aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/aegisub-boost68.patch35
-rw-r--r--gnu/packages/patches/binutils-aarch64-symbol-relocation.patch36
-rw-r--r--gnu/packages/patches/blender-newer-ffmpeg.patch80
-rw-r--r--gnu/packages/patches/cairo-setjmp-wrapper.patch78
-rw-r--r--gnu/packages/patches/casync-renameat2-declaration.patch27
-rw-r--r--gnu/packages/patches/ceph-detect-rocksdb.patch24
-rw-r--r--gnu/packages/patches/ceph-rocksdb-compat.patch63
-rw-r--r--gnu/packages/patches/ceph-skip-unittest_blockdev.patch20
-rw-r--r--gnu/packages/patches/ceph-volume-respect-PATH.patch22
-rw-r--r--gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch46
-rw-r--r--gnu/packages/patches/doxygen-gcc-ice.patch25
-rw-r--r--gnu/packages/patches/emacs-pdf-tools-poppler.patch41
-rw-r--r--gnu/packages/patches/findutils-gnulib-libio.patch114
-rw-r--r--gnu/packages/patches/findutils-makedev.patch22
-rw-r--r--gnu/packages/patches/freetype-CVE-2018-6942.patch31
-rw-r--r--gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch37
-rw-r--r--gnu/packages/patches/gcc-libsanitizer-ustat.patch41
-rw-r--r--gnu/packages/patches/gcc-strmov-store-file-names.patch12
-rw-r--r--gnu/packages/patches/ghostscript-runpath.patch18
-rw-r--r--gnu/packages/patches/glibc-2.28-git-fixes.patch248
-rw-r--r--gnu/packages/patches/grub-binutils-compat.patch53
-rw-r--r--gnu/packages/patches/jemalloc-arm-address-bits.patch39
-rw-r--r--gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch32
-rw-r--r--gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch58
-rw-r--r--gnu/packages/patches/lirc-reproducible-build.patch72
-rw-r--r--gnu/packages/patches/m4-gnulib-libio.patch128
-rw-r--r--gnu/packages/patches/mariadb-gcc-ice.patch24
-rw-r--r--gnu/packages/patches/meson-for-build-rpath.patch6
-rw-r--r--gnu/packages/patches/mono-mdoc-timestamping.patch15
-rw-r--r--gnu/packages/patches/oath-toolkit-glibc-compat.patch90
-rw-r--r--gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch215
-rw-r--r--gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch50
-rw-r--r--gnu/packages/patches/parted-glibc-compat.patch17
-rw-r--r--gnu/packages/patches/perf-gcc-ice.patch13
-rw-r--r--gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch36
-rw-r--r--gnu/packages/patches/perl-deterministic-ordering.patch6
-rw-r--r--gnu/packages/patches/perl-file-path-CVE-2017-6512.patch173
-rw-r--r--gnu/packages/patches/podofo-cmake-3.12.patch19
-rw-r--r--gnu/packages/patches/python-cffi-x87-stack-clean.patch29
-rw-r--r--gnu/packages/patches/python-networkx2-reproducible-build.patch29
-rw-r--r--gnu/packages/patches/python-paste-remove-website-test.patch21
-rw-r--r--gnu/packages/patches/python-pillow-fix-failing-tests.patchbin112373 -> 0 bytes
-rw-r--r--gnu/packages/patches/python-scikit-learn-fix-test-non-determinism.patch25
-rw-r--r--gnu/packages/patches/python-testtools.patch57
-rw-r--r--gnu/packages/patches/python2-CVE-2018-1060.patch20
-rw-r--r--gnu/packages/patches/python2-CVE-2018-1061.patch20
-rw-r--r--gnu/packages/patches/qt-5-renameat2.patch35
-rw-r--r--gnu/packages/patches/randomjungle-disable-static-build.patch14
-rw-r--r--gnu/packages/patches/rust-reproducible-builds.patch (renamed from gnu/packages/patches/rust-mdbook-support-reproducible-builds-by-forcing-window.search.patch)0
-rw-r--r--gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch36
-rw-r--r--gnu/packages/patches/swig-guile-gc.patch76
-rw-r--r--gnu/packages/patches/texinfo-5-perl-compat.patch19
-rw-r--r--gnu/packages/patches/texinfo-perl-compat.patch51
53 files changed, 1580 insertions, 918 deletions
diff --git a/gnu/packages/patches/aegisub-boost68.patch b/gnu/packages/patches/aegisub-boost68.patch
new file mode 100644
index 0000000000..013721f3bd
--- /dev/null
+++ b/gnu/packages/patches/aegisub-boost68.patch
@@ -0,0 +1,35 @@
+Source: https://git.archlinux.org/svntogit/community.git/plain/trunk/boost-1.68.patch?h=packages/aegisub
+From d8336d2fed73c72d1227b343d6acfb991bc1651b Mon Sep 17 00:00:00 2001
+From: Jan Beich <jbeich@FreeBSD.org>
+Date: Mon, 9 Jul 2018 20:15:29 +0000
+Subject: [PATCH] Keep using std::distance after Boost 1.68
+
+src/search_replace_engine.cpp:256:14: error: call to
+ 'distance' is ambiguous
+ count += distance(
+ ^~~~~~~~
+/usr/include/c++/v1/iterator:511:1: note: candidate function [with _InputIter =
+ boost::u32regex_iterator<std::__1::__wrap_iter<const char *> >]
+distance(_InputIter __first, _InputIter __last)
+^
+/usr/local/include/boost/iterator/distance.hpp:49:9: note: candidate function [with SinglePassIterator =
+ boost::u32regex_iterator<std::__1::__wrap_iter<const char *> >]
+ distance(SinglePassIterator first, SinglePassIterator last)
+ ^
+---
+ src/search_replace_engine.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/search_replace_engine.cpp b/src/search_replace_engine.cpp
+index 594c21e5e..14c71680d 100644
+--- a/src/search_replace_engine.cpp
++++ b/src/search_replace_engine.cpp
+@@ -253,7 +253,7 @@ bool SearchReplaceEngine::ReplaceAll() {
+ if (MatchState ms = matches(&diag, 0)) {
+ auto& diag_field = diag.*get_dialogue_field(settings.field);
+ std::string const& text = diag_field.get();
+- count += distance(
++ count += std::distance(
+ boost::u32regex_iterator<std::string::const_iterator>(begin(text), end(text), *ms.re),
+ boost::u32regex_iterator<std::string::const_iterator>());
+ diag_field = u32regex_replace(text, *ms.re, settings.replace_with);
diff --git a/gnu/packages/patches/binutils-aarch64-symbol-relocation.patch b/gnu/packages/patches/binutils-aarch64-symbol-relocation.patch
deleted file mode 100644
index fbd596862b..0000000000
--- a/gnu/packages/patches/binutils-aarch64-symbol-relocation.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Fix a regression in Binutils 2.30 where some symbols are incorrectly assumed
-to be addresses:
-
-https://sourceware.org/bugzilla/show_bug.cgi?id=22764
-
-Patch taken from upstream (with ChangeLog entries and tests omitted):
-
-https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=279b2f94168ee91e02ccd070d27c983fc001fe12
-
-diff --git a/bfd/elfnn-aarch64.c b/bfd/elfnn-aarch64.c
-index af448f9..2737773 100644
---- a/bfd/elfnn-aarch64.c
-+++ b/bfd/elfnn-aarch64.c
-@@ -7189,10 +7189,19 @@ elfNN_aarch64_check_relocs (bfd *abfd, struct bfd_link_info *info,
- #if ARCH_SIZE == 64
- case BFD_RELOC_AARCH64_32:
- #endif
-- if (bfd_link_pic (info)
-- && (sec->flags & SEC_ALLOC) != 0
-- && (sec->flags & SEC_READONLY) != 0)
-+ if (bfd_link_pic (info) && (sec->flags & SEC_ALLOC) != 0)
- {
-+ if (h != NULL
-+ /* This is an absolute symbol. It represents a value instead
-+ of an address. */
-+ && ((h->root.type == bfd_link_hash_defined
-+ && bfd_is_abs_section (h->root.u.def.section))
-+ /* This is an undefined symbol. */
-+ || h->root.type == bfd_link_hash_undefined))
-+ break;
-+
-+ /* For local symbols, defined global symbols in a non-ABS section,
-+ it is assumed that the value is an address. */
- int howto_index = bfd_r_type - BFD_RELOC_AARCH64_RELOC_START;
- _bfd_error_handler
- /* xgettext:c-format */
diff --git a/gnu/packages/patches/blender-newer-ffmpeg.patch b/gnu/packages/patches/blender-newer-ffmpeg.patch
new file mode 100644
index 0000000000..363489bc70
--- /dev/null
+++ b/gnu/packages/patches/blender-newer-ffmpeg.patch
@@ -0,0 +1,80 @@
+https://sources.debian.org/data/main/b/blender/2.79.b+dfsg0-4/debian/patches/0008-fix_building_with_latest_versions_of_FFmpeg.patch
+
+From: Bastien Montagne <montagne29@wanadoo.fr>
+Date: Tue, 8 May 2018 16:00:52 +0200
+Subject: fix_building_with_latest_versions_of_FFmpeg
+
+Some years-old deprecated stuff has now been removed.
+
+Correct solution is probably to use valid defines etc. in own code, but
+this is more FFMEPG maintainer task (since it also may change how old
+FFMPEG we do support...).
+---
+ intern/ffmpeg/ffmpeg_compat.h | 39 ++++++++++++++++++++++++++
+ source/blender/blenkernel/intern/writeffmpeg.c | 3 +-
+ 2 files changed, 41 insertions(+), 1 deletion(-)
+
+diff --git a/intern/ffmpeg/ffmpeg_compat.h b/intern/ffmpeg/ffmpeg_compat.h
+index 9c06c8a..f7f437c 100644
+--- a/intern/ffmpeg/ffmpeg_compat.h
++++ b/intern/ffmpeg/ffmpeg_compat.h
+@@ -109,6 +109,45 @@ int av_sample_fmt_is_planar(enum AVSampleFormat sample_fmt)
+
+ #endif
+
++/* XXX TODO Probably fix to correct modern flags in code? Not sure how old FFMPEG we want to support though,
++ * so for now this will do. */
++
++#ifndef FF_MIN_BUFFER_SIZE
++# ifdef AV_INPUT_BUFFER_MIN_SIZE
++# define FF_MIN_BUFFER_SIZE AV_INPUT_BUFFER_MIN_SIZE
++# endif
++#endif
++
++#ifndef FF_INPUT_BUFFER_PADDING_SIZE
++# ifdef AV_INPUT_BUFFER_PADDING_SIZE
++# define FF_INPUT_BUFFER_PADDING_SIZE AV_INPUT_BUFFER_PADDING_SIZE
++# endif
++#endif
++
++#ifndef CODEC_FLAG_GLOBAL_HEADER
++# ifdef AV_CODEC_FLAG_GLOBAL_HEADER
++# define CODEC_FLAG_GLOBAL_HEADER AV_CODEC_FLAG_GLOBAL_HEADER
++# endif
++#endif
++
++#ifndef CODEC_FLAG_GLOBAL_HEADER
++# ifdef AV_CODEC_FLAG_GLOBAL_HEADER
++# define CODEC_FLAG_GLOBAL_HEADER AV_CODEC_FLAG_GLOBAL_HEADER
++# endif
++#endif
++
++#ifndef CODEC_FLAG_INTERLACED_DCT
++# ifdef AV_CODEC_FLAG_INTERLACED_DCT
++# define CODEC_FLAG_INTERLACED_DCT AV_CODEC_FLAG_INTERLACED_DCT
++# endif
++#endif
++
++#ifndef CODEC_FLAG_INTERLACED_ME
++# ifdef AV_CODEC_FLAG_INTERLACED_ME
++# define CODEC_FLAG_INTERLACED_ME AV_CODEC_FLAG_INTERLACED_ME
++# endif
++#endif
++
+ /* FFmpeg upstream 1.0 is the first who added AV_ prefix. */
+ #if LIBAVCODEC_VERSION_INT < AV_VERSION_INT(54, 59, 100)
+ # define AV_CODEC_ID_NONE CODEC_ID_NONE
+diff --git a/source/blender/blenkernel/intern/writeffmpeg.c b/source/blender/blenkernel/intern/writeffmpeg.c
+index a19e414..04d508a 100644
+--- a/source/blender/blenkernel/intern/writeffmpeg.c
++++ b/source/blender/blenkernel/intern/writeffmpeg.c
+@@ -605,7 +605,8 @@ static AVStream *alloc_video_stream(FFMpegContext *context, RenderData *rd, int
+ c->rc_buffer_aggressivity = 1.0;
+ #endif
+
+- c->me_method = ME_EPZS;
++ /* Deprecated and not doing anything since July 2015, deleted in recent ffmpeg */
++ //c->me_method = ME_EPZS;
+
+ codec = avcodec_find_encoder(c->codec_id);
+ if (!codec)
diff --git a/gnu/packages/patches/cairo-setjmp-wrapper.patch b/gnu/packages/patches/cairo-setjmp-wrapper.patch
new file mode 100644
index 0000000000..bffac6e041
--- /dev/null
+++ b/gnu/packages/patches/cairo-setjmp-wrapper.patch
@@ -0,0 +1,78 @@
+Revert faulty commit to avoid undefined behaviour:
+https://bugs.freedesktop.org/show_bug.cgi?id=104325
+
+Taken from this upstream commit:
+https://cgit.freedesktop.org/cairo/commit/?h=1.14&id=2acc4382c54bd8239361ceed14423412a343d311
+
+diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c
+index cb2e30c..5541bdc 100644
+--- a/src/cairo-bentley-ottmann-rectangular.c
++++ b/src/cairo-bentley-ottmann-rectangular.c
+@@ -593,12 +593,6 @@ sweep_line_insert (sweep_line_t *sweep, rectangle_t *rectangle)
+ pqueue_push (sweep, rectangle);
+ }
+
+-static int
+-sweep_line_setjmp (sweep_line_t *sweep_line)
+-{
+- return setjmp (sweep_line->unwind);
+-}
+-
+ static cairo_status_t
+ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles,
+ int num_rectangles,
+@@ -615,7 +609,7 @@ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles,
+ rectangles, num_rectangles,
+ fill_rule,
+ do_traps, container);
+- if ((status = sweep_line_setjmp (&sweep_line)))
++ if ((status = setjmp (sweep_line.unwind)))
+ return status;
+
+ rectangle = rectangle_pop_start (&sweep_line);
+diff --git a/src/cairo-png.c b/src/cairo-png.c
+index e64b14a..068617d 100644
+--- a/src/cairo-png.c
++++ b/src/cairo-png.c
+@@ -158,14 +158,6 @@ png_simple_warning_callback (png_structp png,
+ */
+ }
+
+-static int
+-png_setjmp (png_struct *png)
+-{
+-#ifdef PNG_SETJMP_SUPPORTED
+- return setjmp (png_jmpbuf (png));
+-#endif
+- return 0;
+-}
+
+ /* Starting with libpng-1.2.30, we must explicitly specify an output_flush_fn.
+ * Otherwise, we will segfault if we are writing to a stream. */
+@@ -237,8 +229,10 @@ write_png (cairo_surface_t *surface,
+ goto BAIL4;
+ }
+
+- if (png_setjmp (png))
++#ifdef PNG_SETJMP_SUPPORTED
++ if (setjmp (png_jmpbuf (png)))
+ goto BAIL4;
++#endif
+
+ png_set_write_fn (png, closure, write_func, png_simple_output_flush_fn);
+
+@@ -577,11 +571,12 @@ read_png (struct png_read_closure_t *png_closure)
+ png_set_read_fn (png, png_closure, stream_read_func);
+
+ status = CAIRO_STATUS_SUCCESS;
+-
+- if (png_setjmp (png)) {
++#ifdef PNG_SETJMP_SUPPORTED
++ if (setjmp (png_jmpbuf (png))) {
+ surface = _cairo_surface_create_in_error (status);
+ goto BAIL;
+ }
++#endif
+
+ png_read_info (png, info);
+
diff --git a/gnu/packages/patches/casync-renameat2-declaration.patch b/gnu/packages/patches/casync-renameat2-declaration.patch
new file mode 100644
index 0000000000..74c2ca7b3c
--- /dev/null
+++ b/gnu/packages/patches/casync-renameat2-declaration.patch
@@ -0,0 +1,27 @@
+Fix build failure on glibc 2.28 where 'renameat2' would end up being
+declared twice: <https://github.com/systemd/casync/issues/166>.
+
+From 625244ca47e8ee1375d2d0092271bfd13b0913ea Mon Sep 17 00:00:00 2001
+From: Daniel Mack <daniel@zonque.org>
+Date: Tue, 13 Nov 2018 17:52:48 +0100
+Subject: [PATCH] meson.build: pass -D_GNU_SOURCE when checking for functions
+
+As described in #166, -D_GNU_SOURCE needs to be passed to the meson function
+availability checker. h/t to @tomeon for providing a link to the solution as
+well.
+---
+ meson.build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meson.build b/meson.build
+index f42ed16..c0f741e 100644
+--- a/meson.build
++++ b/meson.build
+@@ -78,6 +78,6 @@ foreach ident : [
+ ['copy_file_range', '''#include <sys/syscall.h>
+ #include <unistd.h>'''],
+ ]
+- have = cc.has_function(ident[0], prefix : ident[1])
++ have = cc.has_function(ident[0], args : '-D_GNU_SOURCE', prefix : ident[1])
+ conf.set10('HAVE_' + ident[0].to_upper(), have)
+ endforeach
diff --git a/gnu/packages/patches/ceph-detect-rocksdb.patch b/gnu/packages/patches/ceph-detect-rocksdb.patch
new file mode 100644
index 0000000000..badad6d1b9
--- /dev/null
+++ b/gnu/packages/patches/ceph-detect-rocksdb.patch
@@ -0,0 +1,24 @@
+Help the build system find system RocksDB.
+
+Taken from this upstream commit:
+https://github.com/ceph/ceph/commit/2ac26bd0e01fd6c82bd59936cf25c25173f7775a
+
+diff --git a/cmake/modules/Findrocksdb.cmake b/cmake/modules/Findrocksdb.cmake
+index f8369f73fc..5926647348 100644
+--- a/cmake/modules/Findrocksdb.cmake
++++ b/cmake/modules/Findrocksdb.cmake
+@@ -15,11 +15,11 @@ find_library(ROCKSDB_LIBRARIES rocksdb)
+
+ if(ROCKSDB_INCLUDE_DIR AND EXISTS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h")
+ foreach(ver "MAJOR" "MINOR" "PATCH")
+- file(STRINGS "${ROCKSDB_INCLUDE_DIR}/version.h" ROCKSDB_VER_${ver}_LINE
++ file(STRINGS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h" ROCKSDB_VER_${ver}_LINE
+ REGEX "^#define[ \t]+ROCKSDB_${ver}[ \t]+[0-9]+$")
+ string(REGEX REPLACE "^#define[ \t]+ROCKSDB_${ver}[ \t]+([0-9]+)$"
+- "\\1" ROCKSDB_VERSION_${ver} "${ROCKDB_VER_${ver}_LINE}")
+- unset(${ROCKDB_VER_${ver}_LINE})
++ "\\1" ROCKSDB_VERSION_${ver} "${ROCKSDB_VER_${ver}_LINE}")
++ unset(${ROCKSDB_VER_${ver}_LINE})
+ endforeach()
+ set(ROCKSDB_VERSION_STRING
+ "${ROCKSDB_VERSION_MAJOR}.${ROCKSDB_VERSION_MINOR}.${ROCKSDB_VERSION_PATCH}")
diff --git a/gnu/packages/patches/ceph-rocksdb-compat.patch b/gnu/packages/patches/ceph-rocksdb-compat.patch
deleted file mode 100644
index 1a3c6b0b23..0000000000
--- a/gnu/packages/patches/ceph-rocksdb-compat.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-Fix compatibility with newer versions of RocksDB.
-
-Adapted from this upstream patch, with some additional changes for 12.2:
-https://github.com/ceph/ceph/commit/9d73a7121fdb1ae87cb1aa6f7d9d7a13f329ae68
-
-diff --git a/src/kv/RocksDBStore.cc b/src/kv/RocksDBStore.cc
-index 8660afe1886d..bc0de79e23cb 100644
---- a/src/kv/RocksDBStore.cc
-+++ b/src/kv/RocksDBStore.cc
-@@ -505,7 +505,7 @@
- // considering performance overhead, default is disabled
- if (g_conf->rocksdb_perf) {
- rocksdb::SetPerfLevel(rocksdb::PerfLevel::kEnableTimeExceptForMutex);
-- rocksdb::perf_context.Reset();
-+ rocksdb::get_perf_context()->Reset();
- }
-
- RocksDBTransactionImpl * _t =
-@@ -532,13 +532,13 @@
- utime_t write_wal_time;
- utime_t write_pre_and_post_process_time;
- write_wal_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_wal_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_wal_time)/1000000000);
- write_memtable_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_memtable_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_memtable_time)/1000000000);
- write_delay_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_delay_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_delay_time)/1000000000);
- write_pre_and_post_process_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_pre_and_post_process_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_pre_and_post_process_time)/1000000000);
- logger->tinc(l_rocksdb_write_memtable_time, write_memtable_time);
- logger->tinc(l_rocksdb_write_delay_time, write_delay_time);
- logger->tinc(l_rocksdb_write_wal_time, write_wal_time);
-@@ -558,7 +558,7 @@
- // considering performance overhead, default is disabled
- if (g_conf->rocksdb_perf) {
- rocksdb::SetPerfLevel(rocksdb::PerfLevel::kEnableTimeExceptForMutex);
-- rocksdb::perf_context.Reset();
-+ rocksdb::get_perf_context()->Reset();
- }
-
- RocksDBTransactionImpl * _t =
-@@ -586,13 +586,13 @@
- utime_t write_wal_time;
- utime_t write_pre_and_post_process_time;
- write_wal_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_wal_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_wal_time)/1000000000);
- write_memtable_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_memtable_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_memtable_time)/1000000000);
- write_delay_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_delay_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_delay_time)/1000000000);
- write_pre_and_post_process_time.set_from_double(
-- static_cast<double>(rocksdb::perf_context.write_pre_and_post_process_time)/1000000000);
-+ static_cast<double>(rocksdb::get_perf_context()->write_pre_and_post_process_time)/1000000000);
- logger->tinc(l_rocksdb_write_memtable_time, write_memtable_time);
- logger->tinc(l_rocksdb_write_delay_time, write_delay_time);
- logger->tinc(l_rocksdb_write_wal_time, write_wal_time);
diff --git a/gnu/packages/patches/ceph-skip-unittest_blockdev.patch b/gnu/packages/patches/ceph-skip-unittest_blockdev.patch
index 43b9984862..407bd93278 100644
--- a/gnu/packages/patches/ceph-skip-unittest_blockdev.patch
+++ b/gnu/packages/patches/ceph-skip-unittest_blockdev.patch
@@ -4,25 +4,21 @@ This test tries to walk a sysfs path and hits a null pointer exception.
Expected: (dir) != (nullptr), actual: NULL vs 8-byte object <00-00 00-00 00-00 00-00>
diff --git a/src/test/common/CMakeLists.txt b/src/test/common/CMakeLists.txt
-index 5172663898..ac84085eaa 100644
--- a/src/test/common/CMakeLists.txt
+++ b/src/test/common/CMakeLists.txt
-@@ -12,15 +12,6 @@ target_link_libraries(get_command_descriptions
+@@ -12,15 +12,6 @@
${CMAKE_DL_LIBS}
)
-if(HAVE_BLKID)
--# unittest_blkdev
--add_executable(unittest_blkdev
-- test_blkdev.cc
-- )
--add_ceph_unittest(unittest_blkdev ${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/unittest_blkdev)
--target_link_libraries(unittest_blkdev global ${BLKID_LIBRARIES})
--endif(HAVE_BLKID)
+- # unittest_blkdev
+- add_executable(unittest_blkdev
+- test_blkdev.cc
+- )
+- add_ceph_unittest(unittest_blkdev)
+- target_link_libraries(unittest_blkdev ceph-common ${BLKID_LIBRARIES})
+-endif()
-
# unittest_bloom_filter
add_executable(unittest_bloom_filter
test_bloom_filter.cc
---
-2.11.1
-
diff --git a/gnu/packages/patches/ceph-volume-respect-PATH.patch b/gnu/packages/patches/ceph-volume-respect-PATH.patch
new file mode 100644
index 0000000000..08a9a15ddd
--- /dev/null
+++ b/gnu/packages/patches/ceph-volume-respect-PATH.patch
@@ -0,0 +1,22 @@
+Look for required tools in $PATH instead of just a handful locations.
+
+diff --git a/src/ceph-volume/ceph_volume/util/system.py b/src/ceph-volume/ceph_volume/util/system.py
+index b637f023a4..14516e1c65 100644
+--- a/src/ceph-volume/ceph_volume/util/system.py
++++ b/src/ceph-volume/ceph_volume/util/system.py
+@@ -33,14 +33,7 @@ def generate_uuid():
+
+ def which(executable):
+ """find the location of an executable"""
+- locations = (
+- '/usr/local/bin',
+- '/bin',
+- '/usr/bin',
+- '/usr/local/sbin',
+- '/usr/sbin',
+- '/sbin',
+- )
++ locations = os.getenv('PATH').split(':')
+
+ for location in locations:
+ executable_path = os.path.join(location, executable)
diff --git a/gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch b/gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch
new file mode 100644
index 0000000000..cfb09a8ce3
--- /dev/null
+++ b/gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch
@@ -0,0 +1,46 @@
+From d9d97cac3702b99a00cd113de98c41eb535d47ed Mon Sep 17 00:00:00 2001
+From: Efraim Flashner <efraim@flashner.co.il>
+Date: Sun, 14 Oct 2018 12:11:30 +0300
+Subject: [PATCH] patch modified from the gcc patch series, also dealing with
+ ustat.
+
+---
+ .../sanitizer_platform_limits_posix.cc | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/lib/sanitizer_common/sanitizer_platform_limits_posix.cc b/lib/sanitizer_common/sanitizer_platform_limits_posix.cc
+index 29fea6e..570b9a5 100644
+--- a/lib/sanitizer_common/sanitizer_platform_limits_posix.cc
++++ b/lib/sanitizer_common/sanitizer_platform_limits_posix.cc
+@@ -129,7 +129,6 @@
+ #include <sys/statvfs.h>
+ #include <sys/timex.h>
+ #include <sys/user.h>
+-#include <sys/ustat.h>
+ #include <linux/cyclades.h>
+ #include <linux/if_eql.h>
+ #include <linux/if_plip.h>
+@@ -222,7 +221,19 @@ namespace __sanitizer {
+ #endif // SANITIZER_LINUX || SANITIZER_FREEBSD
+
+ #if SANITIZER_LINUX && !SANITIZER_ANDROID
+- unsigned struct_ustat_sz = sizeof(struct ustat);
++ // Use pre-computed size of struct ustat to avoid <sys/ustat.h> which
++ // has been removed from glibc 2.28.
++#if defined(__aarch64__) || defined(__s390x__) || defined (__mips64) \
++ || defined(__powerpc64__) || defined(__arch64__) || defined(__sparcv9) \
++ || defined(__x86_64__)
++#define SIZEOF_STRUCT_USTAT 32
++#elif defined(__arm__) || defined(__i386__) || defined(__mips__) \
++ || defined(__powerpc__) || defined(__s390__)
++#define SIZEOF_STRUCT_USTAT 20
++#else
++#error Unknown size of struct ustat
++#endif
++ unsigned struct_ustat_sz = SIZEOF_STRUCT_USTAT;
+ unsigned struct_rlimit64_sz = sizeof(struct rlimit64);
+ unsigned struct_statvfs64_sz = sizeof(struct statvfs64);
+ #endif // SANITIZER_LINUX && !SANITIZER_ANDROID
+--
+2.19.1
+
diff --git a/gnu/packages/patches/doxygen-gcc-ice.patch b/gnu/packages/patches/doxygen-gcc-ice.patch
deleted file mode 100644
index fbfedcb7ab..0000000000
--- a/gnu/packages/patches/doxygen-gcc-ice.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-Work around this GCC ICE: <https://bugs.gnu.org/31708>. It shows up
-only when doing native compiles on armhf-linux.
-
-Yes it's a terrible patch, but it does the job.
-
---- doxygen-1.8.13/qtools/qutfcodec.cpp 1970-01-01 01:00:00.000000000 +0100
-+++ doxygen-1.8.13/qtools/qutfcodec.cpp 2018-06-08 14:14:29.614009929 +0200
-@@ -189,7 +189,7 @@ int QUtf16Codec::heuristicContentMatch(c
- }
-
-
--
-+volatile const void *bomPointer = &QChar::byteOrderMark;
-
- class QUtf16Encoder : public QTextEncoder {
- bool headerdone;
-@@ -209,7 +209,7 @@ public:
- headerdone = TRUE;
- len_in_out = (1+uc.length())*(int)sizeof(QChar);
- QCString d(len_in_out);
-- memcpy(d.rawData(),&QChar::byteOrderMark,sizeof(QChar));
-+ memcpy(d.rawData(),(void *)bomPointer,sizeof(QChar));
- memcpy(d.rawData()+sizeof(QChar),uc.unicode(),uc.length()*sizeof(QChar));
- return d;
- }
diff --git a/gnu/packages/patches/emacs-pdf-tools-poppler.patch b/gnu/packages/patches/emacs-pdf-tools-poppler.patch
new file mode 100644
index 0000000000..0477508fa9
--- /dev/null
+++ b/gnu/packages/patches/emacs-pdf-tools-poppler.patch
@@ -0,0 +1,41 @@
+Fix build issue with recent Poppler:
+ <https://github.com/politza/pdf-tools/issues/372>.
+
+This combines upstream commits
+6cd76dec9aece2a8daa90f17ab77fbf773157a1d..50a5297b82e26cfd52f6c00645ddc1057099d6a7
+for this file.
+
+diff --git a/server/poppler-hack.cc b/server/poppler-hack.cc
+index 0c62f73..427f9df 100644
+--- a/server/poppler-hack.cc
++++ b/server/poppler-hack.cc
+@@ -51,7 +51,10 @@ GType poppler_annot_markup_get_type (void) G_GNUC_CONST;
+ double y2;
+ };
+
+- char *_xpoppler_goo_string_to_utf8(GooString *s)
++ // This function does not modify its argument s, but for
++ // compatibility reasons (e.g. getLength in GooString.h before 2015)
++ // with older poppler code, it can't be declared as such.
++ char *_xpoppler_goo_string_to_utf8(/* const */ GooString *s)
+ {
+ char *result;
+
+@@ -85,7 +88,7 @@ GType poppler_annot_markup_get_type (void) G_GNUC_CONST;
+ // Set the rectangle of an annotation. It was first added in v0.26.
+ void xpoppler_annot_set_rectangle (PopplerAnnot *a, PopplerRectangle *rectangle)
+ {
+- GooString *state = a->annot->getAppearState ();
++ GooString *state = (GooString*) a->annot->getAppearState ();
+ char *ustate = _xpoppler_goo_string_to_utf8 (state);
+
+ a->annot->setRect (rectangle->x1, rectangle->y1,
+@@ -105,7 +108,7 @@ GType poppler_annot_markup_get_type (void) G_GNUC_CONST;
+ g_return_val_if_fail (POPPLER_IS_ANNOT_MARKUP (poppler_annot), NULL);
+
+ annot = static_cast<AnnotMarkup *>(POPPLER_ANNOT (poppler_annot)->annot);
+- text = annot->getDate ();
++ text = (GooString*) annot->getDate ();
+
+ return text ? _xpoppler_goo_string_to_utf8 (text) : NULL;
+ }
diff --git a/gnu/packages/patches/findutils-gnulib-libio.patch b/gnu/packages/patches/findutils-gnulib-libio.patch
new file mode 100644
index 0000000000..79f9fd914d
--- /dev/null
+++ b/gnu/packages/patches/findutils-gnulib-libio.patch
@@ -0,0 +1,114 @@
+Adjust to removal of libio interface in glibc 2.28.
+
+Based on this gnulib commit:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4af4a4a71827c0bc5e0ec67af23edef4f15cee8e
+
+diff --git a/gl/lib/fflush.c b/gl/lib/fflush.c
+index 5ae3e41..7a82470 100644
+--- a/gl/lib/fflush.c
++++ b/gl/lib/fflush.c
+@@ -33,7 +33,7 @@
+ #undef fflush
+
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */
+ static void
+@@ -72,7 +72,7 @@ clear_ungetc_buffer (FILE *fp)
+
+ #endif
+
+-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
++#if ! (defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
+
+ # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */
+@@ -148,7 +148,7 @@ rpl_fflush (FILE *stream)
+ if (stream == NULL || ! freading (stream))
+ return fflush (stream);
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ clear_ungetc_buffer_preserving_position (stream);
+
+diff --git a/gl/lib/fpurge.c b/gl/lib/fpurge.c
+index f313b22..ecdf82d 100644
+--- a/gl/lib/fpurge.c
++++ b/gl/lib/fpurge.c
+@@ -62,7 +62,7 @@ fpurge (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_IO_read_end = fp->_IO_read_ptr;
+ fp->_IO_write_ptr = fp->_IO_write_base;
+ /* Avoid memory leak when there is an active ungetc buffer. */
+diff --git a/gl/lib/freadahead.c b/gl/lib/freadahead.c
+index 094daab..3f8101e 100644
+--- a/gl/lib/freadahead.c
++++ b/gl/lib/freadahead.c
+@@ -25,7 +25,7 @@
+ size_t
+ freadahead (FILE *fp)
+ {
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_write_ptr > fp->_IO_write_base)
+ return 0;
+ return (fp->_IO_read_end - fp->_IO_read_ptr)
+diff --git a/gl/lib/freading.c b/gl/lib/freading.c
+index 0512b19..8c48fe4 100644
+--- a/gl/lib/freading.c
++++ b/gl/lib/freading.c
+@@ -31,7 +31,7 @@ freading (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return ((fp->_flags & _IO_NO_WRITES) != 0
+ || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0
+ && fp->_IO_read_base != NULL));
+diff --git a/gl/lib/fseeko.c b/gl/lib/fseeko.c
+index 1c65d2a..9026408 100644
+--- a/gl/lib/fseeko.c
++++ b/gl/lib/fseeko.c
+@@ -47,7 +47,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ #endif
+
+ /* These tests are based on fpurge.c. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_read_end == fp->_IO_read_ptr
+ && fp->_IO_write_ptr == fp->_IO_write_base
+ && fp->_IO_save_base == NULL)
+@@ -123,7 +123,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ return -1;
+ }
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_flags &= ~_IO_EOF_SEEN;
+ fp->_offset = pos;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+diff --git a/gl/lib/stdio-impl.h b/gl/lib/stdio-impl.h
+index 502d891..ea38ee2 100644
+--- a/gl/lib/stdio-impl.h
++++ b/gl/lib/stdio-impl.h
+@@ -18,6 +18,12 @@
+ the same implementation of stdio extension API, except that some fields
+ have different naming conventions, or their access requires some casts. */
+
++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this
++ problem by defining it ourselves. FIXME: Do not rely on glibc
++ internals. */
++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN
++# define _IO_IN_BACKUP 0x100
++#endif
+
+ /* BSD stdio derived implementations. */
+
diff --git a/gnu/packages/patches/findutils-makedev.patch b/gnu/packages/patches/findutils-makedev.patch
new file mode 100644
index 0000000000..2f16c625d8
--- /dev/null
+++ b/gnu/packages/patches/findutils-makedev.patch
@@ -0,0 +1,22 @@
+Include <sys/sysmacros.h> for "makedev".
+
+Taken from this gnulib commit:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4da63c5881f60f71999a943612da9112232b9161
+
+diff --git a/gl/lib/mountlist.c b/gl/lib/mountlist.c
+index bb4e4ee21..cf4020e2a 100644
+--- a/gl/lib/mountlist.c
++++ b/gl/lib/mountlist.c
+@@ -37,6 +37,12 @@
+ # include <sys/param.h>
+ #endif
+
++#if MAJOR_IN_MKDEV
++# include <sys/mkdev.h>
++#elif MAJOR_IN_SYSMACROS
++# include <sys/sysmacros.h>
++#endif
++
+ #if defined MOUNTED_GETFSSTAT /* OSF_1 and Darwin1.3.x */
+ # if HAVE_SYS_UCRED_H
+ # include <grp.h> /* needed on OSF V4.0 for definition of NGROUPS,
diff --git a/gnu/packages/patches/freetype-CVE-2018-6942.patch b/gnu/packages/patches/freetype-CVE-2018-6942.patch
deleted file mode 100644
index 680f357765..0000000000
--- a/gnu/packages/patches/freetype-CVE-2018-6942.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix CVE-2018-6942:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
-https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6942.html
-
-Copied from upstream (ChangeLog section removed):
-https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef
-
-diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c
-index d855aaa..551f14a 100644
---- a/src/truetype/ttinterp.c
-+++ b/src/truetype/ttinterp.c
-@@ -7532,8 +7532,16 @@
- return;
- }
-
-- for ( i = 0; i < num_axes; i++ )
-- args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
-+ if ( coords )
-+ {
-+ for ( i = 0; i < num_axes; i++ )
-+ args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
-+ }
-+ else
-+ {
-+ for ( i = 0; i < num_axes; i++ )
-+ args[i] = 0;
-+ }
- }
-
-
diff --git a/gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch b/gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch
new file mode 100644
index 0000000000..795881ab9b
--- /dev/null
+++ b/gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch
@@ -0,0 +1,37 @@
+Remove use of deprecated ustat interface in glibc 2.28:
+https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85835
+
+Adapted to GCC 4 series from this upstream patch:
+https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=260684
+
+--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
++++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+@@ -81,7 +81,6 @@
+ #include <sys/statvfs.h>
+ #include <sys/timex.h>
+ #include <sys/user.h>
+-#include <sys/ustat.h>
+ #include <linux/cyclades.h>
+ #include <linux/if_eql.h>
+ #include <linux/if_plip.h>
+@@ -163,7 +162,19 @@
+ unsigned struct_old_utsname_sz = sizeof(struct old_utsname);
+ unsigned struct_oldold_utsname_sz = sizeof(struct oldold_utsname);
+ unsigned struct_itimerspec_sz = sizeof(struct itimerspec);
+- unsigned struct_ustat_sz = sizeof(struct ustat);
++ // Use pre-computed size of struct ustat to avoid <sys/ustat.h> which
++ // has been removed from glibc 2.28.
++#if defined(__aarch64__) || defined(__s390x__) || defined (__mips64) \
++ || defined(__powerpc64__) || defined(__arch64__) || defined(__sparcv9) \
++ || defined(__x86_64__)
++#define SIZEOF_STRUCT_USTAT 32
++#elif defined(__arm__) || defined(__i386__) || defined(__mips__) \
++ || defined(__powerpc__) || defined(__s390__)
++#define SIZEOF_STRUCT_USTAT 20
++#else
++#error Unknown size of struct ustat
++#endif
++ unsigned struct_ustat_sz = SIZEOF_STRUCT_USTAT;
+ #endif // SANITIZER_LINUX
+
+ #if SANITIZER_LINUX && !SANITIZER_ANDROID
diff --git a/gnu/packages/patches/gcc-libsanitizer-ustat.patch b/gnu/packages/patches/gcc-libsanitizer-ustat.patch
new file mode 100644
index 0000000000..a4e0c6affa
--- /dev/null
+++ b/gnu/packages/patches/gcc-libsanitizer-ustat.patch
@@ -0,0 +1,41 @@
+Remove use of deprecated ustat interface in glibc 2.28:
+
+https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85835
+
+Taken from upstream:
+
+https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=260684
+
+diff --git a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+index 858bb2184505..de18e56d11cf 100644
+--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
++++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+@@ -157,7 +157,6 @@ typedef struct user_fpregs elf_fpregset_t;
+ # include <sys/procfs.h>
+ #endif
+ #include <sys/user.h>
+-#include <sys/ustat.h>
+ #include <linux/cyclades.h>
+ #include <linux/if_eql.h>
+ #include <linux/if_plip.h>
+@@ -250,7 +249,19 @@ namespace __sanitizer {
+ #endif // SANITIZER_LINUX || SANITIZER_FREEBSD
+
+ #if SANITIZER_LINUX && !SANITIZER_ANDROID
+- unsigned struct_ustat_sz = sizeof(struct ustat);
++ // Use pre-computed size of struct ustat to avoid <sys/ustat.h> which
++ // has been removed from glibc 2.28.
++#if defined(__aarch64__) || defined(__s390x__) || defined (__mips64) \
++ || defined(__powerpc64__) || defined(__arch64__) || defined(__sparcv9) \
++ || defined(__x86_64__)
++#define SIZEOF_STRUCT_USTAT 32
++#elif defined(__arm__) || defined(__i386__) || defined(__mips__) \
++ || defined(__powerpc__) || defined(__s390__)
++#define SIZEOF_STRUCT_USTAT 20
++#else
++#error Unknown size of struct ustat
++#endif
++ unsigned struct_ustat_sz = SIZEOF_STRUCT_USTAT;
+ unsigned struct_rlimit64_sz = sizeof(struct rlimit64);
+ unsigned struct_statvfs64_sz = sizeof(struct statvfs64);
+ #endif // SANITIZER_LINUX && !SANITIZER_ANDROID
diff --git a/gnu/packages/patches/gcc-strmov-store-file-names.patch b/gnu/packages/patches/gcc-strmov-store-file-names.patch
index 9f9162855d..7358de3326 100644
--- a/gnu/packages/patches/gcc-strmov-store-file-names.patch
+++ b/gnu/packages/patches/gcc-strmov-store-file-names.patch
@@ -15,7 +15,7 @@ and <https://bugs.gnu.org/30395>.
--- gcc-5.3.0/gcc/builtins.c 2016-10-18 10:50:46.080616285 +0200
+++ gcc-5.3.0/gcc/builtins.c 2016-11-09 15:26:43.693042737 +0100
-@@ -3192,6 +3192,54 @@ determine_block_size (tree len, rtx len_
+@@ -3192,6 +3192,58 @@ determine_block_size (tree len, rtx len_
GET_MODE_MASK (GET_MODE (len_rtx)));
}
@@ -35,9 +35,13 @@ and <https://bugs.gnu.org/30395>.
+ if (TREE_CODE (str) == VAR_DECL
+ && TREE_STATIC (str)
+ && TREE_READONLY (str))
-+ /* STR may be a 'static const' variable whose initial value
-+ is a string constant. See <https://bugs.gnu.org/30395>. */
-+ str = DECL_INITIAL (str);
++ {
++ /* STR may be a 'static const' variable whose initial value
++ is a string constant. See <https://bugs.gnu.org/30395>. */
++ str = DECL_INITIAL (str);
++ if (str == NULL_TREE)
++ return false;
++ }
+
+ if (TREE_CODE (str) != STRING_CST)
+ return false;
diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch
deleted file mode 100644
index 9f161e45b3..0000000000
--- a/gnu/packages/patches/ghostscript-runpath.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-diff --git a/base/unix-dll.mak b/base/unix-dll.mak
-index 9d57a99..36ef1ff 100644
---- a/base/unix-dll.mak
-+++ b/base/unix-dll.mak
-@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS)
- # Build the small Ghostscript loaders, with Gtk+ and without
- $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
- $(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \
-- -L$(BINDIR) -l$(GS_SO_BASE)
-+ -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir)
-
- $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
- $(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \
-- -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS)
-+ -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir)
-
- $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS)
- $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE)
diff --git a/gnu/packages/patches/glibc-2.28-git-fixes.patch b/gnu/packages/patches/glibc-2.28-git-fixes.patch
new file mode 100644
index 0000000000..7e370ef0b1
--- /dev/null
+++ b/gnu/packages/patches/glibc-2.28-git-fixes.patch
@@ -0,0 +1,248 @@
+This file contains fixes from the "release/2.28/master" branch:
+https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/release/2.28/master
+
+Currently we have these commits (sans tests and ChangeLog updates):
+7f11842e7483da7aa9fa3031be122021978ef600
+726e1554ce4db5e35af41cb0110c54c5e1232054
+4b25485f03158959cff45379eecc1d73c7dcdd11
+d05b05d1570ba3ae354a2f5a3cfeefb373b09979
+bfcfa22589f2b4277a65e60c6b736b6bbfbd87d0
+2f498f3d140ab5152bd784df2be7af7d9c5e63ed
+
+diff --git a/htl/Versions b/htl/Versions
+index 6a63a1b8a1..c5a616da10 100644
+--- a/htl/Versions
++++ b/htl/Versions
+@@ -150,6 +150,8 @@ libpthread {
+ __cthread_keycreate;
+ __cthread_getspecific;
+ __cthread_setspecific;
++ __pthread_getspecific;
++ __pthread_setspecific;
+ __pthread_getattr_np;
+ __pthread_attr_getstack;
+ }
+
+diff --git a/sysdeps/htl/pt-getspecific.c b/sysdeps/htl/pt-getspecific.c
+index a0227a67f6..64ddf9551a 100644
+--- a/sysdeps/htl/pt-getspecific.c
++++ b/sysdeps/htl/pt-getspecific.c
+@@ -36,3 +36,4 @@ __pthread_getspecific (pthread_key_t key)
+ return self->thread_specifics[key];
+ }
+ strong_alias (__pthread_getspecific, pthread_getspecific);
++hidden_def (__pthread_getspecific)
+diff --git a/sysdeps/htl/pt-setspecific.c b/sysdeps/htl/pt-setspecific.c
+index a46a12f157..02aff417ef 100644
+--- a/sysdeps/htl/pt-setspecific.c
++++ b/sysdeps/htl/pt-setspecific.c
+@@ -48,3 +48,4 @@ __pthread_setspecific (pthread_key_t key, const void *value)
+ return 0;
+ }
+ strong_alias (__pthread_setspecific, pthread_setspecific);
++hidden_def (__pthread_setspecific)
+diff --git a/sysdeps/htl/pthreadP.h b/sysdeps/htl/pthreadP.h
+index 132ac1718e..71c2fcd9c6 100644
+--- a/sysdeps/htl/pthreadP.h
++++ b/sysdeps/htl/pthreadP.h
+@@ -68,6 +68,8 @@ struct __pthread_cancelation_handler **___pthread_get_cleanup_stack (void) attri
+
+ #if IS_IN (libpthread)
+ hidden_proto (__pthread_key_create)
++hidden_proto (__pthread_getspecific)
++hidden_proto (__pthread_setspecific)
+ hidden_proto (_pthread_mutex_init)
+ #endif
+
+diff --git a/sysdeps/unix/sysv/linux/getdents64.c b/sysdeps/unix/sysv/linux/getdents64.c
+index 3bde0cf4f0..bc140b5a7f 100644
+--- a/sysdeps/unix/sysv/linux/getdents64.c
++++ b/sysdeps/unix/sysv/linux/getdents64.c
+@@ -33,41 +33,80 @@ strong_alias (__getdents64, __getdents)
+ # include <shlib-compat.h>
+
+ # if SHLIB_COMPAT(libc, GLIBC_2_1, GLIBC_2_2)
+-# include <olddirent.h>
++# include <olddirent.h>
++# include <unistd.h>
+
+-/* kernel definition of as of 3.2. */
+-struct compat_linux_dirent
++static ssize_t
++handle_overflow (int fd, __off64_t offset, ssize_t count)
+ {
+- /* Both d_ino and d_off are compat_ulong_t which are defined in all
+- architectures as 'u32'. */
+- uint32_t d_ino;
+- uint32_t d_off;
+- unsigned short d_reclen;
+- char d_name[1];
+-};
++ /* If this is the first entry in the buffer, we can report the
++ error. */
++ if (count == 0)
++ {
++ __set_errno (EOVERFLOW);
++ return -1;
++ }
++
++ /* Otherwise, seek to the overflowing entry, so that the next call
++ will report the error, and return the data read so far.. */
++ if (__lseek64 (fd, offset, SEEK_SET) != 0)
++ return -1;
++ return count;
++}
+
+ ssize_t
+ __old_getdents64 (int fd, char *buf, size_t nbytes)
+ {
+- ssize_t retval = INLINE_SYSCALL_CALL (getdents, fd, buf, nbytes);
++ /* We do not move the individual directory entries. This is only
++ possible if the target type (struct __old_dirent64) is smaller
++ than the source type. */
++ _Static_assert (offsetof (struct __old_dirent64, d_name)
++ <= offsetof (struct dirent64, d_name),
++ "__old_dirent64 is larger than dirent64");
++ _Static_assert (__alignof__ (struct __old_dirent64)
++ <= __alignof__ (struct dirent64),
++ "alignment of __old_dirent64 is larger than dirent64");
+
+- /* The kernel added the d_type value after the name. Change this now. */
+- if (retval != -1)
++ ssize_t retval = INLINE_SYSCALL_CALL (getdents64, fd, buf, nbytes);
++ if (retval > 0)
+ {
+- union
+- {
+- struct compat_linux_dirent k;
+- struct dirent u;
+- } *kbuf = (void *) buf;
+-
+- while ((char *) kbuf < buf + retval)
++ char *p = buf;
++ char *end = buf + retval;
++ while (p < end)
+ {
+- char d_type = *((char *) kbuf + kbuf->k.d_reclen - 1);
+- memmove (kbuf->u.d_name, kbuf->k.d_name,
+- strlen (kbuf->k.d_name) + 1);
+- kbuf->u.d_type = d_type;
++ struct dirent64 *source = (struct dirent64 *) p;
++
++ /* Copy out the fixed-size data. */
++ __ino_t ino = source->d_ino;
++ __off64_t offset = source->d_off;
++ unsigned int reclen = source->d_reclen;
++ unsigned char type = source->d_type;
++
++ /* Check for ino_t overflow. */
++ if (__glibc_unlikely (ino != source->d_ino))
++ return handle_overflow (fd, offset, p - buf);
++
++ /* Convert to the target layout. Use a separate struct and
++ memcpy to side-step aliasing issues. */
++ struct __old_dirent64 result;
++ result.d_ino = ino;
++ result.d_off = offset;
++ result.d_reclen = reclen;
++ result.d_type = type;
++
++ /* Write the fixed-sized part of the result to the
++ buffer. */
++ size_t result_name_offset = offsetof (struct __old_dirent64, d_name);
++ memcpy (p, &result, result_name_offset);
++
++ /* Adjust the position of the name if necessary. Copy
++ everything until the end of the record, including the
++ terminating NUL byte. */
++ if (result_name_offset != offsetof (struct dirent64, d_name))
++ memmove (p + result_name_offset, source->d_name,
++ reclen - offsetof (struct dirent64, d_name));
+
+- kbuf = (void *) ((char *) kbuf + kbuf->k.d_reclen);
++ p += reclen;
+ }
+ }
+ return retval;
+
+diff --git a/misc/error.c b/misc/error.c
+index b4e8b6c938..03378e2f2a 100644
+--- a/misc/error.c
++++ b/misc/error.c
+@@ -319,6 +319,7 @@ error (int status, int errnum, const char *message, ...)
+
+ va_start (args, message);
+ error_tail (status, errnum, message, args);
++ va_end (args);
+
+ #ifdef _LIBC
+ _IO_funlockfile (stderr);
+@@ -390,6 +391,7 @@ error_at_line (int status, int errnum, const char *file_name,
+
+ va_start (args, message);
+ error_tail (status, errnum, message, args);
++ va_end (args);
+
+ #ifdef _LIBC
+ _IO_funlockfile (stderr);
+
+diff --git a/nscd/nscd_conf.c b/nscd/nscd_conf.c
+index 265a02434d..7293b795b6 100644
+--- a/nscd/nscd_conf.c
++++ b/nscd/nscd_conf.c
+@@ -190,7 +190,10 @@ nscd_parse_file (const char *fname, struct database_dyn dbs[lastdb])
+ if (!arg1)
+ error (0, 0, _("Must specify user name for server-user option"));
+ else
+- server_user = xstrdup (arg1);
++ {
++ free ((char *) server_user);
++ server_user = xstrdup (arg1);
++ }
+ }
+ else if (strcmp (entry, "stat-user") == 0)
+ {
+@@ -198,6 +201,7 @@ nscd_parse_file (const char *fname, struct database_dyn dbs[lastdb])
+ error (0, 0, _("Must specify user name for stat-user option"));
+ else
+ {
++ free ((char *) stat_user);
+ stat_user = xstrdup (arg1);
+
+ struct passwd *pw = getpwnam (stat_user);
+
+diff --git a/nss/nss_files/files-alias.c b/nss/nss_files/files-alias.c
+index cfd34b66b9..35b0bfc5d2 100644
+--- a/nss/nss_files/files-alias.c
++++ b/nss/nss_files/files-alias.c
+@@ -221,6 +221,13 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result,
+ {
+ while (! feof_unlocked (listfile))
+ {
++ if (room_left < 2)
++ {
++ free (old_line);
++ fclose (listfile);
++ goto no_more_room;
++ }
++
+ first_unused[room_left - 1] = '\xff';
+ line = fgets_unlocked (first_unused, room_left,
+ listfile);
+@@ -229,6 +236,7 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result,
+ if (first_unused[room_left - 1] != '\xff')
+ {
+ free (old_line);
++ fclose (listfile);
+ goto no_more_room;
+ }
+
+@@ -256,6 +264,7 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result,
+ + __alignof__ (char *)))
+ {
+ free (old_line);
++ fclose (listfile);
+ goto no_more_room;
+ }
+ room_left -= ((first_unused - cp)
+
diff --git a/gnu/packages/patches/grub-binutils-compat.patch b/gnu/packages/patches/grub-binutils-compat.patch
new file mode 100644
index 0000000000..2107869314
--- /dev/null
+++ b/gnu/packages/patches/grub-binutils-compat.patch
@@ -0,0 +1,53 @@
+Fix a relocation issue that shows up with recent binutils.
+
+Patch taken from upstream:
+https://git.sv.gnu.org/cgit/grub.git/commit/?id=842c390469e2c2e10b5aa36700324cd3bde25875
+
+diff --git a/grub-core/efiemu/i386/loadcore64.c b/grub-core/efiemu/i386/loadcore64.c
+index e49d0b6..18facf4 100644
+--- a/grub-core/efiemu/i386/loadcore64.c
++++ b/grub-core/efiemu/i386/loadcore64.c
+@@ -98,6 +98,7 @@ grub_arch_efiemu_relocate_symbols64 (grub_efiemu_segment_t segs,
+ break;
+
+ case R_X86_64_PC32:
++ case R_X86_64_PLT32:
+ err = grub_efiemu_write_value (addr,
+ *addr32 + rel->r_addend
+ + sym.off
+diff --git a/grub-core/kern/x86_64/dl.c b/grub-core/kern/x86_64/dl.c
+index 4406906..3a73e6e 100644
+--- a/grub-core/kern/x86_64/dl.c
++++ b/grub-core/kern/x86_64/dl.c
+@@ -70,6 +70,7 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr,
+ break;
+
+ case R_X86_64_PC32:
++ case R_X86_64_PLT32:
+ {
+ grub_int64_t value;
+ value = ((grub_int32_t) *addr32) + rel->r_addend + sym->st_value -
+diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c
+index a2bb054..39d7efb 100644
+--- a/util/grub-mkimagexx.c
++++ b/util/grub-mkimagexx.c
+@@ -841,6 +841,7 @@ SUFFIX (relocate_addresses) (Elf_Ehdr *e, Elf_Shdr *sections,
+ break;
+
+ case R_X86_64_PC32:
++ case R_X86_64_PLT32:
+ {
+ grub_uint32_t *t32 = (grub_uint32_t *) target;
+ *t32 = grub_host_to_target64 (grub_target_to_host32 (*t32)
+diff --git a/util/grub-module-verifier.c b/util/grub-module-verifier.c
+index 9179285..a79271f 100644
+--- a/util/grub-module-verifier.c
++++ b/util/grub-module-verifier.c
+@@ -19,6 +19,7 @@ struct grub_module_verifier_arch archs[] = {
+ -1
+ }, (int[]){
+ R_X86_64_PC32,
++ R_X86_64_PLT32,
+ -1
+ }
+ },
diff --git a/gnu/packages/patches/jemalloc-arm-address-bits.patch b/gnu/packages/patches/jemalloc-arm-address-bits.patch
deleted file mode 100644
index f2ef24c25a..0000000000
--- a/gnu/packages/patches/jemalloc-arm-address-bits.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 8cfc9dec37b312a2686f602bbcdd102ca07cca99 Mon Sep 17 00:00:00 2001
-From: David Goldblatt <davidgoldblatt@fb.com>
-Date: Fri, 29 Sep 2017 13:54:08 -0700
-Subject: [PATCH] ARM: Don't extend bit LG_VADDR to compute high address bits.
-
-In userspace ARM on Linux, zero-ing the high bits is the correct way to do this.
-This doesn't fix the fact that we currently set LG_VADDR to 48 on ARM, when in
-fact larger virtual address sizes are coming soon. We'll cross that bridge when
-we come to it.
----
- include/jemalloc/internal/rtree.h | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/include/jemalloc/internal/rtree.h b/include/jemalloc/internal/rtree.h
-index b5d4db39..4563db23 100644
---- a/include/jemalloc/internal/rtree.h
-+++ b/include/jemalloc/internal/rtree.h
-@@ -178,9 +178,21 @@ rtree_leaf_elm_bits_read(tsdn_t *tsdn, rtree_t *rtree, rtree_leaf_elm_t *elm,
-
- JEMALLOC_ALWAYS_INLINE extent_t *
- rtree_leaf_elm_bits_extent_get(uintptr_t bits) {
-+# ifdef __aarch64__
-+ /*
-+ * aarch64 doesn't sign extend the highest virtual address bit to set
-+ * the higher ones. Instead, the high bits gets zeroed.
-+ */
-+ uintptr_t high_bit_mask = ((uintptr_t)1 << LG_VADDR) - 1;
-+ /* Mask off the slab bit. */
-+ uintptr_t low_bit_mask = ~(uintptr_t)1;
-+ uintptr_t mask = high_bit_mask & low_bit_mask;
-+ return (extent_t *)(bits & mask);
-+# else
- /* Restore sign-extended high bits, mask slab bit. */
- return (extent_t *)((uintptr_t)((intptr_t)(bits << RTREE_NHIB) >>
- RTREE_NHIB) & ~((uintptr_t)0x1));
-+# endif
- }
-
- JEMALLOC_ALWAYS_INLINE szind_t
diff --git a/gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch b/gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch
new file mode 100644
index 0000000000..3056f0baad
--- /dev/null
+++ b/gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch
@@ -0,0 +1,32 @@
+Make yat2m in libgcrypt respect SOURCE_DATE_EPOCH, making
+the build reproducible.
+
+This was already fixed upstream in GnuPG:
+https://dev.gnupg.org/rG139de02b93773615bdd95e04a7f0c1ad73b4f6fb
+
+and in libgpg-error:
+https://dev.gnupg.org/rE5494a5728418938d2e42158bb646b07124184e64
+
+
+--- a/doc/yat2m.c 2017-11-23 19:16:58.000000000 +0100
++++ b/doc/yat2m.c 2017-08-28 12:22:54.000000000 +0200
+@@ -1475,6 +1484,7 @@
+ main (int argc, char **argv)
+ {
+ int last_argc = -1;
++ const char *s;
+
+ opt_source = "GNU";
+ opt_release = "";
+@@ -1608,6 +1618,11 @@
+ if (argc > 1)
+ die ("usage: " PGM " [OPTION] [FILE] (try --help for more information)\n");
+
++ /* Take care of supplied timestamp for reproducible builds. See
++ * https://reproducible-builds.org/specs/source-date-epoch/ */
++ if (!opt_date && (s = getenv ("SOURCE_DATE_EPOCH")) && *s)
++ opt_date = s;
++
+ /* Start processing. */
+ if (argc && strcmp (*argv, "-"))
+ {
diff --git a/gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch b/gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch
deleted file mode 100644
index d848d639b2..0000000000
--- a/gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=patch;h=791177de023574223eddf7288eb7c5a0721ac623
-
-From 791177de023574223eddf7288eb7c5a0721ac623 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Sun, 18 Mar 2018 17:39:43 +0100
-Subject: [PATCH] core: Fix regression on arm64 due to invalid use of va_list.
-
-* src/logging.c (_gpgrt_log_printhex): Provide a dummy arg instead of
-NULL.
---
-
-Fix
-Suggested-by: Jakub Wilk <jwilk@jwilk.net>
-
-Signed-off-by: Werner Koch <wk@gnupg.org>
----
- src/logging.c | 18 ++++++++++++++----
- 1 file changed, 14 insertions(+), 4 deletions(-)
-
-diff --git a/src/logging.c b/src/logging.c
-index 1a4f620..d01f974 100644
---- a/src/logging.c
-+++ b/src/logging.c
-@@ -1090,9 +1090,10 @@ _gpgrt_log_flush (void)
-
-
- /* Print a hexdump of (BUFFER,LENGTH). With FMT passed as NULL print
-- * just the raw dump, with FMT being an empty string, print a trailing
-- * linefeed, otherwise print an entire debug line with the expanded
-- * FMT followed by a possible wrapped hexdump and a final LF. */
-+ * just the raw dump (in this case ARG_PTR is not used), with FMT
-+ * being an empty string, print a trailing linefeed, otherwise print
-+ * an entire debug line with the expanded FMT followed by a possible
-+ * wrapped hexdump and a final LF. */
- void
- _gpgrt_logv_printhex (const void *buffer, size_t length,
- const char *fmt, va_list arg_ptr)
-@@ -1150,7 +1151,16 @@ _gpgrt_log_printhex (const void *buffer, size_t length,
- va_end (arg_ptr);
- }
- else
-- _gpgrt_logv_printhex (buffer, length, NULL, NULL);
-+ {
-+ /* va_list is not necessary a pointer and thus we can't use NULL
-+ * because that would conflict with platforms using a straight
-+ * struct for it (e.g. arm64). We use a dummy variable instead;
-+ * the static is a simple way zero it out so to not get
-+ * complains about uninitialized use. */
-+ static va_list dummy_argptr;
-+
-+ _gpgrt_logv_printhex (buffer, length, NULL, dummy_argptr);
-+ }
- }
-
-
---
-2.8.0.rc3
-
diff --git a/gnu/packages/patches/lirc-reproducible-build.patch b/gnu/packages/patches/lirc-reproducible-build.patch
new file mode 100644
index 0000000000..20f9344715
--- /dev/null
+++ b/gnu/packages/patches/lirc-reproducible-build.patch
@@ -0,0 +1,72 @@
+Build Lirc reproducibly.
+
+https://sourceforge.net/p/lirc/tickets/301/
+https://sourceforge.net/p/lirc/git/merge-requests/33/
+https://sourceforge.net/p/lirc/git/merge-requests/34/
+https://sourceforge.net/p/lirc/git/merge-requests/36/
+
+Index: lirc-0.10.1/tools/lirc-lsplugins.cpp
+===================================================================
+--- lirc-0.10.1.orig/tools/lirc-lsplugins.cpp
++++ lirc-0.10.1/tools/lirc-lsplugins.cpp
+@@ -415,10 +415,9 @@ static void print_header(void)
+ static void print_yaml_header(void)
+ {
+ static const char* const YAML_HEADER =
+- "#\n# Generated by lirc-lsplugins --yaml (%s) at %s#\n ";
+- const time_t now = time(NULL);
++ "#\n# Generated by lirc-lsplugins --yaml (%s)#\n ";
+
+- printf(YAML_HEADER, VERSION, ctime(&now));
++ printf(YAML_HEADER, VERSION);
+ printf("\ndrivers:\n");
+ }
+
+Index: lirc-0.10.1/python-pkg/lirc/database.py
+===================================================================
+--- lirc-0.10.1.orig/python-pkg/lirc/database.py
++++ lirc-0.10.1/python-pkg/lirc/database.py
+@@ -156,7 +156,7 @@ class Database(object):
+ d['device_hint'] = hint
+
+ configs = {}
+- for path in glob.glob(configdir + '/*.conf'):
++ for path in sorted(glob.glob(configdir + '/*.conf')):
+ with open(path) as f:
+ cf = yaml.load(f.read())
+ configs[cf['config']['id']] = cf['config']
+Index: lirc-0.10.1/tools/irdb-get
+===================================================================
+--- lirc-0.10.1.orig/tools/irdb-get
++++ lirc-0.10.1/tools/irdb-get
+@@ -9,7 +9,6 @@ import fnmatch
+ import os
+ import os.path
+ import sys
+-import time
+ import urllib.error # pylint: disable=no-name-in-module,F0401,E0611
+ import urllib.request # pylint: disable=no-name-in-module,F0401,E0611
+
+@@ -193,7 +192,7 @@ def do_yaml_config():
+ lircmd_by_driver[driver].append("%s/%s" % (tokens[0], tokens[2]))
+
+ print("#")
+- print("# Created by 'irdb-get yaml-config' at " + time.ctime())
++ print("# Created by 'irdb-get yaml-config'")
+ print("#")
+ print("\nlircd_by_driver:")
+ print_yaml_dict(lircd_by_driver)
+Index: lirc-0.10.1/tools/lirc-make-devinput
+===================================================================
+--- lirc-0.10.1.orig/tools/lirc-make-devinput
++++ lirc-0.10.1/tools/lirc-make-devinput
+@@ -61,8 +61,7 @@ if test -n "$lirc_map"; then
+ fi
+
+
+-echo "# Generated by $(basename $0) on $(uname -r)"
+-echo "# Date: $(date)"
++echo "# Generated by $(basename $0)"
+ cat <<EOF
+
+ begin remote
diff --git a/gnu/packages/patches/m4-gnulib-libio.patch b/gnu/packages/patches/m4-gnulib-libio.patch
new file mode 100644
index 0000000000..a26622ccf3
--- /dev/null
+++ b/gnu/packages/patches/m4-gnulib-libio.patch
@@ -0,0 +1,128 @@
+Adjust the bundled gnulib to cope with removal of libio interface in
+glibc 2.28.
+
+Based on this upstream patch, without hunks that do not apply to m4:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4af4a4a71827c0bc5e0ec67af23edef4f15cee8e
+
+diff --git a/lib/fflush.c b/lib/fflush.c
+index 983ade0..a6edfa1 100644
+--- a/lib/fflush.c
++++ b/lib/fflush.c
+@@ -33,7 +33,7 @@
+ #undef fflush
+
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */
+ static void
+@@ -72,7 +72,7 @@ clear_ungetc_buffer (FILE *fp)
+
+ #endif
+
+-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
++#if ! (defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
+
+ # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
+@@ -148,7 +148,7 @@ rpl_fflush (FILE *stream)
+ if (stream == NULL || ! freading (stream))
+ return fflush (stream);
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ clear_ungetc_buffer_preserving_position (stream);
+
+diff --git a/lib/fpending.c b/lib/fpending.c
+index c84e3a5..789f50e 100644
+--- a/lib/fpending.c
++++ b/lib/fpending.c
+@@ -32,7 +32,7 @@ __fpending (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return fp->_IO_write_ptr - fp->_IO_write_base;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
+diff --git a/lib/fpurge.c b/lib/fpurge.c
+index b1d417c..3aedcc3 100644
+--- a/lib/fpurge.c
++++ b/lib/fpurge.c
+@@ -62,7 +62,7 @@ fpurge (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_IO_read_end = fp->_IO_read_ptr;
+ fp->_IO_write_ptr = fp->_IO_write_base;
+ /* Avoid memory leak when there is an active ungetc buffer. */
+diff --git a/lib/freadahead.c b/lib/freadahead.c
+index c2ecb5b..23ec76e 100644
+--- a/lib/freadahead.c
++++ b/lib/freadahead.c
+@@ -30,7 +30,7 @@ extern size_t __sreadahead (FILE *);
+ size_t
+ freadahead (FILE *fp)
+ {
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_write_ptr > fp->_IO_write_base)
+ return 0;
+ return (fp->_IO_read_end - fp->_IO_read_ptr)
+diff --git a/lib/freading.c b/lib/freading.c
+index 73c28ac..c24d0c8 100644
+--- a/lib/freading.c
++++ b/lib/freading.c
+@@ -31,7 +31,7 @@ freading (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return ((fp->_flags & _IO_NO_WRITES) != 0
+ || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0
+ && fp->_IO_read_base != NULL));
+diff --git a/lib/fseeko.c b/lib/fseeko.c
+index 0101ab5..193f4e8 100644
+--- a/lib/fseeko.c
++++ b/lib/fseeko.c
+@@ -47,7 +47,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ #endif
+
+ /* These tests are based on fpurge.c. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_read_end == fp->_IO_read_ptr
+ && fp->_IO_write_ptr == fp->_IO_write_base
+ && fp->_IO_save_base == NULL)
+@@ -123,7 +123,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ return -1;
+ }
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_flags &= ~_IO_EOF_SEEN;
+ fp->_offset = pos;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+diff --git a/lib/stdio-impl.h b/lib/stdio-impl.h
+index 78d896e..05c5752 100644
+--- a/lib/stdio-impl.h
++++ b/lib/stdio-impl.h
+@@ -18,6 +18,12 @@
+ the same implementation of stdio extension API, except that some fields
+ have different naming conventions, or their access requires some casts. */
+
++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this
++ problem by defining it ourselves. FIXME: Do not rely on glibc
++ internals. */
++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN
++# define _IO_IN_BACKUP 0x100
++#endif
+
+ /* BSD stdio derived implementations. */
+
diff --git a/gnu/packages/patches/mariadb-gcc-ice.patch b/gnu/packages/patches/mariadb-gcc-ice.patch
deleted file mode 100644
index 59b188f45a..0000000000
--- a/gnu/packages/patches/mariadb-gcc-ice.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Work around this GCC ICE: <https://bugs.gnu.org/31708>. It shows up
-only when doing native compiles on armhf-linux.
-
---- mariadb-10.1.33/plugin/semisync/semisync_master.cc 2018-07-28 02:13:12.604020250 +0200
-+++ mariadb-10.1.33/plugin/semisync/semisync_master.cc 2018-07-28 02:14:11.907753417 +0200
-@@ -847,6 +847,8 @@
- return function_exit(kWho, 0);
- }
-
-+volatile const void *kSyncHeaderPtr = &ReplSemiSyncMaster::kSyncHeader;
-+
- int ReplSemiSyncMaster::reserveSyncHeader(unsigned char *header,
- unsigned long size)
- {
-@@ -873,7 +875,7 @@
- /* Set the magic number and the sync status. By default, no sync
- * is required.
- */
-- memcpy(header, kSyncHeader, sizeof(kSyncHeader));
-+ memcpy(header, (void *)kSyncHeaderPtr, sizeof(kSyncHeader));
- hlen= sizeof(kSyncHeader);
- }
- return function_exit(kWho, hlen);
-
diff --git a/gnu/packages/patches/meson-for-build-rpath.patch b/gnu/packages/patches/meson-for-build-rpath.patch
index 59249e294d..ef9a73f07c 100644
--- a/gnu/packages/patches/meson-for-build-rpath.patch
+++ b/gnu/packages/patches/meson-for-build-rpath.patch
@@ -2,10 +2,10 @@ This patch removes a part of meson that clears the rpath upon installation.
This will only be applied to a special version of meson, used for the
meson-build-system.
-Patch by Peter Mikkelsen <petermikkelsen10@gmail.com>
+Original patch for Meson 0.42.0 by Peter Mikkelsen <petermikkelsen10@gmail.com>
---- meson-0.42.0/mesonbuild/minstall.py.orig 2017-09-09 01:49:39.147374148 +0200
-+++ meson-0.42.0/mesonbuild/minstall.py 2017-09-09 01:51:01.209134717 +0200
+--- meson-0.47.1/mesonbuild/minstall.py.old 2018-08-10 11:01:27.812327013 +0200
++++ meson-0.47.1/mesonbuild/minstall.py 2018-08-10 11:01:51.940368505 +0200
@@ -436,15 +436,6 @@
print("Symlink creation does not work on this platform. "
"Skipping all symlinking.")
diff --git a/gnu/packages/patches/mono-mdoc-timestamping.patch b/gnu/packages/patches/mono-mdoc-timestamping.patch
new file mode 100644
index 0000000000..d5191a93eb
--- /dev/null
+++ b/gnu/packages/patches/mono-mdoc-timestamping.patch
@@ -0,0 +1,15 @@
+--- mono-4.4.1/mcs/class/monodoc/Monodoc/storage/ZipStorage.cs.orig 2018-11-26 22:16:25.008879747 +0100
++++ mono-4.4.1/mcs/class/monodoc/Monodoc/storage/ZipStorage.cs 2018-11-26 22:21:53.969770985 +0100
+@@ -74,6 +74,12 @@
+ id = GetNewCode ();
+
+ ZipEntry entry = new ZipEntry (id);
++ var SOURCE_DATE_EPOCH_string = Environment.GetEnvironmentVariable("SOURCE_DATE_EPOCH");
++ if (SOURCE_DATE_EPOCH_string != null)
++ {
++ var SOURCE_DATE_EPOCH = Convert.ToInt64(SOURCE_DATE_EPOCH_string);
++ entry.DateTime = new DateTime(SOURCE_DATE_EPOCH, DateTimeKind.Utc);
++ }
+ zipOutput.PutNextEntry (entry);
+ }
+
diff --git a/gnu/packages/patches/oath-toolkit-glibc-compat.patch b/gnu/packages/patches/oath-toolkit-glibc-compat.patch
new file mode 100644
index 0000000000..22814599e5
--- /dev/null
+++ b/gnu/packages/patches/oath-toolkit-glibc-compat.patch
@@ -0,0 +1,90 @@
+Adjust the bundled Gnulib to cope with removal of libio interface in Glibc 2.28.
+
+Based on this upstream gnulib patch:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4af4a4a71827c0bc5e0ec67af23edef4f15cee8e
+
+--- a/liboath/gl/fflush.c
++++ b/liboath/gl/fflush.c
+@@ -33,7 +33,7 @@
+ #undef fflush
+
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */
+ static void
+@@ -72,7 +72,7 @@
+
+ #endif
+
+-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
++#if ! (defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
+
+ # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */
+@@ -148,7 +148,7 @@
+ if (stream == NULL || ! freading (stream))
+ return fflush (stream);
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ clear_ungetc_buffer_preserving_position (stream);
+
+--- a/liboath/gl/fpurge.c
++++ b/liboath/gl/fpurge.c
+@@ -62,7 +62,7 @@
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_IO_read_end = fp->_IO_read_ptr;
+ fp->_IO_write_ptr = fp->_IO_write_base;
+ /* Avoid memory leak when there is an active ungetc buffer. */
+--- a/libaoth/gl/freading.c
++++ b/liboath/gl/freading.c
+@@ -31,7 +31,7 @@
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return ((fp->_flags & _IO_NO_WRITES) != 0
+ || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0
+ && fp->_IO_read_base != NULL));
+--- a/liboath/gl/fseeko.c
++++ b/liboath/gl/fseeko.c
+@@ -47,7 +47,7 @@
+ #endif
+
+ /* These tests are based on fpurge.c. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_read_end == fp->_IO_read_ptr
+ && fp->_IO_write_ptr == fp->_IO_write_base
+ && fp->_IO_save_base == NULL)
+@@ -123,7 +123,7 @@
+ return -1;
+ }
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_flags &= ~_IO_EOF_SEEN;
+ fp->_offset = pos;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+--- a/liboath/gl/stdio-impl.h
++++ b/liboath/gl/stdio-impl.h
+@@ -18,6 +18,11 @@
+ the same implementation of stdio extension API, except that some fields
+ have different naming conventions, or their access requires some casts. */
+
++/* Glibc 2.28 made _IO_IN_BACKUP private, so define it here for now. */
++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN
++# define _IO_IN_BACKUP 0x100
++#endif
++
+ /* BSD stdio derived implementations. */
+
+ #if defined __NetBSD__ /* NetBSD */
diff --git a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch
deleted file mode 100644
index 2d54ed03b9..0000000000
--- a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-Fix CVE-2018-0495:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
-https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
-
-Patch copied from upstream source repository:
-
-https://github.com/openssl/openssl/commit/949ff36623eafc3523a9f91784992965018ffb05
-
-From 949ff36623eafc3523a9f91784992965018ffb05 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Fri, 25 May 2018 12:10:13 +0100
-Subject: [PATCH] Add blinding to an ECDSA signature
-
-Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
-ECDSA signature operation. During signing the signer calculates:
-
-s:= k^-1 * (m + r * priv_key) mod order
-
-The addition operation above provides a sufficient signal for a
-flush+reload attack to derive the private key given sufficient signature
-operations.
-
-As a mitigation (based on a suggestion from Keegan) we add blinding to
-the operation so that:
-
-s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
-
-Since this attack is a localhost side channel only no CVE is assigned.
-
-Reviewed-by: Rich Salz <rsalz@openssl.org>
----
- CHANGES | 4 ++
- crypto/ecdsa/ecdsatest.c | 9 ++++-
- crypto/ecdsa/ecs_ossl.c | 82 ++++++++++++++++++++++++++++++++--------
- 3 files changed, 79 insertions(+), 16 deletions(-)
-
-diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
-index 0f301f86d9..a130fc9117 100644
---- a/crypto/ecdsa/ecdsatest.c
-+++ b/crypto/ecdsa/ecdsatest.c
-@@ -137,7 +137,7 @@ int restore_rand(void)
- return 1;
- }
-
--static int fbytes_counter = 0;
-+static int fbytes_counter = 0, use_fake = 0;
- static const char *numbers[8] = {
- "651056770906015076056810763456358567190100156695615665659",
- "6140507067065001063065065565667405560006161556565665656654",
-@@ -158,6 +158,11 @@ int fbytes(unsigned char *buf, int num)
- int ret;
- BIGNUM *tmp = NULL;
-
-+ if (use_fake == 0)
-+ return old_rand->bytes(buf, num);
-+
-+ use_fake = 0;
-+
- if (fbytes_counter >= 8)
- return 0;
- tmp = BN_new();
-@@ -199,11 +204,13 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
- /* create the key */
- if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
- goto x962_int_err;
-+ use_fake = 1;
- if (!EC_KEY_generate_key(key))
- goto x962_int_err;
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* create the signature */
-+ use_fake = 1;
- signature = ECDSA_do_sign(digest, 20, key);
- if (signature == NULL)
- goto x962_int_err;
-diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
-index 16d4f59b9b..1d37551803 100644
---- a/crypto/ecdsa/ecs_ossl.c
-+++ b/crypto/ecdsa/ecs_ossl.c
-@@ -252,6 +252,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- {
- int ok = 0, i;
- BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL;
-+ BIGNUM *blind = NULL, *blindm = NULL;
- const BIGNUM *ckinv;
- BN_CTX *ctx = NULL;
- const EC_GROUP *group;
-@@ -269,14 +270,25 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- }
-
- ret = ECDSA_SIG_new();
-- if (!ret) {
-+ if (ret == NULL) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- s = ret->s;
-
-- if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
-- (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
-+ ctx = BN_CTX_new();
-+ if (ctx == NULL) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
-+
-+ BN_CTX_start(ctx);
-+ order = BN_CTX_get(ctx);
-+ tmp = BN_CTX_get(ctx);
-+ m = BN_CTX_get(ctx);
-+ blind = BN_CTX_get(ctx);
-+ blindm = BN_CTX_get(ctx);
-+ if (blindm == NULL) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-@@ -315,26 +327,70 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- }
- }
-
-- if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
-+ /*
-+ * The normal signature calculation is:
-+ *
-+ * s := k^-1 * (m + r * priv_key) mod order
-+ *
-+ * We will blind this to protect against side channel attacks
-+ *
-+ * s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order
-+ */
-+
-+ /* Generate a blinding value */
-+ do {
-+ if (!BN_rand(blind, BN_num_bits(order) - 1, -1, 0))
-+ goto err;
-+ } while (BN_is_zero(blind));
-+ BN_set_flags(blind, BN_FLG_CONSTTIME);
-+ BN_set_flags(blindm, BN_FLG_CONSTTIME);
-+ BN_set_flags(tmp, BN_FLG_CONSTTIME);
-+
-+ /* tmp := blind * priv_key * r mod order */
-+ if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+ if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+
-+ /* blindm := blind * m mod order */
-+ if (!BN_mod_mul(blindm, blind, m, order, ctx)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+
-+ /* s : = (blind * priv_key * r) + (blind * m) mod order */
-+ if (!BN_mod_add_quick(s, tmp, blindm, order)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+
-+ /* s:= s * blind^-1 mod order */
-+ if (BN_mod_inverse(blind, blind, order, ctx) == NULL) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
- goto err;
- }
-- if (!BN_mod_add_quick(s, tmp, m, order)) {
-+ if (!BN_mod_mul(s, s, blind, order, ctx)) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
- goto err;
- }
-+
-+ /* s := s * k^-1 mod order */
- if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
- goto err;
- }
-+
- if (BN_is_zero(s)) {
- /*
- * if kinv and r have been supplied by the caller don't to
- * generate new kinv and r values
- */
- if (in_kinv != NULL && in_r != NULL) {
-- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-- ECDSA_R_NEED_NEW_SETUP_VALUES);
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
- goto err;
- }
- } else
-@@ -349,15 +405,11 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- ECDSA_SIG_free(ret);
- ret = NULL;
- }
-- if (ctx)
-+ if (ctx != NULL) {
-+ BN_CTX_end(ctx);
- BN_CTX_free(ctx);
-- if (m)
-- BN_clear_free(m);
-- if (tmp)
-- BN_clear_free(tmp);
-- if (order)
-- BN_free(order);
-- if (kinv)
-+ }
-+ if (kinv != NULL)
- BN_clear_free(kinv);
- return ret;
- }
---
-2.17.1
-
diff --git a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch
deleted file mode 100644
index 50b95306a5..0000000000
--- a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Fix CVE-2018-0732:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
-
-Patch copied from upstream source repository:
-
-https://github.com/openssl/openssl/commit/3984ef0b72831da8b3ece4745cac4f8575b19098
-
-From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001
-From: Guido Vranken <guidovranken@gmail.com>
-Date: Mon, 11 Jun 2018 19:38:54 +0200
-Subject: [PATCH] Reject excessively large primes in DH key generation.
-
-CVE-2018-0732
-
-Signed-off-by: Guido Vranken <guidovranken@gmail.com>
-
-(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
-
-Reviewed-by: Tim Hudson <tjh@openssl.org>
-Reviewed-by: Matt Caswell <matt@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/6457)
----
- crypto/dh/dh_key.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
-index 387558f146..f235e0d682 100644
---- a/crypto/dh/dh_key.c
-+++ b/crypto/dh/dh_key.c
-@@ -130,10 +130,15 @@ static int generate_key(DH *dh)
- int ok = 0;
- int generate_new_key = 0;
- unsigned l;
-- BN_CTX *ctx;
-+ BN_CTX *ctx = NULL;
- BN_MONT_CTX *mont = NULL;
- BIGNUM *pub_key = NULL, *priv_key = NULL;
-
-+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
-+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
-+ return 0;
-+ }
-+
- ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
---
-2.17.1
-
diff --git a/gnu/packages/patches/parted-glibc-compat.patch b/gnu/packages/patches/parted-glibc-compat.patch
new file mode 100644
index 0000000000..edf4afb0d1
--- /dev/null
+++ b/gnu/packages/patches/parted-glibc-compat.patch
@@ -0,0 +1,17 @@
+Include <sys/sysmacros.h> for "major" and "minor".
+
+Taken from upstream:
+https://git.savannah.gnu.org/cgit/parted.git/commit/?id=ba5e0451b51c983e40afd123b6e0d3eddb55e610
+
+diff --git a/libparted/arch/linux.c b/libparted/arch/linux.c
+index 31b98ab..7e86b51 100644
+--- a/libparted/arch/linux.c
++++ b/libparted/arch/linux.c
+@@ -41,6 +41,7 @@
+ #include <sys/utsname.h> /* for uname() */
+ #include <scsi/scsi.h>
+ #include <assert.h>
++#include <sys/sysmacros.h>
+ #ifdef ENABLE_DEVICE_MAPPER
+ #include <libdevmapper.h>
+ #endif
diff --git a/gnu/packages/patches/perf-gcc-ice.patch b/gnu/packages/patches/perf-gcc-ice.patch
deleted file mode 100644
index 58ab5359c2..0000000000
--- a/gnu/packages/patches/perf-gcc-ice.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Work around this GCC ICE: <https://bugs.gnu.org/31708>.
-
---- linux-4.16.13/tools/perf/util/header.c 2018-06-04 11:30:39.368146035 +0200
-+++ linux-4.16.13/tools/perf/util/header.c 2018-06-04 11:34:04.667212378 +0200
-@@ -135,7 +135,7 @@ int do_write(struct feat_fd *ff, const v
- int write_padded(struct feat_fd *ff, const void *bf,
- size_t count, size_t count_aligned)
- {
-- static const char zero_buf[NAME_ALIGN];
-+ static const char zero_buf[NAME_ALIGN] = { 0 };
- int err = do_write(ff, bf, count);
-
- if (!err)
diff --git a/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch b/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
deleted file mode 100644
index 6460cf5855..0000000000
--- a/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Fix CVE-2018-12015:
-
-https://security-tracker.debian.org/tracker/CVE-2018-12015
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12015
-https://rt.cpan.org/Ticket/Display.html?id=125523
-
-Patch taken from this upstream commit and adapted to apply to
-the bundled copy in the Perl distribution:
-
-https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
-
-diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm
-index 6244369..a83975f 100644
---- a/cpan/Archive-Tar/lib/Archive/Tar.pm
-+++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
-@@ -845,6 +845,20 @@ sub _extract_file {
- return;
- }
-
-+ ### If a file system already contains a block device with the same name as
-+ ### the being extracted regular file, we would write the file's content
-+ ### to the block device. So remove the existing file (block device) now.
-+ ### If an archive contains multiple same-named entries, the last one
-+ ### should replace the previous ones. So remove the old file now.
-+ ### If the old entry is a symlink to a file outside of the CWD, the new
-+ ### entry would create a file there. This is CVE-2018-12015
-+ ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
-+ if (-l $full || -e _) {
-+ if (!unlink $full) {
-+ $self->_error( qq[Could not remove old file '$full': $!] );
-+ return;
-+ }
-+ }
- if( length $entry->type && $entry->is_file ) {
- my $fh = IO::File->new;
- $fh->open( $full, '>' ) or (
diff --git a/gnu/packages/patches/perl-deterministic-ordering.patch b/gnu/packages/patches/perl-deterministic-ordering.patch
index 92e33ef135..be63d5cde3 100644
--- a/gnu/packages/patches/perl-deterministic-ordering.patch
+++ b/gnu/packages/patches/perl-deterministic-ordering.patch
@@ -12,10 +12,10 @@ reproducibility.
cpan/Devel-PPPort/PPPort_xs.PL | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/cpan/Devel-PPPort/PPPort_xs.PL b/cpan/Devel-PPPort/PPPort_xs.PL
+diff --git a/dist/Devel-PPPort/PPPort_xs.PL b/dist/Devel-PPPort/PPPort_xs.PL
index 5f18940..149f2fe 100644
---- a/cpan/Devel-PPPort/PPPort_xs.PL
-+++ b/cpan/Devel-PPPort/PPPort_xs.PL
+--- a/dist/Devel-PPPort/PPPort_xs.PL
++++ b/dist/Devel-PPPort/PPPort_xs.PL
@@ -38,7 +38,7 @@ END
my $file;
my $sec;
diff --git a/gnu/packages/patches/perl-file-path-CVE-2017-6512.patch b/gnu/packages/patches/perl-file-path-CVE-2017-6512.patch
deleted file mode 100644
index 28ab067599..0000000000
--- a/gnu/packages/patches/perl-file-path-CVE-2017-6512.patch
+++ /dev/null
@@ -1,173 +0,0 @@
-Fix CVE-2017-6512:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6512
-https://rt.cpan.org/Public/Bug/Display.html?id=121951
-
-Patch copied from Debian, adapted to apply to the copy of File::Path in Perl
-5.24.0.
-
-https://github.com/jkeenan/File-Path/commit/e5ef95276ee8ad471c66ee574a5d42552b3a6af2
-https://anonscm.debian.org/cgit/perl/perl.git/diff/debian/patches/fixes/file_path_chmod_race.diff?id=e7b50f8fb6413f8ddfbbfda2d531615fb029e2d3
-
-From d760748be0efca7c05454440e24f3df77bf7cf5d Mon Sep 17 00:00:00 2001
-From: John Lightsey <john@nixnuts.net>
-Date: Tue, 2 May 2017 12:03:52 -0500
-Subject: Prevent directory chmod race attack.
-
-CVE-2017-6512 is a race condition attack where the chmod() of directories
-that cannot be entered is misused to change the permissions on other
-files or directories on the system. This has been corrected by limiting
-the directory-permission loosening logic to systems where fchmod() is
-supported.
-
-[Backported (whitespace adjustments) to File-Path 2.12 / perl 5.24 by
-Dominic Hargreaves for Debian.]
-
-Bug: https://rt.cpan.org/Public/Bug/Display.html?id=121951
-Bug-Debian: https://bugs.debian.org/863870
-Patch-Name: fixes/file_path_chmod_race.diff
----
- cpan/File-Path/lib/File/Path.pm | 39 +++++++++++++++++++++++++--------------
- cpan/File-Path/t/Path.t | 40 ++++++++++++++++++++++++++--------------
- 2 files changed, 51 insertions(+), 28 deletions(-)
-
-diff --git a/cpan/File-Path/lib/File/Path.pm b/cpan/File-Path/lib/File/Path.pm
-index 034da1e..a824cc8 100644
---- a/cpan/File-Path/lib/File/Path.pm
-+++ b/cpan/File-Path/lib/File/Path.pm
-@@ -354,21 +354,32 @@ sub _rmtree {
-
- # see if we can escalate privileges to get in
- # (e.g. funny protection mask such as -w- instead of rwx)
-- $perm &= oct '7777';
-- my $nperm = $perm | oct '700';
-- if (
-- !(
-- $arg->{safe}
-- or $nperm == $perm
-- or chmod( $nperm, $root )
-- )
-- )
-- {
-- _error( $arg,
-- "cannot make child directory read-write-exec", $canon );
-- next ROOT_DIR;
-+ # This uses fchmod to avoid traversing outside of the proper
-+ # location (CVE-2017-6512)
-+ my $root_fh;
-+ if (open($root_fh, '<', $root)) {
-+ my ($fh_dev, $fh_inode) = (stat $root_fh )[0,1];
-+ $perm &= oct '7777';
-+ my $nperm = $perm | oct '700';
-+ local $@;
-+ if (
-+ !(
-+ $arg->{safe}
-+ or $nperm == $perm
-+ or !-d _
-+ or $fh_dev ne $ldev
-+ or $fh_inode ne $lino
-+ or eval { chmod( $nperm, $root_fh ) }
-+ )
-+ )
-+ {
-+ _error( $arg,
-+ "cannot make child directory read-write-exec", $canon );
-+ next ROOT_DIR;
-+ }
-+ close $root_fh;
- }
-- elsif ( !chdir($root) ) {
-+ if ( !chdir($root) ) {
- _error( $arg, "cannot chdir to child", $canon );
- next ROOT_DIR;
- }
-diff --git a/cpan/File-Path/t/Path.t b/cpan/File-Path/t/Path.t
-index ff52fd6..956ca09 100644
---- a/cpan/File-Path/t/Path.t
-+++ b/cpan/File-Path/t/Path.t
-@@ -3,7 +3,7 @@
-
- use strict;
-
--use Test::More tests => 127;
-+use Test::More tests => 126;
- use Config;
- use Fcntl ':mode';
- use lib 't/';
-@@ -18,6 +18,13 @@ BEGIN {
-
- my $Is_VMS = $^O eq 'VMS';
-
-+my $fchmod_supported = 0;
-+if (open my $fh, curdir()) {
-+ my ($perm) = (stat($fh))[2];
-+ $perm &= 07777;
-+ eval { $fchmod_supported = chmod( $perm, $fh); };
-+}
-+
- # first check for stupid permissions second for full, so we clean up
- # behind ourselves
- for my $perm (0111,0777) {
-@@ -299,16 +306,19 @@ is($created[0], $dir, "created directory (old style 3 mode undef) cross-check");
-
- is(rmtree($dir, 0, undef), 1, "removed directory 3 verbose undef");
-
--$dir = catdir($tmp_base,'G');
--$dir = VMS::Filespec::unixify($dir) if $Is_VMS;
-+SKIP: {
-+ skip "fchmod of directories not supported on this platform", 3 unless $fchmod_supported;
-+ $dir = catdir($tmp_base,'G');
-+ $dir = VMS::Filespec::unixify($dir) if $Is_VMS;
-
--@created = mkpath($dir, undef, 0200);
-+ @created = mkpath($dir, undef, 0400);
-
--is(scalar(@created), 1, "created write-only dir");
-+ is(scalar(@created), 1, "created read-only dir");
-
--is($created[0], $dir, "created write-only directory cross-check");
-+ is($created[0], $dir, "created read-only directory cross-check");
-
--is(rmtree($dir), 1, "removed write-only dir");
-+ is(rmtree($dir), 1, "removed read-only dir");
-+}
-
- # borderline new-style heuristics
- if (chdir $tmp_base) {
-@@ -450,26 +460,28 @@ SKIP: {
- }
-
- SKIP : {
-- my $skip_count = 19;
-+ my $skip_count = 18;
- # this test will fail on Windows, as per:
- # http://perldoc.perl.org/perlport.html#chmod
-
- skip "Windows chmod test skipped", $skip_count
- if $^O eq 'MSWin32';
-+ skip "fchmod() on directories is not supported on this platform", $skip_count
-+ unless $fchmod_supported;
- my $mode;
- my $octal_mode;
- my @inputs = (
-- 0777, 0700, 0070, 0007,
-- 0333, 0300, 0030, 0003,
-- 0111, 0100, 0010, 0001,
-- 0731, 0713, 0317, 0371, 0173, 0137,
-- 00 );
-+ 0777, 0700, 0470, 0407,
-+ 0433, 0400, 0430, 0403,
-+ 0111, 0100, 0110, 0101,
-+ 0731, 0713, 0317, 0371,
-+ 0173, 0137);
- my $input;
- my $octal_input;
-- $dir = catdir($tmp_base, 'chmod_test');
-
- foreach (@inputs) {
- $input = $_;
-+ $dir = catdir($tmp_base, sprintf("chmod_test%04o", $input));
- # We can skip from here because 0 is last in the list.
- skip "Mode of 0 means assume user defaults on VMS", 1
- if ($input == 0 && $Is_VMS);
diff --git a/gnu/packages/patches/podofo-cmake-3.12.patch b/gnu/packages/patches/podofo-cmake-3.12.patch
new file mode 100644
index 0000000000..0a3c19b21a
--- /dev/null
+++ b/gnu/packages/patches/podofo-cmake-3.12.patch
@@ -0,0 +1,19 @@
+The build fails with cmake 3.12.0. This patch will be obsolete with the next
+release.
+
+https://sourceforge.net/p/podofo/tickets/24/attachment/podofo-cmake-3.12.patch
+
+
+--- a/test/TokenizerTest/CMakeLists.txt 2018-07-20 18:26:02.921494293 +0200
++++ b/test/TokenizerTest/CMakeLists.txt 2018-07-20 18:34:53.727136443 +0200
+@@ -2,10 +2,3 @@
+ TARGET_LINK_LIBRARIES(TokenizerTest ${PODOFO_LIB} ${PODOFO_LIB_DEPENDS})
+ SET_TARGET_PROPERTIES(TokenizerTest PROPERTIES COMPILE_FLAGS "${PODOFO_CFLAGS}")
+ ADD_DEPENDENCIES(TokenizerTest ${PODOFO_DEPEND_TARGET})
+-
+-# Copy the test samples over to the build tree
+-ADD_CUSTOM_COMMAND(
+- TARGET TokenizerTest
+- POST_BUILD
+- COMMAND "${CMAKE_COMMAND}" -E copy_directory "${CMAKE_CURRENT_SOURCE_DIR}/objects" "${CMAKE_CURRENT_BINARY_DIR}/objects"
+- )
diff --git a/gnu/packages/patches/python-cffi-x87-stack-clean.patch b/gnu/packages/patches/python-cffi-x87-stack-clean.patch
new file mode 100644
index 0000000000..50243505ee
--- /dev/null
+++ b/gnu/packages/patches/python-cffi-x87-stack-clean.patch
@@ -0,0 +1,29 @@
+Fix test that fails on i686:
+
+https://bitbucket.org/cffi/cffi/issues/382
+
+This is a squashed version of these commits:
+https://bitbucket.org/cffi/cffi/commits/ef09637b2314
+https://bitbucket.org/cffi/cffi/commits/7a76a3815340
+
+diff -r 99940f1f5402 testing/cffi0/test_function.py
+--- a/testing/cffi0/test_function.py Tue Feb 27 21:18:33 2018 +0100
++++ b/testing/cffi0/test_function.py Sun Nov 11 16:26:23 2018 +0100
+@@ -45,14 +45,14 @@
+ assert x != math.sin(1.23) # rounding effects
+ assert abs(x - math.sin(1.23)) < 1E-6
+
+- def test_sin_no_return_value(self):
++ def test_lround_no_return_value(self):
+ # check that 'void'-returning functions work too
+ ffi = FFI(backend=self.Backend())
+ ffi.cdef("""
+- void sin(double x);
++ void lround(double x);
+ """)
+ m = ffi.dlopen(lib_m)
+- x = m.sin(1.23)
++ x = m.lround(1.23)
+ assert x is None
+
+ def test_dlopen_filename(self):
diff --git a/gnu/packages/patches/python-networkx2-reproducible-build.patch b/gnu/packages/patches/python-networkx2-reproducible-build.patch
deleted file mode 100644
index 8274767ab8..0000000000
--- a/gnu/packages/patches/python-networkx2-reproducible-build.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From c065b972ed294769a41936d6b9feb336473af5d1 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?G=C3=A1bor=20Boskovits?= <boskovits@gmail.com>
-Date: Sat, 4 Nov 2017 15:28:47 +0100
-Subject: Fix SOURCE_DATE_EPOCH ignored bug (#2735)
-
-* Fix SOURCE_DATE_EPOCH ignored bug
-
-Fix a bug in networkx/release.py that makes build
-non-reproducible.
----
- networkx/release.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/networkx/release.py b/networkx/release.py
-index e81fc0c0..6322cf0d 100644
---- a/networkx/release.py
-+++ b/networkx/release.py
-@@ -135,7 +135,7 @@ def get_revision():
-
- def get_info(dynamic=True):
- # Date information
-- date_info = datetime.datetime.now()
-+ date_info = datetime.datetime.utcfromtimestamp(int(os.environ.get('SOURCE_DATE_EPOCH', time.time())))
- date = time.asctime(date_info.timetuple())
-
- revision, version, version_info, vcs_info = None, None, None, None
---
-2.14.2
-
diff --git a/gnu/packages/patches/python-paste-remove-website-test.patch b/gnu/packages/patches/python-paste-remove-website-test.patch
deleted file mode 100644
index 93417fbe75..0000000000
--- a/gnu/packages/patches/python-paste-remove-website-test.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Remove the test to see if the Python Paste website is up.
-
-Obviously without network access there is no way for us to check this, and
-it's pretty strange to test a project's website when you really mean to test
-the project anyhow...
-
---- a/tests/test_proxy.py 2016-02-22 19:13:04.040117767 -0800
-+++ b/tests/test_proxy.py 2016-02-22 19:13:04.040117767 -0800
-@@ -1,12 +1,3 @@
- from paste import proxy
- from paste.fixture import TestApp
-
--def test_paste_website():
-- # Not the most robust test...
-- # need to test things like POSTing to pages, and getting from pages
-- # that don't set content-length.
-- app = proxy.Proxy('http://pythonpaste.org')
-- app = TestApp(app)
-- res = app.get('/')
-- assert 'documentation' in res
--
diff --git a/gnu/packages/patches/python-pillow-fix-failing-tests.patch b/gnu/packages/patches/python-pillow-fix-failing-tests.patch
deleted file mode 100644
index 2575d6f612..0000000000
--- a/gnu/packages/patches/python-pillow-fix-failing-tests.patch
+++ /dev/null
Binary files differ
diff --git a/gnu/packages/patches/python-scikit-learn-fix-test-non-determinism.patch b/gnu/packages/patches/python-scikit-learn-fix-test-non-determinism.patch
deleted file mode 100644
index 90328cc0eb..0000000000
--- a/gnu/packages/patches/python-scikit-learn-fix-test-non-determinism.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-This patch stops a test sometimes failing because of non-determinism. See
-https://github.com/scikit-learn/scikit-learn/pull/9542
-
-From ff9f6db6e8b59c2b3528c8137ed4054f57c1d7c4 Mon Sep 17 00:00:00 2001
-From: Hanmin Qin <qinhanmin2005@sina.com>
-Date: Sun, 13 Aug 2017 22:13:49 +0800
-Subject: [PATCH] add random_state
-
----
- sklearn/tests/test_kernel_ridge.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sklearn/tests/test_kernel_ridge.py b/sklearn/tests/test_kernel_ridge.py
-index 4750a096ac6..979875870b6 100644
---- a/sklearn/tests/test_kernel_ridge.py
-+++ b/sklearn/tests/test_kernel_ridge.py
-@@ -10,7 +10,7 @@
- from sklearn.utils.testing import assert_array_almost_equal
-
-
--X, y = make_regression(n_features=10)
-+X, y = make_regression(n_features=10, random_state=0)
- Xcsr = sp.csr_matrix(X)
- Xcsc = sp.csc_matrix(X)
- Y = np.array([y, y]).T
diff --git a/gnu/packages/patches/python-testtools.patch b/gnu/packages/patches/python-testtools.patch
new file mode 100644
index 0000000000..42536e50f9
--- /dev/null
+++ b/gnu/packages/patches/python-testtools.patch
@@ -0,0 +1,57 @@
+https://github.com/testing-cabal/testtools/commit/29004731f9c480b7c44a9c2605513d50d372898f.patch
+Should be fixed in the next release
+
+From 29004731f9c480b7c44a9c2605513d50d372898f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
+Date: Thu, 17 May 2018 17:52:26 +0200
+Subject: [PATCH] Fix the tests on Python 3.7
+
+Exception's repr got changed not to include trailing comma
+
+Fixes https://github.com/testing-cabal/testtools/issues/270
+---
+ .travis.yml | 1 +
+ testtools/tests/matchers/test_exception.py | 11 +++++++++--
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/.travis.yml b/.travis.yml
+index 7f1f4db7..784608e0 100644
+--- a/.travis.yml
++++ b/.travis.yml
+@@ -5,6 +5,7 @@ python:
+ - "3.4"
+ - "3.5"
+ - "3.6"
++ - "3.7-dev"
+ - "pypy"
+
+ install:
+diff --git a/testtools/tests/matchers/test_exception.py b/testtools/tests/matchers/test_exception.py
+index 6cd80af1..acd39252 100644
+--- a/testtools/tests/matchers/test_exception.py
++++ b/testtools/tests/matchers/test_exception.py
+@@ -32,15 +32,22 @@ class TestMatchesExceptionInstanceInterface(TestCase, TestMatchersInterface):
+ matches_matches = [error_foo]
+ matches_mismatches = [error_bar, error_base_foo]
+
++ if sys.version_info >= (3, 7):
++ # exception's repr has changed
++ _e = ''
++ else:
++ _e = ','
++
+ str_examples = [
+- ("MatchesException(Exception('foo',))",
++ ("MatchesException(Exception('foo'%s))" % _e,
+ MatchesException(Exception('foo')))
+ ]
+ describe_examples = [
+ ("%r is not a %r" % (Exception, ValueError),
+ error_base_foo,
+ MatchesException(ValueError("foo"))),
+- ("ValueError('bar',) has different arguments to ValueError('foo',).",
++ ("ValueError('bar'%s) has different arguments to ValueError('foo'%s)."
++ % (_e, _e),
+ error_bar,
+ MatchesException(ValueError("foo"))),
+ ]
diff --git a/gnu/packages/patches/python2-CVE-2018-1060.patch b/gnu/packages/patches/python2-CVE-2018-1060.patch
deleted file mode 100644
index 5eb7ccfbc9..0000000000
--- a/gnu/packages/patches/python2-CVE-2018-1060.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Fix CVE-2018-1060:
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
-
-Taken from upstream commit (sans test and NEWS):
-https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2
-
-diff --git a/Lib/poplib.py b/Lib/poplib.py
-index b91e5f72d2ca..a238510b38fc 100644
---- a/Lib/poplib.py
-+++ b/Lib/poplib.py
-@@ -274,7 +274,7 @@ def rpop(self, user):
- return self._shortcmd('RPOP %s' % user)
-
-
-- timestamp = re.compile(r'\+OK.*(<[^>]+>)')
-+ timestamp = re.compile(br'\+OK.[^<]*(<.*>)')
-
- def apop(self, user, secret):
- """Authorisation
-
diff --git a/gnu/packages/patches/python2-CVE-2018-1061.patch b/gnu/packages/patches/python2-CVE-2018-1061.patch
deleted file mode 100644
index 6caab24b4d..0000000000
--- a/gnu/packages/patches/python2-CVE-2018-1061.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Fix CVE-2018-1061:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
-
-Taken from upstream commit (sans test and NEWS):
-https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2
-
-diff --git a/Lib/difflib.py b/Lib/difflib.py
-index 1c6fbdbedcb7..788a92df3f89 100644
---- a/Lib/difflib.py
-+++ b/Lib/difflib.py
-@@ -1103,7 +1103,7 @@ def _qformat(self, aline, bline, atags, btags):
-
- import re
-
--def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match):
-+def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match):
- r"""
- Return 1 for ignorable line: iff `line` is blank or contains a single '#'.
-
diff --git a/gnu/packages/patches/qt-5-renameat2.patch b/gnu/packages/patches/qt-5-renameat2.patch
new file mode 100644
index 0000000000..036070c7ff
--- /dev/null
+++ b/gnu/packages/patches/qt-5-renameat2.patch
@@ -0,0 +1,35 @@
+Avoid conflicting declaration of 'renameat2' on glibc 2.28
+(see <https://github.com/meta-qt5/meta-qt5/issues/94>.)
+
+Patch from <https://github.com/meta-qt5/meta-qt5/pull/95>
+by Andreas Müller <schnitzeltony@gmail.com>.
+
+---
+ src/corelib/io/qfilesystemengine_unix.cpp | 11 ++++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/src/corelib/io/qfilesystemengine_unix.cpp b/src/corelib/io/qfilesystemengine_unix.cpp
+index be6ce48d0cb..1bf1bebc7f1 100644
+--- a/qtbase/src/corelib/io/qfilesystemengine_unix.cpp
++++ b/qtbase/src/corelib/io/qfilesystemengine_unix.cpp
+@@ -98,6 +98,17 @@ extern "C" NSString *NSTemporaryDirectory();
+ # define FICLONE _IOW(0x94, 9, int)
+ #endif
+
++// renameat2/statx features for non bootstrapped build
++#ifndef QT_BOOTSTRAPPED
++#ifdef __GLIBC_PREREQ
++# define QT_FEATURE_renameat2 (__GLIBC_PREREQ(2, 28) ? 1 : -1)
++# define QT_FEATURE_statx (__GLIBC_PREREQ(2, 28) ? 1 : -1)
++#else
++# define QT_FEATURE_renameat2 -1
++# define QT_FEATURE_statx -1
++#endif
++#endif
++
+ # if defined(Q_OS_ANDROID)
+ // renameat2() and statx() are disabled on Android because quite a few systems
+ // come with sandboxes that kill applications that make system calls outside a
+--
+2.14.4
+
diff --git a/gnu/packages/patches/randomjungle-disable-static-build.patch b/gnu/packages/patches/randomjungle-disable-static-build.patch
new file mode 100644
index 0000000000..3de6c269fd
--- /dev/null
+++ b/gnu/packages/patches/randomjungle-disable-static-build.patch
@@ -0,0 +1,14 @@
+Drop build time dependency on the static executables.
+
+--- a/src/Makefile.in 2018-11-25 20:27:10.691508925 +0100
++++ b/src/Makefile.in 2018-11-25 20:27:43.565631413 +0100
+@@ -34,8 +34,7 @@
+ POST_UNINSTALL = :
+ build_triplet = @build@
+ host_triplet = @host@
+-bin_PROGRAMS = rjungle$(EXEEXT) rjungle_static$(EXEEXT) \
+- rjunglesparse$(EXEEXT) rjunglesparse_static$(EXEEXT)
++bin_PROGRAMS = rjungle$(EXEEXT) rjunglesparse$(EXEEXT)
+ subdir = src
+ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
diff --git a/gnu/packages/patches/rust-mdbook-support-reproducible-builds-by-forcing-window.search.patch b/gnu/packages/patches/rust-reproducible-builds.patch
index ef7bf53b5d..ef7bf53b5d 100644
--- a/gnu/packages/patches/rust-mdbook-support-reproducible-builds-by-forcing-window.search.patch
+++ b/gnu/packages/patches/rust-reproducible-builds.patch
diff --git a/gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch b/gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch
new file mode 100644
index 0000000000..561763dabe
--- /dev/null
+++ b/gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch
@@ -0,0 +1,36 @@
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Sun, 26 Aug 2018 17:24:42 +0200
+Subject: [PATCH] snappy: Add O2 flag in CmakeLists.txt.
+
+Use ‘-O2’ optimisation when building with CMake, as is already done when
+using the Makefile. This patch was copied verbatim from the Snappy
+mailing list[0].
+
+[0]: <snappy-compression@googlegroups.com>
+
+From 903c72fb29b2db07b4abc38a5feb83d88f739d80 Mon Sep 17 00:00:00 2001
+From: huangwenjun <huangwenjun-hf@loongson.cn>
+Date: Fri, 10 Aug 2018 17:17:35 +0800
+Subject: [PATCH] Add O2 optimize flag in CmakeLists.txt.
+
+---
+ CMakeLists.txt | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 62ecd09..29e0cdc 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -6,6 +6,9 @@ set(CMAKE_CXX_STANDARD 11)
+ set(CMAKE_CXX_STANDARD_REQUIRED ON)
+ set(CMAKE_CXX_EXTENSIONS OFF)
+
++SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2")
++SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2")
++
+ # BUILD_SHARED_LIBS is a standard CMake variable, but we declare it here to make
+ # it prominent in the GUI.
+ option(BUILD_SHARED_LIBS "Build shared libraries(DLLs)." OFF)
+--
+2.1.0
+
diff --git a/gnu/packages/patches/swig-guile-gc.patch b/gnu/packages/patches/swig-guile-gc.patch
new file mode 100644
index 0000000000..0e745a6247
--- /dev/null
+++ b/gnu/packages/patches/swig-guile-gc.patch
@@ -0,0 +1,76 @@
+Fix garbage collection for Guile versions >= 2.0.12. This issue showed
+up when running the tests on i686-linux.
+
+Taken from this upstream commit:
+https://github.com/swig/swig/commit/38f2ab0c30e369e63bbd0a6152108488d0de68e1
+
+diff --git a/Lib/guile/guile_scm_run.swg b/Lib/guile/guile_scm_run.swg
+index 274f197158..0d04cb7c62 100644
+--- a/Lib/guile/guile_scm_run.swg
++++ b/Lib/guile/guile_scm_run.swg
+@@ -99,6 +99,7 @@ SWIG_Guile_scm2newstr(SCM str, size_t *len) {
+ static int swig_initialized = 0;
+ static scm_t_bits swig_tag = 0;
+ static scm_t_bits swig_collectable_tag = 0;
++static scm_t_bits swig_finalized_tag = 0;
+ static scm_t_bits swig_destroyed_tag = 0;
+ static scm_t_bits swig_member_function_tag = 0;
+ static SCM swig_make_func = SCM_EOL;
+@@ -163,7 +164,19 @@ SWIG_Guile_PointerType(SCM object)
+ }
+ else scm_wrong_type_arg("SWIG-Guile-PointerType", 1, object);
+ }
+-
++
++SWIGINTERN int
++SWIG_Guile_IsValidSmob(SCM smob)
++{
++ /* We do not accept smobs representing destroyed pointers, but we have to
++ allow finalized smobs because Guile >= 2.0.12 sets all smob instances
++ to the 'finalized' type before calling their 'free' function. This change
++ was introduced to Guile in commit 8dff3af087c6eaa83ae0d72aa8b22aef5c65d65d */
++ return SCM_SMOB_PREDICATE(swig_tag, smob)
++ || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)
++ || SCM_SMOB_PREDICATE(swig_finalized_tag, smob);
++}
++
+ SWIGINTERN int
+ SWIG_Guile_ConvertPtr(SCM s, void **result, swig_type_info *type, int flags)
+ {
+@@ -179,8 +192,7 @@ SWIG_Guile_ConvertPtr(SCM s, void **result, swig_type_info *type, int flags)
+ *result = SCM_POINTER_VALUE(s);
+ return SWIG_OK;
+ #endif /* if SCM_MAJOR_VERSION >= 2 */
+- } else if (SCM_SMOB_PREDICATE(swig_tag, smob) || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)) {
+- /* we do not accept smobs representing destroyed pointers */
++ } else if (SWIG_Guile_IsValidSmob(smob)) {
+ from = (swig_type_info *) SCM_CELL_WORD_2(smob);
+ if (!from) return SWIG_ERROR;
+ if (type) {
+@@ -239,7 +251,7 @@ SWIG_Guile_MarkPointerNoncollectable(SCM s)
+ {
+ SCM smob = SWIG_Guile_GetSmob(s);
+ if (!SCM_NULLP(smob)) {
+- if (SCM_SMOB_PREDICATE(swig_tag, smob) || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)) {
++ if (SWIG_Guile_IsValidSmob(smob)) {
+ SCM_SET_CELL_TYPE(smob, swig_tag);
+ }
+ else scm_wrong_type_arg(NULL, 0, s);
+@@ -252,7 +264,7 @@ SWIG_Guile_MarkPointerDestroyed(SCM s)
+ {
+ SCM smob = SWIG_Guile_GetSmob(s);
+ if (!SCM_NULLP(smob)) {
+- if (SCM_SMOB_PREDICATE(swig_tag, smob) || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)) {
++ if (SWIG_Guile_IsValidSmob(smob)) {
+ SCM_SET_CELL_TYPE(smob, swig_destroyed_tag);
+ }
+ else scm_wrong_type_arg(NULL, 0, s);
+@@ -419,6 +431,8 @@ SWIG_Guile_Init ()
+ scm_set_smob_print(swig_collectable_tag, print_collectable_swig);
+ scm_set_smob_equalp(swig_collectable_tag, equalp_swig);
+ scm_set_smob_free(swig_collectable_tag, free_swig);
++ /* For Guile >= 2.0.12. See libguile/smob.c:clear_smobnum */
++ swig_finalized_tag = swig_collectable_tag & ~0xff00;
+ }
+ if (ensure_smob_tag(swig_module, &swig_destroyed_tag,
+ "destroyed-swig-pointer", "destroyed-swig-pointer-tag")) {
diff --git a/gnu/packages/patches/texinfo-5-perl-compat.patch b/gnu/packages/patches/texinfo-5-perl-compat.patch
new file mode 100644
index 0000000000..f16d6b4da8
--- /dev/null
+++ b/gnu/packages/patches/texinfo-5-perl-compat.patch
@@ -0,0 +1,19 @@
+Fix a deprecation warning with newer Perl that breaks some tests.
+
+--- a/tp/Texinfo/Parser.pm
++++ b/tp/Texinfo/Parser.pm
+@@ -5438,12 +5438,12 @@
+ }
+ } elsif ($command eq 'clickstyle') {
+ # REMACRO
+- if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*/) {
++ if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*/) {
+ $args = ['@'.$1];
+ $self->{'clickstyle'} = $1
+ unless(_ignore_global_commands($self));
+ $remaining = $line;
+- $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
++ $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
+ $has_comment = 1 if (defined($4));
+ } else {
+ $self->line_error (sprintf($self->__(
diff --git a/gnu/packages/patches/texinfo-perl-compat.patch b/gnu/packages/patches/texinfo-perl-compat.patch
new file mode 100644
index 0000000000..a7348fde0d
--- /dev/null
+++ b/gnu/packages/patches/texinfo-perl-compat.patch
@@ -0,0 +1,51 @@
+Fix compatibility with newer Perls.
+
+The first patch is taken from upstream:
+https://svn.savannah.gnu.org/viewvc/texinfo?view=revision&revision=8008
+
+The second gets rid of a deprecation warning that breaks some tests.
+Taken from Fedora: <https://bugzilla.redhat.com/show_bug.cgi?id=1590308>.
+
+--- trunk/tp/Texinfo/Convert/XSParagraph/xspara.c 2017/04/30 14:57:26 7765
++++ trunk/tp/Texinfo/Convert/XSParagraph/xspara.c 2018/07/13 15:39:29 8008
+@@ -248,6 +248,11 @@
+
+ dTHX;
+
++#if PERL_VERSION > 27 || (PERL_VERSION == 27 && PERL_SUBVERSION > 8)
++ /* needed due to thread-safe locale handling in newer perls */
++ switch_to_global_locale();
++#endif
++
+ if (setlocale (LC_CTYPE, "en_US.UTF-8")
+ || setlocale (LC_CTYPE, "en_US.utf8"))
+ goto success;
+@@ -320,6 +325,10 @@
+ {
+ success: ;
+ free (utf8_locale);
++#if PERL_VERSION > 27 || (PERL_VERSION == 27 && PERL_SUBVERSION > 8)
++ /* needed due to thread-safe locale handling in newer perls */
++ sync_locale();
++#endif
+ /*
+ fprintf (stderr, "tried to set LC_CTYPE to UTF-8.\n");
+ fprintf (stderr, "character encoding is: %s\n",
+
+diff -up texinfo-6.5/tp/Texinfo/Parser.pm.orig texinfo-6.5/tp/Texinfo/Parser.pm
+--- texinfo-6.5/tp/Texinfo/Parser.pm.orig 2018-06-12 13:40:29.356030136 +0200
++++ texinfo-6.5/tp/Texinfo/Parser.pm 2018-06-12 13:41:28.357725639 +0200
+@@ -5478,11 +5478,11 @@ sub _parse_special_misc_command($$$$)
+ }
+ } elsif ($command eq 'clickstyle') {
+ # REMACRO
+- if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*/) {
++ if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*/) {
+ $args = ['@'.$1];
+ $self->{'clickstyle'} = $1;
+ $remaining = $line;
+- $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
++ $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
+ $has_comment = 1 if (defined($4));
+ } else {
+ $self->line_error (sprintf($self->__(