aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-07-20 11:42:02 +0200
committerLudovic Courtès <ludo@gnu.org>2016-07-20 11:42:17 +0200
commit7575655212ecfbcd1f04e429c8a7a41f8720d027 (patch)
tree558982d3cf50ef6b19ef293850de1f485fde66a6 /gnu/packages/patches
parent5d4c90ae02f1e0b42d575bba2d828d63aaf79be5 (diff)
parent5f01078129f4eaa4760a14f22761cf357afb6738 (diff)
downloadguix-7575655212ecfbcd1f04e429c8a7a41f8720d027.tar
guix-7575655212ecfbcd1f04e429c8a7a41f8720d027.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/avrdude-fix-libusb.patch256
-rw-r--r--gnu/packages/patches/clang-3.8-libc-search-path.patch69
-rw-r--r--gnu/packages/patches/gd-CVE-2016-5766.patch81
-rw-r--r--gnu/packages/patches/gd-CVE-2016-6128.patch253
-rw-r--r--gnu/packages/patches/gd-CVE-2016-6132.patch55
-rw-r--r--gnu/packages/patches/gd-CVE-2016-6214.patch66
-rw-r--r--gnu/packages/patches/gd-fix-test-on-i686.patch34
-rw-r--r--gnu/packages/patches/gimp-CVE-2016-4994.patch96
-rw-r--r--gnu/packages/patches/khmer-use-libraries.patch16
-rw-r--r--gnu/packages/patches/libmtp-devices.patch554
-rw-r--r--gnu/packages/patches/ninja-tests.patch34
-rw-r--r--gnu/packages/patches/openimageio-boost-1.60.patch47
-rw-r--r--gnu/packages/patches/python-dendropy-exclude-failing-tests.patch21
-rw-r--r--gnu/packages/patches/sudo-CVE-2015-5602.patch372
14 files changed, 710 insertions, 1244 deletions
diff --git a/gnu/packages/patches/avrdude-fix-libusb.patch b/gnu/packages/patches/avrdude-fix-libusb.patch
deleted file mode 100644
index 13d0eca91c..0000000000
--- a/gnu/packages/patches/avrdude-fix-libusb.patch
+++ /dev/null
@@ -1,256 +0,0 @@
-Avrdude cannot build with our version of libusb. This patch fixes that.
-See http://savannah.nongnu.org/bugs/?41854
-
-diff --git a/dfu.c b/dfu.c
-index 7d349bc..0f80440 100644
---- a/dfu.c
-+++ b/dfu.c
-@@ -36,13 +36,14 @@
-
- #ifndef HAVE_LIBUSB
-
--int dfu_open(struct dfu_dev *dfu, char *port_name) {
-+struct dfu_dev * dfu_open(char *port_spec) {
- fprintf(stderr, "%s: Error: No USB support in this compile of avrdude\n",
- progname);
-- return -1;
-+ return NULL;
- }
-
--int dfu_init(struct dfu_dev *dfu, unsigned short usb_pid) {
-+int dfu_init(struct dfu_dev *dfu,
-+ unsigned short vid, unsigned short pid) {
- return -1;
- }
-
-diff --git a/flip1.c b/flip1.c
-index b891d80..0959996 100644
---- a/flip1.c
-+++ b/flip1.c
-@@ -164,6 +164,8 @@ static void flip1_setup(PROGRAMMER * pgm);
- static void flip1_teardown(PROGRAMMER * pgm);
-
- /* INTERNAL PROGRAMMER FUNCTION PROTOTYPES */
-+#ifdef HAVE_LIBUSB
-+// The internal ones are made conditional, as they're not defined further down #ifndef HAVE_LIBUSB
-
- static void flip1_show_info(struct flip1 *flip1);
-
-@@ -177,6 +179,8 @@ static const char * flip1_mem_unit_str(enum flip1_mem_unit mem_unit);
- static int flip1_set_mem_page(struct dfu_dev *dfu, unsigned short page_addr);
- static enum flip1_mem_unit flip1_mem_unit(const char *name);
-
-+#endif /* HAVE_LIBUSB */
-+
- /* THE INITPGM FUNCTION DEFINITIONS */
-
- void flip1_initpgm(PROGRAMMER *pgm)
-@@ -201,6 +205,7 @@ void flip1_initpgm(PROGRAMMER *pgm)
- pgm->teardown = flip1_teardown;
- }
-
-+#ifdef HAVE_LIBUSB
- /* EXPORTED PROGRAMMER FUNCTION DEFINITIONS */
-
- int flip1_open(PROGRAMMER *pgm, char *port_spec)
-@@ -876,3 +881,82 @@ enum flip1_mem_unit flip1_mem_unit(const char *name) {
- return FLIP1_MEM_UNIT_EEPROM;
- return FLIP1_MEM_UNIT_UNKNOWN;
- }
-+#else /* HAVE_LIBUSB */
-+// Dummy functions
-+int flip1_open(PROGRAMMER *pgm, char *port_spec)
-+{
-+ fprintf(stderr, "%s: Error: No USB support in this compile of avrdude\n",
-+ progname);
-+ return NULL;
-+}
-+
-+int flip1_initialize(PROGRAMMER* pgm, AVRPART *part)
-+{
-+ return -1;
-+}
-+
-+void flip1_close(PROGRAMMER* pgm)
-+{
-+}
-+
-+void flip1_enable(PROGRAMMER* pgm)
-+{
-+}
-+
-+void flip1_disable(PROGRAMMER* pgm)
-+{
-+}
-+
-+void flip1_display(PROGRAMMER* pgm, const char *prefix)
-+{
-+}
-+
-+int flip1_program_enable(PROGRAMMER* pgm, AVRPART *part)
-+{
-+ return -1;
-+}
-+
-+int flip1_chip_erase(PROGRAMMER* pgm, AVRPART *part)
-+{
-+ return -1;
-+}
-+
-+int flip1_read_byte(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned long addr, unsigned char *value)
-+{
-+ return -1;
-+}
-+
-+int flip1_write_byte(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned long addr, unsigned char value)
-+{
-+ return -1;
-+}
-+
-+int flip1_paged_load(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned int page_size, unsigned int addr, unsigned int n_bytes)
-+{
-+ return -1;
-+}
-+
-+int flip1_paged_write(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned int page_size, unsigned int addr, unsigned int n_bytes)
-+{
-+ return -1;
-+}
-+
-+int flip1_read_sig_bytes(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem)
-+{
-+ return -1;
-+}
-+
-+void flip1_setup(PROGRAMMER * pgm)
-+{
-+}
-+
-+void flip1_teardown(PROGRAMMER * pgm)
-+{
-+}
-+
-+
-+#endif /* HAVE_LIBUSB */
-\ No newline at end of file
-
-diff --git a/flip2.c b/flip2.c
-index ed8e996..16c4bf8 100644
---- a/flip2.c
-+++ b/flip2.c
-@@ -151,6 +151,8 @@ static void flip2_setup(PROGRAMMER * pgm);
- static void flip2_teardown(PROGRAMMER * pgm);
-
- /* INTERNAL PROGRAMMER FUNCTION PROTOTYPES */
-+#ifdef HAVE_LIBUSB
-+// The internal ones are made conditional, as they're not defined further down #ifndef HAVE_LIBUSB
-
- static void flip2_show_info(struct flip2 *flip2);
-
-@@ -171,6 +173,8 @@ static const char * flip2_status_str(const struct dfu_status *status);
- static const char * flip2_mem_unit_str(enum flip2_mem_unit mem_unit);
- static enum flip2_mem_unit flip2_mem_unit(const char *name);
-
-+#endif /* HAVE_LIBUSB */
-+
- /* THE INITPGM FUNCTION DEFINITIONS */
-
- void flip2_initpgm(PROGRAMMER *pgm)
-@@ -195,6 +199,7 @@ void flip2_initpgm(PROGRAMMER *pgm)
- pgm->teardown = flip2_teardown;
- }
-
-+#ifdef HAVE_LIBUSB
- /* EXPORTED PROGRAMMER FUNCTION DEFINITIONS */
-
- int flip2_open(PROGRAMMER *pgm, char *port_spec)
-@@ -922,3 +927,85 @@ enum flip2_mem_unit flip2_mem_unit(const char *name) {
- return FLIP2_MEM_UNIT_SIGNATURE;
- return FLIP2_MEM_UNIT_UNKNOWN;
- }
-+
-+#else /* HAVE_LIBUSB */
-+
-+/* EXPORTED PROGRAMMER FUNCTION DEFINITIONS */
-+
-+int flip2_open(PROGRAMMER *pgm, char *port_spec)
-+{
-+ fprintf(stderr, "%s: Error: No USB support in this compile of avrdude\n",
-+ progname);
-+ return NULL;
-+}
-+
-+int flip2_initialize(PROGRAMMER* pgm, AVRPART *part)
-+{
-+ return -1;
-+}
-+
-+void flip2_close(PROGRAMMER* pgm)
-+{
-+}
-+
-+void flip2_enable(PROGRAMMER* pgm)
-+{
-+}
-+
-+void flip2_disable(PROGRAMMER* pgm)
-+{
-+}
-+
-+void flip2_display(PROGRAMMER* pgm, const char *prefix)
-+{
-+}
-+
-+int flip2_program_enable(PROGRAMMER* pgm, AVRPART *part)
-+{
-+ return -1;
-+}
-+
-+int flip2_chip_erase(PROGRAMMER* pgm, AVRPART *part)
-+{
-+ return -1;
-+}
-+
-+int flip2_read_byte(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned long addr, unsigned char *value)
-+{
-+ return -1;
-+}
-+
-+int flip2_write_byte(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned long addr, unsigned char value)
-+{
-+ return -1;
-+}
-+
-+int flip2_paged_load(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned int page_size, unsigned int addr, unsigned int n_bytes)
-+{
-+ return -1;
-+}
-+
-+int flip2_paged_write(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem,
-+ unsigned int page_size, unsigned int addr, unsigned int n_bytes)
-+{
-+ return -1;
-+}
-+
-+int flip2_read_sig_bytes(PROGRAMMER* pgm, AVRPART *part, AVRMEM *mem)
-+{
-+ return -1;
-+}
-+
-+void flip2_setup(PROGRAMMER * pgm)
-+{
-+}
-+
-+void flip2_teardown(PROGRAMMER * pgm)
-+{
-+}
-+
-+
-+#endif /* HAVE_LIBUSB */
diff --git a/gnu/packages/patches/clang-3.8-libc-search-path.patch b/gnu/packages/patches/clang-3.8-libc-search-path.patch
new file mode 100644
index 0000000000..0f7d0a4add
--- /dev/null
+++ b/gnu/packages/patches/clang-3.8-libc-search-path.patch
@@ -0,0 +1,69 @@
+Clang attempts to guess file names based on the OS and distro (yes!),
+but unfortunately, that doesn't work for us.
+
+This patch makes it easy to insert libc's $libdir so that Clang passes the
+correct absolute file name of crt1.o etc. to 'ld'. It also disables all
+the distro-specific stuff and removes the hard-coded FHS directory names
+to make sure Clang also works on non-GuixSD systems.
+
+This patch makes slight adjustments over "clang-libc-search-path.patch" for
+changes in clang 3.8.
+
+--- cfe-3.8.0.src/lib/Driver/ToolChains.cpp
++++ cfe-3.8.0.src/lib/Driver/ToolChains.cpp
+@@ -3661,6 +3661,9 @@
+ GCCInstallation.getTriple().str() + "/bin")
+ .str());
+
++ // Comment out the distro-specific tweaks so that they don't bite when
++ // using Guix on a foreign distro.
++#if 0
+ Distro Distro = DetectDistro(D, Arch);
+
+ if (IsOpenSUSE(Distro) || IsUbuntu(Distro)) {
+@@ -3702,6 +3705,7 @@
+
+ if (IsOpenSUSE(Distro))
+ ExtraOpts.push_back("--enable-new-dtags");
++#endif
+
+ // The selection of paths to try here is designed to match the patterns which
+ // the GCC driver itself uses, as this is part of the GCC-compatible driver.
+@@ -3771,14 +3775,12 @@
+ addPathIfExists(D, D.Dir + "/../" + OSLibDir, Paths);
+ }
+
+- addPathIfExists(D, SysRoot + "/lib/" + MultiarchTriple, Paths);
+- addPathIfExists(D, SysRoot + "/lib/../" + OSLibDir, Paths);
+- addPathIfExists(D, SysRoot + "/usr/lib/" + MultiarchTriple, Paths);
+- addPathIfExists(D, SysRoot + "/usr/lib/../" + OSLibDir, Paths);
+-
+ // Try walking via the GCC triple path in case of biarch or multiarch GCC
+ // installations with strange symlinks.
+ if (GCCInstallation.isValid()) {
++ // The following code would end up adding things like
++ // "/usr/lib/x86_64-unknown-linux-gnu/../../lib64" to the search path.
++#if 0
+ addPathIfExists(D,
+ SysRoot + "/usr/lib/" + GCCInstallation.getTriple().str() +
+ "/../../" + OSLibDir,
+@@ -3791,6 +3793,7 @@
+ BiarchSibling.gccSuffix(),
+ Paths);
+ }
++#endif
+
+ // See comments above on the multilib variant for details of why this is
+ // included even from outside the sysroot.
+@@ -3815,8 +3818,9 @@
+ if (StringRef(D.Dir).startswith(SysRoot))
+ addPathIfExists(D, D.Dir + "/../lib", Paths);
+
+- addPathIfExists(D, SysRoot + "/lib", Paths);
+- addPathIfExists(D, SysRoot + "/usr/lib", Paths);
++ // Add libc's lib/ directory to the search path, so that crt1.o, crti.o,
++ // and friends can be found.
++ addPathIfExists(D, "@GLIBC_LIBDIR@", Paths);
+ }
+
+ bool Linux::HasNativeLLVMSupport() const { return true; }
diff --git a/gnu/packages/patches/gd-CVE-2016-5766.patch b/gnu/packages/patches/gd-CVE-2016-5766.patch
new file mode 100644
index 0000000000..400cb0ab48
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-5766.patch
@@ -0,0 +1,81 @@
+Fix CVE-2016-5766 (Integer Overflow in _gd2GetHeader() resulting in heap
+overflow).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
+
+Adapted from upstream commits:
+https://github.com/libgd/libgd/commit/aba3db8ba159465ecec1089027a24835a6da9cc0
+https://github.com/libgd/libgd/commit/a6a0e7feabb2a9738086a5dc96348f233c87fa79
+
+Since `patch` cannot apply Git binary diffs, we omit the addition of
+'tests/gd2/php_bug_72339.c' and its associated binary data.
+
+From aba3db8ba159465ecec1089027a24835a6da9cc0 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Tue, 28 Jun 2016 16:23:42 +0700
+Subject: [PATCH] fix php bug 72339 (CVE-2016-5766), Integer Overflow in
+ _gd2GetHeader() resulting in heap overflow
+
+---
+ src/gd_gd2.c | 5 ++++-
+ tests/gd2/CMakeLists.txt | 1 +
+ tests/gd2/Makemodule.am | 6 ++++--
+ tests/gd2/php_bug_72339.c | 21 +++++++++++++++++++++
+ tests/gd2/php_bug_72339_exp.gd2 | Bin 0 -> 67108882 bytes
+ 5 files changed, 30 insertions(+), 3 deletions(-)
+ create mode 100644 tests/gd2/php_bug_72339.c
+ create mode 100644 tests/gd2/php_bug_72339_exp.gd2
+
+diff --git a/src/gd_gd2.c b/src/gd_gd2.c
+index fd1e0c9..bdbbecf 100644
+--- a/src/gd_gd2.c
++++ b/src/gd_gd2.c
+@@ -154,8 +154,11 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
+ nc = (*ncx) * (*ncy);
+ GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
+ sidx = sizeof (t_chunk_info) * nc;
++ if (overflow2(sidx, nc)) {
++ goto fail1;
++ }
+ cidx = gdCalloc (sidx, 1);
+- if (!cidx) {
++ if (cidx == NULL) {
+ goto fail1;
+ }
+ for (i = 0; i < nc; i++) {
+From a6a0e7feabb2a9738086a5dc96348f233c87fa79 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Wed, 29 Jun 2016 09:36:26 +0700
+Subject: [PATCH] fix php bug 72339 (CVE-2016-5766), Integer Overflow in
+ _gd2GetHeader() resulting in heap overflow. Sync with php's sync
+
+---
+ src/gd_gd2.c | 7 ++++++-
+ tests/gd2/php_bug_72339.c | 2 +-
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/gd_gd2.c b/src/gd_gd2.c
+index bdbbecf..2837456 100644
+--- a/src/gd_gd2.c
++++ b/src/gd_gd2.c
+@@ -152,11 +152,16 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
+
+ if (gd2_compressed (*fmt)) {
+ nc = (*ncx) * (*ncy);
++
+ GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
++ if (overflow2(sizeof(t_chunk_info), nc)) {
++ goto fail1;
++ }
+ sidx = sizeof (t_chunk_info) * nc;
+- if (overflow2(sidx, nc)) {
++ if (sidx <= 0) {
+ goto fail1;
+ }
++
+ cidx = gdCalloc (sidx, 1);
+ if (cidx == NULL) {
+ goto fail1;
+--
+2.9.1
+
diff --git a/gnu/packages/patches/gd-CVE-2016-6128.patch b/gnu/packages/patches/gd-CVE-2016-6128.patch
new file mode 100644
index 0000000000..45ee6b0cfa
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-6128.patch
@@ -0,0 +1,253 @@
+Fix CVE-2016-6128 (invalid color index is not properly handled leading
+to denial of service).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6128
+
+Copied from upstream commits:
+https://github.com/libgd/libgd/compare/3fe0a7128bac5000fdcfab888bd2a75ec0c9447d...fd623025505e87bba7ec8555eeb72dae4fb0afd
+
+From 1ccfe21e14c4d18336f9da8515cd17db88c3de61 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:17:39 +0700
+Subject: [PATCH 1/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ src/gd_crop.c | 4 ++++
+ tests/CMakeLists.txt | 1 +
+ tests/Makefile.am | 1 +
+ 3 files changed, 6 insertions(+)
+
+diff --git a/src/gd_crop.c b/src/gd_crop.c
+index 0296633..532b49b 100644
+--- a/src/gd_crop.c
++++ b/src/gd_crop.c
+@@ -136,6 +136,10 @@ BGD_DECLARE(gdImagePtr) gdImageCropThreshold(gdImagePtr im, const unsigned int c
+ return NULL;
+ }
+
++ if (color < 0 || (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im))) {
++ return NULL;
++ }
++
+ /* TODO: Add gdImageGetRowPtr and works with ptr at the row level
+ * for the true color and palette images
+ * new formats will simply work with ptr
+diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
+index 6f5c786..5093d52 100644
+--- a/tests/CMakeLists.txt
++++ b/tests/CMakeLists.txt
+@@ -31,6 +31,7 @@ if (BUILD_TEST)
+ gdimagecolortransparent
+ gdimagecopy
+ gdimagecopyrotated
++ gdimagecrop
+ gdimagefile
+ gdimagefill
+ gdimagefilledellipse
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index 4f6e756..5a0ebe8 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -25,6 +25,7 @@ include gdimagecolorresolve/Makemodule.am
+ include gdimagecolortransparent/Makemodule.am
+ include gdimagecopy/Makemodule.am
+ include gdimagecopyrotated/Makemodule.am
++include gdimagecrop/Makemodule.am
+ include gdimagefile/Makemodule.am
+ include gdimagefill/Makemodule.am
+ include gdimagefilledellipse/Makemodule.am
+--
+2.9.1
+
+From 8c9f39c7cb1f62ea00bc7a48aff64d3811c2d6d0 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:20:07 +0700
+Subject: [PATCH 2/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/.gitignore | 1 +
+ 1 file changed, 1 insertion(+)
+ create mode 100644 tests/gdimagecrop/.gitignore
+
+diff --git a/tests/gdimagecrop/.gitignore b/tests/gdimagecrop/.gitignore
+new file mode 100644
+index 0000000..8e8c9c3
+--- /dev/null
++++ b/tests/gdimagecrop/.gitignore
+@@ -0,0 +1 @@
++/php_bug_72494
+--
+2.9.1
+
+From 8de370b7b6263a02268037a7cd13ddd991b43ea9 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:24:50 +0700
+Subject: [PATCH 3/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/CMakeLists.txt | 5 +++++
+ 1 file changed, 5 insertions(+)
+ create mode 100644 tests/gdimagecrop/CMakeLists.txt
+
+diff --git a/tests/gdimagecrop/CMakeLists.txt b/tests/gdimagecrop/CMakeLists.txt
+new file mode 100644
+index 0000000..f7e4c7e
+--- /dev/null
++++ b/tests/gdimagecrop/CMakeLists.txt
+@@ -0,0 +1,5 @@
++SET(TESTS_FILES
++ php_bug_72494
++)
++
++ADD_GD_TESTS()
+--
+2.9.1
+
+From bca12e4e11ecda8a0ea719472700ad5c2b36a0d6 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:25:12 +0700
+Subject: [PATCH 4/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/Makemodule.am | 5 +++++
+ 1 file changed, 5 insertions(+)
+ create mode 100644 tests/gdimagecrop/Makemodule.am
+
+diff --git a/tests/gdimagecrop/Makemodule.am b/tests/gdimagecrop/Makemodule.am
+new file mode 100644
+index 0000000..210888b
+--- /dev/null
++++ b/tests/gdimagecrop/Makemodule.am
+@@ -0,0 +1,5 @@
++libgd_test_programs += \
++ gdimagecrop/php_bug_72494
++
++EXTRA_DIST += \
++ gdimagecrop/CMakeLists.txt
+--
+2.9.1
+
+From 6ff72ae40c7c20ece939afb362d98cc37f4a1c96 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:25:40 +0700
+Subject: [PATCH 5/8] fix php 72494, invalid color index not handled, can lead
+ to crash
+
+---
+ tests/gdimagecrop/php_bug_72494.c | 23 +++++++++++++++++++++++
+ 1 file changed, 23 insertions(+)
+ create mode 100644 tests/gdimagecrop/php_bug_72494.c
+
+diff --git a/tests/gdimagecrop/php_bug_72494.c b/tests/gdimagecrop/php_bug_72494.c
+new file mode 100644
+index 0000000..adaa379
+--- /dev/null
++++ b/tests/gdimagecrop/php_bug_72494.c
+@@ -0,0 +1,23 @@
++#include <stdio.h>
++#include <stdlib.h>
++#include "gd.h"
++
++#include "gdtest.h"
++
++int main()
++{
++ gdImagePtr im, exp;
++ int error = 0;
++
++ im = gdImageCreate(50, 50);
++
++ if (!im) {
++ gdTestErrorMsg("gdImageCreate failed.\n");
++ return 1;
++ }
++
++ gdImageCropThreshold(im, 1337, 0);
++ gdImageDestroy(im);
++ /* this bug tests a crash, it never reaches this point if the bug exists*/
++ return 0;
++}
+--
+2.9.1
+
+From a0f9f8f7bd0d3a6c6afd6d180b8e75d93aadddfa Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:38:07 +0700
+Subject: [PATCH 6/8] fix php 72494, CID 149753, color is unsigned int, remove
+ useless <0 comparison
+
+---
+ src/gd_crop.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/gd_crop.c b/src/gd_crop.c
+index 532b49b..d51ad67 100644
+--- a/src/gd_crop.c
++++ b/src/gd_crop.c
+@@ -136,7 +136,7 @@ BGD_DECLARE(gdImagePtr) gdImageCropThreshold(gdImagePtr im, const unsigned int c
+ return NULL;
+ }
+
+- if (color < 0 || (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im))) {
++ if (!gdImageTrueColor(im) && color >= gdImageColorsTotal(im)) {
+ return NULL;
+ }
+
+--
+2.9.1
+
+From 907115fbb980862934d0de91af4977a216745039 Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 11:51:40 +0700
+Subject: [PATCH 7/8] fix php 72494, CID 149753, color is unsigned int, remove
+ useless <0 comparison
+
+---
+ tests/gdimagecrop/php_bug_72494.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/gdimagecrop/php_bug_72494.c b/tests/gdimagecrop/php_bug_72494.c
+index adaa379..5cb589b 100644
+--- a/tests/gdimagecrop/php_bug_72494.c
++++ b/tests/gdimagecrop/php_bug_72494.c
+@@ -6,7 +6,7 @@
+
+ int main()
+ {
+- gdImagePtr im, exp;
++ gdImagePtr im;
+ int error = 0;
+
+ im = gdImageCreate(50, 50);
+--
+2.9.1
+
+From fd623025505e87bba7ec8555eeb72dae4fb0afdc Mon Sep 17 00:00:00 2001
+From: Pierre Joye <pierre.php@gmail.com>
+Date: Mon, 27 Jun 2016 12:04:25 +0700
+Subject: [PATCH 8/8] fix php 72494, CID 149753, color is unsigned int, remove
+ useless <0 comparison
+
+---
+ tests/gdimagecrop/php_bug_72494.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/tests/gdimagecrop/php_bug_72494.c b/tests/gdimagecrop/php_bug_72494.c
+index 5cb589b..3bd19be 100644
+--- a/tests/gdimagecrop/php_bug_72494.c
++++ b/tests/gdimagecrop/php_bug_72494.c
+@@ -7,7 +7,6 @@
+ int main()
+ {
+ gdImagePtr im;
+- int error = 0;
+
+ im = gdImageCreate(50, 50);
+
+--
+2.9.1
+
diff --git a/gnu/packages/patches/gd-CVE-2016-6132.patch b/gnu/packages/patches/gd-CVE-2016-6132.patch
new file mode 100644
index 0000000000..4c475b71b2
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-6132.patch
@@ -0,0 +1,55 @@
+Fix CVE-2016-6132 (read out-of-bounds when parsing TGA files).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6132
+
+Copied from upstream commit:
+https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
+
+From ead349e99868303b37f5e6e9d9d680c9dc71ff8d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
+Date: Tue, 12 Jul 2016 11:24:09 +0200
+Subject: [PATCH] Fix #247, A read out-of-bands was found in the parsing of TGA
+ files (CVE-2016-6132)
+
+---
+ src/gd_tga.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/src/gd_tga.c b/src/gd_tga.c
+index ef20f86..20fe2d2 100644
+--- a/src/gd_tga.c
++++ b/src/gd_tga.c
+@@ -237,7 +237,11 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga )
+ return -1;
+ }
+
+- gdGetBuf(conversion_buffer, image_block_size, ctx);
++ if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) {
++ gd_error("gd-tga: premature end of image data\n");
++ gdFree(conversion_buffer);
++ return -1;
++ }
+
+ while (buffer_caret < image_block_size) {
+ tga->bitmap[buffer_caret] = (int) conversion_buffer[buffer_caret];
+@@ -257,11 +261,16 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga )
+ }
+ conversion_buffer = (unsigned char *) gdMalloc(image_block_size * sizeof(unsigned char));
+ if (conversion_buffer == NULL) {
++ gd_error("gd-tga: premature end of image data\n");
+ gdFree( decompression_buffer );
+ return -1;
+ }
+
+- gdGetBuf( conversion_buffer, image_block_size, ctx );
++ if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) {
++ gdFree(conversion_buffer);
++ gdFree(decompression_buffer);
++ return -1;
++ }
+
+ buffer_caret = 0;
+
+--
+2.9.1
+
diff --git a/gnu/packages/patches/gd-CVE-2016-6214.patch b/gnu/packages/patches/gd-CVE-2016-6214.patch
new file mode 100644
index 0000000000..7894a32bb1
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2016-6214.patch
@@ -0,0 +1,66 @@
+Fix CVE-2016-6214 (read out-of-bounds when parsing TGA files).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214
+
+Adapted from upstream commit:
+https://github.com/libgd/libgd/commit/341aa68843ceceae9ba6e083431f14a07bd92308
+
+Since `patch` cannot apply Git binary diffs, we omit the addition of
+'tests/tga/bug00247a.c' and its associated binary data.
+
+From 341aa68843ceceae9ba6e083431f14a07bd92308 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Tue, 12 Jul 2016 19:23:13 +0200
+Subject: [PATCH] Unsupported TGA bpp/alphabit combinations should error
+ gracefully
+
+Currently, only 24bpp without alphabits and 32bpp with 8 alphabits are
+really supported. All other combinations will be rejected with a warning.
+
+(cherry picked from commit cb1a0b7e54e9aa118270c23a4a6fe560e4590dc9)
+---
+ src/gd_tga.c | 16 ++++++----------
+ tests/tga/.gitignore | 1 +
+ tests/tga/CMakeLists.txt | 1 +
+ tests/tga/Makemodule.am | 4 +++-
+ tests/tga/bug00247a.c | 19 +++++++++++++++++++
+ tests/tga/bug00247a.tga | Bin 0 -> 36 bytes
+ 6 files changed, 30 insertions(+), 11 deletions(-)
+ create mode 100644 tests/tga/bug00247a.c
+ create mode 100644 tests/tga/bug00247a.tga
+
+diff --git a/src/gd_tga.c b/src/gd_tga.c
+index 20fe2d2..b4f8fa6 100644
+--- a/src/gd_tga.c
++++ b/src/gd_tga.c
+@@ -99,7 +99,7 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromTgaCtx(gdIOCtx* ctx)
+ if (tga->bits == TGA_BPP_24) {
+ *tpix = gdTrueColor(tga->bitmap[bitmap_caret + 2], tga->bitmap[bitmap_caret + 1], tga->bitmap[bitmap_caret]);
+ bitmap_caret += 3;
+- } else if (tga->bits == TGA_BPP_32 || tga->alphabits) {
++ } else if (tga->bits == TGA_BPP_32 && tga->alphabits) {
+ register int a = tga->bitmap[bitmap_caret + 3];
+
+ *tpix = gdTrueColorAlpha(tga->bitmap[bitmap_caret + 2], tga->bitmap[bitmap_caret + 1], tga->bitmap[bitmap_caret], gdAlphaMax - (a >> 1));
+@@ -159,16 +159,12 @@ int read_header_tga(gdIOCtx *ctx, oTga *tga)
+ printf("wxh: %i %i\n", tga->width, tga->height);
+ #endif
+
+- switch(tga->bits) {
+- case 8:
+- case 16:
+- case 24:
+- case 32:
+- break;
+- default:
+- gd_error("bps %i not supported", tga->bits);
++ if (!((tga->bits == TGA_BPP_24 && tga->alphabits == 0)
++ || (tga->bits == TGA_BPP_32 && tga->alphabits == 8)))
++ {
++ gd_error_ex(GD_WARNING, "gd-tga: %u bits per pixel with %u alpha bits not supported\n",
++ tga->bits, tga->alphabits);
+ return -1;
+- break;
+ }
+
+ tga->ident = NULL;
diff --git a/gnu/packages/patches/gd-fix-test-on-i686.patch b/gnu/packages/patches/gd-fix-test-on-i686.patch
new file mode 100644
index 0000000000..6dd2e0fb03
--- /dev/null
+++ b/gnu/packages/patches/gd-fix-test-on-i686.patch
@@ -0,0 +1,34 @@
+Disable part of the gdimagerotate test on architectures such as i686
+where intermediate floating-point operations are done with 80-bit long
+doubles, and typically later rounded to 64-bit doubles. This double
+rounding causes small differences in the resulting pixel values
+compared with other architectures, causing the image comparison to
+fail.
+
+Patch by Mark H Weaver <mhw@netris.org>.
+
+--- libgd-2.2.2/tests/gdimagerotate/bug00067.c 1969-12-31 19:00:00.000000000 -0500
++++ libgd-2.2.2/tests/gdimagerotate/bug00067.c 2016-07-18 12:19:19.885423132 -0400
+@@ -1,5 +1,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <float.h>
+ #include "gd.h"
+
+ #include "gdtest.h"
+@@ -41,6 +42,7 @@
+ return 1;
+ }
+
++#if FLT_EVAL_METHOD != 2
+ sprintf(filename, "bug00067_%03d_exp.png", angle);
+ path = gdTestFilePath2("gdimagerotate", filename);
+ if (!gdAssertImageEqualsToFile(path, exp)) {
+@@ -48,6 +50,7 @@
+ error += 1;
+ }
+ free(path);
++#endif
+
+ gdImageDestroy(exp);
+ }
diff --git a/gnu/packages/patches/gimp-CVE-2016-4994.patch b/gnu/packages/patches/gimp-CVE-2016-4994.patch
new file mode 100644
index 0000000000..6c81c63386
--- /dev/null
+++ b/gnu/packages/patches/gimp-CVE-2016-4994.patch
@@ -0,0 +1,96 @@
+Fix CVE-2016-4994:
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994
+
+Copied from upstream repository:
+https://git.gnome.org/browse/gimp/patch/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f
+
+From e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f Mon Sep 17 00:00:00 2001
+From: Shmuel H <shmuelgimp@gmail.com>
+Date: Mon, 20 Jun 2016 17:14:41 +0300
+Subject: Bug 767873 - (CVE-2016-4994) Multiple Use-After-Free when parsing...
+
+...XCF channel and layer properties
+
+The properties PROP_ACTIVE_LAYER, PROP_FLOATING_SELECTION,
+PROP_ACTIVE_CHANNEL saves the current object pointer the @info
+structure. Others like PROP_SELECTION (for channel) and
+PROP_GROUP_ITEM (for layer) will delete the current object and create
+a new object, leaving the pointers in @info invalid (dangling).
+
+Therefore, if a property from the first type will come before the
+second, the result will be an UaF in the last lines of xcf_load_image
+(when it actually using the pointers from @info).
+
+I wasn't able to exploit this bug because that
+g_object_instance->c_class gets cleared by the last g_object_unref and
+GIMP_IS_{LAYER,CHANNEL} detects that and return FALSE.
+
+(cherry picked from commit 6d804bf9ae77bc86a0a97f9b944a129844df9395)
+---
+ app/xcf/xcf-load.c | 29 +++++++++++++++++++++++++++++
+ 1 file changed, 29 insertions(+)
+
+diff --git a/app/xcf/xcf-load.c b/app/xcf/xcf-load.c
+index b180377..67cc6d4 100644
+--- a/app/xcf/xcf-load.c
++++ b/app/xcf/xcf-load.c
+@@ -904,6 +904,18 @@ xcf_load_layer_props (XcfInfo *info,
+ case PROP_GROUP_ITEM:
+ {
+ GimpLayer *group;
++ gboolean is_active_layer;
++
++ /* We're going to delete *layer, Don't leave its pointers
++ * in @info. After that, we'll restore them back with the
++ * new pointer. See bug #767873.
++ */
++ is_active_layer = (*layer == info->active_layer);
++ if (is_active_layer)
++ info->active_layer = NULL;
++
++ if (*layer == info->floating_sel)
++ info->floating_sel = NULL;
+
+ group = gimp_group_layer_new (image);
+
+@@ -916,6 +928,13 @@ xcf_load_layer_props (XcfInfo *info,
+ g_object_ref_sink (*layer);
+ g_object_unref (*layer);
+ *layer = group;
++
++ if (is_active_layer)
++ info->active_layer = *layer;
++
++ /* Don't restore info->floating_sel because group layers
++ * can't be floating selections
++ */
+ }
+ break;
+
+@@ -986,6 +1005,12 @@ xcf_load_channel_props (XcfInfo *info,
+ {
+ GimpChannel *mask;
+
++ /* We're going to delete *channel, Don't leave its pointer
++ * in @info. See bug #767873.
++ */
++ if (*channel == info->active_channel)
++ info->active_channel = NULL;
++
+ mask =
+ gimp_selection_new (image,
+ gimp_item_get_width (GIMP_ITEM (*channel)),
+@@ -1000,6 +1025,10 @@ xcf_load_channel_props (XcfInfo *info,
+ *channel = mask;
+ (*channel)->boundary_known = FALSE;
+ (*channel)->bounds_known = FALSE;
++
++ /* Don't restore info->active_channel because the
++ * selection can't be the active channel
++ */
+ }
+ break;
+
+--
+cgit v0.12
+
diff --git a/gnu/packages/patches/khmer-use-libraries.patch b/gnu/packages/patches/khmer-use-libraries.patch
new file mode 100644
index 0000000000..47d163a99a
--- /dev/null
+++ b/gnu/packages/patches/khmer-use-libraries.patch
@@ -0,0 +1,16 @@
+Change setup.cfg so that the bundled zlib and bzip2 are not used. This cannot
+currently be achieved using "--library z,bz2" as instructed in the setup.py.
+
+diff --git a/setup.cfg b/setup.cfg
+index c054092..080992e 100644
+--- a/setup.cfg
++++ b/setup.cfg
+@@ -1,7 +1,7 @@
+ [build_ext]
+ define = SEQAN_HAS_BZIP2,SEQAN_HAS_ZLIB
+ undef = NO_UNIQUE_RC
+-# libraries = z,bz2
++libraries = z,bz2
+ ## if using system libraries
+ include-dirs = lib:third-party/zlib:third-party/bzip2:third-party/seqan/core/include:third-party/smhasher
+ # include-dirs = lib
diff --git a/gnu/packages/patches/libmtp-devices.patch b/gnu/packages/patches/libmtp-devices.patch
deleted file mode 100644
index 9b985e526d..0000000000
--- a/gnu/packages/patches/libmtp-devices.patch
+++ /dev/null
@@ -1,554 +0,0 @@
-Add additional devices; the patched file corresponds to git commit 8e471b,
-to which one additional device has been added as reported at
- http://sourceforge.net/p/libmtp/bugs/1422/
-
-diff -u -r libmtp-1.1.9.orig/src/music-players.h libmtp-1.1.9/src/music-players.h
---- libmtp-1.1.9.orig/src/music-players.h 2015-09-19 22:54:24.537330594 +0200
-+++ libmtp-1.1.9/src/music-players.h 2015-09-19 23:16:41.079206331 +0200
-@@ -47,82 +47,61 @@
- * and properties.
- */
- { "Creative", 0x041e, "ZEN Vision", 0x411f,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "Portable Media Center", 0x4123,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Xtra (MTP mode)", 0x4128,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Dell", 0x041e, "DJ (2nd generation)", 0x412f,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Micro (MTP mode)", 0x4130,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Touch (MTP mode)", 0x4131,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Dell", 0x041e, "Dell Pocket DJ (MTP mode)", 0x4132,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-- { "Creative", 0x041e, "ZEN MicroPhoto (alternate version)", 0x4133,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
-+ { "Creative", 0x041e, "ZEN MicroPhoto (alternate version)", 0x4133,
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Sleek (MTP mode)", 0x4137,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN MicroPhoto", 0x413c,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Sleek Photo", 0x413d,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Vision:M", 0x413e,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by marazm@o2.pl
- { "Creative", 0x041e, "ZEN V", 0x4150,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by danielw@iinet.net.au
- // This version of the Vision:M needs the no release interface flag,
- // unclear whether the other version above need it too or not.
- { "Creative", 0x041e, "ZEN Vision:M (DVP-HD0004)", 0x4151,
- DEVICE_FLAG_NO_RELEASE_INTERFACE |
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by Darel on the XNJB forums
- { "Creative", 0x041e, "ZEN V Plus", 0x4152,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- { "Creative", 0x041e, "ZEN Vision W", 0x4153,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Don't add 0x4155: this is a Zen Stone device which is not MTP
- // Reported by Paul Kurczaba <paul@kurczaba.com>
- { "Creative", 0x041e, "ZEN", 0x4157,
- DEVICE_FLAG_IGNORE_HEADER_ERRORS |
- DEVICE_FLAG_BROKEN_SET_SAMPLE_DIMENSIONS |
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by Ringofan <mcroman@users.sourceforge.net>
- { "Creative", 0x041e, "ZEN V 2GB", 0x4158,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by j norment <stormzen@gmail.com>
- { "Creative", 0x041e, "ZEN Mozaic", 0x4161,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by Aaron F. Gonzalez <sub_tex@users.sourceforge.net>
- { "Creative", 0x041e, "ZEN X-Fi", 0x4162,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by farmerstimuli <farmerstimuli@users.sourceforge.net>
- { "Creative", 0x041e, "ZEN X-Fi 3", 0x4169,
-- DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL |
-- DEVICE_FLAG_BROKEN_GET_OBJECT_PROPVAL },
-+ DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST_ALL },
- // Reported by Todor Gyumyushev <yodor1@users.sourceforge.net>
- { "ZiiLABS", 0x041e, "Zii EGG", 0x6000,
- DEVICE_FLAG_UNLOAD_DRIVER |
-@@ -607,8 +586,17 @@
- /* https://sourceforge.net/p/libmtp/bugs/1251/ */
- { "Acer", 0x0502, "E39", 0x3643,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1369/ */
-+ { "Acer", 0x0502, "liquid e700", 0x3644,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "Acer", 0x0502, "One 7", 0x3657,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/support-requests/183/ */
-+ { "Acer", 0x0502, "Z200", 0x3683,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1341/ */
-+ { "Acer", 0x0502, "Liquid S56", 0x3725,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * SanDisk
-@@ -952,6 +940,7 @@
- { "Archos", 0x0e79, "SPOD (MTP mode)", 0x1341, DEVICE_FLAG_UNLOAD_DRIVER },
- { "Archos", 0x0e79, "5S IT (MTP mode)", 0x1351, DEVICE_FLAG_UNLOAD_DRIVER },
- { "Archos", 0x0e79, "5H IT (MTP mode)", 0x1357, DEVICE_FLAG_UNLOAD_DRIVER },
-+ { "Archos", 0x0e79, "48 (MTP mode)", 0x1421, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos", 0x0e79, "Arnova Childpad", 0x1458, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos", 0x0e79, "Arnova 8c G3", 0x145e, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos", 0x0e79, "Arnova 10bG3 Tablet", 0x146b, DEVICE_FLAGS_ANDROID_BUGS },
-@@ -973,9 +962,17 @@
- { "Archos", 0x0e79, "70it2 (ID 2)", 0x1569, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos", 0x0e79, "50c", 0x2008, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos", 0x0e79, "C40", 0x31ab, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1393/ */
-+ { "Archos", 0x0e79, "Phone", 0x31e1, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1325/ */
-+ { "Archos", 0x0e79, "45 Neon", 0x31f3, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1352/ */
-+ { "Archos", 0x0e79, "50 Diamond", 0x3229, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos", 0x0e79, "101 G4", 0x4002, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos (for Tesco)", 0x0e79, "Hudl (ID1)", 0x5008, DEVICE_FLAGS_ANDROID_BUGS },
- { "Archos (for Tesco)", 0x0e79, "Hudl (ID2)", 0x5009, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1404/ */
-+ { "Archos", 0x0e79, "AC40DTI", 0x5217, DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * Dunlop (OEM of EGOMAN ltd?) reported by Nanomad
-@@ -1181,6 +1178,10 @@
- { "Qualcomm (for OnePlus)", 0x05c6, "One (MTP+ADB)",
- 0x6765, DEVICE_FLAGS_ANDROID_BUGS },
-
-+ /* https://sourceforge.net/p/libmtp/bugs/1377/ */
-+ { "Qualcomm (for Xolo)", 0x901b, "Xolo Black (MTP)",
-+ 0x9039, DEVICE_FLAGS_ANDROID_BUGS },
-+
- { "Qualcomm (for PhiComm)", 0x05c6, "C230w (MTP)",
- 0x9039, DEVICE_FLAGS_ANDROID_BUGS },
-
-@@ -1221,6 +1222,9 @@
- // Reported by Thomas Bretthauer
- { "Fujitsu, Ltd", 0x04c5, "STYLISTIC M532", 0x133b,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/feature-requests/137/ */
-+ { "Fujitsu, Ltd", 0x04c5, "F02-E", 0x1378,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * Palm device userland program named Pocket Tunes
-@@ -1247,6 +1251,9 @@
- // Reported by anonymous SourceForge user
- { "Medion", 0x066f, "MD8333 (ID2)", 0x8588,
- DEVICE_FLAG_UNLOAD_DRIVER | DEVICE_FLAG_BROKEN_MTPGETOBJPROPLIST },
-+ /* https://sourceforge.net/p/libmtp/bugs/1359/ */
-+ { "Verizon", 0x0408, "Ellipsis 7", 0x3899,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- // The vendor ID is "Quanta Computer, Inc."
- // same as Olivetti Olipad 110
- // Guessing on device flags
-@@ -1403,6 +1410,9 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "LG Electronics Inc.", 0x1004, "LG2 Optimus", 0x6225,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1386/ */
-+ { "LG Electronics Inc.", 0x1004, "LG VS950", 0x622a,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "LG Electronics Inc.", 0x1004, "LG VS870", 0x6239,
- DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/992/ */
-@@ -1410,6 +1420,8 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "LG Electronics Inc.", 0x1004, "VK810", 0x6265,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ { "LG Electronics Inc.", 0x1004, "G3", 0x627f,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/support-requests/134/ */
- { "LG Electronics Inc.", 0x1004, "G3 (VS985)", 0x626e,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -1723,8 +1735,12 @@
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia M2 MTP", 0x01aa,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia M2 Dual MTP", 0x01ab,
-+ DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia Z2 MTP", 0x01af,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia Z2 Tablet MTP", 0x01b1,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "SONY", 0x0fce, "Xperia Z Ultra MTP", 0x01b6,
- DEVICE_FLAGS_ANDROID_BUGS },
- { "SONY", 0x0fce, "Xperia Z3 MTP", 0x01ba,
-@@ -1733,6 +1749,10 @@
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia E3 MTP", 0x01bc,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "XPeria Z3+ MTP", 0x01c9,
-+ DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "XPeria E4g MTP", 0x01cb,
-+ DEVICE_FLAG_NONE },
-
-
- /*
-@@ -1788,6 +1808,8 @@
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia M MTP+CDROM", 0x419b,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia Z Ultra MTP+CDROM (ID3)", 0x419c,
-+ DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia Z1 MTP+CDROM", 0x419e,
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia C MTP+CDROM", 0x41a3,
-@@ -1796,10 +1818,20 @@
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia M2 MTP+CDROM", 0x41aa,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia M2 Dual MTP+CDROM", 0x41ab,
-+ DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia Z2 MTP+CDROM", 0x41af,
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia Z3 MTP+CDROM", 0x41ba,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia Z3 Compact MTP+CDROM", 0x41bb,
-+ DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia E3 MTP+CDROM", 0x01bc,
-+ DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "XPeria Z3+ MTP+CDROM", 0x41c9,
-+ DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "XPeria E4g MTP+CDROM", 0x41cb,
-+ DEVICE_FLAG_NONE },
-
- /*
- * MTP+ADB personalities of MTP devices (see above)
-@@ -1888,6 +1920,8 @@
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia M2 MTP+ADB", 0x51aa,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "Xperia M2 Dual MTP+ADB", 0x51ab,
-+ DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia Z2 MTP+ADB", 0x51af,
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia Z Ultra MTP+ADB", 0x51b6,
-@@ -1898,6 +1932,10 @@
- DEVICE_FLAG_NONE },
- { "SONY", 0x0fce, "Xperia E3 MTP+ADB", 0x51bc,
- DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "XPeria Z3+ MTP+ADB", 0x51c9,
-+ DEVICE_FLAG_NONE },
-+ { "SONY", 0x0fce, "XPeria E4g MTP+ADB", 0x51cb,
-+ DEVICE_FLAG_NONE },
-
- /*
- * MTP+UMS modes
-@@ -1936,6 +1974,9 @@
- * Motorola
- * Assume DEVICE_FLAG_BROKEN_SET_OBJECT_PROPLIST on all of these.
- */
-+ /* https://sourceforge.net/p/libmtp/feature-requests/136/ */
-+ { "Motorola", 0x22b8, "XT1524 (MTP)", 0x002e,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- // Reported by David Boyd <tiggrdave@users.sourceforge.net>
- { "Motorola", 0x22b8, "V3m/V750 verizon", 0x2a65,
- DEVICE_FLAG_BROKEN_SET_OBJECT_PROPLIST |
-@@ -1952,6 +1993,9 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Motorola", 0x22b8, "Moto X (XT1058)", 0x2e63,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1323/ */
-+ { "Motorola", 0x22b8, "Moto X (XT1080)", 0x2e66,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "Motorola", 0x22b8, "Droid Maxx (XT1080)", 0x2e67,
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Motorola", 0x22b8, "Droid Ultra", 0x2e68,
-@@ -2345,6 +2389,14 @@
- /* https://sourceforge.net/p/libmtp/bugs/1244/ */
- { "Asus", 0x0b05, "MemoPad 8 ME181 CX (MTP)", 0x5561,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1406/ */
-+ { "Asus", 0x0b05, "Zenfone 2 (MTP)", 0x5600,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1364/ */
-+ { "Asus", 0x0b05, "Z00AD (MTP)", 0x5601,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ { "Asus", 0x0b05, "TX201LA (MTP)", 0x561f,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1271/ */
- { "Asus", 0x0b05, "ZenFone 4 (MTP)", 0x580f,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2354,9 +2406,20 @@
- /* https://sourceforge.net/p/libmtp/bugs/1258/ */
- { "Asus", 0x0b05, "A450CG (MTP)", 0x5a0f,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1350/ */
-+ { "Asus", 0x0b05, "Zenfone 2 ZE550ML (MTP)", 0x5f02,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1364/ */
-+ { "Asus", 0x0b05, "Zenfone 2 ZE551ML (MTP)", 0x5f03,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1232/ */
- { "Asus", 0x0b05, "MemoPad 7 (ME572CL)", 0x7772,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1351/ */
-+ { "Asus", 0x0b05, "Fonepad 7 (FE375CXG)", 0x7773,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ { "Asus", 0x0b05, "ZenFone 5 A500KL (MTP)", 0x7780,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1247/ */
- { "Asus", 0x0b05, "ZenFone 5 A500KL (MTP+ADB)", 0x7781,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2365,6 +2428,12 @@
- /*
- * Lenovo
- */
-+ /* https://sourceforge.net/p/libmtp/support-requests/178/ */
-+ { "Lenovo", 0x17ef, "P70-A", 0x0c02,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1415/ */
-+ { "Lenovo", 0x17ef, "P70", 0x2008,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- // Reported by Richard Körber <shredzone@users.sourceforge.net>
- { "Lenovo", 0x17ef, "K1", 0x740a,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2407,6 +2476,9 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Lenovo", 0x17ef, "Toga Tablet B6000-F", 0x76f2,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1122/ */
-+ { "Lenovo", 0x17ef, "S930", 0x7718,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1250/ */
- { "Lenovo", 0x17ef, "A5500-F", 0x772b,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2417,15 +2489,24 @@
- /* https://sourceforge.net/p/libmtp/bugs/1155/ */
- { "Lenovo", 0x17ef, "Yoga Tablet 10 B8000-H", 0x76ff,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1391/ */
-+ { "Lenovo", 0x17ef, "A7600-F", 0x7731,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1291/ */
- { "Lenovo", 0x17ef, "A3500-F", 0x7737,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/support-requests/186/ */
-+ { "Lenovo", 0x17ef, "Yoga Tablet 2 - 1050F", 0x77a4,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/support-requests/168/ */
- { "Lenovo", 0x17ef, "Yoga Tablet 2 Pro", 0x77b1,
- DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/feature-requests/125/ */
- { "Lenovo", 0x17ef, "Vibe Z2", 0x77ea,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1360/ */
-+ { "Lenovo", 0x17ef, "K3 Note", 0x7883,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * Huawei
-@@ -2435,6 +2516,15 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Huawei", 0x12d1, "MTP device (ID2)", 0x1052,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1381/ */
-+ { "Huawei", 0x12d1, "H60-L11", 0x1079,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1361/ */
-+ { "Huawei", 0x12d1, "Ascend P8 ", 0x1082,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1418/ */
-+ { "Huawei", 0x12d1, "Honor 3C ", 0x2012,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "Huawei", 0x12d1, "Mediapad (mode 0)", 0x360f,
- DEVICE_FLAGS_ANDROID_BUGS },
- // Reported by Bearsh <bearsh@users.sourceforge.net>
-@@ -2452,6 +2542,8 @@
- /* https://sourceforge.net/p/libmtp/bugs/672/ */
- { "ZTE", 0x19d2, "Grand X In", 0x0343, DEVICE_FLAGS_ANDROID_BUGS },
- { "ZTE", 0x19d2, "V985", 0x0383, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1328/ */
-+ { "ZTE", 0x19d2, "V5", 0xffce, DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * HTC (High Tech Computer Corp)
-@@ -2459,6 +2551,12 @@
- * Steven Eastland <grassmonk@users.sourceforge.net>
- * Kevin Cheng <kache@users.sf.net>
- */
-+ /* https://sourceforge.net/p/libmtp/support-requests/181/ */
-+ { "HTC", 0x0bb4, "HTC One M9 (MTP)", 0x040b,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1398/ */
-+ { "HTC", 0x0bb4, "Spreadtrum SH57MYZ03342 (MTP)", 0x05e3,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* reported by Mikkel Oscar Lyderik <mikkeloscar@gmail.com> */
- { "HTC", 0x0bb4, "HTC Desire 510 (MTP+ADB)", 0x05fd,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2545,6 +2643,9 @@
- /* https://sourceforge.net/p/libmtp/bugs/1182/ */
- { "HTC", 0x0bb4, "Desire 310 (MTP)", 0x0ec6,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1420/ */
-+ { "HTC", 0x0bb4, "Desire 816G (MTP)", 0x0edb,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "HTC", 0x0bb4, "HTC One (MTP+ADB+CDC)", 0x0f5f,
- DEVICE_FLAGS_ANDROID_BUGS },
- { "HTC", 0x0bb4, "HTC One (MTP+CDC)", 0x0f60,
-@@ -2658,6 +2759,9 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Amazon", 0x1949, "Kindle Fire (ID5)", 0x0012,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1353/ */
-+ { "Amazon", 0x1949, "Kindle Fire HD6", 0x00f2,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- { "Amazon", 0x1949, "Fire Phone", 0x0800,
- DEVICE_FLAGS_ANDROID_BUGS },
-
-@@ -2677,6 +2781,9 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "YiFang", 0x2207, "BQ Tesla", 0x0006,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1354/ */
-+ { "Various", 0x2207, "Viewpia DR/bq Kepler Debugging", 0x0011,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * Kobo
-@@ -2708,6 +2815,8 @@
- { "Intel", 0x8087, "Foxconn iView i700", 0x0a15, DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1237/ */
- { "Intel", 0x8087, "Telcast Air 3G", 0x0a5e, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1338/ */
-+ { "Intel", 0x8087, "Chuwi vi8", 0x0a5f, DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * Xiaomi
-@@ -2738,6 +2847,15 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Xiaomi", 0x2717, "Mi-2 (MTP)", 0xf003,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1397/ */
-+ { "Xiaomi", 0x2717, "Mi-2s (id2) (MTP)", 0xff40,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1339/ */
-+ { "Xiaomi", 0x2717, "Mi-2s (MTP)", 0xff48,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1402/ */
-+ { "Xiaomi", 0x2717, "Redmi 2 (MTP)", 0xff60,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * XO Learning Tablet
-@@ -2774,6 +2892,9 @@
- /* https://sourceforge.net/p/libmtp/bugs/1304/ */
- { "Alcatel", 0x1bbb, "OneTouch 5042D (MTP)", 0xa00e,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1401/ */
-+ { "Alcatel", 0x1bbb, "OneTouch Idol 3 (MTP)", 0xaf2b,
-+ DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/feature-requests/114/ */
- { "Alcatel", 0x1bbb, "OneTouch 6034R", 0xf003,
- DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2782,8 +2903,12 @@
- * Kyocera
- */
- { "Kyocera", 0x0482, "Rise", 0x0571, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/feature-requests/134/ */
-+ { "Kyocera", 0x0482, "Torque Model E6715", 0x0059a, DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/discussion/535190/thread/6270f5ce/ */
- { "Kyocera", 0x0482, "KYL22", 0x0810, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1345/ */
-+ { "Kyocera", 0x0482, "DuraForce", 0x0979, DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * HiSense
-@@ -2798,12 +2923,20 @@
- DEVICE_FLAGS_ANDROID_BUGS },
- { "Hewlett-Packard", 0x03f0, "Slate 7 2800", 0x5d1d,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/bugs/1366/ */
-+ { "Hewlett-Packard", 0x03f0, "Slate 10 HD", 0x7e1d,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * MediaTek Inc.
- */
- { "MediaTek Inc", 0x0e8d, "MT5xx and MT6xx SoCs", 0x0050,
- DEVICE_FLAGS_ANDROID_BUGS },
-+ { "MediaTek Inc", 0x0e8d, "MT65xx", 0x2008,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/feature-requests/79/ */
-+ { "MediaTek Inc", 0x0e8d, "Elephone P8000", 0x201d,
-+ DEVICE_FLAGS_ANDROID_BUGS },
-
- /*
- * Jolla
-@@ -2860,6 +2993,8 @@
- { "Prestigio", 0x29e4, "5505 DUO ", 0x1103, DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1243/ */
- { "Prestigio", 0x29e4, "5504 DUO ", 0x1203, DEVICE_FLAGS_ANDROID_BUGS },
-+ /* https://sourceforge.net/p/libmtp/feature-requests/141/ */
-+ { "Prestigio", 0x29e4, "3405 DUO ", 0x3201, DEVICE_FLAGS_ANDROID_BUGS },
-
- /* https://sourceforge.net/p/libmtp/bugs/1283/ */
- { "Megafon", 0x201e, "MFLogin3T", 0x42ab, DEVICE_FLAGS_ANDROID_BUGS },
-@@ -2867,6 +3002,8 @@
- /* https://sourceforge.net/p/libmtp/bugs/1287/ */
- { "Gensis", 0x040d, "GT-7305 ", 0x885c, DEVICE_FLAGS_ANDROID_BUGS },
-
-+ /* https://sourceforge.net/p/libmtp/support-requests/182/ */
-+ { "Oppo", 0x22d9, "Find 5", 0x2764, DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1207/ */
- { "Oppo", 0x22d9, "Find 7 (ID 1)", 0x2765, DEVICE_FLAGS_ANDROID_BUGS },
- /* https://sourceforge.net/p/libmtp/bugs/1277/ */
-@@ -2916,6 +3053,14 @@
- /* https://sourceforge.net/p/libmtp/bugs/1314/ */
- { "BenQ", 0x1d45, "F5", 0x459d, DEVICE_FLAGS_ANDROID_BUGS },
-
-+ /* https://sourceforge.net/p/libmtp/bugs/1362/ */
-+ { "TomTom", 0x1390, "Rider 40", 0x5455, DEVICE_FLAGS_ANDROID_BUGS },
-+
-+ /* https://sourceforge.net/p/libmtp/feature-requests/135/. guessed android. */
-+ { "OUYA", 0x2836, "Videogame Console", 0x0010, DEVICE_FLAGS_ANDROID_BUGS },
-+
-+ /* https://sourceforge.net/p/libmtp/bugs/1383/ */
-+ { "BLU", 0x0e8d, "Studio HD", 0x2008, DEVICE_FLAGS_ANDROID_BUGS },
- /*
- * Other strange stuff.
- */
diff --git a/gnu/packages/patches/ninja-tests.patch b/gnu/packages/patches/ninja-tests.patch
index 3436b6314d..f9b0d9f910 100644
--- a/gnu/packages/patches/ninja-tests.patch
+++ b/gnu/packages/patches/ninja-tests.patch
@@ -1,16 +1,17 @@
-SubprocessTest.SetWithLots fails with:
- Raise [ulimit -n] well above 1025 to make this test go.
-Skip it.
+From 67d6b9262efad99f8aad63ab81efc8e689748766 Mon Sep 17 00:00:00 2001
+From: Efraim Flashner <efraim@flashner.co.il>
+Date: Sun, 3 Jul 2016 11:55:43 +0300
+Subject: [PATCH] patch
-SubprocessTest.InterruptChild fails when using 'system*':
- *** Failure in src/subprocess_test.cc:83
- ExitInterrupted == subproc->Finish()
-I can pass it by using 'system' instead of 'system*' when building locally,
-but it still failed on Hydra. Skip it.
+---
+ src/subprocess_test.cc | 4 ++++
+ 1 file changed, 4 insertions(+)
---- ninja-1.5.3.orig/src/subprocess_test.cc 2015-01-15 10:34:28.859522176 +0800
-+++ ninja-1.5.3/src/subprocess_test.cc 2015-01-15 10:37:52.969572075 +0800
-@@ -72,6 +72,7 @@
+diff --git a/src/subprocess_test.cc b/src/subprocess_test.cc
+index ee16190..a537c11 100644
+--- a/src/subprocess_test.cc
++++ b/src/subprocess_test.cc
+@@ -72,6 +72,7 @@ TEST_F(SubprocessTest, NoSuchCommand) {
#ifndef _WIN32
@@ -18,7 +19,7 @@ but it still failed on Hydra. Skip it.
TEST_F(SubprocessTest, InterruptChild) {
Subprocess* subproc = subprocs_.Add("kill -INT $$");
ASSERT_NE((Subprocess *) 0, subproc);
-@@ -82,6 +83,7 @@
+@@ -82,6 +83,7 @@ TEST_F(SubprocessTest, InterruptChild) {
EXPECT_EQ(ExitInterrupted, subproc->Finish());
}
@@ -26,7 +27,7 @@ but it still failed on Hydra. Skip it.
TEST_F(SubprocessTest, InterruptParent) {
Subprocess* subproc = subprocs_.Add("kill -INT $PPID ; sleep 1");
-@@ -169,6 +171,7 @@
+@@ -217,6 +219,7 @@ TEST_F(SubprocessTest, SetWithMulti) {
// OS X's process limit is less than 1025 by default
// (|sysctl kern.maxprocperuid| is 709 on 10.7 and 10.8 and less prior to that).
#if !defined(__APPLE__) && !defined(_WIN32)
@@ -34,11 +35,14 @@ but it still failed on Hydra. Skip it.
TEST_F(SubprocessTest, SetWithLots) {
// Arbitrary big number; needs to be over 1024 to confirm we're no longer
// hostage to pselect.
-@@ -196,6 +199,7 @@
+@@ -245,6 +248,7 @@ TEST_F(SubprocessTest, SetWithLots) {
}
ASSERT_EQ(kNumProcs, subprocs_.finished_.size());
}
+#endif
- #endif // !__APPLE__ && !_WIN32
+ #endif // !__APPLE__ && !_WIN32
// TODO: this test could work on Windows, just not sure how to simply
+--
+2.9.0
+
diff --git a/gnu/packages/patches/openimageio-boost-1.60.patch b/gnu/packages/patches/openimageio-boost-1.60.patch
deleted file mode 100644
index 92fc3237bb..0000000000
--- a/gnu/packages/patches/openimageio-boost-1.60.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 875fbbd92695397bfc83d1cd5fdd4094e1d50199 Mon Sep 17 00:00:00 2001
-From: Larry Gritz <lg@larrygritz.com>
-Date: Mon, 28 Dec 2015 11:46:07 -0800
-Subject: [PATCH] Python ImageCache binding fixes -- disable broken calls
-
-Some of these calls (thankfully undocumented and presumably unused)
-are horribly broken. They compiled before, but with new Boost 1.60
-they don't even compile properly. So just comment them out on this
-obsolete branch. They are fully fixed in RB-1.6 and beyond.
-
---- a/src/python/py_imagecache.cpp
-+++ b/src/python/py_imagecache.cpp
-@@ -199,23 +199,24 @@ void declare_imagecache()
- .def("destroy", &ImageCacheWrap::destroy)
- .staticmethod("destroy")
- .def("clear", &ImageCacheWrap::clear)
-- .def("attribute", &ImageCacheWrap::attribute)
-+ // .def("attribute", &ImageCacheWrap::attribute)
- .def("attribute", &ImageCacheWrap::attribute_int)
- .def("attribute", &ImageCacheWrap::attribute_float)
-- .def("attribute", &ImageCacheWrap::attribute_double)
-- .def("attribute", &ImageCacheWrap::attribute_char)
-+ // .def("attribute", &ImageCacheWrap::attribute_double)
-+ // .def("attribute", &ImageCacheWrap::attribute_char)
- .def("attribute", &ImageCacheWrap::attribute_string)
-- .def("getattribute", &ImageCacheWrap::attribute)
-+ // .def("getattribute", &ImageCacheWrap::attribute)
- .def("getattribute", &ImageCacheWrap::getattribute_int)
- .def("getattribute", &ImageCacheWrap::getattribute_float)
-- .def("getattribute", &ImageCacheWrap::getattribute_double)
-- .def("getattribute", &ImageCacheWrap::getattribute_char)
-+ // .def("getattribute", &ImageCacheWrap::getattribute_double)
-+ // .def("getattribute", &ImageCacheWrap::getattribute_char)
- .def("getattribute", &ImageCacheWrap::getattribute_string)
-- .def("resolve_filename", &ImageCacheWrap::resolve_filename)
-- .def("get_image_info", &ImageCacheWrap::get_image_info)
-- .def("get_image_info", &ImageCacheWrap::get_image_info_old)
-+ // .def("get_image_info", &ImageCacheWrap::get_image_info)
-+ // .def("get_image_info", &ImageCacheWrap::get_image_info_old)
- .def("get_imagespec", &ImageCacheWrap::get_imagespec)
-- .def("get_pixels", &ImageCacheWrap::get_pixels)
-+ // .def("get_pixels", &ImageCacheWrap::get_pixels)
-+ .def("resolve_filename", &ImageCacheWrap::resolve_filename)
-+
- // .def("get_tile", &ImageCacheWrap::get_tile)
- // .def("release_tile", &ImageCacheWrap::release_tile)
- // .def("tile_pixels", &ImageCacheWrap::tile_pixels)
diff --git a/gnu/packages/patches/python-dendropy-exclude-failing-tests.patch b/gnu/packages/patches/python-dendropy-exclude-failing-tests.patch
new file mode 100644
index 0000000000..288a58b06f
--- /dev/null
+++ b/gnu/packages/patches/python-dendropy-exclude-failing-tests.patch
@@ -0,0 +1,21 @@
+diff --git a/dendropy/test/test_phylogenetic_distance_matrix.py b/dendropy/test/test_phylogenetic_distance_matrix.py
+index 10c05f5..a18ba52 100644
+--- a/dendropy/test/test_phylogenetic_distance_matrix.py
++++ b/dendropy/test/test_phylogenetic_distance_matrix.py
+@@ -793,7 +793,7 @@ class PdmUpgmaTree(PdmTreeChecker, unittest.TestCase):
+ expected_tree=expected_tree)
+
+ class NodeToNodeDistancesTest(unittest.TestCase):
+-
++ @unittest.expectedFailure
+ def test_distances(self):
+ ## get distances from ape
+ # library(ape)
+@@ -825,6 +825,7 @@ class NodeToNodeDistancesTest(unittest.TestCase):
+ e = reference_table[nd1.label, nd2.label]
+ self.assertAlmostEqual(d, e)
+
++ @unittest.expectedFailure
+ def test_mrca(self):
+ test_runs = [
+ "hiv1.newick",
diff --git a/gnu/packages/patches/sudo-CVE-2015-5602.patch b/gnu/packages/patches/sudo-CVE-2015-5602.patch
deleted file mode 100644
index 36c90fbee7..0000000000
--- a/gnu/packages/patches/sudo-CVE-2015-5602.patch
+++ /dev/null
@@ -1,372 +0,0 @@
-Based on the patch from https://www.sudo.ws/repos/sudo/raw-rev/c2e36a80a279
-Backported to 1.8.15 by Mark H Weaver <mhw@netris.org>
-
-# HG changeset patch
-# User Todd C. Miller <Todd.Miller@courtesan.com>
-# Date 1452475889 25200
-# Node ID c2e36a80a27927c32cba55afae78b8dc830cddc3
-# Parent 94ffd6b18431fa4b9ed0a0c3f0b7b9582a4f6bde
-Rewritten sudoedit_checkdir support that checks all the dirs in the
-path and refuses to follow symlinks in writable directories.
-This is a better fix for CVE-2015-5602.
-Adapted from a diff by Ben Hutchings. Bug #707
-
-diff -r 94ffd6b18431 -r c2e36a80a279 doc/CONTRIBUTORS
---- a/doc/CONTRIBUTORS Mon Jan 04 10:47:11 2016 -0700
-+++ b/doc/CONTRIBUTORS Sun Jan 10 18:31:29 2016 -0700
-@@ -58,6 +58,7 @@
- Holloway, Nick
- Hoover, Adam
- Hunter, Michael T.
-+ Hutchings, Ben
- Irrgang, Eric
- Jackson, Brian
- Jackson, John R.
-diff -r 94ffd6b18431 -r c2e36a80a279 doc/UPGRADE
---- a/doc/UPGRADE Mon Jan 04 10:47:11 2016 -0700
-+++ b/doc/UPGRADE Sun Jan 10 18:31:29 2016 -0700
-@@ -1,6 +1,15 @@
- Notes on upgrading from an older release
- ========================================
-
-+o Upgrading from a version prior to the post-1.8.15 fix for CVE-2015-5602.
-+
-+ The meaning of the sudoedit_checkdir sudoers option has changed.
-+ Previously, it would only check the parent directory
-+ of the file to be edited. After the CVE fix, all directories
-+ in the path to be edited are checked and sudoedit will refuse
-+ to follow a symbolic link in a directory that is writable by
-+ the invoking user.
-+
- o Upgrading from a version prior to 1.8.15:
-
- Prior to version 1.8.15, when env_reset was enabled (the default)
-diff -r 94ffd6b18431 -r c2e36a80a279 doc/sudoers.cat
---- a/doc/sudoers.cat Mon Jan 04 10:47:11 2016 -0700
-+++ b/doc/sudoers.cat Sun Jan 10 18:31:29 2016 -0700
-@@ -1275,12 +1275,15 @@
- system call. This flag is _o_f_f by default.
-
- sudoedit_checkdir
-- If set, ssuuddooeeddiitt will refuse to edit files located in a
-- directory that is writable by the invoking user unless
-- it is run by root. On many systems, this option
-- requires that the parent directory of the file to be
-- edited be readable by the target user. This flag is
-- _o_f_f by default.
-+ If set, ssuuddooeeddiitt will check directories in the path to
-+ be edited for writability by the invoking user.
-+ Symbolic links will not be followed in writable
-+ directories and ssuuddooeeddiitt will also refuse to edit a
-+ file located in a writable directory. Theses
-+ restrictions are not enforced when ssuuddooeeddiitt is invoked
-+ as root. On many systems, this option requires that
-+ all directories in the path to be edited be readable by
-+ the target user. This flag is _o_f_f by default.
-
- sudoedit_follow By default, ssuuddooeeddiitt will not follow symbolic links
- when opening files. The _s_u_d_o_e_d_i_t___f_o_l_l_o_w option can be
-diff -r 94ffd6b18431 -r c2e36a80a279 doc/sudoers.man.in
---- a/doc/sudoers.man.in Mon Jan 04 10:47:11 2016 -0700
-+++ b/doc/sudoers.man.in Sun Jan 10 18:31:29 2016 -0700
-@@ -2715,10 +2715,16 @@
- .br
- If set,
- \fBsudoedit\fR
--will refuse to edit files located in a directory that is writable
--by the invoking user unless it is run by root.
--On many systems, this option requires that the parent directory
--of the file to be edited be readable by the target user.
-+will check directories in the path to be edited for writability
-+by the invoking user.
-+Symbolic links will not be followed in writable directories and
-+\fBsudoedit\fR
-+will also refuse to edit a file located in a writable directory.
-+Theses restrictions are not enforced when
-+\fBsudoedit\fR
-+is invoked as root.
-+On many systems, this option requires that all directories
-+in the path to be edited be readable by the target user.
- This flag is
- \fIoff\fR
- by default.
-diff -r 94ffd6b18431 -r c2e36a80a279 doc/sudoers.mdoc.in
---- a/doc/sudoers.mdoc.in Mon Jan 04 10:47:11 2016 -0700
-+++ b/doc/sudoers.mdoc.in Sun Jan 10 18:31:29 2016 -0700
-@@ -2549,10 +2549,16 @@
- .It sudoedit_checkdir
- If set,
- .Nm sudoedit
--will refuse to edit files located in a directory that is writable
--by the invoking user unless it is run by root.
--On many systems, this option requires that the parent directory
--of the file to be edited be readable by the target user.
-+will check directories in the path to be edited for writability
-+by the invoking user.
-+Symbolic links will not be followed in writable directories and
-+.Nm sudoedit
-+will also refuse to edit a file located in a writable directory.
-+Theses restrictions are not enforced when
-+.Nm sudoedit
-+is invoked as root.
-+On many systems, this option requires that all directories
-+in the path to be edited be readable by the target user.
- This flag is
- .Em off
- by default.
-diff -r 94ffd6b18431 -r c2e36a80a279 include/sudo_compat.h
---- a/include/sudo_compat.h Mon Jan 04 10:47:11 2016 -0700
-+++ b/include/sudo_compat.h Sun Jan 10 18:31:29 2016 -0700
-@@ -182,6 +182,8 @@
- # ifndef UTIME_NOW
- # define UTIME_NOW -2L
- # endif
-+#endif
-+#if !defined(HAVE_OPENAT) || (!defined(HAVE_FUTIMENS) && !defined(HAVE_UTIMENSAT))
- # ifndef AT_FDCWD
- # define AT_FDCWD -100
- # endif
-diff -r 94ffd6b18431 -r c2e36a80a279 src/sudo_edit.c
---- a/src/sudo_edit.c Mon Jan 04 10:47:11 2016 -0700
-+++ b/src/sudo_edit.c Sun Jan 10 18:31:29 2016 -0700
-@@ -179,13 +179,15 @@
- }
-
- #ifndef HAVE_OPENAT
--/* This does not support AT_FDCWD... */
- static int
- sudo_openat(int dfd, const char *path, int flags, mode_t mode)
- {
- int fd, odfd;
- debug_decl(sudo_openat, SUDO_DEBUG_EDIT)
-
-+ if (dfd == AT_FDCWD)
-+ debug_return_int(open(path, flags, mode));
-+
- /* Save cwd */
- if ((odfd = open(".", O_RDONLY)) == -1)
- debug_return_int(-1);
-@@ -207,6 +209,64 @@
- #define openat sudo_openat
- #endif /* HAVE_OPENAT */
-
-+#ifdef O_NOFOLLOW
-+static int
-+sudo_edit_openat_nofollow(int dfd, char *path, int oflags, mode_t mode)
-+{
-+ debug_decl(sudo_edit_open_nofollow, SUDO_DEBUG_EDIT)
-+
-+ debug_return_int(openat(dfd, path, oflags|O_NOFOLLOW, mode));
-+}
-+#else
-+/*
-+ * Returns true if fd and path don't match or path is a symlink.
-+ * Used on older systems without O_NOFOLLOW.
-+ */
-+static bool
-+sudo_edit_is_symlink(int fd, char *path)
-+{
-+ struct stat sb1, sb2;
-+ debug_decl(sudo_edit_is_symlink, SUDO_DEBUG_EDIT)
-+
-+ /*
-+ * Treat [fl]stat() failure like there was a symlink.
-+ */
-+ if (fstat(fd, &sb1) == -1 || lstat(path, &sb2) == -1)
-+ debug_return_bool(true);
-+
-+ /*
-+ * Make sure we did not open a link and that what we opened
-+ * matches what is currently on the file system.
-+ */
-+ if (S_ISLNK(sb2.st_mode) ||
-+ sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) {
-+ debug_return_bool(true);
-+ }
-+
-+ debug_return_bool(false);
-+}
-+
-+static int
-+sudo_edit_openat_nofollow(char *path, int oflags, mode_t mode)
-+{
-+ struct stat sb1, sb2;
-+ int fd;
-+ debug_decl(sudo_edit_openat_nofollow, SUDO_DEBUG_EDIT)
-+
-+ fd = openat(dfd, path, oflags, mode);
-+ if (fd == -1)
-+ debug_return_int(-1);
-+
-+ if (sudo_edit_is_symlink(fd, path)) {
-+ close(fd);
-+ fd = -1;
-+ errno = ELOOP;
-+ }
-+
-+ debug_return_int(fd);
-+}
-+#endif /* O_NOFOLLOW */
-+
- /*
- * Returns true if the directory described by sb is writable
- * by the user. We treat directories with the sticky bit as
-@@ -245,49 +305,94 @@
- debug_return_bool(false);
- }
-
-+/*
-+ * Directory open flags for use with openat(2) and fstat(2).
-+ * Use O_PATH and O_DIRECTORY where possible.
-+ */
-+#if defined(O_PATH) && defined(O_DIRECTORY)
-+# define DIR_OPEN_FLAGS (O_PATH|O_DIRECTORY)
-+#elif defined(O_PATH) && !defined(O_DIRECTORY)
-+# define DIR_OPEN_FLAGS O_PATH
-+#elif !defined(O_PATH) && defined(O_DIRECTORY)
-+# define DIR_OPEN_FLAGS (O_RDONLY|O_DIRECTORY)
-+#else
-+# define DIR_OPEN_FLAGS (O_RDONLY|O_NONBLOCK)
-+#endif
-+
- static int
- sudo_edit_open_nonwritable(char *path, int oflags, mode_t mode)
- {
-- char *base, *dir;
-+ int dfd, fd, dflags = DIR_OPEN_FLAGS;
-+#if defined(__linux__) && defined(O_PATH)
-+ char *opath = path;
-+#endif
-+ bool is_writable;
- struct stat sb;
-- int dfd, fd;
- debug_decl(sudo_edit_open_nonwritable, SUDO_DEBUG_EDIT)
-
-- base = strrchr(path, '/');
-- if (base != NULL) {
-- *base++ = '\0';
-- dir = path;
-+#if defined(__linux__) && defined(O_PATH)
-+restart:
-+#endif
-+ if (path[0] == '/') {
-+ dfd = open("/", dflags);
-+ path++;
- } else {
-- base = path;
-- dir = ".";
-+ dfd = open(".", dflags);
-+ if (path[0] == '.' && path[1] == '/')
-+ path += 2;
- }
--#ifdef O_PATH
-- if ((dfd = open(dir, O_PATH)) != -1) {
-- /* Linux kernels < 3.6 can't do fstat on O_PATH fds. */
-- if (fstat(dfd, &sb) == -1) {
-- close(dfd);
-- dfd = open(dir, O_RDONLY);
-- if (fstat(dfd, &sb) == -1) {
-- close(dfd);
-- dfd = -1;
-- }
-- }
-- }
--#else
-- if ((dfd = open(dir, O_RDONLY)) != -1) {
-- if (fstat(dfd, &sb) == -1) {
-- close(dfd);
-- dfd = -1;
-- }
-- }
--#endif
-- if (base != path)
-- base[-1] = '/'; /* restore path */
- if (dfd == -1)
- debug_return_int(-1);
-
-- if (dir_is_writable(&sb, user_details.uid, user_details.gid,
-- user_details.ngroups, user_details.groups)) {
-+ for (;;) {
-+ char *slash;
-+ int subdfd;
-+
-+ /*
-+ * Look up one component at a time, avoiding symbolic links in
-+ * writable directories.
-+ */
-+ if (fstat(dfd, &sb) == -1) {
-+ close(dfd);
-+#if defined(__linux__) && defined(O_PATH)
-+ /* Linux prior to 3.6 can't fstat an O_PATH fd */
-+ if (ISSET(dflags, O_PATH)) {
-+ CLR(dflags, O_PATH);
-+ path = opath;
-+ goto restart;
-+ }
-+#endif
-+ debug_return_int(-1);
-+ }
-+#ifndef O_DIRECTORY
-+ if (!S_ISDIR(sb.st_mode)) {
-+ close(dfd);
-+ errno = ENOTDIR;
-+ debug_return_int(-1);
-+ }
-+#endif
-+ is_writable = dir_is_writable(&sb, user_details.uid, user_details.gid,
-+ user_details.ngroups, user_details.groups);
-+
-+ while (path[0] == '/')
-+ path++;
-+ slash = strchr(path, '/');
-+ if (slash == NULL)
-+ break;
-+ *slash = '\0';
-+ if (is_writable)
-+ subdfd = sudo_edit_openat_nofollow(dfd, path, dflags, 0);
-+ else
-+ subdfd = openat(dfd, path, dflags, 0);
-+ *slash = '/'; /* restore path */
-+ close(dfd);
-+ if (subdfd == -1)
-+ debug_return_int(-1);
-+ path = slash + 1;
-+ dfd = subdfd;
-+ }
-+
-+ if (is_writable) {
- close(dfd);
- errno = EISDIR;
- debug_return_int(-1);
-@@ -332,27 +437,10 @@
- if (!ISSET(oflags, O_NONBLOCK))
- (void) fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
-
-- /*
-- * Treat [fl]stat() failure like an open() failure.
-- */
-- if (fstat(fd, &sb1) == -1 || lstat(path, &sb2) == -1) {
-- const int serrno = errno;
-+ if (!ISSET(sflags, CD_SUDOEDIT_FOLLOW) && sudo_edit_is_symlink(fd, path)) {
- close(fd);
-- errno = serrno;
-- debug_return_int(-1);
-- }
--
-- /*
-- * Make sure we did not open a link and that what we opened
-- * matches what is currently on the file system.
-- */
-- if (!ISSET(sflags, CD_SUDOEDIT_FOLLOW)) {
-- if (S_ISLNK(sb2.st_mode) ||
-- sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) {
-- close(fd);
-- errno = ELOOP;
-- debug_return_int(-1);
-- }
-+ fd = -1;
-+ errno = ELOOP;
- }
-
- debug_return_int(fd);
-