Merge branch 'master' into core-updates

11 files changed, 346 insertions, 108 deletions

diff --git a/gnu/packages/patches/ao-cad-aarch64-support.patch b/gnu/packages/patches/ao-cad-aarch64-support.patch
new file mode 100644
index 0000000000..291369cd9b
--- /dev/null
+++ b/gnu/packages/patches/ao-cad-aarch64-support.patch
@@ -0,0 +1,18 @@
+Support in ao-cad for aarch64.
+
+Submitted upstream at https://github.com/mkeeter/ao/issues/69
+
+--- ao/ui/vendor/efsw/src/efsw/inotify-nosys.h.orig	2017-12-14 16:27:16.125871099 -0600
++++ ao/ui/vendor/efsw/src/efsw/inotify-nosys.h	2017-12-14 16:26:39.786022981 -0600
+@@ -69,6 +69,11 @@
+ # define __NR_inotify_add_watch (__NR_SYSCALL_BASE+317)
+ # define __NR_inotify_rm_watch (__NR_SYSCALL_BASE+318)
+ 
++#elif defined (__aarch64__)
++# define __NR_inotify_init 1043
++# define __NR_inotify_add_watch 27
++# define __NR_inotify_rm_watch 28
++
+ #elif defined (__frv__)
+ # define __NR_inotify_init 291
+ # define __NR_inotify_add_watch 292
diff --git a/gnu/packages/patches/guile-bytestructures-name-clash.patch b/gnu/packages/patches/guile-bytestructures-name-clash.patch
deleted file mode 100644
index ac834dd504..0000000000
--- a/gnu/packages/patches/guile-bytestructures-name-clash.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-This patch works around a name clash between the 'cstring-pointer' module and
-the 'cstring-module' variable that occurs in Guile 2.0:
-
-  ice-9/boot-9.scm:109:20: re-exporting local variable: cstring-pointer
-
---- guile-bytestructures-20170402.91d042e-checkout/bytestructures/guile.scm	2017-07-25 17:04:32.858289986 +0200
-+++ guile-bytestructures-20170402.91d042e-checkout/bytestructures/guile.scm	2017-07-25 17:04:41.130244725 +0200
-@@ -1,6 +1,6 @@
- (define-module (bytestructures guile))
- 
--(import
-+(use-modules
-  (bytestructures guile base)
-  (bytestructures guile vector)
-  (bytestructures guile struct)
-@@ -8,7 +8,7 @@
-  (bytestructures guile pointer)
-  (bytestructures guile numeric)
-  (bytestructures guile string)
-- (bytestructures guile cstring-pointer))
-+ ((bytestructures guile cstring-pointer) #:prefix cstr:))
- (re-export
-  make-bytestructure-descriptor
-  bytestructure-descriptor?
-@@ -75,5 +75,5 @@
- 
-  bs:string
- 
-- cstring-pointer
-+ cstr:cstring-pointer
-  )
diff --git a/gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch b/gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch
new file mode 100644
index 0000000000..6b088286cb
--- /dev/null
+++ b/gnu/packages/patches/icecat-bug-1427870-spectre-mitigation.patch
@@ -0,0 +1,49 @@
+Mitigate Spectre by reducing the resolution of performance.now() to 20
+microseconds.  Based on:
+
+  https://hg.mozilla.org/releases/mozilla-release/rev/afa87f9be3a8
+
+For more details, see:
+
+  https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
+
+This patch was modified to apply cleanly to GNU IceCat.
+
+
+# HG changeset patch
+# User Tom Ritter <tom@mozilla.com>
+# Date 1514660820 21600
+# Node ID afa87f9be3a8852da3a30f286b15ae599c7874f6
+# Parent  6caa457ebedc915b43dc1d054b8fe22e82ca7447
+Bug 1427870 - Change resolution of .now() to 20us. r=bkelly, a=lizzard
+
+The comment about workers was introduced in Bug 1186489 but became obsolete some time after that
+(definitely by Bug 1278838)
+
+diff --git a/dom/performance/Performance.cpp b/dom/performance/Performance.cpp
+--- a/dom/performance/Performance.cpp
++++ b/dom/performance/Performance.cpp
+@@ -234,20 +234,19 @@ Performance::ClearResourceTimings()
+ {
+   MOZ_ASSERT(NS_IsMainThread());
+   mResourceEntries.Clear();
+ }
+ 
+ DOMHighResTimeStamp
+ Performance::RoundTime(double aTime) const
+ {
+-  // Round down to the nearest 5us, because if the timer is too accurate people
+-  // can do nasty timing attacks with it.  See similar code in the worker
+-  // Performance implementation.
+-  const double maxResolutionMs = 0.005;
++  // Round down to the nearest 20us, because if the timer is too accurate people
++  // can do nasty timing attacks with it.
++  const double maxResolutionMs = 0.020;
+   return floor(aTime / maxResolutionMs) * maxResolutionMs;
+ }
+ 
+ 
+ void
+ Performance::Mark(const nsAString& aName, ErrorResult& aRv)
+ {
+   // Don't add the entry if the buffer is full. XXX should be removed by bug 1159003.
diff --git a/gnu/packages/patches/ledger-fix-uninitialized.patch b/gnu/packages/patches/ledger-fix-uninitialized.patch
new file mode 100644
index 0000000000..128c90ec13
--- /dev/null
+++ b/gnu/packages/patches/ledger-fix-uninitialized.patch
@@ -0,0 +1,27 @@
+This fixes failures of tests "BaseLine_opt-datetime-format" and
+"BaseLine_opt-time-report", which were printing an unexpected trailing '*' on
+the last line of output, e.g.:
+
+  @@ -5,4 +5,4 @@
+     04/05/13 12:00 PM    04/05/13 01:30 PM       1.50h    Lunch
+     04/05/13 11:30 AM    04/05/13 12:00 PM       30.0m    Walk
+   --------------------------------------------------
+  -                                           
+  +                                          *
+
+Reported upstream at
+https://groups.google.com/d/msg/ledger-cli/EeJUrUk8YDc/pIR-LOTVEAAJ
+
+diff --git a/src/account.h b/src/account.h
+index 1b97463d..f2555593 100644
+--- a/src/account.h
++++ b/src/account.h
+@@ -187,7 +187,7 @@ public:
+ 
+       datetime_t         earliest_checkin;
+       datetime_t         latest_checkout;
+-      bool               latest_checkout_cleared;
++      bool               latest_checkout_cleared = false;
+ 
+       std::set<path>     filenames;
+       std::set<string>   accounts_referenced;
diff --git a/gnu/packages/patches/ledger-revert-boost-python-fix.patch b/gnu/packages/patches/ledger-revert-boost-python-fix.patch
new file mode 100644
index 0000000000..99f48f6e46
--- /dev/null
+++ b/gnu/packages/patches/ledger-revert-boost-python-fix.patch
@@ -0,0 +1,39 @@
+From 01220484f428a447e9b00e071a0d85185f30e1de Mon Sep 17 00:00:00 2001
+From: Alexis Hildebrandt <afh@surryhill.net>
+Date: Wed, 22 Jun 2016 15:43:37 +0200
+Subject: [PATCH] Revert "[python] Add fix for Boost.Python compile errors"
+
+This reverts commit 11590e134eafa768ccc4a171cc7fb216e906095f.
+---
+ src/py_commodity.cc | 3 ---
+ src/py_journal.cc   | 3 ---
+ 2 files changed, 6 deletions(-)
+
+diff --git a/src/py_commodity.cc b/src/py_commodity.cc
+index 5aafa6c..c457e64 100644
+--- a/src/py_commodity.cc
++++ b/src/py_commodity.cc
+@@ -243,9 +243,6 @@ namespace {
+ 
+ void export_commodity()
+ {
+-#if BOOST_VERSION >= 106000
+-  python::register_ptr_to_python< shared_ptr<commodity_pool_t> >();
+-#endif
+   class_< commodity_pool_t, shared_ptr<commodity_pool_t>,
+           boost::noncopyable > ("CommodityPool", no_init)
+     .add_property("null_commodity",
+diff --git a/src/py_journal.cc b/src/py_journal.cc
+index c1c38a9..879f954 100644
+--- a/src/py_journal.cc
++++ b/src/py_journal.cc
+@@ -232,9 +232,6 @@ void export_journal()
+           boost::noncopyable >("PostHandler")
+     ;
+ 
+-#if BOOST_VERSION >= 106000
+-  python::register_ptr_to_python< shared_ptr<collector_wrapper> >();
+-#endif
+   class_< collector_wrapper, shared_ptr<collector_wrapper>,
+           boost::noncopyable >("PostCollectorWrapper", no_init)
+     .def("__len__", &collector_wrapper::length)
diff --git a/gnu/packages/patches/libvorbis-CVE-2017-14632.patch b/gnu/packages/patches/libvorbis-CVE-2017-14632.patch
new file mode 100644
index 0000000000..99debf2104
--- /dev/null
+++ b/gnu/packages/patches/libvorbis-CVE-2017-14632.patch
@@ -0,0 +1,63 @@
+Fix CVE-2017-14632:
+
+https://gitlab.xiph.org/xiph/vorbis/issues/2328
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
+
+Patch copied from upstream source repository:
+
+https://gitlab.xiph.org/xiph/vorbis/commit/c1c2831fc7306d5fbd7bc800324efd12b28d327f
+
+From c1c2831fc7306d5fbd7bc800324efd12b28d327f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Wed, 15 Nov 2017 18:22:59 +0100
+Subject: [PATCH] CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb
+ if not initialized
+
+If the number of channels is not within the allowed range
+we call oggback_writeclear altough it's not initialized yet.
+
+This fixes
+
+    =23371== Invalid free() / delete / delete[] / realloc()
+    ==23371==    at 0x4C2CE1B: free (vg_replace_malloc.c:530)
+    ==23371==    by 0x829CA31: oggpack_writeclear (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
+    ==23371==    by 0x84B96EE: vorbis_analysis_headerout (info.c:652)
+    ==23371==    by 0x9FBCBCC: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
+    ==23371==    by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+    ==23371==    by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+    ==23371==    by 0x10D82A: open_output_file (sox.c:1556)
+    ==23371==    by 0x10D82A: process (sox.c:1753)
+    ==23371==    by 0x10D82A: main (sox.c:3012)
+    ==23371==  Address 0x68768c8 is 488 bytes inside a block of size 880 alloc'd
+    ==23371==    at 0x4C2BB1F: malloc (vg_replace_malloc.c:298)
+    ==23371==    by 0x4C2DE9F: realloc (vg_replace_malloc.c:785)
+    ==23371==    by 0x4E545C2: lsx_realloc (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+    ==23371==    by 0x9FBC9A0: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
+    ==23371==    by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+    ==23371==    by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+    ==23371==    by 0x10D82A: open_output_file (sox.c:1556)
+    ==23371==    by 0x10D82A: process (sox.c:1753)
+    ==23371==    by 0x10D82A: main (sox.c:3012)
+
+as seen when using the testcase from CVE-2017-11333 with
+008d23b782be09c8d75ba8190b1794abd66c7121 applied. However the error was
+there before.
+---
+ lib/info.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/info.c b/lib/info.c
+index 7bc4ea4..8d0b2ed 100644
+--- a/lib/info.c
++++ b/lib/info.c
+@@ -589,6 +589,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v,
+   private_state *b=v->backend_state;
+ 
+   if(!b||vi->channels<=0||vi->channels>256){
++    b = NULL;
+     ret=OV_EFAULT;
+     goto err_out;
+   }
+-- 
+2.15.1
+
diff --git a/gnu/packages/patches/libvorbis-CVE-2017-14633.patch b/gnu/packages/patches/libvorbis-CVE-2017-14633.patch
new file mode 100644
index 0000000000..ec6bf5265c
--- /dev/null
+++ b/gnu/packages/patches/libvorbis-CVE-2017-14633.patch
@@ -0,0 +1,43 @@
+Fix CVE-2017-14633:
+
+https://gitlab.xiph.org/xiph/vorbis/issues/2329
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
+
+Patch copied from upstream source repository:
+
+https://gitlab.xiph.org/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993
+
+From a79ec216cd119069c68b8f3542c6a425a74ab993 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Tue, 31 Oct 2017 18:32:46 +0100
+Subject: [PATCH] CVE-2017-14633: Don't allow for more than 256 channels
+
+Otherwise
+
+ for(i=0;i<vi->channels;i++){
+      /* the encoder setup assumes that all the modes used by any
+         specific bitrate tweaking use the same floor */
+      int submap=info->chmuxlist[i];
+
+overreads later in mapping0_forward since chmuxlist is a fixed array of
+256 elements max.
+---
+ lib/info.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/info.c b/lib/info.c
+index fe759ed..7bc4ea4 100644
+--- a/lib/info.c
++++ b/lib/info.c
+@@ -588,7 +588,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v,
+   oggpack_buffer opb;
+   private_state *b=v->backend_state;
+ 
+-  if(!b||vi->channels<=0){
++  if(!b||vi->channels<=0||vi->channels>256){
+     ret=OV_EFAULT;
+     goto err_out;
+   }
+-- 
+2.15.1
+
diff --git a/gnu/packages/patches/newsbeuter-CVE-2017-12904.patch b/gnu/packages/patches/newsbeuter-CVE-2017-12904.patch
deleted file mode 100644
index 8e90502469..0000000000
--- a/gnu/packages/patches/newsbeuter-CVE-2017-12904.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Fix CVE-2017-12904:
-
-https://github.com/akrennmair/newsbeuter/issues/591
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12904
-
-Patch copied from the Debian package of newsbeuter, version 2.9-5+deb9u1.
-
-Adapted from upstream source repository:
-
-https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
-
-Description: Fix a RCE vulnerability in the bookmark command
- Newsbeuter didn't properly escape the title and description fields before
- passing them to the bookmarking program which could lead to remote code
- execution using the shells command substitution functionality (e.g. "$()", ``,
- etc)
-
-Origin: upstream, https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
-Last-Update: 2017-08-18
-
---- newsbeuter-2.9.orig/src/controller.cpp
-+++ newsbeuter-2.9/src/controller.cpp
-@@ -1274,9 +1274,10 @@ std::string controller::bookmark(const s
- 	std::string bookmark_cmd = cfg.get_configvalue("bookmark-cmd");
- 	bool is_interactive = cfg.get_configvalue_as_bool("bookmark-interactive");
- 	if (bookmark_cmd.length() > 0) {
--		std::string cmdline = utils::strprintf("%s '%s' %s %s",
-+		std::string cmdline = utils::strprintf("%s '%s' '%s' '%s'",
- 		                                       bookmark_cmd.c_str(), utils::replace_all(url,"'", "%27").c_str(),
--		                                       stfl::quote(title).c_str(), stfl::quote(description).c_str());
-+		                                       utils::replace_all(title,"'", "%27").c_str(),
-+		                                       utils::replace_all(description,"'", "%27").c_str());
- 
- 		LOG(LOG_DEBUG, "controller::bookmark: cmd = %s", cmdline.c_str());
diff --git a/gnu/packages/patches/newsbeuter-CVE-2017-14500.patch b/gnu/packages/patches/newsbeuter-CVE-2017-14500.patch
deleted file mode 100644
index 449105e42a..0000000000
--- a/gnu/packages/patches/newsbeuter-CVE-2017-14500.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333.patch
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14500
-
-From 26f5a4350f3ab5507bb8727051c87bb04660f333 Mon Sep 17 00:00:00 2001
-From: Alexander Batischev <eual.jp@gmail.com>
-Date: Sat, 16 Sep 2017 19:31:43 +0300
-Subject: [PATCH] Work around shell code in podcast names (#598)
-
----
- src/pb_controller.cpp | 6 +++---
- src/queueloader.cpp   | 2 +-
- 2 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/pb_controller.cpp b/src/pb_controller.cpp
-index 09b5e897..213216cd 100644
---- a/src/pb_controller.cpp
-+++ b/src/pb_controller.cpp
-@@ -306,9 +306,9 @@ void pb_controller::play_file(const std::string& file) {
- 	if (player == "")
- 		return;
- 	cmdline.append(player);
--	cmdline.append(" \"");
--	cmdline.append(utils::replace_all(file,"\"", "\\\""));
--	cmdline.append("\"");
-+	cmdline.append(" \'");
-+	cmdline.append(utils::replace_all(file,"'", "%27"));
-+	cmdline.append("\'");
- 	stfl::reset();
- 	LOG(LOG_DEBUG, "pb_controller::play_file: running `%s'", cmdline.c_str());
- 	::system(cmdline.c_str());
-diff --git a/src/queueloader.cpp b/src/queueloader.cpp
-index c1dabdd8..ae725e04 100644
---- a/src/queueloader.cpp
-+++ b/src/queueloader.cpp
-@@ -130,7 +130,7 @@ std::string queueloader::get_filename(const std::string& str) {
- 		strftime(lbuf, sizeof(lbuf), "%Y-%b-%d-%H%M%S.unknown", localtime(&t));
- 		fn.append(lbuf);
- 	} else {
--		fn.append(base);
-+		fn.append(utils::replace_all(base, "'", "%27"));
- 	}
- 	return fn;
- }
diff --git a/gnu/packages/patches/perl-module-pluggable-search.patch b/gnu/packages/patches/perl-module-pluggable-search.patch
index ec51abc35d..ec51abc35d 100755..100644
--- a/gnu/packages/patches/perl-module-pluggable-search.patch
+++ b/gnu/packages/patches/perl-module-pluggable-search.patch
diff --git a/gnu/packages/patches/webkitgtk-mitigate-spectre.patch b/gnu/packages/patches/webkitgtk-mitigate-spectre.patch
new file mode 100644
index 0000000000..3d983ede66
--- /dev/null
+++ b/gnu/packages/patches/webkitgtk-mitigate-spectre.patch
@@ -0,0 +1,107 @@
+Disable SharedArrayBuffers to mitigate Spectre.  Based on:
+
+  https://trac.webkit.org/changeset/226386/webkit
+
+Backported to webkitgtk-2.18.4 by Mark H Weaver <mhw@netris.org>
+
+
+--- webkitgtk-2.18.4/Source/JavaScriptCore/runtime/JSGlobalObject.h.orig	2017-12-19 02:23:07.000000000 -0500
++++ webkitgtk-2.18.4/Source/JavaScriptCore/runtime/JSGlobalObject.h	2018-01-06 19:28:55.985066986 -0500
+@@ -338,8 +338,10 @@
+     WriteBarrier<Structure> m_moduleLoaderStructure;
+     WriteBarrier<JSArrayBufferPrototype> m_arrayBufferPrototype;
+     WriteBarrier<Structure> m_arrayBufferStructure;
++#if ENABLE(SHARED_ARRAY_BUFFER)
+     WriteBarrier<JSArrayBufferPrototype> m_sharedArrayBufferPrototype;
+     WriteBarrier<Structure> m_sharedArrayBufferStructure;
++#endif
+ 
+ #define DEFINE_STORAGE_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName, prototypeBase) \
+     WriteBarrier<capitalName ## Prototype> m_ ## lowerName ## Prototype; \
+@@ -670,8 +672,13 @@
+         switch (sharingMode) {
+         case ArrayBufferSharingMode::Default:
+             return m_arrayBufferPrototype.get();
++#if ENABLE(SHARED_ARRAY_BUFFER)
+         case ArrayBufferSharingMode::Shared:
+             return m_sharedArrayBufferPrototype.get();
++#else
++        default:
++            return m_arrayBufferPrototype.get();
++#endif
+         }
+     }
+     Structure* arrayBufferStructure(ArrayBufferSharingMode sharingMode) const
+@@ -679,8 +686,13 @@
+         switch (sharingMode) {
+         case ArrayBufferSharingMode::Default:
+             return m_arrayBufferStructure.get();
++#if ENABLE(SHARED_ARRAY_BUFFER)
+         case ArrayBufferSharingMode::Shared:
+             return m_sharedArrayBufferStructure.get();
++#else
++        default:
++            return m_arrayBufferStructure.get();
++#endif
+         }
+         RELEASE_ASSERT_NOT_REACHED();
+         return nullptr;
+--- webkitgtk-2.18.4/Source/JavaScriptCore/runtime/JSGlobalObject.cpp.orig	2017-12-19 02:23:07.000000000 -0500
++++ webkitgtk-2.18.4/Source/JavaScriptCore/runtime/JSGlobalObject.cpp	2018-01-06 19:27:16.628574304 -0500
+@@ -574,8 +574,10 @@
+     
+     m_arrayBufferPrototype.set(vm, this, JSArrayBufferPrototype::create(vm, this, JSArrayBufferPrototype::createStructure(vm, this, m_objectPrototype.get()), ArrayBufferSharingMode::Default));
+     m_arrayBufferStructure.set(vm, this, JSArrayBuffer::createStructure(vm, this, m_arrayBufferPrototype.get()));
++#if ENABLE(SHARED_ARRAY_BUFFER)
+     m_sharedArrayBufferPrototype.set(vm, this, JSArrayBufferPrototype::create(vm, this, JSArrayBufferPrototype::createStructure(vm, this, m_objectPrototype.get()), ArrayBufferSharingMode::Shared));
+     m_sharedArrayBufferStructure.set(vm, this, JSArrayBuffer::createStructure(vm, this, m_sharedArrayBufferPrototype.get()));
++#endif
+ 
+     m_iteratorPrototype.set(vm, this, IteratorPrototype::create(vm, this, IteratorPrototype::createStructure(vm, this, m_objectPrototype.get())));
+     m_generatorPrototype.set(vm, this, GeneratorPrototype::create(vm, this, GeneratorPrototype::createStructure(vm, this, m_iteratorPrototype.get())));
+@@ -620,10 +622,11 @@
+     
+     JSArrayBufferConstructor* arrayBufferConstructor = JSArrayBufferConstructor::create(vm, JSArrayBufferConstructor::createStructure(vm, this, m_functionPrototype.get()), m_arrayBufferPrototype.get(), m_speciesGetterSetter.get(), ArrayBufferSharingMode::Default);
+     m_arrayBufferPrototype->putDirectWithoutTransition(vm, vm.propertyNames->constructor, arrayBufferConstructor, DontEnum);
++#if ENABLE(SHARED_ARRAY_BUFFER)
+     JSArrayBufferConstructor* sharedArrayBufferConstructor = nullptr;
+     sharedArrayBufferConstructor = JSArrayBufferConstructor::create(vm, JSArrayBufferConstructor::createStructure(vm, this, m_functionPrototype.get()), m_sharedArrayBufferPrototype.get(), m_speciesGetterSetter.get(), ArrayBufferSharingMode::Shared);
+     m_sharedArrayBufferPrototype->putDirectWithoutTransition(vm, vm.propertyNames->constructor, sharedArrayBufferConstructor, DontEnum);
+-    
++#endif
+ #define CREATE_CONSTRUCTOR_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName, prototypeBase) \
+ capitalName ## Constructor* lowerName ## Constructor = capitalName ## Constructor::create(vm, capitalName ## Constructor::createStructure(vm, this, m_functionPrototype.get()), m_ ## lowerName ## Prototype.get(), m_speciesGetterSetter.get()); \
+ m_ ## lowerName ## Prototype->putDirectWithoutTransition(vm, vm.propertyNames->constructor, lowerName ## Constructor, DontEnum); \
+@@ -686,7 +689,9 @@
+     putDirectWithoutTransition(vm, vm.propertyNames->builtinNames().ArrayPrivateName(), arrayConstructor, DontEnum | DontDelete | ReadOnly);
+ 
+     putDirectWithoutTransition(vm, vm.propertyNames->ArrayBuffer, arrayBufferConstructor, DontEnum);
++#if ENABLE(SHARED_ARRAY_BUFFER)
+     putDirectWithoutTransition(vm, vm.propertyNames->SharedArrayBuffer, sharedArrayBufferConstructor, DontEnum);
++#endif
+ 
+ #define PUT_CONSTRUCTOR_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName, prototypeBase) \
+ putDirectWithoutTransition(vm, vm.propertyNames-> jsName, lowerName ## Constructor, DontEnum); \
+@@ -1288,8 +1293,10 @@
+     
+     visitor.append(thisObject->m_arrayBufferPrototype);
+     visitor.append(thisObject->m_arrayBufferStructure);
++#if ENABLE(SHARED_ARRAY_BUFFER)
+     visitor.append(thisObject->m_sharedArrayBufferPrototype);
+     visitor.append(thisObject->m_sharedArrayBufferStructure);
++#endif
+ 
+ #define VISIT_SIMPLE_TYPE(CapitalName, lowerName, properName, instanceType, jsName, prototypeBase) \
+     visitor.append(thisObject->m_ ## lowerName ## Prototype); \
+--- webkitgtk-2.18.4/Source/WTF/wtf/Platform.h.orig	2017-10-16 08:18:56.000000000 -0400
++++ webkitgtk-2.18.4/Source/WTF/wtf/Platform.h	2018-01-06 19:29:52.897349199 -0500
+@@ -1190,6 +1190,9 @@
+ #define HAVE_NS_ACTIVITY 1
+ #endif
+ 
++/* Disable SharedArrayBuffers until Spectre security concerns are mitigated. */
++#define ENABLE_SHARED_ARRAY_BUFFER 0
++
+ #if (OS(DARWIN) && USE(CG)) || (USE(FREETYPE) && !PLATFORM(GTK)) || (PLATFORM(WIN) && (USE(CG) || USE(CAIRO)))
+ #undef ENABLE_OPENTYPE_MATH
+ #define ENABLE_OPENTYPE_MATH 1