NULL);
+@@ -210,7 +263,7 @@ test_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- lock_checker_done = 1;
++ set_atomic_int_value (&lock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
+@@ -254,12 +307,12 @@ rwlock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int rwlock_checker_done;
++static struct atomic_int rwlock_checker_done;
+
+ static void *
+ rwlock_checker_thread (void *arg)
+ {
+- while (!rwlock_checker_done)
++ while (get_atomic_int_value (&rwlock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ());
+ gl_rwlock_rdlock (my_rwlock);
+@@ -284,7 +337,8 @@ test_rwlock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- rwlock_checker_done = 0;
++ init_atomic_int (&rwlock_checker_done);
++ set_atomic_int_value (&rwlock_checker_done, 0);
+
+ /* Spawn the threads. */
+ for (i = 0; i < THREAD_COUNT; i++)
+@@ -295,7 +349,7 @@ test_rwlock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- rwlock_checker_done = 1;
++ set_atomic_int_value (&rwlock_checker_done, 1);
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (checkerthreads[i], NULL);
+ check_accounts ();
+@@ -356,12 +410,12 @@ reclock_mutator_thread (void *arg)
+ return NULL;
+ }
+
+-static volatile int reclock_checker_done;
++static struct atomic_int reclock_checker_done;
+
+ static void *
+ reclock_checker_thread (void *arg)
+ {
+- while (!reclock_checker_done)
++ while (get_atomic_int_value (&reclock_checker_done) == 0)
+ {
+ dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ());
+ gl_recursive_lock_lock (my_reclock);
+@@ -386,7 +440,8 @@ test_recursive_lock (void)
+ /* Initialization. */
+ for (i = 0; i < ACCOUNT_COUNT; i++)
+ account[i] = 1000;
+- reclock_checker_done = 0;
++ init_atomic_int (&reclock_checker_done);
++ set_atomic_int_value (&reclock_checker_done, 0);
+
+ /* Spawn the threads. */
+ checkerthread = gl_thread_create (reclock_checker_thread, NULL);
+@@ -396,7 +451,7 @@ test_recursive_lock (void)
+ /* Wait for the threads to terminate. */
+ for (i = 0; i < THREAD_COUNT; i++)
+ gl_thread_join (threads[i], NULL);
+- reclock_checker_done = 1;
++ set_atomic_int_value (&reclock_checker_done, 1);
+ gl_thread_join (checkerthread, NULL);
+ check_accounts ();
+ }
diff --git a/gnu/packages/patches/python-file-double-encoding-bug.patch b/gnu/packages/patches/python-file-double-encoding-bug.patch
deleted file mode 100644
index bbe825c36a..0000000000
--- a/gnu/packages/patches/python-file-double-encoding-bug.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Fix bug that breaks file's Python bindings when using Python 3. This patch
-should not be applied when using Python 2.
-
-Copied from upstream source repository:
-
-https://github.com/file/file/commit/73e043d2a986234b187a00ed0c8d1f7bf83df372
-
-From 73e043d2a986234b187a00ed0c8d1f7bf83df372 Mon Sep 17 00:00:00 2001
-From: Christos Zoulas <christos@zoulas.com>
-Date: Tue, 28 Jun 2016 17:10:22 +0000
-Subject: [PATCH] PR/562: Reiner Herrmann: Avoid double encoding with python3
-
----
- python/magic.py | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/python/magic.py b/python/magic.py
-index c48f7d5..b0f7a17 100644
---- a/python/magic.py
-+++ b/python/magic.py
-@@ -134,7 +134,7 @@ class Magic(object):
- if isinstance(r, str):
- return r
- else:
-- return str(r).encode('utf-8')
-+ return str(r, 'utf-8')
-
- def descriptor(self, fd):
- """
-@@ -152,7 +152,7 @@ class Magic(object):
- if isinstance(r, str):
- return r
- else:
-- return str(r).encode('utf-8')
-+ return str(r, 'utf-8')
-
- def error(self):
- """
-@@ -163,7 +163,7 @@ class Magic(object):
- if isinstance(e, str):
- return e
- else:
-- return str(e).encode('utf-8')
-+ return str(e, 'utf-8')
-
- def setflags(self, flags):
- """
---
-2.10.1
-
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index 58beab0a96..61aaf7c153 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -34,7 +34,6 @@
(package
(name "pcre")
(version "8.40")
- (replacement pcre/fixed)
(source (origin
(method url-fetch)
(uri (list
@@ -43,6 +42,7 @@
"pcre-" version ".tar.bz2")
(string-append "mirror://sourceforge/pcre/pcre/"
version "/pcre-" version ".tar.bz2")))
+ (patches (search-patches "pcre-CVE-2017-7186.patch"))
(sha256
(base32
"1x7lpjn7jhk0n3sdvggxrlrhab8kkfjwl7qix0ypw9nlx8lpmqh0"))))
@@ -72,14 +72,6 @@ POSIX regular expression API.")
(license license:bsd-3)
(home-page "http://www.pcre.org/")))
-(define pcre/fixed
- (package
- (inherit pcre)
- (replacement #f)
- (source (origin
- (inherit (package-source pcre))
- (patches (search-patches "pcre-CVE-2017-7186.patch"))))))
-
(define-public pcre2
(package
(name "pcre2")
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index 812d7548cf..db76160062 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -51,14 +51,14 @@
;; Yeah, Perl... It is required early in the bootstrap process by Linux.
(package
(name "perl")
- (version "5.24.0")
+ (version "5.24.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://cpan/src/5.0/perl-"
version ".tar.gz"))
(sha256
(base32
- "00jj8zr8fnihrxxhl8h936ssczv5x86qb618yz1ig40d1rp0qhvy"))
+ "1bqqb5ghfj4486nqr77kgsd8aff6a289jy7n2cdkznwvn34qbhg6"))
(patches (search-patches
"perl-no-sys-dirs.patch"
"perl-autosplit-default-time.patch"
diff --git a/gnu/packages/pkg-config.scm b/gnu/packages/pkg-config.scm
index 01069d27a5..12f17f1e3c 100644
--- a/gnu/packages/pkg-config.scm
+++ b/gnu/packages/pkg-config.scm
@@ -30,7 +30,7 @@
(define-public %pkg-config
(package
(name "pkg-config")
- (version "0.29.1")
+ (version "0.29.2")
(source (origin
(method url-fetch)
(uri (list
@@ -46,7 +46,7 @@
version ".tar.gz")))
(sha256
(base32
- "00dh1jn8rbppmgbhhgqhmbh3c58b0gccy39rsjdlcma50sg3rd5y"))))
+ "14fmwzki1rlz8bs2p810lk6jqdxsk966d8drgsjmi54cd00rrikg"))))
(build-system gnu-build-system)
(arguments `(#:configure-flags '("--with-internal-glib")))
(native-search-paths
diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm
index 92ebe6f3eb..846c174fa7 100644
--- a/gnu/packages/pulseaudio.scm
+++ b/gnu/packages/pulseaudio.scm
@@ -45,13 +45,14 @@
(define-public libsndfile
(package
(name "libsndfile")
- (replacement libsndfile/fixed)
(version "1.0.28")
(source (origin
(method url-fetch)
(uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-"
version ".tar.gz"))
- (patches (search-patches "libsndfile-armhf-type-checks.patch"))
+ (patches (search-patches "libsndfile-armhf-type-checks.patch"
+ "libsndfile-CVE-2017-8361-8363-8365.patch"
+ "libsndfile-CVE-2017-8362.patch"))
(sha256
(base32
"1afzm7jx34jhqn32clc5xghyjglccam2728yxlx37yj2y0lkkwqz"))))
@@ -77,18 +78,6 @@ SPARC. Hopefully the design of the library will also make it easy to extend
for reading and writing new sound file formats.")
(license l:gpl2+)))
-(define libsndfile/fixed
- (package
- (inherit libsndfile)
- (source
- (origin
- (inherit (package-source libsndfile))
- (patches
- (append
- (origin-patches (package-source libsndfile))
- (search-patches "libsndfile-CVE-2017-8361-8363-8365.patch"
- "libsndfile-CVE-2017-8362.patch")))))))
-
(define-public libsamplerate
(package
(name "libsamplerate") ; aka. Secret Rabbit Code (SRC)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 7617490bd4..1017c31dad 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -7578,10 +7578,6 @@ Python's @code{ctypes} foreign function interface (FFI).")
(package
(inherit file)
(name "python-file")
- (source (origin
- (inherit (package-source file))
- ;; This patch should not be applied to python2-file.
- (patches (search-patches "python-file-double-encoding-bug.patch"))))
(build-system python-build-system)
(arguments
'(#:tests? #f ;no tests
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 7f62b37690..23b04bad29 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -8,6 +8,7 @@
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
+;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -52,8 +53,7 @@
(define-public libtasn1
(package
(name "libtasn1")
- (replacement libtasn1/fixed)
- (version "4.10")
+ (version "4.12")
(source
(origin
(method url-fetch)
@@ -61,7 +61,7 @@
version ".tar.gz"))
(sha256
(base32
- "00jsix5hny0g768zv4hk78dib7w0qmk5fbizf4jj37r51nd4s6k8"))))
+ "0ls7jdq3y5fnrwg0pzhq11m21r8pshac2705bczz6mqjc8pdllv7"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(home-page "https://www.gnu.org/software/libtasn1/")
@@ -73,15 +73,6 @@ networking, allowing for formal validation of data according to some
specifications.")
(license license:lgpl2.0+)))
-(define libtasn1/fixed
- (package
- (inherit libtasn1)
- (source
- (origin
- (inherit (package-source libtasn1))
- (patches
- (search-patches "libtasn1-CVE-2017-6891.patch"))))))
-
(define-public asn1c
(package
(name "asn1c")
@@ -150,7 +141,7 @@ living in the same process.")
(define-public gnutls
(package
(name "gnutls")
- (version "3.5.9")
+ (version "3.5.10")
(source (origin
(method url-fetch)
(uri
@@ -161,13 +152,11 @@ living in the same process.")
"/gnutls-" version ".tar.xz"))
(sha256
(base32
- "0l9971841jsfdcvcyhas17sk5rsby6x5vvwcmmj4x3zi9q60zcc2"))))
+ "17apwvdkkazh5w8z8mbanpj2yj8s2002qwy46wz4v3akpa33wi5g"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
- (list (string-append "--with-guile-site-dir="
- (assoc-ref %outputs "out")
- "/share/guile/site/2.0")
+ (list
;; GnuTLS doesn't consult any environment variables to specify
;; the location of the system-wide trust store. Instead it has a
;; configure-time option. Unless specified, its configure script
@@ -204,7 +193,7 @@ living in the same process.")
("pkg-config" ,pkg-config)
("which" ,which)))
(inputs
- `(("guile" ,guile-2.0)))
+ `(("guile" ,guile-2.2)))
(propagated-inputs
;; These are all in the 'Requires.private' field of gnutls.pc.
`(("libtasn1" ,libtasn1)
@@ -223,22 +212,20 @@ required structures.")
(ftp-directory . "/gcrypt/gnutls")))))
(define-public gnutls/guile-2.2
- ;; GnuTLS for Guile 2.2. This is supported by GnuTLS >= 3.5.5.
+ (deprecated-package "guile2.2-gnutls" gnutls))
+
+(define-public gnutls/guile-2.0
+ ;; GnuTLS for Guile 2.0.
(package
(inherit gnutls)
- (name "guile2.2-gnutls")
- (arguments
- ;; Remove '--with-guile-site-dir=…/2.0'.
- (substitute-keyword-arguments (package-arguments gnutls)
- ((#:configure-flags flags)
- `(cdr ,flags))))
- (inputs `(("guile" ,guile-2.2)
+ (name "guile2.0-gnutls")
+ (inputs `(("guile" ,guile-2.0)
,@(alist-delete "guile" (package-inputs gnutls))))))
(define-public openssl
(package
(name "openssl")
- (version "1.0.2k")
+ (version "1.0.2l")
(source (origin
(method url-fetch)
(uri (list (string-append "ftp://ftp.openssl.org/source/"
@@ -248,7 +235,14 @@ required structures.")
"/" name "-" version ".tar.gz")))
(sha256
(base32
- "1h6qi35w6hv6rd73p4cdgdzg732pdrfgpp37cgwz1v9a3z37ffbb"))
+ "037kvpisc6qh5dkppcwbm5bg2q800xh2hma3vghz8xcycmdij1yf"))
+ (snippet
+ '(begin
+ ;; Remove ELF files. 'substitute*' can't read them.
+ (delete-file "test/ssltest_old")
+ (delete-file "test/v3ext")
+ (delete-file "test/x509aux")
+ #t))
(patches (search-patches "openssl-runpath.patch"
"openssl-c-rehash-in.patch"))))
(build-system gnu-build-system)
diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm
index 9c82e01d67..a74cbcf2b4 100644
--- a/gnu/packages/wine.scm
+++ b/gnu/packages/wine.scm
@@ -65,8 +65,7 @@
(build-system gnu-build-system)
(native-inputs `(("pkg-config" ,pkg-config)
("gettext" ,gettext-minimal)
- ; A bug in flex prevents building with flex-2.6.3.
- ("flex" ,flex-2.6.1)
+ ("flex" ,flex)
("bison" ,bison)
("perl" ,perl)))
(inputs
diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm
index 5007320c9c..d9cee8a257 100644
--- a/gnu/packages/xdisorg.scm
+++ b/gnu/packages/xdisorg.scm
@@ -277,7 +277,7 @@ rasterisation.")
(define-public libdrm
(package
(name "libdrm")
- (version "2.4.80")
+ (version "2.4.81")
(source
(origin
(method url-fetch)
@@ -287,7 +287,7 @@ rasterisation.")
".tar.bz2"))
(sha256
(base32
- "1wa9cnzf60xwx67zq9ay48xr3j3sn1z80q77jpbzmkg906b52am8"))
+ "1bhimr6za2ddisrvrv1qqd7c2a59s7jc954sjycq2w68b8cmrh4c"))
(patches (search-patches "libdrm-symbol-check.patch"))))
(build-system gnu-build-system)
(inputs
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 990e27d5d4..7d981712da 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -1120,7 +1120,7 @@ themselves.")
(define-public libpthread-stubs
(package
(name "libpthread-stubs")
- (version "0.3")
+ (version "0.4")
(source
(origin
(method url-fetch)
@@ -1130,7 +1130,7 @@ themselves.")
".tar.bz2"))
(sha256
(base32
- "16bjv3in19l84hbri41iayvvg4ls9gv1ma0x0qlbmwy67i7dbdim"))))
+ "0cz7s9w8lqgzinicd4g36rjg08zhsbyngh0w68c3np8nlc8mkl74"))))
(build-system gnu-build-system)
(native-inputs `(("pkg-config" ,pkg-config)))
(home-page "https://www.x.org/wiki/")
@@ -3737,7 +3737,7 @@ extension to the X11 protocol. It includes:
(define-public xkeyboard-config
(package
(name "xkeyboard-config")
- (version "2.20")
+ (version "2.21")
(source
(origin
(method url-fetch)
@@ -3747,7 +3747,7 @@ extension to the X11 protocol. It includes:
".tar.bz2"))
(sha256
(base32
- "0d619g4r0w1f6q5qmaqjnsc0956gi02fqgpisqffzqy4acjwggyi"))))
+ "1iffxpchy6dfgbby23nfsqqk17h9lfddlmjnhwagqag1z94p1h9h"))))
(build-system gnu-build-system)
(inputs
`(("gettext" ,gettext-minimal)
diff --git a/gnu/system.scm b/gnu/system.scm
index 0076f2fcb1..8e44ee85b3 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -502,7 +502,7 @@ explicitly appear in OS."
;; The packages below are also in %FINAL-INPUTS, so take them from
;; there to avoid duplication.
(map canonical-package
- (list guile-2.2 bash coreutils-8.27 findutils grep sed
+ (list guile-2.2 bash coreutils findutils grep sed
diffutils patch gawk tar gzip bzip2 xz lzip))))
(define %default-issue
diff --git a/guix/build-system/cmake.scm b/guix/build-system/cmake.scm
index 25ac262d5d..ee116c5a4c 100644
--- a/guix/build-system/cmake.scm
+++ b/guix/build-system/cmake.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
+;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -56,24 +57,38 @@
#:rest arguments)
"Return a bag for NAME."
(define private-keywords
- '(#:source #:target #:cmake #:inputs #:native-inputs))
-
- (and (not target) ;XXX: no cross-compilation
- (bag
- (name name)
- (system system)
- (host-inputs `(,@(if source
- `(("source" ,source))
- '())
- ,@inputs
-
- ;; Keep the standard inputs of 'gnu-build-system'.
- ,@(standard-packages)))
- (build-inputs `(("cmake" ,cmake)
- ,@native-inputs))
- (outputs outputs)
- (build cmake-build)
- (arguments (strip-keyword-arguments private-keywords arguments)))))
+ `(#:source #:cmake #:inputs #:native-inputs #:outputs
+ ,@(if target '() '(#:target))))
+
+ (bag
+ (name name)
+ (system system)
+ (target target)
+ (build-inputs `(,@(if source
+ `(("source" ,source))
+ '())
+ ,@`(("cmake" ,cmake))
+ ,@native-inputs
+ ,@(if target
+ ;; Use the standard cross inputs of
+ ;; 'gnu-build-system'.
+ (standard-cross-packages target 'host)
+ '())
+ ;; Keep the standard inputs of 'gnu-build-system'.
+ ,@(standard-packages)))
+ (host-inputs inputs)
+
+ ;; The cross-libc is really a target package, but for bootstrapping
+ ;; reasons, we can't put it in 'host-inputs'. Namely, 'cross-gcc' is a
+ ;; native package, so it would end up using a "native" variant of
+ ;; 'cross-libc' (built with 'gnu-build'), whereas all the other packages
+ ;; would use a target variant (built with 'gnu-cross-build'.)
+ (target-inputs (if target
+ (standard-cross-packages target 'target)
+ '()))
+ (outputs outputs)
+ (build (if target cmake-cross-build cmake-build))
+ (arguments (strip-keyword-arguments private-keywords arguments))))
(define* (cmake-build store name inputs
#:key (guile #f)
@@ -145,6 +160,115 @@ provides a 'CMakeLists.txt' file as its build system."
#:outputs outputs
#:guile-for-build guile-for-build))
+
+;;;
+;;; Cross-compilation.
+;;;
+
+(define* (cmake-cross-build store name
+ #:key
+ target native-drvs target-drvs
+ (guile #f)
+ (outputs '("out"))
+ (configure-flags ''())
+ (search-paths '())
+ (native-search-paths '())
+ (make-flags ''())
+ (out-of-source? #t)
+ (build-type "RelWithDebInfo")
+ (tests? #f) ; nothing can be done
+ (test-target "test")
+ (parallel-build? #t) (parallel-tests? #f)
+ (validate-runpath? #t)
+ (patch-shebangs? #t)
+ (strip-binaries? #t)
+ (strip-flags ''("--strip-debug"
+ "--enable-deterministic-archives"))
+ (strip-directories ''("lib" "lib64" "libexec"
+ "bin" "sbin"))
+ (phases '(@ (guix build cmake-build-system)
+ %standard-phases))
+ (system (%current-system))
+ (build (nix-system->gnu-triplet system))
+ (imported-modules %cmake-build-system-modules)
+ (modules '((guix build cmake-build-system)
+ (guix build utils))))
+ "Cross-build NAME using CMAKE for TARGET, where TARGET is a GNU triplet and
+with INPUTS. This assumes that SOURCE provides a 'CMakeLists.txt' file as its
+build system."
+ (define builder
+ `(begin
+ (use-modules ,@modules)
+ (let ()
+ (define %build-host-inputs
+ ',(map (match-lambda
+ ((name (? derivation? drv) sub ...)
+ `(,name . ,(apply derivation->output-path drv sub)))
+ ((name path)
+ `(,name . ,path)))
+ native-drvs))
+
+ (define %build-target-inputs
+ ',(map (match-lambda
+ ((name (? derivation? drv) sub ...)
+ `(,name . ,(apply derivation->output-path drv sub)))
+ ((name (? package? pkg) sub ...)
+ (let ((drv (package-cross-derivation store pkg
+ target system)))
+ `(,name . ,(apply derivation->output-path drv sub))))
+ ((name path)
+ `(,name . ,path)))
+ target-drvs))
+
+ (cmake-build #:source ,(match (assoc-ref native-drvs "source")
+ (((? derivation? source))
+ (derivation->output-path source))
+ ((source)
+ source)
+ (source
+ source))
+ #:system ,system
+ #:build ,build
+ #:target ,target
+ #:outputs %outputs
+ #:inputs %build-target-inputs
+ #:native-inputs %build-host-inputs
+ #:search-paths ',(map search-path-specification->sexp
+ search-paths)
+ #:native-search-paths ',(map
+ search-path-specification->sexp
+ native-search-paths)
+ #:phases ,phases
+ #:configure-flags ,configure-flags
+ #:make-flags ,make-flags
+ #:out-of-source? ,out-of-source?
+ #:build-type ,build-type
+ #:tests? ,tests?
+ #:test-target ,test-target
+ #:parallel-build? ,parallel-build?
+ #:parallel-tests? ,parallel-tests?
+ #:validate-runpath? ,validate-runpath?
+ #:patch-shebangs? ,patch-shebangs?
+ #:strip-binaries? ,strip-binaries?
+ #:strip-flags ,strip-flags
+ #:strip-directories ,strip-directories))))
+
+ (define guile-for-build
+ (match guile
+ ((? package?)
+ (package-derivation store guile system #:graft? #f))
+ (#f ; the default
+ (let* ((distro (resolve-interface '(gnu packages commencement)))
+ (guile (module-ref distro 'guile-final)))
+ (package-derivation store guile system #:graft? #f)))))
+
+ (build-expression->derivation store name builder
+ #:system system
+ #:inputs (append native-drvs target-drvs)
+ #:outputs outputs
+ #:modules imported-modules
+ #:guile-for-build guile-for-build))
+
(define cmake-build-system
(build-system
(name 'cmake)
diff --git a/guix/build-system/gnu.scm b/guix/build-system/gnu.scm
index 7cf0cafc0f..047ace7e6b 100644
--- a/guix/build-system/gnu.scm
+++ b/guix/build-system/gnu.scm
@@ -30,6 +30,7 @@
gnu-build
gnu-build-system
standard-packages
+ standard-cross-packages
package-with-explicit-inputs
package-with-extra-configure-variable
static-libgcc-package
diff --git a/guix/build/cmake-build-system.scm b/guix/build/cmake-build-system.scm
index 27f2b5c872..128ab28fe5 100644
--- a/guix/build/cmake-build-system.scm
+++ b/guix/build/cmake-build-system.scm
@@ -32,7 +32,7 @@
;; Code:
(define* (configure #:key outputs (configure-flags '()) (out-of-source? #t)
- build-type
+ build-type target
#:allow-other-keys)
"Configure the given package."
(let* ((out (assoc-ref outputs "out"))
@@ -59,6 +59,15 @@
,(string-append "-DCMAKE_INSTALL_RPATH=" out "/lib")
;; enable verbose output from builds
"-DCMAKE_VERBOSE_MAKEFILE=ON"
+
+ ;; Cross-build
+ ,@(if target
+ (list (string-append "-DCMAKE_C_COMPILER="
+ target "-gcc")
+ (if (string-contains target "mingw")
+ "-DCMAKE_SYSTEM_NAME=Windows"
+ "-DCMAKE_SYSTEM_NAME=Linux"))
+ '())
,@configure-flags)))
(format #t "running 'cmake' with arguments ~s~%" args)
(zero? (apply system* "cmake" args)))))
diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
index 1786e2e3c9..09f272edee 100644
--- a/guix/build/gnu-build-system.scm
+++ b/guix/build/gnu-build-system.scm
@@ -521,6 +521,25 @@ DOCUMENTATION-COMPRESSOR-FLAGS."
;; Return #t if FILE has hard links.
(> (stat:nlink (lstat file)) 1))
+ (define (points-to-symlink? symlink)
+ ;; Return #t if SYMLINK points to another symbolic link.
+ (let* ((target (readlink symlink))
+ (target-absolute (if (string-prefix? "/" target)
+ target
+ (string-append (dirname symlink)
+ "/" target))))
+ (catch 'system-error
+ (lambda ()
+ (symbolic-link? target-absolute))
+ (lambda args
+ (if (= ENOENT (system-error-errno args))
+ (begin
+ (format (current-error-port)
+ "The symbolic link '~a' target is missing: '~a'\n"
+ symlink target-absolute)
+ #f)
+ (apply throw args))))))
+
(define (maybe-compress-directory directory regexp)
(or (not (directory-exists? directory))
(match (find-files directory regexp)
@@ -538,12 +557,17 @@ DOCUMENTATION-COMPRESSOR-FLAGS."
;; Compress the non-symlink files, and adjust symlinks to refer
;; to the compressed files. Leave files that have hard links
;; unchanged ('gzip' would refuse to compress them anyway.)
- (and (zero? (apply system* documentation-compressor
- (append documentation-compressor-flags
- (remove has-links? regular-files))))
- (every retarget-symlink
- (filter (cut string-match regexp <>)
- symlinks)))))))))
+ ;; Also, do not retarget symbolic links pointing to other
+ ;; symbolic links, since these are not compressed.
+ (and (every retarget-symlink
+ (filter (lambda (symlink)
+ (and (not (points-to-symlink? symlink))
+ (string-match regexp symlink)))
+ symlinks))
+ (zero?
+ (apply system* documentation-compressor
+ (append documentation-compressor-flags
+ (remove has-links? regular-files)))))))))))
(define (maybe-compress output)
(and (maybe-compress-directory (string-append output "/share/man")
diff --git a/guix/build/utils.scm b/guix/build/utils.scm
index e8efb0653a..7391307c87 100644
--- a/guix/build/utils.scm
+++ b/guix/build/utils.scm
@@ -32,7 +32,12 @@
#:use-module (rnrs bytevectors)
#:use-module (rnrs io ports)
#:re-export (alist-cons
- alist-delete)
+ alist-delete
+
+ ;; Note: Re-export 'delete' to allow for proper syntax matching
+ ;; in 'modify-phases' forms. See
+ ;; <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26805#16>.
+ delete)
#:export (%store-directory
store-file-name?
strip-store-file-name
@@ -79,6 +84,7 @@
fold-port-matches
remove-store-references
wrap-program
+ invoke
locale-category->string))
@@ -574,6 +580,15 @@ Where every <*-phase-name> is an expression evaluating to a symbol, and
((_ phases (add-after old-phase-name new-phase-name new-phase))
(alist-cons-after old-phase-name new-phase-name new-phase phases))))
+(define (invoke program . args)
+ "Invoke PROGRAM with the given ARGS. Raise an error if the exit
+code is non-zero; otherwise return #t."
+ (let ((status (apply system* program args)))
+ (unless (zero? status)
+ (error (format #f "program ~s exited with non-zero code" program)
+ status))
+ #t))
+
;;;
;;; Text substitution (aka. sed).
diff --git a/guix/packages.scm b/guix/packages.scm
index f4967f98fa..97580352e2 100644
--- a/guix/packages.scm
+++ b/guix/packages.scm
@@ -578,7 +578,12 @@ specifies modules in scope when evaluating SNIPPET."
#:fail-on-error? #t)))))
(zero? (apply system*
(string-append #+tar "/bin/tar")
- "cvfa" #$output
+ "cvf" #$output
+ ;; The bootstrap xz does not support
+ ;; threaded compression (introduced in
+ ;; 5.2.0), but it ignores the extra flag.
+ (string-append "--use-compress-program="
+ #+xz "/bin/xz --threads=0")
;; avoid non-determinism in the archive
"--mtime=@0"
"--owner=root:0"