summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2019-02-20 17:01:39 +0100
committerMarius Bakke <mbakke@fastmail.com>2019-02-20 17:01:39 +0100
commit2c76e19df4b0b4aa0171f1edd9f240f7b6ba5b84 (patch)
treec2e7a7f27dd9c7e704f2e78655328c903a6934d1 /gnu/packages/patches
parente6a668ec7303a71f87e4c9354b1458e555058c63 (diff)
parent78b2eb1ad3dcf05c25e0ee4980c97aa52de03a2d (diff)
downloadguix-2c76e19df4b0b4aa0171f1edd9f240f7b6ba5b84.tar.gz
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/allegro4-mesa-18.2.5-and-later.patch41
-rw-r--r--gnu/packages/patches/clang-7.0-libc-search-path.patch82
-rw-r--r--gnu/packages/patches/dealii-mpi-deprecations.patch28
-rw-r--r--gnu/packages/patches/gd-CVE-2019-6977.patch36
-rw-r--r--gnu/packages/patches/gd-CVE-2019-6978.patch301
-rw-r--r--gnu/packages/patches/pius.patch38
-rw-r--r--gnu/packages/patches/qtbase-old-kernel.patch25
-rw-r--r--gnu/packages/patches/ruby-safe-yaml-add-require-time.patch19
-rw-r--r--gnu/packages/patches/soundconverter-remove-gconf-dependency.patch104
-rw-r--r--gnu/packages/patches/tomsfastmath-constness.patch76
-rw-r--r--gnu/packages/patches/xf86-video-i128-remove-mibstore.patch23
-rw-r--r--gnu/packages/patches/xmodmap-asprintf.patch14
12 files changed, 516 insertions, 271 deletions
diff --git a/gnu/packages/patches/allegro4-mesa-18.2.5-and-later.patch b/gnu/packages/patches/allegro4-mesa-18.2.5-and-later.patch
deleted file mode 100644
index a4944821db..0000000000
--- a/gnu/packages/patches/allegro4-mesa-18.2.5-and-later.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-Fixes compilation with Mesa >= 18.2.5.
-
-Modified from upstream to work on allegro4:
-
-https://github.com/liballeg/allegro5/commit/a40d30e21802ecf5c9382cf34af9b01bd3781e47
-
-diff --git a/addons/allegrogl/include/alleggl.h b/addons/allegrogl/include/alleggl.h
-index 0f86a6768..652dd024e 100644
---- a/addons/allegrogl/include/alleggl.h
-+++ b/addons/allegrogl/include/alleggl.h
-@@ -103,10 +103,14 @@
-
- /* HACK: Prevent both Mesa and SGI's broken headers from screwing us */
- #define __glext_h_
-+#define __gl_glext_h_
- #define __glxext_h_
-+#define __glx_glxext_h_
- #include <GL/gl.h>
- #undef  __glext_h_
-+#undef  __gl_glext_h_
- #undef  __glxext_h_
-+#undef  __glx_glxext_h_
-
- #endif /* ALLEGRO_MACOSX */
-
-diff --git a/addons/allegrogl/include/allegrogl/GLext/glx_ext_defs.h b/addons/allegrogl/include/allegrogl/GLext/glx_ext_defs.h
-index 49c502091..fba8aea5d 100644
---- a/addons/allegrogl/include/allegrogl/GLext/glx_ext_defs.h
-+++ b/addons/allegrogl/include/allegrogl/GLext/glx_ext_defs.h
-@@ -1,7 +1,9 @@
- /* HACK: Prevent both Mesa and SGI's broken headers from screwing us */
- #define __glxext_h_
-+#define __glx_glxext_h_
- #include <GL/glx.h>
- #undef __glxext_h_
-+#undef __glx_glxext_h_
-
- #ifndef GLX_VERSION_1_3
- #define _ALLEGRO_GLX_VERSION_1_3
---
-2.20.0
diff --git a/gnu/packages/patches/clang-7.0-libc-search-path.patch b/gnu/packages/patches/clang-7.0-libc-search-path.patch
new file mode 100644
index 0000000000..07ff8c90bd
--- /dev/null
+++ b/gnu/packages/patches/clang-7.0-libc-search-path.patch
@@ -0,0 +1,82 @@
+Clang attempts to guess file names based on the OS and distro (yes!),
+but unfortunately, that doesn't work for us.
+
+This patch makes it easy to insert libc's $libdir so that Clang passes the
+correct absolute file name of crt1.o etc. to 'ld'.  It also disables all
+the distro-specific stuff and removes the hard-coded FHS directory names
+to make sure Clang also works on non-GuixSD systems.
+
+--- a/lib/Driver/ToolChains/Linux.cpp
++++ b/lib/Driver/ToolChains/Linux.cpp
+@@ -225,7 +225,9 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+   PPaths.push_back(Twine(GCCInstallation.getParentLibPath() + "/../" +
+                          GCCInstallation.getTriple().str() + "/bin")
+                        .str());
+-
++  // Comment out the distro-specific tweaks so that they don't bite when
++  // using Guix on a foreign distro.
++#if 0
+   Distro Distro(D.getVFS());
+ 
+   if (Distro.IsAlpineLinux()) {
+@@ -284,6 +286,7 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+ 
+   if (IsAndroid || Distro.IsOpenSUSE())
+     ExtraOpts.push_back("--enable-new-dtags");
++#endif
+ 
+   // The selection of paths to try here is designed to match the patterns which
+   // the GCC driver itself uses, as this is part of the GCC-compatible driver.
+@@ -342,7 +345,7 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+     // the cross. Note that GCC does include some of these directories in some
+     // configurations but this seems somewhere between questionable and simply
+     // a bug.
+-    if (StringRef(LibPath).startswith(SysRoot)) {
++    if (0) {
+       addPathIfExists(D, LibPath + "/" + MultiarchTriple, Paths);
+       addPathIfExists(D, LibPath + "/../" + OSLibDir, Paths);
+     }
+@@ -361,6 +364,8 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+   addPathIfExists(D, SysRoot + "/lib/" + MultiarchTriple, Paths);
+   addPathIfExists(D, SysRoot + "/lib/../" + OSLibDir, Paths);
+ 
++  // This requires the commented distro tweaks above.
++#if 0
+   if (IsAndroid) {
+     // Android sysroots contain a library directory for each supported OS
+     // version as well as some unversioned libraries in the usual multiarch
+@@ -389,10 +394,14 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+     addPathIfExists(D, SysRoot + "/" + OSLibDir + "/" + ABIName, Paths);
+     addPathIfExists(D, SysRoot + "/usr/" + OSLibDir + "/" + ABIName, Paths);
+   }
++#endif
+ 
+   // Try walking via the GCC triple path in case of biarch or multiarch GCC
+   // installations with strange symlinks.
+   if (GCCInstallation.isValid()) {
++    // The following code would end up adding things like
++    // "/usr/lib/x86_64-unknown-linux-gnu/../../lib64" to the search path.
++#if 0
+     addPathIfExists(D,
+                     SysRoot + "/usr/lib/" + GCCInstallation.getTriple().str() +
+                         "/../../" + OSLibDir,
+@@ -405,6 +414,7 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+                              BiarchSibling.gccSuffix(),
+                       Paths);
+     }
++#endif
+ 
+     // See comments above on the multilib variant for details of why this is
+     // included even from outside the sysroot.
+@@ -429,8 +439,9 @@ Linux::Linux(const Driver &D, const llvm::Triple &Triple, const ArgList &Args)
+   if (StringRef(D.Dir).startswith(SysRoot))
+     addPathIfExists(D, D.Dir + "/../lib", Paths);
+ 
+-  addPathIfExists(D, SysRoot + "/lib", Paths);
+-  addPathIfExists(D, SysRoot + "/usr/lib", Paths);
++  // Add libc's lib/ directory to the search path, so that crt1.o, crti.o,
++  // and friends can be found.
++  addPathIfExists(D, "@GLIBC_LIBDIR@", Paths);
+ }
+ 
+ bool Linux::HasNativeLLVMSupport() const { return true; }
diff --git a/gnu/packages/patches/dealii-mpi-deprecations.patch b/gnu/packages/patches/dealii-mpi-deprecations.patch
new file mode 100644
index 0000000000..816d54140a
--- /dev/null
+++ b/gnu/packages/patches/dealii-mpi-deprecations.patch
@@ -0,0 +1,28 @@
+From 40538ad31a71495649d174b0f7be5f7135d0a905 Mon Sep 17 00:00:00 2001
+From: David Wells <drwells@email.unc.edu>
+Date: Sat, 2 Feb 2019 10:00:38 -0500
+Subject: [PATCH] Avoid calling a deprecated MPI function.
+
+This was deprecated a long time ago (1996) and is not present in the
+latest version of openMPI (4.0): see
+
+https://www.open-mpi.org/faq/?category=mpi-removed
+
+Credit goes to Pratik Nayak for finding this issue.
+---
+ source/base/mpi.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/source/base/mpi.cc b/source/base/mpi.cc
+index bd1f7f9846a..b8cd45e7c26 100644
+--- a/source/base/mpi.cc
++++ b/source/base/mpi.cc
+@@ -448,7 +448,7 @@ namespace Utilities
+       MPI_Aint     displacements[] = {0, offsetof(MinMaxAvg, min_index)};
+       MPI_Datatype types[]         = {MPI_DOUBLE, MPI_INT};
+ 
+-      ierr = MPI_Type_struct(2, lengths, displacements, types, &type);
++      ierr = MPI_Type_create_struct(2, lengths, displacements, types, &type);
+       AssertThrowMPI(ierr);
+ 
+       ierr = MPI_Type_commit(&type);
diff --git a/gnu/packages/patches/gd-CVE-2019-6977.patch b/gnu/packages/patches/gd-CVE-2019-6977.patch
new file mode 100644
index 0000000000..b21a8ac619
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2019-6977.patch
@@ -0,0 +1,36 @@
+Fix CVE-2019-6977:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977
+
+Patch copied from Debian:
+
+https://salsa.debian.org/debian/libgd2/commit/2d7d3b68bb79843e5271a05543e996fd5a3a8cd1
+
+Description: Heap-based buffer overflow in gdImageColorMatch
+Origin: other, https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
+Bug-PHP: https://bugs.php.net/bug.php?id=77270
+Bug-Debian: https://bugs.debian.org/920645
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-6977
+Forwarded: no
+Author: "Christoph M. Becker" <cmbecker69@gmx.de>
+Last-Update: 2019-02-01
+
+At least some of the image reading functions may return images which
+use color indexes greater than or equal to im->colorsTotal.  We cater
+to this by always using a buffer size which is sufficient for
+`gdMaxColors` in `gdImageColorMatch()`.
+---
+
+--- a/src/gd_color_match.c
++++ b/src/gd_color_match.c
+@@ -31,8 +31,8 @@ BGD_DECLARE(int) gdImageColorMatch (gdIm
+ 		return -4; /* At least 1 color must be allocated */
+ 	}
+ 
+-	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * im2->colorsTotal);
+-	memset (buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal );
++	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * gdMaxColors);
++	memset (buf, 0, sizeof(unsigned long) * 5 * gdMaxColors );
+ 
+ 	for (x=0; x < im1->sx; x++) {
+ 		for( y=0; y<im1->sy; y++ ) {
diff --git a/gnu/packages/patches/gd-CVE-2019-6978.patch b/gnu/packages/patches/gd-CVE-2019-6978.patch
new file mode 100644
index 0000000000..69fc5056fc
--- /dev/null
+++ b/gnu/packages/patches/gd-CVE-2019-6978.patch
@@ -0,0 +1,301 @@
+Fix CVE-2019-6978:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978
+
+Patch copied from upstream source repository:
+
+https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0
+
+From 553702980ae89c83f2d6e254d62cf82e204956d0 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Thu, 17 Jan 2019 11:54:55 +0100
+Subject: [PATCH] Fix #492: Potential double-free in gdImage*Ptr()
+
+Whenever `gdImage*Ptr()` calls `gdImage*Ctx()` and the latter fails, we
+must not call `gdDPExtractData()`; otherwise a double-free would
+happen.  Since `gdImage*Ctx()` are void functions, and we can't change
+that for BC reasons, we're introducing static helpers which are used
+internally.
+
+We're adding a regression test for `gdImageJpegPtr()`, but not for
+`gdImageGifPtr()` and `gdImageWbmpPtr()` since we don't know how to
+trigger failure of the respective `gdImage*Ctx()` calls.
+
+This potential security issue has been reported by Solmaz Salimi (aka.
+Rooney).
+---
+ src/gd_gif_out.c                  | 18 +++++++++++++++---
+ src/gd_jpeg.c                     | 20 ++++++++++++++++----
+ src/gd_wbmp.c                     | 21 ++++++++++++++++++---
+ tests/jpeg/.gitignore             |  1 +
+ tests/jpeg/CMakeLists.txt         |  1 +
+ tests/jpeg/Makemodule.am          |  3 ++-
+ tests/jpeg/jpeg_ptr_double_free.c | 31 +++++++++++++++++++++++++++++++
+ 7 files changed, 84 insertions(+), 11 deletions(-)
+ create mode 100644 tests/jpeg/jpeg_ptr_double_free.c
+
+diff --git a/src/gd_gif_out.c b/src/gd_gif_out.c
+index 298a581..d5a9534 100644
+--- a/src/gd_gif_out.c
++++ b/src/gd_gif_out.c
+@@ -99,6 +99,7 @@ static void char_init(GifCtx *ctx);
+ static void char_out(int c, GifCtx *ctx);
+ static void flush_char(GifCtx *ctx);
+ 
++static int _gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out);
+ 
+ 
+ 
+@@ -131,8 +132,11 @@ BGD_DECLARE(void *) gdImageGifPtr(gdImagePtr im, int *size)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageGifCtx(im, out);
+-	rv = gdDPExtractData(out, size);
++	if (!_gdImageGifCtx(im, out)) {
++		rv = gdDPExtractData(out, size);
++	} else {
++		rv = NULL;
++	}
+ 	out->gd_free(out);
+ 	return rv;
+ }
+@@ -220,6 +224,12 @@ BGD_DECLARE(void) gdImageGif(gdImagePtr im, FILE *outFile)
+ 
+ */
+ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
++{
++	_gdImageGifCtx(im, out);
++}
++
++/* returns 0 on success, 1 on failure */
++static int _gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+ {
+ 	gdImagePtr pim = 0, tim = im;
+ 	int interlace, BitsPerPixel;
+@@ -231,7 +241,7 @@ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+ 		based temporary image. */
+ 		pim = gdImageCreatePaletteFromTrueColor(im, 1, 256);
+ 		if(!pim) {
+-			return;
++			return 1;
+ 		}
+ 		tim = pim;
+ 	}
+@@ -247,6 +257,8 @@ BGD_DECLARE(void) gdImageGifCtx(gdImagePtr im, gdIOCtxPtr out)
+ 		/* Destroy palette based temporary image. */
+ 		gdImageDestroy(	pim);
+ 	}
++
++	return 0;
+ }
+ 
+ 
+diff --git a/src/gd_jpeg.c b/src/gd_jpeg.c
+index fc05842..96ef430 100644
+--- a/src/gd_jpeg.c
++++ b/src/gd_jpeg.c
+@@ -117,6 +117,8 @@ static void fatal_jpeg_error(j_common_ptr cinfo)
+ 	exit(99);
+ }
+ 
++static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality);
++
+ /*
+  * Write IM to OUTFILE as a JFIF-formatted JPEG image, using quality
+  * QUALITY.  If QUALITY is in the range 0-100, increasing values
+@@ -231,8 +233,11 @@ BGD_DECLARE(void *) gdImageJpegPtr(gdImagePtr im, int *size, int quality)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageJpegCtx(im, out, quality);
+-	rv = gdDPExtractData(out, size);
++	if (!_gdImageJpegCtx(im, out, quality)) {
++		rv = gdDPExtractData(out, size);
++	} else {
++		rv = NULL;
++	}
+ 	out->gd_free(out);
+ 	return rv;
+ }
+@@ -253,6 +258,12 @@ void jpeg_gdIOCtx_dest(j_compress_ptr cinfo, gdIOCtx *outfile);
+ 
+ */
+ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
++{
++	_gdImageJpegCtx(im, outfile, quality);
++}
++
++/* returns 0 on success, 1 on failure */
++static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ {
+ 	struct jpeg_compress_struct cinfo;
+ 	struct jpeg_error_mgr jerr;
+@@ -287,7 +298,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ 		if(row) {
+ 			gdFree(row);
+ 		}
+-		return;
++		return 1;
+ 	}
+ 
+ 	cinfo.err->emit_message = jpeg_emit_message;
+@@ -328,7 +339,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ 	if(row == 0) {
+ 		gd_error("gd-jpeg: error: unable to allocate JPEG row structure: gdCalloc returns NULL\n");
+ 		jpeg_destroy_compress(&cinfo);
+-		return;
++		return 1;
+ 	}
+ 
+ 	rowptr[0] = row;
+@@ -405,6 +416,7 @@ BGD_DECLARE(void) gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
+ 	jpeg_finish_compress(&cinfo);
+ 	jpeg_destroy_compress(&cinfo);
+ 	gdFree(row);
++	return 0;
+ }
+ 
+ 
+diff --git a/src/gd_wbmp.c b/src/gd_wbmp.c
+index f19a1c9..a49bdbe 100644
+--- a/src/gd_wbmp.c
++++ b/src/gd_wbmp.c
+@@ -88,6 +88,8 @@ int gd_getin(void *in)
+ 	return (gdGetC((gdIOCtx *)in));
+ }
+ 
++static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out);
++
+ /*
+ 	Function: gdImageWBMPCtx
+ 
+@@ -100,6 +102,12 @@ int gd_getin(void *in)
+ 		out   - the stream where to write
+ */
+ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
++{
++	_gdImageWBMPCtx(image, fg, out);
++}
++
++/* returns 0 on success, 1 on failure */
++static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+ {
+ 	int x, y, pos;
+ 	Wbmp *wbmp;
+@@ -107,7 +115,7 @@ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+ 	/* create the WBMP */
+ 	if((wbmp = createwbmp(gdImageSX(image), gdImageSY(image), WBMP_WHITE)) == NULL) {
+ 		gd_error("Could not create WBMP\n");
+-		return;
++		return 1;
+ 	}
+ 
+ 	/* fill up the WBMP structure */
+@@ -123,11 +131,15 @@ BGD_DECLARE(void) gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
+ 
+ 	/* write the WBMP to a gd file descriptor */
+ 	if(writewbmp(wbmp, &gd_putout, out)) {
++		freewbmp(wbmp);
+ 		gd_error("Could not save WBMP\n");
++		return 1;
+ 	}
+ 
+ 	/* des submitted this bugfix: gdFree the memory. */
+ 	freewbmp(wbmp);
++
++	return 0;
+ }
+ 
+ /*
+@@ -271,8 +283,11 @@ BGD_DECLARE(void *) gdImageWBMPPtr(gdImagePtr im, int *size, int fg)
+ 	void *rv;
+ 	gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
+ 	if (out == NULL) return NULL;
+-	gdImageWBMPCtx(im, fg, out);
+-	rv = gdDPExtractData(out, size);
++	if (!_gdImageWBMPCtx(im, fg, out)) {
++		rv = gdDPExtractData(out, size);
++	} else {
++		rv = NULL;
++	}
+ 	out->gd_free(out);
+ 	return rv;
+ }
+#diff --git a/tests/jpeg/.gitignore b/tests/jpeg/.gitignore
+#index c28aa87..13bcf04 100644
+#--- a/tests/jpeg/.gitignore
+#+++ b/tests/jpeg/.gitignore
+#@@ -3,5 +3,6 @@
+# /jpeg_empty_file
+# /jpeg_im2im
+# /jpeg_null
+#+/jpeg_ptr_double_free
+# /jpeg_read
+# /jpeg_resolution
+diff --git a/tests/jpeg/CMakeLists.txt b/tests/jpeg/CMakeLists.txt
+index 19964b0..a8d8162 100644
+--- a/tests/jpeg/CMakeLists.txt
++++ b/tests/jpeg/CMakeLists.txt
+@@ -2,6 +2,7 @@ IF(JPEG_FOUND)
+ LIST(APPEND TESTS_FILES
+ 	jpeg_empty_file
+ 	jpeg_im2im
++	jpeg_ptr_double_free
+ 	jpeg_null
+ )
+ 
+diff --git a/tests/jpeg/Makemodule.am b/tests/jpeg/Makemodule.am
+index 7e5d317..b89e169 100644
+--- a/tests/jpeg/Makemodule.am
++++ b/tests/jpeg/Makemodule.am
+@@ -2,7 +2,8 @@ if HAVE_LIBJPEG
+ libgd_test_programs += \
+ 	jpeg/jpeg_empty_file \
+ 	jpeg/jpeg_im2im \
+-	jpeg/jpeg_null
++	jpeg/jpeg_null \
++	jpeg/jpeg_ptr_double_free
+ 
+ if HAVE_LIBPNG
+ libgd_test_programs += \
+diff --git a/tests/jpeg/jpeg_ptr_double_free.c b/tests/jpeg/jpeg_ptr_double_free.c
+new file mode 100644
+index 0000000..df5a510
+--- /dev/null
++++ b/tests/jpeg/jpeg_ptr_double_free.c
+@@ -0,0 +1,31 @@
++/**
++ * Test that failure to convert to JPEG returns NULL
++ *
++ * We are creating an image, set its width to zero, and pass this image to
++ * `gdImageJpegPtr()` which is supposed to fail, and as such should return NULL.
++ *
++ * See also <https://github.com/libgd/libgd/issues/381>
++ */
++
++
++#include "gd.h"
++#include "gdtest.h"
++
++
++int main()
++{
++    gdImagePtr src, dst;
++    int size;
++
++    src = gdImageCreateTrueColor(1, 10);
++    gdTestAssert(src != NULL);
++
++    src->sx = 0; /* this hack forces gdImageJpegPtr() to fail */
++
++    dst = gdImageJpegPtr(src, &size, 0);
++    gdTestAssert(dst == NULL);
++
++    gdImageDestroy(src);
++
++    return gdNumFailures();
++}
+-- 
+2.20.1
+
diff --git a/gnu/packages/patches/pius.patch b/gnu/packages/patches/pius.patch
deleted file mode 100644
index da39731d4d..0000000000
--- a/gnu/packages/patches/pius.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-See https://github.com/jaymzh/pius/pull/96
-
-commit 4dba0bf75ab351969622f7b9c38484657411a528
-Author: Martin Kletzander <nert.pinx+github@gmail.com>
-Date:   Thu May 17 17:55:27 2018 +0200
-
-    Don't fail on ENCRYPTION_COMPLIANCE_MODE line from too new GnuPG (#96)
-    
-    GnuPG started printing information about encryption compliance in [commit
-    f31dc2540acf](https://dev.gnupg.org/rGf31dc2540acf7cd7f09fd94658e815822222bfcb)
-    and since then signing with pius fails.
-    
-    Closes #95
-    
-    Signed-off-by: Martin Kletzander <nert.pinx@gmail.com>
-
-diff --git a/libpius/signer.py b/libpius/signer.py
-index 3c7262f..13013bb 100644
---- a/libpius/signer.py
-+++ b/libpius/signer.py
-@@ -45,6 +45,7 @@ class PiusSigner(object):
-   GPG_PINENTRY_LAUNCHED = '[GNUPG:] PINENTRY_LAUNCHED'
-   GPG_KEY_CONSIDERED = '[GNUPG:] KEY_CONSIDERED'
-   GPG_WARN_VERSION = '[GNUPG:] WARNING server_version_mismatch'
-+  GPG_ENC_COMPLIANT_MODE = '[GNUPG:] ENCRYPTION_COMPLIANCE_MODE'
- 
-   def __init__(self, signer, force_signer, mode, keyring, gpg_path, tmpdir,
-                outdir, encrypt_outfiles, mail, mailer, verbose, sort_keyring,
-@@ -431,6 +432,9 @@ class PiusSigner(object):
-       if PiusSigner.GPG_ENC_BEG in line:
-         debug('Got GPG_ENC_BEG')
-         continue
-+      elif PiusSigner.GPG_ENC_COMPLIANT_MODE in line:
-+        debug('Got ENCRYPTION_COMPLIANCE_MODE')
-+        continue
-       elif PiusSigner.GPG_ENC_END in line:
-         debug('Got GPG_ENC_END')
-         break
diff --git a/gnu/packages/patches/qtbase-old-kernel.patch b/gnu/packages/patches/qtbase-old-kernel.patch
new file mode 100644
index 0000000000..aa26fb6c4f
--- /dev/null
+++ b/gnu/packages/patches/qtbase-old-kernel.patch
@@ -0,0 +1,25 @@
+https://672856.bugs.gentoo.org/attachment.cgi?id=557978
+https://bugs.gentoo.org/672856
+
+The patch fixes building qtbase with linux kernels < 4.11.
+See bug #34431.
+
+diff -Naurp a/src/corelib/global/minimum-linux_p.h b/src/corelib/global/minimum-linux_p.h
+--- a/src/corelib/global/minimum-linux_p.h      2018-11-25 15:51:11.000000000 +0300
++++ b/src/corelib/global/minimum-linux_p.h      2018-12-17 13:25:38.176823753 +0300
+@@ -75,14 +75,9 @@ QT_BEGIN_NAMESPACE
+  * - accept4                    2.6.28
+  * - renameat2                  3.16                    QT_CONFIG(renameat2)
+  * - getrandom                  3.17                    QT_CONFIG(getentropy)
+- * - statx                      4.11                    QT_CONFIG(statx)
+  */
+
+-#if QT_CONFIG(statx)
+-#  define MINLINUX_MAJOR        4
+-#  define MINLINUX_MINOR        11
+-#  define MINLINUX_PATCH        0
+-#elif QT_CONFIG(getentropy)
++#if QT_CONFIG(getentropy)
+ #  define MINLINUX_MAJOR        3
+ #  define MINLINUX_MINOR        17
+ #  define MINLINUX_PATCH        0
diff --git a/gnu/packages/patches/ruby-safe-yaml-add-require-time.patch b/gnu/packages/patches/ruby-safe-yaml-add-require-time.patch
new file mode 100644
index 0000000000..92e5505985
--- /dev/null
+++ b/gnu/packages/patches/ruby-safe-yaml-add-require-time.patch
@@ -0,0 +1,19 @@
+From 9dd1e8d9ad0396a8c9092c2e9f17d498c58e0208 Mon Sep 17 00:00:00 2001
+From: elifoster <elifosterwy@gmail.com>
+Date: Tue, 5 Dec 2017 14:30:13 -0800
+Subject: [PATCH] Fix uninitialized constant DateTime Close #80
+
+---
+ lib/safe_yaml/parse/date.rb | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/safe_yaml/parse/date.rb b/lib/safe_yaml/parse/date.rb
+index cd3c62a..3a30a8b 100644
+--- a/lib/safe_yaml/parse/date.rb
++++ b/lib/safe_yaml/parse/date.rb
+@@ -1,3 +1,5 @@
++require 'time'
++
+ module SafeYAML
+   class Parse
+     class Date
diff --git a/gnu/packages/patches/soundconverter-remove-gconf-dependency.patch b/gnu/packages/patches/soundconverter-remove-gconf-dependency.patch
index f065b9a3d4..29cdeb6e8d 100644
--- a/gnu/packages/patches/soundconverter-remove-gconf-dependency.patch
+++ b/gnu/packages/patches/soundconverter-remove-gconf-dependency.patch
@@ -1,83 +1,29 @@
-From: Sebastian Ramacher <sebastian@ramacher.at>
-Date: Fri, 6 Apr 2018 13:25:35 +0200
-Subject: Only fetch profiles if GConf is still available
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Tue, 19 Feb 2019 07:46:28 +0100
+Subject: [PATCH] gnu: soundconverter: Catch (and ignore) the right error.
 
----
- bin/soundconverter.py       |  1 -
- soundconverter/gstreamer.py | 44 ++++++++++++++++++++++++--------------------
- 2 files changed, 24 insertions(+), 21 deletions(-)
+Without this patch and GConf:
 
-diff --git a/bin/soundconverter.py b/bin/soundconverter.py
-index 39055ce..5198443 100644
---- a/bin/soundconverter.py
-+++ b/bin/soundconverter.py
-@@ -66,7 +66,6 @@ def _check_libs():
-         import gi
-         gi.require_version('Gst', '1.0')
-         gi.require_version('Gtk', '3.0')
--        gi.require_version('GConf', '2.0')
-         from gi.repository import GObject
-         # force GIL creation - see https://bugzilla.gnome.org/show_bug.cgi?id=710447
-         import threading
-diff --git a/soundconverter/gstreamer.py b/soundconverter/gstreamer.py
-index 23aaa9b..211b052 100644
---- a/soundconverter/gstreamer.py
-+++ b/soundconverter/gstreamer.py
-@@ -25,7 +25,7 @@ from urllib.parse import urlparse
- from gettext import gettext as _
- 
- import gi
--from gi.repository import Gst, Gtk, GObject, GConf, Gio
-+from gi.repository import Gst, Gtk, GObject, Gio
- 
- from soundconverter.fileoperations import vfs_encode_filename, file_encode_filename
- from soundconverter.fileoperations import unquote_filename, vfs_makedirs, vfs_unlink
-@@ -66,25 +66,29 @@ _GCONF_PROFILE_LIST_PATH = "/system/gstreamer/1.0/audio/global/profile_list"
- audio_profiles_list = []
- audio_profiles_dict = {}
- 
--_GCONF = GConf.Client.get_default()
--profiles = _GCONF.all_dirs(_GCONF_PROFILE_LIST_PATH)
--for name in profiles:
--    if _GCONF.get_bool(_GCONF_PROFILE_PATH + name + "/active"):
--        # get profile
--        description = _GCONF.get_string(_GCONF_PROFILE_PATH + name + "/name")
--        extension = _GCONF.get_string(_GCONF_PROFILE_PATH + name + "/extension")
--        pipeline = _GCONF.get_string(_GCONF_PROFILE_PATH + name + "/pipeline")
--        # check profile validity
--        if not extension or not pipeline:
--            continue
--        if not description:
--            description = extension
--        if description in audio_profiles_dict:
--            continue
--            # store
--        profile = description, extension, pipeline
--        audio_profiles_list.append(profile)
--        audio_profiles_dict[description] = profile
-+try:
-+    from gi.repository import GConf
-+    _GCONF = GConf.Client.get_default()
-+    profiles = _GCONF.all_dirs(_GCONF_PROFILE_LIST_PATH)
-+    for name in profiles:
-+        if _GCONF.get_bool(_GCONF_PROFILE_PATH + name + "/active"):
-+            # get profile
-+            description = _GCONF.get_string(_GCONF_PROFILE_PATH + name + "/name")
-+            extension = _GCONF.get_string(_GCONF_PROFILE_PATH + name + "/extension")
-+            pipeline = _GCONF.get_string(_GCONF_PROFILE_PATH + name + "/pipeline")
-+            # check profile validity
-+            if not extension or not pipeline:
-+                continue
-+            if not description:
-+                description = extension
-+            if description in audio_profiles_dict:
-+                continue
-+                # store
-+            profile = description, extension, pipeline
-+            audio_profiles_list.append(profile)
-+            audio_profiles_dict[description] = profile
-+except ImportError:
-+    pass
+  Traceback (most recent call last):
+    File "/gnu/…/bin/...soundconverter-real-real-real", line 164, in <module>
+      from soundconverter.batch import cli_convert_main
+    File "/gnu/…/lib/soundconverter/python/soundconverter/batch.py", line 31, in <module>
+      from soundconverter.gstreamer import TagReader
+    File "/gnu/…/lib/soundconverter/python/soundconverter/gstreamer.py", line 70, in <module>
+      gi.require_version('GConf', '2.0')
+    File "/gnu/…/lib/python3.7/site-packages/gi/__init__.py", line 130, in require_version
+      raise ValueError('Namespace %s not available' % namespace)
+  ValueError: Namespace GConf not available
+---
+diff -Naur soundconverter-3.0.1/soundconverter/gstreamer.py soundconverter-3.0.1/soundconverter/gstreamer.py
+--- soundconverter-3.0.1/soundconverter/gstreamer.py	2018-11-23 20:38:46.000000000 +0100
++++ soundconverter-3.0.1/soundconverter/gstreamer.py	2019-02-19 07:42:15.767684388 +0100
+@@ -88,7 +88,7 @@
+             profile = description, extension, pipeline
+             audio_profiles_list.append(profile)
+             audio_profiles_dict[description] = profile
+-except ImportError:
++except ValueError:
+     pass
  
  required_elements = ('decodebin', 'fakesink', 'audioconvert', 'typefind', 'audiorate')
- for element in required_elements:
diff --git a/gnu/packages/patches/tomsfastmath-constness.patch b/gnu/packages/patches/tomsfastmath-constness.patch
deleted file mode 100644
index 7c6ab5bbec..0000000000
--- a/gnu/packages/patches/tomsfastmath-constness.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From dac089515901d6bf315cd15a6e744b8d2c02c1cb Mon Sep 17 00:00:00 2001
-From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date: Sat, 31 Oct 2015 22:48:07 +0100
-Subject: [PATCH] tfm: make a few functions static
-
-clamav expects them to be static and it does not seem bad to do so.
-
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
----
- src/bin/fp_read_radix.c        | 2 +-
- src/bin/fp_read_signed_bin.c   | 2 +-
- src/bin/fp_read_unsigned_bin.c | 2 +-
- src/headers/tfm.h              | 6 +++---
- 4 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/src/bin/fp_read_radix.c b/src/bin/fp_read_radix.c
-index 0b5e826..431afa0 100644
---- a/src/bin/fp_read_radix.c
-+++ b/src/bin/fp_read_radix.c
-@@ -9,7 +9,7 @@
-  */
- #include <tfm_private.h>
- 
--int fp_read_radix(fp_int *a, char *str, int radix)
-+int fp_read_radix(fp_int *a, const char *str, int radix)
- {
-   int     y, neg;
-   char    ch;
-diff --git a/src/bin/fp_read_signed_bin.c b/src/bin/fp_read_signed_bin.c
-index e2b8003..6467d19 100644
---- a/src/bin/fp_read_signed_bin.c
-+++ b/src/bin/fp_read_signed_bin.c
-@@ -9,7 +9,7 @@
-  */
- #include <tfm_private.h>
- 
--void fp_read_signed_bin(fp_int *a, unsigned char *b, int c)
-+void fp_read_signed_bin(fp_int *a, const unsigned char *b, int c)
- {
-   /* read magnitude */
-   fp_read_unsigned_bin (a, b + 1, c - 1);
-diff --git a/src/bin/fp_read_unsigned_bin.c b/src/bin/fp_read_unsigned_bin.c
-index 3ee64c0..2ee89cb 100644
---- a/src/bin/fp_read_unsigned_bin.c
-+++ b/src/bin/fp_read_unsigned_bin.c
-@@ -9,7 +9,7 @@
-  */
- #include <tfm_private.h>
- 
--void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c)
-+void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c)
- {
-   /* zero the int */
-   fp_zero (a);
-diff --git a/src/headers/tfm.h b/src/headers/tfm.h
-index af87b56..f406388 100644
---- a/src/headers/tfm.h
-+++ b/src/headers/tfm.h
-@@ -467,14 +467,14 @@ int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback
- int fp_count_bits(fp_int *a);
- 
- int fp_unsigned_bin_size(fp_int *a);
--void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c);
-+void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
- void fp_to_unsigned_bin(fp_int *a, unsigned char *b);
- 
- int fp_signed_bin_size(fp_int *a);
--void fp_read_signed_bin(fp_int *a, unsigned char *b, int c);
-+void fp_read_signed_bin(fp_int *a, const unsigned char *b, int c);
- void fp_to_signed_bin(fp_int *a, unsigned char *b);
- 
--int fp_read_radix(fp_int *a, char *str, int radix);
-+int fp_read_radix(fp_int *a, const char *str, int radix);
- 
- int fp_radix_size(fp_int *a, int radix, int *size);
- int fp_toradix(fp_int *a, char *str, int radix);
diff --git a/gnu/packages/patches/xf86-video-i128-remove-mibstore.patch b/gnu/packages/patches/xf86-video-i128-remove-mibstore.patch
deleted file mode 100644
index b269d63473..0000000000
--- a/gnu/packages/patches/xf86-video-i128-remove-mibstore.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Removes references to mibstore.h and miInitializeBackingStore, which
-have been removed from xorg-server.  Zack Rusin <zackr@vmware.com>
-wrote: "It was a noop for at least 5 years and it has been removed."
-See: http://patches.openembedded.org/patch/46133/
-
---- xf86-video-i128-1.3.6/src/i128_driver.c.~1~	2012-07-17 01:21:15.000000000 -0400
-+++ xf86-video-i128-1.3.6/src/i128_driver.c	2014-12-19 00:47:16.140087736 -0500
-@@ -51,7 +51,6 @@
- #include "mipointer.h"
- 
- /* All drivers implementing backing store need this */
--#include "mibstore.h"
- #include "micmap.h"
- 
- #include "xf86DDC.h"
-@@ -1557,7 +1556,6 @@
-         return FALSE;
-     }
-     
--    miInitializeBackingStore(pScreen);
-     xf86SetBackingStore(pScreen);
-     xf86SetSilkenMouse(pScreen);
- 
diff --git a/gnu/packages/patches/xmodmap-asprintf.patch b/gnu/packages/patches/xmodmap-asprintf.patch
deleted file mode 100644
index 6dfe8514e5..0000000000
--- a/gnu/packages/patches/xmodmap-asprintf.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-This patch allows the 'asprintf' declaration to be visible, by
-including <config.h>, which defines _GNU_SOURCE.
-
-
---- xmodmap-1.0.7/xmodmap.c	2013-11-25 23:25:25.000000000 +0100
-+++ xmodmap-1.0.7/xmodmap.c	2013-11-25 23:25:27.000000000 +0100
-@@ -26,6 +26,7 @@ from The Open Group.
- 
- */
- 
-+#include <config.h>
- #include <X11/Xos.h>
- #include <X11/Xlib.h>
- #include <stdio.h>