aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu-system.am45
-rw-r--r--gnu/packages/attr.scm67
-rw-r--r--gnu/packages/autotools.scm6
-rw-r--r--gnu/packages/backup.scm3
-rw-r--r--gnu/packages/base.scm34
-rw-r--r--gnu/packages/bash.scm33
-rw-r--r--gnu/packages/bdw-gc.scm15
-rw-r--r--gnu/packages/cmake.scm2
-rw-r--r--gnu/packages/commencement.scm155
-rw-r--r--gnu/packages/compression.scm10
-rw-r--r--gnu/packages/cross-base.scm6
-rw-r--r--gnu/packages/databases.scm17
-rw-r--r--gnu/packages/doxygen.scm29
-rw-r--r--gnu/packages/emacs.scm3
-rw-r--r--gnu/packages/file.scm4
-rw-r--r--gnu/packages/flex.scm6
-rw-r--r--gnu/packages/gawk.scm6
-rw-r--r--gnu/packages/gcc.scm63
-rw-r--r--gnu/packages/gettext.scm66
-rw-r--r--gnu/packages/glib.scm4
-rw-r--r--gnu/packages/gnome.scm8
-rw-r--r--gnu/packages/gnupg.scm8
-rw-r--r--gnu/packages/gnuzilla.scm38
-rw-r--r--gnu/packages/guile.scm3
-rw-r--r--gnu/packages/haskell.scm6
-rw-r--r--gnu/packages/image.scm10
-rw-r--r--gnu/packages/language.scm7
-rw-r--r--gnu/packages/ld-wrapper.in66
-rw-r--r--gnu/packages/libffi.scm7
-rw-r--r--gnu/packages/linux.scm73
-rw-r--r--gnu/packages/mail.scm1
-rw-r--r--gnu/packages/multiprecision.scm28
-rw-r--r--gnu/packages/ncurses.scm38
-rw-r--r--gnu/packages/package-management.scm2
-rw-r--r--gnu/packages/patches/automake-regexp-syntax.patch34
-rw-r--r--gnu/packages/patches/doxygen-test.patch4
-rw-r--r--gnu/packages/patches/doxygen-tmake.patch24
-rw-r--r--gnu/packages/patches/emacs-source-date-epoch.patch20
-rw-r--r--gnu/packages/patches/findutils-absolute-paths.patch29
-rw-r--r--gnu/packages/patches/findutils-test-xargs.patch22
-rw-r--r--gnu/packages/patches/flex-bison-tests.patch24
-rw-r--r--gnu/packages/patches/gawk-fts-test.patch51
-rw-r--r--gnu/packages/patches/gnutls-doc-fix.patch546
-rw-r--r--gnu/packages/patches/grep-CVE-2015-1345.patch17
-rw-r--r--gnu/packages/patches/grep-timing-sensitive-test.patch15
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch34
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch33
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch308
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch47
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch51
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch170
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch56
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch48
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch189
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch33
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch183
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch91
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch34
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch83
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch35
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-1935.patch77
-rw-r--r--gnu/packages/patches/icecat-bug-1146335-pt1.patch141
-rw-r--r--gnu/packages/patches/icecat-bug-1146335-pt2.patch43
-rw-r--r--gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch73
-rw-r--r--gnu/packages/patches/libarchive-bsdtar-test.patch74
-rw-r--r--gnu/packages/patches/librsvg-tests.patch27
-rw-r--r--gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch107
-rw-r--r--gnu/packages/patches/libtiff-oob-accesses-in-decode.patch171
-rw-r--r--gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch49
-rw-r--r--gnu/packages/patches/perl-CVE-2015-8607.patch68
-rw-r--r--gnu/packages/patches/perl-deterministic-ordering.patch29
-rwxr-xr-x[-rw-r--r--]gnu/packages/patches/perl-module-pluggable-search.patch16
-rw-r--r--gnu/packages/patches/perl-no-build-time.patch26
-rw-r--r--gnu/packages/patches/perl-no-sys-dirs.patch152
-rw-r--r--gnu/packages/patches/perl-source-date-epoch.patch19
-rw-r--r--gnu/packages/patches/procps-make-3.82.patch14
-rw-r--r--gnu/packages/patches/python-2.7-search-paths.patch6
-rw-r--r--gnu/packages/patches/python-3-search-paths.patch6
-rw-r--r--gnu/packages/pcre.scm2
-rw-r--r--gnu/packages/perl.scm120
-rw-r--r--gnu/packages/pkg-config.scm6
-rw-r--r--gnu/packages/plotutils.scm4
-rw-r--r--gnu/packages/pulseaudio.scm11
-rw-r--r--gnu/packages/python.scm4
-rw-r--r--gnu/packages/qt.scm7
-rw-r--r--gnu/packages/ruby.scm176
-rw-r--r--gnu/packages/scheme.scm3
-rw-r--r--gnu/packages/texinfo.scm8
-rw-r--r--gnu/packages/tls.scm24
-rw-r--r--gnu/packages/video.scm2
-rw-r--r--gnu/packages/web.scm56
-rw-r--r--gnu/packages/webkit.scm14
-rw-r--r--guix/build-system/gnu.scm8
-rw-r--r--guix/build/gnu-build-system.scm16
-rw-r--r--guix/build/haskell-build-system.scm99
-rw-r--r--guix/build/python-build-system.scm9
-rw-r--r--guix/build/ruby-build-system.scm13
-rw-r--r--guix/build/utils.scm9
-rw-r--r--guix/search-paths.scm6
-rw-r--r--tests/graph.scm2
100 files changed, 3522 insertions, 1225 deletions
diff --git a/gnu-system.am b/gnu-system.am
index ad59241d2c..ac386355df 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -1,5 +1,5 @@
# GNU Guix --- Functional package management for GNU
-# Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+# Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
# Copyright © 2013, 2014, 2015, 2016 Andreas Enge <andreas@enge.fr>
# Copyright © 2013, 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
#
@@ -415,6 +415,7 @@ dist_patch_DATA = \
gnu/packages/patches/ath9k-htc-firmware-objcopy.patch \
gnu/packages/patches/audacity-fix-ffmpeg-binding.patch \
gnu/packages/patches/automake-skip-amhello-tests.patch \
+ gnu/packages/patches/automake-regexp-syntax.patch \
gnu/packages/patches/avahi-localstatedir.patch \
gnu/packages/patches/avidemux-install-to-lib.patch \
gnu/packages/patches/avrdude-fix-libusb.patch \
@@ -447,11 +448,11 @@ dist_patch_DATA = \
gnu/packages/patches/diffutils-gets-undeclared.patch \
gnu/packages/patches/dfu-programmer-fix-libusb.patch \
gnu/packages/patches/doxygen-test.patch \
- gnu/packages/patches/doxygen-tmake.patch \
gnu/packages/patches/duplicity-piped-password.patch \
gnu/packages/patches/duplicity-test_selection-tmp.patch \
gnu/packages/patches/elfutils-tests-ptrace.patch \
gnu/packages/patches/emacs-exec-path.patch \
+ gnu/packages/patches/emacs-source-date-epoch.patch \
gnu/packages/patches/eudev-rules-directory.patch \
gnu/packages/patches/evilwm-lost-focus-bug.patch \
gnu/packages/patches/expat-CVE-2015-1283.patch \
@@ -462,13 +463,13 @@ dist_patch_DATA = \
gnu/packages/patches/fasthenry-spUtils.patch \
gnu/packages/patches/fasthenry-spSolve.patch \
gnu/packages/patches/fasthenry-spFactor.patch \
- gnu/packages/patches/findutils-absolute-paths.patch \
gnu/packages/patches/findutils-localstatedir.patch \
+ gnu/packages/patches/findutils-test-xargs.patch \
gnu/packages/patches/flashrom-use-libftdi1.patch \
- gnu/packages/patches/flex-bison-tests.patch \
gnu/packages/patches/flint-ldconfig.patch \
gnu/packages/patches/fltk-shared-lib-defines.patch \
gnu/packages/patches/freeimage-CVE-2015-0852.patch \
+ gnu/packages/patches/gawk-fts-test.patch \
gnu/packages/patches/gawk-shell.patch \
gnu/packages/patches/gcc-arm-link-spec-fix.patch \
gnu/packages/patches/gcc-cross-environment-variables.patch \
@@ -485,6 +486,7 @@ dist_patch_DATA = \
gnu/packages/patches/glib-tests-timer.patch \
gnu/packages/patches/glib-tests-gapplication.patch \
gnu/packages/patches/glibc-bootstrap-system.patch \
+ gnu/packages/patches/glibc-hurd-extern-inline.patch \
gnu/packages/patches/glibc-ldd-x86_64.patch \
gnu/packages/patches/glibc-locales.patch \
gnu/packages/patches/glibc-locale-incompatibility.patch \
@@ -493,11 +495,10 @@ dist_patch_DATA = \
gnu/packages/patches/gmp-arm-asm-nothumb.patch \
gnu/packages/patches/gmp-faulty-test.patch \
gnu/packages/patches/gnucash-price-quotes-perl.patch \
- gnu/packages/patches/gnutls-doc-fix.patch \
gnu/packages/patches/gobject-introspection-absolute-shlib-path.patch \
gnu/packages/patches/gobject-introspection-cc.patch \
gnu/packages/patches/gobject-introspection-girepository.patch \
- gnu/packages/patches/grep-CVE-2015-1345.patch \
+ gnu/packages/patches/grep-timing-sensitive-test.patch \
gnu/packages/patches/grub-CVE-2015-8370.patch \
gnu/packages/patches/grub-gets-undeclared.patch \
gnu/packages/patches/grub-freetype.patch \
@@ -515,7 +516,26 @@ dist_patch_DATA = \
gnu/packages/patches/hop-linker-flags.patch \
gnu/packages/patches/hydra-automake-1.15.patch \
gnu/packages/patches/hydra-disable-darcs-test.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch \
+ gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch \
+ gnu/packages/patches/icecat-CVE-2016-1935.patch \
gnu/packages/patches/icecat-avoid-bundled-includes.patch \
+ gnu/packages/patches/icecat-bug-1146335-pt1.patch \
+ gnu/packages/patches/icecat-bug-1146335-pt2.patch \
+ gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch \
gnu/packages/patches/icu4c-CVE-2014-6585.patch \
gnu/packages/patches/icu4c-CVE-2015-1270.patch \
gnu/packages/patches/icu4c-CVE-2015-4760.patch \
@@ -530,6 +550,7 @@ dist_patch_DATA = \
gnu/packages/patches/liba52-link-with-libm.patch \
gnu/packages/patches/liba52-set-soname.patch \
gnu/packages/patches/liba52-use-mtune-not-mcpu.patch \
+ gnu/packages/patches/libarchive-bsdtar-test.patch \
gnu/packages/patches/libarchive-CVE-2013-0211.patch \
gnu/packages/patches/libarchive-fix-lzo-test-case.patch \
gnu/packages/patches/libarchive-mtree-filename-length-fix.patch \
@@ -545,8 +566,10 @@ dist_patch_DATA = \
gnu/packages/patches/libmad-armv7-thumb-pt2.patch \
gnu/packages/patches/libmad-frame-length.patch \
gnu/packages/patches/libmad-mips-newgcc.patch \
- gnu/packages/patches/librsvg-tests.patch \
gnu/packages/patches/libtheora-config-guess.patch \
+ gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \
+ gnu/packages/patches/libtiff-oob-accesses-in-decode.patch \
+ gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch \
gnu/packages/patches/libtool-skip-tests2.patch \
gnu/packages/patches/libsndfile-CVE-2014-9496.patch \
gnu/packages/patches/libsndfile-CVE-2015-7805.patch \
@@ -619,20 +642,24 @@ dist_patch_DATA = \
gnu/packages/patches/patchelf-rework-for-arm.patch \
gnu/packages/patches/patchutils-xfail-gendiff-tests.patch \
gnu/packages/patches/patch-hurd-path-max.patch \
+ gnu/packages/patches/perl-CVE-2015-8607.patch \
gnu/packages/patches/perl-autosplit-default-time.patch \
+ gnu/packages/patches/perl-deterministic-ordering.patch \
gnu/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \
gnu/packages/patches/perl-gd-options-passthrough-and-fontconfig.patch \
- gnu/packages/patches/perl-module-pluggable-search.patch \
gnu/packages/patches/perl-net-amazon-s3-moose-warning.patch \
gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch \
+ gnu/packages/patches/perl-no-build-time.patch \
gnu/packages/patches/perl-no-sys-dirs.patch \
+ gnu/packages/patches/perl-module-pluggable-search.patch \
+ gnu/packages/patches/perl-source-date-epoch.patch \
gnu/packages/patches/perl-tk-x11-discover.patch \
gnu/packages/patches/pidgin-add-search-path.patch \
gnu/packages/patches/pingus-sdl-libs-config.patch \
+ gnu/packages/patches/plink-1.07-unclobber-i.patch \
gnu/packages/patches/plotutils-libpng-jmpbuf.patch \
gnu/packages/patches/polkit-drop-test.patch \
gnu/packages/patches/portaudio-audacity-compat.patch \
- gnu/packages/patches/procps-make-3.82.patch \
gnu/packages/patches/pt-scotch-build-parallelism.patch \
gnu/packages/patches/pulseaudio-fix-mult-test.patch \
gnu/packages/patches/pulseaudio-longer-test-timeout.patch \
diff --git a/gnu/packages/attr.scm b/gnu/packages/attr.scm
index f4f6c46642..53766af06f 100644
--- a/gnu/packages/attr.scm
+++ b/gnu/packages/attr.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>
-;;; Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -28,46 +28,41 @@
(define-public attr
(package
(name "attr")
- (version "2.4.46")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "mirror://savannah/attr/attr-"
- version ".src.tar.gz"))
- (sha256
- (base32
- "07qf6kb2zk512az481bbnsk9jycn477xpva1a726n5pzlzf9pmnw"))))
+ (version "2.4.47")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://savannah/attr/attr-"
+ version ".src.tar.gz"))
+ (sha256
+ (base32
+ "0nd8y0m6awc9ahv0ciiwf8gy54c8d3j51pw9xg7f7cn579jjyxr5"))))
(build-system gnu-build-system)
(arguments
`(#:phases
- (alist-cons-after
- 'configure 'patch-makefile-SHELL
- (lambda _
- (patch-makefile-SHELL "include/buildmacros"))
- (alist-replace
- 'install
- (lambda _
- (zero? (system* "make"
- "install"
- "install-lib"
- "install-dev")))
+ (modify-phases %standard-phases
+ (add-after 'configure 'patch-makefile-SHELL
+ (lambda _
+ (patch-makefile-SHELL "include/buildmacros")))
+ (replace 'install
+ (lambda _
+ (zero? (system* "make"
+ "install"
+ "install-lib"
+ "install-dev"))))
+ (replace 'check
+ (lambda* (#:key target #:allow-other-keys)
+ ;; Use the right shell.
+ (substitute* "test/run"
+ (("/bin/sh")
+ (which "bash")))
- ;; When building natively, adjust the test cases.
- ,(if (%current-target-system)
- '%standard-phases
- '(alist-replace 'check
- (lambda _
- ;; Use the right shell.
- (substitute* "test/run"
- (("/bin/sh")
- (which "bash")))
+ ;; When building natively, run the tests.
+ (unless target
+ (system* "make" "tests" "-C" "test"))
- (system* "make" "tests" "-C" "test")
-
- ;; XXX: Ignore the test result since this is
- ;; dependent on the underlying file system.
- #t)
- %standard-phases))))))
+ ;; XXX: Ignore the test result since this is
+ ;; dependent on the underlying file system.
+ #t)))))
(inputs
;; Perl is needed to run tests; remove it from cross builds.
(if (%current-target-system)
diff --git a/gnu/packages/autotools.scm b/gnu/packages/autotools.scm
index 0d9a5b5873..598624ccdc 100644
--- a/gnu/packages/autotools.scm
+++ b/gnu/packages/autotools.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>
-;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
;;; Copyright © 2014 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
@@ -195,7 +195,9 @@ output is indexed in many ways to simplify browsing.")
(base32
"0dl6vfi2lzz8alnklwxzfz624b95hb1ipjvd3mk177flmddcf24r"))
(patches
- (list (search-patch "automake-skip-amhello-tests.patch")))))
+ (map search-patch
+ '("automake-regexp-syntax.patch"
+ "automake-skip-amhello-tests.patch")))))
(build-system gnu-build-system)
(native-inputs
`(("autoconf" ,(autoconf-wrapper))
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 40cfc4ee14..aa8ccbce69 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -148,7 +148,8 @@ backups (called chunks) to allow easy burning to CD/DVD.")
(patches
(list (search-patch "libarchive-mtree-filename-length-fix.patch")
(search-patch "libarchive-fix-lzo-test-case.patch")
- (search-patch "libarchive-CVE-2013-0211.patch")))))
+ (search-patch "libarchive-CVE-2013-0211.patch")
+ (search-patch "libarchive-bsdtar-test.patch")))))
(build-system gnu-build-system)
;; TODO: Add -L/path/to/nettle in libarchive.pc.
(inputs
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 61eeba3cee..f8ea80b5e7 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -1,10 +1,11 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014 Alex Kost <alezost@gmail.com>
;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -73,16 +74,18 @@ command-line arguments, multiple languages, and so on.")
(define-public grep
(package
(name "grep")
- (version "2.21")
+ (version "2.22")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/grep/grep-"
version ".tar.xz"))
(sha256
(base32
- "1pp5n15qwxrw1pibwjhhgsibyv5cafhamf8lwzjygs6y00fa2i2j"))
- (patches (list (search-patch "grep-CVE-2015-1345.patch")))))
+ "1srn321x7whlhs5ks36zlcrrmj4iahll8fxwsh1vbz3v04px54fa"))
+ (patches
+ (list (search-patch "grep-timing-sensitive-test.patch")))))
(build-system gnu-build-system)
+ (native-inputs `(("perl" ,perl))) ;some of the tests require it
(synopsis "Print lines matching a pattern")
(description
"grep is a tool for finding text inside files. Text is found by
@@ -206,17 +209,17 @@ interactive means to merge two files.")
(define-public findutils
(package
(name "findutils")
- (version "4.4.2")
+ (version "4.6.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/findutils/findutils-"
version ".tar.gz"))
(sha256
(base32
- "0amn0bbwqvsvvsh6drfwz20ydc2czk374lzw5kksbh6bf78k4ks3"))
+ "178nn4dl7wbcw499czikirnkniwnx36argdnqgz4ik9i6zvwkm6y"))
(patches (map search-patch
- '("findutils-absolute-paths.patch"
- "findutils-localstatedir.patch")))))
+ '("findutils-localstatedir.patch"
+ "findutils-test-xargs.patch")))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags (list
@@ -595,6 +598,15 @@ store.")
(string-append "#define _PATH_BSHELL \""
bash "/bin/bash\"\n")))
+ ;; Nscd uses __DATE__ and __TIME__ to create a string to
+ ;; make sure the client and server come from the same
+ ;; libc. Use something deterministic instead.
+ (substitute* "nscd/nscd_stat.c"
+ (("static const char compilation\\[21\\] =.*$")
+ (string-append
+ "static const char compilation[21] = \""
+ (string-take (basename out) 20) "\";\n")))
+
;; Make sure we don't retain a reference to the
;; bootstrap Perl.
(substitute* "malloc/mtrace.pl"
@@ -862,7 +874,7 @@ command.")
(define-public tzdata
(package
(name "tzdata")
- (version "2015c")
+ (version "2015g")
(source (origin
(method url-fetch)
(uri (string-append
@@ -870,7 +882,7 @@ command.")
version ".tar.gz"))
(sha256
(base32
- "0nin48g5dmkfgckp25bngxchn3sw3yyjss5sq7gs5xspbxgsq3w6"))))
+ "0qb1awqrn3215zd2jikpqnmkzrxwfjf0d3dw2xmnk4c40yzws8xr"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f
@@ -917,7 +929,7 @@ command.")
version ".tar.gz"))
(sha256
(base32
- "0bplibiy70dvlrhwqzkzxgmg81j6d2kklvjgi2f1g2zz1nkb3vkz"))))))
+ "1i3y1kzjiz2j62c7vd4wf85983sqk9x9lg3473njvbdz4kph5r0q"))))))
(home-page "http://www.iana.org/time-zones")
(synopsis "Database of current and historical time zones")
(description "The Time Zone Database (often called tz or zoneinfo)
diff --git a/gnu/packages/bash.scm b/gnu/packages/bash.scm
index bdb5a760f7..15909c7e88 100644
--- a/gnu/packages/bash.scm
+++ b/gnu/packages/bash.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -92,7 +93,11 @@
(36 "0z6jbyy70lfdm6d3x0sbazbqdxb3xnpn9bmz7madpvrnbd284pxc")
(37 "04sqr8zkl6s5fccfvb775ppn3ldij5imria9swc39aq0fkfp1w9k")
(38 "0rv3g14mpgv8br267bf7rmgqlgwnc4v6g3g8y0sjba571i8amgmd")
- (39 "1v3l3vkc3g2b6fjycqwlakr8xhiw6bmw6q0zd6bi0m0m4bnxr55b")))
+ (39 "1v3l3vkc3g2b6fjycqwlakr8xhiw6bmw6q0zd6bi0m0m4bnxr55b")
+ (40 "0sypv66vsldmc95gwvf7ylz1k7y37vnvdsjg8ajjr6b2j9mkkfw4")
+ (41 "06ic2gdpbi1afik3wqf9d4vh95if4bz8bmhcgr555621dsb35i2f")
+ (42 "06a90k0p6bqc4wk2dsmapna69124an76xvlnlj3xm497vci968dc")))
+
(define (download-patches store count)
"Download COUNT Bash patches into store. Return a list of
number/base32-hash tuples, directly usable in the 'patch-series' form."
@@ -143,17 +148,18 @@ number/base32-hash tuples, directly usable in the 'patch-series' form."
;; guile-bash expect.
(let ((include (string-append (assoc-ref outputs "include")
"/include/bash"))
+ (includes "^\\./include/[^/]+\\.h$")
(headers "^\\./(builtins/|lib/glob/|lib/tilde/|)[^/]+\\.h$"))
(mkdir-p include)
(for-each (lambda (file)
- (when ((@ (ice-9 regex) string-match) headers file)
- (let ((directory (string-append include "/"
- (dirname file))))
- (mkdir-p directory)
- (copy-file file
- (string-append directory "/"
- (basename file))))))
+ (when (string-match includes file)
+ (install-file file include))
+ (when (string-match headers file)
+ (install-file file
+ (string-append include "/"
+ (dirname file)))))
(find-files "." "\\.h$"))
+ (delete-file (string-append include "/" "y.tab.h"))
#t)))
(version "4.3"))
(package
@@ -177,8 +183,9 @@ number/base32-hash tuples, directly usable in the 'patch-series' form."
(build-system gnu-build-system)
(outputs '("out"
- "include")) ;headers used by extensions
- (native-inputs `(("bison" ,bison))) ;to rebuild the parser
+ "doc" ;1.7 MiB of HTML and extra files
+ "include")) ;headers used by extensions
+ (native-inputs `(("bison" ,bison))) ;to rebuild the parser
(inputs `(("readline" ,readline)
("ncurses" ,ncurses))) ;TODO: add texinfo
(arguments
@@ -199,10 +206,14 @@ number/base32-hash tuples, directly usable in the 'patch-series' form."
;; for now.
#:tests? #f
+ #:modules ((ice-9 regex)
+ (guix build utils)
+ (guix build gnu-build-system))
+
#:phases (modify-phases %standard-phases
(add-after 'install 'post-install ,post-install-phase)
(add-after 'install 'install-headers
- ,install-headers-phase))))
+ ,install-headers-phase))))
(synopsis "The GNU Bourne-Again SHell")
(description
"Bash is the shell, or command-line interpreter, of the GNU system. It
diff --git a/gnu/packages/bdw-gc.scm b/gnu/packages/bdw-gc.scm
index f4bbc64569..992a11bac0 100644
--- a/gnu/packages/bdw-gc.scm
+++ b/gnu/packages/bdw-gc.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
@@ -39,7 +39,9 @@
(arguments
;; Make it so that we don't rely on /proc. This is especially useful in
;; an initrd run before /proc is mounted.
- '(#:configure-flags '("CPPFLAGS=-DUSE_LIBC_PRIVATES")))
+ '(#:configure-flags '("CPPFLAGS=-DUSE_LIBC_PRIVATES"
+ ;; Install gc_cpp.h et al.
+ "--enable-cplusplus")))
(outputs '("out" "debug"))
(synopsis "The Boehm-Demers-Weiser conservative garbage collector
for C and C++")
@@ -103,11 +105,4 @@ lock-free code, experiment with thread programming paradigms, etc.")
(inputs `(("libatomic-ops" ,libatomic-ops)))
;; 'USE_LIBC_PRIVATES' is now the default.
- (arguments '())))
-
-;;; TODO: Remove this package once libgc is updated from core-updates.
-(define-public libgc-for-c++
- (package (inherit libgc)
- (name "libgc-cxx")
- (arguments
- '(#:configure-flags '("--enable-cplusplus"))))) ;install gc_cpp.h et al.
+ (arguments '(#:configure-flags '("--enable-cplusplus")))))
diff --git a/gnu/packages/cmake.scm b/gnu/packages/cmake.scm
index 2efce6fd87..d75b9f62ef 100644
--- a/gnu/packages/cmake.scm
+++ b/gnu/packages/cmake.scm
@@ -77,7 +77,7 @@ archive_write_set_format_shar.c"
;; Help cmake's bootstrap process to find system libraries
(begin
(setenv "CMAKE_LIBRARY_PATH" (getenv "LIBRARY_PATH"))
- (setenv "CMAKE_INCLUDE_PATH" (getenv "CPATH"))
+ (setenv "CMAKE_INCLUDE_PATH" (getenv "C_INCLUDE_PATH"))
;; Get verbose output from failed tests
(setenv "CTEST_OUTPUT_ON_FAILURE" "TRUE")))
(alist-replace
diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index 73b27a290a..1928360e2e 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -92,12 +92,15 @@
,@%bootstrap-inputs)
#:guile %bootstrap-guile)))
(package (inherit p)
+ (name "diffutils-boot0")
(arguments `(#:tests? #f ; the test suite needs diffutils
,@(package-arguments p)))))))
(define findutils-boot0
(package-with-bootstrap-guile
- (package-with-explicit-inputs findutils
+ (package-with-explicit-inputs (package
+ (inherit findutils)
+ (name "findutils-boot0"))
`(("make" ,gnu-make-boot0)
("diffutils" ,diffutils-boot0) ; for tests
,@%bootstrap-inputs)
@@ -106,7 +109,9 @@
(define file-boot0
(package-with-bootstrap-guile
- (package-with-explicit-inputs file
+ (package-with-explicit-inputs (package
+ (inherit file)
+ (name "file-boot0"))
`(("make" ,gnu-make-boot0)
,@%bootstrap-inputs)
(current-source-location)
@@ -204,7 +209,8 @@
"--disable-libssp"
"--disable-libquadmath"
"--disable-decimal-float")
- (remove (cut string-match "--enable-languages.*" <>)
+ (remove (cut string-match
+ "--(with-system-zlib|enable-languages.*)" <>)
,flags)))
((#:phases phases)
`(alist-cons-after
@@ -230,7 +236,7 @@
(package-full-name lib)
char-set:letter)
,(package-name lib)))
- (list gmp mpfr mpc))))
+ (list gmp-6.0 mpfr mpc))))
(alist-cons-after
'install 'symlink-libgcc_eh
(lambda* (#:key outputs #:allow-other-keys)
@@ -244,7 +250,7 @@
(symlink "libgcc.a" "libgcc_eh.a"))))
,phases))))))
- (inputs `(("gmp-source" ,(package-source gmp))
+ (inputs `(("gmp-source" ,(package-source gmp-6.0))
("mpfr-source" ,(package-source mpfr))
("mpc-source" ,(package-source mpc))
("binutils-cross" ,binutils-boot0)
@@ -259,11 +265,25 @@
(package-native-inputs gcc))))))
(define perl-boot0
- (package-with-bootstrap-guile
- (package-with-explicit-inputs perl
- %boot0-inputs
- (current-source-location)
- #:guile %bootstrap-guile)))
+ (let ((perl (package
+ (inherit perl)
+ (name "perl-boot0")
+ (arguments
+ (substitute-keyword-arguments (package-arguments perl)
+ ((#:phases phases)
+ `(modify-phases ,phases
+ ;; Pthread support is missing in the bootstrap compiler
+ ;; (broken spec file), so disable it.
+ (add-before 'configure 'disable-pthreads
+ (lambda _
+ (substitute* "Configure"
+ (("^libswanted=(.*)pthread" _ before)
+ (string-append "libswanted=" before))))))))))))
+ (package-with-bootstrap-guile
+ (package-with-explicit-inputs perl
+ %boot0-inputs
+ (current-source-location)
+ #:guile %bootstrap-guile))))
(define (linux-libre-headers-boot0)
"Return Linux-Libre header files for the bootstrap environment."
@@ -285,7 +305,7 @@
;; Also, use %BOOT0-INPUTS to avoid building Perl once more.
(let ((texinfo (package (inherit texinfo)
(native-inputs '())
- (inputs (alist-delete "ncurses" (package-inputs texinfo))))))
+ (inputs `(("perl" ,perl-boot0))))))
(package-with-bootstrap-guile
(package-with-explicit-inputs texinfo %boot0-inputs
(current-source-location)
@@ -409,14 +429,22 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(current-source-location)
#:guile %bootstrap-guile)))
(bison (package (inherit bison)
- (native-inputs `(("perl" ,perl-boot0)))
(propagated-inputs `(("m4" ,m4)))
(inputs '()) ;remove Flex...
- (arguments '(#:tests? #f))))) ;... and thus disable tests
- (package-with-bootstrap-guile
- (package-with-explicit-inputs bison %boot0-inputs
- (current-source-location)
- #:guile %bootstrap-guile))))
+ (arguments
+ '(#:tests? #f ;... and thus disable tests
+
+ ;; Zero timestamps in liby.a; this must be done
+ ;; explicitly here because the bootstrap Binutils don't
+ ;; do that (default is "cru".)
+ #:make-flags '("ARFLAGS=crD" "RANLIB=ranlib -D"
+ "V=1"))))))
+ (package
+ (inherit (package-with-bootstrap-guile
+ (package-with-explicit-inputs bison %boot0-inputs
+ (current-source-location)
+ #:guile %bootstrap-guile)))
+ (native-inputs `(("perl" ,perl-boot0))))))
(define static-bash-for-glibc
;; A statically-linked Bash to be used by GLIBC-FINAL in system(3) & co.
@@ -424,18 +452,19 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
glibc-final-with-bootstrap-bash
(car (assoc-ref %boot1-inputs "bash"))))
(bash (package (inherit static-bash)
- (native-inputs `(("bison" ,bison-boot1)))
(arguments
`(#:guile ,%bootstrap-guile
- ,@(package-arguments static-bash))))))
- (package-with-bootstrap-guile
- (package-with-explicit-inputs bash
- `(("gcc" ,gcc)
- ("libc" ,glibc-final-with-bootstrap-bash)
- ,@(fold alist-delete %boot1-inputs
- '("gcc" "libc")))
- (current-source-location)
- #:guile %bootstrap-guile))))
+ ,@(package-arguments static-bash)))))
+ (inputs `(("gcc" ,gcc)
+ ("libc" ,glibc-final-with-bootstrap-bash)
+ ,@(fold alist-delete %boot1-inputs
+ '("gcc" "libc")))))
+ (package
+ (inherit (package-with-bootstrap-guile
+ (package-with-explicit-inputs bash inputs
+ (current-source-location)
+ #:guile %bootstrap-guile)))
+ (native-inputs `(("bison" ,bison-boot1))))))
(define gettext-boot0
;; A minimal gettext used during bootstrap.
@@ -527,7 +556,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(arguments
`(#:guile ,%bootstrap-guile
#:implicit-inputs? #f
-
+ #:allowed-references ("out")
#:out-of-source? #t
#:phases (alist-cons-before
'configure 'chdir
@@ -549,6 +578,25 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(propagated-inputs '())
(synopsis "GNU C++ standard library (intermediate)"))))
+(define zlib-final
+ ;; Zlib used by GCC-FINAL.
+ (package-with-bootstrap-guile
+ (package
+ (inherit zlib)
+ (arguments
+ `(#:guile ,%bootstrap-guile
+ #:implicit-inputs? #f
+ #:allowed-references ("out" ,glibc-final)
+ ,@(package-arguments zlib)))
+ (inputs %boot2-inputs))))
+
+(define ld-wrapper-boot3
+ ;; A linker wrapper that uses the bootstrap Guile.
+ (make-ld-wrapper "ld-wrapper-boot3"
+ #:binutils binutils-final
+ #:guile %bootstrap-guile
+ #:bash (car (assoc-ref %boot2-inputs "bash"))))
+
(define gcc-final
;; The final GCC.
(package (inherit gcc-boot0)
@@ -563,7 +611,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
`(#:guile ,%bootstrap-guile
#:implicit-inputs? #f
- #:allowed-references ("out" "lib"
+ #:allowed-references ("out" "lib" ,zlib-final
,glibc-final ,static-bash-for-glibc)
;; Things like libasan.so and libstdc++.so NEED ld.so for some
@@ -583,18 +631,16 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
((_ rest ...)
(loop rest)))))
((#:make-flags flags)
- ;; Since $LIBRARY_PATH and $CPATH are not honored, add the
- ;; relevant flags.
- `(cons (string-append "CPPFLAGS=-I"
- (assoc-ref %build-inputs "libstdc++")
- "/include")
- (map (lambda (flag)
- (if (string-prefix? "LDFLAGS=" flag)
- (string-append flag " -L"
- (assoc-ref %build-inputs "libstdc++")
- "/lib")
- flag))
- ,flags)))
+ ;; Since $LIBRARY_PATH is not honored, add the relevant flags.
+ `(let ((zlib (assoc-ref %build-inputs "zlib")))
+ (map (lambda (flag)
+ (if (string-prefix? "LDFLAGS=" flag)
+ (string-append flag " -L"
+ (assoc-ref %build-inputs "libstdc++")
+ "/lib -L" zlib "/lib -Wl,-rpath="
+ zlib "/lib")
+ flag))
+ ,flags)))
((#:phases phases)
`(alist-delete 'symlink-libgcc_eh ,phases)))))
@@ -606,20 +652,15 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
("static-bash" ,static-bash-for-glibc)
,@(package-native-inputs gcc-boot0)))
- (inputs `(("gmp-source" ,(bootstrap-origin (package-source gmp)))
+ (inputs `(("gmp-source" ,(bootstrap-origin (package-source gmp-6.0)))
("mpfr-source" ,(package-source mpfr))
("mpc-source" ,(package-source mpc))
+ ("ld-wrapper" ,ld-wrapper-boot3)
("binutils" ,binutils-final)
("libstdc++" ,libstdc++)
+ ("zlib" ,zlib-final)
,@%boot2-inputs))))
-(define ld-wrapper-boot3
- ;; A linker wrapper that uses the bootstrap Guile.
- (make-ld-wrapper "ld-wrapper-boot3"
- #:binutils binutils-final
- #:guile %bootstrap-guile
- #:bash (car (assoc-ref %boot2-inputs "bash"))))
-
(define %boot3-inputs
;; 4th stage inputs.
`(("gcc" ,gcc-final)
@@ -629,11 +670,13 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
(define bash-final
;; Link with `-static-libgcc' to make sure we don't retain a reference
;; to the bootstrap GCC.
- (package-with-bootstrap-guile
- (package-with-explicit-inputs (static-libgcc-package bash)
- %boot3-inputs
- (current-source-location)
- #:guile %bootstrap-guile)))
+ (package
+ (inherit (package-with-bootstrap-guile
+ (package-with-explicit-inputs (static-libgcc-package bash)
+ %boot3-inputs
+ (current-source-location)
+ #:guile %bootstrap-guile)))
+ (native-inputs `(("bison" ,bison-boot1)))))
(define %boot4-inputs
;; Now use the final Bash.
@@ -703,7 +746,9 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"
;; The final grep. Gzip holds a reference to it (via zgrep), so it must be
;; built before gzip.
(package-with-bootstrap-guile
- (package-with-explicit-inputs grep
+ (package-with-explicit-inputs (package
+ (inherit grep)
+ (native-inputs `(("perl" ,perl-boot0))))
%boot5-inputs
(current-source-location)
#:guile guile-final)))
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 0f27fa9410..4a31bf79e2 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -7,7 +7,7 @@
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Leo Famulari <leo@famulari.name>
;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
-;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
;;;
;;; This file is part of GNU Guix.
@@ -43,7 +43,7 @@
(define-public zlib
(package
(name "zlib")
- (version "1.2.7")
+ (version "1.2.8")
(source
(origin
(method url-fetch)
@@ -53,7 +53,7 @@
version ".tar.gz")))
(sha256
(base32
- "1i96gsdvxqb6skp9a58bacf1wxamwi9m9pg4yn7cpf7g7239r77s"))))
+ "039agw5rqvqny92cpkrfn243x2gd4xn13hs3xi6isk55d2vqqr9n"))))
(build-system gnu-build-system)
(arguments
`(#:phases (alist-replace
@@ -263,7 +263,7 @@ compressed with pbzip2 can be decompressed with bzip2).")
(define-public xz
(package
(name "xz")
- (version "5.0.4")
+ (version "5.2.2")
(source (origin
(method url-fetch)
(uri (list (string-append "http://tukaani.org/xz/xz-" version
@@ -272,7 +272,7 @@ compressed with pbzip2 can be decompressed with bzip2).")
version ".tar.gz")))
(sha256
(base32
- "1dl35ca8fdss9z2d6y234gxh24ixq904xksizrjmjr5dimwhax6n"))))
+ "18h2k4jndhzjs8ln3a54qdnfv59y6spxiwh9gpaqniph6iflvpvk"))))
(build-system gnu-build-system)
(synopsis "General-purpose data compression")
(description
diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm
index f947e7aec8..8bd599c25a 100644
--- a/gnu/packages/cross-base.scm
+++ b/gnu/packages/cross-base.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
@@ -182,12 +182,14 @@ may be either a libc package or #f.)"
(string-append libc "/lib"))
(let ((cpath (search-path-as-string->list
- (getenv "CPATH")))
+ (getenv "C_INCLUDE_PATH")))
(libpath (search-path-as-string->list
(getenv "LIBRARY_PATH"))))
(setenv "CPATH"
(list->search-path-as-string
(remove cross? cpath) ":"))
+ (for-each unsetenv
+ '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH"))
(setenv "LIBRARY_PATH"
(list->search-path-as-string
(remove cross? libpath) ":"))
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 9945273830..b36f5d8c16 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -6,6 +6,8 @@
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2015 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,6 +26,7 @@
(define-module (gnu packages databases)
#:use-module (gnu packages)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages perl)
#:use-module (gnu packages language)
#:use-module (gnu packages linux)
@@ -308,16 +311,18 @@ pictures, sounds, or video.")
;; Running tests in parallel leads to test failures and crashes in
;; torture/utils.
- (arguments '(#:parallel-tests? #f))
+ (arguments '(#:parallel-tests? #f
+ #:configure-flags
+ (list (string-append "--with-bash-headers="
+ (assoc-ref %build-inputs "bash:include")
+ "/include/bash"))))
(native-inputs `(("emacs" ,emacs-no-x)
("bc" ,bc)
+ ("bash:include" ,bash "include")
("libuuid", util-linux)))
;; TODO: Add more optional inputs.
- ;; FIXME: Our Bash doesn't have development headers (need for the 'readrec'
- ;; built-in command), but it's not clear how to get them installed.
- ;; See <https://lists.gnu.org/archive/html/bug-bash/2014-03/msg00125.html>.
(inputs `(("curl" ,curl)
("libgcrypt" ,libgcrypt)
("check" ,check)))
@@ -334,7 +339,7 @@ types are supported, as is encryption.")
(define-public sqlite
(package
(name "sqlite")
- (version "3.8.11.1")
+ (version "3.10.0")
(source (origin
(method url-fetch)
;; TODO: Download from sqlite.org once this bug :
@@ -365,7 +370,7 @@ types are supported, as is encryption.")
))
(sha256
(base32
- "1dnkl4qr1dgaprbyf3jddfiynkhxnin86qabni47wjlc0fnb16gv"))))
+ "0hhhv6si0pyf5i8bv7a71953m0b4gk6s3j2h09caf7vif0njkk23"))))
(build-system gnu-build-system)
(inputs `(("readline" ,readline)))
(arguments
diff --git a/gnu/packages/doxygen.scm b/gnu/packages/doxygen.scm
index 8b1a057724..8245a65c86 100644
--- a/gnu/packages/doxygen.scm
+++ b/gnu/packages/doxygen.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2014, 2016 Andreas Enge <andreas@enge.fr>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -20,7 +20,7 @@
#:use-module ((guix licenses) #:select (gpl3+))
#:use-module (guix packages)
#:use-module (guix download)
- #:use-module (guix build-system gnu)
+ #:use-module (guix build-system cmake)
#:use-module (gnu packages)
#:use-module (gnu packages bison)
#:use-module (gnu packages flex)
@@ -32,38 +32,23 @@
(define-public doxygen
(package
(name "doxygen")
- (version "1.8.7")
+ (version "1.8.11")
(source (origin
(method url-fetch)
(uri (string-append "http://ftp.stack.nl/pub/users/dimitri/"
name "-" version ".src.tar.gz"))
(sha256
(base32
- "1ng3dv5fninhfi2fj75ghkr5jwsl653fxv2sxhaswj11x2vcdsn6"))
- (patches (list (search-patch "doxygen-tmake.patch")
- (search-patch "doxygen-test.patch")))))
- (build-system gnu-build-system)
+ "0ja02pm3fpfhc5dkry00kq8mn141cqvdqqpmms373ncbwi38pl35"))
+ (patches (list (search-patch "doxygen-test.patch")))))
+ (build-system cmake-build-system)
(native-inputs
`(("bison" ,bison)
("flex" ,flex)
("libxml2" ,libxml2) ; provides xmllint for the tests
- ("perl" ,perl) ; for the tests
("python" ,python-2))) ; for creating the documentation
- (propagated-inputs
- `(("graphviz" ,graphviz)))
(arguments
- `(#:test-target "test"
- #:phases
- (alist-replace
- 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- ;; do not pass "--enable-fast-install", which makes the
- ;; configure process fail
- (zero? (system*
- "./configure"
- "--prefix" out))))
- %standard-phases)))
+ `(#:test-target "tests"))
(home-page "http://www.stack.nl/~dimitri/doxygen/")
(synopsis "Generate documentation from annotated sources")
(description "Doxygen is the de facto standard tool for generating
diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm
index ce599bca66..2b1152a54d 100644
--- a/gnu/packages/emacs.scm
+++ b/gnu/packages/emacs.scm
@@ -70,7 +70,8 @@
(sha256
(base32
"0kn3rzm91qiswi0cql89kbv6mqn27rwsyjfb8xmwy9m5s8fxfiyx"))
- (patches (list (search-patch "emacs-exec-path.patch")))))
+ (patches (list (search-patch "emacs-exec-path.patch")
+ (search-patch "emacs-source-date-epoch.patch")))))
(build-system glib-or-gtk-build-system)
(arguments
'(#:phases (modify-phases %standard-phases
diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm
index 161df544de..90e9a70626 100644
--- a/gnu/packages/file.scm
+++ b/gnu/packages/file.scm
@@ -27,14 +27,14 @@
(define-public file
(package
(name "file")
- (version "5.22")
+ (version "5.25")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.astron.com/pub/file/file-"
version ".tar.gz"))
(sha256
(base32
- "02zw14hw3gqlw91w2f2snbirvyrp7r83irvnnkjcb25q9kjaiqy4"))))
+ "1jhfi5mivdnqvry5la5q919l503ahwdwbf3hjhiv97znccakhd9p"))))
(build-system gnu-build-system)
;; When cross-compiling, this package depends upon a native install of
diff --git a/gnu/packages/flex.scm b/gnu/packages/flex.scm
index 7988e930e7..f8d5ccd032 100644
--- a/gnu/packages/flex.scm
+++ b/gnu/packages/flex.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -31,15 +32,14 @@
(define flex
(package
(name "flex")
- (version "2.5.37")
+ (version "2.6.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/flex/flex-"
version ".tar.bz2"))
(sha256
(base32
- "0ah5mi4j62b85a9rllv1004mzjb5cd0mn4glvz13p88rpx77pahp"))
- (patches (list (search-patch "flex-bison-tests.patch")))))
+ "1sdqx63yadindzafrq1w31ajblf9gl1c301g068s20s7bbpi3ri4"))))
(build-system gnu-build-system)
(inputs
(let ((bison-for-tests
diff --git a/gnu/packages/gawk.scm b/gnu/packages/gawk.scm
index 6bfea34667..8f2805cd4b 100644
--- a/gnu/packages/gawk.scm
+++ b/gnu/packages/gawk.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
@@ -19,6 +19,7 @@
(define-module (gnu packages gawk)
#:use-module (guix licenses)
+ #:use-module (gnu packages)
#:use-module (gnu packages bash)
#:use-module (gnu packages libsigsegv)
#:use-module (guix packages)
@@ -34,7 +35,8 @@
(uri (string-append "mirror://gnu/gawk/gawk-" version
".tar.xz"))
(sha256
- (base32 "09d6pmx6h3i2glafm0jd1v1iyrs03vcyv2rkz12jisii3vlmbkz3"))))
+ (base32 "09d6pmx6h3i2glafm0jd1v1iyrs03vcyv2rkz12jisii3vlmbkz3"))
+ (patches (list (search-patch "gawk-fts-test.patch")))))
(build-system gnu-build-system)
(arguments
`(#:parallel-tests? #f ; test suite fails in parallel
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index 2848e4343a..832e57bc77 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -99,6 +99,7 @@ where the OS part is overloaded to denote a specific ABI---into GCC
'("--enable-plugin"
"--enable-languages=c,c++"
"--disable-multilib"
+ "--with-system-zlib"
;; No pre-compiled libstdc++ headers, to save space.
"--disable-libstdcxx-pch"
@@ -293,8 +294,16 @@ where the OS part is overloaded to denote a specific ABI---into GCC
%standard-phases))))
(native-search-paths
+ ;; Use the language-specific variables rather than 'CPATH' because they
+ ;; are equivalent to '-isystem' whereas 'CPATH' is equivalent to '-I'.
+ ;; The intent is to allow headers that are in the search path to be
+ ;; treated as "system headers" (headers exempt from warnings) just like
+ ;; the typical /usr/include headers on an FHS system.
(list (search-path-specification
- (variable "CPATH")
+ (variable "C_INCLUDE_PATH")
+ (files '("include")))
+ (search-path-specification
+ (variable "CPLUS_INCLUDE_PATH")
(files '("include")))
(search-path-specification
(variable "LIBRARY_PATH")
@@ -408,13 +417,18 @@ using compilers other than GCC."
(define-public libiberty
(make-libiberty gcc))
-(define* (custom-gcc gcc name languages #:key (separate-lib-output? #t))
- "Return a custom version of GCC that supports LANGUAGES."
+(define* (custom-gcc gcc name languages
+ #:optional
+ (search-paths (package-native-search-paths gcc))
+ #:key (separate-lib-output? #t))
+ "Return a custom version of GCC that supports LANGUAGES. Use SEARCH-PATHS
+as the 'native-search-paths' field."
(package (inherit gcc)
(name name)
(outputs (if separate-lib-output?
(package-outputs gcc)
(delete "lib" (package-outputs gcc))))
+ (native-search-paths search-paths)
(arguments
(substitute-keyword-arguments `(#:modules ((guix build gnu-build-system)
(guix build utils)
@@ -428,20 +442,37 @@ using compilers other than GCC."
(remove (cut string-match "--enable-languages.*" <>)
,flags)))))))
+(define %generic-search-paths
+ ;; This is the language-neutral search path for GCC. Entries in $CPATH are
+ ;; not considered "system headers", which means GCC can raise warnings for
+ ;; issues in those headers. 'CPATH' is the only one that works for
+ ;; front-ends not in the C family.
+ (list (search-path-specification
+ (variable "CPATH")
+ (files '("include")))
+ (search-path-specification
+ (variable "LIBRARY_PATH")
+ (files '("lib" "lib64")))))
+
(define-public gfortran-4.8
- (custom-gcc gcc-4.8 "gfortran" '("fortran")))
+ (custom-gcc gcc-4.8 "gfortran" '("fortran")
+ %generic-search-paths))
(define-public gfortran-4.9
- (custom-gcc gcc-4.9 "gfortran" '("fortran")))
+ (custom-gcc gcc-4.9 "gfortran" '("fortran")
+ %generic-search-paths))
(define-public gfortran
- (custom-gcc gcc "gfortran" '("fortran")))
+ (custom-gcc gcc "gfortran" '("fortran")
+ %generic-search-paths))
(define-public gfortran-5
- (custom-gcc gcc-5 "gfortran" '("fortran")))
+ (custom-gcc gcc-5 "gfortran" '("fortran")
+ %generic-search-paths))
(define-public gccgo-4.8
(custom-gcc gcc-4.8 "gccgo" '("go")
+ %generic-search-paths
;; Suppress the separate "lib" output, because otherwise the
;; "lib" and "out" outputs would refer to each other, creating
;; a cyclic dependency. <http://debbugs.gnu.org/18101>
@@ -468,6 +499,8 @@ using compilers other than GCC."
(native-inputs
`(("dejagnu" ,dejagnu)
,@(package-native-inputs gcc)))
+ (native-search-paths %generic-search-paths)
+
;; Suppress the separate "lib" output, because otherwise the
;; "lib" and "out" outputs would refer to each other, creating
;; a cyclic dependency. <http://debbugs.gnu.org/18101>
@@ -551,10 +584,22 @@ using compilers other than GCC."
"1k9lgm3qamf6zy534pa2zwskr8mpiqrngbv1vw9j4y1ghrdyf1lm"))))
(define-public gcc-objc-4.8
- (custom-gcc gcc-4.8 "gcc-objc" '("objc")))
+ (custom-gcc gcc-4.8 "gcc-objc" '("objc")
+ (list (search-path-specification
+ (variable "OBJC_INCLUDE_PATH")
+ (files '("include")))
+ (search-path-specification
+ (variable "LIBRARY_PATH")
+ (files '("lib" "lib64"))))))
(define-public gcc-objc++-4.8
- (custom-gcc gcc-4.8 "gcc-objc++" '("obj-c++")))
+ (custom-gcc gcc-4.8 "gcc-objc++" '("obj-c++")
+ (list (search-path-specification
+ (variable "OBJCPLUS_INCLUDE_PATH")
+ (files '("include")))
+ (search-path-specification
+ (variable "LIBRARY_PATH")
+ (files '("lib" "lib64"))))))
(define (make-libstdc++-doc gcc)
"Return a package with the libstdc++ documentation for GCC."
diff --git a/gnu/packages/gettext.scm b/gnu/packages/gettext.scm
index 14dedc51b5..7cd1ab73e7 100644
--- a/gnu/packages/gettext.scm
+++ b/gnu/packages/gettext.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -40,50 +41,51 @@
(define-public gnu-gettext
(package
(name "gettext")
- (version "0.19.6")
+ (version "0.19.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/gettext/gettext-"
version ".tar.gz"))
(sha256
(base32
- "0pb9vp4ifymvdmc31ks3xxcnfqgzj8shll39czmk8c1splclqjzd"))))
+ "0gy2b2aydj8r0sapadnjw8cmb8j2rynj28d5qs1mfa800njd51jk"))))
(build-system gnu-build-system)
+ (outputs '("out"
+ "doc")) ;8 MiB of HTML
(inputs
`(("expat" ,expat)))
(arguments
- `(#:phases (alist-cons-before
- 'check 'patch-tests
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((bash (which "sh")))
- ;; Some of the files we're patching are
- ;; ISO-8859-1-encoded, so choose it as the default
- ;; encoding so the byte encoding is preserved.
- (with-fluids ((%default-port-encoding #f))
- (substitute*
- (find-files "gettext-tools/tests"
- "^(lang-sh|msg(exec|filter)-[0-9])")
- (("#![[:blank:]]/bin/sh")
- (format #f "#!~a" bash)))
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-before 'check 'patch-tests
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((bash (which "sh")))
+ ;; Some of the files we're patching are
+ ;; ISO-8859-1-encoded, so choose it as the default
+ ;; encoding so the byte encoding is preserved.
+ (with-fluids ((%default-port-encoding #f))
+ (substitute*
+ (find-files "gettext-tools/tests"
+ "^(lang-sh|msg(exec|filter)-[0-9])")
+ (("#![[:blank:]]/bin/sh")
+ (format #f "#!~a" bash)))
- (substitute* (cons "gettext-tools/src/msginit.c"
- (find-files "gettext-tools/gnulib-tests"
- "posix_spawn"))
- (("/bin/sh")
- bash))
+ (substitute* (cons "gettext-tools/src/msginit.c"
+ (find-files "gettext-tools/gnulib-tests"
+ "posix_spawn"))
+ (("/bin/sh")
+ bash))
- (substitute* "gettext-tools/src/project-id"
- (("/bin/pwd")
- "pwd")))))
- (alist-cons-before
- 'configure 'link-expat
- (lambda _
- ;; Gettext defaults to opening expat via dlopen on
- ;; "Linux". Change to link directly.
- (substitute* "gettext-tools/configure"
- (("LIBEXPAT=\"-ldl\"") "LIBEXPAT=\"-ldl -lexpat\"")
- (("LTLIBEXPAT=\"-ldl\"") "LTLIBEXPAT=\"-ldl -lexpat\"")))
- %standard-phases))
+ (substitute* "gettext-tools/src/project-id"
+ (("/bin/pwd")
+ "pwd"))))))
+ (add-before 'configure 'link-expat
+ (lambda _
+ ;; Gettext defaults to opening expat via dlopen on
+ ;; "Linux". Change to link directly.
+ (substitute* "gettext-tools/configure"
+ (("LIBEXPAT=\"-ldl\"") "LIBEXPAT=\"-ldl -lexpat\"")
+ (("LTLIBEXPAT=\"-ldl\"") "LTLIBEXPAT=\"-ldl -lexpat\"")))))
;; When tests fail, we want to know the details.
#:make-flags '("VERBOSE=yes")))
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 146d3f563b..c5eea22845 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -251,10 +251,10 @@ dynamic loading, and an object system.")
("cairo" ,cairo)
("flex" ,flex)
("glib" ,glib)
- ("pkg-config" ,pkg-config)
("python-2" ,python-2)))
(native-inputs
- `(("glib" ,glib "bin")))
+ `(("glib" ,glib "bin")
+ ("pkg-config" ,pkg-config)))
(propagated-inputs
`(;; In practice, GIR users will need libffi when using
;; gobject-introspection.
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 9ce750ddef..05efe0ba97 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -9,7 +9,7 @@
;;; Copyright © 2015 Andy Wingo <wingo@igalia.com>
;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
;;;
@@ -858,7 +858,7 @@ dealing with different structured file formats.")
(define-public librsvg
(package
(name "librsvg")
- (version "2.40.11")
+ (version "2.40.13")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@@ -866,9 +866,7 @@ dealing with different structured file formats.")
name "-" version ".tar.xz"))
(sha256
(base32
- "00ifd9wjjjsw0ybk5j6qs4yyh66jj34hjmggy6dhrgfy8ksw06k1"))
- (patches
- (list (search-patch "librsvg-tests.patch")))))
+ "014q7gz6mgfa7pfn0lr13qqv568ad8j1sw9d4vksnpazq0zajvjd"))))
(build-system gnu-build-system)
(arguments
`(#:phases
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index c17e64d474..c1a6d75569 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -46,7 +46,7 @@
(define-public libgpg-error
(package
(name "libgpg-error")
- (version "1.19")
+ (version "1.21")
(source
(origin
(method url-fetch)
@@ -54,7 +54,7 @@
version ".tar.bz2"))
(sha256
(base32
- "12wpqhjlsw4iaanifbqm2kich6c7x7lm8a7zhy6x5ifm6c9hw4jk"))))
+ "0kdq2cbnk84fr4jqcv689rlxpbyl6bda2cn6y3ll19v3mlydpnxp"))))
(build-system gnu-build-system)
(home-page "http://gnupg.org")
(synopsis "Library of error values for GnuPG components")
@@ -68,14 +68,14 @@ Daemon and possibly more in the future.")
(define-public libgcrypt
(package
(name "libgcrypt")
- (version "1.6.3")
+ (version "1.6.4")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "0pq2nwfqgggrsh8rk84659d80vfnlkbphwqjwahccd5fjdxr3d21"))))
+ "09k06gs27gxfha07sa9rpf4xh6mvphj9sky7n09ymx75w9zjrg69"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error-host" ,libgpg-error)))
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 6fac8ced40..62010dbf6b 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
;;;
;;; This file is part of GNU Guix.
@@ -64,7 +64,12 @@
name version ".tar.gz"))
(sha256
(base32
- "1fig2wf4f10v43mqx67y68z6h77sy900d1w0pz9qarrqx57rc7ij"))))
+ "1fig2wf4f10v43mqx67y68z6h77sy900d1w0pz9qarrqx57rc7ij"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Fix incompatibility with Perl 5.22+.
+ '(substitute* '("js/src/config/milestone.pl")
+ (("defined\\(@TEMPLATE_FILE)") "@TEMPLATE_FILE")))))
(build-system gnu-build-system)
(native-inputs
`(("perl", perl)
@@ -103,7 +108,12 @@ in C/C++.")
name "-" version ".tar.bz2"))
(sha256
(base32
- "1n1phk8r3l8icqrrap4czplnylawa0ddc2cc4cgdz46x3lrkybz6"))))
+ "1n1phk8r3l8icqrrap4czplnylawa0ddc2cc4cgdz46x3lrkybz6"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Fix incompatibility with Perl 5.22+.
+ '(substitute* '("js/src/config/milestone.pl")
+ (("defined\\(@TEMPLATE_FILE)") "@TEMPLATE_FILE")))))
(arguments
'(#:phases
(modify-phases %standard-phases
@@ -277,7 +287,27 @@ standards.")
(sha256
(base32
"0m18xyb0rd02yaw9xd5z4bab1wr2599iszzqhm86c134jv5vk6cg"))
- (patches (map search-patch '("icecat-avoid-bundled-includes.patch")))
+ (patches (map search-patch
+ '("icecat-avoid-bundled-includes.patch"
+ "icecat-CVE-2016-1930-pt01.patch"
+ "icecat-CVE-2016-1930-pt02.patch"
+ "icecat-CVE-2016-1930-pt03.patch"
+ "icecat-CVE-2016-1930-pt04.patch"
+ "icecat-CVE-2016-1930-pt05.patch"
+ "icecat-CVE-2016-1930-pt06.patch"
+ "icecat-CVE-2016-1930-pt07.patch"
+ "icecat-CVE-2016-1930-pt08.patch"
+ "icecat-CVE-2016-1930-pt09.patch"
+ "icecat-CVE-2016-1930-pt10.patch"
+ "icecat-CVE-2016-1930-pt11.patch"
+ "icecat-CVE-2016-1930-pt12.patch"
+ "icecat-CVE-2016-1930-pt13.patch"
+ "icecat-bug-1146335-pt1.patch"
+ "icecat-bug-1146335-pt2.patch"
+ "icecat-CVE-2016-1935.patch"
+ "icecat-CVE-2016-1930-pt14.patch"
+ "icecat-CVE-2016-1930-pt15.patch"
+ "icecat-limit-max-buffers-size-for-ANGLE.patch")))
(modules '((guix build utils)))
(snippet
'(begin
diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm
index 4be237cd65..861a18fce8 100644
--- a/gnu/packages/guile.scm
+++ b/gnu/packages/guile.scm
@@ -174,7 +174,8 @@ without requiring the source code to be rewritten.")
(files '("share/guile/site/2.0")))
(search-path-specification
(variable "GUILE_LOAD_COMPILED_PATH")
- (files '("share/guile/site/2.0")))))
+ (files '("lib/guile/2.0/ccache"
+ "share/guile/site/2.0")))))
(synopsis "Scheme implementation intended especially for extensions")
(description
diff --git a/gnu/packages/haskell.scm b/gnu/packages/haskell.scm
index 843a428dc6..c3e0a6100b 100644
--- a/gnu/packages/haskell.scm
+++ b/gnu/packages/haskell.scm
@@ -243,6 +243,12 @@
(string-append ghc-bootstrap-path "/ghc-7.8.4")
(zero? (system* "make" "install"))))
%standard-phases)))))))
+ (native-search-paths (list (search-path-specification
+ (variable "GHC_PACKAGE_PATH")
+ (files (list
+ (string-append "lib/ghc-" version)))
+ (file-pattern ".*\\.conf\\.d$")
+ (file-type 'directory))))
(home-page "https://www.haskell.org/ghc")
(synopsis "The Glasgow Haskell Compiler")
(description
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index d3ed92fde8..bf120f0184 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015 Alex Kost <alezost@gmail.com>
;;; Copyright © 2014 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
@@ -131,13 +131,17 @@ maximum quality factor.")
(define-public libtiff
(package
(name "libtiff")
- (version "4.0.5")
+ (version "4.0.6")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.remotesensing.org/pub/libtiff/tiff-"
version ".tar.gz"))
(sha256 (base32
- "171hgy4mylwmvdm7gp6ffjva81m4j56v3fbqsbfl7avzxn1slpp2"))))
+ "136nf1rj9dp5jgv1p7z4dk0xy3wki1w0vfjbk82f645m0w4samsd"))
+ (patches (map search-patch
+ '("libtiff-oob-accesses-in-decode.patch"
+ "libtiff-oob-write-in-nextdecode.patch"
+ "libtiff-CVE-2015-8665+CVE-2015-8683.patch")))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.3 MiB of HTML documentation
diff --git a/gnu/packages/language.scm b/gnu/packages/language.scm
index b0fa7aa179..6c837948c0 100644
--- a/gnu/packages/language.scm
+++ b/gnu/packages/language.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -60,6 +60,7 @@ manipulating such numbers.")
(base32
"0drzg9a2dkjxgf00n6jg0jzhd8972bh3j4wdnmdxpqi3zmfqhwcy"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Lingua-EN-Inflect")
(synopsis "Convert singular to plural")
(description "Lingua::EN::Inflect provides plural inflections,
@@ -224,6 +225,8 @@ Moreira, V. and Huyck, C.")
(base32
"12avh2mnnc7llmmshrr5bgb473fvydxnlqrqbl2815mf2dp4pxcg"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-lingua-pt-stemmer" ,perl-lingua-pt-stemmer)
("perl-lingua-stem-fr" ,perl-lingua-stem-fr)
@@ -329,6 +332,7 @@ Lingua::Stem::Snowball::Se.")
(base32
"0675v45bbsh7vr7kpf36xs2q79g02iq1kmfw22h20xdk4rzqvkqx"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Snowball-Norwegian")
(synopsis "Porters stemming algorithm for Norwegian")
(description "Lingua::Stem::Snowball::No is a perl port of the norwegian
@@ -348,6 +352,7 @@ stemmer at http://snowball.tartarus.org.")
(base32
"0agwc12jk5kmabnpsplw3wf4ii5w1zb159cpin44x3srb0sr5apg"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Snowball-Swedish")
(synopsis "Porters stemming algorithm for Swedish")
(description "Lingua::Stem::Snowball::Se is a perl port of the swedish
diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in
index c3d6fa1005..c92ed1dcc7 100644
--- a/gnu/packages/ld-wrapper.in
+++ b/gnu/packages/ld-wrapper.in
@@ -137,52 +137,61 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line))
(string-every (char-set-union (char-set #\.) char-set:digit)
(string-drop file (+ index 3)))))))
-(define (library-files-linked args)
- ;; Return the file names of shared libraries explicitly linked against via
- ;; `-l' or with an absolute file name in ARGS.
- (define path+files+args
+(define (library-search-path args)
+ ;; Return the library search path as a list of directory names. The GNU ld
+ ;; manual notes that "[a]ll `-L' options apply to all `-l' options,
+ ;; regardless of the order in which the options appear", so we must compute
+ ;; the search path independently of the -l options.
+ (let loop ((args args)
+ (path '()))
+ (match args
+ (()
+ (reverse path))
+ (("-L" directory . rest)
+ (loop rest (cons directory path)))
+ ((argument . rest)
+ (if (string-prefix? "-L" argument) ;augment the search path
+ (loop rest
+ (cons (string-drop argument 2) path))
+ (loop rest path))))))
+
+(define (library-files-linked args library-path)
+ ;; Return the absolute file names of shared libraries explicitly linked
+ ;; against via `-l' or with an absolute file name in ARGS, looking them up
+ ;; in LIBRARY-PATH.
+ (define files+args
(fold (lambda (argument result)
(match result
- ((library-path library-files
- ((and flag
- (or "-dynamic-linker" "-plugin"))
- . rest))
+ ((library-files ((and flag
+ (or "-dynamic-linker" "-plugin"))
+ . rest))
;; When passed '-dynamic-linker ld.so', ignore 'ld.so'; when
;; passed '-plugin liblto_plugin.so', ignore
;; 'liblto_plugin.so'. See <http://bugs.gnu.org/20102>.
- (list library-path
- library-files
+ (list library-files
(cons* argument flag rest)))
- ((library-path library-files previous-args)
- (cond ((string-prefix? "-L" argument) ;augment the search path
- (list (append library-path
- (list (string-drop argument 2)))
- library-files
- (cons argument previous-args)))
- ((string-prefix? "-l" argument) ;add library
+ ((library-files previous-args)
+ (cond ((string-prefix? "-l" argument) ;add library
(let* ((lib (string-append "lib"
(string-drop argument 2)
".so"))
(full (search-path library-path lib)))
- (list library-path
- (if full
+ (list (if full
(cons full library-files)
library-files)
(cons argument previous-args))))
((and (string-prefix? %store-directory argument)
(shared-library? argument)) ;add library
- (list library-path
- (cons argument library-files)
+ (list (cons argument library-files)
(cons argument previous-args)))
(else
- (list library-path
- library-files
+ (list library-files
(cons argument previous-args)))))))
- (list '() '() '())
+ (list '() '())
args))
- (match path+files+args
- ((path files arguments)
+ (match files+args
+ ((files arguments)
(reverse files))))
(define (rpath-arguments library-files)
@@ -211,10 +220,13 @@ impure library ~s~%"
(define (ld-wrapper . args)
;; Invoke the real `ld' with ARGS, augmented with `-rpath' switches.
- (let* ((libs (library-files-linked args))
+ (let* ((path (library-search-path args))
+ (libs (library-files-linked args path))
(args (append args (rpath-arguments libs))))
(when %debug?
(format (current-error-port)
+ "ld-wrapper: library search path: ~s~%" path)
+ (format (current-error-port)
"ld-wrapper: libraries linked: ~s~%" libs)
(format (current-error-port)
"ld-wrapper: invoking `~a' with ~s~%"
diff --git a/gnu/packages/libffi.scm b/gnu/packages/libffi.scm
index 33e10d6fc2..83af7fde68 100644
--- a/gnu/packages/libffi.scm
+++ b/gnu/packages/libffi.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -29,11 +30,11 @@
;; available in $includedir where some users expect them.
'(lambda* (#:key outputs #:allow-other-keys)
(define out (assoc-ref outputs "out"))
- (symlink (string-append out "/lib/libffi-3.1/include")
+ (symlink (string-append out "/lib/libffi-3.2.1/include")
(string-append out "/include")))))
(package
(name "libffi")
- (version "3.1")
+ (version "3.2.1")
(source (origin
(method url-fetch)
(uri
@@ -41,7 +42,7 @@
name "-" version ".tar.gz"))
(sha256
(base32
- "1sznmrhcswwbyqla9y2ximlkzbxks59wjfs3lh7qf8ayranyxzlp"))))
+ "0dya49bnhianl0r65m65xndz6ls2jn1xngyn72gd28ls3n7bnvnh"))))
(build-system gnu-build-system)
(arguments `(#:phases (alist-cons-after 'install 'post-install
,post-install-phase
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 039e438a94..6500aa51f5 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -436,6 +436,9 @@ providing the system administrator with some help in common tasks.")
(arguments
`(#:configure-flags (list "--disable-use-tty-group"
+ ;; Do not build .a files to save 2 MiB.
+ "--disable-static"
+
;; Install completions where our
;; bash-completion package expects them.
(string-append "--with-bashcompletiondir="
@@ -481,62 +484,34 @@ block devices, UUIDs, TTYs, and many other tools.")
(define-public procps
(package
(name "procps")
- (version "3.2.8")
+ (version "3.3.11")
(source (origin
- (method url-fetch)
- ;; A mirror://sourceforge URI doesn't work, presumably becuase
- ;; the SourceForge project is misconfigured.
- (uri (string-append "http://procps.sourceforge.net/procps-"
- version ".tar.gz"))
- (sha256
- (base32
- "0d8mki0q4yamnkk4533kx8mc0jd879573srxhg6r2fs3lkc6iv8i"))
- (patches (list (search-patch "procps-make-3.82.patch")))))
+ (method url-fetch)
+ (uri (string-append "mirror://sourceforge/procps-ng/Production/"
+ "procps-ng-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1va4n0mpsq327ca9dqp4hnrpgs6821rp0f2m0jyc1bfjl9lk2jg9"))))
(build-system gnu-build-system)
- (inputs `(("ncurses" ,ncurses)))
(arguments
'(#:modules ((guix build utils)
(guix build gnu-build-system)
(srfi srfi-1)
(srfi srfi-26))
- #:phases (alist-replace
- 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- ;; No `configure', just a single Makefile.
- (let ((out (assoc-ref outputs "out")))
- (substitute* "Makefile"
- (("/usr/") "/")
- (("--(owner|group) 0") "")
- (("ldconfig") "true")
- (("^LDFLAGS[[:blank:]]*:=(.*)$" _ value)
- ;; Add libproc to the RPATH.
- (string-append "LDFLAGS := -Wl,-rpath="
- out "/lib" value))))
- (setenv "CC" "gcc"))
- (alist-replace
- 'install
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (and (zero?
- (system* "make" "install"
- (string-append "DESTDIR=" out)))
-
- ;; Remove commands and man pages redundant with
- ;; Coreutils.
- (let ((dup (append-map (cut find-files out <>)
- '("^kill" "^uptime"))))
- (for-each delete-file dup)
- #t)
-
- ;; Sanity check.
- (zero?
- (system* (string-append out "/bin/ps")
- "--version")))))
- %standard-phases))
-
- ;; What did you expect? Tests?
- #:tests? #f))
- (home-page "http://procps.sourceforge.net/")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after
+ 'install 'post-install
+ ;; Remove commands and man pages redudant with
+ ;; Coreutils.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (dup (append-map (cut find-files out <>)
+ '("^kill" "^uptime"))))
+ (for-each delete-file dup)
+ #t))))))
+ (inputs `(("ncurses" ,ncurses)))
+ (home-page "https://gitlab.com/procps-ng/procps/")
(synopsis "Utilities that give information about processes")
(description
"Procps is the package that has a bunch of small useful utilities
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index 4dc9bdc6e7..d41479e83f 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -765,6 +765,7 @@ mailboxes. Currently Maildir and IMAP are supported types.")
(build-system perl-build-system)
(propagated-inputs
`(("perl-email-simple" ,perl-email-simple)
+ ("perl-module-pluggable" ,perl-module-pluggable)
("perl-mro-compat" ,perl-mro-compat)))
(home-page "http://search.cpan.org/dist/Email-Abstract")
(synopsis "Interface to mail representations")
diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm
index ee74c03700..ad507706db 100644
--- a/gnu/packages/multiprecision.scm
+++ b/gnu/packages/multiprecision.scm
@@ -30,7 +30,7 @@
(define-public gmp
(package
(name "gmp")
- (version "6.0.0a")
+ (version "6.1.0")
(source (origin
(method url-fetch)
(uri
@@ -38,14 +38,14 @@
version ".tar.xz"))
(sha256
(base32
- "0r5pp27cy7ch3dg5v0rsny8bib1zfvrza6027g2mp5f6v8pd6mli"))
+ "12b9s4jn48gbar6dbs5qrlmljdmnq43xy3ji9yjzic0mwp6dmnk8"))
(patches (map search-patch
- '("gmp-arm-asm-nothumb.patch"
- "gmp-faulty-test.patch")))))
+ '("gmp-faulty-test.patch")))))
(build-system gnu-build-system)
(native-inputs `(("m4" ,m4)))
(outputs '("out" "debug"))
- (arguments `(#:configure-flags
+ (arguments `(#:parallel-tests? #f ; mpz/reuse fails otherwise
+ #:configure-flags
'(;; Build a "fat binary", with routines for several
;; sub-architectures.
"--enable-fat"
@@ -60,6 +60,24 @@ cryptography and computational algebra.")
(license lgpl3+)
(home-page "http://gmplib.org/")))
+(define-public gmp-6.0
+ ;; We keep this one around to bootstrap GCC, to work around a compilation
+ ;; issue on ARM. See
+ ;; <https://gmplib.org/list-archives/gmp-bugs/2015-December/003848.html>.
+ (package
+ (inherit gmp)
+ (version "6.0.0a")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/gmp/gmp-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "0r5pp27cy7ch3dg5v0rsny8bib1zfvrza6027g2mp5f6v8pd6mli"))
+ (patches (map search-patch
+ '("gmp-arm-asm-nothumb.patch"
+ "gmp-faulty-test.patch")))))))
+
(define-public mpfr
(package
(name "mpfr")
diff --git a/gnu/packages/ncurses.scm b/gnu/packages/ncurses.scm
index b7fbfc982d..147033a7e5 100644
--- a/gnu/packages/ncurses.scm
+++ b/gnu/packages/ncurses.scm
@@ -29,16 +29,35 @@
'(lambda _
(for-each patch-makefile-SHELL
(find-files "." "Makefile.in"))))
+ (configure-phase
+ ;; The 'configure' script does not understand '--docdir', so we must
+ ;; override that and use '--mandir' instead.
+ '(lambda* (#:key build target outputs configure-flags
+ #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out"))
+ (doc (assoc-ref outputs "doc")))
+ (zero? (apply system* "./configure"
+ (string-append "SHELL=" (which "sh"))
+ (string-append "--build=" build)
+ (string-append "--prefix=" out)
+ (string-append "--mandir=" doc "/share/man")
+ (if target
+ (cons (string-append "--host=" target)
+ configure-flags)
+ configure-flags))))))
(remove-shebang-phase
'(lambda _
;; To avoid retaining a reference to the bootstrap Bash via the
- ;; shebang of the 'ncursesw5-config' script, simply remove that
- ;; shebang: it'll work just as well without it.
+ ;; shebang of the 'ncursesw6-config' script, simply remove that
+ ;; shebang: it'll work just as well without it. Likewise, do not
+ ;; retain a reference to the "doc" output.
(substitute* "misc/ncurses-config.in"
(("#!@SHELL@")
"# No shebang here, use /bin/sh!\n")
(("@SHELL@ \\$0")
- "$0"))
+ "$0")
+ (("mandir=.*$")
+ "mandir=share/man"))
#t))
(post-install-phase
'(lambda* (#:key outputs #:allow-other-keys)
@@ -79,6 +98,8 @@
(base32
"0q3jck7lna77z5r42f13c4xglc7azd19pxfrjrpgp2yf615w4lgm"))))
(build-system gnu-build-system)
+ (outputs '("out"
+ "doc")) ;1 MiB of man pages
(arguments
`(#:configure-flags
`("--with-shared" "--without-debug" "--enable-widec"
@@ -95,13 +116,18 @@
"/lib"))
#:tests? #f ; no "check" target
#:phases (modify-phases %standard-phases
+ (replace 'configure ,configure-phase)
(add-after 'install 'post-install
- ,post-install-phase)
+ ,post-install-phase)
(add-before 'configure 'patch-makefile-SHELL
- ,patch-makefile-phase)
+ ,patch-makefile-phase)
(add-after 'unpack 'remove-unneeded-shebang
- ,remove-shebang-phase))))
+ ,remove-shebang-phase))))
(self-native-input? #t) ; for `tic'
+ (native-search-paths
+ (list (search-path-specification
+ (variable "TERMINFO_DIRS")
+ (files '("share/terminfo")))))
(synopsis "Terminal emulation (termcap, terminfo) library")
(description
"GNU Ncurses is a library which provides capabilities to write text to
diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm
index f157d1513b..b85ebece3c 100644
--- a/gnu/packages/package-management.scm
+++ b/gnu/packages/package-management.scm
@@ -340,7 +340,7 @@ symlinks to the files in a common directory such as /usr/local.")
(let ((nspr (assoc-ref inputs "nspr"))
(nss (assoc-ref inputs "nss")))
(setenv "CPATH"
- (string-append (getenv "CPATH") ":"
+ (string-append (getenv "C_INCLUDE_PATH") ":"
nspr "/include/nspr:"
nss "/include/nss"))
(setenv "LIBRARY_PATH"
diff --git a/gnu/packages/patches/automake-regexp-syntax.patch b/gnu/packages/patches/automake-regexp-syntax.patch
new file mode 100644
index 0000000000..2e965c8c50
--- /dev/null
+++ b/gnu/packages/patches/automake-regexp-syntax.patch
@@ -0,0 +1,34 @@
+From <https://lists.gnu.org/archive/html/automake-patches/2015-07/msg00000.html>.
+See also <http://bugs.gnu.org/22372>.
+
+From 34163794a58b5bd91c5d6bd9adf5437571c7a479 Mon Sep 17 00:00:00 2001
+From: Pavel Raiskup <praiskup@redhat.com>
+Date: Tue, 7 Jul 2015 10:54:24 +0200
+Subject: [PATCH] bin/automake: escape '{' in regexp pattern
+
+Based on perlre(1) documentation:
+.. in Perl v5.26, literal uses of a curly bracket will be required
+to be escaped, say by preceding them with a backslash ("\{" ) or
+enclosing them within square brackets ("[{]") ..
+
+References:
+https://bugzilla.redhat.com/1239379
+
+* bin/automake.in (substitute_ac_subst_variables): Escape the
+occurrence of '{' character.
+---
+ bin/automake.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bin/automake.in b/bin/automake.in
+index 0c29184..c294ced 100644
+--- a/bin/automake.in
++++ b/bin/automake.in
+@@ -3898,7 +3898,7 @@ sub substitute_ac_subst_variables_worker
+ sub substitute_ac_subst_variables
+ {
+ my ($text) = @_;
+- $text =~ s/\${([^ \t=:+{}]+)}/substitute_ac_subst_variables_worker ($1)/ge;
++ $text =~ s/\$\{([^ \t=:+{}]+)}/substitute_ac_subst_variables_worker ($1)/ge;
+ return $text;
+ }
diff --git a/gnu/packages/patches/doxygen-test.patch b/gnu/packages/patches/doxygen-test.patch
index 7a7f4e963f..5ac063adbf 100644
--- a/gnu/packages/patches/doxygen-test.patch
+++ b/gnu/packages/patches/doxygen-test.patch
@@ -31,8 +31,8 @@ diff -u -r doxygen-1.8.7.orig/testing/012/indexpage.xml doxygen-1.8.7/testing/01
<title>My Project</title>
<detaileddescription>
- <para>See <ref refid="citelist_1CITEREF_knuth79" kindref="member">[1]</ref> for more info. </para>
-+ <para>See <ref refid="citelist_1CITEREF_knuth79" kindref="member">knuth79</ref> for more info. </para>
++ <para>See knuth79 for more info. </para>
</detaileddescription>
</compounddef>
</doxygen>
-Nur in doxygen-1.8.7/testing: test_output_012.
+
diff --git a/gnu/packages/patches/doxygen-tmake.patch b/gnu/packages/patches/doxygen-tmake.patch
deleted file mode 100644
index 3579243702..0000000000
--- a/gnu/packages/patches/doxygen-tmake.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Fix the `check_unix' function, which looks for `/bin/uname' to determine
-whether we're on a Unix-like system.
-Taken from nixpkgs.
-
---- doxygen-1.5.8/tmake/bin/tmake 2008-12-06 14:16:20.000000000 +0100
-+++ doxygen-1.5.8/tmake/bin/tmake 2009-03-05 11:29:55.000000000 +0100
-@@ -234,17 +234,7 @@ sub tmake_verb {
- #
-
- sub check_unix {
-- my($r);
-- $r = 0;
-- if ( -f "/bin/uname" ) {
-- $r = 1;
-- (-f "\\bin\\uname") && ($r = 0);
-- }
-- if ( -f "/usr/bin/uname" ) {
-- $r = 1;
-- (-f "\\usr\\bin\\uname") && ($r = 0);
-- }
-- return $r;
-+ return 1;
- }
-
diff --git a/gnu/packages/patches/emacs-source-date-epoch.patch b/gnu/packages/patches/emacs-source-date-epoch.patch
new file mode 100644
index 0000000000..41c03ef514
--- /dev/null
+++ b/gnu/packages/patches/emacs-source-date-epoch.patch
@@ -0,0 +1,20 @@
+Honor SOURCE_DATE_EPOCH variable to avoid non-determinism in generated
+"autoloads" files.
+
+--- a/lisp/emacs-lisp/autoload.el
++++ b/lisp/emacs-lisp/autoload.el
+@@ -378,8 +378,12 @@
+ "Insert the section-header line,
+ which lists the file name and which functions are in it, etc."
+ (insert generate-autoload-section-header)
+- (prin1 `(autoloads ,autoloads ,load-name ,file ,time)
+- outbuf)
++ (let* ((env (getenv "SOURCE_DATE_EPOCH"))
++ (time (if env
++ (seconds-to-time (string-to-number env))
++ time)))
++ (prin1 `(autoloads ,autoloads ,load-name ,file ,time)
++ outbuf))
+ (terpri outbuf)
+ ;; Break that line at spaces, to avoid very long lines.
+ ;; Make each sub-line into a comment.
diff --git a/gnu/packages/patches/findutils-absolute-paths.patch b/gnu/packages/patches/findutils-absolute-paths.patch
deleted file mode 100644
index 96341e281f..0000000000
--- a/gnu/packages/patches/findutils-absolute-paths.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Fix use of LFS-style absolute paths.
-
-Patches from Nixpkgs by Armijn Hemel <armijn@gpl-violations.org>
-and Wouter den Breejen <uu@denbreejen.net>.
-
-diff -ruN findutils-4.2.20/locate/updatedb.sh findutils-4.2.20.new/locate/updatedb.sh
---- findutils-4.2.20/locate/updatedb.sh 2005-01-24 17:12:35.000000000 +0100
-+++ findutils-4.2.20.new/locate/updatedb.sh 2005-08-23 14:37:10.000000000 +0200
-@@ -141,7 +141,7 @@
- : ${code:=${LIBEXECDIR}/@code@}
-
-
--PATH=/bin:/usr/bin:${BINDIR}; export PATH
-+PATH=/bin:/usr/bin:${BINDIR}:${PATH}; export PATH
-
- : ${PRUNEFS="nfs NFS proc afs proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs sysfs shfs"}
-
-diff -Naur findutils-4.2.30/xargs/xargs.c findutils-4.2.30_new/xargs/xargs.c
---- findutils-4.2.30/xargs/xargs.c 2007-02-27 11:21:08.000000000 +0100
-+++ findutils-4.2.30_new/xargs/xargs.c 2007-07-17 19:02:05.000000000 +0200
-@@ -402,7 +402,7 @@
- int show_limits = 0; /* --show-limits */
- int always_run_command = 1;
- char *input_file = "-"; /* "-" is stdin */
-- char *default_cmd = "/bin/echo";
-+ char *default_cmd = "echo";
- int (*read_args) PARAMS ((void)) = read_line;
- void (*act_on_init_result)(void) = noop;
- int env_too_big = 0;
diff --git a/gnu/packages/patches/findutils-test-xargs.patch b/gnu/packages/patches/findutils-test-xargs.patch
new file mode 100644
index 0000000000..10c7bed28d
--- /dev/null
+++ b/gnu/packages/patches/findutils-test-xargs.patch
@@ -0,0 +1,22 @@
+This test relies on 'xargs' being available in $PATH, which is not
+the case when we build the initial Findutils doing bootstrapping.
+Reported at <https://savannah.gnu.org/bugs/index.php?46786>.
+
+--- findutils-4.6.0/find/testsuite/sv-34976-execdir-fd-leak.sh 2015-12-31 19:37:59.401526288 +0100
++++ findutils-4.6.0/find/testsuite/sv-34976-execdir-fd-leak.sh 2015-12-31 19:38:36.061770693 +0100
+@@ -50,13 +50,14 @@ die() {
+ # Create test files, each 98 in the directories ".", "one" and "two".
+ make_test_data() {
+ d="$1"
++ xargs="`cd ../../xargs; pwd -P`/xargs"
+ (
+ cd "$1" || exit 1
+ mkdir one two || exit 1
+ for i in ${three_to_hundred} ; do
+ printf "./%03d one/%03d two/%03d " $i $i $i
+ done \
+- | xargs touch || exit 1
++ | "$xargs" touch || exit 1
+ ) \
+ || die "failed to set up the test in ${outdir}"
+ }
diff --git a/gnu/packages/patches/flex-bison-tests.patch b/gnu/packages/patches/flex-bison-tests.patch
deleted file mode 100644
index 0f372f83bf..0000000000
--- a/gnu/packages/patches/flex-bison-tests.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-The `test-bison-yyl{loc,val}' tests fail with "conflicting types for
-'testparse'" because `YYPARSE_PARAM' is undefined; work around that.
-
---- flex-2.5.37/tests/test-bison-yylloc/main.c 2012-11-22 18:17:01.000000000 +0100
-+++ flex-2.5.37/tests/test-bison-yylloc/main.c 2012-11-22 18:17:07.000000000 +0100
-@@ -21,6 +21,7 @@
- * PURPOSE.
- */
-
-+#define YYPARSE_PARAM scanner
- #include "parser.h"
- #include "scanner.h"
-
-
---- flex-2.5.37/tests/test-bison-yylval/main.c 2012-11-22 18:17:42.000000000 +0100
-+++ flex-2.5.37/tests/test-bison-yylval/main.c 2012-11-22 18:17:49.000000000 +0100
-@@ -21,6 +21,7 @@
- * PURPOSE.
- */
-
-+#define YYPARSE_PARAM scanner
- #include "parser.h"
- #include "scanner.h"
-
diff --git a/gnu/packages/patches/gawk-fts-test.patch b/gnu/packages/patches/gawk-fts-test.patch
new file mode 100644
index 0000000000..de1f5c431c
--- /dev/null
+++ b/gnu/packages/patches/gawk-fts-test.patch
@@ -0,0 +1,51 @@
+This is upstream commit c9a018c. We have observed random failures of
+this test on i686 that seem related to load.
+
+2015-05-21 Arnold D. Robbins <arnold@skeeve.com>
+
+ * fts.awk: Really remove atime from the output.
+ This avoids spurious failures on heavily loaded systems.
+
+diff --git a/test/fts.awk b/test/fts.awk
+index b1df060..dea5b68 100644
+--- a/test/fts.awk
++++ b/test/fts.awk
+@@ -50,6 +50,11 @@ function sort_traverse(data, sorted, i)
+ {
+ asorti(data, sorted)
+ for (i = 1; i in sorted; i++) {
++ # 5/2015: skip for atime, since there can
++ # occasionally be small differences.
++ if (sorted[i] == "atime")
++ continue
++
+ indent()
+ printf("%s --> %s\n", sorted[i], data[sorted[i]]) > output
+ }
+@@ -63,17 +68,20 @@ function traverse(data, i)
+ printf("%s:\n", i) > output
+
+ Level++
+- if (("mtime" in data[i]) && ! isarray(data[i][mtime])) {
++ if (("mtime" in data[i]) && ! isarray(data[i]["mtime"])) {
+ sort_traverse(data[i])
+ } else {
+ traverse(data[i])
+ }
+ Level--
+- } else if (data[i] != "atime") {
+- # 4/2015: skip for atime, since there can
+- # occasionally be small differences.
+- indent()
+- printf("%s --> %s\n", i, data[i]) > output
++# } else {
++# JUNK = 1
++# if (i != "atime") {
++# # 4/2015: skip for atime, since there can
++# # occasionally be small differences.
++# indent()
++# printf("%s --> %s\n", i, data[i]) > output
++# }
+ }
+ }
+ }
diff --git a/gnu/packages/patches/gnutls-doc-fix.patch b/gnu/packages/patches/gnutls-doc-fix.patch
deleted file mode 100644
index 170d2468bc..0000000000
--- a/gnu/packages/patches/gnutls-doc-fix.patch
+++ /dev/null
@@ -1,546 +0,0 @@
-diff -ru gnutls-3.4.4/doc/invoke-certtool.texi gnutls-3.4.4.1/doc/invoke-certtool.texi
---- gnutls-3.4.4.1/doc/invoke-certtool.texi 2015-08-10 13:43:52.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-certtool.texi 2015-07-31 15:44:21.000000000 -0400
-@@ -41,7 +41,97 @@
-
- @exampleindent 0
- @example
--certtool is unavailable - no --help
-+certtool - GnuTLS certificate tool
-+Usage: certtool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ -V, --verbose More verbose output
-+ - may appear multiple times
-+ --infile=file Input file
-+ - file must pre-exist
-+ --outfile=str Output file
-+ -s, --generate-self-signed Generate a self-signed certificate
-+ -c, --generate-certificate Generate a signed certificate
-+ --generate-proxy Generates a proxy certificate
-+ --generate-crl Generate a CRL
-+ -u, --update-certificate Update a signed certificate
-+ -p, --generate-privkey Generate a private key
-+ -q, --generate-request Generate a PKCS #10 certificate request
-+ - prohibits the option 'infile'
-+ -e, --verify-chain Verify a PEM encoded certificate chain
-+ --verify Verify a PEM encoded certificate chain using a trusted list
-+ --verify-crl Verify a CRL using a trusted list
-+ - requires the option 'load-ca-certificate'
-+ --generate-dh-params Generate PKCS #3 encoded Diffie-Hellman parameters
-+ --get-dh-params Get the included PKCS #3 encoded Diffie-Hellman parameters
-+ --dh-info Print information PKCS #3 encoded Diffie-Hellman parameters
-+ --load-privkey=str Loads a private key file
-+ --load-pubkey=str Loads a public key file
-+ --load-request=str Loads a certificate request file
-+ --load-certificate=str Loads a certificate file
-+ --load-ca-privkey=str Loads the certificate authority's private key file
-+ --load-ca-certificate=str Loads the certificate authority's certificate file
-+ --password=str Password to use
-+ --null-password Enforce a NULL password
-+ --empty-password Enforce an empty password
-+ --hex-numbers Print big number in an easier format to parse
-+ --cprint In certain operations it prints the information in C-friendly format
-+ -i, --certificate-info Print information on the given certificate
-+ --certificate-pubkey Print certificate's public key
-+ --pgp-certificate-info Print information on the given OpenPGP certificate
-+ --pgp-ring-info Print information on the given OpenPGP keyring structure
-+ -l, --crl-info Print information on the given CRL structure
-+ --crq-info Print information on the given certificate request
-+ --no-crq-extensions Do not use extensions in certificate requests
-+ --p12-info Print information on a PKCS #12 structure
-+ --p12-name=str The PKCS #12 friendly name to use
-+ --p7-info Print information on a PKCS #7 structure
-+ --smime-to-p7 Convert S/MIME to PKCS #7 structure
-+ -k, --key-info Print information on a private key
-+ --pgp-key-info Print information on an OpenPGP private key
-+ --pubkey-info Print information on a public key
-+ --v1 Generate an X.509 version 1 certificate (with no extensions)
-+ -!, --to-p12 Generate a PKCS #12 structure
-+ - requires the option 'load-certificate'
-+ -", --to-p8 Generate a PKCS #8 structure
-+ -8, --pkcs8 Use PKCS #8 format for private keys
-+ -#, --rsa Generate RSA key
-+ -$, --dsa Generate DSA key
-+ -%, --ecc Generate ECC (ECDSA) key
-+ -&, --ecdsa an alias for the 'ecc' option
-+ -', --hash=str Hash algorithm to use for signing
-+ -(, --inder Use DER format for input certificates, private keys, and DH parameters
-+ - disabled as '--no-inder'
-+ -), --inraw an alias for the 'inder' option
-+ -*, --outder Use DER format for output certificates, private keys, and DH parameters
-+ - disabled as '--no-outder'
-+ -+, --outraw an alias for the 'outder' option
-+ -,, --bits=num Specify the number of bits for key generate
-+ --, --curve=str Specify the curve used for EC key generation
-+ -., --sec-param=str Specify the security level [low, legacy, medium, high, ultra]
-+ -/, --disable-quick-random No effect
-+ -0, --template=str Template file to use for non-interactive operation
-+ -1, --stdout-info Print information to stdout instead of stderr
-+ -2, --ask-pass Enable interaction for entering password when in batch mode.
-+ -3, --pkcs-cipher=str Cipher to use for PKCS #8 and #12 operations
-+ -4, --provider=str Specify the PKCS #11 provider library
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+
-+Tool to parse and generate X.509 certificates, requests and private keys.
-+It can be used interactively or non interactively by specifying the
-+template command line option.
-+
-+The tool accepts files or URLs supported by GnuTLS. In case PIN is
-+required for the URL access you can provide it using the environment
-+variables GNUTLS_PIN and GNUTLS_SO_PIN.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-gnutls-cli-debug.texi gnutls-3.4.4.1/doc/invoke-gnutls-cli-debug.texi
---- gnutls-3.4.4.1/doc/invoke-gnutls-cli-debug.texi 2015-08-10 13:43:50.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-gnutls-cli-debug.texi 2015-07-31 15:44:18.000000000 -0400
-@@ -40,7 +40,34 @@
-
- @exampleindent 0
- @example
--gnutls-cli-debug is unavailable - no --help
-+gnutls-cli-debug - GnuTLS debug client
-+Usage: gnutls-cli-debug [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ -V, --verbose More verbose output
-+ - may appear multiple times
-+ -p, --port=num The port to connect to
-+ - it must be in the range:
-+ 0 to 65536
-+ --app-proto=str The application protocol to be used to obtain the server's certificate
-+(https, ftp, smtp, imap)
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+Operands and options may be intermixed. They will be reordered.
-+
-+TLS debug client. It sets up multiple TLS connections to a server and
-+queries its capabilities. It was created to assist in debugging GnuTLS,
-+but it might be useful to extract a TLS server's capabilities. It connects
-+to a TLS server, performs tests and print the server's capabilities. If
-+called with the `-v' parameter more checks will be performed. Can be used
-+to check for servers with special needs or bugs.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-gnutls-cli.texi gnutls-3.4.4.1/doc/invoke-gnutls-cli.texi
---- gnutls-3.4.4.1/doc/invoke-gnutls-cli.texi 2015-08-10 13:43:49.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-gnutls-cli.texi 2015-07-31 15:44:17.000000000 -0400
-@@ -36,7 +36,95 @@
-
- @exampleindent 0
- @example
--gnutls-cli is unavailable - no --help
-+gnutls-cli - GnuTLS client
-+Usage: gnutls-cli [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [hostname]
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ -V, --verbose More verbose output
-+ - may appear multiple times
-+ --tofu Enable trust on first use authentication
-+ - disabled as '--no-tofu'
-+ --strict-tofu Fail to connect if a known certificate has changed
-+ - disabled as '--no-strict-tofu'
-+ --dane Enable DANE certificate verification (DNSSEC)
-+ - disabled as '--no-dane'
-+ --local-dns Use the local DNS server for DNSSEC resolving
-+ - disabled as '--no-local-dns'
-+ --ca-verification Disable CA certificate verification
-+ - disabled as '--no-ca-verification'
-+ - enabled by default
-+ --ocsp Enable OCSP certificate verification
-+ - disabled as '--no-ocsp'
-+ -r, --resume Establish a session and resume
-+ -e, --rehandshake Establish a session and rehandshake
-+ -s, --starttls Connect, establish a plain session and start TLS
-+ --app-proto=str an alias for the 'starttls-proto' option
-+ --starttls-proto=str The application protocol to be used to obtain the server's certificate
-+(https, ftp, smtp, imap)
-+ - prohibits the option 'starttls'
-+ -u, --udp Use DTLS (datagram TLS) over UDP
-+ --mtu=num Set MTU for datagram TLS
-+ - it must be in the range:
-+ 0 to 17000
-+ --crlf Send CR LF instead of LF
-+ --x509fmtder Use DER format for certificates to read from
-+ -f, --fingerprint Send the openpgp fingerprint, instead of the key
-+ --print-cert Print peer's certificate in PEM format
-+ --dh-bits=num The minimum number of bits allowed for DH
-+ --priority=str Priorities string
-+ --x509cafile=str Certificate file or PKCS #11 URL to use
-+ --x509crlfile=file CRL file to use
-+ - file must pre-exist
-+ --pgpkeyfile=file PGP Key file to use
-+ - file must pre-exist
-+ --pgpkeyring=file PGP Key ring file to use
-+ - file must pre-exist
-+ --pgpcertfile=file PGP Public Key (certificate) file to use
-+ - file must pre-exist
-+ --x509keyfile=str X.509 key file or PKCS #11 URL to use
-+ --x509certfile=str X.509 Certificate file or PKCS #11 URL to use
-+ --pgpsubkey=str PGP subkey to use (hex or auto)
-+ --srpusername=str SRP username to use
-+ --srppasswd=str SRP password to use
-+ --pskusername=str PSK username to use
-+ --pskkey=str PSK key (in hex) to use
-+ -p, --port=str The port or service to connect to
-+ --insecure Don't abort program if server certificate can't be validated
-+ --ranges Use length-hiding padding to prevent traffic analysis
-+ --benchmark-ciphers Benchmark individual ciphers
-+ --benchmark-tls-kx Benchmark TLS key exchange methods
-+ --benchmark-tls-ciphers Benchmark TLS ciphers
-+ -l, --list Print a list of the supported algorithms and modes
-+ - prohibits the option 'port'
-+ --noticket Don't allow session tickets
-+ -!, --srtp-profiles=str Offer SRTP profiles
-+ -", --alpn=str Application layer protocol
-+ - may appear multiple times
-+ -b, --heartbeat Activate heartbeat support
-+ -#, --recordsize=num The maximum record size to advertize
-+ - it must be in the range:
-+ 0 to 4096
-+ -$, --disable-sni Do not send a Server Name Indication (SNI)
-+ -%, --disable-extensions Disable all the TLS extensions
-+ -&, --inline-commands Inline commands of the form ^<cmd>^
-+ -', --inline-commands-prefix=str Change the default delimiter for inline commands.
-+ -(, --provider=file Specify the PKCS #11 provider library
-+ - file must pre-exist
-+ -), --fips140-mode Reports the status of the FIPS140-2 mode in gnutls library
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+Operands and options may be intermixed. They will be reordered.
-+
-+Simple client program to set up a TLS connection to some other computer. It
-+sets up a TLS connection and forwards data from the standard input to the
-+secured socket and vice versa.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-gnutls-serv.texi gnutls-3.4.4.1/doc/invoke-gnutls-serv.texi
---- gnutls-3.4.4.1/doc/invoke-gnutls-serv.texi 2015-08-10 13:43:51.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-gnutls-serv.texi 2015-07-31 15:44:20.000000000 -0400
-@@ -35,7 +35,69 @@
-
- @exampleindent 0
- @example
--gnutls-serv is unavailable - no --help
-+gnutls-serv - GnuTLS server
-+Usage: gnutls-serv [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ --noticket Don't accept session tickets
-+ -g, --generate Generate Diffie-Hellman and RSA-export parameters
-+ -q, --quiet Suppress some messages
-+ --nodb Do not use a resumption database
-+ --http Act as an HTTP server
-+ --echo Act as an Echo server
-+ -u, --udp Use DTLS (datagram TLS) over UDP
-+ --mtu=num Set MTU for datagram TLS
-+ - it must be in the range:
-+ 0 to 17000
-+ --srtp-profiles=str Offer SRTP profiles
-+ -a, --disable-client-cert Do not request a client certificate
-+ -r, --require-client-cert Require a client certificate
-+ --verify-client-cert If a client certificate is sent then verify it.
-+ -b, --heartbeat Activate heartbeat support
-+ --x509fmtder Use DER format for certificates to read from
-+ --priority=str Priorities string
-+ --dhparams=file DH params file to use
-+ - file must pre-exist
-+ --x509cafile=str Certificate file or PKCS #11 URL to use
-+ --x509crlfile=file CRL file to use
-+ - file must pre-exist
-+ --pgpkeyfile=file PGP Key file to use
-+ - file must pre-exist
-+ --pgpkeyring=file PGP Key ring file to use
-+ - file must pre-exist
-+ --pgpcertfile=file PGP Public Key (certificate) file to use
-+ - file must pre-exist
-+ --x509keyfile=str X.509 key file or PKCS #11 URL to use
-+ --x509certfile=str X.509 Certificate file or PKCS #11 URL to use
-+ --x509dsakeyfile=str Alternative X.509 key file or PKCS #11 URL to use
-+ --x509dsacertfile=str Alternative X.509 Certificate file or PKCS #11 URL to use
-+ --x509ecckeyfile=str Alternative X.509 key file or PKCS #11 URL to use
-+ --x509ecccertfile=str Alternative X.509 Certificate file or PKCS #11 URL to use
-+ --pgpsubkey=str PGP subkey to use (hex or auto)
-+ --srppasswd=file SRP password file to use
-+ - file must pre-exist
-+ --srppasswdconf=file SRP password configuration file to use
-+ - file must pre-exist
-+ --pskpasswd=file PSK password file to use
-+ - file must pre-exist
-+ --pskhint=str PSK identity hint to use
-+ --ocsp-response=file The OCSP response to send to client
-+ - file must pre-exist
-+ -p, --port=num The port to connect to
-+ -l, --list Print a list of the supported algorithms and modes
-+ --provider=file Specify the PKCS #11 provider library
-+ - file must pre-exist
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+
-+Server program that listens to incoming TLS connections.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-ocsptool.texi gnutls-3.4.4.1/doc/invoke-ocsptool.texi
---- gnutls-3.4.4.1/doc/invoke-ocsptool.texi 2015-08-10 13:43:53.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-ocsptool.texi 2015-07-31 15:44:22.000000000 -0400
-@@ -37,7 +37,53 @@
-
- @exampleindent 0
- @example
--ocsptool is unavailable - no --help
-+ocsptool - GnuTLS OCSP tool
-+Usage: ocsptool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ -V, --verbose More verbose output
-+ - may appear multiple times
-+ --infile=file Input file
-+ - file must pre-exist
-+ --outfile=str Output file
-+ --ask[=arg] Ask an OCSP/HTTP server on a certificate validity
-+ - requires these options:
-+ load-cert
-+ load-issuer
-+ -e, --verify-response Verify response
-+ -i, --request-info Print information on a OCSP request
-+ -j, --response-info Print information on a OCSP response
-+ -q, --generate-request Generate an OCSP request
-+ --nonce Use (or not) a nonce to OCSP request
-+ - disabled as '--no-nonce'
-+ --load-issuer=file Read issuer certificate from file
-+ - file must pre-exist
-+ --load-cert=file Read certificate to check from file
-+ - file must pre-exist
-+ --load-trust=file Read OCSP trust anchors from file
-+ - prohibits the option 'load-signer'
-+ - file must pre-exist
-+ --load-signer=file Read OCSP response signer from file
-+ - prohibits the option 'load-trust'
-+ - file must pre-exist
-+ --inder Use DER format for input certificates and private keys
-+ - disabled as '--no-inder'
-+ -Q, --load-request=file Read DER encoded OCSP request from file
-+ - file must pre-exist
-+ -S, --load-response=file Read DER encoded OCSP response from file
-+ - file must pre-exist
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+
-+Ocsptool is a program that can parse and print information about OCSP
-+requests/responses, generate requests and verify responses.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-p11tool.texi gnutls-3.4.4.1/doc/invoke-p11tool.texi
---- gnutls-3.4.4.1/doc/invoke-p11tool.texi 2015-08-10 13:43:58.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-p11tool.texi 2015-07-31 15:44:26.000000000 -0400
-@@ -45,7 +45,97 @@
-
- @exampleindent 0
- @example
--p11tool is unavailable - no --help
-+p11tool - GnuTLS PKCS #11 tool
-+Usage: p11tool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [url]
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ --outfile=str Output file
-+ --list-tokens List all available tokens
-+ --export Export the object specified by the URL
-+ --export-chain Export the certificate specified by the URL and its chain of trust
-+ --list-mechanisms List all available mechanisms in a token
-+ --info List information on an available object in a token
-+ --list-all List all available objects in a token
-+ --list-all-certs List all available certificates in a token
-+ --list-certs List all certificates that have an associated private key
-+ --list-all-privkeys List all available private keys in a token
-+ --list-privkeys an alias for the 'list-all-privkeys' option
-+ --list-keys an alias for the 'list-all-privkeys' option
-+ --list-all-trusted List all available certificates marked as trusted
-+ --write Writes the loaded objects to a PKCS #11 token
-+ --delete Deletes the objects matching the PKCS #11 URL
-+ --generate-random=num Generate random data
-+ --generate-rsa Generate an RSA private-public key pair
-+ --generate-dsa Generate an RSA private-public key pair
-+ --generate-ecc Generate an RSA private-public key pair
-+ --export-pubkey Export the public key for a private key
-+ --label=str Sets a label for the write operation
-+ --mark-wrap Marks the generated key to be a wrapping key
-+ - disabled as '--no-mark-wrap'
-+ --mark-trusted Marks the object to be written as trusted
-+ - disabled as '--no-mark-trusted'
-+ --mark-ca Marks the object to be written as a CA
-+ - disabled as '--no-mark-ca'
-+ --mark-private Marks the object to be written as private
-+ - disabled as '--no-mark-private'
-+ - enabled by default
-+ --trusted an alias for the 'mark-trusted' option
-+ --ca an alias for the 'mark-ca' option
-+ --private an alias for the 'mark-private' option
-+ - enabled by default
-+ --login Force (user) login to token
-+ - disabled as '--no-login'
-+ --so-login Force security officer login to token
-+ - disabled as '--no-so-login'
-+ --admin-login an alias for the 'so-login' option
-+ --detailed-url Print detailed URLs
-+ - disabled as '--no-detailed-url'
-+ -!, --secret-key=str Provide a hex encoded secret key
-+ -", --load-privkey=file Private key file to use
-+ - file must pre-exist
-+ -#, --load-pubkey=file Public key file to use
-+ - file must pre-exist
-+ -$, --load-certificate=file Certificate file to use
-+ - file must pre-exist
-+ -8, --pkcs8 Use PKCS #8 format for private keys
-+ -%, --bits=num Specify the number of bits for key generate
-+ -&, --curve=str Specify the curve used for EC key generation
-+ -', --sec-param=str Specify the security level
-+ -(, --inder Use DER/RAW format for input
-+ - disabled as '--no-inder'
-+ -), --inraw an alias for the 'inder' option
-+ -*, --outder Use DER format for output certificates, private keys, and DH parameters
-+ - disabled as '--no-outder'
-+ -+, --outraw an alias for the 'outder' option
-+ -,, --initialize Initializes a PKCS #11 token
-+ --, --set-pin=str Specify the PIN to use on token initialization
-+ -., --set-so-pin=str Specify the Security Officer's PIN to use on token initialization
-+ -/, --provider=file Specify the PKCS #11 provider library
-+ - file must pre-exist
-+ -0, --batch Disable all interaction with the tool. All parameters need to be
-+specified on command line.
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+Operands and options may be intermixed. They will be reordered.
-+
-+Program that allows operations on PKCS #11 smart cards and security
-+modules.
-+
-+To use PKCS #11 tokens with GnuTLS the p11-kit configuration files need to
-+be setup. That is create a .module file in /etc/pkcs11/modules with the
-+contents 'module: /path/to/pkcs11.so'. Alternatively the configuration
-+file /etc/gnutls/pkcs11.conf has to exist and contain a number of lines of
-+the form 'load=/usr/lib/opensc-pkcs11.so'.
-+
-+You can provide the PIN to be used for the PKCS #11 operations with the
-+environment variables GNUTLS_PIN and GNUTLS_SO_PIN.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-psktool.texi gnutls-3.4.4.1/doc/invoke-psktool.texi
---- gnutls-3.4.4.1/doc/invoke-psktool.texi 2015-08-10 13:43:57.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-psktool.texi 2015-07-31 15:44:25.000000000 -0400
-@@ -36,7 +36,27 @@
-
- @exampleindent 0
- @example
--psktool is unavailable - no --help
-+psktool - GnuTLS PSK tool
-+Usage: psktool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ -s, --keysize=num specify the key size in bytes
-+ - it must be in the range:
-+ 0 to 512
-+ -u, --username=str specify a username
-+ -p, --passwd=str specify a password file
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+
-+Program that generates random keys for use with TLS-PSK. The keys are
-+stored in hexadecimal format in a key file.
-+
- @end example
- @exampleindent 4
-
-diff -ru gnutls-3.4.4/doc/invoke-srptool.texi gnutls-3.4.4.1/doc/invoke-srptool.texi
---- gnutls-3.4.4.1/doc/invoke-srptool.texi 2015-08-10 13:43:56.000000000 -0400
-+++ gnutls-3.4.4/doc/invoke-srptool.texi 2015-07-31 15:44:24.000000000 -0400
-@@ -41,7 +41,34 @@
-
- @exampleindent 0
- @example
--srptool is unavailable - no --help
-+srptool - GnuTLS SRP tool
-+Usage: srptool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-+
-+ -d, --debug=num Enable debugging
-+ - it must be in the range:
-+ 0 to 9999
-+ -i, --index=num specify the index of the group parameters in tpasswd.conf to use
-+ -u, --username=str specify a username
-+ -p, --passwd=str specify a password file
-+ -s, --salt=num specify salt size
-+ --verify just verify the password.
-+ -v, --passwd-conf=str specify a password conf file.
-+ --create-conf=str Generate a password configuration file.
-+ -v, --version[=arg] output version information and exit
-+ -h, --help display extended usage information and exit
-+ -!, --more-help extended usage information passed thru pager
-+
-+Options are specified by doubled hyphens and their name or by a single
-+hyphen and the flag character.
-+
-+Simple program that emulates the programs in the Stanford SRP (Secure
-+Remote Password) libraries using GnuTLS. It is intended for use in places
-+where you don't expect SRP authentication to be the used for system users.
-+
-+In brief, to use SRP you need to create two files. These are the password
-+file that holds the users and the verifiers associated with them and the
-+configuration file to hold the group parameters (called tpasswd.conf).
-+
- @end example
- @exampleindent 4
-
diff --git a/gnu/packages/patches/grep-CVE-2015-1345.patch b/gnu/packages/patches/grep-CVE-2015-1345.patch
deleted file mode 100644
index b0d0c8e5dc..0000000000
--- a/gnu/packages/patches/grep-CVE-2015-1345.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Fix CVE-2015-1345. From upstream commit
-83a95bd8c8561875b948cadd417c653dbe7ef2e2
-by Yuliy Pisetsky <ypisetsky@fb.com>.
-
-diff --git a/src/kwset.c b/src/kwset.c
-index 4003c8d..376f7c3 100644
---- a/src/kwset.c
-+++ b/src/kwset.c
-@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size)
- if (! tp)
- return -1;
- tp++;
-+ if (ep <= tp)
-+ break;
- }
- }
- }
diff --git a/gnu/packages/patches/grep-timing-sensitive-test.patch b/gnu/packages/patches/grep-timing-sensitive-test.patch
new file mode 100644
index 0000000000..8cfcc848bc
--- /dev/null
+++ b/gnu/packages/patches/grep-timing-sensitive-test.patch
@@ -0,0 +1,15 @@
+Skip this performance regression test.
+
+The test measures things on the order of 20ms. On a loaded machine, we
+have seen enough variation that the test would fail.
+
+--- grep-2.22/tests/long-pattern-perf 2016-01-03 12:52:38.491575007 +0100
++++ grep-2.22/tests/long-pattern-perf 2016-01-03 12:53:39.768464687 +0100
+@@ -16,6 +16,7 @@
+ # You should have received a copy of the GNU General Public License
+ # along with this program. If not, see <http://www.gnu.org/licenses/>.
+
++exit 77
+ . "${srcdir=.}/init.sh"; path_prepend_ ../src
+
+ fail=0
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch
new file mode 100644
index 0000000000..27768fa1ac
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch
@@ -0,0 +1,34 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/925215cae26f
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
+
+# HG changeset patch
+# User Nils Ohlmeier <drno@ohlmeier.org>
+# Date 1451439902 18000
+# Node ID 925215cae26f9c0ccff07ef403a5b3194a4c45c4
+# Parent ff8e52467d793e935b80bf22a722a71a96fe2d63
+Bug 1233346 - r=ekr a=abillings
+
+diff --git a/media/mtransport/third_party/nICEr/src/stun/addrs.c b/media/mtransport/third_party/nICEr/src/stun/addrs.c
+--- a/media/mtransport/third_party/nICEr/src/stun/addrs.c
++++ b/media/mtransport/third_party/nICEr/src/stun/addrs.c
+@@ -530,16 +530,18 @@ stun_get_win32_addrs(nr_local_addr addrs
+
+ for (tmpAddress = AdapterAddresses; tmpAddress != NULL; tmpAddress = tmpAddress->Next) {
+ char *c;
+
+ if (tmpAddress->OperStatus != IfOperStatusUp)
+ continue;
+
+ snprintf(munged_ifname, IFNAMSIZ, "%S%c", tmpAddress->FriendlyName, 0);
++ munged_ifname[IFNAMSIZ-1] = '\0';
++
+ /* replace spaces with underscores */
+ c = strchr(munged_ifname, ' ');
+ while (c != NULL) {
+ *c = '_';
+ c = strchr(munged_ifname, ' ');
+ }
+ c = strchr(munged_ifname, '.');
+ while (c != NULL) {
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch
new file mode 100644
index 0000000000..fa1804eb82
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch
@@ -0,0 +1,33 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/fc78180165a8
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
+
+# HG changeset patch
+# User Karl Tomlinson <karlt+@karlt.net>
+# Date 1449117514 -46800
+# Node ID fc78180165a8262c80bbb722ed99b2e0c27b02d0
+# Parent 925215cae26f9c0ccff07ef403a5b3194a4c45c4
+bug 1223670 assert that connected streams have the same graph r=padenot a=abillings
+
+diff --git a/dom/media/MediaStreamGraph.cpp b/dom/media/MediaStreamGraph.cpp
+--- a/dom/media/MediaStreamGraph.cpp
++++ b/dom/media/MediaStreamGraph.cpp
+@@ -2696,16 +2696,17 @@ ProcessedMediaStream::AllocateInputPort(
+ unused << mPort.forget();
+ }
+ virtual void RunDuringShutdown()
+ {
+ Run();
+ }
+ nsRefPtr<MediaInputPort> mPort;
+ };
++ MOZ_ASSERT(aStream->GraphImpl() == GraphImpl());
+ nsRefPtr<MediaInputPort> port = new MediaInputPort(aStream, this, aFlags,
+ aInputNumber, aOutputNumber);
+ port->SetGraphImpl(GraphImpl());
+ GraphImpl()->AppendMessage(new Message(port));
+ return port.forget();
+ }
+
+ void
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch
new file mode 100644
index 0000000000..cf0843b8b3
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch
@@ -0,0 +1,308 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/f746c38d160e
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
+
+# HG changeset patch
+# User Karl Tomlinson <karlt+@karlt.net>
+# Date 1449764754 18000
+# Node ID f746c38d160ea29088c15cacae44f3662befaec5
+# Parent fc78180165a8262c80bbb722ed99b2e0c27b02d0
+bug 1223670 replace public constructors with fallible factory methods r=baku a=abillings
+
+diff --git a/dom/media/webaudio/AudioContext.cpp b/dom/media/webaudio/AudioContext.cpp
+--- a/dom/media/webaudio/AudioContext.cpp
++++ b/dom/media/webaudio/AudioContext.cpp
+@@ -299,32 +299,29 @@ AudioContext::CreateMediaElementSource(H
+ aRv.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
+ return nullptr;
+ }
+ #endif
+ nsRefPtr<DOMMediaStream> stream = aMediaElement.MozCaptureStream(aRv);
+ if (aRv.Failed()) {
+ return nullptr;
+ }
+- nsRefPtr<MediaElementAudioSourceNode> mediaElementAudioSourceNode =
+- new MediaElementAudioSourceNode(this, stream);
+- return mediaElementAudioSourceNode.forget();
++ return MediaElementAudioSourceNode::Create(this, stream, aRv);
+ }
+
+ already_AddRefed<MediaStreamAudioSourceNode>
+ AudioContext::CreateMediaStreamSource(DOMMediaStream& aMediaStream,
+ ErrorResult& aRv)
+ {
+ if (mIsOffline) {
+ aRv.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
+ return nullptr;
+ }
+- nsRefPtr<MediaStreamAudioSourceNode> mediaStreamAudioSourceNode =
+- new MediaStreamAudioSourceNode(this, &aMediaStream);
+- return mediaStreamAudioSourceNode.forget();
++
++ return MediaStreamAudioSourceNode::Create(this, &aMediaStream, aRv);
+ }
+
+ already_AddRefed<GainNode>
+ AudioContext::CreateGain()
+ {
+ nsRefPtr<GainNode> gainNode = new GainNode(this);
+ return gainNode.forget();
+ }
+diff --git a/dom/media/webaudio/AudioNode.cpp b/dom/media/webaudio/AudioNode.cpp
+--- a/dom/media/webaudio/AudioNode.cpp
++++ b/dom/media/webaudio/AudioNode.cpp
+@@ -61,34 +61,29 @@ AudioNode::AudioNode(AudioContext* aCont
+ ChannelInterpretation aChannelInterpretation)
+ : DOMEventTargetHelper(aContext->GetParentObject())
+ , mContext(aContext)
+ , mChannelCount(aChannelCount)
+ , mChannelCountMode(aChannelCountMode)
+ , mChannelInterpretation(aChannelInterpretation)
+ , mId(gId++)
+ , mPassThrough(false)
+-#ifdef DEBUG
+- , mDemiseNotified(false)
+-#endif
+ {
+ MOZ_ASSERT(aContext);
+ DOMEventTargetHelper::BindToOwner(aContext->GetParentObject());
+ aContext->UpdateNodeCount(1);
+ }
+
+ AudioNode::~AudioNode()
+ {
+ MOZ_ASSERT(mInputNodes.IsEmpty());
+ MOZ_ASSERT(mOutputNodes.IsEmpty());
+ MOZ_ASSERT(mOutputParams.IsEmpty());
+-#ifdef DEBUG
+- MOZ_ASSERT(mDemiseNotified,
++ MOZ_ASSERT(!mStream,
+ "The webaudio-node-demise notification must have been sent");
+-#endif
+ if (mContext) {
+ mContext->UpdateNodeCount(-1);
+ }
+ }
+
+ size_t
+ AudioNode::SizeOfExcludingThis(MallocSizeOf aMallocSizeOf) const
+ {
+@@ -399,19 +394,16 @@ AudioNode::DestroyMediaStream()
+ mStream = nullptr;
+
+ nsCOMPtr<nsIObserverService> obs = services::GetObserverService();
+ if (obs) {
+ nsAutoString id;
+ id.AppendPrintf("%u", mId);
+ obs->NotifyObservers(nullptr, "webaudio-node-demise", id.get());
+ }
+-#ifdef DEBUG
+- mDemiseNotified = true;
+-#endif
+ }
+ }
+
+ void
+ AudioNode::RemoveOutputParam(AudioParam* aParam)
+ {
+ mOutputParams.RemoveElement(aParam);
+ }
+diff --git a/dom/media/webaudio/AudioNode.h b/dom/media/webaudio/AudioNode.h
+--- a/dom/media/webaudio/AudioNode.h
++++ b/dom/media/webaudio/AudioNode.h
+@@ -239,19 +239,14 @@ private:
+ nsTArray<nsRefPtr<AudioParam> > mOutputParams;
+ uint32_t mChannelCount;
+ ChannelCountMode mChannelCountMode;
+ ChannelInterpretation mChannelInterpretation;
+ const uint32_t mId;
+ // Whether the node just passes through its input. This is a devtools API that
+ // only works for some node types.
+ bool mPassThrough;
+-#ifdef DEBUG
+- // In debug builds, check to make sure that the node demise notification has
+- // been properly sent before the node is destroyed.
+- bool mDemiseNotified;
+-#endif
+ };
+
+ }
+ }
+
+ #endif
+diff --git a/dom/media/webaudio/MediaElementAudioSourceNode.cpp b/dom/media/webaudio/MediaElementAudioSourceNode.cpp
+--- a/dom/media/webaudio/MediaElementAudioSourceNode.cpp
++++ b/dom/media/webaudio/MediaElementAudioSourceNode.cpp
+@@ -5,22 +5,36 @@
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ #include "MediaElementAudioSourceNode.h"
+ #include "mozilla/dom/MediaElementAudioSourceNodeBinding.h"
+
+ namespace mozilla {
+ namespace dom {
+
+-MediaElementAudioSourceNode::MediaElementAudioSourceNode(AudioContext* aContext,
+- DOMMediaStream* aStream)
+- : MediaStreamAudioSourceNode(aContext, aStream)
++MediaElementAudioSourceNode::MediaElementAudioSourceNode(AudioContext* aContext)
++ : MediaStreamAudioSourceNode(aContext)
+ {
+ }
+
++/* static */ already_AddRefed<MediaElementAudioSourceNode>
++MediaElementAudioSourceNode::Create(AudioContext* aContext,
++ DOMMediaStream* aStream, ErrorResult& aRv)
++{
++ nsRefPtr<MediaElementAudioSourceNode> node =
++ new MediaElementAudioSourceNode(aContext);
++
++ node->Init(aStream, aRv);
++ if (aRv.Failed()) {
++ return nullptr;
++ }
++
++ return node.forget();
++}
++
+ JSObject*
+ MediaElementAudioSourceNode::WrapObject(JSContext* aCx)
+ {
+ return MediaElementAudioSourceNodeBinding::Wrap(aCx, this);
+ }
+
+ }
+ }
+diff --git a/dom/media/webaudio/MediaElementAudioSourceNode.h b/dom/media/webaudio/MediaElementAudioSourceNode.h
+--- a/dom/media/webaudio/MediaElementAudioSourceNode.h
++++ b/dom/media/webaudio/MediaElementAudioSourceNode.h
+@@ -10,28 +10,30 @@
+ #include "MediaStreamAudioSourceNode.h"
+
+ namespace mozilla {
+ namespace dom {
+
+ class MediaElementAudioSourceNode : public MediaStreamAudioSourceNode
+ {
+ public:
+- MediaElementAudioSourceNode(AudioContext* aContext,
+- DOMMediaStream* aStream);
++ static already_AddRefed<MediaElementAudioSourceNode>
++ Create(AudioContext* aContext, DOMMediaStream* aStream, ErrorResult& aRv);
+
+ virtual JSObject* WrapObject(JSContext* aCx) override;
+
+ virtual const char* NodeType() const override
+ {
+ return "MediaElementAudioSourceNode";
+ }
+
+ virtual size_t SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) const override
+ {
+ return aMallocSizeOf(this) + SizeOfExcludingThis(aMallocSizeOf);
+ }
++private:
++ explicit MediaElementAudioSourceNode(AudioContext* aContext);
+ };
+
+ }
+ }
+
+ #endif
+diff --git a/dom/media/webaudio/MediaStreamAudioSourceNode.cpp b/dom/media/webaudio/MediaStreamAudioSourceNode.cpp
+--- a/dom/media/webaudio/MediaStreamAudioSourceNode.cpp
++++ b/dom/media/webaudio/MediaStreamAudioSourceNode.cpp
+@@ -25,26 +25,45 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_
+ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END
+
+ NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION_INHERITED(MediaStreamAudioSourceNode)
+ NS_INTERFACE_MAP_END_INHERITING(AudioNode)
+
+ NS_IMPL_ADDREF_INHERITED(MediaStreamAudioSourceNode, AudioNode)
+ NS_IMPL_RELEASE_INHERITED(MediaStreamAudioSourceNode, AudioNode)
+
+-MediaStreamAudioSourceNode::MediaStreamAudioSourceNode(AudioContext* aContext,
+- DOMMediaStream* aMediaStream)
++MediaStreamAudioSourceNode::MediaStreamAudioSourceNode(AudioContext* aContext)
+ : AudioNode(aContext,
+ 2,
+ ChannelCountMode::Max,
+- ChannelInterpretation::Speakers),
+- mInputStream(aMediaStream)
++ ChannelInterpretation::Speakers)
+ {
++}
++
++/* static */ already_AddRefed<MediaStreamAudioSourceNode>
++MediaStreamAudioSourceNode::Create(AudioContext* aContext,
++ DOMMediaStream* aStream, ErrorResult& aRv)
++{
++ nsRefPtr<MediaStreamAudioSourceNode> node =
++ new MediaStreamAudioSourceNode(aContext);
++
++ node->Init(aStream, aRv);
++ if (aRv.Failed()) {
++ return nullptr;
++ }
++
++ return node.forget();
++}
++
++void
++MediaStreamAudioSourceNode::Init(DOMMediaStream* aMediaStream, ErrorResult& aRv)
++{
++ mInputStream = aMediaStream;
+ AudioNodeEngine* engine = new MediaStreamAudioSourceNodeEngine(this);
+- mStream = aContext->Graph()->CreateAudioNodeExternalInputStream(engine);
++ mStream = Context()->Graph()->CreateAudioNodeExternalInputStream(engine);
+ ProcessedMediaStream* outputStream = static_cast<ProcessedMediaStream*>(mStream.get());
+ mInputPort = outputStream->AllocateInputPort(aMediaStream->GetStream(),
+ MediaInputPort::FLAG_BLOCK_INPUT);
+ mInputStream->AddConsumerToKeepAlive(static_cast<nsIDOMEventTarget*>(this));
+
+ PrincipalChanged(mInputStream); // trigger enabling/disabling of the connector
+ mInputStream->AddPrincipalChangeObserver(this);
+ }
+diff --git a/dom/media/webaudio/MediaStreamAudioSourceNode.h b/dom/media/webaudio/MediaStreamAudioSourceNode.h
+--- a/dom/media/webaudio/MediaStreamAudioSourceNode.h
++++ b/dom/media/webaudio/MediaStreamAudioSourceNode.h
+@@ -38,17 +38,18 @@ public:
+ private:
+ bool mEnabled;
+ };
+
+ class MediaStreamAudioSourceNode : public AudioNode,
+ public DOMMediaStream::PrincipalChangeObserver
+ {
+ public:
+- MediaStreamAudioSourceNode(AudioContext* aContext, DOMMediaStream* aMediaStream);
++ static already_AddRefed<MediaStreamAudioSourceNode>
++ Create(AudioContext* aContext, DOMMediaStream* aStream, ErrorResult& aRv);
+
+ NS_DECL_ISUPPORTS_INHERITED
+ NS_DECL_CYCLE_COLLECTION_CLASS_INHERITED(MediaStreamAudioSourceNode, AudioNode)
+
+ virtual JSObject* WrapObject(JSContext* aCx) override;
+
+ virtual void DestroyMediaStream() override;
+
+@@ -60,16 +61,18 @@ public:
+ }
+
+ virtual size_t SizeOfExcludingThis(MallocSizeOf aMallocSizeOf) const override;
+ virtual size_t SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) const override;
+
+ virtual void PrincipalChanged(DOMMediaStream* aMediaStream) override;
+
+ protected:
++ explicit MediaStreamAudioSourceNode(AudioContext* aContext);
++ void Init(DOMMediaStream* aMediaStream, ErrorResult& aRv);
+ virtual ~MediaStreamAudioSourceNode();
+
+ private:
+ nsRefPtr<MediaInputPort> mInputPort;
+ nsRefPtr<DOMMediaStream> mInputStream;
+ };
+
+ }
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch
new file mode 100644
index 0000000000..b212a70d4a
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch
@@ -0,0 +1,47 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/6d43ff33bd55
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
+
+# HG changeset patch
+# User Karl Tomlinson <karlt+@karlt.net>
+# Date 1451362442 -46800
+# Node ID 6d43ff33bd552b8f7a34e4105cf5bcc0a8c8ea8c
+# Parent f746c38d160ea29088c15cacae44f3662befaec5
+bug 1223670 throw not supported when creating a node from a stream with different channel r=baku a=abillings
+
+diff --git a/dom/media/webaudio/MediaStreamAudioSourceNode.cpp b/dom/media/webaudio/MediaStreamAudioSourceNode.cpp
+--- a/dom/media/webaudio/MediaStreamAudioSourceNode.cpp
++++ b/dom/media/webaudio/MediaStreamAudioSourceNode.cpp
+@@ -51,21 +51,29 @@ MediaStreamAudioSourceNode::Create(Audio
+ }
+
+ return node.forget();
+ }
+
+ void
+ MediaStreamAudioSourceNode::Init(DOMMediaStream* aMediaStream, ErrorResult& aRv)
+ {
++ MOZ_ASSERT(aMediaStream);
++ MediaStream* inputStream = aMediaStream->GetStream();
++ MediaStreamGraph* graph = Context()->Graph();
++ if (NS_WARN_IF(graph != inputStream->Graph())) {
++ aRv.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
++ return;
++ }
++
+ mInputStream = aMediaStream;
+ AudioNodeEngine* engine = new MediaStreamAudioSourceNodeEngine(this);
+- mStream = Context()->Graph()->CreateAudioNodeExternalInputStream(engine);
++ mStream = graph->CreateAudioNodeExternalInputStream(engine);
+ ProcessedMediaStream* outputStream = static_cast<ProcessedMediaStream*>(mStream.get());
+- mInputPort = outputStream->AllocateInputPort(aMediaStream->GetStream(),
++ mInputPort = outputStream->AllocateInputPort(inputStream,
+ MediaInputPort::FLAG_BLOCK_INPUT);
+ mInputStream->AddConsumerToKeepAlive(static_cast<nsIDOMEventTarget*>(this));
+
+ PrincipalChanged(mInputStream); // trigger enabling/disabling of the connector
+ mInputStream->AddPrincipalChangeObserver(this);
+ }
+
+ MediaStreamAudioSourceNode::~MediaStreamAudioSourceNode()
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch
new file mode 100644
index 0000000000..3e62c9c5f1
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch
@@ -0,0 +1,51 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/4f6e81673f69
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
+
+# HG changeset patch
+# User Karl Tomlinson <karlt+@karlt.net>
+# Date 1449145091 -46800
+# Node ID 4f6e81673f6938719c86516606f2fda493e8c23c
+# Parent 6d43ff33bd552b8f7a34e4105cf5bcc0a8c8ea8c
+bug 1223670 make SetMozAudioChannelType() private because the type will not change after construction r=baku a=abillings
+
+diff --git a/dom/media/webaudio/AudioDestinationNode.h b/dom/media/webaudio/AudioDestinationNode.h
+--- a/dom/media/webaudio/AudioDestinationNode.h
++++ b/dom/media/webaudio/AudioDestinationNode.h
+@@ -57,17 +57,16 @@ public:
+ void StartRendering(Promise* aPromise);
+
+ void OfflineShutdown();
+
+ // nsIDOMEventListener - by proxy
+ NS_IMETHOD HandleEvent(nsIDOMEvent* aEvent) override;
+
+ AudioChannel MozAudioChannelType() const;
+- void SetMozAudioChannelType(AudioChannel aValue, ErrorResult& aRv);
+
+ virtual void NotifyMainThreadStateChanged() override;
+ void FireOfflineCompletionEvent();
+
+ // An amount that should be added to the MediaStream's current time to
+ // get the AudioContext.currentTime.
+ double ExtraCurrentTime();
+
+@@ -86,16 +85,17 @@ public:
+
+ void InputMuted(bool aInputMuted);
+ void ResolvePromise(AudioBuffer* aRenderedBuffer);
+
+ protected:
+ virtual ~AudioDestinationNode();
+
+ private:
++ void SetMozAudioChannelType(AudioChannel aValue, ErrorResult& aRv);
+ bool CheckAudioChannelPermissions(AudioChannel aValue);
+
+ void SetCanPlay(bool aCanPlay);
+
+ void NotifyStableState();
+ void ScheduleStableStateNotification();
+
+ SelfReference<AudioDestinationNode> mOfflineRenderingRef;
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch
new file mode 100644
index 0000000000..ec1f479ee4
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch
@@ -0,0 +1,170 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/93617c30c0df
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
+
+# HG changeset patch
+# User Lee Salzman <lsalzman@mozilla.com>
+# Date 1451932822 18000
+# Node ID 93617c30c0df35f719dead526b78649d564f5ac3
+# Parent 4f6e81673f6938719c86516606f2fda493e8c23c
+Bug 1230686 - use RefPtr<DrawTarget>& instead of DrawTarget* to track changes in SurfaceFromElement a=ritu
+
+diff --git a/layout/base/nsLayoutUtils.cpp b/layout/base/nsLayoutUtils.cpp
+--- a/layout/base/nsLayoutUtils.cpp
++++ b/layout/base/nsLayoutUtils.cpp
+@@ -6494,17 +6494,17 @@ nsLayoutUtils::IsReallyFixedPos(nsIFrame
+ nsIAtom *parentType = aFrame->GetParent()->GetType();
+ return parentType == nsGkAtoms::viewportFrame ||
+ parentType == nsGkAtoms::pageContentFrame;
+ }
+
+ nsLayoutUtils::SurfaceFromElementResult
+ nsLayoutUtils::SurfaceFromElement(nsIImageLoadingContent* aElement,
+ uint32_t aSurfaceFlags,
+- DrawTarget* aTarget)
++ RefPtr<DrawTarget>& aTarget)
+ {
+ SurfaceFromElementResult result;
+ nsresult rv;
+
+ nsCOMPtr<imgIRequest> imgRequest;
+ rv = aElement->GetRequest(nsIImageLoadingContent::CURRENT_REQUEST,
+ getter_AddRefs(imgRequest));
+ if (NS_FAILED(rv) || !imgRequest)
+@@ -6586,41 +6586,41 @@ nsLayoutUtils::SurfaceFromElement(nsIIma
+ result.mImageRequest = imgRequest.forget();
+
+ return result;
+ }
+
+ nsLayoutUtils::SurfaceFromElementResult
+ nsLayoutUtils::SurfaceFromElement(HTMLImageElement *aElement,
+ uint32_t aSurfaceFlags,
+- DrawTarget* aTarget)
++ RefPtr<DrawTarget>& aTarget)
+ {
+ return SurfaceFromElement(static_cast<nsIImageLoadingContent*>(aElement),
+ aSurfaceFlags, aTarget);
+ }
+
+ nsLayoutUtils::SurfaceFromElementResult
+ nsLayoutUtils::SurfaceFromElement(HTMLCanvasElement* aElement,
+ uint32_t aSurfaceFlags,
+- DrawTarget* aTarget)
++ RefPtr<DrawTarget>& aTarget)
+ {
+ SurfaceFromElementResult result;
+
+ bool* isPremultiplied = nullptr;
+ if (aSurfaceFlags & SFE_PREFER_NO_PREMULTIPLY_ALPHA) {
+ isPremultiplied = &result.mIsPremultiplied;
+ }
+
+ gfxIntSize size = aElement->GetSize();
+
+ result.mSourceSurface = aElement->GetSurfaceSnapshot(isPremultiplied);
+ if (!result.mSourceSurface) {
+ // If the element doesn't have a context then we won't get a snapshot. The canvas spec wants us to not error and just
+ // draw nothing, so return an empty surface.
+- DrawTarget *ref = aTarget ? aTarget : gfxPlatform::GetPlatform()->ScreenReferenceDrawTarget();
++ DrawTarget *ref = aTarget ? aTarget.get() : gfxPlatform::GetPlatform()->ScreenReferenceDrawTarget();
+ RefPtr<DrawTarget> dt = ref->CreateSimilarDrawTarget(IntSize(size.width, size.height),
+ SurfaceFormat::B8G8R8A8);
+ if (dt) {
+ result.mSourceSurface = dt->Snapshot();
+ }
+ } else if (aTarget) {
+ RefPtr<SourceSurface> opt = aTarget->OptimizeSourceSurface(result.mSourceSurface);
+ if (opt) {
+@@ -6637,17 +6637,17 @@ nsLayoutUtils::SurfaceFromElement(HTMLCa
+ result.mIsWriteOnly = aElement->IsWriteOnly();
+
+ return result;
+ }
+
+ nsLayoutUtils::SurfaceFromElementResult
+ nsLayoutUtils::SurfaceFromElement(HTMLVideoElement* aElement,
+ uint32_t aSurfaceFlags,
+- DrawTarget* aTarget)
++ RefPtr<DrawTarget>& aTarget)
+ {
+ SurfaceFromElementResult result;
+
+ NS_WARN_IF_FALSE((aSurfaceFlags & SFE_PREFER_NO_PREMULTIPLY_ALPHA) == 0, "We can't support non-premultiplied alpha for video!");
+
+ #ifdef MOZ_EME
+ if (aElement->ContainsRestrictedContent()) {
+ return result;
+@@ -6689,17 +6689,17 @@ nsLayoutUtils::SurfaceFromElement(HTMLVi
+ result.mIsWriteOnly = false;
+
+ return result;
+ }
+
+ nsLayoutUtils::SurfaceFromElementResult
+ nsLayoutUtils::SurfaceFromElement(dom::Element* aElement,
+ uint32_t aSurfaceFlags,
+- DrawTarget* aTarget)
++ RefPtr<DrawTarget>& aTarget)
+ {
+ // If it's a <canvas>, we may be able to just grab its internal surface
+ if (HTMLCanvasElement* canvas =
+ HTMLCanvasElement::FromContentOrNull(aElement)) {
+ return SurfaceFromElement(canvas, aSurfaceFlags, aTarget);
+ }
+
+ // Maybe it's <video>?
+diff --git a/layout/base/nsLayoutUtils.h b/layout/base/nsLayoutUtils.h
+--- a/layout/base/nsLayoutUtils.h
++++ b/layout/base/nsLayoutUtils.h
+@@ -2018,33 +2018,39 @@ public:
+ bool mIsStillLoading;
+ /* Whether the element used CORS when loading. */
+ bool mCORSUsed;
+ /* Whether the returned image contains premultiplied pixel data */
+ bool mIsPremultiplied;
+ };
+
+ static SurfaceFromElementResult SurfaceFromElement(mozilla::dom::Element *aElement,
+- uint32_t aSurfaceFlags = 0,
+- DrawTarget *aTarget = nullptr);
++ uint32_t aSurfaceFlags,
++ mozilla::RefPtr<DrawTarget>& aTarget);
++ static SurfaceFromElementResult SurfaceFromElement(mozilla::dom::Element *aElement,
++ uint32_t aSurfaceFlags = 0) {
++ mozilla::RefPtr<DrawTarget> target = nullptr;
++ return SurfaceFromElement(aElement, aSurfaceFlags, target);
++ }
++
+ static SurfaceFromElementResult SurfaceFromElement(nsIImageLoadingContent *aElement,
+- uint32_t aSurfaceFlags = 0,
+- DrawTarget *aTarget = nullptr);
++ uint32_t aSurfaceFlags,
++ mozilla::RefPtr<DrawTarget>& aTarget);
+ // Need an HTMLImageElement overload, because otherwise the
+ // nsIImageLoadingContent and mozilla::dom::Element overloads are ambiguous
+ // for HTMLImageElement.
+ static SurfaceFromElementResult SurfaceFromElement(mozilla::dom::HTMLImageElement *aElement,
+- uint32_t aSurfaceFlags = 0,
+- DrawTarget *aTarget = nullptr);
++ uint32_t aSurfaceFlags,
++ mozilla::RefPtr<DrawTarget>& aTarget);
+ static SurfaceFromElementResult SurfaceFromElement(mozilla::dom::HTMLCanvasElement *aElement,
+- uint32_t aSurfaceFlags = 0,
+- DrawTarget *aTarget = nullptr);
++ uint32_t aSurfaceFlags,
++ mozilla::RefPtr<DrawTarget>& aTarget);
+ static SurfaceFromElementResult SurfaceFromElement(mozilla::dom::HTMLVideoElement *aElement,
+- uint32_t aSurfaceFlags = 0,
+- DrawTarget *aTarget = nullptr);
++ uint32_t aSurfaceFlags,
++ mozilla::RefPtr<DrawTarget>& aTarget);
+
+ /**
+ * When the document is editable by contenteditable attribute of its root
+ * content or body content.
+ *
+ * Be aware, this returns nullptr if it's in designMode.
+ *
+ * For example:
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch
new file mode 100644
index 0000000000..4f349747c0
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch
@@ -0,0 +1,56 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/750e4cfc90f8
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
+
+# HG changeset patch
+# User Jan de Mooij <jdemooij@mozilla.com>
+# Date 1451478493 -3600
+# Node ID 750e4cfc90f80df657e44c9c63b1865023d88682
+# Parent 93617c30c0df35f719dead526b78649d564f5ac3
+Bug 1233152 - Use PersistentRooted for ParseTask script and sourceObject. r=terrence a=abillings
+
+diff --git a/js/src/vm/HelperThreads.cpp b/js/src/vm/HelperThreads.cpp
+--- a/js/src/vm/HelperThreads.cpp
++++ b/js/src/vm/HelperThreads.cpp
+@@ -198,17 +198,17 @@ static const JSClass parseTaskGlobalClas
+
+ ParseTask::ParseTask(ExclusiveContext* cx, JSObject* exclusiveContextGlobal, JSContext* initCx,
+ const char16_t* chars, size_t length,
+ JS::OffThreadCompileCallback callback, void* callbackData)
+ : cx(cx), options(initCx), chars(chars), length(length),
+ alloc(JSRuntime::TEMP_LIFO_ALLOC_PRIMARY_CHUNK_SIZE),
+ exclusiveContextGlobal(initCx, exclusiveContextGlobal),
+ callback(callback), callbackData(callbackData),
+- script(nullptr), errors(cx), overRecursed(false)
++ script(initCx->runtime(), nullptr), errors(cx), overRecursed(false)
+ {
+ }
+
+ bool
+ ParseTask::init(JSContext* cx, const ReadOnlyCompileOptions& options)
+ {
+ if (!this->options.copy(cx, options))
+ return false;
+diff --git a/js/src/vm/HelperThreads.h b/js/src/vm/HelperThreads.h
+--- a/js/src/vm/HelperThreads.h
++++ b/js/src/vm/HelperThreads.h
+@@ -472,17 +472,17 @@ struct ParseTask
+
+ // Callback invoked off the main thread when the parse finishes.
+ JS::OffThreadCompileCallback callback;
+ void* callbackData;
+
+ // Holds the final script between the invocation of the callback and the
+ // point where FinishOffThreadScript is called, which will destroy the
+ // ParseTask.
+- JSScript* script;
++ PersistentRootedScript script;
+
+ // Any errors or warnings produced during compilation. These are reported
+ // when finishing the script.
+ Vector<frontend::CompileError*> errors;
+ bool overRecursed;
+
+ ParseTask(ExclusiveContext* cx, JSObject* exclusiveContextGlobal,
+ JSContext* initCx, const char16_t* chars, size_t length,
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch
new file mode 100644
index 0000000000..406ce1bf2b
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch
@@ -0,0 +1,48 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/4444e94a99cb
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
+
+# HG changeset patch
+# User Jan de Mooij <jdemooij@mozilla.com>
+# Date 1451478429 -3600
+# Node ID 4444e94a99cb9b00c0351cc8bf5459739cc036a5
+# Parent 750e4cfc90f80df657e44c9c63b1865023d88682
+Bug 1221385 - Handle OOM during JitRuntime initialization a bit better. r=bhackett a=abillings
+
+diff --git a/js/src/jscompartment.cpp b/js/src/jscompartment.cpp
+--- a/js/src/jscompartment.cpp
++++ b/js/src/jscompartment.cpp
+@@ -138,28 +138,20 @@ JSRuntime::createJitRuntime(JSContext* c
+
+ // Protect jitRuntime_ from being observed (by InterruptRunningJitCode)
+ // while it is being initialized. Unfortunately, initialization depends on
+ // jitRuntime_ being non-null, so we can't just wait to assign jitRuntime_.
+ JitRuntime::AutoMutateBackedges amb(jrt);
+ jitRuntime_ = jrt;
+
+ if (!jitRuntime_->initialize(cx)) {
+- js_ReportOutOfMemory(cx);
+-
+- js_delete(jitRuntime_);
+- jitRuntime_ = nullptr;
+-
+- JSCompartment* comp = cx->runtime()->atomsCompartment();
+- if (comp->jitCompartment_) {
+- js_delete(comp->jitCompartment_);
+- comp->jitCompartment_ = nullptr;
+- }
+-
+- return nullptr;
++ // Handling OOM here is complicated: if we delete jitRuntime_ now, we
++ // will destroy the ExecutableAllocator, even though there may still be
++ // JitCode instances holding references to ExecutablePools.
++ CrashAtUnhandlableOOM("OOM in createJitRuntime");
+ }
+
+ return jitRuntime_;
+ }
+
+ bool
+ JSCompartment::ensureJitCompartmentExists(JSContext* cx)
+ {
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch
new file mode 100644
index 0000000000..e87b95f729
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch
@@ -0,0 +1,189 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/f31d643afd41
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
+
+# HG changeset patch
+# User Jan de Mooij <jdemooij@mozilla.com>
+# Date 1452110721 -3600
+# Node ID f31d643afd4159b5422ae5aebcbbea0a088e018e
+# Parent 4444e94a99cb9b00c0351cc8bf5459739cc036a5
+Bug 1233925 - Treat functions with rest more like functions with lazy arguments. r=nbp a=ritu
+
+diff --git a/js/src/jit/BacktrackingAllocator.cpp b/js/src/jit/BacktrackingAllocator.cpp
+--- a/js/src/jit/BacktrackingAllocator.cpp
++++ b/js/src/jit/BacktrackingAllocator.cpp
+@@ -201,20 +201,19 @@ BacktrackingAllocator::tryGroupRegisters
+ // constructor calling convention.
+ if (IsThisSlotDefinition(reg0->def()) || IsThisSlotDefinition(reg1->def())) {
+ if (*reg0->def()->output() != *reg1->def()->output())
+ return true;
+ }
+
+ // Registers which might spill to the frame's argument slots can only be
+ // grouped with other such registers if the frame might access those
+- // arguments through a lazy arguments object.
++ // arguments through a lazy arguments object or rest parameter.
+ if (IsArgumentSlotDefinition(reg0->def()) || IsArgumentSlotDefinition(reg1->def())) {
+- JSScript* script = graph.mir().entryBlock()->info().script();
+- if (script && script->argumentsAliasesFormals()) {
++ if (graph.mir().entryBlock()->info().mayReadFrameArgsDirectly()) {
+ if (*reg0->def()->output() != *reg1->def()->output())
+ return true;
+ }
+ }
+
+ VirtualRegisterGroup* group0 = reg0->group(), *group1 = reg1->group();
+
+ if (!group0 && group1)
+diff --git a/js/src/jit/CompileInfo.h b/js/src/jit/CompileInfo.h
+--- a/js/src/jit/CompileInfo.h
++++ b/js/src/jit/CompileInfo.h
+@@ -194,16 +194,17 @@ enum AnalysisMode {
+ class CompileInfo
+ {
+ public:
+ CompileInfo(JSScript* script, JSFunction* fun, jsbytecode* osrPc, bool constructing,
+ AnalysisMode analysisMode, bool scriptNeedsArgsObj,
+ InlineScriptTree* inlineScriptTree)
+ : script_(script), fun_(fun), osrPc_(osrPc), constructing_(constructing),
+ analysisMode_(analysisMode), scriptNeedsArgsObj_(scriptNeedsArgsObj),
++ mayReadFrameArgsDirectly_(script->mayReadFrameArgsDirectly()),
+ inlineScriptTree_(inlineScriptTree)
+ {
+ MOZ_ASSERT_IF(osrPc, JSOp(*osrPc) == JSOP_LOOPENTRY);
+
+ // The function here can flow in from anywhere so look up the canonical
+ // function to ensure that we do not try to embed a nursery pointer in
+ // jit-code. Precisely because it can flow in from anywhere, it's not
+ // guaranteed to be non-lazy. Hence, don't access its script!
+@@ -222,17 +223,17 @@ class CompileInfo
+ fixedLexicalBegin_ = script->fixedLexicalBegin();
+ nstack_ = script->nslots() - script->nfixed();
+ nslots_ = nimplicit_ + nargs_ + nlocals_ + nstack_;
+ }
+
+ explicit CompileInfo(unsigned nlocals)
+ : script_(nullptr), fun_(nullptr), osrPc_(nullptr), osrStaticScope_(nullptr),
+ constructing_(false), analysisMode_(Analysis_None), scriptNeedsArgsObj_(false),
+- inlineScriptTree_(nullptr)
++ mayReadFrameArgsDirectly_(false), inlineScriptTree_(nullptr)
+ {
+ nimplicit_ = 0;
+ nargs_ = 0;
+ nbodyfixed_ = 0;
+ nlocals_ = nlocals;
+ nstack_ = 1; /* For FunctionCompiler::pushPhiInput/popPhiOutput */
+ nslots_ = nlocals_ + nstack_;
+ fixedLexicalBegin_ = nlocals;
+@@ -539,16 +540,20 @@ class CompileInfo
+ return false;
+
+ if (needsArgsObj() && isObservableArgumentSlot(slot))
+ return false;
+
+ return true;
+ }
+
++ bool mayReadFrameArgsDirectly() const {
++ return mayReadFrameArgsDirectly_;
++ }
++
+ private:
+ unsigned nimplicit_;
+ unsigned nargs_;
+ unsigned nbodyfixed_;
+ unsigned nlocals_;
+ unsigned nstack_;
+ unsigned nslots_;
+ unsigned fixedLexicalBegin_;
+@@ -559,15 +564,17 @@ class CompileInfo
+ bool constructing_;
+ AnalysisMode analysisMode_;
+
+ // Whether a script needs an arguments object is unstable over compilation
+ // since the arguments optimization could be marked as failed on the main
+ // thread, so cache a value here and use it throughout for consistency.
+ bool scriptNeedsArgsObj_;
+
++ bool mayReadFrameArgsDirectly_;
++
+ InlineScriptTree* inlineScriptTree_;
+ };
+
+ } // namespace jit
+ } // namespace js
+
+ #endif /* jit_CompileInfo_h */
+diff --git a/js/src/jit/JitFrames.cpp b/js/src/jit/JitFrames.cpp
+--- a/js/src/jit/JitFrames.cpp
++++ b/js/src/jit/JitFrames.cpp
+@@ -1002,17 +1002,17 @@ MarkThisAndArguments(JSTracer* trc, JitF
+ // formal arguments is taken care of by the frame's safepoint/snapshot,
+ // except when the script's lazy arguments object aliases those formals,
+ // in which case we mark them as well.
+
+ size_t nargs = layout->numActualArgs();
+ size_t nformals = 0;
+ if (CalleeTokenIsFunction(layout->calleeToken())) {
+ JSFunction* fun = CalleeTokenToFunction(layout->calleeToken());
+- nformals = fun->nonLazyScript()->argumentsAliasesFormals() ? 0 : fun->nargs();
++ nformals = fun->nonLazyScript()->mayReadFrameArgsDirectly() ? 0 : fun->nargs();
+ }
+
+ Value* argv = layout->argv();
+
+ // Trace |this|.
+ gc::MarkValueRoot(trc, argv, "ion-thisv");
+
+ // Trace actual arguments beyond the formals. Note + 1 for thisv.
+diff --git a/js/src/jsscript.cpp b/js/src/jsscript.cpp
+--- a/js/src/jsscript.cpp
++++ b/js/src/jsscript.cpp
+@@ -3894,16 +3894,22 @@ JSScript::hasLoops()
+ JSTryNote* tnlimit = tn + trynotes()->length;
+ for (; tn < tnlimit; tn++) {
+ if (tn->kind == JSTRY_FOR_IN || tn->kind == JSTRY_LOOP)
+ return true;
+ }
+ return false;
+ }
+
++bool
++JSScript::mayReadFrameArgsDirectly()
++{
++ return argumentsHasVarBinding() || (function_ && function_->hasRest());
++}
++
+ static inline void
+ LazyScriptHash(uint32_t lineno, uint32_t column, uint32_t begin, uint32_t end,
+ HashNumber hashes[3])
+ {
+ HashNumber hash = lineno;
+ hash = RotateLeft(hash, 4) ^ column;
+ hash = RotateLeft(hash, 4) ^ begin;
+ hash = RotateLeft(hash, 4) ^ end;
+diff --git a/js/src/jsscript.h b/js/src/jsscript.h
+--- a/js/src/jsscript.h
++++ b/js/src/jsscript.h
+@@ -1397,16 +1397,20 @@ class JSScript : public js::gc::TenuredC
+ }
+ inline void setFunction(JSFunction* fun);
+ /*
+ * De-lazifies the canonical function. Must be called before entering code
+ * that expects the function to be non-lazy.
+ */
+ inline void ensureNonLazyCanonicalFunction(JSContext* cx);
+
++ // Returns true if the script may read formal arguments on the stack
++ // directly, via lazy arguments or a rest parameter.
++ bool mayReadFrameArgsDirectly();
++
+ JSFlatString* sourceData(JSContext* cx);
+
+ static bool loadSource(JSContext* cx, js::ScriptSource* ss, bool* worked);
+
+ void setSourceObject(JSObject* object);
+ JSObject* sourceObject() const {
+ return sourceObject_;
+ }
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch
new file mode 100644
index 0000000000..b92bfa4f4e
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch
@@ -0,0 +1,33 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/debff255c08e
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
+
+# HG changeset patch
+# User Randell Jesup <rjesup@jesup.org>
+# Date 1451928471 18000
+# Node ID debff255c08e898be370e307e1e014f5601c20c6
+# Parent f31d643afd4159b5422ae5aebcbbea0a088e018e
+Bug 1234571 - unregister encoded-frame callback when releasing codec databases. r=pkerr, a=al
+
+diff --git a/media/webrtc/trunk/webrtc/modules/video_coding/main/source/generic_encoder.cc b/media/webrtc/trunk/webrtc/modules/video_coding/main/source/generic_encoder.cc
+--- a/media/webrtc/trunk/webrtc/modules/video_coding/main/source/generic_encoder.cc
++++ b/media/webrtc/trunk/webrtc/modules/video_coding/main/source/generic_encoder.cc
+@@ -71,16 +71,17 @@ VCMGenericEncoder::VCMGenericEncoder(Vid
+ VCMGenericEncoder::~VCMGenericEncoder()
+ {
+ }
+
+ int32_t VCMGenericEncoder::Release()
+ {
+ _bitRate = 0;
+ _frameRate = 0;
++ _encoder.RegisterEncodeCompleteCallback(NULL);
+ _VCMencodedFrameCallback = NULL;
+ return _encoder.Release();
+ }
+
+ int32_t
+ VCMGenericEncoder::InitEncode(const VideoCodec* settings,
+ int32_t numberOfCores,
+ uint32_t maxPayloadSize)
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch
new file mode 100644
index 0000000000..2e409d961c
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch
@@ -0,0 +1,183 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/0f7224441f20
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
+
+# HG changeset patch
+# User Benjamin Bouvier <benj@benj.me>
+# Date 1450947090 -3600
+# Node ID 0f7224441f2089001f7934b46ac10cb72d267606
+# Parent debff255c08e898be370e307e1e014f5601c20c6
+Bug 1234280: Handle oom in CodeGeneratorShared::allocateData; r=jandem, a=sledru
+
+diff --git a/js/src/jit/CodeGenerator.cpp b/js/src/jit/CodeGenerator.cpp
+--- a/js/src/jit/CodeGenerator.cpp
++++ b/js/src/jit/CodeGenerator.cpp
+@@ -7902,17 +7902,19 @@ const VMFunction GetPropertyIC::UpdateIn
+ void
+ CodeGenerator::visitGetPropertyIC(OutOfLineUpdateCache* ool, DataPtr<GetPropertyIC>& ic)
+ {
+ LInstruction* lir = ool->lir();
+
+ if (ic->idempotent()) {
+ size_t numLocs;
+ CacheLocationList& cacheLocs = lir->mirRaw()->toGetPropertyCache()->location();
+- size_t locationBase = addCacheLocations(cacheLocs, &numLocs);
++ size_t locationBase;
++ if (!addCacheLocations(cacheLocs, &numLocs, &locationBase))
++ return;
+ ic->setLocationInfo(locationBase, numLocs);
+ }
+
+ saveLive(lir);
+
+ pushArg(ic->object());
+ pushArg(Imm32(ool->getCacheIndex()));
+ pushArg(ImmGCPtr(gen->info().script()));
+diff --git a/js/src/jit/shared/CodeGenerator-shared.cpp b/js/src/jit/shared/CodeGenerator-shared.cpp
+--- a/js/src/jit/shared/CodeGenerator-shared.cpp
++++ b/js/src/jit/shared/CodeGenerator-shared.cpp
+@@ -1527,31 +1527,34 @@ CodeGeneratorShared::jumpToBlock(MBasicB
+
+ masm.propagateOOM(patchableBackedges_.append(PatchableBackedgeInfo(backedge, mir->lir()->label(), oolEntry)));
+ } else {
+ masm.j(cond, mir->lir()->label());
+ }
+ }
+ #endif
+
+-size_t
+-CodeGeneratorShared::addCacheLocations(const CacheLocationList& locs, size_t* numLocs)
++MOZ_WARN_UNUSED_RESULT bool
++CodeGeneratorShared::addCacheLocations(const CacheLocationList& locs, size_t* numLocs,
++ size_t* curIndex)
+ {
+ size_t firstIndex = runtimeData_.length();
+ size_t numLocations = 0;
+ for (CacheLocationList::iterator iter = locs.begin(); iter != locs.end(); iter++) {
+ // allocateData() ensures that sizeof(CacheLocation) is word-aligned.
+ // If this changes, we will need to pad to ensure alignment.
+- size_t curIndex = allocateData(sizeof(CacheLocation));
+- new (&runtimeData_[curIndex]) CacheLocation(iter->pc, iter->script);
++ if (!allocateData(sizeof(CacheLocation), curIndex))
++ return false;
++ new (&runtimeData_[*curIndex]) CacheLocation(iter->pc, iter->script);
+ numLocations++;
+ }
+ MOZ_ASSERT(numLocations != 0);
+ *numLocs = numLocations;
+- return firstIndex;
++ *curIndex = firstIndex;
++ return true;
+ }
+
+ ReciprocalMulConstants
+ CodeGeneratorShared::computeDivisionConstants(int d) {
+ // In what follows, d is positive and is not a power of 2.
+ MOZ_ASSERT(d > 0 && (d & (d - 1)) != 0);
+
+ // Speeding up division by non power-of-2 constants is possible by
+diff --git a/js/src/jit/shared/CodeGenerator-shared.h b/js/src/jit/shared/CodeGenerator-shared.h
+--- a/js/src/jit/shared/CodeGenerator-shared.h
++++ b/js/src/jit/shared/CodeGenerator-shared.h
+@@ -3,16 +3,17 @@
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ #ifndef jit_shared_CodeGenerator_shared_h
+ #define jit_shared_CodeGenerator_shared_h
+
+ #include "mozilla/Alignment.h"
++#include "mozilla/TypeTraits.h"
+
+ #include "jit/JitFrames.h"
+ #include "jit/LIR.h"
+ #include "jit/MacroAssembler.h"
+ #include "jit/MIRGenerator.h"
+ #include "jit/MIRGraph.h"
+ #include "jit/OptimizationTracking.h"
+ #include "jit/Safepoints.h"
+@@ -242,24 +243,16 @@ class CodeGeneratorShared : public LElem
+ return SlotToStackOffset(a->toStackSlot()->slot());
+ }
+
+ uint32_t frameSize() const {
+ return frameClass_ == FrameSizeClass::None() ? frameDepth_ : frameClass_.frameSize();
+ }
+
+ protected:
+- // Ensure the cache is an IonCache while expecting the size of the derived
+- // class. We only need the cache list at GC time. Everyone else can just take
+- // runtimeData offsets.
+- size_t allocateCache(const IonCache&, size_t size) {
+- size_t dataOffset = allocateData(size);
+- masm.propagateOOM(cacheList_.append(dataOffset));
+- return dataOffset;
+- }
+
+ #ifdef CHECK_OSIPOINT_REGISTERS
+ void resetOsiPointRegs(LSafepoint* safepoint);
+ bool shouldVerifyOsiPointRegs(LSafepoint* safepoint);
+ void verifyOsiPointRegs(LSafepoint* safepoint);
+ #endif
+
+ bool addNativeToBytecodeEntry(const BytecodeSite* site);
+@@ -295,27 +288,33 @@ class CodeGeneratorShared : public LElem
+ return lookup();
+ }
+ T * operator*() {
+ return lookup();
+ }
+ };
+
+ protected:
+-
+- size_t allocateData(size_t size) {
++ MOZ_WARN_UNUSED_RESULT
++ bool allocateData(size_t size, size_t* offset) {
+ MOZ_ASSERT(size % sizeof(void*) == 0);
+- size_t dataOffset = runtimeData_.length();
++ *offset = runtimeData_.length();
+ masm.propagateOOM(runtimeData_.appendN(0, size));
+- return dataOffset;
++ return !masm.oom();
+ }
+
++ // Ensure the cache is an IonCache while expecting the size of the derived
++ // class. We only need the cache list at GC time. Everyone else can just take
++ // runtimeData offsets.
+ template <typename T>
+ inline size_t allocateCache(const T& cache) {
+- size_t index = allocateCache(cache, sizeof(mozilla::AlignedStorage2<T>));
++ static_assert(mozilla::IsBaseOf<IonCache, T>::value, "T must inherit from IonCache");
++ size_t index;
++ masm.propagateOOM(allocateData(sizeof(mozilla::AlignedStorage2<T>), &index));
++ masm.propagateOOM(cacheList_.append(index));
+ if (masm.oom())
+ return SIZE_MAX;
+ // Use the copy constructor on the allocated space.
+ MOZ_ASSERT(index == cacheList_.back());
+ new (&runtimeData_[index]) T(cache);
+ return index;
+ }
+
+@@ -475,17 +474,17 @@ class CodeGeneratorShared : public LElem
+
+ void callVM(const VMFunction& f, LInstruction* ins, const Register* dynStack = nullptr);
+
+ template <class ArgSeq, class StoreOutputTo>
+ inline OutOfLineCode* oolCallVM(const VMFunction& fun, LInstruction* ins, const ArgSeq& args,
+ const StoreOutputTo& out);
+
+ void addCache(LInstruction* lir, size_t cacheIndex);
+- size_t addCacheLocations(const CacheLocationList& locs, size_t* numLocs);
++ bool addCacheLocations(const CacheLocationList& locs, size_t* numLocs, size_t* offset);
+ ReciprocalMulConstants computeDivisionConstants(int d);
+
+ protected:
+ void addOutOfLineCode(OutOfLineCode* code, const MInstruction* mir);
+ void addOutOfLineCode(OutOfLineCode* code, const BytecodeSite* site);
+ bool hasOutOfLineCode() { return !outOfLineCode_.empty(); }
+ bool generateOutOfLineCode();
+
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch
new file mode 100644
index 0000000000..7861e24c89
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch
@@ -0,0 +1,91 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/8c184c30caa6
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
+
+# HG changeset patch
+# User L. David Baron <dbaron@dbaron.org>
+# Date 1452248144 -39600
+# Node ID 8c184c30caa6d16f5ec63cce9a77d16f25d2e57e
+# Parent 0f7224441f2089001f7934b46ac10cb72d267606
+Bug 1230668 - Don't use frame when not in composed document. r=heycam a=sylvestre
+
+diff --git a/layout/style/nsComputedDOMStyle.cpp b/layout/style/nsComputedDOMStyle.cpp
+--- a/layout/style/nsComputedDOMStyle.cpp
++++ b/layout/style/nsComputedDOMStyle.cpp
+@@ -421,26 +421,31 @@ nsComputedDOMStyle::GetStyleContextForEl
+ {
+ MOZ_ASSERT(aElement, "NULL element");
+ // If the content has a pres shell, we must use it. Otherwise we'd
+ // potentially mix rule trees by using the wrong pres shell's style
+ // set. Using the pres shell from the content also means that any
+ // content that's actually *in* a document will get the style from the
+ // correct document.
+ nsIPresShell *presShell = GetPresShellForContent(aElement);
++ bool inDocWithShell = true;
+ if (!presShell) {
++ inDocWithShell = false;
+ presShell = aPresShell;
+ if (!presShell)
+ return nullptr;
+ }
+
+- // XXX the !aElement->IsHTML(nsGkAtoms::area)
+- // check is needed due to bug 135040 (to avoid using
++ // XXX the !aElement->IsHTML(nsGkAtoms::area)
++ // check is needed due to bug 135040 (to avoid using
+ // mPrimaryFrame). Remove it once that's fixed.
+- if (!aPseudo && aStyleType == eAll && !aElement->IsHTML(nsGkAtoms::area)) {
++ if (!aPseudo && aStyleType == eAll && inDocWithShell &&
++ !aElement->IsHTML(nsGkAtoms::area)) {
++ if (!aPseudo && aStyleType == eAll && inDocWithShell &&
++ !aElement->IsHTMLElement(nsGkAtoms::area)) {
+ nsIFrame* frame = nsLayoutUtils::GetStyleFrame(aElement);
+ if (frame) {
+ nsStyleContext* result = frame->StyleContext();
+ // Don't use the style context if it was influenced by
+ // pseudo-elements, since then it's not the primary style
+ // for this element.
+ if (!result->HasPseudoElementData()) {
+ // this function returns an addrefed style context
+@@ -468,17 +473,18 @@ nsComputedDOMStyle::GetStyleContextForEl
+
+ nsRefPtr<nsStyleContext> sc;
+ if (aPseudo) {
+ nsCSSPseudoElements::Type type = nsCSSPseudoElements::GetPseudoType(aPseudo);
+ if (type >= nsCSSPseudoElements::ePseudo_PseudoElementCount) {
+ return nullptr;
+ }
+ nsIFrame* frame = nsLayoutUtils::GetStyleFrame(aElement);
+- Element* pseudoElement = frame ? frame->GetPseudoElement(type) : nullptr;
++ Element* pseudoElement =
++ frame && inDocWithShell ? frame->GetPseudoElement(type) : nullptr;
+ sc = styleSet->ResolvePseudoElementStyle(aElement, type, parentContext,
+ pseudoElement);
+ } else {
+ sc = styleSet->ResolveStyleFor(aElement, parentContext);
+ }
+
+ if (aStyleType == eDefaultOnly) {
+ // We really only want the user and UA rules. Filter out the other ones.
+@@ -592,18 +598,18 @@ nsComputedDOMStyle::UpdateCurrentStyleSo
+ mFlushedPendingReflows = aNeedsLayoutFlush;
+ #endif
+
+ mPresShell = document->GetShell();
+ if (!mPresShell || !mPresShell->GetPresContext()) {
+ return;
+ }
+
+- // XXX the !mContent->IsHTML(nsGkAtoms::area)
+- // check is needed due to bug 135040 (to avoid using
++ // XXX the !mContent->IsHTML(nsGkAtoms::area)
++ // check is needed due to bug 135040 (to avoid using
+ // mPrimaryFrame). Remove it once that's fixed.
+ if (!mPseudo && mStyleType == eAll && !mContent->IsHTML(nsGkAtoms::area)) {
+ mOuterFrame = mContent->GetPrimaryFrame();
+ mInnerFrame = mOuterFrame;
+ if (mOuterFrame) {
+ nsIAtom* type = mOuterFrame->GetType();
+ if (type == nsGkAtoms::tableOuterFrame) {
+ // If the frame is an outer table frame then we should get the style
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch
new file mode 100644
index 0000000000..0e5825becf
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch
@@ -0,0 +1,34 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/fceff80a84a3
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
+
+# HG changeset patch
+# User Wes Kocher <wkocher@mozilla.com>
+# Date 1452542163 28800
+# Node ID fceff80a84a32b68d02abc00486fe6c7b86d545b
+# Parent 8c184c30caa6d16f5ec63cce9a77d16f25d2e57e
+Fix up some rebase errors in bug 1230668 r=me a=bustage
+
+diff --git a/layout/style/nsComputedDOMStyle.cpp b/layout/style/nsComputedDOMStyle.cpp
+--- a/layout/style/nsComputedDOMStyle.cpp
++++ b/layout/style/nsComputedDOMStyle.cpp
+@@ -434,18 +434,16 @@ nsComputedDOMStyle::GetStyleContextForEl
+ return nullptr;
+ }
+
+ // XXX the !aElement->IsHTML(nsGkAtoms::area)
+ // check is needed due to bug 135040 (to avoid using
+ // mPrimaryFrame). Remove it once that's fixed.
+ if (!aPseudo && aStyleType == eAll && inDocWithShell &&
+ !aElement->IsHTML(nsGkAtoms::area)) {
+- if (!aPseudo && aStyleType == eAll && inDocWithShell &&
+- !aElement->IsHTMLElement(nsGkAtoms::area)) {
+ nsIFrame* frame = nsLayoutUtils::GetStyleFrame(aElement);
+ if (frame) {
+ nsStyleContext* result = frame->StyleContext();
+ // Don't use the style context if it was influenced by
+ // pseudo-elements, since then it's not the primary style
+ // for this element.
+ if (!result->HasPseudoElementData()) {
+ // this function returns an addrefed style context
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch
new file mode 100644
index 0000000000..02c1af1775
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch
@@ -0,0 +1,83 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/94a95291d095
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
+
+# HG changeset patch
+# User Timothy Nikkel <tnikkel@gmail.com>
+# Date 1453303652 -3600
+# Node ID 94a95291d0958439dbed5b7dc99fae59e1318592
+# Parent 999c13acb40e1113306c65925a7d96688339d945
+Bug 1224200 - Allow downscaler to get (and ignore) new input lines after it has finished producing all output lines. r=seth, a=lizzard
+
+diff --git a/image/src/Downscaler.cpp b/image/src/Downscaler.cpp
+--- a/image/src/Downscaler.cpp
++++ b/image/src/Downscaler.cpp
+@@ -145,43 +145,44 @@ GetFilterOffsetAndLength(UniquePtr<skia:
+ aFilterLengthOut);
+ }
+
+ void
+ Downscaler::CommitRow()
+ {
+ MOZ_ASSERT(mOutputBuffer, "Should have a current frame");
+ MOZ_ASSERT(mCurrentInLine < mOriginalSize.height, "Past end of input");
+- MOZ_ASSERT(mCurrentOutLine < mTargetSize.height, "Past end of output");
+
+- int32_t filterOffset = 0;
+- int32_t filterLength = 0;
+- GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
+- &filterOffset, &filterLength);
++ if (mCurrentOutLine < mTargetSize.height) {
++ int32_t filterOffset = 0;
++ int32_t filterLength = 0;
++ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
++ &filterOffset, &filterLength);
+
+- int32_t inLineToRead = filterOffset + mLinesInBuffer;
+- MOZ_ASSERT(mCurrentInLine <= inLineToRead, "Reading past end of input");
+- if (mCurrentInLine == inLineToRead) {
+- skia::ConvolveHorizontally(mRowBuffer.get(), *mXFilter,
+- mWindow[mLinesInBuffer++], mHasAlpha,
+- /* use_sse2 = */ true);
+- }
+-
+- MOZ_ASSERT(mCurrentOutLine < mTargetSize.height,
+- "Writing past end of output");
+-
+- while (mLinesInBuffer == filterLength) {
+- DownscaleInputLine();
+-
+- if (mCurrentOutLine == mTargetSize.height) {
+- break; // We're done.
++ int32_t inLineToRead = filterOffset + mLinesInBuffer;
++ MOZ_ASSERT(mCurrentInLine <= inLineToRead, "Reading past end of input");
++ if (mCurrentInLine == inLineToRead) {
++ skia::ConvolveHorizontally(mRowBuffer.get(), *mXFilter,
++ mWindow[mLinesInBuffer++], mHasAlpha,
++ /* use_sse2 = */ true);
+ }
+
+- GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
+- &filterOffset, &filterLength);
++ MOZ_ASSERT(mCurrentOutLine < mTargetSize.height,
++ "Writing past end of output");
++
++ while (mLinesInBuffer == filterLength) {
++ DownscaleInputLine();
++
++ if (mCurrentOutLine == mTargetSize.height) {
++ break; // We're done.
++ }
++
++ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
++ &filterOffset, &filterLength);
++ }
+ }
+
+ mCurrentInLine += 1;
+ }
+
+ bool
+ Downscaler::HasInvalidation() const
+ {
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch
new file mode 100644
index 0000000000..9ebf18a5d3
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch
@@ -0,0 +1,35 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/ee68c3dae5f6
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
+
+# HG changeset patch
+# User JW Wang <jwwang@mozilla.com>
+# Date 1450698943 -28800
+# Node ID ee68c3dae5f639fdd439f69ef2f724067fce0ea6
+# Parent 762d015e1854c28c213293ac1e9b2ab51cf201f9
+Bug 1230483 - Part 2 - LoadFromSourceChildren() should be queued at most once in an event cycle. r=roc, a=lizzard
+
+diff --git a/dom/html/HTMLMediaElement.cpp b/dom/html/HTMLMediaElement.cpp
+--- a/dom/html/HTMLMediaElement.cpp
++++ b/dom/html/HTMLMediaElement.cpp
+@@ -4033,16 +4033,19 @@ void HTMLMediaElement::NotifyAddedSource
+ mNetworkState == nsIDOMHTMLMediaElement::NETWORK_EMPTY)
+ {
+ QueueSelectResourceTask();
+ }
+
+ // A load was paused in the resource selection algorithm, waiting for
+ // a new source child to be added, resume the resource selection algorithm.
+ if (mLoadWaitStatus == WAITING_FOR_SOURCE) {
++ // Rest the flag so we don't queue multiple LoadFromSourceTask() when
++ // multiple <source> are attached in an event loop.
++ mLoadWaitStatus = NOT_WAITING;
+ QueueLoadFromSourceTask();
+ }
+ }
+
+ nsIContent* HTMLMediaElement::GetNextSource()
+ {
+ nsCOMPtr<nsIDOMNode> thisDomNode = do_QueryObject(this);
+
+
diff --git a/gnu/packages/patches/icecat-CVE-2016-1935.patch b/gnu/packages/patches/icecat-CVE-2016-1935.patch
new file mode 100644
index 0000000000..a6db4b9b6a
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1935.patch
@@ -0,0 +1,77 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/f9aad6c0253a
+Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-03/
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1220450
+
+# HG changeset patch
+# User Jeff Gilbert <jgilbert@mozilla.com>
+# Date 1452570660 28800
+# Node ID f9aad6c0253a3b81699a3d7a05e78615dd814ea3
+# Parent c47640f24251b48c0bba9d2f0f6ee059eca58362
+Bug 1220450 - Clear length on cache OOM. r=kamidphish, a=ritu
+
+diff --git a/dom/canvas/WebGLContextBuffers.cpp b/dom/canvas/WebGLContextBuffers.cpp
+--- a/dom/canvas/WebGLContextBuffers.cpp
++++ b/dom/canvas/WebGLContextBuffers.cpp
+@@ -185,16 +185,17 @@ WebGLContext::BufferData(GLenum target,
+
+ if (error) {
+ GenerateWarning("bufferData generated error %s", ErrorName(error));
+ return;
+ }
+
+ boundBuffer->SetByteLength(size);
+ if (!boundBuffer->ElementArrayCacheBufferData(nullptr, size)) {
++ boundBuffer->SetByteLength(0);
+ return ErrorOutOfMemory("bufferData: out of memory");
+ }
+ }
+
+ void
+ WebGLContext::BufferData(GLenum target,
+ const dom::Nullable<dom::ArrayBuffer>& maybeData,
+ GLenum usage)
+@@ -234,18 +235,20 @@ WebGLContext::BufferData(GLenum target,
+ GLenum error = CheckedBufferData(target, data.Length(), data.Data(), usage);
+
+ if (error) {
+ GenerateWarning("bufferData generated error %s", ErrorName(error));
+ return;
+ }
+
+ boundBuffer->SetByteLength(data.Length());
+- if (!boundBuffer->ElementArrayCacheBufferData(data.Data(), data.Length()))
++ if (!boundBuffer->ElementArrayCacheBufferData(data.Data(), data.Length())) {
++ boundBuffer->SetByteLength(0);
+ return ErrorOutOfMemory("bufferData: out of memory");
++ }
+ }
+
+ void
+ WebGLContext::BufferData(GLenum target, const dom::ArrayBufferView& data,
+ GLenum usage)
+ {
+ if (IsContextLost())
+ return;
+@@ -274,18 +277,20 @@ WebGLContext::BufferData(GLenum target,
+
+ GLenum error = CheckedBufferData(target, data.Length(), data.Data(), usage);
+ if (error) {
+ GenerateWarning("bufferData generated error %s", ErrorName(error));
+ return;
+ }
+
+ boundBuffer->SetByteLength(data.Length());
+- if (!boundBuffer->ElementArrayCacheBufferData(data.Data(), data.Length()))
++ if (!boundBuffer->ElementArrayCacheBufferData(data.Data(), data.Length())) {
++ boundBuffer->SetByteLength(0);
+ return ErrorOutOfMemory("bufferData: out of memory");
++ }
+ }
+
+ void
+ WebGLContext::BufferSubData(GLenum target, WebGLsizeiptr byteOffset,
+ const dom::Nullable<dom::ArrayBuffer>& maybeData)
+ {
+ if (IsContextLost())
+ return;
+
diff --git a/gnu/packages/patches/icecat-bug-1146335-pt1.patch b/gnu/packages/patches/icecat-bug-1146335-pt1.patch
new file mode 100644
index 0000000000..a41e638b2f
--- /dev/null
+++ b/gnu/packages/patches/icecat-bug-1146335-pt1.patch
@@ -0,0 +1,141 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/9d14787bd10e
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1146335
+
+# HG changeset patch
+# User Seth Fowler <mark.seth.fowler@gmail.com>
+# Date 1428627143 25200
+# Node ID 9d14787bd10e6f3013263a2cae0bcc78bebde1db
+# Parent aaf922ae679685acb5d2b8ffa5f0bf22f1e6987a
+Bug 1146335 (Part 1) - Add assertions and fix style issues in image::Downscaler. r=tn a=lizzard
+
+diff --git a/image/src/Downscaler.cpp b/image/src/Downscaler.cpp
+--- a/image/src/Downscaler.cpp
++++ b/image/src/Downscaler.cpp
+@@ -72,23 +72,25 @@ Downscaler::BeginFrame(const nsIntSize&
+ mOutputBuffer = aOutputBuffer;
+ mHasAlpha = aHasAlpha;
+
+ ResetForNextProgressivePass();
+ ReleaseWindow();
+
+ auto resizeMethod = skia::ImageOperations::RESIZE_LANCZOS3;
+
+- skia::resize::ComputeFilters(resizeMethod, mOriginalSize.width,
+- mTargetSize.width, 0,
+- mTargetSize.width, mXFilter.get());
++ skia::resize::ComputeFilters(resizeMethod,
++ mOriginalSize.width, mTargetSize.width,
++ 0, mTargetSize.width,
++ mXFilter.get());
+
+- skia::resize::ComputeFilters(resizeMethod, mOriginalSize.height,
+- mTargetSize.height, 0,
+- mTargetSize.height, mYFilter.get());
++ skia::resize::ComputeFilters(resizeMethod,
++ mOriginalSize.height, mTargetSize.height,
++ 0, mTargetSize.height,
++ mYFilter.get());
+
+ // Allocate the buffer, which contains scanlines of the original image.
+ size_t bufferLen = mOriginalSize.width * sizeof(uint32_t);
+ mRowBuffer = MakeUnique<uint8_t[]>(bufferLen);
+ if (MOZ_UNLIKELY(!mRowBuffer)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+@@ -126,39 +128,54 @@ void
+ Downscaler::ResetForNextProgressivePass()
+ {
+ mPrevInvalidatedLine = 0;
+ mCurrentOutLine = 0;
+ mCurrentInLine = 0;
+ mLinesInBuffer = 0;
+ }
+
++static void
++GetFilterOffsetAndLength(UniquePtr<skia::ConvolutionFilter1D>& aFilter,
++ int32_t aOutputImagePosition,
++ int32_t* aFilterOffsetOut,
++ int32_t* aFilterLengthOut)
++{
++ MOZ_ASSERT(aOutputImagePosition < aFilter->num_values());
++ aFilter->FilterForValue(aOutputImagePosition,
++ aFilterOffsetOut,
++ aFilterLengthOut);
++}
++
+ void
+ Downscaler::CommitRow()
+ {
+ MOZ_ASSERT(mOutputBuffer, "Should have a current frame");
+ MOZ_ASSERT(mCurrentInLine < mOriginalSize.height, "Past end of input");
+ MOZ_ASSERT(mCurrentOutLine < mTargetSize.height, "Past end of output");
+
+ int32_t filterOffset = 0;
+ int32_t filterLength = 0;
+- mYFilter->FilterForValue(mCurrentOutLine, &filterOffset, &filterLength);
++ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
++ &filterOffset, &filterLength);
+
+ int32_t inLineToRead = filterOffset + mLinesInBuffer;
+ MOZ_ASSERT(mCurrentInLine <= inLineToRead, "Reading past end of input");
+ if (mCurrentInLine == inLineToRead) {
+ skia::ConvolveHorizontally(mRowBuffer.get(), *mXFilter,
+ mWindow[mLinesInBuffer++], mHasAlpha,
+ /* use_sse2 = */ true);
+ }
+
+ while (mLinesInBuffer == filterLength &&
+ mCurrentOutLine < mTargetSize.height) {
+ DownscaleInputLine();
+- mYFilter->FilterForValue(mCurrentOutLine, &filterOffset, &filterLength);
++
++ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
++ &filterOffset, &filterLength);
+ }
+
+ mCurrentInLine += 1;
+ }
+
+ bool
+ Downscaler::HasInvalidation() const
+ {
+@@ -184,16 +201,17 @@ Downscaler::DownscaleInputLine()
+ {
+ typedef skia::ConvolutionFilter1D::Fixed FilterValue;
+
+ MOZ_ASSERT(mOutputBuffer);
+ MOZ_ASSERT(mCurrentOutLine < mTargetSize.height, "Writing past end of output");
+
+ int32_t filterOffset = 0;
+ int32_t filterLength = 0;
++ MOZ_ASSERT(mCurrentOutLine < mYFilter->num_values());
+ auto filterValues =
+ mYFilter->FilterForValue(mCurrentOutLine, &filterOffset, &filterLength);
+
+ uint8_t* outputLine =
+ &mOutputBuffer[mCurrentOutLine * mTargetSize.width * sizeof(uint32_t)];
+ skia::ConvolveVertically(static_cast<const FilterValue*>(filterValues),
+ filterLength, mWindow.get(), mXFilter->num_values(),
+ outputLine, mHasAlpha, /* use_sse2 = */ true);
+@@ -202,17 +220,18 @@ Downscaler::DownscaleInputLine()
+
+ if (mCurrentOutLine == mTargetSize.height) {
+ // We're done.
+ return;
+ }
+
+ int32_t newFilterOffset = 0;
+ int32_t newFilterLength = 0;
+- mYFilter->FilterForValue(mCurrentOutLine, &newFilterOffset, &newFilterLength);
++ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
++ &newFilterOffset, &newFilterLength);
+
+ int diff = newFilterOffset - filterOffset;
+ MOZ_ASSERT(diff >= 0, "Moving backwards in the filter?");
+
+ // Shift the buffer. We're just moving pointers here, so this is cheap.
+ mLinesInBuffer -= diff;
+ mLinesInBuffer = max(mLinesInBuffer, 0);
+ for (int32_t i = 0; i < mLinesInBuffer; ++i) {
+
diff --git a/gnu/packages/patches/icecat-bug-1146335-pt2.patch b/gnu/packages/patches/icecat-bug-1146335-pt2.patch
new file mode 100644
index 0000000000..240e0cfc66
--- /dev/null
+++ b/gnu/packages/patches/icecat-bug-1146335-pt2.patch
@@ -0,0 +1,43 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/8bfaa27698ca
+Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1146335
+
+# HG changeset patch
+# User Seth Fowler <mark.seth.fowler@gmail.com>
+# Date 1428627143 25200
+# Node ID 8bfaa27698ca0720d5c9f3910ab7148b38db0625
+# Parent 9d14787bd10e6f3013263a2cae0bcc78bebde1db
+Bug 1146335 (Part 2) - Fix an off-by-one error in image::Downscaler. r=tn a=lizzard
+
+diff --git a/image/src/Downscaler.cpp b/image/src/Downscaler.cpp
+--- a/image/src/Downscaler.cpp
++++ b/image/src/Downscaler.cpp
+@@ -160,20 +160,26 @@ Downscaler::CommitRow()
+ int32_t inLineToRead = filterOffset + mLinesInBuffer;
+ MOZ_ASSERT(mCurrentInLine <= inLineToRead, "Reading past end of input");
+ if (mCurrentInLine == inLineToRead) {
+ skia::ConvolveHorizontally(mRowBuffer.get(), *mXFilter,
+ mWindow[mLinesInBuffer++], mHasAlpha,
+ /* use_sse2 = */ true);
+ }
+
+- while (mLinesInBuffer == filterLength &&
+- mCurrentOutLine < mTargetSize.height) {
++ MOZ_ASSERT(mCurrentOutLine < mTargetSize.height,
++ "Writing past end of output");
++
++ while (mLinesInBuffer == filterLength) {
+ DownscaleInputLine();
+
++ if (mCurrentOutLine == mTargetSize.height) {
++ break; // We're done.
++ }
++
+ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
+ &filterOffset, &filterLength);
+ }
+
+ mCurrentInLine += 1;
+ }
+
+ bool
+
diff --git a/gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch b/gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch
new file mode 100644
index 0000000000..5a3a934dba
--- /dev/null
+++ b/gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch
@@ -0,0 +1,73 @@
+Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/9632375c6aac
+
+# HG changeset patch
+# User Jeff Gilbert <jdashg@gmail.com>
+# Date 1453320785 28800
+# Node ID 9632375c6aacbf673b996b53231d70b91e480fb5
+# Parent ee68c3dae5f639fdd439f69ef2f724067fce0ea6
+Limit max buffers size for ANGLE. r=jrmuizel a=lizzard
+
+diff --git a/dom/canvas/WebGLContextBuffers.cpp b/dom/canvas/WebGLContextBuffers.cpp
+--- a/dom/canvas/WebGLContextBuffers.cpp
++++ b/dom/canvas/WebGLContextBuffers.cpp
+@@ -164,16 +164,19 @@ WebGLContext::BufferData(GLenum target,
+
+ if (!ValidateBufferUsageEnum(usage, "bufferData: usage"))
+ return;
+
+ // careful: WebGLsizeiptr is always 64-bit, but GLsizeiptr is like intptr_t.
+ if (!CheckedInt<GLsizeiptr>(size).isValid())
+ return ErrorOutOfMemory("bufferData: bad size");
+
++ if (gl->IsANGLE() && size > UINT32_MAX)
++ return ErrorOutOfMemory("bufferData: size too large");
++
+ WebGLBuffer* boundBuffer = bufferSlot.get();
+
+ if (!boundBuffer)
+ return ErrorInvalidOperation("bufferData: no buffer bound!");
+
+ UniquePtr<uint8_t> zeroBuffer((uint8_t*)moz_calloc(size, 1));
+ if (!zeroBuffer)
+ return ErrorOutOfMemory("bufferData: out of memory");
+@@ -216,16 +219,19 @@ WebGLContext::BufferData(GLenum target,
+ const dom::ArrayBuffer& data = maybeData.Value();
+ data.ComputeLengthAndData();
+
+ // Careful: data.Length() could conceivably be any uint32_t, but GLsizeiptr
+ // is like intptr_t.
+ if (!CheckedInt<GLsizeiptr>(data.Length()).isValid())
+ return ErrorOutOfMemory("bufferData: bad size");
+
++ if (gl->IsANGLE() && data.Length() > UINT32_MAX)
++ return ErrorOutOfMemory("bufferData: size too large");
++
+ if (!ValidateBufferUsageEnum(usage, "bufferData: usage"))
+ return;
+
+ WebGLBuffer* boundBuffer = bufferSlot.get();
+
+ if (!boundBuffer)
+ return ErrorInvalidOperation("bufferData: no buffer bound!");
+
+@@ -267,16 +273,19 @@ WebGLContext::BufferData(GLenum target,
+
+ data.ComputeLengthAndData();
+
+ // Careful: data.Length() could conceivably be any uint32_t, but GLsizeiptr
+ // is like intptr_t.
+ if (!CheckedInt<GLsizeiptr>(data.Length()).isValid())
+ return ErrorOutOfMemory("bufferData: bad size");
+
++ if (gl->IsANGLE() && data.Length() > UINT32_MAX)
++ return ErrorOutOfMemory("bufferData: size too large");
++
+ InvalidateBufferFetching();
+ MakeContextCurrent();
+
+ GLenum error = CheckedBufferData(target, data.Length(), data.Data(), usage);
+ if (error) {
+ GenerateWarning("bufferData generated error %s", ErrorName(error));
+ return;
+ }
+
diff --git a/gnu/packages/patches/libarchive-bsdtar-test.patch b/gnu/packages/patches/libarchive-bsdtar-test.patch
new file mode 100644
index 0000000000..6a533a9a07
--- /dev/null
+++ b/gnu/packages/patches/libarchive-bsdtar-test.patch
@@ -0,0 +1,74 @@
+commit b539b2e597b566fe3c4b49cb61c9eef83e5e052d
+Author: Pavel Raiskup <praiskup@redhat.com>
+Date: Thu Jun 27 16:01:30 2013 +0200
+
+ Use ustar format in the test_option_b test
+
+ .. because the ustar archive does not store SELinux context. As the default
+ format for bsdtar is "restricted pax" (trying to store xattrs and other
+ things by default), the test failed on Fedora because our files have by
+ default SELinux context set. This results in additional data in tested
+ archive ~> and the test failed because the archive was unexpectedly big:
+
+ tar/test/test_option_b.c:41: File archive1.tar has size 3072, expected 2048
+
+ Reviewed by Konrad Kleine <konrad.wilhelm.kleine@gmail.com>
+
+diff --git a/tar/test/test_option_b.c b/tar/test/test_option_b.c
+index be2ae65..6fea474 100644
+--- a/tar/test/test_option_b.c
++++ b/tar/test/test_option_b.c
+@@ -25,8 +25,14 @@
+ #include "test.h"
+ __FBSDID("$FreeBSD$");
+
++#define USTAR_OPT " --format=ustar"
++
+ DEFINE_TEST(test_option_b)
+ {
++ char *testprog_ustar = malloc(strlen(testprog) + sizeof(USTAR_OPT) + 1);
++ strcpy(testprog_ustar, testprog);
++ strcat(testprog_ustar, USTAR_OPT);
++
+ assertMakeFile("file1", 0644, "file1");
+ if (systemf("cat file1 > test_cat.out 2> test_cat.err") != 0) {
+ skipping("Platform doesn't have cat");
+@@ -36,7 +42,7 @@ DEFINE_TEST(test_option_b)
+ /*
+ * Bsdtar does not pad if the output is going directly to a disk file.
+ */
+- assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog));
++ assertEqualInt(0, systemf("%s -cf archive1.tar file1 >test1.out 2>test1.err", testprog_ustar));
+ failure("bsdtar does not pad archives written directly to regular files");
+ assertFileSize("archive1.tar", 2048);
+ assertEmptyFile("test1.out");
+@@ -46,24 +52,24 @@ DEFINE_TEST(test_option_b)
+ * Bsdtar does pad to the block size if the output is going to a socket.
+ */
+ /* Default is -b 20 */
+- assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog));
++ assertEqualInt(0, systemf("%s -cf - file1 2>test2.err | cat >archive2.tar ", testprog_ustar));
+ failure("bsdtar does pad archives written to pipes");
+ assertFileSize("archive2.tar", 10240);
+ assertEmptyFile("test2.err");
+
+- assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog));
++ assertEqualInt(0, systemf("%s -cf - -b 20 file1 2>test3.err | cat >archive3.tar ", testprog_ustar));
+ assertFileSize("archive3.tar", 10240);
+ assertEmptyFile("test3.err");
+
+- assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog));
++ assertEqualInt(0, systemf("%s -cf - -b 10 file1 2>test4.err | cat >archive4.tar ", testprog_ustar));
+ assertFileSize("archive4.tar", 5120);
+ assertEmptyFile("test4.err");
+
+- assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog));
++ assertEqualInt(0, systemf("%s -cf - -b 1 file1 2>test5.err | cat >archive5.tar ", testprog_ustar));
+ assertFileSize("archive5.tar", 2048);
+ assertEmptyFile("test5.err");
+
+- assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog));
++ assertEqualInt(0, systemf("%s -cf - -b 8192 file1 2>test6.err | cat >archive6.tar ", testprog_ustar));
+ assertFileSize("archive6.tar", 4194304);
+ assertEmptyFile("test6.err");
+
diff --git a/gnu/packages/patches/librsvg-tests.patch b/gnu/packages/patches/librsvg-tests.patch
deleted file mode 100644
index dc5b94e185..0000000000
--- a/gnu/packages/patches/librsvg-tests.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From e06fc71a57156123e4e50a39957100a651ab632b Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@gmail.com>
-Date: Sat, 17 Oct 2015 10:20:33 +0800
-Subject: [PATCH] tests/styles: Don't duplicate test names.
-
----
- tests/styles.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/tests/styles.c b/tests/styles.c
-index d09b1f2..a938835 100644
---- a/tests/styles.c
-+++ b/tests/styles.c
-@@ -97,8 +97,8 @@ static const FixtureData fixtures[] =
- {"/styles/selectors/2 or more selectors (stroke)", "592207", "styles/bug592207.svg", "#target", "stroke", .expected.color = 0xff0000ff},
- {"/styles/svg-element-style", "615701", "styles/svg-class.svg", "#svg", "fill", .expected.color = 0xff0000ff},
- {"/styles/presentation attribute in svg element", "620693", "styles/bug620693.svg", "#svg", "stroke", .expected.color = 0xffff0000},
-- {"/styles/!important", "379629", "styles/bug379629.svg", "#base_shadow", "stroke", .expected.color = 0xffffc0cb /* pink */},
-- {"/styles/!important", "379629", "styles/bug379629.svg", "#base_shadow", "stroke-width", .expected.length = {POINTS_LENGTH(5.), 'i'}},
-+ {"/styles/!important/1", "379629", "styles/bug379629.svg", "#base_shadow", "stroke", .expected.color = 0xffffc0cb /* pink */},
-+ {"/styles/!important/2", "379629", "styles/bug379629.svg", "#base_shadow", "stroke-width", .expected.length = {POINTS_LENGTH(5.), 'i'}},
- {"/styles/!important/class", "614606", "styles/bug614606.svg", "#path6306", "fill", .expected.color = 0xffff0000 /* red */ },
- {"/styles/!important/element", "614606", "styles/bug614606.svg", "#path6308", "fill", .expected.color = 0xff000000},
- {"/styles/!important/#id prior than class", NULL, "styles/important.svg", "#red", "fill", .expected.color = 0xffff0000 },
---
-2.5.0
-
diff --git a/gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch b/gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch
new file mode 100644
index 0000000000..811516dbe9
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch
@@ -0,0 +1,107 @@
+2015-12-26 Even Rouault <even.rouault at spatialys.com>
+
+ * libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage
+ interface in case of unsupported values of SamplesPerPixel/ExtraSamples
+ for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in
+ TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and
+ CVE-2015-8683 reported by zzf of Alibaba.
+
+diff -u -r1.93 -r1.94
+--- libtiff/libtiff/tif_getimage.c 22 Nov 2015 15:31:03 -0000 1.93
++++ libtiff/libtiff/tif_getimage.c 26 Dec 2015 17:32:03 -0000 1.94
+@@ -182,20 +182,22 @@
+ "Planarconfiguration", td->td_planarconfig);
+ return (0);
+ }
+- if( td->td_samplesperpixel != 3 )
++ if( td->td_samplesperpixel != 3 || colorchannels != 3 )
+ {
+ sprintf(emsg,
+- "Sorry, can not handle image with %s=%d",
+- "Samples/pixel", td->td_samplesperpixel);
++ "Sorry, can not handle image with %s=%d, %s=%d",
++ "Samples/pixel", td->td_samplesperpixel,
++ "colorchannels", colorchannels);
+ return 0;
+ }
+ break;
+ case PHOTOMETRIC_CIELAB:
+- if( td->td_samplesperpixel != 3 || td->td_bitspersample != 8 )
++ if( td->td_samplesperpixel != 3 || colorchannels != 3 || td->td_bitspersample != 8 )
+ {
+ sprintf(emsg,
+- "Sorry, can not handle image with %s=%d and %s=%d",
++ "Sorry, can not handle image with %s=%d, %s=%d and %s=%d",
+ "Samples/pixel", td->td_samplesperpixel,
++ "colorchannels", colorchannels,
+ "Bits/sample", td->td_bitspersample);
+ return 0;
+ }
+@@ -255,6 +257,9 @@
+ int colorchannels;
+ uint16 *red_orig, *green_orig, *blue_orig;
+ int n_color;
++
++ if( !TIFFRGBAImageOK(tif, emsg) )
++ return 0;
+
+ /* Initialize to normal values */
+ img->row_offset = 0;
+@@ -2509,29 +2514,33 @@
+ case PHOTOMETRIC_RGB:
+ switch (img->bitspersample) {
+ case 8:
+- if (img->alpha == EXTRASAMPLE_ASSOCALPHA)
++ if (img->alpha == EXTRASAMPLE_ASSOCALPHA &&
++ img->samplesperpixel >= 4)
+ img->put.contig = putRGBAAcontig8bittile;
+- else if (img->alpha == EXTRASAMPLE_UNASSALPHA)
++ else if (img->alpha == EXTRASAMPLE_UNASSALPHA &&
++ img->samplesperpixel >= 4)
+ {
+ if (BuildMapUaToAa(img))
+ img->put.contig = putRGBUAcontig8bittile;
+ }
+- else
++ else if( img->samplesperpixel >= 3 )
+ img->put.contig = putRGBcontig8bittile;
+ break;
+ case 16:
+- if (img->alpha == EXTRASAMPLE_ASSOCALPHA)
++ if (img->alpha == EXTRASAMPLE_ASSOCALPHA &&
++ img->samplesperpixel >=4 )
+ {
+ if (BuildMapBitdepth16To8(img))
+ img->put.contig = putRGBAAcontig16bittile;
+ }
+- else if (img->alpha == EXTRASAMPLE_UNASSALPHA)
++ else if (img->alpha == EXTRASAMPLE_UNASSALPHA &&
++ img->samplesperpixel >=4 )
+ {
+ if (BuildMapBitdepth16To8(img) &&
+ BuildMapUaToAa(img))
+ img->put.contig = putRGBUAcontig16bittile;
+ }
+- else
++ else if( img->samplesperpixel >=3 )
+ {
+ if (BuildMapBitdepth16To8(img))
+ img->put.contig = putRGBcontig16bittile;
+@@ -2540,7 +2549,7 @@
+ }
+ break;
+ case PHOTOMETRIC_SEPARATED:
+- if (buildMap(img)) {
++ if (img->samplesperpixel >=4 && buildMap(img)) {
+ if (img->bitspersample == 8) {
+ if (!img->Map)
+ img->put.contig = putRGBcontig8bitCMYKtile;
+@@ -2636,7 +2645,7 @@
+ }
+ break;
+ case PHOTOMETRIC_CIELAB:
+- if (buildMap(img)) {
++ if (img->samplesperpixel == 3 && buildMap(img)) {
+ if (img->bitspersample == 8)
+ img->put.contig = initCIELabConversion(img);
+ break;
diff --git a/gnu/packages/patches/libtiff-oob-accesses-in-decode.patch b/gnu/packages/patches/libtiff-oob-accesses-in-decode.patch
new file mode 100644
index 0000000000..3fea745056
--- /dev/null
+++ b/gnu/packages/patches/libtiff-oob-accesses-in-decode.patch
@@ -0,0 +1,171 @@
+2015-12-27 Even Rouault <even.rouault at spatialys.com>
+
+ * libtiff/tif_luv.c: fix potential out-of-bound writes in decode
+ functions in non debug builds by replacing assert()s by regular if
+ checks (bugzilla #2522).
+ Fix potential out-of-bound reads in case of short input data.
+
+diff -u -r1.40 -r1.41
+--- libtiff/libtiff/tif_luv.c 21 Jun 2015 01:09:09 -0000 1.40
++++ libtiff/libtiff/tif_luv.c 27 Dec 2015 16:25:11 -0000 1.41
+@@ -1,4 +1,4 @@
+-/* $Id: tif_luv.c,v 1.40 2015-06-21 01:09:09 bfriesen Exp $ */
++/* $Id: tif_luv.c,v 1.41 2015-12-27 16:25:11 erouault Exp $ */
+
+ /*
+ * Copyright (c) 1997 Greg Ward Larson
+@@ -202,7 +202,11 @@
+ if (sp->user_datafmt == SGILOGDATAFMT_16BIT)
+ tp = (int16*) op;
+ else {
+- assert(sp->tbuflen >= npixels);
++ if(sp->tbuflen < npixels) {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Translation buffer too short");
++ return (0);
++ }
+ tp = (int16*) sp->tbuf;
+ }
+ _TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0]));
+@@ -211,9 +215,11 @@
+ cc = tif->tif_rawcc;
+ /* get each byte string */
+ for (shft = 2*8; (shft -= 8) >= 0; ) {
+- for (i = 0; i < npixels && cc > 0; )
++ for (i = 0; i < npixels && cc > 0; ) {
+ if (*bp >= 128) { /* run */
+- rc = *bp++ + (2-128); /* TODO: potential input buffer overrun when decoding corrupt or truncated data */
++ if( cc < 2 )
++ break;
++ rc = *bp++ + (2-128);
+ b = (int16)(*bp++ << shft);
+ cc -= 2;
+ while (rc-- && i < npixels)
+@@ -223,6 +229,7 @@
+ while (--cc && rc-- && i < npixels)
+ tp[i++] |= (int16)*bp++ << shft;
+ }
++ }
+ if (i != npixels) {
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ TIFFErrorExt(tif->tif_clientdata, module,
+@@ -268,13 +275,17 @@
+ if (sp->user_datafmt == SGILOGDATAFMT_RAW)
+ tp = (uint32 *)op;
+ else {
+- assert(sp->tbuflen >= npixels);
++ if(sp->tbuflen < npixels) {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Translation buffer too short");
++ return (0);
++ }
+ tp = (uint32 *) sp->tbuf;
+ }
+ /* copy to array of uint32 */
+ bp = (unsigned char*) tif->tif_rawcp;
+ cc = tif->tif_rawcc;
+- for (i = 0; i < npixels && cc > 0; i++) {
++ for (i = 0; i < npixels && cc >= 3; i++) {
+ tp[i] = bp[0] << 16 | bp[1] << 8 | bp[2];
+ bp += 3;
+ cc -= 3;
+@@ -325,7 +336,11 @@
+ if (sp->user_datafmt == SGILOGDATAFMT_RAW)
+ tp = (uint32*) op;
+ else {
+- assert(sp->tbuflen >= npixels);
++ if(sp->tbuflen < npixels) {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Translation buffer too short");
++ return (0);
++ }
+ tp = (uint32*) sp->tbuf;
+ }
+ _TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0]));
+@@ -334,11 +349,13 @@
+ cc = tif->tif_rawcc;
+ /* get each byte string */
+ for (shft = 4*8; (shft -= 8) >= 0; ) {
+- for (i = 0; i < npixels && cc > 0; )
++ for (i = 0; i < npixels && cc > 0; ) {
+ if (*bp >= 128) { /* run */
++ if( cc < 2 )
++ break;
+ rc = *bp++ + (2-128);
+ b = (uint32)*bp++ << shft;
+- cc -= 2; /* TODO: potential input buffer overrun when decoding corrupt or truncated data */
++ cc -= 2;
+ while (rc-- && i < npixels)
+ tp[i++] |= b;
+ } else { /* non-run */
+@@ -346,6 +363,7 @@
+ while (--cc && rc-- && i < npixels)
+ tp[i++] |= (uint32)*bp++ << shft;
+ }
++ }
+ if (i != npixels) {
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ TIFFErrorExt(tif->tif_clientdata, module,
+@@ -413,6 +431,7 @@
+ static int
+ LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
+ {
++ static const char module[] = "LogL16Encode";
+ LogLuvState* sp = EncoderState(tif);
+ int shft;
+ tmsize_t i;
+@@ -433,7 +452,11 @@
+ tp = (int16*) bp;
+ else {
+ tp = (int16*) sp->tbuf;
+- assert(sp->tbuflen >= npixels);
++ if(sp->tbuflen < npixels) {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Translation buffer too short");
++ return (0);
++ }
+ (*sp->tfunc)(sp, bp, npixels);
+ }
+ /* compress each byte string */
+@@ -506,6 +529,7 @@
+ static int
+ LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
+ {
++ static const char module[] = "LogLuvEncode24";
+ LogLuvState* sp = EncoderState(tif);
+ tmsize_t i;
+ tmsize_t npixels;
+@@ -521,7 +545,11 @@
+ tp = (uint32*) bp;
+ else {
+ tp = (uint32*) sp->tbuf;
+- assert(sp->tbuflen >= npixels);
++ if(sp->tbuflen < npixels) {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Translation buffer too short");
++ return (0);
++ }
+ (*sp->tfunc)(sp, bp, npixels);
+ }
+ /* write out encoded pixels */
+@@ -553,6 +581,7 @@
+ static int
+ LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
+ {
++ static const char module[] = "LogLuvEncode32";
+ LogLuvState* sp = EncoderState(tif);
+ int shft;
+ tmsize_t i;
+@@ -574,7 +603,11 @@
+ tp = (uint32*) bp;
+ else {
+ tp = (uint32*) sp->tbuf;
+- assert(sp->tbuflen >= npixels);
++ if(sp->tbuflen < npixels) {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Translation buffer too short");
++ return (0);
++ }
+ (*sp->tfunc)(sp, bp, npixels);
+ }
+ /* compress each byte string */
diff --git a/gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch b/gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch
new file mode 100644
index 0000000000..50657b667c
--- /dev/null
+++ b/gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch
@@ -0,0 +1,49 @@
+2015-12-27 Even Rouault <even.rouault at spatialys.com>
+
+ * libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()
+ triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
+ (bugzilla #2508)
+
+diff -u -r1.16 -r1.18
+--- libtiff/libtiff/tif_next.c 29 Dec 2014 12:09:11 -0000 1.16
++++ libtiff/libtiff/tif_next.c 27 Dec 2015 17:14:52 -0000 1.18
+@@ -1,4 +1,4 @@
+-/* $Id: tif_next.c,v 1.16 2014-12-29 12:09:11 erouault Exp $ */
++/* $Id: tif_next.c,v 1.18 2015-12-27 17:14:52 erouault Exp $ */
+
+ /*
+ * Copyright (c) 1988-1997 Sam Leffler
+@@ -37,7 +37,7 @@
+ case 0: op[0] = (unsigned char) ((v) << 6); break; \
+ case 1: op[0] |= (v) << 4; break; \
+ case 2: op[0] |= (v) << 2; break; \
+- case 3: *op++ |= (v); break; \
++ case 3: *op++ |= (v); op_offset++; break; \
+ } \
+ }
+
+@@ -103,6 +103,7 @@
+ }
+ default: {
+ uint32 npixels = 0, grey;
++ tmsize_t op_offset = 0;
+ uint32 imagewidth = tif->tif_dir.td_imagewidth;
+ if( isTiled(tif) )
+ imagewidth = tif->tif_dir.td_tilewidth;
+@@ -122,10 +123,15 @@
+ * bounds, potentially resulting in a security
+ * issue.
+ */
+- while (n-- > 0 && npixels < imagewidth)
++ while (n-- > 0 && npixels < imagewidth && op_offset < scanline)
+ SETPIXEL(op, grey);
+ if (npixels >= imagewidth)
+ break;
++ if (op_offset >= scanline ) {
++ TIFFErrorExt(tif->tif_clientdata, module, "Invalid data for scanline %ld",
++ (long) tif->tif_row);
++ return (0);
++ }
+ if (cc == 0)
+ goto bad;
+ n = *bp++, cc--;
diff --git a/gnu/packages/patches/perl-CVE-2015-8607.patch b/gnu/packages/patches/perl-CVE-2015-8607.patch
new file mode 100644
index 0000000000..4c25d41740
--- /dev/null
+++ b/gnu/packages/patches/perl-CVE-2015-8607.patch
@@ -0,0 +1,68 @@
+From 3a629609084d147838368262171b923f0770e564 Mon Sep 17 00:00:00 2001
+From: Tony Cook <tony@develop-help.com>
+Date: Tue, 15 Dec 2015 10:56:54 +1100
+Subject: ensure File::Spec::canonpath() preserves taint
+
+Previously the unix specific XS implementation of canonpath() would
+return an untainted path when supplied a tainted path.
+
+For the empty string case, newSVpvs() already sets taint as needed on
+its result.
+
+This issue was assigned CVE-2015-8607.
+
+Bug: https://rt.perl.org/Ticket/Display.html?id=126862
+Bug-Debian: https://bugs.debian.org/810719
+Origin: upstream
+Patch-Name: fixes/CVE-2015-8607_file_spec_taint_fix.diff
+---
+ dist/PathTools/Cwd.xs | 1 +
+ dist/PathTools/t/taint.t | 19 ++++++++++++++++++-
+ 2 files changed, 19 insertions(+), 1 deletion(-)
+
+diff --git a/dist/PathTools/Cwd.xs b/dist/PathTools/Cwd.xs
+index 9d4dcf0..3d018dc 100644
+--- a/dist/PathTools/Cwd.xs
++++ b/dist/PathTools/Cwd.xs
+@@ -535,6 +535,7 @@ THX_unix_canonpath(pTHX_ SV *path)
+ *o = 0;
+ SvPOK_on(retval);
+ SvCUR_set(retval, o - SvPVX(retval));
++ SvTAINT(retval);
+ return retval;
+ }
+
+diff --git a/dist/PathTools/t/taint.t b/dist/PathTools/t/taint.t
+index 309b3e5..48f8c5b 100644
+--- a/dist/PathTools/t/taint.t
++++ b/dist/PathTools/t/taint.t
+@@ -12,7 +12,7 @@ use Test::More;
+ BEGIN {
+ plan(
+ ${^TAINT}
+- ? (tests => 17)
++ ? (tests => 21)
+ : (skip_all => "A perl without taint support")
+ );
+ }
+@@ -34,3 +34,20 @@ foreach my $func (@Functions) {
+
+ # Previous versions of Cwd tainted $^O
+ is !tainted($^O), 1, "\$^O should not be tainted";
++
++{
++ # [perl #126862] canonpath() loses taint
++ my $tainted = substr($ENV{PATH}, 0, 0);
++ # yes, getcwd()'s result should be tainted, and is tested above
++ # but be sure
++ ok tainted(File::Spec->canonpath($tainted . Cwd::getcwd)),
++ "canonpath() keeps taint on non-empty string";
++ ok tainted(File::Spec->canonpath($tainted)),
++ "canonpath() keeps taint on empty string";
++
++ (Cwd::getcwd() =~ /^(.*)/);
++ my $untainted = $1;
++ ok !tainted($untainted), "make sure our untainted value is untainted";
++ ok !tainted(File::Spec->canonpath($untainted)),
++ "canonpath() doesn't add taint to untainted string";
++}
diff --git a/gnu/packages/patches/perl-deterministic-ordering.patch b/gnu/packages/patches/perl-deterministic-ordering.patch
new file mode 100644
index 0000000000..92e33ef135
--- /dev/null
+++ b/gnu/packages/patches/perl-deterministic-ordering.patch
@@ -0,0 +1,29 @@
+From <https://bugs.debian.org/801523>.
+
+From c01f602d1926b0671fd2c8d91f7e52c4e4c9fb24 Mon Sep 17 00:00:00 2001
+From: Niko Tyni <ntyni@debian.org>
+Date: Sun, 11 Oct 2015 19:27:56 +0300
+Subject: [PATCH] Sort the list of XS code files when generating RealPPPort.xs
+
+all_files_in_dir() uses readdir() ordering to make the list of
+input files. This can vary between build systems, breaking build
+reproducibility.
+---
+ cpan/Devel-PPPort/PPPort_xs.PL | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/cpan/Devel-PPPort/PPPort_xs.PL b/cpan/Devel-PPPort/PPPort_xs.PL
+index 5f18940..149f2fe 100644
+--- a/cpan/Devel-PPPort/PPPort_xs.PL
++++ b/cpan/Devel-PPPort/PPPort_xs.PL
+@@ -38,7 +38,7 @@ END
+ my $file;
+ my $sec;
+
+-for $file (all_files_in_dir('parts/inc')) {
++for $file (sort(all_files_in_dir('parts/inc'))) {
+ my $spec = parse_partspec($file);
+
+ my $msg = 0;
+--
+2.5.1
diff --git a/gnu/packages/patches/perl-module-pluggable-search.patch b/gnu/packages/patches/perl-module-pluggable-search.patch
index bb2a57f7e5..ec51abc35d 100644..100755
--- a/gnu/packages/patches/perl-module-pluggable-search.patch
+++ b/gnu/packages/patches/perl-module-pluggable-search.patch
@@ -1,19 +1,19 @@
-Fix core Perl module Module::Pluggable such that it can find plugins that live
-in symlinked directories.
+Fix Perl module Module::Pluggable such that it can find plugins that live in
+symlinked directories.
Patch borrowed/adapted from Nixpkgs.
---- perl-5.16.1/cpan/Module-Pluggable/lib/Module/Pluggable/Object.pm 2015-04-08 23:28:48.120164135 -0500
-+++ perl-5.16.1/cpan/Module-Pluggable/lib/Module/Pluggable/Object.pm 2015-04-08 23:30:27.032166704 -0500
+--- Module-Pluggable-5.2/lib/Module/Pluggable/Object.pm 2015-04-08 23:28:48.120164135 -0500
++++ Module-Pluggable-5.2/lib/Module/Pluggable/Object.pm 2015-04-08 23:30:27.032166704 -0500
@@ -164,7 +164,7 @@
my $sp = catdir($dir, (split /::/, $searchpath));
-
+
# if it doesn't exist or it's not a dir then skip it
- next unless ( -e $sp && -d _ ); # Use the cached stat the second time
+ next unless ( -e $sp );
-
+
my @files = $self->find_files($sp);
-
+
@@ -279,7 +279,7 @@
(my $path = $File::Find::name) =~ s#^\\./##;
push @files, $path;
@@ -22,4 +22,4 @@ Patch borrowed/adapted from Nixpkgs.
+ }, "$search_path/." );
}
#chdir $cwd;
- return @files;
+ return @files; \ No newline at end of file
diff --git a/gnu/packages/patches/perl-no-build-time.patch b/gnu/packages/patches/perl-no-build-time.patch
new file mode 100644
index 0000000000..5d78e8f462
--- /dev/null
+++ b/gnu/packages/patches/perl-no-build-time.patch
@@ -0,0 +1,26 @@
+Do not record the configuration and build time so that builds can be
+reproduced bit-for-bit.
+
+--- perl-5.22.0/Configure 1970-01-01 01:00:00.000000000 +0100
++++ perl-5.22.0/Configure 2015-12-13 00:14:43.148165080 +0100
+@@ -3834,6 +3817,7 @@ esac
+
+ : who configured the system
+ cf_time=`LC_ALL=C; LANGUAGE=C; export LC_ALL; export LANGUAGE; $date 2>&1`
++cf_time='Thu Jan 1 00:00:01 UTC 1970'
+ case "$cf_by" in
+ "")
+ cf_by=`(logname) 2>/dev/null`
+
+--- perl-5.22.0/perl.c 2015-12-13 00:25:30.269156627 +0100
++++ perl-5.22.0/perl.c 2015-12-13 00:25:38.265218175 +0100
+@@ -1795,7 +1795,7 @@ S_Internals_V(pTHX_ CV *cv)
+ PUSHs(Perl_newSVpvn_flags(aTHX_ non_bincompat_options,
+ sizeof(non_bincompat_options) - 1, SVs_TEMP));
+
+-#ifdef __DATE__
++#if 0
+ # ifdef __TIME__
+ PUSHs(Perl_newSVpvn_flags(aTHX_
+ STR_WITH_LEN("Compiled at " __DATE__ " " __TIME__),
+
diff --git a/gnu/packages/patches/perl-no-sys-dirs.patch b/gnu/packages/patches/perl-no-sys-dirs.patch
index 3aba4d7529..da91fef3b4 100644
--- a/gnu/packages/patches/perl-no-sys-dirs.patch
+++ b/gnu/packages/patches/perl-no-sys-dirs.patch
@@ -1,10 +1,10 @@
-Don't long for headers and libraries in "traditional" locations.
+Don't look for headers and libraries in "traditional" locations.
Patch from Nixpkgs by Eelco Dolstra <eelco.dolstra@logicblox.com>.
-diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
---- perl-5.14.2-orig/Configure 2011-09-26 11:44:34.000000000 +0200
-+++ perl-5.14.2/Configure 2012-01-20 17:05:23.089223129 +0100
+diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/Configure perl-5.20.0/Configure
+--- perl-5.20.0-orig/Configure 2014-05-26 15:34:18.000000000 +0200
++++ perl-5.20.0/Configure 2014-06-25 10:43:35.368285986 +0200
@@ -106,15 +106,7 @@
fi
@@ -22,7 +22,7 @@ diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
for p in $paths
do
-@@ -1311,8 +1303,7 @@
+@@ -1337,8 +1329,7 @@
archname=''
: Possible local include directories to search.
: Set locincpth to "" in a hint file to defeat local include searches.
@@ -32,8 +32,8 @@ diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
:
: no include file wanted by default
inclwanted=''
-@@ -1328,17 +1319,12 @@
- archobjs=''
+@@ -1349,17 +1340,12 @@
+
libnames=''
: change the next line if compiling for Xenix/286 on Xenix/386
-xlibpth='/usr/lib/386 /lib/386'
@@ -53,7 +53,7 @@ diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
: Private path used by Configure to find libraries. Its value
: is prepended to libpth. This variable takes care of special
-@@ -1371,8 +1357,6 @@
+@@ -1391,8 +1377,6 @@
libswanted="$libswanted m crypt sec util c cposix posix ucb bsd BSD"
: We probably want to search /usr/shlib before most other libraries.
: This is only used by the lib/ExtUtils/MakeMaker.pm routine extliblist.
@@ -62,27 +62,27 @@ diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
: Do not use vfork unless overridden by a hint file.
usevfork=false
-@@ -2380,7 +2364,6 @@
+@@ -2446,7 +2430,6 @@
zip
"
pth=`echo $PATH | sed -e "s/$p_/ /g"`
--pth="$pth /lib /usr/lib"
+-pth="$pth $sysroot/lib $sysroot/usr/lib"
for file in $loclist; do
eval xxx=\$$file
case "$xxx" in
-@@ -4785,7 +4768,7 @@
+@@ -4936,7 +4919,7 @@
: Set private lib path
case "$plibpth" in
'') if ./mips; then
-- plibpth="$incpath/usr/lib /usr/local/lib /usr/ccs/lib"
-+ plibpth="$incpath/usr/lib"
- fi;;
+- plibpth="$incpath/usr/lib $sysroot/usr/local/lib $sysroot/usr/ccs/lib"
++ plibpth="$incpath/usr/lib"
+ fi;;
esac
case "$libpth" in
-@@ -8390,13 +8373,8 @@
+@@ -8600,13 +8583,8 @@
echo " "
case "$sysman" in
- '')
+ '')
- syspath='/usr/share/man/man1 /usr/man/man1'
- syspath="$syspath /usr/man/mann /usr/man/manl /usr/man/local/man1"
- syspath="$syspath /usr/man/u_man/man1"
@@ -95,7 +95,7 @@ diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
;;
esac
if $test -d "$sysman"; then
-@@ -19721,9 +19699,10 @@
+@@ -19900,9 +19878,10 @@
case "$full_ar" in
'') full_ar=$ar ;;
esac
@@ -107,10 +107,11 @@ diff -ru -x '*~' perl-5.14.2-orig/Configure perl-5.14.2/Configure
: see what type gids are declared as in the kernel
echo " "
-diff -ru -x '*~' perl-5.14.2-orig/ext/Errno/Errno_pm.PL perl-5.14.2/ext/Errno/Errno_pm.PL
---- perl-5.14.2-orig/ext/Errno/Errno_pm.PL 2011-09-26 11:44:34.000000000 +0200
-+++ perl-5.14.2/ext/Errno/Errno_pm.PL 2012-01-20 17:02:07.938138311 +0100
-@@ -137,11 +137,7 @@
+Only in perl-5.20.0/: Configure.orig
+diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/ext/Errno/Errno_pm.PL perl-5.20.0/ext/Errno/Errno_pm.PL
+--- perl-5.20.0-orig/ext/Errno/Errno_pm.PL 2014-05-26 15:34:20.000000000 +0200
++++ perl-5.20.0/ext/Errno/Errno_pm.PL 2014-06-25 10:31:24.317970047 +0200
+@@ -126,11 +126,7 @@
if ($dep =~ /(\S+errno\.h)/) {
$file{$1} = 1;
}
@@ -120,13 +121,14 @@ diff -ru -x '*~' perl-5.14.2-orig/ext/Errno/Errno_pm.PL perl-5.14.2/ext/Errno/Er
- # might be using, say, Intel's icc
- ) {
+ } elsif (0) {
+ # When cross-compiling we may store a path for gcc's "sysroot" option:
+ my $sysroot = $Config{sysroot} || '';
# Some Linuxes have weird errno.hs which generate
- # no #file or #line directives
- my $linux_errno_h = -e '/usr/include/errno.h' ?
-diff -ru -x '*~' perl-5.14.2-orig/hints/freebsd.sh perl-5.14.2/hints/freebsd.sh
---- perl-5.14.2-orig/hints/freebsd.sh 2011-09-19 15:18:22.000000000 +0200
-+++ perl-5.14.2/hints/freebsd.sh 2012-01-20 17:10:37.267924044 +0100
-@@ -118,21 +118,21 @@
+Only in perl-5.20.0/ext/Errno: Errno_pm.PL.orig
+diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/hints/freebsd.sh perl-5.20.0/hints/freebsd.sh
+--- perl-5.20.0-orig/hints/freebsd.sh 2014-01-31 22:55:51.000000000 +0100
++++ perl-5.20.0/hints/freebsd.sh 2014-06-25 10:25:53.263964680 +0200
+@@ -119,21 +119,21 @@
objformat=`/usr/bin/objformat`
if [ x$objformat = xaout ]; then
if [ -e /usr/lib/aout ]; then
@@ -154,3 +156,99 @@ diff -ru -x '*~' perl-5.14.2-orig/hints/freebsd.sh perl-5.14.2/hints/freebsd.sh
ldflags="-Wl,-E "
lddlflags="-shared "
cccdlflags='-DPIC -fPIC'
+diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/hints/linux.sh perl-5.20.0/hints/linux.sh
+--- perl-5.20.0-orig/hints/linux.sh 2014-05-26 15:34:20.000000000 +0200
++++ perl-5.20.0/hints/linux.sh 2014-06-25 10:33:47.354883843 +0200
+@@ -150,25 +150,6 @@
+ ;;
+ esac
+
+-# Ubuntu 11.04 (and later, presumably) doesn't keep most libraries
+-# (such as -lm) in /lib or /usr/lib. So we have to ask gcc to tell us
+-# where to look. We don't want gcc's own libraries, however, so we
+-# filter those out.
+-# This could be conditional on Unbuntu, but other distributions may
+-# follow suit, and this scheme seems to work even on rather old gcc's.
+-# This unconditionally uses gcc because even if the user is using another
+-# compiler, we still need to find the math library and friends, and I don't
+-# know how other compilers will cope with that situation.
+-# Morever, if the user has their own gcc earlier in $PATH than the system gcc,
+-# we don't want its libraries. So we try to prefer the system gcc
+-# Still, as an escape hatch, allow Configure command line overrides to
+-# plibpth to bypass this check.
+-if [ -x /usr/bin/gcc ] ; then
+- gcc=/usr/bin/gcc
+-else
+- gcc=gcc
+-fi
+-
+ case "$plibpth" in
+ '') plibpth=`LANG=C LC_ALL=C $gcc $ccflags $ldflags -print-search-dirs | grep libraries |
+ cut -f2- -d= | tr ':' $trnl | grep -v 'gcc' | sed -e 's:/$::'`
+@@ -178,32 +159,6 @@
+ ;;
+ esac
+
+-case "$libc" in
+-'')
+-# If you have glibc, then report the version for ./myconfig bug reporting.
+-# (Configure doesn't need to know the specific version since it just uses
+-# gcc to load the library for all tests.)
+-# We don't use __GLIBC__ and __GLIBC_MINOR__ because they
+-# are insufficiently precise to distinguish things like
+-# libc-2.0.6 and libc-2.0.7.
+- for p in $plibpth
+- do
+- for trylib in libc.so.6 libc.so
+- do
+- if $test -e $p/$trylib; then
+- libc=`ls -l $p/$trylib | awk '{print $NF}'`
+- if $test "X$libc" != X; then
+- break
+- fi
+- fi
+- done
+- if $test "X$libc" != X; then
+- break
+- fi
+- done
+- ;;
+-esac
+-
+ # Are we using ELF? Thanks to Kenneth Albanowski <kjahds@kjahds.com>
+ # for this test.
+ cat >try.c <<'EOM'
+@@ -367,33 +322,6 @@
+ ;;
+ esac
+
+-# SuSE8.2 has /usr/lib/libndbm* which are ld scripts rather than
+-# true libraries. The scripts cause binding against static
+-# version of -lgdbm which is a bad idea. So if we have 'nm'
+-# make sure it can read the file
+-# NI-S 2003/08/07
+-case "$nm" in
+- '') ;;
+- *)
+- for p in $plibpth
+- do
+- if $test -r $p/libndbm.so; then
+- if $nm $p/libndbm.so >/dev/null 2>&1 ; then
+- echo 'Your shared -lndbm seems to be a real library.'
+- _libndbm_real=1
+- break
+- fi
+- fi
+- done
+- if $test "X$_libndbm_real" = X; then
+- echo 'Your shared -lndbm is not a real library.'
+- set `echo X "$libswanted "| sed -e 's/ ndbm / /'`
+- shift
+- libswanted="$*"
+- fi
+- ;;
+-esac
+-
+ # Linux on Synology.
+ if [ -f /etc/synoinfo.conf -a -d /usr/syno ]; then
+ # Tested on Synology DS213 and DS413
diff --git a/gnu/packages/patches/perl-source-date-epoch.patch b/gnu/packages/patches/perl-source-date-epoch.patch
new file mode 100644
index 0000000000..37330c9537
--- /dev/null
+++ b/gnu/packages/patches/perl-source-date-epoch.patch
@@ -0,0 +1,19 @@
+Adapted from <https://bugs.debian.org/801621>.
+Make Pod::Man honor the SOURCE_DATE_EPOCH environment variable.
+
+--- perl-5.22.0/cpan/podlators/lib/Pod/Man.pm 2015-12-12 22:33:03.321787590 +0100
++++ perl-5.22.0/cpan/podlators/lib/Pod/Man.pm 2015-12-12 22:36:33.367361338 +0100
+@@ -884,7 +884,12 @@ sub devise_date {
+ my ($self) = @_;
+ my $input = $self->source_filename;
+ my $time;
+- if ($input) {
++
++ if (defined($ENV{SOURCE_DATE_EPOCH}) &&
++ $ENV{SOURCE_DATE_EPOCH} !~ /\D/) {
++ $time = $ENV{SOURCE_DATE_EPOCH};
++ }
++ elsif ($input) {
+ $time = (stat $input)[9] || time;
+ } else {
+ $time = time;
diff --git a/gnu/packages/patches/procps-make-3.82.patch b/gnu/packages/patches/procps-make-3.82.patch
deleted file mode 100644
index 7bf53e2ccc..0000000000
--- a/gnu/packages/patches/procps-make-3.82.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-Fix compilation with GNU Make 3.82 (patch from Nixpkgs).
-
-diff --git a/Makefile b/Makefile
-index 09fb3ed..59eba16 100644
---- a/Makefile
-+++ b/Makefile
-@@ -174,7 +174,7 @@ INSTALL := $(BINFILES) $(MANFILES)
- # want this rule first, use := on ALL, and ALL not filled in yet
- all: do_all
-
---include */module.mk
-+-include proc/module.mk ps/module.mk
-
- do_all: $(ALL)
diff --git a/gnu/packages/patches/python-2.7-search-paths.patch b/gnu/packages/patches/python-2.7-search-paths.patch
index 6e5339f3a6..ba7235df27 100644
--- a/gnu/packages/patches/python-2.7-search-paths.patch
+++ b/gnu/packages/patches/python-2.7-search-paths.patch
@@ -1,5 +1,5 @@
-Make sure the build system honors CPATH and LIBRARY_PATH when looking for
-headers and libraries.
+Make sure the build system honors C_INCLUDE_PATH and LIBRARY_PATH when
+looking for headers and libraries.
--- Python-2.7.10/setup.py 2015-10-07 18:33:18.125153186 +0200
+++ Python-2.7.10/setup.py 2015-10-07 18:33:47.497347552 +0200
@@ -9,7 +9,7 @@ headers and libraries.
+ # Always honor these variables.
+ lib_dirs += os.getenv('LIBRARY_PATH', '').split(os.pathsep)
-+ inc_dirs += os.getenv('CPATH', '').split(os.pathsep)
++ inc_dirs += os.getenv('C_INCLUDE_PATH', '').split(os.pathsep)
+
# OSF/1 and Unixware have some stuff in /usr/ccs/lib (like -ldb)
if host_platform in ['osf1', 'unixware7', 'openunix8']:
diff --git a/gnu/packages/patches/python-3-search-paths.patch b/gnu/packages/patches/python-3-search-paths.patch
index 547feae1b9..7feddb8e30 100644
--- a/gnu/packages/patches/python-3-search-paths.patch
+++ b/gnu/packages/patches/python-3-search-paths.patch
@@ -1,5 +1,5 @@
-Make sure the build system honors CPATH and LIBRARY_PATH when looking for
-headers and libraries.
+Make sure the build system honors C_INCLUDE_PATH and LIBRARY_PATH when
+looking for headers and libraries.
--- setup.py 2015-10-07 23:32:58.891329173 +0200
+++ setup.py 2015-10-07 23:46:29.653349924 +0200
@@ -13,7 +13,7 @@ headers and libraries.
- ]
- inc_dirs = self.compiler.include_dirs + ['/usr/include']
+ lib_dirs = os.getenv('LIBRARY_PATH', '').split(os.pathsep)
-+ inc_dirs = os.getenv('CPATH', '').split(os.pathsep)
++ inc_dirs = os.getenv('C_INCLUDE_PATH', '').split(os.pathsep)
else:
lib_dirs = self.compiler.library_dirs[:]
inc_dirs = self.compiler.include_dirs[:]
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index 5d6618a9ec..d2933bbe38 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -42,6 +42,8 @@
(base32
"1pvra19ljkr5ky35y2iywjnsckrs9ch2anrf5b0dc91hw8v2vq5r"))))
(build-system gnu-build-system)
+ (outputs '("out"
+ "doc")) ;1.8 MiB of HTML
(inputs `(("bzip2" ,bzip2)
("readline" ,readline)
("zlib" ,zlib)))
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index 6c0b4d2f6c..0e63aa943e 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -1,9 +1,10 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
+;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -37,18 +38,21 @@
;; Yeah, Perl... It is required early in the bootstrap process by Linux.
(package
(name "perl")
- (version "5.16.1")
+ (version "5.22.1")
(source (origin
(method url-fetch)
(uri (string-append "http://www.cpan.org/src/5.0/perl-"
version ".tar.gz"))
(sha256
(base32
- "15qxzba3a50c9nik5ydgyfp62x7h9vxxn12yd1jgl93hb1wj96km"))
+ "09wg24w5syyafyv87l6z8pxwz4bjgcdj996bx5844k6m9445sirb"))
(patches (map search-patch
'("perl-no-sys-dirs.patch"
"perl-autosplit-default-time.patch"
- "perl-module-pluggable-search.patch")))))
+ "perl-source-date-epoch.patch"
+ "perl-deterministic-ordering.patch"
+ "perl-no-build-time.patch"
+ "perl-CVE-2015-8607.patch")))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f
@@ -60,10 +64,16 @@
(let ((out (assoc-ref outputs "out"))
(libc (assoc-ref inputs "libc")))
;; Use the right path for `pwd'.
- (substitute* "dist/Cwd/Cwd.pm"
+ (substitute* "dist/PathTools/Cwd.pm"
(("/bin/pwd")
(which "pwd")))
+ ;; Build in GNU89 mode to tolerate C++-style comment in libc's
+ ;; <bits/string3.h>.
+ (substitute* "cflags.SH"
+ (("-std=c89")
+ "-std=gnu89"))
+
(zero?
(system* "./Configure"
(string-append "-Dprefix=" out)
@@ -158,6 +168,7 @@ differences.")
(base32
"1syyqzy462501kn5ma9gl6xbmcahqcn4qpafhsmpz0nd0x2m4l63"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/aliased")
(synopsis "Use shorter versions of class names")
(description "The alias module loads the class you specify and exports
@@ -493,6 +504,8 @@ your class.")
(base32
"1lilrjy1s0q5hyr0888kf0ifxjyl2iyk4vxil4jsv0sgh39lkgx5"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-class-accessor" ,perl-class-accessor)))
(home-page "http://search.cpan.org/dist/Class-Accessor-Chained")
@@ -653,6 +666,7 @@ type for perl.")
(base32
"09ifd6v0c94vr20n9yr1dxgcp7hyscqq851szdip7y24bd26nlbc"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Class-Factory-Util")
(synopsis "Utility methods for factory classes")
(description "This module exports methods useful for factory classes.")
@@ -911,6 +925,8 @@ as defined by two typical specimens of Perl coders.")
(base32
"06n6jn3q3xhk57icwip0ihzqixxav6sgp6rrb35hahj1z748y3vi"))))
(build-system perl-build-system)
+ (propagated-inputs
+ `(("perl-module-pluggable" ,perl-module-pluggable)))
(home-page "http://search.cpan.org/dist/Config-Any")
(synopsis "Load configuration from different file formats")
(description "Config::Any provides a facility for Perl applications and
@@ -1168,7 +1184,8 @@ indentation and newlines plus sub deparsing.")
"1hvi92c4h2angryc6pngw7gbm3ysc2jfmyxk2wh9ia4vdwpbs554"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-exception" ,perl-test-exception)))
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-exception" ,perl-test-exception)))
(propagated-inputs
`(("perl-class-accessor-chained" ,perl-class-accessor-chained)))
(home-page "http://search.cpan.org/dist/Data-Page")
@@ -1346,6 +1363,7 @@ Date::Calc.")
(base32
"0zd0wbf91i49753rnf7m1lw197hdl5r97mxy0n43zdmcmhvkb3qq"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(arguments
;; Tests would require tzdata for timezone information, but tzdata is in
;; (gnu packages base) which would create a circular dependency. TODO:
@@ -1372,7 +1390,8 @@ time from another, or parsing international times.")
"0fli1ls298qa8nfki15myxqqqfpxvslxk4j5r3vjk577wfgjrnms"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-fatal" ,perl-test-fatal)
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-fatal" ,perl-test-fatal)
("perl-test-warnings" ,perl-test-warnings)))
(propagated-inputs
`(("perl-datetime-locale" ,perl-datetime-locale)
@@ -1399,6 +1418,8 @@ time before its creation (in 1582).")
(base32
"1b27699zkj68w5ll9chjhs52vmf39f9via6x5r5844as30qh9zxb"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-datetime" ,perl-datetime)
("perl-params-validate" ,perl-params-validate)
@@ -1501,6 +1522,7 @@ to do this without writing reams of structural code.")
("perl-datetime-format-builder" ,perl-datetime-format-builder)
("perl-datetime-timezone" ,perl-datetime-timezone)
("perl-list-moreutils" ,perl-list-moreutils)
+ ("perl-module-pluggable" ,perl-module-pluggable)
("perl-test-mocktime" ,perl-test-mocktime)))
(home-page "http://search.cpan.org/dist/DateTime-Format-Flexible")
(synopsis "Parse data/time strings")
@@ -1521,6 +1543,8 @@ give it and parse it into a DateTime object.")
(base32
"0cvwk7pigj7czsp81z35h7prxvylkrlk2l0kwvq0v72ykx9zc2cb"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-datetime" ,perl-datetime)
("perl-datetime-event-ical" ,perl-datetime-event-ical)
@@ -1548,7 +1572,8 @@ order to create the appropriate objects.")
"1qq3adq1y08d0jlmwk9059s5d39hb26f3zjag099gjjyvs5c8yal"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-module-util" ,perl-module-util)
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-module-util" ,perl-module-util)
("perl-test-mocktime" ,perl-test-mocktime)))
(propagated-inputs
`(("perl-boolean" ,perl-boolean)
@@ -1605,6 +1630,8 @@ takes a string and a pattern and returns the `DateTime` object associated.")
(base32
"175grkrxiv012n6ch3z1sip4zprcili6m5zqi3njdk5c1gdvi8ca"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-list-moreutils" ,perl-list-moreutils)
("perl-params-validate" ,perl-params-validate)))
@@ -1707,6 +1734,7 @@ edges (mainly concerning timezone detection and selection).")
(base32
"0g71sma9jy0fjm619hcrcsb9spg2y03vjxx36y8k1xpa2553sr7m"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Devel-CheckBin")
(synopsis "Check that a command is available")
(description "Devel::CheckBin is a perl module that checks whether a
@@ -1941,6 +1969,7 @@ modules separately and deal with them after the module is done installing.")
(base32
"0dsxic78mxy30qvbbdzfyp501hbkwhnbmafqfxipr0yqfy8f2j5g"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Error")
(synopsis "OO-ish Error/Exception handling for Perl")
(description "The Error package provides two interfaces. Firstly Error
@@ -2120,10 +2149,12 @@ module building modules.")
"090i265f73jlcl5rv250791vw32j9vvl4nd5abc7myg0klb8109w"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-exception" ,perl-test-exception)))
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-exception" ,perl-test-exception)))
(propagated-inputs
`(("perl-class-load" ,perl-class-load)
("perl-list-moreutils" ,perl-list-moreutils)
+ ("perl-module-pluggable" ,perl-module-pluggable)
("perl-moose" ,perl-moose)
("perl-moosex-params-validate" ,perl-moosex-params-validate)
("perl-moosex-semiaffordanceaccessor"
@@ -3064,6 +3095,26 @@ strictly correct manner with ExtUtils::MakeMaker, and will run on any Perl
installation version 5.005 or newer.")
(license (package-license perl))))
+(define-public perl-module-pluggable
+ (package
+ (name "perl-module-pluggable")
+ (version "5.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/S/SI/SIMONW/"
+ "Module-Pluggable-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1px6qmszmfc69v36vd8d92av4nkrif6xf4nrj3xv647xwi2svwmk"))
+ (patches (list (search-patch "perl-module-pluggable-search.patch")))))
+ (build-system perl-build-system)
+ (home-page "http://search.cpan.org/dist/Module-Pluggable")
+ (synopsis "Give your Perl module the ability to have plugins")
+ (description "This module provides a simple but extensible way of having
+'plugins' for your Perl module.")
+ (license (package-license perl))))
+
(define-public perl-module-runtime
(package
(name "perl-module-runtime")
@@ -3077,6 +3128,7 @@ installation version 5.005 or newer.")
(base32
"19326f094jmjs6mgpwkyisid54k67w34br8yfh0gvaaml87gwi2c"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Module-Runtime")
(synopsis "Perl runtime module handling")
(description "The functions exported by this module deal with runtime
@@ -3096,6 +3148,8 @@ handling of Perl modules, which are normally handled at compile time.")
(base32
"0pz23ch78lbpn4kdbm04icgsmbr7jvmxwq1p5m4x2pap8qwd0wqg"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-module-runtime" ,perl-module-runtime)
("perl-dist-checkconflicts" ,perl-dist-checkconflicts)))
@@ -3302,7 +3356,8 @@ private methods are not.")
"1nkzvbsiwldmpn6207ns7rinh860djnw098h6cnvywf429rjnz60"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-deep" ,perl-test-deep)
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-deep" ,perl-test-deep)
("perl-test-fatal" ,perl-test-fatal)
("perl-test-requires" ,perl-test-requires)
("perl-test-trap" ,perl-test-trap)
@@ -3465,6 +3520,7 @@ manually setting up a subclass.")
(build-system perl-build-system)
(native-inputs
`(("perl-cpan-meta-check" ,perl-cpan-meta-check)
+ ("perl-module-build" ,perl-module-build)
("perl-moosex-role-withoverloading" ,perl-moosex-role-withoverloading)
("perl-test-fatal" ,perl-test-fatal)
("perl-test-requires" ,perl-test-requires)))
@@ -3597,7 +3653,8 @@ search for traits and some extra attributes.")
"1iq90s1f0xbmr194q0mhnp9wxqxwwilkbdml040ibqbqvfiz87yh"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-fatal" ,perl-test-fatal)
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-fatal" ,perl-test-fatal)
("perl-test-requires" ,perl-test-requires)))
(propagated-inputs
`(("perl-carp-clan" ,perl-carp-clan)
@@ -3765,7 +3822,8 @@ Perl (back to 5.6.0).")
"0msggbg2zbixxjq1fda19h0yygavxndfzc4j4pq11nfghmawjsb0"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-requires" ,perl-test-requires)))
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-requires" ,perl-test-requires)))
(propagated-inputs
`(("perl-b-hooks-endofscope" ,perl-b-hooks-endofscope)
("perl-namespace-clean" ,perl-namespace-clean)
@@ -4005,7 +4063,8 @@ checking parameters easier.")
"1wh23i9kkma6493c0q1kvy6wmahd6spg6xm3xbp2ar1iy1xhks5l"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-fatal" ,perl-test-fatal)
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-fatal" ,perl-test-fatal)
("perl-test-requires" ,perl-test-requires)))
(propagated-inputs
`(("perl-module-implementation" ,perl-module-implementation)))
@@ -4066,6 +4125,7 @@ up inheritance from those modules at the same time.")
(base32
"1viaj8jyshcj135la0kgfgzalaw06xnbsg9h54jx09v1342v69lj"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Path-Class")
(synopsis "Path specification manipulation")
(description "Path::Class is a module for manipulation of file and
@@ -4125,6 +4185,7 @@ used for writing documentation for Perl and for Perl modules.")
(base32
"0f9p3hx0vqx8zg5v24pz0s4zc8ln100c7c91ks681wq02phqj2v7"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(arguments `(#:tests? #f)) ;TODO: Timezone test failures
(home-page "http://search.cpan.org/dist/POSIX-strftime-Compiler")
(synopsis "GNU C library compatible strftime for loggers and servers")
@@ -4168,6 +4229,7 @@ Module::Build project, but has been externalized here for general use.")
(base32
"165zcf9lpijdpkx82za0g9rx8ckjnhipmcivdkyzshl8jmp1bl4v"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Readonly")
(synopsis "Create read-only scalars, arrays, hashes")
(description "This module provides a facility for creating non-modifiable
@@ -4925,6 +4987,8 @@ structures without getting caught in an infinite loop.")
(base32
"0rhs4q6qn64ji06ns7lwl6iiiw3mggvd9xk9nkiqvx1jihbplrbw"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-text-diff" ,perl-text-diff)
("perl-capture-tiny" ,perl-capture-tiny)))
@@ -5096,6 +5160,7 @@ you test against long strings.")
("perl-test-warn" ,perl-test-warn)
("perl-universal-can" ,perl-universal-can)
("perl-universal-isa" ,perl-universal-isa)))
+ (arguments `(#:tests? #f)) ;TODO: tests require perl-cgi
(home-page "http://search.cpan.org/dist/Test-MockObject")
(synopsis "Emulate troublesome interfaces in Perl")
(description "Test::MockObject allows you to create objects that conform
@@ -5213,6 +5278,7 @@ as flexible as possible to the tester.")
(base32
"1hmwwhabyng4jrnll926b4ab73r40w3pfchlrvs0yx6kh6kwwy14"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Test-Pod")
(synopsis "Check for POD errors in files")
(description "Check POD files for errors or warnings in a test file, using
@@ -5357,6 +5423,8 @@ a minimum of effort.")
(base32
"05b4zc4087imwphls4yksg4chzx9yavbri301gaxas9kv1yhx13w"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-test-tester" ,perl-test-tester)
("perl-data-dump" ,perl-data-dump)))
@@ -5471,7 +5539,8 @@ installed.")
("perl-test-directory" ,perl-test-directory)))
(propagated-inputs
`(("perl-data-tumbler" ,perl-data-tumbler)
- ("perl-file-homedir" ,perl-file-homedir)))
+ ("perl-file-homedir" ,perl-file-homedir)
+ ("perl-module-pluggable" ,perl-module-pluggable)))
(home-page "http://search.cpan.org/dist/Test-WriteVariants")
(synopsis "Dynamic generation of tests")
(description "The Test::WriteVariants module provides for the dynamic
@@ -5512,6 +5581,7 @@ support.")
(base32
"0a6zkchc0apvzkch6z18cx6h97xfiv50r7n4xhg90x8dvk75qzcs"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Text-Aligner")
(synopsis "Align text")
(description "Text::Aligner exports a single function, align(), which is
@@ -5594,6 +5664,7 @@ generally slower on larger files.")
(base32
"0lr76wrsj8wcxrq4wi8z1640w4dmdbkznp06q744rg3g0bd238d5"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Text-Glob")
(synopsis "Match globbing patterns against text")
(description "Text::Glob implements glob(3) style matching that can be
@@ -5632,6 +5703,8 @@ you want to do full file globbing use the File::Glob module instead.")
(base32
"02c8v38k639r23dgxwgvsy4myjjzvgdb238kpiffsiz25ab3xp5j"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-text-aligner" ,perl-text-aligner)))
(home-page "http://search.cpan.org/dist/Text-Table")
@@ -5700,6 +5773,7 @@ as exceptions to standard program flow.")
(base32
"0mmg9iyh42syal3z1p2pn9airq65yrkfs66cnqs9nz76jy60pfzs"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/Tie-IxHash")
(synopsis "Ordered associative arrays for Perl")
(description "This Perl module implements Perl hashes that preserve the
@@ -5829,6 +5903,8 @@ time values and formatting dates into ASCII strings.")
(base32
"0bwqyg8z98m8cjw1qcm4wg502n225k33j2fp8ywxkgfjdd1zgllv"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-timedate" ,perl-timedate))) ;For Date::Parse
(home-page "http://search.cpan.org/dist/Time-Mock")
@@ -5875,7 +5951,8 @@ simple n-ary tree.")
"1g27xl48q1vr7aikhxg4vvcsj1si8allxz59vmnks61wsw4by7vg"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-exception" ,perl-test-exception)))
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-exception" ,perl-test-exception)))
(propagated-inputs
`(("perl-tree-simple" ,perl-tree-simple)
("perl-base" ,perl-base)))
@@ -6149,12 +6226,13 @@ MYMETA.yml.")
`(("perl-cpan-meta" ,perl-cpan-meta)))
(home-page "http://search.cpan.org/dist/Module-Build")
(synopsis "Build and install Perl modules")
- (description "\"Module::Build\" is a system for building, testing, and
-installing Perl modules. It is meant to be an alternative to
-\"ExtUtils::MakeMaker\". Developers may alter the behavior of the module
+ (description "@code{Module::Build} is a system for building, testing, and
+installing Perl modules; it used to be part of Perl itself until version 5.22,
+which dropped it. It is meant to be an alternative to
+@code{ExtUtils::MakeMaker}. Developers may alter the behavior of the module
through subclassing in a much more straightforward way than with
-\"MakeMaker\". It also does not require a \"make\" on your system - most of
-the \"Module::Build\" code is pure-perl and written in a cross-platform way.")
+@code{MakeMaker}. It also does not require a @command{make} on your
+system---most of the @code{Module::Build} code is pure-Perl.")
(license (package-license perl))))
(define-public perl-parse-cpan-meta
diff --git a/gnu/packages/pkg-config.scm b/gnu/packages/pkg-config.scm
index dd5120c474..5923395dec 100644
--- a/gnu/packages/pkg-config.scm
+++ b/gnu/packages/pkg-config.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -30,7 +30,7 @@
(define-public %pkg-config
(package
(name "pkg-config")
- (version "0.28")
+ (version "0.29")
(source (origin
(method url-fetch)
(uri (string-append
@@ -38,7 +38,7 @@
version ".tar.gz"))
(sha256
(base32
- "0igqq5m204w71m11y0nipbdf5apx87hwfll6axs12hn4dqfb6vkb"))))
+ "0sq09a39wj4cxf8l2jvkq067g08ywfma4v6nhprnf351s82pfl68"))))
(build-system gnu-build-system)
(arguments `(#:configure-flags '("--with-internal-glib")))
(native-search-paths
diff --git a/gnu/packages/plotutils.scm b/gnu/packages/plotutils.scm
index 09a2d4f91d..e9a247142d 100644
--- a/gnu/packages/plotutils.scm
+++ b/gnu/packages/plotutils.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
;;;
;;; This file is part of GNU Guix.
@@ -193,7 +193,7 @@ colors, styles, options and details.")
`(("fftw" ,fftw)
("freeglut" ,freeglut)
("gsl" ,gsl)
- ("libgc" ,libgc-for-c++)
+ ("libgc" ,libgc)
("python" ,python-2)
("readline" ,readline)
("zlib" ,zlib)))
diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm
index d5e8aba272..fe976a92f4 100644
--- a/gnu/packages/pulseaudio.scm
+++ b/gnu/packages/pulseaudio.scm
@@ -58,8 +58,9 @@
(inputs
`(("libvorbis" ,libvorbis)
("libogg" ,libogg)
- ("flac" ,flac)
- ("pkg-config" ,pkg-config)))
+ ("flac" ,flac)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
(home-page "http://www.mega-nerd.com/libsndfile/")
(synopsis "Reading and writing files containing sampled sound")
(description
@@ -87,7 +88,8 @@ for reading and writing new sound file formats.")
(base32
"01hw5xjbjavh412y63brcslj5hi9wdgkjd3h9csx5rnm8vglpdck"))))
(build-system gnu-build-system)
- (inputs `(("pkg-config" ,pkg-config)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
(propagated-inputs
`(("libsndfile" ,libsndfile)
("fftw" ,fftw)))
@@ -162,13 +164,14 @@ rates.")
("dbus" ,dbus)
("glib" ,glib)
("intltool" ,intltool)
- ("pkg-config" ,pkg-config)
("m4" ,m4)
("libltdl" ,libltdl)
("fftwf" ,fftwf)
("avahi" ,avahi)
("eudev" ,eudev) ;for the detection of hardware audio devices
("check" ,check)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
(propagated-inputs
;; 'libpulse*.la' contain `-lgdbm' and `-lcap', so propagate them.
`(("libcap" ,libcap)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 813711a9b6..82a9cfc75e 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -308,7 +308,9 @@ data types.")
(inputs `(("openssl" ,openssl)
("zlib" ,zlib)))))
-(define* (wrap-python3 python #:optional (name "python-wrapper"))
+(define* (wrap-python3 python
+ #:optional
+ (name (string-append (package-name python) "-wrapper")))
(package (inherit python)
(name name)
(source #f)
diff --git a/gnu/packages/qt.scm b/gnu/packages/qt.scm
index 8f148c9e90..dccc9a2e48 100644
--- a/gnu/packages/qt.scm
+++ b/gnu/packages/qt.scm
@@ -182,7 +182,12 @@ X11 (yet).")
("ruby" ,ruby)
("which" ,(@ (gnu packages base) which))))
(arguments
- `(#:phases
+ `(;; FIXME: Disabling parallel building is a quick hack to avoid the
+ ;; failure described in
+ ;; https://lists.gnu.org/archive/html/guix-devel/2016-01/msg00837.html
+ ;; A more structural fix is needed.
+ #:parallel-build? #f
+ #:phases
(alist-replace
'configure
(lambda* (#:key outputs #:allow-other-keys)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index 97078741cb..fa7c2f7691 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -4,7 +4,7 @@
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2015 Ben Woodcroft <donttrustben@gmail.com>
+;;; Copyright © 2015, 2016 Ben Woodcroft <donttrustben@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -46,7 +46,7 @@
(define-public ruby
(package
(name "ruby")
- (version "2.2.4")
+ (version "2.3.0")
(source
(origin
(method url-fetch)
@@ -55,28 +55,33 @@
"/ruby-" version ".tar.xz"))
(sha256
(base32
- "0g3ps4q3iz7wj9m45n8xyxzw8nh29ljdqb87b0f6i0p3853gz2yj"))))
+ "15s0dsb5ynf3d2w5gzawnszq5594fqvapv2y7a0qw16przq5l4kh"))
+ (modules '((guix build utils)))
+ (snippet `(begin
+ ;; Remove bundled libffi
+ (delete-file-recursively
+ (string-append "ext/fiddle/libffi-3.2.1"))
+ #t))))
(build-system gnu-build-system)
(arguments
`(#:test-target "test"
- #:parallel-tests? #f
#:phases
- (alist-cons-before
- 'configure 'replace-bin-sh
- (lambda _
- (substitute* '("Makefile.in"
- "ext/pty/pty.c"
- "io.c"
- "lib/mkmf.rb"
- "process.c"
- "test/rubygems/test_gem_ext_configure_builder.rb"
- "test/rdoc/test_rdoc_parser.rb"
- "test/ruby/test_rubyoptions.rb"
- "test/ruby/test_process.rb"
- "test/ruby/test_system.rb"
- "tool/rbinstall.rb")
- (("/bin/sh") (which "sh"))))
- %standard-phases)))
+ (modify-phases %standard-phases
+ (add-before 'configure 'replace-bin-sh-and-remove-libffi
+ (lambda _
+ (substitute* '("Makefile.in"
+ "ext/pty/pty.c"
+ "io.c"
+ "lib/mkmf.rb"
+ "process.c"
+ "test/rubygems/test_gem_ext_configure_builder.rb"
+ "test/rdoc/test_rdoc_parser.rb"
+ "test/ruby/test_rubyoptions.rb"
+ "test/ruby/test_process.rb"
+ "test/ruby/test_system.rb"
+ "tool/rbinstall.rb")
+ (("/bin/sh") (which "sh")))
+ #t)))))
(inputs
`(("readline" ,readline)
("openssl" ,openssl)
@@ -95,6 +100,25 @@ a focus on simplicity and productivity.")
(home-page "https://ruby-lang.org")
(license license:ruby)))
+(define-public ruby-2.2
+ (package (inherit ruby)
+ (version "2.2.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://cache.ruby-lang.org/pub/ruby/"
+ (version-major+minor version)
+ "/ruby-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0g3ps4q3iz7wj9m45n8xyxzw8nh29ljdqb87b0f6i0p3853gz2yj"))
+ (modules '((guix build utils)))
+ (snippet `(begin
+ ;; Remove bundled libffi
+ (delete-file-recursively
+ (string-append "ext/fiddle/libffi-3.2.1"))
+ #t))))))
+
(define-public ruby-2.1
(package (inherit ruby)
(version "2.1.8")
@@ -1059,13 +1083,13 @@ using Net::HTTP, supporting reconnection and retry according to RFC 2616.")
(define-public ruby-power-assert
(package
(name "ruby-power-assert")
- (version "0.2.6")
+ (version "0.2.7")
(source (origin
(method url-fetch)
(uri (rubygems-uri "power_assert" version))
(sha256
(base32
- "0gbj379jhnff8rbb6m3kzdm282szjz1a021xzxa38d1bnswj2jx3"))))
+ "0ka6w71lcan4wgf111xi3pcn9ma9lhakv31jg8w007nwzi0xfjbi"))))
(build-system ruby-build-system)
(native-inputs
`(("bundler" ,bundler)))
@@ -1212,15 +1236,18 @@ It allows writing tests, checking results and automated testing in Ruby.")
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'add-test-unit-to-search-path
- (lambda* (#:key inputs #:allow-other-keys)
- (substitute* "Rakefile"
- (("t\\.libs << \"test\"" line)
- (string-append line "; t.libs << \""
- (assoc-ref inputs "ruby-test-unit")
- "/lib/ruby/gems/2.2.0/gems/test-unit-"
- ,(package-version ruby-test-unit)
- "/lib\"")))
- #t)))))
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((test-unit (assoc-ref inputs "ruby-test-unit"))
+ (test-unit-home (gem-home test-unit
+ ,(package-version ruby))))
+ (substitute* "Rakefile"
+ (("t\\.libs << \"test\"" line)
+ (string-append line "; t.libs << \""
+ test-unit-home
+ "/gems/test-unit-"
+ ,(package-version ruby-test-unit)
+ "/lib\""))))
+ #t)))))
(native-inputs
`(("bundler" ,bundler)
("ruby-test-unit" ,ruby-test-unit)))
@@ -1274,15 +1301,18 @@ as a base class when writing classes that depend upon
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'add-test-unit-to-search-path
- (lambda* (#:key inputs #:allow-other-keys)
- (substitute* "Rakefile"
- (("t\\.libs << \"test\"" line)
- (string-append line "; t.libs << \""
- (assoc-ref inputs "ruby-test-unit")
- "/lib/ruby/gems/2.2.0/gems/test-unit-"
- ,(package-version ruby-test-unit)
- "/lib\"")))
- #t)))))
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((test-unit (assoc-ref inputs "ruby-test-unit"))
+ (test-unit-home (gem-home test-unit ,(package-version
+ ruby))))
+ (substitute* "Rakefile"
+ (("t\\.libs << \"test\"" line)
+ (string-append line "; t.libs << \""
+ test-unit-home
+ "/gems/test-unit-"
+ ,(package-version ruby-test-unit)
+ "/lib\""))))
+ #t)))))
(propagated-inputs
`(("ruby-blankslate" ,ruby-blankslate)))
(native-inputs
@@ -1311,13 +1341,16 @@ knowing anything about the constructor.")
(modify-phases %standard-phases
(add-after 'unpack 'add-test-unit-to-search-path
(lambda* (#:key inputs #:allow-other-keys)
- (substitute* "Rakefile"
- (("t\\.libs << \"test\"" line)
- (string-append line "; t.libs << \""
- (assoc-ref inputs "ruby-test-unit")
- "/lib/ruby/gems/2.2.0/gems/test-unit-"
- ,(package-version ruby-test-unit)
- "/lib\"")))
+ (let* ((test-unit (assoc-ref inputs "ruby-test-unit"))
+ (test-unit-home (gem-home test-unit ,(package-version
+ ruby))))
+ (substitute* "Rakefile"
+ (("t\\.libs << \"test\"" line)
+ (string-append line "; t.libs << \""
+ test-unit-home
+ "/gems/test-unit-"
+ ,(package-version ruby-test-unit)
+ "/lib\""))))
#t)))))
(propagated-inputs
`(("ruby-instantiator" ,ruby-instantiator)
@@ -1381,13 +1414,16 @@ conversion to (X)HTML.")
(modify-phases %standard-phases
(add-after 'unpack 'add-test-unit-to-search-path
(lambda* (#:key inputs #:allow-other-keys)
- (substitute* "Rakefile"
- (("t\\.libs << 'test'" line)
- (string-append line "; t.libs << \""
- (assoc-ref inputs "ruby-test-unit")
- "/lib/ruby/gems/2.2.0/gems/test-unit-"
- ,(package-version ruby-test-unit)
- "/lib\"")))
+ (let* ((test-unit (assoc-ref inputs "ruby-test-unit"))
+ (test-unit-home (gem-home test-unit
+ ,(package-version ruby))))
+ (substitute* "Rakefile"
+ (("t\\.libs << 'test'" line)
+ (string-append line "; t.libs << \""
+ test-unit-home
+ "/gems/test-unit-"
+ ,(package-version ruby-test-unit)
+ "/lib\""))))
#t))
(add-before 'check 'use-latest-redcarpet
(lambda _
@@ -2202,13 +2238,17 @@ development of Ruby gems.")
(modify-phases %standard-phases
(add-after 'unpack 'fix-test-include-path
(lambda* (#:key inputs #:allow-other-keys)
- (substitute* "Rakefile"
- (("Hoe\\.add_include_dirs .*")
- (string-append "Hoe.add_include_dirs \""
- (assoc-ref inputs "ruby-minitest-4")
- "/lib/ruby/gems/2.2.0/gems/minitest-"
- ,(package-version ruby-minitest-4)
- "/lib" "\"")))))
+ (let* ((minitest (assoc-ref inputs "ruby-minitest-4"))
+ (minitest-home (gem-home minitest
+ ,(package-version ruby))))
+ (substitute* "Rakefile"
+ (("Hoe\\.add_include_dirs .*")
+ (string-append "Hoe.add_include_dirs \""
+ minitest-home
+ "/gems/minitest-"
+ ,(package-version ruby-minitest-4)
+ "/lib" "\""))))
+ #t))
(add-before 'check 'fix-test-assumptions
(lambda _
;; The test output includes the file name, so a couple of tests
@@ -2931,9 +2971,17 @@ features such as filtering and fine grained logging.")
`(#:test-target "specs"
#:phases
(modify-phases %standard-phases
- (add-before 'check 'set-HOME
- ;; $HOME needs to be set to somewhere writeable for tests to run
- (lambda _ (setenv "HOME" "/tmp") #t)))))
+ (add-before 'check 'set-HOME-and-disable-failing-test
+ (lambda _
+ ;; $HOME needs to be set to somewhere writeable for tests to run
+ (setenv "HOME" "/tmp")
+ ;; Disable tests which fails on Ruby 2.3. See
+ ;; https://github.com/lsegal/yard/issues/927
+ (substitute* "spec/parser/ruby/ruby_parser_spec.rb"
+ (("comment.type.should == :comment") "")
+ (("comment.docstring_hash_flag.should be_true") "")
+ (("comment.docstring.strip.should == .*") ""))
+ #t)))))
(native-inputs
`(("ruby-rspec" ,ruby-rspec-2)
("ruby-rack" ,ruby-rack)))
diff --git a/gnu/packages/scheme.scm b/gnu/packages/scheme.scm
index aea8b54433..b438c3e90c 100644
--- a/gnu/packages/scheme.scm
+++ b/gnu/packages/scheme.scm
@@ -256,7 +256,8 @@ Scheme and C programs and between Scheme and Java programs.")
"-ldopt -Wl,-rpath," out "/lib")))))
%standard-phases)
#:tests? #f)) ; no test suite
- (inputs `(("bigloo" ,bigloo)
+ (inputs `(("avahi" ,avahi)
+ ("bigloo" ,bigloo)
("which" ,which)))
(home-page "http://hop.inria.fr/")
(synopsis "Multi-tier programming language for the Web 2.0")
diff --git a/gnu/packages/texinfo.scm b/gnu/packages/texinfo.scm
index 591fb1f298..bffff788fc 100644
--- a/gnu/packages/texinfo.scm
+++ b/gnu/packages/texinfo.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2015 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2014, 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
@@ -43,7 +43,6 @@
(build-system gnu-build-system)
(native-inputs `(("procps" ,procps))) ;one of the tests needs pgrep
(inputs `(("ncurses" ,ncurses)
- ("xz" ,xz)
("perl" ,perl)))
(native-search-paths
@@ -112,6 +111,11 @@ is on expressing the content semantically, avoiding physical markup commands.")
'(utime "texi2html.pl" 0 0 0 0))))
(build-system gnu-build-system)
(inputs `(("perl" ,perl)))
+ (arguments
+ ;; Tests fail because of warnings on stderr from Perl 5.22. Adjusting
+ ;; texi2html.pl to avoid the warnings seems non-trivial, so we simply
+ ;; disable the tests.
+ '(#:tests? #f))
(home-page "http://www.nongnu.org/texi2html/")
(synopsis "Convert Texinfo to HTML")
(description
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index f77a246912..a22991c906 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -5,6 +5,7 @@
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,7 @@
(define-public libtasn1
(package
(name "libtasn1")
- (version "4.5")
+ (version "4.7")
(source
(origin
(method url-fetch)
@@ -53,13 +54,9 @@
version ".tar.gz"))
(sha256
(base32
- "1nhvnznhg2aqfrfjxc8v008hjlzkh5831jsfahqk89qrw7fbbcw9"))))
+ "1j8iixynchziw1y39lnibyl5h81m4p78w3i4f28q2vgwjgf801x4"))))
(build-system gnu-build-system)
- (native-inputs `(("perl" ,perl)
-
- ;; XXX: For some reason, libtasn1.info wants to be
- ;; rebuilt, so we must provide 'makeinfo'.
- ("texinfo" ,texinfo)))
+ (native-inputs `(("perl" ,perl)))
(home-page "http://www.gnu.org/software/libtasn1/")
(synopsis "ASN.1 library")
(description
@@ -110,7 +107,7 @@ living in the same process.")
(define-public gnutls
(package
(name "gnutls")
- (version "3.4.5")
+ (version "3.4.7")
(source (origin
(method url-fetch)
(uri
@@ -121,8 +118,7 @@ living in the same process.")
"/gnutls-" version ".tar.xz"))
(sha256
(base32
- "1bks1zpmhmnkz2v32dd9b44pz6x0a5w4yi9zzwsd0a078vhbi25g"))
- (patches (list (search-patch "gnutls-doc-fix.patch")))))
+ "0nifi3mr5jhz608pidkp8cjs4vwfj1m2qczsjrgpnp99615rxgn1"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
@@ -146,13 +142,6 @@ living in the same process.")
#:phases (modify-phases %standard-phases
(add-after
- 'unpack 'delete-prebuilt-unfixed-info-file
- (lambda _
- ;; XXX Delete the prebuilt info file, so that it will be
- ;; rebuilt with the fixes in gnutls-doc-fix.patch.
- (delete-file "doc/gnutls.info")
- #t))
- (add-after
'install 'move-doc
(lambda* (#:key outputs #:allow-other-keys)
;; Copy the 4.1 MiB of section 3 man pages to "doc".
@@ -169,7 +158,6 @@ living in the same process.")
"doc")) ;4.1 MiB of man pages
(native-inputs
`(("pkg-config" ,pkg-config)
- ("texinfo" ,texinfo) ; XXX needed only to replace prebuilt, unfixed docs.
("which" ,which)))
(inputs
`(("guile" ,guile-2.0)
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 7206bc5ef2..636f76584d 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -1057,7 +1057,7 @@ for use with HTML5 video.")
(lambda _
;; Copy-paste settings from the cmake build system.
(setenv "CMAKE_LIBRARY_PATH" (getenv "LIBRARY_PATH"))
- (setenv "CMAKE_INCLUDE_PATH" (getenv "CPATH")))
+ (setenv "CMAKE_INCLUDE_PATH" (getenv "C_INCLUDE_PATH")))
(alist-replace 'build
(lambda* (#:key inputs outputs #:allow-other-keys)
(let*
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index cfee142585..a4f4c021e4 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -1,11 +1,11 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2013 Aljosha Papsch <misc@rpapsch.de>
-;;; Copyright © 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
-;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
;;;
;;; This file is part of GNU Guix.
@@ -737,6 +737,7 @@ language known as SASS.")
(build-system perl-build-system)
(native-inputs
`(("perl-http-message" ,perl-http-message)
+ ("perl-module-build" ,perl-module-build)
("perl-test-mocktime" ,perl-test-mocktime)
("perl-try-tiny" ,perl-try-tiny)
("perl-uri" ,perl-uri)))
@@ -1318,6 +1319,7 @@ MIME type directly to the browser, without being processed through Catalyst.")
("perl-io-stringy" ,perl-io-stringy)
("perl-json-maybexs" ,perl-json-maybexs)
("perl-libwww" ,perl-libwww)
+ ("perl-module-pluggable" ,perl-module-pluggable)
("perl-moose" ,perl-moose)
("perl-moosex-emulate-class-accessor-fast"
,perl-moosex-emulate-class-accessor-fast)
@@ -1544,6 +1546,34 @@ application classes.")
development server with Starman.")
(license (package-license perl))))
+(define-public perl-cgi
+ (package
+ (name "perl-cgi")
+ (version "4.25")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://cpan/authors/id/L/LE/LEEJO/"
+ "CGI-" version ".tar.gz"))
+ (sha256
+ (base32
+ "06hk9zzvlix1yi95wlkb1ykdxgl6lscm7452gkwr2snsb8iybczg"))))
+ (build-system perl-build-system)
+ (native-inputs
+ `(("perl-test-deep" ,perl-test-deep)
+ ("perl-test-nowarnings" ,perl-test-nowarnings)
+ ("perl-test-warn" ,perl-test-warn)))
+ (propagated-inputs
+ `(("perl-html-parser" ,perl-html-parser)))
+ (home-page "http://search.cpan.org/dist/CGI")
+ (synopsis "Handle Common Gateway Interface requests and responses")
+ (description "CGI.pm is a stable, complete and mature solution for
+processing and preparing HTTP requests and responses. Major features include
+processing form submissions, file uploads, reading and writing cookies, query
+string generation and manipulation, and processing and preparing HTTP
+headers.")
+ (license (package-license perl))))
+
(define-public perl-cgi-simple
(package
(name "perl-cgi-simple")
@@ -1558,7 +1588,8 @@ development server with Starman.")
"1nkyb1m1g5r47xykflf68dplanih5p15njv82frbgbsms34kp1sg"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-io-stringy" ,perl-io-stringy))) ;for IO::Scalar
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-io-stringy" ,perl-io-stringy))) ;for IO::Scalar
(home-page "http://search.cpan.org/dist/CGI-Simple")
(synopsis "CGI interface that is CGI.pm compliant")
(description "CGI::Simple provides a relatively lightweight drop in
@@ -1600,6 +1631,8 @@ inputs, in a manner reminiscent of how PHP does.")
(base32
"0h6qqdg1yzqkdxp7hqlp0qa7d1y64nilgimxs79dys2ryjfpcknh"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-datetime" ,perl-datetime)
("perl-http-date" ,perl-http-date)))
@@ -1694,7 +1727,8 @@ which can be used to parse directory listings.")
(search-patch "perl-finance-quote-unuse-mozilla-ca.patch")))))
(build-system perl-build-system)
(propagated-inputs
- `(("perl-datetime" ,perl-datetime)
+ `(("perl-cgi" ,perl-cgi)
+ ("perl-datetime" ,perl-datetime)
("perl-html-parser" ,perl-html-parser)
("perl-html-tableextract" ,perl-html-tableextract)
("perl-html-tree" ,perl-html-tree)
@@ -1841,7 +1875,8 @@ in tables within an HTML document, either as text or encoded element trees.")
"13qlqbpixw470gnck0xgny8hyjj576m8y24bba2p9ai2lvy76vbx"))))
(build-system perl-build-system)
(native-inputs
- `(("perl-test-fatal" ,perl-test-fatal)))
+ `(("perl-module-build" ,perl-module-build)
+ ("perl-test-fatal" ,perl-test-fatal)))
(propagated-inputs
`(("perl-html-parser" ,perl-html-parser)
("perl-html-tagset" ,perl-html-tagset)
@@ -1908,6 +1943,8 @@ kinds of HTML parsing operations.")
(base32
"07ahpfgidxsw2yb7y8i7bbr8s64aq6qgq832h9jswmksxbd0l43q"))))
(build-system perl-build-system)
+ (propagated-inputs
+ `(("perl-cgi" ,perl-cgi)))
(home-page "http://search.cpan.org/dist/HTML-Template")
(synopsis "HTML-like templates")
(description
@@ -2166,6 +2203,8 @@ environment from an HTTP::Request.")
(base32
"05klpfkss2a6i5ihmvcm27fyar0f2v4ispg2f49agab3va1gix6g"))))
(build-system perl-build-system)
+ (propagated-inputs
+ `(("perl-cgi" ,perl-cgi)))
(arguments
;; See the discussion of a related tests issue at
;; https://lists.gnu.org/archive/html/guix-devel/2015-01/msg00346.html
@@ -2236,6 +2275,7 @@ algorithm specified in section 8.2.2.1 of the draft standard.")
(base32
"0ky20hmln6waipzqikizyw04vpszf70fgpshz7ib8zv8480ri456"))))
(build-system perl-build-system)
+ (native-inputs `(("perl-module-build" ,perl-module-build)))
(home-page "http://search.cpan.org/dist/IO-Socket-IP")
(synopsis "Family-neutral IP socket supporting both IPv4 and IPv6")
(description "This module provides a protocol-independent way to use IPv4
@@ -2560,6 +2600,8 @@ already set.")
(base32
"1hb8dx7i4vs74n0p737wrvpdnnw6argxrjpr6kj6432zabp8325z"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-plack" ,perl-plack)))
(home-page "http://search.cpan.org/dist/Plack-Middleware-MethodOverride")
@@ -2784,6 +2826,8 @@ and updated by RFC 2732.")
(base32
"0czc4h182s7sx3k123m7qlg7yybnwxgh369hap3c3b6xgrglrhy0"))))
(build-system perl-build-system)
+ (native-inputs
+ `(("perl-module-build" ,perl-module-build)))
(propagated-inputs
`(("perl-uri" ,perl-uri)))
(home-page "http://search.cpan.org/dist/URI-Find")
@@ -2851,6 +2895,8 @@ library.")
(base32
"1zrw8aadhwy48q51x2z2rqlkwf17bya4j4h3hy89mw783j96rmg9"))))
(build-system perl-build-system)
+ (native-inputs ;only for tests
+ `(("perl-cgi" ,perl-cgi)))
(propagated-inputs
`(("perl-html-form" ,perl-html-form)
("perl-html-parser" ,perl-html-parser)
diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm
index 0706d92c36..f902433786 100644
--- a/gnu/packages/webkit.scm
+++ b/gnu/packages/webkit.scm
@@ -81,7 +81,7 @@
;; that it will be in the same directory as gstreamer's header
;; files.
(setenv "CPATH"
- (string-append (getenv "CPATH")
+ (string-append (getenv "C_INCLUDE_PATH")
":"
(assoc-ref inputs "gst-plugins-base")
"/include/gstreamer-1.0")))))))
@@ -149,6 +149,11 @@ HTML/CSS applications to full-fledged web browsers.")
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no tests
+ ;; FIXME: Disabling parallel building is a quick hack to avoid the
+ ;; failure described in
+ ;; https://lists.gnu.org/archive/html/guix-devel/2016-01/msg00837.html
+ ;; A more structural fix is needed.
+ #:parallel-build? #f
#:phases (modify-phases %standard-phases
(add-after
'unpack 'set-gcc
@@ -163,7 +168,12 @@ HTML/CSS applications to full-fledged web browsers.")
(package (inherit webkitgtk-2.4)
(name "webkitgtk-gtk2")
(arguments
- `(#:configure-flags
+ `(;; FIXME: Disabling parallel building is a quick hack to avoid the
+ ;; failure described in
+ ;; https://lists.gnu.org/archive/html/guix-devel/2016-01/msg00837.html
+ ;; A more structural fix is needed.
+ #:parallel-build? #f
+ #:configure-flags
'("--enable-webkit2=no"
"--with-gtk=2.0")
,@(package-arguments webkitgtk-2.4)))
diff --git a/guix/build-system/gnu.scm b/guix/build-system/gnu.scm
index 67ae46faed..afd57668e2 100644
--- a/guix/build-system/gnu.scm
+++ b/guix/build-system/gnu.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -284,7 +284,8 @@ standard packages used as implicit inputs of the GNU build system."
(parallel-tests? #t)
(patch-shebangs? #t)
(strip-binaries? #t)
- (strip-flags ''("--strip-debug"))
+ (strip-flags ''("--strip-debug"
+ "--enable-deterministic-archives"))
(strip-directories ''("lib" "lib64" "libexec"
"bin" "sbin"))
(validate-runpath? #t)
@@ -419,7 +420,8 @@ is one of `host' or `target'."
(parallel-build? #t) (parallel-tests? #t)
(patch-shebangs? #t)
(strip-binaries? #t)
- (strip-flags ''("--strip-debug"))
+ (strip-flags ''("--strip-debug"
+ "--enable-deterministic-archives"))
(strip-directories ''("lib" "lib64" "libexec"
"bin" "sbin"))
(validate-runpath? #t)
diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
index ff7646b22c..2abaa6efdc 100644
--- a/guix/build/gnu-build-system.scm
+++ b/guix/build/gnu-build-system.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -39,6 +39,13 @@
;;
;; Code:
+(define* (set-SOURCE-DATE-EPOCH #:rest _)
+ "Set the 'SOURCE_DATE_EPOCH' environment variable. This is used by tools
+that incorporate timestamps as a way to tell them to use a fixed timestamp.
+See https://reproducible-builds.org/specs/source-date-epoch/."
+ (setenv "SOURCE_DATE_EPOCH" "1")
+ #t)
+
(define (first-subdirectory dir)
"Return the path of the first sub-directory of DIR."
(file-system-fold (lambda (path stat result)
@@ -329,7 +336,8 @@ makefiles."
(objcopy-command (if target
(string-append target "-objcopy")
"objcopy"))
- (strip-flags '("--strip-debug"))
+ (strip-flags '("--strip-debug"
+ "--enable-deterministic-archives"))
(strip-directories '("lib" "lib64" "libexec"
"bin" "sbin"))
#:allow-other-keys)
@@ -367,7 +375,7 @@ makefiles."
;; `bfd_fill_in_gnu_debuglink_section' function.) No reference to
;; DEBUG-OUTPUT is kept because bfd keeps only the basename of the debug
;; file.
- (zero? (system* objcopy-command
+ (zero? (system* objcopy-command "--enable-deterministic-archives"
(string-append "--add-gnu-debuglink="
(debug-file file))
file)))
@@ -548,7 +556,7 @@ DOCUMENTATION-COMPRESSOR-FLAGS."
;; Standard build phases, as a list of symbol/procedure pairs.
(let-syntax ((phases (syntax-rules ()
((_ p ...) `((p . ,p) ...)))))
- (phases set-paths install-locale unpack
+ (phases set-SOURCE-DATE-EPOCH set-paths install-locale unpack
patch-usr-bin-file
patch-source-shebangs configure patch-generated-file-shebangs
build check install
diff --git a/guix/build/haskell-build-system.scm b/guix/build/haskell-build-system.scm
index 4506e96af9..3afc37e16d 100644
--- a/guix/build/haskell-build-system.scm
+++ b/guix/build/haskell-build-system.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Federico Beffa <beffa@fbengineering.ch>
+;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
;;;
;;; This file is part of GNU Guix.
@@ -25,6 +26,7 @@
#:use-module (ice-9 rdelim)
#:use-module (ice-9 regex)
#:use-module (ice-9 match)
+ #:use-module (ice-9 vlist)
#:export (%standard-phases
haskell-build))
@@ -78,6 +80,7 @@ and parameters ~s~%"
(((_ . dir) ...)
dir)
(_ '())))
+ (ghc-path (getenv "GHC_PACKAGE_PATH"))
(params (append `(,(string-append "--prefix=" out))
`(,(string-append "--libdir=" (or lib out) "/lib"))
`(,(string-append "--bindir=" (or bin out) "/bin"))
@@ -97,6 +100,10 @@ and parameters ~s~%"
'("--enable-tests")
'())
configure-flags)))
+ ;; Cabal errors if GHC_PACKAGE_PATH is set during 'configure', so unset
+ ;; and restore it.
+ (unsetenv "GHC_PACKAGE_PATH")
+
;; For packages where the Cabal build-type is set to "Configure",
;; ./configure will be executed. In these cases, the following
;; environment variable is needed to be able to find the shell executable.
@@ -105,7 +112,9 @@ and parameters ~s~%"
;; <https://www.haskell.org/cabal/users-guide/developing-packages.html>.
(when (file-exists? "configure")
(setenv "CONFIG_SHELL" "sh"))
- (run-setuphs "configure" params)))
+ (run-setuphs "configure" params)
+
+ (setenv "GHC_PACKAGE_PATH" ghc-path)))
(define* (build #:rest empty)
"Build a given Haskell package."
@@ -143,6 +152,12 @@ first match and return the content of the group."
(format #t
"Compiler ~a not supported~%" name-version)))))
+;;; TODO: Move this to (guix build utils)?
+(define-syntax-rule (with-null-error-port exp)
+ "Evaluate EXP with the error port pointing to the bit bucket."
+ (with-error-to-port (%make-void-port "w")
+ (lambda () exp)))
+
(define (make-ghc-package-database system inputs outputs)
"Generate the GHC package database."
(let* ((haskell (assoc-ref inputs "haskell"))
@@ -150,44 +165,90 @@ first match and return the content of the group."
(((_ . dir) ...)
dir)
(_ '())))
- (conf-dirs (search-path-as-list
- `(,(string-append "lib/"
- (package-name-version haskell)
- "/package.conf.d"))
- input-dirs))
+ ;; Silence 'find-files' (see 'evaluate-search-paths')
+ (conf-dirs (with-null-error-port
+ (search-path-as-list
+ `(,(string-append "lib/" (package-name-version haskell)))
+ input-dirs #:pattern ".*\\.conf.d$")))
(conf-files (append-map (cut find-files <> "\\.conf$") conf-dirs)))
(mkdir-p %tmp-db-dir)
(for-each (lambda (file)
- (copy-file file
- (string-append %tmp-db-dir "/" (basename file))))
+ (let ((dest (string-append %tmp-db-dir "/" (basename file))))
+ (unless (file-exists? dest)
+ (copy-file file dest))))
conf-files)
(zero? (system* "ghc-pkg"
(string-append "--package-db=" %tmp-db-dir)
"recache"))))
(define* (register #:key name system inputs outputs #:allow-other-keys)
- "Generate the compiler registration file for a given Haskell package. Don't
-generate the cache as it would clash in user profiles."
+ "Generate the compiler registration and binary package database files for a
+given Haskell package."
+
+ (define (conf-depends conf-file)
+ ;; Return a list of pkg-ids from the "depends" field in CONF-FILE
+ (let ((port (open-input-file conf-file))
+ (field-rx (make-regexp "^(.*):")))
+ (let loop ((collecting #f)
+ (deps '()))
+ (let* ((line (read-line port))
+ (field (and=> (and (not (eof-object? line))
+ (regexp-exec field-rx line))
+ (cut match:substring <> 1))))
+ (cond
+ ((and=> field (cut string=? <> "depends"))
+ ;; The first dependency is listed on the same line as "depends:",
+ ;; so drop those characters. A line may list more than one .conf.
+ (let ((d (string-tokenize (string-drop line 8))))
+ (loop #t (append d deps))))
+ ((or (eof-object? line) (and collecting field))
+ (begin
+ (close-port port)
+ (reverse! deps)))
+ (collecting
+ (loop #t (append (string-tokenize line) deps)))
+ (else (loop #f deps)))))))
+
+ (define (install-transitive-deps conf-file src dest)
+ ;; Copy .conf files from SRC to DEST for dependencies in CONF-FILE, and
+ ;; their dependencies, etc.
+ (let loop ((seen vlist-null)
+ (lst (conf-depends conf-file)))
+ (match lst
+ (() #t) ;done
+ ((id . tail)
+ (if (not (vhash-assoc id seen))
+ (let ((dep-conf (string-append src "/" id ".conf"))
+ (dep-conf* (string-append dest "/" id ".conf")))
+ (copy-file dep-conf dep-conf*) ;XXX: maybe symlink instead?
+ (loop (vhash-cons id #t seen)
+ (append lst (conf-depends dep-conf))))
+ (loop seen tail))))))
+
(let* ((out (assoc-ref outputs "out"))
(haskell (assoc-ref inputs "haskell"))
(lib (string-append out "/lib"))
(config-dir (string-append lib "/"
(package-name-version haskell)
- "/package.conf.d"))
+ "/" name ".conf.d"))
(id-rx (make-regexp "^id: *(.*)$"))
(config-file (string-append out "/" name ".conf"))
(params
(list (string-append "--gen-pkg-config=" config-file))))
(run-setuphs "register" params)
;; The conf file is created only when there is a library to register.
- (when (file-exists? config-file)
- (mkdir-p config-dir)
- (let ((config-file-name+id
- (call-with-ascii-input-file config-file (cut grep id-rx <>))))
- (rename-file config-file
- (string-append config-dir "/" config-file-name+id
- ".conf"))))
- #t))
+ (or (not (file-exists? config-file))
+ (begin
+ (mkdir-p config-dir)
+ (let* ((config-file-name+id
+ (call-with-ascii-input-file config-file (cut grep id-rx <>))))
+ (install-transitive-deps config-file %tmp-db-dir config-dir)
+ (rename-file config-file
+ (string-append config-dir "/"
+ config-file-name+id ".conf"))
+ (zero? (system* "ghc-pkg"
+ (string-append "--package-db=" config-dir)
+ "recache")))))))
(define* (check #:key tests? test-target #:allow-other-keys)
"Run the test suite of a given Haskell package."
diff --git a/guix/build/python-build-system.scm b/guix/build/python-build-system.scm
index 8025b7fec6..9109fb4ac7 100644
--- a/guix/build/python-build-system.scm
+++ b/guix/build/python-build-system.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2013 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
@@ -136,18 +136,11 @@ installed with setuptools."
#t))
#t))
-(define* (set-SOURCE-DATE-EPOCH #:rest _)
- "Set the 'SOURCE_DATE_EPOCH' environment variable."
- ;; Use zero as the timestamp in .pyc files so that builds are deterministic.
- ;; TODO: Remove it when this variable is set in GNU:%STANDARD-PHASES.
- (setenv "SOURCE_DATE_EPOCH" "1"))
-
(define %standard-phases
;; 'configure' and 'build' phases are not needed. Everything is done during
;; 'install'.
(modify-phases gnu:%standard-phases
(add-after 'unpack 'ensure-no-mtimes-pre-1980 ensure-no-mtimes-pre-1980)
- (add-after 'unpack 'set-SOURCE-DATE-EPOCH set-SOURCE-DATE-EPOCH)
(delete 'configure)
(replace 'install install)
(replace 'check check)
diff --git a/guix/build/ruby-build-system.scm b/guix/build/ruby-build-system.scm
index 6439bf69eb..a4ac3b307c 100644
--- a/guix/build/ruby-build-system.scm
+++ b/guix/build/ruby-build-system.scm
@@ -27,7 +27,8 @@
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:export (%standard-phases
- ruby-build))
+ ruby-build
+ gem-home))
;; Commentary:
;;
@@ -141,3 +142,13 @@ GEM-FLAGS are passed to the 'gem' invokation, if present."
(define* (ruby-build #:key inputs (phases %standard-phases)
#:allow-other-keys #:rest args)
(apply gnu:gnu-build #:inputs inputs #:phases phases args))
+
+(define (gem-home store-path ruby-version)
+ "Return a string to the gem home directory in the store given a STORE-PATH
+and the RUBY-VERSION used to build that ruby package"
+ (string-append
+ store-path
+ "/lib/ruby/gems/"
+ (regexp-substitute #f
+ (string-match "^[0-9]+\\.[0-9]+" ruby-version)
+ 0 ".0")))
diff --git a/guix/build/utils.scm b/guix/build/utils.scm
index e3f9edc5b5..2988193fce 100644
--- a/guix/build/utils.scm
+++ b/guix/build/utils.scm
@@ -385,10 +385,13 @@ for under the directories designated by FILES. For example:
(append-map (lambda (input)
(append-map (lambda (file)
(let ((file (string-append input "/" file)))
- ;; XXX: By using 'find-files', we implicitly
- ;; assume #:type 'regular.
(if pattern
- (find-files file pattern)
+ (find-files file (lambda (file stat)
+ (and stat
+ (eq? type (stat:type stat))
+ ((file-name-predicate pattern) file stat)))
+ #:stat stat
+ #:directories? #t)
(let ((stat (stat file #f)))
(if (and stat (eq? type (stat:type stat)))
(list file)
diff --git a/guix/search-paths.scm b/guix/search-paths.scm
index 7fd15d440c..7a6fe67959 100644
--- a/guix/search-paths.scm
+++ b/guix/search-paths.scm
@@ -139,12 +139,6 @@ report only settings not already effective."
(let* ((values (or (and=> (getenv variable)
(cut string-tokenize* <> separator))
'()))
- ;; Add a trailing slash to force symlinks to be treated as
- ;; directories when 'find-files' traverses them.
- (files (if pattern
- (map (cut string-append <> "/") files)
- files))
-
;; XXX: Silence 'find-files' when it stumbles upon non-existent
;; directories (see
;; <http://lists.gnu.org/archive/html/guix-devel/2015-01/msg00269.html>.)
diff --git a/tests/graph.scm b/tests/graph.scm
index 4f85432d2f..43f7b733f9 100644
--- a/tests/graph.scm
+++ b/tests/graph.scm
@@ -232,7 +232,7 @@ edges."
(run-with-store %store
(let ((packages (fold-packages cons '())))
(mlet %store-monad ((edges (node-edges %package-node-type packages)))
- (return (and (null? (edges grep))
+ (return (and (null? (edges sed))
(lset= eq?
(edges guile-2.0)
(match (package-direct-inputs guile-2.0)