aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile.am3
-rw-r--r--build-aux/download.scm73
-rw-r--r--build-aux/test-env.in16
-rw-r--r--gnu/local.mk66
-rw-r--r--gnu/packages/acl.scm19
-rw-r--r--gnu/packages/autotools.scm109
-rw-r--r--gnu/packages/backup.scm60
-rw-r--r--gnu/packages/base.scm106
-rw-r--r--gnu/packages/bootstrap.scm83
-rw-r--r--gnu/packages/commencement.scm122
-rw-r--r--gnu/packages/compression.scm23
-rw-r--r--gnu/packages/cross-base.scm1
-rw-r--r--gnu/packages/curl.scm15
-rw-r--r--gnu/packages/databases.scm4
-rw-r--r--gnu/packages/file.scm14
-rw-r--r--gnu/packages/gcc.scm38
-rw-r--r--gnu/packages/ghostscript.scm59
-rw-r--r--gnu/packages/glib.scm24
-rw-r--r--gnu/packages/gnome.scm4
-rw-r--r--gnu/packages/gnupg.scm17
-rw-r--r--gnu/packages/groff.scm9
-rw-r--r--gnu/packages/gtk.scm10
-rw-r--r--gnu/packages/image.scm4
-rw-r--r--gnu/packages/kerberos.scm18
-rw-r--r--gnu/packages/libidn.scm19
-rw-r--r--gnu/packages/linux.scm68
-rw-r--r--gnu/packages/maths.scm6
-rw-r--r--gnu/packages/multiprecision.scm4
-rw-r--r--gnu/packages/package-management.scm47
-rw-r--r--gnu/packages/patches/automake-regexp-syntax.patch34
-rw-r--r--gnu/packages/patches/automake-test-gzip-warning.patch17
-rw-r--r--gnu/packages/patches/coreutils-cut-huge-range-test.patch33
-rw-r--r--gnu/packages/patches/gcc-asan-powerpc-missing-include.patch20
-rw-r--r--gnu/packages/patches/gcc-fix-texi2pod.patch19
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2017-8291.patch195
-rw-r--r--gnu/packages/patches/glib-respect-datadir.patch21
-rw-r--r--gnu/packages/patches/grep-gnulib-lock.patch32
-rw-r--r--gnu/packages/patches/libxml2-CVE-2016-4658.patch257
-rw-r--r--gnu/packages/patches/libxml2-CVE-2016-5131.patch218
-rw-r--r--gnu/packages/patches/libxml2-CVE-2017-0663.patch53
-rw-r--r--gnu/packages/patches/libxml2-CVE-2017-7375.patch45
-rw-r--r--gnu/packages/patches/libxml2-CVE-2017-7376.patch41
-rw-r--r--gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch130
-rw-r--r--gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch319
-rw-r--r--gnu/packages/patches/libxslt-CVE-2016-4738.patch39
-rw-r--r--gnu/packages/patches/pcre-CVE-2017-7186.patch56
-rw-r--r--gnu/packages/pcre.scm22
-rw-r--r--gnu/packages/perl.scm4
-rw-r--r--gnu/packages/python.scm7
-rw-r--r--gnu/packages/ruby.scm1
-rw-r--r--gnu/packages/texinfo.scm20
-rw-r--r--gnu/packages/tls.scm11
-rw-r--r--gnu/packages/xml.scm45
-rw-r--r--gnu/packages/xorg.scm16
-rw-r--r--guix/build/utils.scm1
-rw-r--r--guix/download.scm110
56 files changed, 539 insertions, 2268 deletions
diff --git a/Makefile.am b/Makefile.am
index fd6f9729c9..affeb8dda7 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -402,7 +402,7 @@ check-local:
endif !CAN_RUN_TESTS
-check-system: $(GOBJECTS) $(BOOTSTRAP_GUILE_TARBALLS)
+check-system: $(GOBJECTS)
$(AM_V_at)$(top_builddir)/pre-inst-env \
$(GUILE) --no-auto-compile \
-e '(@@ (run-system-tests) run-system-tests)' \
@@ -432,7 +432,6 @@ EXTRA_DIST = \
build-aux/hydra/guix.scm \
build-aux/check-available-binaries.scm \
build-aux/check-final-inputs-self-contained.scm \
- build-aux/download.scm \
build-aux/generate-authors.scm \
build-aux/test-driver.scm \
build-aux/update-guix-package.scm \
diff --git a/build-aux/download.scm b/build-aux/download.scm
deleted file mode 100644
index 8dfa914603..0000000000
--- a/build-aux/download.scm
+++ /dev/null
@@ -1,73 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2017 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
-
-;;;
-;;; Download a binary file from an external source.
-;;;
-
-(use-modules (ice-9 match)
- (web uri)
- (web client)
- (rnrs io ports)
- (srfi srfi-11)
- (guix base16)
- (guix hash))
-
-(define %url-base
- "http://alpha.gnu.org/gnu/guix/bootstrap"
-
- ;; Alternately:
- ;;"http://www.fdn.fr/~lcourtes/software/guix/packages"
- )
-
-(define (file-name->uri file)
- "Return the URI for FILE."
- (match (string-tokenize file (char-set-complement (char-set #\/)))
- ((_ ... system basename)
- (string->uri
- (string-append %url-base "/" system
- (match system
- ("aarch64-linux"
- "/20170217/")
- ("armhf-linux"
- "/20150101/")
- (_
- "/20131110/"))
- basename)))))
-
-(match (command-line)
- ((_ file expected-hash)
- (let ((uri (file-name->uri file)))
- (format #t "downloading file `~a'~%from `~a'...~%"
- file (uri->string uri))
- (let*-values (((resp data) (http-get uri #:decode-body? #f))
- ((hash) (bytevector->base16-string (sha256 data)))
- ((part) (string-append file ".part")))
- (if (string=? expected-hash hash)
- (begin
- (call-with-output-file part
- (lambda (port)
- (put-bytevector port data)))
- (rename-file part file))
- (begin
- (format (current-error-port)
- "file at `~a' has SHA256 ~a; expected ~a~%"
- (uri->string uri) hash expected-hash)
- (exit 1)))))))
diff --git a/build-aux/test-env.in b/build-aux/test-env.in
index 1657556b19..4a422cf607 100644
--- a/build-aux/test-env.in
+++ b/build-aux/test-env.in
@@ -1,7 +1,7 @@
#!/bin/sh
# GNU Guix --- Functional package management for GNU
-# Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
+# Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
#
# This file is part of GNU Guix.
#
@@ -110,6 +110,20 @@ then
daemon_pid=$!
trap "kill $daemon_pid ; rm -rf $NIX_STATE_DIR" EXIT
+
+ # The test suite expects the 'guile-bootstrap' package to be available.
+ # Normally the Guile bootstrap tarball is downloaded by a fixed-output
+ # derivation but when network access is missing we allow users to drop
+ # the tarball in 'gnu/packages/bootstrap/SYSTEM' and "intern" it here.
+ bootstrap_directory="@abs_top_builddir@/gnu/packages/bootstrap/@guix_system@"
+ if [ -d "$bootstrap_directory" ]
+ then
+ for file in "$bootstrap_directory"/guile-*
+ do
+ "@abs_top_builddir@/pre-inst-env" \
+ guix download "file://$file" > /dev/null
+ done
+ fi
fi
# Avoid issues that could stem from l10n, such as language/encoding
diff --git a/gnu/local.mk b/gnu/local.mk
index f2044c9857..060357ea8f 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -535,8 +535,6 @@ dist_patch_DATA = \
%D%/packages/patches/ath9k-htc-firmware-gcc.patch \
%D%/packages/patches/ath9k-htc-firmware-objcopy.patch \
%D%/packages/patches/automake-skip-amhello-tests.patch \
- %D%/packages/patches/automake-regexp-syntax.patch \
- %D%/packages/patches/automake-test-gzip-warning.patch \
%D%/packages/patches/avahi-localstatedir.patch \
%D%/packages/patches/avidemux-install-to-lib.patch \
%D%/packages/patches/awesome-reproducible-png.patch \
@@ -571,7 +569,6 @@ dist_patch_DATA = \
%D%/packages/patches/cool-retro-term-fix-array-size.patch \
%D%/packages/patches/cool-retro-term-memory-leak-1.patch \
%D%/packages/patches/cool-retro-term-remove-non-free-fonts.patch \
- %D%/packages/patches/coreutils-cut-huge-range-test.patch \
%D%/packages/patches/cpio-CVE-2016-2037.patch \
%D%/packages/patches/cpufrequtils-fix-aclocal.patch \
%D%/packages/patches/cracklib-CVE-2016-6318.patch \
@@ -629,8 +626,8 @@ dist_patch_DATA = \
%D%/packages/patches/gawk-shell.patch \
%D%/packages/patches/gcc-arm-bug-71399.patch \
%D%/packages/patches/gcc-arm-link-spec-fix.patch \
- %D%/packages/patches/gcc-asan-powerpc-missing-include.patch \
%D%/packages/patches/gcc-cross-environment-variables.patch \
+ %D%/packages/patches/gcc-fix-texi2pod.patch \
%D%/packages/patches/gcc-libvtv-runpath.patch \
%D%/packages/patches/gcc-strmov-store-file-names.patch \
%D%/packages/patches/gcc-4.6-gnu-inline.patch \
@@ -650,12 +647,12 @@ dist_patch_DATA = \
%D%/packages/patches/gettext-multi-core.patch \
%D%/packages/patches/gettext-gnulib-multi-core.patch \
%D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \
- %D%/packages/patches/ghostscript-CVE-2017-8291.patch \
%D%/packages/patches/ghostscript-no-header-id.patch \
%D%/packages/patches/ghostscript-no-header-uuid.patch \
%D%/packages/patches/ghostscript-no-header-creationdate.patch \
%D%/packages/patches/ghostscript-runpath.patch \
%D%/packages/patches/glib-networking-ssl-cert-file.patch \
+ %D%/packages/patches/glib-respect-datadir.patch \
%D%/packages/patches/glib-tests-timer.patch \
%D%/packages/patches/glibc-CVE-2015-5180.patch \
%D%/packages/patches/glibc-CVE-2015-7547.patch \
@@ -693,7 +690,6 @@ dist_patch_DATA = \
%D%/packages/patches/graphicsmagick-CVE-2017-14165.patch \
%D%/packages/patches/graphicsmagick-CVE-2017-14649.patch \
%D%/packages/patches/graphite2-ffloat-store.patch \
- %D%/packages/patches/grep-gnulib-lock.patch \
%D%/packages/patches/grep-timing-sensitive-test.patch \
%D%/packages/patches/groff-source-date-epoch.patch \
%D%/packages/patches/gsl-test-i686.patch \
@@ -823,15 +819,7 @@ dist_patch_DATA = \
%D%/packages/patches/libxcb-python-3.5-compat.patch \
%D%/packages/patches/libxfont-CVE-2017-13720.patch \
%D%/packages/patches/libxfont-CVE-2017-13722.patch \
- %D%/packages/patches/libxml2-CVE-2016-4658.patch \
- %D%/packages/patches/libxml2-CVE-2016-5131.patch \
- %D%/packages/patches/libxml2-CVE-2017-0663.patch \
- %D%/packages/patches/libxml2-CVE-2017-7375.patch \
- %D%/packages/patches/libxml2-CVE-2017-7376.patch \
- %D%/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch \
- %D%/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch \
%D%/packages/patches/libxslt-generated-ids.patch \
- %D%/packages/patches/libxslt-CVE-2016-4738.patch \
%D%/packages/patches/libxt-guix-search-paths.patch \
%D%/packages/patches/lierolibre-check-unaligned-access.patch \
%D%/packages/patches/lierolibre-is-free-software.patch \
@@ -927,7 +915,6 @@ dist_patch_DATA = \
%D%/packages/patches/patchelf-rework-for-arm.patch \
%D%/packages/patches/patchutils-xfail-gendiff-tests.patch \
%D%/packages/patches/patch-hurd-path-max.patch \
- %D%/packages/patches/pcre-CVE-2017-7186.patch \
%D%/packages/patches/pcre2-CVE-2017-7186.patch \
%D%/packages/patches/pcre2-CVE-2017-8786.patch \
%D%/packages/patches/perl-file-path-CVE-2017-6512.patch \
@@ -1182,56 +1169,7 @@ dist_bootstrap_mips64el_linux_DATA = \
%D%/packages/bootstrap/mips64el-linux/tar \
%D%/packages/bootstrap/mips64el-linux/xz
-# Big bootstrap binaries are not included in the tarball. Instead, they
-# are downloaded.
-nodist_bootstrap_x86_64_linux_DATA = \
- %D%/packages/bootstrap/x86_64-linux/guile-2.0.9.tar.xz
-nodist_bootstrap_i686_linux_DATA = \
- %D%/packages/bootstrap/i686-linux/guile-2.0.9.tar.xz
-nodist_bootstrap_armhf_linux_DATA = \
- %D%/packages/bootstrap/armhf-linux/guile-2.0.11.tar.xz
-nodist_bootstrap_aarch64_linux_DATA = \
- %D%/packages/bootstrap/aarch64-linux/guile-2.0.14.tar.xz
-nodist_bootstrap_mips64el_linux_DATA = \
- %D%/packages/bootstrap/mips64el-linux/guile-2.0.9.tar.xz
-
# Those files must remain executable, so they remain executable once
# imported into the store.
set-bootstrap-executable-permissions:
chmod +x $(DESTDIR)$(bootstrapdir)/*/{bash,mkdir,tar,xz}
-
-BOOTSTRAP_GUILE_TARBALLS = \
- $(nodist_bootstrap_x86_64_linux_DATA) \
- $(nodist_bootstrap_i686_linux_DATA) \
- $(nodist_bootstrap_armhf_linux_DATA) \
- $(nodist_bootstrap_aarch64_linux_DATA) \
- $(nodist_bootstrap_mips64el_linux_DATA)
-
-DISTCLEANFILES = $(BOOTSTRAP_GUILE_TARBALLS)
-
-# Method to download a file from an external source.
-DOWNLOAD_FILE = \
- GUILE_LOAD_COMPILED_PATH="$(top_builddir):$$GUILE_LOAD_COMPILED_PATH" \
- $(GUILE) --no-auto-compile -L "$(top_builddir)" -L "$(top_srcdir)" \
- "$(top_srcdir)/build-aux/download.scm"
-
-%D%/packages/bootstrap/x86_64-linux/guile-2.0.9.tar.xz:
- $(AM_V_DL)$(MKDIR_P) `dirname "$@"`; \
- $(DOWNLOAD_FILE) "$@" \
- "037b103522a2d0d7d69c7ffd8de683dfe5bb4b59c1fafd70b4ffd397fd2f57f0"
-%D%/packages/bootstrap/i686-linux/guile-2.0.9.tar.xz:
- $(AM_V_DL)$(MKDIR_P) `dirname "$@"`; \
- $(DOWNLOAD_FILE) "$@" \
- "b757cd46bf13ecac83fb8e955fb50096ac2d17bb610ca8eb816f29302a00a846"
-%D%/packages/bootstrap/armhf-linux/guile-2.0.11.tar.xz:
- $(AM_V_DL)$(MKDIR_P) `dirname "$@"`; \
- $(DOWNLOAD_FILE) "$@" \
- "e551d05d4d385d6706ab8d574856a087758294dc90ab4c06e70a157a685e23d6"
-%D%/packages/bootstrap/aarch64-linux/guile-2.0.14.tar.xz:
- $(AM_V_DL)$(MKDIR_P) `dirname "$@"`; \
- $(DOWNLOAD_FILE) "$@" \
- "3939909f24dcb955621aa7f81ecde6844bea8a083969c2d275c55699af123ebe"
-%D%/packages/bootstrap/mips64el-linux/guile-2.0.9.tar.xz:
- $(AM_V_DL)$(MKDIR_P) `dirname "$@"`; \
- $(DOWNLOAD_FILE) "$@" \
- "994680f0001346864aa2c2cc5110f380ee7518dcd701c614291682b8e948f73b"
diff --git a/gnu/packages/acl.scm b/gnu/packages/acl.scm
index ae6764993b..35bafc4c14 100644
--- a/gnu/packages/acl.scm
+++ b/gnu/packages/acl.scm
@@ -47,16 +47,15 @@
`(#:tests? #f ; FIXME: Investigate test suite failures
#:test-target "tests"
#:phases
- (alist-cons-after
- 'build 'patch-exec-bin-sh
- (lambda _
- (substitute* "test/run"
- (("/bin/sh") (which "sh"))))
- (alist-replace
- 'install
- (lambda _
- (zero? (system* "make" "install" "install-lib" "install-dev")))
- %standard-phases))))
+ (modify-phases %standard-phases
+ (add-after 'build 'patch-exec-bin-sh
+ (lambda _
+ (substitute* "test/run"
+ (("/bin/sh") (which "sh")))
+ #t))
+ (replace 'install
+ (lambda _
+ (zero? (system* "make" "install" "install-lib" "install-dev")))))))
(inputs `(("attr" ,attr)))
(native-inputs
`(("gettext" ,gettext-minimal)
diff --git a/gnu/packages/autotools.scm b/gnu/packages/autotools.scm
index 79ef31fc1b..6cba9ee2df 100644
--- a/gnu/packages/autotools.scm
+++ b/gnu/packages/autotools.scm
@@ -238,21 +238,18 @@ output is indexed in many ways to simplify browsing.")
(license gpl3+)))
(define-public automake
- ;; Replace with 'automake/latest' on the next rebuild cycle.
(package
(name "automake")
- (version "1.15")
+ (version "1.15.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/automake/automake-"
version ".tar.xz"))
(sha256
(base32
- "0dl6vfi2lzz8alnklwxzfz624b95hb1ipjvd3mk177flmddcf24r"))
+ "1bzd9g32dfm4rsbw93ld9x7b5nc1y6i4m6zp032qf1i28a8s6sxg"))
(patches
- (search-patches "automake-regexp-syntax.patch"
- "automake-skip-amhello-tests.patch"
- "automake-test-gzip-warning.patch"))))
+ (search-patches "automake-skip-amhello-tests.patch"))))
(build-system gnu-build-system)
(native-inputs
`(("autoconf" ,(autoconf-wrapper))
@@ -267,47 +264,47 @@ output is indexed in many ways to simplify browsing.")
(srfi srfi-1)
(srfi srfi-26)
(rnrs io ports))
- #:phases (alist-cons-before
- 'patch-source-shebangs 'patch-tests-shebangs
- (lambda _
- (let ((sh (which "sh")))
- (substitute* (find-files "t" "\\.(sh|tap)$")
- (("#![[:blank:]]?/bin/sh")
- (string-append "#!" sh)))
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'patch-source-shebangs 'patch-tests-shebangs
+ (lambda _
+ (let ((sh (which "sh")))
+ (substitute* (find-files "t" "\\.(sh|tap)$")
+ (("#![[:blank:]]?/bin/sh")
+ (string-append "#!" sh)))
- ;; Set these variables for all the `configure' runs
- ;; that occur during the test suite.
- (setenv "SHELL" sh)
- (setenv "CONFIG_SHELL" sh)))
+ ;; Set these variables for all the `configure' runs
+ ;; that occur during the test suite.
+ (setenv "SHELL" sh)
+ (setenv "CONFIG_SHELL" sh)
+ #t)))
- ;; Files like `install-sh', `mdate.sh', etc. must use
- ;; #!/bin/sh, otherwise users could leak erroneous shebangs
- ;; in the wild. See <http://bugs.gnu.org/14201> for an
- ;; example.
- (alist-cons-after
- 'install 'unpatch-shebangs
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (dir (string-append out "/share")))
- (define (starts-with-shebang? file)
- (equal? (call-with-input-file file
- (lambda (p)
- (list (get-u8 p) (get-u8 p))))
- (map char->integer '(#\# #\!))))
+ ;; Files like `install-sh', `mdate.sh', etc. must use
+ ;; #!/bin/sh, otherwise users could leak erroneous shebangs
+ ;; in the wild. See <http://bugs.gnu.org/14201> for an
+ ;; example.
+ (add-after 'install 'unpatch-shebangs
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (dir (string-append out "/share")))
+ (define (starts-with-shebang? file)
+ (equal? (call-with-input-file file
+ (lambda (p)
+ (list (get-u8 p) (get-u8 p))))
+ (map char->integer '(#\# #\!))))
- (for-each (lambda (file)
- (when (and (starts-with-shebang? file)
- (executable-file? file))
- (format #t "restoring shebang on `~a'~%"
- file)
- (substitute* file
- (("^#!.*/bin/sh")
- "#!/bin/sh")
- (("^#!.*/bin/env(.*)$" _ args)
- (string-append "#!/usr/bin/env"
- args)))))
- (find-files dir ".*"))))
- %standard-phases))))
+ (for-each (lambda (file)
+ (when (and (starts-with-shebang? file)
+ (executable-file? file))
+ (format #t "restoring shebang on `~a'~%"
+ file)
+ (substitute* file
+ (("^#!.*/bin/sh")
+ "#!/bin/sh")
+ (("^#!.*/bin/env(.*)$" _ args)
+ (string-append "#!/usr/bin/env"
+ args)))))
+ (find-files dir ".*"))))))))
(home-page "https://www.gnu.org/software/automake/")
(synopsis "Making GNU standards-compliant Makefiles")
(description
@@ -317,22 +314,6 @@ intuitive format and then Automake works with Autoconf to produce a robust
Makefile, simplifying the entire process for the developer.")
(license gpl2+))) ; some files are under GPLv3+
-
-(define-public automake/latest
- ;; Merge with 'automake' on the next rebuild cycle.
- (package
- (inherit automake)
- (version "1.15.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/automake/automake-"
- version ".tar.xz"))
- (sha256
- (base32
- "1bzd9g32dfm4rsbw93ld9x7b5nc1y6i4m6zp032qf1i28a8s6sxg"))
- (patches
- (search-patches "automake-skip-amhello-tests.patch"))))))
-
(define-public libtool
(package
(name "libtool")
@@ -410,11 +391,9 @@ complexity of working with shared libraries across platforms.")
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--enable-ltdl-install") ;really install it
- #:phases (alist-cons-before
- 'configure 'change-directory
- (lambda _
- (chdir "libltdl"))
- %standard-phases)))
+ #:phases (modify-phases %standard-phases
+ (add-before 'configure 'change-directory
+ (lambda _ (chdir "libltdl") #t)))))
(synopsis "System-independent dlopen wrapper of GNU libtool")
(description (package-description libtool))
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 55d5ede040..00328cb344 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -6,6 +6,7 @@
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2017 Kei Kebreau <kkebreau@posteo.net>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Christopher Allan Webber <cwebber@dustycloud.org>
;;;
;;; This file is part of GNU Guix.
@@ -185,16 +186,16 @@ backups (called chunks) to allow easy burning to CD/DVD.")
(define-public libarchive
(package
(name "libarchive")
- (replacement libarchive-3.3.2)
- (version "3.3.1")
+ (version "3.3.2")
(source
(origin
(method url-fetch)
(uri (string-append "http://libarchive.org/downloads/libarchive-"
version ".tar.gz"))
+ (patches (search-patches "libarchive-CVE-2017-14166.patch"))
(sha256
(base32
- "1rr40hxlm9vy5z2zb5w7pyfkgd1a4s061qapm83s19accb8mpji9"))))
+ "1km0mzfl6in7l5vz9kl09a88ajx562rw93ng9h2jqavrailvsbgd"))))
(build-system gnu-build-system)
;; TODO: Add -L/path/to/nettle in libarchive.pc.
(inputs
@@ -206,26 +207,25 @@ backups (called chunks) to allow easy burning to CD/DVD.")
("xz" ,xz)))
(arguments
`(#:phases
- (alist-cons-before
- 'build 'patch-pwd
- (lambda _
- (substitute* "Makefile"
- (("/bin/pwd") (which "pwd"))))
- (alist-replace
- 'check
- (lambda _
- ;; XXX: The test_owner_parse, test_read_disk, and
- ;; test_write_disk_lookup tests expect user 'root' to exist, but
- ;; the chroot's /etc/passwd doesn't have it. Turn off those tests.
- ;;
- ;; The tests allow one to disable tests matching a globbing pattern.
- (and (zero? (system* "make"
- "libarchive_test" "bsdcpio_test" "bsdtar_test"))
- ;; XXX: This glob disables too much.
- (zero? (system* "./libarchive_test" "^test_*_disk*"))
- (zero? (system* "./bsdcpio_test" "^test_owner_parse"))
- (zero? (system* "./bsdtar_test"))))
- %standard-phases))
+ (modify-phases %standard-phases
+ (add-before 'build 'patch-pwd
+ (lambda _
+ (substitute* "Makefile"
+ (("/bin/pwd") (which "pwd"))
+ #t)))
+ (replace 'check
+ (lambda _
+ ;; XXX: The test_owner_parse, test_read_disk, and
+ ;; test_write_disk_lookup tests expect user 'root' to exist, but
+ ;; the chroot's /etc/passwd doesn't have it. Turn off those tests.
+ ;;
+ ;; The tests allow one to disable tests matching a globbing pattern.
+ (and (zero? (system* "make"
+ "libarchive_test" "bsdcpio_test" "bsdtar_test"))
+ ;; XXX: This glob disables too much.
+ (zero? (system* "./libarchive_test" "^test_*_disk*"))
+ (zero? (system* "./bsdcpio_test" "^test_owner_parse"))
+ (zero? (system* "./bsdtar_test"))))))
;; libarchive/test/test_write_format_gnutar_filenames.c needs to be
;; compiled with C99 or C11 or a gnu variant.
#:configure-flags '("CFLAGS=-O2 -g -std=c99")))
@@ -241,20 +241,6 @@ archive. In particular, note that there is currently no built-in support for
random access nor for in-place modification.")
(license license:bsd-2)))
-(define libarchive-3.3.2
- (package
- (inherit libarchive)
- (version "3.3.2")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "http://libarchive.org/downloads/libarchive-"
- version ".tar.gz"))
- (patches (search-patches "libarchive-CVE-2017-14166.patch"))
- (sha256
- (base32
- "1km0mzfl6in7l5vz9kl09a88ajx562rw93ng9h2jqavrailvsbgd"))))))
-
(define-public rdup
(package
(name "rdup")
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 9cb628d8d7..16c6a15a58 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -81,16 +81,15 @@ command-line arguments, multiple languages, and so on.")
(define-public grep
(package
(name "grep")
- (version "3.0")
+ (version "3.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/grep/grep-"
version ".tar.xz"))
(sha256
(base32
- "1dcasjp3a578nrvzrcn38mpizb8w1q6mvfzhjmcqqgkf0nsivj72"))
- (patches (search-patches "grep-timing-sensitive-test.patch"
- "grep-gnulib-lock.patch"))))
+ "0zm0ywmyz9g8vn1plw14mn8kj74yipx5qsljndbyfgmvndx5qqnv"))
+ (patches (search-patches "grep-timing-sensitive-test.patch"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl))) ;some of the tests require it
(arguments
@@ -293,15 +292,14 @@ used to apply commands with arbitrarily long arguments.")
(define-public coreutils
(package
(name "coreutils")
- (version "8.27")
+ (version "8.28")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/coreutils/coreutils-"
version ".tar.xz"))
(sha256
(base32
- "0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8"))
- (patches (search-patches "coreutils-cut-huge-range-test.patch"))))
+ "0r8c1bgm68kl70j1lgd0rv12iykw6143k4m9a56xip9rc2hv25qi"))))
(build-system gnu-build-system)
(inputs `(("acl" ,acl) ; TODO: add SELinux
("gmp" ,gmp) ;bignums in 'expr', yay!
@@ -322,21 +320,18 @@ used to apply commands with arbitrarily long arguments.")
(outputs '("out" "debug"))
(arguments
`(#:parallel-build? #f ; help2man may be called too early
- #:phases (alist-cons-before
- 'build 'patch-shell-references
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((bash (assoc-ref inputs "bash")))
- ;; 'split' uses either $SHELL or /bin/sh. Set $SHELL so
- ;; that tests pass, since /bin/sh isn't in the chroot.
- (setenv "SHELL" (which "sh"))
-
- (substitute* (find-files "gnulib-tests" "\\.c$")
- (("/bin/sh")
- (format #f "~a/bin/sh" bash)))
- (substitute* (find-files "tests" "\\.sh$")
- (("#!/bin/sh")
- (format #f "#!~a/bin/sh" bash)))))
- %standard-phases)))
+ #:phases (modify-phases %standard-phases
+ (add-before 'build 'patch-shell-references
+ (lambda _
+ ;; 'split' uses either $SHELL or /bin/sh. Set $SHELL so
+ ;; that tests pass, since /bin/sh isn't in the chroot.
+ (setenv "SHELL" (which "sh"))
+
+ (substitute* (find-files "gnulib-tests" "\\.c$")
+ (("/bin/sh") (which "sh")))
+ (substitute* (find-files "tests" "\\.sh$")
+ (("#!/bin/sh") (which "sh")))
+ #t)))))
(synopsis "Core GNU utilities (file, text, shell)")
(description
"GNU Coreutils includes all of the basic command-line tools that are
@@ -394,16 +389,15 @@ change. GNU make offers many powerful extensions over the standard utility.")
(define-public binutils
(package
- (replacement binutils/fixed)
(name "binutils")
- (version "2.28")
+ (version "2.28.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/binutils/binutils-"
version ".tar.bz2"))
(sha256
(base32
- "0wiasgns7i8km8nrxas265sh2dfpsw93b3qw195ipc90w4z475v2"))
+ "1sj234nd05cdgga1r36zalvvdkvpfbr12g5mir2n8i1dwsdrj939"))
(patches (search-patches "binutils-ld-new-dtags.patch"
"binutils-loongson-workaround.patch"))))
(build-system gnu-build-system)
@@ -436,19 +430,6 @@ included.")
(license gpl3+)
(home-page "https://www.gnu.org/software/binutils/")))
-(define binutils/fixed
- (package
- (inherit binutils)
- ;; 2.28.1 is two characters longer than 2.28, so grafting fails due to
- ;; mismatched lengths of filenames, so we have to force it to the same length.
- (version "2281")
- (source
- (origin (inherit (package-source binutils))
- (uri "mirror://gnu/binutils/binutils-2.28.1.tar.bz2")
- (sha256
- (base32
- "1sj234nd05cdgga1r36zalvvdkvpfbr12g5mir2n8i1dwsdrj939"))))))
-
(define* (make-ld-wrapper name #:key
(target (const #f))
binutils
@@ -558,7 +539,8 @@ store.")
;; users should automatically pull Linux headers as well.
(propagated-inputs `(("kernel-headers" ,linux-libre-headers)))
- (outputs '("out" "debug"))
+ (outputs '("out" "debug"
+ "static")) ;9 MiB of .a files
(arguments
`(#:out-of-source? #t
@@ -569,6 +551,11 @@ store.")
;; RUNPATH checks.
#:validate-runpath? #f
+ #:modules ((ice-9 ftw)
+ (srfi srfi-26)
+ (guix build utils)
+ (guix build gnu-build-system))
+
#:configure-flags
(list "--enable-add-ons"
"--sysconfdir=/etc"
@@ -673,7 +660,46 @@ store.")
;; "bilingual" eval/exec magic at the top of the file.
"")
(("exec @PERL@")
- "exec perl"))))))))
+ "exec perl")))))
+
+ (add-after 'install 'move-static-libs
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; Move static libraries to the "static" output.
+ (define (static-library? file)
+ ;; Return true if FILE is a static library. The
+ ;; "_nonshared.a" files are referred to by libc.so,
+ ;; libpthread.so, etc., which are in fact linker
+ ;; scripts.
+ (and (string-suffix? ".a" file)
+ (not (string-contains file "_nonshared"))))
+
+ (define (linker-script? file)
+ ;; Guess whether FILE, a ".a" file, is actually a
+ ;; linker script.
+ (and (not (ar-file? file))
+ (not (elf-file? file))))
+
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (files (scandir lib static-library?))
+ (static (assoc-ref outputs "static"))
+ (slib (string-append static "/lib")))
+ (mkdir-p slib)
+ (for-each (lambda (base)
+ (rename-file (string-append lib "/" base)
+ (string-append slib "/" base)))
+ files)
+
+ ;; Usually libm.a is a linker script so we need to
+ ;; change the file names in there to refer to STATIC
+ ;; instead of OUT.
+ (for-each (lambda (ld-script)
+ (substitute* ld-script
+ ((out) static)))
+ (filter linker-script?
+ (map (cut string-append slib "/" <>)
+ files)))
+ #t))))))
(inputs `(("static-bash" ,static-bash)))
diff --git a/gnu/packages/bootstrap.scm b/gnu/packages/bootstrap.scm
index ba733b3a9e..d1b03eb882 100644
--- a/gnu/packages/bootstrap.scm
+++ b/gnu/packages/bootstrap.scm
@@ -26,8 +26,10 @@
#:use-module (guix build-system)
#:use-module (guix build-system gnu)
#:use-module (guix build-system trivial)
- #:use-module ((guix store) #:select (add-to-store add-text-to-store))
- #:use-module ((guix derivations) #:select (derivation))
+ #:use-module ((guix store)
+ #:select (run-with-store add-to-store add-text-to-store))
+ #:use-module ((guix derivations)
+ #:select (derivation derivation->output-path))
#:use-module ((guix utils) #:select (gnu-triplet->nix-system))
#:use-module ((guix build utils) #:select (elf-file?))
#:use-module (guix memoization)
@@ -38,6 +40,8 @@
package-with-bootstrap-guile
glibc-dynamic-linker
+ bootstrap-guile-origin
+
%bootstrap-guile
%bootstrap-coreutils&co
%bootstrap-binutils
@@ -191,6 +195,56 @@ successful, or false to signal an error."
;;; Bootstrap packages.
;;;
+(define %bootstrap-base-urls
+ ;; This is where the initial binaries come from.
+ '("https://alpha.gnu.org/gnu/guix/bootstrap"
+ "http://alpha.gnu.org/gnu/guix/bootstrap"
+ "ftp://alpha.gnu.org/gnu/guix/bootstrap"
+ "http://www.fdn.fr/~lcourtes/software/guix/packages"
+ "http://flashner.co.il/guix/bootstrap"))
+
+(define (bootstrap-guile-url-path system)
+ "Return the URI for FILE."
+ (string-append "/" system
+ (match system
+ ("aarch64-linux"
+ "/20170217/guile-2.0.14.tar.xz")
+ ("armhf-linux"
+ "/20150101/guile-2.0.11.tar.xz")
+ (_
+ "/20131110/guile-2.0.9.tar.xz"))))
+
+(define (bootstrap-guile-hash system)
+ "Return the SHA256 hash of the Guile bootstrap tarball for SYSTEM."
+ (match system
+ ("x86_64-linux"
+ (base32 "1w2p5zyrglzzniqgvyn1b55vprfzhgk8vzbzkkbdgl5248si0yq3"))
+ ("i686-linux"
+ (base32 "0im800m30abgh7msh331pcbjvb4n02smz5cfzf1srv0kpx3csmxp"))
+ ("mips64el-linux"
+ (base32 "0fzp93lvi0hn54acc0fpvhc7bvl0yc853k62l958cihk03q80ilr"))
+ ("armhf-linux"
+ (base32 "1mi3brl7l58aww34rawhvja84xc7l1b4hmwdmc36fp9q9mfx0lg5"))
+ ("aarch64-linux"
+ (base32 "1giy2aprjmn5fp9c4s9r125fljw4wv6ixy5739i5bffw4jgr0f9r"))))
+
+(define (bootstrap-guile-origin system)
+ "Return an <origin> object for the Guile tarball of SYSTEM."
+ (origin
+ (method url-fetch)
+ (uri (map (cute string-append <> (bootstrap-guile-url-path system))
+ %bootstrap-base-urls))
+ (sha256 (bootstrap-guile-hash system))))
+
+(define (download-bootstrap-guile store system)
+ "Return a derivation that downloads the bootstrap Guile tarball for SYSTEM."
+ (let* ((path (bootstrap-guile-url-path system))
+ (base (basename path))
+ (urls (map (cut string-append <> path) %bootstrap-base-urls)))
+ (run-with-store store
+ (url-fetch urls 'sha256 (bootstrap-guile-hash system)
+ #:system system))))
+
(define* (raw-build store name inputs
#:key outputs system search-paths
#:allow-other-keys)
@@ -205,13 +259,7 @@ successful, or false to signal an error."
(xz (->store "xz"))
(mkdir (->store "mkdir"))
(bash (->store "bash"))
- (guile (->store (match system
- ("armhf-linux"
- "guile-2.0.11.tar.xz")
- ("aarch64-linux"
- "guile-2.0.14.tar.xz")
- (_
- "guile-2.0.9.tar.xz"))))
+ (guile (download-bootstrap-guile store system))
;; The following code, run by the bootstrap guile after it is
;; unpacked, creates a wrapper for itself to set its load path.
;; This replaces the previous non-portable method based on
@@ -246,7 +294,7 @@ exec -a \"~a0\" ~a \"~a@\"\n"
echo \"unpacking bootstrap Guile to '$out'...\"
~a $out
cd $out
-~a -dc < ~a | ~a xv
+~a -dc < $GUILE_TARBALL | ~a xv
# Use the bootstrap guile to create its own wrapper to set the load path.
GUILE_SYSTEM_PATH=$out/share/guile/2.0 \
@@ -255,14 +303,16 @@ $out/bin/guile -c ~s $out ~a
# Sanity check.
$out/bin/guile --version~%"
- mkdir xz guile tar
+ mkdir xz tar
(format #f "~s" make-guile-wrapper)
bash)
- (list mkdir xz guile tar bash))))
+ (list mkdir xz tar bash))))
(derivation store name
bash `(,builder)
#:system system
- #:inputs `((,bash) (,builder)))))
+ #:inputs `((,bash) (,builder) (,guile))
+ #:env-vars `(("GUILE_TARBALL"
+ . ,(derivation->output-path guile))))))
(define* (make-raw-bag name
#:key source inputs native-inputs outputs
@@ -294,13 +344,6 @@ $out/bin/guile --version~%"
(home-page #f)
(license lgpl3+))))
-(define %bootstrap-base-urls
- ;; This is where the initial binaries come from.
- '("ftp://alpha.gnu.org/gnu/guix/bootstrap"
- "http://alpha.gnu.org/gnu/guix/bootstrap"
- "http://www.fdn.fr/~lcourtes/software/guix/packages"
- "http://flashner.co.il/guix/bootstrap"))
-
(define %bootstrap-coreutils&co
(package-from-tarball "bootstrap-binaries"
(lambda (system)
diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index ec7677814f..93199d210d 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -113,7 +113,7 @@
(define file-boot0
(package-with-bootstrap-guile
- (package-with-explicit-inputs (package/inherit file
+ (package-with-explicit-inputs (package (inherit file)
(name "file-boot0"))
`(("make" ,gnu-make-boot0)
,@%bootstrap-inputs)
@@ -140,7 +140,7 @@
(define binutils-boot0
(package-with-bootstrap-guile
- (package/inherit binutils
+ (package (inherit binutils)
(name "binutils-cross-boot0")
(arguments
`(#:guile ,%bootstrap-guile
@@ -149,23 +149,22 @@
#:modules ((guix build gnu-build-system)
(guix build utils)
(ice-9 ftw)) ; for 'scandir'
- #:phases (alist-cons-after
- 'install 'add-symlinks
- (lambda* (#:key outputs #:allow-other-keys)
- ;; The cross-gcc invokes 'as', 'ld', etc, without the
- ;; triplet prefix, so add symlinks.
- (let ((out (assoc-ref outputs "out"))
- (triplet-prefix (string-append ,(boot-triplet) "-")))
- (define (has-triplet-prefix? name)
- (string-prefix? triplet-prefix name))
- (define (remove-triplet-prefix name)
- (substring name (string-length triplet-prefix)))
- (with-directory-excursion (string-append out "/bin")
- (for-each (lambda (name)
- (symlink name (remove-triplet-prefix name)))
- (scandir "." has-triplet-prefix?)))
- #t))
- %standard-phases)
+ #:phases (modify-phases %standard-phases
+ (add-after 'install 'add-symlinks
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; The cross-gcc invokes 'as', 'ld', etc, without the
+ ;; triplet prefix, so add symlinks.
+ (let ((out (assoc-ref outputs "out"))
+ (triplet-prefix (string-append ,(boot-triplet) "-")))
+ (define (has-triplet-prefix? name)
+ (string-prefix? triplet-prefix name))
+ (define (remove-triplet-prefix name)
+ (substring name (string-length triplet-prefix)))
+ (with-directory-excursion (string-append out "/bin")
+ (for-each (lambda (name)
+ (symlink name (remove-triplet-prefix name)))
+ (scandir "." has-triplet-prefix?)))
+ #t))))
,@(substitute-keyword-arguments (package-arguments binutils)
((#:configure-flags cf)
@@ -286,9 +285,8 @@
("libc-native" ,@(assoc-ref %boot0-inputs "libc"))
,@(alist-delete "libc" %boot0-inputs)))
- ;; No need for Texinfo at this stage.
- (native-inputs (alist-delete "texinfo"
- (package-native-inputs gcc))))))
+ ;; No need for the native-inputs to build the documentation at this stage.
+ (native-inputs `()))))
(define perl-boot0
(let ((perl (package
@@ -466,7 +464,7 @@ the bootstrap environment."
;; built just below; the only difference is that this one uses the
;; bootstrap Bash.
(package-with-bootstrap-guile
- (package/inherit glibc
+ (package (inherit glibc)
(name "glibc-intermediate")
(arguments
`(#:guile ,%bootstrap-guile
@@ -583,12 +581,24 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(let* ((gcc (cross-gcc-wrapper gcc-boot0 binutils-boot0
glibc-final-with-bootstrap-bash
(car (assoc-ref %boot1-inputs "bash"))))
- (bash (package (inherit static-bash)
+ (bash (package
+ (inherit static-bash)
(arguments
- `(#:guile ,%bootstrap-guile
- ,@(package-arguments static-bash)))))
+ (substitute-keyword-arguments
+ (package-arguments static-bash)
+ ((#:guile _ #f)
+ '%bootstrap-guile)
+ ((#:configure-flags flags '())
+ ;; Add a '-L' flag so that the pseudo-cross-ld of
+ ;; BINUTILS-BOOT0 can find libc.a.
+ `(append ,flags
+ (list (string-append "LDFLAGS=-static -L"
+ (assoc-ref %build-inputs
+ "libc:static")
+ "/lib"))))))))
(inputs `(("gcc" ,gcc)
("libc" ,glibc-final-with-bootstrap-bash)
+ ("libc:static" ,glibc-final-with-bootstrap-bash "static")
,@(fold alist-delete %boot1-inputs
'("gcc" "libc")))))
(package-with-bootstrap-guile
@@ -632,7 +642,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(define glibc-final
;; The final glibc, which embeds the statically-linked Bash built above.
- (package/inherit glibc-final-with-bootstrap-bash
+ (package (inherit glibc-final-with-bootstrap-bash)
(name "glibc")
(inputs `(("static-bash" ,static-bash-for-glibc)
,@(alist-delete
@@ -663,12 +673,13 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(define %boot2-inputs
;; 3rd stage inputs.
`(("libc" ,glibc-final)
+ ("libc:static" ,glibc-final "static")
("gcc" ,gcc-boot0-wrapped)
,@(fold alist-delete %boot1-inputs '("libc" "gcc"))))
(define binutils-final
(package-with-bootstrap-guile
- (package/inherit binutils
+ (package (inherit binutils)
(arguments
`(#:guile ,%bootstrap-guile
#:implicit-inputs? #f
@@ -679,34 +690,29 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(define libstdc++
;; Intermediate libstdc++ that will allow us to build the final GCC
;; (remember that GCC-BOOT0 cannot build libstdc++.)
- ;; TODO: Write in terms of 'make-libstdc++'.
- (package-with-bootstrap-guile
- (package (inherit gcc)
- (name "libstdc++")
- (arguments
- `(#:guile ,%bootstrap-guile
- #:implicit-inputs? #f
- #:allowed-references ("out")
- #:out-of-source? #t
- #:phases (alist-cons-before
- 'configure 'chdir
- (lambda _
- (chdir "libstdc++-v3"))
- %standard-phases)
- #:configure-flags `("--disable-shared"
- "--disable-libstdcxx-threads"
- "--disable-libstdcxx-pch"
- ,(string-append "--with-gxx-include-dir="
- (assoc-ref %outputs "out")
- "/include"
- ;; "/include/c++/"
- ;; ,(package-version gcc)
- ))))
- (outputs '("out"))
- (inputs %boot2-inputs)
- (native-inputs '())
- (propagated-inputs '())
- (synopsis "GNU C++ standard library (intermediate)"))))
+ (let ((lib (package-with-bootstrap-guile (make-libstdc++ gcc))))
+ (package
+ (inherit lib)
+ (arguments
+ `(#:guile ,%bootstrap-guile
+ #:implicit-inputs? #f
+ #:allowed-references ("out")
+
+ ;; XXX: libstdc++.so NEEDs ld.so for some reason.
+ #:validate-runpath? #f
+
+ ;; All of the package arguments from 'make-libstdc++
+ ;; except for the configure-flags.
+ ,@(package-arguments lib)
+ #:configure-flags `("--disable-shared"
+ "--disable-libstdcxx-threads"
+ "--disable-libstdcxx-pch"
+ ,(string-append "--with-gxx-include-dir="
+ (assoc-ref %outputs "out")
+ "/include"))))
+ (outputs '("out"))
+ (inputs %boot2-inputs)
+ (synopsis "GNU C++ standard library (intermediate)"))))
(define zlib-final
;; Zlib used by GCC-FINAL.
@@ -779,6 +785,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
;; scripts such as 'mkheaders' and 'fixinc.sh' (XXX: who cares about these
;; scripts?).
(native-inputs `(("texinfo" ,texinfo-boot0)
+ ("perl" ,perl-boot0) ;for manpages
("static-bash" ,static-bash-for-glibc)
,@(package-native-inputs gcc-boot0)))
@@ -923,12 +930,13 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
("binutils" ,binutils-final)
("gcc" ,gcc-final)
("libc" ,glibc-final)
+ ("libc:static" ,glibc-final "static")
("locales" ,glibc-utf8-locales-final))))
(define-public canonical-package
(let ((name->package (fold (lambda (input result)
(match input
- ((_ package)
+ ((_ package . outputs)
(vhash-cons (package-full-name package)
package result))))
vlist-null
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index a2bf3a1861..9a1b628809 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -205,7 +205,16 @@ adding and extracting files to/from a tar archive.")
(synopsis "General file (de)compression (using lzw)")
(arguments
;; FIXME: The test suite wants `less', and optionally Perl.
- '(#:tests? #f))
+ '(#:tests? #f
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'use-absolute-name-of-gzip
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "gunzip.in"
+ (("exec gzip")
+ (string-append "exec " (assoc-ref outputs "out")
+ "/bin/gzip")))
+ #t)))))
(description
"GNU Gzip provides data compression and decompression utilities; the
typical extension is \".gz\". Unlike the \"zip\" format, it compresses a single
@@ -344,7 +353,7 @@ compressed with pbzip2 can be decompressed with bzip2).")
(define-public xz
(package
(name "xz")
- (version "5.2.2")
+ (version "5.2.3")
(source (origin
(method url-fetch)
(uri (list (string-append "http://tukaani.org/xz/xz-" version
@@ -353,7 +362,7 @@ compressed with pbzip2 can be decompressed with bzip2).")
version ".tar.gz")))
(sha256
(base32
- "18h2k4jndhzjs8ln3a54qdnfv59y6spxiwh9gpaqniph6iflvpvk"))))
+ "1jr8pxnz55ifc8cvp3ivgl79ph9iik5aypsc9cma228aglsqp4ki"))))
(build-system gnu-build-system)
(synopsis "General-purpose data compression")
(description
@@ -372,7 +381,7 @@ than gzip and 15 % smaller output than bzip2.")
(define-public lzo
(package
(name "lzo")
- (version "2.09")
+ (version "2.10")
(source
(origin
(method url-fetch)
@@ -380,7 +389,7 @@ than gzip and 15 % smaller output than bzip2.")
version ".tar.gz"))
(sha256
(base32
- "0k5kpj3jnsjfxqqkblpfpx0mqcy86zs5fhjhgh2kq1hksg7ag57j"))))
+ "0wm04519pd3g8hqpjqhfr72q8qmbiwqaxcs3cndny9h86aa95y60"))))
(build-system gnu-build-system)
(arguments '(#:configure-flags '("--enable-shared")))
(home-page "http://www.oberhumer.com/opensource/lzo")
@@ -459,14 +468,14 @@ some compression ratio).")
(define-public lzip
(package
(name "lzip")
- (version "1.18")
+ (version "1.19")
(source (origin
(method url-fetch)
(uri (string-append "mirror://savannah/lzip/lzip-"
version ".tar.gz"))
(sha256
(base32
- "1p8lvc22sv3damld9ng8y6i8z2dvvpsbi9v7yhr5bc2a20m8iya7"))))
+ "1abbch762gv8rjr579q3qyyk6c80plklbv2mw4x0vg71dgsw9bgz"))))
(build-system gnu-build-system)
(home-page "http://www.nongnu.org/lzip/lzip.html")
(synopsis "Lossless data compressor based on the LZMA algorithm")
diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm
index abc3a2821c..369083eab0 100644
--- a/gnu/packages/cross-base.scm
+++ b/gnu/packages/cross-base.scm
@@ -248,6 +248,7 @@ target that libc."
,@inputs)))
(libc
`(("libc" ,libc)
+ ("libc:static" ,libc "static")
("xkernel-headers" ;the target headers
,@(assoc-ref (package-propagated-inputs libc)
"kernel-headers"))
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 2e4a48d1ef..cad2d6f796 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -42,7 +43,7 @@
(define-public curl
(package
(name "curl")
- (version "7.55.1")
+ (version "7.56.0")
(replacement curl-7.56.1)
(source (origin
(method url-fetch)
@@ -50,7 +51,7 @@
version ".tar.xz"))
(sha256
(base32
- "1dvbcwcar3dv488h9378hy145ma3ws2fwpbr6mgszd7chipcmbry"))))
+ "0wni3zkw7jyrwgwkqnrkf2x2b7c78wsp7p4z6a246hz9l367nhrj"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.2 MiB of man3 pages
@@ -109,7 +110,15 @@
;; The top-level "make check" does "make -C tests quiet-test", which
;; is too quiet. Use the "test" target instead, which is more
;; verbose.
- (zero? (system* "make" "-C" "tests" "test")))))))
+ (zero? (system* "make" "-C" "tests" "test"))))
+ (add-before 'install 'fix-Makefile
+ ;; Fix a regression in 7.55.0 where docs are not installed.
+ ;; https://github.com/curl/curl/commit/a7bbbb7c368c6096802007f61f19a02e9d75285b
+ (lambda _
+ (substitute* "Makefile"
+ (("install-data-hook:\n")
+ "install-data-hook:\n\tcd docs/libcurl && $(MAKE) install\n"))
+ #t)))))
(synopsis "Command line tool for transferring data with URL syntax")
(description
"curl is a command line tool for transferring data with URL syntax,
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 991bb3d692..8ccbba2b1a 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -898,7 +898,7 @@ for example from a shell script.")
(define-public sqlite
(package
(name "sqlite")
- (version "3.19.3")
+ (version "3.20.1")
(source (origin
(method url-fetch)
(uri (let ((numeric-version
@@ -914,7 +914,7 @@ for example from a shell script.")
numeric-version ".tar.gz")))
(sha256
(base32
- "00b3l2qglpl1inx21fckiwxnfq5xf6441flc79rqg7zdvh1rq4h6"))))
+ "0hh7jnxfwvs2qlvmjwrgkvxb8sk4x8hj04m54fq9h1xw55dmjrpc"))))
(build-system gnu-build-system)
(inputs `(("readline" ,readline)))
(arguments
diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm
index 3bc8e1dcfe..63aa3fac49 100644
--- a/gnu/packages/file.scm
+++ b/gnu/packages/file.scm
@@ -27,16 +27,15 @@
(define-public file
(package
- (replacement file/fixed)
(name "file")
- (version "5.30")
+ (version "5.32")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.astron.com/pub/file/file-"
version ".tar.gz"))
(sha256
(base32
- "057jpcyy8ws7q4s4sm8r1rxb8xycdbng2z4y9i98f094wlr28k39"))))
+ "0l1bfa0icng9vdwya00ff48fhvjazi5610ylbhl35qi13d6xqfc6"))))
(build-system gnu-build-system)
;; When cross-compiling, this package depends upon a native install of
@@ -50,11 +49,4 @@ you in words what kind of data a file contains. It does not rely on filename
extensions to tell you the type of a file, but looks at the actual contents
of the file.")
(license bsd-2)
- (home-page "http://www.darwinsys.com/file/")))
-
-(define file/fixed
- (package
- (inherit file)
- (source (origin
- (inherit (package-source file))
- (patches (search-patches "file-CVE-2017-1000249.patch"))))))
+ (home-page "https://www.darwinsys.com/file/")))
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index 7870d4513f..a4d181cb11 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -138,7 +138,8 @@ where the OS part is overloaded to denote a specific ABI---into GCC
version "/gcc-" version ".tar.bz2"))
(sha256
(base32
- "10k2k71kxgay283ylbbhhs51cl55zn2q38vj5pk4k950qdnirrlj"))))
+ "10k2k71kxgay283ylbbhhs51cl55zn2q38vj5pk4k950qdnirrlj"))
+ (patches (search-patches "gcc-fix-texi2pod.patch"))))
(build-system gnu-build-system)
;; Separate out the run-time support libraries because all the
@@ -155,7 +156,8 @@ where the OS part is overloaded to denote a specific ABI---into GCC
;; GCC < 5 is one of the few packages that doesn't ship .info files.
;; Newer texinfos fail to build the manual, so we use an older one.
- (native-inputs `(("texinfo" ,texinfo-5)))
+ (native-inputs `(("perl" ,perl) ;for manpages
+ ("texinfo" ,texinfo-5)))
(arguments
`(#:out-of-source? #t
@@ -351,7 +353,8 @@ Go. It also includes runtime support libraries for these languages.")
(sha256
(base32
"08yggr18v373a1ihj0rg2vd6psnic42b518xcgp3r9k81xz1xyr2"))
- (patches (search-patches "gcc-arm-link-spec-fix.patch"))))
+ (patches (search-patches "gcc-arm-link-spec-fix.patch"
+ "gcc-fix-texi2pod.patch"))))
(supported-systems %supported-systems)
(inputs
`(("isl" ,isl-0.11)
@@ -369,31 +372,33 @@ Go. It also includes runtime support libraries for these languages.")
(base32
"14l06m7nvcvb0igkbip58x59w3nq6315k6jcz3wr9ch1rn9d44bc"))
(patches (search-patches "gcc-arm-bug-71399.patch"
- "gcc-libvtv-runpath.patch"))))
- (native-inputs `(("texinfo" ,texinfo)))))
+ "gcc-libvtv-runpath.patch"
+ "gcc-fix-texi2pod.patch"))))
+ ;; Override inherited texinfo-5 with latest version.
+ (native-inputs `(("perl" ,perl) ;for manpages
+ ("texinfo" ,texinfo)))))
(define-public gcc-5
;; Note: GCC >= 5 ships with .info files but 'make install' fails to install
;; them in a VPATH build.
(package (inherit gcc-4.9)
- (version "5.4.0")
+ (version "5.5.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/gcc/gcc-"
- version "/gcc-" version ".tar.bz2"))
+ version "/gcc-" version ".tar.xz"))
(sha256
(base32
- "0fihlcy5hnksdxk0sn6bvgnyq8gfrgs8m794b1jxwd1dxinzg3b0"))
+ "11zd1hgzkli3b2v70qsm2hyqppngd4616qc96lmm9zl2kl9yl32k"))
(patches (search-patches "gcc-arm-bug-71399.patch"
"gcc-strmov-store-file-names.patch"
- "gcc-asan-powerpc-missing-include.patch"
"gcc-5.0-libvtv-runpath.patch"
"gcc-5-source-date-epoch-1.patch"
- "gcc-5-source-date-epoch-2.patch"))))))
- ;; TODO: gcc-5 doesn't need cloog.
- ;;(inputs
- ;; `(("isl" ,isl)
- ;; ,@(package-inputs gcc-4.7)))))
+ "gcc-5-source-date-epoch-2.patch"
+ "gcc-fix-texi2pod.patch"))))
+ (inputs
+ `(("isl" ,isl)
+ ,@(package-inputs gcc-4.7)))))
(define-public gcc-6
(package
@@ -407,10 +412,7 @@ Go. It also includes runtime support libraries for these languages.")
(base32
"1m0lr7938lw5d773dkvwld90hjlcq2282517d1gwvrfzmwgg42w5"))
(patches (search-patches "gcc-strmov-store-file-names.patch"
- "gcc-5.0-libvtv-runpath.patch"))))
- (inputs
- `(("isl" ,isl)
- ,@(package-inputs gcc-4.7)))))
+ "gcc-5.0-libvtv-runpath.patch"))))))
(define-public gcc-7
(package
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index 28477b2c42..72a737b013 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -100,23 +100,23 @@ paper size.")
(arguments
`(#:tests? #f ; none provided
#:phases
- (alist-replace
- 'configure
- (lambda* (#:key inputs outputs #:allow-other-keys #:rest args)
- (let ((perl (assoc-ref inputs "perl"))
- (out (assoc-ref outputs "out")))
- (copy-file "Makefile.unix" "Makefile")
- (substitute* "Makefile"
- (("/usr/local/bin/perl") (string-append perl "/bin/perl")))
- (substitute* "Makefile"
- (("/usr/local") out))
- ;; for the install phase
- (substitute* "Makefile"
- (("-mkdir") "mkdir -p"))
- ;; drop installation of non-free files
- (substitute* "Makefile"
- ((" install.include") ""))))
- %standard-phases)))
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys #:rest args)
+ (let ((perl (assoc-ref inputs "perl"))
+ (out (assoc-ref outputs "out")))
+ (copy-file "Makefile.unix" "Makefile")
+ (substitute* "Makefile"
+ (("/usr/local/bin/perl") (string-append perl "/bin/perl")))
+ (substitute* "Makefile"
+ (("/usr/local") out))
+ ;; for the install phase
+ (substitute* "Makefile"
+ (("-mkdir") "mkdir -p"))
+ ;; drop installation of non-free files
+ (substitute* "Makefile"
+ ((" install.include") "")))
+ #t)))))
(synopsis "Collection of utilities for manipulating PostScript documents")
(description
"PSUtils is a collection of utilities for manipulating PostScript
@@ -131,8 +131,7 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript
(package
(name "ghostscript")
- (replacement ghostscript-9.22)
- (version "9.21")
+ (version "9.22")
(source
(origin
(method url-fetch)
@@ -142,9 +141,8 @@ printing, and psresize, for adjusting page sizes.")
"/ghostscript-" version ".tar.xz"))
(sha256
(base32
- "0lyhjcrkmd5fcmh8h56bs4xr9k4jasmikv5vsix1hd4ai0ad1q9b"))
+ "1fyi4yvdj39bjgs10klr31cda1fbx1ar7a7b7yz7v68gykk65y61"))
(patches (search-patches "ghostscript-runpath.patch"
- "ghostscript-CVE-2017-8291.patch"
"ghostscript-no-header-creationdate.patch"
"ghostscript-no-header-id.patch"
"ghostscript-no-header-uuid.patch"))
@@ -255,25 +253,6 @@ output file formats and printers.")
(home-page "https://www.ghostscript.com/")
(license license:agpl3+)))
-(define ghostscript-9.22
- (package
- (inherit ghostscript)
- (version "9.22")
- (source
- (origin
- (inherit (package-source ghostscript))
- (uri (string-append "https://github.com/ArtifexSoftware/"
- "ghostpdl-downloads/releases/download/gs"
- (string-delete #\. version)
- "/ghostscript-" version ".tar.xz"))
- (sha256
- (base32
- "1fyi4yvdj39bjgs10klr31cda1fbx1ar7a7b7yz7v68gykk65y61"))
- (patches (search-patches "ghostscript-runpath.patch"
- "ghostscript-no-header-creationdate.patch"
- "ghostscript-no-header-id.patch"
- "ghostscript-no-header-uuid.patch"))))))
-
(define-public ghostscript/x
(package/inherit ghostscript
(name (string-append (package-name ghostscript) "-with-x"))
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index bacc63270a..6024c7600f 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -67,7 +67,7 @@
(define dbus
(package
(name "dbus")
- (version "1.10.22")
+ (version "1.10.24")
(source (origin
(method url-fetch)
(uri (string-append
@@ -75,7 +75,7 @@
version ".tar.gz"))
(sha256
(base32
- "15vv9gz5i4f5l7h0d045qz5iyvl89hjk2k83lb4vbizd7qg41cg2"))
+ "06ydmrg76l1kwl3190d72zpiy3qxy248x6gskxbj9qiqfsr4w63i"))
(patches (search-patches "dbus-helper-search-path.patch"))))
(build-system gnu-build-system)
(arguments
@@ -137,7 +137,7 @@ shared NFS home directories.")
(define glib
(package
(name "glib")
- (version "2.52.3")
+ (version "2.54.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/"
@@ -145,8 +145,9 @@ shared NFS home directories.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0a71wkkhkvad84gm30w13micxxgqqw3sxhybj7nd9z60lwspdvi5"))
- (patches (search-patches "glib-tests-timer.patch"))))
+ "18s7rw127wrvb107bkmxd1lmh62b2v19ww5rz7xi0krj34a1ph2h"))
+ (patches (search-patches "glib-respect-datadir.patch"
+ "glib-tests-timer.patch"))))
(build-system gnu-build-system)
(outputs '("out" ; everything
"bin" ; glib-mkenums, gtester, etc.; depends on Python
@@ -247,12 +248,7 @@ shared NFS home directories.")
("gio/tests/gdbus-unix-addresses.c"
(;; Requires /etc/machine-id.
- "/gdbus/x11-autolaunch"))
-
- ("glib/tests/gdatetime.c"
- (;; Assumes that the Brasilian time zone is named 'BRT',
- ;; which is no longer true as of tzdata-2017a.
- "/GDateTime/new_full")))))
+ "/gdbus/x11-autolaunch")))))
(and-map (lambda (x) (apply disable x)) failing-tests)))))
;; Note: `--docdir' and `--htmldir' are not honored, so work around it.
@@ -284,19 +280,19 @@ shared NFS home directories.")
and interfaces for such runtime functionality as an event loop, threads,
dynamic loading, and an object system.")
(home-page "https://developer.gnome.org/glib/")
- (license license:lgpl2.0+))) ; some files are under lgpl2.1+
+ (license license:lgpl2.1+)))
(define gobject-introspection
(package
(name "gobject-introspection")
- (version "1.52.1")
+ (version "1.54.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/"
"gobject-introspection/" (version-major+minor version)
"/gobject-introspection-" version ".tar.xz"))
(sha256
- (base32 "1x5gkyrglv3dn9b4fsgw6asqgjw1wj7qc37g9pyac6pyaa6w7l1f"))
+ (base32 "0zl7pfkzkm07733391b4f3cwjbnvb1nwvpmajf5bajh6bxgfv3dq"))
(modules '((guix build utils)))
(snippet
'(substitute* "tools/g-ir-tool-template.in"
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index bce2b8ae93..2ebbd29565 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -1166,7 +1166,7 @@ dealing with different structured file formats.")
(define-public librsvg
(package
(name "librsvg")
- (version "2.40.18")
+ (version "2.40.19")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@@ -1174,7 +1174,7 @@ dealing with different structured file formats.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0k2nbd4g31qinkdfd8r5c5ih2ixl85fbkgkqqh9747lwr24c9j5z"))))
+ "1xy12qi29xqf3i61awf9qmm5ysw6v5qgxqwvi5fny0q9hs5lsav1"))))
(build-system gnu-build-system)
(arguments
`(#:phases
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index d332158e27..e8a44f20b8 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -86,16 +86,15 @@ Daemon and possibly more in the future.")
(define-public libgcrypt
(package
- (replacement libgcrypt/fixed)
(name "libgcrypt")
- (version "1.7.8")
+ (version "1.8.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "16f1rsv4y4w2pk1il2jbcqggsb6mrlfva5vayd205fp68zm7d0ll"))))
+ "1cvqd9jk5qshbh48yh3ixw4zyr4n5k50r3475rrh20xfn7w7aa3s"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error-host" ,libgpg-error)))
@@ -121,18 +120,6 @@ generation.")
(properties '((ftp-server . "ftp.gnupg.org")
(ftp-directory . "/gcrypt/libgcrypt")))))
-(define libgcrypt/fixed
- (package
- (inherit libgcrypt)
- (version "1.8.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
- version ".tar.bz2"))
- (sha256
- (base32
- "1cvqd9jk5qshbh48yh3ixw4zyr4n5k50r3475rrh20xfn7w7aa3s"))))))
-
(define-public libassuan
(package
(name "libassuan")
diff --git a/gnu/packages/groff.scm b/gnu/packages/groff.scm
index 67dd1dbfa6..6e1a60e9ba 100644
--- a/gnu/packages/groff.scm
+++ b/gnu/packages/groff.scm
@@ -56,7 +56,14 @@
("perl" ,perl)
("psutils" ,psutils)
("texinfo" ,texinfo)))
- (arguments '(#:parallel-build? #f)) ; parallel build fails
+ (arguments
+ `(#:parallel-build? #f ; parallel build fails
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'setenv
+ (lambda _
+ (setenv "GS_GENERATE_UUIDS" "0")
+ #t)))))
(synopsis "Typesetting from plain text mixed with formatting commands")
(description
"Groff is a typesetting package that reads plain text and produces
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
index 235d2c3718..bb77279b32 100644
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@@ -9,7 +9,7 @@
;;; Copyright © 2015 Andy Wingo <wingo@igalia.com>
;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com>
;;; Coypright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Fabian Harfert <fhmgufs@web.de>
;;; Copyright © 2016 Kei Kebreau <kkebreau@posteo.net>
;;; Copyright © 2016 Patrick Hetu <patrick.hetu@auf.org>
@@ -428,7 +428,7 @@ highlighting and other features typical of a source code editor.")
(define-public gdk-pixbuf
(package
(name "gdk-pixbuf")
- (version "2.36.10")
+ (version "2.36.11")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@@ -436,7 +436,7 @@ highlighting and other features typical of a source code editor.")
name "-" version ".tar.xz"))
(sha256
(base32
- "1klsjkdbashd8yb8xjsc9ff3bz32n2id5s79nrrmqiw9df4zmxpq"))))
+ "1wz2vpciwdpdv612s8kbww08q80hgcs5dxrfsxp1a4q44n3snqmf"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--with-x11")
@@ -654,7 +654,7 @@ application suites.")
(name "gtk+")
;; NOTE: When updating the version of 'gtk+', the hash of 'mate-themes' in
;; mate.scm will also need to be updated.
- (version "3.22.21")
+ (version "3.22.24")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@@ -662,7 +662,7 @@ application suites.")
name "-" version ".tar.xz"))
(sha256
(base32
- "11vb1shgr4rlayfk0b858gz986jsn2mpjlxvr89b2kgvbjlc3lqv"))
+ "0asr6gccw1vv02i29ivwr74fpxlmdxhr0wigybsvi2ljzi66xcfb"))
(patches (search-patches "gtk3-respect-GUIX_GTK3_PATH.patch"
"gtk3-respect-GUIX_GTK3_IM_MODULE_FILE.patch"))))
(outputs '("out" "bin" "doc"))
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index b53247de82..7d23d41be0 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -71,7 +71,7 @@
(define-public libpng
(package
(name "libpng")
- (version "1.6.29")
+ (version "1.6.34")
(source (origin
(method url-fetch)
(uri (list (string-append "mirror://sourceforge/libpng/libpng16/"
@@ -84,7 +84,7 @@
"/libpng16/libpng-" version ".tar.xz")))
(sha256
(base32
- "0fgjqp7x6jynacmqh6dj72cn6nnf6yxjfqqqfsxrx0pyx22bcia2"))))
+ "1xjr0v34fyjgnhvaa1zixcpx5yvxcg4zwvfh0fyklfyfj86rc7ig"))))
(build-system gnu-build-system)
;; libpng.la says "-lz", so propagate it.
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index 801b4e44a9..b9f774a32a 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -46,8 +46,7 @@
(define-public mit-krb5
(package
(name "mit-krb5")
- (replacement mit-krb5-1.15.2)
- (version "1.15.1")
+ (version "1.15.2")
(source (origin
(method url-fetch)
(uri (string-append "http://web.mit.edu/kerberos/dist/krb5/"
@@ -55,7 +54,7 @@
"/krb5-" version ".tar.gz"))
(sha256
(base32
- "0igbi5d095c2hgpn2cixpc4q2ij8vgg2bx7yjfly5zfmvlqqhz23"))))
+ "0zn8s7anb10hw3nzwjz7vg10fgmmgvwnibn2zrn3nppjxn9f6f8n"))))
(build-system gnu-build-system)
(native-inputs
`(("bison" ,bison)
@@ -94,19 +93,6 @@ cryptography.")
(home-page "http://web.mit.edu/kerberos/")
(properties '((cpe-name . "kerberos")))))
-(define mit-krb5-1.15.2 ; CVE-2017-{11368,11462}
- (package
- (inherit mit-krb5)
- (version "1.15.2")
- (source (origin
- (method url-fetch)
- (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/"
- (version-major+minor version)
- "/krb5-" version ".tar.gz"))
- (sha256
- (base32
- "0zn8s7anb10hw3nzwjz7vg10fgmmgvwnibn2zrn3nppjxn9f6f8n"))))))
-
(define-public shishi
(package
(name "shishi")
diff --git a/gnu/packages/libidn.scm b/gnu/packages/libidn.scm
index dfb1be6c4f..ff0c05bad0 100644
--- a/gnu/packages/libidn.scm
+++ b/gnu/packages/libidn.scm
@@ -55,15 +55,14 @@ Java libraries.")
(define-public libidn2
(package
(name "libidn2")
- (version "2.0.2")
- (replacement libidn2-2.0.4)
+ (version "2.0.4")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/libidn/" name "-" version
".tar.lz"))
(sha256
(base32
- "0pqaj8d01aj4i110669fincqs10kgynyqcrmq2q7pss8v9dcd1jq"))))
+ "00f2fyw5kwr9is3cdn5h9arzxp0lnvg0z9bb9zyfs0dq81gaqim4"))))
(native-inputs
`(("lzip" ,lzip)))
(inputs
@@ -75,19 +74,7 @@ the IDNA2008 specifications. Libidn2 is believed to be a complete IDNA2008
implementation, but has yet to be as extensively used as the original Libidn
library.")
(home-page "https://www.gnu.org/software/libidn/#libidn2")
+ (properties '((ftp-directory . "/gnu/libidn")))
;; The command-line tool 'idn2' is GPL3+, while the library is dual-licensed
;; GPL2+ or LGPL3+.
(license (list gpl2+ gpl3+ lgpl3+))))
-
-(define-public libidn2-2.0.4
- (package
- (inherit libidn2)
- (name "libidn2")
- (version "2.0.4")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/libidn/" name "-" version
- ".tar.lz"))
- (sha256
- (base32
- "00f2fyw5kwr9is3cdn5h9arzxp0lnvg0z9bb9zyfs0dq81gaqim4"))))))
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 49665e24d3..45a4146cd7 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -2046,30 +2046,50 @@ from the module-init-tools project.")
;; The post-systemd fork, maintained by Gentoo.
(package
(name "eudev")
- (version "3.2.2")
+ (version "3.2.4")
(source (origin
(method url-fetch)
- (uri (string-append
- "http://dev.gentoo.org/~blueness/eudev/eudev-"
- version ".tar.gz"))
+ (uri (string-append "https://github.com/gentoo/eudev/archive/v"
+ version ".zip"))
+ (file-name (string-append name "-" version ".zip"))
(sha256
(base32
- "0qqgbgpm5wdllk0s04pf80nwc8pr93xazwri1bylm1f15zn5ck1y"))
+ "1r1ag0snarygrj5qqxi2xdq9w6g3sfjd5jx1b0fl7zmqlsz3vvxx"))
(patches (search-patches "eudev-rules-directory.patch"))))
(build-system gnu-build-system)
(arguments
- '(#:phases (modify-phases %standard-phases
- (add-after 'install 'build-hwdb
- (lambda* (#:key outputs #:allow-other-keys)
- ;; Build OUT/etc/udev/hwdb.bin. This allows 'lsusb' and
- ;; similar tools to display product names.
- (let ((out (assoc-ref outputs "out")))
- (zero? (system* (string-append out "/bin/udevadm")
- "hwdb" "--update"))))))))
+ '(#:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'bootstrap
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "man/make.sh"
+ (("/usr/bin/xsltproc")
+ (string-append (assoc-ref inputs "xsltproc")
+ "/bin/xsltproc")))
+ ;; Manual pages are regenerated here.
+ (zero? (system* "./autogen.sh"))))
+ (add-after 'install 'build-hwdb
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; Build OUT/etc/udev/hwdb.bin. This allows 'lsusb' and
+ ;; similar tools to display product names.
+ (let ((out (assoc-ref outputs "out")))
+ (zero? (system* (string-append out "/bin/udevadm")
+ "hwdb" "--update"))))))
+ #:configure-flags (list "--enable-manpages")))
(native-inputs
- `(("pkg-config" ,pkg-config)
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("gperf" ,gperf)
+ ("libtool" ,libtool)
+ ("pkg-config" ,pkg-config)
+ ;; For tests.
("perl" ,perl)
- ("gperf" ,gperf)))
+ ("python" ,python-wrapper)
+ ;; For documentation.
+ ("docbook-xml" ,docbook-xml-4.2)
+ ("docbook-xsl" ,docbook-xsl)
+ ("libxml2" ,libxml2) ;for $XML_CATALOG_FILES
+ ("xsltproc", libxslt)))
(inputs
;; When linked against libblkid, eudev can populate /dev/disk/by-label
;; and similar; it also installs the '60-persistent-storage.rules' file,
@@ -3044,16 +3064,14 @@ Bluetooth audio output devices like headphones or loudspeakers.")
(string-append "--with-udevdir=" out "/lib/udev")))
#:phases
(modify-phases %standard-phases
- ,@(if (string=? (%current-system) "armhf-linux")
- ;; This test fails unpredictably.
- ;; TODO: skip it for all architectures.
- `((add-before 'check 'skip-wonky-test
- (lambda _
- (substitute* "unit/test-gatt.c"
- (("tester_init\\(&argc, &argv\\);") "return 77;"))
- #t)))
- `())
-
+ ;; Test unit/test-gatt fails unpredictably. Seems to be a timing
+ ;; issue (discussion on upstream mailing list:
+ ;; https://marc.info/?t=149578476300002&r=1&w=2)
+ (add-before 'check 'skip-wonky-test
+ (lambda _
+ (substitute* "unit/test-gatt.c"
+ (("tester_init\\(&argc, &argv\\);") "return 77;"))
+ #t))
(add-after 'install 'post-install
(lambda* (#:key inputs outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 8f57670dbc..9af6448621 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -2601,7 +2601,7 @@ parts of it.")
(define-public openblas
(package
(name "openblas")
- (version "0.2.19")
+ (version "0.2.20")
(source
(origin
(method url-fetch)
@@ -2610,10 +2610,10 @@ parts of it.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "071zqnmnxhh0c9phzyn3f198yxa0hjxda7016azdbq2056sm70w7"))))
+ "1bd03c5xni0bla0wg1wba841b36b0sg13sjja955kn5xzvy4i61a"))))
(build-system gnu-build-system)
(arguments
- `(#:tests? #f ;no "check" target
+ `(#:test-target "test"
;; DYNAMIC_ARCH is only supported on x86. When it is disabled and no
;; TARGET is specified, OpenBLAS will tune itself to the build host, so
;; we need to disable substitutions.
diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm
index b6d2d7f4af..69272eb18a 100644
--- a/gnu/packages/multiprecision.scm
+++ b/gnu/packages/multiprecision.scm
@@ -87,13 +87,13 @@ cryptography and computational algebra.")
(define-public mpfr
(package
(name "mpfr")
- (version "3.1.5")
+ (version "3.1.6")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/mpfr/mpfr-" version
".tar.xz"))
(sha256 (base32
- "1g32l2fg8f62lcyzzh88y3fsh6rk539qc6ahhdgvx7wpnf1dwpq1"))))
+ "0l598h9klpgkz2bp0rxiqb90mkqh9f2f81n5rpy191j00hdaqqks"))))
(build-system gnu-build-system)
(outputs '("out" "debug"))
(propagated-inputs `(("gmp" ,gmp))) ; <mpfr.h> refers to <gmp.h>
diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm
index 9ecdd90c64..07ac59da5b 100644
--- a/gnu/packages/package-management.scm
+++ b/gnu/packages/package-management.scm
@@ -33,6 +33,7 @@
#:use-module (gnu packages guile)
#:use-module (gnu packages file)
#:use-module (gnu packages backup)
+ #:use-module (gnu packages bootstrap) ;for 'bootstrap-guile-origin'
#:use-module (gnu packages compression)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages databases)
@@ -229,39 +230,19 @@
("graphviz" ,graphviz)
("help2man" ,help2man)))
(inputs
- (let ((boot-guile (lambda (arch hash)
- (origin
- (method url-fetch)
- (uri (boot-guile-uri arch))
- (sha256 hash)))))
- `(("bzip2" ,bzip2)
- ("gzip" ,gzip)
- ("zlib" ,zlib) ;for 'guix publish'
-
- ("sqlite" ,sqlite)
- ("libgcrypt" ,libgcrypt)
- ("guile" ,guile-2.2)
-
- ("boot-guile/i686"
- ,(boot-guile "i686"
- (base32
- "0im800m30abgh7msh331pcbjvb4n02smz5cfzf1srv0kpx3csmxp")))
- ("boot-guile/x86_64"
- ,(boot-guile "x86_64"
- (base32
- "1w2p5zyrglzzniqgvyn1b55vprfzhgk8vzbzkkbdgl5248si0yq3")))
- ("boot-guile/mips64el"
- ,(boot-guile "mips64el"
- (base32
- "0fzp93lvi0hn54acc0fpvhc7bvl0yc853k62l958cihk03q80ilr")))
- ("boot-guile/armhf"
- ,(boot-guile "armhf"
- (base32
- "1mi3brl7l58aww34rawhvja84xc7l1b4hmwdmc36fp9q9mfx0lg5")))
- ("boot-guile/aarch64"
- ,(boot-guile "aarch64"
- (base32
- "1giy2aprjmn5fp9c4s9r125fljw4wv6ixy5739i5bffw4jgr0f9r"))))))
+ `(("bzip2" ,bzip2)
+ ("gzip" ,gzip)
+ ("zlib" ,zlib) ;for 'guix publish'
+
+ ("sqlite" ,sqlite)
+ ("libgcrypt" ,libgcrypt)
+ ("guile" ,guile-2.2)
+
+ ("boot-guile/i686" ,(bootstrap-guile-origin "i686-linux"))
+ ("boot-guile/x86_64" ,(bootstrap-guile-origin "x86_64-linux"))
+ ("boot-guile/mips64el" ,(bootstrap-guile-origin "mips64el-linux"))
+ ("boot-guile/armhf" ,(bootstrap-guile-origin "armhf-linux"))
+ ("boot-guile/aarch64" ,(bootstrap-guile-origin "aarch64-linux"))))
(propagated-inputs
`(("gnutls" ,gnutls)
("guile-json" ,guile-json)
diff --git a/gnu/packages/patches/automake-regexp-syntax.patch b/gnu/packages/patches/automake-regexp-syntax.patch
deleted file mode 100644
index 2e965c8c50..0000000000
--- a/gnu/packages/patches/automake-regexp-syntax.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From <https://lists.gnu.org/archive/html/automake-patches/2015-07/msg00000.html>.
-See also <http://bugs.gnu.org/22372>.
-
-From 34163794a58b5bd91c5d6bd9adf5437571c7a479 Mon Sep 17 00:00:00 2001
-From: Pavel Raiskup <praiskup@redhat.com>
-Date: Tue, 7 Jul 2015 10:54:24 +0200
-Subject: [PATCH] bin/automake: escape '{' in regexp pattern
-
-Based on perlre(1) documentation:
-.. in Perl v5.26, literal uses of a curly bracket will be required
-to be escaped, say by preceding them with a backslash ("\{" ) or
-enclosing them within square brackets ("[{]") ..
-
-References:
-https://bugzilla.redhat.com/1239379
-
-* bin/automake.in (substitute_ac_subst_variables): Escape the
-occurrence of '{' character.
----
- bin/automake.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/bin/automake.in b/bin/automake.in
-index 0c29184..c294ced 100644
---- a/bin/automake.in
-+++ b/bin/automake.in
-@@ -3898,7 +3898,7 @@ sub substitute_ac_subst_variables_worker
- sub substitute_ac_subst_variables
- {
- my ($text) = @_;
-- $text =~ s/\${([^ \t=:+{}]+)}/substitute_ac_subst_variables_worker ($1)/ge;
-+ $text =~ s/\$\{([^ \t=:+{}]+)}/substitute_ac_subst_variables_worker ($1)/ge;
- return $text;
- }
diff --git a/gnu/packages/patches/automake-test-gzip-warning.patch b/gnu/packages/patches/automake-test-gzip-warning.patch
deleted file mode 100644
index bcc9c207ae..0000000000
--- a/gnu/packages/patches/automake-test-gzip-warning.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Adjust test to ignore gzip 1.8+ warnings.
-
---- automake-1.15/t/distcheck-no-prefix-or-srcdir-override.sh 2016-06-14 00:36:26.554218552 +0200
-+++ automake-1.15/t/distcheck-no-prefix-or-srcdir-override.sh 2016-06-14 00:37:52.903157770 +0200
-@@ -49,7 +49,11 @@ grep "cannot find sources.* in foobar" s
-
- ./configure
- run_make -E -O distcheck
--test ! -s stderr
-+
-+# Gzip 1.8+ emits warnings like "gzip: warning: GZIP environment
-+# variable is deprecated"; filter them out.
-+test `grep -v '^gzip: warning' stderr | wc -l` -eq 0
-+
- # Sanity check: the flags have been actually seen.
- $PERL -e 'undef $/; $_ = <>; s/ \\\n/ /g; print;' <stdout >t
- grep '/configure .* --srcdir am-src' t || exit 99
diff --git a/gnu/packages/patches/coreutils-cut-huge-range-test.patch b/gnu/packages/patches/coreutils-cut-huge-range-test.patch
deleted file mode 100644
index e3a0ef28eb..0000000000
--- a/gnu/packages/patches/coreutils-cut-huge-range-test.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-This patch fixes 100% reproducible test failures on arm-linux-gnueabihf in our
-the build environment chroot, as reported at <https://bugs.gnu.org/26253>,
-and now on x86_64-linux-gnu as well. It is a variant of this upstream patch:
-
- commit f5422009389678680dba9ff4ecb7d33632ee3383
- Author: Ludovic Courtès <ludo@gnu.org>
- Date: Mon Mar 27 20:34:39 2017 -0700
-
- tests: avoid false ulimit failure on some systems
-
- * tests/misc/cut-huge-range.sh: On some systems returns_ may
- use more memory, so incorporate that in the determination
- of the ulimit value to use. Noticed on ARMv7 with bash-4.4.12,
- and x86_64 with bash-4.2.37.
- Fixes http://bugs.gnu.org/26253
-
-... which appeared to be insufficient.
-
-diff --git a/tests/misc/cut-huge-range.sh b/tests/misc/cut-huge-range.sh
-index 6b3c5b6ed..55b7b640e 100755
---- a/tests/misc/cut-huge-range.sh
-+++ b/tests/misc/cut-huge-range.sh
-@@ -20,9 +20,9 @@
- print_ver_ cut
- getlimits_
-
--vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \
-+vm=$(get_min_ulimit_v_ sh -c 'cut -b1 /dev/null') \
- || skip_ "this shell lacks ulimit support"
- vm=$(($vm + 1000)) # avoid spurious failures
-
- # sed script to subtract one from the input.
- # Each input line should consist of a positive decimal number.
diff --git a/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch b/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch
deleted file mode 100644
index 74b10c4a44..0000000000
--- a/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Add missing include that triggers a build failure on PowerPC:
-
- ../../../../gcc-5.4.0/libsanitizer/asan/asan_linux.cc: In function ‘bool __asan::AsanInterceptsSignal(int)’:
- ../../../../gcc-5.4.0/libsanitizer/asan/asan_linux.cc:222:20: error: ‘SIGSEGV’ was not declared in this scope
- return signum == SIGSEGV && common_flags()->handle_segv;
- ^
-From <https://patchwork.ozlabs.org/patch/725596/>.
-
-diff --git a/libsanitizer/asan/asan_linux.cc b/libsanitizer/asan/asan_linux.cc
-index c504168..59087b9 100644
---- a/libsanitizer/asan/asan_linux.cc
-+++ b/libsanitizer/asan/asan_linux.cc
-@@ -29,6 +29,7 @@
- #include <dlfcn.h>
- #include <fcntl.h>
- #include <pthread.h>
-+#include <signal.h>
- #include <stdio.h>
- #include <unistd.h>
- #include <unwind.h>
diff --git a/gnu/packages/patches/gcc-fix-texi2pod.patch b/gnu/packages/patches/gcc-fix-texi2pod.patch
new file mode 100644
index 0000000000..28bd56a382
--- /dev/null
+++ b/gnu/packages/patches/gcc-fix-texi2pod.patch
@@ -0,0 +1,19 @@
+This patch was taken from the official GCC git repository.
+X-Git-Url: https://gcc.gnu.org/git/?p=gcc.git;a=blobdiff_plain;f=contrib%2Ftexi2pod.pl;h=91bdbb5cea933d0381f2924ab94490fca31d5800;hp=eba1bcaa3cffa78b46030b219d04fe7d68367658;hb=67b56c905078d49d3e4028085e5cb1e1fb87a8aa;hpb=2f508a78310caab123e9794d3dcfe41f2769449b
+
+It fixes a defect in the contrib/texi2pod.pl script that prevented generating
+manual pages. It was corrected in the GCC 6.X series.
+
+diff --git a/contrib/texi2pod.pl b/contrib/texi2pod.pl
+index eba1bca..91bdbb5 100755
+--- a/contrib/texi2pod.pl
++++ b/contrib/texi2pod.pl
+@@ -316,7 +316,7 @@ while(<$inf>) {
+ @columns = ();
+ for $column (split (/\s*\@tab\s*/, $1)) {
+ # @strong{...} is used a @headitem work-alike
+- $column =~ s/^\@strong{(.*)}$/$1/;
++ $column =~ s/^\@strong\{(.*)\}$/$1/;
+ push @columns, $column;
+ }
+ $_ = "\n=item ".join (" : ", @columns)."\n";
diff --git a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
deleted file mode 100644
index d38bd593c0..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
+++ /dev/null
@@ -1,195 +0,0 @@
-Fix CVE-2017-8291:
-
-https://bugs.ghostscript.com/show_bug.cgi?id=697799
-https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate)
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291
-
-Patches copied from upstream source repository:
-
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad
-
-From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 27 Apr 2017 13:03:33 +0100
-Subject: [PATCH] Bug 697799: have .eqproc check its parameters
-
-The Ghostscript custom operator .eqproc was not check the number or type of
-the parameters it was given.
----
- psi/zmisc3.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/psi/zmisc3.c b/psi/zmisc3.c
-index 54b304246..37293ff4b 100644
---- a/psi/zmisc3.c
-+++ b/psi/zmisc3.c
-@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
- ref2_t stack[MAX_DEPTH + 1];
- ref2_t *top = stack;
-
-+ if (ref_stack_count(&o_stack) < 2)
-+ return_error(gs_error_stackunderflow);
-+ if (!r_is_array(op - 1) || !r_is_array(op)) {
-+ return_error(gs_error_typecheck);
-+ }
-+
- make_array(&stack[0].proc1, 0, 1, op - 1);
- make_array(&stack[0].proc2, 0, 1, op);
- for (;;) {
---
-2.13.0
-
-From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 27 Apr 2017 13:21:31 +0100
-Subject: [PATCH] Bug 697799: have .rsdparams check its parameters
-
-The Ghostscript internal operator .rsdparams wasn't checking the number or
-type of the operands it was being passed. Do so.
----
- psi/zfrsd.c | 22 +++++++++++++++-------
- 1 file changed, 15 insertions(+), 7 deletions(-)
-
-diff --git a/psi/zfrsd.c b/psi/zfrsd.c
-index 191107d8a..950588d69 100644
---- a/psi/zfrsd.c
-+++ b/psi/zfrsd.c
-@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
- ref *pFilter;
- ref *pDecodeParms;
- int Intent = 0;
-- bool AsyncRead;
-+ bool AsyncRead = false;
- ref empty_array, filter1_array, parms1_array;
- uint i;
-- int code;
-+ int code = 0;
-+
-+ if (ref_stack_count(&o_stack) < 1)
-+ return_error(gs_error_stackunderflow);
-+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
-+ return_error(gs_error_typecheck);
-+ }
-
- make_empty_array(&empty_array, a_readonly);
-- if (dict_find_string(op, "Filter", &pFilter) > 0) {
-+ if (r_has_type(op, t_dictionary)
-+ && dict_find_string(op, "Filter", &pFilter) > 0) {
- if (!r_is_array(pFilter)) {
- if (!r_has_type(pFilter, t_name))
- return_error(gs_error_typecheck);
-@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
- return_error(gs_error_typecheck);
- }
- }
-- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
-+ if (r_has_type(op, t_dictionary))
-+ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
- if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
- return code;
-- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
-- )
-- return code;
-+ if (r_has_type(op, t_dictionary))
-+ if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0)
-+ return code;
- push(1);
- op[-1] = *pFilter;
- if (pDecodeParms)
---
-2.13.0
-
-From 57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Wed, 3 May 2017 12:05:45 +0100
-Subject: [PATCH] Bug 697846: revision to commit 4f83478c88 (.eqproc)
-
-When using the "DELAYBIND" feature, it turns out that .eqproc can be called with
-parameters that are not both procedures. In this case, it turns out, the
-expectation is for the operator to return 'false', rather than throw an error.
----
- psi/zmisc3.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/psi/zmisc3.c b/psi/zmisc3.c
-index 37293ff4b..3f01d39a3 100644
---- a/psi/zmisc3.c
-+++ b/psi/zmisc3.c
-@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p)
- return gs_cliprestore(igs);
- }
-
-+static inline bool
-+eqproc_check_type(ref *r)
-+{
-+ return r_has_type(r, t_array)
-+ || r_has_type(r, t_mixedarray)
-+ || r_has_type(r, t_shortarray)
-+ || r_has_type(r, t_oparray);
-+}
-+
- /* <proc1> <proc2> .eqproc <bool> */
- /*
- * Test whether two procedures are equal to depth 10.
-@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p)
-
- if (ref_stack_count(&o_stack) < 2)
- return_error(gs_error_stackunderflow);
-- if (!r_is_array(op - 1) || !r_is_array(op)) {
-- return_error(gs_error_typecheck);
-+ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
-+ make_false(op - 1);
-+ pop(1);
-+ return 0;
- }
-
- make_array(&stack[0].proc1, 0, 1, op - 1);
---
-2.13.0
-
-From ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 11 May 2017 14:07:48 +0100
-Subject: [PATCH] Bug 697892: fix check for op stack underflow.
-
-In the original fix, I used the wrong method to check for stack underflow, this
-is using the correct method.
----
- psi/zfrsd.c | 3 +--
- psi/zmisc3.c | 3 +--
- 2 files changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/psi/zfrsd.c b/psi/zfrsd.c
-index 950588d69..9c035b96d 100644
---- a/psi/zfrsd.c
-+++ b/psi/zfrsd.c
-@@ -54,8 +54,7 @@ zrsdparams(i_ctx_t *i_ctx_p)
- uint i;
- int code = 0;
-
-- if (ref_stack_count(&o_stack) < 1)
-- return_error(gs_error_stackunderflow);
-+ check_op(1);
- if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
- return_error(gs_error_typecheck);
- }
-diff --git a/psi/zmisc3.c b/psi/zmisc3.c
-index 3f01d39a3..43803b55b 100644
---- a/psi/zmisc3.c
-+++ b/psi/zmisc3.c
-@@ -65,8 +65,7 @@ zeqproc(i_ctx_t *i_ctx_p)
- ref2_t stack[MAX_DEPTH + 1];
- ref2_t *top = stack;
-
-- if (ref_stack_count(&o_stack) < 2)
-- return_error(gs_error_stackunderflow);
-+ check_op(2);
- if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
- make_false(op - 1);
- pop(1);
---
-2.13.0
-
diff --git a/gnu/packages/patches/glib-respect-datadir.patch b/gnu/packages/patches/glib-respect-datadir.patch
new file mode 100644
index 0000000000..309ce9fc0b
--- /dev/null
+++ b/gnu/packages/patches/glib-respect-datadir.patch
@@ -0,0 +1,21 @@
+On Guix, Python modules are in a different output from the executables,
+so searching "../share/glib-2.0" will not work.
+
+This patch restores behaviour prior to this commit:
+<https://git.gnome.org/browse/glib/commit/?id=fe2a9887a8ccb14f2386e01b14834e97a33bc2d7>
+
+--- a/gio/gdbus-2.0/codegen/gdbus-codegen.in
++++ b/gio/gdbus-2.0/codegen/gdbus-codegen.in
+@@ -25,9 +25,12 @@
+
+ srcdir = os.getenv('UNINSTALLED_GLIB_SRCDIR', None)
+ filedir = os.path.dirname(__file__)
++datadir = os.path.join('@datadir@', 'glib-2.0')
+
+ if srcdir is not None:
+ path = os.path.join(srcdir, 'gio', 'gdbus-2.0')
++elif os.path.exists(os.path.join(datadir, 'codegen')):
++ path = datadir
+ elif os.path.basename(filedir) == 'bin':
+ # Make the prefix containing gdbus-codegen 'relocatable' at runtime by
+ # adding /some/prefix/bin/../share/glib-2.0 to the python path
diff --git a/gnu/packages/patches/grep-gnulib-lock.patch b/gnu/packages/patches/grep-gnulib-lock.patch
deleted file mode 100644
index 68c33f1031..0000000000
--- a/gnu/packages/patches/grep-gnulib-lock.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-This patch fix error on 'gnulib' library required to build
-'grep' package on GNU/Hurd.
-The patch was adapted from upstream source repository:
-'<http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commit;h=4084b3a1094372b960ce4a97634e08f4538c8bdd>'
-
-Commit: 4084b3a1094372b960ce4a97634e08f4538c8bdd
-
-diff --git a/lib/glthread/lock.c b/lib/glthread/lock.c
-index 061562b..afc86f4 100644
---- a/lib/glthread/lock.c
-+++ b/lib/glthread/lock.c
-@@ -30,7 +30,7 @@
-
- /* ------------------------- gl_rwlock_t datatype ------------------------- */
-
--# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1))
-+# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1)))
-
- # ifdef PTHREAD_RWLOCK_INITIALIZER
-
-diff --git a/lib/glthread/lock.h b/lib/glthread/lock.h
-index ec16d39..67932aa 100644
---- a/lib/glthread/lock.h
-+++ b/lib/glthread/lock.h
-@@ -179,7 +179,7 @@ typedef pthread_mutex_t gl_lock_t;
-
- /* ------------------------- gl_rwlock_t datatype ------------------------- */
-
--# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1))
-+# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1)))
-
- # ifdef PTHREAD_RWLOCK_INITIALIZER
diff --git a/gnu/packages/patches/libxml2-CVE-2016-4658.patch b/gnu/packages/patches/libxml2-CVE-2016-4658.patch
deleted file mode 100644
index a4e1f31fae..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2016-4658.patch
+++ /dev/null
@@ -1,257 +0,0 @@
-Fix CVE-2016-4658:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
-
-Patch copied from upstream source repository:
-
-https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
-
-From c1d1f7121194036608bf555f08d3062a36fd344b Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 28 Jun 2016 18:34:52 +0200
-Subject: [PATCH] Disallow namespace nodes in XPointer ranges
-
-Namespace nodes must be copied to avoid use-after-free errors.
-But they don't necessarily have a physical representation in a
-document, so simply disallow them in XPointer ranges.
-
-Found with afl-fuzz.
-
-Fixes CVE-2016-4658.
----
- xpointer.c | 149 +++++++++++++++++++++++--------------------------------------
- 1 file changed, 56 insertions(+), 93 deletions(-)
-
-diff --git a/xpointer.c b/xpointer.c
-index a7b03fbd..694d120e 100644
---- a/xpointer.c
-+++ b/xpointer.c
-@@ -320,6 +320,45 @@ xmlXPtrRangesEqual(xmlXPathObjectPtr range1, xmlXPathObjectPtr range2) {
- }
-
- /**
-+ * xmlXPtrNewRangeInternal:
-+ * @start: the starting node
-+ * @startindex: the start index
-+ * @end: the ending point
-+ * @endindex: the ending index
-+ *
-+ * Internal function to create a new xmlXPathObjectPtr of type range
-+ *
-+ * Returns the newly created object.
-+ */
-+static xmlXPathObjectPtr
-+xmlXPtrNewRangeInternal(xmlNodePtr start, int startindex,
-+ xmlNodePtr end, int endindex) {
-+ xmlXPathObjectPtr ret;
-+
-+ /*
-+ * Namespace nodes must be copied (see xmlXPathNodeSetDupNs).
-+ * Disallow them for now.
-+ */
-+ if ((start != NULL) && (start->type == XML_NAMESPACE_DECL))
-+ return(NULL);
-+ if ((end != NULL) && (end->type == XML_NAMESPACE_DECL))
-+ return(NULL);
-+
-+ ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-+ if (ret == NULL) {
-+ xmlXPtrErrMemory("allocating range");
-+ return(NULL);
-+ }
-+ memset(ret, 0, sizeof(xmlXPathObject));
-+ ret->type = XPATH_RANGE;
-+ ret->user = start;
-+ ret->index = startindex;
-+ ret->user2 = end;
-+ ret->index2 = endindex;
-+ return(ret);
-+}
-+
-+/**
- * xmlXPtrNewRange:
- * @start: the starting node
- * @startindex: the start index
-@@ -344,17 +383,7 @@ xmlXPtrNewRange(xmlNodePtr start, int startindex,
- if (endindex < 0)
- return(NULL);
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start;
-- ret->index = startindex;
-- ret->user2 = end;
-- ret->index2 = endindex;
-+ ret = xmlXPtrNewRangeInternal(start, startindex, end, endindex);
- xmlXPtrRangeCheckOrder(ret);
- return(ret);
- }
-@@ -381,17 +410,8 @@ xmlXPtrNewRangePoints(xmlXPathObjectPtr start, xmlXPathObjectPtr end) {
- if (end->type != XPATH_POINT)
- return(NULL);
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start->user;
-- ret->index = start->index;
-- ret->user2 = end->user;
-- ret->index2 = end->index;
-+ ret = xmlXPtrNewRangeInternal(start->user, start->index, end->user,
-+ end->index);
- xmlXPtrRangeCheckOrder(ret);
- return(ret);
- }
-@@ -416,17 +436,7 @@ xmlXPtrNewRangePointNode(xmlXPathObjectPtr start, xmlNodePtr end) {
- if (start->type != XPATH_POINT)
- return(NULL);
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start->user;
-- ret->index = start->index;
-- ret->user2 = end;
-- ret->index2 = -1;
-+ ret = xmlXPtrNewRangeInternal(start->user, start->index, end, -1);
- xmlXPtrRangeCheckOrder(ret);
- return(ret);
- }
-@@ -453,17 +463,7 @@ xmlXPtrNewRangeNodePoint(xmlNodePtr start, xmlXPathObjectPtr end) {
- if (end->type != XPATH_POINT)
- return(NULL);
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start;
-- ret->index = -1;
-- ret->user2 = end->user;
-- ret->index2 = end->index;
-+ ret = xmlXPtrNewRangeInternal(start, -1, end->user, end->index);
- xmlXPtrRangeCheckOrder(ret);
- return(ret);
- }
-@@ -486,17 +486,7 @@ xmlXPtrNewRangeNodes(xmlNodePtr start, xmlNodePtr end) {
- if (end == NULL)
- return(NULL);
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start;
-- ret->index = -1;
-- ret->user2 = end;
-- ret->index2 = -1;
-+ ret = xmlXPtrNewRangeInternal(start, -1, end, -1);
- xmlXPtrRangeCheckOrder(ret);
- return(ret);
- }
-@@ -516,17 +506,7 @@ xmlXPtrNewCollapsedRange(xmlNodePtr start) {
- if (start == NULL)
- return(NULL);
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start;
-- ret->index = -1;
-- ret->user2 = NULL;
-- ret->index2 = -1;
-+ ret = xmlXPtrNewRangeInternal(start, -1, NULL, -1);
- return(ret);
- }
-
-@@ -541,6 +521,8 @@ xmlXPtrNewCollapsedRange(xmlNodePtr start) {
- */
- xmlXPathObjectPtr
- xmlXPtrNewRangeNodeObject(xmlNodePtr start, xmlXPathObjectPtr end) {
-+ xmlNodePtr endNode;
-+ int endIndex;
- xmlXPathObjectPtr ret;
-
- if (start == NULL)
-@@ -549,7 +531,12 @@ xmlXPtrNewRangeNodeObject(xmlNodePtr start, xmlXPathObjectPtr end) {
- return(NULL);
- switch (end->type) {
- case XPATH_POINT:
-+ endNode = end->user;
-+ endIndex = end->index;
-+ break;
- case XPATH_RANGE:
-+ endNode = end->user2;
-+ endIndex = end->index2;
- break;
- case XPATH_NODESET:
- /*
-@@ -557,39 +544,15 @@ xmlXPtrNewRangeNodeObject(xmlNodePtr start, xmlXPathObjectPtr end) {
- */
- if (end->nodesetval->nodeNr <= 0)
- return(NULL);
-+ endNode = end->nodesetval->nodeTab[end->nodesetval->nodeNr - 1];
-+ endIndex = -1;
- break;
- default:
- /* TODO */
- return(NULL);
- }
-
-- ret = (xmlXPathObjectPtr) xmlMalloc(sizeof(xmlXPathObject));
-- if (ret == NULL) {
-- xmlXPtrErrMemory("allocating range");
-- return(NULL);
-- }
-- memset(ret, 0 , (size_t) sizeof(xmlXPathObject));
-- ret->type = XPATH_RANGE;
-- ret->user = start;
-- ret->index = -1;
-- switch (end->type) {
-- case XPATH_POINT:
-- ret->user2 = end->user;
-- ret->index2 = end->index;
-- break;
-- case XPATH_RANGE:
-- ret->user2 = end->user2;
-- ret->index2 = end->index2;
-- break;
-- case XPATH_NODESET: {
-- ret->user2 = end->nodesetval->nodeTab[end->nodesetval->nodeNr - 1];
-- ret->index2 = -1;
-- break;
-- }
-- default:
-- STRANGE
-- return(NULL);
-- }
-+ ret = xmlXPtrNewRangeInternal(start, -1, endNode, endIndex);
- xmlXPtrRangeCheckOrder(ret);
- return(ret);
- }
---
-2.11.0
-
diff --git a/gnu/packages/patches/libxml2-CVE-2016-5131.patch b/gnu/packages/patches/libxml2-CVE-2016-5131.patch
deleted file mode 100644
index 38938c8e3e..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2016-5131.patch
+++ /dev/null
@@ -1,218 +0,0 @@
-Fix CVE-2016-5131:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
-
-Patches copied from upstream source repository (the test suite fails
-without the 2nd patch):
-
-https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
-https://git.gnome.org/browse/libxml2/commit/?id=a005199330b86dada19d162cae15ef9bdcb6baa8
-
-From 9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 28 Jun 2016 14:22:23 +0200
-Subject: [PATCH] Fix XPointer paths beginning with range-to
-
-The old code would invoke the broken xmlXPtrRangeToFunction. range-to
-isn't really a function but a special kind of location step. Remove
-this function and always handle range-to in the XPath code.
-
-The old xmlXPtrRangeToFunction could also be abused to trigger a
-use-after-free error with the potential for remote code execution.
-
-Found with afl-fuzz.
-
-Fixes CVE-2016-5131.
----
- result/XPath/xptr/vidbase | 13 ++++++++
- test/XPath/xptr/vidbase | 1 +
- xpath.c | 7 ++++-
- xpointer.c | 76 ++++-------------------------------------------
- 4 files changed, 26 insertions(+), 71 deletions(-)
-
-diff --git a/result/XPath/xptr/vidbase b/result/XPath/xptr/vidbase
-index 8b9e92d6..f19193e7 100644
---- a/result/XPath/xptr/vidbase
-+++ b/result/XPath/xptr/vidbase
-@@ -17,3 +17,16 @@ Object is a Location Set:
- To node
- ELEMENT p
-
-+
-+========================
-+Expression: xpointer(range-to(id('chapter2')))
-+Object is a Location Set:
-+1 : Object is a range :
-+ From node
-+ /
-+ To node
-+ ELEMENT chapter
-+ ATTRIBUTE id
-+ TEXT
-+ content=chapter2
-+
-diff --git a/test/XPath/xptr/vidbase b/test/XPath/xptr/vidbase
-index b1463830..884b1065 100644
---- a/test/XPath/xptr/vidbase
-+++ b/test/XPath/xptr/vidbase
-@@ -1,2 +1,3 @@
- xpointer(id('chapter1')/p)
- xpointer(id('chapter1')/p[1]/range-to(following-sibling::p[2]))
-+xpointer(range-to(id('chapter2')))
-diff --git a/xpath.c b/xpath.c
-index d992841e..5a01b1b3 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -10691,13 +10691,18 @@ xmlXPathCompPathExpr(xmlXPathParserContextPtr ctxt) {
- lc = 1;
- break;
- } else if ((NXT(len) == '(')) {
-- /* Note Type or Function */
-+ /* Node Type or Function */
- if (xmlXPathIsNodeType(name)) {
- #ifdef DEBUG_STEP
- xmlGenericError(xmlGenericErrorContext,
- "PathExpr: Type search\n");
- #endif
- lc = 1;
-+#ifdef LIBXML_XPTR_ENABLED
-+ } else if (ctxt->xptr &&
-+ xmlStrEqual(name, BAD_CAST "range-to")) {
-+ lc = 1;
-+#endif
- } else {
- #ifdef DEBUG_STEP
- xmlGenericError(xmlGenericErrorContext,
-diff --git a/xpointer.c b/xpointer.c
-index 676c5105..d74174a3 100644
---- a/xpointer.c
-+++ b/xpointer.c
-@@ -1332,8 +1332,6 @@ xmlXPtrNewContext(xmlDocPtr doc, xmlNodePtr here, xmlNodePtr origin) {
- ret->here = here;
- ret->origin = origin;
-
-- xmlXPathRegisterFunc(ret, (xmlChar *)"range-to",
-- xmlXPtrRangeToFunction);
- xmlXPathRegisterFunc(ret, (xmlChar *)"range",
- xmlXPtrRangeFunction);
- xmlXPathRegisterFunc(ret, (xmlChar *)"range-inside",
-@@ -2243,76 +2241,14 @@ xmlXPtrRangeInsideFunction(xmlXPathParserContextPtr ctxt, int nargs) {
- * @nargs: the number of args
- *
- * Implement the range-to() XPointer function
-+ *
-+ * Obsolete. range-to is not a real function but a special type of location
-+ * step which is handled in xpath.c.
- */
- void
--xmlXPtrRangeToFunction(xmlXPathParserContextPtr ctxt, int nargs) {
-- xmlXPathObjectPtr range;
-- const xmlChar *cur;
-- xmlXPathObjectPtr res, obj;
-- xmlXPathObjectPtr tmp;
-- xmlLocationSetPtr newset = NULL;
-- xmlNodeSetPtr oldset;
-- int i;
--
-- if (ctxt == NULL) return;
-- CHECK_ARITY(1);
-- /*
-- * Save the expression pointer since we will have to evaluate
-- * it multiple times. Initialize the new set.
-- */
-- CHECK_TYPE(XPATH_NODESET);
-- obj = valuePop(ctxt);
-- oldset = obj->nodesetval;
-- ctxt->context->node = NULL;
--
-- cur = ctxt->cur;
-- newset = xmlXPtrLocationSetCreate(NULL);
--
-- for (i = 0; i < oldset->nodeNr; i++) {
-- ctxt->cur = cur;
--
-- /*
-- * Run the evaluation with a node list made of a single item
-- * in the nodeset.
-- */
-- ctxt->context->node = oldset->nodeTab[i];
-- tmp = xmlXPathNewNodeSet(ctxt->context->node);
-- valuePush(ctxt, tmp);
--
-- xmlXPathEvalExpr(ctxt);
-- CHECK_ERROR;
--
-- /*
-- * The result of the evaluation need to be tested to
-- * decided whether the filter succeeded or not
-- */
-- res = valuePop(ctxt);
-- range = xmlXPtrNewRangeNodeObject(oldset->nodeTab[i], res);
-- if (range != NULL) {
-- xmlXPtrLocationSetAdd(newset, range);
-- }
--
-- /*
-- * Cleanup
-- */
-- if (res != NULL)
-- xmlXPathFreeObject(res);
-- if (ctxt->value == tmp) {
-- res = valuePop(ctxt);
-- xmlXPathFreeObject(res);
-- }
--
-- ctxt->context->node = NULL;
-- }
--
-- /*
-- * The result is used as the new evaluation set.
-- */
-- xmlXPathFreeObject(obj);
-- ctxt->context->node = NULL;
-- ctxt->context->contextSize = -1;
-- ctxt->context->proximityPosition = -1;
-- valuePush(ctxt, xmlXPtrWrapLocationSet(newset));
-+xmlXPtrRangeToFunction(xmlXPathParserContextPtr ctxt,
-+ int nargs ATTRIBUTE_UNUSED) {
-+ XP_ERROR(XPATH_EXPR_ERROR);
- }
-
- /**
---
-2.11.0
-
-From a005199330b86dada19d162cae15ef9bdcb6baa8 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 28 Jun 2016 14:19:58 +0200
-Subject: [PATCH] Fix comparison with root node in xmlXPathCmpNodes
-
-This change has already been made in xmlXPathCmpNodesExt but not in
-xmlXPathCmpNodes.
----
- xpath.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/xpath.c b/xpath.c
-index 751665b8..d992841e 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -3342,13 +3342,13 @@ xmlXPathCmpNodes(xmlNodePtr node1, xmlNodePtr node2) {
- * compute depth to root
- */
- for (depth2 = 0, cur = node2;cur->parent != NULL;cur = cur->parent) {
-- if (cur == node1)
-+ if (cur->parent == node1)
- return(1);
- depth2++;
- }
- root = cur;
- for (depth1 = 0, cur = node1;cur->parent != NULL;cur = cur->parent) {
-- if (cur == node2)
-+ if (cur->parent == node2)
- return(-1);
- depth1++;
- }
---
-2.11.0
-
diff --git a/gnu/packages/patches/libxml2-CVE-2017-0663.patch b/gnu/packages/patches/libxml2-CVE-2017-0663.patch
deleted file mode 100644
index b0277a2d23..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2017-0663.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-Fix CVE-2017-0663:
-
-https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public)
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
-https://security-tracker.debian.org/tracker/CVE-2017-0663
-
-Patch copied from upstream source repository:
-
-https://git.gnome.org/browse/libxml2/commit/?id=92b9e8c8b3787068565a1820ba575d042f9eec66
-
-From 92b9e8c8b3787068565a1820ba575d042f9eec66 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 6 Jun 2017 12:56:28 +0200
-Subject: [PATCH] Fix type confusion in xmlValidateOneNamespace
-
-Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on
-namespace declarations make no practical sense anyway.
-
-Fixes bug 780228.
-
-Found with libFuzzer and ASan.
----
- valid.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/valid.c b/valid.c
-index 8075d3a0..c51ea290 100644
---- a/valid.c
-+++ b/valid.c
-@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
- }
- }
-
-+ /*
-+ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions
-+ * xmlAddID and xmlAddRef for namespace declarations, but it makes
-+ * no practical sense to use ID types anyway.
-+ */
-+#if 0
- /* Validity Constraint: ID uniqueness */
- if (attrDecl->atype == XML_ATTRIBUTE_ID) {
- if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
-@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
- if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
- ret = 0;
- }
-+#endif
-
- /* Validity Constraint: Notation Attributes */
- if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) {
---
-2.14.1
-
diff --git a/gnu/packages/patches/libxml2-CVE-2017-7375.patch b/gnu/packages/patches/libxml2-CVE-2017-7375.patch
deleted file mode 100644
index 32af1ff6ba..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2017-7375.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-Fix CVE-2017-7375:
-
-https://bugzilla.gnome.org/show_bug.cgi?id=780691 (not yet public)
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
-https://security-tracker.debian.org/tracker/CVE-2017-7375
-
-Patch copied from upstream source repository:
-
-https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
-
-From 90ccb58242866b0ba3edbef8fe44214a101c2b3e Mon Sep 17 00:00:00 2001
-From: Neel Mehta <nmehta@google.com>
-Date: Fri, 7 Apr 2017 17:43:02 +0200
-Subject: [PATCH] Prevent unwanted external entity reference
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=780691
-
-* parser.c: add a specific check to avoid PE reference
----
- parser.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/parser.c b/parser.c
-index 609a2703..c2c812de 100644
---- a/parser.c
-+++ b/parser.c
-@@ -8123,6 +8123,15 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
- if (xmlPushInput(ctxt, input) < 0)
- return;
- } else {
-+ if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
-+ ((ctxt->options & XML_PARSE_NOENT) == 0) &&
-+ ((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
-+ ((ctxt->options & XML_PARSE_DTDLOAD) == 0) &&
-+ ((ctxt->options & XML_PARSE_DTDATTR) == 0) &&
-+ (ctxt->replaceEntities == 0) &&
-+ (ctxt->validate == 0))
-+ return;
-+
- /*
- * TODO !!!
- * handle the extra spaces added before and after
---
-2.14.1
-
diff --git a/gnu/packages/patches/libxml2-CVE-2017-7376.patch b/gnu/packages/patches/libxml2-CVE-2017-7376.patch
deleted file mode 100644
index 5b9e45bd83..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2017-7376.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-Fix CVE-2017-7376:
-
-https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public)
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
-https://security-tracker.debian.org/tracker/CVE-2017-7376
-
-Patch copied from upstream source repository:
-
-https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e
-
-From 5dca9eea1bd4263bfa4d037ab2443de1cd730f7e Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 7 Apr 2017 17:13:28 +0200
-Subject: [PATCH] Increase buffer space for port in HTTP redirect support
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=780690
-
-nanohttp.c: the code wrongly assumed a short int port value.
----
- nanohttp.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/nanohttp.c b/nanohttp.c
-index e109ad75..373425de 100644
---- a/nanohttp.c
-+++ b/nanohttp.c
-@@ -1423,9 +1423,9 @@ retry:
- if (ctxt->port != 80) {
- /* reserve space for ':xxxxx', incl. potential proxy */
- if (proxy)
-- blen += 12;
-+ blen += 17;
- else
-- blen += 6;
-+ blen += 11;
- }
- bp = (char*)xmlMallocAtomic(blen);
- if ( bp == NULL ) {
---
-2.14.1
-
diff --git a/gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch b/gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch
deleted file mode 100644
index 0a0e6d34cf..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch
+++ /dev/null
@@ -1,130 +0,0 @@
-Fix CVE-2017-{9047,9048}:
-
-https://bugzilla.gnome.org/show_bug.cgi?id=781333 (not yet public)
-https://bugzilla.gnome.org/show_bug.cgi?id=781701 (not yet public)
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
-http://www.openwall.com/lists/oss-security/2017/05/15/1
-https://security-tracker.debian.org/tracker/CVE-2017-9047
-https://security-tracker.debian.org/tracker/CVE-2017-9048
-
-Patch copied from upstream source repository:
-
-https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
-
-From 932cc9896ab41475d4aa429c27d9afd175959d74 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sat, 3 Jun 2017 02:01:29 +0200
-Subject: [PATCH] Fix buffer size checks in xmlSnprintfElementContent
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-xmlSnprintfElementContent failed to correctly check the available
-buffer space in two locations.
-
-Fixes bug 781333 (CVE-2017-9047) and bug 781701 (CVE-2017-9048).
-
-Thanks to Marcel Böhme and Thuan Pham for the report.
----
- result/valid/781333.xml | 5 +++++
- result/valid/781333.xml.err | 3 +++
- result/valid/781333.xml.err.rdr | 6 ++++++
- test/valid/781333.xml | 4 ++++
- valid.c | 20 +++++++++++---------
- 5 files changed, 29 insertions(+), 9 deletions(-)
- create mode 100644 result/valid/781333.xml
- create mode 100644 result/valid/781333.xml.err
- create mode 100644 result/valid/781333.xml.err.rdr
- create mode 100644 test/valid/781333.xml
-
-diff --git a/result/valid/781333.xml b/result/valid/781333.xml
-new file mode 100644
-index 00000000..45dc451d
---- /dev/null
-+++ b/result/valid/781333.xml
-@@ -0,0 +1,5 @@
-+<?xml version="1.0"?>
-+<!DOCTYPE a [
-+<!ELEMENT a (pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp:llllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll)>
-+]>
-+<a/>
-diff --git a/result/valid/781333.xml.err b/result/valid/781333.xml.err
-new file mode 100644
-index 00000000..b401b49a
---- /dev/null
-+++ b/result/valid/781333.xml.err
-@@ -0,0 +1,3 @@
-+./test/valid/781333.xml:4: element a: validity error : Element a content does not follow the DTD, expecting ( ..., got
-+<a/>
-+ ^
-diff --git a/result/valid/781333.xml.err.rdr b/result/valid/781333.xml.err.rdr
-new file mode 100644
-index 00000000..5ff56992
---- /dev/null
-+++ b/result/valid/781333.xml.err.rdr
-@@ -0,0 +1,6 @@
-+./test/valid/781333.xml:4: element a: validity error : Element a content does not follow the DTD, expecting ( ..., got
-+<a/>
-+ ^
-+./test/valid/781333.xml:5: element a: validity error : Element a content does not follow the DTD, Expecting more child
-+
-+^
-diff --git a/test/valid/781333.xml b/test/valid/781333.xml
-new file mode 100644
-index 00000000..b29e5a68
---- /dev/null
-+++ b/test/valid/781333.xml
-@@ -0,0 +1,4 @@
-+<!DOCTYPE a [
-+ <!ELEMENT a (pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp:llllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll)>
-+]>
-+<a/>
-diff --git a/valid.c b/valid.c
-index 19f84b82..9b2df56a 100644
---- a/valid.c
-+++ b/valid.c
-@@ -1262,22 +1262,23 @@ xmlSnprintfElementContent(char *buf, int size, xmlElementContentPtr content, int
- case XML_ELEMENT_CONTENT_PCDATA:
- strcat(buf, "#PCDATA");
- break;
-- case XML_ELEMENT_CONTENT_ELEMENT:
-+ case XML_ELEMENT_CONTENT_ELEMENT: {
-+ int qnameLen = xmlStrlen(content->name);
-+
-+ if (content->prefix != NULL)
-+ qnameLen += xmlStrlen(content->prefix) + 1;
-+ if (size - len < qnameLen + 10) {
-+ strcat(buf, " ...");
-+ return;
-+ }
- if (content->prefix != NULL) {
-- if (size - len < xmlStrlen(content->prefix) + 10) {
-- strcat(buf, " ...");
-- return;
-- }
- strcat(buf, (char *) content->prefix);
- strcat(buf, ":");
- }
-- if (size - len < xmlStrlen(content->name) + 10) {
-- strcat(buf, " ...");
-- return;
-- }
- if (content->name != NULL)
- strcat(buf, (char *) content->name);
- break;
-+ }
- case XML_ELEMENT_CONTENT_SEQ:
- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) ||
- (content->c1->type == XML_ELEMENT_CONTENT_SEQ))
-@@ -1319,6 +1320,7 @@ xmlSnprintfElementContent(char *buf, int size, xmlElementContentPtr content, int
- xmlSnprintfElementContent(buf, size, content->c2, 0);
- break;
- }
-+ if (size - strlen(buf) <= 2) return;
- if (englob)
- strcat(buf, ")");
- switch (content->ocur) {
---
-2.14.1
-
diff --git a/gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch b/gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch
deleted file mode 100644
index 890e9c2284..0000000000
--- a/gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch
+++ /dev/null
@@ -1,319 +0,0 @@
-Fix CVE-2017-{9049,9050}:
-
-https://bugzilla.gnome.org/show_bug.cgi?id=781205 (not yet public)
-https://bugzilla.gnome.org/show_bug.cgi?id=781361 (not yet public)
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
-http://www.openwall.com/lists/oss-security/2017/05/15/1
-https://security-tracker.debian.org/tracker/CVE-2017-9049
-https://security-tracker.debian.org/tracker/CVE-2017-9050
-
-Patch copied from upstream source repository:
-
-https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
-
-Changes to 'runtest.c' are removed since they introduce test failure
-when applying to libxml2 2.9.4 release tarball.
-
-From e26630548e7d138d2c560844c43820b6767251e3 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 5 Jun 2017 15:37:17 +0200
-Subject: [PATCH] Fix handling of parameter-entity references
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-There were two bugs where parameter-entity references could lead to an
-unexpected change of the input buffer in xmlParseNameComplex and
-xmlDictLookup being called with an invalid pointer.
-
-Percent sign in DTD Names
-=========================
-
-The NEXTL macro used to call xmlParserHandlePEReference. When parsing
-"complex" names inside the DTD, this could result in entity expansion
-which created a new input buffer. The fix is to simply remove the call
-to xmlParserHandlePEReference from the NEXTL macro. This is safe because
-no users of the macro require expansion of parameter entities.
-
-- xmlParseNameComplex
-- xmlParseNCNameComplex
-- xmlParseNmtoken
-
-The percent sign is not allowed in names, which are grammatical tokens.
-
-- xmlParseEntityValue
-
-Parameter-entity references in entity values are expanded but this
-happens in a separate step in this function.
-
-- xmlParseSystemLiteral
-
-Parameter-entity references are ignored in the system literal.
-
-- xmlParseAttValueComplex
-- xmlParseCharDataComplex
-- xmlParseCommentComplex
-- xmlParsePI
-- xmlParseCDSect
-
-Parameter-entity references are ignored outside the DTD.
-
-- xmlLoadEntityContent
-
-This function is only called from xmlStringLenDecodeEntities and
-entities are replaced in a separate step immediately after the function
-call.
-
-This bug could also be triggered with an internal subset and double
-entity expansion.
-
-This fixes bug 766956 initially reported by Wei Lei and independently by
-Chromium's ClusterFuzz, Hanno Böck, and Marco Grassi. Thanks to everyone
-involved.
-
-xmlParseNameComplex with XML_PARSE_OLD10
-========================================
-
-When parsing Names inside an expanded parameter entity with the
-XML_PARSE_OLD10 option, xmlParseNameComplex would call xmlGROW via the
-GROW macro if the input buffer was exhausted. At the end of the
-parameter entity's replacement text, this function would then call
-xmlPopInput which invalidated the input buffer.
-
-There should be no need to invoke GROW in this situation because the
-buffer is grown periodically every XML_PARSER_CHUNK_SIZE characters and,
-at least for UTF-8, in xmlCurrentChar. This also matches the code path
-executed when XML_PARSE_OLD10 is not set.
-
-This fixes bugs 781205 (CVE-2017-9049) and 781361 (CVE-2017-9050).
-Thanks to Marcel Böhme and Thuan Pham for the report.
-
-Additional hardening
-====================
-
-A separate check was added in xmlParseNameComplex to validate the
-buffer size.
----
- Makefile.am | 18 ++++++++++++++++++
- parser.c | 18 ++++++++++--------
- result/errors10/781205.xml | 0
- result/errors10/781205.xml.err | 21 +++++++++++++++++++++
- result/errors10/781361.xml | 0
- result/errors10/781361.xml.err | 13 +++++++++++++
- result/valid/766956.xml | 0
- result/valid/766956.xml.err | 9 +++++++++
- result/valid/766956.xml.err.rdr | 10 ++++++++++
- runtest.c | 3 +++
- test/errors10/781205.xml | 3 +++
- test/errors10/781361.xml | 3 +++
- test/valid/766956.xml | 2 ++
- test/valid/dtds/766956.dtd | 2 ++
- 14 files changed, 94 insertions(+), 8 deletions(-)
- create mode 100644 result/errors10/781205.xml
- create mode 100644 result/errors10/781205.xml.err
- create mode 100644 result/errors10/781361.xml
- create mode 100644 result/errors10/781361.xml.err
- create mode 100644 result/valid/766956.xml
- create mode 100644 result/valid/766956.xml.err
- create mode 100644 result/valid/766956.xml.err.rdr
- create mode 100644 test/errors10/781205.xml
- create mode 100644 test/errors10/781361.xml
- create mode 100644 test/valid/766956.xml
- create mode 100644 test/valid/dtds/766956.dtd
-
-diff --git a/Makefile.am b/Makefile.am
-index 6fc8ffa9..10e716a5 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -427,6 +427,24 @@ Errtests : xmllint$(EXEEXT)
- if [ -n "$$log" ] ; then echo $$name result ; echo "$$log" ; fi ; \
- rm result.$$name error.$$name ; \
- fi ; fi ; done)
-+ @echo "## Error cases regression tests (old 1.0)"
-+ -@(for i in $(srcdir)/test/errors10/*.xml ; do \
-+ name=`basename $$i`; \
-+ if [ ! -d $$i ] ; then \
-+ if [ ! -f $(srcdir)/result/errors10/$$name ] ; then \
-+ echo New test file $$name ; \
-+ $(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i \
-+ 2> $(srcdir)/result/errors10/$$name.err \
-+ > $(srcdir)/result/errors10/$$name ; \
-+ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \
-+ else \
-+ log=`$(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i 2> error.$$name > result.$$name ; \
-+ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \
-+ diff $(srcdir)/result/errors10/$$name result.$$name ; \
-+ diff $(srcdir)/result/errors10/$$name.err error.$$name` ; \
-+ if [ -n "$$log" ] ; then echo $$name result ; echo "$$log" ; fi ; \
-+ rm result.$$name error.$$name ; \
-+ fi ; fi ; done)
- @echo "## Error cases stream regression tests"
- -@(for i in $(srcdir)/test/errors/*.xml ; do \
- name=`basename $$i`; \
-diff --git a/parser.c b/parser.c
-index df2efa55..a175ac4e 100644
---- a/parser.c
-+++ b/parser.c
-@@ -2121,7 +2121,6 @@ static void xmlGROW (xmlParserCtxtPtr ctxt) {
- ctxt->input->line++; ctxt->input->col = 1; \
- } else ctxt->input->col++; \
- ctxt->input->cur += l; \
-- if (*ctxt->input->cur == '%') xmlParserHandlePEReference(ctxt); \
- } while (0)
-
- #define CUR_CHAR(l) xmlCurrentChar(ctxt, &l)
-@@ -3412,13 +3411,6 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
- len += l;
- NEXTL(l);
- c = CUR_CHAR(l);
-- if (c == 0) {
-- count = 0;
-- GROW;
-- if (ctxt->instate == XML_PARSER_EOF)
-- return(NULL);
-- c = CUR_CHAR(l);
-- }
- }
- }
- if ((len > XML_MAX_NAME_LENGTH) &&
-@@ -3426,6 +3418,16 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) {
- xmlFatalErr(ctxt, XML_ERR_NAME_TOO_LONG, "Name");
- return(NULL);
- }
-+ if (ctxt->input->cur - ctxt->input->base < len) {
-+ /*
-+ * There were a couple of bugs where PERefs lead to to a change
-+ * of the buffer. Check the buffer size to avoid passing an invalid
-+ * pointer to xmlDictLookup.
-+ */
-+ xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR,
-+ "unexpected change of input buffer");
-+ return (NULL);
-+ }
- if ((*ctxt->input->cur == '\n') && (ctxt->input->cur[-1] == '\r'))
- return(xmlDictLookup(ctxt->dict, ctxt->input->cur - (len + 1), len));
- return(xmlDictLookup(ctxt->dict, ctxt->input->cur - len, len));
-diff --git a/result/errors10/781205.xml b/result/errors10/781205.xml
-new file mode 100644
-index 00000000..e69de29b
-diff --git a/result/errors10/781205.xml.err b/result/errors10/781205.xml.err
-new file mode 100644
-index 00000000..da15c3f7
---- /dev/null
-+++ b/result/errors10/781205.xml.err
-@@ -0,0 +1,21 @@
-+Entity: line 1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration
-+
-+ %a;
-+ ^
-+Entity: line 1:
-+<:0000
-+^
-+Entity: line 1: parser error : DOCTYPE improperly terminated
-+ %a;
-+ ^
-+Entity: line 1:
-+<:0000
-+^
-+namespace error : Failed to parse QName ':0000'
-+ %a;
-+ ^
-+<:0000
-+ ^
-+./test/errors10/781205.xml:4: parser error : Couldn't find end of Start Tag :0000 line 1
-+
-+^
-diff --git a/result/errors10/781361.xml b/result/errors10/781361.xml
-new file mode 100644
-index 00000000..e69de29b
-diff --git a/result/errors10/781361.xml.err b/result/errors10/781361.xml.err
-new file mode 100644
-index 00000000..655f41a2
---- /dev/null
-+++ b/result/errors10/781361.xml.err
-@@ -0,0 +1,13 @@
-+./test/errors10/781361.xml:4: parser error : xmlParseElementDecl: 'EMPTY', 'ANY' or '(' expected
-+
-+^
-+./test/errors10/781361.xml:4: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration
-+
-+
-+^
-+./test/errors10/781361.xml:4: parser error : DOCTYPE improperly terminated
-+
-+^
-+./test/errors10/781361.xml:4: parser error : Start tag expected, '<' not found
-+
-+^
-diff --git a/result/valid/766956.xml b/result/valid/766956.xml
-new file mode 100644
-index 00000000..e69de29b
-diff --git a/result/valid/766956.xml.err b/result/valid/766956.xml.err
-new file mode 100644
-index 00000000..34b1dae6
---- /dev/null
-+++ b/result/valid/766956.xml.err
-@@ -0,0 +1,9 @@
-+test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';'
-+%ä%ent;
-+ ^
-+Entity: line 1: parser error : Content error in the external subset
-+ %ent;
-+ ^
-+Entity: line 1:
-+value
-+^
-diff --git a/result/valid/766956.xml.err.rdr b/result/valid/766956.xml.err.rdr
-new file mode 100644
-index 00000000..77603462
---- /dev/null
-+++ b/result/valid/766956.xml.err.rdr
-@@ -0,0 +1,10 @@
-+test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';'
-+%ä%ent;
-+ ^
-+Entity: line 1: parser error : Content error in the external subset
-+ %ent;
-+ ^
-+Entity: line 1:
-+value
-+^
-+./test/valid/766956.xml : failed to parse
-diff --git a/test/errors10/781205.xml b/test/errors10/781205.xml
-new file mode 100644
-index 00000000..d9e9e839
---- /dev/null
-+++ b/test/errors10/781205.xml
-@@ -0,0 +1,3 @@
-+<!DOCTYPE D [
-+ <!ENTITY % a "<:0000">
-+ %a;
-diff --git a/test/errors10/781361.xml b/test/errors10/781361.xml
-new file mode 100644
-index 00000000..67476bcb
---- /dev/null
-+++ b/test/errors10/781361.xml
-@@ -0,0 +1,3 @@
-+<!DOCTYPE doc [
-+ <!ENTITY % elem "<!ELEMENT e0000000000">
-+ %elem;
-diff --git a/test/valid/766956.xml b/test/valid/766956.xml
-new file mode 100644
-index 00000000..19a95a0e
---- /dev/null
-+++ b/test/valid/766956.xml
-@@ -0,0 +1,2 @@
-+<!DOCTYPE test SYSTEM "dtds/766956.dtd">
-+<test/>
-diff --git a/test/valid/dtds/766956.dtd b/test/valid/dtds/766956.dtd
-new file mode 100644
-index 00000000..dddde68b
---- /dev/null
-+++ b/test/valid/dtds/766956.dtd
-@@ -0,0 +1,2 @@
-+<!ENTITY % ent "value">
-+%ä%ent;
---
-2.14.1
-
diff --git a/gnu/packages/patches/libxslt-CVE-2016-4738.patch b/gnu/packages/patches/libxslt-CVE-2016-4738.patch
deleted file mode 100644
index a7537c66ca..0000000000
--- a/gnu/packages/patches/libxslt-CVE-2016-4738.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-Fix CVE-2016-4738:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738
-https://bugs.chromium.org/p/chromium/issues/detail?id=619006
-
-Patch copied from upstream source repository:
-https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880
-
-From eb1030de31165b68487f288308f9d1810fed6880 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Fri, 10 Jun 2016 14:23:58 +0200
-Subject: [PATCH] Fix heap overread in xsltFormatNumberConversion
-
-An empty decimal-separator could cause a heap overread. This can be
-exploited to leak a couple of bytes after the buffer that holds the
-pattern string.
-
-Found with afl-fuzz and ASan.
----
- libxslt/numbers.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/libxslt/numbers.c b/libxslt/numbers.c
-index d1549b4..e78c46b 100644
---- a/libxslt/numbers.c
-+++ b/libxslt/numbers.c
-@@ -1090,7 +1090,8 @@ xsltFormatNumberConversion(xsltDecimalFormatPtr self,
- }
-
- /* We have finished the integer part, now work on fraction */
-- if (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) {
-+ if ( (*the_format != 0) &&
-+ (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) ) {
- format_info.add_decimal = TRUE;
- the_format += xsltUTF8Size(the_format); /* Skip over the decimal */
- }
---
-2.10.2
-
diff --git a/gnu/packages/patches/pcre-CVE-2017-7186.patch b/gnu/packages/patches/pcre-CVE-2017-7186.patch
deleted file mode 100644
index d23aa10374..0000000000
--- a/gnu/packages/patches/pcre-CVE-2017-7186.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Patch for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-7186>
-from <https://vcs.pcre.org/pcre?view=revision&revision=1688>.
-
---- trunk/pcre_internal.h 2016/05/21 13:34:44 1649
-+++ trunk/pcre_internal.h 2017/02/24 17:30:30 1688
-@@ -2772,6 +2772,9 @@
- extern const pcre_uint16 PRIV(ucd_stage2)[];
- extern const pcre_uint32 PRIV(ucp_gentype)[];
- extern const pcre_uint32 PRIV(ucp_gbtable)[];
-+#ifdef COMPILE_PCRE32
-+extern const ucd_record PRIV(dummy_ucd_record)[];
-+#endif
- #ifdef SUPPORT_JIT
- extern const int PRIV(ucp_typerange)[];
- #endif
-@@ -2780,9 +2783,15 @@
- /* UCD access macros */
-
- #define UCD_BLOCK_SIZE 128
--#define GET_UCD(ch) (PRIV(ucd_records) + \
-+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
- PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
- UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
-+
-+#ifdef COMPILE_PCRE32
-+#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
-+#else
-+#define GET_UCD(ch) REAL_GET_UCD(ch)
-+#endif
-
- #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype
- #define UCD_SCRIPT(ch) GET_UCD(ch)->script
-
---- trunk/pcre_ucd.c 2014/06/19 07:51:39 1490
-+++ trunk/pcre_ucd.c 2017/02/24 17:30:30 1688
-@@ -38,6 +38,20 @@
- const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0};
- #else
-
-+/* If the 32-bit library is run in non-32-bit mode, character values
-+greater than 0x10ffff may be encountered. For these we set up a
-+special record. */
-+
-+#ifdef COMPILE_PCRE32
-+const ucd_record PRIV(dummy_ucd_record)[] = {{
-+ ucp_Common, /* script */
-+ ucp_Cn, /* type unassigned */
-+ ucp_gbOther, /* grapheme break property */
-+ 0, /* case set */
-+ 0, /* other case */
-+ }};
-+#endif
-+
- /* When recompiling tables with a new Unicode version, please check the
- types in this structure definition from pcre_internal.h (the actual
- field names will be different):
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index 574ae4a6ba..c84f07cc7e 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -33,8 +34,7 @@
(define-public pcre
(package
(name "pcre")
- (version "8.40")
- (replacement pcre-8.41)
+ (version "8.41")
(source (origin
(method url-fetch)
(uri (list
@@ -43,10 +43,9 @@
"pcre-" version ".tar.bz2")
(string-append "mirror://sourceforge/pcre/pcre/"
version "/pcre-" version ".tar.bz2")))
- (patches (search-patches "pcre-CVE-2017-7186.patch"))
(sha256
(base32
- "1x7lpjn7jhk0n3sdvggxrlrhab8kkfjwl7qix0ypw9nlx8lpmqh0"))))
+ "0c5m469p5pd7jip621ipq6hbgh7128lzh7xndllfgh77ban7wb76"))))
(build-system gnu-build-system)
(outputs '("out" ;library & headers
"bin" ;depends on Readline (adds 20MiB to the closure)
@@ -73,21 +72,6 @@ POSIX regular expression API.")
(license license:bsd-3)
(home-page "http://www.pcre.org/")))
-(define pcre-8.41
- (package
- (inherit pcre)
- (version "8.41")
- (source (origin
- (method url-fetch)
- (uri (list (string-append "mirror://sourceforge/pcre/pcre/"
- version "/pcre-" version ".tar.bz2")
- (string-append "ftp://ftp.csx.cam.ac.uk"
- "/pub/software/programming/pcre/"
- "pcre-" version ".tar.bz2")))
- (sha256
- (base32
- "0c5m469p5pd7jip621ipq6hbgh7128lzh7xndllfgh77ban7wb76"))))))
-
(define-public pcre2
(package
(name "pcre2")
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index c392c305a4..438ccdf3f9 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -54,14 +54,14 @@
;; Yeah, Perl... It is required early in the bootstrap process by Linux.
(package
(name "perl")
- (version "5.26.0")
+ (version "5.26.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://cpan/src/5.0/perl-"
version ".tar.gz"))
(sha256
(base32
- "0zxn9hd7mqgq06ikyi6k70ngbvjf01z1paw0jd25byyl0rlwdrzb"))
+ "1p81wwvr5jb81m41d07kfywk5gvbk0axdrnvhc2aghcdbr4alqz7"))
(patches (search-patches
"perl-file-path-CVE-2017-6512.patch"
"perl-no-sys-dirs.patch"
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 4b080a8341..de9b321fb7 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -6246,14 +6246,15 @@ implementation of D-Bus.")
(define-public python-apsw
(package
(name "python-apsw")
- (version "3.9.2-r1")
+ (version "3.20.1-r1")
(source
(origin
(method url-fetch)
- (uri (pypi-uri "apsw" version))
+ (uri (string-append "https://github.com/rogerbinns/apsw/archive/"
+ version ".tar.gz"))
(sha256
(base32
- "0w4jb0wpx785qw42r3h4fh7gl5w2968q48i7gygybsfxck8nzffs"))))
+ "00ai7m2pqi26qaflhz314d8k5i3syw7xzr145fhfl0crhyh6adz2"))))
(build-system python-build-system)
(inputs
`(("sqlite" ,sqlite)))
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index caab8fac4b..5a7548df68 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -7,6 +7,7 @@
;;; Copyright © 2015, 2016, 2017 Ben Woodcroft <donttrustben@gmail.com>
;;; Copyright © 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
diff --git a/gnu/packages/texinfo.scm b/gnu/packages/texinfo.scm
index 8c33023bd0..c7f2f4840f 100644
--- a/gnu/packages/texinfo.scm
+++ b/gnu/packages/texinfo.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2012, 2013, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -30,19 +31,17 @@
#:use-module (gnu packages ncurses))
(define-public texinfo
- ;; TODO: Merge with 'texinfo-latest' on the next core-updates.
(package
(name "texinfo")
- (version "6.3")
+ (version "6.5")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/texinfo/texinfo-"
version ".tar.xz"))
(sha256
(base32
- "0fpr9kdjjl6nj2pc50k2zr7134hvqz8bi8pfqa7131a9lpzz6v14"))))
+ "0qjzvbvnv9003xdrcpi3jp7y68j4hq2ciw9frh2hghh698zlnxvp"))))
(build-system gnu-build-system)
- (native-inputs `(("procps" ,procps))) ;one of the tests needs pgrep
(inputs `(("ncurses" ,ncurses)
("perl" ,perl)))
@@ -63,19 +62,6 @@ their source and the command-line Info reader. The emphasis of the language
is on expressing the content semantically, avoiding physical markup commands.")
(license gpl3+)))
-(define-public texinfo-latest
- ;; TODO: Turn this into 'texinfo' on the next core-updates cycle.
- (package (inherit texinfo)
- (version "6.5")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/texinfo/texinfo-"
- version ".tar.xz"))
- (sha256
- (base32
- "0qjzvbvnv9003xdrcpi3jp7y68j4hq2ciw9frh2hghh698zlnxvp"))))
- (native-inputs '())))
-
(define-public texinfo-5
(package (inherit texinfo)
(version "5.2")
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 075ea7a1c2..fe4c908c32 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -56,7 +56,6 @@
(package
(name "libtasn1")
(version "4.12")
- (replacement libtasn1/fixed)
(source
(origin
(method url-fetch)
@@ -64,7 +63,8 @@
version ".tar.gz"))
(sha256
(base32
- "0ls7jdq3y5fnrwg0pzhq11m21r8pshac2705bczz6mqjc8pdllv7"))))
+ "0ls7jdq3y5fnrwg0pzhq11m21r8pshac2705bczz6mqjc8pdllv7"))
+ (patches (search-patches "libtasn1-CVE-2017-10790.patch"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(home-page "https://www.gnu.org/software/libtasn1/")
@@ -76,13 +76,6 @@ networking, allowing for formal validation of data according to some
specifications.")
(license license:lgpl2.0+)))
-(define libtasn1/fixed
- (package
- (inherit libtasn1)
- (source (origin
- (inherit (package-source libtasn1))
- (patches (search-patches "libtasn1-CVE-2017-10790.patch"))))))
-
(define-public asn1c
(package
(name "asn1c")
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 163743c07d..13eb608144 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -5,7 +5,7 @@
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016, 2017 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2015 Raimon Grau <raimonster@gmail.com>
;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org>
;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
@@ -57,15 +57,14 @@
(define-public expat
(package
(name "expat")
- (version "2.2.1")
- (replacement expat-2.2.2)
+ (version "2.2.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/expat/expat/"
version "/expat-" version ".tar.bz2"))
(sha256
(base32
- "11c8jy1wvllvlk7xdc5cm8hdhg0hvs8j0aqy6s702an8wkdcls0q"))))
+ "0ik0r39ala9c6hj4kxrk933klgwkzlkbrfhvhaykx8l1rwgr2xj3"))))
(build-system gnu-build-system)
(home-page "http://www.libexpat.org/")
(synopsis "Stream-oriented XML parser library written in C")
@@ -75,18 +74,6 @@ stream-oriented parser in which an application registers handlers for
things the parser might find in the XML document (like start tags).")
(license license:expat)))
-(define expat-2.2.2 ; Fixes CVE-2017-9233, CVE-2016-9063 and other issues.
- (package
- (inherit expat)
- (version "2.2.2")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://sourceforge/expat/expat/"
- version "/expat-" version ".tar.bz2"))
- (sha256
- (base32
- "0ik0r39ala9c6hj4kxrk933klgwkzlkbrfhvhaykx8l1rwgr2xj3"))))))
-
(define-public libebml
(package
(name "libebml")
@@ -111,17 +98,14 @@ hierarchical form with variable field lengths.")
(define-public libxml2
(package
(name "libxml2")
- (version "2.9.4")
- (replacement libxml2/fixed)
+ (version "2.9.6")
(source (origin
(method url-fetch)
(uri (string-append "ftp://xmlsoft.org/libxml2/libxml2-"
version ".tar.gz"))
- (patches (search-patches "libxml2-CVE-2016-4658.patch"
- "libxml2-CVE-2016-5131.patch"))
(sha256
(base32
- "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz"))))
+ "1g7byn6y0yw17rl74gs89xnxrpwj424938rf8qfqh3i4lz63i44b"))))
(build-system gnu-build-system)
(home-page "http://www.xmlsoft.org/")
(synopsis "C parser for XML")
@@ -141,20 +125,6 @@ hierarchical form with variable field lengths.")
project (but it is usable outside of the Gnome platform).")
(license license:x11)))
-(define libxml2/fixed
- (package
- (inherit libxml2)
- (source
- (origin
- (inherit (package-source libxml2))
- (patches
- (append (origin-patches (package-source libxml2))
- (search-patches "libxml2-CVE-2017-0663.patch"
- "libxml2-CVE-2017-7375.patch"
- "libxml2-CVE-2017-7376.patch"
- "libxml2-CVE-2017-9047+CVE-2017-9048.patch"
- "libxml2-CVE-2017-9049+CVE-2017-9050.patch")))))))
-
(define-public python-libxml2
(package (inherit libxml2)
(name "python-libxml2")
@@ -187,15 +157,14 @@ project (but it is usable outside of the Gnome platform).")
(define-public libxslt
(package
(name "libxslt")
- (version "1.1.29")
+ (version "1.1.31")
(source (origin
(method url-fetch)
(uri (string-append "ftp://xmlsoft.org/libxslt/libxslt-"
version ".tar.gz"))
- (patches (search-patches "libxslt-CVE-2016-4738.patch"))
(sha256
(base32
- "1klh81xbm9ppzgqk339097i39b7fnpmlj8lzn8bpczl3aww6x5xm"))
+ "1azk48vf91nfajhm7k9cz3zrvh0aaq85ph37gqkl84c0ddmyj9fv"))
(patches (search-patches "libxslt-generated-ids.patch"))))
(build-system gnu-build-system)
(home-page "http://xmlsoft.org/XSLT/index.html")
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 4caa3d9ff7..1a2bf80004 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -3818,7 +3818,7 @@ extension to the X11 protocol. It includes:
(define-public xkeyboard-config
(package
(name "xkeyboard-config")
- (version "2.21")
+ (version "2.22")
(source
(origin
(method url-fetch)
@@ -3828,7 +3828,7 @@ extension to the X11 protocol. It includes:
".tar.bz2"))
(sha256
(base32
- "1iffxpchy6dfgbby23nfsqqk17h9lfddlmjnhwagqag1z94p1h9h"))))
+ "1garmbyfjp0han04l2l90zzwlfbdgdxl6r1qnic36i5wkycckbny"))))
(build-system gnu-build-system)
(inputs
`(("gettext" ,gettext-minimal)
@@ -4892,24 +4892,16 @@ new API's in libXft, or the legacy API's in libX11.")
(package
(inherit libxfont)
(version "2.0.1")
- (replacement libxfont2/fixed)
(source (origin
(method url-fetch)
(uri (string-append "mirror://xorg/individual/lib/libXfont2-"
version ".tar.bz2"))
+ (patches (search-patches "libxfont-CVE-2017-13720.patch"
+ "libxfont-CVE-2017-13722.patch"))
(sha256
(base32
"0znvwk36nhmyqpmhbm9mzisgixp1mp5qkfald8x1n5yxbm3vpyz9"))))))
-(define libxfont2/fixed
- (package
- (inherit libxfont2)
- (source
- (origin
- (inherit (package-source libxfont2))
- (patches (search-patches "libxfont-CVE-2017-13720.patch"
- "libxfont-CVE-2017-13722.patch"))))))
-
(define-public libxi
(package
(name "libxi")
diff --git a/guix/build/utils.scm b/guix/build/utils.scm
index 7391307c87..d7ed3d5177 100644
--- a/guix/build/utils.scm
+++ b/guix/build/utils.scm
@@ -29,6 +29,7 @@
#:use-module (ice-9 regex)
#:use-module (ice-9 rdelim)
#:use-module (ice-9 format)
+ #:use-module (ice-9 threads)
#:use-module (rnrs bytevectors)
#:use-module (rnrs io ports)
#:re-export (alist-cons
diff --git a/guix/download.scm b/guix/download.scm
index 074322b24f..449521c199 100644
--- a/guix/download.scm
+++ b/guix/download.scm
@@ -412,89 +412,6 @@ download by itself using its own dependencies."
;; for that built-in is widespread.
#:local-build? #t)))
-(define* (in-band-download file-name url
- #:key system hash-algo hash
- mirrors content-addressed-mirrors
- guile)
- "Download FILE-NAME from URL using a normal, \"in-band\" fixed-output
-derivation.
-
-This is now deprecated since it has the drawback of causing bootstrapping
-issues: we may need to build GnuTLS just to be able to download the source of
-GnuTLS itself and its dependencies. See <http://bugs.gnu.org/22774>."
- (define need-gnutls?
- ;; True if any of the URLs need TLS support.
- (let ((https? (cut string-prefix? "https://" <>)))
- (match url
- ((? string?)
- (https? url))
- ((url ...)
- (any https? url)))))
-
- (define builder
- (with-imported-modules '((guix build download)
- (guix build utils)
- (guix ftp-client)
- (guix base32)
- (guix base64))
- #~(begin
- #+(if need-gnutls?
-
- ;; Add GnuTLS to the inputs and to the load path.
- #~(eval-when (load expand eval)
- (set! %load-path
- (cons (string-append #+(gnutls-package)
- "/share/guile/site/"
- (effective-version))
- %load-path)))
- #~#t)
-
- (use-modules (guix build download)
- (guix base32))
-
- (let ((value-from-environment (lambda (variable)
- (call-with-input-string
- (getenv variable)
- read))))
- (url-fetch (value-from-environment "guix download url")
- #$output
- #:mirrors (call-with-input-file #$mirrors read)
-
- ;; Content-addressed mirrors.
- #:hashes
- (value-from-environment "guix download hashes")
- #:content-addressed-mirrors
- (primitive-load #$content-addressed-mirrors)
-
- ;; No need to validate certificates since we know the
- ;; hash of the expected result.
- #:verify-certificate? #f)))))
-
- (mlet %store-monad ((guile (package->derivation guile system)))
- (gexp->derivation file-name builder
- #:guile-for-build guile
- #:system system
- #:hash-algo hash-algo
- #:hash hash
-
- ;; Use environment variables and a fixed script
- ;; name so there's only one script in store for
- ;; all the downloads.
- #:script-name "download"
- #:env-vars
- `(("guix download url" . ,(object->string url))
- ("guix download hashes"
- . ,(object->string `((,hash-algo . ,hash)))))
-
- ;; Honor the user's proxy settings.
- #:leaked-env-vars '("http_proxy" "https_proxy")
-
- ;; In general, offloading downloads is not a good
- ;; idea. Daemons before 0.8.3 would also
- ;; interpret this as "do not substitute" (see
- ;; <https://bugs.gnu.org/18747>.)
- #:local-build? #t)))
-
(define* (url-fetch url hash-algo hash
#:optional name
#:key (system (%current-system))
@@ -521,18 +438,21 @@ in the store."
(and uri (memq (uri-scheme uri) '(#f file))))
(interned-file (if uri (uri-path uri) url)
(or name file-name))
- (mlet* %store-monad ((builtins (built-in-builders*))
- (download -> (if (member "download" builtins)
- built-in-download
- in-band-download)))
- (download (or name file-name) url
- #:guile guile
- #:system system
- #:hash-algo hash-algo
- #:hash hash
- #:mirrors %mirror-file
- #:content-addressed-mirrors
- %content-addressed-mirror-file)))))
+ (mlet %store-monad ((builtins (built-in-builders*)))
+ ;; The "download" built-in builder was added in guix-daemon in
+ ;; Nov. 2016 and made it in the 0.12.0 release of Dec. 2016. We now
+ ;; require it.
+ (unless (member "download" builtins)
+ (error "'guix-daemon' is too old, please upgrade" builtins))
+
+ (built-in-download (or name file-name) url
+ #:guile guile
+ #:system system
+ #:hash-algo hash-algo
+ #:hash hash
+ #:mirrors %mirror-file
+ #:content-addressed-mirrors
+ %content-addressed-mirror-file)))))
(define* (url-fetch/tarbomb url hash-algo hash
#:optional name