aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMarius Bakke <marius@gnu.org>2020-05-26 22:38:12 +0200
committerMarius Bakke <marius@gnu.org>2020-05-26 22:38:12 +0200
commit8a7a5dc7805f4628e60f90af6b2416f951d0c034 (patch)
tree63f13443ea5c9e7ee5bb219fc9ff4f1eacfbf21a /gnu/packages/patches
parentc37b621cf3f0cd9c06677b4be6f931d927e7fea5 (diff)
parent8bd0b533b30d7ee5e03aee99a2eb96d5b0b1c836 (diff)
downloadguix-8a7a5dc7805f4628e60f90af6b2416f951d0c034.tar
guix-8a7a5dc7805f4628e60f90af6b2416f951d0c034.tar.gz
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/deja-dup-use-ref-keyword-for-iter.patch41
-rw-r--r--gnu/packages/patches/enlightenment-fix-setuid-path.patch223
-rw-r--r--gnu/packages/patches/git-annex-S3v4.patch77
-rw-r--r--gnu/packages/patches/guile-fibers-destroy-peer-schedulers.patch24
-rw-r--r--gnu/packages/patches/libexif-CVE-2016-6328.patch72
-rw-r--r--gnu/packages/patches/libexif-CVE-2017-7544.patch29
-rw-r--r--gnu/packages/patches/libexif-CVE-2018-20030.patch120
-rw-r--r--gnu/packages/patches/network-manager-plugin-path.patch (renamed from gnu/packages/patches/nm-plugin-path.patch)0
-rw-r--r--gnu/packages/patches/pidgin-libnm.patch60
-rw-r--r--gnu/packages/patches/python-argcomplete-1.11.1-fish31.patch29
10 files changed, 156 insertions, 519 deletions
diff --git a/gnu/packages/patches/deja-dup-use-ref-keyword-for-iter.patch b/gnu/packages/patches/deja-dup-use-ref-keyword-for-iter.patch
deleted file mode 100644
index a03e0c5481..0000000000
--- a/gnu/packages/patches/deja-dup-use-ref-keyword-for-iter.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 5676766be5e845ccb6cdf46cfa8722497f151752 Mon Sep 17 00:00:00 2001
-From: Jeremy Bicha <jbicha@ubuntu.com>
-Date: Fri, 16 Jun 2017 15:11:37 -0400
-Subject: Use 'ref' keyword for iter, requires vala 0.36
-
-
-diff --git a/deja-dup/widgets/ConfigList.vala b/deja-dup/widgets/ConfigList.vala
-index 15de2d6..02cd81a 100644
---- a/deja-dup/widgets/ConfigList.vala
-+++ b/deja-dup/widgets/ConfigList.vala
-@@ -333,7 +333,7 @@ public class ConfigList : ConfigWidget
-
- model.row_deleted.disconnect(write_to_config);
- foreach (Gtk.TreeIter iter in iters) {
-- (model as Gtk.ListStore).remove(iter);
-+ (model as Gtk.ListStore).remove(ref iter);
- }
- model.row_deleted.connect(write_to_config);
-
-diff --git a/deja-dup/widgets/ConfigLocation.vala b/deja-dup/widgets/ConfigLocation.vala
-index 869e2a8..d21c556 100644
---- a/deja-dup/widgets/ConfigLocation.vala
-+++ b/deja-dup/widgets/ConfigLocation.vala
-@@ -397,12 +397,12 @@ public class ConfigLocation : ConfigWidget
- if (uuid == saved_uuid)
- return;
-
-- store.remove(iter);
-+ store.remove(ref iter);
-
- if (--num_volumes == 0) {
- Gtk.TreeIter sep_iter;
- if (store.get_iter_from_string(out sep_iter, index_vol_sep.to_string())) {
-- store.remove(sep_iter);
-+ store.remove(ref sep_iter);
- index_vol_sep = -2;
- }
- }
---
-cgit v0.10.2
-
diff --git a/gnu/packages/patches/enlightenment-fix-setuid-path.patch b/gnu/packages/patches/enlightenment-fix-setuid-path.patch
index c48f18c8ec..f2930845ba 100644
--- a/gnu/packages/patches/enlightenment-fix-setuid-path.patch
+++ b/gnu/packages/patches/enlightenment-fix-setuid-path.patch
@@ -1,34 +1,31 @@
diff --git a/src/bin/e_auth.c b/src/bin/e_auth.c
-index 00b0e5d84..98ab4518f 100644
+index 8b0aa6641..f15d2c2a2 100644
--- a/src/bin/e_auth.c
+++ b/src/bin/e_auth.c
-@@ -9,8 +9,7 @@ e_auth_begin(char *passwd)
+@@ -11,9 +11,7 @@ e_auth_begin(char *passwd)
+ pwlen = strlen(passwd);
+ if (pwlen == 0) goto out;
- if (strlen(passwd) == 0) goto out;
-
-- snprintf(buf, sizeof(buf), "%s/enlightenment/utils/enlightenment_ckpasswd",
+- snprintf(buf, sizeof(buf),
+- "%s/enlightenment/utils/enlightenment_ckpasswd pw",
- e_prefix_lib_get());
+ snprintf(buf, sizeof(buf), "/run/setuid-programs/enlightenment_ckpasswd");
+ exe = ecore_exe_pipe_run(buf, ECORE_EXE_PIPE_WRITE, NULL);
+ if (!exe) goto out;
+ if (ecore_exe_send(exe, passwd, pwlen) != EINA_TRUE) goto out;
+@@ -46,9 +44,7 @@ e_auth_polkit_begin(char *passwd, const char *cookie, unsigned int uid)
+ pwlen = strlen(passwd);
+ if (pwlen == 0) goto out;
+- snprintf(buf, sizeof(buf),
+- "%s/enlightenment/utils/enlightenment_ckpasswd pk",
+- e_prefix_lib_get());
++ snprintf(buf, sizeof(buf), "/run/setuid-programs/enlightenment_ckpasswd");
exe = ecore_exe_pipe_run(buf, ECORE_EXE_PIPE_WRITE, NULL);
- if (ecore_exe_send(exe, passwd, strlen(passwd)) != EINA_TRUE) goto out;
-diff --git a/src/bin/e_backlight.c b/src/bin/e_backlight.c
-index 2bced6766..208e583ba 100644
---- a/src/bin/e_backlight.c
-+++ b/src/bin/e_backlight.c
-@@ -521,8 +521,8 @@ _bl_sys_level_set(double val)
- }
- // fprintf(stderr, "SET: %1.3f\n", val);
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_backlight %i %s",
-- e_prefix_lib_get(), (int)(val * 1000.0), bl_sysval);
-+ "/run/setuid-programs/enlightenment_backlight %i %s",
-+ (int)(val * 1000.0), bl_sysval);
- bl_sys_set_exe = ecore_exe_run(buf, NULL);
- }
- #endif // HAVE_EEZE || __FreeBSD_kernel__
+ if (!exe) goto out;
+ snprintf(buf, sizeof(buf), "%s %u %s", cookie, uid, passwd);
diff --git a/src/bin/e_fm/e_fm_main_eeze.c b/src/bin/e_fm/e_fm_main_eeze.c
-index 0fcffa249..c1921121d 100644
+index 9b10b3117..74e6b72ad 100644
--- a/src/bin/e_fm/e_fm_main_eeze.c
+++ b/src/bin/e_fm/e_fm_main_eeze.c
@@ -318,7 +318,7 @@ _e_fm_main_eeze_volume_eject(E_Volume *v)
@@ -58,163 +55,29 @@ index 0fcffa249..c1921121d 100644
eeze_disk_mount_wrapper_set(v->disk, buf2);
}
v->guard = ecore_timer_loop_add(E_FM_MOUNT_TIMEOUT, (Ecore_Task_Cb)_e_fm_main_eeze_vol_mount_timeout, v);
-diff --git a/src/bin/e_sys.c b/src/bin/e_sys.c
-index 671fbcd9a..90ee04cf1 100644
---- a/src/bin/e_sys.c
-+++ b/src/bin/e_sys.c
-@@ -702,20 +702,16 @@ _e_sys_cb_timer(void *data EINA_UNUSED)
-
- e_init_status_set(_("Checking System Permissions"));
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys -t halt",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys -t halt");
- _e_sys_halt_check_exe = ecore_exe_run(buf, NULL);
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys -t reboot",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys -t reboot");
- _e_sys_reboot_check_exe = ecore_exe_run(buf, NULL);
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys -t suspend",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys -t suspend");
- _e_sys_suspend_check_exe = ecore_exe_run(buf, NULL);
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys -t hibernate",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys -t hibernate");
- _e_sys_hibernate_check_exe = ecore_exe_run(buf, NULL);
- return ECORE_CALLBACK_CANCEL;
- }
-@@ -1134,8 +1130,7 @@ _e_sys_action_do(E_Sys_Action a, char *param EINA_UNUSED, Eina_Bool raw)
- if (e_util_immortal_check()) return 0;
- e_fm2_die();
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys halt",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys halt");
- if (_e_sys_exe)
- {
- if ((ecore_time_get() - _e_sys_begin_time) > 2.0)
-@@ -1170,8 +1165,7 @@ _e_sys_action_do(E_Sys_Action a, char *param EINA_UNUSED, Eina_Bool raw)
- if (e_util_immortal_check()) return 0;
- e_fm2_die();
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys reboot",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys reboot");
- if (_e_sys_exe)
- {
- if ((ecore_time_get() - _e_sys_begin_time) > 2.0)
-@@ -1204,8 +1198,7 @@ _e_sys_action_do(E_Sys_Action a, char *param EINA_UNUSED, Eina_Bool raw)
- case E_SYS_SUSPEND:
- /* /etc/acpi/sleep.sh force */
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys suspend",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys suspend");
- if (_e_sys_exe)
- {
- if ((ecore_time_get() - _e_sys_begin_time) > 2.0)
-@@ -1265,8 +1258,7 @@ _e_sys_action_do(E_Sys_Action a, char *param EINA_UNUSED, Eina_Bool raw)
- case E_SYS_HIBERNATE:
- /* /etc/acpi/hibernate.sh force */
- snprintf(buf, sizeof(buf),
-- "%s/enlightenment/utils/enlightenment_sys hibernate",
-- e_prefix_lib_get());
-+ "/run/setuid-programs/enlightenment_sys hibernate");
- if (_e_sys_exe)
- {
- if ((ecore_time_get() - _e_sys_begin_time) > 2.0)
-diff --git a/src/modules/bluez4/e_mod_main.c b/src/modules/bluez4/e_mod_main.c
-index 4b5148634..47d34b07f 100644
---- a/src/modules/bluez4/e_mod_main.c
-+++ b/src/modules/bluez4/e_mod_main.c
-@@ -49,8 +49,8 @@ _ebluez_l2ping_poller(void *data EINA_UNUSED)
-
- if (tmp)
- {
-- eina_strbuf_append_printf(buf, "%s/enlightenment/utils/enlightenment_sys l2ping %s",
-- e_prefix_lib_get(), tmp);
-+ eina_strbuf_append_printf(buf, "/run/setuid-programs/enlightenment_sys l2ping %s",
-+ tmp);
- autolock_exe = ecore_exe_run(eina_strbuf_string_get(buf), NULL);
- }
-
-@@ -692,8 +692,7 @@ e_modapi_init(E_Module *m)
- autolock_desklock = ecore_event_handler_add(E_EVENT_DESKLOCK, _ebluez_desklock, NULL);
-
- buf = eina_strbuf_new();
-- eina_strbuf_append_printf(buf, "%s/enlightenment/utils/enlightenment_sys -t l2ping",
-- e_prefix_lib_get());
-+ eina_strbuf_append_printf(buf, "/run/setuid-programs/enlightenment_sys -t l2ping");
- autolock_exe = ecore_exe_run(eina_strbuf_string_get(buf), NULL);
- eina_strbuf_free(buf);
-
-diff --git a/src/modules/bluez5/e_mod_main.c b/src/modules/bluez5/e_mod_main.c
-index a581c466c..095d8f360 100644
---- a/src/modules/bluez5/e_mod_main.c
-+++ b/src/modules/bluez5/e_mod_main.c
-@@ -321,8 +321,8 @@ ebluez5_rfkill_unblock(const char *name)
- if (buf)
- {
- eina_strbuf_append_printf
-- (buf, "%s/enlightenment/utils/enlightenment_sys rfkill-unblock %s",
-- e_prefix_lib_get(), name);
-+ (buf, "/run/setuid-programs/enlightenment_sys rfkill-unblock %s",
-+ name);
- _rfkill_exe = ecore_exe_run(eina_strbuf_string_get(buf), NULL);
- eina_strbuf_free(buf);
- }
-diff --git a/src/modules/cpufreq/e_mod_main.c b/src/modules/cpufreq/e_mod_main.c
-index b66b365d8..bab0802cc 100644
---- a/src/modules/cpufreq/e_mod_main.c
-+++ b/src/modules/cpufreq/e_mod_main.c
-@@ -1452,8 +1452,7 @@ e_modapi_init(E_Module *m)
- }
- E_CONFIG_LIMIT(cpufreq_config->poll_interval, 1, 1024);
-
-- snprintf(buf, sizeof(buf), "%s/%s/freqset",
-- e_module_dir_get(m), MODULE_ARCH);
-+ snprintf(buf, sizeof(buf), "/run/setuid-programs/freqset");
- cpufreq_config->set_exe_path = strdup(buf);
-
- if (stat(buf, &st) < 0)
-diff --git a/src/modules/sysinfo/cpuclock/cpuclock.c b/src/modules/sysinfo/cpuclock/cpuclock.c
-index 938916e53..00d5067d0 100644
---- a/src/modules/sysinfo/cpuclock/cpuclock.c
-+++ b/src/modules/sysinfo/cpuclock/cpuclock.c
-@@ -80,8 +80,7 @@ _cpuclock_set_governor(const char *governor)
- char buf[4096 + 100], exe[4096];
- struct stat st;
-
-- snprintf(exe, 4096, "%s/%s/cpuclock_sysfs",
-- e_module_dir_get(sysinfo_config->module), MODULE_ARCH);
-+ snprintf(exe, 4096, "/run/setuid-programs/cpuclock_sysfs");
- if (stat(exe, &st) < 0) return;
-
- snprintf(buf, sizeof(buf),
-@@ -108,8 +107,7 @@ _cpuclock_set_frequency(int frequency)
- if (system(buf) != 0)
- ERR("Error code from trying to run \"%s\"", buf);
- #else
-- snprintf(exe, 4096, "%s/%s/cpuclock_sysfs",
-- e_module_dir_get(sysinfo_config->module), MODULE_ARCH);
-+ snprintf(exe, 4096, "/run/setuid-programs/cpuclock_sysfs");
- if (stat(exe, &st) < 0) return;
- snprintf(buf, sizeof(buf),
- "%s %s %i", exe, "frequency", frequency);
-@@ -127,8 +125,7 @@ _cpuclock_set_pstate(int min, int max, int turbo)
- char buf[4096 + 100], exe[4096];
- struct stat st;
+diff --git a/src/bin/e_start_main.c b/src/bin/e_start_main.c
+index b2c439455..cb16c7bd4 100644
+--- a/src/bin/e_start_main.c
++++ b/src/bin/e_start_main.c
+@@ -710,7 +710,7 @@ main(int argc, char **argv)
+ "E_ALERT_FONT_DIR=%s/data/fonts", eina_prefix_data_get(pfx));
+ putenv(buf2);
+ snprintf(buf3, sizeof(buf3),
+- "E_ALERT_SYSTEM_BIN=%s/enlightenment/utils/enlightenment_system", eina_prefix_lib_get(pfx));
++ "E_ALERT_SYSTEM_BIN=/run/setuid-programs/enlightenment_system");
+ putenv(buf3);
-- snprintf(exe, 4096, "%s/%s/cpuclock_sysfs",
-- e_module_dir_get(sysinfo_config->module), MODULE_ARCH);
-+ snprintf(exe, 4096, "/run/setuid-programs/cpuclock_sysfs");
- if (stat(exe, &st) < 0) return;
+ if ((valgrind_mode || valgrind_tool) &&
+diff --git a/src/bin/e_system.c b/src/bin/e_system.c
+index 1e7aabb64..dc0173219 100644
+--- a/src/bin/e_system.c
++++ b/src/bin/e_system.c
+@@ -132,7 +132,7 @@ _system_spawn(void)
+ else _respawn_count = 0;
+ if (_respawn_count > 5) return;
snprintf(buf, sizeof(buf),
- "%s %s %i %i %i", exe, "pstate", min, max, turbo);
---
-2.23.0
-
+- "%s/enlightenment/utils/enlightenment_system", e_prefix_lib_get());
++ "/run/setuid-programs/enlightenment_system");
+ _system_exe = ecore_exe_pipe_run
+ (buf, ECORE_EXE_NOT_LEADER | ECORE_EXE_TERM_WITH_PARENT |
+ ECORE_EXE_PIPE_READ | ECORE_EXE_PIPE_WRITE, NULL);
diff --git a/gnu/packages/patches/git-annex-S3v4.patch b/gnu/packages/patches/git-annex-S3v4.patch
deleted file mode 100644
index 9f7cea329e..0000000000
--- a/gnu/packages/patches/git-annex-S3v4.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From the upstream commit, with the changes to CHANGELOG and the docs
-folder removed.
-
-From 1532d67c3ecf452b8c86bcc5928525398755cd01 Mon Sep 17 00:00:00 2001
-From: Joey Hess <joeyh@joeyh.name>
-Date: Thu, 7 May 2020 13:18:11 -0400
-Subject: [PATCH] S3: Support signature=v4
-
-To use S3 Signature Version 4. Some S3 services seem to require v4, while
-others may only support v2, which remains the default.
-
-I'm also not sure if v4 works correctly in all cases, there is this
-upstream bug report: https://github.com/aristidb/aws/issues/262
-I've only tested it against the default S3 endpoint.
----
- CHANGELOG | 3 +++
- Remote/S3.hs | 23 ++++++++++++++++++-
- ..._3bbdf23c8a4a480f4f6b8e8a2f8ddecd._comment | 13 +++++++++++
- ..._854390b9a781da82ecb85ad85eecad04._comment | 13 +++++++++++
- doc/special_remotes/S3.mdwn | 4 ++++
- ..._cf57e8dbd9fdc7c487565b61808b6bb2._comment | 10 ++++++++
- 6 files changed, 65 insertions(+), 1 deletion(-)
- create mode 100644 doc/bugs/S3_special_remote_support_for_DigitalOcean_Spaces/comment_2_3bbdf23c8a4a480f4f6b8e8a2f8ddecd._comment
- create mode 100644 doc/forum/backblaze_s3/comment_1_854390b9a781da82ecb85ad85eecad04._comment
- create mode 100644 doc/special_remotes/S3/comment_34_cf57e8dbd9fdc7c487565b61808b6bb2._comment
-
-diff --git a/Remote/S3.hs b/Remote/S3.hs
-index cb345d1f8..e3ea492f2 100644
---- a/Remote/S3.hs
-+++ b/Remote/S3.hs
-@@ -99,6 +99,8 @@ remote = specialRemoteType $ RemoteType
- (FieldDesc "port to connect to")
- , optionalStringParser requeststyleField
- (FieldDesc "for path-style requests, set to \"path\"")
-+ , signatureVersionParser signatureField
-+ (FieldDesc "S3 signature version")
- , optionalStringParser mungekeysField HiddenField
- , optionalStringParser AWS.s3credsField HiddenField
- ]
-@@ -148,6 +150,22 @@ protocolField = Accepted "protocol"
- requeststyleField :: RemoteConfigField
- requeststyleField = Accepted "requeststyle"
-
-+signatureField :: RemoteConfigField
-+signatureField = Accepted "signature"
-+
-+newtype SignatureVersion = SignatureVersion Int
-+
-+signatureVersionParser :: RemoteConfigField -> FieldDesc -> RemoteConfigFieldParser
-+signatureVersionParser f fd =
-+ genParser go f defver fd
-+ (Just (ValueDesc "v2 or v4"))
-+ where
-+ go "v2" = Just (SignatureVersion 2)
-+ go "v4" = Just (SignatureVersion 4)
-+ go _ = Nothing
-+
-+ defver = SignatureVersion 2
-+
- portField :: RemoteConfigField
- portField = Accepted "port"
-
-@@ -877,7 +895,10 @@ s3Configuration c = cfg
- Nothing
- | port == 443 -> AWS.HTTPS
- | otherwise -> AWS.HTTP
-- cfg = S3.s3 proto endpoint False
-+ cfg = case getRemoteConfigValue signatureField c of
-+ Just (SignatureVersion 4) ->
-+ S3.s3v4 proto endpoint False S3.SignWithEffort
-+ _ -> S3.s3 proto endpoint False
-
- data S3Info = S3Info
- { bucket :: S3.Bucket
---
-2.26.2
-
diff --git a/gnu/packages/patches/guile-fibers-destroy-peer-schedulers.patch b/gnu/packages/patches/guile-fibers-destroy-peer-schedulers.patch
new file mode 100644
index 0000000000..8bb7153153
--- /dev/null
+++ b/gnu/packages/patches/guile-fibers-destroy-peer-schedulers.patch
@@ -0,0 +1,24 @@
+Fibers 1.0.0 has a bug in run-fibers in which peer schedulers aren't destroyed -
+so if you had 4 cores, 1 would be destroyed when run-fibers returned, but the
+other 3 would stay around. Each scheduler uses 3 file descriptors, so for
+machines with many cores, this resource leak adds up quickly - quickly enough
+that the test suite can even fail because of it.
+
+See https://github.com/wingo/fibers/issues/36.
+
+This fixes that. It should be safe to destroy the peer schedulers at the given
+point because the threads that could be running them are all either dead or the
+current thread.
+
+As of May 21, 2020, this bug still existed in the 1.0.0 (latest) release and in
+git master.
+--- a/fibers.scm 2020-05-21 18:38:06.890690154 -0500
++++ b/fibers.scm 2020-05-21 18:38:56.395686693 -0500
+@@ -137,5 +137,6 @@
+ (%run-fibers scheduler hz finished? affinity))
+ (lambda ()
+ (stop-auxiliary-threads scheduler)))))
++ (for-each destroy-scheduler (scheduler-remote-peers scheduler))
+ (destroy-scheduler scheduler)
+ (apply values (atomic-box-ref ret))))))
+
diff --git a/gnu/packages/patches/libexif-CVE-2016-6328.patch b/gnu/packages/patches/libexif-CVE-2016-6328.patch
deleted file mode 100644
index 67fee0f528..0000000000
--- a/gnu/packages/patches/libexif-CVE-2016-6328.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-Fix CVE-2016-6328:
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1366239
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
-
-Patch copied from upstream source repository:
-
-https://github.com/libexif/libexif/commit/41bd04234b104312f54d25822f68738ba8d7133d
-
-From 41bd04234b104312f54d25822f68738ba8d7133d Mon Sep 17 00:00:00 2001
-From: Marcus Meissner <marcus@jet.franken.de>
-Date: Tue, 25 Jul 2017 23:44:44 +0200
-Subject: [PATCH] fixes some (not all) buffer overreads during decoding pentax
- makernote entries.
-
-This should fix:
-https://sourceforge.net/p/libexif/bugs/125/ CVE-2016-6328
----
- libexif/pentax/mnote-pentax-entry.c | 16 +++++++++++++---
- 1 file changed, 13 insertions(+), 3 deletions(-)
-
-diff --git a/libexif/pentax/mnote-pentax-entry.c b/libexif/pentax/mnote-pentax-entry.c
-index d03d159..ea0429a 100644
---- a/libexif/pentax/mnote-pentax-entry.c
-+++ b/libexif/pentax/mnote-pentax-entry.c
-@@ -425,24 +425,34 @@ mnote_pentax_entry_get_value (MnotePentaxEntry *entry,
- case EXIF_FORMAT_SHORT:
- {
- const unsigned char *data = entry->data;
-- size_t k, len = strlen(val);
-+ size_t k, len = strlen(val), sizeleft;
-+
-+ sizeleft = entry->size;
- for(k=0; k<entry->components; k++) {
-+ if (sizeleft < 2)
-+ break;
- vs = exif_get_short (data, entry->order);
- snprintf (val+len, maxlen-len, "%i ", vs);
- len = strlen(val);
- data += 2;
-+ sizeleft -= 2;
- }
- }
- break;
- case EXIF_FORMAT_LONG:
- {
- const unsigned char *data = entry->data;
-- size_t k, len = strlen(val);
-+ size_t k, len = strlen(val), sizeleft;
-+
-+ sizeleft = entry->size;
- for(k=0; k<entry->components; k++) {
-+ if (sizeleft < 4)
-+ break;
- vl = exif_get_long (data, entry->order);
- snprintf (val+len, maxlen-len, "%li", (long int) vl);
- len = strlen(val);
- data += 4;
-+ sizeleft -= 4;
- }
- }
- break;
-@@ -455,5 +465,5 @@ mnote_pentax_entry_get_value (MnotePentaxEntry *entry,
- break;
- }
-
-- return (val);
-+ return val;
- }
---
-2.16.0
-
diff --git a/gnu/packages/patches/libexif-CVE-2017-7544.patch b/gnu/packages/patches/libexif-CVE-2017-7544.patch
deleted file mode 100644
index c4ea373dc5..0000000000
--- a/gnu/packages/patches/libexif-CVE-2017-7544.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Fix CVE-2017-7544:
-
-https://sourceforge.net/p/libexif/bugs/130/
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
-
-Patch copied from upstream bug tracker:
-
-https://sourceforge.net/p/libexif/bugs/130/#489a
-
-Index: libexif/exif-data.c
-===================================================================
-RCS file: /cvsroot/libexif/libexif/libexif/exif-data.c,v
-retrieving revision 1.131
-diff -u -r1.131 exif-data.c
---- a/libexif/exif-data.c 12 Jul 2012 17:28:26 -0000 1.131
-+++ b/libexif/exif-data.c 25 Jul 2017 21:34:06 -0000
-@@ -255,6 +255,12 @@
- exif_mnote_data_set_offset (data->priv->md, *ds - 6);
- exif_mnote_data_save (data->priv->md, &e->data, &e->size);
- e->components = e->size;
-+ if (exif_format_get_size (e->format) != 1) {
-+ /* e->format is taken from input code,
-+ * but we need to make sure it is a 1 byte
-+ * entity due to the multiplication below. */
-+ e->format = EXIF_FORMAT_UNDEFINED;
-+ }
- }
- }
-
diff --git a/gnu/packages/patches/libexif-CVE-2018-20030.patch b/gnu/packages/patches/libexif-CVE-2018-20030.patch
deleted file mode 100644
index 57e4746b58..0000000000
--- a/gnu/packages/patches/libexif-CVE-2018-20030.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89.patch
-
-NEWS section was removed
-'12' -> '30' on line 79
-
-From 6aa11df549114ebda520dde4cdaea2f9357b2c89 Mon Sep 17 00:00:00 2001
-From: Dan Fandrich <dan@coneharvesters.com>
-Date: Fri, 12 Oct 2018 16:01:45 +0200
-Subject: [PATCH] Improve deep recursion detection in
- exif_data_load_data_content.
-
-The existing detection was still vulnerable to pathological cases
-causing DoS by wasting CPU. The new algorithm takes the number of tags
-into account to make it harder to abuse by cases using shallow recursion
-but with a very large number of tags. This improves on commit 5d28011c
-which wasn't sufficient to counter this kind of case.
-
-The limitation in the previous fix was discovered by Laurent Delosieres,
-Secunia Research at Flexera (Secunia Advisory SA84652) and is assigned
-the identifier CVE-2018-20030.
----
- NEWS | 1 +
- libexif/exif-data.c | 45 +++++++++++++++++++++++++++++++++++++--------
- 2 files changed, 38 insertions(+), 8 deletions(-)
-
-diff --git a/libexif/exif-data.c b/libexif/exif-data.c
-index e35403d..a6f9c94 100644
---- a/libexif/exif-data.c
-+++ b/libexif/exif-data.c
-@@ -35,6 +35,7 @@
- #include <libexif/olympus/exif-mnote-data-olympus.h>
- #include <libexif/pentax/exif-mnote-data-pentax.h>
-
-+#include <math.h>
- #include <stdlib.h>
- #include <stdio.h>
- #include <string.h>
-@@ -350,6 +351,20 @@ if (data->ifd[(i)]->count) { \
- break; \
- }
-
-+/*! Calculate the recursion cost added by one level of IFD loading.
-+ *
-+ * The work performed is related to the cost in the exponential relation
-+ * work=1.1**cost
-+ */
-+static unsigned int
-+level_cost(unsigned int n)
-+{
-+ static const double log_1_1 = 0.09531017980432493;
-+
-+ /* Adding 0.1 protects against the case where n==1 */
-+ return ceil(log(n + 0.1)/log_1_1);
-+}
-+
- /*! Load data for an IFD.
- *
- * \param[in,out] data #ExifData
-@@ -357,13 +372,13 @@ if (data->ifd[(i)]->count) { \
- * \param[in] d pointer to buffer containing raw IFD data
- * \param[in] ds size of raw data in buffer at \c d
- * \param[in] offset offset into buffer at \c d at which IFD starts
-- * \param[in] recursion_depth number of times this function has been
-- * recursively called without returning
-+ * \param[in] recursion_cost factor indicating how expensive this recursive
-+ * call could be
- */
- static void
- exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- const unsigned char *d,
-- unsigned int ds, unsigned int offset, unsigned int recursion_depth)
-+ unsigned int ds, unsigned int offset, unsigned int recursion_cost)
- {
- ExifLong o, thumbnail_offset = 0, thumbnail_length = 0;
- ExifShort n;
-@@ -378,9 +393,20 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- if ((((int)ifd) < 0) || ( ((int)ifd) >= EXIF_IFD_COUNT))
- return;
-
-- if (recursion_depth > 30) {
-+ if (recursion_cost > 170) {
-+ /*
-+ * recursion_cost is a logarithmic-scale indicator of how expensive this
-+ * recursive call might end up being. It is an indicator of the depth of
-+ * recursion as well as the potential for worst-case future recursive
-+ * calls. Since it's difficult to tell ahead of time how often recursion
-+ * will occur, this assumes the worst by assuming every tag could end up
-+ * causing recursion.
-+ * The value of 170 was chosen to limit typical EXIF structures to a
-+ * recursive depth of about 6, but pathological ones (those with very
-+ * many tags) to only 2.
-+ */
- exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
-- "Deep recursion detected!");
-+ "Deep/expensive recursion detected!");
- return;
- }
-
-@@ -422,15 +448,18 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- switch (tag) {
- case EXIF_TAG_EXIF_IFD_POINTER:
- CHECK_REC (EXIF_IFD_EXIF);
-- exif_data_load_data_content (data, EXIF_IFD_EXIF, d, ds, o, recursion_depth + 1);
-+ exif_data_load_data_content (data, EXIF_IFD_EXIF, d, ds, o,
-+ recursion_cost + level_cost(n));
- break;
- case EXIF_TAG_GPS_INFO_IFD_POINTER:
- CHECK_REC (EXIF_IFD_GPS);
-- exif_data_load_data_content (data, EXIF_IFD_GPS, d, ds, o, recursion_depth + 1);
-+ exif_data_load_data_content (data, EXIF_IFD_GPS, d, ds, o,
-+ recursion_cost + level_cost(n));
- break;
- case EXIF_TAG_INTEROPERABILITY_IFD_POINTER:
- CHECK_REC (EXIF_IFD_INTEROPERABILITY);
-- exif_data_load_data_content (data, EXIF_IFD_INTEROPERABILITY, d, ds, o, recursion_depth + 1);
-+ exif_data_load_data_content (data, EXIF_IFD_INTEROPERABILITY, d, ds, o,
-+ recursion_cost + level_cost(n));
- break;
- case EXIF_TAG_JPEG_INTERCHANGE_FORMAT:
- thumbnail_offset = o;
diff --git a/gnu/packages/patches/nm-plugin-path.patch b/gnu/packages/patches/network-manager-plugin-path.patch
index 505ae31534..505ae31534 100644
--- a/gnu/packages/patches/nm-plugin-path.patch
+++ b/gnu/packages/patches/network-manager-plugin-path.patch
diff --git a/gnu/packages/patches/pidgin-libnm.patch b/gnu/packages/patches/pidgin-libnm.patch
new file mode 100644
index 0000000000..d34af749af
--- /dev/null
+++ b/gnu/packages/patches/pidgin-libnm.patch
@@ -0,0 +1,60 @@
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Sun, 24 May 2020 16:11:01 +0200
+Subject: [PATCH] gnu: pidgin: Find libnm.
+
+Copied verbatim from[0].
+
+[0]: https://git.archlinux.org/svntogit/packages.git/plain/trunk/pidgin-nm-1.0.patch?h=packages/pidgin
+
+diff --git a/configure.ac b/configure.ac
+index 04836fa..0a2d451 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1423,18 +1423,24 @@ fi
+ dnl Check for NetworkManager.h; if we don't have it, oh well
+ if test "x$enable_dbus" = "xyes" ; then
+ if test "x$enable_nm" = "xyes" ; then
+- PKG_CHECK_MODULES(NETWORKMANAGER, [NetworkManager >= 0.5.0], [
++ PKG_CHECK_MODULES(NETWORKMANAGER, [libnm], [
+ AC_SUBST(NETWORKMANAGER_CFLAGS)
+ AC_SUBST(NETWORKMANAGER_LIBS)
+ AC_DEFINE(HAVE_NETWORKMANAGER, 1, [Define if we have NetworkManager.])
+ ], [
+- enable_nm=no
+- if test "x$force_deps" = "xyes" ; then
+- AC_MSG_ERROR([
++ PKG_CHECK_MODULES(NETWORKMANAGER, [NetworkManager >= 0.5.0], [
++ AC_SUBST(NETWORKMANAGER_CFLAGS)
++ AC_SUBST(NETWORKMANAGER_LIBS)
++ AC_DEFINE(HAVE_NETWORKMANAGER, 1, [Define if we have NetworkManager.])
++ ], [
++ enable_nm=no
++ if test "x$force_deps" = "xyes" ; then
++ AC_MSG_ERROR([
+ NetworkManager development headers not found.
+ Use --disable-nm if you do not need NetworkManager support.
+ ])
+- fi])
++ fi])
++ ])
+ fi
+ else
+ enable_nm=no
+diff --git a/libpurple/network.c b/libpurple/network.c
+index c43e3c7..b17e439 100644
+--- a/libpurple/network.c
++++ b/libpurple/network.c
+@@ -939,8 +939,13 @@ nm_update_state(NMState state)
+ #if NM_CHECK_VERSION(0,8,992)
+ case NM_STATE_DISCONNECTING:
+ #endif
++#if NM_CHECK_VERSION(1,0,0)
++ if (prev != NM_STATE_CONNECTED_GLOBAL && prev != NM_STATE_UNKNOWN)
++ break;
++#else
+ if (prev != NM_STATE_CONNECTED && prev != NM_STATE_UNKNOWN)
+ break;
++#endif
+ if (ui_ops != NULL && ui_ops->network_disconnected != NULL)
+ ui_ops->network_disconnected();
+ break;
diff --git a/gnu/packages/patches/python-argcomplete-1.11.1-fish31.patch b/gnu/packages/patches/python-argcomplete-1.11.1-fish31.patch
new file mode 100644
index 0000000000..98f0ca1473
--- /dev/null
+++ b/gnu/packages/patches/python-argcomplete-1.11.1-fish31.patch
@@ -0,0 +1,29 @@
+Upstream commit fixing testcases for fish>=3.1, see
+https://github.com/kislyuk/argcomplete/commit/08bfc8a788e8081515d733e67be026d051c726f7
+
+diff --git a/test/test.py b/test/test.py
+index e91352b..2c34806 100755
+--- a/test/test.py
++++ b/test/test.py
+@@ -28,6 +28,8 @@
+
+ BASH_VERSION = subprocess.check_output(['bash', '-c', 'echo $BASH_VERSION']).decode()
+ BASH_MAJOR_VERSION = int(BASH_VERSION.split('.')[0])
++FISH_VERSION_STR = subprocess.check_output(['fish', '-c', 'echo -n $FISH_VERSION']).decode()
++FISH_VERSION_TUPLE = tuple(int(x) for x in FISH_VERSION_STR.split('.'))
+
+
+ class TempDir(object):
+@@ -1258,8 +1260,11 @@ class TestFish(_TestSh, unittest.TestCase):
+ expected_failures = [
+ 'test_parse_special_characters',
+ 'test_comp_point',
+- 'test_special_characters_double_quoted'
+ ]
++ if FISH_VERSION_TUPLE < (3, 1):
++ expected_failures.extend([
++ 'test_special_characters_double_quoted'
++ ])
+
+ skipped = [
+ 'test_single_quotes_in_single_quotes',