aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/binutils-aarch64-symbol-relocation.patch36
-rw-r--r--gnu/packages/patches/cairo-setjmp-wrapper.patch78
-rw-r--r--gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch46
-rw-r--r--gnu/packages/patches/doxygen-gcc-ice.patch25
-rw-r--r--gnu/packages/patches/findutils-gnulib-libio.patch114
-rw-r--r--gnu/packages/patches/findutils-makedev.patch22
-rw-r--r--gnu/packages/patches/freetype-CVE-2018-6942.patch31
-rw-r--r--gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch37
-rw-r--r--gnu/packages/patches/gcc-libsanitizer-ustat.patch41
-rw-r--r--gnu/packages/patches/gcc-strmov-store-file-names.patch12
-rw-r--r--gnu/packages/patches/ghostscript-runpath.patch18
-rw-r--r--gnu/packages/patches/glibc-2.28-git-fixes.patch248
-rw-r--r--gnu/packages/patches/grub-binutils-compat.patch53
-rw-r--r--gnu/packages/patches/jemalloc-arm-address-bits.patch39
-rw-r--r--gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch32
-rw-r--r--gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch58
-rw-r--r--gnu/packages/patches/m4-gnulib-libio.patch128
-rw-r--r--gnu/packages/patches/mariadb-gcc-ice.patch24
-rw-r--r--gnu/packages/patches/meson-for-build-rpath.patch6
-rw-r--r--gnu/packages/patches/oath-toolkit-glibc-compat.patch90
-rw-r--r--gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch215
-rw-r--r--gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch50
-rw-r--r--gnu/packages/patches/parted-glibc-compat.patch17
-rw-r--r--gnu/packages/patches/perf-gcc-ice.patch13
-rw-r--r--gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch36
-rw-r--r--gnu/packages/patches/perl-deterministic-ordering.patch6
-rw-r--r--gnu/packages/patches/perl-file-path-CVE-2017-6512.patch173
-rw-r--r--gnu/packages/patches/python-pillow-fix-failing-tests.patchbin112373 -> 0 bytes
-rw-r--r--gnu/packages/patches/python-testtools.patch57
-rw-r--r--gnu/packages/patches/python2-CVE-2018-1060.patch20
-rw-r--r--gnu/packages/patches/python2-CVE-2018-1061.patch20
-rw-r--r--gnu/packages/patches/qtbase-glibc-compat.patch50
-rw-r--r--gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch36
-rw-r--r--gnu/packages/patches/swig-guile-gc.patch76
-rw-r--r--gnu/packages/patches/texinfo-5-perl-compat.patch19
-rw-r--r--gnu/packages/patches/texinfo-perl-compat.patch51
36 files changed, 1209 insertions, 768 deletions
diff --git a/gnu/packages/patches/binutils-aarch64-symbol-relocation.patch b/gnu/packages/patches/binutils-aarch64-symbol-relocation.patch
deleted file mode 100644
index fbd596862b..0000000000
--- a/gnu/packages/patches/binutils-aarch64-symbol-relocation.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Fix a regression in Binutils 2.30 where some symbols are incorrectly assumed
-to be addresses:
-
-https://sourceware.org/bugzilla/show_bug.cgi?id=22764
-
-Patch taken from upstream (with ChangeLog entries and tests omitted):
-
-https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=279b2f94168ee91e02ccd070d27c983fc001fe12
-
-diff --git a/bfd/elfnn-aarch64.c b/bfd/elfnn-aarch64.c
-index af448f9..2737773 100644
---- a/bfd/elfnn-aarch64.c
-+++ b/bfd/elfnn-aarch64.c
-@@ -7189,10 +7189,19 @@ elfNN_aarch64_check_relocs (bfd *abfd, struct bfd_link_info *info,
- #if ARCH_SIZE == 64
- case BFD_RELOC_AARCH64_32:
- #endif
-- if (bfd_link_pic (info)
-- && (sec->flags & SEC_ALLOC) != 0
-- && (sec->flags & SEC_READONLY) != 0)
-+ if (bfd_link_pic (info) && (sec->flags & SEC_ALLOC) != 0)
- {
-+ if (h != NULL
-+ /* This is an absolute symbol. It represents a value instead
-+ of an address. */
-+ && ((h->root.type == bfd_link_hash_defined
-+ && bfd_is_abs_section (h->root.u.def.section))
-+ /* This is an undefined symbol. */
-+ || h->root.type == bfd_link_hash_undefined))
-+ break;
-+
-+ /* For local symbols, defined global symbols in a non-ABS section,
-+ it is assumed that the value is an address. */
- int howto_index = bfd_r_type - BFD_RELOC_AARCH64_RELOC_START;
- _bfd_error_handler
- /* xgettext:c-format */
diff --git a/gnu/packages/patches/cairo-setjmp-wrapper.patch b/gnu/packages/patches/cairo-setjmp-wrapper.patch
new file mode 100644
index 0000000000..bffac6e041
--- /dev/null
+++ b/gnu/packages/patches/cairo-setjmp-wrapper.patch
@@ -0,0 +1,78 @@
+Revert faulty commit to avoid undefined behaviour:
+https://bugs.freedesktop.org/show_bug.cgi?id=104325
+
+Taken from this upstream commit:
+https://cgit.freedesktop.org/cairo/commit/?h=1.14&id=2acc4382c54bd8239361ceed14423412a343d311
+
+diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c
+index cb2e30c..5541bdc 100644
+--- a/src/cairo-bentley-ottmann-rectangular.c
++++ b/src/cairo-bentley-ottmann-rectangular.c
+@@ -593,12 +593,6 @@ sweep_line_insert (sweep_line_t *sweep, rectangle_t *rectangle)
+ pqueue_push (sweep, rectangle);
+ }
+
+-static int
+-sweep_line_setjmp (sweep_line_t *sweep_line)
+-{
+- return setjmp (sweep_line->unwind);
+-}
+-
+ static cairo_status_t
+ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles,
+ int num_rectangles,
+@@ -615,7 +609,7 @@ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles,
+ rectangles, num_rectangles,
+ fill_rule,
+ do_traps, container);
+- if ((status = sweep_line_setjmp (&sweep_line)))
++ if ((status = setjmp (sweep_line.unwind)))
+ return status;
+
+ rectangle = rectangle_pop_start (&sweep_line);
+diff --git a/src/cairo-png.c b/src/cairo-png.c
+index e64b14a..068617d 100644
+--- a/src/cairo-png.c
++++ b/src/cairo-png.c
+@@ -158,14 +158,6 @@ png_simple_warning_callback (png_structp png,
+ */
+ }
+
+-static int
+-png_setjmp (png_struct *png)
+-{
+-#ifdef PNG_SETJMP_SUPPORTED
+- return setjmp (png_jmpbuf (png));
+-#endif
+- return 0;
+-}
+
+ /* Starting with libpng-1.2.30, we must explicitly specify an output_flush_fn.
+ * Otherwise, we will segfault if we are writing to a stream. */
+@@ -237,8 +229,10 @@ write_png (cairo_surface_t *surface,
+ goto BAIL4;
+ }
+
+- if (png_setjmp (png))
++#ifdef PNG_SETJMP_SUPPORTED
++ if (setjmp (png_jmpbuf (png)))
+ goto BAIL4;
++#endif
+
+ png_set_write_fn (png, closure, write_func, png_simple_output_flush_fn);
+
+@@ -577,11 +571,12 @@ read_png (struct png_read_closure_t *png_closure)
+ png_set_read_fn (png, png_closure, stream_read_func);
+
+ status = CAIRO_STATUS_SUCCESS;
+-
+- if (png_setjmp (png)) {
++#ifdef PNG_SETJMP_SUPPORTED
++ if (setjmp (png_jmpbuf (png))) {
+ surface = _cairo_surface_create_in_error (status);
+ goto BAIL;
+ }
++#endif
+
+ png_read_info (png, info);
+
diff --git a/gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch b/gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch
new file mode 100644
index 0000000000..cfb09a8ce3
--- /dev/null
+++ b/gnu/packages/patches/clang-3.5-libsanitizer-ustat-fix.patch
@@ -0,0 +1,46 @@
+From d9d97cac3702b99a00cd113de98c41eb535d47ed Mon Sep 17 00:00:00 2001
+From: Efraim Flashner <efraim@flashner.co.il>
+Date: Sun, 14 Oct 2018 12:11:30 +0300
+Subject: [PATCH] patch modified from the gcc patch series, also dealing with
+ ustat.
+
+---
+ .../sanitizer_platform_limits_posix.cc | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/lib/sanitizer_common/sanitizer_platform_limits_posix.cc b/lib/sanitizer_common/sanitizer_platform_limits_posix.cc
+index 29fea6e..570b9a5 100644
+--- a/lib/sanitizer_common/sanitizer_platform_limits_posix.cc
++++ b/lib/sanitizer_common/sanitizer_platform_limits_posix.cc
+@@ -129,7 +129,6 @@
+ #include <sys/statvfs.h>
+ #include <sys/timex.h>
+ #include <sys/user.h>
+-#include <sys/ustat.h>
+ #include <linux/cyclades.h>
+ #include <linux/if_eql.h>
+ #include <linux/if_plip.h>
+@@ -222,7 +221,19 @@ namespace __sanitizer {
+ #endif // SANITIZER_LINUX || SANITIZER_FREEBSD
+
+ #if SANITIZER_LINUX && !SANITIZER_ANDROID
+- unsigned struct_ustat_sz = sizeof(struct ustat);
++ // Use pre-computed size of struct ustat to avoid <sys/ustat.h> which
++ // has been removed from glibc 2.28.
++#if defined(__aarch64__) || defined(__s390x__) || defined (__mips64) \
++ || defined(__powerpc64__) || defined(__arch64__) || defined(__sparcv9) \
++ || defined(__x86_64__)
++#define SIZEOF_STRUCT_USTAT 32
++#elif defined(__arm__) || defined(__i386__) || defined(__mips__) \
++ || defined(__powerpc__) || defined(__s390__)
++#define SIZEOF_STRUCT_USTAT 20
++#else
++#error Unknown size of struct ustat
++#endif
++ unsigned struct_ustat_sz = SIZEOF_STRUCT_USTAT;
+ unsigned struct_rlimit64_sz = sizeof(struct rlimit64);
+ unsigned struct_statvfs64_sz = sizeof(struct statvfs64);
+ #endif // SANITIZER_LINUX && !SANITIZER_ANDROID
+--
+2.19.1
+
diff --git a/gnu/packages/patches/doxygen-gcc-ice.patch b/gnu/packages/patches/doxygen-gcc-ice.patch
deleted file mode 100644
index fbfedcb7ab..0000000000
--- a/gnu/packages/patches/doxygen-gcc-ice.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-Work around this GCC ICE: <https://bugs.gnu.org/31708>. It shows up
-only when doing native compiles on armhf-linux.
-
-Yes it's a terrible patch, but it does the job.
-
---- doxygen-1.8.13/qtools/qutfcodec.cpp 1970-01-01 01:00:00.000000000 +0100
-+++ doxygen-1.8.13/qtools/qutfcodec.cpp 2018-06-08 14:14:29.614009929 +0200
-@@ -189,7 +189,7 @@ int QUtf16Codec::heuristicContentMatch(c
- }
-
-
--
-+volatile const void *bomPointer = &QChar::byteOrderMark;
-
- class QUtf16Encoder : public QTextEncoder {
- bool headerdone;
-@@ -209,7 +209,7 @@ public:
- headerdone = TRUE;
- len_in_out = (1+uc.length())*(int)sizeof(QChar);
- QCString d(len_in_out);
-- memcpy(d.rawData(),&QChar::byteOrderMark,sizeof(QChar));
-+ memcpy(d.rawData(),(void *)bomPointer,sizeof(QChar));
- memcpy(d.rawData()+sizeof(QChar),uc.unicode(),uc.length()*sizeof(QChar));
- return d;
- }
diff --git a/gnu/packages/patches/findutils-gnulib-libio.patch b/gnu/packages/patches/findutils-gnulib-libio.patch
new file mode 100644
index 0000000000..79f9fd914d
--- /dev/null
+++ b/gnu/packages/patches/findutils-gnulib-libio.patch
@@ -0,0 +1,114 @@
+Adjust to removal of libio interface in glibc 2.28.
+
+Based on this gnulib commit:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4af4a4a71827c0bc5e0ec67af23edef4f15cee8e
+
+diff --git a/gl/lib/fflush.c b/gl/lib/fflush.c
+index 5ae3e41..7a82470 100644
+--- a/gl/lib/fflush.c
++++ b/gl/lib/fflush.c
+@@ -33,7 +33,7 @@
+ #undef fflush
+
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */
+ static void
+@@ -72,7 +72,7 @@ clear_ungetc_buffer (FILE *fp)
+
+ #endif
+
+-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
++#if ! (defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
+
+ # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */
+@@ -148,7 +148,7 @@ rpl_fflush (FILE *stream)
+ if (stream == NULL || ! freading (stream))
+ return fflush (stream);
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ clear_ungetc_buffer_preserving_position (stream);
+
+diff --git a/gl/lib/fpurge.c b/gl/lib/fpurge.c
+index f313b22..ecdf82d 100644
+--- a/gl/lib/fpurge.c
++++ b/gl/lib/fpurge.c
+@@ -62,7 +62,7 @@ fpurge (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_IO_read_end = fp->_IO_read_ptr;
+ fp->_IO_write_ptr = fp->_IO_write_base;
+ /* Avoid memory leak when there is an active ungetc buffer. */
+diff --git a/gl/lib/freadahead.c b/gl/lib/freadahead.c
+index 094daab..3f8101e 100644
+--- a/gl/lib/freadahead.c
++++ b/gl/lib/freadahead.c
+@@ -25,7 +25,7 @@
+ size_t
+ freadahead (FILE *fp)
+ {
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_write_ptr > fp->_IO_write_base)
+ return 0;
+ return (fp->_IO_read_end - fp->_IO_read_ptr)
+diff --git a/gl/lib/freading.c b/gl/lib/freading.c
+index 0512b19..8c48fe4 100644
+--- a/gl/lib/freading.c
++++ b/gl/lib/freading.c
+@@ -31,7 +31,7 @@ freading (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return ((fp->_flags & _IO_NO_WRITES) != 0
+ || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0
+ && fp->_IO_read_base != NULL));
+diff --git a/gl/lib/fseeko.c b/gl/lib/fseeko.c
+index 1c65d2a..9026408 100644
+--- a/gl/lib/fseeko.c
++++ b/gl/lib/fseeko.c
+@@ -47,7 +47,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ #endif
+
+ /* These tests are based on fpurge.c. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_read_end == fp->_IO_read_ptr
+ && fp->_IO_write_ptr == fp->_IO_write_base
+ && fp->_IO_save_base == NULL)
+@@ -123,7 +123,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ return -1;
+ }
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_flags &= ~_IO_EOF_SEEN;
+ fp->_offset = pos;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+diff --git a/gl/lib/stdio-impl.h b/gl/lib/stdio-impl.h
+index 502d891..ea38ee2 100644
+--- a/gl/lib/stdio-impl.h
++++ b/gl/lib/stdio-impl.h
+@@ -18,6 +18,12 @@
+ the same implementation of stdio extension API, except that some fields
+ have different naming conventions, or their access requires some casts. */
+
++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this
++ problem by defining it ourselves. FIXME: Do not rely on glibc
++ internals. */
++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN
++# define _IO_IN_BACKUP 0x100
++#endif
+
+ /* BSD stdio derived implementations. */
+
diff --git a/gnu/packages/patches/findutils-makedev.patch b/gnu/packages/patches/findutils-makedev.patch
new file mode 100644
index 0000000000..2f16c625d8
--- /dev/null
+++ b/gnu/packages/patches/findutils-makedev.patch
@@ -0,0 +1,22 @@
+Include <sys/sysmacros.h> for "makedev".
+
+Taken from this gnulib commit:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4da63c5881f60f71999a943612da9112232b9161
+
+diff --git a/gl/lib/mountlist.c b/gl/lib/mountlist.c
+index bb4e4ee21..cf4020e2a 100644
+--- a/gl/lib/mountlist.c
++++ b/gl/lib/mountlist.c
+@@ -37,6 +37,12 @@
+ # include <sys/param.h>
+ #endif
+
++#if MAJOR_IN_MKDEV
++# include <sys/mkdev.h>
++#elif MAJOR_IN_SYSMACROS
++# include <sys/sysmacros.h>
++#endif
++
+ #if defined MOUNTED_GETFSSTAT /* OSF_1 and Darwin1.3.x */
+ # if HAVE_SYS_UCRED_H
+ # include <grp.h> /* needed on OSF V4.0 for definition of NGROUPS,
diff --git a/gnu/packages/patches/freetype-CVE-2018-6942.patch b/gnu/packages/patches/freetype-CVE-2018-6942.patch
deleted file mode 100644
index 680f357765..0000000000
--- a/gnu/packages/patches/freetype-CVE-2018-6942.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix CVE-2018-6942:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
-https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6942.html
-
-Copied from upstream (ChangeLog section removed):
-https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef
-
-diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c
-index d855aaa..551f14a 100644
---- a/src/truetype/ttinterp.c
-+++ b/src/truetype/ttinterp.c
-@@ -7532,8 +7532,16 @@
- return;
- }
-
-- for ( i = 0; i < num_axes; i++ )
-- args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
-+ if ( coords )
-+ {
-+ for ( i = 0; i < num_axes; i++ )
-+ args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
-+ }
-+ else
-+ {
-+ for ( i = 0; i < num_axes; i++ )
-+ args[i] = 0;
-+ }
- }
-
-
diff --git a/gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch b/gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch
new file mode 100644
index 0000000000..795881ab9b
--- /dev/null
+++ b/gnu/packages/patches/gcc-4.9-libsanitizer-ustat.patch
@@ -0,0 +1,37 @@
+Remove use of deprecated ustat interface in glibc 2.28:
+https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85835
+
+Adapted to GCC 4 series from this upstream patch:
+https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=260684
+
+--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
++++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+@@ -81,7 +81,6 @@
+ #include <sys/statvfs.h>
+ #include <sys/timex.h>
+ #include <sys/user.h>
+-#include <sys/ustat.h>
+ #include <linux/cyclades.h>
+ #include <linux/if_eql.h>
+ #include <linux/if_plip.h>
+@@ -163,7 +162,19 @@
+ unsigned struct_old_utsname_sz = sizeof(struct old_utsname);
+ unsigned struct_oldold_utsname_sz = sizeof(struct oldold_utsname);
+ unsigned struct_itimerspec_sz = sizeof(struct itimerspec);
+- unsigned struct_ustat_sz = sizeof(struct ustat);
++ // Use pre-computed size of struct ustat to avoid <sys/ustat.h> which
++ // has been removed from glibc 2.28.
++#if defined(__aarch64__) || defined(__s390x__) || defined (__mips64) \
++ || defined(__powerpc64__) || defined(__arch64__) || defined(__sparcv9) \
++ || defined(__x86_64__)
++#define SIZEOF_STRUCT_USTAT 32
++#elif defined(__arm__) || defined(__i386__) || defined(__mips__) \
++ || defined(__powerpc__) || defined(__s390__)
++#define SIZEOF_STRUCT_USTAT 20
++#else
++#error Unknown size of struct ustat
++#endif
++ unsigned struct_ustat_sz = SIZEOF_STRUCT_USTAT;
+ #endif // SANITIZER_LINUX
+
+ #if SANITIZER_LINUX && !SANITIZER_ANDROID
diff --git a/gnu/packages/patches/gcc-libsanitizer-ustat.patch b/gnu/packages/patches/gcc-libsanitizer-ustat.patch
new file mode 100644
index 0000000000..a4e0c6affa
--- /dev/null
+++ b/gnu/packages/patches/gcc-libsanitizer-ustat.patch
@@ -0,0 +1,41 @@
+Remove use of deprecated ustat interface in glibc 2.28:
+
+https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85835
+
+Taken from upstream:
+
+https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=260684
+
+diff --git a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+index 858bb2184505..de18e56d11cf 100644
+--- a/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
++++ b/libsanitizer/sanitizer_common/sanitizer_platform_limits_posix.cc
+@@ -157,7 +157,6 @@ typedef struct user_fpregs elf_fpregset_t;
+ # include <sys/procfs.h>
+ #endif
+ #include <sys/user.h>
+-#include <sys/ustat.h>
+ #include <linux/cyclades.h>
+ #include <linux/if_eql.h>
+ #include <linux/if_plip.h>
+@@ -250,7 +249,19 @@ namespace __sanitizer {
+ #endif // SANITIZER_LINUX || SANITIZER_FREEBSD
+
+ #if SANITIZER_LINUX && !SANITIZER_ANDROID
+- unsigned struct_ustat_sz = sizeof(struct ustat);
++ // Use pre-computed size of struct ustat to avoid <sys/ustat.h> which
++ // has been removed from glibc 2.28.
++#if defined(__aarch64__) || defined(__s390x__) || defined (__mips64) \
++ || defined(__powerpc64__) || defined(__arch64__) || defined(__sparcv9) \
++ || defined(__x86_64__)
++#define SIZEOF_STRUCT_USTAT 32
++#elif defined(__arm__) || defined(__i386__) || defined(__mips__) \
++ || defined(__powerpc__) || defined(__s390__)
++#define SIZEOF_STRUCT_USTAT 20
++#else
++#error Unknown size of struct ustat
++#endif
++ unsigned struct_ustat_sz = SIZEOF_STRUCT_USTAT;
+ unsigned struct_rlimit64_sz = sizeof(struct rlimit64);
+ unsigned struct_statvfs64_sz = sizeof(struct statvfs64);
+ #endif // SANITIZER_LINUX && !SANITIZER_ANDROID
diff --git a/gnu/packages/patches/gcc-strmov-store-file-names.patch b/gnu/packages/patches/gcc-strmov-store-file-names.patch
index 9f9162855d..7358de3326 100644
--- a/gnu/packages/patches/gcc-strmov-store-file-names.patch
+++ b/gnu/packages/patches/gcc-strmov-store-file-names.patch
@@ -15,7 +15,7 @@ and <https://bugs.gnu.org/30395>.
--- gcc-5.3.0/gcc/builtins.c 2016-10-18 10:50:46.080616285 +0200
+++ gcc-5.3.0/gcc/builtins.c 2016-11-09 15:26:43.693042737 +0100
-@@ -3192,6 +3192,54 @@ determine_block_size (tree len, rtx len_
+@@ -3192,6 +3192,58 @@ determine_block_size (tree len, rtx len_
GET_MODE_MASK (GET_MODE (len_rtx)));
}
@@ -35,9 +35,13 @@ and <https://bugs.gnu.org/30395>.
+ if (TREE_CODE (str) == VAR_DECL
+ && TREE_STATIC (str)
+ && TREE_READONLY (str))
-+ /* STR may be a 'static const' variable whose initial value
-+ is a string constant. See <https://bugs.gnu.org/30395>. */
-+ str = DECL_INITIAL (str);
++ {
++ /* STR may be a 'static const' variable whose initial value
++ is a string constant. See <https://bugs.gnu.org/30395>. */
++ str = DECL_INITIAL (str);
++ if (str == NULL_TREE)
++ return false;
++ }
+
+ if (TREE_CODE (str) != STRING_CST)
+ return false;
diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch
deleted file mode 100644
index 9f161e45b3..0000000000
--- a/gnu/packages/patches/ghostscript-runpath.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-diff --git a/base/unix-dll.mak b/base/unix-dll.mak
-index 9d57a99..36ef1ff 100644
---- a/base/unix-dll.mak
-+++ b/base/unix-dll.mak
-@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS)
- # Build the small Ghostscript loaders, with Gtk+ and without
- $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
- $(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \
-- -L$(BINDIR) -l$(GS_SO_BASE)
-+ -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir)
-
- $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
- $(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \
-- -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS)
-+ -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir)
-
- $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS)
- $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE)
diff --git a/gnu/packages/patches/glibc-2.28-git-fixes.patch b/gnu/packages/patches/glibc-2.28-git-fixes.patch
new file mode 100644
index 0000000000..7e370ef0b1
--- /dev/null
+++ b/gnu/packages/patches/glibc-2.28-git-fixes.patch
@@ -0,0 +1,248 @@
+This file contains fixes from the "release/2.28/master" branch:
+https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/release/2.28/master
+
+Currently we have these commits (sans tests and ChangeLog updates):
+7f11842e7483da7aa9fa3031be122021978ef600
+726e1554ce4db5e35af41cb0110c54c5e1232054
+4b25485f03158959cff45379eecc1d73c7dcdd11
+d05b05d1570ba3ae354a2f5a3cfeefb373b09979
+bfcfa22589f2b4277a65e60c6b736b6bbfbd87d0
+2f498f3d140ab5152bd784df2be7af7d9c5e63ed
+
+diff --git a/htl/Versions b/htl/Versions
+index 6a63a1b8a1..c5a616da10 100644
+--- a/htl/Versions
++++ b/htl/Versions
+@@ -150,6 +150,8 @@ libpthread {
+ __cthread_keycreate;
+ __cthread_getspecific;
+ __cthread_setspecific;
++ __pthread_getspecific;
++ __pthread_setspecific;
+ __pthread_getattr_np;
+ __pthread_attr_getstack;
+ }
+
+diff --git a/sysdeps/htl/pt-getspecific.c b/sysdeps/htl/pt-getspecific.c
+index a0227a67f6..64ddf9551a 100644
+--- a/sysdeps/htl/pt-getspecific.c
++++ b/sysdeps/htl/pt-getspecific.c
+@@ -36,3 +36,4 @@ __pthread_getspecific (pthread_key_t key)
+ return self->thread_specifics[key];
+ }
+ strong_alias (__pthread_getspecific, pthread_getspecific);
++hidden_def (__pthread_getspecific)
+diff --git a/sysdeps/htl/pt-setspecific.c b/sysdeps/htl/pt-setspecific.c
+index a46a12f157..02aff417ef 100644
+--- a/sysdeps/htl/pt-setspecific.c
++++ b/sysdeps/htl/pt-setspecific.c
+@@ -48,3 +48,4 @@ __pthread_setspecific (pthread_key_t key, const void *value)
+ return 0;
+ }
+ strong_alias (__pthread_setspecific, pthread_setspecific);
++hidden_def (__pthread_setspecific)
+diff --git a/sysdeps/htl/pthreadP.h b/sysdeps/htl/pthreadP.h
+index 132ac1718e..71c2fcd9c6 100644
+--- a/sysdeps/htl/pthreadP.h
++++ b/sysdeps/htl/pthreadP.h
+@@ -68,6 +68,8 @@ struct __pthread_cancelation_handler **___pthread_get_cleanup_stack (void) attri
+
+ #if IS_IN (libpthread)
+ hidden_proto (__pthread_key_create)
++hidden_proto (__pthread_getspecific)
++hidden_proto (__pthread_setspecific)
+ hidden_proto (_pthread_mutex_init)
+ #endif
+
+diff --git a/sysdeps/unix/sysv/linux/getdents64.c b/sysdeps/unix/sysv/linux/getdents64.c
+index 3bde0cf4f0..bc140b5a7f 100644
+--- a/sysdeps/unix/sysv/linux/getdents64.c
++++ b/sysdeps/unix/sysv/linux/getdents64.c
+@@ -33,41 +33,80 @@ strong_alias (__getdents64, __getdents)
+ # include <shlib-compat.h>
+
+ # if SHLIB_COMPAT(libc, GLIBC_2_1, GLIBC_2_2)
+-# include <olddirent.h>
++# include <olddirent.h>
++# include <unistd.h>
+
+-/* kernel definition of as of 3.2. */
+-struct compat_linux_dirent
++static ssize_t
++handle_overflow (int fd, __off64_t offset, ssize_t count)
+ {
+- /* Both d_ino and d_off are compat_ulong_t which are defined in all
+- architectures as 'u32'. */
+- uint32_t d_ino;
+- uint32_t d_off;
+- unsigned short d_reclen;
+- char d_name[1];
+-};
++ /* If this is the first entry in the buffer, we can report the
++ error. */
++ if (count == 0)
++ {
++ __set_errno (EOVERFLOW);
++ return -1;
++ }
++
++ /* Otherwise, seek to the overflowing entry, so that the next call
++ will report the error, and return the data read so far.. */
++ if (__lseek64 (fd, offset, SEEK_SET) != 0)
++ return -1;
++ return count;
++}
+
+ ssize_t
+ __old_getdents64 (int fd, char *buf, size_t nbytes)
+ {
+- ssize_t retval = INLINE_SYSCALL_CALL (getdents, fd, buf, nbytes);
++ /* We do not move the individual directory entries. This is only
++ possible if the target type (struct __old_dirent64) is smaller
++ than the source type. */
++ _Static_assert (offsetof (struct __old_dirent64, d_name)
++ <= offsetof (struct dirent64, d_name),
++ "__old_dirent64 is larger than dirent64");
++ _Static_assert (__alignof__ (struct __old_dirent64)
++ <= __alignof__ (struct dirent64),
++ "alignment of __old_dirent64 is larger than dirent64");
+
+- /* The kernel added the d_type value after the name. Change this now. */
+- if (retval != -1)
++ ssize_t retval = INLINE_SYSCALL_CALL (getdents64, fd, buf, nbytes);
++ if (retval > 0)
+ {
+- union
+- {
+- struct compat_linux_dirent k;
+- struct dirent u;
+- } *kbuf = (void *) buf;
+-
+- while ((char *) kbuf < buf + retval)
++ char *p = buf;
++ char *end = buf + retval;
++ while (p < end)
+ {
+- char d_type = *((char *) kbuf + kbuf->k.d_reclen - 1);
+- memmove (kbuf->u.d_name, kbuf->k.d_name,
+- strlen (kbuf->k.d_name) + 1);
+- kbuf->u.d_type = d_type;
++ struct dirent64 *source = (struct dirent64 *) p;
++
++ /* Copy out the fixed-size data. */
++ __ino_t ino = source->d_ino;
++ __off64_t offset = source->d_off;
++ unsigned int reclen = source->d_reclen;
++ unsigned char type = source->d_type;
++
++ /* Check for ino_t overflow. */
++ if (__glibc_unlikely (ino != source->d_ino))
++ return handle_overflow (fd, offset, p - buf);
++
++ /* Convert to the target layout. Use a separate struct and
++ memcpy to side-step aliasing issues. */
++ struct __old_dirent64 result;
++ result.d_ino = ino;
++ result.d_off = offset;
++ result.d_reclen = reclen;
++ result.d_type = type;
++
++ /* Write the fixed-sized part of the result to the
++ buffer. */
++ size_t result_name_offset = offsetof (struct __old_dirent64, d_name);
++ memcpy (p, &result, result_name_offset);
++
++ /* Adjust the position of the name if necessary. Copy
++ everything until the end of the record, including the
++ terminating NUL byte. */
++ if (result_name_offset != offsetof (struct dirent64, d_name))
++ memmove (p + result_name_offset, source->d_name,
++ reclen - offsetof (struct dirent64, d_name));
+
+- kbuf = (void *) ((char *) kbuf + kbuf->k.d_reclen);
++ p += reclen;
+ }
+ }
+ return retval;
+
+diff --git a/misc/error.c b/misc/error.c
+index b4e8b6c938..03378e2f2a 100644
+--- a/misc/error.c
++++ b/misc/error.c
+@@ -319,6 +319,7 @@ error (int status, int errnum, const char *message, ...)
+
+ va_start (args, message);
+ error_tail (status, errnum, message, args);
++ va_end (args);
+
+ #ifdef _LIBC
+ _IO_funlockfile (stderr);
+@@ -390,6 +391,7 @@ error_at_line (int status, int errnum, const char *file_name,
+
+ va_start (args, message);
+ error_tail (status, errnum, message, args);
++ va_end (args);
+
+ #ifdef _LIBC
+ _IO_funlockfile (stderr);
+
+diff --git a/nscd/nscd_conf.c b/nscd/nscd_conf.c
+index 265a02434d..7293b795b6 100644
+--- a/nscd/nscd_conf.c
++++ b/nscd/nscd_conf.c
+@@ -190,7 +190,10 @@ nscd_parse_file (const char *fname, struct database_dyn dbs[lastdb])
+ if (!arg1)
+ error (0, 0, _("Must specify user name for server-user option"));
+ else
+- server_user = xstrdup (arg1);
++ {
++ free ((char *) server_user);
++ server_user = xstrdup (arg1);
++ }
+ }
+ else if (strcmp (entry, "stat-user") == 0)
+ {
+@@ -198,6 +201,7 @@ nscd_parse_file (const char *fname, struct database_dyn dbs[lastdb])
+ error (0, 0, _("Must specify user name for stat-user option"));
+ else
+ {
++ free ((char *) stat_user);
+ stat_user = xstrdup (arg1);
+
+ struct passwd *pw = getpwnam (stat_user);
+
+diff --git a/nss/nss_files/files-alias.c b/nss/nss_files/files-alias.c
+index cfd34b66b9..35b0bfc5d2 100644
+--- a/nss/nss_files/files-alias.c
++++ b/nss/nss_files/files-alias.c
+@@ -221,6 +221,13 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result,
+ {
+ while (! feof_unlocked (listfile))
+ {
++ if (room_left < 2)
++ {
++ free (old_line);
++ fclose (listfile);
++ goto no_more_room;
++ }
++
+ first_unused[room_left - 1] = '\xff';
+ line = fgets_unlocked (first_unused, room_left,
+ listfile);
+@@ -229,6 +236,7 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result,
+ if (first_unused[room_left - 1] != '\xff')
+ {
+ free (old_line);
++ fclose (listfile);
+ goto no_more_room;
+ }
+
+@@ -256,6 +264,7 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result,
+ + __alignof__ (char *)))
+ {
+ free (old_line);
++ fclose (listfile);
+ goto no_more_room;
+ }
+ room_left -= ((first_unused - cp)
+
diff --git a/gnu/packages/patches/grub-binutils-compat.patch b/gnu/packages/patches/grub-binutils-compat.patch
new file mode 100644
index 0000000000..2107869314
--- /dev/null
+++ b/gnu/packages/patches/grub-binutils-compat.patch
@@ -0,0 +1,53 @@
+Fix a relocation issue that shows up with recent binutils.
+
+Patch taken from upstream:
+https://git.sv.gnu.org/cgit/grub.git/commit/?id=842c390469e2c2e10b5aa36700324cd3bde25875
+
+diff --git a/grub-core/efiemu/i386/loadcore64.c b/grub-core/efiemu/i386/loadcore64.c
+index e49d0b6..18facf4 100644
+--- a/grub-core/efiemu/i386/loadcore64.c
++++ b/grub-core/efiemu/i386/loadcore64.c
+@@ -98,6 +98,7 @@ grub_arch_efiemu_relocate_symbols64 (grub_efiemu_segment_t segs,
+ break;
+
+ case R_X86_64_PC32:
++ case R_X86_64_PLT32:
+ err = grub_efiemu_write_value (addr,
+ *addr32 + rel->r_addend
+ + sym.off
+diff --git a/grub-core/kern/x86_64/dl.c b/grub-core/kern/x86_64/dl.c
+index 4406906..3a73e6e 100644
+--- a/grub-core/kern/x86_64/dl.c
++++ b/grub-core/kern/x86_64/dl.c
+@@ -70,6 +70,7 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr,
+ break;
+
+ case R_X86_64_PC32:
++ case R_X86_64_PLT32:
+ {
+ grub_int64_t value;
+ value = ((grub_int32_t) *addr32) + rel->r_addend + sym->st_value -
+diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c
+index a2bb054..39d7efb 100644
+--- a/util/grub-mkimagexx.c
++++ b/util/grub-mkimagexx.c
+@@ -841,6 +841,7 @@ SUFFIX (relocate_addresses) (Elf_Ehdr *e, Elf_Shdr *sections,
+ break;
+
+ case R_X86_64_PC32:
++ case R_X86_64_PLT32:
+ {
+ grub_uint32_t *t32 = (grub_uint32_t *) target;
+ *t32 = grub_host_to_target64 (grub_target_to_host32 (*t32)
+diff --git a/util/grub-module-verifier.c b/util/grub-module-verifier.c
+index 9179285..a79271f 100644
+--- a/util/grub-module-verifier.c
++++ b/util/grub-module-verifier.c
+@@ -19,6 +19,7 @@ struct grub_module_verifier_arch archs[] = {
+ -1
+ }, (int[]){
+ R_X86_64_PC32,
++ R_X86_64_PLT32,
+ -1
+ }
+ },
diff --git a/gnu/packages/patches/jemalloc-arm-address-bits.patch b/gnu/packages/patches/jemalloc-arm-address-bits.patch
deleted file mode 100644
index f2ef24c25a..0000000000
--- a/gnu/packages/patches/jemalloc-arm-address-bits.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 8cfc9dec37b312a2686f602bbcdd102ca07cca99 Mon Sep 17 00:00:00 2001
-From: David Goldblatt <davidgoldblatt@fb.com>
-Date: Fri, 29 Sep 2017 13:54:08 -0700
-Subject: [PATCH] ARM: Don't extend bit LG_VADDR to compute high address bits.
-
-In userspace ARM on Linux, zero-ing the high bits is the correct way to do this.
-This doesn't fix the fact that we currently set LG_VADDR to 48 on ARM, when in
-fact larger virtual address sizes are coming soon. We'll cross that bridge when
-we come to it.
----
- include/jemalloc/internal/rtree.h | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/include/jemalloc/internal/rtree.h b/include/jemalloc/internal/rtree.h
-index b5d4db39..4563db23 100644
---- a/include/jemalloc/internal/rtree.h
-+++ b/include/jemalloc/internal/rtree.h
-@@ -178,9 +178,21 @@ rtree_leaf_elm_bits_read(tsdn_t *tsdn, rtree_t *rtree, rtree_leaf_elm_t *elm,
-
- JEMALLOC_ALWAYS_INLINE extent_t *
- rtree_leaf_elm_bits_extent_get(uintptr_t bits) {
-+# ifdef __aarch64__
-+ /*
-+ * aarch64 doesn't sign extend the highest virtual address bit to set
-+ * the higher ones. Instead, the high bits gets zeroed.
-+ */
-+ uintptr_t high_bit_mask = ((uintptr_t)1 << LG_VADDR) - 1;
-+ /* Mask off the slab bit. */
-+ uintptr_t low_bit_mask = ~(uintptr_t)1;
-+ uintptr_t mask = high_bit_mask & low_bit_mask;
-+ return (extent_t *)(bits & mask);
-+# else
- /* Restore sign-extended high bits, mask slab bit. */
- return (extent_t *)((uintptr_t)((intptr_t)(bits << RTREE_NHIB) >>
- RTREE_NHIB) & ~((uintptr_t)0x1));
-+# endif
- }
-
- JEMALLOC_ALWAYS_INLINE szind_t
diff --git a/gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch b/gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch
new file mode 100644
index 0000000000..3056f0baad
--- /dev/null
+++ b/gnu/packages/patches/libgcrypt-make-yat2m-reproducible.patch
@@ -0,0 +1,32 @@
+Make yat2m in libgcrypt respect SOURCE_DATE_EPOCH, making
+the build reproducible.
+
+This was already fixed upstream in GnuPG:
+https://dev.gnupg.org/rG139de02b93773615bdd95e04a7f0c1ad73b4f6fb
+
+and in libgpg-error:
+https://dev.gnupg.org/rE5494a5728418938d2e42158bb646b07124184e64
+
+
+--- a/doc/yat2m.c 2017-11-23 19:16:58.000000000 +0100
++++ b/doc/yat2m.c 2017-08-28 12:22:54.000000000 +0200
+@@ -1475,6 +1484,7 @@
+ main (int argc, char **argv)
+ {
+ int last_argc = -1;
++ const char *s;
+
+ opt_source = "GNU";
+ opt_release = "";
+@@ -1608,6 +1618,11 @@
+ if (argc > 1)
+ die ("usage: " PGM " [OPTION] [FILE] (try --help for more information)\n");
+
++ /* Take care of supplied timestamp for reproducible builds. See
++ * https://reproducible-builds.org/specs/source-date-epoch/ */
++ if (!opt_date && (s = getenv ("SOURCE_DATE_EPOCH")) && *s)
++ opt_date = s;
++
+ /* Start processing. */
+ if (argc && strcmp (*argv, "-"))
+ {
diff --git a/gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch b/gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch
deleted file mode 100644
index d848d639b2..0000000000
--- a/gnu/packages/patches/libgpg-error-aarch64-logging-fix.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=patch;h=791177de023574223eddf7288eb7c5a0721ac623
-
-From 791177de023574223eddf7288eb7c5a0721ac623 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Sun, 18 Mar 2018 17:39:43 +0100
-Subject: [PATCH] core: Fix regression on arm64 due to invalid use of va_list.
-
-* src/logging.c (_gpgrt_log_printhex): Provide a dummy arg instead of
-NULL.
---
-
-Fix
-Suggested-by: Jakub Wilk <jwilk@jwilk.net>
-
-Signed-off-by: Werner Koch <wk@gnupg.org>
----
- src/logging.c | 18 ++++++++++++++----
- 1 file changed, 14 insertions(+), 4 deletions(-)
-
-diff --git a/src/logging.c b/src/logging.c
-index 1a4f620..d01f974 100644
---- a/src/logging.c
-+++ b/src/logging.c
-@@ -1090,9 +1090,10 @@ _gpgrt_log_flush (void)
-
-
- /* Print a hexdump of (BUFFER,LENGTH). With FMT passed as NULL print
-- * just the raw dump, with FMT being an empty string, print a trailing
-- * linefeed, otherwise print an entire debug line with the expanded
-- * FMT followed by a possible wrapped hexdump and a final LF. */
-+ * just the raw dump (in this case ARG_PTR is not used), with FMT
-+ * being an empty string, print a trailing linefeed, otherwise print
-+ * an entire debug line with the expanded FMT followed by a possible
-+ * wrapped hexdump and a final LF. */
- void
- _gpgrt_logv_printhex (const void *buffer, size_t length,
- const char *fmt, va_list arg_ptr)
-@@ -1150,7 +1151,16 @@ _gpgrt_log_printhex (const void *buffer, size_t length,
- va_end (arg_ptr);
- }
- else
-- _gpgrt_logv_printhex (buffer, length, NULL, NULL);
-+ {
-+ /* va_list is not necessary a pointer and thus we can't use NULL
-+ * because that would conflict with platforms using a straight
-+ * struct for it (e.g. arm64). We use a dummy variable instead;
-+ * the static is a simple way zero it out so to not get
-+ * complains about uninitialized use. */
-+ static va_list dummy_argptr;
-+
-+ _gpgrt_logv_printhex (buffer, length, NULL, dummy_argptr);
-+ }
- }
-
-
---
-2.8.0.rc3
-
diff --git a/gnu/packages/patches/m4-gnulib-libio.patch b/gnu/packages/patches/m4-gnulib-libio.patch
new file mode 100644
index 0000000000..a26622ccf3
--- /dev/null
+++ b/gnu/packages/patches/m4-gnulib-libio.patch
@@ -0,0 +1,128 @@
+Adjust the bundled gnulib to cope with removal of libio interface in
+glibc 2.28.
+
+Based on this upstream patch, without hunks that do not apply to m4:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4af4a4a71827c0bc5e0ec67af23edef4f15cee8e
+
+diff --git a/lib/fflush.c b/lib/fflush.c
+index 983ade0..a6edfa1 100644
+--- a/lib/fflush.c
++++ b/lib/fflush.c
+@@ -33,7 +33,7 @@
+ #undef fflush
+
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */
+ static void
+@@ -72,7 +72,7 @@ clear_ungetc_buffer (FILE *fp)
+
+ #endif
+
+-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
++#if ! (defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
+
+ # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
+@@ -148,7 +148,7 @@ rpl_fflush (FILE *stream)
+ if (stream == NULL || ! freading (stream))
+ return fflush (stream);
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ clear_ungetc_buffer_preserving_position (stream);
+
+diff --git a/lib/fpending.c b/lib/fpending.c
+index c84e3a5..789f50e 100644
+--- a/lib/fpending.c
++++ b/lib/fpending.c
+@@ -32,7 +32,7 @@ __fpending (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return fp->_IO_write_ptr - fp->_IO_write_base;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
+diff --git a/lib/fpurge.c b/lib/fpurge.c
+index b1d417c..3aedcc3 100644
+--- a/lib/fpurge.c
++++ b/lib/fpurge.c
+@@ -62,7 +62,7 @@ fpurge (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_IO_read_end = fp->_IO_read_ptr;
+ fp->_IO_write_ptr = fp->_IO_write_base;
+ /* Avoid memory leak when there is an active ungetc buffer. */
+diff --git a/lib/freadahead.c b/lib/freadahead.c
+index c2ecb5b..23ec76e 100644
+--- a/lib/freadahead.c
++++ b/lib/freadahead.c
+@@ -30,7 +30,7 @@ extern size_t __sreadahead (FILE *);
+ size_t
+ freadahead (FILE *fp)
+ {
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_write_ptr > fp->_IO_write_base)
+ return 0;
+ return (fp->_IO_read_end - fp->_IO_read_ptr)
+diff --git a/lib/freading.c b/lib/freading.c
+index 73c28ac..c24d0c8 100644
+--- a/lib/freading.c
++++ b/lib/freading.c
+@@ -31,7 +31,7 @@ freading (FILE *fp)
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++# if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return ((fp->_flags & _IO_NO_WRITES) != 0
+ || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0
+ && fp->_IO_read_base != NULL));
+diff --git a/lib/fseeko.c b/lib/fseeko.c
+index 0101ab5..193f4e8 100644
+--- a/lib/fseeko.c
++++ b/lib/fseeko.c
+@@ -47,7 +47,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ #endif
+
+ /* These tests are based on fpurge.c. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_read_end == fp->_IO_read_ptr
+ && fp->_IO_write_ptr == fp->_IO_write_base
+ && fp->_IO_save_base == NULL)
+@@ -123,7 +123,7 @@ fseeko (FILE *fp, off_t offset, int whence)
+ return -1;
+ }
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_flags &= ~_IO_EOF_SEEN;
+ fp->_offset = pos;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+diff --git a/lib/stdio-impl.h b/lib/stdio-impl.h
+index 78d896e..05c5752 100644
+--- a/lib/stdio-impl.h
++++ b/lib/stdio-impl.h
+@@ -18,6 +18,12 @@
+ the same implementation of stdio extension API, except that some fields
+ have different naming conventions, or their access requires some casts. */
+
++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this
++ problem by defining it ourselves. FIXME: Do not rely on glibc
++ internals. */
++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN
++# define _IO_IN_BACKUP 0x100
++#endif
+
+ /* BSD stdio derived implementations. */
+
diff --git a/gnu/packages/patches/mariadb-gcc-ice.patch b/gnu/packages/patches/mariadb-gcc-ice.patch
deleted file mode 100644
index 59b188f45a..0000000000
--- a/gnu/packages/patches/mariadb-gcc-ice.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Work around this GCC ICE: <https://bugs.gnu.org/31708>. It shows up
-only when doing native compiles on armhf-linux.
-
---- mariadb-10.1.33/plugin/semisync/semisync_master.cc 2018-07-28 02:13:12.604020250 +0200
-+++ mariadb-10.1.33/plugin/semisync/semisync_master.cc 2018-07-28 02:14:11.907753417 +0200
-@@ -847,6 +847,8 @@
- return function_exit(kWho, 0);
- }
-
-+volatile const void *kSyncHeaderPtr = &ReplSemiSyncMaster::kSyncHeader;
-+
- int ReplSemiSyncMaster::reserveSyncHeader(unsigned char *header,
- unsigned long size)
- {
-@@ -873,7 +875,7 @@
- /* Set the magic number and the sync status. By default, no sync
- * is required.
- */
-- memcpy(header, kSyncHeader, sizeof(kSyncHeader));
-+ memcpy(header, (void *)kSyncHeaderPtr, sizeof(kSyncHeader));
- hlen= sizeof(kSyncHeader);
- }
- return function_exit(kWho, hlen);
-
diff --git a/gnu/packages/patches/meson-for-build-rpath.patch b/gnu/packages/patches/meson-for-build-rpath.patch
index 59249e294d..ef9a73f07c 100644
--- a/gnu/packages/patches/meson-for-build-rpath.patch
+++ b/gnu/packages/patches/meson-for-build-rpath.patch
@@ -2,10 +2,10 @@ This patch removes a part of meson that clears the rpath upon installation.
This will only be applied to a special version of meson, used for the
meson-build-system.
-Patch by Peter Mikkelsen <petermikkelsen10@gmail.com>
+Original patch for Meson 0.42.0 by Peter Mikkelsen <petermikkelsen10@gmail.com>
---- meson-0.42.0/mesonbuild/minstall.py.orig 2017-09-09 01:49:39.147374148 +0200
-+++ meson-0.42.0/mesonbuild/minstall.py 2017-09-09 01:51:01.209134717 +0200
+--- meson-0.47.1/mesonbuild/minstall.py.old 2018-08-10 11:01:27.812327013 +0200
++++ meson-0.47.1/mesonbuild/minstall.py 2018-08-10 11:01:51.940368505 +0200
@@ -436,15 +436,6 @@
print("Symlink creation does not work on this platform. "
"Skipping all symlinking.")
diff --git a/gnu/packages/patches/oath-toolkit-glibc-compat.patch b/gnu/packages/patches/oath-toolkit-glibc-compat.patch
new file mode 100644
index 0000000000..22814599e5
--- /dev/null
+++ b/gnu/packages/patches/oath-toolkit-glibc-compat.patch
@@ -0,0 +1,90 @@
+Adjust the bundled Gnulib to cope with removal of libio interface in Glibc 2.28.
+
+Based on this upstream gnulib patch:
+https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=4af4a4a71827c0bc5e0ec67af23edef4f15cee8e
+
+--- a/liboath/gl/fflush.c
++++ b/liboath/gl/fflush.c
+@@ -33,7 +33,7 @@
+ #undef fflush
+
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */
+ static void
+@@ -72,7 +72,7 @@
+
+ #endif
+
+-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
++#if ! (defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */)
+
+ # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT
+ /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */
+@@ -148,7 +148,7 @@
+ if (stream == NULL || ! freading (stream))
+ return fflush (stream);
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+
+ clear_ungetc_buffer_preserving_position (stream);
+
+--- a/liboath/gl/fpurge.c
++++ b/liboath/gl/fpurge.c
+@@ -62,7 +62,7 @@
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_IO_read_end = fp->_IO_read_ptr;
+ fp->_IO_write_ptr = fp->_IO_write_base;
+ /* Avoid memory leak when there is an active ungetc buffer. */
+--- a/libaoth/gl/freading.c
++++ b/liboath/gl/freading.c
+@@ -31,7 +31,7 @@
+ /* Most systems provide FILE as a struct and the necessary bitmask in
+ <stdio.h>, because they need it for implementing getc() and putc() as
+ fast macros. */
+-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ return ((fp->_flags & _IO_NO_WRITES) != 0
+ || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0
+ && fp->_IO_read_base != NULL));
+--- a/liboath/gl/fseeko.c
++++ b/liboath/gl/fseeko.c
+@@ -47,7 +47,7 @@
+ #endif
+
+ /* These tests are based on fpurge.c. */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ if (fp->_IO_read_end == fp->_IO_read_ptr
+ && fp->_IO_write_ptr == fp->_IO_write_base
+ && fp->_IO_save_base == NULL)
+@@ -123,7 +123,7 @@
+ return -1;
+ }
+
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+ fp->_flags &= ~_IO_EOF_SEEN;
+ fp->_offset = pos;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+--- a/liboath/gl/stdio-impl.h
++++ b/liboath/gl/stdio-impl.h
+@@ -18,6 +18,11 @@
+ the same implementation of stdio extension API, except that some fields
+ have different naming conventions, or their access requires some casts. */
+
++/* Glibc 2.28 made _IO_IN_BACKUP private, so define it here for now. */
++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN
++# define _IO_IN_BACKUP 0x100
++#endif
++
+ /* BSD stdio derived implementations. */
+
+ #if defined __NetBSD__ /* NetBSD */
diff --git a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch
deleted file mode 100644
index 2d54ed03b9..0000000000
--- a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-Fix CVE-2018-0495:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
-https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
-
-Patch copied from upstream source repository:
-
-https://github.com/openssl/openssl/commit/949ff36623eafc3523a9f91784992965018ffb05
-
-From 949ff36623eafc3523a9f91784992965018ffb05 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Fri, 25 May 2018 12:10:13 +0100
-Subject: [PATCH] Add blinding to an ECDSA signature
-
-Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
-ECDSA signature operation. During signing the signer calculates:
-
-s:= k^-1 * (m + r * priv_key) mod order
-
-The addition operation above provides a sufficient signal for a
-flush+reload attack to derive the private key given sufficient signature
-operations.
-
-As a mitigation (based on a suggestion from Keegan) we add blinding to
-the operation so that:
-
-s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
-
-Since this attack is a localhost side channel only no CVE is assigned.
-
-Reviewed-by: Rich Salz <rsalz@openssl.org>
----
- CHANGES | 4 ++
- crypto/ecdsa/ecdsatest.c | 9 ++++-
- crypto/ecdsa/ecs_ossl.c | 82 ++++++++++++++++++++++++++++++++--------
- 3 files changed, 79 insertions(+), 16 deletions(-)
-
-diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
-index 0f301f86d9..a130fc9117 100644
---- a/crypto/ecdsa/ecdsatest.c
-+++ b/crypto/ecdsa/ecdsatest.c
-@@ -137,7 +137,7 @@ int restore_rand(void)
- return 1;
- }
-
--static int fbytes_counter = 0;
-+static int fbytes_counter = 0, use_fake = 0;
- static const char *numbers[8] = {
- "651056770906015076056810763456358567190100156695615665659",
- "6140507067065001063065065565667405560006161556565665656654",
-@@ -158,6 +158,11 @@ int fbytes(unsigned char *buf, int num)
- int ret;
- BIGNUM *tmp = NULL;
-
-+ if (use_fake == 0)
-+ return old_rand->bytes(buf, num);
-+
-+ use_fake = 0;
-+
- if (fbytes_counter >= 8)
- return 0;
- tmp = BN_new();
-@@ -199,11 +204,13 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
- /* create the key */
- if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
- goto x962_int_err;
-+ use_fake = 1;
- if (!EC_KEY_generate_key(key))
- goto x962_int_err;
- BIO_printf(out, ".");
- (void)BIO_flush(out);
- /* create the signature */
-+ use_fake = 1;
- signature = ECDSA_do_sign(digest, 20, key);
- if (signature == NULL)
- goto x962_int_err;
-diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
-index 16d4f59b9b..1d37551803 100644
---- a/crypto/ecdsa/ecs_ossl.c
-+++ b/crypto/ecdsa/ecs_ossl.c
-@@ -252,6 +252,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- {
- int ok = 0, i;
- BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL;
-+ BIGNUM *blind = NULL, *blindm = NULL;
- const BIGNUM *ckinv;
- BN_CTX *ctx = NULL;
- const EC_GROUP *group;
-@@ -269,14 +270,25 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- }
-
- ret = ECDSA_SIG_new();
-- if (!ret) {
-+ if (ret == NULL) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- s = ret->s;
-
-- if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
-- (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
-+ ctx = BN_CTX_new();
-+ if (ctx == NULL) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
-+
-+ BN_CTX_start(ctx);
-+ order = BN_CTX_get(ctx);
-+ tmp = BN_CTX_get(ctx);
-+ m = BN_CTX_get(ctx);
-+ blind = BN_CTX_get(ctx);
-+ blindm = BN_CTX_get(ctx);
-+ if (blindm == NULL) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-@@ -315,26 +327,70 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- }
- }
-
-- if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
-+ /*
-+ * The normal signature calculation is:
-+ *
-+ * s := k^-1 * (m + r * priv_key) mod order
-+ *
-+ * We will blind this to protect against side channel attacks
-+ *
-+ * s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order
-+ */
-+
-+ /* Generate a blinding value */
-+ do {
-+ if (!BN_rand(blind, BN_num_bits(order) - 1, -1, 0))
-+ goto err;
-+ } while (BN_is_zero(blind));
-+ BN_set_flags(blind, BN_FLG_CONSTTIME);
-+ BN_set_flags(blindm, BN_FLG_CONSTTIME);
-+ BN_set_flags(tmp, BN_FLG_CONSTTIME);
-+
-+ /* tmp := blind * priv_key * r mod order */
-+ if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+ if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+
-+ /* blindm := blind * m mod order */
-+ if (!BN_mod_mul(blindm, blind, m, order, ctx)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+
-+ /* s : = (blind * priv_key * r) + (blind * m) mod order */
-+ if (!BN_mod_add_quick(s, tmp, blindm, order)) {
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-+ goto err;
-+ }
-+
-+ /* s:= s * blind^-1 mod order */
-+ if (BN_mod_inverse(blind, blind, order, ctx) == NULL) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
- goto err;
- }
-- if (!BN_mod_add_quick(s, tmp, m, order)) {
-+ if (!BN_mod_mul(s, s, blind, order, ctx)) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
- goto err;
- }
-+
-+ /* s := s * k^-1 mod order */
- if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
- goto err;
- }
-+
- if (BN_is_zero(s)) {
- /*
- * if kinv and r have been supplied by the caller don't to
- * generate new kinv and r values
- */
- if (in_kinv != NULL && in_r != NULL) {
-- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-- ECDSA_R_NEED_NEW_SETUP_VALUES);
-+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
- goto err;
- }
- } else
-@@ -349,15 +405,11 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
- ECDSA_SIG_free(ret);
- ret = NULL;
- }
-- if (ctx)
-+ if (ctx != NULL) {
-+ BN_CTX_end(ctx);
- BN_CTX_free(ctx);
-- if (m)
-- BN_clear_free(m);
-- if (tmp)
-- BN_clear_free(tmp);
-- if (order)
-- BN_free(order);
-- if (kinv)
-+ }
-+ if (kinv != NULL)
- BN_clear_free(kinv);
- return ret;
- }
---
-2.17.1
-
diff --git a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch
deleted file mode 100644
index 50b95306a5..0000000000
--- a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Fix CVE-2018-0732:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
-
-Patch copied from upstream source repository:
-
-https://github.com/openssl/openssl/commit/3984ef0b72831da8b3ece4745cac4f8575b19098
-
-From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001
-From: Guido Vranken <guidovranken@gmail.com>
-Date: Mon, 11 Jun 2018 19:38:54 +0200
-Subject: [PATCH] Reject excessively large primes in DH key generation.
-
-CVE-2018-0732
-
-Signed-off-by: Guido Vranken <guidovranken@gmail.com>
-
-(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
-
-Reviewed-by: Tim Hudson <tjh@openssl.org>
-Reviewed-by: Matt Caswell <matt@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/6457)
----
- crypto/dh/dh_key.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
-index 387558f146..f235e0d682 100644
---- a/crypto/dh/dh_key.c
-+++ b/crypto/dh/dh_key.c
-@@ -130,10 +130,15 @@ static int generate_key(DH *dh)
- int ok = 0;
- int generate_new_key = 0;
- unsigned l;
-- BN_CTX *ctx;
-+ BN_CTX *ctx = NULL;
- BN_MONT_CTX *mont = NULL;
- BIGNUM *pub_key = NULL, *priv_key = NULL;
-
-+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
-+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
-+ return 0;
-+ }
-+
- ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
---
-2.17.1
-
diff --git a/gnu/packages/patches/parted-glibc-compat.patch b/gnu/packages/patches/parted-glibc-compat.patch
new file mode 100644
index 0000000000..edf4afb0d1
--- /dev/null
+++ b/gnu/packages/patches/parted-glibc-compat.patch
@@ -0,0 +1,17 @@
+Include <sys/sysmacros.h> for "major" and "minor".
+
+Taken from upstream:
+https://git.savannah.gnu.org/cgit/parted.git/commit/?id=ba5e0451b51c983e40afd123b6e0d3eddb55e610
+
+diff --git a/libparted/arch/linux.c b/libparted/arch/linux.c
+index 31b98ab..7e86b51 100644
+--- a/libparted/arch/linux.c
++++ b/libparted/arch/linux.c
+@@ -41,6 +41,7 @@
+ #include <sys/utsname.h> /* for uname() */
+ #include <scsi/scsi.h>
+ #include <assert.h>
++#include <sys/sysmacros.h>
+ #ifdef ENABLE_DEVICE_MAPPER
+ #include <libdevmapper.h>
+ #endif
diff --git a/gnu/packages/patches/perf-gcc-ice.patch b/gnu/packages/patches/perf-gcc-ice.patch
deleted file mode 100644
index 58ab5359c2..0000000000
--- a/gnu/packages/patches/perf-gcc-ice.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Work around this GCC ICE: <https://bugs.gnu.org/31708>.
-
---- linux-4.16.13/tools/perf/util/header.c 2018-06-04 11:30:39.368146035 +0200
-+++ linux-4.16.13/tools/perf/util/header.c 2018-06-04 11:34:04.667212378 +0200
-@@ -135,7 +135,7 @@ int do_write(struct feat_fd *ff, const v
- int write_padded(struct feat_fd *ff, const void *bf,
- size_t count, size_t count_aligned)
- {
-- static const char zero_buf[NAME_ALIGN];
-+ static const char zero_buf[NAME_ALIGN] = { 0 };
- int err = do_write(ff, bf, count);
-
- if (!err)
diff --git a/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch b/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
deleted file mode 100644
index 6460cf5855..0000000000
--- a/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Fix CVE-2018-12015:
-
-https://security-tracker.debian.org/tracker/CVE-2018-12015
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12015
-https://rt.cpan.org/Ticket/Display.html?id=125523
-
-Patch taken from this upstream commit and adapted to apply to
-the bundled copy in the Perl distribution:
-
-https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
-
-diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm
-index 6244369..a83975f 100644
---- a/cpan/Archive-Tar/lib/Archive/Tar.pm
-+++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
-@@ -845,6 +845,20 @@ sub _extract_file {
- return;
- }
-
-+ ### If a file system already contains a block device with the same name as
-+ ### the being extracted regular file, we would write the file's content
-+ ### to the block device. So remove the existing file (block device) now.
-+ ### If an archive contains multiple same-named entries, the last one
-+ ### should replace the previous ones. So remove the old file now.
-+ ### If the old entry is a symlink to a file outside of the CWD, the new
-+ ### entry would create a file there. This is CVE-2018-12015
-+ ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
-+ if (-l $full || -e _) {
-+ if (!unlink $full) {
-+ $self->_error( qq[Could not remove old file '$full': $!] );
-+ return;
-+ }
-+ }
- if( length $entry->type && $entry->is_file ) {
- my $fh = IO::File->new;
- $fh->open( $full, '>' ) or (
diff --git a/gnu/packages/patches/perl-deterministic-ordering.patch b/gnu/packages/patches/perl-deterministic-ordering.patch
index 92e33ef135..be63d5cde3 100644
--- a/gnu/packages/patches/perl-deterministic-ordering.patch
+++ b/gnu/packages/patches/perl-deterministic-ordering.patch
@@ -12,10 +12,10 @@ reproducibility.
cpan/Devel-PPPort/PPPort_xs.PL | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/cpan/Devel-PPPort/PPPort_xs.PL b/cpan/Devel-PPPort/PPPort_xs.PL
+diff --git a/dist/Devel-PPPort/PPPort_xs.PL b/dist/Devel-PPPort/PPPort_xs.PL
index 5f18940..149f2fe 100644
---- a/cpan/Devel-PPPort/PPPort_xs.PL
-+++ b/cpan/Devel-PPPort/PPPort_xs.PL
+--- a/dist/Devel-PPPort/PPPort_xs.PL
++++ b/dist/Devel-PPPort/PPPort_xs.PL
@@ -38,7 +38,7 @@ END
my $file;
my $sec;
diff --git a/gnu/packages/patches/perl-file-path-CVE-2017-6512.patch b/gnu/packages/patches/perl-file-path-CVE-2017-6512.patch
deleted file mode 100644
index 28ab067599..0000000000
--- a/gnu/packages/patches/perl-file-path-CVE-2017-6512.patch
+++ /dev/null
@@ -1,173 +0,0 @@
-Fix CVE-2017-6512:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6512
-https://rt.cpan.org/Public/Bug/Display.html?id=121951
-
-Patch copied from Debian, adapted to apply to the copy of File::Path in Perl
-5.24.0.
-
-https://github.com/jkeenan/File-Path/commit/e5ef95276ee8ad471c66ee574a5d42552b3a6af2
-https://anonscm.debian.org/cgit/perl/perl.git/diff/debian/patches/fixes/file_path_chmod_race.diff?id=e7b50f8fb6413f8ddfbbfda2d531615fb029e2d3
-
-From d760748be0efca7c05454440e24f3df77bf7cf5d Mon Sep 17 00:00:00 2001
-From: John Lightsey <john@nixnuts.net>
-Date: Tue, 2 May 2017 12:03:52 -0500
-Subject: Prevent directory chmod race attack.
-
-CVE-2017-6512 is a race condition attack where the chmod() of directories
-that cannot be entered is misused to change the permissions on other
-files or directories on the system. This has been corrected by limiting
-the directory-permission loosening logic to systems where fchmod() is
-supported.
-
-[Backported (whitespace adjustments) to File-Path 2.12 / perl 5.24 by
-Dominic Hargreaves for Debian.]
-
-Bug: https://rt.cpan.org/Public/Bug/Display.html?id=121951
-Bug-Debian: https://bugs.debian.org/863870
-Patch-Name: fixes/file_path_chmod_race.diff
----
- cpan/File-Path/lib/File/Path.pm | 39 +++++++++++++++++++++++++--------------
- cpan/File-Path/t/Path.t | 40 ++++++++++++++++++++++++++--------------
- 2 files changed, 51 insertions(+), 28 deletions(-)
-
-diff --git a/cpan/File-Path/lib/File/Path.pm b/cpan/File-Path/lib/File/Path.pm
-index 034da1e..a824cc8 100644
---- a/cpan/File-Path/lib/File/Path.pm
-+++ b/cpan/File-Path/lib/File/Path.pm
-@@ -354,21 +354,32 @@ sub _rmtree {
-
- # see if we can escalate privileges to get in
- # (e.g. funny protection mask such as -w- instead of rwx)
-- $perm &= oct '7777';
-- my $nperm = $perm | oct '700';
-- if (
-- !(
-- $arg->{safe}
-- or $nperm == $perm
-- or chmod( $nperm, $root )
-- )
-- )
-- {
-- _error( $arg,
-- "cannot make child directory read-write-exec", $canon );
-- next ROOT_DIR;
-+ # This uses fchmod to avoid traversing outside of the proper
-+ # location (CVE-2017-6512)
-+ my $root_fh;
-+ if (open($root_fh, '<', $root)) {
-+ my ($fh_dev, $fh_inode) = (stat $root_fh )[0,1];
-+ $perm &= oct '7777';
-+ my $nperm = $perm | oct '700';
-+ local $@;
-+ if (
-+ !(
-+ $arg->{safe}
-+ or $nperm == $perm
-+ or !-d _
-+ or $fh_dev ne $ldev
-+ or $fh_inode ne $lino
-+ or eval { chmod( $nperm, $root_fh ) }
-+ )
-+ )
-+ {
-+ _error( $arg,
-+ "cannot make child directory read-write-exec", $canon );
-+ next ROOT_DIR;
-+ }
-+ close $root_fh;
- }
-- elsif ( !chdir($root) ) {
-+ if ( !chdir($root) ) {
- _error( $arg, "cannot chdir to child", $canon );
- next ROOT_DIR;
- }
-diff --git a/cpan/File-Path/t/Path.t b/cpan/File-Path/t/Path.t
-index ff52fd6..956ca09 100644
---- a/cpan/File-Path/t/Path.t
-+++ b/cpan/File-Path/t/Path.t
-@@ -3,7 +3,7 @@
-
- use strict;
-
--use Test::More tests => 127;
-+use Test::More tests => 126;
- use Config;
- use Fcntl ':mode';
- use lib 't/';
-@@ -18,6 +18,13 @@ BEGIN {
-
- my $Is_VMS = $^O eq 'VMS';
-
-+my $fchmod_supported = 0;
-+if (open my $fh, curdir()) {
-+ my ($perm) = (stat($fh))[2];
-+ $perm &= 07777;
-+ eval { $fchmod_supported = chmod( $perm, $fh); };
-+}
-+
- # first check for stupid permissions second for full, so we clean up
- # behind ourselves
- for my $perm (0111,0777) {
-@@ -299,16 +306,19 @@ is($created[0], $dir, "created directory (old style 3 mode undef) cross-check");
-
- is(rmtree($dir, 0, undef), 1, "removed directory 3 verbose undef");
-
--$dir = catdir($tmp_base,'G');
--$dir = VMS::Filespec::unixify($dir) if $Is_VMS;
-+SKIP: {
-+ skip "fchmod of directories not supported on this platform", 3 unless $fchmod_supported;
-+ $dir = catdir($tmp_base,'G');
-+ $dir = VMS::Filespec::unixify($dir) if $Is_VMS;
-
--@created = mkpath($dir, undef, 0200);
-+ @created = mkpath($dir, undef, 0400);
-
--is(scalar(@created), 1, "created write-only dir");
-+ is(scalar(@created), 1, "created read-only dir");
-
--is($created[0], $dir, "created write-only directory cross-check");
-+ is($created[0], $dir, "created read-only directory cross-check");
-
--is(rmtree($dir), 1, "removed write-only dir");
-+ is(rmtree($dir), 1, "removed read-only dir");
-+}
-
- # borderline new-style heuristics
- if (chdir $tmp_base) {
-@@ -450,26 +460,28 @@ SKIP: {
- }
-
- SKIP : {
-- my $skip_count = 19;
-+ my $skip_count = 18;
- # this test will fail on Windows, as per:
- # http://perldoc.perl.org/perlport.html#chmod
-
- skip "Windows chmod test skipped", $skip_count
- if $^O eq 'MSWin32';
-+ skip "fchmod() on directories is not supported on this platform", $skip_count
-+ unless $fchmod_supported;
- my $mode;
- my $octal_mode;
- my @inputs = (
-- 0777, 0700, 0070, 0007,
-- 0333, 0300, 0030, 0003,
-- 0111, 0100, 0010, 0001,
-- 0731, 0713, 0317, 0371, 0173, 0137,
-- 00 );
-+ 0777, 0700, 0470, 0407,
-+ 0433, 0400, 0430, 0403,
-+ 0111, 0100, 0110, 0101,
-+ 0731, 0713, 0317, 0371,
-+ 0173, 0137);
- my $input;
- my $octal_input;
-- $dir = catdir($tmp_base, 'chmod_test');
-
- foreach (@inputs) {
- $input = $_;
-+ $dir = catdir($tmp_base, sprintf("chmod_test%04o", $input));
- # We can skip from here because 0 is last in the list.
- skip "Mode of 0 means assume user defaults on VMS", 1
- if ($input == 0 && $Is_VMS);
diff --git a/gnu/packages/patches/python-pillow-fix-failing-tests.patch b/gnu/packages/patches/python-pillow-fix-failing-tests.patch
deleted file mode 100644
index 2575d6f612..0000000000
--- a/gnu/packages/patches/python-pillow-fix-failing-tests.patch
+++ /dev/null
Binary files differ
diff --git a/gnu/packages/patches/python-testtools.patch b/gnu/packages/patches/python-testtools.patch
new file mode 100644
index 0000000000..42536e50f9
--- /dev/null
+++ b/gnu/packages/patches/python-testtools.patch
@@ -0,0 +1,57 @@
+https://github.com/testing-cabal/testtools/commit/29004731f9c480b7c44a9c2605513d50d372898f.patch
+Should be fixed in the next release
+
+From 29004731f9c480b7c44a9c2605513d50d372898f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
+Date: Thu, 17 May 2018 17:52:26 +0200
+Subject: [PATCH] Fix the tests on Python 3.7
+
+Exception's repr got changed not to include trailing comma
+
+Fixes https://github.com/testing-cabal/testtools/issues/270
+---
+ .travis.yml | 1 +
+ testtools/tests/matchers/test_exception.py | 11 +++++++++--
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/.travis.yml b/.travis.yml
+index 7f1f4db7..784608e0 100644
+--- a/.travis.yml
++++ b/.travis.yml
+@@ -5,6 +5,7 @@ python:
+ - "3.4"
+ - "3.5"
+ - "3.6"
++ - "3.7-dev"
+ - "pypy"
+
+ install:
+diff --git a/testtools/tests/matchers/test_exception.py b/testtools/tests/matchers/test_exception.py
+index 6cd80af1..acd39252 100644
+--- a/testtools/tests/matchers/test_exception.py
++++ b/testtools/tests/matchers/test_exception.py
+@@ -32,15 +32,22 @@ class TestMatchesExceptionInstanceInterface(TestCase, TestMatchersInterface):
+ matches_matches = [error_foo]
+ matches_mismatches = [error_bar, error_base_foo]
+
++ if sys.version_info >= (3, 7):
++ # exception's repr has changed
++ _e = ''
++ else:
++ _e = ','
++
+ str_examples = [
+- ("MatchesException(Exception('foo',))",
++ ("MatchesException(Exception('foo'%s))" % _e,
+ MatchesException(Exception('foo')))
+ ]
+ describe_examples = [
+ ("%r is not a %r" % (Exception, ValueError),
+ error_base_foo,
+ MatchesException(ValueError("foo"))),
+- ("ValueError('bar',) has different arguments to ValueError('foo',).",
++ ("ValueError('bar'%s) has different arguments to ValueError('foo'%s)."
++ % (_e, _e),
+ error_bar,
+ MatchesException(ValueError("foo"))),
+ ]
diff --git a/gnu/packages/patches/python2-CVE-2018-1060.patch b/gnu/packages/patches/python2-CVE-2018-1060.patch
deleted file mode 100644
index 5eb7ccfbc9..0000000000
--- a/gnu/packages/patches/python2-CVE-2018-1060.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Fix CVE-2018-1060:
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
-
-Taken from upstream commit (sans test and NEWS):
-https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2
-
-diff --git a/Lib/poplib.py b/Lib/poplib.py
-index b91e5f72d2ca..a238510b38fc 100644
---- a/Lib/poplib.py
-+++ b/Lib/poplib.py
-@@ -274,7 +274,7 @@ def rpop(self, user):
- return self._shortcmd('RPOP %s' % user)
-
-
-- timestamp = re.compile(r'\+OK.*(<[^>]+>)')
-+ timestamp = re.compile(br'\+OK.[^<]*(<.*>)')
-
- def apop(self, user, secret):
- """Authorisation
-
diff --git a/gnu/packages/patches/python2-CVE-2018-1061.patch b/gnu/packages/patches/python2-CVE-2018-1061.patch
deleted file mode 100644
index 6caab24b4d..0000000000
--- a/gnu/packages/patches/python2-CVE-2018-1061.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Fix CVE-2018-1061:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
-
-Taken from upstream commit (sans test and NEWS):
-https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2
-
-diff --git a/Lib/difflib.py b/Lib/difflib.py
-index 1c6fbdbedcb7..788a92df3f89 100644
---- a/Lib/difflib.py
-+++ b/Lib/difflib.py
-@@ -1103,7 +1103,7 @@ def _qformat(self, aline, bline, atags, btags):
-
- import re
-
--def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match):
-+def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match):
- r"""
- Return 1 for ignorable line: iff `line` is blank or contains a single '#'.
-
diff --git a/gnu/packages/patches/qtbase-glibc-compat.patch b/gnu/packages/patches/qtbase-glibc-compat.patch
new file mode 100644
index 0000000000..15a2540b3a
--- /dev/null
+++ b/gnu/packages/patches/qtbase-glibc-compat.patch
@@ -0,0 +1,50 @@
+Fix qmake build with glibc 2.28.
+
+Taken from upstream:
+https://code.qt.io/cgit/qt/qtbase.git/commit/?id=25feee4e061b99edab79503d81f5bd045c6c8e3d
+
+diff --git a/src/corelib/global/qconfig-bootstrapped.h b/src/corelib/global/qconfig-bootstrapped.h
+index 3469ebe5e6..c5585ea32a 100644
+--- a/src/corelib/global/qconfig-bootstrapped.h
++++ b/src/corelib/global/qconfig-bootstrapped.h
+@@ -98,10 +98,18 @@
+ #define QT_NO_QOBJECT
+ #define QT_FEATURE_process -1
+ #define QT_FEATURE_regularexpression -1
+-#define QT_FEATURE_renameat2 -1
++#ifdef __GLIBC_PREREQ
++# define QT_FEATURE_renameat2 (__GLIBC_PREREQ(2, 28) ? 1 : -1)
++#else
++# define QT_FEATURE_renameat2 -1
++#endif
+ #define QT_FEATURE_sharedmemory -1
+ #define QT_FEATURE_slog2 -1
+-#define QT_FEATURE_statx -1
++#ifdef __GLIBC_PREREQ
++# define QT_FEATURE_statx (__GLIBC_PREREQ(2, 28) ? 1 : -1)
++#else
++# define QT_FEATURE_statx -1
++#endif
+ #define QT_FEATURE_syslog -1
+ #define QT_NO_SYSTEMLOCALE
+ #define QT_FEATURE_systemsemaphore -1
+diff --git a/src/corelib/io/qfilesystemengine_unix.cpp b/src/corelib/io/qfilesystemengine_unix.cpp
+index 0c9cdb8667..deb4a9f220 100644
+--- a/src/corelib/io/qfilesystemengine_unix.cpp
++++ b/src/corelib/io/qfilesystemengine_unix.cpp
+@@ -91,7 +91,6 @@ extern "C" NSString *NSTemporaryDirectory();
+ # include <sys/syscall.h>
+ # include <sys/sendfile.h>
+ # include <linux/fs.h>
+-# include <linux/stat.h>
+
+ // in case linux/fs.h is too old and doesn't define it:
+ #ifndef FICLONE
+@@ -112,6 +111,7 @@ static int renameat2(int oldfd, const char *oldpath, int newfd, const char *newp
+ # endif
+
+ # if !QT_CONFIG(statx) && defined(SYS_statx)
++# include <linux/stat.h>
+ static int statx(int dirfd, const char *pathname, int flag, unsigned mask, struct statx *statxbuf)
+ { return syscall(SYS_statx, dirfd, pathname, flag, mask, statxbuf); }
+ # elif !QT_CONFIG(statx) && !defined(SYS_statx)
diff --git a/gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch b/gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch
new file mode 100644
index 0000000000..561763dabe
--- /dev/null
+++ b/gnu/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch
@@ -0,0 +1,36 @@
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Sun, 26 Aug 2018 17:24:42 +0200
+Subject: [PATCH] snappy: Add O2 flag in CmakeLists.txt.
+
+Use ‘-O2’ optimisation when building with CMake, as is already done when
+using the Makefile. This patch was copied verbatim from the Snappy
+mailing list[0].
+
+[0]: <snappy-compression@googlegroups.com>
+
+From 903c72fb29b2db07b4abc38a5feb83d88f739d80 Mon Sep 17 00:00:00 2001
+From: huangwenjun <huangwenjun-hf@loongson.cn>
+Date: Fri, 10 Aug 2018 17:17:35 +0800
+Subject: [PATCH] Add O2 optimize flag in CmakeLists.txt.
+
+---
+ CMakeLists.txt | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 62ecd09..29e0cdc 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -6,6 +6,9 @@ set(CMAKE_CXX_STANDARD 11)
+ set(CMAKE_CXX_STANDARD_REQUIRED ON)
+ set(CMAKE_CXX_EXTENSIONS OFF)
+
++SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2")
++SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2")
++
+ # BUILD_SHARED_LIBS is a standard CMake variable, but we declare it here to make
+ # it prominent in the GUI.
+ option(BUILD_SHARED_LIBS "Build shared libraries(DLLs)." OFF)
+--
+2.1.0
+
diff --git a/gnu/packages/patches/swig-guile-gc.patch b/gnu/packages/patches/swig-guile-gc.patch
new file mode 100644
index 0000000000..0e745a6247
--- /dev/null
+++ b/gnu/packages/patches/swig-guile-gc.patch
@@ -0,0 +1,76 @@
+Fix garbage collection for Guile versions >= 2.0.12. This issue showed
+up when running the tests on i686-linux.
+
+Taken from this upstream commit:
+https://github.com/swig/swig/commit/38f2ab0c30e369e63bbd0a6152108488d0de68e1
+
+diff --git a/Lib/guile/guile_scm_run.swg b/Lib/guile/guile_scm_run.swg
+index 274f197158..0d04cb7c62 100644
+--- a/Lib/guile/guile_scm_run.swg
++++ b/Lib/guile/guile_scm_run.swg
+@@ -99,6 +99,7 @@ SWIG_Guile_scm2newstr(SCM str, size_t *len) {
+ static int swig_initialized = 0;
+ static scm_t_bits swig_tag = 0;
+ static scm_t_bits swig_collectable_tag = 0;
++static scm_t_bits swig_finalized_tag = 0;
+ static scm_t_bits swig_destroyed_tag = 0;
+ static scm_t_bits swig_member_function_tag = 0;
+ static SCM swig_make_func = SCM_EOL;
+@@ -163,7 +164,19 @@ SWIG_Guile_PointerType(SCM object)
+ }
+ else scm_wrong_type_arg("SWIG-Guile-PointerType", 1, object);
+ }
+-
++
++SWIGINTERN int
++SWIG_Guile_IsValidSmob(SCM smob)
++{
++ /* We do not accept smobs representing destroyed pointers, but we have to
++ allow finalized smobs because Guile >= 2.0.12 sets all smob instances
++ to the 'finalized' type before calling their 'free' function. This change
++ was introduced to Guile in commit 8dff3af087c6eaa83ae0d72aa8b22aef5c65d65d */
++ return SCM_SMOB_PREDICATE(swig_tag, smob)
++ || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)
++ || SCM_SMOB_PREDICATE(swig_finalized_tag, smob);
++}
++
+ SWIGINTERN int
+ SWIG_Guile_ConvertPtr(SCM s, void **result, swig_type_info *type, int flags)
+ {
+@@ -179,8 +192,7 @@ SWIG_Guile_ConvertPtr(SCM s, void **result, swig_type_info *type, int flags)
+ *result = SCM_POINTER_VALUE(s);
+ return SWIG_OK;
+ #endif /* if SCM_MAJOR_VERSION >= 2 */
+- } else if (SCM_SMOB_PREDICATE(swig_tag, smob) || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)) {
+- /* we do not accept smobs representing destroyed pointers */
++ } else if (SWIG_Guile_IsValidSmob(smob)) {
+ from = (swig_type_info *) SCM_CELL_WORD_2(smob);
+ if (!from) return SWIG_ERROR;
+ if (type) {
+@@ -239,7 +251,7 @@ SWIG_Guile_MarkPointerNoncollectable(SCM s)
+ {
+ SCM smob = SWIG_Guile_GetSmob(s);
+ if (!SCM_NULLP(smob)) {
+- if (SCM_SMOB_PREDICATE(swig_tag, smob) || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)) {
++ if (SWIG_Guile_IsValidSmob(smob)) {
+ SCM_SET_CELL_TYPE(smob, swig_tag);
+ }
+ else scm_wrong_type_arg(NULL, 0, s);
+@@ -252,7 +264,7 @@ SWIG_Guile_MarkPointerDestroyed(SCM s)
+ {
+ SCM smob = SWIG_Guile_GetSmob(s);
+ if (!SCM_NULLP(smob)) {
+- if (SCM_SMOB_PREDICATE(swig_tag, smob) || SCM_SMOB_PREDICATE(swig_collectable_tag, smob)) {
++ if (SWIG_Guile_IsValidSmob(smob)) {
+ SCM_SET_CELL_TYPE(smob, swig_destroyed_tag);
+ }
+ else scm_wrong_type_arg(NULL, 0, s);
+@@ -419,6 +431,8 @@ SWIG_Guile_Init ()
+ scm_set_smob_print(swig_collectable_tag, print_collectable_swig);
+ scm_set_smob_equalp(swig_collectable_tag, equalp_swig);
+ scm_set_smob_free(swig_collectable_tag, free_swig);
++ /* For Guile >= 2.0.12. See libguile/smob.c:clear_smobnum */
++ swig_finalized_tag = swig_collectable_tag & ~0xff00;
+ }
+ if (ensure_smob_tag(swig_module, &swig_destroyed_tag,
+ "destroyed-swig-pointer", "destroyed-swig-pointer-tag")) {
diff --git a/gnu/packages/patches/texinfo-5-perl-compat.patch b/gnu/packages/patches/texinfo-5-perl-compat.patch
new file mode 100644
index 0000000000..f16d6b4da8
--- /dev/null
+++ b/gnu/packages/patches/texinfo-5-perl-compat.patch
@@ -0,0 +1,19 @@
+Fix a deprecation warning with newer Perl that breaks some tests.
+
+--- a/tp/Texinfo/Parser.pm
++++ b/tp/Texinfo/Parser.pm
+@@ -5438,12 +5438,12 @@
+ }
+ } elsif ($command eq 'clickstyle') {
+ # REMACRO
+- if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*/) {
++ if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*/) {
+ $args = ['@'.$1];
+ $self->{'clickstyle'} = $1
+ unless(_ignore_global_commands($self));
+ $remaining = $line;
+- $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
++ $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
+ $has_comment = 1 if (defined($4));
+ } else {
+ $self->line_error (sprintf($self->__(
diff --git a/gnu/packages/patches/texinfo-perl-compat.patch b/gnu/packages/patches/texinfo-perl-compat.patch
new file mode 100644
index 0000000000..a7348fde0d
--- /dev/null
+++ b/gnu/packages/patches/texinfo-perl-compat.patch
@@ -0,0 +1,51 @@
+Fix compatibility with newer Perls.
+
+The first patch is taken from upstream:
+https://svn.savannah.gnu.org/viewvc/texinfo?view=revision&revision=8008
+
+The second gets rid of a deprecation warning that breaks some tests.
+Taken from Fedora: <https://bugzilla.redhat.com/show_bug.cgi?id=1590308>.
+
+--- trunk/tp/Texinfo/Convert/XSParagraph/xspara.c 2017/04/30 14:57:26 7765
++++ trunk/tp/Texinfo/Convert/XSParagraph/xspara.c 2018/07/13 15:39:29 8008
+@@ -248,6 +248,11 @@
+
+ dTHX;
+
++#if PERL_VERSION > 27 || (PERL_VERSION == 27 && PERL_SUBVERSION > 8)
++ /* needed due to thread-safe locale handling in newer perls */
++ switch_to_global_locale();
++#endif
++
+ if (setlocale (LC_CTYPE, "en_US.UTF-8")
+ || setlocale (LC_CTYPE, "en_US.utf8"))
+ goto success;
+@@ -320,6 +325,10 @@
+ {
+ success: ;
+ free (utf8_locale);
++#if PERL_VERSION > 27 || (PERL_VERSION == 27 && PERL_SUBVERSION > 8)
++ /* needed due to thread-safe locale handling in newer perls */
++ sync_locale();
++#endif
+ /*
+ fprintf (stderr, "tried to set LC_CTYPE to UTF-8.\n");
+ fprintf (stderr, "character encoding is: %s\n",
+
+diff -up texinfo-6.5/tp/Texinfo/Parser.pm.orig texinfo-6.5/tp/Texinfo/Parser.pm
+--- texinfo-6.5/tp/Texinfo/Parser.pm.orig 2018-06-12 13:40:29.356030136 +0200
++++ texinfo-6.5/tp/Texinfo/Parser.pm 2018-06-12 13:41:28.357725639 +0200
+@@ -5478,11 +5478,11 @@ sub _parse_special_misc_command($$$$)
+ }
+ } elsif ($command eq 'clickstyle') {
+ # REMACRO
+- if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*/) {
++ if ($line =~ /^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*/) {
+ $args = ['@'.$1];
+ $self->{'clickstyle'} = $1;
+ $remaining = $line;
+- $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)({})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
++ $remaining =~ s/^\s+@([[:alnum:]][[:alnum:]\-]*)(\{})?\s*(\@(c|comment)((\@|\s+).*)?)?//;
+ $has_comment = 1 if (defined($4));
+ } else {
+ $self->line_error (sprintf($self->__(