summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-11-23 22:24:52 -0500
committerLeo Famulari <leo@famulari.name>2016-11-23 22:24:52 -0500
commit2ac7d54616819c65405ea27260dbff462160f290 (patch)
tree4c82001f0855ebab05ab342e342a680c533b9bf9 /gnu/packages/patches
parent61320932edb42e78fb377b5d11cd6ecb32e2f9e6 (diff)
parent1c9f78eca1f7e169562abaaa882fd94d845208af (diff)
downloadguix-2ac7d54616819c65405ea27260dbff462160f290.tar.gz
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch102
-rw-r--r--gnu/packages/patches/gd-fix-truecolor-format-correction.patch95
-rw-r--r--gnu/packages/patches/guile-repl-server-test.patch48
-rw-r--r--gnu/packages/patches/handbrake-pkg-config-path.patch24
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-9064.patch996
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5652.patch47
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-9273.patch41
-rw-r--r--gnu/packages/patches/lvm2-static-link.patch14
-rw-r--r--gnu/packages/patches/pixman-CVE-2016-5296.patch19
9 files changed, 1298 insertions, 88 deletions
diff --git a/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch
new file mode 100644
index 0000000000..e395c66d89
--- /dev/null
+++ b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch
@@ -0,0 +1,102 @@
+This fixes PHP bug #73155: https://bugs.php.net/bug.php?id=73155
+
+Patch adapted from upstream source repository:
+
+https://github.com/libgd/libgd/commit/8067a8ac336dfe0acbe96ec2eb24572209a7f279
+
+(.gitignore change removed)
+
+From 8067a8ac336dfe0acbe96ec2eb24572209a7f279 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Fri, 23 Sep 2016 18:29:52 +0200
+Subject: [PATCH] Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
+
+(cherry picked from commit bb1998a16e30d542ab22eba5501911a9aa066edb)
+---
+ src/gd_gd2.c             |  4 ++--
+ tests/gd2/CMakeLists.txt |  1 +
+ tests/gd2/Makemodule.am  |  1 +
+ tests/gd2/bug00309.c     | 37 +++++++++++++++++++++++++++++++++++++
+ 4 files changed, 41 insertions(+), 2 deletions(-)
+ create mode 100644 tests/gd2/bug00309.c
+
+diff --git a/src/gd_gd2.c b/src/gd_gd2.c
+index 75e5e1f..b9b2f93 100644
+--- a/src/gd_gd2.c
++++ b/src/gd_gd2.c
+@@ -938,8 +938,8 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
+ 	};
+ 
+ 	/* Work out number of chunks. */
+-	ncx = im->sx / cs + 1;
+-	ncy = im->sy / cs + 1;
++	ncx = (im->sx + cs - 1) / cs;
++	ncy = (im->sy + cs - 1) / cs;
+ 
+ 	/* Write the standard header. */
+ 	_gd2PutHeader (im, out, cs, fmt, ncx, ncy);
+diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt
+index 3b650ad..247b466 100644
+--- a/tests/gd2/CMakeLists.txt
++++ b/tests/gd2/CMakeLists.txt
+@@ -1,5 +1,6 @@
+ SET(TESTS_FILES
+ 	bug_289
++	bug00309
+ 	gd2_empty_file
+ 	gd2_im2im
+ 	gd2_null
+diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am
+index b8ee946..d69aee0 100644
+--- a/tests/gd2/Makemodule.am
++++ b/tests/gd2/Makemodule.am
+@@ -1,5 +1,6 @@
+ libgd_test_programs += \
+ 	gd2/bug_289 \
++	gd2/bug00309 \
+ 	gd2/gd2_empty_file \
+ 	gd2/php_bug_72339 \
+ 	gd2/gd2_read_corrupt
+diff --git a/tests/gd2/bug00309.c b/tests/gd2/bug00309.c
+new file mode 100644
+index 0000000..b649cdc
+--- /dev/null
++++ b/tests/gd2/bug00309.c
+@@ -0,0 +1,37 @@
++/**
++ * Regression test for <https://github.com/libgd/libgd/issues/309>.
++ *
++ * We test that an image with 64x64 pixels reports only a single chunk in the
++ * GD2 image header when the chunk size is 64.
++ */
++
++
++#include "gd.h"
++#include "gdtest.h"
++
++
++int main()
++{
++    gdImagePtr im;
++    unsigned char *buf;
++    int size, word;
++
++    im = gdImageCreate(64, 64);
++    gdImageColorAllocate(im, 0, 0, 0);
++
++    buf = gdImageGd2Ptr(im, 64, 1, &size);
++
++    gdImageDestroy(im);
++
++    word = buf[10] << 8 | buf[11];
++    gdTestAssertMsg(word == 64, "chunk size is %d, but expected 64\n", word);
++    word = buf[14] << 8 | buf[15];
++    gdTestAssertMsg(word == 1, "x chunk count is %d, but expected 1\n", word);
++    word = buf[16] << 8 | buf[17];
++    gdTestAssertMsg(word == 1, "y chunk count is %d, but expected 1\n", word);
++    gdTestAssertMsg(size == 5145, "file size is %d, but expected 5145\n", size);
++
++    gdFree(buf);
++
++    return gdNumFailures();
++}
diff --git a/gnu/packages/patches/gd-fix-truecolor-format-correction.patch b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch
new file mode 100644
index 0000000000..be3eff9327
--- /dev/null
+++ b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch
@@ -0,0 +1,95 @@
+This fixes PHP bug #73159: https://bugs.php.net/bug.php?id=73159
+
+Patch lifted from upstream source repository:
+
+https://github.com/libgd/libgd/commit/e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5
+
+From e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Mon, 15 Aug 2016 17:49:40 +0200
+Subject: [PATCH] Fix #289: Passing unrecognized formats to gdImageGd2 results
+ in corrupted files
+
+We must not apply the format correction twice for truecolor images.
+
+(cherry picked from commit 09090c125658e23a4ae2a2e002646bb7278bd89e)
+---
+ src/gd_gd2.c             |  2 +-
+ tests/gd2/CMakeLists.txt |  1 +
+ tests/gd2/Makemodule.am  |  1 +
+ tests/gd2/bug_289.c      | 33 +++++++++++++++++++++++++++++++++
+ 4 files changed, 36 insertions(+), 1 deletion(-)
+ create mode 100644 tests/gd2/bug_289.c
+
+diff --git a/src/gd_gd2.c b/src/gd_gd2.c
+index 86c881e..75e5e1f 100644
+--- a/src/gd_gd2.c
++++ b/src/gd_gd2.c
+@@ -918,7 +918,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
+ 	/* Force fmt to a valid value since we don't return anything. */
+ 	/* */
+ 	if ((fmt != GD2_FMT_RAW) && (fmt != GD2_FMT_COMPRESSED)) {
+-		fmt = im->trueColor ? GD2_FMT_TRUECOLOR_COMPRESSED : GD2_FMT_COMPRESSED;
++		fmt = GD2_FMT_COMPRESSED;
+ 	};
+ 	if (im->trueColor) {
+ 		fmt += 2;
+diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt
+index 8aecacc..3b650ad 100644
+--- a/tests/gd2/CMakeLists.txt
++++ b/tests/gd2/CMakeLists.txt
+@@ -1,4 +1,5 @@
+ SET(TESTS_FILES
++	bug_289
+ 	gd2_empty_file
+ 	gd2_im2im
+ 	gd2_null
+diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am
+index 754a284..b8ee946 100644
+--- a/tests/gd2/Makemodule.am
++++ b/tests/gd2/Makemodule.am
+@@ -1,4 +1,5 @@
+ libgd_test_programs += \
++	gd2/bug_289 \
+ 	gd2/gd2_empty_file \
+ 	gd2/php_bug_72339 \
+ 	gd2/gd2_read_corrupt
+diff --git a/tests/gd2/bug_289.c b/tests/gd2/bug_289.c
+new file mode 100644
+index 0000000..ad311e9
+--- /dev/null
++++ b/tests/gd2/bug_289.c
+@@ -0,0 +1,33 @@
++/**
++ * Passing an unrecognized format to gdImageGd2() should result in
++ * GD2_FMT_TRUECOLOR_COMPRESSED for truecolor images.
++ *
++ * See <https://github.com/libgd/libgd/issues/289>.
++ */
++
++#include "gd.h"
++#include "gdtest.h"
++
++
++#define GD2_FMT_UNRECOGNIZED 0
++#define GD2_FMT_TRUECOLOR_COMPRESSED 4
++
++#define MSG "expected %s byte to be %d, but got %d\n"
++
++
++int main()
++{
++    gdImagePtr im;
++    char *buffer;
++    int size;
++
++    im = gdImageCreateTrueColor(10, 10);
++    gdTestAssert(im != NULL);
++    buffer = (char *) gdImageGd2Ptr(im, 128, GD2_FMT_UNRECOGNIZED, &size);
++    gdTestAssert(buffer != NULL);
++    gdImageDestroy(im);
++    gdTestAssertMsg(buffer[12] == 0, MSG, "1st", 0, buffer[12]);
++    gdTestAssertMsg(buffer[13] == GD2_FMT_TRUECOLOR_COMPRESSED, MSG, "2nd", GD2_FMT_TRUECOLOR_COMPRESSED, buffer[13]);
++
++    return gdNumFailures();
++}
diff --git a/gnu/packages/patches/guile-repl-server-test.patch b/gnu/packages/patches/guile-repl-server-test.patch
new file mode 100644
index 0000000000..81e724ecc4
--- /dev/null
+++ b/gnu/packages/patches/guile-repl-server-test.patch
@@ -0,0 +1,48 @@
+commit 8d6209ea56241bb1890c142539927c9ef3fb5a13
+Author: Ludovic Courtès <ludo@gnu.org>
+Date:   Fri Nov 4 22:44:32 2016 +0100
+
+    tests: Throw 'unresolved when the REPL server is too slow.
+
+commit 2fbde7f02adb8c6585e9baf6e293ee49cd23d4c4
+Author: Ludovic Courtès <ludo@gnu.org>
+Date:   Fri Nov 4 22:45:51 2016 +0100
+
+    tests: Avoid race condition in REPL server test.
+
+index ca389ba..4b5ec0c 100644
+--- a/test-suite/tests/00-repl-server.test
++++ b/test-suite/tests/00-repl-server.test
+@@ -61,10 +61,11 @@ socket connected to that server."
+                (lambda ()
+                  (connect client-socket sockaddr))
+                (lambda args
+-                 (when (and (memv (system-error-errno args)
+-                                  (list ENOENT ECONNREFUSED))
+-                            (< tries 3))
+-                   (sleep 1)
++                 (when (memv (system-error-errno args)
++                             (list ENOENT ECONNREFUSED))
++                   (when (> tries 30)
++                     (throw 'unresolved))
++                   (usleep 100)
+                    (loop (+ tries 1))))))
+ 
+            (proc client-socket))
+@@ -104,8 +105,14 @@ reached."
+       "scheme@(repl-server)> $1 = 42\n"
+     (with-repl-server socket
+       (read-until-prompt socket %last-line-before-prompt)
+-      (display "(+ 40 2)\n(quit)\n" socket)
+-      (read-string socket)))
++
++      ;; Wait until 'repl-reader' in boot-9 has written the prompt.
++      ;; Otherwise, if we write too quickly, 'repl-reader' checks for
++      ;; 'char-ready?' and doesn't print the prompt.
++      (match (select (list socket) '() (list socket) 3)
++        (((_) () ())
++         (display "(+ 40 2)\n(quit)\n" socket)
++         (read-string socket)))))
+ 
+   (pass-if "HTTP inter-protocol attack"           ;CVE-2016-8606
+     (with-repl-server socket
diff --git a/gnu/packages/patches/handbrake-pkg-config-path.patch b/gnu/packages/patches/handbrake-pkg-config-path.patch
new file mode 100644
index 0000000000..18f3953eaa
--- /dev/null
+++ b/gnu/packages/patches/handbrake-pkg-config-path.patch
@@ -0,0 +1,24 @@
+Do not clobber PKG_CONFIG_PATH during configure.
+
+--- HandBrake-0.10.5/gtk/module.rules.orig	2016-02-11 14:14:05.000000000 -0600
++++ HandBrake-0.10.5/gtk/module.rules	2016-10-29 22:27:50.550960848 -0500
+@@ -15,7 +15,7 @@
+ 	set -e; cd $(GTK.src/); NOCONFIGURE=1 ./autogen.sh
+ 	set -e; cd $(GTK.build/); $(call fn.ABSOLUTE,$(GTK.src/))configure \
+ 		$(GTK.CONFIGURE.extra) \
+-		PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig \
++		PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH) \
+ 	    CFLAGS="$(call fn.ARGS,GTK.GCC,.g .O *D ?extra)" \
+ 	    LDFLAGS="$(call fn.ARGS,GTK.GCC,?strip .g .O ?extra.exe)" \
+ 	    --prefix=$(PREFIX) \
+--- Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs	1969-12-31 18:00:00.000000000 -0600
++++ Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs	2016-11-01 13:11:43.826144311 -0500
+@@ -119,7 +119,7 @@
+     endif
+     $(1).CONFIGURE.env.CPPFLAGS = CPPFLAGS="-I$$(call fn.ABSOLUTE,$(CONTRIB.build/))include $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra *D)"
+     $(1).CONFIGURE.env.LDFLAGS  = LDFLAGS="-L$$(call fn.ABSOLUTE,$(CONTRIB.build/))lib $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra.exe *D)"
+-    $(1).CONFIGURE.env.PKG_CONFIG_PATH  = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig"
++    $(1).CONFIGURE.env.PKG_CONFIG_PATH  = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH)"
+ 
+     $(1).CONFIGURE.env.args = !CC !CFLAGS !CXX !CXXFLAGS !CPPFLAGS !LD !LDFLAGS !PKG_CONFIG_PATH !LOCAL_PATH !CROSS
+     $(1).CONFIGURE.env = $$(call fn.ARGS,$(1).CONFIGURE.env,$$($(1).CONFIGURE.env.args))
diff --git a/gnu/packages/patches/icecat-CVE-2016-9064.patch b/gnu/packages/patches/icecat-CVE-2016-9064.patch
new file mode 100644
index 0000000000..a5393815e0
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-9064.patch
@@ -0,0 +1,996 @@
+Copied from
+<https://hg.mozilla.org/releases/mozilla-esr45/raw-rev/00c2b7baaa0b>
+but with one hunk omitted: the git binary patch for
+toolkit/mozapps/extensions/test/addons/test_update_multi2/addon.xpi
+which is not present in the IceCat sources.
+
+# HG changeset patch
+# User Andrew Swan <aswan@mozilla.com>
+# Date 1474063218 25200
+# Node ID 00c2b7baaa0b4bfb7d5f1aac31c094ea6b255e1f
+# Parent  46b07bdbf8b20cf3fdc28104add57ff58a55832b
+Bug 1303418 - Don't allow upgrades that change the addon ID. r=mossop, a=lizzard
+
+MozReview-Commit-ID: JHINo8ShmeI
+
+diff --git a/toolkit/mozapps/extensions/AddonManager.jsm b/toolkit/mozapps/extensions/AddonManager.jsm
+--- a/toolkit/mozapps/extensions/AddonManager.jsm
++++ b/toolkit/mozapps/extensions/AddonManager.jsm
+@@ -2956,16 +2956,18 @@ this.AddonManager = {
+   // The downloaded file seems to be corrupted in some way.
+   ERROR_CORRUPT_FILE: -3,
+   // An error occured trying to write to the filesystem.
+   ERROR_FILE_ACCESS: -4,
+   // The add-on must be signed and isn't.
+   ERROR_SIGNEDSTATE_REQUIRED: -5,
+   // The downloaded add-on had a different type than expected.
+   ERROR_UNEXPECTED_ADDON_TYPE: -6,
++  // The addon did not have the expected ID
++  ERROR_INCORRECT_ID: -7,
+ 
+   // These must be kept in sync with AddonUpdateChecker.
+   // No error was encountered.
+   UPDATE_STATUS_NO_ERROR: 0,
+   // The update check timed out
+   UPDATE_STATUS_TIMEOUT: -1,
+   // There was an error while downloading the update information.
+   UPDATE_STATUS_DOWNLOAD_ERROR: -2,
+diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
++++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+@@ -5473,16 +5473,37 @@ AddonInstall.prototype = {
+       // loadManifestFromZipReader performs the certificate verification for us
+       this.addon = yield loadManifestFromZipReader(zipreader, this.installLocation);
+     }
+     catch (e) {
+       zipreader.close();
+       return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, e]);
+     }
+ 
++    if (this.existingAddon) {
++      // Check various conditions related to upgrades
++      if (this.addon.id != this.existingAddon.id) {
++        zipreader.close();
++        return Promise.reject([AddonManager.ERROR_INCORRECT_ID,
++                               `Refusing to upgrade addon ${this.existingAddon.id} to different ID ${this.addon.id}`]);
++      }
++
++      if (this.addon.type == "multipackage") {
++        zipreader.close();
++        return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE,
++                               `Refusing to upgrade addon ${this.existingAddon.id} to a multi-package xpi`]);
++      }
++
++      if (this.existingAddon.type == "webextension" && this.addon.type != "webextension") {
++        zipreader.close();
++        return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE,
++                               "Webextensions may not be updated to other extension types"]);
++      }
++    }
++
+     if (mustSign(this.addon.type)) {
+       if (this.addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) {
+         // This add-on isn't properly signed by a signature that chains to the
+         // trusted root.
+         let state = this.addon.signedState;
+         this.addon = null;
+         zipreader.close();
+ 
+@@ -5510,23 +5531,16 @@ AddonInstall.prototype = {
+         } else {
+           zipreader.close();
+           return Promise.reject([AddonManager.ERROR_CORRUPT_FILE,
+                                  "XPI is incorrectly signed"]);
+         }
+       }
+     }
+ 
+-    if (this.existingAddon && this.existingAddon.type == "webextension" &&
+-        this.addon.type != "webextension") {
+-      zipreader.close();
+-      return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE,
+-                             "WebExtensions may not be upated to other extension types"]);
+-    }
+-
+     if (this.addon.type == "multipackage")
+       return this._loadMultipackageManifests(zipreader);
+ 
+     zipreader.close();
+ 
+     this.updateAddonURIs();
+ 
+     this.addon._install = this;
+@@ -5791,16 +5805,17 @@ AddonInstall.prototype = {
+           else {
+             // TODO Should we send some event here (bug 557716)?
+             this.state = AddonManager.STATE_CHECKING;
+             new UpdateChecker(this.addon, {
+               onUpdateFinished: aAddon => this.downloadCompleted(),
+             }, AddonManager.UPDATE_WHEN_ADDON_INSTALLED);
+           }
+         }, ([error, message]) => {
++          this.removeTemporaryFile();
+           this.downloadFailed(error, message);
+         });
+       }
+       else {
+         if (aRequest instanceof Ci.nsIHttpChannel)
+           this.downloadFailed(AddonManager.ERROR_NETWORK_FAILURE,
+                               aRequest.responseStatus + " " +
+                               aRequest.responseStatusText);
+diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js
+@@ -0,0 +1,5 @@
++
++function install(data, reason) {}
++function startup(data, reason) {}
++function shutdown(data, reason) {}
++function uninstall(data, reason) {}
+diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf
+@@ -0,0 +1,16 @@
++<?xml version="1.0"?>
++<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
++     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
++<Description about="urn:mozilla:install-manifest">
++  <em:id>updatemulti@tests.mozilla.org</em:id>
++  <em:version>1.0</em:version>
++  <em:updateURL>http://localhost:4444/data/test_update_multi.rdf</em:updateURL>
++  <em:bootstrap>true</em:bootstrap>
++  <em:name>Test Addon 1</em:name>
++<em:targetApplication><Description>
++  <em:id>xpcshell@tests.mozilla.org</em:id>
++  <em:minVersion>1</em:minVersion>
++  <em:maxVersion>1</em:maxVersion>
++</Description></em:targetApplication>
++</Description>
++</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf
+@@ -0,0 +1,9 @@
++<?xml version="1.0"?>
++<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
++     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
++<Description about="urn:mozilla:install-manifest">
++  <em:id>updatemulti@tests.mozilla.org</em:id>
++  <em:type>32</em:type>
++  <em:version>2.0</em:version>
++</Description>
++</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js
+@@ -0,0 +1,5 @@
++
++function install(data, reason) {}
++function startup(data, reason) {}
++function shutdown(data, reason) {}
++function uninstall(data, reason) {}
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf
+@@ -0,0 +1,16 @@
++<?xml version="1.0"?>
++<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
++     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
++<Description about="urn:mozilla:install-manifest">
++  <em:id>addon1@tests.mozilla.org</em:id>
++  <em:version>1.0</em:version>
++  <em:updateURL>http://localhost:4444/data/test_updateid.rdf</em:updateURL>
++  <em:bootstrap>true</em:bootstrap>
++  <em:name>Test Addon 1</em:name>
++<em:targetApplication><Description>
++  <em:id>xpcshell@tests.mozilla.org</em:id>
++  <em:minVersion>1</em:minVersion>
++  <em:maxVersion>1</em:maxVersion>
++</Description></em:targetApplication>
++</Description>
++</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js
+@@ -0,0 +1,5 @@
++
++function install(data, reason) {}
++function startup(data, reason) {}
++function shutdown(data, reason) {}
++function uninstall(data, reason) {}
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf
+@@ -0,0 +1,16 @@
++<?xml version="1.0"?>
++<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
++     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
++<Description about="urn:mozilla:install-manifest">
++  <em:id>addon1.changed@tests.mozilla.org</em:id>
++  <em:version>2.0</em:version>
++  <em:updateURL>http://localhost:4444/data/test_updateid.rdf</em:updateURL>
++  <em:bootstrap>true</em:bootstrap>
++  <em:name>Test Addon 1</em:name>
++<em:targetApplication><Description>
++  <em:id>xpcshell@tests.mozilla.org</em:id>
++  <em:minVersion>1</em:minVersion>
++  <em:maxVersion>1</em:maxVersion>
++</Description></em:targetApplication>
++</Description>
++</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf
+deleted file mode 100644
+--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf
++++ /dev/null
+@@ -1,24 +0,0 @@
+-<?xml version="1.0"?>
+-
+-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+-     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+-
+-  <Description about="urn:mozilla:install-manifest">
+-    <em:id>addon2@tests.mozilla.org</em:id>
+-    <em:version>2.0</em:version>
+-    <em:updateURL>http://localhost:4444/data/test_updateid.rdf</em:updateURL>
+-
+-    <!-- Front End MetaData -->
+-    <em:name>Test 2</em:name>
+-    <em:description>Test Description</em:description>
+-
+-    <em:targetApplication>
+-      <Description>
+-        <em:id>xpcshell@tests.mozilla.org</em:id>
+-        <em:minVersion>1</em:minVersion>
+-        <em:maxVersion>1</em:maxVersion>
+-      </Description>
+-    </em:targetApplication>
+-
+-  </Description>
+-</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf
+deleted file mode 100644
+--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf
++++ /dev/null
+@@ -1,24 +0,0 @@
+-<?xml version="1.0"?>
+-
+-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+-     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+-
+-  <Description about="urn:mozilla:install-manifest">
+-    <em:id>addon2@tests.mozilla.org</em:id>
+-    <em:version>5.0</em:version>
+-    <em:updateURL>http://localhost:4444/data/test_updateid.rdf</em:updateURL>
+-
+-    <!-- Front End MetaData -->
+-    <em:name>Test 2</em:name>
+-    <em:description>Test Description</em:description>
+-
+-    <em:targetApplication>
+-      <Description>
+-        <em:id>xpcshell@tests.mozilla.org</em:id>
+-        <em:minVersion>1</em:minVersion>
+-        <em:maxVersion>1</em:maxVersion>
+-      </Description>
+-    </em:targetApplication>
+-
+-  </Description>
+-</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js
+deleted file mode 100644
+--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js
++++ /dev/null
+@@ -1,21 +0,0 @@
+-Components.utils.import("resource://gre/modules/Services.jsm");
+-
+-function install(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.installed_version", 3);
+-  Services.prefs.setIntPref("bootstraptest.install_reason", reason);
+-}
+-
+-function startup(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.active_version", 3);
+-  Services.prefs.setIntPref("bootstraptest.startup_reason", reason);
+-}
+-
+-function shutdown(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.active_version", 0);
+-  Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason);
+-}
+-
+-function uninstall(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.installed_version", 0);
+-  Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason);
+-}
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf
+deleted file mode 100644
+--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf
++++ /dev/null
+@@ -1,25 +0,0 @@
+-<?xml version="1.0"?>
+-
+-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+-     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+-
+-  <Description about="urn:mozilla:install-manifest">
+-    <em:id>addon3@tests.mozilla.org</em:id>
+-    <em:version>3.0</em:version>
+-    <em:updateURL>http://localhost:4444/data/test_updateid.rdf</em:updateURL>
+-    <em:bootstrap>true</em:bootstrap>
+-
+-    <!-- Front End MetaData -->
+-    <em:name>Test 3</em:name>
+-    <em:description>Test Description</em:description>
+-
+-    <em:targetApplication>
+-      <Description>
+-        <em:id>xpcshell@tests.mozilla.org</em:id>
+-        <em:minVersion>1</em:minVersion>
+-        <em:maxVersion>1</em:maxVersion>
+-      </Description>
+-    </em:targetApplication>
+-
+-  </Description>
+-</RDF>
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js
+deleted file mode 100644
+--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js
++++ /dev/null
+@@ -1,21 +0,0 @@
+-Components.utils.import("resource://gre/modules/Services.jsm");
+-
+-function install(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.installed_version", 4);
+-  Services.prefs.setIntPref("bootstraptest.install_reason", reason);
+-}
+-
+-function startup(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.active_version", 4);
+-  Services.prefs.setIntPref("bootstraptest.startup_reason", reason);
+-}
+-
+-function shutdown(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.active_version", 0);
+-  Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason);
+-}
+-
+-function uninstall(data, reason) {
+-  Services.prefs.setIntPref("bootstraptest.installed_version", 0);
+-  Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason);
+-}
+diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf
+deleted file mode 100644
+--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf
++++ /dev/null
+@@ -1,25 +0,0 @@
+-<?xml version="1.0"?>
+-
+-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+-     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+-
+-  <Description about="urn:mozilla:install-manifest">
+-    <em:id>addon4@tests.mozilla.org</em:id>
+-    <em:version>4.0</em:version>
+-    <em:updateURL>http://localhost:4444/data/test_updateid.rdf</em:updateURL>
+-    <em:bootstrap>true</em:bootstrap>
+-
+-    <!-- Front End MetaData -->
+-    <em:name>Test 4</em:name>
+-    <em:description>Test Description</em:description>
+-
+-    <em:targetApplication>
+-      <Description>
+-        <em:id>xpcshell@tests.mozilla.org</em:id>
+-        <em:minVersion>1</em:minVersion>
+-        <em:maxVersion>1</em:maxVersion>
+-      </Description>
+-    </em:targetApplication>
+-
+-  </Description>
+-</RDF>
+diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf
+new file mode 100644
+--- /dev/null
++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf
+@@ -0,0 +1,26 @@
++<?xml version="1.0" encoding="UTF-8"?>
++
++<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
++     xmlns:em="http://www.mozilla.org/2004/em-rdf#">
++
++  <Description about="urn:mozilla:extension:updatemulti@tests.mozilla.org">
++    <em:updates>
++      <Seq>
++        <li>
++          <Description>
++            <em:version>2.0</em:version>
++            <em:targetApplication>
++              <Description>
++                <em:id>xpcshell@tests.mozilla.org</em:id>
++                <em:minVersion>1</em:minVersion>
++                <em:maxVersion>1</em:maxVersion>
++                <em:updateLink>http://localhost:4444/addons/test_update_multi2.xpi</em:updateLink>
++              </Description>
++            </em:targetApplication>
++          </Description>
++        </li>
++      </Seq>
++    </em:updates>
++  </Description>
++
++</RDF>
+diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf
+--- a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf
++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf
+@@ -9,77 +9,17 @@
+         <li>
+           <Description>
+             <em:version>2.0</em:version>
+             <em:targetApplication>
+               <Description>
+                 <em:id>xpcshell@tests.mozilla.org</em:id>
+                 <em:minVersion>1</em:minVersion>
+                 <em:maxVersion>1</em:maxVersion>
+-                <em:updateLink>http://localhost:4444/addons/test_updateid2_2.xpi</em:updateLink>
+-              </Description>
+-            </em:targetApplication>
+-          </Description>
+-        </li>
+-      </Seq>
+-    </em:updates>
+-  </Description>
+-
+-  <Description about="urn:mozilla:extension:addon2@tests.mozilla.org">
+-    <em:updates>
+-      <Seq>
+-        <li>
+-          <Description>
+-            <em:version>3.0</em:version>
+-            <em:targetApplication>
+-              <Description>
+-                <em:id>xpcshell@tests.mozilla.org</em:id>
+-                <em:minVersion>1</em:minVersion>
+-                <em:maxVersion>1</em:maxVersion>
+-                <em:updateLink>http://localhost:4444/addons/test_updateid3_3.xpi</em:updateLink>
+-              </Description>
+-            </em:targetApplication>
+-          </Description>
+-        </li>
+-      </Seq>
+-    </em:updates>
+-  </Description>
+-
+-  <Description about="urn:mozilla:extension:addon3@tests.mozilla.org">
+-    <em:updates>
+-      <Seq>
+-        <li>
+-          <Description>
+-            <em:version>4.0</em:version>
+-            <em:targetApplication>
+-              <Description>
+-                <em:id>xpcshell@tests.mozilla.org</em:id>
+-                <em:minVersion>1</em:minVersion>
+-                <em:maxVersion>1</em:maxVersion>
+-                <em:updateLink>http://localhost:4444/addons/test_updateid4_4.xpi</em:updateLink>
+-              </Description>
+-            </em:targetApplication>
+-          </Description>
+-        </li>
+-      </Seq>
+-    </em:updates>
+-  </Description>
+-
+-  <Description about="urn:mozilla:extension:addon4@tests.mozilla.org">
+-    <em:updates>
+-      <Seq>
+-        <li>
+-          <Description>
+-            <em:version>5.0</em:version>
+-            <em:targetApplication>
+-              <Description>
+-                <em:id>xpcshell@tests.mozilla.org</em:id>
+-                <em:minVersion>1</em:minVersion>
+-                <em:maxVersion>1</em:maxVersion>
+-                <em:updateLink>http://localhost:4444/addons/test_updateid2_5.xpi</em:updateLink>
++                <em:updateLink>http://localhost:4444/addons/test_updateid2.xpi</em:updateLink>
+               </Description>
+             </em:targetApplication>
+           </Description>
+         </li>
+       </Seq>
+     </em:updates>
+   </Description>
+ 
+diff --git a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js
+--- a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js
++++ b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js
+@@ -2,421 +2,85 @@
+  * http://creativecommons.org/publicdomain/zero/1.0/
+  */
+ 
+ // This verifies that updating an add-on to a new ID works
+ 
+ // The test extension uses an insecure update url.
+ Services.prefs.setBoolPref("extensions.checkUpdateSecurity", false);
+ 
+-Components.utils.import("resource://testing-common/httpd.js");
+-var testserver;
+ const profileDir = gProfD.clone();
+ profileDir.append("extensions");
+ 
+-function resetPrefs() {
+-  Services.prefs.setIntPref("bootstraptest.active_version", -1);
+-  Services.prefs.setIntPref("bootstraptest.installed_version", -1);
+-  Services.prefs.setIntPref("bootstraptest.startup_reason", -1);
+-  Services.prefs.setIntPref("bootstraptest.shutdown_reason", -1);
+-  Services.prefs.setIntPref("bootstraptest.install_reason", -1);
+-  Services.prefs.setIntPref("bootstraptest.uninstall_reason", -1);
+-}
+-
+-function getActiveVersion() {
+-  return Services.prefs.getIntPref("bootstraptest.active_version");
+-}
+-
+-function getInstalledVersion() {
+-  return Services.prefs.getIntPref("bootstraptest.installed_version");
+-}
+-
+-function run_test() {
+-  createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2");
+-
+-  // Create and configure the HTTP server.
+-  testserver = new HttpServer();
+-  testserver.registerDirectory("/data/", do_get_file("data"));
+-  testserver.registerDirectory("/addons/", do_get_file("addons"));
+-  testserver.start(4444);
+-
+-  do_test_pending();
+-  run_test_1();
+-}
+-
+-function end_test() {
+-  testserver.stop(do_test_finished);
+-}
+-
+-function installUpdate(aInstall, aCallback) {
+-  aInstall.addListener({
+-    onInstallEnded: function(aInstall) {
+-      // give the startup time to run
+-      do_execute_soon(function() {
+-        aCallback(aInstall);
+-      });
+-    }
+-  });
+-
+-  aInstall.install();
+-}
+-
+-// Verify that an update to an add-on with a new ID uninstalls the old add-on
+-function run_test_1() {
+-  writeInstallRDFForExtension({
+-    id: "addon1@tests.mozilla.org",
+-    version: "1.0",
+-    updateURL: "http://localhost:4444/data/test_updateid.rdf",
+-    targetApplications: [{
+-      id: "xpcshell@tests.mozilla.org",
+-      minVersion: "1",
+-      maxVersion: "1"
+-    }],
+-    name: "Test Addon 1",
+-  }, profileDir);
+-
+-  startupManager();
+-
+-  AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) {
+-    do_check_neq(a1, null);
+-    do_check_eq(a1.version, "1.0");
++function promiseInstallUpdate(install) {
++  return new Promise((resolve, reject) => {
++    install.addListener({
++      onDownloadFailed: () => {
++        let err = new Error("download error");
++        err.code = install.error;
++        reject(err);
++      },
++      onInstallFailed: () => {
++        let err = new Error("install error");
++        err.code = install.error;
++        reject(err);
++      },
++      onInstallEnded: resolve,
++    });
+ 
+-    a1.findUpdates({
+-      onUpdateAvailable: function(addon, install) {
+-        do_check_eq(install.name, addon.name);
+-        do_check_eq(install.version, "2.0");
+-        do_check_eq(install.state, AddonManager.STATE_AVAILABLE);
+-        do_check_eq(install.existingAddon, a1);
+-
+-        installUpdate(install, check_test_1);
+-      }
+-    }, AddonManager.UPDATE_WHEN_USER_REQUESTED);
+-  });
+-}
+-
+-function check_test_1(install) {
+-  AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) {
+-    // Existing add-on should have a pending upgrade
+-    do_check_neq(a1.pendingUpgrade, null);
+-    do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org");
+-    do_check_eq(a1.pendingUpgrade.install.existingAddon, a1);
+-    do_check_neq(a1.syncGUID);
+-
+-    let a1SyncGUID = a1.syncGUID;
+-
+-    restartManager();
+-
+-    AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org",
+-                                 "addon2@tests.mozilla.org"], function([a1, a2]) {
+-      // Should have uninstalled the old and installed the new
+-      do_check_eq(a1, null);
+-      do_check_neq(a2, null);
+-      do_check_neq(a2.syncGUID, null);
+-
+-      // The Sync GUID should change when the ID changes
+-      do_check_neq(a1SyncGUID, a2.syncGUID);
+-
+-      a2.uninstall();
+-
+-      do_execute_soon(run_test_2);
+-    });
+-  }));
+-}
+-
+-// Test that when the new add-on already exists we just upgrade that
+-function run_test_2() {
+-  restartManager();
+-  shutdownManager();
+-
+-  writeInstallRDFForExtension({
+-    id: "addon1@tests.mozilla.org",
+-    version: "1.0",
+-    updateURL: "http://localhost:4444/data/test_updateid.rdf",
+-    targetApplications: [{
+-      id: "xpcshell@tests.mozilla.org",
+-      minVersion: "1",
+-      maxVersion: "1"
+-    }],
+-    name: "Test Addon 1",
+-  }, profileDir);
+-  writeInstallRDFForExtension({
+-    id: "addon2@tests.mozilla.org",
+-    version: "1.0",
+-    targetApplications: [{
+-      id: "xpcshell@tests.mozilla.org",
+-      minVersion: "1",
+-      maxVersion: "1"
+-    }],
+-    name: "Test Addon 2",
+-  }, profileDir);
+-
+-  startupManager();
+-
+-  AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) {
+-    do_check_neq(a1, null);
+-    do_check_eq(a1.version, "1.0");
+-
+-    a1.findUpdates({
+-      onUpdateAvailable: function(addon, install) {
+-        installUpdate(install, check_test_2);
+-      }
+-    }, AddonManager.UPDATE_WHEN_USER_REQUESTED);
++    install.install();
+   });
+ }
+ 
+-function check_test_2(install) {
+-  AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org",
+-                               "addon2@tests.mozilla.org"],
+-                               callback_soon(function([a1, a2]) {
+-    do_check_eq(a1.pendingUpgrade, null);
+-    // Existing add-on should have a pending upgrade
+-    do_check_neq(a2.pendingUpgrade, null);
+-    do_check_eq(a2.pendingUpgrade.id, "addon2@tests.mozilla.org");
+-    do_check_eq(a2.pendingUpgrade.install.existingAddon, a2);
+-
+-    restartManager();
+-
+-    AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org",
+-                                 "addon2@tests.mozilla.org"], function([a1, a2]) {
+-      // Should have uninstalled the old and installed the new
+-      do_check_neq(a1, null);
+-      do_check_neq(a2, null);
+-
+-      a1.uninstall();
+-      a2.uninstall();
+-
+-      do_execute_soon(run_test_3);
+-    });
+-  }));
+-}
+-
+-// Test that we rollback correctly when removing the old add-on fails
+-function run_test_3() {
+-  restartManager();
+-  shutdownManager();
+-
+-  // This test only works on Windows
+-  if (!("nsIWindowsRegKey" in AM_Ci)) {
+-    run_test_4();
+-    return;
+-  }
+-
+-  writeInstallRDFForExtension({
+-    id: "addon1@tests.mozilla.org",
+-    version: "1.0",
+-    updateURL: "http://localhost:4444/data/test_updateid.rdf",
+-    targetApplications: [{
+-      id: "xpcshell@tests.mozilla.org",
+-      minVersion: "1",
+-      maxVersion: "1"
+-    }],
+-    name: "Test Addon 1",
+-  }, profileDir);
+-
+-  startupManager();
++// Create and configure the HTTP server.
++let testserver = createHttpServer(4444);
++testserver.registerDirectory("/data/", do_get_file("data"));
++testserver.registerDirectory("/addons/", do_get_file("addons"));
+ 
+-  AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) {
+-    do_check_neq(a1, null);
+-    do_check_eq(a1.version, "1.0");
+-
+-    a1.findUpdates({
+-      onUpdateAvailable: function(addon, install) {
+-        installUpdate(install, check_test_3);
+-      }
+-    }, AddonManager.UPDATE_WHEN_USER_REQUESTED);
+-  });
+-}
+-
+-function check_test_3(install) {
+-  AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) {
+-    // Existing add-on should have a pending upgrade
+-    do_check_neq(a1.pendingUpgrade, null);
+-    do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org");
+-    do_check_eq(a1.pendingUpgrade.install.existingAddon, a1);
+-
+-    // Lock the old add-on open so it can't be uninstalled
+-    var file = profileDir.clone();
+-    file.append("addon1@tests.mozilla.org");
+-    if (!file.exists())
+-      file.leafName += ".xpi";
+-    else
+-      file.append("install.rdf");
+-
+-    var fstream = AM_Cc["@mozilla.org/network/file-output-stream;1"].
+-                  createInstance(AM_Ci.nsIFileOutputStream);
+-    fstream.init(file, FileUtils.MODE_APPEND | FileUtils.MODE_WRONLY, FileUtils.PERMS_FILE, 0);
+-
+-    restartManager();
+-
+-    fstream.close();
+-
+-    AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org",
+-                                 "addon2@tests.mozilla.org"],
+-                                 callback_soon(function([a1, a2]) {
+-      // Should not have installed the new add-on but it should still be
+-      // pending install
+-      do_check_neq(a1, null);
+-      do_check_eq(a2, null);
+-
+-      restartManager();
+-
+-      AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org",
+-                                   "addon2@tests.mozilla.org"], function([a1, a2]) {
+-        // Should have installed the new add-on
+-        do_check_eq(a1, null);
+-        do_check_neq(a2, null);
+-
+-        a2.uninstall();
+-
+-        do_execute_soon(run_test_4);
+-      });
+-    }));
+-  }));
++function run_test() {
++  createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2");
++  startupManager();
++  run_next_test();
+ }
+ 
+-// Tests that upgrading to a bootstrapped add-on works but requires a restart
+-function run_test_4() {
+-  restartManager();
+-  shutdownManager();
+-
+-  writeInstallRDFForExtension({
+-    id: "addon2@tests.mozilla.org",
+-    version: "2.0",
+-    updateURL: "http://localhost:4444/data/test_updateid.rdf",
+-    targetApplications: [{
+-      id: "xpcshell@tests.mozilla.org",
+-      minVersion: "1",
+-      maxVersion: "1"
+-    }],
+-    name: "Test Addon 2",
+-  }, profileDir);
+-
+-  startupManager();
+-
+-  resetPrefs();
+-
+-  AddonManager.getAddonByID("addon2@tests.mozilla.org", function(a2) {
+-    do_check_neq(a2, null);
+-    do_check_neq(a2.syncGUID, null);
+-    do_check_eq(a2.version, "2.0");
+-
+-    a2.findUpdates({
+-      onUpdateAvailable: function(addon, install) {
+-        installUpdate(install, check_test_4);
+-      }
+-    }, AddonManager.UPDATE_WHEN_USER_REQUESTED);
+-  });
+-}
+-
+-function check_test_4() {
+-  AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org",
+-                               "addon3@tests.mozilla.org"],
+-                               callback_soon(function([a2, a3]) {
+-    // Should still be pending install even though the new add-on is restartless
+-    do_check_neq(a2, null);
+-    do_check_eq(a3, null);
+-
+-    do_check_neq(a2.pendingUpgrade, null);
+-    do_check_eq(a2.pendingUpgrade.id, "addon3@tests.mozilla.org");
+-
+-    do_check_eq(getInstalledVersion(), -1);
+-    do_check_eq(getActiveVersion(), -1);
+-
+-    restartManager();
+-
+-    AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org",
+-                                 "addon3@tests.mozilla.org"], function([a2, a3]) {
+-      // Should have updated
+-      do_check_eq(a2, null);
+-      do_check_neq(a3, null);
+-
+-      do_check_eq(getInstalledVersion(), 3);
+-      do_check_eq(getActiveVersion(), 3);
+-
+-      do_execute_soon(run_test_5);
+-    });
+-  }));
+-}
+-
+-// Tests that upgrading to another bootstrapped add-on works without a restart
+-function run_test_5() {
+-  AddonManager.getAddonByID("addon3@tests.mozilla.org", function(a3) {
+-    do_check_neq(a3, null);
+-    do_check_eq(a3.version, "3.0");
++// Verify that an update to an add-on with a new ID fails
++add_task(function* test_update_new_id() {
++  yield promiseInstallAllFiles([do_get_addon("test_updateid1")]);
+ 
+-    a3.findUpdates({
+-      onUpdateAvailable: function(addon, install) {
+-        installUpdate(install, check_test_5);
+-      }
+-    }, AddonManager.UPDATE_WHEN_USER_REQUESTED);
+-  });
+-}
+-
+-function check_test_5() {
+-  AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org",
+-                               "addon4@tests.mozilla.org"],
+-                               callback_soon(function([a3, a4]) {
+-    // Should have updated
+-    do_check_eq(a3, null);
+-    do_check_neq(a4, null);
+-
+-    do_check_eq(getInstalledVersion(), 4);
+-    do_check_eq(getActiveVersion(), 4);
+-
+-    restartManager();
+-
+-    AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org",
+-                                 "addon4@tests.mozilla.org"], function([a3, a4]) {
+-      // Should still be gone
+-      do_check_eq(a3, null);
+-      do_check_neq(a4, null);
+-
+-      do_check_eq(getInstalledVersion(), 4);
+-      do_check_eq(getActiveVersion(), 4);
+-
+-      run_test_6();
+-    });
+-  }));
+-}
++  let addon = yield promiseAddonByID("addon1@tests.mozilla.org");
++  do_check_neq(addon, null);
++  do_check_eq(addon.version, "1.0");
+ 
+-// Tests that upgrading to a non-bootstrapped add-on works but requires a restart
+-function run_test_6() {
+-  AddonManager.getAddonByID("addon4@tests.mozilla.org", function(a4) {
+-    do_check_neq(a4, null);
+-    do_check_eq(a4.version, "4.0");
+-
+-    a4.findUpdates({
+-      onUpdateAvailable: function(addon, install) {
+-        installUpdate(install, check_test_6);
+-      }
+-    }, AddonManager.UPDATE_WHEN_USER_REQUESTED);
+-  });
+-}
++  let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED);
++  let install = update.updateAvailable;
++  do_check_eq(install.name, addon.name);
++  do_check_eq(install.version, "2.0");
++  do_check_eq(install.state, AddonManager.STATE_AVAILABLE);
++  do_check_eq(install.existingAddon, addon);
+ 
+-function check_test_6() {
+-  AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org",
+-                               "addon2@tests.mozilla.org"],
+-                               callback_soon(function([a4, a2]) {
+-    // Should still be pending install even though the old add-on is restartless
+-    do_check_neq(a4, null);
+-    do_check_eq(a2, null);
+-
+-    do_check_neq(a4.pendingUpgrade, null);
+-    do_check_eq(a4.pendingUpgrade.id, "addon2@tests.mozilla.org");
+-
+-    do_check_eq(getInstalledVersion(), 4);
+-    do_check_eq(getActiveVersion(), 4);
++  yield Assert.rejects(promiseInstallUpdate(install),
++                       function(err) { return err.code == AddonManager.ERROR_INCORRECT_ID },
++                       "Upgrade to a different ID fails");
+ 
+-    restartManager();
++  addon.uninstall();
++});
+ 
+-    AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org",
+-                                 "addon2@tests.mozilla.org"], function([a4, a2]) {
+-      // Should have updated
+-      do_check_eq(a4, null);
+-      do_check_neq(a2, null);
++// Verify that an update to a multi-package xpi fails
++add_task(function* test_update_new_id() {
++  yield promiseInstallAllFiles([do_get_addon("test_update_multi1")]);
+ 
+-      do_check_eq(getInstalledVersion(), 0);
+-      do_check_eq(getActiveVersion(), 0);
++  let addon = yield promiseAddonByID("updatemulti@tests.mozilla.org");
++  do_check_neq(addon, null);
++  do_check_eq(addon.version, "1.0");
+ 
+-      end_test();
+-    });
+-  }));
+-}
++  let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED);
++  let install = update.updateAvailable;
++  do_check_eq(install.name, addon.name);
++  do_check_eq(install.version, "2.0");
++  do_check_eq(install.state, AddonManager.STATE_AVAILABLE);
++  do_check_eq(install.existingAddon, addon);
++
++  yield Assert.rejects(promiseInstallUpdate(install),
++                       function(err) { return err.code == AddonManager.ERROR_UNEXPECTED_ADDON_TYPE },
++                       "Upgrade to a multipackage xpi fails");
++
++  addon.uninstall();
++});
+
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5652.patch b/gnu/packages/patches/libtiff-CVE-2016-5652.patch
deleted file mode 100644
index 54b87d0185..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2016-5652.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-Fix CVE-2016-5652 (buffer overflow in t2p_readwrite_pdf_image_tile()).
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652
-
-Patches exfiltrated from upstream CVS repo with:
-cvs diff -u -r 1.92 -r 1.94 tools/tiff2pdf.c
-
-Index: tools/tiff2pdf.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v
-retrieving revision 1.92
-retrieving revision 1.94
-diff -u -r1.92 -r1.94
---- a/tools/tiff2pdf.c	23 Sep 2016 22:12:18 -0000	1.92
-+++ b/tools/tiff2pdf.c	9 Oct 2016 11:03:36 -0000	1.94
-@@ -2887,21 +2887,24 @@
- 				return(0);
- 			}
- 			if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) {
--				if (count > 0) {
--					_TIFFmemcpy(buffer, jpt, count);
-+				if (count >= 4) {
-+                    /* Ignore EOI marker of JpegTables */
-+					_TIFFmemcpy(buffer, jpt, count - 2);
- 					bufferoffset += count - 2;
-+                    /* Store last 2 bytes of the JpegTables */
- 					table_end[0] = buffer[bufferoffset-2];
- 					table_end[1] = buffer[bufferoffset-1];
--				}
--				if (count > 0) {
- 					xuint32 = bufferoffset;
-+                    bufferoffset -= 2;
- 					bufferoffset += TIFFReadRawTile(
- 						input, 
- 						tile, 
--						(tdata_t) &(((unsigned char*)buffer)[bufferoffset-2]), 
-+						(tdata_t) &(((unsigned char*)buffer)[bufferoffset]), 
- 						-1);
--						buffer[xuint32-2]=table_end[0];
--						buffer[xuint32-1]=table_end[1];
-+                    /* Overwrite SOI marker of image scan with previously */
-+                    /* saved end of JpegTables */
-+					buffer[xuint32-2]=table_end[0];
-+					buffer[xuint32-1]=table_end[1];
- 				} else {
- 					bufferoffset += TIFFReadRawTile(
- 						input, 
diff --git a/gnu/packages/patches/libtiff-CVE-2016-9273.patch b/gnu/packages/patches/libtiff-CVE-2016-9273.patch
deleted file mode 100644
index 9cd6b3d8c5..0000000000
--- a/gnu/packages/patches/libtiff-CVE-2016-9273.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-Fix CVE-2016-9273:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273
-http://bugzilla.maptools.org/show_bug.cgi?id=2587
-
-Patch extracted from upstream CVS repo:
-
-2016-11-10 Even Rouault <even.rouault at spatialys.com>
-
-revision 1.37
-date: 2016-11-09 18:00:49 -0500;  author: erouault;  state: Exp;  lines: +10 -1;  commitid: pzKipPxDJO2dxvtz;
-* libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips
-value when it is non-zero, instead of recomputing it. This is needed in
-TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of
-array in tiffsplit (or other utilities using TIFFNumberOfStrips()).
-Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2587
-
-Index: libtiff/tif_strip.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v
-retrieving revision 1.36
-retrieving revision 1.37
-diff -u -r1.36 -r1.37
---- a/libtiff/tif_strip.c	7 Jun 2015 22:35:40 -0000	1.36
-+++ b/libtiff/tif_strip.c	9 Nov 2016 23:00:49 -0000	1.37
-@@ -63,6 +63,15 @@
- 	TIFFDirectory *td = &tif->tif_dir;
- 	uint32 nstrips;
- 
-+    /* If the value was already computed and store in td_nstrips, then return it,
-+       since ChopUpSingleUncompressedStrip might have altered and resized the
-+       since the td_stripbytecount and td_stripoffset arrays to the new value
-+       after the initial affectation of td_nstrips = TIFFNumberOfStrips() in
-+       tif_dirread.c ~line 3612.
-+       See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */
-+    if( td->td_nstrips )
-+        return td->td_nstrips;
-+
- 	nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 :
- 	     TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip));
- 	if (td->td_planarconfig == PLANARCONFIG_SEPARATE)
diff --git a/gnu/packages/patches/lvm2-static-link.patch b/gnu/packages/patches/lvm2-static-link.patch
new file mode 100644
index 0000000000..b4b1dd92e1
--- /dev/null
+++ b/gnu/packages/patches/lvm2-static-link.patch
@@ -0,0 +1,14 @@
+Fix static linking of 'lvm.static', which indirectly depend on libpthread
+via libdevmapper.a.
+
+--- LVM2.2.02.166/tools/Makefile.in	2016-11-22 21:31:15.521045149 +0100
++++ LVM2.2.02.166/tools/Makefile.in	2016-11-22 21:31:24.085082767 +0100
+@@ -148,7 +148,7 @@ endif
+ 
+ lvm.static: $(OBJECTS) lvm-static.o $(top_builddir)/lib/liblvm-internal.a  $(interfacebuilddir)/libdevmapper.a
+ 	$(CC) $(CFLAGS) $(LDFLAGS) -static -L$(interfacebuilddir) -o $@ \
+-	      $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS)
++	      $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) $(PTHREAD_LIBS)
+ 
+ liblvm2cmd.a: $(top_builddir)/lib/liblvm-internal.a $(OBJECTS) lvmcmdlib.o lvm2cmd.o
+ 	cat $(top_builddir)/lib/liblvm-internal.a > $@
diff --git a/gnu/packages/patches/pixman-CVE-2016-5296.patch b/gnu/packages/patches/pixman-CVE-2016-5296.patch
new file mode 100644
index 0000000000..21942326ae
--- /dev/null
+++ b/gnu/packages/patches/pixman-CVE-2016-5296.patch
@@ -0,0 +1,19 @@
+Fix CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
+Adapted for upstream pixman based on:
+
+  https://hg.mozilla.org/releases/mozilla-esr45/rev/5e39c1c2fded
+
+--- pixman-0.34.0/pixman/pixman-edge-imp.h.orig	2015-06-30 05:48:31.000000000 -0400
++++ pixman-0.34.0/pixman/pixman-edge-imp.h	2016-11-16 01:09:34.046335106 -0500
+@@ -55,8 +55,9 @@
+ 	 *
+ 	 * (The AA case does a similar  adjustment in RENDER_SAMPLES_X)
+ 	 */
+-	lx += X_FRAC_FIRST(1) - pixman_fixed_e;
+-	rx += X_FRAC_FIRST(1) - pixman_fixed_e;
++	/* we cast to unsigned to get defined behaviour for overflow */
++	lx = (unsigned)lx + X_FRAC_FIRST(1) - pixman_fixed_e;
++	rx = (unsigned)rx + X_FRAC_FIRST(1) - pixman_fixed_e;
+ #endif
+ 	/* clip X */
+ 	if (lx < 0)