diff options
Diffstat (limited to 'gnu')
73 files changed, 1986 insertions, 1692 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 925d955a66..158d157395 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -606,8 +606,6 @@ dist_patch_DATA = \ %D%/packages/patches/blender-newer-ffmpeg.patch \ %D%/packages/patches/boost-fix-icu-build.patch \ %D%/packages/patches/byobu-writable-status.patch \ - %D%/packages/patches/cairo-CVE-2016-9082.patch \ - %D%/packages/patches/cairo-setjmp-wrapper.patch \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/calibre-use-packaged-feedparser.patch \ %D%/packages/patches/casync-renameat2-declaration.patch \ @@ -649,7 +647,6 @@ dist_patch_DATA = \ %D%/packages/patches/cube-nocheck.patch \ %D%/packages/patches/cursynth-wave-rand.patch \ %D%/packages/patches/cvs-2017-12836.patch \ - %D%/packages/patches/cyrus-sasl-CVE-2013-4122.patch \ %D%/packages/patches/dbus-helper-search-path.patch \ %D%/packages/patches/deja-dup-use-ref-keyword-for-iter.patch \ %D%/packages/patches/dfu-programmer-fix-libusb.patch \ @@ -662,6 +659,7 @@ dist_patch_DATA = \ %D%/packages/patches/doxygen-test.patch \ %D%/packages/patches/dropbear-CVE-2018-15599.patch \ %D%/packages/patches/dvd+rw-tools-add-include.patch \ + %D%/packages/patches/efl-mesa-compat.patch \ %D%/packages/patches/elfutils-tests-ptrace.patch \ %D%/packages/patches/einstein-build.patch \ %D%/packages/patches/emacs-exec-path.patch \ @@ -739,14 +737,12 @@ dist_patch_DATA = \ %D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \ %D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \ %D%/packages/patches/ghc-haddock-library-unbundle.patch \ - %D%/packages/patches/ghostscript-CVE-2018-16509.patch \ - %D%/packages/patches/ghostscript-bug-699708.patch \ %D%/packages/patches/ghostscript-no-header-id.patch \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ %D%/packages/patches/giflib-make-reallocarray-private.patch \ - %D%/packages/patches/glib-networking-ssl-cert-file.patch \ %D%/packages/patches/glib-tests-timer.patch \ + %D%/packages/patches/glib-networking-connection.patch \ %D%/packages/patches/glibc-CVE-2015-5180.patch \ %D%/packages/patches/glibc-CVE-2015-7547.patch \ %D%/packages/patches/glibc-CVE-2016-3075.patch \ @@ -777,7 +773,6 @@ dist_patch_DATA = \ %D%/packages/patches/gnucash-price-quotes-perl.patch \ %D%/packages/patches/gnucash-disable-failing-tests.patch \ %D%/packages/patches/gnutls-skip-trust-store-test.patch \ - %D%/packages/patches/gnutls-skip-pkgconfig-test.patch \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ @@ -832,6 +827,7 @@ dist_patch_DATA = \ %D%/packages/patches/icedtea-7-hotspot-gcc-segfault-workaround.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ + %D%/packages/patches/inkscape-poppler-compat3.patch \ %D%/packages/patches/intltool-perl-compatibility.patch \ %D%/packages/patches/irrlicht-use-system-libs.patch \ %D%/packages/patches/isl-0.11.1-aarch64-support.patch \ @@ -846,7 +842,6 @@ dist_patch_DATA = \ %D%/packages/patches/java-xerces-build_dont_unzip.patch \ %D%/packages/patches/java-xerces-xjavac_taskdef.patch \ %D%/packages/patches/jbig2dec-ignore-testtest.patch \ - %D%/packages/patches/json-glib-fix-tests-32bit.patch \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/khmer-use-libraries.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ @@ -916,10 +911,6 @@ dist_patch_DATA = \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ - %D%/packages/patches/libtiff-CVE-2017-9935.patch \ - %D%/packages/patches/libtiff-CVE-2017-18013.patch \ - %D%/packages/patches/libtiff-CVE-2018-8905.patch \ - %D%/packages/patches/libtiff-CVE-2018-10963.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libusb-0.1-disable-tests.patch \ %D%/packages/patches/libusb-for-axoloti.patch \ @@ -1055,6 +1046,7 @@ dist_patch_DATA = \ %D%/packages/patches/pinball-src-deps.patch \ %D%/packages/patches/pinball-system-ltdl.patch \ %D%/packages/patches/pinentry-efl.patch \ + %D%/packages/patches/pingus-boost-headers.patch \ %D%/packages/patches/pingus-sdl-libs-config.patch \ %D%/packages/patches/pius.patch \ %D%/packages/patches/pixman-CVE-2016-5296.patch \ @@ -1063,9 +1055,9 @@ dist_patch_DATA = \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ %D%/packages/patches/podofo-cmake-3.12.patch \ %D%/packages/patches/polkit-CVE-2018-19788.patch \ - %D%/packages/patches/poppler-CVE-2018-19149.patch \ %D%/packages/patches/portaudio-audacity-compat.patch \ %D%/packages/patches/portmidi-modular-build.patch \ + %D%/packages/patches/postgresql-disable-resolve_symlinks.patch \ %D%/packages/patches/potrace-tests.patch \ %D%/packages/patches/procmail-ambiguous-getline-debian.patch \ %D%/packages/patches/procmail-CVE-2014-3618.patch \ @@ -1167,6 +1159,7 @@ dist_patch_DATA = \ %D%/packages/patches/soundconverter-remove-gconf-dependency.patch \ %D%/packages/patches/soundtouch-CVE-2018-14044-14045.patch \ %D%/packages/patches/soundtouch-CVE-2018-1000223.patch \ + %D%/packages/patches/sssd-curl-compat.patch \ %D%/packages/patches/steghide-fixes.patch \ %D%/packages/patches/superlu-dist-scotchmetis.patch \ %D%/packages/patches/swig-guile-gc.patch \ @@ -1186,6 +1179,9 @@ dist_patch_DATA = \ %D%/packages/patches/teeworlds-use-latest-wavpack.patch \ %D%/packages/patches/texinfo-perl-compat.patch \ %D%/packages/patches/texinfo-5-perl-compat.patch \ + %D%/packages/patches/texlive-bin-luatex-poppler-compat.patch \ + %D%/packages/patches/texlive-bin-pdftex-poppler-compat.patch \ + %D%/packages/patches/texlive-bin-xetex-poppler-compat.patch \ %D%/packages/patches/telegram-purple-adjust-test.patch \ %D%/packages/patches/texi2html-document-encoding.patch \ %D%/packages/patches/texi2html-i18n.patch \ @@ -1272,8 +1268,7 @@ dist_patch_DATA = \ %D%/packages/patches/xfce4-settings-defaults.patch \ %D%/packages/patches/xinetd-fix-fd-leak.patch \ %D%/packages/patches/xinetd-CVE-2013-4342.patch \ - %D%/packages/patches/xmodmap-asprintf.patch \ - %D%/packages/patches/zathura-plugindir-environment-variable.patch + %D%/packages/patches/xmodmap-asprintf.patch MISC_DISTRO_FILES = \ %D%/packages/ld-wrapper.in diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index d47dd90f56..0b24806d92 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -2298,7 +2298,7 @@ external_libraries/yaml-cpp/include)")) ("eudev" ,eudev) ;for user interactions with devices ("avahi" ,avahi) ;zeroconf service discovery support ("icu4c" ,icu4c) - ("boost" ,boost-cxx14) + ("boost" ,boost) ("boost-sync" ,boost-sync) ("yaml-cpp" ,yaml-cpp))) (home-page "https://github.com/supercollider/supercollider") diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index e79d2a987b..0fed144059 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -1111,7 +1111,7 @@ command.") (define-public tzdata (package (name "tzdata") - (version "2018e") + (version "2018g") (source (origin (method url-fetch) (uri (string-append @@ -1119,7 +1119,7 @@ command.") version ".tar.gz")) (sha256 (base32 - "0bk97fv2i5ns42prpmlaadsswdjwv0ifi7whj2s4q6l44rcqwa3b")))) + "05kayi3w9pvhj6ljx1hvwd0r8mxfzn436fjmwhx53xkj919xxpq2")))) (build-system gnu-build-system) (arguments '(#:tests? #f @@ -1169,7 +1169,7 @@ command.") version ".tar.gz")) (sha256 (base32 - "1kpb02631s58i068mwq63xlamcv1ffj4p6y4wpb9kdl01vr0qd6a")))))) + "09y44fzcdq3c06saa8iqqa0a59cyw6ni3p31ps0j1w3hcpxz8lxa")))))) (home-page "https://www.iana.org/time-zones") (synopsis "Database of current and historical time zones") (description "The Time Zone Database (often called tz or zoneinfo) @@ -1187,23 +1187,7 @@ and daylight-saving rules.") (define-public tzdata-for-tests (hidden-package (package - (inherit tzdata) - (version "2018d") - (source (origin - (method url-fetch) - (uri (string-append "https://www.iana.org/time-zones/repository" - "/releases/tzdata" version ".tar.gz")) - (sha256 - (base32 - "0m6020dnk9r40z7k36jp13fa06xip3hn0fdx3nly66jzxgffs1ji")))) - (inputs `(("tzcode" ,(origin - (method url-fetch) - (uri (string-append - "http://www.iana.org/time-zones/repository/releases/tzcode" - version ".tar.gz")) - (sha256 - (base32 - "1nd882yhsazmcfqmcqyfig3axycryl30gmizgqhqsx5dpa2lxr3x"))))))))) + (inherit tzdata)))) (define-public libiconv (package diff --git a/gnu/packages/boost.scm b/gnu/packages/boost.scm index f9108b3ad6..2fab703ed2 100644 --- a/gnu/packages/boost.scm +++ b/gnu/packages/boost.scm @@ -45,16 +45,19 @@ (define-public boost (package (name "boost") - (version "1.68.0") + (version "1.69.0") (source (origin (method url-fetch) - (uri (string-append - "mirror://sourceforge/boost/boost/" version "/boost_" - (string-map (lambda (x) (if (eq? x #\.) #\_ x)) version) - ".tar.bz2")) + (uri (let ((version-with-underscores + (string-map (lambda (x) (if (eq? x #\.) #\_ x)) version))) + (list (string-append "mirror://sourceforge/boost/boost/" version + "/boost_" version-with-underscores ".tar.bz2") + (string-append "https://dl.bintray.com/boostorg/release/" + version "/source/boost_" + version-with-underscores ".tar.bz2")))) (sha256 (base32 - "1dyqsr9yb01y0nnjdq9b8q5s2kvhxbayk34832k5cpzn7jy30qbz")) + "01j4n142dz20lcgqji8d8hspp04p1nv7m8i6dz8w5lchfdhx8clg")) (patches (search-patches "boost-fix-icu-build.patch")))) (build-system gnu-build-system) (inputs `(("icu4c" ,icu4c) @@ -67,6 +70,7 @@ `(#:tests? #f #:make-flags (list "threading=multi" "link=shared" + "cxxflags=-std=c++14" ;; Set the RUNPATH to $libdir so that the libs find each other. (string-append "linkflags=-Wl,-rpath=" @@ -122,16 +126,6 @@ across a broad spectrum of applications.") (license (license:x11-style "https://www.boost.org/LICENSE_1_0.txt" "Some components have other similar licences.")))) -;; Some programs need Boost to be built with C++14 support. -(define-public boost-cxx14 - (package (inherit boost) - (arguments - (substitute-keyword-arguments (package-arguments boost) - ((#:make-flags flags) - `(append ,flags - '("cxxflags=-std=c++14"))))) - (properties '((hidden? . #t))))) - (define-public boost-for-mysql ;; Older version for MySQL 5.7.23. (package diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm index a34e7ebff4..628b36fff5 100644 --- a/gnu/packages/build-tools.scm +++ b/gnu/packages/build-tools.scm @@ -158,7 +158,7 @@ files and generates build instructions for the Ninja build system.") (define-public meson (package (name "meson") - (version "0.47.2") + (version "0.49.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/mesonbuild/meson/" @@ -166,7 +166,7 @@ files and generates build instructions for the Ninja build system.") version ".tar.gz")) (sha256 (base32 - "1swmycf6p9p0ag6yiywyyri42ffkxxj38r2ic7in24km47cszn4j")))) + "0l8m1v7cl5ybm7psfqmmdqbvmnsbb1qhb8ni3hwap3i0mk29a0zv")))) (build-system python-build-system) (arguments `(;; FIXME: Tests require many additional inputs, a fix for the RUNPATH diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index 6af6877423..bb66d27026 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -76,7 +76,7 @@ (define-public nss-certs (package (name "nss-certs") - (version "3.39") + (version "3.41") (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -87,7 +87,7 @@ "nss-" version ".tar.gz"))) (sha256 (base32 - "0jw6qlfl2g47hhx056nvnj6h92bk3sn46hy3ig61a911dzblvrkb")))) + "0bbif42fzz5gk451sv3yphdrl7m4p6zgk5jk0307j06xs3sihbmb")))) (build-system gnu-build-system) (outputs '("out")) (native-inputs diff --git a/gnu/packages/cmake.scm b/gnu/packages/cmake.scm index 5abf087557..7186cf98df 100644 --- a/gnu/packages/cmake.scm +++ b/gnu/packages/cmake.scm @@ -44,7 +44,7 @@ (define-public cmake (package (name "cmake") - (version "3.12.2") + (version "3.13.1") (source (origin (method url-fetch) (uri (string-append "https://www.cmake.org/files/v" @@ -52,7 +52,7 @@ "/cmake-" version ".tar.gz")) (sha256 (base32 - "19410mxgcyvk5q42phaclb1hz6rl08z4yj8iriq706p5k5bli5qg")) + "04123d7fgnn1fs5p0nwyq397ss89r0y4wkg9a09qiwkjsvk1rzmy")) (modules '((guix build utils))) (snippet '(begin diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index e8a50c676c..c87ccda304 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -796,13 +796,13 @@ writing of compressed data created with the zlib and bzip2 libraries.") (version "1.8.1.2") (source (origin - (method url-fetch) - (uri (string-append "https://github.com/lz4/lz4/archive/" - "v" version ".tar.gz")) + (method git-fetch) + (uri (git-reference (url "https://github.com/lz4/lz4") + (commit (string-append "v" version)))) (sha256 (base32 - "1y93h6dyi3026gvpzdv310ldcylnnhwf32n75mdjf8x9fvkskwqj")) - (file-name (string-append name "-" version ".tar.gz")))) + "1jggv4lvfav53advnj0pwqgxzn868lrj8dc9zp73iwvqlj82mhmx")) + (file-name (git-file-name name version)))) (build-system gnu-build-system) (native-inputs `(("valgrind" ,valgrind))) ; for tests (arguments @@ -2263,7 +2263,7 @@ single-member files which can't be decompressed in parallel.") (build-system cmake-build-system) (arguments `(#:tests? #f)) ;; No tests available. - (inputs `(("boost" ,boost-cxx14) + (inputs `(("boost" ,boost) ("libiconv" ,libiconv) ("xz" ,xz))) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/cups.scm b/gnu/packages/cups.scm index 4343910d59..5eb66feed5 100644 --- a/gnu/packages/cups.scm +++ b/gnu/packages/cups.scm @@ -53,7 +53,7 @@ (define-public cups-filters (package (name "cups-filters") - (version "1.21.0") + (version "1.21.5") (source(origin (method url-fetch) (uri @@ -61,7 +61,7 @@ "cups-filters-" version ".tar.xz")) (sha256 (base32 - "0fs90xx9i4h8gbpligf5kkh21llv4kf5g3bgfbx4z272xkm7bsfi")) + "0azq9j7kqy18g6vgmvrbw8i4mcqdp3cbgh7q79x1b8p92w4si6rq")) (modules '((guix build utils))) (snippet ;; install backends, banners and filters to cups-filters output @@ -176,7 +176,7 @@ filters for the PDF-centric printing workflow introduced by OpenPrinting.") (define-public cups-minimal (package (name "cups-minimal") - (version "2.2.8") + (version "2.2.10") (source (origin (method url-fetch) @@ -184,7 +184,7 @@ filters for the PDF-centric printing workflow introduced by OpenPrinting.") version "/cups-" version "-source.tar.gz")) (sha256 (base32 - "1r7r7b3nqpzc1a9dczqpj2mr8rkcwf01676v11sp4j7w4qfzqs1r")))) + "1fq52aw1mini3ld2czv5gg37wbbvh4n7yc7wzzxvbs3zpfrv5j3p")))) (build-system gnu-build-system) (arguments `(#:configure-flags diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index 61313af7d2..24180e0073 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -50,15 +50,14 @@ (define-public curl (package (name "curl") - (version "7.61.1") - (replacement curl-7.62.0) + (version "7.63.0") (source (origin (method url-fetch) (uri (string-append "https://curl.haxx.se/download/curl-" version ".tar.xz")) (sha256 (base32 - "148qv1f32290r9pwg07mccawihz4srznkzsdwdl2xllvlgb16n9x")))) + "1i38v49233jirzlfqd8fy6jyf80assa953hk7w6qmysbg562604n")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.2 MiB of man3 pages @@ -142,19 +141,6 @@ tunneling, and so on.") "See COPYING in the distribution.")) (home-page "https://curl.haxx.se/"))) -(define-public curl-7.62.0 - (package - (inherit curl) - (version "7.62.0") - (source - (origin - (method url-fetch) - (uri (string-append "https://curl.haxx.se/download/curl-" - version ".tar.xz")) - (sha256 - (base32 - "1hbm29r3pirhn4gkcnd94ylc4jzgn3v3v7qbay9awxg7bwx69dfs")))))) - (define-public kurly (package (name "kurly") diff --git a/gnu/packages/cyrus-sasl.scm b/gnu/packages/cyrus-sasl.scm index 60c1e0ef94..0a5e464719 100644 --- a/gnu/packages/cyrus-sasl.scm +++ b/gnu/packages/cyrus-sasl.scm @@ -31,7 +31,7 @@ (define-public cyrus-sasl (package (name "cyrus-sasl") - (version "2.1.26") + (version "2.1.27") (source (origin (method url-fetch) (uri (list (string-append @@ -40,13 +40,14 @@ (string-append "ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-" version ".tar.gz"))) - (patches (search-patches "cyrus-sasl-CVE-2013-4122.patch")) (sha256 (base32 - "1hvvbcsg21nlncbgs0cgn3iwlnb3vannzwsp6rwvnn9ba4v53g4g")))) + "1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6")))) (build-system gnu-build-system) (inputs `(("gdbm" ,gdbm) - ("mit-krb5" ,mit-krb5) ("openssl" ,openssl))) + (propagated-inputs + `(;; cyrus-sasl.pc refers to -lkrb5, so propagate it. + ("mit-krb5" ,mit-krb5))) (arguments '(#:configure-flags (list (string-append "--with-plugindir=" (assoc-ref %outputs "out") diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 07c6006c3b..551b1bb9c6 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -18,7 +18,7 @@ ;;; Copyright © 2016 Andy Patterson <ajpatter@uwaterloo.ca> ;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org> ;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com> -;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu> +;;; Copyright © 2017, 2018 Julien Lepiller <julien@lepiller.eu> ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be> ;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org> ;;; Copyright © 2017 Adriano Peluso <catonano@gmail.com> @@ -811,7 +811,8 @@ as a drop-in replacement of MySQL.") version "/postgresql-" version ".tar.bz2")) (sha256 (base32 - "0jv26y3f10svrjxzsgqxg956c86b664azyk2wppzpa5x11pjga38")))) + "0jv26y3f10svrjxzsgqxg956c86b664azyk2wppzpa5x11pjga38")) + (patches (search-patches "postgresql-disable-resolve_symlinks.patch")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-uuid=e2fs") diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 35d59fe8f1..21a7c5a34e 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -1636,7 +1636,15 @@ filters, new key bindings and faces. It can be enabled by (sha256 (base32 "1i4647vax5na73basc5dz4lh9kprir00fh8ps4i0l1y3ippnjs2s")) - (patches (search-patches "emacs-pdf-tools-poppler.patch")))) + (patches (search-patches "emacs-pdf-tools-poppler.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; In addition to the above patch, we need this additional + ;; provision for compatibility with Poppler 0.72: + (substitute* "server/poppler-hack.cc" + (("getCString") "c_str")) + #t)))) (build-system gnu-build-system) (arguments `(#:tests? #f ; there are no tests diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index e1e5cb5821..20f842c9a6 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -70,6 +70,7 @@ (uri (string-append "https://download.enlightenment.org/rel/libs/efl/efl-" version ".tar.xz")) + (patches (search-patches "efl-mesa-compat.patch")) (sha256 (base32 "0a5907h896pvpix7a6idc2fspzy6d78xrzf84k8y9fyvnd14nxs4")))) diff --git a/gnu/packages/freedesktop.scm b/gnu/packages/freedesktop.scm index 8982c0ec35..536895cba8 100644 --- a/gnu/packages/freedesktop.scm +++ b/gnu/packages/freedesktop.scm @@ -147,14 +147,14 @@ freedesktop.org project.") (define-public libinput (package (name "libinput") - (version "1.12.1") + (version "1.12.3") (source (origin (method url-fetch) (uri (string-append "https://freedesktop.org/software/libinput/" name "-" version ".tar.xz")) (sha256 (base32 - "14l6bvgq76ls63qc9c448r435q9xiig0rv8ilx6rnjvlgg64h32p")))) + "0mg2zqbjcgj0aq7d9nwawvyhx43vakilahrc83hrfyif3a3gyrpj")))) (build-system meson-build-system) (arguments `(#:configure-flags '("-Ddocumentation=false"))) @@ -432,7 +432,7 @@ applications, X servers (rootless or fullscreen) or other display servers.") (define-public wayland-protocols (package (name "wayland-protocols") - (version "1.15") + (version "1.17") (source (origin (method url-fetch) (uri (string-append @@ -440,7 +440,7 @@ applications, X servers (rootless or fullscreen) or other display servers.") "wayland-protocols-" version ".tar.xz")) (sha256 (base32 - "1qlyf9cllr2p339xxplznh023qcwj5iisp02ikx7ps349dx75fys")))) + "0bw1sqixqk2a7mqw630cs4dlgcp5yib90vyikzm3lr05jz7ij4yz")))) (build-system gnu-build-system) (inputs `(("wayland" ,wayland))) @@ -763,7 +763,7 @@ which speak the Mobile Interface Broadband Model (MBIM) protocol.") (define-public libqmi (package (name "libqmi") - (version "1.20.0") + (version "1.20.2") (source (origin (method url-fetch) (uri (string-append @@ -771,7 +771,7 @@ which speak the Mobile Interface Broadband Model (MBIM) protocol.") name "-" version ".tar.xz")) (sha256 (base32 - "1d3fca477sdwbv4bsq1cl98qc8sixrzp0gqjcmjj8mlwfk9qqhi1")))) + "0i6aw8jyxv84d5x8lj2g9lb8xxf1dyad8n3q0kw164pyig55jd67")))) (build-system gnu-build-system) (inputs `(("libgudev" ,libgudev))) diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 80d48dbe56..7896c9c3f4 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -1283,14 +1283,16 @@ fight Morgoth, the Lord of Darkness.") (version "0.7.6") (source (origin - (method url-fetch) - (uri (string-append "https://github.com/Pingus/pingus/archive/v" - version ".tar.gz")) - (file-name (string-append name "-" version ".tar.gz")) + (method git-fetch) + (uri (git-reference + (url "https://github.com/Pingus/pingus.git") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) (sha256 (base32 - "0r9v6as5vi7skvvy7b0fcaimhdlzmik64pyy68plgljhsghqkkf4")) - (patches (search-patches "pingus-sdl-libs-config.patch")))) + "0wp06kcmknsnxz7bjnsndb8x062z7r23fb3yrnbfnj68qhz18y74")) + (patches (search-patches "pingus-boost-headers.patch" + "pingus-sdl-libs-config.patch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("scons-python2" ,scons-python2))) @@ -2051,6 +2053,13 @@ This game is based on the GPL version of the famous game TuxRacer.") "-DCMAKE_C_FLAGS=-fpermissive") #:phases (modify-phases %standard-phases + ;; see https://github.com/supertuxkart/stk-code/issues/3557 + (add-after 'unpack 'patch-for-mesa-18.3 + (lambda _ + (substitute* "src/graphics/gl_headers.hpp" + (("#if !defined\\(USE_GLES2\\)") + "#if !defined(USE_GLES2)\n# define __gl_glext_h_")) + #t)) (add-after 'unpack 'unbundle (lambda* (#:key inputs #:allow-other-keys) (substitute* "CMakeLists.txt" diff --git a/gnu/packages/geo.scm b/gnu/packages/geo.scm index fa2b259d7c..26f566a18b 100644 --- a/gnu/packages/geo.scm +++ b/gnu/packages/geo.scm @@ -753,7 +753,8 @@ utilities for data translation and processing.") (synopsis "Spatial database extender for PostgreSQL") (description "PostGIS is a spatial database extender for PostgreSQL object-relational database. It adds support for geographic objects allowing -location queries to be run in SQL.") +location queries to be run in SQL. This package provides a PostgreSQL +extension.") (license (list ;; General license license:gpl2+ diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index b46451d94e..d8c0050513 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -135,7 +135,7 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package (name "ghostscript") - (version "9.24") + (version "9.26") (source (origin (method url-fetch) @@ -145,10 +145,8 @@ printing, and psresize, for adjusting page sizes.") "/ghostscript-" version ".tar.xz")) (sha256 (base32 - "1mk922rnml93w2g42yxiyn8xqanc50cm65irrgh0b6lp4kgifjfl")) - (patches (search-patches "ghostscript-CVE-2018-16509.patch" - "ghostscript-bug-699708.patch" - "ghostscript-no-header-creationdate.patch" + "1645f47all5w27bfhiq15vycdm954lmr6agqkrp68ksq6xglgvch")) + (patches (search-patches "ghostscript-no-header-creationdate.patch" "ghostscript-no-header-id.patch" "ghostscript-no-header-uuid.patch")) (modules '((guix build utils))) diff --git a/gnu/packages/gl.scm b/gnu/packages/gl.scm index d7c112928f..2c64b0bc9c 100644 --- a/gnu/packages/gl.scm +++ b/gnu/packages/gl.scm @@ -53,6 +53,7 @@ #:use-module (guix build utils) #:use-module (guix build-system gnu) #:use-module (guix build-system cmake) + #:use-module (guix build-system meson) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix utils) @@ -220,7 +221,7 @@ also known as DXTn or DXTC) for Mesa.") (define-public mesa (package (name "mesa") - (version "18.1.8") + (version "18.3.1") (source (origin (method url-fetch) @@ -232,7 +233,7 @@ also known as DXTn or DXTC) for Mesa.") version "/mesa-" version ".tar.xz"))) (sha256 (base32 - "06y28hpynb8w1qagznr85ml48hf8264w4ji6cmvm2fy7x5zyc6xx")) + "0qyw9dj2p9n91qzc4ylck2an7ibssjvzi2bjcpv2ajk851yq47sv")) (patches (search-patches "mesa-skip-disk-cache-test.patch")))) (build-system gnu-build-system) @@ -252,11 +253,11 @@ also known as DXTn or DXTC) for Mesa.") ("libva" ,(force libva-without-mesa)) ("libxml2" ,libxml2) ;; TODO: Add 'libxml2-python' for OpenGL ES 1.1 and 2.0 support + ("libxrandr" ,libxrandr) ("libxvmc" ,libxvmc) ,@(match (%current-system) ((or "x86_64-linux" "i686-linux") - ;; FIXME: Change to 'llvm' in the next rebuild cycle. - `(("llvm" ,llvm-without-rtti))) + `(("llvm" ,llvm))) (_ `())) ("makedepend" ,makedepend) @@ -264,18 +265,15 @@ also known as DXTn or DXTC) for Mesa.") ("wayland-protocols" ,wayland-protocols))) (native-inputs `(("pkg-config" ,pkg-config) - ("python" ,python-2) - ("python2-mako" ,python2-mako) + ("python" ,python) + ("python-mako" ,python-mako) ("which" ,(@ (gnu packages base) which)))) (arguments `(#:configure-flags '(,@(match (%current-system) - ("armhf-linux" - ;; TODO: Add etnaviv,imx when libdrm supports etnaviv. - '("--with-gallium-drivers=freedreno,nouveau,r300,r600,swrast,tegra,vc4,virgl")) - ("aarch64-linux" + ((or "armhf-linux" "aarch64-linux") ;; TODO: Fix svga driver for aarch64 and armhf. - '("--with-gallium-drivers=freedreno,nouveau,pl111,r300,r600,swrast,tegra,vc4,virgl")) + '("--with-gallium-drivers=etnaviv,freedreno,imx,nouveau,pl111,r300,r600,swrast,tegra,v3d,vc4,virgl")) (_ '("--with-gallium-drivers=i915,nouveau,r300,r600,radeonsi,svga,swrast,virgl"))) ;; Enable various optional features. TODO: opencl requires libclc, @@ -290,9 +288,6 @@ also known as DXTn or DXTC) for Mesa.") "--enable-gles2" "--enable-gbm" "--enable-shared-glapi" - ;; Without floating point texture support, drivers such as Nouveau - ;; are stuck at OpenGL 2.1 instead of OpenGL 3.0+. - "--enable-texture-float" ;; Enable Vulkan on i686-linux and x86-64-linux. ,@(match (%current-system) @@ -457,14 +452,14 @@ glxgears, glxheads, and glxinfo.") (define-public glew (package (name "glew") - (version "2.0.0") + (version "2.1.0") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/glew/glew/" version "/glew-" version ".tgz")) (sha256 (base32 - "0r37fg2s1f0jrvwh6c8cz5x6v4wqmhq42qm15cs9qs349q5c6wn5")) + "159wk5dc0ykjbxvag5i1m2mhp23zkk6ra04l26y3jc3nwvkr3ph4")) (modules '((guix build utils))) (snippet '(begin @@ -547,7 +542,7 @@ OpenGL graphics API.") (define-public libepoxy (package (name "libepoxy") - (version "1.5.2") + (version "1.5.3") (source (origin (method url-fetch) (uri (string-append @@ -555,10 +550,11 @@ OpenGL graphics API.") version "/libepoxy-" version ".tar.xz")) (sha256 (base32 - "1n57xj5i6giw4mp5s59w1m9bm33sd6gjg7r00dzzvcwya6326mm9")))) + "0ga3qjv50x37my6pw5xr14g5n6z78hy5s8s06kays8c3ab2mha80")))) (arguments `(#:phases (modify-phases %standard-phases + (delete 'bootstrap) (add-before 'configure 'patch-paths (lambda* (#:key inputs #:allow-other-keys) @@ -570,7 +566,7 @@ OpenGL graphics API.") (("libGL.so.1") (string-append mesa "/lib/libGL.so.1")) (("libEGL.so.1") (string-append mesa "/lib/libEGL.so.1"))) #t)))))) - (build-system gnu-build-system) + (build-system meson-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("python" ,python))) diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm index cd9b48caff..dee349395d 100644 --- a/gnu/packages/glib.scm +++ b/gnu/packages/glib.scm @@ -79,7 +79,7 @@ (define dbus (package (name "dbus") - (version "1.12.10") + (version "1.12.12") (source (origin (method url-fetch) (uri (string-append @@ -87,7 +87,7 @@ version ".tar.gz")) (sha256 (base32 - "1xywijmgfad4m3cxp0b4l6kvypwc53ckmhwwzbrc6n32jwj3ssab")) + "1y7mxhkw2shd9mi9s62k81lz8npjkrafapr4fyfms7hs04kg4ilm")) (patches (search-patches "dbus-helper-search-path.patch")))) (build-system gnu-build-system) (arguments @@ -149,7 +149,7 @@ shared NFS home directories.") (define glib (package (name "glib") - (version "2.56.2") + (version "2.56.3") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" @@ -157,7 +157,7 @@ shared NFS home directories.") name "-" version ".tar.xz")) (sha256 (base32 - "12d738n1wpvrn39zvy9xazg5h6vzyiwsw8z1qibcj09mh4bbsjnn")) + "1cjcqz77m62zrx7224vl3f2cxwqf28r5xpqb2jy7av0vr2scb959")) (patches (search-patches "glib-tests-timer.patch")))) (build-system gnu-build-system) (outputs '("out" ; everything @@ -184,9 +184,6 @@ shared NFS home directories.") (modify-phases %standard-phases (add-before 'build 'pre-build (lambda* (#:key inputs outputs #:allow-other-keys) - ;; For building deterministic pyc files - (setenv "DETERMINISTIC_BUILD" "1") - ;; For tests/gdatetime.c. (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata") @@ -485,7 +482,7 @@ by GDBus included in Glib.") (define libsigc++ (package (name "libsigc++") - (version "2.10.0") + (version "2.10.1") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/libsigc++/" @@ -493,7 +490,7 @@ by GDBus included in Glib.") name "-" version ".tar.xz")) (sha256 (base32 - "10cd54l4zihss9qxfhd2iip2k7mr292k37i54r2cpgv0c8sdchzq")))) + "00v08km4wwzbh6vjxb21388wb9dm6g2xh14rgwabnv4c2wk5z8n9")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("m4" ,m4))) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 415398eeee..49872e6afe 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -360,12 +360,6 @@ formats like PNG, SVG, PDF and EPS.") (arguments '(#:phases (modify-phases %standard-phases - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") - #t)) (add-before 'check 'disable-failing-tests (lambda _ ;; The PicasaWeb API tests fail with gnome-online-accounts@3.24.2. @@ -2295,16 +2289,15 @@ configuration storage systems.") (define-public json-glib (package (name "json-glib") - (version "1.4.2") + (version "1.4.4") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" (version-major+minor version) "/" name "-" version ".tar.xz")) - (patches (search-patches "json-glib-fix-tests-32bit.patch")) (sha256 (base32 - "1j3dd2xj1l9fi12m1gpmfgf5p4c1w0i970m6k62k3is98yj0jxrd")))) + "0ixwyis47v5bkx6h8a1iqlw3638cxcv57ivxv4gw2gaig51my33j")))) (build-system meson-build-system) (native-inputs `(("gettext" ,gettext-minimal) @@ -2397,7 +2390,7 @@ library.") (define-public glib-networking (package (name "glib-networking") - (version "2.54.1") + (version "2.58.0") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/glib-networking/" @@ -2405,29 +2398,18 @@ library.") name "-" version ".tar.xz")) (sha256 (base32 - "0bq16m9nh3gcz9x2fvygr0iwxd2pxcbrm3lj3kihsnh1afv8g9za")) - (patches - (search-patches "glib-networking-ssl-cert-file.patch")))) - (build-system gnu-build-system) + "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx")) + (patches (search-patches "glib-networking-connection.patch")))) + (build-system meson-build-system) (arguments - `(#:configure-flags - '("--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt") - #:phases - (modify-phases %standard-phases - (add-before 'configure 'patch-giomoduledir - ;; Install GIO modules into $out/lib/gio/modules. - (lambda _ - (substitute* "configure" - (("GIO_MODULE_DIR=.*") - (string-append "GIO_MODULE_DIR=" %output - "/lib/gio/modules\n"))) - #t)) - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") - #t))))) + `(#:configure-flags '("-Dlibproxy_support=false") + #:phases (modify-phases %standard-phases + (add-before 'check 'disable-TLSv1.3 + (lambda _ + ;; XXX: One test fails when TLS 1.3 is enabled, fixed in 2.60.0: + ;; <https://gitlab.com/gnutls/gnutls/issues/615>. + (setenv "G_TLS_GNUTLS_PRIORITY" "NORMAL:-VERS-TLS1.3") + #t))))) (native-inputs `(("pkg-config" ,pkg-config) ("intltool" ,intltool))) @@ -2517,9 +2499,6 @@ libxml to ease remote use of the RESTful API.") ;; The 'check-local' target runs 'env LANG=C sort -u', ;; unset 'LC_ALL' to make 'LANG' working. (unsetenv "LC_ALL") - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") ;; HTTPD in Guix uses mod_event and does not build prefork. (substitute* "tests/httpd.conf" (("^LoadModule mpm_prefork_module.*$") "\n")) @@ -2557,7 +2536,8 @@ libxml to ease remote use of the RESTful API.") "" ;URI of subject "127.0.0.1" ;IP address of subject "" ;signing? - "" ;encryption? + "" ;encryption (RSA)? + "" ;data encryption? "" ;sign OCSP requests? "" ;sign code? "" ;time stamping? diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index bb7fda24e6..e95f87b7aa 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -365,7 +365,7 @@ in the Mozilla clients.") (define-public nss (package (name "nss") - (version "3.39") + (version "3.41") (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -376,7 +376,7 @@ in the Mozilla clients.") "nss-" version ".tar.gz"))) (sha256 (base32 - "0jw6qlfl2g47hhx056nvnj6h92bk3sn46hy3ig61a911dzblvrkb")) + "0bbif42fzz5gk451sv3yphdrl7m4p6zgk5jk0307j06xs3sihbmb")) ;; Create nss.pc and nss-config. (patches (search-patches "nss-pkgconfig.patch" "nss-increase-test-timeout.patch")))) @@ -416,7 +416,7 @@ in the Mozilla clients.") (lambda _ ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. ;; The later requires a working DNS or /etc/hosts. - (setenv "DOMSUF" "(none)") + (setenv "DOMSUF" "localdomain") (setenv "USE_IP" "TRUE") (setenv "IP_ADDRESS" "127.0.0.1") @@ -424,7 +424,7 @@ in the Mozilla clients.") ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2018-09-01" "./nss/tests/all.sh"))) + (invoke "faketime" "2018-12-01" "./nss/tests/all.sh"))) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index f43a0fc2f5..755904231b 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -102,7 +102,7 @@ arrays of data.") (define-public gstreamer (package (name "gstreamer") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) @@ -111,7 +111,7 @@ arrays of data.") version ".tar.xz")) (sha256 (base32 - "0mh4755an4gk0z3ygqhjpdjk0r2cwswbpwfgl0x6qmnln4757bhk")))) + "1izzhnlsy83rgr4zl3jcl1sryxqbbigrrqw3j4x3nnphqnb6ckzr")))) (build-system gnu-build-system) (outputs '("out" "doc")) (arguments @@ -150,7 +150,7 @@ This package provides the core library and elements.") (define-public gst-plugins-base (package (name "gst-plugins-base") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) @@ -158,7 +158,7 @@ This package provides the core library and elements.") name "-" version ".tar.xz")) (sha256 (base32 - "0lkr1fm3bz21nqq9vi5v74mlxw6dd6i7piw00fhc5zz0dg1ikczh")))) + "0qbllw4kphchwhy4p7ivdysigx69i97gyw6q0rvkx1j81r4kjqfa")))) (build-system gnu-build-system) (outputs '("out" "doc")) (propagated-inputs @@ -209,7 +209,7 @@ for the GStreamer multimedia library.") (define-public gst-plugins-good (package (name "gst-plugins-good") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) @@ -218,7 +218,7 @@ for the GStreamer multimedia library.") name "-" version ".tar.xz")) (sha256 (base32 - "0pgzgfqbfp8lz2ns68797xfxdr0cr5rpi93wd1h2grhbmzkbq4ji")))) + "0y89qynb4b6fry3h43z1r99qslmi3m8xhlq0i5baq2nbc0r5b2sz")))) (build-system gnu-build-system) (inputs `(("aalib" ,aalib) @@ -271,14 +271,14 @@ developers consider to have good quality code and correct functionality.") (define-public gst-plugins-bad (package (name "gst-plugins-bad") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) (sha256 (base32 - "1mczcna91f3kkk3yv5fkfa8nmqdr9d93aq9z4d8sv18vkiflw8mj")))) + "1r8dma3x127rbx42yab7kwq7q1bhkmvz2ykn0rnqnzl95q74w2wi")))) (outputs '("out" "doc")) (build-system gnu-build-system) (arguments @@ -346,7 +346,7 @@ par compared to the rest.") (define-public gst-plugins-ugly (package (name "gst-plugins-ugly") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) @@ -354,7 +354,7 @@ par compared to the rest.") name "/" name "-" version ".tar.xz")) (sha256 (base32 - "01i31g5rvw36rjlyi9w24n0g1xa6053d14vaiba6vqpas727z123")))) + "08vd1xgwmapnviah47zv5h2r02qdd20y4f07rvv5zhv6y4vxh0mc")))) (build-system gnu-build-system) (inputs `(("gst-plugins-base" ,gst-plugins-base) @@ -381,7 +381,7 @@ distribution problems in some jurisdictions, e.g. due to patent threats.") (define-public gst-libav (package (name "gst-libav") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) (uri (string-append @@ -389,7 +389,7 @@ distribution problems in some jurisdictions, e.g. due to patent threats.") name "-" version ".tar.xz")) (sha256 (base32 - "0xxnb80yhfa42x4wx1928zydaal35b2mcj0zdcdsv1apnjdm40wv")) + "1nk5g24z2xx5kaw5cg8dv8skdc516inahmkymcz8bxqxj28qbmyz")) (modules '((guix build utils))) (snippet '(begin @@ -417,7 +417,7 @@ compression formats through the use of the libav library.") (define-public python-gst (package (name "python-gst") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) (uri (string-append @@ -425,7 +425,7 @@ compression formats through the use of the libav library.") "gst-python-" version ".tar.xz")) (sha256 (base32 - "01w3mpimbm8drifhrkvpns79h15kd9h9v0dynr7yb12kjrnfghsg")))) + "06ssx19fs6pg4d32p9ph9w4f0xwmxaw2dxfj17rqkn5njd7v5zfh")))) (build-system gnu-build-system) (arguments ;; XXX: Factorize python-sitedir with python-build-system. diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index 08f92df96c..0b719f1ffa 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -76,7 +76,9 @@ #:use-module (gnu packages cups) #:use-module (gnu packages xml) #:use-module (gnu packages xorg) - #:use-module (gnu packages xdisorg)) + #:use-module (gnu packages xdisorg) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26)) (define-public atk (package @@ -113,16 +115,14 @@ tools have full access to view and control running applications.") (define-public cairo (package (name "cairo") - (version "1.14.12") + (version "1.16.0") (source (origin (method url-fetch) (uri (string-append "https://cairographics.org/releases/cairo-" version ".tar.xz")) (sha256 (base32 - "05mzyxkvsfc1annjw2dja8vka01ampp9pp93lg09j8hba06g144c")) - (patches (search-patches "cairo-CVE-2016-9082.patch" - "cairo-setjmp-wrapper.patch")))) + "0c930mk5xr2bshbdljv005j3j8zr47gqmkry3q6qgvqky6rjjysy")))) (build-system gnu-build-system) (propagated-inputs `(("fontconfig" ,fontconfig) @@ -180,7 +180,7 @@ affine transformation (scale, rotation, shear, etc.).") (define-public harfbuzz (package (name "harfbuzz") - (version "1.8.8") + (version "2.2.0") (source (origin (method url-fetch) (uri (string-append "https://www.freedesktop.org/software/" @@ -188,7 +188,7 @@ affine transformation (scale, rotation, shear, etc.).") version ".tar.bz2")) (sha256 (base32 - "1ag3scnm1fcviqgx2p4858y433mr0ndqw6zccnccrqcr9mpcird8")))) + "047q63jr513azf3g1y7f5xn60b4jdjs9zsmrx04sfw5rasyzrk5p")))) (build-system gnu-build-system) (outputs '("out" "bin")) ; 160K, only hb-view depend on cairo @@ -456,7 +456,7 @@ highlighting and other features typical of a source code editor.") "0ixfmnxjylx06mjaw116apymwi1a8rnkmkbbvqaxxg2pfwy9fl6x")))) (build-system meson-build-system) (arguments - '(#:configure-flags '("-Dinstalled-tests=false") + `(#:configure-flags '("-Dinstalled_tests=false") #:phases (modify-phases %standard-phases (add-after @@ -471,12 +471,15 @@ highlighting and other features typical of a source code editor.") ;; ERROR:pixbuf-jpeg.c:74:test_type9_rotation_exif_tag: ;; assertion failed (error == NULL): Data differ ;; (gdk-pixbuf-error-quark, 0) - ((".*'pixbuf-jpeg'.*") "") - ;; Extend the timeout of the test suite. - ;; TODO: Check upstreaming effort: - ;; https://gitlab.gnome.org/GNOME/gdk-pixbuf/merge_requests/21 - (("300") "1800")) + ((".*'pixbuf-jpeg'.*") "")) #t)) + ;; The slow tests take longer than the specified timeout. + ,@(if (any (cute string=? <> (%current-system)) + '("armhf-linux" "aarch64-linux")) + '((replace 'check + (lambda _ + (invoke "meson" "test" "--timeout-multiplier" "5")))) + '()) (add-before 'configure 'aid-install-script (lambda* (#:key outputs #:allow-other-keys) ;; "build-aux/post-install.sh" invokes `gdk-pixbuf-query-loaders` @@ -688,7 +691,7 @@ application suites.") (name "gtk+") ;; NOTE: When updating the version of 'gtk+', the hash of 'mate-themes' in ;; mate.scm will also need to be updated. - (version "3.24.0") + (version "3.24.2") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" @@ -696,9 +699,18 @@ application suites.") name "-" version ".tar.xz")) (sha256 (base32 - "1a1jbsh9fg5ykmwrcl3svy7xfvx0b87d314qsx9n483pj8w93s82")) + "14l8mimdm44r3h5pn5hzigl1z25jna8jxvb16l88v4nc4zj0afsv")) (patches (search-patches "gtk3-respect-GUIX_GTK3_PATH.patch" - "gtk3-respect-GUIX_GTK3_IM_MODULE_FILE.patch")))) + "gtk3-respect-GUIX_GTK3_IM_MODULE_FILE.patch")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Version 3.24.2 was released with a typo that broke the build. + ;; See upstream commit 2905fc861acda3d134a198e56ef2f6c962ad3061 + ;; at <https://gitlab.gnome.org/GNOME/gtk/tree/gtk-3-24> + (substitute* "docs/tools/shooter.c" + (("gdk_screen_get_dfeault") "gdk_screen_get_default")) + #t)))) (outputs '("out" "bin" "doc")) (propagated-inputs `(("at-spi2-atk" ,at-spi2-atk) @@ -1345,7 +1357,7 @@ and routines to assist in editing internationalized text.") (define-public girara (package (name "girara") - (version "0.2.9") + (version "0.3.2") (source (origin (method url-fetch) (uri @@ -1353,7 +1365,7 @@ and routines to assist in editing internationalized text.") version ".tar.xz")) (sha256 (base32 - "0lkxrfna818wkkr2f6mdzf15y5z8xl1b9592ylmzjbqsqya3w7x8")))) + "1kc6n1mxjxa7wvwnqy94qfg8l9jvx9qrvrr2kc7m4g0z20x3a00p")))) (native-inputs `(("pkg-config" ,pkg-config) ("check" ,check) ("gettext" ,gettext-minimal) diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 2d28107e81..6e93d6aed9 100644 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -32,7 +32,7 @@ (define-public icu4c (package (name "icu4c") - (version "62.1") + (version "63.1") (source (origin (method url-fetch) (uri (string-append @@ -42,7 +42,7 @@ (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version) "-src.tgz")) (sha256 - (base32 "18ssgnwzzpm1g1fvbm9h1fvryiwxvvn5wc3fdakdsl33cs6qdn9x")))) + (base32 "17fbk0lm2clsxbmjzvyp245ayx0n4chji3ky1f3fbz2ljjv91i05")))) (build-system gnu-build-system) (inputs `(("perl" ,perl))) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index e4bcd6a274..08a9f86be6 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -465,7 +465,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (version "4.0.9") + (version "4.0.10") (source (origin (method url-fetch) @@ -473,11 +473,7 @@ extracting icontainer icon files.") version ".tar.gz")) (sha256 (base32 - "1kfg4q01r4mqn7dj63ifhi6pmqzbf4xax6ni6kkk81ri5kndwyvf")) - (patches (search-patches "libtiff-CVE-2017-9935.patch" - "libtiff-CVE-2017-18013.patch" - "libtiff-CVE-2018-8905.patch" - "libtiff-CVE-2018-10963.patch")))) + "1r4np635gr6zlc0bic38dzvxia6iqzcrary4n1ylarzpr8fd2lic")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.3 MiB of HTML documentation @@ -1301,14 +1297,14 @@ PNG, and performs PNG integrity checks and corrections.") (define-public libjpeg-turbo (package (name "libjpeg-turbo") - (version "2.0.0") + (version "2.0.1") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/" name "/" version "/" name "-" version ".tar.gz")) (sha256 (base32 - "0s48zz6awd493hmb200abmsizh68fh1jmz98r41n4c8dbl87d23p")))) + "1zv6z093l3x3jzygvni7b819j7xhn6d63jhcdrckj7fz67n6ry75")))) (build-system cmake-build-system) (native-inputs `(("nasm" ,nasm))) diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm index fe0923f479..dafe8c76ed 100644 --- a/gnu/packages/imagemagick.scm +++ b/gnu/packages/imagemagick.scm @@ -48,14 +48,14 @@ ;; The 7 release series has an incompatible API, while the 6 series is still ;; maintained. Don't update to 7 until we've made sure that the ImageMagick ;; users are ready for the 7-series API. - (version "6.9.10-14") + (version "6.9.10-16") (source (origin (method url-fetch) (uri (string-append "mirror://imagemagick/ImageMagick-" version ".tar.xz")) (sha256 (base32 - "0vcfjvdk9in92x808djvy94l5gylpgds4a7mlr8jrxsv9snx88yi")))) + "1ylbv69r8l3d4za4i8q41cs6lq06mnhiq4qm03rvs3vp3gyp1m9x")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch") diff --git a/gnu/packages/inkscape.scm b/gnu/packages/inkscape.scm index 1673cc602e..eae8ac962b 100644 --- a/gnu/packages/inkscape.scm +++ b/gnu/packages/inkscape.scm @@ -71,7 +71,24 @@ (file-name "inkscape-poppler-compat2.patch") (sha256 (base32 - "14k9yrfjz4nx3bz9dk91q74mc0i7rvl2qzkwhcy1br71yqjvngn5"))))))) + "14k9yrfjz4nx3bz9dk91q74mc0i7rvl2qzkwhcy1br71yqjvngn5"))) + (search-patch "inkscape-poppler-compat3.patch") + (origin + (method url-fetch) + (uri (string-append "https://gitlab.com/inkscape/inkscape/commit/" + "d047859d90cef3784e2d13e40887a70d8d517897.diff")) + (file-name "inkscape-poppler-compat4.patch") + (sha256 + (base32 + "0xdfg3q4g4m15z7wna4brjn5j4kr15qiqc2f25vcw2nnr6x54qcp"))) + (origin + (method url-fetch) + (uri (string-append "https://gitlab.com/inkscape/inkscape/commit/" + "b3d59cc8106da3bf6020a6c47eeb3b8a7bbae1a9.diff")) + (file-name "inkscape-poppler-compat5.patch") + (sha256 + (base32 + "0haviy66q9szizmvb82msfj80bb3wgi1fnq3ml8fyfp8l90a1217"))))))) (build-system cmake-build-system) (inputs `(("aspell" ,aspell) diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm index 508f9c4bd2..ad19f60ec1 100644 --- a/gnu/packages/kerberos.scm +++ b/gnu/packages/kerberos.scm @@ -48,7 +48,7 @@ (define-public mit-krb5 (package (name "mit-krb5") - (version "1.16.1") + (version "1.16.2") (source (origin (method url-fetch) (uri (list @@ -60,7 +60,7 @@ "/krb5-" version ".tar.gz"))) (sha256 (base32 - "05qis9l93hhxaknbp0a2v5cr24fsy52fqx20aqqcgl1s9qwzwkr1")))) + "09zhhzj19bmjjxsvxdrysabql8n72kjivis08wbikhlkwlgiwwlz")))) (build-system gnu-build-system) (native-inputs `(("bison" ,bison) diff --git a/gnu/packages/libevent.scm b/gnu/packages/libevent.scm index 2de29707ca..c9ed941202 100644 --- a/gnu/packages/libevent.scm +++ b/gnu/packages/libevent.scm @@ -122,14 +122,14 @@ limited support for fork events.") (define-public libuv (package (name "libuv") - (version "1.23.0") + (version "1.24.0") (source (origin (method url-fetch) (uri (string-append "https://dist.libuv.org/dist/v" version "/libuv-v" version ".tar.gz")) (sha256 (base32 - "09yf7c71n8b80nbsv4lsmq5nqmb0rylhpx3z9jgkv5za9lr6sx6i")))) + "01pg0zsfr8mxlpipkbpw0dpsl26x5s966f5br7dx9ac29abk419q")))) (build-system gnu-build-system) (arguments '(;; XXX: Some tests want /dev/tty, attempt to make connections, etc. diff --git a/gnu/packages/libreoffice.scm b/gnu/packages/libreoffice.scm index 45e2f63767..451adb0eff 100644 --- a/gnu/packages/libreoffice.scm +++ b/gnu/packages/libreoffice.scm @@ -984,9 +984,47 @@ converting QuarkXPress file format. It supports versions 3.1 to 4.1.") (file-name "libreoffice-mdds.patch") (sha256 (base32 - "0apbmammmp4pk473xiv5vk50r4c5gjvqzf9jkficksvz58q6114f")))) + "0apbmammmp4pk473xiv5vk50r4c5gjvqzf9jkficksvz58q6114f"))) + ;; The Poppler API changed rapidly in the versions leading 0.72. + ;; Thus, we need several patches from upstream, each adapting to + ;; different Poppler changes since version 0.68. + (origin + (method url-fetch) + (uri (string-append "https://github.com/LibreOffice/core/commit/" + "1688a395d05125b83eac6cd5c43f0e3f2f66c491" + ".patch")) + (file-name "libreoffice-poppler-compat.patch") + (sha256 + (base32 + "0ia5avmj772mrgs6m4qqf01hs8hzpy3nafidj7w7gqx2zz2s5ih9"))) + (origin + (method url-fetch) + (uri (string-append "https://github.com/LibreOffice/core/commit/" + "5e8bdd9203dd642111c62a6668ee665a20d4ba19" + ".patch")) + (file-name "libreoffice-poppler-gbool.patch") + (sha256 + (base32 + "19kc74h5vnk48l2vny8zmm2lkxpwc7g8n9d3wwpg99748dvbmikd"))) + (origin + (method url-fetch) + (uri (string-append "https://github.com/LibreOffice/core/commit/" + "8ff41a26caf51544699863c89598d37d93dc1b21" + ".patch")) + (file-name "libreoffice-poppler-0.71.patch") + (sha256 + (base32 + "1dsd0gynjf7d6412dd2sx70xa2s8kld7ibyjdkwg5w9hhi2zxw2f")))) (search-patches "libreoffice-icu.patch" - "libreoffice-glm.patch"))))) + "libreoffice-glm.patch"))) + (modules '((guix build utils))) + (snippet + '(begin + (for-each (lambda (file) + ;; Adjust to renamed function in Poppler 0.72. + (substitute* file (("getCString") "c_str"))) + (find-files "sdext/source/pdfimport/xpdfwrapper")) + #t)))) (build-system glib-or-gtk-build-system) (native-inputs `(("bison" ,bison) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index f21a6760b9..5953c09c24 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -993,7 +993,7 @@ intercept and print the system calls executed by the program.") (define-public alsa-lib (package (name "alsa-lib") - (version "1.1.6") + (version "1.1.7") (source (origin (method url-fetch) (uri (string-append @@ -1001,7 +1001,7 @@ intercept and print the system calls executed by the program.") version ".tar.bz2")) (sha256 (base32 - "096pwrnhj36yndldvs2pj4r871zhcgisks0is78f1jkjn9sd4b2z")))) + "02fw7dw202mjid49w9ki3dsfcyvid5fj488561bdzcm3haw00q4x")))) (build-system gnu-build-system) (home-page "https://www.alsa-project.org/") (synopsis "The Advanced Linux Sound Architecture libraries") @@ -1013,14 +1013,14 @@ MIDI functionality to the Linux-based operating system.") (define-public alsa-utils (package (name "alsa-utils") - (version "1.1.6") + (version "1.1.7") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.alsa-project.org/pub/utils/" name "-" version ".tar.bz2")) (sha256 (base32 - "0vnkyymgwj9rfdb11nvab30dnfrylmakdfildxl0y8mj836awp0m")))) + "02jlw6a22j2rr7inggfgk2hzx3w0fjhvhs0dn1afpzdp9aspzchx")))) (build-system gnu-build-system) (arguments ;; XXX: Disable man page creation until we have DocBook. @@ -1060,14 +1060,14 @@ MIDI functionality to the Linux-based operating system.") (define-public alsa-plugins (package (name "alsa-plugins") - (version "1.1.6") + (version "1.1.7") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.alsa-project.org/pub/plugins/" name "-" version ".tar.bz2")) (sha256 (base32 - "04qcwkisbh0d6lnh0rw1k6n869fbs6zbfq6yvb41rymiwgmk27bg")))) + "0iys4zl1davzyg3mn9lvil1n3k1ifrg3v1caj3k4dqyrnrd40jx7")))) (build-system gnu-build-system) ;; TODO: Split libavcodec and speex if possible. It looks like they can not ;; be split, there are references to both in files. @@ -1076,7 +1076,12 @@ MIDI functionality to the Linux-based operating system.") ;; obsolete. (outputs '("out" "pulseaudio" "jack")) (arguments - `(#:phases + `(#:configure-flags '(;; Do not install a "local" configuration targeted + ;; for /etc/alsa. On GuixSD plugins are loaded from + ;; the ALSA service, and other distributions likely + ;; won't use these files. + "--with-alsalconfdir=/tmp/noop") + #:phases (modify-phases %standard-phases (add-after 'install 'split (lambda* (#:key inputs outputs #:allow-other-keys) @@ -1085,27 +1090,17 @@ MIDI functionality to the Linux-based operating system.") (jack (assoc-ref outputs "jack")) (jacklib (string-append jack "/lib/alsa-lib")) (pua (assoc-ref outputs "pulseaudio")) - (pualib (string-append pua "/lib/alsa-lib")) - (puaconf (string-append pua "/share/alsa/alsa.conf.d"))) + (pualib (string-append pua "/lib/alsa-lib"))) ;; For jack. (mkdir-p jacklib) (for-each (lambda (file) (rename-file file (string-append jacklib "/" (basename file)))) (find-files out ".*jack\\.(la|so)")) - ;; For pluseaudio. - (mkdir-p puaconf) + ;; For pulseaudio. (mkdir-p pualib) - (chdir (string-append out "/share")) - (for-each (lambda (file) - (rename-file file (string-append puaconf "/" (basename file)))) - (find-files out "\\.(conf|example)")) (for-each (lambda (file) (rename-file file (string-append pualib "/" (basename file)))) (find-files out ".*pulse\\.(la|so)")) - (chdir "..") - ;; We have moved the files to output pulsaudio, the - ;; directory is now empty. - (delete-file-recursively (string-append out "/share")) #t)))))) (inputs `(("alsa-lib" ,alsa-lib) @@ -2038,20 +2033,26 @@ from the module-init-tools project.") ;; The post-systemd fork, maintained by Gentoo. (package (name "eudev") - (version "3.2.5") + (version "3.2.7") (source (origin - (method url-fetch) - (uri (string-append "https://github.com/gentoo/eudev/archive/v" - version ".tar.gz")) - (file-name (string-append name "-" version ".tar.gz")) + (method git-fetch) + (uri (git-reference (url "https://github.com/gentoo/eudev") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) (sha256 (base32 - "0dlkcgy7j4fdcksqrpc373zfybiif1bal3n6lpy1kfc5280j02c7")) + "1la7x7v7yqb84wnc7w0kj53sa0an0m9xp6wn01ypi8drh02wjjy2")) (patches (search-patches "eudev-rules-directory.patch")))) (build-system gnu-build-system) (arguments '(#:phases (modify-phases %standard-phases + (add-after 'unpack 'make-source-writable + (lambda _ + ;; XXX: Git checkouts are read-only, but this package needs to + ;; modify some of its files. + (for-each make-file-writable (find-files ".")) + #t)) (add-before 'bootstrap 'patch-file-names (lambda* (#:key inputs #:allow-other-keys) (substitute* "man/make.sh" diff --git a/gnu/packages/llvm.scm b/gnu/packages/llvm.scm index 6dab9c5195..2a3754b931 100644 --- a/gnu/packages/llvm.scm +++ b/gnu/packages/llvm.scm @@ -110,26 +110,6 @@ of programming tools as well as libraries with equivalent functionality.") (base32 "16s196wqzdw4pmri15hadzqgdi926zln3an2viwyq0kini6zr3d3")))))) -;; FIXME: This package is here to prevent many rebuilds on x86_64 and i686 -;; from commit fc9dbf41311d99d0fd8befc789ea7c0e35911890. Update users of -;; this in the next rebuild cycle. -(define-public llvm-without-rtti - (package - (inherit llvm) - (arguments - `(#:configure-flags '("-DCMAKE_SKIP_BUILD_RPATH=FALSE" - "-DCMAKE_BUILD_WITH_INSTALL_RPATH=FALSE" - "-DBUILD_SHARED_LIBS:BOOL=TRUE" - "-DLLVM_ENABLE_FFI:BOOL=TRUE" - "-DLLVM_INSTALL_UTILS=ON") - #:build-type "Release" - #:phases (modify-phases %standard-phases - (add-before 'build 'shared-lib-workaround - (lambda _ - (setenv "LD_LIBRARY_PATH" - (string-append (getcwd) "/lib")) - #t))))))) - (define* (clang-runtime-from-llvm llvm hash #:optional (patches '())) (package diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 448d9e373b..c6cecb703c 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -2980,7 +2980,7 @@ parts of it.") (define-public openblas (package (name "openblas") - (version "0.3.3") + (version "0.3.4") (source (origin (method url-fetch) @@ -2989,7 +2989,7 @@ parts of it.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0cvlixnpc3cdvvn3f30phfvsgnqljqix6wn72ps9rj7xdhvw06jg")))) + "1s56lgilyyw86dzmj3jkci9zsg24n60wq4d0zri1hrxlxb6ihimj")))) (build-system gnu-build-system) (arguments `(#:test-target "test" diff --git a/gnu/packages/mpd.scm b/gnu/packages/mpd.scm index 8ddc68a33e..f4a03bb7a9 100644 --- a/gnu/packages/mpd.scm +++ b/gnu/packages/mpd.scm @@ -244,7 +244,7 @@ terminal using ncurses.") "0m0mjb049sl62vx13h9waavysa30mk0rphacksnvf94n13la62v5")))) (build-system gnu-build-system) (inputs `(("libmpdclient" ,libmpdclient) - ("boost" ,boost-cxx14) + ("boost" ,boost) ("readline" ,readline) ("ncurses" ,ncurses) ("taglib" ,taglib) diff --git a/gnu/packages/nettle.scm b/gnu/packages/nettle.scm index 1212f32812..1f91b74d8b 100644 --- a/gnu/packages/nettle.scm +++ b/gnu/packages/nettle.scm @@ -75,14 +75,14 @@ themselves.") ;; This version is not API-compatible with version 2. In particular, lsh ;; cannot use it yet. So keep it separate. (package (inherit nettle-2) - (version "3.4") + (version "3.4.1") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/nettle/nettle-" version ".tar.gz")) (sha256 (base32 - "150y8655h629wn946dvzasq16qxsc1m9nf58mifvhl350bgl4ymf")))) + "1bcji95n1iz9p9vsgdgr26v6s7zhpsxfbjjwpqcihpfd6lawyhgr")))) (arguments (substitute-keyword-arguments (package-arguments nettle-2) ((#:configure-flags flags) diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index 850223cd4c..3cba8142bf 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -91,11 +91,15 @@ ;; Give -L arguments for cyrus-sasl to avoid propagation. (lambda* (#:key inputs outputs #:allow-other-keys) (let ((out (assoc-ref outputs "out")) - (sasl (assoc-ref inputs "cyrus-sasl"))) + (krb5 (assoc-ref inputs "mit-krb5"))) ;propagated from cyrus-sasl + + ;; The ancient Libtool bundled with OpenLDAP copies the linker flags + ;; from Cyrus-SASL and embeds them into its own .la files. Add an + ;; absolute reference to Kerberos so it does not have to be propagated. (substitute* (map (lambda (f) (string-append out "/" f)) '("lib/libldap.la" "lib/libldap_r.la")) - (("-lsasl2" lib) - (string-append "-L" sasl "/lib " lib))) + (("-lkrb5" lib) + (string-append "-L" krb5 "/lib " lib))) #t)))))) (synopsis "Implementation of the Lightweight Directory Access Protocol") (description diff --git a/gnu/packages/patches/cairo-CVE-2016-9082.patch b/gnu/packages/patches/cairo-CVE-2016-9082.patch deleted file mode 100644 index ad83404194..0000000000 --- a/gnu/packages/patches/cairo-CVE-2016-9082.patch +++ /dev/null @@ -1,122 +0,0 @@ -From: Adrian Johnson <ajohnson@redneon.com> -Date: Thu, 20 Oct 2016 21:12:30 +1030 -Subject: [PATCH] image: prevent invalid ptr access for > 4GB images - -Image data is often accessed using: - - image->data + y * image->stride - -On 64-bit achitectures if the image data is > 4GB, this computation -will overflow since both y and stride are 32-bit types. - -bug report: https://bugs.freedesktop.org/show_bug.cgi?id=98165 -patch: https://bugs.freedesktop.org/attachment.cgi?id=127421 ---- - boilerplate/cairo-boilerplate.c | 4 +++- - src/cairo-image-compositor.c | 4 ++-- - src/cairo-image-surface-private.h | 2 +- - src/cairo-mesh-pattern-rasterizer.c | 2 +- - src/cairo-png.c | 2 +- - src/cairo-script-surface.c | 3 ++- - 6 files changed, 10 insertions(+), 7 deletions(-) - -diff --git a/boilerplate/cairo-boilerplate.c b/boilerplate/cairo-boilerplate.c -index 7fdbf79..4804dea 100644 ---- a/boilerplate/cairo-boilerplate.c -+++ b/boilerplate/cairo-boilerplate.c -@@ -42,6 +42,7 @@ - #undef CAIRO_VERSION_H - #include "../cairo-version.h" - -+#include <stddef.h> - #include <stdlib.h> - #include <ctype.h> - #include <assert.h> -@@ -976,7 +977,8 @@ cairo_surface_t * - cairo_boilerplate_image_surface_create_from_ppm_stream (FILE *file) - { - char format; -- int width, height, stride; -+ int width, height; -+ ptrdiff_t stride; - int x, y; - unsigned char *data; - cairo_surface_t *image = NULL; -diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c -index 48072f8..3ca0006 100644 ---- a/src/cairo-image-compositor.c -+++ b/src/cairo-image-compositor.c -@@ -1575,7 +1575,7 @@ typedef struct _cairo_image_span_renderer { - pixman_image_t *src, *mask; - union { - struct fill { -- int stride; -+ ptrdiff_t stride; - uint8_t *data; - uint32_t pixel; - } fill; -@@ -1594,7 +1594,7 @@ typedef struct _cairo_image_span_renderer { - struct finish { - cairo_rectangle_int_t extents; - int src_x, src_y; -- int stride; -+ ptrdiff_t stride; - uint8_t *data; - } mask; - } u; -diff --git a/src/cairo-image-surface-private.h b/src/cairo-image-surface-private.h -index 8ca694c..7e78d61 100644 ---- a/src/cairo-image-surface-private.h -+++ b/src/cairo-image-surface-private.h -@@ -71,7 +71,7 @@ struct _cairo_image_surface { - - int width; - int height; -- int stride; -+ ptrdiff_t stride; - int depth; - - unsigned owns_data : 1; -diff --git a/src/cairo-mesh-pattern-rasterizer.c b/src/cairo-mesh-pattern-rasterizer.c -index 1b63ca8..e7f0db6 100644 ---- a/src/cairo-mesh-pattern-rasterizer.c -+++ b/src/cairo-mesh-pattern-rasterizer.c -@@ -470,7 +470,7 @@ draw_pixel (unsigned char *data, int width, int height, int stride, - tg += tg >> 16; - tb += tb >> 16; - -- *((uint32_t*) (data + y*stride + 4*x)) = ((ta << 16) & 0xff000000) | -+ *((uint32_t*) (data + y*(ptrdiff_t)stride + 4*x)) = ((ta << 16) & 0xff000000) | - ((tr >> 8) & 0xff0000) | ((tg >> 16) & 0xff00) | (tb >> 24); - } - } -diff --git a/src/cairo-png.c b/src/cairo-png.c -index 562b743..aa8c227 100644 ---- a/src/cairo-png.c -+++ b/src/cairo-png.c -@@ -673,7 +673,7 @@ read_png (struct png_read_closure_t *png_closure) - } - - for (i = 0; i < png_height; i++) -- row_pointers[i] = &data[i * stride]; -+ row_pointers[i] = &data[i * (ptrdiff_t)stride]; - - png_read_image (png, row_pointers); - png_read_end (png, info); -diff --git a/src/cairo-script-surface.c b/src/cairo-script-surface.c -index ea0117d..91e4baa 100644 ---- a/src/cairo-script-surface.c -+++ b/src/cairo-script-surface.c -@@ -1202,7 +1202,8 @@ static cairo_status_t - _write_image_surface (cairo_output_stream_t *output, - const cairo_image_surface_t *image) - { -- int stride, row, width; -+ int row, width; -+ ptrdiff_t stride; - uint8_t row_stack[CAIRO_STACK_BUFFER_SIZE]; - uint8_t *rowdata; - uint8_t *data; --- -2.1.4 - diff --git a/gnu/packages/patches/cairo-setjmp-wrapper.patch b/gnu/packages/patches/cairo-setjmp-wrapper.patch deleted file mode 100644 index bffac6e041..0000000000 --- a/gnu/packages/patches/cairo-setjmp-wrapper.patch +++ /dev/null @@ -1,78 +0,0 @@ -Revert faulty commit to avoid undefined behaviour: -https://bugs.freedesktop.org/show_bug.cgi?id=104325 - -Taken from this upstream commit: -https://cgit.freedesktop.org/cairo/commit/?h=1.14&id=2acc4382c54bd8239361ceed14423412a343d311 - -diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c -index cb2e30c..5541bdc 100644 ---- a/src/cairo-bentley-ottmann-rectangular.c -+++ b/src/cairo-bentley-ottmann-rectangular.c -@@ -593,12 +593,6 @@ sweep_line_insert (sweep_line_t *sweep, rectangle_t *rectangle) - pqueue_push (sweep, rectangle); - } - --static int --sweep_line_setjmp (sweep_line_t *sweep_line) --{ -- return setjmp (sweep_line->unwind); --} -- - static cairo_status_t - _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles, - int num_rectangles, -@@ -615,7 +609,7 @@ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles, - rectangles, num_rectangles, - fill_rule, - do_traps, container); -- if ((status = sweep_line_setjmp (&sweep_line))) -+ if ((status = setjmp (sweep_line.unwind))) - return status; - - rectangle = rectangle_pop_start (&sweep_line); -diff --git a/src/cairo-png.c b/src/cairo-png.c -index e64b14a..068617d 100644 ---- a/src/cairo-png.c -+++ b/src/cairo-png.c -@@ -158,14 +158,6 @@ png_simple_warning_callback (png_structp png, - */ - } - --static int --png_setjmp (png_struct *png) --{ --#ifdef PNG_SETJMP_SUPPORTED -- return setjmp (png_jmpbuf (png)); --#endif -- return 0; --} - - /* Starting with libpng-1.2.30, we must explicitly specify an output_flush_fn. - * Otherwise, we will segfault if we are writing to a stream. */ -@@ -237,8 +229,10 @@ write_png (cairo_surface_t *surface, - goto BAIL4; - } - -- if (png_setjmp (png)) -+#ifdef PNG_SETJMP_SUPPORTED -+ if (setjmp (png_jmpbuf (png))) - goto BAIL4; -+#endif - - png_set_write_fn (png, closure, write_func, png_simple_output_flush_fn); - -@@ -577,11 +571,12 @@ read_png (struct png_read_closure_t *png_closure) - png_set_read_fn (png, png_closure, stream_read_func); - - status = CAIRO_STATUS_SUCCESS; -- -- if (png_setjmp (png)) { -+#ifdef PNG_SETJMP_SUPPORTED -+ if (setjmp (png_jmpbuf (png))) { - surface = _cairo_surface_create_in_error (status); - goto BAIL; - } -+#endif - - png_read_info (png, info); - diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch deleted file mode 100644 index fc72e42e03..0000000000 --- a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch +++ /dev/null @@ -1,130 +0,0 @@ -Fix CVE-2013-4122. - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122 - -Patch copied from upstream source repository: -https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d - -From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@hush.com> -Date: Thu, 11 Jul 2013 10:08:07 +0100 -Subject: Handle NULL returns from glibc 2.17+ crypt() - -Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL -(w/ NULL return) if the salt violates specifications. Additionally, -on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords -passed to crypt() fail with EPERM (w/ NULL return). - -When using glibc's crypt(), check return value to avoid a possible -NULL pointer dereference. - -Patch by mancha1@hush.com. ---- - pwcheck/pwcheck_getpwnam.c | 3 ++- - pwcheck/pwcheck_getspnam.c | 4 +++- - saslauthd/auth_getpwent.c | 4 +++- - saslauthd/auth_shadow.c | 8 +++----- - 4 files changed, 11 insertions(+), 8 deletions(-) - -diff --git a/pwcheck/pwcheck_getpwnam.c b/pwcheck/pwcheck_getpwnam.c -index 4b34222..400289c 100644 ---- a/pwcheck/pwcheck_getpwnam.c -+++ b/pwcheck/pwcheck_getpwnam.c -@@ -32,6 +32,7 @@ char *userid; - char *password; - { - char* r; -+ char* crpt_passwd; - struct passwd *pwd; - - pwd = getpwnam(userid); -@@ -41,7 +42,7 @@ char *password; - else if (pwd->pw_passwd[0] == '*') { - r = "Account disabled"; - } -- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { -+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) { - r = "Incorrect password"; - } - else { -diff --git a/pwcheck/pwcheck_getspnam.c b/pwcheck/pwcheck_getspnam.c -index 2b11286..6d607bb 100644 ---- a/pwcheck/pwcheck_getspnam.c -+++ b/pwcheck/pwcheck_getspnam.c -@@ -32,13 +32,15 @@ char *userid; - char *password; - { - struct spwd *pwd; -+ char *crpt_passwd; - - pwd = getspnam(userid); - if (!pwd) { - return "Userid not found"; - } - -- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) { -+ crpt_passwd = crypt(password, pwd->sp_pwdp); -+ if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) { - return "Incorrect password"; - } - else { -diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c -index fc8029d..d4ebe54 100644 ---- a/saslauthd/auth_getpwent.c -+++ b/saslauthd/auth_getpwent.c -@@ -77,6 +77,7 @@ auth_getpwent ( - { - /* VARIABLES */ - struct passwd *pw; /* pointer to passwd file entry */ -+ char *crpt_passwd; /* encrypted password */ - int errnum; - /* END VARIABLES */ - -@@ -105,7 +106,8 @@ auth_getpwent ( - } - } - -- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { -+ crpt_passwd = crypt(password, pw->pw_passwd); -+ if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) { - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); - } -diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c -index 677131b..1988afd 100644 ---- a/saslauthd/auth_shadow.c -+++ b/saslauthd/auth_shadow.c -@@ -210,8 +210,8 @@ auth_shadow ( - RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)"); - } - -- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); -- if (strcmp(sp->sp_pwdp, cpw)) { -+ cpw = crypt(password, sp->sp_pwdp); -+ if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) { - if (flags & VERBOSE) { - /* - * This _should_ reveal the SHADOW_PW_LOCKED prefix to an -@@ -221,10 +221,8 @@ auth_shadow ( - syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", - sp->sp_pwdp, cpw); - } -- free(cpw); - RETURN("NO Incorrect password"); - } -- free(cpw); - - /* - * The following fields will be set to -1 if: -@@ -286,7 +284,7 @@ auth_shadow ( - RETURN("NO Invalid username"); - } - -- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { -+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) { - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", - password, upw->upw_passwd); --- -cgit v0.12 - diff --git a/gnu/packages/patches/efl-mesa-compat.patch b/gnu/packages/patches/efl-mesa-compat.patch new file mode 100644 index 0000000000..6fe7b38428 --- /dev/null +++ b/gnu/packages/patches/efl-mesa-compat.patch @@ -0,0 +1,21 @@ +Fix build on 32-bit architectures with Mesa 18.3. Patch taken from upstream: + +https://git.enlightenment.org/core/efl.git/commit/?id=0d2b624f1e24240a1c4e651aa1cfe9a8dd10a573 + +diff --git a/src/lib/evas/Evas_GL.h b/src/lib/evas/Evas_GL.h +index b6b642400f..4f67b1695f 100644 +--- a/src/lib/evas/Evas_GL.h ++++ b/src/lib/evas/Evas_GL.h +@@ -4272,9 +4272,11 @@ typedef signed int GLfixed; // Changed khronos_int32_t + + #ifndef GL_ES_VERSION_2_0 + /* GL types for handling large vertex buffer objects */ +-#include <stddef.h> ++# ifndef GL_VERSION_1_5 ++# include <stddef.h> + typedef ptrdiff_t GLintptr; // Changed khronos_intptr_t + typedef ptrdiff_t GLsizeiptr; // Changed khronos_ssize_t ++# endif + #endif + + /* Some definitions from GLES 3.0. diff --git a/gnu/packages/patches/ghostscript-CVE-2018-16509.patch b/gnu/packages/patches/ghostscript-CVE-2018-16509.patch deleted file mode 100644 index 50ffa3cb98..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2018-16509.patch +++ /dev/null @@ -1,193 +0,0 @@ -Ghostscript 9.24 was released with an incomplete fix for CVE-2018-16509: -https://nvd.nist.gov/vuln/detail/CVE-2018-16509 -https://bugs.chromium.org/p/project-zero/issues/detail?id=1640#c19 -https://bugs.ghostscript.com/show_bug.cgi?id=699718 - -The reproducers no longer work after applying these commits: - -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590 -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e914f1da46e33decc534486598dc3eadf69e6efb -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6 -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=643b24dbd002fb9c131313253c307cf3951b3d47 - -This patch is a "squashed" version of those. - -diff --git a/Resource/Init/gs_setpd.ps b/Resource/Init/gs_setpd.ps -index bba3c8c0e..8fa7c51df 100644 ---- a/Resource/Init/gs_setpd.ps -+++ b/Resource/Init/gs_setpd.ps -@@ -95,27 +95,41 @@ level2dict begin - { % Since setpagedevice doesn't create new device objects, - % we must (carefully) reinstall the old parameters in - % the same device. -- .currentpagedevice pop //null currentdevice //null .trysetparams -+ .currentpagedevice pop //null currentdevice //null -+ { .trysetparams } .internalstopped -+ { -+ //null -+ } if - dup type /booleantype eq - { pop pop } -- { % This should never happen! -+ { - SETPDDEBUG { (Error in .trysetparams!) = pstack flush } if -- cleartomark pop pop pop -+ {cleartomark pop pop pop} .internalstopped pop -+ % if resetting the entire device state failed, at least put back the -+ % security related key -+ currentdevice //null //false mark /.LockSafetyParams -+ currentpagedevice /.LockSafetyParams .knownget not -+ {systemdict /SAFER .knownget not {//false} } if -+ .putdeviceparamsonly - /.installpagedevice cvx /rangecheck signalerror - } - ifelse pop pop - % A careful reading of the Red Book reveals that an erasepage - % should occur, but *not* an initgraphics. - erasepage .beginpage -- } bind def -+ } bind executeonly def - - /.uninstallpagedevice -- { 2 .endpage { .currentnumcopies //false .outputpage } if -+ { -+ {2 .endpage { .currentnumcopies //false .outputpage } if} .internalstopped pop - nulldevice - } bind def - - (%grestorepagedevice) cvn -- { .uninstallpagedevice grestore .installpagedevice -+ { -+ .uninstallpagedevice -+ grestore -+ .installpagedevice - } bind def - - (%grestoreallpagedevice) cvn -diff --git a/psi/zdevice2.c b/psi/zdevice2.c -index 0c7080d57..159a0c0d9 100644 ---- a/psi/zdevice2.c -+++ b/psi/zdevice2.c -@@ -251,8 +251,8 @@ z2currentgstate(i_ctx_t *i_ctx_p) - /* ------ Wrappers for operators that reset the graphics state. ------ */ - - /* Check whether we need to call out to restore the page device. */ --static bool --restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new) -+static int -+restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate * pgs_new) - { - gx_device *dev_old = gs_currentdevice(pgs_old); - gx_device *dev_new; -@@ -260,9 +260,10 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new) - gx_device *dev_t2; - bool samepagedevice = obj_eq(dev_old->memory, &gs_int_gstate(pgs_old)->pagedevice, - &gs_int_gstate(pgs_new)->pagedevice); -+ bool LockSafetyParams = dev_old->LockSafetyParams; - - if ((dev_t1 = (*dev_proc(dev_old, get_page_device)) (dev_old)) == 0) -- return false; -+ return 0; - /* If we are going to putdeviceparams in a callout, we need to */ - /* unlock temporarily. The device will be re-locked as needed */ - /* by putdeviceparams from the pgs_old->pagedevice dict state. */ -@@ -271,23 +272,51 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new) - dev_new = gs_currentdevice(pgs_new); - if (dev_old != dev_new) { - if ((dev_t2 = (*dev_proc(dev_new, get_page_device)) (dev_new)) == 0) -- return false; -- if (dev_t1 != dev_t2) -- return true; -+ samepagedevice = true; -+ else if (dev_t1 != dev_t2) -+ samepagedevice = false; -+ } -+ -+ if (LockSafetyParams && !samepagedevice) { -+ const int required_ops = 512; -+ const int required_es = 32; -+ -+ /* The %grestorepagedevice must complete: the biggest danger -+ is operand stack overflow. As we use get/putdeviceparams -+ that means pushing all the device params onto the stack, -+ pdfwrite having by far the largest number of parameters -+ at (currently) 212 key/value pairs - thus needing (currently) -+ 424 entries on the op stack. Allowing for working stack -+ space, and safety margin..... -+ */ -+ if (required_ops + ref_stack_count(&o_stack) >= ref_stack_max_count(&o_stack)) { -+ gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams; -+ return_error(gs_error_stackoverflow); -+ } -+ /* We also want enough exec stack space - 32 is an overestimate of -+ what we need to complete the Postscript call out. -+ */ -+ if (required_es + ref_stack_count(&e_stack) >= ref_stack_max_count(&e_stack)) { -+ gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams; -+ return_error(gs_error_execstackoverflow); -+ } - } - /* - * The current implementation of setpagedevice just sets new - * parameters in the same device object, so we have to check - * whether the page device dictionaries are the same. - */ -- return !samepagedevice; -+ return samepagedevice ? 0 : 1; - } - - /* - grestore - */ - static int - z2grestore(i_ctx_t *i_ctx_p) - { -- if (!restore_page_device(igs, gs_gstate_saved(igs))) -+ int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs)); -+ if (code < 0) return code; -+ -+ if (code == 0) - return gs_grestore(igs); - return push_callout(i_ctx_p, "%grestorepagedevice"); - } -@@ -297,7 +326,9 @@ static int - z2grestoreall(i_ctx_t *i_ctx_p) - { - for (;;) { -- if (!restore_page_device(igs, gs_gstate_saved(igs))) { -+ int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs)); -+ if (code < 0) return code; -+ if (code == 0) { - bool done = !gs_gstate_saved(gs_gstate_saved(igs)); - - gs_grestore(igs); -@@ -328,11 +359,15 @@ z2restore(i_ctx_t *i_ctx_p) - if (code < 0) return code; - - while (gs_gstate_saved(gs_gstate_saved(igs))) { -- if (restore_page_device(igs, gs_gstate_saved(igs))) -+ code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs)); -+ if (code < 0) return code; -+ if (code > 0) - return push_callout(i_ctx_p, "%restore1pagedevice"); - gs_grestore(igs); - } -- if (restore_page_device(igs, gs_gstate_saved(igs))) -+ code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs)); -+ if (code < 0) return code; -+ if (code > 0) - return push_callout(i_ctx_p, "%restorepagedevice"); - - code = dorestore(i_ctx_p, asave); -@@ -355,9 +390,12 @@ static int - z2setgstate(i_ctx_t *i_ctx_p) - { - os_ptr op = osp; -+ int code; - - check_stype(*op, st_igstate_obj); -- if (!restore_page_device(igs, igstate_ptr(op))) -+ code = restore_page_device(i_ctx_p, igs, igstate_ptr(op)); -+ if (code < 0) return code; -+ if (code == 0) - return zsetgstate(i_ctx_p); - return push_callout(i_ctx_p, "%setgstatepagedevice"); - } diff --git a/gnu/packages/patches/ghostscript-bug-699708.patch b/gnu/packages/patches/ghostscript-bug-699708.patch deleted file mode 100644 index 1567be1c6f..0000000000 --- a/gnu/packages/patches/ghostscript-bug-699708.patch +++ /dev/null @@ -1,160 +0,0 @@ -Additional security fix that missed 9.24. - -Taken from upstream: -http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624 - -From fb713b3818b52d8a6cf62c951eba2e1795ff9624 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Thu, 6 Sep 2018 09:16:22 +0100 -Subject: [PATCH] Bug 699708 (part 1): 'Hide' non-replaceable error handlers - for SAFER - -We already had a 'private' dictionary for non-standard errors: gserrordict. - -This now includes all the default error handlers, the dictionary is made -noaccess and all the prodedures are bound and executeonly. - -When running with -dSAFER, in the event of a Postscript error, instead of -pulling the handler from errordict, we'll pull it from gserrordict - thus -malicious input cannot trigger problems by the use of custom error handlers. - -errordict remains open and writeable, so files such as the Quality Logic tests -that install their own handlers will still 'work', with the exception that the -custom error handlers will not be called. - -This is a 'first pass', 'sledgehammer' approach: a nice addition would to allow -an integrator to specify a list of errors that are not to be replaced (for -example, embedded applications would probably want to ensure that VMerror is -always handled as they intend). ---- - Resource/Init/gs_init.ps | 29 ++++++++++++++++++----------- - psi/interp.c | 30 +++++++++++++++++++++--------- - 2 files changed, 39 insertions(+), 20 deletions(-) - -diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps -index 071c39205..bc8b7951c 100644 ---- a/Resource/Init/gs_init.ps -+++ b/Resource/Init/gs_init.ps -@@ -881,7 +881,7 @@ userdict /.currentresourcefile //null put - { not exch pop exit } { pop } ifelse - } - for exch pop .quit -- } bind def -+ } bind executeonly def - /.errorhandler % <command> <errorname> .errorhandler - - { % Detect an internal 'stopped'. - 1 .instopped { //null eq { pop pop stop } if } if -@@ -926,7 +926,7 @@ userdict /.currentresourcefile //null put - $error /globalmode get $error /.nosetlocal get and .setglobal - $error /.inerror //false put - stop -- } bind def -+ } bind executeonly def - % Define the standard handleerror. We break out the printing procedure - % (.printerror) so that it can be extended for binary output - % if the Level 2 facilities are present. -@@ -976,7 +976,7 @@ userdict /.currentresourcefile //null put - ifelse % newerror - end - flush -- } bind def -+ } bind executeonly def - /.printerror_long % long error printout, - % $error is on the dict stack - { % Push the (anonymous) stack printing procedure. -@@ -1053,14 +1053,14 @@ userdict /.currentresourcefile //null put - { (Current file position is ) print position = } - if - -- } bind def -+ } bind executeonly def - % Define a procedure for clearing the error indication. - /.clearerror - { $error /newerror //false put - $error /errorname //null put - $error /errorinfo //null put - 0 .setoserrno -- } bind def -+ } bind executeonly def - - % Define $error. This must be in local VM. - .currentglobal //false .setglobal -@@ -1086,11 +1086,15 @@ end - /errordict ErrorNames length 3 add dict - .forcedef % errordict is local, systemdict is global - .setglobal % back to global VM --% For greater Adobe compatibility, we put all non-standard errors in a --% separate dictionary, gserrordict. It does not need to be in local VM, --% because PostScript programs do not access it. -+% gserrordict contains all the default error handling methods, but unlike -+% errordict it is noaccess after creation (also it is in global VM). -+% When running 'SAFER', we'll ignore the contents of errordict, which -+% may have been tampered with by the running job, and always use gserrordict -+% gserrordict also contains any non-standard errors, for better compatibility -+% with Adobe. -+% - % NOTE: the name gserrordict is known to the interpreter. --/gserrordict 5 dict def -+/gserrordict ErrorNames length 3 add dict def - % Register an error in errordict. We make this a procedure because we only - % register the Level 1 errors here: the rest are registered by "feature" - % files. However, ErrorNames contains all of the error names regardless of -@@ -1119,8 +1123,11 @@ errordict begin - } bind def - end % errordict - --% Put non-standard errors in gserrordict. --gserrordict /unknownerror errordict /unknownerror get put -+% Put all the default handlers in gserrordict -+gserrordict -+errordict {2 index 3 1 roll put} forall -+noaccess pop -+% remove the non-standard errors from errordict - errordict /unknownerror .undef - % Define a stable private copy of handleerror that we will always use under - % JOBSERVER mode. -diff --git a/psi/interp.c b/psi/interp.c -index c27b70dca..d41a9d3f5 100644 ---- a/psi/interp.c -+++ b/psi/interp.c -@@ -661,16 +661,28 @@ again: - return code; - if (gs_errorname(i_ctx_p, code, &error_name) < 0) - return code; /* out-of-range error code! */ -- /* -- * For greater Adobe compatibility, only the standard PostScript errors -- * are defined in errordict; the rest are in gserrordict. -+ -+ /* If LockFilePermissions is true, we only refer to gserrordict, which -+ * is not accessible to Postcript jobs - */ -- if (dict_find_string(systemdict, "errordict", &perrordict) <= 0 || -- (dict_find(perrordict, &error_name, &epref) <= 0 && -- (dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 || -- dict_find(perrordict, &error_name, &epref) <= 0)) -- ) -- return code; /* error name not in errordict??? */ -+ if (i_ctx_p->LockFilePermissions) { -+ if (((dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 || -+ dict_find(perrordict, &error_name, &epref) <= 0)) -+ ) -+ return code; /* error name not in errordict??? */ -+ } -+ else { -+ /* -+ * For greater Adobe compatibility, only the standard PostScript errors -+ * are defined in errordict; the rest are in gserrordict. -+ */ -+ if (dict_find_string(systemdict, "errordict", &perrordict) <= 0 || -+ (dict_find(perrordict, &error_name, &epref) <= 0 && -+ (dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 || -+ dict_find(perrordict, &error_name, &epref) <= 0)) -+ ) -+ return code; /* error name not in errordict??? */ -+ } - doref = *epref; - epref = &doref; - /* Push the error object on the operand stack if appropriate. */ --- -2.18.0 - diff --git a/gnu/packages/patches/glib-networking-connection.patch b/gnu/packages/patches/glib-networking-connection.patch new file mode 100644 index 0000000000..f64b090ae5 --- /dev/null +++ b/gnu/packages/patches/glib-networking-connection.patch @@ -0,0 +1,51 @@ +https://gitlab.gnome.org/GNOME/glib-networking/issues/4 +https://gitlab.gnome.org/GNOME/glib-networking/commit/55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e.patch +This ultimately rejected work-around should be removed with the next +release, as the bug has supposedly been fixed for real. + + +From 55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro <mcatanzaro@igalia.com> +Date: Thu, 19 Jul 2018 11:16:35 -0500 +Subject: [PATCH] Fix intermittent failures in missing client private key test + +Because our APIs do nice things like encapsulating the TLS connection +establishment, we have our test server writing to the client after +establishing the TCP connection, because the TLS connection is +established. It's fine in theory, but results in some weirdness like the +server seeing its write having completed successfully before TLS +connection establishment. Normally that's what happens and this test +passes (server sees no error), but sometimes the server sees that the +client has already failed and the test fails. + +This is unfortunate, and tricky to fix properly, so let's just remove +the bad check. The point of the test is to ensure that the TLS +connection is not established, and the client-side check is going to +have to be sufficient, because rewriting the test to wait for the TLS +connection to be established on the server side is quite tricky: my +naive attempt resulted in both sides waiting forever on the other. + +P.S. At no point in this test does the server ever examine the client +certificate. That's not quite what I expected when I added the test, but +it's fine. + +Fixes #4 +--- + tls/tests/connection.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/tls/tests/connection.c b/tls/tests/connection.c +index 94645c3..390275d 100644 +--- a/tls/tests/connection.c ++++ b/tls/tests/connection.c +@@ -1125,7 +1125,6 @@ test_client_auth_fail_missing_client_private_key (TestConnection *test, + g_main_loop_run (test->loop); + + g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED); +- g_assert_no_error (test->server_error); + } + + static void +-- +2.18.1 + diff --git a/gnu/packages/patches/glib-networking-ssl-cert-file.patch b/gnu/packages/patches/glib-networking-ssl-cert-file.patch deleted file mode 100644 index 32bdd0790f..0000000000 --- a/gnu/packages/patches/glib-networking-ssl-cert-file.patch +++ /dev/null @@ -1,29 +0,0 @@ -From b010e41346d418220582c20ab8d7f3971e4fb78a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@gmail.com> -Date: Fri, 14 Aug 2015 17:28:36 +0800 -Subject: [PATCH] gnutls: Allow overriding the anchor file location by - 'SSL_CERT_FILE' - ---- - tls/gnutls/gtlsbackend-gnutls.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/tls/gnutls/gtlsbackend-gnutls.c b/tls/gnutls/gtlsbackend-gnutls.c -index 55ec1a5..217d3c8 100644 ---- a/tls/gnutls/gtlsbackend-gnutls.c -+++ b/tls/gnutls/gtlsbackend-gnutls.c -@@ -101,8 +101,10 @@ g_tls_backend_gnutls_real_create_database (GTlsBackendGnutls *self, - GError **error) - { - const gchar *anchor_file = NULL; -+ anchor_file = g_getenv ("SSL_CERT_FILE"); - #ifdef GTLS_SYSTEM_CA_FILE -- anchor_file = GTLS_SYSTEM_CA_FILE; -+ if (!anchor_file) -+ anchor_file = GTLS_SYSTEM_CA_FILE; - #endif - return g_tls_file_database_new (anchor_file, error); - } --- -2.4.3 - diff --git a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch b/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch deleted file mode 100644 index 1fad7c14e3..0000000000 --- a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch +++ /dev/null @@ -1,24 +0,0 @@ -FIXME: The static test fails with an error such as: - -/tmp/guix-build-gnutls-3.5.13.drv-0/ccOnGPmc.o: In function `main': -c.29617.tmp.c:(.text+0x5): undefined reference to `gnutls_global_init' -collect2: error: ld returned 1 exit status -FAIL pkgconfig.sh (exit status: 1) - -diff --git a/tests/pkgconfig.sh b/tests/pkgconfig.sh -index 6bd4e62f9..05aab8278 100755 ---- a/tests/pkgconfig.sh -+++ b/tests/pkgconfig.sh -@@ -57,11 +57,7 @@ echo "Trying dynamic linking with:" - echo " * flags: $(${PKGCONFIG} --libs gnutls)" - echo " * common: ${COMMON}" - echo " * lib: ${CFLAGS}" --cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON} -- --echo "" --echo "Trying static linking with $(${PKGCONFIG} --libs --static gnutls)" --cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --static --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON} -+gcc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON} - - rm -f ${TMPFILE} ${TMPFILE_O} - diff --git a/gnu/packages/patches/inkscape-poppler-compat3.patch b/gnu/packages/patches/inkscape-poppler-compat3.patch new file mode 100644 index 0000000000..eaaf7d93f1 --- /dev/null +++ b/gnu/packages/patches/inkscape-poppler-compat3.patch @@ -0,0 +1,499 @@ +Fix compatibility with Poppler >= 0.69. + +This is a combination of these upstream commits: +https://gitlab.com/inkscape/inkscape/commit/722e121361d0f784083d10e897155b7d4e44e515 +https://gitlab.com/inkscape/inkscape/commit/402c0274420fe39fd2f3393bc7d8d8879d436358 + +...with slight adjustments for the 0.92.3 release tarball. + +diff --git a/CMakeScripts/DefineDependsandFlags.cmake b/CMakeScripts/DefineDependsandFlags.cmake +--- a/CMakeScripts/DefineDependsandFlags.cmake ++++ b/CMakeScripts/DefineDependsandFlags.cmake +@@ -116,18 +116,6 @@ if(ENABLE_POPPLER) + set(HAVE_POPPLER_GLIB ON) + endif() + endif() +- if(POPPLER_VERSION VERSION_GREATER "0.26.0" OR +- POPPLER_VERSION VERSION_EQUAL "0.26.0") +- set(POPPLER_EVEN_NEWER_COLOR_SPACE_API ON) +- endif() +- if(POPPLER_VERSION VERSION_GREATER "0.29.0" OR +- POPPLER_VERSION VERSION_EQUAL "0.29.0") +- set(POPPLER_EVEN_NEWER_NEW_COLOR_SPACE_API ON) +- endif() +- if(POPPLER_VERSION VERSION_GREATER "0.58.0" OR +- POPPLER_VERSION VERSION_EQUAL "0.58.0") +- set(POPPLER_NEW_OBJECT_API ON) +- endif() + else() + set(ENABLE_POPPLER_CAIRO OFF) + endif() +diff --git a/src/extension/internal/pdfinput/pdf-input.cpp b/src/extension/internal/pdfinput/pdf-input.cpp +--- a/src/extension/internal/pdfinput/pdf-input.cpp ++++ b/src/extension/internal/pdfinput/pdf-input.cpp +@@ -793,7 +793,7 @@ PdfInput::open(::Inkscape::Extension::Input * /*mod*/, const gchar * uri) { + dlg->getImportSettings(prefs); + + // Apply crop settings +- PDFRectangle *clipToBox = NULL; ++ _POPPLER_CONST PDFRectangle *clipToBox = NULL; + double crop_setting; + sp_repr_get_double(prefs, "cropTo", &crop_setting); + +diff --git a/src/extension/internal/pdfinput/pdf-input.h b/src/extension/internal/pdfinput/pdf-input.h +--- a/src/extension/internal/pdfinput/pdf-input.h ++++ b/src/extension/internal/pdfinput/pdf-input.h +@@ -15,6 +15,7 @@ + #endif + + #ifdef HAVE_POPPLER ++#include "poppler-transition-api.h" + + #include <gtkmm/dialog.h> + +diff --git a/src/extension/internal/pdfinput/pdf-parser.cpp b/src/extension/internal/pdfinput/pdf-parser.cpp +--- a/src/extension/internal/pdfinput/pdf-parser.cpp ++++ b/src/extension/internal/pdfinput/pdf-parser.cpp +@@ -36,6 +36,7 @@ extern "C" { + #include "pdf-parser.h" + #include "util/units.h" + ++#include "glib/poppler-features.h" + #include "goo/gmem.h" + #include "goo/GooString.h" + #include "GlobalParams.h" +@@ -294,8 +295,8 @@ PdfParser::PdfParser(XRef *xrefA, + int /*pageNum*/, + int rotate, + Dict *resDict, +- PDFRectangle *box, +- PDFRectangle *cropBox) : ++ _POPPLER_CONST PDFRectangle *box, ++ _POPPLER_CONST PDFRectangle *cropBox) : + xref(xrefA), + builder(builderA), + subPage(gFalse), +@@ -317,7 +318,7 @@ PdfParser::PdfParser(XRef *xrefA, + builder->setDocumentSize(Inkscape::Util::Quantity::convert(state->getPageWidth(), "pt", "px"), + Inkscape::Util::Quantity::convert(state->getPageHeight(), "pt", "px")); + +- double *ctm = state->getCTM(); ++ const double *ctm = state->getCTM(); + double scaledCTM[6]; + for (int i = 0; i < 6; ++i) { + baseMatrix[i] = ctm[i]; +@@ -352,7 +353,7 @@ PdfParser::PdfParser(XRef *xrefA, + PdfParser::PdfParser(XRef *xrefA, + Inkscape::Extension::Internal::SvgBuilder *builderA, + Dict *resDict, +- PDFRectangle *box) : ++ _POPPLER_CONST PDFRectangle *box) : + xref(xrefA), + builder(builderA), + subPage(gTrue), +@@ -571,7 +572,7 @@ const char *PdfParser::getPreviousOperator(unsigned int look_back) { + + void PdfParser::execOp(Object *cmd, Object args[], int numArgs) { + PdfOperator *op; +- char *name; ++ const char *name; + Object *argPtr; + int i; + +@@ -619,7 +620,7 @@ void PdfParser::execOp(Object *cmd, Object args[], int numArgs) { + (this->*op->func)(argPtr, numArgs); + } + +-PdfOperator* PdfParser::findOp(char *name) { ++PdfOperator* PdfParser::findOp(const char *name) { + int a = -1; + int b = numOps; + int cmp = -1; +@@ -1751,7 +1752,7 @@ void PdfParser::doShadingPatternFillFallback(GfxShadingPattern *sPat, + GBool stroke, GBool eoFill) { + GfxShading *shading; + GfxPath *savedPath; +- double *ctm, *btm, *ptm; ++ const double *ctm, *btm, *ptm; + double m[6], ictm[6], m1[6]; + double xMin, yMin, xMax, yMax; + double det; +@@ -1993,7 +1994,7 @@ void PdfParser::doFunctionShFill1(GfxFunctionShading *shading, + GfxColor color0M, color1M, colorM0, colorM1, colorMM; + GfxColor colors2[4]; + double functionColorDelta = colorDeltas[pdfFunctionShading-1]; +- double *matrix; ++ const double *matrix; + double xM, yM; + int nComps, i, j; + +@@ -2173,7 +2174,7 @@ void PdfParser::doPatchMeshShFill(GfxPatchMeshShading *shading) { + } + } + +-void PdfParser::fillPatch(GfxPatch *patch, int nComps, int depth) { ++void PdfParser::fillPatch(_POPPLER_CONST GfxPatch *patch, int nComps, int depth) { + GfxPatch patch00 = blankPatch(); + GfxPatch patch01 = blankPatch(); + GfxPatch patch10 = blankPatch(); +@@ -2581,7 +2582,11 @@ void PdfParser::opShowSpaceText(Object args[], int /*numArgs*/) + } + } + ++#if POPPLER_CHECK_VERSION(0,64,0) + void PdfParser::doShowText(const GooString *s) { ++#else ++void PdfParser::doShowText(GooString *s) { ++#endif + GfxFont *font; + int wMode; + double riseX, riseY; +@@ -2590,11 +2595,15 @@ void PdfParser::doShowText(const GooString *s) { + double x, y, dx, dy, tdx, tdy; + double originX, originY, tOriginX, tOriginY; + double oldCTM[6], newCTM[6]; +- double *mat; ++ const double *mat; + Object charProc; + Dict *resDict; + Parser *oldParser; ++#if POPPLER_CHECK_VERSION(0,64,0) ++ const char *p; ++#else + char *p; ++#endif + int len, n, uLen; + + font = state->getFont(); +@@ -2630,7 +2639,7 @@ void PdfParser::doShowText(const GooString *s) { + double lineX = state->getLineX(); + double lineY = state->getLineY(); + oldParser = parser; +- p = g_strdup(s->getCString()); ++ p = s->getCString(); + len = s->getLength(); + while (len > 0) { + n = font->getNextChar(p, len, &code, +@@ -2685,7 +2694,7 @@ void PdfParser::doShowText(const GooString *s) { + + } else { + state->textTransformDelta(0, state->getRise(), &riseX, &riseY); +- p = g_strdup(s->getCString()); ++ p = s->getCString(); + len = s->getLength(); + while (len > 0) { + n = font->getNextChar(p, len, &code, +@@ -2731,7 +2740,11 @@ void PdfParser::opXObject(Object args[], int /*numArgs*/) + { + Object obj1, obj2, obj3, refObj; + +- char *name = g_strdup(args[0].getName()); ++#if POPPLER_CHECK_VERSION(0,64,0) ++ const char *name = args[0].getName(); ++#else ++ char *name = args[0].getName(); ++#endif + #if defined(POPPLER_NEW_OBJECT_API) + if ((obj1 = res->lookupXObject(name)).isNull()) { + #else +@@ -3656,7 +3669,6 @@ void PdfParser::opBeginImage(Object /*args*/[], int /*numArgs*/) + Stream *PdfParser::buildImageStream() { + Object dict; + Object obj; +- char *key; + Stream *str; + + // build dictionary +@@ -3674,26 +3686,17 @@ Stream *PdfParser::buildImageStream() { + obj.free(); + #endif + } else { +- key = copyString(obj.getName()); +-#if defined(POPPLER_NEW_OBJECT_API) +- obj = parser->getObj(); +-#else +- obj.free(); +- parser->getObj(&obj); +-#endif +- if (obj.isEOF() || obj.isError()) { +- gfree(key); ++ Object obj2; ++ _POPPLER_CALL(obj2, parser->getObj); ++ if (obj2.isEOF() || obj2.isError()) { ++ _POPPLER_FREE(obj); + break; + } +-#if defined(POPPLER_NEW_OBJECT_API) +- dict.dictAdd(key, std::move(obj)); +- } +- obj = parser->getObj(); +-#else +- dict.dictAdd(key, &obj); ++ _POPPLER_DICTADD(dict, obj.getName(), obj2); ++ _POPPLER_FREE(obj); ++ _POPPLER_FREE(obj2); + } +- parser->getObj(&obj); +-#endif ++ _POPPLER_CALL(obj, parser->getObj); + } + if (obj.isEOF()) { + error(errSyntaxError, getPos(), "End of file in inline image"); +diff --git a/src/extension/internal/pdfinput/pdf-parser.h b/src/extension/internal/pdfinput/pdf-parser.h +--- a/src/extension/internal/pdfinput/pdf-parser.h ++++ b/src/extension/internal/pdfinput/pdf-parser.h +@@ -9,6 +9,7 @@ + #define PDF_PARSER_H + + #ifdef HAVE_POPPLER ++#include "poppler-transition-api.h" + + #ifdef USE_GCC_PRAGMAS + #pragma interface +@@ -25,6 +26,7 @@ namespace Inkscape { + // TODO clean up and remove using: + using Inkscape::Extension::Internal::SvgBuilder; + ++#include "glib/poppler-features.h" + #include "goo/gtypes.h" + #include "Object.h" + +@@ -127,11 +129,14 @@ public: + + // Constructor for regular output. + PdfParser(XRef *xrefA, SvgBuilder *builderA, int pageNum, int rotate, +- Dict *resDict, PDFRectangle *box, PDFRectangle *cropBox); ++ Dict *resDict, ++ _POPPLER_CONST PDFRectangle *box, ++ _POPPLER_CONST PDFRectangle *cropBox); + + // Constructor for a sub-page object. + PdfParser(XRef *xrefA, Inkscape::Extension::Internal::SvgBuilder *builderA, +- Dict *resDict, PDFRectangle *box); ++ Dict *resDict, ++ _POPPLER_CONST PDFRectangle *box); + + virtual ~PdfParser(); + +@@ -185,7 +190,7 @@ private: + + void go(GBool topLevel); + void execOp(Object *cmd, Object args[], int numArgs); +- PdfOperator *findOp(char *name); ++ PdfOperator *findOp(const char *name); + GBool checkArg(Object *arg, TchkType type); + int getPos(); + +@@ -256,7 +261,7 @@ private: + double x2, double y2, GfxColor *color2, + int nComps, int depth); + void doPatchMeshShFill(GfxPatchMeshShading *shading); +- void fillPatch(GfxPatch *patch, int nComps, int depth); ++ void fillPatch(_POPPLER_CONST GfxPatch *patch, int nComps, int depth); + void doEndPath(); + + // path clipping operators +@@ -287,7 +292,12 @@ private: + void opMoveShowText(Object args[], int numArgs); + void opMoveSetShowText(Object args[], int numArgs); + void opShowSpaceText(Object args[], int numArgs); ++#if POPPLER_CHECK_VERSION(0,64,0) + void doShowText(const GooString *s); ++#else ++ void doShowText(GooString *s); ++#endif ++ + + // XObject operators + void opXObject(Object args[], int numArgs); +diff --git a/src/extension/internal/pdfinput/poppler-transition-api.h b/src/extension/internal/pdfinput/poppler-transition-api.h +new file mode 100644 +--- /dev/null ++++ b/src/extension/internal/pdfinput/poppler-transition-api.h +@@ -0,0 +1,39 @@ ++#ifndef SEEN_POPPLER_TRANSITION_API_H ++#define SEEN_POPPLER_TRANSITION_API_H ++ ++#include <glib/poppler-features.h> ++ ++#if POPPLER_CHECK_VERSION(0,70,0) ++#define _POPPLER_CONST const ++#else ++#define _POPPLER_CONST ++#endif ++ ++#if POPPLER_CHECK_VERSION(0,69,0) ++#define _POPPLER_DICTADD(dict, key, obj) (dict).dictAdd(key, std::move(obj)) ++#elif POPPLER_CHECK_VERSION(0,58,0) ++#define _POPPLER_DICTADD(dict, key, obj) (dict).dictAdd(copyString(key), std::move(obj)) ++#else ++#define _POPPLER_DICTADD(dict, key, obj) (dict).dictAdd(copyString(key), &obj) ++#endif ++ ++#if POPPLER_CHECK_VERSION(0,58,0) ++#define POPPLER_NEW_OBJECT_API ++#define _POPPLER_FREE(obj) ++#define _POPPLER_CALL(ret, func) (ret = func()) ++#define _POPPLER_CALL_ARGS(ret, func, ...) (ret = func(__VA_ARGS__)) ++#else ++#define _POPPLER_FREE(obj) (obj).free() ++#define _POPPLER_CALL(ret, func) (*func(&ret)) ++#define _POPPLER_CALL_ARGS(ret, func, ...) (*func(__VA_ARGS__, &ret)) ++#endif ++ ++#if POPPLER_CHECK_VERSION(0, 29, 0) ++#define POPPLER_EVEN_NEWER_NEW_COLOR_SPACE_API ++#endif ++ ++#if POPPLER_CHECK_VERSION(0, 25, 0) ++#define POPPLER_EVEN_NEWER_COLOR_SPACE_API ++#endif ++ ++#endif +diff --git a/src/extension/internal/pdfinput/svg-builder.cpp b/src/extension/internal/pdfinput/svg-builder.cpp +--- a/src/extension/internal/pdfinput/svg-builder.cpp ++++ b/src/extension/internal/pdfinput/svg-builder.cpp +@@ -625,7 +625,7 @@ gchar *SvgBuilder::_createPattern(GfxPattern *pattern, GfxState *state, bool is_ + if ( pattern != NULL ) { + if ( pattern->getType() == 2 ) { // Shading pattern + GfxShadingPattern *shading_pattern = static_cast<GfxShadingPattern *>(pattern); +- double *ptm; ++ const double *ptm; + double m[6] = {1, 0, 0, 1, 0, 0}; + double det; + +@@ -672,7 +672,7 @@ gchar *SvgBuilder::_createTilingPattern(GfxTilingPattern *tiling_pattern, + + Inkscape::XML::Node *pattern_node = _xml_doc->createElement("svg:pattern"); + // Set pattern transform matrix +- double *p2u = tiling_pattern->getMatrix(); ++ const double *p2u = tiling_pattern->getMatrix(); + double m[6] = {1, 0, 0, 1, 0, 0}; + double det; + det = _ttm[0] * _ttm[3] - _ttm[1] * _ttm[2]; // see LP Bug 1168908 +@@ -698,7 +698,7 @@ gchar *SvgBuilder::_createTilingPattern(GfxTilingPattern *tiling_pattern, + pattern_node->setAttribute("patternUnits", "userSpaceOnUse"); + // Set pattern tiling + // FIXME: don't ignore XStep and YStep +- double *bbox = tiling_pattern->getBBox(); ++ const double *bbox = tiling_pattern->getBBox(); + sp_repr_set_svg_double(pattern_node, "x", 0.0); + sp_repr_set_svg_double(pattern_node, "y", 0.0); + sp_repr_set_svg_double(pattern_node, "width", bbox[2] - bbox[0]); +@@ -751,7 +751,7 @@ gchar *SvgBuilder::_createTilingPattern(GfxTilingPattern *tiling_pattern, + */ + gchar *SvgBuilder::_createGradient(GfxShading *shading, double *matrix, bool for_shading) { + Inkscape::XML::Node *gradient; +- Function *func; ++ _POPPLER_CONST Function *func; + int num_funcs; + bool extend0, extend1; + +@@ -865,7 +865,7 @@ static bool svgGetShadingColorRGB(GfxShading *shading, double offset, GfxRGB *re + + #define INT_EPSILON 8 + bool SvgBuilder::_addGradientStops(Inkscape::XML::Node *gradient, GfxShading *shading, +- Function *func) { ++ _POPPLER_CONST Function *func) { + int type = func->getType(); + if ( type == 0 || type == 2 ) { // Sampled or exponential function + GfxRGB stop1, stop2; +@@ -877,9 +877,9 @@ bool SvgBuilder::_addGradientStops(Inkscape::XML::Node *gradient, GfxShading *sh + _addStopToGradient(gradient, 1.0, &stop2, 1.0); + } + } else if ( type == 3 ) { // Stitching +- StitchingFunction *stitchingFunc = static_cast<StitchingFunction*>(func); +- double *bounds = stitchingFunc->getBounds(); +- double *encode = stitchingFunc->getEncode(); ++ auto stitchingFunc = static_cast<_POPPLER_CONST StitchingFunction*>(func); ++ const double *bounds = stitchingFunc->getBounds(); ++ const double *encode = stitchingFunc->getEncode(); + int num_funcs = stitchingFunc->getNumFuncs(); + + // Add stops from all the stitched functions +@@ -890,7 +890,7 @@ bool SvgBuilder::_addGradientStops(Inkscape::XML::Node *gradient, GfxShading *sh + svgGetShadingColorRGB(shading, bounds[i + 1], &color); + // Add stops + if (stitchingFunc->getFunc(i)->getType() == 2) { // process exponential fxn +- double expE = (static_cast<ExponentialFunction*>(stitchingFunc->getFunc(i)))->getE(); ++ double expE = (static_cast<_POPPLER_CONST ExponentialFunction*>(stitchingFunc->getFunc(i)))->getE(); + if (expE > 1.0) { + expE = (bounds[i + 1] - bounds[i])/expE; // approximate exponential as a single straight line at x=1 + if (encode[2*i] == 0) { // normal sequence +@@ -1020,9 +1020,9 @@ void SvgBuilder::updateFont(GfxState *state) { + GfxFont *font = state->getFont(); + // Store original name + if (font->getName()) { +- _font_specification = g_strdup(font->getName()->getCString()); ++ _font_specification = font->getName()->getCString(); + } else { +- _font_specification = (char*) "Arial"; ++ _font_specification = "Arial"; + } + + // Prune the font name to get the correct font family name +@@ -1030,7 +1030,7 @@ void SvgBuilder::updateFont(GfxState *state) { + char *font_family = NULL; + char *font_style = NULL; + char *font_style_lowercase = NULL; +- char *plus_sign = strstr(_font_specification, "+"); ++ const char *plus_sign = strstr(_font_specification, "+"); + if (plus_sign) { + font_family = g_strdup(plus_sign + 1); + _font_specification = plus_sign + 1; +@@ -1148,7 +1148,7 @@ void SvgBuilder::updateFont(GfxState *state) { + Inkscape::CSSOStringStream os_font_size; + double css_font_size = _font_scaling * state->getFontSize(); + if ( font->getType() == fontType3 ) { +- double *font_matrix = font->getFontMatrix(); ++ const double *font_matrix = font->getFontMatrix(); + if ( font_matrix[0] != 0.0 ) { + css_font_size *= font_matrix[3] / font_matrix[0]; + } +@@ -1193,7 +1193,7 @@ void SvgBuilder::updateTextPosition(double tx, double ty) { + void SvgBuilder::updateTextMatrix(GfxState *state) { + _flushText(); + // Update text matrix +- double *text_matrix = state->getTextMat(); ++ const double *text_matrix = state->getTextMat(); + double w_scale = sqrt( text_matrix[0] * text_matrix[0] + text_matrix[2] * text_matrix[2] ); + double h_scale = sqrt( text_matrix[1] * text_matrix[1] + text_matrix[3] * text_matrix[3] ); + double max_scale; +diff --git a/src/extension/internal/pdfinput/svg-builder.h b/src/extension/internal/pdfinput/svg-builder.h +--- a/src/extension/internal/pdfinput/svg-builder.h ++++ b/src/extension/internal/pdfinput/svg-builder.h +@@ -15,6 +15,7 @@ + #endif + + #ifdef HAVE_POPPLER ++#include "poppler-transition-api.h" + + class SPDocument; + namespace Inkscape { +@@ -80,7 +81,7 @@ struct SvgGlyph { + bool style_changed; // Set to true if style has to be reset + SPCSSAttr *style; + int render_mode; // Text render mode +- char *font_specification; // Pointer to current font specification ++ const char *font_specification; // Pointer to current font specification + }; + + /** +@@ -174,7 +175,7 @@ private: + void _addStopToGradient(Inkscape::XML::Node *gradient, double offset, + GfxRGB *color, double opacity); + bool _addGradientStops(Inkscape::XML::Node *gradient, GfxShading *shading, +- Function *func); ++ _POPPLER_CONST Function *func); + gchar *_createTilingPattern(GfxTilingPattern *tiling_pattern, GfxState *state, + bool is_stroke=false); + // Image/mask creation +@@ -202,7 +203,7 @@ private: + + SPCSSAttr *_font_style; // Current font style + GfxFont *_current_font; +- char *_font_specification; ++ const char *_font_specification; + double _font_scaling; + bool _need_font_update; + Geom::Affine _text_matrix; diff --git a/gnu/packages/patches/json-glib-fix-tests-32bit.patch b/gnu/packages/patches/json-glib-fix-tests-32bit.patch deleted file mode 100644 index 77ea134915..0000000000 --- a/gnu/packages/patches/json-glib-fix-tests-32bit.patch +++ /dev/null @@ -1,174 +0,0 @@ -Fix floating point issues on 32-bit platforms: - -https://gitlab.gnome.org/GNOME/json-glib/issues/27 - -This is an amalgamation of the following upstream commits: -https://gitlab.gnome.org/GNOME/json-glib/commit/70e2648e02232c1a439a7418388f18fee9afb3fe -https://gitlab.gnome.org/GNOME/json-glib/commit/675e27505776a1d77fa1ffd1974284890caec1f4 - -diff --git a/json-glib/tests/json-test-utils.h b/json-glib/tests/json-test-utils.h -new file mode 100644 -index 0000000..83a02c6 ---- /dev/null -+++ b/json-glib/tests/json-test-utils.h -@@ -0,0 +1,21 @@ -+#include <string.h> -+#include <math.h> -+#include <float.h> -+#include <glib.h> -+#include <json-glib/json-glib.h> -+ -+#define json_fuzzy_equals(n1,n2,epsilon) \ -+ (((n1) > (n2) ? ((n1) - (n2)) : ((n2) - (n1))) < (epsilon)) -+ -+#define json_assert_fuzzy_equals(n1,n2,epsilon) \ -+ G_STMT_START { \ -+ double __n1 = (n1), __n2 = (n2), __epsilon = (epsilon); \ -+ if (json_fuzzy_equals (__n1, __n2, __epsilon)) ; else { \ -+ g_assertion_message_cmpnum (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, \ -+ #n1 " == " #n2 " (+/- " #epsilon ")", \ -+ __n1, "==", __n2, 'f'); \ -+ } \ -+ } G_STMT_END -+ -+#define json_assert_almost_equals(n1,n2) \ -+ json_assert_fuzzy_equals (n1, n2, DBL_EPSILON) -diff --git a/json-glib/tests/array.c b/json-glib/tests/array.c -index 98afeab..426cd72 100644 ---- a/json-glib/tests/array.c -+++ b/json-glib/tests/array.c -@@ -1,9 +1,4 @@ --#include <stdio.h> --#include <stdlib.h> --#include <string.h> -- --#include <glib.h> --#include <json-glib/json-glib.h> -+#include "json-test-utils.h" - - static void - test_empty_array (void) -@@ -37,7 +32,7 @@ test_add_element (void) - - json_array_add_double_element (array, 3.14); - g_assert_cmpint (json_array_get_length (array), ==, 3); -- g_assert_cmpfloat (json_array_get_double_element (array, 2), ==, 3.14); -+ json_assert_fuzzy_equals (json_array_get_double_element (array, 2), 3.14, 0.001); - - json_array_add_boolean_element (array, TRUE); - g_assert_cmpint (json_array_get_length (array), ==, 4); -diff --git a/json-glib/tests/node.c b/json-glib/tests/node.c -index 23bda63..80beb78 100644 ---- a/json-glib/tests/node.c -+++ b/json-glib/tests/node.c -@@ -1,6 +1,4 @@ --#include <glib.h> --#include <json-glib/json-glib.h> --#include <string.h> -+#include "json-test-utils.h" - - static void - test_init_int (void) -@@ -19,7 +17,7 @@ test_init_double (void) - JsonNode *node = json_node_new (JSON_NODE_VALUE); - - json_node_set_double (node, 3.14159); -- g_assert_cmpfloat (json_node_get_double (node), ==, 3.14159); -+ json_assert_fuzzy_equals (json_node_get_double (node), 3.14159, 0.00001); - - json_node_free (node); - } -@@ -119,13 +117,13 @@ test_get_int (void) - - json_node_set_int (node, 0); - g_assert_cmpint (json_node_get_int (node), ==, 0); -- g_assert_cmpfloat (json_node_get_double (node), ==, 0.0); -+ json_assert_almost_equals (json_node_get_double (node), 0.0); - g_assert (!json_node_get_boolean (node)); - g_assert (!json_node_is_null (node)); - - json_node_set_int (node, 42); - g_assert_cmpint (json_node_get_int (node), ==, 42); -- g_assert_cmpfloat (json_node_get_double (node), ==, 42.0); -+ json_assert_almost_equals (json_node_get_double (node), 42.0); - g_assert (json_node_get_boolean (node)); - g_assert (!json_node_is_null (node)); - -@@ -138,7 +136,7 @@ test_get_double (void) - JsonNode *node = json_node_new (JSON_NODE_VALUE); - - json_node_set_double (node, 3.14); -- g_assert_cmpfloat (json_node_get_double (node), ==, 3.14); -+ json_assert_fuzzy_equals (json_node_get_double (node), 3.14, 0.001); - g_assert_cmpint (json_node_get_int (node), ==, 3); - g_assert (json_node_get_boolean (node)); - -@@ -232,9 +230,9 @@ test_gvalue_autopromotion (void) - g_print ("Expecting a gdouble, got a %s\n", g_type_name (G_VALUE_TYPE (&check))); - - g_assert_cmpint (G_VALUE_TYPE (&check), ==, G_TYPE_DOUBLE); -- g_assert_cmpfloat ((float) g_value_get_double (&check), ==, 3.14159f); -+ json_assert_fuzzy_equals (g_value_get_double (&check), 3.14159, 0.00001); - g_assert_cmpint (G_VALUE_TYPE (&value), !=, G_VALUE_TYPE (&check)); -- g_assert_cmpfloat ((gdouble) g_value_get_float (&value), ==, g_value_get_double (&check)); -+ json_assert_almost_equals (g_value_get_float (&value), g_value_get_double (&check)); - - g_value_unset (&value); - g_value_unset (&check); -diff --git a/json-glib/tests/parser.c b/json-glib/tests/parser.c -index f71584a..8c52a1d 100644 ---- a/json-glib/tests/parser.c -+++ b/json-glib/tests/parser.c -@@ -1,11 +1,5 @@ --#include "config.h" -- -+#include "json-test-utils.h" - #include <stdlib.h> --#include <stdio.h> -- --#include <glib.h> -- --#include <json-glib/json-glib.h> - - static const gchar *test_empty_string = ""; - static const gchar *test_empty_array_string = "[ ]"; -@@ -38,13 +32,13 @@ verify_string_value (JsonNode *node) - static void - verify_double_value (JsonNode *node) - { -- g_assert_cmpfloat (10.2e3, ==, json_node_get_double (node)); -+ json_assert_fuzzy_equals (10.2e3, json_node_get_double (node), 0.1); - } - - static void - verify_negative_double_value (JsonNode *node) - { -- g_assert_cmpfloat (-3.14, ==, json_node_get_double (node)); -+ json_assert_fuzzy_equals (-3.14, json_node_get_double (node), 0.01); - } - - static const struct { -diff --git a/json-glib/tests/reader.c b/json-glib/tests/reader.c -index 43a6aac..9bab312 100644 ---- a/json-glib/tests/reader.c -+++ b/json-glib/tests/reader.c -@@ -1,9 +1,4 @@ --#include <stdlib.h> --#include <stdio.h> -- --#include <glib.h> -- --#include <json-glib/json-glib.h> -+#include "json-test-utils.h" - - static const gchar *test_base_array_data = - "[ 0, true, null, \"foo\", 3.14, [ false ], { \"bar\" : 42 } ]"; -@@ -78,7 +73,7 @@ test_base_object (void) - g_assert (json_reader_get_error (reader) == NULL); - - json_reader_read_member (reader, "double"); -- g_assert_cmpfloat (json_reader_get_double_value (reader), ==, 42.47); -+ json_assert_fuzzy_equals (json_reader_get_double_value (reader), 42.47, 0.01); - json_reader_end_element (reader); - - g_object_unref (reader); diff --git a/gnu/packages/patches/libtiff-CVE-2017-18013.patch b/gnu/packages/patches/libtiff-CVE-2017-18013.patch deleted file mode 100644 index ba03c83847..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-18013.patch +++ /dev/null @@ -1,45 +0,0 @@ -Fix CVE-2017-18013: - -http://bugzilla.maptools.org/show_bug.cgi?id=2770 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013 - -Patch copied from upstream source repository: - -https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 - -From c6f41df7b581402dfba3c19a1e3df4454c551a01 Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Sun, 31 Dec 2017 15:09:41 +0100 -Subject: [PATCH] libtiff/tif_print.c: TIFFPrintDirectory(): fix null pointer - dereference on corrupted file. Fixes - http://bugzilla.maptools.org/show_bug.cgi?id=2770 - ---- - libtiff/tif_print.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c -index 9959d353..8deceb2b 100644 ---- a/libtiff/tif_print.c -+++ b/libtiff/tif_print.c -@@ -665,13 +665,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - fprintf(fd, " %3lu: [%8I64u, %8I64u]\n", - (unsigned long) s, -- (unsigned __int64) td->td_stripoffset[s], -- (unsigned __int64) td->td_stripbytecount[s]); -+ td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0, -+ td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0); - #else - fprintf(fd, " %3lu: [%8llu, %8llu]\n", - (unsigned long) s, -- (unsigned long long) td->td_stripoffset[s], -- (unsigned long long) td->td_stripbytecount[s]); -+ td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0, -+ td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0); - #endif - } - } --- -2.16.1 - diff --git a/gnu/packages/patches/libtiff-CVE-2017-9935.patch b/gnu/packages/patches/libtiff-CVE-2017-9935.patch deleted file mode 100644 index 5685d81f68..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-9935.patch +++ /dev/null @@ -1,162 +0,0 @@ -Fix CVE-2017-9935 - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935 -http://bugzilla.maptools.org/show_bug.cgi?id=2704 - -Patch copied from upstream source repository: - -https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940 - -From 3dd8f6a357981a4090f126ab9025056c938b6940 Mon Sep 17 00:00:00 2001 -From: Brian May <brian@linuxpenguins.xyz> -Date: Thu, 7 Dec 2017 07:46:47 +1100 -Subject: [PATCH] tiff2pdf: Fix CVE-2017-9935 - -Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704 - -This vulnerability - at least for the supplied test case - is because we -assume that a tiff will only have one transfer function that is the same -for all pages. This is not required by the TIFF standards. - -We than read the transfer function for every page. Depending on the -transfer function, we allocate either 2 or 4 bytes to the XREF buffer. -We allocate this memory after we read in the transfer function for the -page. - -For the first exploit - POC1, this file has 3 pages. For the first page -we allocate 2 extra extra XREF entries. Then for the next page 2 more -entries. Then for the last page the transfer function changes and we -allocate 4 more entries. - -When we read the file into memory, we assume we have 4 bytes extra for -each and every page (as per the last transfer function we read). Which -is not correct, we only have 2 bytes extra for the first 2 pages. As a -result, we end up writing past the end of the buffer. - -There are also some related issues that this also fixes. For example, -TIFFGetField can return uninitalized pointer values, and the logic to -detect a N=3 vs N=1 transfer function seemed rather strange. - -It is also strange that we declare the transfer functions to be of type -float, when the standard says they are unsigned 16 bit values. This is -fixed in another patch. - -This patch will check to ensure that the N value for every transfer -function is the same for every page. If this changes, we abort with an -error. In theory, we should perhaps check that the transfer function -itself is identical for every page, however we don't do that due to the -confusion of the type of the data in the transfer function. ---- - libtiff/tif_dir.c | 3 +++ - tools/tiff2pdf.c | 65 +++++++++++++++++++++++++++++++++++++------------------ - 2 files changed, 47 insertions(+), 21 deletions(-) - -diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c -index 2ccaf448..cbf2b693 100644 ---- a/libtiff/tif_dir.c -+++ b/libtiff/tif_dir.c -@@ -1065,6 +1065,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) - if (td->td_samplesperpixel - td->td_extrasamples > 1) { - *va_arg(ap, uint16**) = td->td_transferfunction[1]; - *va_arg(ap, uint16**) = td->td_transferfunction[2]; -+ } else { -+ *va_arg(ap, uint16**) = NULL; -+ *va_arg(ap, uint16**) = NULL; - } - break; - case TIFFTAG_REFERENCEBLACKWHITE: -diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c -index d1a9b095..c3ec0746 100644 ---- a/tools/tiff2pdf.c -+++ b/tools/tiff2pdf.c -@@ -1047,6 +1047,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ - uint16 pagen=0; - uint16 paged=0; - uint16 xuint16=0; -+ uint16 tiff_transferfunctioncount=0; -+ float* tiff_transferfunction[3]; - - directorycount=TIFFNumberOfDirectories(input); - t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE))); -@@ -1147,26 +1149,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ - } - #endif - if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION, -- &(t2p->tiff_transferfunction[0]), -- &(t2p->tiff_transferfunction[1]), -- &(t2p->tiff_transferfunction[2]))) { -- if((t2p->tiff_transferfunction[1] != (float*) NULL) && -- (t2p->tiff_transferfunction[2] != (float*) NULL) && -- (t2p->tiff_transferfunction[1] != -- t2p->tiff_transferfunction[0])) { -- t2p->tiff_transferfunctioncount = 3; -- t2p->tiff_pages[i].page_extra += 4; -- t2p->pdf_xrefcount += 4; -- } else { -- t2p->tiff_transferfunctioncount = 1; -- t2p->tiff_pages[i].page_extra += 2; -- t2p->pdf_xrefcount += 2; -- } -- if(t2p->pdf_minorversion < 2) -- t2p->pdf_minorversion = 2; -+ &(tiff_transferfunction[0]), -+ &(tiff_transferfunction[1]), -+ &(tiff_transferfunction[2]))) { -+ -+ if((tiff_transferfunction[1] != (float*) NULL) && -+ (tiff_transferfunction[2] != (float*) NULL) -+ ) { -+ tiff_transferfunctioncount=3; -+ } else { -+ tiff_transferfunctioncount=1; -+ } - } else { -- t2p->tiff_transferfunctioncount=0; -+ tiff_transferfunctioncount=0; - } -+ -+ if (i > 0){ -+ if (tiff_transferfunctioncount != t2p->tiff_transferfunctioncount){ -+ TIFFError( -+ TIFF2PDF_MODULE, -+ "Different transfer function on page %d", -+ i); -+ t2p->t2p_error = T2P_ERR_ERROR; -+ return; -+ } -+ } -+ -+ t2p->tiff_transferfunctioncount = tiff_transferfunctioncount; -+ t2p->tiff_transferfunction[0] = tiff_transferfunction[0]; -+ t2p->tiff_transferfunction[1] = tiff_transferfunction[1]; -+ t2p->tiff_transferfunction[2] = tiff_transferfunction[2]; -+ if(tiff_transferfunctioncount == 3){ -+ t2p->tiff_pages[i].page_extra += 4; -+ t2p->pdf_xrefcount += 4; -+ if(t2p->pdf_minorversion < 2) -+ t2p->pdf_minorversion = 2; -+ } else if (tiff_transferfunctioncount == 1){ -+ t2p->tiff_pages[i].page_extra += 2; -+ t2p->pdf_xrefcount += 2; -+ if(t2p->pdf_minorversion < 2) -+ t2p->pdf_minorversion = 2; -+ } -+ - if( TIFFGetField( - input, - TIFFTAG_ICCPROFILE, -@@ -1828,9 +1852,8 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){ - &(t2p->tiff_transferfunction[1]), - &(t2p->tiff_transferfunction[2]))) { - if((t2p->tiff_transferfunction[1] != (float*) NULL) && -- (t2p->tiff_transferfunction[2] != (float*) NULL) && -- (t2p->tiff_transferfunction[1] != -- t2p->tiff_transferfunction[0])) { -+ (t2p->tiff_transferfunction[2] != (float*) NULL) -+ ) { - t2p->tiff_transferfunctioncount=3; - } else { - t2p->tiff_transferfunctioncount=1; --- -2.16.1 - diff --git a/gnu/packages/patches/libtiff-CVE-2018-10963.patch b/gnu/packages/patches/libtiff-CVE-2018-10963.patch deleted file mode 100644 index d31c12399d..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2018-10963.patch +++ /dev/null @@ -1,40 +0,0 @@ -Fix CVE-2018-10963: - -http://bugzilla.maptools.org/show_bug.cgi?id=2795 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963 - -Patch copied from upstream source repository: - -https://gitlab.com/libtiff/libtiff/commit/de144fd228e4be8aa484c3caf3d814b6fa88c6d9 - -From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Sat, 12 May 2018 14:24:15 +0200 -Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes - http://bugzilla.maptools.org/show_bug.cgi?id=2795. CVE-2018-10963 - ---- - libtiff/tif_dirwrite.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c -index 2430de6d..c15a28db 100644 ---- a/libtiff/tif_dirwrite.c -+++ b/libtiff/tif_dirwrite.c -@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) - } - break; - default: -- assert(0); /* we should never get here */ -- break; -+ TIFFErrorExt(tif->tif_clientdata,module, -+ "Cannot write tag %d (%s)", -+ TIFFFieldTag(o), -+ o->field_name ? o->field_name : "unknown"); -+ goto bad; - } - } - } --- -2.17.0 - diff --git a/gnu/packages/patches/libtiff-CVE-2018-8905.patch b/gnu/packages/patches/libtiff-CVE-2018-8905.patch deleted file mode 100644 index f49815789e..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2018-8905.patch +++ /dev/null @@ -1,61 +0,0 @@ -Fix CVE-2018-8095: - -http://bugzilla.maptools.org/show_bug.cgi?id=2780 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905 - -Patch copied from upstream source repository: - -https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d - -From 58a898cb4459055bb488ca815c23b880c242a27d Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Sat, 12 May 2018 15:32:31 +0200 -Subject: [PATCH] LZWDecodeCompat(): fix potential index-out-of-bounds write. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 / CVE-2018-8905 - -The fix consists in using the similar code LZWDecode() to validate we -don't write outside of the output buffer. ---- - libtiff/tif_lzw.c | 18 ++++++++++++------ - 1 file changed, 12 insertions(+), 6 deletions(-) - -diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c -index 4ccb443c..94d85e38 100644 ---- a/libtiff/tif_lzw.c -+++ b/libtiff/tif_lzw.c -@@ -602,6 +602,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s) - char *tp; - unsigned char *bp; - int code, nbits; -+ int len; - long nextbits, nextdata, nbitsmask; - code_t *codep, *free_entp, *maxcodep, *oldcodep; - -@@ -753,13 +754,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s) - } while (--occ); - break; - } -- assert(occ >= codep->length); -- op += codep->length; -- occ -= codep->length; -- tp = op; -+ len = codep->length; -+ tp = op + len; - do { -- *--tp = codep->value; -- } while( (codep = codep->next) != NULL ); -+ int t; -+ --tp; -+ t = codep->value; -+ codep = codep->next; -+ *tp = (char)t; -+ } while (codep && tp > op); -+ assert(occ >= len); -+ op += len; -+ occ -= len; - } else { - *op++ = (char)code; - occ--; --- -2.17.0 - diff --git a/gnu/packages/patches/pingus-boost-headers.patch b/gnu/packages/patches/pingus-boost-headers.patch new file mode 100644 index 0000000000..f820f5851c --- /dev/null +++ b/gnu/packages/patches/pingus-boost-headers.patch @@ -0,0 +1,379 @@ +https://github.com/Pingus/pingus/commit/fef8cf6512fa4aa09e87643c22ef66de9ec7bb41.patch + +From fef8cf6512fa4aa09e87643c22ef66de9ec7bb41 Mon Sep 17 00:00:00 2001 +From: Ingo Ruhnke <grumbel@gmail.com> +Date: Sat, 26 Jul 2014 20:49:11 +0200 +Subject: [PATCH] Switched to boost::signals2 + +--- + SConscript | 5 ++--- + src/editor/button.hpp | 4 ++-- + src/editor/checkbox.hpp | 4 ++-- + src/editor/combobox.hpp | 4 ++-- + src/editor/file_list.hpp | 4 ++-- + src/editor/inputbox.hpp | 6 +++--- + src/editor/message_box.hpp | 2 +- + src/editor/object_selector.cpp | 4 ++-- + src/editor/viewport.hpp | 4 ++-- + src/pingus/components/check_box.hpp | 4 ++-- + src/pingus/components/choice_box.hpp | 4 ++-- + src/pingus/components/slider_box.hpp | 4 ++-- + src/pingus/config_manager.hpp | 28 ++++++++++++++-------------- + src/pingus/screens/option_menu.hpp | 4 ++-- + 14 files changed, 40 insertions(+), 41 deletions(-) + +diff --git a/SConscript b/SConscript +index 758567f51..c4d25a8a9 100644 +--- a/SConscript ++++ b/SConscript +@@ -187,9 +187,8 @@ class Project: + 'src/engine/input/xinput/xinput_device.cpp']) + + def configure_boost(self): +- if not self.conf.CheckLibWithHeader('boost_signals', 'boost/signals.hpp', 'c++'): +- if not self.conf.CheckLibWithHeader('boost_signals-mt', 'boost/signals.hpp', 'c++'): +- self.fatal_error += " * library 'boost_signals' not found\n" ++ if not self.conf.CheckHeader('boost/signals2.hpp', '<>', 'c++'): ++ self.fatal_error += " * library 'boost_signals2' not found\n" + + def configure_png(self): + if self.conf.CheckMyProgram('pkg-config'): +diff --git a/src/editor/button.hpp b/src/editor/button.hpp +index c85d7da9e..d89dfe669 100644 +--- a/src/editor/button.hpp ++++ b/src/editor/button.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_EDITOR_BUTTON_HPP + #define HEADER_PINGUS_EDITOR_BUTTON_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/gui/rect_component.hpp" + +@@ -48,7 +48,7 @@ class Button : public GUI::RectComponent + void enable() { enabled = true; } + void disable() { enabled = false; } + +- boost::signal<void()> on_click; ++ boost::signals2::signal<void()> on_click; + + private: + Button (const Button&); +diff --git a/src/editor/checkbox.hpp b/src/editor/checkbox.hpp +index 7c3bc835f..66382d79b 100644 +--- a/src/editor/checkbox.hpp ++++ b/src/editor/checkbox.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_EDITOR_CHECKBOX_HPP + #define HEADER_PINGUS_EDITOR_CHECKBOX_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/gui/rect_component.hpp" + +@@ -40,7 +40,7 @@ class Checkbox : public GUI::RectComponent + bool is_checked() const { return checked; } + void on_primary_button_press(int x, int y); + +- boost::signal<void (bool)> on_change; ++ boost::signals2::signal<void (bool)> on_change; + + private: + Checkbox (const Checkbox&); +diff --git a/src/editor/combobox.hpp b/src/editor/combobox.hpp +index 0ca742593..603556bd9 100644 +--- a/src/editor/combobox.hpp ++++ b/src/editor/combobox.hpp +@@ -18,7 +18,7 @@ + #ifndef HEADER_PINGUS_EDITOR_COMBOBOX_HPP + #define HEADER_PINGUS_EDITOR_COMBOBOX_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/display/sprite.hpp" + #include "engine/gui/rect_component.hpp" +@@ -88,7 +88,7 @@ class Combobox : public GUI::RectComponent + + void update_layout() {} + +- boost::signal<void (const ComboItem&)> on_select; ++ boost::signals2::signal<void (const ComboItem&)> on_select; + + private: + Combobox(); +diff --git a/src/editor/file_list.hpp b/src/editor/file_list.hpp +index cc4bba2de..85efe6aa0 100644 +--- a/src/editor/file_list.hpp ++++ b/src/editor/file_list.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_EDITOR_FILE_LIST_HPP + #define HEADER_PINGUS_EDITOR_FILE_LIST_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/display/sprite.hpp" + #include "engine/gui/rect_component.hpp" +@@ -61,7 +61,7 @@ class FileList : public GUI::RectComponent + bool has_more_next_pages(); + bool has_more_prev_pages(); + +- boost::signal<void (const System::DirectoryEntry&)> on_click; ++ boost::signals2::signal<void (const System::DirectoryEntry&)> on_click; + + private: + int items_per_page(); +diff --git a/src/editor/inputbox.hpp b/src/editor/inputbox.hpp +index cad9663ec..87321dbba 100644 +--- a/src/editor/inputbox.hpp ++++ b/src/editor/inputbox.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_EDITOR_INPUTBOX_HPP + #define HEADER_PINGUS_EDITOR_INPUTBOX_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/gui/rect_component.hpp" + +@@ -40,8 +40,8 @@ class Inputbox : public GUI::RectComponent + + void update_layout() {} + +- boost::signal<void (const std::string&)> on_change; +- boost::signal<void (const std::string&)> on_enter; ++ boost::signals2::signal<void (const std::string&)> on_change; ++ boost::signals2::signal<void (const std::string&)> on_enter; + + private: + Inputbox (const Inputbox&); +diff --git a/src/editor/message_box.hpp b/src/editor/message_box.hpp +index 385387a61..d885767cf 100644 +--- a/src/editor/message_box.hpp ++++ b/src/editor/message_box.hpp +@@ -45,7 +45,7 @@ class MessageBox : public GUI::GroupComponent + void on_cancel_button(); + + public: +- boost::signal<void()> on_ok; ++ boost::signals2::signal<void()> on_ok; + + private: + MessageBox(const MessageBox&); +diff --git a/src/editor/object_selector.cpp b/src/editor/object_selector.cpp +index 28e306826..f3a36b5e8 100644 +--- a/src/editor/object_selector.cpp ++++ b/src/editor/object_selector.cpp +@@ -16,7 +16,7 @@ + + #include "editor/object_selector.hpp" + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "editor/generic_level_obj.hpp" + #include "editor/gui_style.hpp" +@@ -47,7 +47,7 @@ class ObjectSelectorButton : public GUI::RectComponent + std::string tooltip; + + public: +- boost::signal<void()> on_click; ++ boost::signals2::signal<void()> on_click; + + public: + ObjectSelectorButton(ObjectSelectorList* object_list_, +diff --git a/src/editor/viewport.hpp b/src/editor/viewport.hpp +index 1ae9eff7c..18868254d 100644 +--- a/src/editor/viewport.hpp ++++ b/src/editor/viewport.hpp +@@ -18,7 +18,7 @@ + #ifndef HEADER_PINGUS_EDITOR_VIEWPORT_HPP + #define HEADER_PINGUS_EDITOR_VIEWPORT_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + #include <set> + + #include "editor/selection.hpp" +@@ -148,7 +148,7 @@ class Viewport : public GUI::RectComponent + + void clear_selection(); + +- boost::signal<void (const Selection&)> selection_changed; ++ boost::signals2::signal<void (const Selection&)> selection_changed; + private: + Viewport(); + Viewport (const Viewport&); +diff --git a/src/pingus/components/check_box.hpp b/src/pingus/components/check_box.hpp +index 00e23b764..5bef50f6b 100644 +--- a/src/pingus/components/check_box.hpp ++++ b/src/pingus/components/check_box.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_PINGUS_COMPONENTS_CHECK_BOX_HPP + #define HEADER_PINGUS_PINGUS_COMPONENTS_CHECK_BOX_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/display/sprite.hpp" + #include "engine/gui/rect_component.hpp" +@@ -39,7 +39,7 @@ class CheckBox : public GUI::RectComponent + + void set_state(bool v, bool send_signal); + +- boost::signal<void (bool)> on_change; ++ boost::signals2::signal<void (bool)> on_change; + + private: + CheckBox (const CheckBox&); +diff --git a/src/pingus/components/choice_box.hpp b/src/pingus/components/choice_box.hpp +index 49d6e1948..ef51b6dd2 100644 +--- a/src/pingus/components/choice_box.hpp ++++ b/src/pingus/components/choice_box.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_PINGUS_COMPONENTS_CHOICE_BOX_HPP + #define HEADER_PINGUS_PINGUS_COMPONENTS_CHOICE_BOX_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/gui/rect_component.hpp" + +@@ -36,7 +36,7 @@ class ChoiceBox : public GUI::RectComponent + void add_choice(const std::string& str); + void set_current_choice(int choice); + +- boost::signal<void (std::string)> on_change; ++ boost::signals2::signal<void (std::string)> on_change; + + private: + ChoiceBox (const ChoiceBox&); +diff --git a/src/pingus/components/slider_box.hpp b/src/pingus/components/slider_box.hpp +index ae4d92406..75118eac2 100644 +--- a/src/pingus/components/slider_box.hpp ++++ b/src/pingus/components/slider_box.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_PINGUS_COMPONENTS_SLIDER_BOX_HPP + #define HEADER_PINGUS_PINGUS_COMPONENTS_SLIDER_BOX_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "engine/gui/rect_component.hpp" + +@@ -39,7 +39,7 @@ class SliderBox : public GUI::RectComponent + + void set_value(int v); + +- boost::signal<void (int)> on_change; ++ boost::signals2::signal<void (int)> on_change; + + private: + SliderBox (const SliderBox&); +diff --git a/src/pingus/config_manager.hpp b/src/pingus/config_manager.hpp +index b07b83e65..4cf08e046 100644 +--- a/src/pingus/config_manager.hpp ++++ b/src/pingus/config_manager.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_PINGUS_CONFIG_MANAGER_HPP + #define HEADER_PINGUS_PINGUS_CONFIG_MANAGER_HPP + +-#include <boost/signal.hpp> ++#include <boost/signals2.hpp> + + #include "math/size.hpp" + #include "pingus/options.hpp" +@@ -39,55 +39,55 @@ class ConfigManager + + void set_master_volume(int); + int get_master_volume() const; +- boost::signal<void(int)> on_master_volume_change; ++ boost::signals2::signal<void(int)> on_master_volume_change; + + void set_sound_volume(int); + int get_sound_volume() const; +- boost::signal<void(int)> on_sound_volume_change; ++ boost::signals2::signal<void(int)> on_sound_volume_change; + + void set_music_volume(int); + int get_music_volume() const; +- boost::signal<void(int)> on_music_volume_change; ++ boost::signals2::signal<void(int)> on_music_volume_change; + + void set_fullscreen_resolution(const Size& size); + Size get_fullscreen_resolution() const; +- boost::signal<void(Size)> on_fullscreen_resolution_change; ++ boost::signals2::signal<void(Size)> on_fullscreen_resolution_change; + + void set_fullscreen(bool); + bool get_fullscreen() const; +- boost::signal<void(bool)> on_fullscreen_change; ++ boost::signals2::signal<void(bool)> on_fullscreen_change; + + void set_renderer(FramebufferType type); + FramebufferType get_renderer() const; +- boost::signal<void(FramebufferType)> on_renderer_change; ++ boost::signals2::signal<void(FramebufferType)> on_renderer_change; + + void set_resizable(bool); + bool get_resizable() const; +- boost::signal<void(bool)> on_resizable_change; ++ boost::signals2::signal<void(bool)> on_resizable_change; + + void set_mouse_grab(bool); + bool get_mouse_grab() const; +- boost::signal<void(bool)> on_mouse_grab_change; ++ boost::signals2::signal<void(bool)> on_mouse_grab_change; + + void set_print_fps(bool); + bool get_print_fps() const; +- boost::signal<void(bool)> on_print_fps_change; ++ boost::signals2::signal<void(bool)> on_print_fps_change; + + void set_language(const tinygettext::Language&); + tinygettext::Language get_language() const; +- boost::signal<void(const tinygettext::Language&)> on_language_change; ++ boost::signals2::signal<void(const tinygettext::Language&)> on_language_change; + + void set_software_cursor(bool); + bool get_software_cursor() const; +- boost::signal<void(bool)> on_software_cursor_change; ++ boost::signals2::signal<void(bool)> on_software_cursor_change; + + void set_auto_scrolling(bool); + bool get_auto_scrolling() const; +- boost::signal<void(bool)> on_auto_scrolling_change; ++ boost::signals2::signal<void(bool)> on_auto_scrolling_change; + + void set_drag_drop_scrolling(bool); + bool get_drag_drop_scrolling() const; +- boost::signal<void(bool)> on_drag_drop_scrolling_change; ++ boost::signals2::signal<void(bool)> on_drag_drop_scrolling_change; + + private: + ConfigManager (const ConfigManager&); +diff --git a/src/pingus/screens/option_menu.hpp b/src/pingus/screens/option_menu.hpp +index 60b1578d2..154ef0f69 100644 +--- a/src/pingus/screens/option_menu.hpp ++++ b/src/pingus/screens/option_menu.hpp +@@ -17,7 +17,7 @@ + #ifndef HEADER_PINGUS_PINGUS_SCREENS_OPTION_MENU_HPP + #define HEADER_PINGUS_PINGUS_SCREENS_OPTION_MENU_HPP + +-#include <boost/signals.hpp> ++#include <boost/signals2.hpp> + #include <map> + #include <vector> + +@@ -66,7 +66,7 @@ class OptionMenu : public GUIScreen + //Label* defaults_label; + //CheckBox* defaults_box; + +- typedef std::vector<boost::signals::connection> Connections; ++ typedef std::vector<boost::signals2::connection> Connections; + Connections connections; + + tinygettext::Language m_language; diff --git a/gnu/packages/patches/poppler-CVE-2018-19149.patch b/gnu/packages/patches/poppler-CVE-2018-19149.patch deleted file mode 100644 index 3641f5f078..0000000000 --- a/gnu/packages/patches/poppler-CVE-2018-19149.patch +++ /dev/null @@ -1,80 +0,0 @@ -Fix CVE-2018-19149: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149 -https://gitlab.freedesktop.org/poppler/poppler/issues/664 - -Patch copied from upstream source repository: - -https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 - -From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001 -From: Marek Kasik <mkasik@redhat.com> -Date: Fri, 20 Apr 2018 11:38:13 +0200 -Subject: [PATCH] Fix crash on missing embedded file - -Check whether an embedded file is actually present in the PDF -and show warning in that case. - -https://bugs.freedesktop.org/show_bug.cgi?id=106137 -https://gitlab.freedesktop.org/poppler/poppler/issues/236 ---- - glib/poppler-attachment.cc | 26 +++++++++++++++++--------- - glib/poppler-document.cc | 3 ++- - 2 files changed, 19 insertions(+), 10 deletions(-) - -diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc -index c6502e9d..11ba5bb5 100644 ---- a/glib/poppler-attachment.cc -+++ b/glib/poppler-attachment.cc -@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file) - attachment->description = _poppler_goo_string_to_utf8 (emb_file->getDescription ()); - - embFile = emb_file->getEmbeddedFile(); -- attachment->size = embFile->size (); -+ if (embFile != NULL && embFile->streamObject()->isStream()) -+ { -+ attachment->size = embFile->size (); - -- if (embFile->createDate ()) -- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime); -- if (embFile->modDate ()) -- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime); -+ if (embFile->createDate ()) -+ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime); -+ if (embFile->modDate ()) -+ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime); - -- if (embFile->checksum () && embFile->checksum ()->getLength () > 0) -- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (), -- embFile->checksum ()->getLength ()); -- priv->obj_stream = embFile->streamObject()->copy(); -+ if (embFile->checksum () && embFile->checksum ()->getLength () > 0) -+ attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (), -+ embFile->checksum ()->getLength ()); -+ priv->obj_stream = embFile->streamObject()->copy(); -+ } -+ else -+ { -+ g_warning ("Missing stream object for embedded file"); -+ g_clear_object (&attachment); -+ } - - return attachment; - } -diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc -index 83f6aea6..ea319344 100644 ---- a/glib/poppler-document.cc -+++ b/glib/poppler-document.cc -@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument *document) - attachment = _poppler_attachment_new (emb_file); - delete emb_file; - -- retval = g_list_prepend (retval, attachment); -+ if (attachment != NULL) -+ retval = g_list_prepend (retval, attachment); - } - return g_list_reverse (retval); - } --- -2.19.1 - diff --git a/gnu/packages/patches/postgresql-disable-resolve_symlinks.patch b/gnu/packages/patches/postgresql-disable-resolve_symlinks.patch new file mode 100644 index 0000000000..97ef6928fe --- /dev/null +++ b/gnu/packages/patches/postgresql-disable-resolve_symlinks.patch @@ -0,0 +1,25 @@ +From 223c82d1d6ed1f29f26307249827ff679e09c780 Mon Sep 17 00:00:00 2001 +From: Julien Lepiller <julien@lepiller.eu> +Date: Sat, 28 Jul 2018 12:22:12 +0200 +Subject: [PATCH] disable resolve_symlink + +--- + src/common/exec.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/common/exec.c b/src/common/exec.c +index 878fc29..6b3e283 100644 +--- a/src/common/exec.c ++++ b/src/common/exec.c +@@ -218,6 +218,8 @@ find_my_exec(const char *argv0, char *retpath) + static int + resolve_symlinks(char *path) + { ++ // On GuixSD we *want* stuff relative to symlinks. ++ return 0; + #ifdef HAVE_READLINK + struct stat buf; + char orig_wd[MAXPGPATH], +-- +2.18.0 + diff --git a/gnu/packages/patches/sssd-curl-compat.patch b/gnu/packages/patches/sssd-curl-compat.patch new file mode 100644 index 0000000000..ecab737153 --- /dev/null +++ b/gnu/packages/patches/sssd-curl-compat.patch @@ -0,0 +1,18 @@ +Fix build with curl >= 7.62. Patch taken from upstream: + +https://pagure.io/SSSD/sssd/c/4d3841ca379afc01184453ba45ab3e75ffec60da?branch=sssd-1-16 + +diff --git a/src/util/tev_curl.c b/src/util/tev_curl.c +index 6a7a580..d70a429 100644 +--- a/src/util/tev_curl.c ++++ b/src/util/tev_curl.c +@@ -97,7 +97,9 @@ static errno_t curl_code2errno(CURLcode crv) + return ETIMEDOUT; + case CURLE_SSL_ISSUER_ERROR: + case CURLE_SSL_CACERT_BADFILE: ++#if LIBCURL_VERSION_NUM < 0x073e00 + case CURLE_SSL_CACERT: ++#endif + case CURLE_SSL_CERTPROBLEM: + return ERR_INVALID_CERT; + diff --git a/gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch new file mode 100644 index 0000000000..d8b9bf172a --- /dev/null +++ b/gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch @@ -0,0 +1,318 @@ +Fix LuaTeX compatibility with Poppler 0.72. + +Upstream LuaTeX have moved from Poppler to "pplib" and thus upstream +fixes are unavailable. This is based on Arch Linux patches, with minor +changes for Poppler 0.72: +https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/texlive-bin&id=f1b424435c8fa31d9296c7a6dc17f939a8332780 + +diff --git a/texk/web2c/luatexdir/image/pdftoepdf.w b/texk/web2c/luatexdir/image/pdftoepdf.w +--- a/texk/web2c/luatexdir/image/pdftoepdf.w ++++ b/texk/web2c/luatexdir/image/pdftoepdf.w +@@ -35,7 +35,7 @@ + + extern void md5(Guchar *msg, int msgLen, Guchar *digest); + +-static GBool isInit = gFalse; ++static bool isInit = false; + + /* Maintain AVL tree of all PDF files for embedding */ + +@@ -363,10 +363,10 @@ void copyReal(PDF pdf, double d) + + static void copyString(PDF pdf, GooString * string) + { +- char *p; ++ const char *p; + unsigned char c; + size_t i, l; +- p = string->getCString(); ++ p = string->c_str(); + l = (size_t) string->getLength(); + if (pdf->cave) + pdf_out(pdf, ' '); +@@ -393,7 +393,7 @@ static void copyString(PDF pdf, GooString * string) + pdf->cave = true; + } + +-static void copyName(PDF pdf, char *s) ++static void copyName(PDF pdf, const char *s) + { + pdf_out(pdf, '/'); + for (; *s != 0; s++) { +@@ -468,14 +468,14 @@ static void copyObject(PDF pdf, PdfDocument * pdf_doc, Object * obj) + break; + /* + case objNum: +- GBool isNum() { return type == objInt || type == objReal; } ++ bool isNum() { return type == objInt || type == objReal; } + break; + */ + case objString: + copyString(pdf, (GooString *)obj->getString()); + break; + case objName: +- copyName(pdf, (char *)obj->getName()); ++ copyName(pdf, obj->getName()); + break; + case objNull: + pdf_add_null(pdf); +@@ -531,22 +531,22 @@ static PDFRectangle *get_pagebox(Page * page, int pagebox_spec) + { + switch (pagebox_spec) { + case PDF_BOX_SPEC_MEDIA: +- return page->getMediaBox(); ++ return (PDFRectangle *) page->getMediaBox(); + break; + case PDF_BOX_SPEC_CROP: +- return page->getCropBox(); ++ return (PDFRectangle *) page->getCropBox(); + break; + case PDF_BOX_SPEC_BLEED: +- return page->getBleedBox(); ++ return (PDFRectangle *) page->getBleedBox(); + break; + case PDF_BOX_SPEC_TRIM: +- return page->getTrimBox(); ++ return (PDFRectangle *) page->getTrimBox(); + break; + case PDF_BOX_SPEC_ART: +- return page->getArtBox(); ++ return (PDFRectangle *) page->getArtBox(); + break; + default: +- return page->getMediaBox(); ++ return (PDFRectangle *) page->getMediaBox(); + break; + } + } +@@ -587,11 +587,11 @@ void read_pdf_info(image_dict * idict) + PDFRectangle *pagebox; + int pdf_major_version_found, pdf_minor_version_found; + float xsize, ysize, xorig, yorig; +- if (isInit == gFalse) { ++ if (isInit == false) { + if (!(globalParams)) + globalParams = new GlobalParams(); +- globalParams->setErrQuiet(gFalse); +- isInit = gTrue; ++ globalParams->setErrQuiet(false); ++ isInit = true; + } + if (img_type(idict) == IMG_TYPE_PDF) + pdf_doc = refPdfDocument(img_filepath(idict), FE_FAIL); +@@ -966,7 +966,7 @@ void epdf_free() + if (PdfDocumentTree != NULL) + avl_destroy(PdfDocumentTree, destroyPdfDocument); + PdfDocumentTree = NULL; +- if (isInit == gTrue) ++ if (isInit == true) + delete globalParams; +- isInit = gFalse; ++ isInit = false; + } +diff --git a/texk/web2c/luatexdir/lua/lepdflib.cc b/texk/web2c/luatexdir/lua/lepdflib.cc +--- a/texk/web2c/luatexdir/lua/lepdflib.cc ++++ b/texk/web2c/luatexdir/lua/lepdflib.cc +@@ -240,7 +240,7 @@ static int l_new_Attribute(lua_State * L) + if (uobj->pd != NULL && uobj->pd->pc != uobj->pc) + pdfdoc_changed_error(L); + uout = new_Attribute_userdata(L); +- uout->d = new Attribute(n, nlen, (Object *)uobj->d); ++ uout->d = new Attribute((GooString)n, (Object *)uobj->d); + uout->atype = ALLOC_LEPDF; + uout->pc = uobj->pc; + uout->pd = uobj->pd; +@@ -439,7 +439,7 @@ static int l_new_Object(lua_State * L) + break; + case 1: + if (lua_isboolean (L,1)) { +- uout->d = new Object(lua_toboolean(L, 1)? gTrue : gFalse); ++ uout->d = new Object(lua_toboolean(L, 1)? true : false); + uout->atype = ALLOC_LEPDF; + uout->pc = 0; + uout->pd = NULL; +@@ -596,7 +596,7 @@ static int m_##in##_##function(lua_State * L) \ + uin = (udstruct *) luaL_checkudata(L, 1, M_##in); \ + if (uin->pd != NULL && uin->pd->pc != uin->pc) \ + pdfdoc_changed_error(L); \ +- o = ((in *) uin->d)->function(); \ ++ o = (out *) ((in *) uin->d)->function(); \ + if (o != NULL) { \ + uout = new_##out##_userdata(L); \ + uout->d = o; \ +@@ -676,7 +676,7 @@ static int m_##in##_##function(lua_State * L) \ + pdfdoc_changed_error(L); \ + gs = (GooString *)((in *) uin->d)->function(); \ + if (gs != NULL) \ +- lua_pushlstring(L, gs->getCString(), gs->getLength()); \ ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); \ + else \ + lua_pushnil(L); \ + return 1; \ +@@ -911,7 +911,7 @@ static int m_Array_getString(lua_State * L) + if (i > 0 && i <= len) { + gs = new GooString(); + if (((Array *) uin->d)->getString(i - 1, gs)) +- lua_pushlstring(L, gs->getCString(), gs->getLength()); ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); + else + lua_pushnil(L); + delete gs; +@@ -1063,7 +1063,7 @@ static int m_Catalog_getJS(lua_State * L) + if (i > 0 && i <= len) { + gs = ((Catalog *) uin->d)->getJS(i - 1); + if (gs != NULL) +- lua_pushlstring(L, gs->getCString(), gs->getLength()); ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); + else + lua_pushnil(L); + delete gs; +@@ -1125,12 +1125,12 @@ m_poppler_get_INT(Dict, getLength); + + static int m_Dict_add(lua_State * L) + { +- char *s; ++ const char *s; + udstruct *uin, *uobj; + uin = (udstruct *) luaL_checkudata(L, 1, M_Dict); + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); +- s = copyString(luaL_checkstring(L, 2)); ++ s = luaL_checkstring(L, 2); + uobj = (udstruct *) luaL_checkudata(L, 3, M_Object); + ((Dict *) uin->d)->add(s, std::move(*((Object *) uobj->d))); + return 0; +@@ -1378,7 +1378,7 @@ static int m_GooString__tostring(lua_State * L) + uin = (udstruct *) luaL_checkudata(L, 1, M_GooString); + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); +- lua_pushlstring(L, ((GooString *) uin->d)->getCString(), ++ lua_pushlstring(L, ((GooString *) uin->d)->c_str(), + ((GooString *) uin->d)->getLength()); + return 1; + } +@@ -1527,9 +1527,9 @@ static int m_Object_initBool(lua_State * L) + pdfdoc_changed_error(L); + luaL_checktype(L, 2, LUA_TBOOLEAN); + if (lua_toboolean(L, 2) != 0) +- *((Object *) uin->d) = Object(gTrue); ++ *((Object *) uin->d) = Object(true); + else +- *((Object *) uin->d) = Object(gFalse); ++ *((Object *) uin->d) = Object(false); + return 0; + } + +@@ -1814,7 +1814,7 @@ static int m_Object_getString(lua_State * L) + pdfdoc_changed_error(L); + if (((Object *) uin->d)->isString()) { + gs = (GooString *)((Object *) uin->d)->getString(); +- lua_pushlstring(L, gs->getCString(), gs->getLength()); ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); + } else + lua_pushnil(L); + return 1; +@@ -2051,7 +2051,7 @@ static int m_Object_dictAdd(lua_State * L) + pdfdoc_changed_error(L); + if (!((Object *) uin->d)->isDict()) + luaL_error(L, "Object is not a Dict"); +- ((Object *) uin->d)->dictAdd(copyString(s), std::move(*((Object *) uobj->d))); ++ ((Object *) uin->d)->dictAdd(s, std::move(*((Object *) uobj->d))); + return 0; + } + +@@ -2470,9 +2470,9 @@ static int m_PDFDoc_getFileName(lua_State * L) + uin = (udstruct *) luaL_checkudata(L, 1, M_PDFDoc); + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); +- gs = ((PdfDocument *) uin->d)->doc->getFileName(); ++ gs = (GooString *) ((PdfDocument *) uin->d)->doc->getFileName(); + if (gs != NULL) +- lua_pushlstring(L, gs->getCString(), gs->getLength()); ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); + else + lua_pushnil(L); + return 1; +@@ -2559,9 +2559,9 @@ static int m_PDFDoc_readMetadata(lua_State * L) + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); + if (((PdfDocument *) uin->d)->doc->getCatalog()->isOk()) { +- gs = ((PdfDocument *) uin->d)->doc->readMetadata(); ++ gs = (GooString *) ((PdfDocument *) uin->d)->doc->readMetadata(); + if (gs != NULL) +- lua_pushlstring(L, gs->getCString(), gs->getLength()); ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); + else + lua_pushnil(L); + } else +@@ -2577,7 +2577,7 @@ static int m_PDFDoc_getStructTreeRoot(lua_State * L) + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); + if (((PdfDocument *) uin->d)->doc->getCatalog()->isOk()) { +- obj = ((PdfDocument *) uin->d)->doc->getStructTreeRoot(); ++ obj = (StructTreeRoot *) ((PdfDocument *) uin->d)->doc->getStructTreeRoot(); + uout = new_StructTreeRoot_userdata(L); + uout->d = obj; + uout->pc = uin->pc; +@@ -3038,12 +3038,12 @@ m_poppler_get_BOOL(Attribute, isHidden); + + static int m_Attribute_setHidden(lua_State * L) + { +- GBool i; ++ bool i; + udstruct *uin; + uin = (udstruct *) luaL_checkudata(L, 1, M_Attribute); + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); +- i = (GBool) lua_toboolean(L, 2); ++ i = (bool) lua_toboolean(L, 2); + ((Attribute *) uin->d)->setHidden(i); + return 0; + } +@@ -3180,7 +3180,7 @@ static int m_StructElement_getParentRef(lua_State * L) + // Ref is false if the C++ functione return false + static int m_StructElement_getPageRef(lua_State * L) + { +- GBool b; ++ bool b; + Ref *r; + udstruct *uin, *uout; + uin = (udstruct *) luaL_checkudata(L, 1, M_StructElement); +@@ -3226,16 +3226,16 @@ static int m_StructElement_setRevision(lua_State * L) + + static int m_StructElement_getText(lua_State * L) + { +- GBool i; ++ bool i; + GooString *gs; + udstruct *uin; + uin = (udstruct *) luaL_checkudata(L, 1, M_StructElement); + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); +- i = (GBool) lua_toboolean(L, 2); ++ i = (bool) lua_toboolean(L, 2); + gs = ((StructElement *) uin->d)->getText(i); + if (gs != NULL) +- lua_pushlstring(L, gs->getCString(), gs->getLength()); ++ lua_pushlstring(L, gs->c_str(), gs->getLength()); + else + lua_pushnil(L); + return 1; +@@ -3321,7 +3321,7 @@ static int m_StructElement_findAttribute(lua_State * L) + { + Attribute::Type t; + Attribute::Owner o; +- GBool g; ++ bool g; + udstruct *uin, *uout; + const Attribute *a; + uin = (udstruct *) luaL_checkudata(L, 1, M_StructElement); +@@ -3329,7 +3329,7 @@ static int m_StructElement_findAttribute(lua_State * L) + pdfdoc_changed_error(L); + t = (Attribute::Type) luaL_checkint(L,1); + o = (Attribute::Owner) luaL_checkint(L,2); +- g = (GBool) lua_toboolean(L, 3); ++ g = (bool) lua_toboolean(L, 3); + a = ((StructElement *) uin->d)->findAttribute(t,g,o); + + if (a!=NULL){ diff --git a/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch new file mode 100644 index 0000000000..eba4733f32 --- /dev/null +++ b/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch @@ -0,0 +1,188 @@ +Fix compatibility with Poppler 0.72. + +These files are taken from the upstream "poppler0.72.0.cc" variants and +diffed against the "newpoppler" files from the 20180414 distribution. + +See revision 49336: +https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/pdftexdir/ + +--- a/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100 ++++ b/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100 +@@ -22,7 +22,7 @@ + https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk + by Arch Linux. A little modifications are made to avoid a crash for + some kind of pdf images, such as figure_missing.pdf in gnuplot. +-The poppler should be 0.59.0 or newer versions. ++The poppler should be 0.72.0 or newer versions. + POPPLER_VERSION should be defined. + */ + +@@ -120,7 +120,7 @@ + + static InObj *inObjList; + static UsedEncoding *encodingList; +-static GBool isInit = gFalse; ++static bool isInit = false; + + // -------------------------------------------------------------------- + // Maintain list of open embedded PDF files +@@ -317,7 +317,7 @@ + pdf_puts("<<\n"); + assert(r->type == objFont); // FontDescriptor is in fd_tree + for (i = 0, l = obj->dictGetLength(); i < l; ++i) { +- key = obj->dictGetKey(i); ++ key = (char *)obj->dictGetKey(i); + if (strncmp("FontDescriptor", key, strlen("FontDescriptor")) == 0 + || strncmp("BaseFont", key, strlen("BaseFont")) == 0 + || strncmp("Encoding", key, strlen("Encoding")) == 0) +@@ -427,7 +427,7 @@ + charset = fontdesc.dictLookup("CharSet"); + if (!charset.isNull() && + charset.isString() && is_subsetable(fontmap)) +- epdf_mark_glyphs(fd, (char *)charset.getString()->getCString()); ++ epdf_mark_glyphs(fd, (char *)charset.getString()->c_str()); + else + embed_whole_font(fd); + addFontDesc(fontdescRef.getRef(), fd); +@@ -454,7 +454,7 @@ + for (i = 0, l = obj->dictGetLength(); i < l; ++i) { + fontRef = obj->dictGetValNF(i); + if (fontRef.isRef()) +- copyFont(obj->dictGetKey(i), &fontRef); ++ copyFont((char *)obj->dictGetKey(i), &fontRef); + else if (fontRef.isDict()) { // some programs generate pdf with embedded font object + copyName((char *)obj->dictGetKey(i)); + pdf_puts(" "); +@@ -566,7 +566,7 @@ + pdf_printf("%s", convertNumToPDF(obj->getNum())); + } else if (obj->isString()) { + s = (GooString *)obj->getString(); +- p = s->getCString(); ++ p = (char *)s->c_str(); + l = s->getLength(); + if (strlen(p) == (unsigned int) l) { + pdf_puts("("); +@@ -664,7 +664,7 @@ + ("PDF inclusion: CID fonts are not supported" + " (try to disable font replacement to fix this)"); + } +- if ((s = ((Gfx8BitFont *) r->font)->getCharName(i)) != 0) ++ if ((s = (char *)((Gfx8BitFont *) r->font)->getCharName(i)) != 0) + glyphNames[i] = s; + else + glyphNames[i] = notdef; +@@ -683,7 +683,7 @@ + } + + // get the pagebox according to the pagebox_spec +-static PDFRectangle *get_pagebox(Page * page, int pagebox_spec) ++static const PDFRectangle *get_pagebox(Page * page, int pagebox_spec) + { + if (pagebox_spec == pdfboxspecmedia) + return page->getMediaBox(); +@@ -715,7 +715,7 @@ + { + PdfDocument *pdf_doc; + Page *page; +- PDFRectangle *pagebox; ++ const PDFRectangle *pagebox; + #ifdef POPPLER_VERSION + int pdf_major_version_found, pdf_minor_version_found; + #else +@@ -724,8 +724,8 @@ + // initialize + if (!isInit) { + globalParams = new GlobalParams(); +- globalParams->setErrQuiet(gFalse); +- isInit = gTrue; ++ globalParams->setErrQuiet(false); ++ isInit = true; + } + // open PDF file + pdf_doc = find_add_document(image_name); +@@ -849,7 +849,7 @@ + pageObj = xref->fetch(pageRef->num, pageRef->gen); + pageDict = pageObj.getDict(); + rotate = page->getRotate(); +- PDFRectangle *pagebox; ++ const PDFRectangle *pagebox; + // write the Page header + pdf_puts("/Type /XObject\n"); + pdf_puts("/Subtype /Form\n"); +@@ -977,7 +977,7 @@ + } + l = dic1.getLength(); + for (i = 0; i < l; i++) { +- groupDict.dictAdd(copyString(dic1.getKey(i)), ++ groupDict.dictAdd((const char *)copyString(dic1.getKey(i)), + dic1.getValNF(i)); + } + // end modification +@@ -1001,14 +1001,14 @@ + pdf_puts("/Resources <<\n"); + for (i = 0, l = obj1->dictGetLength(); i < l; ++i) { + obj2 = obj1->dictGetVal(i); +- key = obj1->dictGetKey(i); ++ key = (char *)obj1->dictGetKey(i); + if (strcmp("Font", key) == 0) + copyFontResources(&obj2); + else if (strcmp("ProcSet", key) == 0) + copyProcSet(&obj2); + else +- copyOtherResources(&obj2, key); ++ copyOtherResources(&obj2, (char *)key); + } + pdf_puts(">>\n"); + } + +--- a/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100 ++++ b/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100 +@@ -20,7 +20,7 @@ + /* + This is based on the patch texlive-poppler-0.59.patch <2017-09-19> at + https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk +-by Arch Linux. The poppler should be 0.59.0 or newer versions. ++by Arch Linux. The poppler should be 0.72.0 or newer versions. + POPPLER_VERSION should be defined. + */ + +@@ -109,7 +109,7 @@ + fprintf(stderr, "No SourceName found\n"); + exit(1); + } +- outname = (char *)srcName.getString()->getCString(); ++ outname = (char *)srcName.getString()->c_str(); + // We cannot free srcName, as objname shares its string. + // srcName.free(); + } else if (objnum > 0) { +@@ -118,7 +118,7 @@ + fprintf(stderr, "Not a Stream object\n"); + exit(1); + } +- sprintf(buf, "%s", fileName->getCString()); ++ sprintf(buf, "%s", fileName->c_str()); + if ((p = strrchr(buf, '.')) == 0) + p = strchr(buf, 0); + if (objgen == 0) +@@ -128,7 +128,7 @@ + outname = buf; + } else { // objnum < 0 means we are extracting the XRef table + extract_xref_table = true; +- sprintf(buf, "%s", fileName->getCString()); ++ sprintf(buf, "%s", fileName->c_str()); + if ((p = strrchr(buf, '.')) == 0) + p = strchr(buf, 0); + sprintf(p, ".xref"); +@@ -173,9 +173,9 @@ + + // parse the header: object numbers and offsets + objStr.streamReset(); +- str = new EmbedStream(objStr.getStream(), Object(objNull), gTrue, first); ++ str = new EmbedStream(objStr.getStream(), Object(objNull), true, first); + lexer = new Lexer(xref, str); +- parser = new Parser(xref, lexer, gFalse); ++ parser = new Parser(xref, lexer, false); + for (n = 0; n < nObjects; ++n) { + obj1 = parser->getObj(); + obj2 = parser->getObj(); + diff --git a/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch new file mode 100644 index 0000000000..cac716cc59 --- /dev/null +++ b/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch @@ -0,0 +1,31 @@ +Fix compatibility with Poppler 0.72. + +Patch taken from upstream: +https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/xetexdir/pdfimage.cpp?r1=44964&r2=48969&diff_format=u + +--- a/texk/web2c/xetexdir/pdfimage.cpp 2017/08/06 07:12:02 44964 ++++ b/texk/web2c/xetexdir/pdfimage.cpp 2018/10/22 04:01:42 48969 +@@ -82,19 +82,19 @@ + switch (pdf_box) { + default: + case pdfbox_crop: +- r = page->getCropBox(); ++ r = (PDFRectangle *)page->getCropBox(); + break; + case pdfbox_media: +- r = page->getMediaBox(); ++ r = (PDFRectangle *)page->getMediaBox(); + break; + case pdfbox_bleed: +- r = page->getBleedBox(); ++ r = (PDFRectangle *)page->getBleedBox(); + break; + case pdfbox_trim: +- r = page->getTrimBox(); ++ r = (PDFRectangle *)page->getTrimBox(); + break; + case pdfbox_art: +- r = page->getArtBox(); ++ r = (PDFRectangle *)page->getArtBox(); + break; + } diff --git a/gnu/packages/patches/zathura-plugindir-environment-variable.patch b/gnu/packages/patches/zathura-plugindir-environment-variable.patch deleted file mode 100644 index a8ffff965a..0000000000 --- a/gnu/packages/patches/zathura-plugindir-environment-variable.patch +++ /dev/null @@ -1,32 +0,0 @@ -From ae8e4cc9ab57ff25d2ba6c4b369e8531ce43a6d2 Mon Sep 17 00:00:00 2001 -From: Paul van der Walt <paul@denknerd.org> -Date: Mon, 2 Mar 2015 22:15:39 +0100 -Subject: [PATCH] Search path environment variable for Zathura. - -Adds a search path environment variable for zathura plugins (for reading -different file formats) called ZATHURA_PLUGIN_PATH. Command line option --p still takes precedence. - -Patch by Paul van der Walt <paul@denknerd.org> -Adjusted for Zathura 0.3.9 by Tobias Geerinckx-Rice <me@tobias.gr> ---- - zathura/zathura.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/zathura/zathura.c b/zathura/zathura.c ---- a/zathura/zathura.c -+++ b/zathura/zathura.c -@@ -597,6 +597,13 @@ zathura_set_plugin_dir(zathura_t* zathura, const char* dir) - g_return_if_fail(zathura != NULL); - g_return_if_fail(zathura->plugins.manager != NULL); - -+ /* Added for Guix: check if environment variable -+ * is set to specify location of zathura plugins. -+ */ -+ -+ if (dir == NULL) -+ dir = g_getenv("ZATHURA_PLUGIN_PATH"); -+ - if (dir != NULL) { - set_plugin_dir(zathura, dir); - #ifdef ZATHURA_PLUGINDIR diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 64bfda489e..bec119cf36 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -82,15 +82,14 @@ (define-public poppler (package (name "poppler") - (replacement poppler/fixed) - (version "0.68.0") + (version "0.72.0") (source (origin (method url-fetch) (uri (string-append "https://poppler.freedesktop.org/poppler-" version ".tar.xz")) (sha256 (base32 - "0n0f7mv24lzv9p3dlzakpdhqg7ygcvl6l40grcz95xldzgq083gr")))) + "0lfs1b1jfamxl13zbl5n448dqvl9n8frbv8180y7b7kfyaw7wx61")))) (build-system cmake-build-system) ;; FIXME: ;; use libcurl: no @@ -132,14 +131,6 @@ (license license:gpl2+) (home-page "https://poppler.freedesktop.org/"))) -(define poppler/fixed - (package - (inherit poppler) - (source (origin - (inherit (package-source poppler)) - (patches (append (origin-patches (package-source poppler)) - (search-patches "poppler-CVE-2018-19149.patch"))))))) - (define-public poppler-data (package (name "poppler-data") @@ -505,7 +496,7 @@ by using the poppler rendering engine.") (define-public zathura (package (name "zathura") - (version "0.4.0") + (version "0.4.3") (source (origin (method url-fetch) (uri @@ -513,9 +504,7 @@ by using the poppler rendering engine.") version ".tar.xz")) (sha256 (base32 - "1j0yah09adv3bsjhhbqra5lambal32svk8fxmf89wwmcqrcr4qma")) - (patches (search-patches - "zathura-plugindir-environment-variable.patch")))) + "0hgx5x09i6d0z45llzdmh4l348fxh1y102sb1w76f2fp4r21j4ky")))) (native-inputs `(("pkg-config" ,pkg-config) ("gettext" ,gettext-minimal) ("glib:bin" ,glib "bin") @@ -532,7 +521,7 @@ by using the poppler rendering engine.") ("girara" ,girara))) (native-search-paths (list (search-path-specification - (variable "ZATHURA_PLUGIN_PATH") + (variable "ZATHURA_PLUGINS_PATH") (files '("lib/zathura"))))) (build-system meson-build-system) (arguments diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 52832eeeb8..6a2eece734 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -55,7 +55,7 @@ (define-public ruby (package (name "ruby") - (version "2.4.3") + (version "2.5.3") (source (origin (method url-fetch) @@ -64,8 +64,7 @@ "/ruby-" version ".tar.xz")) (sha256 (base32 - "0l9bv67dgsphk42lmiskhrnh47hbyj6rfg2rcjx22xivpx07srr3")) - (patches (search-patches "ruby-rubygems-276-for-ruby24.patch")) + "0vrhrw7kcz9mg0jkqnihkcxqy5k05v8k1j0y2735z8wfk8sx1j8w")) (modules '((guix build utils))) (snippet `(begin ;; Remove bundled libffi @@ -107,6 +106,26 @@ a focus on simplicity and productivity.") (home-page "https://www.ruby-lang.org") (license license:ruby))) +(define-public ruby-2.4 + (package + (inherit ruby) + (version "2.4.3") + (source + (origin + (method url-fetch) + (uri (string-append "http://cache.ruby-lang.org/pub/ruby/" + (version-major+minor version) + "/ruby-" version ".tar.xz")) + (sha256 + (base32 + "0l9bv67dgsphk42lmiskhrnh47hbyj6rfg2rcjx22xivpx07srr3")) + (patches (search-patches "ruby-rubygems-276-for-ruby24.patch")) + (modules '((guix build utils))) + (snippet `(begin + ;; Remove bundled libffi + (delete-file-recursively "ext/fiddle/libffi-3.2.1") + #t)))))) + (define-public ruby-2.3 (package (inherit ruby) diff --git a/gnu/packages/scribus.scm b/gnu/packages/scribus.scm index 615d7e23a2..20795da275 100644 --- a/gnu/packages/scribus.scm +++ b/gnu/packages/scribus.scm @@ -56,7 +56,59 @@ (sha256 (base32 "00ys0p6h3iq77kh72dkl0qrf7qvznq18qdrgiq10gfxja1995034")) - (patches (search-patches "scribus-poppler.patch")))) + (patches (append + ;; Scribus relies heavily on Poppler internals, which have + ;; changed a lot since the latest Scribus release (2018-04). + ;; Thus, we require a bunch of patches to stay compatible. + (search-patches "scribus-poppler.patch") + (list (origin + (method url-fetch) + (uri (string-append + "https://github.com/scribusproject/scribus/commit/" + "7d4ceeb5cac32287769e3c0238699e0b3e56c24d.patch")) + (file-name "scribus-poppler-0.64.patch") + (sha256 + (base32 + "1kr27bfzkpabrh42nsrrvlqyycdg9isbavpaa5spgmrhidcg02xj"))) + (origin + (method url-fetch) + (uri (string-append + "https://github.com/scribusproject/scribus/commit/" + "76561c1a55cd07c268f8f2b2fea888532933700b.patch")) + (file-name "scribus-poppler-config.patch") + (sha256 + (base32 + "01k18xjj82c3ndzp89dlpfhhdccc8z0acf8b04r592jyr5y9rc19"))) + (origin + (method url-fetch) + (uri (string-append + "https://github.com/scribusproject/scribus/commit/" + "8e05d26c19097ac2ad5b4ebbf40a3771ee6faf9c.patch")) + (file-name "scribus-poppler-0.69.patch") + (sha256 + (base32 + "1avdmsj5l543j0irq18nxgiw99n395jj56ih5dsal59fn0wbqk42"))) + (origin + (method url-fetch) + (uri (string-append "https://git.archlinux.org/svntogit/" + "community.git/plain/trunk/scribus-" + "poppler-0.70.patch?h=packages/scribus&id=" + "8ef43ee2fceb0753ed5a76bb0a11c84775898ffc")) + (file-name "scribus-poppler-0.70.patch") + (sha256 + (base32 + "0dw7ix3jaj0y1q97cmmqwb2qgdx760yhxx86wa8rnx0xhfi5x6qr")))))) + (modules '((guix build utils))) + (snippet + '(begin + (for-each (lambda (file) + (substitute* file + ;; These are required for compatibility with Poppler 0.71. + (("GBool") "bool") (("gTrue") "true") (("gFalse") "false") + ;; ...and this for Poppler 0.72. + (("getCString") "c_str"))) + (find-files "scribus/plugins/import/pdf")) + #t)))) (build-system cmake-build-system) (arguments `(#:tests? #f ;no test target diff --git a/gnu/packages/spice.scm b/gnu/packages/spice.scm index 94e6aa8438..8ab5a335c8 100644 --- a/gnu/packages/spice.scm +++ b/gnu/packages/spice.scm @@ -213,11 +213,7 @@ which allows users to view a desktop computing environment.") "--enable-automated-tests") ;; Several tests appear to be opening the same sockets concurrently. - #:parallel-tests? #f - - #:phases (modify-phases %standard-phases - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ (setenv "SSL_CERT_FILE" "/dev/null") #t))))) + #:parallel-tests? #f)) (synopsis "Server implementation of the SPICE protocol") (description "SPICE is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment diff --git a/gnu/packages/sssd.scm b/gnu/packages/sssd.scm index 0ff94cdd24..75ce7c854b 100644 --- a/gnu/packages/sssd.scm +++ b/gnu/packages/sssd.scm @@ -86,6 +86,7 @@ fundamental object types for C.") (method url-fetch) (uri (string-append "http://releases.pagure.org/SSSD/sssd/" "sssd-" version ".tar.gz")) + (patches (search-patches "sssd-curl-compat.patch")) (sha256 (base32 "032ppk57qs1lnvz7pb7lw9ldwm9i1yagh9fzgqgn6na3bg61ynzy")))) diff --git a/gnu/packages/storage.scm b/gnu/packages/storage.scm index 4eae37815e..5051ccd986 100644 --- a/gnu/packages/storage.scm +++ b/gnu/packages/storage.scm @@ -321,7 +321,7 @@ ("python2-testtools" ,python2-testtools) ("python2-tox" ,python2-tox))) (inputs - `(("boost" ,boost-cxx14) + `(("boost" ,boost) ("curl" ,curl) ("cryptsetup" ,cryptsetup) ("expat" ,expat) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index 765f6aa849..54544c24f5 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -102,15 +102,19 @@ (patches (list ;; This is required for compatibility with Poppler 0.64.0 and to fix a - ;; segmentation fault in dvipdfm-x from XeTeX. + ;; segmentation fault in dvipdfm-x from XeTeX, and also contains a fix + ;; for CVE-2018-17407. (origin (method url-fetch) (uri (string-append "http://www.linuxfromscratch.org/patches/blfs/" - "svn/texlive-" version "-source-upstream_fixes-1.patch")) + "svn/texlive-" version "-source-upstream_fixes-2.patch")) (file-name "texlive-poppler-compat.patch") (sha256 (base32 - "0f8vhyj167y4xj0jx47vkybrcacfpxw0wdn1b777yq3xmhlahhlg"))))))) + "04sxy1qv9y575mxwyg3y7rx7mh540pfjqx7yni7ncb5wjbq9pq1a"))) + (search-patch "texlive-bin-luatex-poppler-compat.patch") + (search-patch "texlive-bin-pdftex-poppler-compat.patch") + (search-patch "texlive-bin-xetex-poppler-compat.patch"))))) (build-system gnu-build-system) (inputs `(("texlive-extra-src" ,texlive-extra-src) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 036736498d..1d50f1e464 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -162,7 +162,7 @@ living in the same process.") (define-public gnutls (package (name "gnutls") - (version "3.5.18") + (version "3.6.5") (source (origin (method url-fetch) (uri @@ -171,12 +171,19 @@ living in the same process.") (string-append "mirror://gnupg/gnutls/v" (version-major+minor version) "/gnutls-" version ".tar.xz")) - (patches - (search-patches "gnutls-skip-trust-store-test.patch" - "gnutls-skip-pkgconfig-test.patch")) + (patches (search-patches "gnutls-skip-trust-store-test.patch")) (sha256 (base32 - "0d02x28fwkkx7xzn7807nww6idchizzq3plx8sfcyiw7wzclh8mf")))) + "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7")) + (modules '((guix build utils))) + (snippet + '(begin + ;; XXX: The generated configure script in GnuTLS 3.6.5 + ;; apparently does not know about Guile 2.2. + (substitute* "configure" + (("guile_versions_to_search=\"2\\.0 1\\.8\"") + "guile_versions_to_search=\"2.2 2.0 1.8\"")) + #t)))) (build-system gnu-build-system) (arguments `(; Ensure we don't keep a reference to this buggy software. diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index c327c9bc5c..ba03205484 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -624,7 +624,7 @@ libebml is a C++ library to read and write EBML files.") (define-public libva (package (name "libva") - (version "2.2.0") + (version "2.3.0") (source (origin (method url-fetch) @@ -636,7 +636,7 @@ libebml is a C++ library to read and write EBML files.") (string-append "https://www.freedesktop.org/software/vaapi/releases/" "libva/libva-" version "/libva-" version ".tar.bz2"))) (sha256 - (base32 "1wjfrs261fp9wkhgpmrlz5smnhxrmsk31way646x6i2mg16a0v3g")))) + (base32 "1r6wiw4k044cpb39rfqqdw6qmzw0268whpz124hywck9v980x130")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/vulkan.scm b/gnu/packages/vulkan.scm index ff1088d2e1..f346d155dc 100644 --- a/gnu/packages/vulkan.scm +++ b/gnu/packages/vulkan.scm @@ -163,16 +163,16 @@ interpretation of the specifications for these languages.") (define-public vulkan-headers (package (name "vulkan-headers") - (version "1.1.85.0") + (version "1.1.96") (source (origin (method url-fetch) (uri (string-append "https://github.com/KhronosGroup/Vulkan-Headers/" - "archive/sdk-" version ".tar.gz")) + "archive/v" version ".tar.gz")) (sha256 (base32 - "166hqqb97kjg6h9vp8yxb1cq02i1kqaxvl693482gf8v21fl7ink")))) + "1mr15v7d7lxi7qjkgwyvy2s3a5k2xd7y8x40dd2al3a3c4chl2y2")))) (build-system cmake-build-system) (arguments `(#:tests? #f)) ; No tests. @@ -192,10 +192,10 @@ interpretation of the specifications for these languages.") (method url-fetch) (uri (string-append "https://github.com/KhronosGroup/Vulkan-Loader/" - "archive/sdk-" version ".tar.gz")) + "archive/v" version ".tar.gz")) (sha256 (base32 - "04d53ynlc0ww8r67hv4sxwg5sirjhpr1laaa9hc6j4niliw0166n")))) + "11jg678sj8yykr3n1km0638l6737iyhsl4x4q1zwbwyiifm0w89z")))) (build-system cmake-build-system) (arguments `(#:tests? #f ;FIXME: 23/39 tests fail. Try "tests/run_all_tests.sh". @@ -248,10 +248,10 @@ and the ICD.") (method url-fetch) (uri (string-append "https://github.com/KhronosGroup/Vulkan-Tools/" - "archive/sdk-" version ".tar.gz")) + "archive/v" version ".tar.gz")) (sha256 (base32 - "0r26px9rh09giddajlmafv21rx1la1y3bbnjgnpai8aw98wvq9mm")))) + "066v0vfhcqcwzlijvvs3jrbldp5kdqgwydkn7k2wrbcgynr77h8q")))) (build-system cmake-build-system) (inputs `(("glslang" ,glslang) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 84bd795a85..7f43762a93 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -79,6 +79,7 @@ #:use-module (gnu packages flex) #:use-module (gnu packages freedesktop) #:use-module (gnu packages kerberos) + #:use-module (gnu packages gcc) #:use-module (gnu packages gd) #:use-module (gnu packages gettext) #:use-module (gnu packages glib) @@ -509,16 +510,18 @@ libraries for working with JNLP applets.") (define-public jansson (package (name "jansson") - (version "2.11") + (version "2.12") (source (origin (method url-fetch) (uri (string-append "http://www.digip.org/jansson/releases/jansson-" - version ".tar.gz")) + version ".tar.bz2")) (sha256 (base32 - "1x5jllzzqamq6kahx9d9a5mrarm9m3f30vfxvcqpi6p4mcnz91bf")))) + "1lp1mv8pjp5yziws66cy0dhpcam4bbjqhffk13v4vgdybp674pb4")))) (build-system gnu-build-system) + (arguments + `(#:configure-flags '("--disable-static"))) (home-page "http://www.digip.org/jansson/") (synopsis "JSON C library") (description @@ -4240,15 +4243,6 @@ you'd expect.") (base32 "163py4klka423x7li2b685gmg3a6hjf074mlff2ajhmi3l0lm8x6")))) (build-system glib-or-gtk-build-system) - (arguments - `(#:phases - (modify-phases %standard-phases - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ - ;; Search for ca-certificates.crt files - ;; during the check phase. - (setenv "SSL_CERT_FILE" "/dev/null") - #t))))) (native-inputs `(("gobject-introspection" ,gobject-introspection) ;; For check phase. @@ -6696,7 +6690,7 @@ derivation by David Revoy from the original MonsterID by Andreas Gohr.") (define-public nghttp2 (package (name "nghttp2") - (version "1.32.0") + (version "1.35.1") (source (origin (method url-fetch) @@ -6705,12 +6699,13 @@ derivation by David Revoy from the original MonsterID by Andreas Gohr.") name "-" version ".tar.xz")) (sha256 (base32 - "0zbgp8f80h2zlfn8cd2ldrmgl81jzcdh1141n71aqmfckzaqj2kh")))) + "0fi6qg2w82636wixwkqy7bclpgxslmvg82r431hs8h6aqc4mnzwv")))) (build-system gnu-build-system) (outputs (list "out" "lib")) ; only libnghttp2 (native-inputs `(("pkg-config" ,pkg-config) + ("gcc" ,gcc-7) ; 1.35.0 requires GCC6 or later ;; Required by tests. ("cunit" ,cunit) @@ -6742,6 +6737,9 @@ derivation by David Revoy from the original MonsterID by Andreas Gohr.") (("@prefix@") (assoc-ref outputs "lib"))) #t)) + (add-before 'configure 'work-around-bug-30756 + (lambda _ + (for-each unsetenv '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH")) #t)) (add-before 'check 'set-timezone-directory (lambda* (#:key inputs #:allow-other-keys) (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata") diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm index dc729229f3..d287ad9bc1 100644 --- a/gnu/packages/xdisorg.scm +++ b/gnu/packages/xdisorg.scm @@ -295,7 +295,7 @@ following the mouse.") (define-public pixman (package (name "pixman") - (version "0.34.0") + (version "0.36.0") (source (origin (method url-fetch) (uri (string-append @@ -303,7 +303,7 @@ following the mouse.") version ".tar.gz")) (sha256 (base32 - "13m842m9ffac3m9r0b4lvwjhwzg3w4353djkjpf00s0wnm4v5di1")) + "1blzrx50ssdv0pn56hcv2v0zw0vrjwj1sx22pkgjls1p9n6rr88w")) (patches (search-patches "pixman-CVE-2016-5296.patch")))) (build-system gnu-build-system) (inputs @@ -321,7 +321,7 @@ rasterisation.") (define-public libdrm (package (name "libdrm") - (version "2.4.93") + (version "2.4.96") (source (origin (method url-fetch) @@ -331,7 +331,7 @@ rasterisation.") ".tar.bz2")) (sha256 (base32 - "0g6d9wsnb7lx8r1m4kq8js0wsc5jl20cz1csnlh6z9s8jpfd313f")) + "14xkip83qgljjaahzq40qgl60j54q7k00la1hbf5kk5lgg7ilmhd")) (patches (search-patches "libdrm-symbol-check.patch")))) (build-system gnu-build-system) (arguments @@ -340,14 +340,12 @@ rasterisation.") ("armhf-linux" '("--enable-exynos-experimental-api" "--enable-omap-experimental-api" - ;; XXX: This fails a symbol check on a build machine: - ;; <https://hydra.gnu.org/build/2270314/nixlog/4/raw> - ;; TODO: Update the list of symbols. - ;;"--enable-etnaviv-experimental-api" + "--enable-etnaviv-experimental-api" "--enable-tegra-experimental-api" "--enable-freedreno-kgsl")) ("aarch64-linux" '("--enable-tegra-experimental-api" + "--enable-etnaviv-experimental-api" "--enable-freedreno-kgsl")) (_ '()))))) (inputs diff --git a/gnu/services/databases.scm b/gnu/services/databases.scm index aff78a0566..7113f1f2a1 100644 --- a/gnu/services/databases.scm +++ b/gnu/services/databases.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> ;;; Copyright © 2017 Christopher Baines <mail@cbaines.net> ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org> +;;; Copyright © 2018 Julien Lepiller <julien@lepiller.eu> ;;; ;;; This file is part of GNU Guix. ;;; @@ -26,7 +27,10 @@ #:use-module (gnu system shadow) #:use-module (gnu packages admin) #:use-module (gnu packages databases) + #:use-module (guix build-system trivial) + #:use-module (guix build union) #:use-module (guix modules) + #:use-module (guix packages) #:use-module (guix records) #:use-module (guix gexp) #:use-module (srfi srfi-1) @@ -141,16 +145,18 @@ host all all ::1/128 trust")) (define-record-type* <postgresql-configuration> postgresql-configuration make-postgresql-configuration postgresql-configuration? - (postgresql postgresql-configuration-postgresql ;<package> - (default postgresql)) - (port postgresql-configuration-port - (default 5432)) - (locale postgresql-configuration-locale - (default "en_US.utf8")) - (config-file postgresql-configuration-file - (default (postgresql-config-file))) - (data-directory postgresql-configuration-data-directory - (default "/var/lib/postgresql/data"))) + (postgresql postgresql-configuration-postgresql ;<package> + (default postgresql)) + (port postgresql-configuration-port + (default 5432)) + (locale postgresql-configuration-locale + (default "en_US.utf8")) + (config-file postgresql-configuration-file + (default (postgresql-config-file))) + (data-directory postgresql-configuration-data-directory + (default "/var/lib/postgresql/data")) + (extension-packages postgresql-configuration-extension-packages + (default '()))) (define %postgresql-accounts (list (user-group (name "postgres") (system? #t)) @@ -162,15 +168,36 @@ host all all ::1/128 trust")) (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin"))))) +(define (final-postgresql postgresql extension-packages) + (if (null? extension-packages) + postgresql + (package + (inherit postgresql) + (source #f) + (build-system trivial-build-system) + (arguments + `(#:modules ((guix build utils) (guix build union)) + #:builder + (begin + (use-modules (guix build utils) (guix build union) (srfi srfi-26)) + (union-build (assoc-ref %outputs "out") (map (lambda (input) (cdr input)) %build-inputs)) + #t))) + (inputs + `(("postgresql" ,postgresql) + ,@(map (lambda (extension) (list "extension" extension)) + extension-packages)))))) + (define postgresql-activation (match-lambda - (($ <postgresql-configuration> postgresql port locale config-file data-directory) + (($ <postgresql-configuration> postgresql port locale config-file data-directory + extension-packages) #~(begin (use-modules (guix build utils) (ice-9 match)) (let ((user (getpwnam "postgres")) - (initdb (string-append #$postgresql "/bin/initdb")) + (initdb (string-append #$(final-postgresql postgresql extension-packages) + "/bin/initdb")) (initdb-args (append (if #$locale @@ -202,7 +229,8 @@ host all all ::1/128 trust")) (define postgresql-shepherd-service (match-lambda - (($ <postgresql-configuration> postgresql port locale config-file data-directory) + (($ <postgresql-configuration> postgresql port locale config-file data-directory + extension-packages) (let* ((pg_ctl-wrapper ;; Wrapper script that switches to the 'postgres' user before ;; launching daemon. @@ -214,7 +242,8 @@ host all all ::1/128 trust")) (match (command-line) ((_ mode) (let ((user (getpwnam "postgres")) - (pg_ctl #$(file-append postgresql "/bin/pg_ctl")) + (pg_ctl #$(file-append (final-postgresql postgresql extension-packages) + "/bin/pg_ctl")) (options (format #f "--config-file=~a -p ~d" #$config-file #$port))) (setgid (passwd:gid user)) @@ -253,7 +282,8 @@ host all all ::1/128 trust")) (port 5432) (locale "en_US.utf8") (config-file (postgresql-config-file)) - (data-directory "/var/lib/postgresql/data")) + (data-directory "/var/lib/postgresql/data") + (extension-packages '())) "Return a service that runs @var{postgresql}, the PostgreSQL database server. The PostgreSQL daemon loads its runtime configuration from @var{config-file} @@ -264,7 +294,8 @@ and stores the database cluster in @var{data-directory}." (port port) (locale locale) (config-file config-file) - (data-directory data-directory)))) + (data-directory data-directory) + (extension-packages extension-packages)))) ;;; |