aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-04-14 13:07:16 -0400
committerLeo Famulari <leo@famulari.name>2017-04-14 13:07:16 -0400
commitc57ce31a896f659a2e311c2ee90b9027f4a405bc (patch)
tree17d0d0238ca1db65cce1f2ac68273af0483c9e7d /gnu/packages/patches
parentf575efa12c5df9f9879b7be0fe3593a3106a346d (diff)
parent8439c9c05eab5c98d889fb1de56bc78f62a8058f (diff)
downloadguix-c57ce31a896f659a2e311c2ee90b9027f4a405bc.tar
guix-c57ce31a896f659a2e311c2ee90b9027f4a405bc.tar.gz
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/audacity-fix-ffmpeg-binding.patch32
-rw-r--r--gnu/packages/patches/glog-gcc-5-demangling.patch64
-rw-r--r--gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch67
-rw-r--r--gnu/packages/patches/jasper-CVE-2017-6850.patch284
-rw-r--r--gnu/packages/patches/kiki-level-selection-crash.patch19
-rw-r--r--gnu/packages/patches/kiki-makefile.patch57
-rw-r--r--gnu/packages/patches/kiki-missing-includes.patch55
-rw-r--r--gnu/packages/patches/kiki-portability-64bit.patch328
-rw-r--r--gnu/packages/patches/kio-CVE-2017-6410.patch53
-rw-r--r--gnu/packages/patches/luminance-hdr-qt-printer.patch28
-rw-r--r--gnu/packages/patches/lz4-fix-test-failures.patch136
-rw-r--r--gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch60
-rw-r--r--gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch57
-rw-r--r--gnu/packages/patches/nss-increase-test-timeout.patch10
-rw-r--r--gnu/packages/patches/password-store-gnupg-compat.patch53
-rw-r--r--gnu/packages/patches/pcre-CVE-2017-7186.patch56
-rw-r--r--gnu/packages/patches/pcre2-CVE-2017-7186.patch68
-rw-r--r--gnu/packages/patches/python-cython-fix-tests-32bit.patch27
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-2615.patch52
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-2620.patch134
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-2630.patch47
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-5667.patch46
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-5931.patch55
-rw-r--r--gnu/packages/patches/screen-fix-info-syntax-error.patch47
-rw-r--r--gnu/packages/patches/teeworlds-use-latest-wavpack.patch84
25 files changed, 1375 insertions, 544 deletions
diff --git a/gnu/packages/patches/audacity-fix-ffmpeg-binding.patch b/gnu/packages/patches/audacity-fix-ffmpeg-binding.patch
deleted file mode 100644
index d6d65338d9..0000000000
--- a/gnu/packages/patches/audacity-fix-ffmpeg-binding.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-This resolves some "declaration of C function conflicts with previous
-declaration" errors during compilation.
-
---- a/src/FFmpeg.h 2015-02-21 00:33:33.853857529 +0100
-+++ b/src/FFmpeg.h 2015-02-21 00:35:09.626497205 +0100
-@@ -688,7 +688,7 @@
- FFMPEG_FUNCTION_WITH_RETURN(
- AVOutputFormat*,
- av_oformat_next,
-- (AVOutputFormat *f),
-+ (const AVOutputFormat *f),
- (f)
- );
- FFMPEG_FUNCTION_WITH_RETURN(
-@@ -755,7 +755,7 @@
- FFMPEG_FUNCTION_WITH_RETURN(
- int,
- av_fifo_size,
-- (AVFifoBuffer *f),
-+ (const AVFifoBuffer *f),
- (f)
- );
- FFMPEG_FUNCTION_WITH_RETURN(
-@@ -801,7 +801,7 @@
- FFMPEG_FUNCTION_WITH_RETURN(
- AVDictionaryEntry *,
- av_dict_get,
-- (AVDictionary *m, const char *key, const AVDictionaryEntry *prev, int flags),
-+ (const AVDictionary *m, const char *key, const AVDictionaryEntry *prev, int flags),
- (m, key, prev, flags)
- );
- FFMPEG_FUNCTION_WITH_RETURN(
diff --git a/gnu/packages/patches/glog-gcc-5-demangling.patch b/gnu/packages/patches/glog-gcc-5-demangling.patch
new file mode 100644
index 0000000000..7f3f42ceca
--- /dev/null
+++ b/gnu/packages/patches/glog-gcc-5-demangling.patch
@@ -0,0 +1,64 @@
+Fix symbol demangling for GCC 5, as reported at:
+
+ https://github.com/google/glog/issues/14
+
+Patch from:
+
+ https://github.com/google/glog/pull/50
+
+From b1639e3014996fbc7635870e013559c54e7e3b2f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?David=20Mart=C3=ADnez=20Moreno?= <ender@debian.org>
+Date: Thu, 13 Aug 2015 09:31:26 -0700
+Subject: [PATCH] Fix ABI demangling for the GCC 5.x case.
+
+When glog is compiled with gcc-5.2 in cxx11 ABI mode, it barfs about unmangled symbols. This patches it getting inspiration from binutils and demangle.cc itself, although it may be totally wrong or maybe have to use ParseAbiTag in more places. I haven't read the spec for the symbols, though.
+
+This patch makes the demangle unit test pass correctly.
+---
+ src/demangle.cc | 19 +++++++++++++++++++
+ 1 file changed, 19 insertions(+)
+
+diff --git a/src/demangle.cc b/src/demangle.cc
+index e858181..0f0c831 100644
+--- a/src/demangle.cc
++++ b/src/demangle.cc
+@@ -439,6 +439,7 @@ static bool ParseExprPrimary(State *state);
+ static bool ParseLocalName(State *state);
+ static bool ParseDiscriminator(State *state);
+ static bool ParseSubstitution(State *state);
++static bool ParseAbiTag(State *state);
+
+ // Implementation note: the following code is a straightforward
+ // translation of the Itanium C++ ABI defined in BNF with a couple of
+@@ -567,6 +568,8 @@ static bool ParseNestedName(State *state) {
+ static bool ParsePrefix(State *state) {
+ bool has_something = false;
+ while (true) {
++ if (ParseAbiTag(state))
++ continue;
+ MaybeAppendSeparator(state);
+ if (ParseTemplateParam(state) ||
+ ParseSubstitution(state) ||
+@@ -585,6 +588,22 @@ static bool ParsePrefix(State *state) {
+ return true;
+ }
+
++// <abi-tag> ::= B <source-name>
++static bool ParseAbiTag(State *state) {
++ State copy = *state;
++
++ Append(state, "[", 1);
++ if (ParseOneCharToken(state, 'B') &&
++ ParseSourceName(state))
++ {
++ Append(state, "]", 1);
++ return true;
++ }
++
++ *state = copy;
++ return false;
++}
++
+ // <unqualified-name> ::= <operator-name>
+ // ::= <ctor-dtor-name>
+ // ::= <source-name>
diff --git a/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch b/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch
deleted file mode 100644
index b3a198c499..0000000000
--- a/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-Fix a Y2038 test failure on systems where time_t is a signed 32-bit value:
-
-https://bugs.gnupg.org/gnupg/issue2988
-
-Patch copied from upstream source repository:
-
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=de3838372ae3cdecbd83eea2c53c8e2656d93052
-
-From de3838372ae3cdecbd83eea2c53c8e2656d93052 Mon Sep 17 00:00:00 2001
-From: Justus Winter <justus@g10code.com>
-Date: Tue, 7 Mar 2017 12:18:59 +0100
-Subject: [PATCH] tests: Avoid overflowing signed 32 bit time_t.
-
-* tests/openpgp/quick-key-manipulation.scm: Use expiration times in
-the year 2038 instead of 2105 to avoid overflowing 32 bit time_t.
-time_t is used internally to parse the expiraton time from the iso
-timestamp.
-
-GnuPG-bug-id: 2988
-Signed-off-by: Justus Winter <justus@g10code.com>
----
- tests/openpgp/quick-key-manipulation.scm | 15 +++++++++++----
- 1 file changed, 11 insertions(+), 4 deletions(-)
-
-diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
-index 10f0bfe21..08ef62613 100755
---- a/tests/openpgp/quick-key-manipulation.scm
-+++ b/tests/openpgp/quick-key-manipulation.scm
-@@ -125,8 +125,13 @@
- (default default never)
- (rsa "sign auth encr" "seconds=600") ;; GPGME uses this
- (rsa "auth,encr" "2") ;; "without a letter, days is assumed"
-- (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105"
-- (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105"
-+ ;; Sadly, the timestamp is truncated by the use of time_t on
-+ ;; systems where time_t is a signed 32 bit value.
-+ (rsa "sign" "2038-01-01") ;; unix millennium
-+ (rsa "sign" "20380101T115500") ;; unix millennium
-+ ;; Once fixed, we can use later timestamps:
-+ ;; (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105"
-+ ;; (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105"
- (rsa sign "2d")
- (rsa1024 sign "2w")
- (rsa2048 encr "2m")
-@@ -157,7 +162,8 @@
- (lambda (subkey)
- (assert (= 1 (:alg subkey)))
- (assert (string-contains? (:cap subkey) "s"))
-- (assert (time-matches? 4260207600 ;; 2105-01-01
-+ (assert (time-matches? 2145916800 ;; 2038-01-01
-+ ;; 4260207600 ;; 2105-01-01
- (string->number (:expire subkey))
- ;; This is off by 12h, but I guess it just
- ;; choses the middle of the day.
-@@ -165,7 +171,8 @@
- (lambda (subkey)
- (assert (= 1 (:alg subkey)))
- (assert (string-contains? (:cap subkey) "s"))
-- (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00
-+ (assert (time-matches? 2145959700 ;; UTC 2038-01-01 11:55:00
-+ ;; 4260254100 ;; UTC 2105-01-01 11:55:00
- (string->number (:expire subkey))
- (minutes->seconds 5))))
- (lambda (subkey)
---
-2.12.0
-
diff --git a/gnu/packages/patches/jasper-CVE-2017-6850.patch b/gnu/packages/patches/jasper-CVE-2017-6850.patch
new file mode 100644
index 0000000000..07672762a1
--- /dev/null
+++ b/gnu/packages/patches/jasper-CVE-2017-6850.patch
@@ -0,0 +1,284 @@
+This patch is from upstream and should be fixed included in the next release
+
+From e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d Mon Sep 17 00:00:00 2001
+From: Michael Adams <mdadams@ece.uvic.ca>
+Date: Sat, 4 Mar 2017 14:43:24 -0800
+Subject: [PATCH] Fixed bugs due to uninitialized data in the JP2 decoder.
+ Also, added some comments marking I/O stream interfaces that probably need to
+ be changed (in the long term) to fix integer overflow problems.
+
+---
+ src/libjasper/base/jas_stream.c | 18 +++++++++++++++++
+ src/libjasper/jp2/jp2_cod.c | 44 ++++++++++++++++++++++++++++-------------
+ 2 files changed, 48 insertions(+), 14 deletions(-)
+
+diff --git a/src/libjasper/base/jas_stream.c b/src/libjasper/base/jas_stream.c
+index 327ee57..d70408f 100644
+--- a/src/libjasper/base/jas_stream.c
++++ b/src/libjasper/base/jas_stream.c
+@@ -664,6 +664,7 @@ int jas_stream_ungetc(jas_stream_t *stream, int c)
+ return 0;
+ }
+
++/* FIXME integral type */
+ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt)
+ {
+ int n;
+@@ -690,6 +691,7 @@ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt)
+ return n;
+ }
+
++/* FIXME integral type */
+ int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt)
+ {
+ int n;
+@@ -742,6 +744,7 @@ int jas_stream_puts(jas_stream_t *stream, const char *s)
+ return 0;
+ }
+
++/* FIXME integral type */
+ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
+ {
+ int c;
+@@ -765,6 +768,7 @@ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
+ return buf;
+ }
+
++/* FIXME integral type */
+ int jas_stream_gobble(jas_stream_t *stream, int n)
+ {
+ int m;
+@@ -783,6 +787,7 @@ int jas_stream_gobble(jas_stream_t *stream, int n)
+ return n;
+ }
+
++/* FIXME integral type */
+ int jas_stream_pad(jas_stream_t *stream, int n, int c)
+ {
+ int m;
+@@ -885,6 +890,7 @@ long jas_stream_tell(jas_stream_t *stream)
+ * Buffer initialization code.
+ \******************************************************************************/
+
++/* FIXME integral type */
+ static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf,
+ int bufsize)
+ {
+@@ -1060,6 +1066,7 @@ static int jas_strtoopenmode(const char *s)
+ return openmode;
+ }
+
++/* FIXME integral type */
+ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n)
+ {
+ int all;
+@@ -1085,6 +1092,7 @@ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n)
+ return 0;
+ }
+
++/* FIXME integral type */
+ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt)
+ {
+ int old;
+@@ -1094,6 +1102,7 @@ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt)
+ return old;
+ }
+
++/* FIXME integral type */
+ int jas_stream_display(jas_stream_t *stream, FILE *fp, int n)
+ {
+ unsigned char buf[16];
+@@ -1168,6 +1177,7 @@ long jas_stream_length(jas_stream_t *stream)
+ * Memory stream object.
+ \******************************************************************************/
+
++/* FIXME integral type */
+ static int mem_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ ssize_t n;
+@@ -1209,6 +1219,7 @@ static int mem_resize(jas_stream_memobj_t *m, size_t bufsize)
+ return 0;
+ }
+
++/* FIXME integral type */
+ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ size_t n;
+@@ -1264,6 +1275,7 @@ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ return ret;
+ }
+
++/* FIXME integral type */
+ static long mem_seek(jas_stream_obj_t *obj, long offset, int origin)
+ {
+ jas_stream_memobj_t *m = (jas_stream_memobj_t *)obj;
+@@ -1310,6 +1322,7 @@ static int mem_close(jas_stream_obj_t *obj)
+ * File stream object.
+ \******************************************************************************/
+
++/* FIXME integral type */
+ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ jas_stream_fileobj_t *fileobj;
+@@ -1318,6 +1331,7 @@ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ return read(fileobj->fd, buf, cnt);
+ }
+
++/* FIXME integral type */
+ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ jas_stream_fileobj_t *fileobj;
+@@ -1326,6 +1340,7 @@ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ return write(fileobj->fd, buf, cnt);
+ }
+
++/* FIXME integral type */
+ static long file_seek(jas_stream_obj_t *obj, long offset, int origin)
+ {
+ jas_stream_fileobj_t *fileobj;
+@@ -1352,6 +1367,7 @@ static int file_close(jas_stream_obj_t *obj)
+ * Stdio file stream object.
+ \******************************************************************************/
+
++/* FIXME integral type */
+ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ FILE *fp;
+@@ -1367,6 +1383,7 @@ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ return result;
+ }
+
++/* FIXME integral type */
+ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ FILE *fp;
+@@ -1377,6 +1394,7 @@ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ return (n != JAS_CAST(size_t, cnt)) ? (-1) : cnt;
+ }
+
++/* FIXME integral type */
+ static long sfile_seek(jas_stream_obj_t *obj, long offset, int origin)
+ {
+ FILE *fp;
+diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c
+index 7f3608a..8d98a2c 100644
+--- a/src/libjasper/jp2/jp2_cod.c
++++ b/src/libjasper/jp2/jp2_cod.c
+@@ -183,15 +183,28 @@ jp2_boxinfo_t jp2_boxinfo_unk = {
+ * Box constructor.
+ \******************************************************************************/
+
+-jp2_box_t *jp2_box_create(int type)
++jp2_box_t *jp2_box_create0()
+ {
+ jp2_box_t *box;
+- jp2_boxinfo_t *boxinfo;
+-
+ if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
+ return 0;
+ }
+ memset(box, 0, sizeof(jp2_box_t));
++ box->type = 0;
++ box->len = 0;
++ // Mark the box data as never having been constructed
++ // so that we will not errantly attempt to destroy it later.
++ box->ops = &jp2_boxinfo_unk.ops;
++ return box;
++}
++
++jp2_box_t *jp2_box_create(int type)
++{
++ jp2_box_t *box;
++ jp2_boxinfo_t *boxinfo;
++ if (!(box = jp2_box_create0())) {
++ return 0;
++ }
+ box->type = type;
+ box->len = 0;
+ if (!(boxinfo = jp2_boxinfolookup(type))) {
+@@ -248,14 +261,9 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
+ box = 0;
+ tmpstream = 0;
+
+- if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
++ if (!(box = jp2_box_create0())) {
+ goto error;
+ }
+-
+- // Mark the box data as never having been constructed
+- // so that we will not errantly attempt to destroy it later.
+- box->ops = &jp2_boxinfo_unk.ops;
+-
+ if (jp2_getuint32(in, &len) || jp2_getuint32(in, &box->type)) {
+ goto error;
+ }
+@@ -263,10 +271,12 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
+ box->info = boxinfo;
+ box->len = len;
+ JAS_DBGLOG(10, (
+- "preliminary processing of JP2 box: type=%c%s%c (0x%08x); length=%d\n",
++ "preliminary processing of JP2 box: "
++ "type=%c%s%c (0x%08x); length=%"PRIuFAST32"\n",
+ '"', boxinfo->name, '"', box->type, box->len
+ ));
+ if (box->len == 1) {
++ JAS_DBGLOG(10, ("big length\n"));
+ if (jp2_getuint64(in, &extlen)) {
+ goto error;
+ }
+@@ -382,6 +392,7 @@ static int jp2_bpcc_getdata(jp2_box_t *box, jas_stream_t *in)
+ {
+ jp2_bpcc_t *bpcc = &box->data.bpcc;
+ unsigned int i;
++ bpcc->bpcs = 0;
+ bpcc->numcmpts = box->datalen;
+ if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) {
+ return -1;
+@@ -462,6 +473,7 @@ static int jp2_cdef_getdata(jp2_box_t *box, jas_stream_t *in)
+ jp2_cdef_t *cdef = &box->data.cdef;
+ jp2_cdefchan_t *chan;
+ unsigned int channo;
++ cdef->ents = 0;
+ if (jp2_getuint16(in, &cdef->numchans)) {
+ return -1;
+ }
+@@ -518,7 +530,9 @@ int jp2_box_put(jp2_box_t *box, jas_stream_t *out)
+ }
+
+ if (dataflag) {
+- if (jas_stream_copy(out, tmpstream, box->len - JP2_BOX_HDRLEN(false))) {
++ if (jas_stream_copy(out, tmpstream, box->len -
++ JP2_BOX_HDRLEN(false))) {
++ jas_eprintf("cannot copy box data\n");
+ goto error;
+ }
+ jas_stream_close(tmpstream);
+@@ -777,6 +791,7 @@ static int jp2_cmap_getdata(jp2_box_t *box, jas_stream_t *in)
+ jp2_cmap_t *cmap = &box->data.cmap;
+ jp2_cmapent_t *ent;
+ unsigned int i;
++ cmap->ents = 0;
+
+ cmap->numchans = (box->datalen) / 4;
+ if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) {
+@@ -835,6 +850,7 @@ static int jp2_pclr_getdata(jp2_box_t *box, jas_stream_t *in)
+ int_fast32_t x;
+
+ pclr->lutdata = 0;
++ pclr->bpc = 0;
+
+ if (jp2_getuint16(in, &pclr->numlutents) ||
+ jp2_getuint8(in, &pclr->numchans)) {
+@@ -869,9 +885,9 @@ static int jp2_pclr_putdata(jp2_box_t *box, jas_stream_t *out)
+ #if 0
+ jp2_pclr_t *pclr = &box->data.pclr;
+ #endif
+-/* Eliminate warning about unused variable. */
+-box = 0;
+-out = 0;
++ /* Eliminate warning about unused variable. */
++ box = 0;
++ out = 0;
+ return -1;
+ }
+
diff --git a/gnu/packages/patches/kiki-level-selection-crash.patch b/gnu/packages/patches/kiki-level-selection-crash.patch
new file mode 100644
index 0000000000..8cc6478509
--- /dev/null
+++ b/gnu/packages/patches/kiki-level-selection-crash.patch
@@ -0,0 +1,19 @@
+Downloaded from https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/level-selection-with-no-levels-solved.patch?revision=8291&view=co
+
+Kiki crashes if the user tries to use the level selection menu before
+finishing any level.
+
+Peter De Wachter (pdewacht@gmail.com)
+placed in the public domain
+
+--- a/py/levelselection.py
++++ b/py/levelselection.py
+@@ -25,6 +25,8 @@
+ # ............................................................................................................
+
+ last_level = highscore.getLastAvailableLevel()
++ if last_level < 0:
++ last_level = 0
+ current_level = (level_index >= 0) and level_index or last_level
+
+ world.max_level_index = last_level
diff --git a/gnu/packages/patches/kiki-makefile.patch b/gnu/packages/patches/kiki-makefile.patch
new file mode 100644
index 0000000000..7329301f2c
--- /dev/null
+++ b/gnu/packages/patches/kiki-makefile.patch
@@ -0,0 +1,57 @@
+Downloaded from https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/Makefile.patch?revision=15681&view=co
+
+Makefile fixes:
+ - Make CXXFLAGS, CPPFLAGS, LDFLAGS available for user-specified flags.
+ - run SWIG before compiling
+
+Peter De Wachter (pdewacht@gmail.com)
+placed in the public domain
+
+--- a/kodilib/linux/Makefile
++++ b/kodilib/linux/Makefile
+@@ -21,7 +21,7 @@
+
+ INCLUDES = $(KODI_INCLUDES) $(X11_INCLUDES) $(SDL_INCLUDES)
+
+-CXXFLAGS = $(INCLUDES) $(SDL_CFLAGS)
++CXXOPTS = -Wall $(INCLUDES) $(SDL_CFLAGS) $(CPPFLAGS) $(CXXFLAGS)
+
+ src = \
+ $(KODISRCDIR)/handler/KEventHandler.cpp \
+@@ -95,4 +95,4 @@
+ $(RM) -f $(obj) libkodi.a
+
+ %.o: %.cpp
+- $(CXX) -c $(CXXFLAGS) -o $@ $<
++ $(CXX) -c $(CXXOPTS) -o $@ $<
+--- a/linux/Makefile
++++ b/linux/Makefile
+@@ -46,7 +46,7 @@
+
+ INCLUDES = $(KIKI_INCLUDES) $(X11_INCLUDES) $(PYTHON_INCLUDES)
+
+-CXXFLAGS = $(INCLUDES) $(SDLCFLAGS)
++CXXOPTS = -Wall $(INCLUDES) $(SDLCFLAGS) $(CPPFLAGS) $(CXXFLAGS)
+
+ src = \
+ $(KIKISRC)/base/KikiAction.cpp \
+@@ -105,8 +105,10 @@
+ obj = $(src:.cpp=.o)
+
+ kiki: $(KIKISRC)/../SWIG/KikiPy_wrap.cpp $(obj)
+- -(cd ../SWIG; swig -c++ -python -globals kiki -o KikiPy_wrap.cpp KikiPy.i; cp kiki.py ../py)
+- $(CXX) $(obj) $(KODILIB) -o kiki $(GLLIBS) $(SDLLIBS) $(PYTHONLIBS)
++ $(CXX) $(LDFLAGS) $(obj) $(KODILIB) -o kiki $(GLLIBS) $(SDLLIBS) $(PYTHONLIBS)
++
++$(KIKISRC)/../SWIG/KikiPy_wrap.cpp: $(wildcard ../SWIG/*.i)
++ (cd ../SWIG && swig -c++ -python -globals kiki -DSWIG_PYTHON_LEGACY_BOOL -o KikiPy_wrap.cpp KikiPy.i && cp kiki.py ../py)
+
+ obj-clean:
+ $(RM) -f $(obj)
+@@ -115,5 +117,5 @@
+ $(RM) -f $(obj) kiki
+
+ %.o: %.cpp
+- $(CXX) -c $(CXXFLAGS) -o $@ $<
++ $(CXX) -c $(CXXOPTS) -o $@ $<
+
diff --git a/gnu/packages/patches/kiki-missing-includes.patch b/gnu/packages/patches/kiki-missing-includes.patch
new file mode 100644
index 0000000000..e5ee74f3ee
--- /dev/null
+++ b/gnu/packages/patches/kiki-missing-includes.patch
@@ -0,0 +1,55 @@
+Downloaded from https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/missing-includes.patch?revision=7984&view=co
+
+Status: in upstream CVS
+
+--- a/kodilib/src/handler/KPickable.h
++++ b/kodilib/src/handler/KPickable.h
+@@ -8,6 +8,7 @@
+
+ #include "KIntrospection.h"
+ #include <vector>
++#include <limits.h>
+
+ #define DEBUG_PICKING false
+
+--- a/kodilib/src/tools/KIntrospection.h
++++ b/kodilib/src/tools/KIntrospection.h
+@@ -11,6 +11,7 @@
+ #endif
+
+ #include <string>
++#include <string.h>
+
+ // --------------------------------------------------------------------------------------------------------
+ class KClassInfo
+--- a/kodilib/src/tools/KStringTools.cpp
++++ b/kodilib/src/tools/KStringTools.cpp
+@@ -6,7 +6,7 @@
+ #include "KStringTools.h"
+ #include "KVector.h"
+
+-#include <sys/types.h> // INT_MAX
++#include <limits.h> // INT_MAX
+ #include <stdio.h>
+
+ // --------------------------------------------------------------------------------------------------------
+--- a/kodilib/src/tools/KStringTools.h
++++ b/kodilib/src/tools/KStringTools.h
+@@ -9,6 +9,7 @@
+ #include <string>
+ #include <vector>
+ #include <stdarg.h>
++#include <string.h>
+
+ // --------------------------------------------------------------------------------------------------------
+
+--- a/kodilib/src/tools/KXMLTools.cpp
++++ b/kodilib/src/tools/KXMLTools.cpp
+@@ -7,6 +7,7 @@
+ #include "KConsole.h"
+ #include "KSeparatedMatrix.h"
+ #include <stdio.h>
++#include <stdlib.h>
+
+ // --------------------------------------------------------------------------------------------------------
+ std::string kXMLTag ( const std::string & name, const std::string & attributes, int depth )
diff --git a/gnu/packages/patches/kiki-portability-64bit.patch b/gnu/packages/patches/kiki-portability-64bit.patch
new file mode 100644
index 0000000000..456c008915
--- /dev/null
+++ b/gnu/packages/patches/kiki-portability-64bit.patch
@@ -0,0 +1,328 @@
+This patch was downloaded from Debian:
+https://anonscm.debian.org/viewvc/pkg-games/packages/trunk/kiki-the-nano-bot/debian/patches/portability-64bit.patch?revision=7984&view=co
+
+Make 64-bit clean (string positions don't fit in an int on 64-bit machines)
+
+Peter De Wachter (pdewacht@gmail.com)
+placed in the public domain
+
+Status: in upstream CVS
+
+--- a/kodilib/src/tools/KFileTools.cpp
++++ b/kodilib/src/tools/KFileTools.cpp
+@@ -214,8 +214,8 @@
+ // --------------------------------------------------------------------------------------------------------
+ string kFileSuffix ( const string & path )
+ {
+- unsigned int lastDotPos = path.rfind(".");
+- unsigned int lastSlashPos = path.rfind(kPathSep);
++ std::string::size_type lastDotPos = path.rfind(".");
++ std::string::size_type lastSlashPos = path.rfind(kPathSep);
+
+ if (lastDotPos < path.size() - 1 && (lastDotPos > lastSlashPos || lastSlashPos == string::npos))
+ {
+@@ -228,7 +228,7 @@
+ string kFileDirName ( const string & path )
+ {
+ string native = kFileNativePath(path);
+- unsigned int lastSlashPos = native.rfind(kPathSep);
++ std::string::size_type lastSlashPos = native.rfind(kPathSep);
+ if (lastSlashPos < native.size())
+ {
+ return native.substr(0, lastSlashPos+1);
+@@ -241,7 +241,7 @@
+ {
+ string native = kFileNativePath(path);
+ string baseName = native;
+- unsigned int lastSlashPos = native.rfind(kPathSep);
++ std::string::size_type lastSlashPos = native.rfind(kPathSep);
+ if (lastSlashPos < native.size() - 1)
+ {
+ baseName = native.substr(lastSlashPos+1);
+--- a/kodilib/src/tools/KKeyTools.cpp
++++ b/kodilib/src/tools/KKeyTools.cpp
+@@ -170,7 +170,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ int kKeyGetDisplayWidthForKey ( const std::string & keyName )
+ {
+- unsigned int keyPos = keyName.find('_', 0);
++ std::string::size_type keyPos = keyName.find('_', 0);
+ if (keyPos == std::string::npos)
+ {
+ return kKeyGetDisplayWidthForPureKey(keyName) + KDL_MOD_KEY_SPACING;
+@@ -313,7 +313,7 @@
+ int kKeyDisplayKey ( const std::string & keyName, const KPosition & pos )
+ {
+ KPosition start = pos;
+- unsigned int keyPos = keyName.find('_', 0);
++ std::string::size_type keyPos = keyName.find('_', 0);
+ if (keyPos == std::string::npos)
+ {
+ return start.x + kKeyDisplayPureKey(keyName, start) + KDL_MOD_KEY_SPACING;
+@@ -380,7 +380,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ SDL_keysym kKeyGetKeysymForKeyName ( const std::string & keyName )
+ {
+- unsigned int pos = keyName.find('_');
++ std::string::size_type pos = keyName.find('_');
+
+ std::string modString;
+ std::string symString = keyName;
+--- a/kodilib/src/tools/KStringTools.cpp
++++ b/kodilib/src/tools/KStringTools.cpp
+@@ -13,7 +13,7 @@
+ void kStringInsertStringBehindTags ( std::string & str, const std::string & insertString,
+ const std::string & tag )
+ {
+- unsigned int oldPos = 0;
++ std::string::size_type oldPos = 0;
+ while ((oldPos = str.find(tag, oldPos)) != std::string::npos)
+ {
+ oldPos += tag.size();
+@@ -34,8 +34,8 @@
+ {
+ std::vector<std::string> components;
+
+- unsigned int dividerLength = divider.size();
+- unsigned int oldpos = 0, pos;
++ std::string::size_type dividerLength = divider.size();
++ std::string::size_type oldpos = 0, pos;
+
+ while ((pos = str.find(divider, oldpos)) != std::string::npos)
+ {
+@@ -50,7 +50,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ void kStringReplace ( std::string & str, const std::string & toReplace, const std::string & replacement )
+ {
+- unsigned int pos = 0, chars = toReplace.size();
++ std::string::size_type pos = 0, chars = toReplace.size();
+ while ((pos = str.find(toReplace, pos)) != std::string::npos)
+ {
+ str.replace(pos, chars, replacement);
+@@ -60,11 +60,11 @@
+ // --------------------------------------------------------------------------------------------------------
+ void kStringReplaceTabs ( std::string & str, unsigned int tabWidth )
+ {
+- unsigned int tabPos;
++ std::string::size_type tabPos;
+ while ((tabPos = str.find('\t')) != std::string::npos)
+ {
+- unsigned int lastNewlinePos = str.rfind('\n', tabPos-1);
+- unsigned int relPos = (lastNewlinePos == std::string::npos) ? tabPos : tabPos - lastNewlinePos;
++ std::string::size_type lastNewlinePos = str.rfind('\n', tabPos-1);
++ std::string::size_type relPos = (lastNewlinePos == std::string::npos) ? tabPos : tabPos - lastNewlinePos;
+ str.replace(tabPos, 1, std::string(tabWidth-(relPos % tabWidth), ' '));
+ }
+ }
+@@ -114,7 +114,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ unsigned int kStringNthCharPos ( const std::string & str, unsigned int n, char c )
+ {
+- unsigned int loc = n, oloc = 0;
++ std::string::size_type loc = n, oloc = 0;
+ while (n > 0 && (loc = str.find(c, oloc)) != std::string::npos)
+ {
+ n--;
+@@ -138,7 +138,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ void kStringCropCols ( std::string & str, unsigned int columns )
+ {
+- unsigned int oloc = 0, nloc = 0;
++ std::string::size_type oloc = 0, nloc = 0;
+ while ((nloc = str.find('\n', oloc)) != std::string::npos)
+ {
+ if ((nloc - oloc) > columns)
+@@ -160,10 +160,10 @@
+ unsigned int kStringCols ( const std::string & str )
+ {
+ if (str.size() == 0) return 0;
+- int oloc = 0, nloc;
++ long oloc = 0, nloc;
+ std::string substring;
+ int maxlength = 0, length;
+- while ((nloc = str.find('\n', oloc)) != (int)std::string::npos)
++ while ((nloc = str.find('\n', oloc)) != (long)std::string::npos)
+ {
+ substring = str.substr(oloc, nloc - oloc);
+ length = substring.size();
+@@ -181,7 +181,7 @@
+ unsigned int kStringRows ( const std::string & str )
+ {
+ if (str.size() == 0) return 1;
+- unsigned int loc = 0, lines = 0;
++ std::string::size_type loc = 0, lines = 0;
+ while ((loc = str.find('\n', loc)) != std::string::npos) { lines++; loc++; }
+ if (str[str.size()-1] == '\n') return lines;
+ return lines+1;
+@@ -204,8 +204,8 @@
+ {
+ static char str[256];
+ std::string format(fmt), subformat, text;
+- unsigned int oloc = 0;
+- unsigned int nloc = 0;
++ std::string::size_type oloc = 0;
++ std::string::size_type nloc = 0;
+
+ kStringReplaceTabs(format);
+
+@@ -260,7 +260,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ bool kStringHasSuffix ( const std::string & str, const std::string & suffix )
+ {
+- unsigned int result = str.rfind(suffix);
++ std::string::size_type result = str.rfind(suffix);
+ if (result == std::string::npos) return false;
+ return (result == str.size()-suffix.size());
+ }
+--- a/kodilib/src/tools/KXMLTools.cpp
++++ b/kodilib/src/tools/KXMLTools.cpp
+@@ -58,11 +58,11 @@
+ std::string kXMLParseToTagsInVector ( std::string & xml, const std::vector<std::string> & tags )
+ {
+ std::string open("<");
+- unsigned int minLoc = std::string::npos;
++ std::string::size_type minLoc = std::string::npos;
+ std::vector<std::string>::const_iterator iter = tags.begin();
+ while (iter != tags.end())
+ {
+- unsigned int loc = xml.find(open+(*iter));
++ std::string::size_type loc = xml.find(open+(*iter));
+ if (loc < minLoc) minLoc = loc;
+ iter++;
+ }
+@@ -77,7 +77,7 @@
+ std::string value;
+ std::string nameStr(name);
+ nameStr += "='";
+- unsigned int loc = xml.find(nameStr);
++ std::string::size_type loc = xml.find(nameStr);
+ if (loc != std::string::npos)
+ {
+ loc += nameStr.size();
+@@ -90,7 +90,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ bool kXMLParseNamedCloseTag ( std::string & xml, const std::string & name, bool printError )
+ {
+- unsigned int loc = xml.find('<');
++ std::string::size_type loc = xml.find('<');
+ if (loc == std::string::npos)
+ {
+ if (printError) KConsole::printError(kStringPrintf("invalid XML:\nmissing close tag '%s'",
+@@ -117,7 +117,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ bool kXMLReadNamedOpenTag ( const std::string & xml, const std::string & name, std::string * attributes )
+ {
+- unsigned int loc = xml.find('<'), endloc;
++ std::string::size_type loc = xml.find('<'), endloc;
+
+ if (loc == std::string::npos || xml[loc+1] == '/') return false;
+
+@@ -140,7 +140,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ std::string kXMLParseNamedOpenTag ( std::string & xml, const std::string & name, std::string * attributes, bool printError )
+ {
+- unsigned int loc = xml.find('<');
++ std::string::size_type loc = xml.find('<');
+ if (loc == std::string::npos || xml[loc+1] == '/')
+ {
+ if (printError) KConsole::printError(kStringPrintf("invalid XML:\nmissing tag '%s'", name.c_str()));
+@@ -191,7 +191,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ bool kXMLParseOpenTag ( std::string & xml, std::string & name, std::string * attributes, bool printError )
+ {
+- unsigned int loc = xml.find('<');
++ std::string::size_type loc = xml.find('<');
+ if (loc == std::string::npos || xml[loc+1] == '/')
+ {
+ if (printError) KConsole::printError("invalid XML:\nmissing open tag");
+@@ -295,7 +295,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ bool kXMLParseValue( std::string & xml, const std::string & name, int type, void * value, bool printError )
+ {
+- unsigned int loc = xml.find('<');
++ std::string::size_type loc = xml.find('<');
+ if (loc == std::string::npos || xml[loc+1] == '/')
+ {
+ if (printError) KConsole::printError(kStringPrintf("invalid XML:\nmissing value '%s'", name.c_str()));
+@@ -379,8 +379,8 @@
+ }
+ else if (typeString == "string")
+ {
+- unsigned int first = substring.find("\"")+1;
+- unsigned int last = substring.rfind("\"", std::string::npos);
++ std::string::size_type first = substring.find("\"")+1;
++ std::string::size_type last = substring.rfind("\"", std::string::npos);
+ *((std::string*)value) = substring.substr(first, last-first);
+ }
+
+--- a/kodilib/src/types/KKey.cpp
++++ b/kodilib/src/types/KKey.cpp
+@@ -31,7 +31,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ std::string KKey::getUnmodifiedName () const
+ {
+- unsigned int keyPos = name.find('_', 0);
++ std::string::size_type keyPos = name.find('_', 0);
+ if (keyPos == std::string::npos)
+ {
+ return name;
+@@ -42,7 +42,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ std::string KKey::getModifierName () const
+ {
+- unsigned int keyPos = name.find('_', 0);
++ std::string::size_type keyPos = name.find('_', 0);
+ if (keyPos == std::string::npos)
+ {
+ return "";
+--- a/kodilib/src/widgets/KFileNameField.cpp
++++ b/kodilib/src/widgets/KFileNameField.cpp
+@@ -41,7 +41,7 @@
+ std::string restPath; // path behind cursor
+
+ // map cropped path to current directory and rest path to file prefix
+- unsigned int lastSlashPos = croppedPath.rfind("/");
++ std::string::size_type lastSlashPos = croppedPath.rfind("/");
+ if (lastSlashPos < croppedPath.size()-1)
+ {
+ restPath = croppedPath.substr(lastSlashPos+1);
+@@ -88,7 +88,7 @@
+ }
+
+ // ............................collect list of entries in searchDir that match prefix restPath
+- unsigned int restLength = restPath.size();
++ std::string::size_type restLength = restPath.size();
+ std::vector<std::string> matchingEntries;
+ std::vector<std::string>::iterator iter = dir_entries.begin();
+ while (iter != dir_entries.end())
+@@ -223,7 +223,7 @@
+ // --------------------------------------------------------------------------------------------------------
+ void KFileNameField::selectLastPathComponent ()
+ {
+- unsigned int lastSlashPos = text.rfind("/");
++ std::string::size_type lastSlashPos = text.rfind("/");
+ if (lastSlashPos == text.size()-1) lastSlashPos = text.rfind("/", lastSlashPos-1);
+ if (lastSlashPos < text.size()) cursor_pos = lastSlashPos+1;
+ else cursor_pos = 0;
+--- a/src/gui/KikiMenu.cpp
++++ b/src/gui/KikiMenu.cpp
+@@ -54,7 +54,7 @@
+ {
+ std::string item_text (itemText);
+ std::string event_name (itemText);
+- unsigned int pos;
++ std::string::size_type pos;
+ float scale_factor = 1.0;
+
+ KikiMenuItem * menu_item = new KikiMenuItem ();
+--- a/src/gui/KikiTextLine.cpp
++++ b/src/gui/KikiTextLine.cpp
+@@ -46,7 +46,7 @@
+ void KikiTextLine::setText ( const std::string & str )
+ {
+ text = str;
+- unsigned int pos;
++ std::string::size_type pos;
+
+ if ((pos = text.find ("$scale(")) != std::string::npos)
+ {
diff --git a/gnu/packages/patches/kio-CVE-2017-6410.patch b/gnu/packages/patches/kio-CVE-2017-6410.patch
deleted file mode 100644
index 748636f806..0000000000
--- a/gnu/packages/patches/kio-CVE-2017-6410.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-Fix CVE-2017-6410, "Information Leak when accessing https when using a
-malicious PAC file":
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410
-https://www.kde.org/info/security/advisory-20170228-1.txt
-
-Patch copied from upstream source repository:
-
-https://cgit.kde.org/kio.git/commit/?id=f9d0cb47cf94e209f6171ac0e8d774e68156a6e4
-
-From f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 Mon Sep 17 00:00:00 2001
-From: Albert Astals Cid <aacid@kde.org>
-Date: Tue, 28 Feb 2017 19:00:48 +0100
-Subject: Sanitize URLs before passing them to FindProxyForURL
-
-Remove user/password information
-For https: remove path and query
-
-Thanks to safebreach.com for reporting the problem
-
-CCMAIL: yoni.fridburg@safebreach.com
-CCMAIL: amit.klein@safebreach.com
-CCMAIL: itzik.kotler@safebreach.com
----
- src/kpac/script.cpp | 11 +++++++++--
- 1 file changed, 9 insertions(+), 2 deletions(-)
-
-diff --git a/src/kpac/script.cpp b/src/kpac/script.cpp
-index a0235f7..2485c54 100644
---- a/src/kpac/script.cpp
-+++ b/src/kpac/script.cpp
-@@ -754,9 +754,16 @@ QString Script::evaluate(const QUrl &url)
- }
- }
-
-+ QUrl cleanUrl = url;
-+ cleanUrl.setUserInfo(QString());
-+ if (cleanUrl.scheme() == QLatin1String("https")) {
-+ cleanUrl.setPath(QString());
-+ cleanUrl.setQuery(QString());
-+ }
-+
- QScriptValueList args;
-- args << url.url();
-- args << url.host();
-+ args << cleanUrl.url();
-+ args << cleanUrl.host();
-
- QScriptValue result = func.call(QScriptValue(), args);
- if (result.isError()) {
---
-cgit v0.11.2
-
diff --git a/gnu/packages/patches/luminance-hdr-qt-printer.patch b/gnu/packages/patches/luminance-hdr-qt-printer.patch
new file mode 100644
index 0000000000..c65f9537cd
--- /dev/null
+++ b/gnu/packages/patches/luminance-hdr-qt-printer.patch
@@ -0,0 +1,28 @@
+Allow the 'QtPrinter' header to be found, as described
+at <https://github.com/LuminanceHDR/LuminanceHDR/issues/11>.
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index fbad8a2..8379c8a 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -29,6 +29,7 @@ find_package(Qt5Xml)
+ find_package(Qt5Sql)
+ find_package(Qt5Network)
+ find_package(Qt5LinguistTools)
++find_package(Qt5PrintSupport REQUIRED)
+ IF(WIN32)
+ find_package(Qt5WinExtras)
+ ENDIF()
+diff --git a/src/HelpBrowser/CMakeLists.txt b/src/HelpBrowser/CMakeLists.txt
+index 04319a8..5537dae 100644
+--- a/src/HelpBrowser/CMakeLists.txt
++++ b/src/HelpBrowser/CMakeLists.txt
+@@ -29,7 +29,7 @@ QT5_WRAP_UI(FILES_UI_H ${FILES_UI})
+
+
+ ADD_LIBRARY(helpbrowser ${FILES_H} ${FILES_CPP} ${FILES_MOC} ${FILES_UI_H} ${FILES_HXX})
+-qt5_use_modules(helpbrowser Core Concurrent Gui Widgets Xml WebKit WebKitWidgets)
++qt5_use_modules(helpbrowser Core Concurrent Gui Widgets Xml WebKit WebKitWidgets PrintSupport)
+
+ SET(FILES_TO_TRANSLATE ${FILES_TO_TRANSLATE} ${FILES_CPP} ${FILES_H} ${FILES_UI} ${FILES_HXX} PARENT_SCOPE)
+ SET(LUMINANCE_MODULES_GUI ${LUMINANCE_MODULES_GUI} helpbrowser PARENT_SCOPE)
diff --git a/gnu/packages/patches/lz4-fix-test-failures.patch b/gnu/packages/patches/lz4-fix-test-failures.patch
new file mode 100644
index 0000000000..d38357d402
--- /dev/null
+++ b/gnu/packages/patches/lz4-fix-test-failures.patch
@@ -0,0 +1,136 @@
+These two patches fix some bugs in lz4's test suite:
+
+https://github.com/lz4/lz4/issues/308
+
+Patches copied from upstream source repository:
+
+https://github.com/lz4/lz4/commit/b89cac7b2e92b792af98bb0a12e4d14684d07629
+https://github.com/lz4/lz4/commit/0dfb0b9dad2a8cb7cc347d2139bf9b84de7e1481
+
+From b89cac7b2e92b792af98bb0a12e4d14684d07629 Mon Sep 17 00:00:00 2001
+From: Eric Siegerman <pub08-git@davor.org>
+Date: Tue, 14 Feb 2017 14:17:06 -0500
+Subject: [PATCH] Don't use "foo && false || true"
+
+Replace it with either:
+ test ! -f $FILE_THAT_SHOULD_NOT_EXIST
+or:
+ ! $COMMAND_THAT_SHOULD_FAIL
+
+as appropriate.
+---
+ tests/Makefile | 38 +++++++++++++++++++-------------------
+ 1 file changed, 19 insertions(+), 19 deletions(-)
+
+diff --git a/tests/Makefile b/tests/Makefile
+index 77e6ae7..ebab278 100644
+--- a/tests/Makefile
++++ b/tests/Makefile
+@@ -236,17 +236,17 @@ test-lz4-basic: lz4 datagen unlz4 lz4cat
+ ./datagen -g256MB | $(LZ4) -vqB4D | $(LZ4) -t
+ @echo "hello world" > tmp
+ $(LZ4) --rm -f tmp
+- ls -ls tmp && false || true # must fail (--rm)
+- ls -ls tmp.lz4
+- $(PRGDIR)/lz4cat tmp.lz4 # must display hello world
+- ls -ls tmp.lz4
++ test ! -f tmp # must fail (--rm)
++ test -f tmp.lz4
++ $(PRGDIR)/lz4cat tmp.lz4 # must display hello world
++ test -f tmp.lz4
+ $(PRGDIR)/unlz4 --rm tmp.lz4
+- ls -ls tmp
+- ls -ls tmp.lz4 && false || true # must fail (--rm)
+- ls -ls tmp.lz4.lz4 && false || true # must fail (unlz4)
+- $(PRGDIR)/lz4cat tmp # pass-through mode
+- ls -ls tmp
+- ls -ls tmp.lz4 && false || true # must fail (lz4cat)
++ test -f tmp
++ test ! -f tmp.lz4 # must fail (--rm)
++ test ! -f tmp.lz4.lz4 # must fail (unlz4)
++ $(PRGDIR)/lz4cat tmp # pass-through mode
++ test -f tmp
++ test ! -f tmp.lz4 # must fail (lz4cat)
+ $(LZ4) tmp # creates tmp.lz4
+ $(PRGDIR)/lz4cat < tmp.lz4 > tmp3 # checks lz4cat works with stdin (#285)
+ $(DIFF) -q tmp tmp3
+@@ -262,22 +262,22 @@ test-lz4-hugefile: lz4 datagen
+
+ test-lz4-testmode: lz4 datagen
+ @echo "\n ---- bench mode ----"
+- $(LZ4) -bi1
++ $(LZ4) -bi1
+ @echo "\n ---- test mode ----"
+- ./datagen | $(LZ4) -t && false || true
+- ./datagen | $(LZ4) -tf && false || true
++ ! ./datagen | $(LZ4) -t
++ ! ./datagen | $(LZ4) -tf
+ @echo "\n ---- pass-through mode ----"
+- ./datagen | $(LZ4) -d > $(VOID) && false || true
+- ./datagen | $(LZ4) -df > $(VOID)
++ ! ./datagen | $(LZ4) -d > $(VOID)
++ ./datagen | $(LZ4) -df > $(VOID)
+ @echo "Hello World !" > tmp1
+ $(LZ4) -dcf tmp1
+ @echo "from underground..." > tmp2
+ $(LZ4) -dcfm tmp1 tmp2
+ @echo "\n ---- test cli ----"
+- $(LZ4) file-does-not-exist && false || true
+- $(LZ4) -f file-does-not-exist && false || true
+- $(LZ4) -fm file1-dne file2-dne && false || true
+- $(LZ4) -fm file1-dne file2-dne && false || true
++ ! $(LZ4) file-does-not-exist
++ ! $(LZ4) -f file-does-not-exist
++ ! $(LZ4) -fm file1-dne file2-dne
++ ! $(LZ4) -fm file1-dne file2-dne
+
+ test-lz4-opt-parser: lz4 datagen
+ @echo "\n ---- test opt-parser ----"
+--
+2.12.2
+
+From 0dfb0b9dad2a8cb7cc347d2139bf9b84de7e1481 Mon Sep 17 00:00:00 2001
+From: "Dmitry V. Levin" <ldv@altlinux.org>
+Date: Sun, 5 Mar 2017 23:20:10 +0000
+Subject: [PATCH] Fix test-lz4-basic
+
+When no output filename is specified and stdout is not a terminal,
+lz4 doesn't attempt to guess an output filename and uses stdout for
+output.
+
+This change fixes test-lz4-basic when run without a terminal
+by specifying output filenames.
+---
+ tests/Makefile | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/tests/Makefile b/tests/Makefile
+index ebab278..d68c700 100644
+--- a/tests/Makefile
++++ b/tests/Makefile
+@@ -235,19 +235,19 @@ test-lz4-basic: lz4 datagen unlz4 lz4cat
+ ./datagen -g33M | $(LZ4) --no-frame-crc | $(LZ4) -t
+ ./datagen -g256MB | $(LZ4) -vqB4D | $(LZ4) -t
+ @echo "hello world" > tmp
+- $(LZ4) --rm -f tmp
++ $(LZ4) --rm -f tmp tmp.lz4
+ test ! -f tmp # must fail (--rm)
+ test -f tmp.lz4
+ $(PRGDIR)/lz4cat tmp.lz4 # must display hello world
+ test -f tmp.lz4
+- $(PRGDIR)/unlz4 --rm tmp.lz4
++ $(PRGDIR)/unlz4 --rm tmp.lz4 tmp
+ test -f tmp
+ test ! -f tmp.lz4 # must fail (--rm)
+ test ! -f tmp.lz4.lz4 # must fail (unlz4)
+ $(PRGDIR)/lz4cat tmp # pass-through mode
+ test -f tmp
+ test ! -f tmp.lz4 # must fail (lz4cat)
+- $(LZ4) tmp # creates tmp.lz4
++ $(LZ4) tmp tmp.lz4 # creates tmp.lz4
+ $(PRGDIR)/lz4cat < tmp.lz4 > tmp3 # checks lz4cat works with stdin (#285)
+ $(DIFF) -q tmp tmp3
+ $(PRGDIR)/lz4cat < tmp > tmp2 # checks lz4cat works with stdin (#285)
+--
+2.12.2
+
diff --git a/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch b/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch
new file mode 100644
index 0000000000..2dd39294ea
--- /dev/null
+++ b/gnu/packages/patches/networkmanager-qt-activeconnection-test-1.patch
@@ -0,0 +1,60 @@
+From 61337983ba74361938b7d5323de5d2819a235fdc Mon Sep 17 00:00:00 2001
+From: Jan Grulich <jgrulich@redhat.com>
+Date: Mon, 3 Apr 2017 12:53:12 +0200
+Subject: Fix unit test for active connections
+
+Instead of sending PropertiesChanged signal for an active connection we
+added recently we should set all properties initially and just advertise
+that we have a new active connection once everything is set
+---
+ src/fakenetwork/fakenetwork.cpp | 26 +++++++-------------------
+ 1 file changed, 7 insertions(+), 19 deletions(-)
+
+diff --git a/src/fakenetwork/fakenetwork.cpp b/src/fakenetwork/fakenetwork.cpp
+index bc1144e..261fe8e 100644
+--- a/src/fakenetwork/fakenetwork.cpp
++++ b/src/fakenetwork/fakenetwork.cpp
+@@ -215,8 +215,14 @@ void FakeNetwork::unregisterService()
+
+ QDBusObjectPath FakeNetwork::ActivateConnection(const QDBusObjectPath &connection, const QDBusObjectPath &device, const QDBusObjectPath &specific_object)
+ {
+- ActiveConnection *newActiveConnection = new ActiveConnection(this);
+ QString newActiveConnectionPath = QString("/org/kde/fakenetwork/ActiveConnection/") + QString::number(m_activeConnectionsCounter++);
++ ActiveConnection *newActiveConnection = new ActiveConnection(this);
++ newActiveConnection->addDevice(device);
++ newActiveConnection->setActiveConnectionPath(newActiveConnectionPath);
++ newActiveConnection->setConnection(connection);
++ newActiveConnection->setSpecificObject(specific_object);
++ newActiveConnection->setState(NetworkManager::ActiveConnection::Activating);
++
+ m_activeConnections.insert(QDBusObjectPath(newActiveConnectionPath), newActiveConnection);
+ QDBusConnection::sessionBus().registerObject(newActiveConnectionPath, newActiveConnection, QDBusConnection::ExportScriptableContents);
+
+@@ -227,24 +233,6 @@ QDBusObjectPath FakeNetwork::ActivateConnection(const QDBusObjectPath &connectio
+ map.insert(QLatin1Literal("ActivatingConnection"), QVariant::fromValue(QDBusObjectPath(newActiveConnectionPath)));
+ Q_EMIT PropertiesChanged(map);
+
+- newActiveConnection->addDevice(device);
+- newActiveConnection->setActiveConnectionPath(newActiveConnectionPath);
+- newActiveConnection->setConnection(connection);
+- newActiveConnection->setSpecificObject(specific_object);
+- newActiveConnection->setState(NetworkManager::ActiveConnection::Activating);
+-
+- map.clear();
+- const QList<QDBusObjectPath> deviceList { device };
+- map.insert(QLatin1Literal("Devices"), QVariant::fromValue<QList<QDBusObjectPath> >(deviceList));
+- map.insert(QLatin1Literal("Connection"), QVariant::fromValue<QDBusObjectPath>(connection));
+- if (!specific_object.path().isEmpty()) {
+- map.insert(QLatin1Literal("SpecificObject"), QVariant::fromValue<QDBusObjectPath>(connection));
+- }
+- map.insert(QLatin1Literal("State"), NetworkManager::ActiveConnection::Activating);
+- QDBusMessage message = QDBusMessage::createSignal(newActiveConnectionPath, QLatin1Literal("org.kde.fakenetwork.Connection.Active"), QLatin1Literal("PropertiesChanged"));
+- message << map;
+- QDBusConnection::sessionBus().send(message);
+-
+ Device *usedDevice = static_cast<Device *>(QDBusConnection::sessionBus().objectRegisteredAt(device.path()));
+ if (usedDevice) {
+ m_activatedDevice = usedDevice->devicePath();
+--
+cgit v0.11.2
+
diff --git a/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch b/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch
new file mode 100644
index 0000000000..af3cdff729
--- /dev/null
+++ b/gnu/packages/patches/networkmanager-qt-activeconnection-test-2.patch
@@ -0,0 +1,57 @@
+From 3f6155389abc8e2b3dafc5eefa1ce0c929b007fa Mon Sep 17 00:00:00 2001
+From: Jan Grulich <jgrulich@redhat.com>
+Date: Mon, 3 Apr 2017 14:13:54 +0200
+Subject: One more attempt to fix unit test for active connections
+
+---
+ src/activeconnection.cpp | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/activeconnection.cpp b/src/activeconnection.cpp
+index 05582fa..3a8e6b2 100644
+--- a/src/activeconnection.cpp
++++ b/src/activeconnection.cpp
+@@ -79,11 +79,13 @@ NetworkManager::ActiveConnection::ActiveConnection(const QString &path, QObject
+ connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged);
+ #endif
+
++#ifndef NMQT_STATIC
+ /*
+ * Workaround: Re-check connection state before we watch changes in case it gets changed too quickly
+ * BUG:352326
+ */
+ d->recheckProperties();
++#endif
+ }
+
+ NetworkManager::ActiveConnection::ActiveConnection(ActiveConnectionPrivate &dd, QObject *parent)
+@@ -91,18 +93,26 @@ NetworkManager::ActiveConnection::ActiveConnection(ActiveConnectionPrivate &dd,
+ {
+ Q_D(ActiveConnection);
+
++#ifndef NMQT_STATIC
+ #if NM_CHECK_VERSION(1, 4, 0)
+ QDBusConnection::systemBus().connect(NetworkManagerPrivate::DBUS_SERVICE, d->path, NetworkManagerPrivate::FDO_DBUS_PROPERTIES,
+ QLatin1String("PropertiesChanged"), d, SLOT(dbusPropertiesChanged(QString,QVariantMap,QStringList)));
+ #else
+ connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged);
+ #endif
++#endif
++
++#ifdef NMQT_STATIC
++ connect(&d->iface, &OrgFreedesktopNetworkManagerConnectionActiveInterface::PropertiesChanged, d, &ActiveConnectionPrivate::propertiesChanged);
++#endif
+
++#ifndef NMQT_STATIC
+ /*
+ * Workaround: Re-check connection state before we watch changes in case it gets changed too quickly
+ * BUG:352326
+ */
+ d->recheckProperties();
++#endif
+ }
+
+ NetworkManager::ActiveConnection::~ActiveConnection()
+--
+cgit v0.11.2
+
diff --git a/gnu/packages/patches/nss-increase-test-timeout.patch b/gnu/packages/patches/nss-increase-test-timeout.patch
index c6aac6ac00..1e24940322 100644
--- a/gnu/packages/patches/nss-increase-test-timeout.patch
+++ b/gnu/packages/patches/nss-increase-test-timeout.patch
@@ -14,12 +14,12 @@ Increase timeouts to increase chances of a successful build.
}
void TlsConnectTestBase::EnableExtendedMasterSecret() {
-@@ -387,7 +387,7 @@
- } else {
- fail_agent = server_;
+@@ -385,7 +385,7 @@
+ if (failing_side == TlsAgent::CLIENT) {
+ failing_agent = client_;
}
-- ASSERT_TRUE_WAIT(fail_agent->state() == TlsAgent::STATE_ERROR, 5000);
-+ ASSERT_TRUE_WAIT(fail_agent->state() == TlsAgent::STATE_ERROR, 25000);
+- ASSERT_TRUE_WAIT(failing_agent->state() == TlsAgent::STATE_ERROR, 5000);
++ ASSERT_TRUE_WAIT(failing_agent->state() == TlsAgent::STATE_ERROR, 25000);
}
void TlsConnectTestBase::ConfigureVersion(uint16_t version) {
diff --git a/gnu/packages/patches/password-store-gnupg-compat.patch b/gnu/packages/patches/password-store-gnupg-compat.patch
deleted file mode 100644
index c314ba6647..0000000000
--- a/gnu/packages/patches/password-store-gnupg-compat.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-Copied from upstream mailing list:
-https://lists.zx2c4.com/pipermail/password-store/2017-March/002844.html.
-
-The patch actually restores compatibility with GnuPG 2.1.19, the '2.2.19' in
-the commit message is a typo.
-
-From 8723d8e8192683891904aff321446b0fac37d1ad Mon Sep 17 00:00:00 2001
-From: Andreas Stieger <astieger@suse.com>
-Date: Fri, 10 Mar 2017 15:43:26 +0100
-Subject: [PATCH] Fix compatibility with GnuPG 2.2.19
-
-GnuPG 2.2.19 added a warning when no command was given.
-
-* src/password-store.sh (reencrypt_path): Add --decrypt to --list-only
-* tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same
-
-https://bugs.gnupg.org/gnupg/msg9873
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb
-https://bugzilla.suse.com/show_bug.cgi?id=1028867
----
- src/password-store.sh | 2 +-
- tests/t0300-reencryption.sh | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/password-store.sh b/src/password-store.sh
-index 1ab6fb5..bad8d4f 100755
---- a/src/password-store.sh
-+++ b/src/password-store.sh
-@@ -125,7 +125,7 @@ reencrypt_path() {
- done
- gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
- fi
-- current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
-+ current_keys="$($GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
-
- if [[ $gpg_keys != "$current_keys" ]]; then
- echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
-diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
-index 9d46580..6d5811d 100755
---- a/tests/t0300-reencryption.sh
-+++ b/tests/t0300-reencryption.sh
-@@ -10,7 +10,7 @@ canonicalize_gpg_keys() {
- $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
- }
- gpg_keys_from_encrypted_file() {
-- $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u
-+ $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u
- }
- gpg_keys_from_group() {
- local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)"
---
-2.12.0
-
diff --git a/gnu/packages/patches/pcre-CVE-2017-7186.patch b/gnu/packages/patches/pcre-CVE-2017-7186.patch
new file mode 100644
index 0000000000..d23aa10374
--- /dev/null
+++ b/gnu/packages/patches/pcre-CVE-2017-7186.patch
@@ -0,0 +1,56 @@
+Patch for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-7186>
+from <https://vcs.pcre.org/pcre?view=revision&revision=1688>.
+
+--- trunk/pcre_internal.h 2016/05/21 13:34:44 1649
++++ trunk/pcre_internal.h 2017/02/24 17:30:30 1688
+@@ -2772,6 +2772,9 @@
+ extern const pcre_uint16 PRIV(ucd_stage2)[];
+ extern const pcre_uint32 PRIV(ucp_gentype)[];
+ extern const pcre_uint32 PRIV(ucp_gbtable)[];
++#ifdef COMPILE_PCRE32
++extern const ucd_record PRIV(dummy_ucd_record)[];
++#endif
+ #ifdef SUPPORT_JIT
+ extern const int PRIV(ucp_typerange)[];
+ #endif
+@@ -2780,9 +2783,15 @@
+ /* UCD access macros */
+
+ #define UCD_BLOCK_SIZE 128
+-#define GET_UCD(ch) (PRIV(ucd_records) + \
++#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
+ PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
+ UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
++
++#ifdef COMPILE_PCRE32
++#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
++#else
++#define GET_UCD(ch) REAL_GET_UCD(ch)
++#endif
+
+ #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype
+ #define UCD_SCRIPT(ch) GET_UCD(ch)->script
+
+--- trunk/pcre_ucd.c 2014/06/19 07:51:39 1490
++++ trunk/pcre_ucd.c 2017/02/24 17:30:30 1688
+@@ -38,6 +38,20 @@
+ const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0};
+ #else
+
++/* If the 32-bit library is run in non-32-bit mode, character values
++greater than 0x10ffff may be encountered. For these we set up a
++special record. */
++
++#ifdef COMPILE_PCRE32
++const ucd_record PRIV(dummy_ucd_record)[] = {{
++ ucp_Common, /* script */
++ ucp_Cn, /* type unassigned */
++ ucp_gbOther, /* grapheme break property */
++ 0, /* case set */
++ 0, /* other case */
++ }};
++#endif
++
+ /* When recompiling tables with a new Unicode version, please check the
+ types in this structure definition from pcre_internal.h (the actual
+ field names will be different):
diff --git a/gnu/packages/patches/pcre2-CVE-2017-7186.patch b/gnu/packages/patches/pcre2-CVE-2017-7186.patch
new file mode 100644
index 0000000000..5c16955aaa
--- /dev/null
+++ b/gnu/packages/patches/pcre2-CVE-2017-7186.patch
@@ -0,0 +1,68 @@
+Patch for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-7186>
+taken from <https://vcs.pcre.org/pcre2?view=revision&revision=670>.
+
+--- trunk/src/pcre2_internal.h 2016/11/19 12:46:24 600
++++ trunk/src/pcre2_internal.h 2017/02/24 18:25:32 670
+@@ -1774,10 +1774,17 @@
+ /* UCD access macros */
+
+ #define UCD_BLOCK_SIZE 128
+-#define GET_UCD(ch) (PRIV(ucd_records) + \
++#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
+ PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
+ UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
+
++#if PCRE2_CODE_UNIT_WIDTH == 32
++#define GET_UCD(ch) ((ch > MAX_UTF_CODE_POINT)? \
++ PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
++#else
++#define GET_UCD(ch) REAL_GET_UCD(ch)
++#endif
++
+ #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype
+ #define UCD_SCRIPT(ch) GET_UCD(ch)->script
+ #define UCD_CATEGORY(ch) PRIV(ucp_gentype)[UCD_CHARTYPE(ch)]
+@@ -1834,6 +1841,9 @@
+ #define _pcre2_default_compile_context PCRE2_SUFFIX(_pcre2_default_compile_context_)
+ #define _pcre2_default_match_context PCRE2_SUFFIX(_pcre2_default_match_context_)
+ #define _pcre2_default_tables PCRE2_SUFFIX(_pcre2_default_tables_)
++#if PCRE2_CODE_UNIT_WIDTH == 32
++#define _pcre2_dummy_ucd_record PCRE2_SUFFIX(_pcre2_dummy_ucd_record_)
++#endif
+ #define _pcre2_hspace_list PCRE2_SUFFIX(_pcre2_hspace_list_)
+ #define _pcre2_vspace_list PCRE2_SUFFIX(_pcre2_vspace_list_)
+ #define _pcre2_ucd_caseless_sets PCRE2_SUFFIX(_pcre2_ucd_caseless_sets_)
+@@ -1858,6 +1868,9 @@
+ extern const uint32_t PRIV(vspace_list)[];
+ extern const uint32_t PRIV(ucd_caseless_sets)[];
+ extern const ucd_record PRIV(ucd_records)[];
++#if PCRE2_CODE_UNIT_WIDTH == 32
++extern const ucd_record PRIV(dummy_ucd_record)[];
++#endif
+ extern const uint8_t PRIV(ucd_stage1)[];
+ extern const uint16_t PRIV(ucd_stage2)[];
+ extern const uint32_t PRIV(ucp_gbtable)[];
+
+--- trunk/src/pcre2_ucd.c 2015/07/17 15:44:51 316
++++ trunk/src/pcre2_ucd.c 2017/02/24 18:25:32 670
+@@ -41,6 +41,20 @@
+
+ const char *PRIV(unicode_version) = "8.0.0";
+
++/* If the 32-bit library is run in non-32-bit mode, character values
++greater than 0x10ffff may be encountered. For these we set up a
++special record. */
++
++#if PCRE2_CODE_UNIT_WIDTH == 32
++const ucd_record PRIV(dummy_ucd_record)[] = {{
++ ucp_Common, /* script */
++ ucp_Cn, /* type unassigned */
++ ucp_gbOther, /* grapheme break property */
++ 0, /* case set */
++ 0, /* other case */
++ }};
++#endif
++
+ /* When recompiling tables with a new Unicode version, please check the
+ types in this structure definition from pcre2_internal.h (the actual
+ field names will be different):
diff --git a/gnu/packages/patches/python-cython-fix-tests-32bit.patch b/gnu/packages/patches/python-cython-fix-tests-32bit.patch
new file mode 100644
index 0000000000..7ccc11dd4c
--- /dev/null
+++ b/gnu/packages/patches/python-cython-fix-tests-32bit.patch
@@ -0,0 +1,27 @@
+This fixes a test failure on 32-bit platforms.
+
+Upstream bug URL: https://github.com/cython/cython/issues/1548
+
+Patch copied from upstream source repository:
+
+https://github.com/cython/cython/commit/d92a718a26c9354fbf35f31a17de5c069865a447
+
+From d92a718a26c9354fbf35f31a17de5c069865a447 Mon Sep 17 00:00:00 2001
+From: Robert Bradshaw <robertwb@gmail.com>
+Date: Tue, 24 Jan 2017 16:57:00 -0800
+Subject: [PATCH] Normalize possible L suffix.
+
+---
+ tests/run/cpdef_enums.pyx | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/run/cpdef_enums.pyx b/tests/run/cpdef_enums.pyx
+index 167c762..c264ec5 100644
+--- a/tests/run/cpdef_enums.pyx
++++ b/tests/run/cpdef_enums.pyx
+@@ -93,4 +93,4 @@ def verify_resolution_GH1533():
+ 3
+ """
+ THREE = 100
+- return PyxEnum.THREE
++ return int(PyxEnum.THREE)
diff --git a/gnu/packages/patches/qemu-CVE-2017-2615.patch b/gnu/packages/patches/qemu-CVE-2017-2615.patch
deleted file mode 100644
index ede1f8c89d..0000000000
--- a/gnu/packages/patches/qemu-CVE-2017-2615.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-http://git.qemu.org/?p=qemu.git;a=patch;h=62d4c6bd5263bb8413a06c80144fc678df6dfb64
-this patch is from qemu-git.
-
-
-From 62d4c6bd5263bb8413a06c80144fc678df6dfb64 Mon Sep 17 00:00:00 2001
-From: Li Qiang <liqiang6-s@360.cn>
-Date: Wed, 1 Feb 2017 09:35:01 +0100
-Subject: [PATCH] cirrus: fix oob access issue (CVE-2017-2615)
-
-When doing bitblt copy in backward mode, we should minus the
-blt width first just like the adding in the forward mode. This
-can avoid the oob access of the front of vga's vram.
-
-Signed-off-by: Li Qiang <liqiang6-s@360.cn>
-
-{ kraxel: with backward blits (negative pitch) addr is the topmost
- address, so check it as-is against vram size ]
-
-Cc: qemu-stable@nongnu.org
-Cc: P J P <ppandit@redhat.com>
-Cc: Laszlo Ersek <lersek@redhat.com>
-Cc: Paolo Bonzini <pbonzini@redhat.com>
-Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
-Fixes: d3532a0db02296e687711b8cdc7791924efccea0 (CVE-2014-8106)
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-Message-id: 1485938101-26602-1-git-send-email-kraxel@redhat.com
-Reviewed-by: Laszlo Ersek <lersek@redhat.com>
----
- hw/display/cirrus_vga.c | 7 +++----
- 1 file changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index 7db6409dc5..16f27e8ac5 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -274,10 +274,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
- {
- if (pitch < 0) {
- int64_t min = addr
-- + ((int64_t)s->cirrus_blt_height-1) * pitch;
-- int32_t max = addr
-- + s->cirrus_blt_width;
-- if (min < 0 || max > s->vga.vram_size) {
-+ + ((int64_t)s->cirrus_blt_height - 1) * pitch
-+ - s->cirrus_blt_width;
-+ if (min < -1 || addr >= s->vga.vram_size) {
- return true;
- }
- } else {
---
-2.11.0
-
diff --git a/gnu/packages/patches/qemu-CVE-2017-2620.patch b/gnu/packages/patches/qemu-CVE-2017-2620.patch
deleted file mode 100644
index d3111827b7..0000000000
--- a/gnu/packages/patches/qemu-CVE-2017-2620.patch
+++ /dev/null
@@ -1,134 +0,0 @@
-Fix CVE-2017-2620:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2620
-https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
-
-Both patches copied from upstream source repository:
-
-Fixes CVE-2017-2620:
-http://git.qemu-project.org/?p=qemu.git;a=commit;h=92f2b88cea48c6aeba8de568a45f2ed958f3c298
-
-The CVE-2017-2620 bug-fix depends on this earlier patch:
-http://git.qemu-project.org/?p=qemu.git;a=commit;h=913a87885f589d263e682c2eb6637c6e14538061
-
-From 92f2b88cea48c6aeba8de568a45f2ed958f3c298 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Wed, 8 Feb 2017 11:18:36 +0100
-Subject: [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo
- (CVE-2017-2620)
-
-CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination
-and blit width, at all. Oops. Fix it.
-
-Security impact: high.
-
-The missing blit destination check allows to write to host memory.
-Basically same as CVE-2014-8106 for the other blit variants.
-
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/display/cirrus_vga.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index 1deb52070a..b9e7cb1df1 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -900,6 +900,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
- {
- int w;
-
-+ if (blit_is_unsafe(s, true)) {
-+ return 0;
-+ }
-+
- s->cirrus_blt_mode &= ~CIRRUS_BLTMODE_MEMSYSSRC;
- s->cirrus_srcptr = &s->cirrus_bltbuf[0];
- s->cirrus_srcptr_end = &s->cirrus_bltbuf[0];
-@@ -925,6 +929,10 @@ static int cirrus_bitblt_cputovideo(CirrusVGAState * s)
- }
- s->cirrus_srccounter = s->cirrus_blt_srcpitch * s->cirrus_blt_height;
- }
-+
-+ /* the blit_is_unsafe call above should catch this */
-+ assert(s->cirrus_blt_srcpitch <= CIRRUS_BLTBUFSIZE);
-+
- s->cirrus_srcptr = s->cirrus_bltbuf;
- s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
- cirrus_update_memory_access(s);
---
-2.12.0
-
-From 913a87885f589d263e682c2eb6637c6e14538061 Mon Sep 17 00:00:00 2001
-From: Bruce Rogers <brogers@suse.com>
-Date: Mon, 9 Jan 2017 13:35:20 -0700
-Subject: [PATCH] display: cirrus: ignore source pitch value as needed in
- blit_is_unsafe
-
-Commit 4299b90 added a check which is too broad, given that the source
-pitch value is not required to be initialized for solid fill operations.
-This patch refines the blit_is_unsafe() check to ignore source pitch in
-that case. After applying the above commit as a security patch, we
-noticed the SLES 11 SP4 guest gui failed to initialize properly.
-
-Signed-off-by: Bruce Rogers <brogers@suse.com>
-Message-id: 20170109203520.5619-1-brogers@suse.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/display/cirrus_vga.c | 11 +++++++----
- 1 file changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
-index bdb092ee9d..379910db2d 100644
---- a/hw/display/cirrus_vga.c
-+++ b/hw/display/cirrus_vga.c
-@@ -294,7 +294,7 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,
- return false;
- }
-
--static bool blit_is_unsafe(struct CirrusVGAState *s)
-+static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only)
- {
- /* should be the case, see cirrus_bitblt_start */
- assert(s->cirrus_blt_width > 0);
-@@ -308,6 +308,9 @@ static bool blit_is_unsafe(struct CirrusVGAState *s)
- s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) {
- return true;
- }
-+ if (dst_only) {
-+ return false;
-+ }
- if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch,
- s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) {
- return true;
-@@ -673,7 +676,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s,
-
- dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask);
-
-- if (blit_is_unsafe(s))
-+ if (blit_is_unsafe(s, false))
- return 0;
-
- (*s->cirrus_rop) (s, dst, src,
-@@ -691,7 +694,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop)
- {
- cirrus_fill_t rop_func;
-
-- if (blit_is_unsafe(s)) {
-+ if (blit_is_unsafe(s, true)) {
- return 0;
- }
- rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1];
-@@ -795,7 +798,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h)
-
- static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s)
- {
-- if (blit_is_unsafe(s))
-+ if (blit_is_unsafe(s, false))
- return 0;
-
- return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr,
---
-2.12.0
-
diff --git a/gnu/packages/patches/qemu-CVE-2017-2630.patch b/gnu/packages/patches/qemu-CVE-2017-2630.patch
deleted file mode 100644
index b154d171f1..0000000000
--- a/gnu/packages/patches/qemu-CVE-2017-2630.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-Fix CVE-2017-2630:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2630
-https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html
-
-Patch copied from upstream source repository:
-
-http://git.qemu-project.org/?p=qemu.git;a=commit;h=2563c9c6b8670400c48e562034b321a7cf3d9a85
-
-From 2563c9c6b8670400c48e562034b321a7cf3d9a85 Mon Sep 17 00:00:00 2001
-From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
-Date: Tue, 7 Mar 2017 09:16:27 -0600
-Subject: [PATCH] nbd/client: fix drop_sync [CVE-2017-2630]
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Comparison symbol is misused. It may lead to memory corruption.
-Introduced in commit 7d3123e.
-
-Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
-Message-Id: <20170203154757.36140-6-vsementsov@virtuozzo.com>
-[eblake: add CVE details, update conditional]
-Signed-off-by: Eric Blake <eblake@redhat.com>
-Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Message-Id: <20170307151627.27212-1-eblake@redhat.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
----
- nbd/client.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/nbd/client.c b/nbd/client.c
-index 5c9dee37fa..3dc2564cd0 100644
---- a/nbd/client.c
-+++ b/nbd/client.c
-@@ -94,7 +94,7 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size)
- char small[1024];
- char *buffer;
-
-- buffer = sizeof(small) < size ? small : g_malloc(MIN(65536, size));
-+ buffer = sizeof(small) >= size ? small : g_malloc(MIN(65536, size));
- while (size > 0) {
- ssize_t count = read_sync(ioc, buffer, MIN(65536, size));
-
---
-2.12.0
-
diff --git a/gnu/packages/patches/qemu-CVE-2017-5667.patch b/gnu/packages/patches/qemu-CVE-2017-5667.patch
deleted file mode 100644
index 5adea0d278..0000000000
--- a/gnu/packages/patches/qemu-CVE-2017-5667.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-Fix CVE-2017-5667 (sdhci OOB access during multi block SDMA transfer):
-
-http://seclists.org/oss-sec/2017/q1/243
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667
-
-Patch copied from upstream source repository:
-
-http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=42922105beb14c2fc58185ea022b9f72fb5465e9
-
-From 42922105beb14c2fc58185ea022b9f72fb5465e9 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Tue, 7 Feb 2017 18:29:59 +0000
-Subject: [PATCH] sd: sdhci: check data length during dma_memory_read
-
-While doing multi block SDMA transfer in routine
-'sdhci_sdma_transfer_multi_blocks', the 's->fifo_buffer' starting
-index 'begin' and data length 's->data_count' could end up to be same.
-This could lead to an OOB access issue. Correct transfer data length
-to avoid it.
-
-Cc: qemu-stable@nongnu.org
-Reported-by: Jiang Xin <jiangxin1@huawei.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Message-id: 20170130064736.9236-1-ppandit@redhat.com
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- hw/sd/sdhci.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
-index 01fbf228be..5bd5ab6319 100644
---- a/hw/sd/sdhci.c
-+++ b/hw/sd/sdhci.c
-@@ -536,7 +536,7 @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
- boundary_count -= block_size - begin;
- }
- dma_memory_read(&address_space_memory, s->sdmasysad,
-- &s->fifo_buffer[begin], s->data_count);
-+ &s->fifo_buffer[begin], s->data_count - begin);
- s->sdmasysad += s->data_count - begin;
- if (s->data_count == block_size) {
- for (n = 0; n < block_size; n++) {
---
-2.11.1
-
diff --git a/gnu/packages/patches/qemu-CVE-2017-5931.patch b/gnu/packages/patches/qemu-CVE-2017-5931.patch
deleted file mode 100644
index 08910e5fac..0000000000
--- a/gnu/packages/patches/qemu-CVE-2017-5931.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-Fix CVE-2017-5931 (integer overflow in handling virtio-crypto requests):
-
-http://seclists.org/oss-sec/2017/q1/337
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931
-
-Patch copied from upstream source repository:
-
-http://git.qemu-project.org/?p=qemu.git;a=commit;h=a08aaff811fb194950f79711d2afe5a892ae03a4
-
-From a08aaff811fb194950f79711d2afe5a892ae03a4 Mon Sep 17 00:00:00 2001
-From: Gonglei <arei.gonglei@huawei.com>
-Date: Tue, 3 Jan 2017 14:50:03 +0800
-Subject: [PATCH] virtio-crypto: fix possible integer and heap overflow
-
-Because the 'size_t' type is 4 bytes in 32-bit platform, which
-is the same with 'int'. It's easy to make 'max_len' to zero when
-integer overflow and then cause heap overflow if 'max_len' is zero.
-
-Using uint_64 instead of size_t to avoid the integer overflow.
-
-Cc: qemu-stable@nongnu.org
-Reported-by: Li Qiang <liqiang6-s@360.cn>
-Signed-off-by: Gonglei <arei.gonglei@huawei.com>
-Tested-by: Li Qiang <liqiang6-s@360.cn>
-Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
-Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
----
- hw/virtio/virtio-crypto.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
-index 2f2467e859..c23e1ad458 100644
---- a/hw/virtio/virtio-crypto.c
-+++ b/hw/virtio/virtio-crypto.c
-@@ -416,7 +416,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
- uint32_t hash_start_src_offset = 0, len_to_hash = 0;
- uint32_t cipher_start_src_offset = 0, len_to_cipher = 0;
-
-- size_t max_len, curr_size = 0;
-+ uint64_t max_len, curr_size = 0;
- size_t s;
-
- /* Plain cipher */
-@@ -441,7 +441,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
- return NULL;
- }
-
-- max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
-+ max_len = (uint64_t)iv_len + aad_len + src_len + dst_len + hash_result_len;
- if (unlikely(max_len > vcrypto->conf.max_size)) {
- virtio_error(vdev, "virtio-crypto too big length");
- return NULL;
---
-2.11.1
-
diff --git a/gnu/packages/patches/screen-fix-info-syntax-error.patch b/gnu/packages/patches/screen-fix-info-syntax-error.patch
new file mode 100644
index 0000000000..6ee9091daa
--- /dev/null
+++ b/gnu/packages/patches/screen-fix-info-syntax-error.patch
@@ -0,0 +1,47 @@
+Fix errors when building the info manual:
+
+[...]
+./screen.texinfo:5799: unknown command `suse'
+./screen.texinfo:5800: unknown command `deuxchevaux'
+make[2]: *** [Makefile:31: screen.info] Error 1
+[...]
+
+Patch copied from upstream source repository:
+
+http://git.savannah.gnu.org/cgit/screen.git/commit/?id=a7d2f9e6ecfa794dd0bd3dbeaf6780c88a6f3152
+
+From a7d2f9e6ecfa794dd0bd3dbeaf6780c88a6f3152 Mon Sep 17 00:00:00 2001
+From: Andreas Stieger <astieger@suse.com>
+Date: Tue, 28 Feb 2017 19:23:01 +0100
+Subject: [PATCH] fix texinfo syntax errors
+
+thanks to Andreas Stieger <astieger@suse.com>
+---
+ src/doc/screen.texinfo | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/doc/screen.texinfo b/src/doc/screen.texinfo
+index bc4cbae..aadad33 100644
+--- a/doc/screen.texinfo
++++ b/doc/screen.texinfo
+@@ -5795,7 +5795,7 @@ and Alexander Naumov <alexander_naumov@@opensuse.org>.
+ Contributors @*
+ ============
+
+-@example
++@verbatim
+ Thomas Renninger <treen@suse.com>,
+ Axel Beckert <abe@deuxchevaux.org>,
+ Ken Beal <kbeal@@amber.ssd.csd.harris.com>,
+@@ -5826,7 +5826,7 @@ Contributors @*
+ Jason Merrill <jason@@jarthur.Claremont.EDU>,
+ Johannes Zellner <johannes@@zellner.org>,
+ Pablo Averbuj <pablo@@averbuj.com>.
+-@end example
++@end verbatim
+
+ @noindent
+ Version @*
+--
+cgit v1.0-41-gc330
+
diff --git a/gnu/packages/patches/teeworlds-use-latest-wavpack.patch b/gnu/packages/patches/teeworlds-use-latest-wavpack.patch
new file mode 100644
index 0000000000..e9fd991087
--- /dev/null
+++ b/gnu/packages/patches/teeworlds-use-latest-wavpack.patch
@@ -0,0 +1,84 @@
+Downloaded from https://anonscm.debian.org/cgit/pkg-games/teeworlds.git/plain/debian/patches/new-wavpack.patch.
+
+This patch lets us build teeworlds with wavpack 5.1.0.
+
+--- a/src/engine/client/sound.cpp
++++ b/src/engine/client/sound.cpp
+@@ -328,17 +328,14 @@ void CSound::RateConvert(int SampleID)
+ pSample->m_NumFrames = NumFrames;
+ }
+
+-int CSound::ReadData(void *pBuffer, int Size)
+-{
+- return io_read(ms_File, pBuffer, Size);
+-}
+-
+ int CSound::LoadWV(const char *pFilename)
+ {
+ CSample *pSample;
+ int SampleID = -1;
+ char aError[100];
+ WavpackContext *pContext;
++ char aWholePath[1024];
++ IOHANDLE File;
+
+ // don't waste memory on sound when we are stress testing
+ if(g_Config.m_DbgStress)
+@@ -351,19 +348,23 @@ int CSound::LoadWV(const char *pFilename
+ if(!m_pStorage)
+ return -1;
+
+- ms_File = m_pStorage->OpenFile(pFilename, IOFLAG_READ, IStorage::TYPE_ALL);
+- if(!ms_File)
++ File = m_pStorage->OpenFile(pFilename, IOFLAG_READ, IStorage::TYPE_ALL, aWholePath, sizeof(aWholePath));
++ if(!File)
+ {
+ dbg_msg("sound/wv", "failed to open file. filename='%s'", pFilename);
+ return -1;
+ }
++ else
++ {
++ io_close(File);
++ }
+
+ SampleID = AllocID();
+ if(SampleID < 0)
+ return -1;
+ pSample = &m_aSamples[SampleID];
+
+- pContext = WavpackOpenFileInput(ReadData, aError);
++ pContext = WavpackOpenFileInput(aWholePath, aError, OPEN_2CH_MAX, 0);
+ if (pContext)
+ {
+ int m_aSamples = WavpackGetNumSamples(pContext);
+@@ -419,9 +420,6 @@ int CSound::LoadWV(const char *pFilename
+ dbg_msg("sound/wv", "failed to open %s: %s", pFilename, aError);
+ }
+
+- io_close(ms_File);
+- ms_File = NULL;
+-
+ if(g_Config.m_Debug)
+ dbg_msg("sound/wv", "loaded %s", pFilename);
+
+@@ -527,7 +525,5 @@ void CSound::StopAll()
+ lock_unlock(m_SoundLock);
+ }
+
+-IOHANDLE CSound::ms_File = 0;
+-
+ IEngineSound *CreateEngineSound() { return new CSound; }
+
+--- a/src/engine/client/sound.h
++++ b/src/engine/client/sound.h
+@@ -21,10 +21,6 @@ public:
+
+ static void RateConvert(int SampleID);
+
+- // TODO: Refactor: clean this mess up
+- static IOHANDLE ms_File;
+- static int ReadData(void *pBuffer, int Size);
+-
+ virtual bool IsSoundEnabled() { return m_SoundEnabled != 0; }
+
+ virtual int LoadWV(const char *pFilename);