diff options
author | Efraim Flashner <efraim@flashner.co.il> | 2017-12-31 14:10:25 +0200 |
---|---|---|
committer | Efraim Flashner <efraim@flashner.co.il> | 2017-12-31 14:10:25 +0200 |
commit | 23de2e1d5f8f7548e6f73085de23d9964774edbf (patch) | |
tree | fab69d4bb55f275f14012a724b7cb14bd307b57f /gnu/packages/patches | |
parent | ec6ba5c1fe9308cbc18f06c99adcfe0d13396a18 (diff) | |
parent | 1c27f72fc2770d68243dd95b7c05adc3b2b02ea4 (diff) | |
download | guix-23de2e1d5f8f7548e6f73085de23d9964774edbf.tar guix-23de2e1d5f8f7548e6f73085de23d9964774edbf.tar.gz |
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/borg-fix-archive-corruption-bug.patch | 68 | ||||
-rw-r--r-- | gnu/packages/patches/chicken-CVE-2017-11343.patch | 57 | ||||
-rw-r--r-- | gnu/packages/patches/chicken-CVE-2017-6949.patch | 132 | ||||
-rw-r--r-- | gnu/packages/patches/icecat-bug-1414945.patch | 73 | ||||
-rw-r--r-- | gnu/packages/patches/icecat-bug-1424373-pt2.patch | 183 | ||||
-rw-r--r-- | gnu/packages/patches/libgxps-CVE-2017-11590.patch | 48 | ||||
-rw-r--r-- | gnu/packages/patches/python-pillow-fix-failing-tests.patch | bin | 0 -> 112373 bytes | |||
-rw-r--r-- | gnu/packages/patches/python-pillow-freetype-2.7-test-failure.patch | 75 |
8 files changed, 304 insertions, 332 deletions
diff --git a/gnu/packages/patches/borg-fix-archive-corruption-bug.patch b/gnu/packages/patches/borg-fix-archive-corruption-bug.patch deleted file mode 100644 index 0debf119be..0000000000 --- a/gnu/packages/patches/borg-fix-archive-corruption-bug.patch +++ /dev/null @@ -1,68 +0,0 @@ -Fix a bug in `borg check --repair` that corrupts existing archives: - -https://github.com/borgbackup/borg/issues/3444 - -Patches copied from upstream source repository: - -https://github.com/borgbackup/borg/commit/e09892caec8a63d59e909518c4e9c230dbd69774 -https://github.com/borgbackup/borg/commit/a68d28bfa4db30561150c83eb6a0dca5efa4d9e8 - -From a68d28bfa4db30561150c83eb6a0dca5efa4d9e8 Mon Sep 17 00:00:00 2001 -From: Thomas Waldmann <tw@waldmann-edv.de> -Date: Sat, 16 Dec 2017 01:11:40 +0100 -Subject: [PATCH 1/2] modify borg check unit test so it "hangs", see #3444 - -it doesn't infinitely hang, but slows down considerably. ---- - src/borg/testsuite/archiver.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/borg/testsuite/archiver.py b/src/borg/testsuite/archiver.py -index c7def2c7..b3383e97 100644 ---- a/src/borg/testsuite/archiver.py -+++ b/src/borg/testsuite/archiver.py -@@ -3006,7 +3006,7 @@ def test_missing_file_chunk(self): - def test_missing_archive_item_chunk(self): - archive, repository = self.open_archive('archive1') - with repository: -- repository.delete(archive.metadata.items[-5]) -+ repository.delete(archive.metadata.items[0]) - repository.commit() - self.cmd('check', self.repository_location, exit_code=1) - self.cmd('check', '--repair', self.repository_location, exit_code=0) --- -2.15.1 - - -From e09892caec8a63d59e909518c4e9c230dbd69774 Mon Sep 17 00:00:00 2001 -From: Thomas Waldmann <tw@waldmann-edv.de> -Date: Sat, 16 Dec 2017 01:16:05 +0100 -Subject: [PATCH 2/2] check --repair: fix malfunctioning validator, fixes #3444 - -the major problem was the ('path' in item) expression. -the dict has bytes-typed keys there, so it never succeeded as it -looked for a str key. this is a 1.1 regression, 1.0 was fine. - -the dict -> StableDict change is just for being more specific, -the check triggered correctly as StableDict subclasses dict, -it was just a bit too general. ---- - src/borg/archive.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/borg/archive.py b/src/borg/archive.py -index 239d00b7..be086800 100644 ---- a/src/borg/archive.py -+++ b/src/borg/archive.py -@@ -1457,7 +1457,7 @@ def robust_iterator(archive): - """ - item_keys = frozenset(key.encode() for key in self.manifest.item_keys) - required_item_keys = frozenset(key.encode() for key in REQUIRED_ITEM_KEYS) -- unpacker = RobustUnpacker(lambda item: isinstance(item, dict) and 'path' in item, -+ unpacker = RobustUnpacker(lambda item: isinstance(item, StableDict) and b'path' in item, - self.manifest.item_keys) - _state = 0 - --- -2.15.1 - diff --git a/gnu/packages/patches/chicken-CVE-2017-11343.patch b/gnu/packages/patches/chicken-CVE-2017-11343.patch deleted file mode 100644 index 1d46ad50d9..0000000000 --- a/gnu/packages/patches/chicken-CVE-2017-11343.patch +++ /dev/null @@ -1,57 +0,0 @@ -Fix CVE-2017-11343: - -https://lists.nongnu.org/archive/html/chicken-announce/2017-07/msg00000.html -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11343 - -Patch copied from upstream mailing list: - -http://lists.gnu.org/archive/html/chicken-hackers/2017-06/txtod8Pa1wGU0.txt - -From ae2633195cc5f4f61c9da4ac90f0c14c010dcc3d Mon Sep 17 00:00:00 2001 -From: Peter Bex <address@hidden> -Date: Fri, 30 Jun 2017 15:39:45 +0200 -Subject: [PATCH 2/2] Initialize symbol table after setting up randomization - -Otherwise, the symbol table wouldn't be correctly randomized. ---- - NEWS | 3 +++ - runtime.c | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - -#diff --git a/NEWS b/NEWS -#index f4b0e041..6588b30e 100644 -#--- a/NEWS -#+++ b/NEWS -#@@ -96,6 +96,9 @@ -# buffer overrun and/or segfault (thanks to Lemonboy). -# - CVE-2017-9334: `length' no longer crashes on improper lists (fixes -# #1375, thanks to "megane"). -#+ - The randomization factor of the symbol table was set before -#+ the random seed was set, causing it to have a fixed value on many -#+ platforms. -# -# - Core Libraries -# - Unit "posix": If file-lock, file-lock/blocking or file-unlock are -diff --git a/runtime.c b/runtime.c -index 81c54dd2..a4580abc 100644 ---- a/runtime.c -+++ b/runtime.c -@@ -799,7 +799,6 @@ int CHICKEN_initialize(int heap, int stack, int symbols, void *toplevel) - C_initial_timer_interrupt_period = INITIAL_TIMER_INTERRUPT_PERIOD; - C_timer_interrupt_counter = INITIAL_TIMER_INTERRUPT_PERIOD; - memset(signal_mapping_table, 0, sizeof(int) * NSIG); -- initialize_symbol_table(); - C_dlerror = "cannot load compiled code dynamically - this is a statically linked executable"; - error_location = C_SCHEME_FALSE; - C_pre_gc_hook = NULL; -@@ -816,6 +815,7 @@ int CHICKEN_initialize(int heap, int stack, int symbols, void *toplevel) - callback_continuation_level = 0; - gc_ms = 0; - (void)C_randomize(C_fix(time(NULL))); -+ initialize_symbol_table(); - - if (profiling) { - #ifndef C_NONUNIX --- -2.11.0 - diff --git a/gnu/packages/patches/chicken-CVE-2017-6949.patch b/gnu/packages/patches/chicken-CVE-2017-6949.patch deleted file mode 100644 index 00552eec76..0000000000 --- a/gnu/packages/patches/chicken-CVE-2017-6949.patch +++ /dev/null @@ -1,132 +0,0 @@ -From: LemonBoy <thatlemon@gmail.com> -Date: Fri, 10 Mar 2017 16:29:47 +0100 -Subject: [PATCH] Add bound checking to all srfi-4 vector allocations. - -Do what C_allocate_vector already does and prevent the creation of a -vector that's too big or too small. -We should be very careful to avoid the latter case because the -allocation size is directly fed into `malloc' as 'x + sizeof(C_header)' -thus making possible to successfully allocate a vector smaller than the -C_header structure and get C_block_header_init to write over -uninitialized memory. - -To reduce code duplication, type checking is moved from each of the -make-*vector procedures to the common "alloc" helper procedure. - -Signed-off-by: Peter Bex <peter@more-magic.net> -Signed-off-by: Kooda <kooda@upyum.com> ---- - srfi-4.scm | 34 +++++++++++++++------------------- - 1 file changed, 15 insertions(+), 19 deletions(-) - -diff --git a/srfi-4.scm b/srfi-4.scm -index 7f5412b..69f58ba 100644 ---- a/srfi-4.scm -+++ b/srfi-4.scm -@@ -255,24 +255,28 @@ EOF - - ;;; Basic constructors: - --(let* ([ext-alloc -- (foreign-lambda* scheme-object ([int bytes]) -- "C_word *buf = (C_word *)C_malloc(bytes + sizeof(C_header));" -+(let* ((ext-alloc -+ (foreign-lambda* scheme-object ((size_t bytes)) -+ "C_word *buf;" -+ "if (bytes > C_HEADER_SIZE_MASK) C_return(C_SCHEME_FALSE);" -+ "buf = (C_word *)C_malloc(bytes + sizeof(C_header));" - "if(buf == NULL) C_return(C_SCHEME_FALSE);" - "C_block_header_init(buf, C_make_header(C_BYTEVECTOR_TYPE, bytes));" -- "C_return(buf);") ] -- [ext-free -- (foreign-lambda* void ([scheme-object bv]) -- "C_free((void *)C_block_item(bv, 1));") ] -- [alloc -+ "C_return(buf);") ) -+ (ext-free -+ (foreign-lambda* void ((scheme-object bv)) -+ "C_free((void *)C_block_item(bv, 1));") ) -+ (alloc - (lambda (loc len ext?) -+ (##sys#check-exact len loc) -+ (when (fx< len 0) (##sys#error loc "size is negative" len)) - (if ext? -- (let ([bv (ext-alloc len)]) -+ (let ((bv (ext-alloc len))) - (or bv - (##sys#error loc "not enough memory - cannot allocate external number vector" len)) ) -- (let ([bv (##sys#allocate-vector len #t #f #t)]) ; this could be made better... -+ (let ((bv (##sys#allocate-vector len #t #f #t))) ; this could be made better... - (##core#inline "C_string_to_bytevector" bv) -- bv) ) ) ] ) -+ bv) ) ) ) ) - - (set! release-number-vector - (lambda (v) -@@ -282,7 +286,6 @@ EOF - - (set! make-u8vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-u8vector) - (let ((v (##sys#make-structure 'u8vector (alloc 'make-u8vector len ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -295,7 +298,6 @@ EOF - - (set! make-s8vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-s8vector) - (let ((v (##sys#make-structure 's8vector (alloc 'make-s8vector len ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -308,7 +310,6 @@ EOF - - (set! make-u16vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-u16vector) - (let ((v (##sys#make-structure 'u16vector (alloc 'make-u16vector (##core#inline "C_fixnum_shift_left" len 1) ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -321,7 +322,6 @@ EOF - - (set! make-s16vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-s16vector) - (let ((v (##sys#make-structure 's16vector (alloc 'make-s16vector (##core#inline "C_fixnum_shift_left" len 1) ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -334,7 +334,6 @@ EOF - - (set! make-u32vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-u32vector) - (let ((v (##sys#make-structure 'u32vector (alloc 'make-u32vector (##core#inline "C_fixnum_shift_left" len 2) ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -347,7 +346,6 @@ EOF - - (set! make-s32vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-s32vector) - (let ((v (##sys#make-structure 's32vector (alloc 'make-s32vector (##core#inline "C_fixnum_shift_left" len 2) ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -360,7 +358,6 @@ EOF - - (set! make-f32vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-f32vector) - (let ((v (##sys#make-structure 'f32vector (alloc 'make-f32vector (##core#inline "C_fixnum_shift_left" len 2) ext?)))) - (when (and ext? fin?) (set-finalizer! v ext-free)) - (if (not init) -@@ -375,7 +372,6 @@ EOF - - (set! make-f64vector - (lambda (len #!optional (init #f) (ext? #f) (fin? #t)) -- (##sys#check-exact len 'make-f64vector) - (let ((v (##sys#make-structure - 'f64vector - (alloc 'make-f64vector (##core#inline "C_fixnum_shift_left" len 3) ext?)))) --- -2.1.4 - diff --git a/gnu/packages/patches/icecat-bug-1414945.patch b/gnu/packages/patches/icecat-bug-1414945.patch new file mode 100644 index 0000000000..3638ace1c4 --- /dev/null +++ b/gnu/packages/patches/icecat-bug-1414945.patch @@ -0,0 +1,73 @@ +Based on: + https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/d303b3bb88c3 + +Adapted to apply cleanly to IceCat. + +# HG changeset patch +# User Philip Chimento <philip.chimento@gmail.com> +# Date 1510012155 28800 +# Node ID d303b3bb88c3345d3a089901e2b6fe883d148e44 +# Parent 0152d097672f7e99504815cf7b06d9f303419fba +Bug 1414945 - Don't use TimeDuration in static initializer. r=jandem, a=ritu + +On Darwin this would cause a race between two static initializers. + +diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp +--- a/js/src/shell/js.cpp ++++ b/js/src/shell/js.cpp +@@ -138,17 +138,17 @@ static const size_t gMaxStackSize = 2 * + #else + static const size_t gMaxStackSize = 128 * sizeof(size_t) * 1024; + #endif + + /* + * Limit the timeout to 30 minutes to prevent an overflow on platfoms + * that represent the time internally in microseconds using 32-bit int. + */ +-static const TimeDuration MAX_TIMEOUT_INTERVAL = TimeDuration::FromSeconds(1800.0); ++static const double MAX_TIMEOUT_SECONDS = 1800.0; + + // SharedArrayBuffer and Atomics settings track IceCat. Choose a custom setting + // with --shared-memory={on,off}. + #ifndef RELEASE_OR_BETA + # define SHARED_MEMORY_DEFAULT 1 + #else + # define SHARED_MEMORY_DEFAULT 0 + #endif +@@ -3518,16 +3518,17 @@ Sleep_fn(JSContext* cx, unsigned argc, V + if (!ToNumber(cx, args[0], &t_secs)) + return false; + if (mozilla::IsNaN(t_secs)) { + JS_ReportErrorASCII(cx, "sleep interval is not a number"); + return false; + } + + duration = TimeDuration::FromSeconds(Max(0.0, t_secs)); ++ const TimeDuration MAX_TIMEOUT_INTERVAL = TimeDuration::FromSeconds(MAX_TIMEOUT_SECONDS); + if (duration > MAX_TIMEOUT_INTERVAL) { + JS_ReportErrorASCII(cx, "Excessive sleep interval"); + return false; + } + } + { + LockGuard<Mutex> guard(sc->watchdogLock); + TimeStamp toWakeup = TimeStamp::Now() + duration; +@@ -3675,16 +3676,17 @@ CancelExecution(JSContext* cx) + + static bool + SetTimeoutValue(JSContext* cx, double t) + { + if (mozilla::IsNaN(t)) { + JS_ReportErrorASCII(cx, "timeout is not a number"); + return false; + } ++ const TimeDuration MAX_TIMEOUT_INTERVAL = TimeDuration::FromSeconds(MAX_TIMEOUT_SECONDS); + if (TimeDuration::FromSeconds(t) > MAX_TIMEOUT_INTERVAL) { + JS_ReportErrorASCII(cx, "Excessive timeout value"); + return false; + } + GetShellContext(cx)->timeoutInterval = t; + if (!ScheduleWatchdog(cx, t)) { + JS_ReportErrorASCII(cx, "Failed to create the watchdog"); + return false; + diff --git a/gnu/packages/patches/icecat-bug-1424373-pt2.patch b/gnu/packages/patches/icecat-bug-1424373-pt2.patch new file mode 100644 index 0000000000..cdc7226bd3 --- /dev/null +++ b/gnu/packages/patches/icecat-bug-1424373-pt2.patch @@ -0,0 +1,183 @@ +Based on: + https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/19ea736e7e3d + +Adapted to apply cleanly to IceCat. + +# HG changeset patch +# User Mike Conley <mconley@mozilla.com> +# Date 1513892173 18000 +# Node ID 19ea736e7e3d20555ee6633b9d7803c1225979e1 +# Parent 320032aaa06899f5585dcd0288059e5342118714 +Bug 1424373 - Rename crash report submission pref. r=Mossop a=jcristau + +diff --git a/browser/app/profile/icecat.js b/browser/app/profile/icecat.js +--- a/browser/app/profile/icecat.js ++++ b/browser/app/profile/icecat.js +@@ -1557,15 +1557,15 @@ pref("browser.crashReports.unsubmittedCh + pref("browser.crashReports.unsubmittedCheck.enabled", false); + #endif + + // chancesUntilSuppress is how many times we'll show the unsubmitted + // crash report notification across different days and shutdown + // without a user choice before we suppress the notification for + // some number of days. + pref("browser.crashReports.unsubmittedCheck.chancesUntilSuppress", 4); +-pref("browser.crashReports.unsubmittedCheck.autoSubmit", false); ++pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); + + #ifdef NIGHTLY_BUILD + // Enable the (fairly costly) client/server validation on nightly only. The other prefs + // controlling validation are located in /services/sync/services-sync.js + pref("services.sync.validation.enabled", true); + #endif +diff --git a/browser/base/content/test/tabcrashed/browser_autoSubmitRequest.js b/browser/base/content/test/tabcrashed/browser_autoSubmitRequest.js +--- a/browser/base/content/test/tabcrashed/browser_autoSubmitRequest.js ++++ b/browser/base/content/test/tabcrashed/browser_autoSubmitRequest.js +@@ -1,12 +1,12 @@ + "use strict"; + + const PAGE = "data:text/html,<html><body>A%20regular,%20everyday,%20normal%20page."; +-const AUTOSUBMIT_PREF = "browser.crashReports.unsubmittedCheck.autoSubmit"; ++const AUTOSUBMIT_PREF = "browser.crashReports.unsubmittedCheck.autoSubmit2"; + + const {TabStateFlusher} = + Cu.import("resource:///modules/sessionstore/TabStateFlusher.jsm", {}); + + // On debug builds, crashing tabs results in much thinking, which + // slows down the test and results in intermittent test timeouts, + // so we'll pump up the expected timeout for this test. + requestLongerTimeout(2); +diff --git a/browser/components/preferences/in-content/advanced.xul b/browser/components/preferences/in-content/advanced.xul +--- a/browser/components/preferences/in-content/advanced.xul ++++ b/browser/components/preferences/in-content/advanced.xul +@@ -51,18 +51,18 @@ + #ifdef MOZ_TELEMETRY_REPORTING + <preference id="toolkit.telemetry.enabled" + name="toolkit.telemetry.enabled" + type="bool"/> + #endif + + <!-- Data Choices tab --> + #ifdef MOZ_CRASHREPORTER +- <preference id="browser.crashReports.unsubmittedCheck.autoSubmit" +- name="browser.crashReports.unsubmittedCheck.autoSubmit" ++ <preference id="browser.crashReports.unsubmittedCheck.autoSubmit2" ++ name="browser.crashReports.unsubmittedCheck.autoSubmit2" + type="bool"/> + #endif + + <!-- Network tab --> + <preference id="browser.cache.disk.capacity" + name="browser.cache.disk.capacity" + type="int"/> + <preference id="browser.offline-apps.notify" +@@ -232,17 +232,17 @@ + </hbox> + </vbox> + </groupbox> + #endif + #ifdef MOZ_CRASHREPORTER + <groupbox> + <caption> + <checkbox id="automaticallySubmitCrashesBox" +- preference="browser.crashReports.unsubmittedCheck.autoSubmit" ++ preference="browser.crashReports.unsubmittedCheck.autoSubmit2" + label="&alwaysSubmitCrashReports.label;" + accesskey="&alwaysSubmitCrashReports.accesskey;"/> + </caption> + <hbox class="indent"> + <label flex="1">&crashReporterDesc2.label;</label> + <spacer flex="10"/> + <label id="crashReporterLearnMore" + class="text-link">&crashReporterLearnMore.label;</label> +diff --git a/browser/components/sessionstore/test/browser_background_tab_crash.js b/browser/components/sessionstore/test/browser_background_tab_crash.js +--- a/browser/components/sessionstore/test/browser_background_tab_crash.js ++++ b/browser/components/sessionstore/test/browser_background_tab_crash.js +@@ -142,17 +142,17 @@ add_task(function* test_background_crash + /** + * Tests that if a content process crashes taking down only + * background tabs, and the user is configured to send backlogged + * crash reports automatically, that the tab crashed page is not + * shown. + */ + add_task(function* test_background_crash_autosubmit_backlogged() { + yield SpecialPowers.pushPrefEnv({ +- set: [["browser.crashReports.unsubmittedCheck.autoSubmit", true]], ++ set: [["browser.crashReports.unsubmittedCheck.autoSubmit2", true]], + }); + + yield setupBackgroundTabs(function*([tab1, tab2]) { + // Let's crash one of those background tabs now... + yield crashBackgroundTabs([tab1, tab2]); + + // Selecting the first tab should restore it. + let tabRestored = promiseTabRestored(tab1); +diff --git a/browser/modules/ContentCrashHandlers.jsm b/browser/modules/ContentCrashHandlers.jsm +--- a/browser/modules/ContentCrashHandlers.jsm ++++ b/browser/modules/ContentCrashHandlers.jsm +@@ -865,21 +865,21 @@ this.UnsubmittedCrashHandler = { + return nb.appendNotification(message, notificationID, + "chrome://browser/skin/tab-crashed.svg", + nb.PRIORITY_INFO_HIGH, buttons, + eventCallback); + }, + + get autoSubmit() { + return Services.prefs +- .getBoolPref("browser.crashReports.unsubmittedCheck.autoSubmit"); ++ .getBoolPref("browser.crashReports.unsubmittedCheck.autoSubmit2"); + }, + + set autoSubmit(val) { +- Services.prefs.setBoolPref("browser.crashReports.unsubmittedCheck.autoSubmit", ++ Services.prefs.setBoolPref("browser.crashReports.unsubmittedCheck.autoSubmit2", + val); + }, + + /** + * Attempt to submit reports to the crash report server. Each + * report will have the "SubmittedFromInfobar" extra key set + * to true. + * +diff --git a/browser/modules/test/browser_UnsubmittedCrashHandler.js b/browser/modules/test/browser_UnsubmittedCrashHandler.js +--- a/browser/modules/test/browser_UnsubmittedCrashHandler.js ++++ b/browser/modules/test/browser_UnsubmittedCrashHandler.js +@@ -344,17 +344,17 @@ add_task(function* test_can_submit_sever + clearPendingCrashReports(); + }); + + /** + * Tests that choosing "Send Always" flips the autoSubmit pref + * and sends the pending crash reports. + */ + add_task(function* test_can_submit_always() { +- let pref = "browser.crashReports.unsubmittedCheck.autoSubmit"; ++ let pref = "browser.crashReports.unsubmittedCheck.autoSubmit2"; + Assert.equal(Services.prefs.getBoolPref(pref), false, + "We should not be auto-submitting by default"); + + let reportIDs = yield createPendingCrashReports(1); + let notification = + yield UnsubmittedCrashHandler.checkForUnsubmittedCrashReports(); + Assert.ok(notification, "There should be a notification"); + +@@ -388,17 +388,17 @@ add_task(function* test_can_submit_alway + + /** + * Tests that if the user has chosen to automatically send + * crash reports that no notification is displayed to the + * user. + */ + add_task(function* test_can_auto_submit() { + yield SpecialPowers.pushPrefEnv({ set: [ +- ["browser.crashReports.unsubmittedCheck.autoSubmit", true], ++ ["browser.crashReports.unsubmittedCheck.autoSubmit2", true], + ]}); + + let reportIDs = yield createPendingCrashReports(3); + let promiseReports = waitForSubmittedReports(reportIDs); + let notification = + yield UnsubmittedCrashHandler.checkForUnsubmittedCrashReports(); + Assert.equal(notification, null, "There should be no notification"); + info("Waiting on reports to be received."); + diff --git a/gnu/packages/patches/libgxps-CVE-2017-11590.patch b/gnu/packages/patches/libgxps-CVE-2017-11590.patch new file mode 100644 index 0000000000..9caa79b6f0 --- /dev/null +++ b/gnu/packages/patches/libgxps-CVE-2017-11590.patch @@ -0,0 +1,48 @@ +Fix CVE-2017-11590: + +https://bugzilla.gnome.org/show_bug.cgi?id=785479 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11590 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/libgxps/commit/?id=9d5d292055250ed298f3b89dc332d6db4003a031 + +From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001 +From: Marek Kasik <mkasik@redhat.com> +Date: Wed, 26 Jul 2017 16:23:37 +0200 +Subject: archive: Check for pathname being NULL before dereferencing + +Check whether "archive_entry_pathname ()" returns a non-NULL pathname +before using it to avoid a NULL pointer being dereferenced. + +https://bugzilla.gnome.org/show_bug.cgi?id=785479 +--- + libgxps/gxps-archive.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c +index acf8d7d..e763773 100644 +--- a/libgxps/gxps-archive.c ++++ b/libgxps/gxps-archive.c +@@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable, + GXPSArchive *archive; + ZipArchive *zip; + struct archive_entry *entry; ++ const gchar *pathname; + + archive = GXPS_ARCHIVE (initable); + +@@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable, + + while (gxps_zip_archive_iter_next (zip, &entry)) { + /* FIXME: We can ignore directories here */ +- g_hash_table_add (archive->entries, g_strdup (archive_entry_pathname (entry))); ++ pathname = archive_entry_pathname (entry); ++ if (pathname != NULL) ++ g_hash_table_add (archive->entries, g_strdup (pathname)); + archive_read_data_skip (zip->archive); + } + +-- +cgit v0.12 + diff --git a/gnu/packages/patches/python-pillow-fix-failing-tests.patch b/gnu/packages/patches/python-pillow-fix-failing-tests.patch Binary files differnew file mode 100644 index 0000000000..2575d6f612 --- /dev/null +++ b/gnu/packages/patches/python-pillow-fix-failing-tests.patch diff --git a/gnu/packages/patches/python-pillow-freetype-2.7-test-failure.patch b/gnu/packages/patches/python-pillow-freetype-2.7-test-failure.patch deleted file mode 100644 index 18bc30bc79..0000000000 --- a/gnu/packages/patches/python-pillow-freetype-2.7-test-failure.patch +++ /dev/null @@ -1,75 +0,0 @@ -Fix some test failures when building with freetype-2.7. - -https://github.com/python-pillow/Pillow/issues/2116 -https://github.com/python-pillow/Pillow/pull/2286 - -Patch copied from upstream source repository: - -https://github.com/python-pillow/Pillow/commit/acf68c835c93ba144f83198306aa7e6082a43f43 - -From acf68c835c93ba144f83198306aa7e6082a43f43 Mon Sep 17 00:00:00 2001 -From: hugovk <hugovk@users.noreply.github.com> -Date: Mon, 12 Dec 2016 15:16:43 +0200 -Subject: [PATCH] Increase epsilon for FreeType 2.7 - ---- - Tests/test_imagefont.py | 15 ++++++++++----- - 1 file changed, 10 insertions(+), 5 deletions(-) - -diff --git a/Tests/test_imagefont.py b/Tests/test_imagefont.py -index de89ac92..5207dce3 100644 ---- a/Tests/test_imagefont.py -+++ b/Tests/test_imagefont.py -@@ -125,7 +125,9 @@ try: - - target = 'Tests/images/rectangle_surrounding_text.png' - target_img = Image.open(target) -- self.assert_image_similar(im, target_img, .5) -+ -+ # Epsilon ~.5 fails with FreeType 2.7 -+ self.assert_image_similar(im, target_img, 2.5) - - def test_render_multiline(self): - im = Image.new(mode='RGB', size=(300, 100)) -@@ -144,7 +146,7 @@ try: - # some versions of freetype have different horizontal spacing. - # setting a tight epsilon, I'm showing the original test failure - # at epsilon = ~38. -- self.assert_image_similar(im, target_img, .5) -+ self.assert_image_similar(im, target_img, 6.2) - - def test_render_multiline_text(self): - ttf = ImageFont.truetype(FONT_PATH, FONT_SIZE) -@@ -158,7 +160,8 @@ try: - target = 'Tests/images/multiline_text.png' - target_img = Image.open(target) - -- self.assert_image_similar(im, target_img, .5) -+ # Epsilon ~.5 fails with FreeType 2.7 -+ self.assert_image_similar(im, target_img, 6.2) - - # Test that text() can pass on additional arguments - # to multiline_text() -@@ -178,7 +181,8 @@ try: - target = 'Tests/images/multiline_text'+ext+'.png' - target_img = Image.open(target) - -- self.assert_image_similar(im, target_img, .5) -+ # Epsilon ~.5 fails with FreeType 2.7 -+ self.assert_image_similar(im, target_img, 6.2) - - def test_unknown_align(self): - im = Image.new(mode='RGB', size=(300, 100)) -@@ -227,7 +231,8 @@ try: - target = 'Tests/images/multiline_text_spacing.png' - target_img = Image.open(target) - -- self.assert_image_similar(im, target_img, .5) -+ # Epsilon ~.5 fails with FreeType 2.7 -+ self.assert_image_similar(im, target_img, 6.2) - - def test_rotated_transposed_font(self): - img_grey = Image.new("L", (100, 100)) --- -2.12.0 - |