summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-05-13 02:03:22 -0400
committerLeo Famulari <leo@famulari.name>2016-05-13 02:08:11 -0400
commiteb74eb4199db3faac654114257996f244ec308f5 (patch)
tree9504ae968710941557be6d1edd244618eeb14448 /gnu
parentf10e7ef475da430afa46e0b062010952ed886694 (diff)
parente9017c98d61f305b624bacaa30e8891ec0100980 (diff)
downloadguix-eb74eb4199db3faac654114257996f244ec308f5.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu')
-rw-r--r--gnu/build/marionette.scm206
-rw-r--r--gnu/local.mk63
-rw-r--r--gnu/packages.scm1
-rw-r--r--gnu/packages/admin.scm23
-rw-r--r--gnu/packages/algebra.scm2
-rw-r--r--gnu/packages/asciidoc.scm52
-rw-r--r--gnu/packages/backup.scm9
-rw-r--r--gnu/packages/base.scm30
-rw-r--r--gnu/packages/bash.scm43
-rw-r--r--gnu/packages/bioinformatics.scm10
-rw-r--r--gnu/packages/bootstrap.scm3
-rw-r--r--gnu/packages/calendar.scm17
-rw-r--r--gnu/packages/cdrom.scm20
-rw-r--r--gnu/packages/commencement.scm3
-rw-r--r--gnu/packages/connman.scm89
-rw-r--r--gnu/packages/cross-base.scm63
-rw-r--r--gnu/packages/databases.scm59
-rw-r--r--gnu/packages/dns.scm4
-rw-r--r--gnu/packages/documentation.scm117
-rw-r--r--gnu/packages/doxygen.scm59
-rw-r--r--gnu/packages/entr.scm66
-rw-r--r--gnu/packages/fcitx.scm2
-rw-r--r--gnu/packages/fish.scm2
-rw-r--r--gnu/packages/fontutils.scm29
-rw-r--r--gnu/packages/freedesktop.scm6
-rw-r--r--gnu/packages/game-development.scm16
-rw-r--r--gnu/packages/games.scm10
-rw-r--r--gnu/packages/gcc.scm15
-rw-r--r--gnu/packages/glib.scm138
-rw-r--r--gnu/packages/gnome.scm433
-rw-r--r--gnu/packages/gnupg.scm52
-rw-r--r--gnu/packages/gnustep.scm29
-rw-r--r--gnu/packages/gnuzilla.scm16
-rw-r--r--gnu/packages/graphics.scm2
-rw-r--r--gnu/packages/graphviz.scm18
-rw-r--r--gnu/packages/gstreamer.scm3
-rw-r--r--gnu/packages/gtk.scm95
-rw-r--r--gnu/packages/guile.scm31
-rw-r--r--gnu/packages/image.scm7
-rw-r--r--gnu/packages/imagemagick.scm5
-rw-r--r--gnu/packages/inkscape.scm7
-rw-r--r--gnu/packages/java.scm190
-rw-r--r--gnu/packages/jemalloc.scm10
-rw-r--r--gnu/packages/key-mon.scm13
-rw-r--r--gnu/packages/kodi.scm2
-rw-r--r--gnu/packages/libreoffice.scm2
-rw-r--r--gnu/packages/linux.scm97
-rw-r--r--gnu/packages/mail.scm26
-rw-r--r--gnu/packages/maths.scm298
-rw-r--r--gnu/packages/messaging.scm27
-rw-r--r--gnu/packages/mpd.scm2
-rw-r--r--gnu/packages/music.scm131
-rw-r--r--gnu/packages/ntp.scm9
-rw-r--r--gnu/packages/ocaml.scm3
-rw-r--r--gnu/packages/patches/4store-fix-buildsystem.patch56
-rw-r--r--gnu/packages/patches/doc++-include-directives.patch224
-rw-r--r--gnu/packages/patches/doc++-segfault-fix.patch169
-rw-r--r--gnu/packages/patches/gcc-cross-environment-variables.patch51
-rw-r--r--gnu/packages/patches/glib-tests-desktop.patch138
-rw-r--r--gnu/packages/patches/glib-tests-gapplication.patch28
-rw-r--r--gnu/packages/patches/glib-tests-homedir.patch59
-rw-r--r--gnu/packages/patches/glib-tests-prlimit.patch14
-rw-r--r--gnu/packages/patches/glib-tests-timer.patch11
-rw-r--r--gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch142
-rw-r--r--gnu/packages/patches/gtk2-theme-paths.patch41
-rw-r--r--gnu/packages/patches/hdf5-config-date.patch21
-rw-r--r--gnu/packages/patches/hypre-doc-tables.patch25
-rw-r--r--gnu/packages/patches/hypre-ldflags.patch9
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2805.patch75
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch35
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch69
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch33
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch37
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch35
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2808.patch389
-rw-r--r--gnu/packages/patches/icecat-CVE-2016-2814.patch35
-rw-r--r--gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch24
-rw-r--r--gnu/packages/patches/icecat-update-bundled-graphite2.patch2488
-rw-r--r--gnu/packages/patches/imagemagick-test-segv.patch20
-rw-r--r--gnu/packages/patches/imlib2-CVE-2016-4024.patch52
-rw-r--r--gnu/packages/patches/inkscape-drop-wait-for-targets.patch68
-rw-r--r--gnu/packages/patches/libarchive-CVE-2016-1541.patch67
-rw-r--r--gnu/packages/patches/netcdf-config-date.patch47
-rw-r--r--gnu/packages/patches/ocaml-CVE-2015-8869.patch72
-rw-r--r--gnu/packages/patches/poppler-CVE-2015-8868.patch30
-rw-r--r--gnu/packages/patches/portmidi-modular-build.patch325
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-8558.patch48
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-8567.patch93
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-8613.patch35
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-8619.patch119
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-8701.patch47
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-8743.patch48
-rw-r--r--gnu/packages/patches/qemu-CVE-2016-1568.patch39
-rw-r--r--gnu/packages/patches/qemu-CVE-2016-1922.patch65
-rw-r--r--gnu/packages/patches/qemu-CVE-2016-1981.patch95
-rw-r--r--gnu/packages/patches/qemu-CVE-2016-2197.patch40
-rw-r--r--gnu/packages/patches/qemu-usb-ehci-oob-read.patch49
-rw-r--r--gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch34
-rw-r--r--gnu/packages/patches/totem-debug-format-fix.patch11
-rw-r--r--gnu/packages/patches/tvtime-gcc41.patch58
-rw-r--r--gnu/packages/patches/tvtime-pngoutput.patch15
-rw-r--r--gnu/packages/patches/tvtime-videodev2.patch15
-rw-r--r--gnu/packages/patches/tvtime-xmltv.patch28
-rw-r--r--gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch82
-rw-r--r--gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch51
-rw-r--r--gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch82
-rw-r--r--gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch62
-rw-r--r--gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch50
-rw-r--r--gnu/packages/pdf.scm24
-rw-r--r--gnu/packages/qemu.scm23
-rw-r--r--gnu/packages/qt.scm38
-rw-r--r--gnu/packages/rdf.scm2
-rw-r--r--gnu/packages/serialization.scm2
-rw-r--r--gnu/packages/statistics.scm75
-rw-r--r--gnu/packages/suckless.scm39
-rw-r--r--gnu/packages/tls.scm27
-rw-r--r--gnu/packages/tv.scm25
-rw-r--r--gnu/packages/version-control.scm62
-rw-r--r--gnu/packages/video.scm32
-rw-r--r--gnu/packages/vpn.scm9
-rw-r--r--gnu/packages/web.scm6
-rw-r--r--gnu/packages/wm.scm22
-rw-r--r--gnu/packages/xdisorg.scm48
-rw-r--r--gnu/packages/xiph.scm2
-rw-r--r--gnu/services/herd.scm82
-rw-r--r--gnu/services/networking.scm49
-rw-r--r--gnu/system.scm18
-rw-r--r--gnu/system/shadow.scm5
-rw-r--r--gnu/system/vm.scm3
-rw-r--r--gnu/tests.scm130
-rw-r--r--gnu/tests/base.scm164
131 files changed, 4236 insertions, 5371 deletions
diff --git a/gnu/build/marionette.scm b/gnu/build/marionette.scm
new file mode 100644
index 0000000000..9399c55313
--- /dev/null
+++ b/gnu/build/marionette.scm
@@ -0,0 +1,206 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu build marionette)
+  #:use-module (srfi srfi-9)
+  #:use-module (srfi srfi-26)
+  #:use-module (rnrs io ports)
+  #:use-module (ice-9 match)
+  #:export (marionette?
+            make-marionette
+            marionette-eval
+            marionette-control
+            %qwerty-us-keystrokes
+            marionette-type))
+
+;;; Commentary:
+;;;
+;;; Instrumentation tools for QEMU virtual machines (VMs).  A "marionette" is
+;;; essentially a VM (a QEMU instance) with its monitor connected to a
+;;; Unix-domain socket, and with a REPL inside the guest listening on a
+;;; virtual console, which is itself connected to the host via a Unix-domain
+;;; socket--these are the marionette's strings, connecting it to the almighty
+;;; puppeteer.
+;;;
+;;; Code:
+
+(define-record-type <marionette>
+  (marionette command pid monitor repl)
+  marionette?
+  (command    marionette-command)                 ;list of strings
+  (pid        marionette-pid)                     ;integer
+  (monitor    marionette-monitor)                 ;port
+  (repl       marionette-repl))                   ;port
+
+(define* (wait-for-monitor-prompt port #:key (quiet? #t))
+  "Read from PORT until we have seen all of QEMU's monitor prompt.  When
+QUIET? is false, the monitor's output is written to the current output port."
+  (define full-prompt
+    (string->list "(qemu) "))
+
+  (let loop ((prompt full-prompt)
+             (matches '())
+             (prefix  '()))
+    (match prompt
+      (()
+       ;; It's useful to set QUIET? so we don't display the echo of our own
+       ;; commands.
+       (unless quiet?
+         (for-each (lambda (line)
+                     (format #t "qemu monitor: ~a~%" line))
+                   (string-tokenize (list->string (reverse prefix))
+                                    (char-set-complement (char-set #\newline))))))
+      ((chr rest ...)
+       (let ((read (read-char port)))
+         (cond ((eqv? read chr)
+                (loop rest (cons read matches) prefix))
+               ((eof-object? read)
+                (error "EOF while waiting for QEMU monitor prompt"
+                       (list->string (reverse prefix))))
+               (else
+                (loop full-prompt
+                      '()
+                      (cons read (append matches prefix))))))))))
+
+(define* (make-marionette command
+                          #:key (socket-directory "/tmp") (timeout 20))
+  "Return a QEMU marionette--i.e., a virtual machine with open connections to the
+QEMU monitor and to the guest's backdoor REPL."
+  (define (file->sockaddr file)
+    (make-socket-address AF_UNIX
+                         (string-append socket-directory "/" file)))
+
+  (define extra-options
+    (list "-nographic"
+          "-monitor" (string-append "unix:" socket-directory "/monitor")
+          "-chardev" (string-append "socket,id=repl,path=" socket-directory
+                                    "/repl")
+          "-device" "virtio-serial"
+          "-device" "virtconsole,chardev=repl"))
+
+  (let ((monitor (socket AF_UNIX SOCK_STREAM 0))
+        (repl    (socket AF_UNIX SOCK_STREAM 0)))
+    (bind monitor (file->sockaddr "monitor"))
+    (listen monitor 1)
+    (bind repl (file->sockaddr "repl"))
+    (listen repl 1)
+
+    (match (primitive-fork)
+      (0
+       (catch #t
+         (lambda ()
+           (close monitor)
+           (close repl)
+           (match command
+             ((program . args)
+              (apply execl program program
+                     (append args extra-options)))))
+         (lambda (key . args)
+           (print-exception (current-error-port)
+                            (stack-ref (make-stack #t) 1)
+                            key args)
+           (primitive-exit 1))))
+      (pid
+       (format #t "QEMU runs as PID ~a~%" pid)
+       (sigaction SIGALRM
+         (lambda (signum)
+           (display "time is up!\n")              ;FIXME: break
+           #t))
+       (alarm timeout)
+
+       (match (accept monitor)
+         ((monitor-conn . _)
+          (display "connected to QEMU's monitor\n")
+          (close-port monitor)
+          (wait-for-monitor-prompt monitor-conn)
+          (display "read QEMU monitor prompt\n")
+          (match (accept repl)
+            ((repl-conn . addr)
+             (display "connected to guest REPL\n")
+             (close-port repl)
+             (match (read repl-conn)
+               ('ready
+                (alarm 0)
+                (sigaction SIGALRM SIG_DFL)
+                (display "marionette is ready\n")
+                (marionette (append command extra-options) pid
+                            monitor-conn repl-conn)))))))))))
+
+(define (marionette-eval exp marionette)
+  "Evaluate EXP in MARIONETTE's backdoor REPL.  Return the result."
+  (match marionette
+    (($ <marionette> command pid monitor repl)
+     (write exp repl)
+     (newline repl)
+     (read repl))))
+
+(define (marionette-control command marionette)
+  "Run COMMAND in the QEMU monitor of MARIONETTE.  COMMAND is a string such as
+\"sendkey ctrl-alt-f1\" or \"screendump foo.ppm\" (info \"(qemu-doc)
+pcsys_monitor\")."
+  (match marionette
+    (($ <marionette> _ _ monitor)
+     (display command monitor)
+     (newline monitor)
+     (wait-for-monitor-prompt monitor))))
+
+(define %qwerty-us-keystrokes
+  ;; Maps "special" characters to their keystrokes.
+  '((#\newline . "ret")
+    (#\space . "spc")
+    (#\- . "minus")
+    (#\+ . "shift-equal")
+    (#\* . "shift-8")
+    (#\= . "equal")
+    (#\? . "shift-slash")
+    (#\[ . "bracket_left")
+    (#\] . "bracket_right")
+    (#\( . "shift-9")
+    (#\) . "shift-0")
+    (#\/ . "slash")
+    (#\< . "less")
+    (#\> . "shift-less")
+    (#\. . "dot")
+    (#\, . "comma")
+    (#\; . "semicolon")
+    (#\bs . "backspace")
+    (#\tab . "tab")))
+
+(define* (string->keystroke-commands str
+                                     #:optional
+                                     (keystrokes
+                                      %qwerty-us-keystrokes))
+  "Return a list of QEMU monitor commands to send the keystrokes corresponding
+to STR.  KEYSTROKES is an alist specifying a mapping from characters to
+keystrokes."
+  (string-fold-right (lambda (chr result)
+                       (cons (string-append "sendkey "
+                                            (or (assoc-ref keystrokes chr)
+                                                (string chr)))
+                             result))
+                     '()
+                     str))
+
+(define* (marionette-type str marionette
+                          #:key (keystrokes %qwerty-us-keystrokes))
+  "Type STR on MARIONETTE's keyboard, using the KEYSTROKES alist to map characters
+to actual keystrokes."
+  (for-each (cut marionette-control <> marionette)
+            (string->keystroke-commands str keystrokes)))
+
+;;; marionette.scm ends here
diff --git a/gnu/local.mk b/gnu/local.mk
index d223d39bcd..9d3bc1ee8b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -40,7 +40,6 @@ GNU_SYSTEM_MODULES =				\
   gnu/packages/anthy.scm			\
   gnu/packages/apl.scm				\
   gnu/packages/apr.scm				\
-  gnu/packages/asciidoc.scm			\
   gnu/packages/aspell.scm			\
   gnu/packages/attr.scm				\
   gnu/packages/audacity.scm			\
@@ -73,6 +72,7 @@ GNU_SYSTEM_MODULES =				\
   gnu/packages/compression.scm			\
   gnu/packages/conkeror.scm			\
   gnu/packages/conky.scm			\
+  gnu/packages/connman.scm			\
   gnu/packages/cook.scm				\
   gnu/packages/cpio.scm				\
   gnu/packages/cppi.scm				\
@@ -97,7 +97,7 @@ GNU_SYSTEM_MODULES =				\
   gnu/packages/dns.scm				\
   gnu/packages/docbook.scm			\
   gnu/packages/docker.scm			\
-  gnu/packages/doxygen.scm			\
+  gnu/packages/documentation.scm		\
   gnu/packages/dunst.scm			\
   gnu/packages/dvtm.scm				\
   gnu/packages/ebook.scm			\
@@ -107,6 +107,7 @@ GNU_SYSTEM_MODULES =				\
   gnu/packages/enchant.scm			\
   gnu/packages/engineering.scm			\
   gnu/packages/enlightenment.scm		\
+  gnu/packages/entr.scm				\
   gnu/packages/fcitx.scm			\
   gnu/packages/feh.scm                          \
   gnu/packages/figlet.scm			\
@@ -398,11 +399,16 @@ GNU_SYSTEM_MODULES =				\
   gnu/build/linux-container.scm			\
   gnu/build/linux-initrd.scm			\
   gnu/build/linux-modules.scm			\
-  gnu/build/vm.scm
+  gnu/build/marionette.scm			\
+  gnu/build/vm.scm				\
+						\
+  gnu/tests.scm					\
+  gnu/tests/base.scm
 
 
 patchdir = $(guilemoduledir)/gnu/packages/patches
 dist_patch_DATA =						\
+  gnu/packages/patches/4store-fix-buildsystem.patch		\
   gnu/packages/patches/abiword-explictly-cast-bools.patch	\
   gnu/packages/patches/abiword-wmf-version-lookup-fix.patch	\
   gnu/packages/patches/acl-hurd-path-max.patch			\
@@ -452,6 +458,8 @@ dist_patch_DATA =						\
   gnu/packages/patches/dico-libtool-deterministic.patch		\
   gnu/packages/patches/diffutils-gets-undeclared.patch		\
   gnu/packages/patches/dfu-programmer-fix-libusb.patch		\
+  gnu/packages/patches/doc++-include-directives.patch		\
+  gnu/packages/patches/doc++-segfault-fix.patch			\
   gnu/packages/patches/doxygen-test.patch			\
   gnu/packages/patches/duplicity-piped-password.patch		\
   gnu/packages/patches/duplicity-test_selection-tmp.patch	\
@@ -490,11 +498,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/ghostscript-CVE-2015-3228.patch		\
   gnu/packages/patches/ghostscript-runpath.patch		\
   gnu/packages/patches/glib-networking-ssl-cert-file.patch	\
-  gnu/packages/patches/glib-tests-desktop.patch			\
-  gnu/packages/patches/glib-tests-homedir.patch			\
-  gnu/packages/patches/glib-tests-prlimit.patch			\
   gnu/packages/patches/glib-tests-timer.patch			\
-  gnu/packages/patches/glib-tests-gapplication.patch		\
   gnu/packages/patches/glibc-bootstrap-system.patch		\
   gnu/packages/patches/glibc-hurd-extern-inline.patch		\
   gnu/packages/patches/glibc-ldd-x86_64.patch			\
@@ -504,7 +508,6 @@ dist_patch_DATA =						\
   gnu/packages/patches/gmp-arm-asm-nothumb.patch		\
   gnu/packages/patches/gmp-faulty-test.patch			\
   gnu/packages/patches/gnucash-price-quotes-perl.patch		\
-  gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch \
   gnu/packages/patches/gobject-introspection-absolute-shlib-path.patch \
   gnu/packages/patches/gobject-introspection-cc.patch		\
   gnu/packages/patches/gobject-introspection-girepository.patch	\
@@ -520,29 +523,22 @@ dist_patch_DATA =						\
   gnu/packages/patches/guile-relocatable.patch			\
   gnu/packages/patches/guile-rsvg-pkgconfig.patch		\
   gnu/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch	\
+  gnu/packages/patches/gtk2-theme-paths.patch			\
   gnu/packages/patches/gtk3-respect-GUIX_GTK3_PATH.patch	\
   gnu/packages/patches/gtkglext-disable-disable-deprecated.patch \
+  gnu/packages/patches/hdf5-config-date.patch			\
   gnu/packages/patches/hop-bigloo-4.0b.patch			\
   gnu/packages/patches/hop-linker-flags.patch			\
   gnu/packages/patches/hydra-automake-1.15.patch		\
   gnu/packages/patches/hydra-disable-darcs-test.patch		\
+  gnu/packages/patches/hypre-doc-tables.patch			\
+  gnu/packages/patches/hypre-ldflags.patch			\
   gnu/packages/patches/icecat-avoid-bundled-includes.patch	\
-  gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch	\
-  gnu/packages/patches/icecat-update-bundled-graphite2.patch	\
-  gnu/packages/patches/icecat-CVE-2016-2805.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2808.patch		\
-  gnu/packages/patches/icecat-CVE-2016-2814.patch		\
   gnu/packages/patches/icu4c-CVE-2014-6585.patch		\
   gnu/packages/patches/icu4c-CVE-2015-1270.patch		\
   gnu/packages/patches/icu4c-CVE-2015-4760.patch		\
   gnu/packages/patches/ilmbase-fix-tests.patch			\
-  gnu/packages/patches/imagemagick-test-segv.patch		\
-  gnu/packages/patches/imlib2-CVE-2016-4024.patch		\
+  gnu/packages/patches/inkscape-drop-wait-for-targets.patch	\
   gnu/packages/patches/irrlicht-mesa-10.patch			\
   gnu/packages/patches/jasper-CVE-2007-2721.patch		\
   gnu/packages/patches/jasper-CVE-2008-3520.patch		\
@@ -567,6 +563,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/liba52-use-mtune-not-mcpu.patch		\
   gnu/packages/patches/libarchive-bsdtar-test.patch		\
   gnu/packages/patches/libarchive-CVE-2013-0211.patch		\
+  gnu/packages/patches/libarchive-CVE-2016-1541.patch		\
   gnu/packages/patches/libarchive-fix-lzo-test-case.patch	\
   gnu/packages/patches/libarchive-mtree-filename-length-fix.patch \
   gnu/packages/patches/libbonobo-activation-test-race.patch	\
@@ -634,6 +631,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/mupen64plus-ui-console-notice.patch	\
   gnu/packages/patches/mutt-store-references.patch		\
   gnu/packages/patches/net-tools-bitrot.patch			\
+  gnu/packages/patches/netcdf-config-date.patch			\
   gnu/packages/patches/ngircd-handle-zombies.patch		\
   gnu/packages/patches/ngircd-no-dns-in-tests.patch		\
   gnu/packages/patches/ninja-tests.patch			\
@@ -642,6 +640,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/nvi-assume-preserve-path.patch		\
   gnu/packages/patches/nvi-dbpagesize-binpower.patch		\
   gnu/packages/patches/nvi-db4.patch				\
+  gnu/packages/patches/ocaml-CVE-2015-8869.patch		\
   gnu/packages/patches/ocaml-findlib-make-install.patch	\
   gnu/packages/patches/openexr-missing-samples.patch		\
   gnu/packages/patches/openimageio-boost-1.60.patch		\
@@ -680,8 +679,8 @@ dist_patch_DATA =						\
   gnu/packages/patches/plink-1.07-unclobber-i.patch		\
   gnu/packages/patches/plotutils-libpng-jmpbuf.patch		\
   gnu/packages/patches/polkit-drop-test.patch			\
-  gnu/packages/patches/poppler-CVE-2015-8868.patch		\
   gnu/packages/patches/portaudio-audacity-compat.patch		\
+  gnu/packages/patches/portmidi-modular-build.patch		\
   gnu/packages/patches/procmail-ambiguous-getline-debian.patch  \
   gnu/packages/patches/procps-non-linux.patch			\
   gnu/packages/patches/pt-scotch-build-parallelism.patch	\
@@ -707,18 +706,6 @@ dist_patch_DATA =						\
   gnu/packages/patches/python-paste-remove-timing-test.patch	\
   gnu/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \
   gnu/packages/patches/python-pandas-fix-tslib-test-failure.patch \
-  gnu/packages/patches/qemu-CVE-2015-8558.patch			\
-  gnu/packages/patches/qemu-CVE-2015-8567.patch			\
-  gnu/packages/patches/qemu-CVE-2015-8613.patch			\
-  gnu/packages/patches/qemu-CVE-2015-8619.patch			\
-  gnu/packages/patches/qemu-CVE-2015-8701.patch			\
-  gnu/packages/patches/qemu-CVE-2015-8743.patch			\
-  gnu/packages/patches/qemu-CVE-2016-1568.patch			\
-  gnu/packages/patches/qemu-CVE-2016-1922.patch			\
-  gnu/packages/patches/qemu-CVE-2016-1981.patch			\
-  gnu/packages/patches/qemu-CVE-2016-2197.patch			\
-  gnu/packages/patches/qemu-usb-ehci-oob-read.patch		\
-  gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch \
   gnu/packages/patches/qt4-ldflags.patch			\
   gnu/packages/patches/ratpoison-shell.patch			\
   gnu/packages/patches/readline-link-ncurses.patch		\
@@ -753,10 +740,7 @@ dist_patch_DATA =						\
   gnu/packages/patches/ttfautohint-source-date-epoch.patch	\
   gnu/packages/patches/tophat-build-with-later-seqan.patch	\
   gnu/packages/patches/torsocks-dns-test.patch			\
-  gnu/packages/patches/tvtime-gcc41.patch			\
-  gnu/packages/patches/tvtime-pngoutput.patch			\
-  gnu/packages/patches/tvtime-videodev2.patch			\
-  gnu/packages/patches/tvtime-xmltv.patch			\
+  gnu/packages/patches/totem-debug-format-fix.patch		\
   gnu/packages/patches/unzip-CVE-2014-8139.patch		\
   gnu/packages/patches/unzip-CVE-2014-8140.patch		\
   gnu/packages/patches/unzip-CVE-2014-8141.patch		\
@@ -792,6 +776,11 @@ dist_patch_DATA =						\
   gnu/packages/patches/wpa-supplicant-CVE-2015-5314.patch	\
   gnu/packages/patches/wpa-supplicant-CVE-2015-5315.patch	\
   gnu/packages/patches/wpa-supplicant-CVE-2015-5316.patch	\
+  gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch	\
+  gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch	\
+  gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch	\
+  gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch	\
+  gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch	\
   gnu/packages/patches/xdotool-fix-makefile.patch               \
   gnu/packages/patches/xf86-video-ark-remove-mibstore.patch	\
   gnu/packages/patches/xf86-video-ast-remove-mibstore.patch	\
diff --git a/gnu/packages.scm b/gnu/packages.scm
index 1e3f383cbc..7130f58fdd 100644
--- a/gnu/packages.scm
+++ b/gnu/packages.scm
@@ -24,6 +24,7 @@
   #:use-module (guix packages)
   #:use-module (guix ui)
   #:use-module (guix utils)
+  #:use-module (guix combinators)
   #:use-module ((guix build utils)
                 #:select ((package-name->name+version
                            . hyphen-separated-name->name+version)))
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 11a2d1622b..633606e840 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -486,9 +486,9 @@ connection alive.")
 (define-public isc-dhcp
   (let* ((bind-major-version "9")
          (bind-minor-version "9")
-         (bind-patch-version "8")
-         (bind-release-type "-P")
-         (bind-release-version "4")
+         (bind-patch-version "9")
+         (bind-release-type "")         ; for patch release, use "-P"
+         (bind-release-version "")      ; for patch release, e.g. "4"
          (bind-version (string-append bind-major-version
                                       "."
                                       bind-minor-version
@@ -498,14 +498,14 @@ connection alive.")
                                       bind-release-version)))
     (package
       (name "isc-dhcp")
-      (version "4.3.3-P1")
+      (version "4.3.4")
       (source (origin
                 (method url-fetch)
                 (uri (string-append "http://ftp.isc.org/isc/dhcp/"
                                     version "/dhcp-" version ".tar.gz"))
                 (sha256
                  (base32
-                  "08crcsmg4dm2v533aq3883ik8mf4vvvd6r998r4vrgx1zxnqj7n1"))))
+                  "0zk0imll6bfyp9p4ndn8h6s4ifijnw5bhixswifr5rnk7pp5l4gm"))))
       (build-system gnu-build-system)
       (arguments
        `(#:parallel-build? #f
@@ -604,7 +604,7 @@ connection alive.")
                                         "/bind-" bind-version ".tar.gz"))
                     (sha256
                      (base32
-                      "1wl9kl0630dc1qjrf7fnp8cscagfm5qgmisi0zhr1p6iwi9bil2y"))))
+                      "0w8qqm6p2y6x57j2l0a3278g173wd84dsr4py9z00191f3wra74q"))))
 
                 ;; When cross-compiling, we need the cross Coreutils and sed.
                 ;; Otherwise just use those from %FINAL-INPUTS.
@@ -874,7 +874,12 @@ commands and their arguments.")
                (search-patches "wpa-supplicant-CVE-2015-5310.patch"
                                "wpa-supplicant-CVE-2015-5314.patch"
                                "wpa-supplicant-CVE-2015-5315.patch"
-                               "wpa-supplicant-CVE-2015-5316.patch"))))
+                               "wpa-supplicant-CVE-2015-5316.patch"
+                               "wpa-supplicant-CVE-2016-4476.patch"
+                               "wpa-supplicant-CVE-2016-4477-pt1.patch"
+                               "wpa-supplicant-CVE-2016-4477-pt2.patch"
+                               "wpa-supplicant-CVE-2016-4477-pt3.patch"
+                               "wpa-supplicant-CVE-2016-4477-pt4.patch"))))
     (build-system gnu-build-system)
     (arguments
      '(#:phases (alist-replace
@@ -1564,14 +1569,14 @@ done with the @code{auditctl} utility.")
 (define-public nmap
   (package
     (name "nmap")
-    (version "7.11")
+    (version "7.12")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://nmap.org/dist/nmap-" version
                                   ".tar.bz2"))
               (sha256
                (base32
-                "0jlmq1w0gjqpa7qa523kdj73ndm1xzww2wjvb94hxh6yalargyhk"))
+                "014vagh9ak10hidwzp9s6g30y5h5fhsh8wykcnc1hnn9hwm0ipv3"))
               (modules '((guix build utils)))
               (snippet
                '(map delete-file-recursively
diff --git a/gnu/packages/algebra.scm b/gnu/packages/algebra.scm
index f03c3c104e..53f6f3e3d2 100644
--- a/gnu/packages/algebra.scm
+++ b/gnu/packages/algebra.scm
@@ -24,7 +24,7 @@
   #:use-module (gnu packages)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages compression)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages fltk)
   #:use-module (gnu packages gl)
   #:use-module (gnu packages graphviz)
diff --git a/gnu/packages/asciidoc.scm b/gnu/packages/asciidoc.scm
deleted file mode 100644
index 5bc5cfa7f9..0000000000
--- a/gnu/packages/asciidoc.scm
+++ /dev/null
@@ -1,52 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages asciidoc)
-  #:use-module (guix licenses)
-  #:use-module (guix packages)
-  #:use-module (guix download)
-  #:use-module (gnu packages python)
-  #:use-module (guix build-system gnu)
-  #:autoload   (gnu packages zip) (unzip))
-
-(define-public asciidoc
-  (package
-    (name "asciidoc")
-    (version "8.6.9")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append "mirror://sourceforge/asciidoc/asciidoc-"
-                                  version ".tar.gz"))
-              (sha256
-               (base32
-                "1w71nk527lq504njmaf0vzr93pgahkgzzxzglrq6bay8cw2rvnvq"))))
-    (build-system gnu-build-system)
-    (arguments '(#:tests? #f))                    ; no 'check' target
-    (inputs `(("python" ,python-2)))
-    (home-page "http://www.methods.co.nz/asciidoc/")
-    (synopsis "Text-based document generation system")
-    (description
-     "AsciiDoc is a text document format for writing notes, documentation,
-articles, books, ebooks, slideshows, web pages, man pages and blogs.
-AsciiDoc files can be translated to many formats including HTML, PDF,
-EPUB, man page.
-
-AsciiDoc is highly configurable: both the AsciiDoc source file syntax and
-the backend output markups (which can be almost any type of SGML/XML
-markup) can be customized and extended by the user.")
-    (license gpl2+)))
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index a7b48f1154..917bee78d9 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -136,6 +136,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
 (define-public libarchive
   (package
     (name "libarchive")
+    (replacement libarchive/fixed)
     (version "3.1.2")
     (source
      (origin
@@ -193,6 +194,14 @@ archive.  In particular, note that there is currently no built-in support for
 random access nor for in-place modification.")
     (license license:bsd-2)))
 
+(define libarchive/fixed
+  (package
+    (inherit libarchive)
+    (source (origin
+              (inherit (package-source libarchive))
+              (patches (cons (search-patch "libarchive-CVE-2016-1541.patch")
+                             (origin-patches (package-source libarchive))))))))
+
 (define-public rdup
   (package
     (name "rdup")
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index d7e069edee..0d12376057 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -6,6 +6,7 @@
 ;;; Copyright © 2014 Alex Kost <alezost@gmail.com>
 ;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -24,7 +25,7 @@
 
 (define-module (gnu packages base)
   #:use-module ((guix licenses)
-                #:select (gpl3+ lgpl2.0+ public-domain))
+                #:select (gpl3+ lgpl2.0+ lgpl3+ public-domain))
   #:use-module (gnu packages)
   #:use-module (gnu packages acl)
   #:use-module (gnu packages bash)
@@ -920,6 +921,33 @@ reflect changes made by political bodies to time zone boundaries, UTC offsets,
 and daylight-saving rules.")
     (license public-domain)))
 
+(define-public libiconv
+  (package
+    (name "libiconv")
+    (version "1.14")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnu/libiconv/libiconv-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "04q6lgl3kglmmhw59igq1n7v3rp1rpkypl366cy1k1yn2znlvckj"))
+              (modules '((guix build utils)))
+              (snippet
+               ;; Work around "declared gets" error on glibc systems (fixed by
+               ;; Gnulib commit 66712c23388e93e5c518ebc8515140fa0c807348.)
+               '(substitute* "srclib/stdio.in.h"
+                  (("^#undef gets") "")
+                  (("^_GL_WARN_ON_USE \\(gets.*") "")))))
+    (build-system gnu-build-system)
+    (synopsis "Character set conversion library")
+    (description
+     "libiconv provides an implementation of the iconv function for systems
+that lack it.  iconv is used to convert between character encodings in a
+program.  It supports a wide variety of different encodings.")
+    (home-page "http://www.gnu.org/software/libiconv/")
+    (license lgpl3+)))
+
 (define-public (canonical-package package)
   ;; Avoid circular dependency by lazily resolving 'commencement'.
   (let* ((iface (resolve-interface '(gnu packages commencement)))
diff --git a/gnu/packages/bash.scm b/gnu/packages/bash.scm
index cad66da70b..ff3acfc0e4 100644
--- a/gnu/packages/bash.scm
+++ b/gnu/packages/bash.scm
@@ -318,3 +318,46 @@ without modification.")
 completion for many common commands.")
     (home-page "http://bash-completion.alioth.debian.org/")
     (license gpl2+)))
+
+(define-public bash-tap
+  (package
+    (name "bash-tap")
+    (version "1.0.2")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://github.com/illusori/bash-tap/"
+                                  "archive/" version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "0qs1qi38bl3ns4mpagcawv618dsk2q1lgrbddgvs0wl3ia12cyz5"))))
+    ;; There is no compilation process to use this package, however, the bash
+    ;; scripts installed by this package start with "#!/bin/bash".  To fix
+    ;; these lines, we use the patch-shebangs of the GNU build system.  The
+    ;; project does not use a Makefile.
+    (build-system gnu-build-system)
+    (arguments
+     `(#:tests? #f ; There is no test suite.
+       #:phases
+       (modify-phases %standard-phases
+         ;; Because there are no configure scripts or Makefile, we can
+         ;; remove these phases.
+         (delete 'configure)
+         (delete 'build)
+         ;; The installation involves manually copying the files to a location.
+         ;; To make them easily accessible by setting PATH, we add the scripts
+         ;; to the "bin" folder.
+         (replace 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((bin (string-append (assoc-ref outputs "out") "/bin")))
+               (install-file "bash-tap" bin)
+               (install-file "bash-tap-bootstrap" bin)
+               (install-file "bash-tap-mock" bin)))))))
+    (home-page "http://www.illusori.co.uk/projects/bash-tap/")
+    (synopsis "Bash port of a Test::More/Test::Builder-style TAP-compliant
+test library")
+    (description "Bash TAP is a TAP-compliant Test::More-style testing library
+for Bash shell scripts and functions.  Along with the Test::More-style testing
+helpers it provides helper functions for mocking commands and in-process output
+capturing.")
+    (license expat)))
diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm
index 079fd467cc..c7bf03bcbc 100644
--- a/gnu/packages/bioinformatics.scm
+++ b/gnu/packages/bioinformatics.scm
@@ -44,7 +44,7 @@
   #:use-module (gnu packages compression)
   #:use-module (gnu packages cpio)
   #:use-module (gnu packages curl)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages datastructures)
   #:use-module (gnu packages file)
   #:use-module (gnu packages gawk)
@@ -1535,14 +1535,14 @@ data and settings.")
 (define-public edirect
   (package
     (name "edirect")
-    (version "3.50")
+    (version "4.10")
     (source (origin
               (method url-fetch)
-              ;; Note: older versions are not retained.
-              (uri "ftp://ftp.ncbi.nlm.nih.gov/entrez/entrezdirect/edirect.tar.gz")
+              (uri (string-append "ftp://ftp.ncbi.nlm.nih.gov/entrez/entrezdirect/"
+                                  "versions/2016-05-03/edirect.tar.gz"))
               (sha256
                (base32
-                "1cr3gzcs3flmgnnbj5iz93vh9w0fca1ilzi2q82cl63ln3mwvpz0"))))
+                "15zsprak5yh8c1yrz4r1knmb5s8qcmdid4xdhkh3lqcv64l60hli"))))
     (build-system perl-build-system)
     (arguments
      `(#:tests? #f ;no "check" target
diff --git a/gnu/packages/bootstrap.scm b/gnu/packages/bootstrap.scm
index 2aa4711ba8..f47a343ca6 100644
--- a/gnu/packages/bootstrap.scm
+++ b/gnu/packages/bootstrap.scm
@@ -27,7 +27,8 @@
   #:use-module (guix build-system trivial)
   #:use-module ((guix store) #:select (add-to-store add-text-to-store))
   #:use-module ((guix derivations) #:select (derivation))
-  #:use-module (guix utils)
+  #:use-module ((guix utils) #:select (gnu-triplet->nix-system))
+  #:use-module (guix combinators)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (ice-9 match)
diff --git a/gnu/packages/calendar.scm b/gnu/packages/calendar.scm
index 5ef5ec9271..5ddd358607 100644
--- a/gnu/packages/calendar.scm
+++ b/gnu/packages/calendar.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
 ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016 Kei Yamashita <kei@openmailbox.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -47,11 +48,23 @@
                 "14lmjj63zyx88rf1z71l0v9ms4c2vpdhmixksjjxgywp5p2f7708"))))
     (build-system cmake-build-system)
     (arguments
-     '(#:tests? #f)) ; test suite appears broken
+     '(#:tests? #f ; test suite appears broken
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'patch-paths
+           (lambda _
+             (let ((tzdata (assoc-ref %build-inputs "tzdata")))
+               (substitute* "src/libical/icaltz-util.c"
+                 (("char \\*search_paths \\[\\] =.*$")
+                  (string-append
+                   "char *search_paths [] = "
+                   "{\"" tzdata "/share/zoneinfo\"};\n"))))
+             #t)))))
     (native-inputs
      `(("perl" ,perl)))
     (inputs
-     `(("icu4c" ,icu4c)))
+     `(("icu4c" ,icu4c)
+       ("tzdata" ,tzdata)))
     (home-page "https://libical.github.io/libical/")
     (synopsis "iCalendar protocols and data formats implementation")
     (description
diff --git a/gnu/packages/cdrom.scm b/gnu/packages/cdrom.scm
index 4eff2d5cb0..70772bf157 100644
--- a/gnu/packages/cdrom.scm
+++ b/gnu/packages/cdrom.scm
@@ -4,6 +4,7 @@
 ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
 ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -24,10 +25,13 @@
   #:use-module (guix download)
   #:use-module (guix packages)
   #:use-module ((guix licenses) #:select (lgpl2.1+ gpl2 gpl2+ gpl3+))
+  #:use-module (guix build-system cmake)
   #:use-module (guix build-system gnu)
   #:use-module (gnu packages)
   #:use-module (gnu packages acl)
+  #:use-module (gnu packages bison)
   #:use-module (gnu packages compression)
+  #:use-module (gnu packages flex)
   #:use-module (gnu packages gettext)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages man)
@@ -230,16 +234,20 @@ capacity is user-selectable.")
 (define-public libcue
   (package
     (name "libcue")
-    (version "1.4.0")
+    (version "2.1.0")
     (source (origin
              (method url-fetch)
-             (uri (string-append "https://github.com/lipnitsk/libcue/releases/"
-                                 "download/v" version "/libcue-"
-                                 version ".tar.bz2"))
+             (uri (string-append
+                   "https://github.com/lipnitsk/libcue/archive/v"
+                   version ".tar.gz"))
+             (file-name (string-append name "-" version ".tar.gz"))
              (sha256
               (base32
-               "17kjd7rjz1bvfn44n3n2bjb7a1ywd0yc0g4sqp5ihf9b5bn7cwlb"))))
-    (build-system gnu-build-system)
+               "1fradl3dx0pyy9rn1a0gak9gzgg40wax61f2s00zks7rwl0xv398"))))
+    (build-system cmake-build-system)
+    (native-inputs
+     `(("bison" ,bison)
+       ("flex" ,flex)))
     (home-page "https://github.com/lipnitsk/libcue")
     (synopsis "C library to parse cue sheets")
     (description "Libcue is a C library to parse so-called @dfn{cue sheets}
diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index 12cafb78e5..5f3faad105 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -906,4 +906,7 @@ and binaries, plus debugging symbols in the 'debug' output), and Binutils.")
 (define-public gcc-toolchain-5
   (gcc-toolchain gcc-final))
 
+(define-public gcc-toolchain-6
+  (gcc-toolchain gcc-6))
+
 ;;; commencement.scm ends here
diff --git a/gnu/packages/connman.scm b/gnu/packages/connman.scm
new file mode 100644
index 0000000000..cd0f6a9e2b
--- /dev/null
+++ b/gnu/packages/connman.scm
@@ -0,0 +1,89 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages connman)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix build-system gnu)
+  #:use-module (guix licenses)
+  #:use-module (guix utils)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages glib)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages readline)
+  #:use-module (gnu packages samba)
+  #:use-module (gnu packages tls)
+  #:use-module (gnu packages vpn))
+
+(define-public connman
+  (package
+    (name "connman")
+    (version "1.32")
+    (source
+      (origin
+        (method url-fetch)
+        (uri (string-append "mirror://kernel.org/linux/network/connman/"
+                            name "-" version ".tar.xz"))
+    (sha256
+     (base32
+      "0k4kw2j78gwxf0rq79a099qkzl6wi4v5i7rfs4rn0si0fd68d19i"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags
+       (list "--enable-nmcompat"
+             ;; "--enable-polkit"
+             "--enable-openconnect"
+             "--enable-openvpn"
+             "--enable-vpnc"
+             "--enable-pptp"
+             "--enable-l2tp"
+             (string-append
+              "--with-dbusconfdir=" (assoc-ref %outputs "out") "/etc")
+             (string-append
+              "--with-dbusdatadir=" (assoc-ref %outputs "out") "/share"))))
+    (native-inputs
+     `(("pkg-config", pkg-config)
+       ("python" ,python-2)))
+    (inputs
+     `(("dbus" ,dbus)
+       ("glib" ,glib)
+       ("gnutls" ,gnutls)
+       ("iptables" ,iptables)
+       ;; ("polkit" ,polkit) ; pkg-config cannot find polkit.pc
+       ("readline" ,readline)
+       ;; These inputs are needed for connman to include the interface to
+       ;; these technologies so IF they are installed they can be used.
+       ;; TODO: add neard, ofono
+       ("openconnect" ,openconnect)
+       ("openvpn" ,openvpn)
+       ("ppp", ppp)
+       ("vpnc" ,vpnc)
+       ("wpa-supplicant" ,wpa-supplicant)))
+    (home-page "https://01.org/connman")
+    (synopsis "Connection management daemon")
+    (description "Connman provides a daemon for managing Internet connections.
+The Connection Manager is designed to be slim and to use as few resources as
+possible. It is fully modular system that can be extended through plug-ins.
+The plug-in approach allows for easy adaption and modification for various use
+cases.  Connman implements DNS resolving and caching, DHCP clients for both
+IPv4 and IPv6, link-local IPv4 address handling and tethering (IP connection
+sharing) to clients via USB, ethernet, WiFi, cellular and Bluetooth.")
+    (license gpl2)))
diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm
index 22dfa15674..64d3e1ef67 100644
--- a/gnu/packages/cross-base.scm
+++ b/gnu/packages/cross-base.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -174,26 +175,30 @@ may be either a libc package or #f.)"
                       ;; Return #t if X is a cross-libc or cross Linux.
                       (or (string-prefix? libc x)
                           (string-prefix? kernel x)))
-
-                    (setenv "CROSS_CPATH"
-                            (string-append libc "/include:"
-                                           kernel "/include"))
+                    (let ((cpath (string-append
+                                  libc "/include"
+                                  ":" kernel "/include")))
+                      (for-each (cut setenv <> cpath)
+                                '("CROSS_C_INCLUDE_PATH"
+                                  "CROSS_CPLUS_INCLUDE_PATH"
+                                  "CROSS_OBJC_INCLUDE_PATH"
+                                  "CROSS_OBJCPLUS_INCLUDE_PATH")))
                     (setenv "CROSS_LIBRARY_PATH"
                             (string-append libc "/lib"))
-
-                    (let ((cpath   (search-path-as-string->list
-                                    (getenv "C_INCLUDE_PATH")))
-                          (libpath (search-path-as-string->list
-                                    (getenv "LIBRARY_PATH"))))
-                      (setenv "CPATH"
-                              (list->search-path-as-string
-                               (remove cross? cpath) ":"))
-                      (for-each unsetenv
-                                '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH"))
-                      (setenv "LIBRARY_PATH"
-                              (list->search-path-as-string
-                               (remove cross? libpath) ":"))
-                      #t)))
+                    (for-each
+                     (lambda (var)
+                       (and=> (getenv var)
+                              (lambda (value)
+                                (let* ((path (search-path-as-string->list value))
+                                       (native-path (list->search-path-as-string
+                                                     (remove cross? path) ":")))
+                                  (setenv var native-path)))))
+                              '("C_INCLUDE_PATH"
+                                "CPLUS_INCLUDE_PATH"
+                                "OBJC_INCLUDE_PATH"
+                                "OBJCPLUS_INCLUDE_PATH"
+                                "LIBRARY_PATH"))
+                    #t))
                 ,phases)
               phases)))))))
 
@@ -259,9 +264,19 @@ GCC that does not target a libc; otherwise, target that libc."
     (inputs '())
 
     ;; Only search target inputs, not host inputs.
+    ;; Note: See <http://bugs.gnu.org/22186> for why not 'CPATH'.
     (search-paths
      (list (search-path-specification
-            (variable "CROSS_CPATH")
+            (variable "CROSS_C_INCLUDE_PATH")
+            (files '("include")))
+           (search-path-specification
+            (variable "CROSS_CPLUS_INCLUDE_PATH")
+            (files '("include")))
+           (search-path-specification
+            (variable "CROSS_OBJC_INCLUDE_PATH")
+            (files '("include")))
+           (search-path-specification
+            (variable "CROSS_OBJCPLUS_INCLUDE_PATH")
             (files '("include")))
            (search-path-specification
             (variable "CROSS_LIBRARY_PATH")
@@ -316,9 +331,13 @@ XBINUTILS and the cross tool chain."
         `(alist-cons-before
           'configure 'set-cross-kernel-headers-path
           (lambda* (#:key inputs #:allow-other-keys)
-            (let ((kernel (assoc-ref inputs "kernel-headers")))
-              (setenv "CROSS_CPATH"
-                      (string-append kernel "/include"))
+            (let* ((kernel (assoc-ref inputs "kernel-headers"))
+                   (cpath (string-append kernel "/include")))
+              (for-each (cut setenv <> cpath)
+                        '("CROSS_C_INCLUDE_PATH"
+                          "CROSS_CPLUS_INCLUDE_PATH"
+                          "CROSS_OBJC_INCLUDE_PATH"
+                          "CROSS_OBJCPLUS_INCLUDE_PATH"))
               #t))
           ,phases))))
 
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 6676950a4d..1ccfb9e2ac 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -2,13 +2,14 @@
 ;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2012, 2014, 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
-;;; Copyright © 2014 David Thompson <davet@gnu.org>
+;;; Copyright © 2014, 2016 David Thompson <davet@gnu.org>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
 ;;; Copyright © 2015 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2016 Nils Gillmann <niasterisk@grrlz.net>
+;;; Copyright © 2016 Roel Janssen <roel@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -27,8 +28,12 @@
 
 (define-module (gnu packages databases)
   #:use-module (gnu packages)
+  #:use-module (gnu packages autotools)
+  #:use-module (gnu packages avahi)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages boost)
+  #:use-module (gnu packages gettext)
+  #:use-module (gnu packages glib)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages language)
   #:use-module (gnu packages linux)
@@ -40,9 +45,12 @@
   #:use-module (gnu packages check)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages curl)
+  #:use-module (gnu packages cyrus-sasl)
   #:use-module (gnu packages gnupg)
   #:use-module (gnu packages python)
   #:use-module (gnu packages pcre)
+  #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages rdf)
   #:use-module (gnu packages xml)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages jemalloc)
@@ -58,6 +66,51 @@
   #:use-module (srfi srfi-26)
   #:use-module (ice-9 match))
 
+(define-public 4store
+  (package
+    (name "4store")
+    (version "1.1.6")
+    (source (origin
+      (method url-fetch)
+      (uri (string-append "https://github.com/garlik/4store/archive/v"
+                          version ".tar.gz"))
+      (file-name (string-append name "-" version ".tar.gz"))
+      (sha256
+       (base32 "004fmcf1w75zhc1x3zc6kc97j4jqn2v5nhk6yb3z3cpfrhzi9j50"))
+      (patches (list (search-patch "4store-fix-buildsystem.patch")))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("perl" ,perl)
+       ("python" ,python-2)
+       ("autoconf" ,autoconf)
+       ("automake" ,automake)
+       ("gettext" ,gnu-gettext)
+       ("libtool" ,libtool)
+       ("pkg-config" ,pkg-config)))
+    (inputs
+     `(("glib" ,glib)
+       ("rasqal" ,rasqal)
+       ("libxml2" ,libxml2)
+       ("raptor2" ,raptor2)
+       ("readline" ,readline)
+       ("avahi" ,avahi)
+       ("pcre" ,pcre)
+       ("cyrus-sasl" ,cyrus-sasl)
+       ("openssl" ,openssl)
+       ("util-linux" ,util-linux)))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'generate-configure
+           (lambda _
+             (zero? (system* "./autogen.sh")))))))
+    ;; http://www.4store.org has been down for a while now.
+    (home-page "https://github.com/garlik/4store")
+    (synopsis "Clustered RDF storage and query engine")
+    (description "4store is a RDF/SPARQL store written in C, supporting
+either single machines or networked clusters.")
+      (license gpl3+)))
+
 (define-public gdbm
   (package
     (name "gdbm")
@@ -814,14 +867,14 @@ similar to BerkeleyDB, LevelDB, etc.")
 (define-public redis
   (package
     (name "redis")
-    (version "3.0.7")
+    (version "3.2.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "http://download.redis.io/releases/redis-"
                                   version".tar.gz"))
               (sha256
                (base32
-                "08vzfdr67gp3lvk770qpax2c5g2sx8hn6p64jn3jddrvxb2939xj"))))
+                "0ql7zp061xr66a1dzpa6a0ijm8zm133dd364va7q5h8avkrim7wq"))))
     (build-system gnu-build-system)
     (arguments
      '(#:tests? #f ; tests related to master/slave and replication fail
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 5c0bfc3f87..e92d8d26b8 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -66,14 +66,14 @@ and BOOTP/TFTP for network booting of diskless machines.")
 (define-public bind-utils
   (package
     (name "bind-utils")
-    (version "9.10.3-P4")
+    (version "9.10.4")
     (source (origin
               (method url-fetch)
               (uri (string-append "http://ftp.isc.org/isc/bind9/" version
                                   "/bind-" version ".tar.gz"))
               (sha256
                (base32
-                "0giys46ifypysf799w9v58kbaz1v3fbdzw3s212znifzzfsl9h1a"))))
+                "0mmhzi4483mkak47wj255a36g3v0yilxwfwlbckr1hssinri5m7q"))))
     (build-system gnu-build-system)
     (inputs
      ;; it would be nice to add GeoIP and gssapi once there is package
diff --git a/gnu/packages/documentation.scm b/gnu/packages/documentation.scm
new file mode 100644
index 0000000000..17a69e2c25
--- /dev/null
+++ b/gnu/packages/documentation.scm
@@ -0,0 +1,117 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2016 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages documentation)
+  #:use-module (guix licenses)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix build-system gnu)
+  #:use-module (guix build-system cmake)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages bison)
+  #:use-module (gnu packages flex)
+  #:use-module (gnu packages graphviz)
+  #:use-module (gnu packages gettext)
+  #:use-module (gnu packages perl)
+  #:use-module (gnu packages xml)
+  #:autoload   (gnu packages zip) (unzip))
+
+(define-public asciidoc
+  (package
+    (name "asciidoc")
+    (version "8.6.9")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://sourceforge/asciidoc/asciidoc-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "1w71nk527lq504njmaf0vzr93pgahkgzzxzglrq6bay8cw2rvnvq"))))
+    (build-system gnu-build-system)
+    (arguments '(#:tests? #f))                    ; no 'check' target
+    (inputs `(("python" ,python-2)))
+    (home-page "http://www.methods.co.nz/asciidoc/")
+    (synopsis "Text-based document generation system")
+    (description
+     "AsciiDoc is a text document format for writing notes, documentation,
+articles, books, ebooks, slideshows, web pages, man pages and blogs.
+AsciiDoc files can be translated to many formats including HTML, PDF,
+EPUB, man page.
+
+AsciiDoc is highly configurable: both the AsciiDoc source file syntax and
+the backend output markups (which can be almost any type of SGML/XML
+markup) can be customized and extended by the user.")
+    (license gpl2+)))
+
+(define-public doxygen
+  (package
+    (name "doxygen")
+    (version "1.8.11")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append "http://ftp.stack.nl/pub/users/dimitri/"
+                                 name "-" version ".src.tar.gz"))
+             (sha256
+              (base32
+               "0ja02pm3fpfhc5dkry00kq8mn141cqvdqqpmms373ncbwi38pl35"))
+             (patches (search-patches "doxygen-test.patch"))))
+    (build-system cmake-build-system)
+    (native-inputs
+     `(("bison" ,bison)
+       ("flex" ,flex)
+       ("libxml2" ,libxml2) ; provides xmllint for the tests
+       ("python" ,python-2))) ; for creating the documentation
+    (arguments
+     `(#:test-target "tests"))
+    (home-page "http://www.stack.nl/~dimitri/doxygen/")
+    (synopsis "Generate documentation from annotated sources")
+    (description "Doxygen is the de facto standard tool for generating
+documentation from annotated C++ sources, but it also supports other popular
+programming languages such as C, Objective-C, C#, PHP, Java, Python,
+IDL (Corba, Microsoft, and UNO/OpenOffice flavors), Fortran, VHDL, Tcl,
+and to some extent D.")
+    (license gpl3+)))
+
+(define-public doc++
+  (package
+    (name "doc++")
+    (version "3.4.10")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://sourceforge.net/projects/docpp/"
+                                  "files/doc++-" version ".tar.gz"))
+              (sha256
+               (base32
+                "0i37zlxl8g352s4hzpdx0657k5x3czh3xcsfr27irc708gb277pn"))
+              (patches (search-patches "doc++-include-directives.patch"
+                                       "doc++-segfault-fix.patch"))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("flex" ,flex)
+       ("gettext" ,gnu-gettext)))
+    (home-page "http://docpp.sourceforge.net/")
+    (synopsis "Documentation system for C, C++, IDL, and Java")
+    (description
+     "DOC++ is a documentation system for C, C++, IDL, and Java.  It can
+generate both TeX output for high-quality hardcopies or HTML output for online
+brwosing.  The documentation is extracted directly from the C/C++/IDL source
+or Java class files.")
+    (license gpl2+)))
diff --git a/gnu/packages/doxygen.scm b/gnu/packages/doxygen.scm
deleted file mode 100644
index 8e4cbb936c..0000000000
--- a/gnu/packages/doxygen.scm
+++ /dev/null
@@ -1,59 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014, 2016 Andreas Enge <andreas@enge.fr>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages doxygen)
-  #:use-module ((guix licenses) #:select (gpl3+))
-  #:use-module (guix packages)
-  #:use-module (guix download)
-  #:use-module (guix build-system cmake)
-  #:use-module (gnu packages)
-  #:use-module (gnu packages bison)
-  #:use-module (gnu packages flex)
-  #:use-module (gnu packages graphviz)
-  #:use-module (gnu packages perl)
-  #:use-module (gnu packages xml)
-  #:use-module (gnu packages python))
-
-(define-public doxygen
-  (package
-    (name "doxygen")
-    (version "1.8.11")
-    (source (origin
-             (method url-fetch)
-             (uri (string-append "http://ftp.stack.nl/pub/users/dimitri/"
-                                 name "-" version ".src.tar.gz"))
-             (sha256
-              (base32
-               "0ja02pm3fpfhc5dkry00kq8mn141cqvdqqpmms373ncbwi38pl35"))
-             (patches (search-patches "doxygen-test.patch"))))
-    (build-system cmake-build-system)
-    (native-inputs
-     `(("bison" ,bison)
-       ("flex" ,flex)
-       ("libxml2" ,libxml2) ; provides xmllint for the tests
-       ("python" ,python-2))) ; for creating the documentation
-    (arguments
-     `(#:test-target "tests"))
-    (home-page "http://www.stack.nl/~dimitri/doxygen/")
-    (synopsis "Generate documentation from annotated sources")
-    (description "Doxygen is the de facto standard tool for generating
-documentation from annotated C++ sources, but it also supports other popular
-programming languages such as C, Objective-C, C#, PHP, Java, Python,
-IDL (Corba, Microsoft, and UNO/OpenOffice flavors), Fortran, VHDL, Tcl,
-and to some extent D.")
-    (license gpl3+)))
diff --git a/gnu/packages/entr.scm b/gnu/packages/entr.scm
new file mode 100644
index 0000000000..0e0f875267
--- /dev/null
+++ b/gnu/packages/entr.scm
@@ -0,0 +1,66 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Matthew Jordan <matthewjordandevops@yandex.com>
+;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages entr)
+  #:use-module (guix licenses)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix build-system gnu))
+
+(define-public entr
+  (package
+    (name "entr")
+    (version "3.5")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://entrproject.org/code/entr-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "05k4jyjna0pr2dalwc1l1dhrcyk6pw7hbss7jl4ykwfadcs5br73"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:test-target "test"
+       #:phases (modify-phases %standard-phases
+                  (replace 'configure
+                    (lambda* (#:key outputs #:allow-other-keys)
+                      (let ((out (assoc-ref outputs "out")))
+                        (setenv "CONFIG_SHELL" (which "bash"))
+                        (setenv "CC" (which "gcc"))
+                        (setenv "DESTDIR" (string-append out "/"))
+                        (setenv "PREFIX" "")
+                        (setenv "MANPREFIX" "man")
+                        (zero? (system* "./configure")))))
+                  (add-before 'build 'remove-fhs-file-names
+                    (lambda _
+                      ;; Use the tools available in $PATH.
+                      (substitute* "entr.c"
+                        (("/bin/cat") "cat")
+                        (("/usr/bin/clear") "clear")))))))
+    (home-page "http://entrproject.org/")
+    (synopsis "Run arbitrary commands when files change")
+    (description
+     "entr is a zero-configuration tool with no external build- or run-time
+dependencies.  The interface to entr is not only minimal, it aims to be simple
+enough to create a new category of ad hoc automation.  These micro-tests
+reduce keystrokes, but more importantly they emphasize the utility of
+automated checks.")
+
+    ;; Per 'LICENSE', portability code under missing/ is under BSD-2.
+    (license isc)))
diff --git a/gnu/packages/fcitx.scm b/gnu/packages/fcitx.scm
index 925d5ac89b..c89896eafe 100644
--- a/gnu/packages/fcitx.scm
+++ b/gnu/packages/fcitx.scm
@@ -21,7 +21,7 @@
   #:use-module (guix packages)
   #:use-module (guix download)
   #:use-module (guix build-system cmake)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages enchant)
   #:use-module (gnu packages gettext)
   #:use-module (gnu packages glib)
diff --git a/gnu/packages/fish.scm b/gnu/packages/fish.scm
index 6392efe308..72e2156a35 100644
--- a/gnu/packages/fish.scm
+++ b/gnu/packages/fish.scm
@@ -18,7 +18,7 @@
 
 (define-module (gnu packages fish)
   #:use-module (guix licenses)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages python)
   #:use-module (guix packages)
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index 0ce7e6039d..3dfff146cd 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -46,23 +46,21 @@
 (define-public freetype
   (package
    (name "freetype")
-   (version "2.6")
+   (version "2.6.3")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://savannah/freetype/freetype-"
                                 version ".tar.bz2"))
             (sha256 (base32
-                     "0zilx15fwcpa8hmcxpc423jwb8ijw4qpq968kh18akvn4j0znsc4"))))
+                     "18k3b026762lmyrxfil5xv8qwnvj7hc12gz9bjqzbb12lmx707ip"))))
    (build-system gnu-build-system)
-   (arguments
-    `(#:phases
-       ;; This should not be necessary; reported upstream as
-       ;; https://savannah.nongnu.org/bugs/index.php?44261
-       (alist-cons-before
-        'configure 'set-paths
-        (lambda _
-          (setenv "CONFIG_SHELL" (which "bash")))
-        %standard-phases)))
+   (native-inputs
+    `(("pkg-config" ,pkg-config)))
+   (propagated-inputs
+    ;; These are all in the Requires.private field of freetype2.pc.
+    ;; XXX: add harfbuzz.
+    `(("libpng" ,libpng)
+      ("zlib" ,zlib)))
    (synopsis "Font rendering library")
    (description
     "Freetype is a library that can be used by applications to access the
@@ -361,16 +359,15 @@ applications should be.")
 (define-public graphite2
   (package
    (name "graphite2")
-   (version "1.3.6")
+   (version "1.3.8")
    (source
      (origin
        (method url-fetch)
-       (uri (string-append "https://github.com/silnrsi/graphite/archive/"
-                           version ".tar.gz"))
-       (file-name (string-append name "-" version ".tar.gz"))
+       (uri (string-append "https://github.com/silnrsi/graphite/releases/"
+                           "download/" version "/" name "-" version ".tgz"))
        (sha256
         (base32
-         "1frd9mjaqzvh9gs74ngc43igi53vzjzlwr5chbrs6ii1hc4aa23s"))))
+         "1hlc9j7w7gihy6gvzfa7902pr6yxq1sr1xkp5rwf0p29m2rjagwz"))))
    (build-system cmake-build-system)
    (native-inputs
     `(("python" ,python-2) ; because of "import imap" in tests
diff --git a/gnu/packages/freedesktop.scm b/gnu/packages/freedesktop.scm
index 24c4564689..a610776096 100644
--- a/gnu/packages/freedesktop.scm
+++ b/gnu/packages/freedesktop.scm
@@ -46,7 +46,7 @@
   #:use-module (gnu packages boost)
   #:use-module (gnu packages m4)
   #:use-module (gnu packages compression)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages libffi)
   #:use-module (gnu packages acl)
   #:use-module (gnu packages admin)
@@ -338,14 +338,14 @@ Analysis and Reporting Technology) functionality.")
 (define-public udisks
   (package
     (name "udisks")
-    (version "2.1.6")
+    (version "2.1.7")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://udisks.freedesktop.org/releases/"
                                   name "-" version ".tar.bz2"))
               (sha256
                (base32
-                "0spl155k0g2l2hvqf8xyjv08i68gfyhzpjva6cwlzxx0bz4gbify"))))
+                "119pr2zbff8vkwlhghim7d7ir24c1dil9hp4q49wm4f6pnrjpbmb"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin") ; for glib-mkenums
diff --git a/gnu/packages/game-development.scm b/gnu/packages/game-development.scm
index 414af14f28..8bfd2f1cb0 100644
--- a/gnu/packages/game-development.scm
+++ b/gnu/packages/game-development.scm
@@ -33,7 +33,7 @@
   #:use-module (gnu packages)
   #:use-module (gnu packages curl)
   #:use-module (gnu packages databases)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages gnunet)
   #:use-module (gnu packages guile)
@@ -129,7 +129,7 @@ provide connectivity for client applications written in any language.")
 (define-public tiled
   (package
     (name "tiled")
-    (version "0.15.1")
+    (version "0.16.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://github.com/bjorn/tiled/archive/v"
@@ -137,7 +137,7 @@ provide connectivity for client applications written in any language.")
               (file-name (string-append name "-" version ".tar.gz"))
               (sha256
                (base32
-                "10bbjdv5r36229r1dqg32bxcj9yvpkx9jgs9v4s1qb71v856b15h"))))
+                "0s1i6yhm1z9ayzjh8cprcc9jvj5m87l9snyqg6w7zlj3q9zn4rn6"))))
     (build-system gnu-build-system)
     (inputs `(("qt" ,qt)
               ("zlib" ,zlib)))
@@ -374,15 +374,7 @@ etc.")
              "-DENABLE_UPDATER=0" ; no auto-updates
              (string-append "-DFREETYPE_INCLUDE_DIR="
                             (assoc-ref %build-inputs "freetype")
-                            "/include/freetype2"))
-       #:phases
-       (modify-phases %standard-phases
-         (add-after 'unpack 'patch-freetype-utils
-           (lambda _
-             ;; Fix C preprocessor include directive.
-             (substitute* '("src/app/util/freetype_utils.cpp")
-               (("freetype/") ""))
-             #t)))))
+                            "/include/freetype2"))))
     (native-inputs
      `(("pkg-config" ,pkg-config)))
     ;; TODO: Use a patched Allegro 4 that supports window resizing.  This
diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm
index 34998cea28..75f926edce 100644
--- a/gnu/packages/games.scm
+++ b/gnu/packages/games.scm
@@ -19,6 +19,7 @@
 ;;; Copyright © 2016 Nils Gillmann <niasterisk@grrlz.net>
 ;;; Copyright © 2016 Albin Söderqvist <albin@fripost.org>
 ;;; Copyright © 2016 Kei Yamashita <kei@openmailbox.org>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -92,6 +93,7 @@
   #:use-module (gnu packages xml)
   #:use-module (gnu packages tcl)
   #:use-module (gnu packages fribidi)
+  #:use-module (gnu packages xdisorg)
   #:use-module (guix build-system trivial)
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system haskell)
@@ -1021,14 +1023,14 @@ falling, themeable graphics and sounds, and replays.")
 (define-public wesnoth
   (package
     (name "wesnoth")
-    (version "1.12.4")
+    (version "1.12.5")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://sourceforge/wesnoth/"
                                   name "-" version ".tar.bz2"))
               (sha256
                (base32
-                "19qyylylaljhk45lk2ja0xp7cx9iy4hx07l65zkg20a2v9h50lmz"))))
+                "07d8ms9ayswg2g530p0zwmz3d77zv68l6nmc718iq9sbv90av6jr"))))
     (build-system cmake-build-system)
     (arguments
      '(#:tests? #f ; no check target
@@ -2097,7 +2099,7 @@ the chat server psyced with the specific config located at
 http://lavachat.symlynx.com/unix/")
     (license license:gpl2+)))
 
-(define-public redeclipse
+(define-public red-eclipse
   (let ((data-sources
          '(("acerspyro"   "0gxxr6nbac918b49x1cp72nw951hqm5m4iyi2shb1612ly384w8q")
            ("actors"      "1jq9q82m6nx07nwpb5cnpdcwa33jrcgg0j2yir8zk6zpnxdmp0il")
@@ -2133,7 +2135,7 @@ http://lavachat.symlynx.com/unix/")
            ("weapons"     "1ghn6nfcnd5lyl8dnj22csldvf9hrb32wjzpab4sjjz3iyv0zmr3")
            ("wicked"      "0q9badvg6ix5rhl05s83kw2v6a49jpnbkqk4ls89qahaddfagi8g"))))
     (package
-      (name "redeclipse")
+      (name "red-eclipse")
       (version "1.5.3")
       (source (origin
                 (method url-fetch)
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index 04d3f93369..0ec8026bb8 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -29,7 +29,7 @@
   #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages dejagnu)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages xml)
   #:use-module (gnu packages docbook)
   #:use-module (gnu packages graphviz)
@@ -357,6 +357,19 @@ Go.  It also includes runtime support libraries for these languages.")
     ;; GCC 5 ships with .info files, so no need for Texinfo.
     (native-inputs '())))
 
+(define-public gcc-6
+  (package
+    (inherit gcc-5)
+    (version "6.1.0")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnu/gcc/gcc-"
+                                  version "/gcc-" version ".tar.bz2"))
+              (sha256
+               (base32
+                "0ld3y4rgimyqgx1nwvzqyl5gr4wzc0ch4akkvsqp3fgbmdfcii09"))
+              (patches (search-patches "gcc-5.0-libvtv-runpath.patch"))))))
+
 ;; Note: When changing the default gcc version, update
 ;;       the gcc-toolchain-* definitions accordingly.
 (define-public gcc gcc-5)
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index e7e9df8dff..70020520eb 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -35,6 +35,7 @@
   #:use-module (gnu packages gettext)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages libffi)
+  #:use-module (gnu packages pcre)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
@@ -59,7 +60,7 @@
 (define dbus
   (package
     (name "dbus")
-    (version "1.10.0")
+    (version "1.10.8")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -67,7 +68,7 @@
                     version ".tar.gz"))
               (sha256
                (base32
-                "0jwj7wlrhq5y0fwfh8k2d9rgdpfax06lj8698g6iqbwrzd2rgyqx"))
+                "0560y3hxpgh346w6avcrcz79c8ansmn771y5xpcvvlr6m8mx5wxs"))
               (patches (search-patches "dbus-helper-search-path.patch"))))
     (build-system gnu-build-system)
     (arguments
@@ -129,7 +130,7 @@ shared NFS home directories.")
 (define glib
   (package
    (name "glib")
-   (version "2.46.1")
+   (version "2.48.0")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/"
@@ -137,16 +138,14 @@ shared NFS home directories.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "1yzxr1ip3l0m9ydk5nq32piq70c9f17p5f0jyvlsghzbaawh67ss"))
-            (patches (search-patches "glib-tests-homedir.patch"
-                                     "glib-tests-desktop.patch"
-                                     "glib-tests-prlimit.patch"
-                                     "glib-tests-timer.patch"
-                                     "glib-tests-gapplication.patch"))))
+              "0d3w2hblrw7vvpx60l1kbvb830ygn3v8zhwdz65cc5593j9ycjvl"))
+            (patches (search-patches "glib-tests-timer.patch"))))
    (build-system gnu-build-system)
    (outputs '("out"           ; everything
               "bin"           ; glib-mkenums, gtester, etc.; depends on Python
               "doc"))         ; 20 MiB of GTK-Doc reference
+   (propagated-inputs
+    `(("pcre" ,pcre))) ; in the Requires.private field of glib-2.0.pc
    (inputs
     `(("coreutils" ,coreutils)
       ("libffi" ,libffi)
@@ -160,29 +159,87 @@ shared NFS home directories.")
       ("perl" ,perl)                              ; needed by GIO tests
       ("bash" ,bash)))
    (arguments
-    '(#:phases (alist-cons-before
-                'build 'pre-build
-                (lambda* (#:key inputs outputs #:allow-other-keys)
-                  ;; For tests/gdatetime.c.
-                  (setenv "TZDIR"
-                          (string-append (assoc-ref inputs "tzdata")
-                                         "/share/zoneinfo"))
-
-                  ;; Some tests want write access there.
-                  (setenv "XDG_CACHE_HOME" (getcwd))
-
-                  (substitute* '("glib/gspawn.c"
-                                 "glib/tests/utils.c"
-                                 "tests/spawn-test.c")
-                    (("/bin/sh")
-                     (string-append (assoc-ref inputs "bash") "/bin/sh")))
-
-                  ;; Disable a test that requires dbus.
-                  (substitute* "gio/tests/gdbus-serialization.c"
-                    (("g_test_add_func \
-\\(\"/gdbus/message-serialize/double-array\", test_double_array\\);" all)
-                     (string-append "/* " all " */"))))
-                %standard-phases)
+    '(#:phases
+      (modify-phases %standard-phases
+        (add-before 'build 'pre-build
+          (lambda* (#:key inputs outputs #:allow-other-keys)
+            ;; For tests/gdatetime.c.
+            (setenv "TZDIR"
+                    (string-append (assoc-ref inputs "tzdata")
+                                   "/share/zoneinfo"))
+
+            ;; Some tests want write access there.
+            (setenv "HOME" (getcwd))
+            (setenv "XDG_CACHE_HOME" (getcwd))
+
+            (substitute* '("glib/gspawn.c"
+                           "glib/tests/utils.c"
+                           "tests/spawn-test.c")
+              (("/bin/sh")
+               (string-append (assoc-ref inputs "bash") "/bin/sh")))))
+        (add-before 'check 'disable-failing-tests
+          (lambda _
+            (let ((disable
+                   (lambda (test-file test-paths)
+                     (define pattern+procs
+                       (map (lambda (test-path)
+                              (cons
+                               ;; XXX: only works for single line statements.
+                               (format #f "g_test_add_func.*\"~a\".*" test-path)
+                               (const "")))
+                            test-paths))
+                     (substitute test-file pattern+procs)))
+                  (failing-tests
+                   '(("glib/tests/thread.c"
+                      (;; prlimit(2) returns ENOSYS on Linux 2.6.32-5-xen-amd64
+                       ;; as found on hydra.gnu.org, and strace(1) doesn't
+                       ;; recognize it.
+                       "/thread/thread4"))
+
+                     ("glib/tests/timer.c"
+                      (;; fails if compiler optimizations are enabled, which they
+                       ;; are by default.
+                       "/timer/stop"))
+
+                     ("gio/tests/gapplication.c"
+                      (;; XXX: proven to be unreliable.  See:
+                       ;;  <https://bugs.debian.org/756273>
+                       ;;  <http://bugs.gnu.org/18445>
+                       "/gapplication/quit"
+
+                       ;; XXX: fails randomly for unknown reason. See:
+                       ;;  <https://lists.gnu.org/archive/html/guix-devel/2016-04/msg00215.html>
+                       "/gapplication/local-actions"))
+
+                     ("gio/tests/contenttype.c"
+                      (;; XXX: requires shared-mime-info.
+                       "/contenttype/guess"
+                       "/contenttype/subtype"
+                       "/contenttype/list"
+                       "/contenttype/icon"
+                       "/contenttype/symbolic-icon"
+                       "/contenttype/tree"))
+
+                     ("gio/tests/appinfo.c"
+                      (;; XXX: requires update-desktop-database.
+                       "/appinfo/associations"))
+
+                     ("gio/tests/desktop-app-info.c"
+                      (;; XXX: requires update-desktop-database.
+                       "/desktop-app-info/delete"
+                       "/desktop-app-info/default"
+                       "/desktop-app-info/fallback"
+                       "/desktop-app-info/lastused"
+                       "/desktop-app-info/search"))
+
+                     ("gio/tests/gdbus-peer.c"
+                      (;; Requires /etc/machine-id.
+                       "/gdbus/codegen-peer-to-peer"))
+
+                     ("gio/tests/gdbus-unix-addresses.c"
+                      (;; Requires /etc/machine-id.
+                       "/gdbus/x11-autolaunch")))))
+              (and-map (lambda (x) (apply disable x)) failing-tests)))))
 
       ;; Note: `--docdir' and `--htmldir' are not honored, so work around it.
       #:configure-flags (list (string-append "--with-html-dir="
@@ -218,14 +275,14 @@ dynamic loading, and an object system.")
 (define gobject-introspection
   (package
     (name "gobject-introspection")
-    (version "1.46.0")
+    (version "1.48.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/"
                    "gobject-introspection/" (version-major+minor version)
                    "/gobject-introspection-" version ".tar.xz"))
              (sha256
-              (base32 "0cs27r18fga44ypp8icy62fwx6nh70r1bvhi4lzfn4w85cybsn36"))
+              (base32 "0xsqwxhfqzr79av89mg766kxpb2i41bd0vwspk01xjdzrnn5l9zs"))
              (modules '((guix build utils)))
              (snippet
               '(substitute* "tools/g-ir-tool-template.in"
@@ -237,7 +294,6 @@ dynamic loading, and an object system.")
     (build-system gnu-build-system)
     (inputs
      `(("bison" ,bison)
-       ("cairo" ,cairo)
        ("flex" ,flex)
        ("glib" ,glib)
        ("python-2" ,python-2)))
@@ -395,7 +451,7 @@ by GDBus included in Glib.")
 (define libsigc++
   (package
     (name "libsigc++")
-    (version "2.6.1")
+    (version "2.8.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/libsigc++/"
@@ -403,7 +459,7 @@ by GDBus included in Glib.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "06xyvxaaxh3nbpjg86gcq5zcc2qnpx354wcfrqlhbndkq5kj2vqq"))))
+               "0lcnzzdq6718znfshs1hflpwqq6awbzwdyp4kv5lfaf54z880jbp"))))
     (build-system gnu-build-system)
     (native-inputs `(("pkg-config" ,pkg-config)
                      ("m4" ,m4)))
@@ -422,7 +478,7 @@ has an ease of use unmatched by other C++ callback libraries.")
 (define glibmm
   (package
     (name "glibmm")
-    (version "2.46.3")
+    (version "2.48.1")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/glibmm/"
@@ -430,7 +486,7 @@ has an ease of use unmatched by other C++ callback libraries.")
                                  "/glibmm-" version ".tar.xz"))
              (sha256
               (base32
-               "1kw65mlabwdjw86jybxslncbnnx40hcx4z6xpq9i4ymjvsnm91n7"))))
+               "1pvw2mrm03p51p03179rb6fk9p42iykkwj1jcdv7jr265xymy8nw"))))
     (build-system gnu-build-system)
     (arguments
      `(#:phases (alist-cons-before
@@ -503,7 +559,7 @@ useful for C++.")
 (define-public python-pygobject
   (package
     (name "python-pygobject")
-    (version "3.18.0")
+    (version "3.20.0")
     (source
      (origin
        (method url-fetch)
@@ -512,7 +568,7 @@ useful for C++.")
                            "/pygobject-" version ".tar.xz"))
        (sha256
         (base32
-         "1jbd2m39vcjh5h3m33l0317ziq8dxfzi40r6hrfcs4rp5l8s2fqw"))))
+         "0ikzh3l7g1gjh8jj8vg6mdvrb25svp63gxcam4m0i404yh0lgari"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("which" ,which)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 0fd1d5bb29..83e4f83163 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -93,7 +93,6 @@
   #:use-module (gnu packages xml)
   #:use-module (gnu packages geeqie)
   #:use-module (gnu packages gl)
-  #:use-module (gnu packages qt)  ; for libxkbcommon
   #:use-module (gnu packages compression)
   #:use-module (gnu packages texlive)
   #:use-module (gnu packages tls)
@@ -188,7 +187,7 @@ commonly used macros.")
 (define-public gnome-desktop
   (package
     (name "gnome-desktop")
-    (version "3.18.1")
+    (version "3.20.1")
     (source
      (origin
       (method url-fetch)
@@ -197,7 +196,7 @@ commonly used macros.")
                           name "-" version ".tar.xz"))
       (sha256
        (base32
-        "0avpmyhzz5b3pyfpkp8iq5ym5r5w7zs3a396hqkdpdsiym0vrazc"))))
+        "0h6185lmkaf49dr43pb6gsb9yi25rc32n7dq5186hwln38mppb3f"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("gobject-introspection" ,gobject-introspection)
@@ -265,7 +264,7 @@ and keep up to date translations of documentation.")
 (define-public gcr
   (package
     (name "gcr")
-    (version "3.18.0")
+    (version "3.20.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
@@ -273,7 +272,7 @@ and keep up to date translations of documentation.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "006f6xbd3jppkf9avg83mpqdld5d0z6mr0sm81lql52mmyjnvlfl"))))
+               "0ydk9dzxx6snxza7j5ps8x932hbr3x1b8hhcaqjq4w4admi2qmwh"))))
     (build-system gnu-build-system)
     (arguments
      '(#:tests? #f ;25 of 598 tests fail because /var/lib/dbus/machine-id does
@@ -342,7 +341,7 @@ GNOME Desktop.")
 (define-public gnome-keyring
   (package
     (name "gnome-keyring")
-    (version "3.18.3")
+    (version "3.20.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
@@ -350,7 +349,7 @@ GNOME Desktop.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "167dq1yvm080g5s38hqjl0xx5cgpkcl1xqy9p5sxmgc92zb0srrz"))))
+               "16gcwwcg91ipxjmiyi4c4njvnxixmv1i278p0bilc3lafk6ww5xw"))))
     (build-system gnu-build-system)
     (arguments
      `(#:tests? #f ;48 of 603 tests fail because /var/lib/dbus/machine-id does
@@ -410,7 +409,7 @@ forgotten when the session ends.")
 (define-public evince
   (package
     (name "evince")
-    (version "3.18.1")
+    (version "3.20.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
@@ -418,7 +417,7 @@ forgotten when the session ends.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "0cccmbvl1b6d2976642iyfr8g3r69zf3mzl2ln6vjvvdbrv26l3v"))))
+               "1052lm4i5qq27sgk6ck5xc1cxh0qx4zzhifjhmzjlv38afj5i0yg"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      `(#:configure-flags '("--disable-nautilus")
@@ -474,7 +473,7 @@ on the GNOME Desktop with a single simple application.")
 (define-public gsettings-desktop-schemas
   (package
     (name "gsettings-desktop-schemas")
-    (version "3.18.0")
+    (version "3.20.0")
     (source
      (origin
       (method url-fetch)
@@ -483,7 +482,7 @@ on the GNOME Desktop with a single simple application.")
                           name "-" version ".tar.xz"))
       (sha256
        (base32
-        "1szc857f46spdhrbnq9ci3kwfqg5vwpikbf0hprq6vd94rr369xs"))))
+        "1hfrqqsmqscgbnaikmyq4yq8h72554wdg13algh5bf8a7i9ip92m"))))
     (build-system gnu-build-system)
     (inputs
      `(("glib" ,glib)))
@@ -599,7 +598,7 @@ update-desktop-database: updates the database containing a cache of MIME types
 (define-public adwaita-icon-theme
   (package (inherit gnome-icon-theme)
     (name "adwaita-icon-theme")
-    (version "3.18.0")
+    (version "3.20")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -607,19 +606,19 @@ update-desktop-database: updates the database containing a cache of MIME types
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0n0fqlg55krw8pgn4z2vxnxh65lyvcydqkrr7klqxp8z00kfg72y"))))))
+                "0ddfwwqx8s63qbqimmbb015lqsab4s0rvy1j81jdsh7k95rqh2ks"))))))
 
 (define-public shared-mime-info
   (package
     (name "shared-mime-info")
-    (version "1.2")
+    (version "1.6")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://freedesktop.org/~hadess/"
                                  "shared-mime-info-" version ".tar.xz"))
              (sha256
               (base32
-               "0y5vi0vr6rbhvfzcfg57cfskn362bpvcpca9cy598nmr87i6lld5"))))
+               "0k637g047gci8g69bg4g19akylpfraxm40hd30j3i4v7cidziy5j"))))
     (build-system gnu-build-system)
     (arguments
      ;; The build system appears not to be parallel-safe.
@@ -697,7 +696,7 @@ some form of information without getting in the user's way.")
 (define-public libpeas
   (package
     (name "libpeas")
-    (version "1.16.0")
+    (version "1.18.0")
     (source
      (origin
       (method url-fetch)
@@ -706,14 +705,14 @@ some form of information without getting in the user's way.")
                           name "-" version ".tar.xz"))
       (sha256
        (base32
-        "0kj5n5hz93xq7qdb2r7n86nibzwqjr88jxaih1fdbxv5rn7014xh"))))
+        "09jy2rwwgp0xx7cnypxl56m7zzxnj3j4v58xqjxjasf3chn88jdz"))))
     (build-system gnu-build-system)
     (inputs
-     `(("atk" ,atk)
-       ("gdk-pixbuf" ,gdk-pixbuf)
-       ("glib" ,glib)
-       ("gtk+" ,gtk+)
-       ("pango" ,pango)))
+     `(("gtk+" ,gtk+)
+       ("glade" ,glade3)
+       ("libxml2" ,libxml2) ; XXX: required by gladeui-2.0.pc
+       ("python" ,python)
+       ("python-pygobject" ,python-pygobject)))
     (native-inputs
      `(("pkg-config" ,pkg-config)
        ("glib:bin" ,glib "bin")
@@ -760,7 +759,7 @@ API add-ons to make GTK+ widgets OpenGL-capable.")
 (define-public glade3
   (package
     (name "glade")
-    (version "3.18.3")
+    (version "3.20.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -768,8 +767,8 @@ API add-ons to make GTK+ widgets OpenGL-capable.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0lk4nvd5s8px9i0pbq7bncikgn2lpx7vjh787d3cvzpvwx3cxnzc"))))
-    (build-system gnu-build-system)
+                "1zhqvhagy0m85p54jfiayfl0v9af7g0lj7glw8sfwh7cbp56vnc2"))))
+    (build-system glib-or-gtk-build-system)
     (arguments
      `(#:tests? #f ; needs X, GL, and software rendering
        #:phases
@@ -804,7 +803,7 @@ the GNOME desktop environment.")
 (define-public libcroco
   (package
     (name "libcroco")
-    (version "0.6.8")
+    (version "0.6.11")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -812,7 +811,7 @@ the GNOME desktop environment.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0w453f3nnkbkrly7spx5lx5pf6mwynzmd5qhszprq8amij2invpa"))))
+                "0mm0wldbi40am5qn0nv7psisbg01k42rwzjxl3gv11l5jj554aqk"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)))
@@ -834,7 +833,7 @@ XML/CSS rendering engine.")
 (define-public libgsf
   (package
     (name "libgsf")
-    (version "1.14.34")
+    (version "1.14.36")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -842,7 +841,7 @@ XML/CSS rendering engine.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0a5m1i5gp4m2z0cn2x1rrdm8wgrr04bzv65l8pgp6jipw13s9zph"))))
+                "0h19ssxzz0cmznwga2xy55kjibm24mwxqarnpd0w7xy0hrzm1dvi"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("intltool" ,intltool)
@@ -867,7 +866,7 @@ dealing with different structured file formats.")
 (define-public librsvg
   (package
     (name "librsvg")
-    (version "2.40.13")
+    (version "2.40.15")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -875,12 +874,12 @@ dealing with different structured file formats.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "014q7gz6mgfa7pfn0lr13qqv568ad8j1sw9d4vksnpazq0zajvjd"))))
+                "1x05vd2llpmskq3prkp7kbpmshmpp9whj4kfl99ybipf4fhw9jnr"))))
     (build-system gnu-build-system)
     (arguments
      `(#:phases
        (alist-cons-before
-        'configure 'augment-gir-search-path
+        'configure 'pre-configure
         (lambda* (#:key inputs #:allow-other-keys)
           (substitute* "gdk-pixbuf-loader/Makefile.in"
             ;; By default the gdk-pixbuf loader is installed under
@@ -889,24 +888,10 @@ dealing with different structured file formats.")
              (string-append "gdk_pixbuf_moduledir = "
                             "$(prefix)/lib/gdk-pixbuf-2.0/2.10.0/"
                              "loaders\n"))
-            ;; Likewise, create a separate 'loaders.cache' file.
+            ;; Drop the 'loaders.cache' file, it's in gdk-pixbuf+svg.
             (("gdk_pixbuf_cache_file = .*$")
-             "gdk_pixbuf_cache_file = $(gdk_pixbuf_moduledir).cache\n")))
-        (alist-cons-after
-         'install 'generate-full-cache
-         (lambda* (#:key inputs outputs #:allow-other-keys)
-           (let ((loaders-directory
-                  (string-append (assoc-ref outputs "out")
-                                 "/lib/gdk-pixbuf-2.0/2.10.0/loaders")))
-             (zero?
-              (system
-               (string-append
-                "gdk-pixbuf-query-loaders "
-                loaders-directory "/libpixbufloader-svg.so "
-                (string-join (find-files (assoc-ref inputs "gdk-pixbuf")
-                                         "libpixbufloader-.*\\.so") " ")
-                "> " loaders-directory ".cache")))))
-         %standard-phases))))
+             "gdk_pixbuf_cache_file = $(TMPDIR)/loaders.cache\n")))
+        %standard-phases)))
     (native-inputs
      `(("pkg-config" ,pkg-config)
        ("glib" ,glib "bin")                               ; glib-mkenums, etc.
@@ -1339,14 +1324,7 @@ widgets built in the loading process.")
                                   name "-" version ".tar.bz2"))
               (sha256
                (base32
-                "129ka3nn8gx9dlfry17ib79azxk45wzfv5rgqzw6dwx2b5ns8phm"))
-              (modules '((guix build utils)))
-              (snippet
-               ;; Adapt to newer freetype. As the package is deprecated, there
-               ;; is no use in creating a patch and reporting it.
-               '(substitute* '("libgnomeprint/gnome-font-face.c"
-                               "libgnomeprint/gnome-rfont.c")
-                  (("freetype/") "freetype2/")))))
+                "129ka3nn8gx9dlfry17ib79azxk45wzfv5rgqzw6dwx2b5ns8phm"))))
     (build-system gnu-build-system)
     (inputs
      `(("popt" ,popt)
@@ -1443,14 +1421,14 @@ controls using the Bonobo component framework.")
 (define-public libwnck
   (package
     (name "libwnck")
-    (version "3.14.0")
+    (version "3.14.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
                                   (version-major+minor version) "/"
                                   name "-" version ".tar.xz"))
               (sha256
-               (base32 "074jww04z8g9r1acndqap79wx4kbm3rpkf4lcg1v82b66iv0027m"))))
+               (base32 "1ymya8gkjygvg0i901wr3q6ihfqxx5yf4g4pb6fag2iw8af3qr5v"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)
@@ -1489,14 +1467,14 @@ Hints specification (EWMH).")
 (define-public goffice
   (package
     (name "goffice")
-    (version "0.10.24")
+    (version "0.10.28")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
                                   (version-major+minor version)  "/"
                                   name "-" version ".tar.xz"))
               (sha256
-               (base32 "0nmghi26dpjcw7knkviq031crhm0zjy4k650pv1jj3hb1fmhx9yd"))))
+               (base32 "12rsgxrixkfpk420gv026i74pnlgqjzsvm6vffrmih54w46hd3q6"))))
     (build-system gnu-build-system)
     (outputs '("out"
                "doc"))                            ;4.1 MiB of gtk-doc
@@ -1554,7 +1532,7 @@ Hints specification (EWMH).")
 (define-public gnumeric
   (package
     (name "gnumeric")
-    (version "1.12.24")
+    (version "1.12.28")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -1562,7 +1540,7 @@ Hints specification (EWMH).")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0lcm8k0jb8rd5y4ii803f21nv8rx6gc3mmdlrj5h0rkkn9qm57f5"))))
+                "1fsdp7r6fhc0m3fb4ly4xwh83v3hp2zrv9d0713g4lcy709svm02"))))
     (build-system gnu-build-system)
     (arguments
      `(;; The gnumeric developers don't worry much about failing tests.
@@ -1591,10 +1569,11 @@ Hints specification (EWMH).")
        ("libxml2" ,libxml2)
        ("libxslt" ,libxslt)
        ("python" ,python-2)
-       ("python2-pygobject" ,python2-pygobject-2)
+       ("python2-pygobject" ,python2-pygobject)
        ("zlib" ,zlib)))
     (native-inputs
-     `(("intltool" ,intltool)
+     `(("bison" ,bison)
+       ("intltool" ,intltool)
        ("glib:bin" ,glib "bin")
        ("pkg-config" ,pkg-config)))
     (home-page "http://www.gnumeric.org")
@@ -1612,7 +1591,7 @@ engineering.")
 (define-public gnome-themes-standard
   (package
     (name "gnome-themes-standard")
-    (version "3.18.0")
+    (version "3.20")
     (source
      (origin
        (method url-fetch)
@@ -1621,7 +1600,7 @@ engineering.")
                            version ".tar.xz"))
        (sha256
         (base32
-         "1jxss8kxszhf66vic9n1sagczm5amm0mgxpzyxyjna15q82fnip6"))))
+         "1p1vvmzfky1ax3yv9ld10xgqwydhmglxpgq3skrfc4539nrq9phw"))))
     (build-system gnu-build-system)
     (inputs
      `(("gtk+" ,gtk+)
@@ -1633,18 +1612,6 @@ engineering.")
      `(("intltool" ,intltool)
        ("glib:bin" ,glib "bin")
        ("pkg-config" ,pkg-config)))
-    (arguments
-     `(#:phases
-       (alist-cons-before
-        'build 'use-full-cache
-        ;; Use librsvg's loaders.cache instead of the one provided by
-        ;; gdk-pixbuf because the latter does not include support for SVG
-        ;; files.
-        (lambda* (#:key inputs #:allow-other-keys)
-          (setenv "GDK_PIXBUF_MODULE_FILE"
-                  (car (find-files (assoc-ref inputs "librsvg")
-                                   "loaders\\.cache"))))
-        %standard-phases)))
     (home-page "https://launchpad.net/gnome-themes-standard")
     (synopsis "Default GNOME 3 themes")
     (description
@@ -1654,7 +1621,7 @@ engineering.")
 (define-public seahorse
   (package
     (name "seahorse")
-    (version "3.18.0")
+    (version "3.20.0")
     (source
      (origin
        (method url-fetch)
@@ -1663,7 +1630,7 @@ engineering.")
                            version ".tar.xz"))
        (sha256
         (base32
-         "0rxnq47xcagmpqb63g49ay3lfiyjjnmmiay9yifx5jn406d8h32k"))))
+         "1py6fj19kb8aaxvg6yrpd0876azc2zjvis98aqz37a2lxmhp9c72"))))
     (build-system glib-or-gtk-build-system)
     (inputs
      `(("gtk+" ,gtk+)
@@ -1690,7 +1657,7 @@ passwords in the GNOME keyring.")
 (define-public vala
   (package
     (name "vala")
-    (version "0.30.0")
+    (version "0.32.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -1698,7 +1665,7 @@ passwords in the GNOME keyring.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1pyyhfw3zzbhxfscbn8xz70dg6vx0kh8gshzikpxczhg01xk7w31"))))
+                "0vpvq403vdd25irvgk7zibz3nw4x4i17m0dgnns8j1q4vr7am8h7"))))
     (build-system gnu-build-system)
     (arguments
      '(#:phases
@@ -1730,7 +1697,7 @@ libraries written in C.")
 (define-public vte
   (package
     (name "vte")
-    (version "0.42.3")
+    (version "0.44.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -1738,8 +1705,16 @@ libraries written in C.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1832mrw2hhgjipbsfsv2fmdnwnar4rkx589ciz008bg8x908mscn"))))
+                "0kjxzqcwqxky0l7bl8ydn9hl6fm1f0k2pl91wbbhyq4z6d4dabbi"))))
     (build-system gnu-build-system)
+    (arguments
+     ;; XXX: fails to compile tests with the default flags.
+     ;; vteconv.cc:774:40:
+     ;;    error: missing sentinel in function call [-Werror=format=]
+     ;;    g_test_init (&argc, &argv, NULL);
+     ;;
+     ;; cc1plus: some warnings being treated as errors
+     '(#:configure-flags '("CXXFLAGS=-Wformat=0")))
     (native-inputs
      `(("pkg-config" ,pkg-config)
        ("intltool" ,intltool)
@@ -1806,7 +1781,7 @@ editors, IDEs, etc.")
 (define-public dconf
   (package
     (name "dconf")
-    (version "0.24.0")
+    (version "0.26.0")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -1815,7 +1790,7 @@ editors, IDEs, etc.")
                     name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1hpy6336f0pbkyranywm4872i5in0xn7jf40a66xdmzls77f0ws3"))))
+                "1jaqsr1r0grpd25rbsc2v3vb0sc51lia9w31wlqswgqsncp2k0w6"))))
     (build-system glib-or-gtk-build-system)
     (inputs
      `(("gtk+" ,gtk+)
@@ -1860,7 +1835,7 @@ configuration storage systems.")
 (define-public json-glib
   (package
     (name "json-glib")
-    (version "1.0.4")
+    (version "1.2.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -1868,7 +1843,7 @@ configuration storage systems.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1k85vvb2prmk8aa8hmr2rp9rnbhffjgnmr18b13g24xxnqy5kww0"))
+                "1lx7p1c7cl21byvfgw92n8dhm09vi6qxrs0zkx9dg3y096zdzmlr"))
               (modules '((guix build utils)))
               (snippet
                ;; Don't duplicate test names.
@@ -1967,7 +1942,7 @@ library.")
 (define-public glib-networking
   (package
     (name "glib-networking")
-    (version "2.46.1")
+    (version "2.48.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/glib-networking/"
@@ -1975,7 +1950,7 @@ library.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1cchmi08jpjypgmm9i7xzh5qfg2q5k61kry9ns8mhw3z44a440ym"))
+                "0jm4pr91kbq7rcyll08840zkagb9vfhhm2ymyrd1q0b0k2mj76fg"))
               (patches
                (search-patches "glib-networking-ssl-cert-file.patch"))))
     (build-system gnu-build-system)
@@ -2015,7 +1990,7 @@ library.")
 (define-public rest
   (package
     (name "rest")
-    (version "0.7.93")
+    (version "0.8.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/rest/"
@@ -2023,7 +1998,7 @@ library.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "05mj10hhiik23ai8w4wkk5vhsp7hcv24bih5q3fl82ilam268467"))))
+                "0iznvzhab1jq9z3nwy97dh2pid9azwkqm7kkxwx0f5ql1hh9pf77"))))
     (build-system gnu-build-system)
     (arguments
      '(#:tests? #f ; tests require internet connection
@@ -2049,7 +2024,7 @@ libxml to ease remote use of the RESTful API.")
 (define-public libsoup
   (package
     (name "libsoup")
-    (version "2.52.1")
+    (version "2.54.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/libsoup/"
@@ -2057,7 +2032,7 @@ libxml to ease remote use of the RESTful API.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0j6cnnpqqgnb9nj2r0j8j6898np4z503hrnpis7b4l5d8yhbq68f"))))
+                "0cyn5pq4xl1gb8413h2p4d5wrn558dc054zhwmk4swrl40ijrd27"))))
     (build-system gnu-build-system)
     (outputs '("out" "doc"))
     (arguments
@@ -2119,7 +2094,7 @@ and the GLib main loop, to integrate well with GNOME applications.")
 (define-public libsecret
   (package
     (name "libsecret")
-    (version "0.18.3")
+    (version "0.18.5")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -2128,7 +2103,7 @@ and the GLib main loop, to integrate well with GNOME applications.")
                     name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1jc4pw6pb5igwasj0ms1zx80w63c11myziz3ydj0cr5lb861vgzj"))))
+                "1cychxc3ff8fp857iikw0n2s13s2mhw2dn1mr632f7w3sn6vvrww"))))
     (build-system gnu-build-system)
     (outputs '("out" "doc"))
     (arguments
@@ -2167,7 +2142,7 @@ and other secrets.  It communicates with the \"Secret Service\" using DBus.")
 (define-public gnome-mines
   (package
     (name "gnome-mines")
-    (version "3.18.2")
+    (version "3.20.0")
     (source
      (origin
        (method url-fetch)
@@ -2176,7 +2151,7 @@ and other secrets.  It communicates with the \"Secret Service\" using DBus.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "0izkcf81rji4dj9k0k93ij4lp5iza2bh6jwlcdhbjfv2xdw0f7ky"))))
+         "19khp4ckqbdgk6828gprxy52fsg8klf957dnwsin75nskk8whxbp"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      '(#:phases
@@ -2184,16 +2159,7 @@ and other secrets.  It communicates with the \"Secret Service\" using DBus.")
          (add-before 'configure 'patch-/bin/true
                      (lambda _
                        (substitute* "configure"
-                         (("/bin/true") (which "true")))))
-         (add-after 'install 'wrap-pixbuf
-                    ;; Use librsvg's loaders.cache to support SVG files.
-                    (lambda* (#:key inputs outputs #:allow-other-keys)
-                      (let* ((out    (assoc-ref outputs "out"))
-                             (prog   (string-append out "/bin/gnome-mines"))
-                             (rsvg   (assoc-ref inputs "librsvg"))
-                             (pixbuf (find-files rsvg "^loaders\\.cache$")))
-                        (wrap-program prog
-                          `("GDK_PIXBUF_MODULE_FILE" = ,pixbuf))))))))
+                         (("/bin/true") (which "true"))))))))
     (native-inputs
      `(("pkg-config" ,pkg-config)
        ("desktop-file-utils" ,desktop-file-utils)
@@ -2213,7 +2179,7 @@ floating in an ocean using only your brain and a little bit of luck.")
 (define-public gnome-sudoku
   (package
     (name "gnome-sudoku")
-    (version "3.18.2")
+    (version "3.20.0")
     (source
      (origin
        (method url-fetch)
@@ -2222,7 +2188,7 @@ floating in an ocean using only your brain and a little bit of luck.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "1b60z22fjrjzsz0kfhv0kfhvigzn54wvh9s31zrlp7sx2h2dxvsf"))))
+         "1n8hp3pl56p9s0c5kldk11zg1vg7ykhgn3ndp8nf375h1q49ldh8"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)
@@ -2248,7 +2214,7 @@ more fun.")
 (define-public gnome-terminal
   (package
     (name "gnome-terminal")
-    (version "3.18.2")
+    (version "3.20.1")
     (source
      (origin
        (method url-fetch)
@@ -2257,7 +2223,7 @@ more fun.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "1ylyv0mla2ypms7iyxndbdjvha0q9jzglb4mhfmqn9cm2gxc0day"))))
+         "1508nm35znlfq9v1s2j4ypx5x608yq391c565b4hazxk2f5z9dwq"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      '(#:configure-flags
@@ -2362,7 +2328,7 @@ output devices.")
 (define-public geoclue
   (package
     (name "geoclue")
-    (version "2.2.0")
+    (version "2.4.3")
     (source
      (origin
        (method url-fetch)
@@ -2371,7 +2337,7 @@ output devices.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "0inlqx0zar498fhi9hh92p2g4kp8qy3zdl4z3vw6bjwp9w6xx454"))
+         "0pk07k65dlw37nz8z5spksivsv5nh96xmbi336rf2yfxf2ldpadd"))
        (patches (search-patches "geoclue-config.patch"))))
     (build-system glib-or-gtk-build-system)
     (arguments
@@ -2392,7 +2358,8 @@ output devices.")
      `(("pkg-config" ,pkg-config)
        ("intltool" ,intltool)))
     (inputs
-     `(("glib" ,glib)
+     `(("avahi" ,avahi)
+       ("glib" ,glib)
        ("json-glib" ,json-glib)
        ("libsoup" ,libsoup)))
     (home-page "http://freedesktop.org/wiki/Software/GeoClue/")
@@ -2407,7 +2374,7 @@ permission from user.")
 (define-public geocode-glib
   (package
     (name "geocode-glib")
-    (version "3.18.0")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/geocode-glib/"
@@ -2415,7 +2382,7 @@ permission from user.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0pa9cgndycynipc6z8wzbvn2fi89ndf2gpqzm9m6krp3d7az1dwg"))))
+                "18iphsx3bybw7lssbb7rxc1rrnsc8vxai521zkqc535zr8rci7v6"))))
     (build-system gnu-build-system)
     (arguments
      `(;; The tests want to write to $HOME/.cache/geocode-glib, which doesn't
@@ -2498,7 +2465,7 @@ service via the system message bus.")
 (define-public libgweather
   (package
     (name "libgweather")
-    (version "3.18.1")
+    (version "3.20.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -2506,7 +2473,7 @@ service via the system message bus.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1l3sra84k5dnavbdbjyf1ar84xmjszpnnldih6mf45kniwpjkcll"))))
+                "1mmqg7wf0bhk450akyj0x71x75kh1v7j68isyivr75ydky79nqjj"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags
@@ -2548,7 +2515,7 @@ services for numerous locations.")
 (define-public gnome-settings-daemon
   (package
     (name "gnome-settings-daemon")
-    (version "3.18.2")
+    (version "3.20.1")
     (source
      (origin
        (method url-fetch)
@@ -2557,7 +2524,7 @@ services for numerous locations.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "0vzwf875csyqx04fnra6zicmzcjc3s13bxxpcizlys12iwjwfw9h"))))
+         "1rvqisrh3lridsb8rvm7spvncyq206ly0245zgpbm8swi5fhfjp8"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      `(;; Network manager not yet packaged.
@@ -2604,14 +2571,14 @@ settings, themes, mouse settings, and startup of other daemons.")
 (define-public totem-pl-parser
  (package
    (name "totem-pl-parser")
-   (version "3.10.5")
+   (version "3.10.6")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/totem-pl-parser/3.10/"
                                 "totem-pl-parser-" version ".tar.xz"))
             (sha256
              (base32
-              "0dw1kiwmjwdjrighri0j9nagsnj44dllm0mamnfh4y5nc47mhim7"))))
+              "0mv7aw9mw77w04zg95zjf0zmk6ckshpysbb9nap15h5is6zdk9cq"))))
    (build-system gnu-build-system)
    (arguments
     ;; FIXME: Tests require gvfs.
@@ -2639,7 +2606,7 @@ playlists in a variety of formats.")
 (define-public aisleriot
   (package
     (name "aisleriot")
-    (version "3.18.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -2647,7 +2614,7 @@ playlists in a variety of formats.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1qrgcj30hl0fgssspkwrad10lqy1bbsp7lfwxmxlwzp33jhqpb0b"))))
+                "1nipky336jj81mhm8wwxp96zilgcrarihf95dnyj3r1pw8kpg7gy"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      '(#:configure-flags
@@ -2675,7 +2642,7 @@ which are easy to play with the aid of a mouse.")
 (define-public devhelp
   (package
     (name "devhelp")
-    (version "3.18.1")
+    (version "3.20.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -2683,7 +2650,7 @@ which are easy to play with the aid of a mouse.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1vqsqpc51cir5qf801ibh6ljlpfw0qd513l9hjcnzp4ls8m1cfih"))))
+                "078zr92xs5ifp862v1vdmw1j9m6gr9zk5hjbk5065vxjwb17acx2"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("intltool" ,intltool)
@@ -2769,7 +2736,7 @@ without stepping on each others toes.")
 (define-public clutter
   (package
     (name "clutter")
-    (version "1.24.2")
+    (version "1.26.0")
     (source
      (origin
        (method url-fetch)
@@ -2778,7 +2745,7 @@ without stepping on each others toes.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "0qyd0cw17wi8gl6y9z2j2lh2gwghxskfmsdvw4ayrgxwnj6cjccn"))))
+         "01nfjd4k7j2n3agpx2d9ncff86nfsqv4n23465rb9zmk4iw4wlb7"))))
     (build-system gnu-build-system)
     (outputs '("out"
                "doc"))                            ;9 MiB of gtk-doc HTML pages
@@ -2822,7 +2789,7 @@ presentations, kiosk style applications and so on.")
 (define-public clutter-gtk
   (package
     (name "clutter-gtk")
-    (version "1.6.6")
+    (version "1.8.0")
     (source
      (origin
        (method url-fetch)
@@ -2831,7 +2798,7 @@ presentations, kiosk style applications and so on.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "0a2a8ci6in82l43zak3zj3cyms23i5rq6lzk1bz013gm023ach4l"))))
+         "07dzvx0b3fsswxnpxgk0adjgccnrvbxsd971naqwndnfivbgjbkl"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)
@@ -2851,7 +2818,7 @@ presentations, kiosk style applications and so on.")
 (define-public clutter-gst
   (package
     (name "clutter-gst")
-    (version "3.0.14")
+    (version "3.0.18")
     (source
      (origin
        (method url-fetch)
@@ -2860,7 +2827,7 @@ presentations, kiosk style applications and so on.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "1qidm0q28q6w8gjd0gpqnk8fzqxv39dcp0vlzzawlncp8zfagj7p"))))
+         "14w0pi9myvcn1yxzmk9sk8dghj17m5ji3aqdpfjikk90c060vv0a"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin")     ; for glib-mkenums
@@ -2882,7 +2849,7 @@ GL based interactive canvas library.")
 (define-public libchamplain
   (package
     (name "libchamplain")
-    (version "0.12.12")
+    (version "0.12.13")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -2890,7 +2857,7 @@ GL based interactive canvas library.")
                     version ".tar.xz"))
               (sha256
                (base32
-                "19jlhbgfn9c9g40b3fa2x373s6rfcwx5i9lbpl3vl7d901r7kpp7"))))
+                "1arzd1hsgq14rbiwa1ih2g250x6ljna2s2kiqfrw155c612s9cxk"))))
     (build-system gnu-build-system)
     (native-inputs `(("pkg-config" ,pkg-config)))
     (propagated-inputs
@@ -2914,7 +2881,7 @@ such as OpenStreetMap, OpenCycleMap, OpenAerialMap, and Maps for free.")
 (define-public gom
   (package
     (name "gom")
-    (version "0.3.1")
+    (version "0.3.2")
     (source
      (origin
        (method url-fetch)
@@ -2923,7 +2890,7 @@ such as OpenStreetMap, OpenCycleMap, OpenAerialMap, and Maps for free.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "1x9qgviszzh59d009jd13k0pdxzv9w4dmwp3wszbsk3qxr3fnlbr"))))
+         "1zaqqwwkyiswib3v1v8wafpbifpbpak0nn2kp13pizzn9bwz1s5w"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("intltool" ,intltool)
@@ -2943,10 +2910,46 @@ write applications that need to store structured data as well as make complex
 queries upon that data.")
     (license license:lgpl2.1+)))
 
+(define-public libgames-support
+  (package
+    (name "libgames-support")
+    (version "1.0.2")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnome/sources/" name "/"
+                                  (version-major+minor version) "/"
+                                  name "-" version ".tar.xz"))
+              (sha256
+               (base32
+                "0rms2ksiv7j9944km7r87q22nh05si1fisn5xm3z4zy5vpcfi5mh"))))
+    (build-system gnu-build-system)
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         (add-before 'check 'pre-check
+           (lambda _
+             ;; tests require a writable HOME.
+             (setenv "HOME" (getcwd))
+             #t)))))
+    (native-inputs
+     `(("intltool" ,intltool)
+       ("pkg-config" ,pkg-config)
+       ("vala" ,vala)))
+    (propagated-inputs
+     ;; Required by libgames-support-1.0.pc
+     `(("gtk+" ,gtk+)
+       ("libgee" ,libgee)))
+    (home-page "https://www.gnome.org/")
+    (synopsis "Useful functionality shared among GNOME games")
+    (description
+     "libgames-support is a small library intended for internal use by
+GNOME Games, but it may be used by others.")
+    (license license:lgpl3+)))
+
 (define-public gnome-klotski
   (package
     (name "gnome-klotski")
-    (version "3.18.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -2954,7 +2957,7 @@ queries upon that data.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "14l1fji0860yam41x2cy72nd9bljph385ynfm6k1lsv4qhv72az2"))))
+                "1130v6sk9h74b3xgv0bq43anaw7xs9x8vdab3q7p9db6w0px02wj"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("desktop-file-utils" ,desktop-file-utils)
@@ -2964,6 +2967,7 @@ queries upon that data.")
        ("xmllint" ,libxml2)))
     (inputs
      `(("gtk+" ,gtk+)
+       ("libgames-support" ,libgames-support)
        ("librsvg" ,librsvg)))
     (home-page "https://wiki.gnome.org/Apps/Klotski")
     (synopsis "Sliding block puzzles")
@@ -2977,7 +2981,7 @@ as possible!")
 (define-public grilo
   (package
     (name "grilo")
-    (version "0.2.14")
+    (version "0.3.0")
     (source
      (origin
        (method url-fetch)
@@ -2986,7 +2990,7 @@ as possible!")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "1k8wj8f7xfaw5hxypnmwd34li3fq8h76dacach547rvsfjhjxj3r"))))
+         "0q5wcvnckpfks48hy0gvlfdmvqm67vnblm3912rssmkgc1ysil8z"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin")         ; for glib-mkenums and glib-genmarshal
@@ -3028,7 +3032,7 @@ for application developers.")
 (define-public grilo-plugins
   (package
     (name "grilo-plugins")
-    (version "0.2.16")
+    (version "0.3.1")
     (source
      (origin
        (method url-fetch)
@@ -3037,7 +3041,7 @@ for application developers.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "00sjmkzxc8w4qn4lp5yj65c4y83mwhp0zlvk11ghvpxnklgmgd40"))))
+         "1akd7q6pqnkcnayrdfjb0qx5w5yyl06kxzwhqp2gxm4y1b208pb0"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin")     ; for glib-mkenums and glib-genmarshal
@@ -3046,6 +3050,7 @@ for application developers.")
        ("pkg-config" ,pkg-config)))
     (inputs
      `(("grilo" ,grilo)
+       ("nettle" ,nettle) ; XXX: required by libgrlpls-0.3.la
        ("glib" ,glib)
        ("libxml2" ,libxml2)
        ("sqlite" ,sqlite)
@@ -3080,7 +3085,7 @@ for application developers.")
 (define-public totem
   (package
     (name "totem")
-    (version "3.18.1")
+    (version "3.20.1")
     (source
      (origin
        (method url-fetch)
@@ -3089,7 +3094,8 @@ for application developers.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "18h784c77m4h359j3xnlwqlfvnhbw7m052ahzm26r106jsp6x0fp"))))
+         "09swnhp46cyy2svqx02fzy555pjgc61lyjw56v9rz1mfc41lh8kg"))
+       (patches (search-patches "totem-debug-format-fix.patch"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)
@@ -3246,7 +3252,7 @@ supports playlists, song ratings, and any codecs installed through gstreamer.")
 (define-public eog
  (package
    (name "eog")
-   (version "3.18.1")
+   (version "3.20.1")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3254,7 +3260,7 @@ supports playlists, song ratings, and any codecs installed through gstreamer.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "19wkawrcwjjcvlmizkj57qycnbgizhr8ck3j5qg70605d1xb8yvv"))))
+              "0ll3vz1kyjagiqmrpypk1a4nwjhrjsapiz45bxblsjxjy641j0jg"))))
    (build-system glib-or-gtk-build-system)
    (arguments
     `(#:phases
@@ -3324,7 +3330,7 @@ part of udev-extras, then udev, then systemd.  It's now a project on its own.")
 (define-public gvfs
   (package
     (name "gvfs")
-    (version "1.26.2")
+    (version "1.28.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3332,7 +3338,7 @@ part of udev-extras, then udev, then systemd.  It's now a project on its own.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "064dsjrdjcbi38zl38jhh4r9jcpiygg7x4c8s6s2rb757l7nwnv9"))))
+                "16bry61hg681bwb0pih86cjayzvc5f89ip5xd8fydcy16nnfbksf"))))
     (build-system gnu-build-system)
     (arguments
      '(#:tests? #f)) ; XXX: requiring `pidof'
@@ -3476,7 +3482,7 @@ work and the interface is well tested.")
 (define-public epiphany
   (package
     (name "epiphany")
-    (version "3.18.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3484,7 +3490,7 @@ work and the interface is well tested.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1hm6bpdcc6nf3zamzkvjhpvxnpaxzbnxnacfgl5v8swn643ifdl4"))))
+                "1ry9z6d51gjbv5n8kspwdyfrdai2hrin2ixdicmyiq6xbryzcwbi"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      ;; FIXME: tests run under Xvfb, but fail with:
@@ -3582,7 +3588,7 @@ of running programs and invoke methods on those interfaces.")
 (define-public yelp-xsl
   (package
     (name "yelp-xsl")
-    (version "3.18.1")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3590,7 +3596,7 @@ of running programs and invoke methods on those interfaces.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0qmsq7qkc06gmnkvbs84qj3jjzlihriy3z45nfbpgg51b6z0z1q0"))))
+                "183vz4aw8fcmw8k8q7r4zrm1p76gwg2cca1fsdrkaiyabng88qfw"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("intltool" ,intltool)
@@ -3606,7 +3612,7 @@ to format Docbook and Mallard documents.")
 (define-public yelp
   (package
     (name "yelp")
-    (version "3.18.1")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3614,7 +3620,7 @@ to format Docbook and Mallard documents.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "10384lr712xdr8zbi07vqh0cf4nd7ybg1vs05r5cy3kwf6s4wfms"))))
+                "1hh8yqbv0scn9nksk9mq94cb4sdczlzxplclv2wqr41jmm8v186x"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin") ; for glib-genmarshal, etc.
@@ -3624,7 +3630,8 @@ to format Docbook and Mallard documents.")
     (propagated-inputs
      `(("dconf" ,dconf)))
     (inputs
-     `(("libxslt" ,libxslt)
+     `(("gsettings-desktop-schemas" ,gsettings-desktop-schemas)
+       ("libxslt" ,libxslt)
        ("sqlite" ,sqlite)
        ("webkitgtk" ,webkitgtk)
        ("yelp-xsl" ,yelp-xsl)))
@@ -3737,7 +3744,7 @@ metadata in photo and video files of various formats.")
 (define-public shotwell
   (package
     (name "shotwell")
-    (version "0.22.0")
+    (version "0.22.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3745,7 +3752,7 @@ metadata in photo and video files of various formats.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0cgqaaikrb10plhf6zxbgqy32zqpiwyi9dpx3g8yr261q72r5c81"))))
+                "1a9lx9a7p6fgaf838xlw98f73xxyxmg6jmm29830lsl8ynbhq9bk"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      `(#:tests? #f ;no "check" target
@@ -3792,7 +3799,7 @@ share them with others via social networking and more.")
 (define-public file-roller
   (package
     (name "file-roller")
-    (version "3.16.4")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3800,7 +3807,7 @@ share them with others via social networking and more.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "11a1g8f2700n2mz998wf40dz1rxjgap60mfns9iv0zlw5h5rhmal"))))
+                "0cx3d8mp0pxz9wcsb2ph7g1zy22m8z5x0a4f5vgfzl0jmrcxpcy8"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("intltool" ,intltool)
@@ -3825,7 +3832,7 @@ such as gzip tarballs.")
 (define-public gnome-session
   (package
     (name "gnome-session")
-    (version "3.18.1.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3833,7 +3840,7 @@ such as gzip tarballs.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0icajbzqf5llvp5s8nafwkhwz6a6jmwn4hhs81bk0bpzawyq4zdk"))))
+                "04w90gyl0kdx5vwmdcgfdk3qr9xhip00vgpgzci151agqwyzbs9a"))))
     (arguments
      '(#:phases
        (modify-phases %standard-phases
@@ -3852,6 +3859,8 @@ such as gzip tarballs.")
                (("#ifdef HAVE_SYSTEMD") "#if 0"))
              (substitute* "gnome-session/gsm-manager.c"
                (("#ifdef HAVE_SYSTEMD") "#if 0"))
+             (substitute* "gnome-session/gsm-autostart-app.c"
+               (("#ifdef HAVE_SYSTEMD") "#if 0"))
              #t))
          (add-after 'install 'wrap-gnome-session
            (lambda* (#:key inputs outputs #:allow-other-keys)
@@ -3923,6 +3932,12 @@ configuration program to choose applications starting on login.")
           (lambda _
             ;; For the missing /etc/machine-id.
             (setenv "DBUS_FATAL_WARNINGS" "0")
+
+            ;; XXX: fails with:
+            ;;   Failed to convert UTF-8 string to JS string: ...
+            ;; TODO: actually fix it.
+            (substitute* "installed-tests/js/testEverythingBasic.js"
+              ((".*test_utf8_inout.*") ""))
             #t)))))
     (native-inputs
      `(("glib:bin" ,glib "bin")       ; for glib-compile-resources
@@ -3949,7 +3964,7 @@ javascript engine and the GObject introspection framework.")
 (define-public gedit
   (package
     (name "gedit")
-    (version "3.18.3")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -3957,19 +3972,23 @@ javascript engine and the GObject introspection framework.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1rrjdkvwwjyj05jc9icifjm9v8sgs0wqgy555m57a3rvg46sqqk7"))))
+                "1i0x1jd9x1vpv8lwdlzwf0ml8jxh3b3l6nlg6pbnfjw47w3y6iws"))))
     (build-system glib-or-gtk-build-system)
     (arguments
-     `(#:phases
+     `(#:configure-flags '("--disable-spell") ; XXX: gspell not packaged yet
+       #:phases
        (modify-phases %standard-phases
          (add-after
           'install 'wrap-gedit
           (lambda* (#:key inputs outputs #:allow-other-keys)
             (let ((out               (assoc-ref outputs "out"))
                   (gtksourceview     (assoc-ref inputs "gtksourceview"))
-                  (gi-typelib-path   (getenv "GI_TYPELIB_PATH")))
+                  (gi-typelib-path   (getenv "GI_TYPELIB_PATH"))
+                  (python-path       (getenv "PYTHONPATH")))
               (wrap-program (string-append out "/bin/gedit")
+                ;; For plugins.
                 `("GI_TYPELIB_PATH" ":" prefix (,gi-typelib-path))
+                `("PYTHONPATH" ":" prefix (,python-path))
                 ;; For language-specs.
                 `("XDG_DATA_DIRS" ":" prefix (,(string-append gtksourceview
                                                               "/share")))))
@@ -3987,7 +4006,6 @@ javascript engine and the GObject introspection framework.")
        ("gtksourceview" ,gtksourceview)
        ("libpeas" ,libpeas)
        ("libxml2" ,libxml2)
-       ("enchant" ,enchant)
        ("iso-codes" ,iso-codes)
        ("python-pygobject" ,python-pygobject)
        ("python" ,python)
@@ -4006,7 +4024,7 @@ powerful general purpose text editor.")
 (define-public zenity
   (package
     (name "zenity")
-    (version "3.18.1.1")
+    (version "3.20.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4014,7 +4032,7 @@ powerful general purpose text editor.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "02m88dfm1rziqk2ywakwib06wl1rxangbzih6cp8wllbyl1plcg6"))))
+                "0j2sy6imwp41l75hy3fwr68n35drvanbwgmr42kc04zqjy9pbs02"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("gettext" ,gnu-gettext)
@@ -4033,7 +4051,7 @@ to display dialog boxes from the commandline and shell scripts.")
 (define-public mutter
   (package
     (name "mutter")
-    (version "3.18.1")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4041,7 +4059,7 @@ to display dialog boxes from the commandline and shell scripts.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1ab959z5fgi4rq0ifxdqvpdbv99a2b1lfgvj327s9crdvk4ygpjg"))))
+                "0752vkkmaaay8ziczqrf7z3735bq3brx2djw36arqsdhwawh6jba"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags
@@ -4083,7 +4101,7 @@ window manager.")
 (define-public gnome-online-accounts
   (package
     (name "gnome-online-accounts")
-    (version "3.18.1")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4091,7 +4109,7 @@ window manager.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1hn2fvkr1f4qh4gix03avnvk7pklvv5272ns8ws56v4kcq4nppkc"))))
+                "14qcih1g136sn2aklzagv83jl82d3qc598rkdm8zac9gw70ynyn3"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin") ; for glib-compile-schemas, etc.
@@ -4121,7 +4139,7 @@ Exchange, Last.fm, IMAP/SMTP, Jabber, SIP and Kerberos.")
 (define-public evolution-data-server
   (package
     (name "evolution-data-server")
-    (version "3.18.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4129,7 +4147,7 @@ Exchange, Last.fm, IMAP/SMTP, Jabber, SIP and Kerberos.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "16yfd2a00xqxikyf6pi2awfd0qfq4hwdhfar88axrb4mycfgqhjr"))))
+                "0lsbhzacr2bs90z8sx44vf403r0h2yqsy4l2svrh5hjnassgdyqx"))))
     (build-system gnu-build-system)
     (arguments
      '(;; XXX: fails with:
@@ -4141,6 +4159,7 @@ Exchange, Last.fm, IMAP/SMTP, Jabber, SIP and Kerberos.")
              (nspr (assoc-ref %build-inputs "nspr")))
          (list "--disable-uoa"    ; disable Ubuntu Online Accounts support
                "--disable-google" ; disable Google Contacts support
+               "--disable-google-auth" ; disable Google authentication
                (string-append "--with-nspr-includes=" nspr "/include/nspr")
                (string-append "--with-nss-includes=" nss "/include/nss")
                (string-append "--with-nss-libs=" nss "/lib/nss")))
@@ -4182,7 +4201,7 @@ Evolution (hence the name), but is now used by other packages as well.")
 (define-public caribou
   (package
     (name "caribou")
-    (version "0.4.19")
+    (version "0.4.20")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4190,7 +4209,7 @@ Evolution (hence the name), but is now used by other packages as well.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0i2s2xy9ami3wslam15cajhggpcsj4c70qm7qddcz52z9k0x02rg"))))
+                "1nahpfs5ap9f9wsvn93kg8isqffk60v785f1q6k64awcd7an8ris"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      '(#:phases
@@ -4247,7 +4266,7 @@ users.")
 (define-public network-manager
   (package
     (name "network-manager")
-    (version "1.0.12")
+    (version "1.2.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/NetworkManager/"
@@ -4255,7 +4274,7 @@ users.")
                                   "NetworkManager-" version ".tar.xz"))
               (sha256
                (base32
-                "17jan0g5jzp8mrpklyacwdgnnw016m1c5pc4az5im6qhc260yirs"))))
+                "101axwk3bc1pm9m98vwrnxyjna6w0qgzaskgivldq69xz8qcyiz9"))))
     (build-system gnu-build-system)
     (outputs '("out"
                "doc")) ; 8 MiB of gtk-doc HTML
@@ -4285,7 +4304,8 @@ users.")
              ;; cope with being already in the Guix build jail as that jail
              ;; lacks some features that they would like to proxy over (like
              ;; a /sys mount).
-             (substitute* '("src/platform/Makefile.in")
+             (substitute* '("src/platform/Makefile.in"
+                            "src/devices/Makefile.in")
                (("SUBDIRS = tests") ""))
              (substitute* '("src/tests/Makefile.in")
                (("\ttest-route-manager-linux") "\t")
@@ -4300,7 +4320,8 @@ users.")
            (lambda _
              (zero? (system* "make"
                              "sysconfdir=/tmp"
-                             "localstatedir=/tmp"
+                             "rundir=/tmp"
+                             "statedir=/tmp"
                              "install")))))))
     (native-inputs
      `(("glib:bin" ,glib "bin") ; for gdbus-codegen
@@ -4322,6 +4343,7 @@ users.")
        ("libndp" ,libndp)
        ("libnl" ,libnl)
        ("libsoup" ,libsoup)
+       ("modem-manager" ,modem-manager)
        ("polkit" ,polkit)
        ("ppp" ,ppp)
        ("readline" ,readline)
@@ -4339,7 +4361,7 @@ services.")
 (define-public network-manager-applet
   (package
     (name "network-manager-applet")
-    (version "1.0.10")
+    (version "1.2.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4347,7 +4369,7 @@ services.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1szh5jyijxm6z55irkp5s44pwah0nikss40mx7pvpk38m8zaqidh"))))
+                "0dhvk3dvy6djn6blpkv46dn6yfh28wsh6mpl0v53qxfip97j8kwk"))))
     (build-system glib-or-gtk-build-system)
     (arguments '(#:configure-flags '("--disable-migration")))
     (native-inputs
@@ -4401,7 +4423,7 @@ libxml2.")
 (define-public gdm
   (package
     (name "gdm")
-    (version "3.18.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4409,7 +4431,7 @@ libxml2.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "08pqhslwd487nh9w0jp4d0s4s2imm4ds0jjsbl6lzmqifqj3b4jl"))))
+                "17vqcnqnwx7s5xzgn358gsgbmpz7k90sh1qrwrh3wnj5r0pm38hh"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags
@@ -4461,7 +4483,7 @@ providing graphical log-ins and managing local and remote displays.")
 (define-public libgtop
   (package
     (name "libgtop")
-    (version "2.32.0")
+    (version "2.34.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4469,7 +4491,7 @@ providing graphical log-ins and managing local and remote displays.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "13hpml2vfm23816qggr5fvxj75ndb1dq4rgmi7ik6azj69ij8hw4"))))
+                "0apfnh9k6vmbdm8ms5wxyhagrrl8r88fv48k7q5qq70df2gf72ld"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("gobject-introspection" ,gobject-introspection)
@@ -4488,7 +4510,7 @@ usage and information about running processes.")
 (define-public gnome-bluetooth
   (package
     (name "gnome-bluetooth")
-    (version "3.18.1")
+    (version "3.18.3")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4496,7 +4518,7 @@ usage and information about running processes.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0jaa9nbygdvcqp9k4p4iy2g8x3684s4x9k5nbcmmm11jdn4mn7f5"))))
+                "1qwc9q7x22sc71zhqv4db78rqzxl6fqfw6d978ydqap54c2bg0g4"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin") ; for gdbus-codegen, etc.
@@ -4521,7 +4543,7 @@ devices using the GNOME desktop.")
 (define-public gnome-control-center
   (package
     (name "gnome-control-center")
-    (version "3.18.2")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4529,7 +4551,7 @@ devices using the GNOME desktop.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1bgqg1sl3cp2azrwrjgwx3jzk9n3w76xpcyvk257qavx4ibn3zin"))))
+                "1vd1h31vwyq7ss5f1151gx1vdsy35sjmapjmmz7x73ppc3y78r6f"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      '(#:phases
@@ -4591,7 +4613,7 @@ properties, screen resolution, and other GNOME parameters.")
 (define-public gnome-shell
   (package
     (name "gnome-shell")
-    (version "3.18.3")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4599,7 +4621,7 @@ properties, screen resolution, and other GNOME parameters.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "16sicxdp08yfaj4hiyzvbspb5jk3fpmi291272zhx5vgc3wbl5w5"))))
+                "08cgbr15cim3rgcngrv98rm48pkdxwj4nqx5za1lsnv376m4x5bs"))))
     (build-system glib-or-gtk-build-system)
     (arguments
      '(#:phases
@@ -4711,7 +4733,7 @@ as SASL, TLS and VeNCrypt.  Additionally it supports encoding extensions.")
 (define-public nautilus
   (package
     (name "nautilus")
-    (version "3.18.2") ; XXX: later version require gtk+-3.0 >= 3.18.5
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnome/sources/" name "/"
@@ -4719,10 +4741,11 @@ as SASL, TLS and VeNCrypt.  Additionally it supports encoding extensions.")
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "0jj23n8vmmyc4gp5xhiz7slsxwksydp26blxi5m154yaw9lgdp38"))))
+                "1s41bsihacs7cywm60vqgv46m22gmga4b0bwxnki4r02jjwhgagj"))))
     (build-system glib-or-gtk-build-system)
     (arguments
-     '(#:configure-flags '("--disable-tracker") ; XXX: not packaged
+     '(#:configure-flags
+       '("--disable-tracker" "--disable-selinux") ; XXX: not packaged
        ;; XXX: FAIL: check-nautilus
        ;;   Settings schema 'org.gnome.nautilus.preferences' is not installed
        #:tests? #f))
@@ -4755,7 +4778,7 @@ files.")
 (define-public baobab
   (package
     (name "baobab")
-    (version "3.18.1")
+    (version "3.20.1")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -4764,7 +4787,7 @@ files.")
                     name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1da4bdkw5bnxansl1xr4lb03d6f4h0a0qaba8i3p3rwhcd191b62"))))
+                "07wx4jb3nmipd4caybv21hl8h0gb282qc5a24b731mxhfqmg3pz9"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("intltool" ,intltool)
@@ -4787,7 +4810,7 @@ is complete it provides a graphical representation of each selected folder.")
 (define-public gnome-backgrounds
   (package
     (name "gnome-backgrounds")
-    (version "3.18.0")
+    (version "3.20")
     (source
      (origin
        (method url-fetch)
@@ -4796,7 +4819,7 @@ is complete it provides a graphical representation of each selected folder.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "1fd7y8dh3iy88ayb8irgsihvssli6bzjzb5a6vfhi8qjbw70ymma"))))
+         "09viag7q53lfwrp074a1w7j0r8izlwpi10xbwjgbf5jwbqb6wv6n"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("intltool" ,intltool)))
@@ -4846,7 +4869,7 @@ beautifying border effects.")
 (define-public dconf-editor
   (package
     (name "dconf-editor")
-    (version "3.18.2")
+    (version "3.20.1")
     (source
      (origin
        (method url-fetch)
@@ -4855,7 +4878,7 @@ beautifying border effects.")
                            name "-" version ".tar.xz"))
        (sha256
         (base32
-         "0xdwi7g1xdmgrc9m8ii62fp2zj114gsfpmgazlnhrcmmfi97z5d7"))))
+         "0pfpmvpv57a01nsd1fah3np33avihm5ic43fi6b60dyw6c5z953p"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("glib:bin" ,glib "bin") ; for glib-compile-schemas, gio-2.0.
@@ -4884,15 +4907,18 @@ software that do not provide their own configuration interface.")
      ;; TODO: Add more packages according to:
      ;;       <https://packages.debian.org/jessie/gnome-core>.
      `(("adwaita-icon-theme"        ,adwaita-icon-theme)
+       ("baobab"                    ,baobab)
        ("font-cantarell"            ,font-cantarell)
        ("at-spi2-core"              ,at-spi2-core)
        ("dbus"                      ,dbus)
        ("dconf"                     ,dconf)
+       ("desktop-file-utils"        ,desktop-file-utils)
        ("eog"                       ,eog)
        ("epiphany"                  ,epiphany)
        ("evince"                    ,evince)
        ("gedit"                     ,gedit)
        ("glib-networking"           ,glib-networking)
+       ("gnome-backgrounds"         ,gnome-backgrounds)
        ("gnome-control-center"      ,gnome-control-center)
        ("gnome-keyring"             ,gnome-keyring)
        ("gnome-session"             ,gnome-session)
@@ -4900,6 +4926,7 @@ software that do not provide their own configuration interface.")
        ("gnome-shell"               ,gnome-shell)
        ("gnome-terminal"            ,gnome-terminal)
        ("gnome-themes-standard"     ,gnome-themes-standard)
+       ("gvfs"                      ,gvfs)
        ("hicolor-icon-theme"        ,hicolor-icon-theme)
        ("nautilus"                  ,nautilus)
        ("pulseaudio"                ,pulseaudio)
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index fab3bb9811..dd9519bf84 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -32,6 +32,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pth)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages qt)
   #:use-module (gnu packages readline)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages databases)
@@ -148,7 +149,7 @@ provided.")
 (define-public libksba
   (package
     (name "libksba")
-    (version "1.3.3")
+    (version "1.3.4")
     (source
      (origin
       (method url-fetch)
@@ -157,7 +158,7 @@ provided.")
             version ".tar.bz2"))
       (sha256
        (base32
-        "11kp3h9l3b8ikydkcdkwgx45r662zi30m26ra5llyhfh6kz5yzqc"))))
+        "0kxdb02z41cwm1xbwfwj9nbc0dzjhwyq8c475mlhhmpcxcy8ihpn"))))
     (build-system gnu-build-system)
     (propagated-inputs
      `(("libgpg-error" ,libgpg-error)))
@@ -208,16 +209,14 @@ compatible to GNU Pth.")
 (define-public gnupg
   (package
     (name "gnupg")
-    (version "2.1.11")
+    (version "2.1.12")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                   ".tar.bz2"))
               (sha256
                (base32
-                "06mn2viiwsyq991arh5i5fhr9jyxq2bi0jkdj7ndfisxihngpc5p"))
-              (patches (search-patches
-                        "gnupg-simple-query-ignore-status-messages.patch"))))
+                "01n5py45x0r97l4dzmd803jpbpbcxr1591k3k4s8m9804jfr4d5c"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)))
@@ -569,9 +568,9 @@ including tools for signing keys, keyring analysis, and party preparation.
    (license license:gpl2)
    (home-page "http://pgp-tools.alioth.debian.org/")))
 
-(define-public pinentry
+(define-public pinentry-tty
   (package
-    (name "pinentry")
+    (name "pinentry-tty")
     (version "0.9.7")
     (source (origin
               (method url-fetch)
@@ -581,21 +580,48 @@ including tools for signing keys, keyring analysis, and party preparation.
                (base32
                 "1cp7wjqr6nx31mdclr61s2h84ijqjl0ph99kgj4vyawpjj1j1633"))))
     (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags '("--enable-pinentry-tty")))
     (inputs
      `(("ncurses" ,ncurses)
        ("libassuan" ,libassuan)
-       ("libsecret" ,libsecret "out")
-       ("gtk+" ,gtk+-2)
-       ("glib" ,glib)))
+       ("libsecret" ,libsecret "out")))
     (native-inputs
      `(("pkg-config" ,pkg-config)))
     (home-page "https://gnupg.org/aegypten2/")
     (synopsis "GnuPG's interface to passphrase input")
     (description
-     "Pinentry provides a console and a GTK+ GUI that allows users to
-enter a passphrase when `gpg' or `gpg2' is run and needs it.")
+     "Pinentry provides a console that allows users to enter a passphrase when
+@code{gpg} or @code{gpg2} is run and needs it.")
     (license license:gpl2+)))
 
+(define-public pinentry-gtk2
+  (package
+    (inherit pinentry-tty)
+    (name "pinentry-gtk2")
+    (inputs
+     `(("gtk+" ,gtk+-2)
+       ("glib" ,glib)
+       ,@(package-inputs pinentry-tty)))
+    (description
+     "Pinentry provides a console and a GTK+ GUI that allows users to enter a
+passphrase when @code{gpg} or @code{gpg2} is run and needs it.")))
+
+(define-public pinentry-qt
+  (package
+    (inherit pinentry-tty)
+    (name "pinentry-qt")
+    (inputs
+     `(("qt" ,qt)
+       ,@(package-inputs pinentry-tty)))
+  (description
+   "Pinentry provides a console and a Qt GUI that allows users to enter a
+passphrase when @code{gpg} or @code{gpg2} is run and needs it.")))
+
+(define-public pinentry
+  (package (inherit pinentry-gtk2)
+    (name "pinentry")))
+
 (define-public paperkey
   (package
     (name "paperkey")
diff --git a/gnu/packages/gnustep.scm b/gnu/packages/gnustep.scm
index f4a2b266a3..31fca5b504 100644
--- a/gnu/packages/gnustep.scm
+++ b/gnu/packages/gnustep.scm
@@ -24,6 +24,7 @@
   #:use-module (guix licenses)
   #:use-module (gnu packages xorg)
   #:use-module (gnu packages gnome)
+  #:use-module (gnu packages gtk)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages glib)
@@ -216,3 +217,31 @@ on.")
 a dockable tile.  It features multiple language support, 24h or 12h time
 display, and can run a user-specified program on mouse click.")
     (license gpl2+)))
+
+(define-public wmfire
+  (package
+    (name "wmfire")
+    (version "1.2.4")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://www.improbability.net/"
+                                  name "/" name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "101grahd80n97y2dczb629clmcgiavdpbbwy78kk5wgs362m12z3"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("gtk+" ,gtk+-2)
+       ("libgtop" ,libgtop)))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)))
+    (home-page "http://www.improbability.net/")
+    (synopsis "Display flames to represent CPU usage, memory usage, etc.")
+    (description
+     "wmfire is an applet for Window Maker that can monitor the average cpu
+load, or individual cpu load on SMP computers.  Additionally it can monitor the
+memory, network load, a file or just be set to show a pretty flame.  On
+entering the dock a burning spot replaces the cursor, and after two seconds
+symbols to represent the current monitor are \"burnt\" onscreen.  The flame
+colour can also be changed.")
+    (license gpl2+)))
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index abefd90304..df1075c370 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -287,7 +287,7 @@ standards.")
 (define-public icecat
   (package
     (name "icecat")
-    (version "38.7.1-gnu1")
+    (version "38.8.0-gnu1")
     (source
      (origin
       (method url-fetch)
@@ -296,19 +296,9 @@ standards.")
                           name "-" version ".tar.bz2"))
       (sha256
        (base32
-        "1wdmd6hasra36g86ha1dw8sl7a5mvr7c4jbjx4zyg9629y5gqr8g"))
+        "0v4k47ziqsyfksv9sn4v1xvk4q414rc883hb1qzld63grj2nxxwp"))
       (patches (search-patches
-                "icecat-avoid-bundled-includes.patch"
-                "icecat-re-enable-DHE-cipher-suites.patch"
-                "icecat-update-bundled-graphite2.patch"
-                "icecat-CVE-2016-2805.patch"
-                "icecat-CVE-2016-2807-pt1.patch"
-                "icecat-CVE-2016-2807-pt2.patch"
-                "icecat-CVE-2016-2807-pt3.patch"
-                "icecat-CVE-2016-2807-pt4.patch"
-                "icecat-CVE-2016-2807-pt5.patch"
-                "icecat-CVE-2016-2808.patch"
-                "icecat-CVE-2016-2814.patch"))
+                "icecat-avoid-bundled-includes.patch"))
       (modules '((guix build utils)))
       (snippet
        '(begin
diff --git a/gnu/packages/graphics.scm b/gnu/packages/graphics.scm
index f46dee36d2..d08542fd4a 100644
--- a/gnu/packages/graphics.scm
+++ b/gnu/packages/graphics.scm
@@ -33,7 +33,7 @@
   #:use-module (gnu packages bash)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages boost)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages haskell)
   #:use-module (gnu packages image)
   #:use-module (gnu packages python)
diff --git a/gnu/packages/graphviz.scm b/gnu/packages/graphviz.scm
index 09f475bd90..e4b9094632 100644
--- a/gnu/packages/graphviz.scm
+++ b/gnu/packages/graphviz.scm
@@ -25,6 +25,7 @@
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages xml)
   #:use-module (gnu packages glib)
+  #:use-module (gnu packages guile)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages image)
   #:use-module (gnu packages autotools)
@@ -32,6 +33,7 @@
   #:use-module (gnu packages fontutils)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages gd)
+  #:use-module (gnu packages swig)
   #:use-module ((guix licenses) #:select (lgpl2.0+ epl1.0)))
 
 (define-public graphviz
@@ -69,12 +71,26 @@
                              (rename-file (string-append out "/share/graphviz/doc")
                                           (string-append doc "/share/graphviz/doc"))
                              #t))
-                 %standard-phases))))
+                  (alist-cons-after
+                   'move-docs 'move-guile-bindings
+                   (lambda* (#:key outputs #:allow-other-keys)
+                     (let* ((out (assoc-ref outputs "out"))
+                            (lib (string-append out "/lib"))
+                            (extdir (string-append lib
+                                                   "/guile/2.0/extensions")))
+                       (mkdir-p extdir)
+                       (rename-file (string-append
+                                     lib "/graphviz/guile/libgv_guile.so")
+                                    (string-append extdir
+                                                   "/libgv_guile.so"))))
+                   %standard-phases)))))
     (inputs
      `(("libXrender" ,libxrender)
        ("libX11" ,libx11)
        ("gts" ,gts)
        ("gd" ,gd)                                 ; FIXME: Our GD is too old
+       ("guile" ,guile-2.0)                       ;Guile bindings
+       ("swig" ,swig)
        ("pango" ,pango)
        ("fontconfig" ,fontconfig)
        ("freetype" ,freetype)
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 97900958c8..483710f6fe 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -244,6 +244,9 @@ for the GStreamer multimedia library.")
             ;; XXX FIXME: Try removing this for version > 1.8.0.
             (substitute* "tests/check/elements/rtprtx.c"
               (("tcase_add_test \\(tc_chain, test_push_forward_seq\\);" all)
+               (string-append "/* " all " */"))
+              (("tcase_add_test \
+\\(tc_chain, test_rtxreceive_data_reconstruction\\);" all)
                (string-append "/* " all " */")))
             (substitute* "tests/check/elements/splitmux.c"
               (("tcase_add_test \\(tc_chain, test_splitmuxsink\\);" all)
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
index 255d885b27..7e81a81986 100644
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@@ -63,7 +63,7 @@
 (define-public atk
   (package
    (name "atk")
-   (version "2.18.0")
+   (version "2.20.0")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -71,7 +71,7 @@
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "0ay9s137x49f0akx658p7kznz0rdapfrd8ym54q0hlgrggblhv6f"))))
+              "1w1q29yfxcq67j7fyqrfm0l0n1vy4zn539c0sf4ga9d0qkv50fj9"))))
    (build-system gnu-build-system)
    (outputs '("out" "doc"))
    (arguments
@@ -95,14 +95,14 @@ tools have full access to view and control running applications.")
 (define-public cairo
   (package
    (name "cairo")
-   (version "1.14.2")
+   (version "1.14.6")
    (source (origin
             (method url-fetch)
             (uri (string-append "http://cairographics.org/releases/cairo-"
                                 version ".tar.xz"))
             (sha256
              (base32
-              "1sycbq0agbwmg1bj9lhkgsf0glmblaf2jrdy9g6vxfxivncxj6f9"))))
+              "0lmjlzmghmr27y615px9hkm552x7ap6pmq9mfbzr6smp8y2b6g31"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("fontconfig" ,fontconfig)
@@ -147,7 +147,7 @@ affine transformation (scale, rotation, shear, etc.).")
 (define-public harfbuzz
   (package
    (name "harfbuzz")
-   (version "1.0.6")
+   (version "1.2.4")
    (source (origin
              (method url-fetch)
              (uri (string-append "https://www.freedesktop.org/software/"
@@ -155,7 +155,7 @@ affine transformation (scale, rotation, shear, etc.).")
                                  version ".tar.bz2"))
              (sha256
               (base32
-               "09ivk5m4y09ar4zi9r6db7gp234cy05h0ach7w22g9kqvkxsf5pn"))))
+               "14g4kpph8hgplkm954daxiymxx0vicfq7b7svvdsx54g5bqvv7a4"))))
    (build-system gnu-build-system)
    (outputs '("out"
               "bin")) ; 160K, only hb-view depend on cairo
@@ -185,7 +185,7 @@ affine transformation (scale, rotation, shear, etc.).")
 (define-public pango
   (package
    (name "pango")
-   (version "1.38.1")
+   (version "1.40.1")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/pango/"
@@ -193,7 +193,7 @@ affine transformation (scale, rotation, shear, etc.).")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "1dsf45m51i4rcyvh5wlxxrjfhvn5b67d5ckjc6vdcxbddjgmc80k"))))
+              "0h0sbh0b5kh3lvrxrb82bs86rqakf33a9jakpv33lay7f90zayp2"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("cairo" ,cairo)
@@ -339,7 +339,7 @@ printing and other features typical of a source code editor.")
 (define-public gtksourceview
  (package
    (name "gtksourceview")
-   (version "3.18.2")
+   (version "3.20.2")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
@@ -347,7 +347,7 @@ printing and other features typical of a source code editor.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "1cmplnqbyd1js5bkpi9cfc3gljilyxg5nngwh4i3mq9r02gmmxv0"))))
+               "03vxirdbjpgjrkl5ph0p9b1saq17xxr4kvhz1ijpg40a9jf3ci4y"))))
    (build-system gnu-build-system)
    (arguments
     '(#:phases
@@ -387,7 +387,7 @@ highlighting and other features typical of a source code editor.")
 (define-public gdk-pixbuf
   (package
    (name "gdk-pixbuf")
-   (version "2.32.3")
+   (version "2.34.0")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -395,7 +395,7 @@ highlighting and other features typical of a source code editor.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "0cfh87aqyqbfcwpbv1ihgmgfcn66il5q2n8yjyl8gxkjmkqp2rrb"))))
+              "0yc8indbl3hf18z6x6kjg59xp9sngm1d8vmz4c7bs6g27qw5npnm"))))
    (build-system gnu-build-system)
    (arguments
     '(#:configure-flags '("--with-x11")
@@ -415,9 +415,12 @@ highlighting and other features typical of a source code editor.")
              ;; (gdk-pixbuf-error-quark, 0)
              (("pixbuf-jpeg\\$\\(EXEEXT\\) ") ""))
            #t)))))
-   (propagated-inputs ; required by gdk-pixbuf-2.0.pc
-    `(("glib" ,glib)
-      ("libpng" ,libpng)))
+   (propagated-inputs
+    `(;; Required by gdk-pixbuf-2.0.pc
+      ("glib" ,glib)
+      ("libpng" ,libpng)
+      ;; Used for testing and required at runtime.
+      ("shared-mime-info" ,shared-mime-info)))
    (inputs
     `(("libjpeg" ,libjpeg)
       ("libtiff" ,libtiff)
@@ -465,7 +468,7 @@ in the GNOME project.")
 (define-public at-spi2-core
   (package
    (name "at-spi2-core")
-   (version "2.18.1")
+   (version "2.20.1")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -473,7 +476,7 @@ in the GNOME project.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "1kq17w4fm51d49vzmglkxqdm6s0yvjvrpgw78r2hajf69jz5bmap"))))
+              "0039y6bj1zfzhmfjbj5g830dlczphbpvbgmkcab9mapmh7kmin3f"))))
    (build-system gnu-build-system)
    (outputs '("out" "doc"))
    (arguments
@@ -510,7 +513,7 @@ is part of the GNOME accessibility project.")
 (define-public at-spi2-atk
   (package
    (name "at-spi2-atk")
-   (version "2.18.1")
+   (version "2.20.1")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -518,7 +521,7 @@ is part of the GNOME accessibility project.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "0bf1g5cj84rmx7p1q547vwbc0hlpcs2wrxnmv96lckfkhs9mzcf4"))))
+              "13mzfwra0izmkzn7dsdgy5zj19n8izp0wdy7w1yg9s0qx6aafn13"))))
    (build-system gnu-build-system)
    (arguments
     '(#:phases
@@ -545,7 +548,7 @@ is part of the GNOME accessibility project.")
 (define-public gtk+-2
   (package
    (name "gtk+")
-   (version "2.24.28")
+   (version "2.24.30")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -553,13 +556,14 @@ is part of the GNOME accessibility project.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "0mj6xn40py9r9lvzg633fal81xfwfm89d9mvz7jk4lmwk0g49imj"))
-            (patches (search-patches "gtk2-respect-GUIX_GTK2_PATH.patch"))))
+              "0l6aqk86aw5w132ygy6hv6nlxvd1h6xg7c85qbm60p6mnv1ww58d"))
+            (patches (search-patches "gtk2-respect-GUIX_GTK2_PATH.patch"
+                                     "gtk2-theme-paths.patch"))))
    (build-system gnu-build-system)
    (outputs '("out" "doc"))
    (propagated-inputs
     `(("atk" ,atk)
-      ("gdk-pixbuf" ,gdk-pixbuf)
+      ("gdk-pixbuf" ,gdk-pixbuf+svg)
       ("pango" ,pango)))
    (inputs
     `(("cups" ,cups)
@@ -606,7 +610,7 @@ application suites.")
 (define-public gtk+
   (package (inherit gtk+-2)
    (name "gtk+")
-   (version "3.18.2")
+   (version "3.20.3")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnome/sources/" name "/"
@@ -614,12 +618,12 @@ application suites.")
                                 name "-" version ".tar.xz"))
             (sha256
              (base32
-              "0lp1hn0qydxx03bianzzr0a4maqzsvylrkzr7c3p0050qihwbgjx"))
+              "157nh9gg0p2avw765hrnkvr8lsh2w811397yxgjv6q5j4fzz6d1q"))
             (patches (search-patches "gtk3-respect-GUIX_GTK3_PATH.patch"))))
    (propagated-inputs
     `(("at-spi2-atk" ,at-spi2-atk)
       ("atk" ,atk)
-      ("gdk-pixbuf" ,gdk-pixbuf)
+      ("gdk-pixbuf" ,gdk-pixbuf+svg)
       ("libepoxy" ,libepoxy)
       ("libxcursor" ,libxcursor)
       ("libxi" ,libxi)
@@ -627,8 +631,7 @@ application suites.")
       ("libxdamage" ,libxdamage)
       ("pango" ,pango)))
    (inputs
-    `(("librsvg" ,librsvg)                        ;for gtk-encode-symbolic-svg
-      ("libxml2" ,libxml2)
+    `(("libxml2" ,libxml2)
       ;; XXX: colord depends on mozjs (through polkit), which fails on
       ;;      on non-intel systems now.
       ;;("colord" ,colord)
@@ -663,18 +666,7 @@ application suites.")
            (("SUBDIRS = gdk gtk a11y css reftests")
             "SUBDIRS = gdk"))
          #t)
-       (alist-cons-after
-        'install 'wrap-gtk-encode-symbolic-svg
-        ;; By using GdkPixbuf, gtk-encode-symbolic-svg needs to know
-        ;; librsvg's loaders.cache to handle SVG files.
-        (lambda* (#:key inputs outputs #:allow-other-keys)
-          (let* ((out (assoc-ref outputs "out"))
-                 (prog (string-append out "/bin/gtk-encode-symbolic-svg"))
-                 (librsvg (assoc-ref inputs "librsvg"))
-                 (loaders.cache (find-files librsvg "^loaders\\.cache$")))
-            (wrap-program prog
-              `("GDK_PIXBUF_MODULE_FILE" = ,loaders.cache))))
-        %standard-phases))))
+       %standard-phases)))
    (native-search-paths
     (list (search-path-specification
            (variable "GUIX_GTK3_PATH")
@@ -864,7 +856,7 @@ library.")
 (define-public pangomm
   (package
     (name "pangomm")
-    (version "2.38.1")
+    (version "2.40.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
@@ -872,7 +864,7 @@ library.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "12xwjvqfxhqblcv7641k0l6r8n3qifnrx8w9571izn1nbd81iyzg"))))
+               "03fpqdjp7plybf4zsgszbm8yhgl28vmajzfpmaqcsmyfvjlszl3x"))))
     (build-system gnu-build-system)
     (native-inputs `(("pkg-config" ,pkg-config)))
     (propagated-inputs
@@ -913,7 +905,7 @@ toolkit.")
 (define-public gtkmm
   (package
     (name "gtkmm")
-    (version "3.18.0")
+    (version "3.20.1")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
@@ -921,16 +913,29 @@ toolkit.")
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
-               "0sxq700invkjpksn790gbnl8px8751kvgwn39663jx7dv89s37w2"))))
+               "04n631a127pyidaz82ypdy9syq1hzj636r32y9hyr9kcfnwf2785"))))
     (build-system gnu-build-system)
     (native-inputs `(("pkg-config" ,pkg-config)
-                     ("glib" ,glib "bin")))      ;for 'glib-compile-resources'
+                     ("glib" ,glib "bin")        ;for 'glib-compile-resources'
+                     ("xorg-server" ,xorg-server)))
     (propagated-inputs
      `(("pangomm" ,pangomm)
        ("cairomm" ,cairomm)
        ("atkmm" ,atkmm)
        ("gtk+" ,gtk+)
        ("glibmm" ,glibmm)))
+    (arguments
+     '(#:phases (modify-phases %standard-phases
+                  (add-before 'check 'run-xvfb
+                    (lambda* (#:key inputs #:allow-other-keys)
+                      (let ((xorg-server (assoc-ref inputs "xorg-server")))
+                        ;; Tests such as 'object_move/test' require a running
+                        ;; X server.
+                        (system (string-append xorg-server "/bin/Xvfb :1 &"))
+                        (setenv "DISPLAY" ":1")
+                        ;; Don't fail because of the missing /etc/machine-id.
+                        (setenv "DBUS_FATAL_WARNINGS" "0")
+                        #t))))))
     (home-page "http://gtkmm.org/")
     (synopsis
      "C++ interface to the GTK+ graphical user interface library")
diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm
index 7ca79272fb..3b7977a629 100644
--- a/gnu/packages/guile.scm
+++ b/gnu/packages/guile.scm
@@ -5,6 +5,7 @@
 ;;; Copyright © 2016 Alex Sassmannshausen <alex@pompo.co>
 ;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2016 Erik Edrosa <erik.edrosa@gmail.com>
+;;; Copyright © 2016 Eraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -363,14 +364,14 @@ many readers as needed).")
 (define-public guile-ncurses
   (package
     (name "guile-ncurses")
-    (version "1.6")
+    (version "1.7")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnu/guile-ncurses/guile-ncurses-"
                                  version ".tar.gz"))
              (sha256
               (base32
-               "0wmk681zzi1wxw543r2s2r84ndnzxp69kr7pc01aw4l55hg7jn73"))))
+               "153vv75gb7l62sp3666rc97i63rnaqbx2rjar7d9b5w81fhwv4r5"))))
     (build-system gnu-build-system)
     (inputs `(("ncurses" ,ncurses)
               ("guile" ,guile-2.0)))
@@ -379,21 +380,17 @@ many readers as needed).")
                                (string-append "--with-guilesitedir="
                                               (assoc-ref %outputs "out")
                                               "/share/guile/site/2.0"))
-
-       ;; Work around <http://bugs.gnu.org/21677>.
-       #:make-flags '("XFAIL_TESTS=curses_034_util.test")
-
-       #:phases (alist-cons-after
-                 'install 'post-install
-                 (lambda* (#:key outputs #:allow-other-keys)
-                   (let* ((out   (assoc-ref outputs "out"))
-                          (dir   (string-append out "/share/guile/site/"))
-                          (files (find-files dir ".scm")))
-                     (substitute* files
-                       (("\"libguile-ncurses\"")
-                        (format #f "\"~a/lib/libguile-ncurses\""
-                                out)))))
-                 %standard-phases)))
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'install 'post-install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out   (assoc-ref outputs "out"))
+                    (dir   (string-append out "/share/guile/site/"))
+                    (files (find-files dir ".scm")))
+               (substitute* files
+                 (("\"libguile-ncurses\"")
+                  (format #f "\"~a/lib/libguile-ncurses\""
+                          out)))))))))
     (home-page "http://www.gnu.org/software/guile-ncurses/")
     (synopsis "Guile bindings to ncurses")
     (description
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 669ad5b938..57c0be60e7 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -30,7 +30,7 @@
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages boost)
   #:use-module (gnu packages compression)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages fontutils)
   #:use-module (gnu packages ghostscript)
   #:use-module (gnu packages gl)
@@ -459,7 +459,7 @@ compose, and analyze GIF images.")
 (define-public imlib2
   (package
     (name "imlib2")
-    (version "1.4.8")
+    (version "1.4.9")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -467,8 +467,7 @@ compose, and analyze GIF images.")
                     version ".tar.bz2"))
               (sha256
                (base32
-                "0xxhgkd1axlcmf3kp1d7naiygparpg8l3sg3d263rhl2z0gm7aw9"))
-              (patches (search-patches "imlib2-CVE-2016-4024.patch"))))
+                "08809xxk2555yj6glixzw9a0x3x8cx55imd89kj3r0h152bn8a3x"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("pkgconfig" ,pkg-config)))
diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm
index 2bdc333d91..095f662376 100644
--- a/gnu/packages/imagemagick.scm
+++ b/gnu/packages/imagemagick.scm
@@ -40,15 +40,14 @@
 (define-public imagemagick
   (package
     (name "imagemagick")
-    (version "6.9.2-1")
+    (version "6.9.3-10")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://imagemagick/ImageMagick-"
                                  version ".tar.xz"))
              (sha256
               (base32
-               "159afhqrj22jlz745ccbgnkdiwvn8pjcc96jic0iv9ms7gqxwln5"))
-             (patches (search-patches "imagemagick-test-segv.patch"))))
+               "0sik2jl1cywnpr5xm28mjhs1l8kxry65f3v2kqzp0cczhwf04gz3"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags '("--with-frozenpaths")
diff --git a/gnu/packages/inkscape.scm b/gnu/packages/inkscape.scm
index b09e84ee08..16f83fc474 100644
--- a/gnu/packages/inkscape.scm
+++ b/gnu/packages/inkscape.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2014 John Darrington <jmd@gnu.org>
-;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2016 Mark H Weaver <mhw@netris.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -52,7 +52,10 @@
                                   version ".tar.gz"))
               (sha256
                (base32
-                "086v01jy896dj86bq7plrf6si4p6gh6ga2v5417llgmminycz8rc"))))
+                "086v01jy896dj86bq7plrf6si4p6gh6ga2v5417llgmminycz8rc"))
+              (patch-flags '("-p0"))
+              (patches
+               (search-patches "inkscape-drop-wait-for-targets.patch"))))
     (build-system gnu-build-system)
     (inputs
      `(("aspell" ,aspell)
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index c94f2e4b28..e715798691 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -859,3 +859,193 @@ build process and its dependencies, whereas Make uses Makefile format.")
 compression in pure Java.  Single-threaded streamed compression and
 decompression and random access decompression have been fully implemented.")
    (license license:public-domain)))
+
+;; java-hamcrest-core uses qdox version 1.12.  We package this version instead
+;; of the latest release.
+(define-public java-qdox-1.12
+  (package
+    (name "java-qdox")
+    (version "1.12.1")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://central.maven.org/maven2/"
+                                  "com/thoughtworks/qdox/qdox/" version
+                                  "/qdox-" version "-sources.jar"))
+              (sha256
+               (base32
+                "0hlfbqq2avf5s26wxkksqmkdyk6zp9ggqn37c468m96mjv0n9xfl"))))
+    (build-system ant-build-system)
+    (arguments
+     `(;; Tests require junit
+       #:tests? #f
+       #:jar-name "qdox.jar"
+       #:phases
+       (modify-phases %standard-phases
+         (replace 'unpack
+           (lambda* (#:key source #:allow-other-keys)
+             (mkdir "src")
+             (with-directory-excursion "src"
+               (zero? (system* "jar" "-xf" source)))))
+         ;; At this point we don't have junit, so we must remove the API
+         ;; tests.
+         (add-after 'unpack 'delete-tests
+           (lambda _
+             (delete-file-recursively "src/com/thoughtworks/qdox/junit")
+             #t)))))
+    (home-page "http://qdox.codehaus.org/")
+    (synopsis "Parse definitions from Java source files")
+    (description
+     "QDox is a high speed, small footprint parser for extracting
+class/interface/method definitions from source files complete with JavaDoc
+@code{@@tags}.  It is designed to be used by active code generators or
+documentation tools.")
+    (license license:asl2.0)))
+
+(define-public java-jarjar
+  (package
+    (name "java-jarjar")
+    (version "1.4")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://storage.googleapis.com/google-code-archive-downloads/v2/"
+                    "code.google.com/jarjar/jarjar-src-" version ".zip"))
+              (sha256
+               (base32
+                "1v8irhni9cndcw1l1wxqgry013s2kpj0qqn57lj2ji28xjq8ndjl"))))
+    (build-system ant-build-system)
+    (arguments
+     `(;; Tests require junit, which ultimately depends on this package.
+       #:tests? #f
+       #:build-target "jar"
+       #:phases
+       (modify-phases %standard-phases
+         (replace 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((target (string-append (assoc-ref outputs "out")
+                                          "/share/java")))
+               (install-file (string-append "dist/jarjar-" ,version ".jar")
+                             target))
+             #t)))))
+    (native-inputs
+     `(("unzip" ,unzip)))
+    (home-page "https://code.google.com/archive/p/jarjar/")
+    (synopsis "Repackage Java libraries")
+    (description
+     "Jar Jar Links is a utility that makes it easy to repackage Java
+libraries and embed them into your own distribution.  Jar Jar Links includes
+an Ant task that extends the built-in @code{jar} task.")
+    (license license:asl2.0)))
+
+(define-public java-hamcrest-core
+  (package
+    (name "java-hamcrest-core")
+    (version "1.3")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://hamcrest.googlecode.com/files/"
+                                  "hamcrest-" version ".tgz"))
+              (sha256
+               (base32
+                "1hi0jv0zrgsf4l25aizxrgvxpsrmdklsmvw0jzwz7zv9s108whn6"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  ;; Delete bundled jar archives.
+                  (for-each delete-file (find-files "." "\\.jar$"))
+                  #t))))
+    (build-system ant-build-system)
+    (arguments
+     `(#:tests? #f ; Tests require junit
+       #:make-flags (list (string-append "-Dversion=" ,version))
+       #:build-target "core"
+       #:phases
+       (modify-phases %standard-phases
+         ;; Disable unit tests, because they require junit, which requires
+         ;; hamcrest-core.  We also give a fixed value to the "Built-Date"
+         ;; attribute from the manifest for reproducibility.
+         (add-before 'configure 'patch-build.xml
+           (lambda _
+             (substitute* "build.xml"
+               (("unit-test, ") "")
+               (("\\$\\{build.timestamp\\}") "guix"))
+             #t))
+         ;; Java's "getMethods()" returns methods in an unpredictable order.
+         ;; To make the output of the generated code deterministic we must
+         ;; sort the array of methods.
+         (add-after 'unpack 'make-method-order-deterministic
+           (lambda _
+             (substitute* "hamcrest-generator/src/main/java/org/hamcrest/generator/ReflectiveFactoryReader.java"
+               (("import java\\.util\\.Iterator;" line)
+                (string-append line "\n"
+                               "import java.util.Arrays; import java.util.Comparator;"))
+               (("allMethods = cls\\.getMethods\\(\\);" line)
+                (string-append "_" line
+                               "
+private Method[] getSortedMethods() {
+  Arrays.sort(_allMethods, new Comparator<Method>() {
+    @Override
+    public int compare(Method a, Method b) {
+      return a.toString().compareTo(b.toString());
+    }
+  });
+  return _allMethods;
+}
+
+private Method[] allMethods = getSortedMethods();")))))
+         (add-before 'build 'do-not-use-bundled-qdox
+           (lambda* (#:key inputs #:allow-other-keys)
+             (substitute* "build.xml"
+               (("lib/generator/qdox-1.12.jar")
+                (string-append (assoc-ref inputs "java-qdox-1.12")
+                               "/share/java/qdox.jar")))
+             #t))
+         (replace 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (install-file (string-append "build/hamcrest-core-"
+                                          ,version ".jar")
+                           (string-append (assoc-ref outputs "out")
+                                          "/share/java")))))))
+    (native-inputs
+     `(("java-qdox-1.12" ,java-qdox-1.12)
+       ("java-jarjar" ,java-jarjar)))
+    (home-page "http://hamcrest.org/")
+    (synopsis "Library of matchers for building test expressions")
+    (description
+     "This package provides a library of matcher objects (also known as
+constraints or predicates) allowing @code{match} rules to be defined
+declaratively, to be used in other frameworks.  Typical scenarios include
+testing frameworks, mocking libraries and UI validation rules.")
+    (license license:bsd-2)))
+
+(define-public java-junit
+  (package
+    (name "java-junit")
+    (version "4.12")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://github.com/junit-team/junit/"
+                                  "archive/r" version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "090dn5v1vs0b3acyaqc0gjf6p8lmd2h24wfzsbq7sly6b214anws"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  ;; Delete bundled jar archives.
+                  (delete-file-recursively "lib")
+                  #t))))
+    (build-system ant-build-system)
+    (arguments
+     `(#:tests? #f ; no tests
+       #:jar-name "junit.jar"))
+    (inputs
+     `(("java-hamcrest-core" ,java-hamcrest-core)))
+    (home-page "http://junit.org/")
+    (synopsis "Test framework for Java")
+    (description
+     "JUnit is a simple framework to write repeatable tests for Java projects.
+JUnit provides assertions for testing expected results, test fixtures for
+sharing common test data, and test runners for running tests.")
+    (license license:epl1.0)))
diff --git a/gnu/packages/jemalloc.scm b/gnu/packages/jemalloc.scm
index 5b4c2e0853..52d43e8bd3 100644
--- a/gnu/packages/jemalloc.scm
+++ b/gnu/packages/jemalloc.scm
@@ -27,7 +27,7 @@
 (define-public jemalloc
   (package
     (name "jemalloc")
-    (version "3.6.0")
+    (version "4.1.0")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -35,14 +35,8 @@
                     name "-" version ".tar.bz2"))
               (sha256
                (base32
-                "1zl4vxxjvhg72bdl53sl0idz9wp18c6yzjdmqcnwm09wvmcj2v71"))))
+                "13pc6gcs5d6ws63jv83vslrb1vlqdnf1dg43awkb9bbj9xqnvl7s"))))
     (build-system gnu-build-system)
-    ;; XXX FIXME: Use gcc-4.8 on i686 to work around
-    ;; <http://bugs.gnu.org/20856>.
-    (native-inputs (if (and (not (%current-target-system))
-                            (string-prefix? "i686-" (%current-system)))
-                       `(("gcc" ,(canonical-package gcc-4.8)))
-                       '()))
     (home-page "http://www.canonware.com/jemalloc/")
     (synopsis "General-purpose scalable concurrent malloc implementation")
     (description
diff --git a/gnu/packages/key-mon.scm b/gnu/packages/key-mon.scm
index dbfee050a9..c76360ce08 100644
--- a/gnu/packages/key-mon.scm
+++ b/gnu/packages/key-mon.scm
@@ -41,25 +41,12 @@
     (build-system python-build-system)
     (arguments
      `(#:python ,python-2                    ;uses the Python 2 'print' syntax
-       #:phases (modify-phases %standard-phases
-                  (add-after 'install 'wrap
-                             (lambda* (#:key inputs outputs #:allow-other-keys)
-                               (let* ((out  (assoc-ref outputs "out"))
-                                      (bin  (string-append out "/bin"))
-                                      (rsvg (assoc-ref inputs "librsvg"))
-                                      (pixbuf (find-files
-                                               rsvg "^loaders\\.cache$")))
-                                 ;; Allow key-mon to load SVGs.
-                                 (wrap-program (string-append bin "/key-mon")
-                                   `("GDK_PIXBUF_MODULE_FILE" ":"
-                                     prefix ,pixbuf))))))
        #:tests? #f))                         ;no tests
     (native-inputs
      `(("python2-setuptools" ,python2-setuptools)))
     (inputs
      `(("python2-xlib" ,python2-xlib)
        ("python2-pygtk" ,python2-pygtk)
-       ("librsvg" ,librsvg)
        ("python2-rsvg" ,python2-rsvg)))
     (home-page "http://code.google.com/p/key-mon")
     (synopsis "Show keyboard and mouse status")
diff --git a/gnu/packages/kodi.scm b/gnu/packages/kodi.scm
index 0c30aa1977..0d5e0a3428 100644
--- a/gnu/packages/kodi.scm
+++ b/gnu/packages/kodi.scm
@@ -34,7 +34,7 @@
   #:use-module (gnu packages compression)
   #:use-module (gnu packages curl)
   #:use-module (gnu packages databases)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages fontutils)
   #:use-module (gnu packages fribidi)
   #:use-module (gnu packages gettext)
diff --git a/gnu/packages/libreoffice.scm b/gnu/packages/libreoffice.scm
index 5256c49035..60a6d7df73 100644
--- a/gnu/packages/libreoffice.scm
+++ b/gnu/packages/libreoffice.scm
@@ -37,7 +37,7 @@
   #:use-module (gnu packages curl)
   #:use-module (gnu packages cyrus-sasl)
   #:use-module (gnu packages databases)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages fontutils)
   #:use-module (gnu packages ghostscript)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 7a4f496a3e..ba261f8df8 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -11,6 +11,7 @@
 ;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
 ;;; Copyright © 2016 Raymond Nicholson <rain1@openmailbox.org>
 ;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org>
+;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -59,10 +60,11 @@
   #:use-module (gnu packages elf)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages docbook)
-  #:use-module (gnu packages asciidoc)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages readline)
   #:use-module (gnu packages calendar)
   #:use-module (gnu packages tls)
+  #:use-module (gnu packages freedesktop)
   #:use-module (guix packages)
   #:use-module (guix download)
   #:use-module (guix utils)
@@ -222,7 +224,7 @@ for SYSTEM and optionally VARIANT, or #f if there is no such configuration."
     (search-path %load-path file)))
 
 (define-public linux-libre
-  (let* ((version "4.5.2")
+  (let* ((version "4.5.4")
          (build-phase
           '(lambda* (#:key system inputs #:allow-other-keys #:rest args)
              ;; Avoid introducing timestamps
@@ -300,7 +302,7 @@ for SYSTEM and optionally VARIANT, or #f if there is no such configuration."
              (uri (linux-libre-urls version))
              (sha256
               (base32
-               "0mw8n5pms33k3m3aamlryahrcbhfnqbzvkglgw3j4dhaja3hwr7n"))))
+               "0c587v03kz5whh82apva6gwqvczdi6djy29gk0gfd9dbkb2518b1"))))
     (build-system gnu-build-system)
     (supported-systems '("x86_64-linux" "i686-linux"))
     (native-inputs `(("perl" ,perl)
@@ -337,13 +339,13 @@ It has been modified to remove all non-free binary blobs.")
 (define-public linux-libre-4.4
   (package
     (inherit linux-libre)
-    (version "4.4.8")
+    (version "4.4.10")
     (source (origin
               (method url-fetch)
               (uri (linux-libre-urls version))
               (sha256
                (base32
-                "0zyhdy01gjglgmlrmpqa1sdnm0z91mzwspbksj6zvcamczb8ml53"))))
+                "1k7h632vgh3wlz44qqawy238f4mzn19bm9sz9zqq0ql6wwhkjdkj"))))
     (native-inputs
      (let ((conf (kernel-config (or (%current-target-system)
                                     (%current-system))
@@ -354,13 +356,13 @@ It has been modified to remove all non-free binary blobs.")
 (define-public linux-libre-4.1
   (package
     (inherit linux-libre)
-    (version "4.1.22")
+    (version "4.1.24")
     (source (origin
               (method url-fetch)
               (uri (linux-libre-urls version))
               (sha256
                (base32
-                "0bn6qba7q4i3yn3zx2p56gawnb2gczrf4vyrjggirj4d60gvng7y"))))
+                "14jlnq0k86bl4wj8shmvgf34w90bbm9in44j1pdjwwvn169zh9ra"))))
     (native-inputs
      (let ((conf (kernel-config (or (%current-target-system)
                                     (%current-system))
@@ -1217,11 +1219,31 @@ devices.  It replaces 'iwconfig', which is deprecated.")
         (base32
          "0nlwazxbnn0k6q5f5b09wdhw0f194lpzkp3l7vxansqhfczmcyx8"))))
     (build-system gnu-build-system)
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         ;; TODO: Patch some hardcoded "wlan0" in calibrate/calibrate.cpp to
+         ;; allow calibrating the network interface in GuixSD.
+         (add-after 'unpack 'patch-absolute-file-names
+           (lambda* (#:key inputs #:allow-other-keys)
+             (let ((kmod (assoc-ref inputs "kmod")))
+               (substitute* (find-files "src" "\\.cpp$")
+                 ;; Give the right 'modprobe' file name so that essential
+                 ;; modules such as msr.ko can be loaded.
+                 (("/sbin/modprobe") (string-append kmod "/bin/modprobe"))
+                 ;; These programs are only needed to calibrate, so using
+                 ;; relative file names avoids adding extra inputs.  When they
+                 ;; are missing powertop gracefully handles it.
+                 (("/usr/bin/hcitool") "hcitool")
+                 (("/usr/bin/xset") "xset")
+                 (("/usr/sbin/hciconfig") "hciconfig"))
+               #t))))))
     (inputs
-     `(("zlib" ,zlib)
-       ("pciutils" ,pciutils)
+     `(("kmod" ,kmod)
+       ("libnl" ,libnl)
        ("ncurses" ,ncurses)
-       ("libnl" ,libnl)))
+       ("pciutils" ,pciutils)
+       ("zlib" ,zlib)))
     (native-inputs
      `(("pkg-config" ,pkg-config)))
     (home-page "https://01.org/powertop/")
@@ -2599,3 +2621,58 @@ where they are less likely to cause damage to the spinning disc.  Requires a
 drive that supports the ATA/ATAPI-7 IDLE IMMEDIATE command with unload
 feature, and a laptop with an accelerometer.  It has no effect on SSDs.")
     (license license:gpl2)))
+
+(define-public thinkfan
+  (package
+    (name "thinkfan")
+    (version "0.9.3")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://sourceforge/thinkfan/"
+                                  version "/thinkfan-" version ".tar.gz"))
+              (sha256
+               (base32
+                "0nz4c48f0i0dljpk5y33c188dnnwg8gz82s4grfl8l64jr4n675n"))
+              (modules '((guix build utils)))
+              ;; Fix erroneous man page location in Makefile leading to
+              ;; a compilation failure.
+              (snippet
+               '(substitute* "CMakeLists.txt"
+                  (("thinkfan\\.1") "src/thinkfan.1")))))
+    (build-system cmake-build-system)
+    (arguments
+     `(#:modules ((guix build cmake-build-system)
+                  (guix build utils)
+                  (srfi srfi-26))
+       #:tests? #f                      ;no test target
+       #:configure-flags
+       ;; Enable reading temperatures from hard disks via S.M.A.R.T.
+       `("-DUSE_ATASMART:BOOL=ON")
+       #:phases
+       (modify-phases %standard-phases
+         ;; Install scripts for various foreign init systems. Also fix
+         ;; hard-coded path for daemon.
+         (add-after 'install 'install-rc-scripts
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((out (assoc-ref outputs "out"))
+                   (files (find-files
+                           (string-append "../thinkfan-" ,version "/rcscripts")
+                           ".*")))
+               (substitute* files
+                 (("/usr/sbin/(\\$NAME|thinkfan)" _ name)
+                  (string-append out "/sbin/" name)))
+               (for-each (cute install-file <>
+                               (string-append out "/share/thinkfan"))
+                         files))
+             #t)))))
+    (inputs
+     `(("libatasmart" ,libatasmart)))
+    (home-page "http://thinkfan.sourceforge.net/")
+    (synopsis "Simple fan control program")
+    (description
+     "Thinkfan is a simple fan control program.  It reads temperatures,
+checks them against configured limits and switches to appropriate (also
+pre-configured) fan level.  It requires a working @code{thinkpad_acpi} or any
+other @code{hwmon} driver that enables temperature reading and fan control
+from userspace.")
+    (license license:gpl3+)))
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index 56e85712db..b127419d7b 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2014 Julien Lepiller <julien@lepiller.eu>
 ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
-;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
@@ -177,14 +177,14 @@ aliasing facilities to work just as they would on normal mail.")
 (define-public mutt
   (package
     (name "mutt")
-    (version "1.6.0")
+    (version "1.6.1")
     (source (origin
              (method url-fetch)
              (uri (string-append "ftp://ftp.mutt.org/pub/mutt/mutt-"
                                  version ".tar.gz"))
              (sha256
               (base32
-               "06bc2drbgalkk68rzg7hq2v5m5qgjxff5357wg0419dpi8ivdbr9"))
+               "087dz1y9qhl4ikhsnnb4xmyvs82w6kx480w8zj130wdiqvn6rclq"))
              (patches (search-patches "mutt-store-references.patch"))))
     (build-system gnu-build-system)
     (inputs
@@ -605,10 +605,18 @@ MailCore 2.")
               ("libsm" ,libsm)
               ("libxml2" ,libxml2)
               ("perl" ,perl)
-              ("python-2" ,python-2)))
+              ("python-2" ,python-2)
+              ("mime-info" ,shared-mime-info)))
     (arguments
       '(#:configure-flags
-        '("--enable-gnutls" "--enable-pgpmime-plugin" "--enable-enchant")))
+        '("--enable-gnutls" "--enable-pgpmime-plugin" "--enable-enchant")
+        #:phases (modify-phases %standard-phases
+                   (add-before 'build 'patch-mime
+                     (lambda* (#:key inputs #:allow-other-keys)
+                       (substitute* "src/procmime.c"
+                         (("/usr/share/mime/globs")
+                          (string-append (assoc-ref inputs "mime-info")
+                                         "/share/mime/globs"))))))))
     (synopsis "GTK-based Email client")
     (description
      "Claws-Mail is an email client (and news reader) based on GTK+.  The
@@ -622,14 +630,14 @@ which can add many functionalities to the base client.")
 (define-public msmtp
   (package
     (name "msmtp")
-    (version "1.6.3")
+    (version "1.6.4")
     (source
      (origin
        (method url-fetch)
        (uri (string-append
              "mirror://sourceforge/msmtp/msmtp-" version ".tar.xz"))
        (sha256 (base32
-                "0mbkflxv2swjz4185inis83v6pxcblpmapwjhgpc6wh7kh3bx0pr"))))
+                "1kfihblm769s4hv8iah5mqynqd6hfwlyz5rcg2v423a4llic0jcv"))))
     (build-system gnu-build-system)
     (inputs
      `(("libidn" ,libidn)
@@ -667,7 +675,7 @@ delivery.")
 (define-public exim
   (package
     (name "exim")
-    (version "4.86.2")
+    (version "4.87")
     (source
      (origin
        (method url-fetch)
@@ -677,7 +685,7 @@ delivery.")
                                  version ".tar.bz2")))
        (sha256
         (base32
-         "1cvfcc1hi60lydv8h3a2rxlfc0v2nflwpvzjj7h7cdsqs2pxwmkp"))))
+         "1jbxn13shq90kpn0s73qpjnx5xm8jrpwhcwwgqw5s6sdzw6iwsbl"))))
     (build-system gnu-build-system)
     (inputs
      `(("bdb" ,bdb)
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index d37897da20..10b1e9be45 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -46,6 +46,7 @@
   #:use-module (gnu packages cmake)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages curl)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages elf)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages fltk)
@@ -54,16 +55,19 @@
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages gd)
   #:use-module (gnu packages ghostscript)
+  #:use-module (gnu packages graphviz)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages image)
   #:use-module (gnu packages less)
   #:use-module (gnu packages lisp)
   #:use-module (gnu packages gnome)
+  #:use-module (gnu packages guile)
   #:use-module (gnu packages xorg)
   #:use-module (gnu packages gl)
   #:use-module (gnu packages m4)
   #:use-module (gnu packages mpi)
   #:use-module (gnu packages multiprecision)
+  #:use-module (gnu packages netpbm)
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages popt)
   #:use-module (gnu packages perl)
@@ -403,7 +407,7 @@ plotting engine by third-party applications like Octave.")
 (define-public hdf5
   (package
     (name "hdf5")
-    (version "1.8.12")
+    (version "1.8.17")
     (source
      (origin
       (method url-fetch)
@@ -411,18 +415,27 @@ plotting engine by third-party applications like Octave.")
                           version "/src/hdf5-"
                           version ".tar.bz2"))
       (sha256
-       (base32 "0f9n0v3p3lwc7564791a39c6cn1d3dbrn7d1j3ikqsi27a8hy23d"))))
+       (base32 "0sj8x0gfs5fb28gipnynb9wpkz113h8wq9sva9mxx66kv27xsdgw"))
+      (patches (list (search-patch "hdf5-config-date.patch")))))
     (build-system gnu-build-system)
     (inputs
      `(("zlib" ,zlib)))
     (arguments
      `(#:phases
-        (alist-cons-before
-         'configure 'patch-configure
-         (lambda _
-           (substitute* "configure"
-             (("/bin/mv") "mv")))
-         %standard-phases)))
+       (modify-phases %standard-phases
+         (add-before 'configure 'patch-configure
+           (lambda _
+             (substitute* "configure"
+               (("/bin/mv") "mv"))
+             #t))
+         (add-after 'install 'patch-references
+           (lambda* (#:key inputs outputs #:allow-other-keys)
+             (let ((bin (string-append (assoc-ref outputs "out") "/bin"))
+                   (zlib (assoc-ref inputs "zlib")))
+               (substitute* (find-files bin "h5p?cc")
+                 (("-lz" lib)
+                  (string-append "-L" zlib "/lib " lib)))
+               #t))))))
     (home-page "http://www.hdfgroup.org")
     (synopsis "Management suite for extremely large and complex data")
     (description "HDF5 is a suite that makes possible the management of
@@ -430,6 +443,140 @@ extremely large and complex data collections.")
     (license (license:x11-style
               "http://www.hdfgroup.org/ftp/HDF5/current/src/unpacked/COPYING"))))
 
+(define-public hdf5-parallel-openmpi
+  (package (inherit hdf5)
+    (name "hdf5-parallel-openmpi")
+    (inputs
+     `(("mpi" ,openmpi)
+       ,@(package-inputs hdf5)))
+    (arguments
+     (substitute-keyword-arguments `(#:configure-flags '("--enable-parallel")
+                                     ,@(package-arguments hdf5))
+       ((#:phases phases)
+        `(modify-phases ,phases
+           (add-before 'check 'patch-tests
+             (lambda _
+               ;; OpenMPI's mpirun will exit with non-zero status if it
+               ;; detects an "abnormal termination", i.e. any process not
+               ;; calling MPI_Finalize().  Since the test is explicitely
+               ;; avoiding MPI_Finalize so as not to have at_exit and thus
+               ;; H5C_flush_cache from being called, mpirun will always
+               ;; complain, so turn this test off.
+               (substitute* "testpar/Makefile"
+                 (("(^TEST_PROG_PARA.*)t_pflush1(.*)" front back)
+                  (string-append front back "\n")))
+               (substitute* "tools/h5diff/testph5diff.sh"
+                 (("/bin/sh") (which "sh")))
+               #t))))))
+    (synopsis "Management suite for data with parallel IO support")))
+
+(define-public h5check
+  (package
+    (name "h5check")
+    (version "2.0.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "http://www.hdfgroup.org/ftp/HDF5/tools/"
+                           "h5check/src/h5check-" version ".tar.gz"))
+       (sha256
+        (base32
+         "1gm76jbwhz9adbxgn14zx8cj33dmjdr2g5xcy0m9c2gakp8w59kj"))))
+    (build-system gnu-build-system)
+    (inputs `(("hdf5" ,hdf5)))                 ;h5cc for tests
+    (home-page "https://www.hdfgroup.org/products/hdf5_tools/h5check.html")
+    (synopsis "HDF5 format checker")
+    (description "@code{h5check} is a validation tool for verifying that an
+HDF5 file is encoded according to the HDF File Format Specification.")
+    (license (license:x11-style "file://COPYING"))))
+
+(define-public netcdf
+  (package
+    (name "netcdf")
+    (version "4.4.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "ftp://ftp.unidata.ucar.edu/pub/netcdf/"
+                           "netcdf-" version ".tar.gz"))
+       (sha256
+        (base32
+         "0y6gdcplarwqqnrav2xg1xd6ih732rzzbmdw78v3rl5b8mwcnh0d"))
+       (patches (list (search-patch "netcdf-config-date.patch")))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("m4" ,m4)
+       ("doxygen" ,doxygen)
+       ("graphviz" ,graphviz)))
+    (inputs
+     `(("hdf5" ,hdf5)
+       ("zlib" ,zlib)))
+    (arguments
+     `(#:configure-flags '("--enable-doxygen" "--enable-dot")
+       #:parallel-tests? #f))           ;various race conditions
+    (home-page "http://www.unidata.ucar.edu/software/netcdf/")
+    (synopsis "Library for scientific data")
+    (description "NetCDF is an interface for scientific data access and a
+software library that provides an implementation of the interface.  The netCDF
+library defines a machine-independent format for representing scientific data.
+Together, the interface, library, and format support the creation, access, and
+sharing of scientific data.")
+    (license (license:x11-style "file://COPYRIGHT"))))
+
+(define-public netcdf-parallel-openmpi
+  (package (inherit netcdf)
+    (name "netcdf-parallel-openmpi")
+    (inputs
+     `(("mpi" ,openmpi)
+       ,@(alist-replace "hdf5" (list hdf5-parallel-openmpi)
+                        (package-inputs netcdf))))
+    ;; TODO: Replace pkg-config references in nc-config with absolute references
+    (arguments
+     (substitute-keyword-arguments (package-arguments netcdf)
+       ((#:configure-flags flags)
+        `(cons* "CC=mpicc" "CXX=mpicxx"
+                "--enable-parallel-tests"
+                ;; Shared libraries not supported with parallel IO.
+                "--disable-shared" "--with-pic"
+                ,flags))))))
+
+(define-public nlopt
+  (package
+    (name "nlopt")
+    (version "2.4.2")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://ab-initio.mit.edu/nlopt/nlopt-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32 "12cfkkhcdf4zmb6h7y6qvvdvqjs2xf9sjpa3rl3bq76px4yn76c0"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(;; Shared libraries are not built by default.  They are required to
+       ;; build the Guile, Octave, and Python bindings.
+       #:configure-flags '("--enable-shared")
+
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'set-libnlopt-file-name
+           (lambda* (#:key outputs #:allow-other-keys)
+             ;; Make sure the Scheme module refers to the library by its
+             ;; absolute file name (we cannot do that from a snippet
+             ;; because the expansion of @libdir@ contains
+             ;; ${exec_prefix}.)
+             (let ((out (assoc-ref outputs "out")))
+               (substitute* "swig/nlopt.scm.in"
+                 (("libnlopt")
+                  (string-append out "/lib/libnlopt")))
+               #t))))))
+    (inputs `(("guile" ,guile-2.0)))
+    (native-inputs `(("pkg-config" ,pkg-config)))
+    (home-page "http://ab-initio.mit.edu/wiki/")
+    (synopsis "Library for nonlinear optimization")
+    (description "NLopt is a library for nonlinear optimization, providing a
+common interface for a number of different free optimization routines available
+online as well as original implementations of various other algorithms.")
+    (license license:lgpl2.1+)))
 
 ;; For a fully featured Octave, users  are strongly recommended also to install
 ;; the following packages: texinfo, less, ghostscript, gnuplot.
@@ -2119,3 +2266,138 @@ are built.  It can generate many different fractal types such as the Mandelbrot
 set.")
     (home-page "http://www.gnu.org/software/xaos/")
     (license license:gpl2+)))
+
+(define-public hypre
+  (package
+    (name "hypre")
+    (version "2.11.0")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://github.com/LLNL/hypre/archive/"
+                                  "v" version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "0q69ia0jivzcr8p049dn3mg8yjpn6nwq4sw9iqac8vr63vi54l6m"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  ;; Remove use of __DATE__ and __TIME__ for reproducibility;
+                  ;; substitute the tarball creation time.
+                  (substitute* "src/utilities/HYPRE_utilities.h"
+                    (("Date Compiled: .*$")
+                     "Date Compiled: Mar 28 2016 20:19:59 +0000\"\n"))
+                  #t))))
+    (build-system gnu-build-system)
+    (outputs '("out"                    ;6.1 MiB of headers and libraries
+               "doc"))                  ;4.8 MiB of documentation
+    (native-inputs
+     `(("doc++" ,doc++)
+       ("netpbm" ,netpbm)
+       ("texlive" ,texlive)             ;full package required for fonts
+       ("ghostscript" ,ghostscript)))
+    (inputs
+     `(("blas" ,openblas)
+       ("lapack" ,lapack)))
+    (arguments
+     `(#:modules ((srfi srfi-1)
+                  ,@%gnu-build-system-modules)
+       #:configure-flags '("--enable-shared"
+                           "--disable-fortran"
+                           "--without-MPI"
+                           "--with-openmp"
+                           "--with-fei"
+                           "--with-lapack"
+                           "--with-blas")
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'chdir-src
+           (lambda _ (chdir "src")))
+         (replace 'configure
+           (lambda* (#:key build target configure-flags
+                           #:allow-other-keys #:rest args)
+             (let* ((configure (assoc-ref %standard-phases 'configure)))
+               (apply configure
+                      (append args
+                              (list #:configure-flags
+                                    (cons (string-append
+                                           "--host=" (or target build))
+                                          configure-flags)))))))
+         (add-after 'build 'build-docs
+           (lambda _
+             (zero? (system* "make" "-Cdocs" "pdf" "html"))))
+         (replace 'check
+           (lambda _
+             (setenv "LD_LIBRARY_PATH" (string-append (getcwd) "/hypre/lib"))
+             (setenv "PATH" (string-append "." ":" (getenv "PATH")))
+             (and (system* "make" "check" "CHECKRUN=")
+                  (fold (lambda (filename result)
+                          (and result
+                               (let ((size (stat:size (stat filename))))
+                                 (when (not (zero? size))
+                                   (format #t "~a size ~d; error indication~%"
+                                           filename size))
+                                 (zero? size))))
+                        #t
+                        (find-files "test" ".*\\.err$")))))
+         (add-after 'install 'install-docs
+           (lambda* (#:key outputs #:allow-other-keys)
+             ;; Custom install because docs/Makefile doesn't honor ${docdir}.
+             (let* ((doc (assoc-ref outputs "doc"))
+                    (docdir (string-append doc "/share/doc/hypre-" ,version)))
+               (mkdir-p docdir)
+               (with-directory-excursion "docs"
+                 (for-each (lambda (base)
+                             (install-file (string-append base ".pdf") docdir)
+                             (copy-recursively base docdir)) ;html docs
+                           '("HYPRE_usr_manual"
+                             "HYPRE_ref_manual")))
+               #t))))))
+    (home-page "http://www.llnl.gov/casc/hypre/")
+    (synopsis "Library of solvers and preconditioners for linear equations")
+    (description
+     "HYPRE is a software library of high performance preconditioners and
+solvers for the solution of large, sparse linear systems of equations.  It
+features multigrid solvers for both structured and unstructured grid
+problems.")
+    (license license:lgpl2.1)))
+
+(define-public hypre-openmpi
+  (package (inherit hypre)
+    (name "hypre-openmpi")
+    (inputs
+     `(("mpi" ,openmpi)
+       ,@(package-inputs hypre)))
+    (arguments
+     (substitute-keyword-arguments (package-arguments hypre)
+       ((#:configure-flags flags)
+        ``("--with-MPI"
+           ,@(delete "--without-MPI" ,flags)))))
+    (synopsis "Parallel solvers and preconditioners for linear equations")
+    (description
+     "HYPRE is a software library of high performance preconditioners and
+solvers for the solution of large, sparse linear systems of equations on
+parallel computers.  It features parallel multigrid solvers for both
+structured and unstructured grid problems.")))
+
+(define-public matio
+  (package
+    (name "matio")
+    (version "1.5.6")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "mirror://sourceforge/matio/" version "/"
+                           "matio-" version ".tar.gz"))
+       (sha256
+        (base32
+         "0y2qymgxank8wdiwc68ap8bxdzrhvyw86i29yh3xgn4z1njfd9ir"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("zlib" ,zlib)
+       ("hdf5" ,hdf5)))
+    (home-page "http://matio.sourceforge.net/")
+    (synopsis "Library for reading and writing MAT files")
+    (description "Matio is a library for reading and writing MAT files.  It
+supports compressed MAT files, as well as newer (version 7.3) MAT files.")
+    (license license:bsd-2)))
diff --git a/gnu/packages/messaging.scm b/gnu/packages/messaging.scm
index fbe84f58b2..3ac3888da4 100644
--- a/gnu/packages/messaging.scm
+++ b/gnu/packages/messaging.scm
@@ -37,7 +37,7 @@
   #:use-module (gnu packages check)
   #:use-module (gnu packages cyrus-sasl)
   #:use-module (gnu packages databases)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages enchant)
   #:use-module (gnu packages gnome)
   #:use-module (gnu packages gtk)
@@ -91,16 +91,37 @@ keys, no previous conversation is compromised.")
     (home-page "https://otr.cypherpunks.ca/")
     (license (list lgpl2.1 gpl2))))
 
+;; These patches together fix https://github.com/bitlbee/bitlbee/pull/55, are
+;; already upstream, and should be unnecessary when the next bitlbee comes
+;; out.
+(define %bitlbee-buddy-nick-change-patch
+  (origin
+    (method url-fetch)
+    (uri "https://github.com/bitlbee/bitlbee/commit/a42fda42.patch")
+    (sha256
+     (base32
+      "1mzjhcdn0rxir5mzgqz9kv142ai38p1iq2lajqx89wb7x0bp51zx"))))
+(define %bitlbee-always-use-nicks-patch
+  (origin
+    (method url-fetch)
+    (uri "https://github.com/bitlbee/bitlbee/commit/3320d6d9.patch")
+    (sha256
+     (base32
+      "14d9kb5zdzh5hzakdvrbviz83rix0j2lq9rzb58b2fn92fp8yixd"))))
+
 (define-public bitlbee
   (package
     (name "bitlbee")
-    (version "3.4.1")
+    (version "3.4.2")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://get.bitlbee.org/src/bitlbee-"
                                   version ".tar.gz"))
               (sha256
-               (base32 "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh"))))
+               (base32 "0mza8lnfwibmklz8hdzg4f7p83hblf4h6fbf7d732kzpvra5bj39"))
+              (patches
+               (list %bitlbee-buddy-nick-change-patch
+                     %bitlbee-always-use-nicks-patch))))
     (build-system gnu-build-system)
     (native-inputs `(("pkg-config" ,pkg-config)
                      ("check" ,check)))
diff --git a/gnu/packages/mpd.scm b/gnu/packages/mpd.scm
index 4860325b56..3162cf18b8 100644
--- a/gnu/packages/mpd.scm
+++ b/gnu/packages/mpd.scm
@@ -35,7 +35,7 @@
   #:use-module (gnu packages readline)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages curl)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages mp3)
diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm
index 95f52c5dd6..39e261df8c 100644
--- a/gnu/packages/music.scm
+++ b/gnu/packages/music.scm
@@ -45,8 +45,10 @@
   #:use-module (gnu packages check)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages curl)
+  #:use-module (gnu packages cyrus-sasl)
   #:use-module (gnu packages docbook)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
+  #:use-module (gnu packages file)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages fltk)
   #:use-module (gnu packages fonts)
@@ -84,6 +86,7 @@
   #:use-module (gnu packages tcl)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages texlive)
+  #:use-module (gnu packages tls)
   #:use-module (gnu packages video)
   #:use-module (gnu packages web)
   #:use-module (gnu packages wxwidgets)
@@ -548,15 +551,11 @@ for path in [path for path in sys.path if 'site-packages' in path]: site.addsite
            (alist-cons-after
             'install 'wrap-program
             (lambda* (#:key inputs outputs #:allow-other-keys)
-              ;; Make sure 'solfege' runs with the correct PYTHONPATH.  We
-              ;; also need to modify GDK_PIXBUF_MODULE_FILE for SVG support.
+              ;; Make sure 'solfege' runs with the correct PYTHONPATH.
               (let* ((out (assoc-ref outputs "out"))
-                     (path (getenv "PYTHONPATH"))
-                     (rsvg (assoc-ref inputs "librsvg"))
-                     (pixbuf (find-files rsvg "^loaders\\.cache$")))
+                     (path (getenv "PYTHONPATH")))
                 (wrap-program (string-append out "/bin/solfege")
-                  `("PYTHONPATH" ":" prefix (,path))
-                  `("GDK_PIXBUF_MODULE_FILE" ":" prefix ,pixbuf))))
+                  `("PYTHONPATH" ":" prefix (,path)))))
             %standard-phases)))))))
     (inputs
      `(("python" ,python-2)
@@ -564,8 +563,6 @@ for path in [path for path in sys.path if 'site-packages' in path]: site.addsite
        ("gettext" ,gnu-gettext)
        ("gtk" ,gtk+)
        ("lilypond" ,lilypond)
-       ("librsvg" ,librsvg) ; needed at runtime for icons
-       ("libpng" ,libpng) ; needed at runtime for icons
        ;; players needed at runtime
        ("aplay" ,alsa-utils)
        ("csound" ,csound) ; optional, needed for some exercises
@@ -831,6 +828,13 @@ mixing, FFT scopes, MIDI automation and full scriptability in Scheme.")
                             (string-prefix? "i686" system)))
                (substitute* "bristol/Makefile.in"
                  (("-msse -mfpmath=sse") "")))
+             #t))
+         ;; We know that Bristol has been linked with JACK and we don't have
+         ;; ldd, so we can just skip this check.
+         (add-after 'unpack 'do-not-grep-for-jack
+           (lambda _
+             (substitute* "bin/startBristol.in"
+               (("ldd `which bristol` | grep jack") "echo guix"))
              #t)))))
     (inputs
      `(("alsa-lib" ,alsa-lib)
@@ -958,6 +962,70 @@ programming methods as well as for realizing complex systems for large-scale
 projects.")
     (license license:bsd-3)))
 
+(define-public portmidi
+  (package
+    (name "portmidi")
+    (version "217")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://sourceforge/portmedia/portmidi/"
+                                  version "/portmidi-src-" version ".zip"))
+              (sha256
+               (base32
+                "03rfsk7z6rdahq2ihy5k13qjzgx757f75yqka88v3gc0pn9ais88"))
+              (patches (list (search-patch "portmidi-modular-build.patch")))))
+    (build-system cmake-build-system)
+    (arguments
+     `(#:tests? #f ; tests cannot be linked
+       #:configure-flags
+       (list "-DPORTMIDI_ENABLE_JAVA=Off"
+             "-DCMAKE_BUILD_TYPE=Release"    ; needed to have PMALSA set
+             "-DPORTMIDI_ENABLE_TEST=Off"))) ; tests fail linking
+    (inputs
+     `(("alsa-lib" ,alsa-lib)))
+    (native-inputs
+     `(("unzip" ,unzip)))
+    (home-page "http://portmedia.sourceforge.net/portmidi/")
+    (synopsis "Library for MIDI I/O")
+    (description
+     "PortMidi is a library supporting real-time input and output of MIDI data
+using a system-independent interface.")
+    (license license:expat)))
+
+(define-public python-pyportmidi
+  (package
+    (name "python-pyportmidi")
+    (version (package-version portmidi))
+    (source (package-source portmidi))
+    (build-system python-build-system)
+    (arguments
+     `(#:tests? #f ; no tests included
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'enter-dir
+           (lambda _ (chdir "pm_python") #t))
+         (add-after 'enter-dir 'fix-setup.py
+           (lambda _
+             (substitute* "setup.py"
+               ;; Use Python 3 syntax
+               (("print (\".*\")" _ text)
+                (string-append "print(" text ")\n"))
+               ;; TODO.txt and CHANGES.txt don't exist
+               (("CHANGES =.*") "CHANGES = \"\"\n")
+               (("TODO =.*") "TODO = \"\"\n"))
+             #t)))))
+    (inputs
+     `(("portmidi" ,portmidi)
+       ("alsa-lib" ,alsa-lib)
+       ("python-cython" ,python-cython)))
+    (native-inputs
+     `(("unzip" ,unzip)))
+    (home-page "http://portmedia.sourceforge.net/portmidi/")
+    (synopsis "Python bindings to PortMidi")
+    (description
+     "This package provides Python bindings to the PortMidi library.")
+    (license license:expat)))
+
 (define-public frescobaldi
   (package
     (name "frescobaldi")
@@ -973,8 +1041,10 @@ projects.")
     (build-system python-build-system)
     (inputs
      `(("lilypond" ,lilypond)
+       ("portmidi" ,portmidi)
        ("python-pyqt-4" ,python-pyqt-4)
        ("python-ly" ,python-ly)
+       ("python-pyportmidi" ,python-pyportmidi)
        ("poppler" ,poppler)
        ("python-poppler-qt4" ,python-poppler-qt4)
        ("python-sip" ,python-sip)))
@@ -1474,3 +1544,44 @@ for improved Amiga ProTracker 2/3 compatibility.")
     (home-page "http://milkytracker.org/")
     ;; 'src/milkyplay' is under Modified BSD, the rest is under GPL3 or later.
     (license (list license:bsd-3 license:gpl3+))))
+
+(define-public moc
+  (package
+    (name "moc")
+    (version "2.5.1")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://ftp.daper.net/pub/soft/"
+                                  name "/stable/"
+                                  name "-" version ".tar.bz2"))
+              (sha256
+               (base32
+                "1wn4za08z64bhsgfhr9c0crfyvy8c3b6a337wx7gz19am5srqh8v"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("alsa-lib" ,alsa-lib)
+       ("curl" ,curl)
+       ("faad2" ,faad2)
+       ("ffmpeg" ,ffmpeg)
+       ("file" ,file)
+       ("jack" ,jack-1)
+       ("libid3tag" ,libid3tag)
+       ("libltdl" ,libltdl)
+       ("libmodplug" ,libmodplug)
+       ("libmpcdec" ,libmpcdec)
+       ("libmad" ,libmad)
+       ("ncurses" ,ncurses)
+       ("openssl" ,openssl)
+       ("sasl" ,cyrus-sasl)
+       ("speex" ,speex)
+       ("taglib" ,taglib)
+       ("wavpack" ,wavpack)
+       ("zlib" ,zlib)))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)))
+    (synopsis "Console audio player designed to be powerful and easy to use")
+    (description
+     "Music on Console is a console audio player that supports many file
+formats, including most audio formats recognized by FFMpeg.")
+    (home-page "http://moc.daper.net")
+    (license license:gpl2+)))
diff --git a/gnu/packages/ntp.scm b/gnu/packages/ntp.scm
index f38fa22b5b..4ae25450e8 100644
--- a/gnu/packages/ntp.scm
+++ b/gnu/packages/ntp.scm
@@ -3,6 +3,7 @@
 ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
 ;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -38,7 +39,7 @@
 (define-public ntp
   (package
    (name "ntp")
-   (version "4.2.8p6")
+   (version "4.2.8p7")
    (source (origin
 	    (method url-fetch)
 	    (uri (string-append
@@ -47,7 +48,7 @@
                   "/ntp-" version ".tar.gz"))
 	    (sha256
 	     (base32
-              "0j509gd0snj8dq15rhfv2v4wisfaabya1gmgqslk1kisawf0wgaq"))
+              "1p100856h17nb0kpnppy70nja57hbcc95h7shhxvw6mhl030rll1"))
             (modules '((guix build utils)))
             (snippet
              '(begin
@@ -92,7 +93,7 @@ computers over a network.")
 (define-public openntpd
   (package
     (name "openntpd")
-    (version "5.7p3")
+    (version "5.9p1")
     (source (origin
               (method url-fetch)
               ;; XXX Use mirror://openbsd
@@ -101,7 +102,7 @@ computers over a network.")
                     version ".tar.gz"))
               (sha256
                (base32
-                "0filjmb3b8rc39bvhm8q2azzj10ljfgq41qih71pxv919j57qhag"))))
+                "1cwp6vxv7nj039kgbf0mgfm06f8zc4axawdc7ijl2r2ddl2h8310"))))
     (build-system gnu-build-system)
     (home-page "http://www.openntpd.org/")
     (synopsis "NTP client and server by the OpenBSD Project")
diff --git a/gnu/packages/ocaml.scm b/gnu/packages/ocaml.scm
index 5d489532f7..434fb132bb 100644
--- a/gnu/packages/ocaml.scm
+++ b/gnu/packages/ocaml.scm
@@ -60,7 +60,8 @@
                     "/ocaml-" version ".tar.xz"))
               (sha256
                (base32
-                "1qwwvy8nzd87hk8rd9sm667nppakiapnx4ypdwcrlnav2dz6kil3"))))
+                "1qwwvy8nzd87hk8rd9sm667nppakiapnx4ypdwcrlnav2dz6kil3"))
+              (patches (search-patches "ocaml-CVE-2015-8869.patch"))))
     (build-system gnu-build-system)
     (native-search-paths
      (list (search-path-specification
diff --git a/gnu/packages/patches/4store-fix-buildsystem.patch b/gnu/packages/patches/4store-fix-buildsystem.patch
new file mode 100644
index 0000000000..383baa9461
--- /dev/null
+++ b/gnu/packages/patches/4store-fix-buildsystem.patch
@@ -0,0 +1,56 @@
+This patch sets a fixed version to avoid needing Git and the .git/ folder.
+It also removes the creation of "/var/lib/4store", which is not available
+during the install phase in GNU Guix.
+
+Patch by Roel Janssen <roel@gnu.org>
+*** a/configure.ac	Wed Feb  4 19:05:24 2015
+--- b/configure.ac	Wed Mar 23 11:20:38 2016
+***************
+*** 2,13 ****
+  # Process this file with autoconf to produce a configure script.
+
+  AC_PREREQ([2.50])
+! AC_INIT([4store], m4_esyscmd([./version.sh .version]), [http://4store.org/support/], [4store])
+  AC_CONFIG_SRCDIR([src/backend/backend-intl.h])
+! AM_INIT_AUTOMAKE([1.7 std-options -Wall])
+  AC_CONFIG_HEADERS(4store-config.h)
+
+  # Checks for programs.
+  AC_PROG_LIBTOOL
+  AC_PROG_AWK
+  AC_PROG_CC
+--- 2,14 ----
+  # Process this file with autoconf to produce a configure script.
+
+  AC_PREREQ([2.50])
+! AC_INIT([4store], [1.1.6], [http://4store.org/support/], [4store])
+  AC_CONFIG_SRCDIR([src/backend/backend-intl.h])
+! AM_INIT_AUTOMAKE([1.7 std-options foreign -Wall])
+  AC_CONFIG_HEADERS(4store-config.h)
+
+  # Checks for programs.
++ AM_PROG_AR
+  AC_PROG_LIBTOOL
+  AC_PROG_AWK
+  AC_PROG_CC
+
+*** a/src/utilities/Makefile.am	Wed Feb  4 19:05:24 2015
+--- b/src/utilities/Makefile.am	Wed Mar 23 14:05:56 2016
+***************
+*** 13,20 ****
+  noinst_PROGRAMS = lex-file-verify 4s-rid
+
+  install-data-local: 
+! 	mkdir -p $(DESTDIR)@FS_STORE_ROOT@
+! 	chmod 1777 $(DESTDIR)@FS_STORE_ROOT@
+
+  4s_backend_destroy_SOURCES = backend-destroy.c
+  4s_backend_destroy_LDADD = ../common/lib4sintl.a
+--- 13,19 ----
+  noinst_PROGRAMS = lex-file-verify 4s-rid
+
+  install-data-local: 
+! 	echo "Please create the following directory: " $(DESTDIR)@FS_STORE_ROOT@
+
+  4s_backend_destroy_SOURCES = backend-destroy.c
+  4s_backend_destroy_LDADD = ../common/lib4sintl.a
diff --git a/gnu/packages/patches/doc++-include-directives.patch b/gnu/packages/patches/doc++-include-directives.patch
new file mode 100644
index 0000000000..a59a907c3b
--- /dev/null
+++ b/gnu/packages/patches/doc++-include-directives.patch
@@ -0,0 +1,224 @@
+Adapted from https://sourceforge.net/p/docpp/patches/1/
+
+--- doc++-3.4.10/src/comment.ll	2000-06-24 18:50:23.000000000 +0200
++++ doc++-3.4.10/src/comment.ll	2012-09-17 11:14:50.744922841 +0200
+@@ -24,7 +24,7 @@
+ 
+ #include <assert.h>
+ #include <ctype.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdarg.h>
+ #include <stdio.h>
+ 
+--- doc++-3.4.10/src/cpp.ll	2002-05-09 08:11:14.000000000 +0200
++++ doc++-3.4.10/src/cpp.ll	2012-09-17 11:15:21.184333236 +0200
+@@ -26,7 +26,7 @@
+ 
+ #include <assert.h>
+ #include <ctype.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdarg.h>
+ #include <stdio.h>
+ 
+--- doc++-3.4.10/src/datahashtable.h	2000-08-27 21:44:34.000000000 +0200
++++ doc++-3.4.10/src/datahashtable.h	2012-09-17 11:22:59.442589960 +0200
+@@ -26,11 +26,13 @@
+ #define _DATAHASHTABLE_H
+ 
+ #include <assert.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdlib.h>
+ 
+ #include "McDArray.h"
+ 
++using namespace std;
++
+ /* This should be a private subclass of #DataHashTable#. However, since cfront
+    is not able to compile this constrution, we had move the class to global
+    scope.
+--- doc++-3.4.10/src/doc2dbsgml.ll	2002-05-09 08:11:14.000000000 +0200
++++ doc++-3.4.10/src/doc2dbsgml.ll	2012-09-17 11:20:49.077259414 +0200
+@@ -22,8 +22,8 @@
+ 
+ %{
+ #include <assert.h>
+-#include <fstream.h>
+-#include <iostream.h>
++#include <fstream>
++#include <iostream>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -36,6 +36,8 @@
+ #undef	YY_INPUT
+ #define	YY_INPUT(buf, result, max_size) result = yyread(buf, max_size);
+ 
++using namespace std;
++
+ static Entry*	current;
+ static int	inPos;
+ static int	lastContext;
+--- doc++-3.4.10/src/doc2dbxml.ll	2002-05-09 08:11:14.000000000 +0200
++++ doc++-3.4.10/src/doc2dbxml.ll	2012-09-17 11:20:22.264831159 +0200
+@@ -25,8 +25,8 @@
+ 
+ %{
+ #include <assert.h>
+-#include <fstream.h>
+-#include <iostream.h>
++#include <fstream>
++#include <iostream>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -39,6 +39,8 @@
+ #undef	YY_INPUT
+ #define	YY_INPUT(buf, result, max_size) result = yyread(buf, max_size);
+ 
++using namespace std;
++
+ static Entry*	current;
+ static int	inPos;
+ static int	lastContext;
+--- doc++-3.4.10/src/doc2html.ll	2000-07-17 23:17:24.000000000 +0200
++++ doc++-3.4.10/src/doc2html.ll	2012-09-17 11:22:40.354469631 +0200
+@@ -29,6 +29,8 @@
+ #include "doc.h"
+ #include "nametable.h"
+ 
++using namespace std;
++
+ extern NameTable	gifs;
+ 
+ #define YY_DECL int yylex()
+--- doc++-3.4.10/src/doc2tex.ll	2000-11-05 17:21:16.000000000 +0100
++++ doc++-3.4.10/src/doc2tex.ll	2012-09-17 11:23:22.210701715 +0200
+@@ -23,8 +23,8 @@
+ 
+ %{
+ #include <assert.h>
+-#include <fstream.h>
+-#include <iostream.h>
++#include <fstream>
++#include <iostream>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -38,6 +38,8 @@
+ #undef	YY_INPUT
+ #define	YY_INPUT(buf, result, max_size) result = yyread(buf, max_size);
+ 
++using namespace std;
++
+ static Entry*	current;
+ static int	inPos;
+ static int	lastContext;
+--- doc++-3.4.10/src/doc.ll	2000-09-17 21:41:17.000000000 +0200
++++ doc++-3.4.10/src/doc.ll	2012-09-17 11:15:37.068009454 +0200
+@@ -23,8 +23,8 @@
+ 
+ %{
+ #include <assert.h>
+-#include <fstream.h>
+-#include <iostream.h>
++#include <fstream>
++#include <iostream>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+--- doc++-3.4.10/src/equate.cc	2002-05-02 21:13:10.000000000 +0200
++++ doc++-3.4.10/src/equate.cc	2012-09-17 11:25:42.850669366 +0200
+@@ -23,9 +23,9 @@
+ 
+ #include "config.h"
+ 
+-#include <fstream.h>
++#include <fstream>
+ #include <getopt.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdio.h>
+ #include <string.h>
+ 
+--- doc++-3.4.10/src/html.cc	2001-02-17 07:34:49.000000000 +0100
++++ doc++-3.4.10/src/html.cc	2012-09-17 11:24:07.978824681 +0200
+@@ -31,7 +31,7 @@
+ #include <direct.h>
+ #endif
+ #include <errno.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+--- doc++-3.4.10/src/java.ll	2001-11-25 18:04:12.000000000 +0100
++++ doc++-3.4.10/src/java.ll	2012-09-17 11:24:19.138834603 +0200
+@@ -26,7 +26,7 @@
+ 
+ #include <assert.h>
+ #include <ctype.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdio.h>
+ 
+ #include "doc.h"
+--- doc++-3.4.10/src/main.cc	2002-05-09 08:11:14.000000000 +0200
++++ doc++-3.4.10/src/main.cc	2012-09-17 11:25:30.650719070 +0200
+@@ -25,7 +25,7 @@
+ #include "config.h"
+ 
+ #include <assert.h>
+-#include <fstream.h>
++#include <fstream>
+ #include <getopt.h>
+ #include <locale.h>
+ #include <stdio.h>
+--- doc++-3.4.10/src/nametable.cc	2000-04-08 23:11:54.000000000 +0200
++++ doc++-3.4.10/src/nametable.cc	2012-09-17 11:25:58.894591128 +0200
+@@ -22,7 +22,7 @@
+ */
+ 
+ #include <assert.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdlib.h>
+ #include <string.h>
+ 
+--- doc++-3.4.10/src/nametable.h	2000-04-08 23:11:56.000000000 +0200
++++ doc++-3.4.10/src/nametable.h	2012-09-17 11:22:07.826207198 +0200
+@@ -25,7 +25,7 @@
+ #define	_NAME_TABLE_H
+ 
+ #include <assert.h>
+-#include <iostream.h>
++#include <iostream>
+ 
+ #include "datahashtable.h"
+ 
+--- doc++-3.4.10/src/php.ll	2001-02-16 23:34:47.000000000 +0100
++++ doc++-3.4.10/src/php.ll	2012-09-17 11:25:18.582759801 +0200
+@@ -23,7 +23,7 @@
+ %{
+ #include <assert.h>
+ #include <ctype.h>
+-#include <iostream.h>
++#include <iostream>
+ #include <stdio.h>
+ 
+ #include "doc.h"
+--- doc++-3.4.10/src/tex2gif.cc	2001-08-07 20:55:40.000000000 +0200
++++ doc++-3.4.10/src/tex2gif.cc	2012-09-17 11:26:06.698547836 +0200
+@@ -21,8 +21,8 @@
+   Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+ 
+-#include <iostream.h>
+-#include <fstream.h>
++#include <iostream>
++#include <fstream>
+ #include <stdio.h>
+ #include <string.h>
+ 
diff --git a/gnu/packages/patches/doc++-segfault-fix.patch b/gnu/packages/patches/doc++-segfault-fix.patch
new file mode 100644
index 0000000000..bad34c814e
--- /dev/null
+++ b/gnu/packages/patches/doc++-segfault-fix.patch
@@ -0,0 +1,169 @@
+Adapted from https://sources.debian.net/data/main/d/doc%2B%2B/3.4.10-3.4/debian/patches/segfault_fix.patch
+
+--- doc++-3.4.10/src/McDArray.h	2000-07-30 12:40:48.000000000 +0200
++++ doc++-3.4.10/src/McDArray.h	2005-05-10 15:02:06.000000000 +0200
+@@ -80,9 +80,14 @@
+     McDArray(const McDArray& old) : memFactor(old.memFactor),
+ 	thesize(old.thesize), themax(old.themax)
+ 	{
+-	data = (T*)malloc(themax * sizeof(T));
+-	if(thesize)
+-	    memcpy(data, old.data, thesize * sizeof(T));
++	if (themax)
++	    {
++	    data = (T*)malloc(themax * sizeof(T));
++	    if(thesize)
++		memcpy(data, old.data, thesize * sizeof(T));
++	    }
++	else
++	    data = 0;
+ 	assert(isConsistent());
+ 	}
+ 
+--- doc++-3.4.10/src/McDirectory.cc	2000-03-14 22:17:36.000000000 +0100
++++ doc++-3.4.10/src/McDirectory.cc	2005-05-10 15:02:18.000000000 +0200
+@@ -23,12 +23,13 @@
+ */
+ 
+ #include "McDirectory.h"
+-#include "McSorter.h"
+ #include "McString.h"
+ #include "doc.h"
+ 
+ #include <stdio.h>
+ 
++#include <algorithm>
++
+ #ifdef WIN32
+ #include <windows.h>
+ #ifdef __BORLANDC__
+@@ -62,7 +63,7 @@
+     FindClose(searchHandle);
+     StringCompare comp;
+     if(list.size())
+-	sort((char **)list, list.size(), comp, 0);
++	std::sort((char **)list, (char **)list + list.size(), comp);
+     return 0;
+ }
+ 
+@@ -107,7 +108,7 @@
+     closedir(dir);
+     StringCompare comp;
+     if(list.size())
+-	sort((char **)list, list.size(), comp, 0);
++	std::sort((char **)list, (char **)list + list.size(), comp);
+     return list.size();
+ }
+ 
+--- doc++-3.4.10/src/McDirectory.h	2000-06-28 21:54:58.000000000 +0200
++++ doc++-3.4.10/src/McDirectory.h	2005-05-10 15:02:18.000000000 +0200
+@@ -59,9 +59,9 @@
+     class StringCompare
+ 	{
+ 	public:
+-	    int operator()(const char *t1, const char *t2)
++	    bool operator()(const char *t1, const char *t2)
+ 		{
+-		return strcmp(t1, t2);
++		return strcmp(t1, t2) < 0;
+ 		}
+ 	};
+ };
+--- doc++-3.4.10/src/html.cc	2001-02-17 07:34:49.000000000 +0100
++++ doc++-3.4.10/src/html.cc	2005-05-10 15:02:18.000000000 +0200
+@@ -38,9 +38,10 @@
+ #include <sys/stat.h>
+ #include <sys/types.h>
+ 
++#include <algorithm>
++
+ #include "McDirectory.h"
+ #include "McHashTable.h"
+-#include "McSorter.h"
+ #include "classgraph.h"
+ #include "doc.h"
+ #include "gifs.h"
+@@ -314,9 +315,11 @@
+ 	virtual void writeMember(Entry *e, bool links, bool withSub = true);
+ 	class EntryCompare {
+ 	    public:
+-		int operator()(const MemberWriterListEntry& l1, const MemberWriterListEntry& l2)
++		bool operator()(const MemberWriterListEntry& l1, const MemberWriterListEntry& l2)
+ 		    {
+-		    return strcmp(l1.entry->fullName.c_str(), l2.entry->fullName.c_str());
++		    const char *s1 = l1.entry->fullName.c_str();
++		    const char *s2 = l2.entry->fullName.c_str();
++		    return strcmp(s1, s2) < 0;
+ 		    }
+ 	};
+     public:
+@@ -324,7 +327,7 @@
+ 	    {
+ 	    EntryCompare comp;
+ 	    if(list.size())
+-		::sort((MemberWriterListEntry *)list, list.size(), comp, 0);
++		std::sort((MemberWriterListEntry *)list, (MemberWriterListEntry *)list + list.size(), comp);
+ 	    }
+ 	virtual void startList(FILE *f, char *heading, bool withLinks);
+ 	virtual void addMember(Entry *e, bool links, bool withSub = true)
+@@ -376,7 +379,7 @@
+ 	    int lp;
+ 
+ 	    if(list.size() > 1)
+-		::sort((TOCListEntry *)list, list.size(), comp, 0);
++		std::sort((TOCListEntry *)list, (TOCListEntry *)list + list.size(), comp);
+ 
+ 	    // Sort subsections
+ 	    for(lp = 0; lp < list.size(); lp++)
+@@ -385,9 +388,9 @@
+ 	    }
+ 	class EntryCompare {
+ 	    public:
+-		int operator()(TOCListEntry& l1, TOCListEntry& l2)
++		bool operator()(const TOCListEntry& l1, const TOCListEntry& l2)
+ 		    {
+-		    return strcmp(l1.name, l2.name);
++		    return strcmp(l1.name, l2.name) < 0;
+ 		    }
+ 	};
+ 	void addEntry(Entry *entry, TOClist *tl);
+@@ -487,7 +490,7 @@
+ 
+     for(i = 0; i < list.size(); i++)
+ 	if(list[i].tl)
+-	    free(list[i].tl);
++	    delete list[i].tl;
+ }
+ 
+ class HIERlist;
+@@ -509,7 +512,7 @@
+ 	    int i;
+ 
+ 	    if(list.size() > 1)
+-		::sort((HIERListEntry *)list, list.size(), comp, 0);
++		std::sort((HIERListEntry *)list, (HIERListEntry *)list + list.size(), comp);
+ 
+ 	    // Sort subentries
+ 	    for(i = 0; i < list.size(); i++)
+@@ -519,9 +522,9 @@
+ 	class EntryCompare
+ 	    {
+ 	    public:
+-		int operator()(HIERListEntry& l1, HIERListEntry& l2)
++		bool operator()(const HIERListEntry& l1, const HIERListEntry& l2)
+ 		    {
+-		    return strcmp(l1.name, l2.name);
++		    return strcmp(l1.name, l2.name) < 0;
+ 		    }
+ 	    };
+ 	void addEntry(Entry *entry, HIERlist *hl);
+--- doc++-3.4.10/src/readfiles.ll	2001-11-25 18:04:48.000000000 +0100
++++ doc++-3.4.10/src/readfiles.ll	2005-05-10 15:02:18.000000000 +0200
+@@ -28,7 +28,6 @@
+ #include <sys/types.h>
+ 
+ #include "McDirectory.h"
+-#include "McSorter.h"
+ #include "McString.h"
+ #include "doc.h"
+ #include "nametable.h"
diff --git a/gnu/packages/patches/gcc-cross-environment-variables.patch b/gnu/packages/patches/gcc-cross-environment-variables.patch
index 0bd0be5984..ec4378e2d2 100644
--- a/gnu/packages/patches/gcc-cross-environment-variables.patch
+++ b/gnu/packages/patches/gcc-cross-environment-variables.patch
@@ -1,9 +1,23 @@
 Search path environment variables for cross-compilers.  See the discussion
 at <http://gcc.gnu.org/ml/gcc/2013-02/msg00124.html>.
 
---- gcc-4.7.2/gcc/incpath.c	2012-01-27 00:34:58.000000000 +0100
-+++ gcc-4.7.2/gcc/incpath.c	2013-02-12 10:11:27.000000000 +0100
-@@ -452,7 +452,7 @@ register_include_chains (cpp_reader *pfi
+Note: Touch 'C_INCLUDE_PATH' et al. rather than 'CPATH', as discussed
+at <http://bugs.gnu.org/22186>.
+
+--- a/gcc/incpath.c
++++ b/gcc/incpath.c
+@@ -461,8 +461,8 @@ register_include_chains (cpp_reader *pfile, const char *sysroot,
+ 			 int stdinc, int cxx_stdinc, int verbose)
+ {
+   static const char *const lang_env_vars[] =
+-    { "C_INCLUDE_PATH", "CPLUS_INCLUDE_PATH",
+-      "OBJC_INCLUDE_PATH", "OBJCPLUS_INCLUDE_PATH" };
++    { "CROSS_C_INCLUDE_PATH", "CROSS_CPLUS_INCLUDE_PATH",
++      "CROSS_OBJC_INCLUDE_PATH", "CROSS_OBJCPLUS_INCLUDE_PATH" };
+   cpp_options *cpp_opts = cpp_get_options (pfile);
+   size_t idx = (cpp_opts->objc ? 2: 0);
+ 
+@@ -473,7 +473,7 @@ register_include_chains (cpp_reader *pfile, const char *sysroot,
  
    /* CPATH and language-dependent environment variables may add to the
       include chain.  */
@@ -12,20 +26,22 @@ at <http://gcc.gnu.org/ml/gcc/2013-02/msg00124.html>.
    add_env_var_paths (lang_env_vars[idx], SYSTEM);
  
    target_c_incpath.extra_pre_includes (sysroot, iprefix, stdinc);
-
---- gcc-4.7.2/gcc/system.h	2012-02-17 00:16:28.000000000 +0100
-+++ gcc-4.7.2/gcc/system.h	2013-02-12 10:22:17.000000000 +0100
-@@ -1023,4 +1023,6 @@ helper_const_non_const_cast (const char
- #define DEBUG_VARIABLE
- #endif
+diff --git a/gcc/system.h b/gcc/system.h
+index 42bc509..af3b9ad 100644
+--- a/gcc/system.h
++++ b/gcc/system.h
+@@ -1063,4 +1063,6 @@ helper_const_non_const_cast (const char *p)
+ /* Get definitions of HOST_WIDE_INT and HOST_WIDEST_INT.  */
+ #include "hwint.h"
  
 +#define LIBRARY_PATH_ENV "CROSS_LIBRARY_PATH"
 +
  #endif /* ! GCC_SYSTEM_H */
-
---- gcc-4.7.2/gcc/tlink.c	2012-02-11 09:50:23.000000000 +0100
-+++ gcc-4.7.2/gcc/tlink.c	2013-05-23 22:06:19.000000000 +0200
-@@ -461,7 +461,7 @@ recompile_files (void)
+diff --git a/gcc/tlink.c b/gcc/tlink.c
+index bc358b8..ad6242f 100644
+--- a/gcc/tlink.c
++++ b/gcc/tlink.c
+@@ -458,7 +458,7 @@ recompile_files (void)
    file *f;
  
    putenv (xstrdup ("COMPILER_PATH="));
@@ -34,10 +50,11 @@ at <http://gcc.gnu.org/ml/gcc/2013-02/msg00124.html>.
  
    while ((f = file_pop ()) != NULL)
      {
-
---- gcc-4.7.3/gcc/gcc.c	2013-03-08 08:25:09.000000000 +0100
-+++ gcc-4.7.3/gcc/gcc.c	2013-05-24 08:58:16.000000000 +0200
-@@ -3726,7 +3726,7 @@ process_command (unsigned int decoded_op
+diff --git a/gcc/gcc.c b/gcc/gcc.c
+index adbf0c4..70448c6 100644
+--- a/gcc/gcc.c
++++ b/gcc/gcc.c
+@@ -3853,7 +3853,7 @@ process_command (unsigned int decoded_options_count,
      }
  
    temp = getenv (LIBRARY_PATH_ENV);
diff --git a/gnu/packages/patches/glib-tests-desktop.patch b/gnu/packages/patches/glib-tests-desktop.patch
deleted file mode 100644
index 642234ebbc..0000000000
--- a/gnu/packages/patches/glib-tests-desktop.patch
+++ /dev/null
@@ -1,138 +0,0 @@
-Some GLib tests expect desktop things, such as an xterm, a MIME
-database, the `update-desktop-database' program, which we don't provide.
-
---- glib-2.37.1/gio/tests/appinfo.c	2013-06-07 23:44:44.000000000 +0200
-+++ glib-2.37.1/gio/tests/appinfo.c	2013-06-07 23:44:56.000000000 +0200
-@@ -497,16 +497,10 @@ main (int argc, char *argv[])
- 
-   g_test_add_func ("/appinfo/basic", test_basic);
-   g_test_add_func ("/appinfo/text", test_text);
--  g_test_add_func ("/appinfo/launch", test_launch);
-   g_test_add_func ("/appinfo/show-in", test_show_in);
-   g_test_add_func ("/appinfo/commandline", test_commandline);
--  g_test_add_func ("/appinfo/launch-context", test_launch_context);
--  g_test_add_func ("/appinfo/launch-context-signals", test_launch_context_signals);
-   g_test_add_func ("/appinfo/tryexec", test_tryexec);
--  g_test_add_func ("/appinfo/associations", test_associations);
-   g_test_add_func ("/appinfo/environment", test_environment);
--  g_test_add_func ("/appinfo/startup-wm-class", test_startup_wm_class);
--  g_test_add_func ("/appinfo/supported-types", test_supported_types);
-   g_test_add_func ("/appinfo/from-keyfile", test_from_keyfile);
- 
-   return g_test_run ();
-
---- glib-2.40.0/gio/tests/contenttype.c	2013-01-16 21:22:29.000000000 +0100
-+++ glib-2.40.0/gio/tests/contenttype.c	2013-01-16 21:22:33.000000000 +0100
-@@ -207,15 +207,6 @@ main (int argc, char *argv[])
- {
-   g_test_init (&argc, &argv, NULL);
- 
--  g_test_add_func ("/contenttype/guess", test_guess);
--  g_test_add_func ("/contenttype/unknown", test_unknown);
--  g_test_add_func ("/contenttype/subtype", test_subtype);
--  g_test_add_func ("/contenttype/list", test_list);
--  g_test_add_func ("/contenttype/executable", test_executable);
--  g_test_add_func ("/contenttype/description", test_description);
--  g_test_add_func ("/contenttype/icon", test_icon);
--  g_test_add_func ("/contenttype/symbolic-icon", test_symbolic_icon);
--  g_test_add_func ("/contenttype/tree", test_tree);
- 
-   return g_test_run ();
- }
-
-
---- glib-2.40.0/gio/tests/desktop-app-info.c	2014-03-19 22:50:45.000000000 -0500
-+++ glib-2.40.0/gio/tests/desktop-app-info.c	2014-06-30 14:27:52.543358331 -0500
-@@ -708,6 +708,8 @@
-   g_setenv ("XDG_DATA_HOME", basedir, TRUE);
-   cleanup_subdirs (basedir);
- 
-+  result = g_test_run ();
-+  return result;
-   g_test_add_func ("/desktop-app-info/delete", test_delete);
-   g_test_add_func ("/desktop-app-info/default", test_default);
-   g_test_add_func ("/desktop-app-info/fallback", test_fallback);
-
-
------------------------------
-The hunk below removes tests that depend on `gdbus-testserver.py',
-because that script depends on python-gobject.  The second hunk
-disables a test that expects /etc/machine-id in the build environment.
- 
---- glib-2.46.0/gio/tests/Makefile.in	2015-10-14 14:11:00.928809504 +0200
-+++ glib-2.46.0/gio/tests/Makefile.in	2015-10-14 14:12:13.157291092 +0200
-@@ -186,20 +186,13 @@ check_PROGRAMS = $(am__EXEEXT_16)
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-auth				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-bz627724				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-close-pending			\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-connection			\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-connection-loss			\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-connection-slow			\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-error				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-exit-on-close			\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-export				\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-introspection			\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-names				\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-proxy				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-proxy-threads			\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-proxy-well-known-name		\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-test-codegen			\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-test-codegen-old			\
--@HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gdbus-threading				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gmenumodel				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	gnotification				\
- @HAVE_DBUS_DAEMON_TRUE@@OS_UNIX_TRUE@	$(NULL)
-@@ -321,8 +314,7 @@ libresourceplugin_la_LINK = $(LIBTOOL) $
- am__EXEEXT_1 =
- @OS_UNIX_TRUE@am__EXEEXT_2 = contenttype$(EXEEXT) file$(EXEEXT) \
- @OS_UNIX_TRUE@	gdbus-peer-object-manager$(EXEEXT) \
--@OS_UNIX_TRUE@	gdbus-unix-addresses$(EXEEXT) \
- @OS_UNIX_TRUE@	live-g-file$(EXEEXT) socket-address$(EXEEXT) \
- @OS_UNIX_TRUE@	stream-rw_all$(EXEEXT) unix-fd$(EXEEXT) \
- @OS_UNIX_TRUE@	unix-streams$(EXEEXT) $(am__EXEEXT_1) \
-  
-
-The test below depends on the availability /etc/passwd to dbus-daemon.
-
---- glib-2.40.0/gio/tests/gdbus-auth.c	2014-02-03 11:40:41.000000000 -0600
-+++ glib-2.40.0/gio/tests/gdbus-auth.c	2014-06-30 15:08:43.719421893 -0500
-@@ -286,6 +286,8 @@
- {
-   gint ret;
- 
-+  g_test_init (&argc, &argv, NULL);
-+  return g_test_run();
-   setlocale (LC_ALL, "C");
- 
-   temp_dbus_keyrings_setup ();
-
-
-The test dbus-appinfo is dropped as it hangs indefinitely since 2.37.5, see
-   https://launchpad.net/ubuntu/+source/glib2.0/2.37.5-1ubuntu1
-
---- glib-2.40.0/gio/tests/dbus-appinfo.c	2014-02-03 11:40:41.000000000 -0600
-+++ glib-2.40.0/gio/tests/dbus-appinfo.c	2014-06-30 14:44:08.215383632 -0500
-@@ -278,7 +278,7 @@
- {
-   g_test_init (&argc, &argv, NULL);
- 
--  g_test_add_func ("/appinfo/dbusappinfo", test_dbus_appinfo);
-+  return g_test_run();
- 
-   return session_bus_run ();
- }
-
-
-The test below fails for unknown reasons (!).
-
---- glib-2.39.1/gio/tests/gsettings.c.orig	2014-01-20 00:45:04.000000000 +0100
-+++ glib-2.39.1/gio/tests/gsettings.c	2014-01-20 00:45:10.000000000 +0100
-@@ -2489,7 +2489,6 @@ main (int argc, char *argv[])
-   g_test_add_func ("/gsettings/range/subprocess/high", test_range_high);
-   g_test_add_func ("/gsettings/range/subprocess/low", test_range_low);
-   g_test_add_func ("/gsettings/list-items", test_list_items);
--  g_test_add_func ("/gsettings/list-schemas", test_list_schemas);
-   g_test_add_func ("/gsettings/mapped", test_get_mapped);
-   g_test_add_func ("/gsettings/get-range", test_get_range);
-   g_test_add_func ("/gsettings/schema-source", test_schema_source);
-
diff --git a/gnu/packages/patches/glib-tests-gapplication.patch b/gnu/packages/patches/glib-tests-gapplication.patch
deleted file mode 100644
index 1845fcb9b8..0000000000
--- a/gnu/packages/patches/glib-tests-gapplication.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-This test has proven to be unreliable, often leading to things like this
-in gapplication.log:
-
-  PASS: gapplication 3 /gapplication/properties
-  Failed to register: The connection is closed
-  **
-  GLib-GIO:ERROR:gapplication.c:564:test_quit: assertion failed: (activated)
-  ok 4 /gapplication/app-id
-  PASS: gapplication 4 /gapplication/app-id
-  ../../tap-test: line 5: 24133 Aborted                 $1 -k --tap
-  # GLib-GIO:ERROR:gapplication.c:564:test_quit: assertion failed: (activated)
-  cleaning up pid 24154
-  ERROR: gapplication - missing test plan
-  ERROR: gapplication - exited with status 134 (terminated by signal 6?)
-
-See <https://bugs.debian.org/756273> and <http://bugs.gnu.org/18445>.
-
-
---- glib-2.40.2/gio/tests/gapplication.c	2014-12-03 22:34:44.566667649 +0100
-+++ glib-2.40.2/gio/tests/gapplication.c	2014-12-03 22:34:45.346674179 +0100
-@@ -685,7 +685,6 @@ main (int argc, char **argv)
- /*  g_test_add_func ("/gapplication/non-unique", test_nonunique); */
-   g_test_add_func ("/gapplication/properties", properties);
-   g_test_add_func ("/gapplication/app-id", appid);
--  g_test_add_func ("/gapplication/quit", test_quit);
-   g_test_add_func ("/gapplication/local-actions", test_local_actions);
- /*  g_test_add_func ("/gapplication/remote-actions", test_remote_actions); */
-   g_test_add_func ("/gapplication/local-command-line", test_local_command_line);
diff --git a/gnu/packages/patches/glib-tests-homedir.patch b/gnu/packages/patches/glib-tests-homedir.patch
deleted file mode 100644
index 0a2bcf1a23..0000000000
--- a/gnu/packages/patches/glib-tests-homedir.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-`g_get_home_dir' looks at /etc/passwd first, which fails in chroot builds.
-The gdbus tests use it to lookup .dbus-keyrings, so they cannot run in our
-chroot build environment.  Thus, disable them.
-
---- glib-2.34.3/gio/tests/gdbus-connection-flush.c	2013-01-16 17:29:46.000000000 +0100
-+++ glib-2.34.3/gio/tests/gdbus-connection-flush.c	2013-01-16 17:29:47.000000000 +0100
-@@ -373,10 +373,6 @@ main (int   argc,
-   g_type_init ();
-   g_test_init (&argc, &argv, NULL);
- 
--  g_test_add ("/gdbus/connection/flush/busy", Fixture, NULL,
--              setup, test_flush_busy, teardown);
--  g_test_add ("/gdbus/connection/flush/idle", Fixture, NULL,
--              setup, test_flush_idle, teardown);
- 
-   ret = g_test_run();
-
---- glib-2.38.0.orig/gio/tests/gdbus-peer.c     2013-08-08 12:00:40.000000000 +0200
-+++ glib-2.38.0/gio/tests/gdbus-peer.c  2013-09-30 19:36:40.000000000 +0200
-@@ -1746,11 +1746,6 @@
-
-   g_test_add_func ("/gdbus/peer-to-peer", test_peer);
-   g_test_add_func ("/gdbus/delayed-message-processing", delayed_message_processing);
--  g_test_add_func ("/gdbus/nonce-tcp", test_nonce_tcp);
--
--  g_test_add_func ("/gdbus/tcp-anonymous", test_tcp_anonymous);
--  g_test_add_func ("/gdbus/credentials", test_credentials);
--  g_test_add_func ("/gdbus/codegen-peer-to-peer", codegen_test_peer);
-
-   ret = g_test_run();
- 
---- glib-2.37.1/gio/tests/gdbus-exit-on-close.c	2013-06-07 23:41:34.000000000 +0200
-+++ glib-2.37.1/gio/tests/gdbus-exit-on-close.c	2013-06-07 23:41:40.000000000 +0200
-@@ -211,6 +211,7 @@ main (int   argc,
- 
-   g_test_init (&argc, &argv, NULL);
- 
-+  return g_test_run();
-   for (i = 0; cases[i].name != NULL; i++)
-     {
-       gchar *name;
-@@ -224,5 +225,4 @@ main (int   argc,
-       g_free (name);
-     }
- 
--  return g_test_run();
- }
-
---- glib-2.34.3/gio/tests/gdbus-non-socket.c	2013-01-16 18:13:25.000000000 +0100
-+++ glib-2.34.3/gio/tests/gdbus-non-socket.c	2013-01-16 18:13:27.000000000 +0100
-@@ -294,7 +294,6 @@ main (int   argc,
-   g_type_init ();
-   g_test_init (&argc, &argv, NULL);
- 
--  g_test_add_func ("/gdbus/non-socket", test_non_socket);
- 
-   ret = g_test_run();
- 
-
diff --git a/gnu/packages/patches/glib-tests-prlimit.patch b/gnu/packages/patches/glib-tests-prlimit.patch
deleted file mode 100644
index f2b2a61bee..0000000000
--- a/gnu/packages/patches/glib-tests-prlimit.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-prlimit(2) returns ENOSYS on Linux 2.6.32-5-xen-amd64 as found on
-hydra.gnu.org, and strace(1) doesn't recognize it.
-
---- glib-2.34.3/glib/tests/thread.c	2012-11-20 15:27:12.000000000 +0100
-+++ glib-2.34.3/glib/tests/thread.c	2013-03-27 14:48:31.000000000 +0100
-@@ -130,7 +130,7 @@ test_thread3 (void)
- static void
- test_thread4 (void)
- {
--#ifdef HAVE_PRLIMIT
-+#if 0
-   struct rlimit ol, nl;
-   GThread *thread;
-   GError *error;
diff --git a/gnu/packages/patches/glib-tests-timer.patch b/gnu/packages/patches/glib-tests-timer.patch
index 1ac364fcc1..e37425c0c8 100644
--- a/gnu/packages/patches/glib-tests-timer.patch
+++ b/gnu/packages/patches/glib-tests-timer.patch
@@ -2,9 +2,6 @@
   fail depending on the elapsed microseconds.  Improve rounding by adding a
   fractional bit.
 
-* The /timer/stop test fails if compiler optimizations are enabled, which they
-  are by default.  Disable that test.
-
 --- glib-2.40.0/glib/tests/timer.c	2014-03-05 08:05:42.000000000 -0600
 +++ glib-2.40.0/glib/tests/timer.c	2014-07-10 16:33:12.746862822 -0500
 @@ -35,7 +35,7 @@
@@ -16,11 +13,3 @@
  
    g_timer_destroy (timer);
  }
-@@ -204,7 +204,6 @@
-   g_test_init (&argc, &argv, NULL);
- 
-   g_test_add_func ("/timer/basic", test_timer_basic);
--  g_test_add_func ("/timer/stop", test_timer_stop);
-   g_test_add_func ("/timer/continue", test_timer_continue);
-   g_test_add_func ("/timer/reset", test_timer_reset);
-   g_test_add_func ("/timeval/add", test_timeval_add);
diff --git a/gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch b/gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch
deleted file mode 100644
index 153f71c38f..0000000000
--- a/gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch
+++ /dev/null
@@ -1,142 +0,0 @@
-Copied from upstream:
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=acac103ba5772ae738ce5409d17feab80596cde6
-
-Fixes: https://debbugs.gnu.org/22558
-Upstream bug: https://bugs.gnupg.org/gnupg/issue2229
-
-From acac103ba5772ae738ce5409d17feab80596cde6 Mon Sep 17 00:00:00 2001
-From: "Neal H. Walfield" <neal@g10code.com>
-Date: Fri, 12 Feb 2016 22:12:21 +0100
-Subject: [PATCH] common: Change simple_query to ignore status messages.
-
-* common/simple-pwquery.c (simple_query): Ignore status messages.
-
---
-Signed-off-by: Neal H. Walfield <neal@g10code.com>
-GnuPG-bug-id: 2229
----
- common/simple-pwquery.c | 95 ++++++++++++++++++++++++++++++++++---------------
- 1 file changed, 67 insertions(+), 28 deletions(-)
-
-diff --git a/common/simple-pwquery.c b/common/simple-pwquery.c
-index 90d04c0..b2d666c 100644
---- a/common/simple-pwquery.c
-+++ b/common/simple-pwquery.c
-@@ -618,6 +618,7 @@ simple_query (const char *query)
-   int fd = -1;
-   int nread;
-   char response[500];
-+  int have = 0;
-   int rc;
- 
-   rc = agent_open (&fd);
-@@ -628,40 +629,78 @@ simple_query (const char *query)
-   if (rc)
-     goto leave;
- 
--  /* get response */
--  nread = readline (fd, response, 499);
--  if (nread < 0)
--    {
--      rc = -nread;
--      goto leave;
--    }
--  if (nread < 3)
-+  while (1)
-     {
--      rc = SPWQ_PROTOCOL_ERROR;
--      goto leave;
--    }
-+      if (! have || ! strchr (response, '\n'))
-+        /* get response */
-+        {
-+          nread = readline (fd, &response[have],
-+                            sizeof (response) - 1 /* NUL */ - have);
-+          if (nread < 0)
-+            {
-+              rc = -nread;
-+              goto leave;
-+            }
-+          have += nread;
-+          if (have < 3)
-+            {
-+              rc = SPWQ_PROTOCOL_ERROR;
-+              goto leave;
-+            }
-+          response[have] = 0;
-+        }
- 
--  if (response[0] == 'O' && response[1] == 'K')
--    /* OK, do nothing.  */;
--  else if ((nread > 7 && !memcmp (response, "ERR 111", 7)
--            && (response[7] == ' ' || response[7] == '\n') )
--           || ((nread > 4 && !memcmp (response, "ERR ", 4)
--                && (strtoul (response+4, NULL, 0) & 0xffff) == 99)) )
--    {
--      /* 111 is the old Assuan code for canceled which might still
--         be in use by old installations. 99 is GPG_ERR_CANCELED as
--         used by modern gpg-agents; 0xffff is used to mask out the
--         error source.  */
-+      if (response[0] == 'O' && response[1] == 'K')
-+        /* OK, do nothing.  */;
-+      else if ((nread > 7 && !memcmp (response, "ERR 111", 7)
-+                && (response[7] == ' ' || response[7] == '\n') )
-+               || ((nread > 4 && !memcmp (response, "ERR ", 4)
-+                    && (strtoul (response+4, NULL, 0) & 0xffff) == 99)) )
-+        {
-+          /* 111 is the old Assuan code for canceled which might still
-+             be in use by old installations. 99 is GPG_ERR_CANCELED as
-+             used by modern gpg-agents; 0xffff is used to mask out the
-+             error source.  */
- #ifdef SPWQ_USE_LOGGING
--      log_info (_("canceled by user\n") );
-+          log_info (_("canceled by user\n") );
- #endif
--    }
--  else
--    {
-+        }
-+      else if (response[0] == 'S' && response[1] == ' ')
-+        {
-+          char *nextline;
-+          int consumed;
-+
-+          nextline = strchr (response, '\n');
-+          if (! nextline)
-+            /* Point to the NUL.  */
-+            nextline = &response[have];
-+          else
-+            /* Move past the \n.  */
-+            nextline ++;
-+
-+          consumed = (size_t) nextline - (size_t) response;
-+
-+          /* Skip any additional newlines.  */
-+          while (consumed < have && response[consumed] == '\n')
-+            consumed ++;
-+
-+          have -= consumed;
-+
-+          if (have)
-+            memmove (response, &response[consumed], have + 1);
-+
-+          continue;
-+        }
-+      else
-+        {
- #ifdef SPWQ_USE_LOGGING
--      log_error (_("problem with the agent\n"));
-+          log_error (_("problem with the agent (unexpected response \"%s\"\n"),
-+                     response);
- #endif
--      rc = SPWQ_ERR_RESPONSE;
-+          rc = SPWQ_ERR_RESPONSE;
-+        }
-+
-+      break;
-     }
- 
-  leave:
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/gtk2-theme-paths.patch b/gnu/packages/patches/gtk2-theme-paths.patch
new file mode 100644
index 0000000000..6c1351e516
--- /dev/null
+++ b/gnu/packages/patches/gtk2-theme-paths.patch
@@ -0,0 +1,41 @@
+From: Jookia <166291@gmail.com>
+Subject: [PATCHv2] gtk: Patch GTK+ to look for themes in profiles.
+To: guix-devel@gnu.org
+Date: Sun, 13 Mar 2016 15:17:37 +1100
+Url: https://lists.gnu.org/archive/html/guix-devel/2016-03/msg00492.html
+
+diff -Naur gtk+-2.24.28.new/gtk/gtkrc.c gtk+-2.24.28/gtk/gtkrc.c
+--- gtk+-2.24.28.new/gtk/gtkrc.c	2016-03-13 10:31:14.413644362 +1100
++++ gtk+-2.24.28/gtk/gtkrc.c	2016-03-13 12:51:34.723398423 +1100
+@@ -808,6 +808,8 @@
+   gchar *path = NULL;
+   const gchar *home_dir;
+   gchar *subpath;
++  const gchar * const *xdg_data_dirs;
++  gint i;
+ 
+   if (type)
+     subpath = g_strconcat ("gtk-2.0-", type,
+@@ -830,6 +832,22 @@
+     }
+ 
+   if (!path)
++    {
++      xdg_data_dirs = g_get_system_data_dirs ();
++      for (i = 0; xdg_data_dirs[i]; i++)
++        {
++          path = g_build_filename (xdg_data_dirs[i], "themes", name, subpath, NULL);
++          if (g_file_test (path, G_FILE_TEST_EXISTS))
++            break;
++          else
++            {
++              g_free (path);
++              path = NULL;
++            }
++        }
++    }
++
++  if (!path)
+     {
+       gchar *theme_dir = gtk_rc_get_theme_dir ();
+       path = g_build_filename (theme_dir, name, subpath, NULL);
diff --git a/gnu/packages/patches/hdf5-config-date.patch b/gnu/packages/patches/hdf5-config-date.patch
new file mode 100644
index 0000000000..c105435dc2
--- /dev/null
+++ b/gnu/packages/patches/hdf5-config-date.patch
@@ -0,0 +1,21 @@
+Honor SOURCE_DATE_EPOCH when exporting configuration date.
+Autoconf-level patch submitted upstream on Wed Apr 13 17:03:23 UTC 2016
+
+--- a/configure
++++ b/configure
+@@ -27737,7 +28573,14 @@
+ 
+ 
+ ## Configuration date
+- CONFIG_DATE="`date`"
++ CONFIG_DATE="`date -u`"
++if test -n "$SOURCE_DATE_EPOCH"; then
++  CONFIG_DATE=`date -u -d "@$SOURCE_DATE_EPOCH" 2>/dev/null \
++               || date -u -r "$SOURCE_DATE_EPOCH" 2>/dev/null`
++  if test -z "$CONFIG_DATE"; then
++    as_fn_error $? "malformed SOURCE_DATE_EPOCH" "$LINENO" 5
++  fi
++fi
+ 
+ ## User doing the configuration
+  CONFIG_USER="`whoami`@`hostname`"
diff --git a/gnu/packages/patches/hypre-doc-tables.patch b/gnu/packages/patches/hypre-doc-tables.patch
new file mode 100644
index 0000000000..6a852ee78e
--- /dev/null
+++ b/gnu/packages/patches/hypre-doc-tables.patch
@@ -0,0 +1,25 @@
+Fixes doc++'s treatment of tabular within a parameter block.
+
+From commit 883925f8a at http://github.com/LLNL/hypre
+
+--- hypre-2.10.1/src/parcsr_ls/HYPRE_parcsr_ls.h	2015-12-04 22:12:19.000000000 -0600
++++ hypre-2.10.1/src/parcsr_ls/HYPRE_parcsr_ls.h	2016-03-16 09:02:58.547501336 -0500
+@@ -1154,8 +1154,6 @@
+  * Set the symmetry parameter for the
+  * ParaSails preconditioner.
+  *
+- * @param solver [IN] Preconditioner object for which to set symmetry parameter.
+- * @param sym [IN] Value of the symmetry parameter:
+  * \begin{tabular}{|c|l|} \hline 
+  * value & meaning \\ \hline 
+  * 0 & nonsymmetric and/or indefinite problem, and nonsymmetric preconditioner\\
+@@ -1163,6 +1161,9 @@
+  * 2 & nonsymmetric, definite problem, and SPD (factored) preconditioner \\
+  * \hline
+  * \end{tabular}
++ * 
++ * @param solver [IN] Preconditioner object for which to set symmetry parameter.
++ * @param sym [IN] Value of the symmetry parameter:
+  **/
+ HYPRE_Int HYPRE_ParaSailsSetSym(HYPRE_Solver solver,
+                                 HYPRE_Int    sym);
diff --git a/gnu/packages/patches/hypre-ldflags.patch b/gnu/packages/patches/hypre-ldflags.patch
new file mode 100644
index 0000000000..a94fafa463
--- /dev/null
+++ b/gnu/packages/patches/hypre-ldflags.patch
@@ -0,0 +1,9 @@
+--- hypre-2.10.1/src/lib/Makefile.orig	2016-03-11 16:04:03.740259228 -0600
++++ hypre-2.10.1/src/lib/Makefile	2016-03-11 16:04:57.296260190 -0600
+@@ -107,5 +107,5 @@
+ 
+ libHYPRE.so: ${FILES_HYPRE}
+ 	@echo  "Building $@ ... "
+-	${BUILD_CC_SHARED} -o ${SONAME} ${FILES_HYPRE} ${SOLIBS} ${SHARED_SET_SONAME}${SONAME} ${SHARED_OPTIONS}
++	${BUILD_CC_SHARED} ${LDFLAGS} -o ${SONAME} ${FILES_HYPRE} ${SOLIBS} ${SHARED_SET_SONAME}${SONAME} ${SHARED_OPTIONS}
+ 	ln -s ${SONAME} $@
diff --git a/gnu/packages/patches/icecat-CVE-2016-2805.patch b/gnu/packages/patches/icecat-CVE-2016-2805.patch
deleted file mode 100644
index 5e4150f00c..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2805.patch
+++ /dev/null
@@ -1,75 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/bf34b97757b3
-
-# HG changeset patch
-# User Jon Coppeard <jcoppeard@mozilla.com>
-# Date 1453890675 0
-# Node ID bf34b97757b334af1f9f53b9b59e0b6902e7ed6f
-# Parent  228ca3f46cabaf3f388f6c6640690772aa13c1a5
-Bug 1241731 - Handle incomplete buffer in DiscardTransferables r=sfink a=abillings a=sylvestre
-
-diff --git a/js/src/jit-test/tests/gc/bug-1241731.js b/js/src/jit-test/tests/gc/bug-1241731.js
-new file mode 100644
---- /dev/null
-+++ b/js/src/jit-test/tests/gc/bug-1241731.js
-@@ -0,0 +1,4 @@
-+if (!('oomTest' in this))
-+    quit();
-+
-+oomTest(() => serialize(0, [{}]));
-diff --git a/js/src/vm/StructuredClone.cpp b/js/src/vm/StructuredClone.cpp
---- a/js/src/vm/StructuredClone.cpp
-+++ b/js/src/vm/StructuredClone.cpp
-@@ -379,39 +379,50 @@ ReadStructuredClone(JSContext* cx, uint6
- 
- // If the given buffer contains Transferables, free them. Note that custom
- // Transferables will use the JSStructuredCloneCallbacks::freeTransfer() to
- // delete their transferables.
- static void
- Discard(uint64_t* buffer, size_t nbytes, const JSStructuredCloneCallbacks* cb, void* cbClosure)
- {
-     MOZ_ASSERT(nbytes % sizeof(uint64_t) == 0);
--    if (nbytes < sizeof(uint64_t))
-+    uint64_t* end = buffer + nbytes / sizeof(uint64_t);
-+    uint64_t* point = buffer;
-+    if (point == end)
-         return; // Empty buffer
- 
--    uint64_t* point = buffer;
-     uint32_t tag, data;
-     SCInput::getPair(point++, &tag, &data);
-     if (tag != SCTAG_TRANSFER_MAP_HEADER)
-         return;
- 
-     if (TransferableMapHeader(data) == SCTAG_TM_TRANSFERRED)
-         return;
- 
-     // freeTransfer should not GC
-     JS::AutoSuppressGCAnalysis nogc;
- 
-+    if (point == end)
-+        return;
-+
-     uint64_t numTransferables = LittleEndian::readUint64(point++);
-     while (numTransferables--) {
-+        if (point == end)
-+            return;
-+
-         uint32_t ownership;
-         SCInput::getPair(point++, &tag, &ownership);
-         MOZ_ASSERT(tag >= SCTAG_TRANSFER_MAP_PENDING_ENTRY);
-+        if (point == end)
-+            return;
- 
-         void* content;
-         SCInput::getPtr(point++, &content);
-+        if (point == end)
-+            return;
- 
-         uint64_t extraData = LittleEndian::readUint64(point++);
- 
-         if (ownership < JS::SCTAG_TMO_FIRST_OWNED)
-             continue;
- 
-         if (ownership == JS::SCTAG_TMO_ALLOC_DATA) {
-             js_free(content);
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch b/gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch
deleted file mode 100644
index 0a6bee378b..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/e7c23c08bf84
-
-# HG changeset patch
-# User Randell Jesup <rjesup@jesup.org>
-# Date 1458543433 14400
-# Node ID e7c23c08bf84a02d9154f31e0c5d121a45884a69
-# Parent  a6de1f453712edabff597879398606708c191098
-Bug 1254876: assert windows recording is shut down r=pkerr a=ritu
-
-MozReview-Commit-ID: JRqxBb5TgrE
-
-diff --git a/media/webrtc/trunk/webrtc/modules/audio_device/win/audio_device_core_win.cc b/media/webrtc/trunk/webrtc/modules/audio_device/win/audio_device_core_win.cc
---- a/media/webrtc/trunk/webrtc/modules/audio_device/win/audio_device_core_win.cc
-+++ b/media/webrtc/trunk/webrtc/modules/audio_device/win/audio_device_core_win.cc
-@@ -567,16 +567,19 @@ AudioDeviceWindowsCore::AudioDeviceWindo
- // ----------------------------------------------------------------------------
- 
- AudioDeviceWindowsCore::~AudioDeviceWindowsCore()
- {
-     WEBRTC_TRACE(kTraceMemory, kTraceAudioDevice, _id, "%s destroyed", __FUNCTION__);
- 
-     Terminate();
- 
-+    // Recording thread should be shut down before this!
-+    assert(_hRecThread == NULL);
-+
-     // The IMMDeviceEnumerator is created during construction. Must release
-     // it here and not in Terminate() since we don't recreate it in Init().
-     SAFE_RELEASE(_ptrEnumerator);
- 
-     _ptrAudioBuffer = NULL;
- 
-     if (NULL != _hRenderSamplesReadyEvent)
-     {
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch b/gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch
deleted file mode 100644
index f4b4c0d4eb..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/3d2b62083a6a
-
-# HG changeset patch
-# User Shu-yu Guo <shu@rfrn.org>
-# Date 1459741387 -7200
-# Node ID 3d2b62083a6a4fb43cb330d77142f9dce0959a23
-# Parent  9d4364f6b55c6ee65c13c491292c3abe1ee2c993
-Bug 1254164 - Make aliasedBodyLevelLexicalBegin a uint32. r=Waldo, a=ritu
-
-diff --git a/js/src/jit-test/tests/parser/bug-1254164.js b/js/src/jit-test/tests/parser/bug-1254164.js
-new file mode 100644
---- /dev/null
-+++ b/js/src/jit-test/tests/parser/bug-1254164.js
-@@ -0,0 +1,6 @@
-+// |jit-test| slow;
-+
-+var s = '';
-+for (var i = 0; i < 70000; i++)
-+    s += 'function x' + i + '() { x' + i + '(); }\n';
-+eval("(function() { " + s + " })();");
-diff --git a/js/src/jsscript.cpp b/js/src/jsscript.cpp
---- a/js/src/jsscript.cpp
-+++ b/js/src/jsscript.cpp
-@@ -111,17 +111,20 @@ Bindings::initWithTemporaryStorage(Exclu
-     // JITs when interpreting/compiling aliasedvar ops.)
- 
-     // Since unaliased variables are, by definition, only accessed by local
-     // operations and never through the scope chain, only give shapes to
-     // aliased variables. While the debugger may observe any scope object at
-     // any time, such accesses are mediated by DebugScopeProxy (see
-     // DebugScopeProxy::handleUnaliasedAccess).
-     uint32_t nslots = CallObject::RESERVED_SLOTS;
--    uint32_t aliasedBodyLevelLexicalBegin = UINT16_MAX;
-+
-+    // Unless there are aliased body-level lexical bindings at all, set the
-+    // begin index to an impossible slot number.
-+    uint32_t aliasedBodyLevelLexicalBegin = LOCALNO_LIMIT;
-     for (BindingIter bi(self); bi; bi++) {
-         if (bi->aliased()) {
-             // Per ES6, lexical bindings cannot be accessed until
-             // initialized. Remember the first aliased slot that is a
-             // body-level lexical, so that they may be initialized to sentinel
-             // magic values.
-             if (numBodyLevelLexicals > 0 &&
-                 nslots < aliasedBodyLevelLexicalBegin &&
-diff --git a/js/src/jsscript.h b/js/src/jsscript.h
---- a/js/src/jsscript.h
-+++ b/js/src/jsscript.h
-@@ -201,18 +201,18 @@ class Bindings
-     friend class BindingIter;
-     friend class AliasedFormalIter;
- 
-     RelocatablePtrShape callObjShape_;
-     uintptr_t bindingArrayAndFlag_;
-     uint16_t numArgs_;
-     uint16_t numBlockScoped_;
-     uint16_t numBodyLevelLexicals_;
--    uint16_t aliasedBodyLevelLexicalBegin_;
-     uint16_t numUnaliasedBodyLevelLexicals_;
-+    uint32_t aliasedBodyLevelLexicalBegin_;
-     uint32_t numVars_;
-     uint32_t numUnaliasedVars_;
- 
- #if JS_BITS_PER_WORD == 32
-     // Bindings is allocated inline inside JSScript, which needs to be
-     // gc::Cell aligned.
-     uint32_t padding_;
- #endif
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch b/gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch
deleted file mode 100644
index a5a4212c28..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/88f1eb2c3f4b
-
-# HG changeset patch
-# User Timothy Nikkel <tnikkel@gmail.com>
-# Date 1457637807 21600
-# Node ID 88f1eb2c3f4b4b57365ed88223cf8adc2bec4610
-# Parent  bf34b97757b334af1f9f53b9b59e0b6902e7ed6f
-Bug 1187420. r=drc r=jmuizelaar a=sylvestre
-
-MozReview-Commit-ID: Hh0Khqfj8Bf
-
-diff --git a/media/libjpeg/jstdhuff.c b/media/libjpeg/jstdhuff.c
---- a/media/libjpeg/jstdhuff.c
-+++ b/media/libjpeg/jstdhuff.c
-@@ -36,16 +36,17 @@ add_huff_table (j_common_ptr cinfo,
-    */
-   nsymbols = 0;
-   for (len = 1; len <= 16; len++)
-     nsymbols += bits[len];
-   if (nsymbols < 1 || nsymbols > 256)
-     ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
- 
-   MEMCOPY((*htblptr)->huffval, val, nsymbols * sizeof(UINT8));
-+  MEMZERO(&((*htblptr)->huffval[nsymbols]), (256 - nsymbols) * sizeof(UINT8));
- 
-   /* Initialize sent_table FALSE so table will be written to JPEG file. */
-   (*htblptr)->sent_table = FALSE;
- }
- 
- 
- LOCAL(void)
- std_huff_tables (j_common_ptr cinfo)
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch b/gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch
deleted file mode 100644
index 5eff4fe99c..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/5c312182da90
-
-# HG changeset patch
-# User Jan de Mooij <jdemooij@mozilla.com>
-# Date 1458828581 -3600
-# Node ID 5c312182da9020504103aa329360abaffa7e232d
-# Parent  fa4efccde9b7efde8763a178a6cf422b6d37a0e9
-Bug 1254622 - Relookup group->newScript in CreateThisForFunctionWithGroup. r=bhackett a=sylvestre
-
-MozReview-Commit-ID: KXd7kB70f1Z
-
-diff --git a/js/src/jsobj.cpp b/js/src/jsobj.cpp
---- a/js/src/jsobj.cpp
-+++ b/js/src/jsobj.cpp
-@@ -1574,18 +1574,19 @@ CreateThisForFunctionWithGroup(JSContext
-         // Not enough objects with this group have been created yet, so make a
-         // plain object and register it with the group. Use the maximum number
-         // of fixed slots, as is also required by the TypeNewScript.
-         gc::AllocKind allocKind = GuessObjectGCKind(NativeObject::MAX_FIXED_SLOTS);
-         PlainObject* res = NewObjectWithGroup<PlainObject>(cx, group, parent, allocKind, newKind);
-         if (!res)
-             return nullptr;
- 
--        if (newKind != SingletonObject)
--            newScript->registerNewObject(res);
-+        // Make sure group->newScript is still there.
-+        if (newKind != SingletonObject && group->newScript())
-+            group->newScript()->registerNewObject(res);
- 
-         return res;
-     }
- 
-     gc::AllocKind allocKind = NewObjectGCKind(&PlainObject::class_);
- 
-     if (newKind == SingletonObject) {
-         Rooted<TaggedProto> protoRoot(cx, group->proto());
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch b/gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch
deleted file mode 100644
index 00718ebaac..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/3fdd280fa099
-
-# HG changeset patch
-# User Carsten "Tomcat" Book <cbook@mozilla.com>
-# Date 1461123938 -7200
-# Node ID 3fdd280fa099b6453ce9fd9905af883bc2ebce24
-# Parent  52dfdd37150d62f708dc5bf61dd28f3967596788
-Bug 1252707 - a=sylvestre
-
-diff --git a/js/src/vm/Shape.cpp b/js/src/vm/Shape.cpp
---- a/js/src/vm/Shape.cpp
-+++ b/js/src/vm/Shape.cpp
-@@ -382,18 +382,20 @@ NativeObject::getChildPropertyOnDictiona
- 
-     if (obj->inDictionaryMode()) {
-         MOZ_ASSERT(parent == obj->lastProperty());
-         RootedGeneric<StackShape*> childRoot(cx, &child);
-         shape = childRoot->isAccessorShape() ? NewGCAccessorShape(cx) : NewGCShape(cx);
-         if (!shape)
-             return nullptr;
-         if (childRoot->hasSlot() && childRoot->slot() >= obj->lastProperty()->base()->slotSpan()) {
--            if (!obj->setSlotSpan(cx, childRoot->slot() + 1))
-+            if (!obj->setSlotSpan(cx, childRoot->slot() + 1)) {
-+                new (shape) Shape(obj->lastProperty()->base()->unowned(), 0);
-                 return nullptr;
-+            }
-         }
-         shape->initDictionaryShape(*childRoot, obj->numFixedSlots(), &obj->shape_);
-     }
- 
-     return shape;
- }
- 
- /* static */ Shape*
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2808.patch b/gnu/packages/patches/icecat-CVE-2016-2808.patch
deleted file mode 100644
index ae190b8b4c..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2808.patch
+++ /dev/null
@@ -1,389 +0,0 @@
-Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/71f611fd27c7
-
-# HG changeset patch
-# User Jeff Walden <jwalden@mit.edu>
-# Date 1458941573 25200
-# Node ID 71f611fd27c7d6cb7d6dab9895c2922948042543
-# Parent  861f6b83ce1deade2a976cabe059776ad51ce370
-Bug 1246061.  r=luke, r=froydnj, a=sylvestre
-
-diff --git a/js/public/HashTable.h b/js/public/HashTable.h
---- a/js/public/HashTable.h
-+++ b/js/public/HashTable.h
-@@ -8,16 +8,17 @@
- #define js_HashTable_h
- 
- #include "mozilla/Alignment.h"
- #include "mozilla/Assertions.h"
- #include "mozilla/Attributes.h"
- #include "mozilla/Casting.h"
- #include "mozilla/MemoryReporting.h"
- #include "mozilla/Move.h"
-+#include "mozilla/Opaque.h"
- #include "mozilla/PodOperations.h"
- #include "mozilla/ReentrancyGuard.h"
- #include "mozilla/TemplateLib.h"
- #include "mozilla/TypeTraits.h"
- 
- #include "js/Utility.h"
- 
- namespace js {
-@@ -27,16 +28,18 @@ template <class> struct DefaultHasher;
- template <class, class> class HashMapEntry;
- namespace detail {
-     template <class T> class HashTableEntry;
-     template <class T, class HashPolicy, class AllocPolicy> class HashTable;
- }
- 
- /*****************************************************************************/
- 
-+using Generation = mozilla::Opaque<uint64_t>;
-+
- // A JS-friendly, STL-like container providing a hash-based map from keys to
- // values. In particular, HashMap calls constructors and destructors of all
- // objects added so non-PODs may be used safely.
- //
- // Key/Value requirements:
- //  - movable, destructible, assignable
- // HashPolicy requirements:
- //  - see Hash Policy section below
-@@ -200,17 +203,19 @@ class HashMap
-         return impl.sizeOfExcludingThis(mallocSizeOf);
-     }
-     size_t sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const {
-         return mallocSizeOf(this) + impl.sizeOfExcludingThis(mallocSizeOf);
-     }
- 
-     // If |generation()| is the same before and after a HashMap operation,
-     // pointers into the table remain valid.
--    uint32_t generation() const                       { return impl.generation(); }
-+    Generation generation() const {
-+        return impl.generation();
-+    }
- 
-     /************************************************** Shorthand operations */
- 
-     bool has(const Lookup& l) const {
-         return impl.lookup(l).found();
-     }
- 
-     // Overwrite existing value with v. Return false on oom.
-@@ -431,17 +436,19 @@ class HashSet
-         return impl.sizeOfExcludingThis(mallocSizeOf);
-     }
-     size_t sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const {
-         return mallocSizeOf(this) + impl.sizeOfExcludingThis(mallocSizeOf);
-     }
- 
-     // If |generation()| is the same before and after a HashSet operation,
-     // pointers into the table remain valid.
--    uint32_t generation() const                       { return impl.generation(); }
-+    Generation generation() const {
-+        return impl.generation();
-+    }
- 
-     /************************************************** Shorthand operations */
- 
-     bool has(const Lookup& l) const {
-         return impl.lookup(l).found();
-     }
- 
-     // Add |u| if it is not present already. Return false on oom.
-@@ -766,17 +773,17 @@ class HashTable : private AllocPolicy
-     // table operations unless |generation()| is tested.
-     class Ptr
-     {
-         friend class HashTable;
- 
-         Entry* entry_;
- #ifdef JS_DEBUG
-         const HashTable* table_;
--        uint32_t generation;
-+        Generation generation;
- #endif
- 
-       protected:
-         Ptr(Entry& entry, const HashTable& tableArg)
-           : entry_(&entry)
- #ifdef JS_DEBUG
-           , table_(&tableArg)
-           , generation(tableArg.generation())
-@@ -873,17 +880,17 @@ class HashTable : private AllocPolicy
-             while (cur < end && !cur->isLive())
-                 ++cur;
-         }
- 
-         Entry* cur, *end;
- #ifdef JS_DEBUG
-         const HashTable* table_;
-         uint64_t mutationCount;
--        uint32_t generation;
-+        Generation generation;
-         bool validEntry;
- #endif
- 
-       public:
-         Range()
-           : cur(nullptr)
-           , end(nullptr)
- #ifdef JS_DEBUG
-@@ -1012,18 +1019,18 @@ class HashTable : private AllocPolicy
-     // HashTable is not copyable or assignable
-     HashTable(const HashTable&) = delete;
-     void operator=(const HashTable&) = delete;
- 
-   private:
-     static const size_t CAP_BITS = 24;
- 
-   public:
--    Entry*      table;                 // entry storage
--    uint32_t    gen;                    // entry storage generation number
-+    uint64_t    gen;                    // entry storage generation number
-+    Entry*      table;                  // entry storage
-     uint32_t    entryCount;             // number of entries in table
-     uint32_t    removedCount:CAP_BITS;  // removed entry sentinels in table
-     uint32_t    hashShift:8;            // multiplicative hash shift
- 
- #ifdef JS_DEBUG
-     uint64_t     mutationCount;
-     mutable bool mEntered;
-     mutable struct Stats
-@@ -1097,18 +1104,18 @@ class HashTable : private AllocPolicy
-         for (Entry* e = oldTable, *end = e + capacity; e < end; ++e)
-             e->destroyIfLive();
-         alloc.free_(oldTable);
-     }
- 
-   public:
-     explicit HashTable(AllocPolicy ap)
-       : AllocPolicy(ap)
-+      , gen(0)
-       , table(nullptr)
--      , gen(0)
-       , entryCount(0)
-       , removedCount(0)
-       , hashShift(sHashBits)
- #ifdef JS_DEBUG
-       , mutationCount(0)
-       , mEntered(false)
- #endif
-     {}
-@@ -1524,20 +1531,20 @@ class HashTable : private AllocPolicy
-     }
- 
-     uint32_t capacity() const
-     {
-         MOZ_ASSERT(table);
-         return JS_BIT(sHashBits - hashShift);
-     }
- 
--    uint32_t generation() const
-+    Generation generation() const
-     {
-         MOZ_ASSERT(table);
--        return gen;
-+        return Generation(gen);
-     }
- 
-     size_t sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf) const
-     {
-         return mallocSizeOf(table);
-     }
- 
-     size_t sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const
-diff --git a/js/src/jsapi.h b/js/src/jsapi.h
---- a/js/src/jsapi.h
-+++ b/js/src/jsapi.h
-@@ -270,20 +270,16 @@ class AutoHashMapRooter : protected Auto
- 
-     size_t sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf) const {
-         return map.sizeOfExcludingThis(mallocSizeOf);
-     }
-     size_t sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const {
-         return map.sizeOfIncludingThis(mallocSizeOf);
-     }
- 
--    uint32_t generation() const {
--        return map.generation();
--    }
--
-     /************************************************** Shorthand operations */
- 
-     bool has(const Lookup& l) const {
-         return map.has(l);
-     }
- 
-     template<typename KeyInput, typename ValueInput>
-     bool put(const KeyInput& k, const ValueInput& v) {
-@@ -385,20 +381,16 @@ class AutoHashSetRooter : protected Auto
- 
-     size_t sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf) const {
-         return set.sizeOfExcludingThis(mallocSizeOf);
-     }
-     size_t sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const {
-         return set.sizeOfIncludingThis(mallocSizeOf);
-     }
- 
--    uint32_t generation() const {
--        return set.generation();
--    }
--
-     /************************************************** Shorthand operations */
- 
-     bool has(const Lookup& l) const {
-         return set.has(l);
-     }
- 
-     bool put(const T& t) {
-         return set.put(t);
-diff --git a/js/src/jscntxt.h b/js/src/jscntxt.h
---- a/js/src/jscntxt.h
-+++ b/js/src/jscntxt.h
-@@ -30,21 +30,21 @@ class DebugModeOSRVolatileJitFrameIterat
- }
- 
- typedef HashSet<JSObject*> ObjectSet;
- typedef HashSet<Shape*> ShapeSet;
- 
- /* Detects cycles when traversing an object graph. */
- class AutoCycleDetector
- {
-+    Generation hashsetGenerationAtInit;
-     JSContext* cx;
-     RootedObject obj;
-+    ObjectSet::AddPtr hashsetAddPointer;
-     bool cyclic;
--    uint32_t hashsetGenerationAtInit;
--    ObjectSet::AddPtr hashsetAddPointer;
-     MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER
- 
-   public:
-     AutoCycleDetector(JSContext* cx, HandleObject objArg
-                       MOZ_GUARD_OBJECT_NOTIFIER_PARAM)
-       : cx(cx), obj(cx, objArg), cyclic(true)
-     {
-         MOZ_GUARD_OBJECT_NOTIFIER_INIT;
-diff --git a/js/src/jswatchpoint.cpp b/js/src/jswatchpoint.cpp
---- a/js/src/jswatchpoint.cpp
-+++ b/js/src/jswatchpoint.cpp
-@@ -22,25 +22,25 @@ DefaultHasher<WatchKey>::hash(const Look
- {
-     return DefaultHasher<JSObject*>::hash(key.object.get()) ^ HashId(key.id.get());
- }
- 
- namespace {
- 
- class AutoEntryHolder {
-     typedef WatchpointMap::Map Map;
-+    Generation gen;
-     Map& map;
-     Map::Ptr p;
--    uint32_t gen;
-     RootedObject obj;
-     RootedId id;
- 
-   public:
-     AutoEntryHolder(JSContext* cx, Map& map, Map::Ptr p)
--      : map(map), p(p), gen(map.generation()), obj(cx, p->key().object), id(cx, p->key().id)
-+      : gen(map.generation()), map(map), p(p), obj(cx, p->key().object), id(cx, p->key().id)
-     {
-         MOZ_ASSERT(!p->value().held);
-         p->value().held = true;
-     }
- 
-     ~AutoEntryHolder() {
-         if (gen != map.generation())
-             p = map.lookup(WatchKey(obj, id));
-diff --git a/js/src/shell/jsheaptools.cpp b/js/src/shell/jsheaptools.cpp
---- a/js/src/shell/jsheaptools.cpp
-+++ b/js/src/shell/jsheaptools.cpp
-@@ -267,17 +267,17 @@ HeapReverser::traverseEdge(void* cell, J
-     Map::AddPtr a = map.lookupForAdd(cell);
-     if (!a) {
-         /*
-          * We've never visited this cell before. Add it to the map (thus
-          * marking it as visited), and put it on the work stack, to be
-          * visited from the main loop.
-          */
-         Node n(kind);
--        uint32_t generation = map.generation();
-+        Generation generation = map.generation();
-         if (!map.add(a, cell, Move(n)) ||
-             !work.append(Child(cell, kind)))
-             return false;
-         /* If the map has been resized, re-check the pointer. */
-         if (map.generation() != generation)
-             a = map.lookupForAdd(cell);
-     }
- 
-diff --git a/mfbt/Opaque.h b/mfbt/Opaque.h
-new file mode 100644
---- /dev/null
-+++ b/mfbt/Opaque.h
-@@ -0,0 +1,44 @@
-+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-+/* This Source Code Form is subject to the terms of the Mozilla Public
-+ * License, v. 2.0. If a copy of the MPL was not distributed with this
-+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-+
-+/* An opaque integral type supporting only comparison operators. */
-+
-+#ifndef mozilla_Opaque_h
-+#define mozilla_Opaque_h
-+
-+#include "mozilla/TypeTraits.h"
-+
-+namespace mozilla {
-+
-+/**
-+ * Opaque<T> is a replacement for integral T in cases where only comparisons
-+ * must be supported, and it's desirable to prevent accidental dependency on
-+ * exact values.
-+ */
-+template<typename T>
-+class Opaque final
-+{
-+  static_assert(mozilla::IsIntegral<T>::value,
-+                "mozilla::Opaque only supports integral types");
-+
-+  T mValue;
-+
-+public:
-+  Opaque() {}
-+  explicit Opaque(T aValue) : mValue(aValue) {}
-+
-+  bool operator==(const Opaque& aOther) const {
-+    return mValue == aOther.mValue;
-+  }
-+
-+  bool operator!=(const Opaque& aOther) const {
-+    return !(*this == aOther);
-+  }
-+};
-+
-+} // namespace mozilla
-+
-+#endif /* mozilla_Opaque_h */
-diff --git a/mfbt/moz.build b/mfbt/moz.build
---- a/mfbt/moz.build
-+++ b/mfbt/moz.build
-@@ -48,16 +48,17 @@ EXPORTS.mozilla = [
-     'MathAlgorithms.h',
-     'Maybe.h',
-     'MaybeOneOf.h',
-     'MemoryChecking.h',
-     'MemoryReporting.h',
-     'Move.h',
-     'NullPtr.h',
-     'NumericLimits.h',
-+    'Opaque.h',
-     'Pair.h',
-     'PodOperations.h',
-     'Poison.h',
-     'Range.h',
-     'RangedPtr.h',
-     'RefCountType.h',
-     'ReentrancyGuard.h',
-     'RefPtr.h',
-
diff --git a/gnu/packages/patches/icecat-CVE-2016-2814.patch b/gnu/packages/patches/icecat-CVE-2016-2814.patch
deleted file mode 100644
index 5f197f25e6..0000000000
--- a/gnu/packages/patches/icecat-CVE-2016-2814.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-
-# HG changeset patch
-# User Jean-Yves Avenard <jyavenard@mozilla.com>
-# Date 1460655260 25200
-# Node ID a13c0bc84d6eb132f4199f563fbe228d2d3b3a51
-# Parent  88f1eb2c3f4b4b57365ed88223cf8adc2bec4610
-Bug 1254721: Ensure consistency between Cenc offsets and sizes table. r=gerald a=sylvestre
-
-MozReview-Commit-ID: E1KbKIIBR87
-
-diff --git a/media/libstagefright/frameworks/av/media/libstagefright/SampleTable.cpp b/media/libstagefright/frameworks/av/media/libstagefright/SampleTable.cpp
---- a/media/libstagefright/frameworks/av/media/libstagefright/SampleTable.cpp
-+++ b/media/libstagefright/frameworks/av/media/libstagefright/SampleTable.cpp
-@@ -612,18 +612,18 @@ status_t
- SampleTable::parseSampleCencInfo() {
-     if ((!mCencDefaultSize && !mCencInfoCount) || mCencOffsets.isEmpty()) {
-         // We don't have all the cenc information we need yet. Quietly fail and
-         // hope we get the data we need later in the track header.
-         ALOGV("Got half of cenc saio/saiz pair. Deferring parse until we get the other half.");
-         return OK;
-     }
- 
--    if (!mCencSizes.isEmpty() && mCencOffsets.size() > 1 &&
--        mCencSizes.size() != mCencOffsets.size()) {
-+    if ((mCencOffsets.size() > 1 && mCencOffsets.size() < mCencInfoCount) ||
-+        (!mCencDefaultSize && mCencSizes.size() < mCencInfoCount)) {
-         return ERROR_MALFORMED;
-     }
- 
-     if (mCencInfoCount > kMAX_ALLOCATION / sizeof(SampleCencInfo)) {
-         // Avoid future OOM.
-         return ERROR_MALFORMED;
-     }
- 
-
diff --git a/gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch b/gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch
deleted file mode 100644
index 5c869bf510..0000000000
--- a/gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Re-enable the DHE (Ephemeral Diffie-Hellman) cipher suites, which IceCat
-38.6.0 disabled by default to avoid the Logjam attack.  This issue was
-fixed in NSS version 3.19.1 by limiting the lower strength of supported
-DHE keys to use 1023 bit primes, so we can enable these cipher suites
-safely.  The DHE cipher suites are needed to allow IceCat to connect to
-many sites, including https://gnupg.org/.
-
-Patch by Mark H Weaver <mhw@netris.org>
-
---- icecat-38.6.0/browser/app/profile/icecat.js.orig	1969-12-31 19:00:00.000000000 -0500
-+++ icecat-38.6.0/browser/app/profile/icecat.js	2016-02-06 00:48:23.826170154 -0500
-@@ -2061,12 +2061,6 @@
- pref("security.ssl3.rsa_des_ede3_sha", false);
- pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
- pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
--// https://directory.fsf.org/wiki/Disable_DHE
--// Avoid logjam attack
--pref("security.ssl3.dhe_rsa_aes_128_sha", false);
--pref("security.ssl3.dhe_rsa_aes_256_sha", false);
--pref("security.ssl3.dhe_dss_aes_128_sha", false);
--pref("security.ssl3.dhe_rsa_des_ede3_sha", false);
- //Optional
- //Perfect forward secrecy
- // pref("security.ssl3.rsa_aes_256_sha", false);
diff --git a/gnu/packages/patches/icecat-update-bundled-graphite2.patch b/gnu/packages/patches/icecat-update-bundled-graphite2.patch
deleted file mode 100644
index c3ab920335..0000000000
--- a/gnu/packages/patches/icecat-update-bundled-graphite2.patch
+++ /dev/null
@@ -1,2488 +0,0 @@
-
-# HG changeset patch
-# User Jonathan Kew <jkew@mozilla.com>
-# Date 1460660890 -3600
-# Node ID 7330633d20ffb33941e41ea0666c4099b6e6d317
-# Parent  5c312182da9020504103aa329360abaffa7e232d
-Bug 1262846 (patch for ESR trees) - Update Graphite2 library to 1.3.8. r=jrmuizel a=sledru
-
-diff --git a/gfx/graphite2/README.mozilla b/gfx/graphite2/README.mozilla
---- a/gfx/graphite2/README.mozilla
-+++ b/gfx/graphite2/README.mozilla
-@@ -1,3 +1,3 @@
--This directory contains the Graphite2 library release 1.3.6 from
--https://github.com/silnrsi/graphite/releases/download/1.3.6/graphite-minimal-1.3.6.tgz
-+This directory contains the Graphite2 library release 1.3.8 from
-+https://github.com/silnrsi/graphite/releases/download/1.3.8/graphite2-minimal-1.3.8.tgz
- See gfx/graphite2/moz-gr-update.sh for update procedure.
-diff --git a/gfx/graphite2/include/graphite2/Font.h b/gfx/graphite2/include/graphite2/Font.h
---- a/gfx/graphite2/include/graphite2/Font.h
-+++ b/gfx/graphite2/include/graphite2/Font.h
-@@ -25,17 +25,17 @@
-     either version 2 of the License or (at your option) any later version.
- */
- #pragma once
- 
- #include "graphite2/Types.h"
- 
- #define GR2_VERSION_MAJOR   1
- #define GR2_VERSION_MINOR   3
--#define GR2_VERSION_BUGFIX  6
-+#define GR2_VERSION_BUGFIX  8
- 
- #ifdef __cplusplus
- extern "C"
- {
- #endif
- 
- typedef struct gr_face          gr_face;
- typedef struct gr_font          gr_font;
-diff --git a/gfx/graphite2/moz-gr-update.sh b/gfx/graphite2/moz-gr-update.sh
---- a/gfx/graphite2/moz-gr-update.sh
-+++ b/gfx/graphite2/moz-gr-update.sh
-@@ -14,17 +14,17 @@
- RELEASE=$1
- 
- if [ "x$RELEASE" == "x" ]
- then
-     echo "Must provide the version number to be used."
-     exit 1
- fi
- 
--TARBALL="https://github.com/silnrsi/graphite/releases/download/$RELEASE/graphite-minimal-$RELEASE.tgz"
-+TARBALL="https://github.com/silnrsi/graphite/releases/download/$RELEASE/graphite2-minimal-$RELEASE.tgz"
- 
- foo=`basename $0`
- TMPFILE=`mktemp -t ${foo}` || exit 1
- 
- curl -L "$TARBALL" -o "$TMPFILE"
- tar -x -z -C gfx/graphite2/ --strip-components 1 -f "$TMPFILE" || exit 1
- rm "$TMPFILE"
- 
-diff --git a/gfx/graphite2/src/CachedFace.cpp b/gfx/graphite2/src/CachedFace.cpp
---- a/gfx/graphite2/src/CachedFace.cpp
-+++ b/gfx/graphite2/src/CachedFace.cpp
-@@ -64,20 +64,20 @@ bool CachedFace::runGraphite(Segment *se
-         return false;
- 
-     assert(m_cacheStore);
-     // find where the segment can be broken
-     Slot * subSegStartSlot = seg->first();
-     Slot * subSegEndSlot = subSegStartSlot;
-     uint16 cmapGlyphs[eMaxSpliceSize];
-     int subSegStart = 0;
--    for (unsigned int i = 0; i < seg->charInfoCount(); ++i)
-+    for (unsigned int i = 0; i < seg->charInfoCount() && subSegEndSlot; ++i)
-     {
-         const unsigned int length = i - subSegStart + 1;
--        if (length < eMaxSpliceSize)
-+        if (length < eMaxSpliceSize && subSegEndSlot->gid() < m_cacheStore->maxCmapGid())
-             cmapGlyphs[length-1] = subSegEndSlot->gid();
-         else return false;
-         const bool spaceOnly = m_cacheStore->isSpaceGlyph(subSegEndSlot->gid());
-         // at this stage the character to slot mapping is still 1 to 1
-         const int   breakWeight = seg->charinfo(i)->breakWeight(),
-                     nextBreakWeight = (i + 1 < seg->charInfoCount())?
-                             seg->charinfo(i+1)->breakWeight() : 0;
-         const uint8 f = seg->charinfo(i)->flags();
-diff --git a/gfx/graphite2/src/Code.cpp b/gfx/graphite2/src/Code.cpp
---- a/gfx/graphite2/src/Code.cpp
-+++ b/gfx/graphite2/src/Code.cpp
-@@ -61,93 +61,88 @@ inline bool is_return(const instr i) {
-     const instr pop_ret  = *opmap[POP_RET].impl,
-                 ret_zero = *opmap[RET_ZERO].impl,
-                 ret_true = *opmap[RET_TRUE].impl;
-     return i == pop_ret || i == ret_zero || i == ret_true;
- }
- 
- struct context
- {
--    context(uint8 ref=0) : codeRef(ref) {flags.changed=false; flags.referenced=false; flags.inserted=false;}
-+    context(uint8 ref=0) : codeRef(ref) {flags.changed=false; flags.referenced=false;}
-     struct { 
-         uint8   changed:1,
--                referenced:1,
--                inserted:1;
-+                referenced:1;
-     } flags;
-     uint8       codeRef;
- };
- 
- } // end namespace
- 
- 
- class Machine::Code::decoder
- {
- public:
-     struct limits;
--    struct analysis
--    {
--        static const int NUMCONTEXTS = 256;
--        uint8     slotref;
--        context   contexts[NUMCONTEXTS];
--        byte      max_ref;
--        
--        analysis() : slotref(0), max_ref(0) {};
--        void set_ref(int index, bool incinsert=false) throw();
--        void set_noref(int index) throw();
--        void set_changed(int index) throw();
--
--    };
-+    static const int NUMCONTEXTS = 256;
-     
-     decoder(limits & lims, Code &code, enum passtype pt) throw();
-     
-     bool        load(const byte * bc_begin, const byte * bc_end);
-     void        apply_analysis(instr * const code, instr * code_end);
--    byte        max_ref() { return _analysis.max_ref; }
--    int         pre_context() const { return _pre_context; }
-+    byte        max_ref() { return _max_ref; }
-+    int         out_index() const { return _out_index; }
-     
- private:
-+    void        set_ref(int index) throw();
-+    void        set_noref(int index) throw();
-+    void        set_changed(int index) throw();
-     opcode      fetch_opcode(const byte * bc);
-     void        analyse_opcode(const opcode, const int8 * const dp) throw();
-     bool        emit_opcode(opcode opc, const byte * & bc);
--    bool        validate_opcode(const opcode opc, const byte * const bc);
-+    bool        validate_opcode(const byte opc, const byte * const bc);
-     bool        valid_upto(const uint16 limit, const uint16 x) const throw();
-     bool        test_context() const throw();
-+    bool        test_ref(int8 index) const throw();
-     void        failure(const status_t s) const throw() { _code.failure(s); }
-     
-     Code              & _code;
--    int                 _pre_context;
--    uint16              _rule_length;
-+    int                 _out_index;
-+    uint16              _out_length;
-     instr             * _instr;
-     byte              * _data;
-     limits            & _max;
--    analysis            _analysis;
-     enum passtype       _passtype;
-     int                 _stack_depth;
-     bool                _in_ctxt_item;
-+    int16               _slotref;
-+    context             _contexts[NUMCONTEXTS];
-+    byte                _max_ref;
- };
- 
- 
- struct Machine::Code::decoder::limits
- {
-   const byte       * bytecode;
-   const uint8        pre_context;
-   const uint16       rule_length,
-                      classes,
-                      glyf_attrs,
-                      features;
-   const byte         attrid[gr_slatMax];
- };
-    
- inline Machine::Code::decoder::decoder(limits & lims, Code &code, enum passtype pt) throw()
- : _code(code),
--  _pre_context(code._constraint ? 0 : lims.pre_context), 
--  _rule_length(code._constraint ? 1 : lims.rule_length), 
-+  _out_index(code._constraint ? 0 : lims.pre_context), 
-+  _out_length(code._constraint ? 1 : lims.rule_length), 
-   _instr(code._code), _data(code._data), _max(lims), _passtype(pt),
-   _stack_depth(0),
--  _in_ctxt_item(false)
-+  _in_ctxt_item(false),
-+  _slotref(0),
-+  _max_ref(0)
- { }
-     
- 
- 
- Machine::Code::Code(bool is_constraint, const byte * bytecode_begin, const byte * const bytecode_end,
-            uint8 pre_context, uint16 rule_length, const Silf & silf, const Face & face,
-            enum passtype pt, byte * * const _out)
-  :  _code(0), _data(0), _data_size(0), _instr_count(0), _max_ref(0), _status(loaded),
-@@ -163,17 +158,17 @@ Machine::Code::Code(bool is_constraint, 
-       return;
-     }
-     assert(bytecode_end > bytecode_begin);
-     const opcode_t *    op_to_fn = Machine::getOpcodeTable();
-     
-     // Allocate code and data target buffers, these sizes are a worst case
-     // estimate.  Once we know their real sizes the we'll shrink them.
-     if (_out)   _code = reinterpret_cast<instr *>(*_out);
--    else        _code = static_cast<instr *>(malloc(estimateCodeDataOut(bytecode_end-bytecode_begin)));
-+    else        _code = static_cast<instr *>(malloc(estimateCodeDataOut(bytecode_end-bytecode_begin, 1, is_constraint ? 0 : rule_length)));
-     _data = reinterpret_cast<byte *>(_code + (bytecode_end - bytecode_begin));
-     
-     if (!_code || !_data) {
-         failure(alloc_failed);
-         return;
-     }
-     
-     decoder::limits lims = {
-@@ -266,23 +261,23 @@ bool Machine::Code::decoder::load(const 
-     return bool(_code);
- }
- 
- // Validation check and fixups.
- //
- 
- opcode Machine::Code::decoder::fetch_opcode(const byte * bc)
- {
--    const opcode opc = opcode(*bc++);
-+    const byte opc = *bc++;
- 
-     // Do some basic sanity checks based on what we know about the opcode
-     if (!validate_opcode(opc, bc))  return MAX_OPCODE;
- 
-     // And check it's arguments as far as possible
--    switch (opc)
-+    switch (opcode(opc))
-     {
-         case NOP :
-             break;
-         case PUSH_BYTE :
-         case PUSH_BYTEU :
-         case PUSH_SHORT :
-         case PUSH_SHORTU :
-         case PUSH_LONG :
-@@ -319,47 +314,57 @@ opcode Machine::Code::decoder::fetch_opc
-         case COND :
-             _stack_depth -= 2;
-             if (_stack_depth <= 0)
-                 failure(underfull_stack);
-             break;
-         case NEXT :
-         case NEXT_N :           // runtime checked
-         case COPY_NEXT :
--            test_context();
--            ++_pre_context;
-+            ++_out_index;
-+            if (_out_index < -1 || _out_index > _out_length || _slotref > _max.rule_length)
-+                failure(out_of_range_data);
-             break;
-         case PUT_GLYPH_8BIT_OBS :
-             valid_upto(_max.classes, bc[0]);
-             test_context();
-             break;
-         case PUT_SUBS_8BIT_OBS :
--            valid_upto(_rule_length, _pre_context + int8(bc[0]));
-+            test_ref(int8(bc[0]));
-             valid_upto(_max.classes, bc[1]);
-             valid_upto(_max.classes, bc[2]);
-             test_context();
-             break;
-         case PUT_COPY :
--            valid_upto(_rule_length, _pre_context + int8(bc[0]));
-+            test_ref(int8(bc[0]));
-             test_context();
-             break;
-         case INSERT :
-             if (_passtype >= PASS_TYPE_POSITIONING)
-                 failure(invalid_opcode);
--            else
--                --_pre_context;
-+            ++_out_length;
-+            if (_out_index < 0) ++_out_index;
-+            if (_out_index < -1 || _out_index >= _out_length)
-+                failure(out_of_range_data);
-             break;
-         case DELETE :
-             if (_passtype >= PASS_TYPE_POSITIONING)
-                 failure(invalid_opcode);
--            test_context();
-+            if (_out_index < _max.pre_context)
-+                failure(out_of_range_data);
-+            --_out_index;
-+            --_out_length;
-+            if (_out_index < -1 || _out_index > _out_length)
-+                failure(out_of_range_data);
-             break;
-         case ASSOC :
-+            if (bc[0] == 0)
-+                failure(out_of_range_data);
-             for (uint8 num = bc[0]; num; --num)
--                valid_upto(_rule_length, _pre_context + int8(bc[num]));
-+                test_ref(int8(bc[num]));
-             test_context();
-             break;
-         case CNTXT_ITEM :
-             valid_upto(_max.rule_length, _max.pre_context + int8(bc[0]));
-             if (bc + 2 + bc[1] >= _max.bytecode)    failure(jump_past_end);
-             if (_in_ctxt_item)                      failure(nested_context_item);
-             break;
-         case ATTR_SET :
-@@ -378,52 +383,43 @@ opcode Machine::Code::decoder::fetch_opc
-                 failure(underfull_stack);
-             if (valid_upto(gr_slatMax, bc[0]))
-                 valid_upto(_max.attrid[bc[0]], bc[1]);
-             test_context();
-             break;
-         case PUSH_SLOT_ATTR :
-             ++_stack_depth;
-             valid_upto(gr_slatMax, bc[0]);
--            valid_upto(_rule_length, _pre_context + int8(bc[1]));
-+            test_ref(int8(bc[1]));
-             if (attrCode(bc[0]) == gr_slatUserDefn)     // use IATTR for user attributes
-                 failure(out_of_range_data);
-             break;
-         case PUSH_GLYPH_ATTR_OBS :
-+        case PUSH_ATT_TO_GATTR_OBS :
-             ++_stack_depth;
-             valid_upto(_max.glyf_attrs, bc[0]);
--            valid_upto(_rule_length, _pre_context + int8(bc[1]));
-+            test_ref(int8(bc[1]));
-             break;
-+        case PUSH_ATT_TO_GLYPH_METRIC :
-         case PUSH_GLYPH_METRIC :
-             ++_stack_depth;
-             valid_upto(kgmetDescent, bc[0]);
--            valid_upto(_rule_length, _pre_context + int8(bc[1]));
-+            test_ref(int8(bc[1]));
-             // level: dp[2] no check necessary
-             break;
-         case PUSH_FEAT :
-             ++_stack_depth;
-             valid_upto(_max.features, bc[0]);
--            valid_upto(_rule_length, _pre_context + int8(bc[1]));
--            break;
--        case PUSH_ATT_TO_GATTR_OBS :
--            ++_stack_depth;
--            valid_upto(_max.glyf_attrs, bc[0]);
--            valid_upto(_rule_length, _pre_context + int8(bc[1]));
--            break;
--        case PUSH_ATT_TO_GLYPH_METRIC :
--            ++_stack_depth;
--            valid_upto(kgmetDescent, bc[0]);
--            valid_upto(_rule_length, _pre_context + int8(bc[1]));
--            // level: dp[2] no check necessary
-+            test_ref(int8(bc[1]));
-             break;
-         case PUSH_ISLOT_ATTR :
-             ++_stack_depth;
-             if (valid_upto(gr_slatMax, bc[0]))
-             {
--                valid_upto(_rule_length, _pre_context + int8(bc[1]));
-+                test_ref(int8(bc[1]));
-                 valid_upto(_max.attrid[bc[0]], bc[2]);
-             }
-             break;
-         case PUSH_IGLYPH_ATTR :// not implemented
-             ++_stack_depth;
-             break;
-         case POP_RET :
-             if (--_stack_depth < 0)
-@@ -442,118 +438,107 @@ opcode Machine::Code::decoder::fetch_opc
-                 valid_upto(_max.attrid[bc[0]], bc[1]);
-             test_context();
-             break;
-         case PUSH_PROC_STATE :  // dummy: dp[0] no check necessary
-         case PUSH_VERSION :
-             ++_stack_depth;
-             break;
-         case PUT_SUBS :
--            valid_upto(_rule_length, _pre_context + int8(bc[0]));
-+            test_ref(int8(bc[0]));
-             valid_upto(_max.classes, uint16(bc[1]<< 8) | bc[2]);
-             valid_upto(_max.classes, uint16(bc[3]<< 8) | bc[4]);
-             test_context();
-             break;
-         case PUT_SUBS2 :        // not implemented
-         case PUT_SUBS3 :        // not implemented
-             break;
-         case PUT_GLYPH :
-             valid_upto(_max.classes, uint16(bc[0]<< 8) | bc[1]);
-             test_context();
-             break;
-         case PUSH_GLYPH_ATTR :
-         case PUSH_ATT_TO_GLYPH_ATTR :
-             ++_stack_depth;
-             valid_upto(_max.glyf_attrs, uint16(bc[0]<< 8) | bc[1]);
--            valid_upto(_rule_length, _pre_context + int8(bc[2]));
-+            test_ref(int8(bc[2]));
-+            break;
-+        case SET_FEAT :
-+            valid_upto(_max.features, bc[0]);
-+            test_ref(int8(bc[1]));
-             break;
-         default:
-             failure(invalid_opcode);
-             break;
-     }
- 
--    return bool(_code) ? opc : MAX_OPCODE;
-+    return bool(_code) ? opcode(opc) : MAX_OPCODE;
- }
- 
- 
- void Machine::Code::decoder::analyse_opcode(const opcode opc, const int8  * arg) throw()
- {
--  if (_code._constraint) return;
--  
-   switch (opc)
-   {
-     case DELETE :
-       _code._delete = true;
-       break;
-+    case ASSOC :
-+      set_changed(0);
-+//      for (uint8 num = arg[0]; num; --num)
-+//        _analysis.set_noref(num);
-+      break;
-     case PUT_GLYPH_8BIT_OBS :
-     case PUT_GLYPH :
-       _code._modify = true;
--      _analysis.set_changed(0);
-+      set_changed(0);
-       break;
-     case ATTR_SET :
-     case ATTR_ADD :
-+    case ATTR_SUB :
-     case ATTR_SET_SLOT :
-     case IATTR_SET_SLOT :
-     case IATTR_SET :
-     case IATTR_ADD :
-     case IATTR_SUB :
--      _analysis.set_noref(0);
-+      set_noref(0);
-       break;
-     case NEXT :
-     case COPY_NEXT :
--      if (!_analysis.contexts[_analysis.slotref].flags.inserted)
--        ++_analysis.slotref;
--      _analysis.contexts[_analysis.slotref] = context(_code._instr_count+1);
-+      ++_slotref;
-+      _contexts[_slotref] = context(_code._instr_count+1);
-       // if (_analysis.slotref > _analysis.max_ref) _analysis.max_ref = _analysis.slotref;
-       break;
-     case INSERT :
--      _analysis.contexts[_analysis.slotref].flags.inserted = true;
-+      if (_slotref >= 0) --_slotref;
-       _code._modify = true;
-       break;
-     case PUT_SUBS_8BIT_OBS :    // slotref on 1st parameter
-     case PUT_SUBS : 
-       _code._modify = true;
--      _analysis.set_changed(0);
-+      set_changed(0);
-       GR_FALLTHROUGH;
-       // no break
-     case PUT_COPY :
--    {
--      if (arg[0] != 0) { _analysis.set_changed(0); _code._modify = true; }
--      if (arg[0] <= 0 && -arg[0] <= _analysis.slotref - _analysis.contexts[_analysis.slotref].flags.inserted)
--        _analysis.set_ref(arg[0], true);
--      else if (arg[0] > 0)
--        _analysis.set_ref(arg[0], true);
-+      if (arg[0] != 0) { set_changed(0); _code._modify = true; }
-+      set_ref(arg[0]);
-       break;
--    }
--    case PUSH_ATT_TO_GATTR_OBS : // slotref on 2nd parameter
--        if (_code._constraint) return;
--        GR_FALLTHROUGH;
--        // no break
-     case PUSH_GLYPH_ATTR_OBS :
-     case PUSH_SLOT_ATTR :
-     case PUSH_GLYPH_METRIC :
-+    case PUSH_ATT_TO_GATTR_OBS :
-     case PUSH_ATT_TO_GLYPH_METRIC :
-     case PUSH_ISLOT_ATTR :
-     case PUSH_FEAT :
--      if (arg[1] <= 0 && -arg[1] <= _analysis.slotref - _analysis.contexts[_analysis.slotref].flags.inserted)
--        _analysis.set_ref(arg[1], true);
--      else if (arg[1] > 0)
--        _analysis.set_ref(arg[1], true);
-+    case SET_FEAT :
-+      set_ref(arg[1]);
-       break;
-     case PUSH_ATT_TO_GLYPH_ATTR :
--        if (_code._constraint) return;
--        GR_FALLTHROUGH;
--        // no break
-     case PUSH_GLYPH_ATTR :
--      if (arg[2] <= 0 && -arg[2] <= _analysis.slotref - _analysis.contexts[_analysis.slotref].flags.inserted)
--        _analysis.set_ref(arg[2], true);
--      else if (arg[2] > 0)
--        _analysis.set_ref(arg[2], true);
--      break;
--    case ASSOC :                // slotrefs in varargs
-+      set_ref(arg[2]);
-       break;
-     default:
-         break;
-   }
- }
- 
- 
- bool Machine::Code::decoder::emit_opcode(opcode opc, const byte * & bc)
-@@ -579,81 +564,89 @@ bool Machine::Code::decoder::emit_opcode
-         _data            += param_sz;
-         _code._data_size += param_sz;
-     }
-     
-     // recursively decode a context item so we can split the skip into 
-     // instruction and data portions.
-     if (opc == CNTXT_ITEM)
-     {
--        assert(_pre_context == 0);
-+        assert(_out_index == 0);
-         _in_ctxt_item = true;
--        _pre_context = _max.pre_context + int8(_data[-2]);
--        _rule_length = _max.rule_length;
-+        _out_index = _max.pre_context + int8(_data[-2]);
-+        _slotref = int8(_data[-2]);
-+        _out_length = _max.rule_length;
- 
-         const size_t ctxt_start = _code._instr_count;
-         byte & instr_skip = _data[-1];
-         byte & data_skip  = *_data++;
-         ++_code._data_size;
-         const byte *curr_end = _max.bytecode;
- 
-         if (load(bc, bc + instr_skip))
-         {
-             bc += instr_skip;
-             data_skip  = instr_skip - (_code._instr_count - ctxt_start);
-             instr_skip = _code._instr_count - ctxt_start;
-             _max.bytecode = curr_end;
- 
--            _rule_length = 1;
--            _pre_context = 0;
-+            _out_length = 1;
-+            _out_index = 0;
-+            _slotref = 0;
-             _in_ctxt_item = false;
-         }
-         else
-         {
--            _pre_context = 0;
-+            _out_index = 0;
-+            _slotref = 0;
-             return false;
-         }
-     }
-     
-     return bool(_code);
- }
- 
- 
- void Machine::Code::decoder::apply_analysis(instr * const code, instr * code_end)
- {
-     // insert TEMP_COPY commands for slots that need them (that change and are referenced later)
-     int tempcount = 0;
-     if (_code._constraint) return;
- 
-     const instr temp_copy = Machine::getOpcodeTable()[TEMP_COPY].impl[0];
--    for (const context * c = _analysis.contexts, * const ce = c + _analysis.slotref; c != ce; ++c)
-+    for (const context * c = _contexts, * const ce = c + _slotref; c < ce; ++c)
-     {
-         if (!c->flags.referenced || !c->flags.changed) continue;
-         
-         instr * const tip = code + c->codeRef + tempcount;        
-         memmove(tip+1, tip, (code_end - tip) * sizeof(instr));
-         *tip = temp_copy;
-         ++code_end;
-         ++tempcount;
-         _code._delete = true;
-     }
-     
-     _code._instr_count = code_end - code;
- }
- 
- 
- inline
--bool Machine::Code::decoder::validate_opcode(const opcode opc, const byte * const bc)
-+bool Machine::Code::decoder::validate_opcode(const byte opc, const byte * const bc)
- {
-     if (opc >= MAX_OPCODE)
-     {
-         failure(invalid_opcode);
-         return false;
-     }
-     const opcode_t & op = Machine::getOpcodeTable()[opc];
-+    if (op.impl[_code._constraint] == 0)
-+    {
-+        failure(unimplemented_opcode_used);
-+        return false;
-+    }
-     if (op.param_sz == VARARGS && bc >= _max.bytecode)
-     {
-         failure(arguments_exhausted);
-         return false;
-     }
-     const size_t param_sz = op.param_sz == VARARGS ? bc[0] + 1 : op.param_sz;
-     if (bc - 1 + param_sz >= _max.bytecode)
-     {
-@@ -666,56 +659,69 @@ bool Machine::Code::decoder::validate_op
- 
- bool Machine::Code::decoder::valid_upto(const uint16 limit, const uint16 x) const throw()
- {
-     const bool t = (limit != 0) && (x < limit);
-     if (!t) failure(out_of_range_data);
-     return t;
- }
- 
-+inline
-+bool Machine::Code::decoder::test_ref(int8 index) const throw()
-+{
-+    if (_code._constraint && !_in_ctxt_item)
-+    {
-+        if (index > 0 || -index > _max.pre_context)
-+        {
-+            failure(out_of_range_data);
-+            return false;
-+        }
-+    }
-+    else
-+        return valid_upto(_max.rule_length, _slotref + _max.pre_context + index);
-+    return true;
-+}
-+
- bool Machine::Code::decoder::test_context() const throw()
- {
--    if (_pre_context >= _rule_length || _analysis.slotref >= analysis::NUMCONTEXTS - 1)
-+    if (_out_index >= _out_length || _out_index < 0 || _slotref >= NUMCONTEXTS - 1)
-     {
-         failure(out_of_range_data);
-         return false;
-     }
-     return true;
- }
- 
- inline 
- void Machine::Code::failure(const status_t s) throw() {
-     release_buffers();
-     _status = s;
- }
- 
- 
- inline
--void Machine::Code::decoder::analysis::set_ref(int index, bool incinsert) throw() {
--    if (incinsert && contexts[slotref].flags.inserted) --index;
--    if (index + slotref < 0 || index + slotref >= NUMCONTEXTS) return;
--    contexts[index + slotref].flags.referenced = true;
--    if ((index > 0 || !contexts[index + slotref].flags.inserted) && index + slotref > max_ref) max_ref = index + slotref;
-+void Machine::Code::decoder::set_ref(int index) throw() {
-+    if (index + _slotref < 0 || index + _slotref >= NUMCONTEXTS) return;
-+    _contexts[index + _slotref].flags.referenced = true;
-+    if (index + _slotref > _max_ref) _max_ref = index + _slotref;
- }
- 
- 
- inline
--void Machine::Code::decoder::analysis::set_noref(int index) throw() {
--    if (contexts[slotref].flags.inserted) --index;
--    if (index + slotref < 0 || index + slotref >= NUMCONTEXTS) return;
--    if ((index > 0 || !contexts[index + slotref].flags.inserted) && index + slotref > max_ref) max_ref = index + slotref;
-+void Machine::Code::decoder::set_noref(int index) throw() {
-+    if (index + _slotref < 0 || index + _slotref >= NUMCONTEXTS) return;
-+    if (index + _slotref > _max_ref) _max_ref = index + _slotref;
- }
- 
- 
- inline
--void Machine::Code::decoder::analysis::set_changed(int index) throw() {
--    if (contexts[slotref].flags.inserted) --index;
--    if (index + slotref < 0 || index + slotref >= NUMCONTEXTS) return;
--    contexts[index + slotref].flags.changed = true;
--    if ((index > 0 || !contexts[index + slotref].flags.inserted) && index + slotref > max_ref) max_ref = index + slotref;
-+void Machine::Code::decoder::set_changed(int index) throw() {
-+    if (index + _slotref < 0 || index + _slotref >= NUMCONTEXTS) return;
-+    _contexts[index + _slotref].flags.changed= true;
-+    if (index + _slotref > _max_ref) _max_ref = index + _slotref;
- }
- 
- 
- void Machine::Code::release_buffers() throw()
- {
-     if (_own)
-         free(_code);
-     _code = 0;
-diff --git a/gfx/graphite2/src/Collider.cpp b/gfx/graphite2/src/Collider.cpp
---- a/gfx/graphite2/src/Collider.cpp
-+++ b/gfx/graphite2/src/Collider.cpp
-@@ -21,17 +21,17 @@
- 
- Alternatively, the contents of this file may be used under the terms of the
- Mozilla Public License (http://mozilla.org/MPL) or the GNU General Public
- License, as published by the Free Software Foundation, either version 2
- of the License or (at your option) any later version.
- */
- #include <algorithm>
- #include <limits>
--#include <math.h>
-+#include <cmath>
- #include <string>
- #include <functional>
- #include "inc/Collider.h"
- #include "inc/Segment.h"
- #include "inc/Slot.h"
- #include "inc/GlyphCache.h"
- #include "inc/Sparse.h"
- 
-@@ -824,43 +824,43 @@ bool KernCollider::initSlot(Segment *seg
-     if (margin < 10) margin = 10;
- 
-     _limit = limit;
-     _offsetPrev = offsetPrev; // kern from a previous pass
-     
-     // Calculate the height of the glyph and how many horizontal slices to use.
-     if (_maxy >= 1e37f)
-     {
--        _maxy = ymax;
--        _miny = ymin;
-         _sliceWidth = margin / 1.5f;
-+        _maxy = ymax + margin;
-+        _miny = ymin - margin;
-         numSlices = int((_maxy - _miny + 2) / (_sliceWidth / 1.5f) + 1.f);  // +2 helps with rounding errors
-         _edges.clear();
-         _edges.insert(_edges.begin(), numSlices, (dir & 1) ? 1e38f : -1e38f);
-         _xbound = (dir & 1) ? (float)1e38f : (float)-1e38f;
-     }
-     else if (_maxy != ymax || _miny != ymin)
-     {
-         if (_miny != ymin)
-         {
--            numSlices = int((ymin - _miny) / _sliceWidth - 1);
-+            numSlices = int((ymin - margin - _miny) / _sliceWidth - 1);
-             _miny += numSlices * _sliceWidth;
-             if (numSlices < 0)
-                 _edges.insert(_edges.begin(), -numSlices, (dir & 1) ? 1e38f : -1e38f);
-             else if ((unsigned)numSlices < _edges.size())    // this shouldn't fire since we always grow the range
-             {
-                 Vector<float>::iterator e = _edges.begin();
-                 while (numSlices--)
-                     ++e;
-                 _edges.erase(_edges.begin(), e);
-             }
-         }
-         if (_maxy != ymax)
-         {
--            numSlices = int((ymax - _miny) / _sliceWidth + 1);
-+            numSlices = int((ymax + margin - _miny) / _sliceWidth + 1);
-             _maxy = numSlices * _sliceWidth + _miny;
-             if (numSlices > (int)_edges.size())
-                 _edges.insert(_edges.end(), numSlices - _edges.size(), (dir & 1) ? 1e38f : -1e38f);
-             else if (numSlices < (int)_edges.size())   // this shouldn't fire since we always grow the range
-             {
-                 while ((int)_edges.size() > numSlices)
-                     _edges.pop_back();
-             }
-@@ -930,53 +930,60 @@ bool KernCollider::initSlot(Segment *seg
- // Return false if we know there is no collision, true if we think there might be one.
- bool KernCollider::mergeSlot(Segment *seg, Slot *slot, const Position &currShift, float currSpace, int dir, GR_MAYBE_UNUSED json * const dbgout)
- {
-     int rtl = (dir & 1) * 2 - 1;
-     if (!seg->getFace()->glyphs().check(slot->gid()))
-         return false;
-     const Rect &bb = seg->theGlyphBBoxTemporary(slot->gid());
-     const float sx = slot->origin().x + currShift.x;
--    float x = sx + (rtl > 0 ? bb.tr.x : bb.bl.x);
-+    float x = (sx + (rtl > 0 ? bb.tr.x : bb.bl.x)) * rtl;
-     // this isn't going to reduce _mingap so skip
--    if ((rtl > 0 && x < _xbound - _mingap - currSpace) || (rtl <= 0 && x > _xbound + _mingap + currSpace))
-+    if (x < rtl * (_xbound - _mingap - currSpace))
-         return false;
- 
-     const float sy = slot->origin().y + currShift.y;
--    int smin = max(0, int((bb.bl.y + (1 - _miny + sy)) / _sliceWidth + 1));
--    int smax = min((int)_edges.size() - 1, int((bb.tr.y + (1 - _miny + sy)) / _sliceWidth + 1));
-+    int smin = max(1, int((bb.bl.y + (1 - _miny + sy)) / _sliceWidth + 1)) - 1;
-+    int smax = min((int)_edges.size() - 2, int((bb.tr.y + (1 - _miny + sy)) / _sliceWidth + 1)) + 1;
-+    if (smin > smax)
-+        return false;
-     bool collides = false;
-+    float below = smin > 0 ? _edges[smin-1] * rtl : 1e38f;
-+    float here = _edges[smin] * rtl;
-+    float above = smin < (int)_edges.size() - 1 ? _edges[smin+1] * rtl : 1e38f;
- 
-     for (int i = smin; i <= smax; ++i)
-     {
-         float t;
-         float y = (float)(_miny - 1 + (i + .5f) * _sliceWidth);  // vertical center of slice
--        if (x * rtl > _edges[i] * rtl - _mingap - currSpace)
-+        if (    (x > here - _mingap - currSpace)
-+             || (x > below - _mingap - currSpace)
-+             || (x > above - _mingap - currSpace))
-         {
-             // 2 * currSpace to account for the space that is already separating them and the space we want to add
--            float m = get_edge(seg, slot, currShift, y, _sliceWidth, rtl > 0) + 2 * rtl * currSpace;
--            t = rtl * (_edges[i] - m);
-+            float m = get_edge(seg, slot, currShift, y, _sliceWidth, rtl > 0) * rtl + 2 * currSpace;
-             // Check slices above and below (if any).
--            if (i < (int)_edges.size() - 1) t = min(t, rtl * (_edges[i+1] - m));
--            if (i > 0) t = min(t, rtl * (_edges[i-1] - m));
-+            t = min(min(here, below), above) - m;
-             // _mingap is positive to shrink
-             if (t < _mingap)
-             {
-                 _mingap = t;
-                 collides = true;
-             }
- #if !defined GRAPHITE2_NTRACING
-             // Debugging - remember the closest neighboring edge for this slice.
--            if (rtl * m > rtl * _nearEdges[i])
-+            if (m > rtl * _nearEdges[i])
-             {
-                 _slotNear[i] = slot;
--                _nearEdges[i] = m;
-+                _nearEdges[i] = m * rtl;
-             }
- #endif
-         }
-+        below = here; here = above;
-+        above = i < (int)_edges.size() - 2 ? _edges[i+2] * rtl : 1e38f;
-     }
-     return collides;   // note that true is not a necessarily reliable value
-     
- }   // end of KernCollider::mergeSlot
- 
- 
- // Return the amount to kern by.
- Position KernCollider::resolve(GR_MAYBE_UNUSED Segment *seg, GR_MAYBE_UNUSED Slot *slot,
-diff --git a/gfx/graphite2/src/Face.cpp b/gfx/graphite2/src/Face.cpp
---- a/gfx/graphite2/src/Face.cpp
-+++ b/gfx/graphite2/src/Face.cpp
-@@ -178,17 +178,18 @@ bool Face::runGraphite(Segment *seg, con
-     if ((seg->dir() & 3) == 3 && aSilf->bidiPass() == 0xFF)
-         seg->doMirror(aSilf->aMirror());
-     bool res = aSilf->runGraphite(seg, 0, aSilf->positionPass(), true);
-     if (res)
-     {
-         seg->associateChars(0, seg->charInfoCount());
-         if (aSilf->flags() & 0x20)
-             res &= seg->initCollisions();
--        res &= aSilf->runGraphite(seg, aSilf->positionPass(), aSilf->numPasses(), false);
-+        if (res)
-+            res &= aSilf->runGraphite(seg, aSilf->positionPass(), aSilf->numPasses(), false);
-     }
- 
- #if !defined GRAPHITE2_NTRACING
-     if (dbgout)
- {
-         seg->positionSlots(0, 0, 0, aSilf->dir());
-         *dbgout             << json::item
-                             << json::close // Close up the passes array
-@@ -226,17 +227,17 @@ const Silf *Face::chooseSilf(uint32 scri
-         return m_silfs;
- }
- 
- uint16 Face::findPseudo(uint32 uid) const
- {
-     return (m_numSilf) ? m_silfs[0].findPseudo(uid) : 0;
- }
- 
--uint16 Face::getGlyphMetric(uint16 gid, uint8 metric) const
-+int32 Face::getGlyphMetric(uint16 gid, uint8 metric) const
- {
-     switch (metrics(metric))
-     {
-         case kgmetAscent : return m_ascent;
-         case kgmetDescent : return m_descent;
-         default: 
-             if (gid >= glyphs().numGlyphs()) return 0;
-             return glyphs().glyph(gid)->getMetric(metric);
-@@ -277,17 +278,17 @@ Face::Table::Table(const Face & face, co
- : _f(&face), _compressed(false)
- {
-     size_t sz = 0;
-     _p = static_cast<const byte *>((*_f->m_ops.get_table)(_f->m_appFaceHandle, n, &sz));
-     _sz = uint32(sz);
- 
-     if (!TtfUtil::CheckTable(n, _p, _sz))
-     {
--        this->~Table();     // Make sure we release the table buffer even if the table filed it's checks
-+        releaseBuffers();     // Make sure we release the table buffer even if the table failed it's checks
-         return;
-     }
- 
-     if (be::peek<uint32>(_p) >= version)
-         decompress();
- }
- 
- void Face::Table::releaseBuffers()
-@@ -324,17 +325,18 @@ Error Face::Table::decompress()
-     switch(compression(hdr >> 27))
-     {
-     case NONE: return e;
- 
-     case LZ4:
-     {
-         uncompressed_size  = hdr & 0x07ffffff;
-         uncompressed_table = gralloc<byte>(uncompressed_size);
--        if (!e.test(!uncompressed_table, E_OUTOFMEM))
-+        if (!e.test(!uncompressed_table || uncompressed_size < 4, E_OUTOFMEM))
-+            memset(uncompressed_table, 0, 4);   // make sure version number is initialised
-             // coverity[forward_null : FALSE] - uncompressed_table has been checked so can't be null
-             // coverity[checked_return : FALSE] - we test e later
-             e.test(lz4::decompress(p, _sz - 2*sizeof(uint32), uncompressed_table, uncompressed_size) != signed(uncompressed_size), E_SHRINKERFAILED);
-         break;
-     }
- 
-     default:
-         e.error(E_BADSCHEME);
-diff --git a/gfx/graphite2/src/GlyphCache.cpp b/gfx/graphite2/src/GlyphCache.cpp
---- a/gfx/graphite2/src/GlyphCache.cpp
-+++ b/gfx/graphite2/src/GlyphCache.cpp
-@@ -111,18 +111,20 @@ private:
-                     _num_glyphs_attributes,
-                     _num_attrs;                    // number of glyph attributes per glyph
- };
- 
- 
- 
- GlyphCache::GlyphCache(const Face & face, const uint32 face_options)
- : _glyph_loader(new Loader(face, bool(face_options & gr_face_dumbRendering))),
--  _glyphs(_glyph_loader && *_glyph_loader ? grzeroalloc<const GlyphFace *>(_glyph_loader->num_glyphs()) : 0),
--  _boxes(_glyph_loader && _glyph_loader->has_boxes() ? grzeroalloc<GlyphBox *>(_glyph_loader->num_glyphs()) : 0),
-+  _glyphs(_glyph_loader && *_glyph_loader && _glyph_loader->num_glyphs()
-+        ? grzeroalloc<const GlyphFace *>(_glyph_loader->num_glyphs()) : 0),
-+  _boxes(_glyph_loader && _glyph_loader->has_boxes() && _glyph_loader->num_glyphs()
-+        ? grzeroalloc<GlyphBox *>(_glyph_loader->num_glyphs()) : 0),
-   _num_glyphs(_glyphs ? _glyph_loader->num_glyphs() : 0),
-   _num_attrs(_glyphs ? _glyph_loader->num_attrs() : 0),
-   _upem(_glyphs ? _glyph_loader->units_per_em() : 0)
- {
-     if ((face_options & gr_face_preloadGlyphs) && _glyph_loader && _glyphs)
-     {
-         int numsubs = 0;
-         GlyphFace * const glyphs = new GlyphFace [_num_glyphs];
-@@ -139,17 +141,17 @@ GlyphCache::GlyphCache(const Face & face
-         for (uint16 gid = 1; loaded && gid != _num_glyphs; ++gid)
-             _glyphs[gid] = loaded = _glyph_loader->read_glyph(gid, glyphs[gid], &numsubs);
- 
-         if (!loaded)
-         {
-             _glyphs[0] = 0;
-             delete [] glyphs;
-         }
--        else if (numsubs > 0)
-+        else if (numsubs > 0 && _boxes)
-         {
-             GlyphBox * boxes = (GlyphBox *)gralloc<char>(_num_glyphs * sizeof(GlyphBox) + numsubs * 8 * sizeof(float));
-             GlyphBox * currbox = boxes;
- 
-             for (uint16 gid = 0; currbox && gid != _num_glyphs; ++gid)
-             {
-                 _boxes[gid] = currbox;
-                 currbox = _glyph_loader->read_box(gid, currbox, *_glyphs[gid]);
-@@ -204,16 +206,18 @@ GlyphCache::~GlyphCache()
-             free(_boxes[0]);
-         free(_boxes);
-     }
-     delete _glyph_loader;
- }
- 
- const GlyphFace *GlyphCache::glyph(unsigned short glyphid) const      //result may be changed by subsequent call with a different glyphid
- { 
-+    if (glyphid >= numGlyphs())
-+        return _glyphs[0];
-     const GlyphFace * & p = _glyphs[glyphid];
-     if (p == 0 && _glyph_loader)
-     {
-         int numsubs = 0;
-         GlyphFace * g = new GlyphFace();
-         if (g)  p = _glyph_loader->read_glyph(glyphid, *g, &numsubs);
-         if (!p)
-         {
-@@ -280,26 +284,27 @@ GlyphCache::Loader::Loader(const Face & 
-         _long_fmt              = flags & 1;
-         int tmpnumgattrs       = (m_pGloc.size()
-                                    - (p - m_pGloc)
-                                    - sizeof(uint16)*(flags & 0x2 ? _num_attrs : 0))
-                                        / (_long_fmt ? sizeof(uint32) : sizeof(uint16)) - 1;
- 
-         if (version >= 0x00020000 || tmpnumgattrs < 0 || tmpnumgattrs > 65535
-             || _num_attrs == 0 || _num_attrs > 0x3000  // is this hard limit appropriate?
--            || _num_glyphs_graphics > tmpnumgattrs)
-+            || _num_glyphs_graphics > tmpnumgattrs
-+            || m_pGlat.size() < 4)
-         {
-             _head = Face::Table();
-             return;
-         }
- 
-         _num_glyphs_attributes = static_cast<unsigned short>(tmpnumgattrs);
-         p = m_pGlat;
-         version = be::read<uint32>(p);
--        if (version >= 0x00040000)       // reject Glat tables that are too new
-+        if (version >= 0x00040000 || (version >= 0x00030000 && m_pGlat.size() < 8))       // reject Glat tables that are too new
-         {
-             _head = Face::Table();
-             return;
-         }
-         else if (version >= 0x00030000)
-         {
-             unsigned int glatflags = be::read<uint32>(p);
-             _has_boxes = glatflags & 1;
-@@ -381,22 +386,24 @@ const GlyphFace * GlyphCache::Loader::re
-         }
-         else
-         {
-             be::skip<uint16>(gloc, glyphid);
-             glocs = be::read<uint16>(gloc);
-             gloce = be::peek<uint16>(gloc);
-         }
- 
--        if (glocs >= m_pGlat.size() || gloce > m_pGlat.size())
-+        if (glocs >= m_pGlat.size() - 1 || gloce > m_pGlat.size())
-             return 0;
- 
-         const uint32 glat_version = be::peek<uint32>(m_pGlat);
--        if (glat_version == 0x00030000)
-+        if (glat_version >= 0x00030000)
-         {
-+            if (glocs >= gloce)
-+                return 0;
-             const byte * p = m_pGlat + glocs;
-             uint16 bmap = be::read<uint16>(p);
-             int num = bit_set_count((uint32)bmap);
-             if (numsubs) *numsubs += num;
-             glocs += 6 + 8 * num;
-             if (glocs > gloce)
-                 return 0;
-         }
-@@ -449,29 +456,31 @@ GlyphBox * GlyphCache::Loader::read_box(
-     }
-     else
-     {
-         be::skip<uint16>(gloc, gid);
-         glocs = be::read<uint16>(gloc);
-         gloce = be::peek<uint16>(gloc);
-     }
- 
--    if (glocs >= m_pGlat.size() || gloce > m_pGlat.size())
-+    if (gloce > m_pGlat.size() || glocs + 6 >= gloce)
-         return 0;
- 
-     const byte * p = m_pGlat + glocs;
-     uint16 bmap = be::read<uint16>(p);
-     int num = bit_set_count((uint32)bmap);
- 
-     Rect bbox = glyph.theBBox();
-     Rect diamax(Position(bbox.bl.x + bbox.bl.y, bbox.bl.x - bbox.tr.y),
-                 Position(bbox.tr.x + bbox.tr.y, bbox.tr.x - bbox.bl.y));
-     Rect diabound = readbox(diamax, p[0], p[2], p[1], p[3]);
-     ::new (curr) GlyphBox(num, bmap, &diabound);
-     be::skip<uint8>(p, 4);
-+    if (glocs + 6 + num * 8 >= gloce)
-+        return 0;
- 
-     for (int i = 0; i < num * 2; ++i)
-     {
-         Rect box = readbox((i & 1) ? diamax : bbox, p[0], p[2], p[1], p[3]);
-         curr->addSubBox(i >> 1, i & 1, &box);
-         be::skip<uint8>(p, 4);
-     } 
-     return (GlyphBox *)((char *)(curr) + sizeof(GlyphBox) + 2 * num * sizeof(Rect));
-diff --git a/gfx/graphite2/src/GlyphFace.cpp b/gfx/graphite2/src/GlyphFace.cpp
---- a/gfx/graphite2/src/GlyphFace.cpp
-+++ b/gfx/graphite2/src/GlyphFace.cpp
-@@ -24,25 +24,25 @@ Mozilla Public License (http://mozilla.o
- License, as published by the Free Software Foundation, either version 2
- of the License or (at your option) any later version.
- */
- #include "inc/GlyphFace.h"
- 
- 
- using namespace graphite2;
- 
--uint16 GlyphFace::getMetric(uint8 metric) const
-+int32 GlyphFace::getMetric(uint8 metric) const
- {
-     switch (metrics(metric))
-     {
--        case kgmetLsb       : return static_cast<uint16>(m_bbox.bl.x);
--        case kgmetRsb       : return static_cast<uint16>(m_advance.x - m_bbox.tr.x);
--        case kgmetBbTop     : return static_cast<uint16>(m_bbox.tr.y);
--        case kgmetBbBottom  : return static_cast<uint16>(m_bbox.bl.y);
--        case kgmetBbLeft    : return static_cast<uint16>(m_bbox.bl.x);
--        case kgmetBbRight   : return static_cast<uint16>(m_bbox.tr.x);
--        case kgmetBbHeight  : return static_cast<uint16>(m_bbox.tr.y - m_bbox.bl.y);
--        case kgmetBbWidth   : return static_cast<uint16>(m_bbox.tr.x - m_bbox.bl.x);
--        case kgmetAdvWidth  : return static_cast<uint16>(m_advance.x);
--        case kgmetAdvHeight : return static_cast<uint16>(m_advance.y);
-+        case kgmetLsb       : return m_bbox.bl.x;
-+        case kgmetRsb       : return m_advance.x - m_bbox.tr.x;
-+        case kgmetBbTop     : return m_bbox.tr.y;
-+        case kgmetBbBottom  : return m_bbox.bl.y;
-+        case kgmetBbLeft    : return m_bbox.bl.x;
-+        case kgmetBbRight   : return m_bbox.tr.x;
-+        case kgmetBbHeight  : return m_bbox.tr.y - m_bbox.bl.y;
-+        case kgmetBbWidth   : return m_bbox.tr.x - m_bbox.bl.x;
-+        case kgmetAdvWidth  : return m_advance.x;
-+        case kgmetAdvHeight : return m_advance.y;
-         default : return 0;
-     }
- }
-diff --git a/gfx/graphite2/src/Justifier.cpp b/gfx/graphite2/src/Justifier.cpp
---- a/gfx/graphite2/src/Justifier.cpp
-+++ b/gfx/graphite2/src/Justifier.cpp
-@@ -95,62 +95,63 @@ float Segment::justify(Slot *pSlot, cons
- 
-     end = pLast->nextSibling();
-     pFirst = pFirst->nextSibling();
- 
-     int icount = 0;
-     int numLevels = silf()->numJustLevels();
-     if (!numLevels)
-     {
--        for (s = pSlot; s != end; s = s->next())
-+        for (s = pSlot; s && s != end; s = s->nextSibling())
-         {
-             CharInfo *c = charinfo(s->before());
-             if (isWhitespace(c->unicodeChar()))
-             {
-                 s->setJustify(this, 0, 3, 1);
-                 s->setJustify(this, 0, 2, 1);
-                 s->setJustify(this, 0, 0, -1);
-                 ++icount;
-             }
-         }
-         if (!icount)
-         {
--            for (s = pSlot; s != end; s = s->nextSibling())
-+            for (s = pSlot; s && s != end; s = s->nextSibling())
-             {
-                 s->setJustify(this, 0, 3, 1);
-                 s->setJustify(this, 0, 2, 1);
-                 s->setJustify(this, 0, 0, -1);
-             }
-         }
-         ++numLevels;
-     }
- 
-     Vector<JustifyTotal> stats(numLevels);
--    for (s = pFirst; s != end; s = s->nextSibling())
-+    for (s = pFirst; s && s != end; s = s->nextSibling())
-     {
-         float w = s->origin().x / scale + s->advance() - base;
-         if (w > currWidth) currWidth = w;
-         for (int j = 0; j < numLevels; ++j)
-             stats[j].accumulate(s, this, j);
-         s->just(0);
-     }
- 
-     for (int i = (width < 0.0f) ? -1 : numLevels - 1; i >= 0; --i)
-     {
-         float diff;
-         float error = 0.;
-         float diffpw;
-         int tWeight = stats[i].weight();
-+        if (tWeight == 0) continue;
- 
-         do {
-             error = 0.;
-             diff = width - currWidth;
-             diffpw = diff / tWeight;
-             tWeight = 0;
--            for (s = pFirst; s != end; s = s->nextSibling()) // don't include final glyph
-+            for (s = pFirst; s && s != end; s = s->nextSibling()) // don't include final glyph
-             {
-                 int w = s->getJustify(this, i, 3);
-                 float pref = diffpw * w + error;
-                 int step = s->getJustify(this, i, 2);
-                 if (!step) step = 1;        // handle lazy font developers
-                 if (pref > 0)
-                 {
-                     float max = uint16(s->getJustify(this, i, 0));
-diff --git a/gfx/graphite2/src/NameTable.cpp b/gfx/graphite2/src/NameTable.cpp
---- a/gfx/graphite2/src/NameTable.cpp
-+++ b/gfx/graphite2/src/NameTable.cpp
-@@ -42,25 +42,26 @@ NameTable::NameTable(const void* data, s
-     memcpy(pdata, data, length);
-     m_table = reinterpret_cast<const TtfUtil::Sfnt::FontNames*>(pdata);
- 
-     if ((length > sizeof(TtfUtil::Sfnt::FontNames)) &&
-         (length > sizeof(TtfUtil::Sfnt::FontNames) +
-          sizeof(TtfUtil::Sfnt::NameRecord) * ( be::swap<uint16>(m_table->count) - 1)))
-     {
-         uint16 offset = be::swap<uint16>(m_table->string_offset);
--        m_nameData = reinterpret_cast<const uint8*>(pdata) + offset;
--        setPlatformEncoding(platformId, encodingID);
--        m_nameDataLength = length - offset;
-+        if (offset < length)
-+        {
-+            m_nameData = reinterpret_cast<const uint8*>(pdata) + offset;
-+            setPlatformEncoding(platformId, encodingID);
-+            m_nameDataLength = length - offset;
-+            return;
-+        }
-     }
--    else
--    {
--        free(const_cast<TtfUtil::Sfnt::FontNames*>(m_table));
--        m_table = NULL;
--    }
-+    free(const_cast<TtfUtil::Sfnt::FontNames*>(m_table));
-+    m_table = NULL;
- }
- 
- uint16 NameTable::setPlatformEncoding(uint16 platformId, uint16 encodingID)
- {
-     if (!m_nameData) return 0;
-     uint16 i = 0;
-     uint16 count = be::swap<uint16>(m_table->count);
-     for (; i < count; i++)
-@@ -139,28 +140,36 @@ void* NameTable::getName(uint16& languag
-     uint16 offset = be::swap<uint16>(nameRecord.offset);
-     if(offset + utf16Length > m_nameDataLength)
-     {
-         languageId = 0;
-         length = 0;
-         return NULL;
-     }
-     utf16Length >>= 1; // in utf16 units
--    utf16::codeunit_t * utf16Name = gralloc<utf16::codeunit_t>(utf16Length);
-+    utf16::codeunit_t * utf16Name = gralloc<utf16::codeunit_t>(utf16Length + 1);
-     if (!utf16Name)
-     {
-         languageId = 0;
-         length = 0;
-         return NULL;
-     }
-     const uint8* pName = m_nameData + offset;
-     for (size_t i = 0; i < utf16Length; i++)
-     {
-         utf16Name[i] = be::read<uint16>(pName);
-     }
-+    utf16Name[utf16Length] = 0;
-+    if (!utf16::validate(utf16Name, utf16Name + utf16Length))
-+    {
-+        free(utf16Name);
-+        languageId = 0;
-+        length = 0;
-+        return NULL;
-+    }
-     switch (enc)
-     {
-     case gr_utf8:
-     {
-         utf8::codeunit_t* uniBuffer = gralloc<utf8::codeunit_t>(3 * utf16Length + 1);
-         if (!uniBuffer)
-         {
-             free(utf16Name);
-diff --git a/gfx/graphite2/src/Pass.cpp b/gfx/graphite2/src/Pass.cpp
---- a/gfx/graphite2/src/Pass.cpp
-+++ b/gfx/graphite2/src/Pass.cpp
-@@ -96,17 +96,17 @@ bool Pass::readPass(const byte * const p
-     const byte * p              = pass_start,
-                * const pass_end = p + pass_length;
-     size_t numRanges;
- 
-     if (e.test(pass_length < 40, E_BADPASSLENGTH)) return face.error(e); 
-     // Read in basic values
-     const byte flags = be::read<byte>(p);
-     if (e.test((flags & 0x1f) && 
--            (pt < PASS_TYPE_POSITIONING || !m_silf->aCollision() || !face.glyphs().hasBoxes()),
-+            (pt < PASS_TYPE_POSITIONING || !m_silf->aCollision() || !face.glyphs().hasBoxes() || !(m_silf->flags() & 0x20)),
-             E_BADCOLLISIONPASS))
-         return face.error(e);
-     m_numCollRuns = flags & 0x7;
-     m_kernColls   = (flags >> 3) & 0x3;
-     m_isReverseDir = (flags >> 5) & 0x1;
-     m_iMaxLoop = be::read<byte>(p);
-     if (m_iMaxLoop < 1) m_iMaxLoop = 1;
-     be::skip<byte>(p,2); // skip maxContext & maxBackup
-@@ -226,17 +226,21 @@ bool Pass::readRules(const byte * rule_m
-     // Load rules.
-     const byte * ac_begin = 0, * rc_begin = 0,
-                * ac_end = ac_data + be::peek<uint16>(o_action),
-                * rc_end = rc_data + be::peek<uint16>(o_constraint);
- 
-     // Allocate pools
-     m_rules = new Rule [m_numRules];
-     m_codes = new Code [m_numRules*2];
--    const size_t prog_pool_sz = vm::Machine::Code::estimateCodeDataOut(ac_end - ac_data + rc_end - rc_data);
-+    int totalSlots = 0;
-+    const uint16 *tsort = sort_key;
-+    for (int i = 0; i < m_numRules; ++i)
-+        totalSlots += be::peek<uint16>(--tsort);
-+    const size_t prog_pool_sz = vm::Machine::Code::estimateCodeDataOut(ac_end - ac_data + rc_end - rc_data, 2 * m_numRules, totalSlots);
-     m_progs = gralloc<byte>(prog_pool_sz);
-     byte * prog_pool_free = m_progs,
-          * prog_pool_end  = m_progs + prog_pool_sz;
-     if (e.test(!(m_rules && m_codes && m_progs), E_OUTOFMEM)) return face.error(e);
- 
-     Rule * r = m_rules + m_numRules - 1;
-     for (size_t n = m_numRules; r >= m_rules; --n, --r, ac_end = ac_begin, rc_end = rc_begin)
-     {
-@@ -249,17 +253,17 @@ bool Pass::readRules(const byte * rule_m
-         if (r->sort > 63 || r->preContext >= r->sort || r->preContext > m_maxPreCtxt || r->preContext < m_minPreCtxt)
-             return false;
-         ac_begin      = ac_data + be::peek<uint16>(--o_action);
-         --o_constraint;
-         rc_begin      = be::peek<uint16>(o_constraint) ? rc_data + be::peek<uint16>(o_constraint) : rc_end;
- 
-         if (ac_begin > ac_end || ac_begin > ac_data_end || ac_end > ac_data_end
-                 || rc_begin > rc_end || rc_begin > rc_data_end || rc_end > rc_data_end
--                || vm::Machine::Code::estimateCodeDataOut(ac_end - ac_begin + rc_end - rc_begin) > size_t(prog_pool_end - prog_pool_free))
-+                || vm::Machine::Code::estimateCodeDataOut(ac_end - ac_begin + rc_end - rc_begin, 2, r->sort) > size_t(prog_pool_end - prog_pool_free))
-             return false;
-         r->action     = new (m_codes+n*2-2) vm::Machine::Code(false, ac_begin, ac_end, r->preContext, r->sort, *m_silf, face, pt, &prog_pool_free);
-         r->constraint = new (m_codes+n*2-1) vm::Machine::Code(true,  rc_begin, rc_end, r->preContext, r->sort, *m_silf, face, pt, &prog_pool_free);
- 
-         if (e.test(!r->action || !r->constraint, E_OUTOFMEM)
-                 || e.test(r->action->status() != Code::loaded, r->action->status() + E_CODEFAILURE)
-                 || e.test(r->constraint->status() != Code::loaded, r->constraint->status() + E_CODEFAILURE)
-                 || e.test(!r->constraint->immutable(), E_MUTABLECCODE))
-@@ -330,17 +334,17 @@ bool Pass::readStates(const byte * start
- 
-     // load state transition table.
-     for (uint16 * t = m_transitions,
-                 * const t_end = t + m_numTransition*m_numColumns; t != t_end; ++t)
-     {
-         *t = be::read<uint16>(states);
-         if (e.test(*t >= m_numStates, E_BADSTATE))
-         {
--            face.error_context((face.error_context() & 0xFFFF00) + EC_ATRANS + (((t - m_transitions) / m_numColumns) << 24));
-+            face.error_context((face.error_context() & 0xFFFF00) + EC_ATRANS + (((t - m_transitions) / m_numColumns) << 8));
-             return face.error(e);
-         }
-     }
- 
-     State * s = m_states,
-           * const success_begin = m_states + m_numStates - m_numSuccess;
-     const RuleEntry * rule_map_end = m_ruleMap + be::peek<uint16>(o_rule_map + m_numSuccess*sizeof(uint16));
-     for (size_t n = m_numStates; n; --n, ++s)
-@@ -351,17 +355,18 @@ bool Pass::readStates(const byte * start
-         if (e.test(begin >= rule_map_end || end > rule_map_end || begin > end, E_BADRULEMAPPING))
-         {
-             face.error_context((face.error_context() & 0xFFFF00) + EC_ARULEMAP + (n << 24));
-             return face.error(e);
-         }
-         s->rules = begin;
-         s->rules_end = (end - begin <= FiniteStateMachine::MAX_RULES)? end :
-             begin + FiniteStateMachine::MAX_RULES;
--        qsort(begin, end - begin, sizeof(RuleEntry), &cmpRuleEntry);
-+        if (begin)      // keep UBSan happy can't call qsort with null begin
-+            qsort(begin, end - begin, sizeof(RuleEntry), &cmpRuleEntry);
-     }
- 
-     return true;
- }
- 
- bool Pass::readRanges(const byte * ranges, size_t num_ranges, Error &e)
- {
-     m_cols = gralloc<uint16>(m_numGlyphs);
-@@ -449,19 +454,19 @@ bool Pass::runFSM(FiniteStateMachine& fs
-     if (fsm.slots.context() < m_minPreCtxt)
-         return false;
- 
-     uint16 state = m_startStates[m_maxPreCtxt - fsm.slots.context()];
-     uint8  free_slots = SlotMap::MAX_SLOTS;
-     do
-     {
-         fsm.slots.pushSlot(slot);
--        if (--free_slots == 0
--         || slot->gid() >= m_numGlyphs
-+        if (slot->gid() >= m_numGlyphs
-          || m_cols[slot->gid()] == 0xffffU
-+         || --free_slots == 0
-          || state >= m_numTransition)
-             return free_slots != 0;
- 
-         const uint16 * transitions = m_transitions + state*m_numColumns;
-         state = transitions[m_cols[slot->gid()]];
-         if (state >= m_successStart)
-             fsm.rules.accumulate_rules(m_states[state]);
- 
-@@ -627,37 +632,40 @@ bool Pass::testPassConstraint(Machine & 
- }
- 
- 
- bool Pass::testConstraint(const Rule & r, Machine & m) const
- {
-     const uint16 curr_context = m.slotMap().context();
-     if (unsigned(r.sort - r.preContext) > m.slotMap().size() - curr_context
-         || curr_context - r.preContext < 0) return false;
-+
-+    vm::slotref * map = m.slotMap().begin() + curr_context - r.preContext;
-+    if (map[r.sort - 1] == 0)
-+        return false;
-+
-     if (!*r.constraint) return true;
-     assert(r.constraint->constraint());
--
--    vm::slotref * map = m.slotMap().begin() + curr_context - r.preContext;
-     for (int n = r.sort; n && map; --n, ++map)
-     {
-         if (!*map) continue;
-         const int32 ret = r.constraint->run(m, map);
-         if (!ret || m.status() != Machine::finished)
-             return false;
-     }
- 
-     return true;
- }
- 
- 
- void SlotMap::collectGarbage(Slot * &aSlot)
- {
-     for(Slot **s = begin(), *const *const se = end() - 1; s != se; ++s) {
-         Slot *& slot = *s;
--        if(slot->isDeleted() || slot->isCopied())
-+        if(slot && (slot->isDeleted() || slot->isCopied()))
-         {
-             if (slot == aSlot)
-                 aSlot = slot->prev() ? slot->prev() : slot->next();
-             segment.freeSlot(slot);
-         }
-     }
- }
- 
-@@ -848,17 +856,16 @@ bool Pass::collisionShift(Segment *seg, 
-             }
-         }
-     }
-     return true;
- }
- 
- bool Pass::collisionKern(Segment *seg, int dir, json * const dbgout) const
- {
--    KernCollider kerncoll(dbgout);
-     Slot *start = seg->first();
-     float ymin = 1e38f;
-     float ymax = -1e38f;
-     const GlyphCache &gc = seg->getFace()->glyphs();
- 
-     // phase 3 : handle kerning of clusters
- #if !defined GRAPHITE2_NTRACING
-     if (dbgout)
-@@ -871,17 +878,17 @@ bool Pass::collisionKern(Segment *seg, i
-             return false;
-         const SlotCollision * c = seg->collisionInfo(s);
-         const Rect &bbox = seg->theGlyphBBoxTemporary(s->gid());
-         float y = s->origin().y + c->shift().y;
-         ymax = max(y + bbox.tr.y, ymax);
-         ymin = min(y + bbox.bl.y, ymin);
-         if (start && (c->flags() & (SlotCollision::COLL_KERN | SlotCollision::COLL_FIX))
-                         == (SlotCollision::COLL_KERN | SlotCollision::COLL_FIX))
--            resolveKern(seg, s, start, kerncoll, dir, ymin, ymax, dbgout);
-+            resolveKern(seg, s, start, dir, ymin, ymax, dbgout);
-         if (c->flags() & SlotCollision::COLL_END)
-             start = NULL;
-         if (c->flags() & SlotCollision::COLL_START)
-             start = s;
-     }
- 
- #if !defined GRAPHITE2_NTRACING
-     if (dbgout)
-@@ -1010,17 +1017,17 @@ bool Pass::resolveCollisions(Segment *se
-     if (isCol)
-     { cFix->setFlags(cFix->flags() | SlotCollision::COLL_ISCOL | SlotCollision::COLL_KNOWN); }
-     else
-     { cFix->setFlags((cFix->flags() & ~SlotCollision::COLL_ISCOL) | SlotCollision::COLL_KNOWN); }
-     hasCol |= isCol;
-     return true;
- }
- 
--float Pass::resolveKern(Segment *seg, Slot *slotFix, GR_MAYBE_UNUSED Slot *start, KernCollider &coll, int dir,
-+float Pass::resolveKern(Segment *seg, Slot *slotFix, GR_MAYBE_UNUSED Slot *start, int dir,
-     float &ymin, float &ymax, json *const dbgout) const
- {
-     Slot *nbor; // neighboring slot
-     float currSpace = 0.;
-     bool collides = false;
-     unsigned int space_count = 0;
-     Slot *base = slotFix;
-     while (base->attachedTo())
-@@ -1030,16 +1037,17 @@ float Pass::resolveKern(Segment *seg, Sl
- 
-     if (base != slotFix)
-     {
-         cFix->setFlags(cFix->flags() | SlotCollision::COLL_KERN | SlotCollision::COLL_FIX);
-         return 0;
-     }
-     bool seenEnd = (cFix->flags() & SlotCollision::COLL_END) != 0;
-     bool isInit = false;
-+    KernCollider coll(dbgout);
- 
-     for (nbor = slotFix->next(); nbor; nbor = nbor->next())
-     {
-         if (nbor->isChildOf(base))
-             continue;
-         if (!gc.check(nbor->gid()))
-             return 0.;
-         const Rect &bb = seg->theGlyphBBoxTemporary(nbor->gid());
-diff --git a/gfx/graphite2/src/Segment.cpp b/gfx/graphite2/src/Segment.cpp
---- a/gfx/graphite2/src/Segment.cpp
-+++ b/gfx/graphite2/src/Segment.cpp
-@@ -419,16 +419,19 @@ Position Segment::positionSlots(const Fo
-         reverseSlots();
-         temp = iStart;
-         iStart = iEnd;
-         iEnd = temp;
-     }
-     if (!iStart)    iStart = m_first;
-     if (!iEnd)      iEnd   = m_last;
- 
-+    if (!iStart || !iEnd)   // only true for empty segments
-+        return currpos;
-+
-     if (isRtl)
-     {
-         for (Slot * s = iEnd, * const end = iStart->prev(); s && s != end; s = s->prev())
-         {
-             if (s->isBase())
-                 currpos = s->finalise(this, font, currpos, bbox, 0, clusterMin = currpos.x, isRtl, isFinal);
-         }
-     }
-@@ -526,11 +529,14 @@ void Segment::doMirror(uint16 aMirror)
- }
- 
- bool Segment::initCollisions()
- {
-     m_collisions = grzeroalloc<SlotCollision>(slotCount());
-     if (!m_collisions) return false;
- 
-     for (Slot *p = m_first; p; p = p->next())
--        ::new (collisionInfo(p)) SlotCollision(this, p);
-+        if (p->index() < slotCount())
-+            ::new (collisionInfo(p)) SlotCollision(this, p);
-+        else
-+            return false;
-     return true;
- }
-diff --git a/gfx/graphite2/src/Silf.cpp b/gfx/graphite2/src/Silf.cpp
---- a/gfx/graphite2/src/Silf.cpp
-+++ b/gfx/graphite2/src/Silf.cpp
-@@ -350,20 +350,20 @@ uint16 Silf::getClassGlyph(uint16 cid, u
-     }
-     return 0;
- }
- 
- 
- bool Silf::runGraphite(Segment *seg, uint8 firstPass, uint8 lastPass, int dobidi) const
- {
-     assert(seg != 0);
--    SlotMap            map(*seg, m_dir);
-+    unsigned int       maxSize = seg->slotCount() * MAX_SEG_GROWTH_FACTOR;
-+    SlotMap            map(*seg, m_dir, maxSize);
-     FiniteStateMachine fsm(map, seg->getFace()->logger());
-     vm::Machine        m(map);
--    unsigned int       initSize = seg->slotCount();
-     uint8              lbidi = m_bPass;
- #if !defined GRAPHITE2_NTRACING
-     json * const dbgout = seg->getFace()->logger();
- #endif
- 
-     if (lastPass == 0)
-     {
-         if (firstPass == lastPass && lbidi == 0xFF)
-@@ -419,13 +419,13 @@ bool Silf::runGraphite(Segment *seg, uin
- 
-         // test whether to reorder, prepare for positioning
-         bool reverse = (lbidi == 0xFF) && (seg->currdir() != ((m_dir & 1) ^ m_passes[i].reverseDir()));
-         if ((i >= 32 || (seg->passBits() & (1 << i)) == 0 || m_passes[i].collisionLoops())
-                 && !m_passes[i].runGraphite(m, fsm, reverse))
-             return false;
-         // only subsitution passes can change segment length, cached subsegments are short for their text
-         if (m.status() != vm::Machine::finished
--            || (seg->slotCount() && seg->slotCount() * MAX_SEG_GROWTH_FACTOR < initSize))
-+            || (seg->slotCount() && seg->slotCount() > maxSize))
-             return false;
-     }
-     return true;
- }
-diff --git a/gfx/graphite2/src/Slot.cpp b/gfx/graphite2/src/Slot.cpp
---- a/gfx/graphite2/src/Slot.cpp
-+++ b/gfx/graphite2/src/Slot.cpp
-@@ -80,20 +80,20 @@ void Slot::set(const Slot & orig, int ch
- 
- void Slot::update(int /*numGrSlots*/, int numCharInfo, Position &relpos)
- {
-     m_before += numCharInfo;
-     m_after += numCharInfo;
-     m_position = m_position + relpos;
- }
- 
--Position Slot::finalise(const Segment *seg, const Font *font, Position & base, Rect & bbox, uint8 attrLevel, float & clusterMin, bool rtl, bool isFinal)
-+Position Slot::finalise(const Segment *seg, const Font *font, Position & base, Rect & bbox, uint8 attrLevel, float & clusterMin, bool rtl, bool isFinal, int depth)
- {
-     SlotCollision *coll = NULL;
--    if (attrLevel && m_attLevel > attrLevel) return Position(0, 0);
-+    if (depth > 100 || (attrLevel && m_attLevel > attrLevel)) return Position(0, 0);
-     float scale = font ? font->scale() : 1.0f;
-     Position shift(m_shift.x * (rtl * -2 + 1) + m_just, m_shift.y);
-     float tAdvance = m_advance.x + m_just;
-     if (isFinal && (coll = seg->collisionInfo(this)))
-     {
-         const Position &collshift = coll->offset();
-         if (!(coll->flags() & SlotCollision::COLL_KERN) || rtl)
-             shift = shift + collshift;
-@@ -128,23 +128,23 @@ Position Slot::finalise(const Segment *s
-     if (glyphFace)
-     {
-         Rect ourBbox = glyphFace->theBBox() * scale + m_position;
-         bbox = bbox.widen(ourBbox);
-     }
- 
-     if (m_child && m_child != this && m_child->attachedTo() == this)
-     {
--        Position tRes = m_child->finalise(seg, font, m_position, bbox, attrLevel, clusterMin, rtl, isFinal);
-+        Position tRes = m_child->finalise(seg, font, m_position, bbox, attrLevel, clusterMin, rtl, isFinal, depth + 1);
-         if ((!m_parent || m_advance.x >= 0.5f) && tRes.x > res.x) res = tRes;
-     }
- 
-     if (m_parent && m_sibling && m_sibling != this && m_sibling->attachedTo() == m_parent)
-     {
--        Position tRes = m_sibling->finalise(seg, font, base, bbox, attrLevel, clusterMin, rtl, isFinal);
-+        Position tRes = m_sibling->finalise(seg, font, base, bbox, attrLevel, clusterMin, rtl, isFinal, depth + 1);
-         if (tRes.x > res.x) res = tRes;
-     }
-     
-     if (!m_parent && clusterMin < base.x)
-     {
-         Position adj = Position(m_position.x - clusterMin, 0.);
-         res += adj;
-         m_position += adj;
-@@ -160,35 +160,35 @@ int32 Slot::clusterMetric(const Segment 
-         return 0;
-     Rect bbox = seg->theGlyphBBoxTemporary(glyph());
-     float clusterMin = 0.;
-     Position res = finalise(seg, NULL, base, bbox, attrLevel, clusterMin, rtl, false);
- 
-     switch (metrics(metric))
-     {
-     case kgmetLsb :
--        return static_cast<uint32>(bbox.bl.x);
-+        return bbox.bl.x;
-     case kgmetRsb :
--        return static_cast<uint32>(res.x - bbox.tr.x);
-+        return res.x - bbox.tr.x;
-     case kgmetBbTop :
--        return static_cast<uint32>(bbox.tr.y);
-+        return bbox.tr.y;
-     case kgmetBbBottom :
--        return static_cast<uint32>(bbox.bl.y);
-+        return bbox.bl.y;
-     case kgmetBbLeft :
--        return static_cast<uint32>(bbox.bl.x);
-+        return bbox.bl.x;
-     case kgmetBbRight :
--        return static_cast<uint32>(bbox.tr.x);
-+        return bbox.tr.x;
-     case kgmetBbWidth :
--        return static_cast<uint32>(bbox.tr.x - bbox.bl.x);
-+        return bbox.tr.x - bbox.bl.x;
-     case kgmetBbHeight :
--        return static_cast<uint32>(bbox.tr.y - bbox.bl.y);
-+        return bbox.tr.y - bbox.bl.y;
-     case kgmetAdvWidth :
--        return static_cast<uint32>(res.x);
-+        return res.x;
-     case kgmetAdvHeight :
--        return static_cast<uint32>(res.y);
-+        return res.y;
-     default :
-         return 0;
-     }
- }
- 
- #define SLOTGETCOLATTR(x) { SlotCollision *c = seg->collisionInfo(this); return c ? int(c-> x) : 0; }
- 
- int Slot::getAttr(const Segment *seg, attrCode ind, uint8 subindex) const
-@@ -290,19 +290,32 @@ void Slot::setAttr(Segment *seg, attrCod
-     case gr_slatAdvX :  m_advance.x = value; break;
-     case gr_slatAdvY :  m_advance.y = value; break;
-     case gr_slatAttTo :
-     {
-         const uint16 idx = uint16(value);
-         if (idx < map.size() && map[idx])
-         {
-             Slot *other = map[idx];
--            if (other == this || other == m_parent) break;
--            if (m_parent) m_parent->removeChild(this);
--            if (!other->isChildOf(this) && other->child(this))
-+            if (other == this || other == m_parent || other->isCopied()) break;
-+            if (m_parent) { m_parent->removeChild(this); attachTo(NULL); }
-+            Slot *pOther = other;
-+            int count = 0;
-+            bool foundOther = false;
-+            while (pOther)
-+            {
-+                ++count;
-+                if (pOther == this) foundOther = true;
-+                pOther = pOther->attachedTo();
-+            }
-+            for (pOther = m_child; pOther; pOther = pOther->m_child)
-+                ++count;
-+            for (pOther = m_sibling; pOther; pOther = pOther->m_sibling)
-+                ++count;
-+            if (count < 100 && !foundOther && other->child(this))
-             {
-                 attachTo(other);
-                 if ((map.dir() != 0) ^ (idx > subindex))
-                     m_with = Position(advance(), 0);
-                 else        // normal match to previous root
-                     m_attach = Position(other->advance(), 0);
-             }
-         }
-@@ -416,41 +429,34 @@ bool Slot::sibling(Slot *ap)
-         m_sibling = ap;
-     else
-         return m_sibling->sibling(ap);
-     return true;
- }
- 
- bool Slot::removeChild(Slot *ap)
- {
--    if (this == ap || !m_child) return false;
-+    if (this == ap || !m_child || !ap) return false;
-     else if (ap == m_child)
-     {
-         Slot *nSibling = m_child->nextSibling();
--        m_child->removeSibling(nSibling);
-+        m_child->nextSibling(NULL);
-         m_child = nSibling;
-         return true;
-     }
--    else
--        return m_child->removeSibling(ap);
--    return true;
--}
--
--bool Slot::removeSibling(Slot *ap)
--{
--    if (this == ap || !m_sibling) return false;
--    else if (ap == m_sibling)
-+    for (Slot *p = m_child; p; p = p->m_sibling)
-     {
--        m_sibling = m_sibling->nextSibling();
--        if (m_sibling) ap->removeSibling(m_sibling);
--        return true;
-+        if (p->m_sibling && p->m_sibling == ap)
-+        {
-+            p->m_sibling = p->m_sibling->m_sibling;
-+            ap->nextSibling(NULL);
-+            return true;
-+        }
-     }
--    else
--        return m_sibling->removeSibling(ap);
--    return true;
-+    return false;
- }
- 
- void Slot::setGlyph(Segment *seg, uint16 glyphid, const GlyphFace * theGlyph)
- {
-     m_glyphid = glyphid;
-     m_bidiCls = -1;
-     if (!theGlyph)
-     {
-@@ -475,21 +481,23 @@ void Slot::setGlyph(Segment *seg, uint16
-     if (seg->silf()->aPassBits())
-     {
-         seg->mergePassBits(theGlyph->attrs()[seg->silf()->aPassBits()]);
-         if (seg->silf()->numPasses() > 16)
-             seg->mergePassBits(theGlyph->attrs()[seg->silf()->aPassBits()+1] << 16);
-     }
- }
- 
--void Slot::floodShift(Position adj)
-+void Slot::floodShift(Position adj, int depth)
- {
-+    if (depth > 100)
-+        return;
-     m_position += adj;
--    if (m_child) m_child->floodShift(adj);
--    if (m_sibling) m_sibling->floodShift(adj);
-+    if (m_child) m_child->floodShift(adj, depth + 1);
-+    if (m_sibling) m_sibling->floodShift(adj, depth + 1);
- }
- 
- void SlotJustify::LoadSlot(const Slot *s, const Segment *seg)
- {
-     for (int i = seg->silf()->numJustLevels() - 1; i >= 0; --i)
-     {
-         Justinfo *justs = seg->silf()->justAttrs() + i;
-         int16 *v = values + i * NUMJUSTPARAMS;
-@@ -514,15 +522,14 @@ Slot * Slot::nextInCluster(const Slot *s
-             return base->nextSibling();
-         s = base;
-     }
-     return NULL;
- }
- 
- bool Slot::isChildOf(const Slot *base) const
- {
--    if (m_parent == base)
--        return true;
--    else if (!m_parent)
--        return false;
--    else
--        return m_parent->isChildOf(base);
-+    for (Slot *p = m_parent; p; p = p->m_parent)
-+        if (p == base)
-+            return true;
-+    return false;
- }
-+
-diff --git a/gfx/graphite2/src/TtfUtil.cpp b/gfx/graphite2/src/TtfUtil.cpp
---- a/gfx/graphite2/src/TtfUtil.cpp
-+++ b/gfx/graphite2/src/TtfUtil.cpp
-@@ -891,25 +891,27 @@ const void * FindCmapSubtable(const void
- ----------------------------------------------------------------------------------------------*/
- bool CheckCmapSubtable4(const void * pCmapSubtable4, const void * pCmapEnd /*, unsigned int maxgid*/)
- {
-     size_t table_len = (const byte *)pCmapEnd - (const byte *)pCmapSubtable4;
-     if (!pCmapSubtable4) return false;
-     const Sfnt::CmapSubTable * pTable = reinterpret_cast<const Sfnt::CmapSubTable *>(pCmapSubtable4);
-     // Bob H say some freeware TT fonts have version 1 (eg, CALIGULA.TTF) 
-     // so don't check subtable version. 21 Mar 2002 spec changes version to language.
--    if (be::swap(pTable->format) != 4) return false;
-+    if (table_len < sizeof(*pTable) || be::swap(pTable->format) != 4) return false;
-     const Sfnt::CmapSubTableFormat4 * pTable4 = reinterpret_cast<const Sfnt::CmapSubTableFormat4 *>(pCmapSubtable4);
-+    if (table_len < sizeof(*pTable4))
-+        return false;
-     uint16 length = be::swap(pTable4->length);
-     if (length > table_len)
-         return false;
-     if (length < sizeof(Sfnt::CmapSubTableFormat4))
-         return false;
-     uint16 nRanges = be::swap(pTable4->seg_count_x2) >> 1;
--    if (length < sizeof(Sfnt::CmapSubTableFormat4) + 4 * nRanges * sizeof(uint16))
-+    if (!nRanges || length < sizeof(Sfnt::CmapSubTableFormat4) + 4 * nRanges * sizeof(uint16))
-         return false;
-     // check last range is properly terminated
-     uint16 chEnd = be::peek<uint16>(pTable4->end_code + nRanges - 1);
-     if (chEnd != 0xFFFF)
-         return false;
- #if 0
-     int lastend = -1;
-     for (int i = 0; i < nRanges; ++i)
-@@ -999,17 +1001,17 @@ gid16 CmapSubtable4Lookup(const void * p
-         uint16 idRangeOffset = be::peek<uint16>(pMid += nSeg);
- 
-         if (idRangeOffset == 0)
-             return (uint16)(idDelta + nUnicodeId); // must use modulus 2^16
- 
-         // Look up value in glyphIdArray
-         const ptrdiff_t offset = (nUnicodeId - chStart) + (idRangeOffset >> 1) +
-                 (pMid - reinterpret_cast<const uint16 *>(pTable));
--        if (offset * 2 >= be::swap<uint16>(pTable->length))
-+        if (offset * 2 + 1 >= be::swap<uint16>(pTable->length))
-             return 0;
-         gid16 nGlyphId = be::peek<uint16>(reinterpret_cast<const uint16 *>(pTable)+offset);
-         // If this value is 0, return 0. Else add the idDelta
-         return nGlyphId ? nGlyphId + idDelta : 0;
-     }
- 
-     return 0;
- }
-@@ -1081,19 +1083,21 @@ unsigned int CmapSubtable4NextCodepoint(
- /*----------------------------------------------------------------------------------------------
-     Check the Microsoft UCS-4 subtable for expected values.
- ----------------------------------------------------------------------------------------------*/
- bool CheckCmapSubtable12(const void *pCmapSubtable12, const void *pCmapEnd /*, unsigned int maxgid*/)
- {
-     size_t table_len = (const byte *)pCmapEnd - (const byte *)pCmapSubtable12;
-     if (!pCmapSubtable12)  return false;
-     const Sfnt::CmapSubTable * pTable = reinterpret_cast<const Sfnt::CmapSubTable *>(pCmapSubtable12);
--    if (be::swap(pTable->format) != 12)
-+    if (table_len < sizeof(*pTable) || be::swap(pTable->format) != 12)
-         return false;
-     const Sfnt::CmapSubTableFormat12 * pTable12 = reinterpret_cast<const Sfnt::CmapSubTableFormat12 *>(pCmapSubtable12);
-+    if (table_len < sizeof(*pTable12))
-+        return false;
-     uint32 length = be::swap(pTable12->length);
-     if (length > table_len)
-         return false;
-     if (length < sizeof(Sfnt::CmapSubTableFormat12))
-         return false;
-     uint32 num_groups = be::swap(pTable12->num_groups);
-     if (num_groups > 0x10000000 || length != (sizeof(Sfnt::CmapSubTableFormat12) + (num_groups - 1) * sizeof(uint32) * 3))
-         return false;
-diff --git a/gfx/graphite2/src/inc/Code.h b/gfx/graphite2/src/inc/Code.h
---- a/gfx/graphite2/src/inc/Code.h
-+++ b/gfx/graphite2/src/inc/Code.h
-@@ -81,17 +81,17 @@ private:
-                 _modify,
-                 _delete;
-     mutable bool _own;
- 
-     void release_buffers() throw ();
-     void failure(const status_t) throw();
- 
- public:
--    static size_t estimateCodeDataOut(size_t num_bytecodes);
-+    static size_t estimateCodeDataOut(size_t num_bytecodes, int nRules, int nSlots);
- 
-     Code() throw();
-     Code(bool is_constraint, const byte * bytecode_begin, const byte * const bytecode_end,
-          uint8 pre_context, uint16 rule_length, const Silf &, const Face &,
-          enum passtype pt, byte * * const _out = 0);
-     Code(const Machine::Code &) throw();
-     ~Code() throw();
-     
-@@ -107,19 +107,21 @@ public:
-     void          externalProgramMoved(ptrdiff_t) throw();
- 
-     int32 run(Machine &m, slotref * & map) const;
-     
-     CLASS_NEW_DELETE;
- };
- 
- inline
--size_t  Machine::Code::estimateCodeDataOut(size_t n_bc)
-+size_t  Machine::Code::estimateCodeDataOut(size_t n_bc, int nRules, int nSlots)
- {
--    return (n_bc + 1) * (sizeof(instr)+sizeof(byte));
-+    // max is: all codes are instructions + 1 for each rule + max tempcopies
-+    // allocate space for separate maximal code and data then merge them later
-+    return (n_bc + nRules + nSlots) * sizeof(instr) + n_bc * sizeof(byte);
- }
- 
- 
- inline Machine::Code::Code() throw()
- : _code(0), _data(0), _data_size(0), _instr_count(0), _max_ref(0),
-   _status(loaded), _constraint(false), _modify(false), _delete(false),
-   _own(false)
- {
-diff --git a/gfx/graphite2/src/inc/Face.h b/gfx/graphite2/src/inc/Face.h
---- a/gfx/graphite2/src/inc/Face.h
-+++ b/gfx/graphite2/src/inc/Face.h
-@@ -82,17 +82,17 @@ public:
-     uint16              languageForLocale(const char * locale) const;
- 
-     // Features
-     uint16              numFeatures() const;
-     const FeatureRef  * featureById(uint32 id) const;
-     const FeatureRef  * feature(uint16 index) const;
- 
-     // Glyph related
--    uint16 getGlyphMetric(uint16 gid, uint8 metric) const;
-+    int32  getGlyphMetric(uint16 gid, uint8 metric) const;
-     uint16 findPseudo(uint32 uid) const;
- 
-     // Errors
-     unsigned int        error() const { return m_error; }
-     bool                error(Error e) { m_error = e.error(); return false; }
-     unsigned int        error_context() const { return m_error; }
-     void                error_context(unsigned int errcntxt) { m_errcntxt = errcntxt; }
- 
-diff --git a/gfx/graphite2/src/inc/GlyphFace.h b/gfx/graphite2/src/inc/GlyphFace.h
---- a/gfx/graphite2/src/inc/GlyphFace.h
-+++ b/gfx/graphite2/src/inc/GlyphFace.h
-@@ -46,17 +46,17 @@ class GlyphFace
- public:
-     GlyphFace();
-     template<typename I>
-     GlyphFace(const Rect & bbox, const Position & adv, I first, const I last);
- 
-     const Position    & theAdvance() const;
-     const Rect        & theBBox() const { return m_bbox; }
-     const sparse      & attrs() const { return m_attrs; }
--    uint16              getMetric(uint8 metric) const;
-+    int32               getMetric(uint8 metric) const;
- 
-     CLASS_NEW_DELETE;
- private:
-     Rect     m_bbox;        // bounding box metrics in design units
-     Position m_advance;     // Advance width and height in design units
-     sparse   m_attrs;
- };
- 
-diff --git a/gfx/graphite2/src/inc/Machine.h b/gfx/graphite2/src/inc/Machine.h
---- a/gfx/graphite2/src/inc/Machine.h
-+++ b/gfx/graphite2/src/inc/Machine.h
-@@ -179,17 +179,17 @@ inline SlotMap& Machine::slotMap() const
-     return _map;
- }
- 
- inline Machine::status_t Machine::status() const throw()
- {
-     return _status;
- }
- 
--inline void Machine::check_final_stack(const int32 * const sp)
-+inline void Machine::check_final_stack(const stack_t * const sp)
- {
-     stack_t const * const base  = _stack + STACK_GUARD,
-                   * const limit = base + STACK_MAX;
-     if      (sp <  base)    _status = stack_underflow;       // This should be impossible now.
-     else if (sp >= limit)   _status = stack_overflow;        // So should this.
-     else if (sp != base)    _status = stack_not_empty;
- }
- 
-diff --git a/gfx/graphite2/src/inc/Pass.h b/gfx/graphite2/src/inc/Pass.h
---- a/gfx/graphite2/src/inc/Pass.h
-+++ b/gfx/graphite2/src/inc/Pass.h
-@@ -76,17 +76,17 @@ private:
-     void    dumpRuleEventConsidered(const FiniteStateMachine & fsm, const RuleEntry & re) const;
-     void    dumpRuleEventOutput(const FiniteStateMachine & fsm, vm::Machine & m, const Rule & r, Slot * os) const;
-     void    adjustSlot(int delta, Slot * & slot_out, SlotMap &) const;
-     bool    collisionShift(Segment *seg, int dir, json * const dbgout) const;
-     bool    collisionKern(Segment *seg, int dir, json * const dbgout) const;
-     bool    collisionFinish(Segment *seg, GR_MAYBE_UNUSED json * const dbgout) const;
-     bool    resolveCollisions(Segment *seg, Slot *slot, Slot *start, ShiftCollider &coll, bool isRev,
-                      int dir, bool &moved, bool &hasCol, json * const dbgout) const;
--    float   resolveKern(Segment *seg, Slot *slot, Slot *start, KernCollider &coll, int dir,
-+    float   resolveKern(Segment *seg, Slot *slot, Slot *start, int dir,
-                      float &ymin, float &ymax, json *const dbgout) const;
- 
-     const Silf        * m_silf;
-     uint16            * m_cols;
-     Rule              * m_rules; // rules
-     RuleEntry         * m_ruleMap;
-     uint16            * m_startStates; // prectxt length
-     uint16            * m_transitions;
-diff --git a/gfx/graphite2/src/inc/Rule.h b/gfx/graphite2/src/inc/Rule.h
---- a/gfx/graphite2/src/inc/Rule.h
-+++ b/gfx/graphite2/src/inc/Rule.h
-@@ -97,17 +97,17 @@ bool State::empty() const
-     return rules_end == rules;
- }
- 
- 
- class SlotMap
- {
- public:
-   enum {MAX_SLOTS=64};
--  SlotMap(Segment & seg, uint8 direction);
-+  SlotMap(Segment & seg, uint8 direction, int maxSize);
-   
-   Slot       * * begin();
-   Slot       * * end();
-   size_t         size() const;
-   unsigned short context() const;
-   void           reset(Slot &, unsigned short);
-   
-   Slot * const & operator[](int n) const;
-@@ -116,23 +116,25 @@ public:
-   void           collectGarbage(Slot *& aSlot);
- 
-   Slot         * highwater() { return m_highwater; }
-   void           highwater(Slot *s) { m_highwater = s; m_highpassed = false; }
-   bool           highpassed() const { return m_highpassed; }
-   void           highpassed(bool v) { m_highpassed = v; }
- 
-   uint8          dir() const { return m_dir; }
-+  int            decMax() { return --m_maxSize; }
- 
-   Segment &    segment;
- private:
-   Slot         * m_slot_map[MAX_SLOTS+1];
-   unsigned short m_size;
-   unsigned short m_precontext;
-   Slot         * m_highwater;
-+  int            m_maxSize;
-   uint8          m_dir;
-   bool           m_highpassed;
- };
- 
- 
- class FiniteStateMachine
- {
- public:
-@@ -237,18 +239,19 @@ void FiniteStateMachine::Rules::accumula
-       return;
-     }
-   }
-   while (rre != rrend && out != lrend) { *out++ = *rre++; }
-   m_end = out;
- }
- 
- inline
--SlotMap::SlotMap(Segment & seg, uint8 direction)
--: segment(seg), m_size(0), m_precontext(0), m_highwater(0), m_dir(direction), m_highpassed(false)
-+SlotMap::SlotMap(Segment & seg, uint8 direction, int maxSize)
-+: segment(seg), m_size(0), m_precontext(0), m_highwater(0),
-+    m_maxSize(maxSize), m_dir(direction), m_highpassed(false)
- {
-     m_slot_map[0] = 0;
- }
- 
- inline
- Slot * * SlotMap::begin()
- {
-   return &m_slot_map[1]; // allow map to go 1 before slot_map when inserting
-diff --git a/gfx/graphite2/src/inc/Segment.h b/gfx/graphite2/src/inc/Segment.h
---- a/gfx/graphite2/src/inc/Segment.h
-+++ b/gfx/graphite2/src/inc/Segment.h
-@@ -35,17 +35,17 @@ of the License or (at your option) any l
- #include "inc/FeatureVal.h"
- #include "inc/GlyphCache.h"
- #include "inc/GlyphFace.h"
- #include "inc/Slot.h"
- #include "inc/Position.h"
- #include "inc/List.h"
- #include "inc/Collider.h"
- 
--#define MAX_SEG_GROWTH_FACTOR  256
-+#define MAX_SEG_GROWTH_FACTOR  64
- 
- namespace graphite2 {
- 
- typedef Vector<Features>        FeatureList;
- typedef Vector<Slot *>          SlotRope;
- typedef Vector<int16 *>         AttributeRope;
- typedef Vector<SlotJustify *>   JustifyRope;
- 
-@@ -154,17 +154,17 @@ public:
-     int8 getSlotBidiClass(Slot *s) const;
-     void doMirror(uint16 aMirror);
-     Slot *addLineEnd(Slot *nSlot);
-     void delLineEnd(Slot *s);
-     bool hasJustification() const { return m_justifies.size() != 0; }
-     void reverseSlots();
- 
-     bool isWhitespace(const int cid) const;
--    bool hasCollisionInfo() const { return (m_flags & SEG_HASCOLLISIONS); }
-+    bool hasCollisionInfo() const { return (m_flags & SEG_HASCOLLISIONS) && m_collisions; }
-     SlotCollision *collisionInfo(const Slot *s) const { return m_collisions ? m_collisions + s->index() : 0; }
-     CLASS_NEW_DELETE
- 
- public:       //only used by: GrSegment* makeAndInitialize(const GrFont *font, const GrFace *face, uint32 script, const FeaturesHandle& pFeats/*must not be IsNull*/, encform enc, const void* pStart, size_t nChars, int dir);
-     bool read_text(const Face *face, const Features* pFeats/*must not be NULL*/, gr_encform enc, const void*pStart, size_t nChars);
-     void finalise(const Font *font, bool reverse=false);
-     float justify(Slot *pSlot, const Font *font, float width, enum justFlags flags, Slot *pFirst, Slot *pLast);
-     bool initCollisions();
-diff --git a/gfx/graphite2/src/inc/Slot.h b/gfx/graphite2/src/inc/Slot.h
---- a/gfx/graphite2/src/inc/Slot.h
-+++ b/gfx/graphite2/src/inc/Slot.h
-@@ -92,17 +92,17 @@ public:
-     void adjKern(const Position &pos) { m_shift = m_shift + pos; m_advance = m_advance + pos; }
-     void origin(const Position &pos) { m_position = pos + m_shift; }
-     void originate(int ind) { m_original = ind; }
-     int original() const { return m_original; }
-     void before(int ind) { m_before = ind; }
-     void after(int ind) { m_after = ind; }
-     bool isBase() const { return (!m_parent); }
-     void update(int numSlots, int numCharInfo, Position &relpos);
--    Position finalise(const Segment* seg, const Font* font, Position & base, Rect & bbox, uint8 attrLevel, float & clusterMin, bool rtl, bool isFinal);
-+    Position finalise(const Segment* seg, const Font* font, Position & base, Rect & bbox, uint8 attrLevel, float & clusterMin, bool rtl, bool isFinal, int depth = 0);
-     bool isDeleted() const { return (m_flags & DELETED) ? true : false; }
-     void markDeleted(bool state) { if (state) m_flags |= DELETED; else m_flags &= ~DELETED; }
-     bool isCopied() const { return (m_flags & COPIED) ? true : false; }
-     void markCopied(bool state) { if (state) m_flags |= COPIED; else m_flags &= ~COPIED; }
-     bool isPositioned() const { return (m_flags & POSITIONED) ? true : false; }
-     void markPositioned(bool state) { if (state) m_flags |= POSITIONED; else m_flags &= ~POSITIONED; }
-     bool isInsertBefore() const { return !(m_flags & INSERTED); }
-     uint8 getBidiLevel() const { return m_bidiLevel; }
-@@ -123,20 +123,19 @@ public:
-     Position attachOffset() const { return m_attach - m_with; }
-     Slot* firstChild() const { return m_child; }
-     void firstChild(Slot *ap) { m_child = ap; }
-     bool child(Slot *ap);
-     Slot* nextSibling() const { return m_sibling; }
-     void nextSibling(Slot *ap) { m_sibling = ap; }
-     bool sibling(Slot *ap);
-     bool removeChild(Slot *ap);
--    bool removeSibling(Slot *ap);
-     int32 clusterMetric(const Segment* seg, uint8 metric, uint8 attrLevel, bool rtl);
-     void positionShift(Position a) { m_position += a; }
--    void floodShift(Position adj);
-+    void floodShift(Position adj, int depth = 0);
-     float just() const { return m_just; }
-     void just(float j) { m_just = j; }
-     Slot *nextInCluster(const Slot *s) const;
-     bool isChildOf(const Slot *base) const;
- 
-     CLASS_NEW_DELETE
- 
- private:
-diff --git a/gfx/graphite2/src/inc/UtfCodec.h b/gfx/graphite2/src/inc/UtfCodec.h
---- a/gfx/graphite2/src/inc/UtfCodec.h
-+++ b/gfx/graphite2/src/inc/UtfCodec.h
-@@ -35,16 +35,17 @@ typedef uint32  uchar_t;
- 
- template <int N>
- struct _utf_codec
- {
-     typedef uchar_t codeunit_t;
- 
-     static void     put(codeunit_t * cp, const uchar_t , int8 & len) throw();
-     static uchar_t  get(const codeunit_t * cp, int8 & len) throw();
-+    static bool     validate(const codeunit_t * s, const codeunit_t * e) throw();
- };
- 
- 
- template <>
- struct _utf_codec<32>
- {
- private:
-     static const uchar_t    limit = 0x110000;
-@@ -58,16 +59,22 @@ public:
-     }
- 
-     inline
-     static uchar_t get(const codeunit_t * cp, int8 & l) throw()
-     {
-         if (cp[0] < limit)  { l = 1;  return cp[0]; }
-         else                { l = -1; return 0xFFFD; }
-     }
-+
-+    inline
-+    static bool validate(codeunit_t * s, codeunit_t * e) throw()
-+    {
-+        return e > s;
-+    }
- };
- 
- 
- template <>
- struct _utf_codec<16>
- {
- private:
-     static const int32  lead_offset      = 0xD800 - (0x10000 >> 10);
-@@ -88,22 +95,31 @@ public:
-     }
- 
-     inline
-     static uchar_t get(const codeunit_t * cp, int8 & l) throw()
-     {
-         const uint32    uh = cp[0];
-         l = 1;
- 
--        if (0xD800 > uh || uh > 0xDFFF) { return uh; }
-+        if (uh < 0xD800|| uh > 0xDFFF) { return uh; }
-         const uint32 ul = cp[1];
--        if (uh > 0xDBFF || 0xDC00 > ul || ul > 0xDFFF) { l = -1; return 0xFFFD; }
-+        if (uh > 0xDBFF || ul < 0xDC00 || ul > 0xDFFF) { l = -1; return 0xFFFD; }
-         ++l;
-         return (uh<<10) + ul + surrogate_offset;
-     }
-+
-+    inline
-+    static bool validate(codeunit_t * s, codeunit_t * e) throw()
-+    {
-+        const ptrdiff_t n = e-s;
-+        if (n <= 0) return n == 0;
-+        const uint32 u = *(s+(n-1)); // Get the last codepoint
-+        return (u < 0xD800 || u > 0xDBFF);
-+    }
- };
- 
- 
- template <>
- struct _utf_codec<8>
- {
- private:
-     static const int8 sz_lut[16];
-@@ -143,16 +159,34 @@ public:
- 
-         if (l != seq_sz || toolong)
-         {
-             l = -l;
-             return 0xFFFD;
-         }
-         return u;
-     }
-+
-+    inline
-+    static bool validate(codeunit_t * s, codeunit_t * e) throw()
-+    {
-+        const ptrdiff_t n = e-s;
-+        if (n <= 0) return n == 0;
-+        s += (n-1);
-+        if (*s < 0x80) return true;
-+        if (*s >= 0xC0) return false;
-+        if (n == 1) return true;
-+        if (*--s < 0x80) return true;
-+        if (*s >= 0xe0) return false;
-+        if (n == 2 || *s >= 0xC0) return true;
-+        if (*--s < 0x80) return true;
-+        if (*s >= 0xF0) return false;
-+        return true;
-+    }
-+
- };
- 
- 
- template <typename C>
- class _utf_iterator
- {
-     typedef _utf_codec<sizeof(C)*8> codec;
- 
-@@ -195,16 +229,21 @@ public:
- 
- template <typename C>
- struct utf
- {
-     typedef typename _utf_codec<sizeof(C)*8>::codeunit_t codeunit_t;
- 
-     typedef _utf_iterator<C>        iterator;
-     typedef _utf_iterator<const C>  const_iterator;
-+
-+    inline
-+    static bool validate(codeunit_t * s, codeunit_t * e) throw() {
-+        return _utf_codec<sizeof(C)*8>::validate(s,e);
-+    }
- };
- 
- 
- typedef utf<uint32> utf32;
- typedef utf<uint16> utf16;
- typedef utf<uint8>  utf8;
- 
- } // namespace graphite2
-diff --git a/gfx/graphite2/src/inc/opcode_table.h b/gfx/graphite2/src/inc/opcode_table.h
---- a/gfx/graphite2/src/inc/opcode_table.h
-+++ b/gfx/graphite2/src/inc/opcode_table.h
-@@ -113,13 +113,13 @@ static const opcode_t opcode_table[] =
-     {{NILOP,NILOP},                                 0, "PUT_SUBS3"},
-     {{do_(put_glyph), NILOP},                       2, "PUT_GLYPH"},                // output_class output_class
-     {{do2(push_glyph_attr)},                        3, "PUSH_GLYPH_ATTR"},          // gattrnum gattrnum slot
-     {{do2(push_att_to_glyph_attr)},                 3, "PUSH_ATT_TO_GLYPH_ATTR"},   // gattrnum gattrnum slot
-     {{do2(bor)},                                    0, "BITOR"},
-     {{do2(band)},                                   0, "BITAND"},
-     {{do2(bnot)},                                   0, "BITNOT"},   // 0x40
-     {{do2(setbits)},                                4, "BITSET"},
--    {{do2(set_feat)},                               2, "SET_FEAT"},
-+    {{do_(set_feat), NILOP},                        2, "SET_FEAT"},                 // featidx slot
-     // private opcodes for internal use only, comes after all other on disk opcodes.
-     {{do_(temp_copy), NILOP},                       0, "TEMP_COPY"}
- };
- 
-diff --git a/gfx/graphite2/src/inc/opcodes.h b/gfx/graphite2/src/inc/opcodes.h
---- a/gfx/graphite2/src/inc/opcodes.h
-+++ b/gfx/graphite2/src/inc/opcodes.h
-@@ -62,17 +62,18 @@ of the License or (at your option) any l
- //        ip        = The current instruction pointer
- //        endPos    = Position of advance of last cluster
- //        dir       = writing system directionality of the font
-      
- 
- // #define NOT_IMPLEMENTED     assert(false)
- #define NOT_IMPLEMENTED
- 
--#define binop(op)           const int32 a = pop(); *sp = int32(*sp) op a
-+#define binop(op)           const uint32 a = pop(); *sp = uint32(*sp) op a
-+#define sbinop(op)          const int32 a = pop(); *sp = int32(*sp) op a
- #define use_params(n)       dp += n
- 
- #define declare_params(n)   const byte * param = dp; \
-                             use_params(n);
- 
- #define push(n)             { *++sp = n; }
- #define pop()               (*sp--)
- #define slotat(x)           (map[(x)])
-@@ -125,17 +126,17 @@ STARTOP(sub)
- ENDOP
- 
- STARTOP(mul)
-     binop(*);
- ENDOP
- 
- STARTOP(div_)
-     if (*sp == 0) DIE;
--    binop(/);
-+    sbinop(/);
- ENDOP
- 
- STARTOP(min_)
-     const int32 a = pop(), b = *sp;
-     if (a < b) *sp = a;
- ENDOP
- 
- STARTOP(max_)
-@@ -176,29 +177,29 @@ STARTOP(equal)
-     binop(==);
- ENDOP
- 
- STARTOP(not_eq_)
-     binop(!=);
- ENDOP
- 
- STARTOP(less)
--    binop(<);
-+    sbinop(<);
- ENDOP
- 
- STARTOP(gtr)
--    binop(>);
-+    sbinop(>);
- ENDOP
- 
- STARTOP(less_eq)
--    binop(<=);
-+    sbinop(<=);
- ENDOP
- 
- STARTOP(gtr_eq)
--    binop(>=);
-+    sbinop(>=);
- ENDOP
- 
- STARTOP(next)
-     if (map - &smap[0] >= int(smap.size())) DIE
-     if (is)
-     {
-         if (is == smap.highwater())
-             smap.highpassed(true);
-@@ -237,17 +238,17 @@ STARTOP(put_subs_8bit_obs)
-         index = seg.findClassIndex(input_class, slot->gid());
-         is->setGlyph(&seg, seg.getClassGlyph(output_class, index));
-     }
- ENDOP
- 
- STARTOP(put_copy)
-     declare_params(1);
-     const int  slot_ref = int8(*param);
--    if (is)
-+    if (is && !is->isDeleted())
-     {
-         slotref ref = slotat(slot_ref);
-         if (ref && ref != is)
-         {
-             int16 *tempUserAttrs = is->userAttrs();
-             if (is->attachedTo() || is->firstChild()) DIE
-             Slot *prev = is->prev();
-             Slot *next = is->next();
-@@ -262,16 +263,17 @@ STARTOP(put_copy)
-                 is->attachedTo()->child(is);
-         }
-         is->markCopied(false);
-         is->markDeleted(false);
-     }
- ENDOP
- 
- STARTOP(insert)
-+    if (smap.decMax() <= 0) DIE;
-     Slot *newSlot = seg.newSlot();
-     if (!newSlot) DIE;
-     Slot *iss = is;
-     while (iss && iss->isDeleted()) iss = iss->next();
-     if (!iss)
-     {
-         if (seg.last())
-         {
-@@ -550,31 +552,31 @@ ENDOP
- 
- STARTOP(iattr_add)
-     declare_params(2);
-     const attrCode      slat = attrCode(uint8(param[0]));
-     const size_t        idx  = uint8(param[1]);
-     const          int  val  = int(pop());
-     if ((slat == gr_slatPosX || slat == gr_slatPosY) && (flags & POSITIONED) == 0)
-     {
--        seg.positionSlots(0, *smap.begin(), *(smap.end()-1), dir);
-+        seg.positionSlots(0, *smap.begin(), *(smap.end()-1), seg.currdir());
-         flags |= POSITIONED;
-     }
-     int res = is->getAttr(&seg, slat, idx);
-     is->setAttr(&seg, slat, idx, val + res, smap);
- ENDOP
- 
- STARTOP(iattr_sub)
-     declare_params(2);
-     const attrCode      slat = attrCode(uint8(param[0]));
-     const size_t        idx  = uint8(param[1]);
-     const          int  val  = int(pop());
-     if ((slat == gr_slatPosX || slat == gr_slatPosY) && (flags & POSITIONED) == 0)
-     {
--        seg.positionSlots(0, *smap.begin(), *(smap.end()-1), dir);
-+        seg.positionSlots(0, *smap.begin(), *(smap.end()-1), seg.currdir());
-         flags |= POSITIONED;
-     }
-     int res = is->getAttr(&seg, slat, idx);
-     is->setAttr(&seg, slat, idx, res - val, smap);
- ENDOP
- 
- STARTOP(push_proc_state)
-     use_params(1);
-
diff --git a/gnu/packages/patches/imagemagick-test-segv.patch b/gnu/packages/patches/imagemagick-test-segv.patch
deleted file mode 100644
index 6626e54828..0000000000
--- a/gnu/packages/patches/imagemagick-test-segv.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-This patch works around a segmentation fault in 'Magick++/tests/color' when
-running 'Magick++/tests/tests.tap'.  Here we get an exception early on, which
-is supposedly harmless:
-
-  Caught exception: color: UnableToOpenConfigureFile `colors.xml' @ warning/configure.c/GetConfigureOptions/706
-
-However, when the stack unwinders run, 'UnregisterDOTImage' gets called even
-though 'RegisterDOTImage' hadn't been called yet; thus, 'graphic_context' in
-coders/dot.c is NULL, leading to the segfault.
-
---- ImageMagick-6.9.2-1/coders/dot.c	2015-09-16 17:32:42.900323334 +0200
-+++ ImageMagick-6.9.2-1/coders/dot.c	2015-09-16 17:32:48.312367636 +0200
-@@ -240,6 +240,7 @@ ModuleExport void UnregisterDOTImage(voi
-   (void) UnregisterMagickInfo("GV");
-   (void) UnregisterMagickInfo("DOT");
- #if defined(MAGICKCORE_GVC_DELEGATE)
-+  if (graphic_context != NULL)
-   gvFreeContext(graphic_context);
- #endif
- }
diff --git a/gnu/packages/patches/imlib2-CVE-2016-4024.patch b/gnu/packages/patches/imlib2-CVE-2016-4024.patch
deleted file mode 100644
index c4f1f21b28..0000000000
--- a/gnu/packages/patches/imlib2-CVE-2016-4024.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-Fix CVE-2016-4024 (integer overflow in lib/image.h).
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4024
-
-Upstream source:
-https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227
-
-From 7eba2e4c8ac0e20838947f10f29d0efe1add8227 Mon Sep 17 00:00:00 2001
-From: "Yuriy M. Kaminskiy" <yumkam@gmail.com>
-Date: Wed, 6 Apr 2016 03:34:01 +0300
-Subject: Fix integer overflow resulting in insufficient heap allocation
-
-IMAGE_DIMENSIONS_OK ensures that image width and height are less then
-46340, so that maximum number of pixels is ~2**31.
-
-Unfortunately, there are a lot of code that allocates image data with
-something like
-
-   malloc(w * h * sizeof(DATA32));
-
-Obviously, on 32-bit machines this results in integer overflow,
-insufficient heap allocation, with [massive] out-of-bounds heap
-overwrite.
-Either X_MAX should be reduced to 32767, or (w)*(h) should be checked to
-not exceed ULONG_MAX/sizeof(DATA32).
-
-Security implications:
-*) for 32-bit machines: insufficient heap allocation and heap overwrite
-in many image loaders, with escalation potential to remote code
-execution;
-*) for 64-bit machines: it seems, no impact.
----
- src/lib/image.h | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/lib/image.h b/src/lib/image.h
-index e9eb678..5fae6ed 100644
---- a/src/lib/image.h
-+++ b/src/lib/image.h
-@@ -188,7 +188,8 @@ void                __imlib_SaveImage(ImlibImage * im, const char *file,
- 
- /* The maximum pixmap dimension is 65535. */
- /* However, for now, use 46340 (46340^2 < 2^31) to avoid buffer overflow issues. */
--#define X_MAX_DIM 46340
-+/* Reduced further to 32767, so that (w * h * sizeof(DATA32)) won't exceed ULONG_MAX */
-+#define X_MAX_DIM 32767
- 
- #define IMAGE_DIMENSIONS_OK(w, h) \
-    ( ((w) > 0) && ((h) > 0) && ((w) < X_MAX_DIM) && ((h) < X_MAX_DIM) )
--- 
-cgit v0.12
-
diff --git a/gnu/packages/patches/inkscape-drop-wait-for-targets.patch b/gnu/packages/patches/inkscape-drop-wait-for-targets.patch
new file mode 100644
index 0000000000..3dbe6641e2
--- /dev/null
+++ b/gnu/packages/patches/inkscape-drop-wait-for-targets.patch
@@ -0,0 +1,68 @@
+Copied from Fedora.
+
+http://pkgs.fedoraproject.org/cgit/rpms/inkscape.git/plain/inkscape-0.91-drop-wait-for-targets.patch?id=eb5340800b563d6b05aa5f11a2f24f2cc0d8c80e
+
+=== modified file 'src/ui/clipboard.cpp'
+--- src/ui/clipboard.cpp	2016-04-02 15:15:43 +0000
++++ src/ui/clipboard.cpp	2016-04-07 16:30:32 +0000
+@@ -146,8 +146,6 @@
+     void _setClipboardColor(guint32);
+     void _userWarn(SPDesktop *, char const *);
+ 
+-    void _inkscape_wait_for_targets(std::list<Glib::ustring> &);
+-
+     // private properites
+     SPDocument *_clipboardSPDoc; ///< Document that stores the clipboard until someone requests it
+     Inkscape::XML::Node *_defs; ///< Reference to the clipboard document's defs node
+@@ -1302,9 +1300,7 @@
+  */
+ Glib::ustring ClipboardManagerImpl::_getBestTarget()
+ {
+-    // GTKmm's wait_for_targets() is broken, see the comment in _inkscape_wait_for_targets()
+-    std::list<Glib::ustring> targets; // = _clipboard->wait_for_targets();
+-    _inkscape_wait_for_targets(targets);
++    std::list<Glib::ustring> targets = _clipboard->wait_for_targets();
+ 
+     // clipboard target debugging snippet
+     /*
+@@ -1456,39 +1452,6 @@
+     desktop->messageStack()->flash(Inkscape::WARNING_MESSAGE, msg);
+ }
+ 
+-
+-// GTKMM's clipboard::wait_for_targets is buggy and might return bogus, see
+-//
+-// https://bugs.launchpad.net/inkscape/+bug/296778
+-// http://mail.gnome.org/archives/gtk-devel-list/2009-June/msg00062.html
+-//
+-// for details. Until this has been fixed upstream we will use our own implementation
+-// of this method, as copied from /gtkmm-2.16.0/gtk/gtkmm/clipboard.cc.
+-void ClipboardManagerImpl::_inkscape_wait_for_targets(std::list<Glib::ustring> &listTargets)
+-{
+-    //Get a newly-allocated array of atoms:
+-    GdkAtom* targets = NULL;
+-    gint n_targets = 0;
+-    gboolean test = gtk_clipboard_wait_for_targets( gtk_clipboard_get(GDK_SELECTION_CLIPBOARD), &targets, &n_targets );
+-    if (!test || (targets == NULL)) {
+-        return;
+-    }
+-
+-    //Add the targets to the C++ container:
+-    for (int i = 0; i < n_targets; i++)
+-    {
+-        //Convert the atom to a string:
+-        gchar* const atom_name = gdk_atom_name(targets[i]);
+-
+-        Glib::ustring target;
+-        if (atom_name) {
+-            target = Glib::ScopedPtr<char>(atom_name).get(); //This frees the gchar*.
+-        }
+-
+-        listTargets.push_back(target);
+-    }
+-}
+-
+ /* #######################################
+           ClipboardManager class
+    ####################################### */
+
diff --git a/gnu/packages/patches/libarchive-CVE-2016-1541.patch b/gnu/packages/patches/libarchive-CVE-2016-1541.patch
new file mode 100644
index 0000000000..6ac8773244
--- /dev/null
+++ b/gnu/packages/patches/libarchive-CVE-2016-1541.patch
@@ -0,0 +1,67 @@
+Fix CVE-2016-1541 (buffer overflow zip_read_mac_metadata)
+
+Taken from upstream source repository:
+https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7
+
+When reading OS X metadata entries in Zip archives that were stored
+without compression, libarchive would use the uncompressed entry size
+to allocate a buffer but would use the compressed entry size to limit
+the amount of data copied into that buffer.  Since the compressed
+and uncompressed sizes are provided by data in the archive itself,
+an attacker could manipulate these values to write data beyond
+the end of the allocated buffer.
+
+This fix provides three new checks to guard against such
+manipulation and to make libarchive generally more robust when
+handling this type of entry:
+ 1. If an OS X metadata entry is stored without compression,
+    abort the entire archive if the compressed and uncompressed
+    data sizes do not match.
+ 2. When sanity-checking the size of an OS X metadata entry,
+    abort this entry if either the compressed or uncompressed
+    size is larger than 4MB.
+ 3. When copying data into the allocated buffer, check the copy
+    size against both the compressed entry size and uncompressed
+    entry size.
+---
+ libarchive/archive_read_support_format_zip.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
+index 0f8262c..0a0be96 100644
+--- a/libarchive/archive_read_support_format_zip.c
++++ b/libarchive/archive_read_support_format_zip.c
+@@ -2778,6 +2778,11 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
+ 
+ 	switch(rsrc->compression) {
+ 	case 0:  /* No compression. */
++		if (rsrc->uncompressed_size != rsrc->compressed_size) {
++			archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
++			    "Malformed OS X metadata entry: inconsistent size");
++			return (ARCHIVE_FATAL);
++		}
+ #ifdef HAVE_ZLIB_H
+ 	case 8: /* Deflate compression. */
+ #endif
+@@ -2798,6 +2803,12 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
+ 		    (intmax_t)rsrc->uncompressed_size);
+ 		return (ARCHIVE_WARN);
+ 	}
++	if (rsrc->compressed_size > (4 * 1024 * 1024)) {
++		archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
++		    "Mac metadata is too large: %jd > 4M bytes",
++		    (intmax_t)rsrc->compressed_size);
++		return (ARCHIVE_WARN);
++	}
+ 
+ 	metadata = malloc((size_t)rsrc->uncompressed_size);
+ 	if (metadata == NULL) {
+@@ -2836,6 +2847,8 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry,
+ 			bytes_avail = remaining_bytes;
+ 		switch(rsrc->compression) {
+ 		case 0:  /* No compression. */
++			if ((size_t)bytes_avail > metadata_bytes)
++				bytes_avail = metadata_bytes;
+ 			memcpy(mp, p, bytes_avail);
+ 			bytes_used = (size_t)bytes_avail;
+ 			metadata_bytes -= bytes_used;
diff --git a/gnu/packages/patches/netcdf-config-date.patch b/gnu/packages/patches/netcdf-config-date.patch
new file mode 100644
index 0000000000..5054612e95
--- /dev/null
+++ b/gnu/packages/patches/netcdf-config-date.patch
@@ -0,0 +1,47 @@
+Honor SOURCE_DATE_EPOCH when exporting configuration date.
+Autoconf-level patch submitted upstream on Fri Apr 15 23:07:42 UTC 2016
+
+--- a/configure
++++ b/configure
+@@ -2866,7 +2866,17 @@
+ 
+ 
+ # Configuration Date
+- CONFIG_DATE="`date`"
++ CONFIG_DATE="`date -u`"
++if test -n "$SOURCE_DATE_EPOCH"; then
++  CONFIG_DATE=`date -u -d "@$SOURCE_DATE_EPOCH" 2>/dev/null \
++               || date -u -r "$SOURCE_DATE_EPOCH" 2>/dev/null`
++  if test -z "$CONFIG_DATE"; then
++    as_fn_error $? "malformed SOURCE_DATE_EPOCH" "$LINENO" 5
++  fi
++fi
++cat >>confdefs.h <<_ACEOF
++#define CONFIG_DATE "$CONFIG_DATE"
++_ACEOF
+ 
+ # Find out about the host we're building on.
+ ac_aux_dir=
+--- a/libdispatch/derror.c
++++ b/libdispatch/derror.c
+@@ -13,7 +13,7 @@
+ #endif
+ 
+ /* Tell the user the version of netCDF. */
+-static const char nc_libvers[] = PACKAGE_VERSION " of "__DATE__" "__TIME__" $";
++static const char nc_libvers[] = PACKAGE_VERSION " of "CONFIG_DATE" $";
+ 
+ /**
+ \defgroup lib_version Library Version
+--- a/config.h.in
++++ b/config.h.in
+@@ -393,6 +393,9 @@
+ /* Define to the version of this package. */
+ #undef PACKAGE_VERSION
+ 
++/* Define to the configuration date */
++#undef CONFIG_DATE
++
+ /* The size of `double', as computed by sizeof. */
+ #undef SIZEOF_DOUBLE
+ 
diff --git a/gnu/packages/patches/ocaml-CVE-2015-8869.patch b/gnu/packages/patches/ocaml-CVE-2015-8869.patch
new file mode 100644
index 0000000000..0a4cb34d25
--- /dev/null
+++ b/gnu/packages/patches/ocaml-CVE-2015-8869.patch
@@ -0,0 +1,72 @@
+Adapted from upstream commit 659615c7b100a89eafe6253e7a5b9d84d0e8df74,
+this patch omits the upstream changes to 'Changes' and 'VERSION'.
+
+http://seclists.org/oss-sec/2016/q2/170
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869
+https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74
+---
+ byterun/alloc.c  | 4 ++--
+ byterun/intern.c | 2 +-
+ byterun/str.c    | 4 ++--
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/byterun/alloc.c b/byterun/alloc.c
+index 96a21bf..0db9947 100644
+--- a/byterun/alloc.c
++++ b/byterun/alloc.c
+@@ -153,7 +153,7 @@ CAMLexport int caml_convert_flag_list(value list, int *flags)
+ /* [size] is a [value] representing number of words (fields) */
+ CAMLprim value caml_alloc_dummy(value size)
+ {
+-  mlsize_t wosize = Int_val(size);
++  mlsize_t wosize = Long_val(size);
+ 
+   if (wosize == 0) return Atom(0);
+   return caml_alloc (wosize, 0);
+@@ -169,7 +169,7 @@ CAMLprim value caml_alloc_dummy_function(value size,value arity)
+ /* [size] is a [value] representing number of floats. */
+ CAMLprim value caml_alloc_dummy_float (value size)
+ {
+-  mlsize_t wosize = Int_val(size) * Double_wosize;
++  mlsize_t wosize = Long_val(size) * Double_wosize;
+ 
+   if (wosize == 0) return Atom(0);
+   return caml_alloc (wosize, 0);
+diff --git a/byterun/intern.c b/byterun/intern.c
+index 89d13d1..7b8d049 100644
+--- a/byterun/intern.c
++++ b/byterun/intern.c
+@@ -291,7 +291,7 @@ static void intern_rec(value *dest)
+   case OFreshOID:
+     /* Refresh the object ID */
+     /* but do not do it for predefined exception slots */
+-    if (Int_val(Field((value)dest, 1)) >= 0)
++    if (Long_val(Field((value)dest, 1)) >= 0)
+       caml_set_oo_id((value)dest);
+     /* Pop item and iterate */
+     sp--;
+diff --git a/byterun/str.c b/byterun/str.c
+index 5ad4e29..885772f 100644
+--- a/byterun/str.c
++++ b/byterun/str.c
+@@ -266,7 +266,7 @@ CAMLprim value caml_string_greaterequal(value s1, value s2)
+ CAMLprim value caml_blit_string(value s1, value ofs1, value s2, value ofs2,
+                                 value n)
+ {
+-  memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Int_val(n));
++  memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Long_val(n));
+   return Val_unit;
+ }
+ 
+@@ -278,7 +278,7 @@ CAMLprim value caml_fill_string(value s, value offset, value len, value init)
+ 
+ CAMLprim value caml_bitvect_test(value bv, value n)
+ {
+-  int pos = Int_val(n);
++  intnat pos = Long_val(n);
+   return Val_int(Byte_u(bv, pos >> 3) & (1 << (pos & 7)));
+ }
+ 
+-- 
+2.7.4
+
diff --git a/gnu/packages/patches/poppler-CVE-2015-8868.patch b/gnu/packages/patches/poppler-CVE-2015-8868.patch
deleted file mode 100644
index ac78d32ffa..0000000000
--- a/gnu/packages/patches/poppler-CVE-2015-8868.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Fixes CVE-2015-8868 (heap overflow).
-
-Upstream source:
-https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433
-
-From b3425dd3261679958cd56c0f71995c15d2124433 Mon Sep 17 00:00:00 2001
-From: Albert Astals Cid <aacid@kde.org>
-Date: Tue, 22 Dec 2015 22:50:33 +0100
-Subject: Do not crash on invalid files
-
-Bug #93476
-
-diff --git a/poppler/Function.cc b/poppler/Function.cc
-index 67283df..ee5afc1 100644
---- a/poppler/Function.cc
-+++ b/poppler/Function.cc
-@@ -577,6 +577,10 @@ ExponentialFunction::ExponentialFunction(Object *funcObj, Dict *dict) {
-       goto err2;
-     }
-     n = obj1.arrayGetLength();
-+    if (unlikely(n > funcMaxOutputs)) {
-+      error(errSyntaxError, -1, "Function's C0 array is wrong length");
-+      n = funcMaxOutputs;
-+    }
-     for (i = 0; i < n; ++i) {
-       obj1.arrayGet(i, &obj2);
-       if (!obj2.isNum()) {
--- 
-cgit v0.10.2
-
diff --git a/gnu/packages/patches/portmidi-modular-build.patch b/gnu/packages/patches/portmidi-modular-build.patch
new file mode 100644
index 0000000000..25e64ae317
--- /dev/null
+++ b/gnu/packages/patches/portmidi-modular-build.patch
@@ -0,0 +1,325 @@
+We took this patch from Gentoo to break apart the portmidi build, so that we
+can disable the Java parts and cleanly disable the tests which fail to link
+(possibly because they are linked before “-lportmidi” is available).  The
+patch was downloaded from here:
+
+https://gitweb.gentoo.org/repo/gentoo.git/plain/media-libs/portmidi/files/portmidi-217-cmake.patch?id=56bd759df1d0c750a065b8c845e93d5dfa6b549d
+
+--- portmidi/CMakeLists.txt
++++ portmidi/CMakeLists.txt
+@@ -9,12 +9,11 @@
+   set(CMAKE_BUILD_TYPE Release CACHE STRING 
+       "Semicolon-separate list of supported configuration types")
+   # set default directories but don't override cached values...
+-  set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_CACHEFILE_DIR}/${CMAKE_BUILD_TYPE}
++  set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
+       CACHE STRING "libraries go here")
+-  set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CACHEFILE_DIR}/${CMAKE_BUILD_TYPE}
++  set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
+       CACHE STRING "libraries go here")
+-  set(CMAKE_RUNTIME_OUTPUT_DIRECTORY 
+-      ${CMAKE_CACHEFILE_DIR}/${CMAKE_BUILD_TYPE}
++  set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
+       CACHE STRING "executables go here")
+ 
+ else(UNIX)
+@@ -68,10 +67,20 @@
+ include_directories(pm_common porttime)
+ add_subdirectory(pm_common)
+ 
+-add_subdirectory(pm_test)
++option(PORTMIDI_ENABLE_JAVA "Enable Java bindings support" ON)
++option(PORTMIDI_ENABLE_STATIC "Build and install static libraries" OFF)
++option(PORTMIDI_ENABLE_TEST "Build test programs" ON)
++
++if(PORTMIDI_ENABLE_TEST)
++  add_subdirectory(pm_test)
++endif(PORTMIDI_ENABLE_TEST)
+ 
+ add_subdirectory(pm_dylib)
+ 
+ # Cannot figure out how to make an xcode Java application with CMake
+-add_subdirectory(pm_java)
++if(PORTMIDI_ENABLE_JAVA)
++  set(JAR_INSTALL_DIR share/java
++      CACHE STRING "Define directory name for jar installation")
++  add_subdirectory(pm_java)
++endif(PORTMIDI_ENABLE_JAVA)
+ 
+--- portmidi/pm_common/CMakeLists.txt
++++ portmidi/pm_common/CMakeLists.txt
+@@ -44,9 +44,6 @@
+ 
+ # first include the appropriate system-dependent file:
+ if(UNIX)
+-  # add the -g switch for Linux and Mac OS X (not used in Win32)
+-  set (CMAKE_C_FLAGS_DEBUG "-g ${CMAKE_C_FLAGS_DEBUG}" 
+-       CACHE STRING "enable extra checks for debugging" FORCE)
+   if(APPLE)
+     set(MACSRC pmmacosxcm pmmac readbinaryplist finddefault)
+     prepend_path(LIBSRC ../pm_mac/ ${MACSRC})
+@@ -62,19 +59,23 @@
+                              ${COREMIDI_LIB} ${CORESERVICES_LIB}
+         CACHE INTERNAL "")
+ 
+-    set(JAVAVM_LIB "${FRAMEWORK_PATH}/JavaVM.framework")
+-    set(JAVA_INCLUDE_PATHS ${JAVAVM_LIB}/Headers)
++    if(PORTMIDI_ENABLE_JAVA)
++      set(JAVAVM_LIB "${FRAMEWORK_PATH}/JavaVM.framework")
++      set(JAVA_INCLUDE_PATHS ${JAVAVM_LIB}/Headers)
++    endif(PORTMIDI_ENABLE_JAVA)
+     message(STATUS "SYSROOT: " ${CMAKE_OSX_SYSROOT})
+   else(APPLE)
+     # LINUX settings...
+-    include(FindJNI)
+-    message(STATUS "JAVA_JVM_LIB_PATH is " ${JAVA_JVM_LIB_PATH})
+-    message(STATUS "JAVA_INCLUDE_PATH is " ${JAVA_INCLUDE_PATH})
+-    message(STATUS "JAVA_INCLUDE_PATH2 is " ${JAVA_INCLUDE_PATH2})
+-    message(STATUS "JAVA_JVM_LIBRARY is " ${JAVA_JVM_LIBRARY})
+-    set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
+-    # libjvm.so is found relative to JAVA_INCLUDE_PATH:
+-    set(JAVAVM_LIB ${JAVA_JVM_LIBRARY}/libjvm.so)
++    if(PORTMIDI_ENABLE_JAVA)
++      include(FindJNI)
++      message(STATUS "JAVA_JVM_LIB_PATH is " ${JAVA_JVM_LIB_PATH})
++      message(STATUS "JAVA_INCLUDE_PATH is " ${JAVA_INCLUDE_PATH})
++      message(STATUS "JAVA_INCLUDE_PATH2 is " ${JAVA_INCLUDE_PATH2})
++      message(STATUS "JAVA_JVM_LIBRARY is " ${JAVA_JVM_LIBRARY})
++      set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
++      # libjvm.so is found relative to JAVA_INCLUDE_PATH:
++      set(JAVAVM_LIB ${JAVA_JVM_LIBRARY}/libjvm.so)
++    endif(PORTMIDI_ENABLE_JAVA)
+ 
+     set(LINUXSRC pmlinuxalsa pmlinux finddefault)
+     prepend_path(LIBSRC ../pm_linux/ ${LINUXSRC})
+@@ -88,10 +89,12 @@
+     # /MD is multithread DLL, /MT is multithread. Change to static:
+     include(../pm_win/static.cmake)
+     
+-    include(FindJNI)
++    if(PORTMIDI_ENABLE_JAVA)
++      include(FindJNI)
+ 
+-    set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
+-    # message(STATUS "JAVA_INCLUDE_PATHS: " ${JAVA_INCLUDE_PATHS})
++      set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
++      # message(STATUS "JAVA_INCLUDE_PATHS: " ${JAVA_INCLUDE_PATHS})
++    endif(PORTMIDI_ENABLE_JAVA)
+ 
+     set(WINSRC pmwin pmwinmm)
+     prepend_path(LIBSRC ../pm_win/ ${WINSRC})
+@@ -99,29 +102,43 @@
+     set(PM_NEEDED_LIBS winmm.lib)
+   endif(WIN32)
+ endif(UNIX)
+-set(JNI_EXTRA_LIBS ${PM_NEEDED_LIBS} ${JAVA_JVM_LIBRARY})
++
++if(PORTMIDI_ENABLE_JAVA)
++  set(JNI_EXTRA_LIBS ${PM_NEEDED_LIBS} ${JAVA_JVM_LIBRARY})
++endif(PORTMIDI_ENABLE_JAVA)
+ 
+ # this completes the list of library sources by adding shared code
+ list(APPEND LIBSRC pmutil portmidi)
+ 
+ # now add the shared files to make the complete list of library sources
+-add_library(portmidi-static ${LIBSRC})
+-set_target_properties(portmidi-static PROPERTIES OUTPUT_NAME "portmidi_s")
+-target_link_libraries(portmidi-static ${PM_NEEDED_LIBS})
+-
+-# define the jni library
+-include_directories(${JAVA_INCLUDE_PATHS})
+-
+-set(JNISRC ${LIBSRC} ../pm_java/pmjni/pmjni.c)
+-add_library(pmjni SHARED ${JNISRC})
+-target_link_libraries(pmjni ${JNI_EXTRA_LIBS})
+-set_target_properties(pmjni PROPERTIES EXECUTABLE_EXTENSION "jnilib")
++if(PORTMIDI_ENABLE_STATIC)
++  add_library(portmidi-static ${LIBSRC})
++  set_target_properties(portmidi-static PROPERTIES OUTPUT_NAME "portmidi")
++  target_link_libraries(portmidi-static ${PM_NEEDED_LIBS})
++endif(PORTMIDI_ENABLE_STATIC)
++
++if(PORTMIDI_ENABLE_JAVA)
++  # define the jni library
++  include_directories(${JAVA_INCLUDE_PATHS})
++
++  set(JNISRC ${LIBSRC} ../pm_java/pmjni/pmjni.c)
++  add_library(pmjni SHARED ${JNISRC})
++  target_link_libraries(pmjni ${JNI_EXTRA_LIBS})
++  set_target_properties(pmjni PROPERTIES EXECUTABLE_EXTENSION "jnilib")
++endif(PORTMIDI_ENABLE_JAVA)
+ 
+ # install the libraries (Linux and Mac OS X command line)
+ if(UNIX)
+-  INSTALL(TARGETS portmidi-static pmjni
+-    LIBRARY DESTINATION /usr/local/lib
+-    ARCHIVE DESTINATION /usr/local/lib)
++  if(PORTMIDI_ENABLE_STATIC)
++    INSTALL(TARGETS portmidi-static
++      LIBRARY DESTINATION lib${LIB_SUFFIX}
++      ARCHIVE DESTINATION lib${LIB_SUFFIX})
++  endif(PORTMIDI_ENABLE_STATIC)
++  if(PORTMIDI_ENABLE_JAVA)
++    INSTALL(TARGETS pmjni
++      LIBRARY DESTINATION lib${LIB_SUFFIX}
++      ARCHIVE DESTINATION lib${LIB_SUFFIX})
++  endif(PORTMIDI_ENABLE_JAVA)
+ # .h files installed by pm_dylib/CMakeLists.txt, so don't need them here
+ #  INSTALL(FILES portmidi.h ../porttime/porttime.h
+ #    DESTINATION /usr/local/include)
+--- portmidi/pm_dylib/CMakeLists.txt
++++ portmidi/pm_dylib/CMakeLists.txt
+@@ -39,9 +39,6 @@
+ 
+ # first include the appropriate system-dependent file:
+ if(UNIX)
+-  # add the -g switch for Linux and Mac OS X (not used in Win32)
+-  set (CMAKE_C_FLAGS_DEBUG "-g ${CMAKE_C_FLAGS_DEBUG}" 
+-       CACHE STRING "enable extra checks for debugging" FORCE)
+   if(APPLE)
+     set(MACSRC pmmacosxcm pmmac readbinaryplist finddefault)
+     prepend_path(LIBSRC ../pm_mac/ ${MACSRC})
+@@ -63,7 +60,8 @@
+     message(STATUS "SYSROOT: " ${CMAKE_OSX_SYSROOT})
+   else(APPLE)
+     # LINUX settings...
+-    include(FindJNI)
++    if(PORTMIDI_ENABLE_JAVA)
++      include(FindJNI)
+     # message(STATUS "JAVA_JVM_LIB_PATH is " ${JAVA_JVM_LIB_PATH})
+     # message(STATUS "JAVA_INCLUDE_PATH is " ${JAVA_INCLUDE_PATH})
+     # note: should use JAVA_JVM_LIB_PATH, but it is not set properly
+@@ -75,11 +73,8 @@
+     # JAVA_INCLUDE_PATH2; if no, then we need to make both JAVA_INCLUDE_PATH
+     # and JAVA_INCLUDE_PATH2 set by user (will need clear documentation
+     # because JAVA_INCLUDE_PATH2 is pretty obscure)
+-    set(JAVA_INCLUDE_PATH  ${JAVA_INCLUDE_PATH-UNKNOWN}
+-        CACHE STRING "where to find Java SDK include directory")
+-    set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH}/linux)
+-    # libjvm.so is found relative to JAVA_INCLUDE_PATH:
+-    set(JAVAVM_LIB ${JAVA_INCLUDE_PATH}/../jre/lib/i386/client/libjvm.so)
++      set(JAVAVM_LIB ${JAVA_JVM_LIBRARY})
++    endif(PORTMIDI_ENABLE_JAVA)
+ 
+     set(LINUXSRC pmlinuxalsa pmlinux finddefault)
+     prepend_path(LIBSRC ../pm_linux/ ${LINUXSRC})
+@@ -91,13 +86,15 @@
+   if(WIN32)
+     # /MDd is multithread debug DLL, /MTd is multithread debug
+     # /MD is multithread DLL, /MT is multithread 
+-    
+-    include(FindJNI)
+-    # note: should use JAVA_JVM_LIB_PATH, but it is not set properly
+-    set(JAVAVM_LIB ${JAVA_INCLUDE_PATH}/../lib/jvm.lib)
+ 
+-    set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
+-    # message(STATUS "JAVA_INCLUDE_PATHS: " ${JAVA_INCLUDE_PATHS})
++    if(PORTMIDI_ENABLE_JAVA)
++      include(FindJNI)
++      # note: should use JAVA_JVM_LIB_PATH, but it is not set properly
++      set(JAVAVM_LIB ${JAVA_INCLUDE_PATH}/../lib/jvm.lib)
++
++      set(JAVA_INCLUDE_PATHS ${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
++      # message(STATUS "JAVA_INCLUDE_PATHS: " ${JAVA_INCLUDE_PATHS})
++    endif(PORTMIDI_ENABLE_JAVA)
+ 
+     set(WINSRC pmwin pmwinmm)
+     prepend_path(LIBSRC ../pm_win/ ${WINSRC})
+@@ -106,7 +103,10 @@
+     # message(STATUS "JAVAVM_LIB: " ${JAVAVM_LIB})
+   endif(WIN32)
+ endif(UNIX)
++
++if(PORTMIDI_ENABLE_JAVA)
+ set(JNI_EXTRA_LIBS ${PM_NEEDED_LIBS} ${JAVAVM_LIB})
++endif(PORTMIDI_ENABLE_JAVA)
+ 
+ # this completes the list of library sources by adding shared code
+ set(SHARED_FILES pmutil portmidi)
+@@ -120,8 +120,8 @@
+ # install the libraries (Linux and Mac OS X command line)
+ if(UNIX)
+   INSTALL(TARGETS portmidi-dynamic
+-    LIBRARY DESTINATION /usr/local/lib
+-    ARCHIVE DESTINATION /usr/local/lib)
++    LIBRARY DESTINATION lib${LIB_SUFFIX}
++    ARCHIVE DESTINATION lib${LIB_SUFFIX})
+   INSTALL(FILES ../pm_common/portmidi.h ../porttime/porttime.h
+-    DESTINATION /usr/local/include)
++    DESTINATION include)
+ endif(UNIX)
+--- portmidi/pm_java/CMakeLists.txt
++++ portmidi/pm_java/CMakeLists.txt
+@@ -5,43 +5,24 @@
+     # java not dealt with in CMake -- see pm_mac/pm_mac.xcodeproj
+   else(APPLE)
+     # linux
+-    set(JPORTMIDICLASS JPortMidi.class JPortMidiException.class
+-    		       JPortMidiApi.class)
+-    set(PMDEFAULTSCLASS PmDefaultsFrame.class PmDefaults.class)
+-    prepend_path(JPORTMIDICLASS2 jportmidi/ ${JPORTMIDICLASS})
+-    prepend_path(PMDEFAULTSCLASS2 pmdefaults/ ${PMDEFAULTSCLASS})
+-    set(PMDEFAULTS_ALL_CLASSES ${JPORTMIDICLASS2} ${PMDEFAULTSCLASS2})
+-    # message(STATUS "PMDEFAULTS_ALL_CLASSES is " ${PMDEFAULTS_ALL_CLASSES})
+-    add_custom_command(OUTPUT pmdefaults/PmDefaultsFrame.class
+-        COMMAND javac -classpath . pmdefaults/PmDefaultsFrame.java
+-	MAIN_DEPENDENCY pmdefaults/PmDefaultsFrame.java
+-	DEPENDS pmdefaults/PmDefaults.java
+-	WORKING_DIRECTORY pm_java)
+-    add_custom_command(OUTPUT pmdefaults/PmDefaults.class
+-        COMMAND javac -classpath . pmdefaults/PmDefaults.java
+-	MAIN_DEPENDENCY pmdefaults/PmDefaults.java
+-	DEPENDS pmdefaults/PmDefaultsFrame.java
+-	WORKING_DIRECTORY pm_java)
+-    add_custom_command(OUTPUT ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/pmdefaults.jar
+-        COMMAND	cp pmdefaults/portmusic_logo.png .
+-        COMMAND	jar cmf pmdefaults/manifest.txt pmdefaults.jar
+-		pmdefaults/*.class portmusic_logo.png jportmidi/*.class
+-  	COMMAND chmod +x pmdefaults/pmdefaults
+-	COMMAND cp pmdefaults/pmdefaults ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}
+-	COMMAND mv pmdefaults.jar ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}
+-	COMMAND rm portmusic_logo.png
+-	MAIN_DEPENDENCY pmdefaults/PmDefaults.class
+-	DEPENDS ${PMDEFAULTS_ALL_CLASSES}
+-	WORKING_DIRECTORY pm_java)
+-    add_custom_target(pmdefaults_target ALL 
+-        DEPENDS ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/pmdefaults.jar)
+-    # message(STATUS "add_custom_target: pmdefaults.jar")
++	set(JAVA_CLASSES jportmidi pmdefaults)
++	add_custom_command(OUTPUT ${JAVA_CLASSES}
++		COMMAND javac -d ${CMAKE_CURRENT_BINARY_DIR} jportmidi/*.java pmdefaults/*.java
++		WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
++	add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/pmdefaults.jar
++		DEPENDS ${JAVA_CLASSES}
++		COMMAND jar cmf pmdefaults/manifest.txt ${CMAKE_CURRENT_BINARY_DIR}/pmdefaults.jar
++		-C pmdefaults portmusic_logo.png -C ${CMAKE_CURRENT_BINARY_DIR} jportmidi
++		-C ${CMAKE_CURRENT_BINARY_DIR} pmdefaults
++		WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
++	add_custom_target(pmdefaults.jar ALL
++		DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/pmdefaults.jar)
+ 
+     # install the libraries (Linux only)
+-    INSTALL(FILES ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/pmdefaults.jar
+-      DESTINATION /usr/share/java)
+-    INSTALL(PROGRAMS ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/pmdefaults
+-      DESTINATION /usr/local/bin)
++    INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/pmdefaults.jar
++      DESTINATION ${JAR_INSTALL_DIR})
++    INSTALL(PROGRAMS ${CMAKE_CURRENT_SOURCE_DIR}/pmdefaults/pmdefaults
++      DESTINATION bin)
+   endif(APPLE)
+ endif(UNIX)
+ # In windows, use pm_java/make.bat
+--- portmidi/pm_test/CMakeLists.txt
++++ portmidi/pm_test/CMakeLists.txt
+@@ -12,8 +12,8 @@
+ 
+ macro(make_a_test name)
+   add_executable(${name} ${name}.c)
+-  target_link_libraries(${name} portmidi-static ${PM_NEEDED_LIBS})
+-  add_dependencies(${name} portmidi-static)
++  target_link_libraries(${name} portmidi ${PM_NEEDED_LIBS})
++  add_dependencies(${name} portmidi)
+ endmacro(make_a_test)
+ 
+ make_a_test(test)
diff --git a/gnu/packages/patches/qemu-CVE-2015-8558.patch b/gnu/packages/patches/qemu-CVE-2015-8558.patch
deleted file mode 100644
index f755d735cb..0000000000
--- a/gnu/packages/patches/qemu-CVE-2015-8558.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 156a2e4dbffa85997636a7a39ef12da6f1b40254 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Mon, 14 Dec 2015 09:21:23 +0100
-Subject: [PATCH] ehci: make idt processing more robust
-
-Make ehci_process_itd return an error in case we didn't do any actual
-iso transfer because we've found no active transaction.  That'll avoid
-ehci happily run in circles forever if the guest builds a loop out of
-idts.
-
-This is CVE-2015-8558.
-
-Cc: qemu-stable@nongnu.org
-Reported-by: Qinghao Tang <luodalongde@gmail.com>
-Tested-by: P J P <ppandit@redhat.com>
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
----
- hw/usb/hcd-ehci.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index 4e2161b..d07f228 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -1389,7 +1389,7 @@ static int ehci_process_itd(EHCIState *ehci,
- {
-     USBDevice *dev;
-     USBEndpoint *ep;
--    uint32_t i, len, pid, dir, devaddr, endp;
-+    uint32_t i, len, pid, dir, devaddr, endp, xfers = 0;
-     uint32_t pg, off, ptr1, ptr2, max, mult;
- 
-     ehci->periodic_sched_active = PERIODIC_ACTIVE;
-@@ -1479,9 +1479,10 @@ static int ehci_process_itd(EHCIState *ehci,
-                 ehci_raise_irq(ehci, USBSTS_INT);
-             }
-             itd->transact[i] &= ~ITD_XACT_ACTIVE;
-+            xfers++;
-         }
-     }
--    return 0;
-+    return xfers ? 0 : -1;
- }
- 
- 
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2015-8567.patch b/gnu/packages/patches/qemu-CVE-2015-8567.patch
deleted file mode 100644
index 0cfd8e9627..0000000000
--- a/gnu/packages/patches/qemu-CVE-2015-8567.patch
+++ /dev/null
@@ -1,93 +0,0 @@
-From aa4a3dce1c88ed51b616806b8214b7c8428b7470 Mon Sep 17 00:00:00 2001
-From: P J P <ppandit@redhat.com>
-Date: Tue, 15 Dec 2015 12:27:54 +0530
-Subject: [PATCH] net: vmxnet3: avoid memory leakage in activate_device
-
-Vmxnet3 device emulator does not check if the device is active
-before activating it, also it did not free the transmit & receive
-buffers while deactivating the device, thus resulting in memory
-leakage on the host. This patch fixes both these issues to avoid
-host memory leakage.
-
-Reported-by: Qinghao Tang <luodalongde@gmail.com>
-Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Jason Wang <jasowang@redhat.com>
----
- hw/net/vmxnet3.c | 24 ++++++++++++++++--------
- 1 file changed, 16 insertions(+), 8 deletions(-)
-
-diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
-index a5dd79a..9c1adfc 100644
---- a/hw/net/vmxnet3.c
-+++ b/hw/net/vmxnet3.c
-@@ -1194,8 +1194,13 @@ static void vmxnet3_reset_mac(VMXNET3State *s)
- 
- static void vmxnet3_deactivate_device(VMXNET3State *s)
- {
--    VMW_CBPRN("Deactivating vmxnet3...");
--    s->device_active = false;
-+    if (s->device_active) {
-+        VMW_CBPRN("Deactivating vmxnet3...");
-+        vmxnet_tx_pkt_reset(s->tx_pkt);
-+        vmxnet_tx_pkt_uninit(s->tx_pkt);
-+        vmxnet_rx_pkt_uninit(s->rx_pkt);
-+        s->device_active = false;
-+    }
- }
- 
- static void vmxnet3_reset(VMXNET3State *s)
-@@ -1204,7 +1209,6 @@ static void vmxnet3_reset(VMXNET3State *s)
- 
-     vmxnet3_deactivate_device(s);
-     vmxnet3_reset_interrupt_states(s);
--    vmxnet_tx_pkt_reset(s->tx_pkt);
-     s->drv_shmem = 0;
-     s->tx_sop = true;
-     s->skip_current_tx_pkt = false;
-@@ -1431,6 +1435,12 @@ static void vmxnet3_activate_device(VMXNET3State *s)
-         return;
-     }
- 
-+    /* Verify if device is active */
-+    if (s->device_active) {
-+        VMW_CFPRN("Vmxnet3 device is active");
-+        return;
-+    }
-+
-     vmxnet3_adjust_by_guest_type(s);
-     vmxnet3_update_features(s);
-     vmxnet3_update_pm_state(s);
-@@ -1627,7 +1637,7 @@ static void vmxnet3_handle_command(VMXNET3State *s, uint64_t cmd)
-         break;
- 
-     case VMXNET3_CMD_QUIESCE_DEV:
--        VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - pause the device");
-+        VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - deactivate the device");
-         vmxnet3_deactivate_device(s);
-         break;
- 
-@@ -1741,7 +1751,7 @@ vmxnet3_io_bar1_write(void *opaque,
-          * shared address only after we get the high part
-          */
-         if (val == 0) {
--            s->device_active = false;
-+            vmxnet3_deactivate_device(s);
-         }
-         s->temp_shared_guest_driver_memory = val;
-         s->drv_shmem = 0;
-@@ -2021,9 +2031,7 @@ static bool vmxnet3_peer_has_vnet_hdr(VMXNET3State *s)
- static void vmxnet3_net_uninit(VMXNET3State *s)
- {
-     g_free(s->mcast_list);
--    vmxnet_tx_pkt_reset(s->tx_pkt);
--    vmxnet_tx_pkt_uninit(s->tx_pkt);
--    vmxnet_rx_pkt_uninit(s->rx_pkt);
-+    vmxnet3_deactivate_device(s);
-     qemu_del_nic(s->nic);
- }
- 
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2015-8613.patch b/gnu/packages/patches/qemu-CVE-2015-8613.patch
deleted file mode 100644
index 3bcc6ab8d6..0000000000
--- a/gnu/packages/patches/qemu-CVE-2015-8613.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 36fef36b91f7ec0435215860f1458b5342ce2811 Mon Sep 17 00:00:00 2001
-From: P J P <ppandit@redhat.com>
-Date: Mon, 21 Dec 2015 15:13:13 +0530
-Subject: [PATCH] scsi: initialise info object with appropriate size
-
-While processing controller 'CTRL_GET_INFO' command, the routine
-'megasas_ctrl_get_info' overflows the '&info' object size. Use its
-appropriate size to null initialise it.
-
-Reported-by: Qinghao Tang <luodalongde@gmail.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Message-Id: <alpine.LFD.2.20.1512211501420.22471@wniryva>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: P J P <ppandit@redhat.com>
----
- hw/scsi/megasas.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
-index d7dc667..576f56c 100644
---- a/hw/scsi/megasas.c
-+++ b/hw/scsi/megasas.c
-@@ -718,7 +718,7 @@ static int megasas_ctrl_get_info(MegasasState *s, MegasasCmd *cmd)
-     BusChild *kid;
-     int num_pd_disks = 0;
- 
--    memset(&info, 0x0, cmd->iov_size);
-+    memset(&info, 0x0, dcmd_size);
-     if (cmd->iov_size < dcmd_size) {
-         trace_megasas_dcmd_invalid_xfer_len(cmd->index, cmd->iov_size,
-                                             dcmd_size);
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2015-8619.patch b/gnu/packages/patches/qemu-CVE-2015-8619.patch
deleted file mode 100644
index 5961343d1e..0000000000
--- a/gnu/packages/patches/qemu-CVE-2015-8619.patch
+++ /dev/null
@@ -1,119 +0,0 @@
-From: Wolfgang Bumiller <w.bumiller@proxmox.com>
-Date: Wed, 13 Jan 2016 09:09:58 +0100
-Subject: [PATCH] hmp: fix sendkey out of bounds write (CVE-2015-8619)
-
-When processing 'sendkey' command, hmp_sendkey routine null
-terminates the 'keyname_buf' array. This results in an OOB
-write issue, if 'keyname_len' was to fall outside of
-'keyname_buf' array.
-
-Since the keyname's length is known the keyname_buf can be
-removed altogether by adding a length parameter to
-index_from_key() and using it for the error output as well.
-
-Reported-by: Ling Liu <liuling-it@360.cn>
-Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
-Message-Id: <20160113080958.GA18934@olga>
-[Comparison with "<" dumbed down, test for junk after strtoul()
-tweaked]
-Signed-off-by: Markus Armbruster <armbru@redhat.com>
-
-(cherry picked from commit 64ffbe04eaafebf4045a3ace52a360c14959d196)
----
- hmp.c                | 18 ++++++++----------
- include/ui/console.h |  2 +-
- ui/input-legacy.c    |  5 +++--
- 3 files changed, 12 insertions(+), 13 deletions(-)
-
-diff --git a/hmp.c b/hmp.c
-index 2140605..1904203 100644
---- a/hmp.c
-+++ b/hmp.c
-@@ -1734,21 +1734,18 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict)
-     int has_hold_time = qdict_haskey(qdict, "hold-time");
-     int hold_time = qdict_get_try_int(qdict, "hold-time", -1);
-     Error *err = NULL;
--    char keyname_buf[16];
-     char *separator;
-     int keyname_len;
- 
-     while (1) {
-         separator = strchr(keys, '-');
-         keyname_len = separator ? separator - keys : strlen(keys);
--        pstrcpy(keyname_buf, sizeof(keyname_buf), keys);
- 
-         /* Be compatible with old interface, convert user inputted "<" */
--        if (!strncmp(keyname_buf, "<", 1) && keyname_len == 1) {
--            pstrcpy(keyname_buf, sizeof(keyname_buf), "less");
-+        if (keys[0] == '<' && keyname_len == 1) {
-+            keys = "less";
-             keyname_len = 4;
-         }
--        keyname_buf[keyname_len] = 0;
- 
-         keylist = g_malloc0(sizeof(*keylist));
-         keylist->value = g_malloc0(sizeof(*keylist->value));
-@@ -1761,16 +1758,17 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict)
-         }
-         tmp = keylist;
- 
--        if (strstart(keyname_buf, "0x", NULL)) {
-+        if (strstart(keys, "0x", NULL)) {
-             char *endp;
--            int value = strtoul(keyname_buf, &endp, 0);
--            if (*endp != '\0') {
-+            int value = strtoul(keys, &endp, 0);
-+            assert(endp <= keys + keyname_len);
-+            if (endp != keys + keyname_len) {
-                 goto err_out;
-             }
-             keylist->value->type = KEY_VALUE_KIND_NUMBER;
-             keylist->value->u.number = value;
-         } else {
--            int idx = index_from_key(keyname_buf);
-+            int idx = index_from_key(keys, keyname_len);
-             if (idx == Q_KEY_CODE_MAX) {
-                 goto err_out;
-             }
-@@ -1792,7 +1790,7 @@ out:
-     return;
- 
- err_out:
--    monitor_printf(mon, "invalid parameter: %s\n", keyname_buf);
-+    monitor_printf(mon, "invalid parameter: %.*s\n", keyname_len, keys);
-     goto out;
- }
- 
-diff --git a/include/ui/console.h b/include/ui/console.h
-index c249db4..5739bdd 100644
---- a/include/ui/console.h
-+++ b/include/ui/console.h
-@@ -433,7 +433,7 @@ static inline int vnc_display_pw_expire(const char *id, time_t expires)
- void curses_display_init(DisplayState *ds, int full_screen);
- 
- /* input.c */
--int index_from_key(const char *key);
-+int index_from_key(const char *key, size_t key_length);
- 
- /* gtk.c */
- void early_gtk_display_init(int opengl);
-diff --git a/ui/input-legacy.c b/ui/input-legacy.c
-index e0a39f0..3f28bbc 100644
---- a/ui/input-legacy.c
-+++ b/ui/input-legacy.c
-@@ -57,12 +57,13 @@ struct QEMUPutLEDEntry {
- static QTAILQ_HEAD(, QEMUPutLEDEntry) led_handlers =
-     QTAILQ_HEAD_INITIALIZER(led_handlers);
- 
--int index_from_key(const char *key)
-+int index_from_key(const char *key, size_t key_length)
- {
-     int i;
- 
-     for (i = 0; QKeyCode_lookup[i] != NULL; i++) {
--        if (!strcmp(key, QKeyCode_lookup[i])) {
-+        if (!strncmp(key, QKeyCode_lookup[i], key_length) &&
-+            !QKeyCode_lookup[i][key_length]) {
-             break;
-         }
-     }
diff --git a/gnu/packages/patches/qemu-CVE-2015-8701.patch b/gnu/packages/patches/qemu-CVE-2015-8701.patch
deleted file mode 100644
index c7ab7b68b0..0000000000
--- a/gnu/packages/patches/qemu-CVE-2015-8701.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 007cd223de527b5f41278f2d886c1a4beb3e67aa Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Mon, 28 Dec 2015 16:24:08 +0530
-Subject: [PATCH] net: rocker: fix an incorrect array bounds check
-
-While processing transmit(tx) descriptors in 'tx_consume' routine
-the switch emulator suffers from an off-by-one error, if a
-descriptor was to have more than allowed(ROCKER_TX_FRAGS_MAX=16)
-fragments. Fix an incorrect bounds check to avoid it.
-
-Reported-by: Qinghao Tang <luodalongde@gmail.com>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Signed-off-by: Jason Wang <jasowang@redhat.com>
----
- hw/net/rocker/rocker.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
-index c57f1a6..2e77e50 100644
---- a/hw/net/rocker/rocker.c
-+++ b/hw/net/rocker/rocker.c
-@@ -232,6 +232,9 @@ static int tx_consume(Rocker *r, DescInfo *info)
-         frag_addr = rocker_tlv_get_le64(tlvs[ROCKER_TLV_TX_FRAG_ATTR_ADDR]);
-         frag_len = rocker_tlv_get_le16(tlvs[ROCKER_TLV_TX_FRAG_ATTR_LEN]);
- 
-+        if (iovcnt >= ROCKER_TX_FRAGS_MAX) {
-+            goto err_too_many_frags;
-+        }
-         iov[iovcnt].iov_len = frag_len;
-         iov[iovcnt].iov_base = g_malloc(frag_len);
-         if (!iov[iovcnt].iov_base) {
-@@ -244,10 +247,7 @@ static int tx_consume(Rocker *r, DescInfo *info)
-             err = -ROCKER_ENXIO;
-             goto err_bad_io;
-         }
--
--        if (++iovcnt > ROCKER_TX_FRAGS_MAX) {
--            goto err_too_many_frags;
--        }
-+        iovcnt++;
-     }
- 
-     if (iovcnt) {
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2015-8743.patch b/gnu/packages/patches/qemu-CVE-2015-8743.patch
deleted file mode 100644
index 4a9d0e2f2d..0000000000
--- a/gnu/packages/patches/qemu-CVE-2015-8743.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From aa7f9966dfdff500bbbf1956d9e115b1fa8987a6 Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Thu, 31 Dec 2015 17:05:27 +0530
-Subject: [PATCH] net: ne2000: fix bounds check in ioport operations
-
-While doing ioport r/w operations, ne2000 device emulation suffers
-from OOB r/w errors. Update respective array bounds check to avoid
-OOB access.
-
-Reported-by: Ling Liu <liuling-it@360.cn>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Signed-off-by: Jason Wang <jasowang@redhat.com>
----
- hw/net/ne2000.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/hw/net/ne2000.c b/hw/net/ne2000.c
-index 010f9ef..a3dffff 100644
---- a/hw/net/ne2000.c
-+++ b/hw/net/ne2000.c
-@@ -467,8 +467,9 @@ static inline void ne2000_mem_writel(NE2000State *s, uint32_t addr,
-                                      uint32_t val)
- {
-     addr &= ~1; /* XXX: check exact behaviour if not even */
--    if (addr < 32 ||
--        (addr >= NE2000_PMEM_START && addr < NE2000_MEM_SIZE)) {
-+    if (addr < 32
-+        || (addr >= NE2000_PMEM_START
-+            && addr + sizeof(uint32_t) <= NE2000_MEM_SIZE)) {
-         stl_le_p(s->mem + addr, val);
-     }
- }
-@@ -497,8 +498,9 @@ static inline uint32_t ne2000_mem_readw(NE2000State *s, uint32_t addr)
- static inline uint32_t ne2000_mem_readl(NE2000State *s, uint32_t addr)
- {
-     addr &= ~1; /* XXX: check exact behaviour if not even */
--    if (addr < 32 ||
--        (addr >= NE2000_PMEM_START && addr < NE2000_MEM_SIZE)) {
-+    if (addr < 32
-+        || (addr >= NE2000_PMEM_START
-+            && addr + sizeof(uint32_t) <= NE2000_MEM_SIZE)) {
-         return ldl_le_p(s->mem + addr);
-     } else {
-         return 0xffffffff;
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2016-1568.patch b/gnu/packages/patches/qemu-CVE-2016-1568.patch
deleted file mode 100644
index 53863704cd..0000000000
--- a/gnu/packages/patches/qemu-CVE-2016-1568.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 4ab0359a8ae182a7ac5c99609667273167703fab Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Mon, 11 Jan 2016 14:10:42 -0500
-Subject: [PATCH] ide: ahci: reset ncq object to unused on error
-
-When processing NCQ commands, AHCI device emulation prepares a
-NCQ transfer object; To which an aio control block(aiocb) object
-is assigned in 'execute_ncq_command'. In case, when the NCQ
-command is invalid, the 'aiocb' object is not assigned, and NCQ
-transfer object is left as 'used'. This leads to a use after
-free kind of error in 'bdrv_aio_cancel_async' via 'ahci_reset_port'.
-Reset NCQ transfer object to 'unused' to avoid it.
-
-[Maintainer edit: s/ACHI/AHCI/ in the commit message. --js]
-
-Reported-by: Qinghao Tang <luodalongde@gmail.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Reviewed-by: John Snow <jsnow@redhat.com>
-Message-id: 1452282511-4116-1-git-send-email-ppandit@redhat.com
-Signed-off-by: John Snow <jsnow@redhat.com>
----
- hw/ide/ahci.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
-index dd1912e..17f1cbd 100644
---- a/hw/ide/ahci.c
-+++ b/hw/ide/ahci.c
-@@ -910,6 +910,7 @@ static void ncq_err(NCQTransferState *ncq_tfs)
-     ide_state->error = ABRT_ERR;
-     ide_state->status = READY_STAT | ERR_STAT;
-     ncq_tfs->drive->port_regs.scr_err |= (1 << ncq_tfs->tag);
-+    ncq_tfs->used = 0;
- }
- 
- static void ncq_finish(NCQTransferState *ncq_tfs)
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2016-1922.patch b/gnu/packages/patches/qemu-CVE-2016-1922.patch
deleted file mode 100644
index 36d9bd2591..0000000000
--- a/gnu/packages/patches/qemu-CVE-2016-1922.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From 4c1396cb576c9b14425558b73de1584c7a9735d7 Mon Sep 17 00:00:00 2001
-From: P J P <ppandit@redhat.com>
-Date: Fri, 18 Dec 2015 11:35:07 +0530
-Subject: [PATCH] i386: avoid null pointer dereference
-
-    Hello,
-
-A null pointer dereference issue was reported by Mr Ling Liu, CC'd here. It
-occurs while doing I/O port write operations via hmp interface. In that,
-'current_cpu' remains null as it is not called from cpu_exec loop, which
-results in the said issue.
-
-Below is a proposed (tested)patch to fix this issue; Does it look okay?
-
-===
-From ae88a4947fab9a148cd794f8ad2d812e7f5a1d0f Mon Sep 17 00:00:00 2001
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Fri, 18 Dec 2015 11:16:07 +0530
-Subject: [PATCH] i386: avoid null pointer dereference
-
-When I/O port write operation is called from hmp interface,
-'current_cpu' remains null, as it is not called from cpu_exec()
-loop. This leads to a null pointer dereference in vapic_write
-routine. Add check to avoid it.
-
-Reported-by: Ling Liu <liuling-it@360.cn>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Message-Id: <alpine.LFD.2.20.1512181129320.9805@wniryva>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: P J P <ppandit@redhat.com>
----
- hw/i386/kvmvapic.c | 15 ++++++++++-----
- 1 file changed, 10 insertions(+), 5 deletions(-)
-
-diff --git a/hw/i386/kvmvapic.c b/hw/i386/kvmvapic.c
-index c6d34b2..f0922da 100644
---- a/hw/i386/kvmvapic.c
-+++ b/hw/i386/kvmvapic.c
-@@ -634,13 +634,18 @@ static int vapic_prepare(VAPICROMState *s)
- static void vapic_write(void *opaque, hwaddr addr, uint64_t data,
-                         unsigned int size)
- {
--    CPUState *cs = current_cpu;
--    X86CPU *cpu = X86_CPU(cs);
--    CPUX86State *env = &cpu->env;
--    hwaddr rom_paddr;
-     VAPICROMState *s = opaque;
-+    X86CPU *cpu;
-+    CPUX86State *env;
-+    hwaddr rom_paddr;
- 
--    cpu_synchronize_state(cs);
-+    if (!current_cpu) {
-+        return;
-+    }
-+
-+    cpu_synchronize_state(current_cpu);
-+    cpu = X86_CPU(current_cpu);
-+    env = &cpu->env;
- 
-     /*
-      * The VAPIC supports two PIO-based hypercalls, both via port 0x7E.
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/qemu-CVE-2016-1981.patch b/gnu/packages/patches/qemu-CVE-2016-1981.patch
deleted file mode 100644
index 03e7b333c9..0000000000
--- a/gnu/packages/patches/qemu-CVE-2016-1981.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-From: Laszlo Ersek <lersek@redhat.com>
-Date: Tue, 19 Jan 2016 14:17:20 +0100
-Subject: [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer
- start
-
-The start_xmit() and e1000_receive_iov() functions implement DMA transfers
-iterating over a set of descriptors that the guest's e1000 driver
-prepares:
-
-- the TDLEN and RDLEN registers store the total size of the descriptor
-  area,
-
-- while the TDH and RDH registers store the offset (in whole tx / rx
-  descriptors) into the area where the transfer is supposed to start.
-
-Each time a descriptor is processed, the TDH and RDH register is bumped
-(as appropriate for the transfer direction).
-
-QEMU already contains logic to deal with bogus transfers submitted by the
-guest:
-
-- Normally, the transmit case wants to increase TDH from its initial value
-  to TDT. (TDT is allowed to be numerically smaller than the initial TDH
-  value; wrapping at or above TDLEN bytes to zero is normal.) The failsafe
-  that QEMU currently has here is a check against reaching the original
-  TDH value again -- a complete wraparound, which should never happen.
-
-- In the receive case RDH is increased from its initial value until
-  "total_size" bytes have been received; preferably in a single step, or
-  in "s->rxbuf_size" byte steps, if the latter is smaller. However, null
-  RX descriptors are skipped without receiving data, while RDH is
-  incremented just the same. QEMU tries to prevent an infinite loop
-  (processing only null RX descriptors) by detecting whether RDH assumes
-  its original value during the loop. (Again, wrapping from RDLEN to 0 is
-  normal.)
-
-What both directions miss is that the guest could program TDLEN and RDLEN
-so low, and the initial TDH and RDH so high, that these registers will
-immediately be truncated to zero, and then never reassume their initial
-values in the loop -- a full wraparound will never occur.
-
-The condition that expresses this is:
-
-  xdh_start >= s->mac_reg[XDLEN] / sizeof(desc)
-
-i.e., TDH or RDH start out after the last whole rx or tx descriptor that
-fits into the TDLEN or RDLEN sized area.
-
-This condition could be checked before we enter the loops, but
-pci_dma_read() / pci_dma_write() knows how to fill in buffers safely for
-bogus DMA addresses, so we just extend the existing failsafes with the
-above condition.
-
-This is CVE-2016-1981.
-
-Cc: "Michael S. Tsirkin" <mst@redhat.com>
-Cc: Petr Matousek <pmatouse@redhat.com>
-Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
-Cc: Prasad Pandit <ppandit@redhat.com>
-Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
-Cc: Jason Wang <jasowang@redhat.com>
-Cc: qemu-stable@nongnu.org
-RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1296044
-Signed-off-by: Laszlo Ersek <lersek@redhat.com>
-Reviewed-by: Jason Wang <jasowang@redhat.com>
-Signed-off-by: Jason Wang <jasowang@redhat.com>
-(cherry picked from commit dd793a74882477ca38d49e191110c17dfee51dcc)
----
- hw/net/e1000.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/hw/net/e1000.c b/hw/net/e1000.c
-index bec06e9..34d0823 100644
---- a/hw/net/e1000.c
-+++ b/hw/net/e1000.c
-@@ -908,7 +908,8 @@ start_xmit(E1000State *s)
-          * bogus values to TDT/TDLEN.
-          * there's nothing too intelligent we could do about this.
-          */
--        if (s->mac_reg[TDH] == tdh_start) {
-+        if (s->mac_reg[TDH] == tdh_start ||
-+            tdh_start >= s->mac_reg[TDLEN] / sizeof(desc)) {
-             DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
-                    tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
-             break;
-@@ -1165,7 +1166,8 @@ e1000_receive_iov(NetClientState *nc, const struct iovec *iov, int iovcnt)
-         if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
-             s->mac_reg[RDH] = 0;
-         /* see comment in start_xmit; same here */
--        if (s->mac_reg[RDH] == rdh_start) {
-+        if (s->mac_reg[RDH] == rdh_start ||
-+            rdh_start >= s->mac_reg[RDLEN] / sizeof(desc)) {
-             DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
-                    rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
-             set_ics(s, 0, E1000_ICS_RXO);
diff --git a/gnu/packages/patches/qemu-CVE-2016-2197.patch b/gnu/packages/patches/qemu-CVE-2016-2197.patch
deleted file mode 100644
index d851e1ec75..0000000000
--- a/gnu/packages/patches/qemu-CVE-2016-2197.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From: John Snow <jsnow@redhat.com>
-Date: Wed, 10 Feb 2016 13:29:40 -0500
-Subject: [PATCH] ahci: Do not unmap NULL addresses
-
-Definitely don't try to unmap a garbage address.
-
-Reported-by: Zuozhi fzz <zuozhi.fzz@alibaba-inc.com>
-Signed-off-by: John Snow <jsnow@redhat.com>
-Message-id: 1454103689-13042-2-git-send-email-jsnow@redhat.com
-(cherry picked from commit 99b4cb71069f109b79b27bc629fc0cf0886dbc4b)
----
- hw/ide/ahci.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
-index 17f1cbd..cdc9299 100644
---- a/hw/ide/ahci.c
-+++ b/hw/ide/ahci.c
-@@ -661,6 +661,10 @@ static bool ahci_map_fis_address(AHCIDevice *ad)
- 
- static void ahci_unmap_fis_address(AHCIDevice *ad)
- {
-+    if (ad->res_fis == NULL) {
-+        DPRINTF(ad->port_no, "Attempt to unmap NULL FIS address\n");
-+        return;
-+    }
-     dma_memory_unmap(ad->hba->as, ad->res_fis, 256,
-                      DMA_DIRECTION_FROM_DEVICE, 256);
-     ad->res_fis = NULL;
-@@ -677,6 +681,10 @@ static bool ahci_map_clb_address(AHCIDevice *ad)
- 
- static void ahci_unmap_clb_address(AHCIDevice *ad)
- {
-+    if (ad->lst == NULL) {
-+        DPRINTF(ad->port_no, "Attempt to unmap NULL CLB address\n");
-+        return;
-+    }
-     dma_memory_unmap(ad->hba->as, ad->lst, 1024,
-                      DMA_DIRECTION_FROM_DEVICE, 1024);
-     ad->lst = NULL;
diff --git a/gnu/packages/patches/qemu-usb-ehci-oob-read.patch b/gnu/packages/patches/qemu-usb-ehci-oob-read.patch
deleted file mode 100644
index d63c0832b8..0000000000
--- a/gnu/packages/patches/qemu-usb-ehci-oob-read.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From: Prasad J Pandit <pjp@fedoraproject.org>
-Date: Wed, 20 Jan 2016 01:26:46 +0530
-Subject: [PATCH] usb: check page select value while processing iTD
-
-While processing isochronous transfer descriptors(iTD), the page
-select(PG) field value could lead to an OOB read access. Add
-check to avoid it.
-
-Reported-by: Qinghao Tang <luodalongde@gmail.com>
-Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
-Message-id: 1453233406-12165-1-git-send-email-ppandit@redhat.com
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-(cherry picked from commit 49d925ce50383a286278143c05511d30ec41a36e)
----
- hw/usb/hcd-ehci.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
-index d07f228..c40013e 100644
---- a/hw/usb/hcd-ehci.c
-+++ b/hw/usb/hcd-ehci.c
-@@ -1404,21 +1404,23 @@ static int ehci_process_itd(EHCIState *ehci,
-         if (itd->transact[i] & ITD_XACT_ACTIVE) {
-             pg   = get_field(itd->transact[i], ITD_XACT_PGSEL);
-             off  = itd->transact[i] & ITD_XACT_OFFSET_MASK;
--            ptr1 = (itd->bufptr[pg] & ITD_BUFPTR_MASK);
--            ptr2 = (itd->bufptr[pg+1] & ITD_BUFPTR_MASK);
-             len  = get_field(itd->transact[i], ITD_XACT_LENGTH);
- 
-             if (len > max * mult) {
-                 len = max * mult;
-             }
--
--            if (len > BUFF_SIZE) {
-+            if (len > BUFF_SIZE || pg > 6) {
-                 return -1;
-             }
- 
-+            ptr1 = (itd->bufptr[pg] & ITD_BUFPTR_MASK);
-             qemu_sglist_init(&ehci->isgl, ehci->device, 2, ehci->as);
-             if (off + len > 4096) {
-                 /* transfer crosses page border */
-+                if (pg == 6) {
-+                    return -1;  /* avoid page pg + 1 */
-+                }
-+                ptr2 = (itd->bufptr[pg + 1] & ITD_BUFPTR_MASK);
-                 uint32_t len2 = off + len - 4096;
-                 uint32_t len1 = len - len2;
-                 qemu_sglist_add(&ehci->isgl, ptr1 + off, len1);
diff --git a/gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch b/gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch
deleted file mode 100644
index 497e49f1d9..0000000000
--- a/gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 4b3a4f2d458ca5a7c6c16ac36a8d9ac22cc253d6 Mon Sep 17 00:00:00 2001
-From: Greg Kurz <gkurz@linux.vnet.ibm.com>
-Date: Wed, 23 Dec 2015 10:56:58 +0100
-Subject: [PATCH] virtio-9p: use accessor to get thread_pool
-
-The aio_context_new() function does not allocate a thread pool. This is
-deferred to the first call to the aio_get_thread_pool() accessor. It is
-hence forbidden to access the thread_pool field directly, as it may be
-NULL. The accessor *must* be used always.
-
-Fixes: ebac1202c95a4f1b76b6ef3f0f63926fa76e753e
-Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
-Tested-by: Michael Tokarev <mjt@tls.msk.ru>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
----
- hw/9pfs/virtio-9p-coth.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hw/9pfs/virtio-9p-coth.c b/hw/9pfs/virtio-9p-coth.c
-index fb6e8f8..ab9425c 100644
---- a/hw/9pfs/virtio-9p-coth.c
-+++ b/hw/9pfs/virtio-9p-coth.c
-@@ -36,6 +36,6 @@ static int coroutine_enter_func(void *arg)
- void co_run_in_worker_bh(void *opaque)
- {
-     Coroutine *co = opaque;
--    thread_pool_submit_aio(qemu_get_aio_context()->thread_pool,
-+    thread_pool_submit_aio(aio_get_thread_pool(qemu_get_aio_context()),
-                            coroutine_enter_func, co, coroutine_enter_cb, co);
- }
--- 
-2.6.3
-
diff --git a/gnu/packages/patches/totem-debug-format-fix.patch b/gnu/packages/patches/totem-debug-format-fix.patch
new file mode 100644
index 0000000000..7ddd31ee10
--- /dev/null
+++ b/gnu/packages/patches/totem-debug-format-fix.patch
@@ -0,0 +1,11 @@
+--- totem-3.20.1/src/backend/bacon-video-widget.c.orig	2016-03-22 12:45:32.000000000 -0400
++++ totem-3.20.1/src/backend/bacon-video-widget.c	2016-05-11 02:49:55.299109551 -0400
+@@ -2334,7 +2334,7 @@
+     if (!gst_toc_entry_get_start_stop_times (entry, &start, &stop)) {
+       GST_DEBUG ("Chapter #%d (couldn't get times)", i);
+     } else {
+-      GST_DEBUG ("Chapter #%d (start: %li stop: %li)", i, start, stop);
++      GST_DEBUG ("Chapter #%d (start: %li stop: %li)", i, (long) start, (long) stop);
+     }
+   }
+ 
diff --git a/gnu/packages/patches/tvtime-gcc41.patch b/gnu/packages/patches/tvtime-gcc41.patch
deleted file mode 100644
index d6e42721b8..0000000000
--- a/gnu/packages/patches/tvtime-gcc41.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Source: https://projects.archlinux.org/svntogit/community.git/tree/trunk/tvtime-1.0.2-gcc41.patch?h=packages/tvtime
-
---- tvtime-1.0.1/plugins/greedyh.asm	2005-08-14 18:16:43.000000000 +0200
-+++ tvtime-1.0.1-gcc41/plugins/greedyh.asm	2005-11-28 17:53:09.210774544 +0100
-@@ -18,7 +18,7 @@
- 
- #include "x86-64_macros.inc"
- 
--void DScalerFilterGreedyH::FUNCT_NAME(TDeinterlaceInfo* pInfo)
-+void FUNCT_NAME(TDeinterlaceInfo* pInfo)
- {
-     int64_t i;
-     bool InfoIsOdd = (pInfo->PictureHistory[0]->Flags & PICTURE_INTERLACED_ODD) ? 1 : 0;
-diff -Naur tvtime-1.0.1/plugins/tomsmocomp/TomsMoCompAll2.inc tvtime-1.0.1-gcc41/plugins/tomsmocomp/TomsMoCompAll2.inc
---- tvtime-1.0.1/plugins/tomsmocomp/TomsMoCompAll2.inc	2004-10-20 17:31:05.000000000 +0200
-+++ tvtime-1.0.1-gcc41/plugins/tomsmocomp/TomsMoCompAll2.inc	2005-11-28 17:53:33.251119856 +0100
-@@ -5,9 +5,9 @@
- #endif
- 
- #ifdef USE_STRANGE_BOB
--#define SEARCH_EFFORT_FUNC(n) DScalerFilterTomsMoComp::SEFUNC(n##_SB)
-+#define SEARCH_EFFORT_FUNC(n) SEFUNC(n##_SB)
- #else
--#define SEARCH_EFFORT_FUNC(n) DScalerFilterTomsMoComp::SEFUNC(n)
-+#define SEARCH_EFFORT_FUNC(n) SEFUNC(n)
- #endif
- 
- int SEARCH_EFFORT_FUNC(0)		// we don't try at all ;-)
-diff -Naur tvtime-1.0.1/plugins/tomsmocomp.cpp tvtime-1.0.1-gcc41/plugins/tomsmocomp.cpp
---- tvtime-1.0.1/plugins/tomsmocomp.cpp	2004-10-20 19:38:04.000000000 +0200
-+++ tvtime-1.0.1-gcc41/plugins/tomsmocomp.cpp	2005-11-28 17:52:53.862107896 +0100
-@@ -31,7 +31,7 @@
- 
- #define IS_MMX
- #define SSE_TYPE MMX
--#define FUNCT_NAME DScalerFilterTomsMoComp::filterDScaler_MMX
-+#define FUNCT_NAME filterDScaler_MMX
- #include "tomsmocomp/TomsMoCompAll.inc"
- #undef  IS_MMX
- #undef  SSE_TYPE
-@@ -39,7 +39,7 @@
- 
- #define IS_3DNOW
- #define SSE_TYPE 3DNOW
--#define FUNCT_NAME DScalerFilterTomsMoComp::filterDScaler_3DNOW
-+#define FUNCT_NAME filterDScaler_3DNOW
- #include "tomsmocomp/TomsMoCompAll.inc"
- #undef  IS_3DNOW
- #undef  SSE_TYPE
-@@ -47,7 +47,7 @@
- 
- #define IS_SSE
- #define SSE_TYPE SSE
--#define FUNCT_NAME DScalerFilterTomsMoComp::filterDScaler_SSE
-+#define FUNCT_NAME filterDScaler_SSE
- #include "tomsmocomp/TomsMoCompAll.inc"
- #undef  IS_SSE
- #undef  SSE_TYPE
diff --git a/gnu/packages/patches/tvtime-pngoutput.patch b/gnu/packages/patches/tvtime-pngoutput.patch
deleted file mode 100644
index 0d14f77ca1..0000000000
--- a/gnu/packages/patches/tvtime-pngoutput.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Source: https://sources.debian.net/src/tvtime/1.0.2-14/debian/patches/libpng.diff
-
-From: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
-Date: Mon, 14 May 2012 19:01:31 +0900
-Prepares the package for libpng 1.5.  Closes: #650582.
-
---- tvtime-1.0.2.orig/src/pngoutput.c
-+++ tvtime-1.0.2/src/pngoutput.c
-@@ -18,5 +18,6 @@
- 
- #include <stdio.h>
- #include <stdlib.h>
-+#include <zlib.h>
- #include <png.h>
- #include "pngoutput.h" 
diff --git a/gnu/packages/patches/tvtime-videodev2.patch b/gnu/packages/patches/tvtime-videodev2.patch
deleted file mode 100644
index 74131f25d0..0000000000
--- a/gnu/packages/patches/tvtime-videodev2.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Fix compilation error: non-existing header file.
-
-This is an excerpt from the debian patch:
-http://http.debian.net/debian/pool/main/t/tvtime/tvtime_1.0.2-14.diff.gz
-
---- tvtime-1.0.2.orig/src/videodev2.h
-+++ tvtime-1.0.2/src/videodev2.h
-@@ -16,7 +16,6 @@
- #ifdef __KERNEL__
- #include <linux/time.h> /* need struct timeval */
- #endif
--#include <linux/compiler.h> /* need __user */
- 
- /* for kernel versions 2.4.26 and below: */
- #ifndef __user
diff --git a/gnu/packages/patches/tvtime-xmltv.patch b/gnu/packages/patches/tvtime-xmltv.patch
deleted file mode 100644
index 2f4afc6e5a..0000000000
--- a/gnu/packages/patches/tvtime-xmltv.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Fix compilation error: conflicting types for 'locale_t'.
-
-This is an excerpt from the debian patch ... 
-http://http.debian.net/debian/pool/main/t/tvtime/tvtime_1.0.2-14.diff.gz
-
---- tvtime-1.0.2.orig/src/xmltv.c
-+++ tvtime-1.0.2/src/xmltv.c
-@@ -118,9 +118,9 @@
- typedef struct {
-     const char *code;
-     const char *name;
--} locale_t;
-+} tvtime_locale_t;
- 
--static locale_t locale_table[] = {
-+static tvtime_locale_t locale_table[] = {
-     {"AA", "Afar"},           {"AB", "Abkhazian"},      {"AF", "Afrikaans"},
-     {"AM", "Amharic"},        {"AR", "Arabic"},         {"AS", "Assamese"},
-     {"AY", "Aymara"},         {"AZ", "Azerbaijani"},    {"BA", "Bashkir"},
-@@ -168,7 +168,7 @@
-     {"XH", "Xhosa"},          {"YO", "Yoruba"},         {"ZH", "Chinese"},
-     {"ZU", "Zulu"} };
- 
--const int num_locales = sizeof( locale_table ) / sizeof( locale_t );
-+const int num_locales = sizeof( locale_table ) / sizeof( tvtime_locale_t );
- 
- /**
-  * Timezone parsing code based loosely on the algorithm in
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch b/gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch
new file mode 100644
index 0000000000..acad6be0a4
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch
@@ -0,0 +1,82 @@
+From ecbb0b3dc122b0d290987cf9c84010bbe53e1022 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Fri, 4 Mar 2016 17:20:18 +0200
+Subject: [PATCH 1/5] WPS: Reject a Credential with invalid passphrase
+
+WPA/WPA2-Personal passphrase is not allowed to include control
+characters. Reject a Credential received from a WPS Registrar both as
+STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or
+WPA2PSK authentication type and includes an invalid passphrase.
+
+This fixes an issue where hostapd or wpa_supplicant could have updated
+the configuration file PSK/passphrase parameter with arbitrary data from
+an external device (Registrar) that may not be fully trusted. Should
+such data include a newline character, the resulting configuration file
+could become invalid and fail to be parsed.
+
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+---
+ src/utils/common.c         | 12 ++++++++++++
+ src/utils/common.h         |  1 +
+ src/wps/wps_attr_process.c | 10 ++++++++++
+ 3 files changed, 23 insertions(+)
+
+diff --git a/src/utils/common.c b/src/utils/common.c
+index 450e2c6..27b7c02 100644
+--- a/src/utils/common.c
++++ b/src/utils/common.c
+@@ -697,6 +697,18 @@ int is_hex(const u8 *data, size_t len)
+ }
+ 
+ 
++int has_ctrl_char(const u8 *data, size_t len)
++{
++	size_t i;
++
++	for (i = 0; i < len; i++) {
++		if (data[i] < 32 || data[i] == 127)
++			return 1;
++	}
++	return 0;
++}
++
++
+ size_t merge_byte_arrays(u8 *res, size_t res_len,
+ 			 const u8 *src1, size_t src1_len,
+ 			 const u8 *src2, size_t src2_len)
+diff --git a/src/utils/common.h b/src/utils/common.h
+index 701dbb2..a972240 100644
+--- a/src/utils/common.h
++++ b/src/utils/common.h
+@@ -488,6 +488,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len);
+ 
+ char * wpa_config_parse_string(const char *value, size_t *len);
+ int is_hex(const u8 *data, size_t len);
++int has_ctrl_char(const u8 *data, size_t len);
+ size_t merge_byte_arrays(u8 *res, size_t res_len,
+ 			 const u8 *src1, size_t src1_len,
+ 			 const u8 *src2, size_t src2_len);
+diff --git a/src/wps/wps_attr_process.c b/src/wps/wps_attr_process.c
+index eadb22f..e8c4579 100644
+--- a/src/wps/wps_attr_process.c
++++ b/src/wps/wps_attr_process.c
+@@ -229,6 +229,16 @@ static int wps_workaround_cred_key(struct wps_credential *cred)
+ 		cred->key_len--;
+ #endif /* CONFIG_WPS_STRICT */
+ 	}
++
++
++	if (cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK) &&
++	    (cred->key_len < 8 || has_ctrl_char(cred->key, cred->key_len))) {
++		wpa_printf(MSG_INFO, "WPS: Reject credential with invalid WPA/WPA2-Personal passphrase");
++		wpa_hexdump_ascii_key(MSG_INFO, "WPS: Network Key",
++				      cred->key, cred->key_len);
++		return -1;
++	}
++
+ 	return 0;
+ }
+ 
+-- 
+1.9.1
+
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch
new file mode 100644
index 0000000000..507a96e47c
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch
@@ -0,0 +1,51 @@
+From 73e4abb24a936014727924d8b0b2965edfc117dd Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Fri, 4 Mar 2016 18:46:41 +0200
+Subject: [PATCH 2/5] Reject psk parameter set with invalid passphrase
+ character
+
+WPA/WPA2-Personal passphrase is not allowed to include control
+characters. Reject a passphrase configuration attempt if that passphrase
+includes an invalid passphrase.
+
+This fixes an issue where wpa_supplicant could have updated the
+configuration file psk parameter with arbitrary data from the control
+interface or D-Bus interface. While those interfaces are supposed to be
+accessible only for trusted users/applications, it may be possible that
+an untrusted user has access to a management software component that
+does not validate the passphrase value before passing it to
+wpa_supplicant.
+
+This could allow such an untrusted user to inject up to 63 characters of
+almost arbitrary data into the configuration file. Such configuration
+file could result in wpa_supplicant trying to load a library (e.g.,
+opensc_engine_path, pkcs11_engine_path, pkcs11_module_path,
+load_dynamic_eap) from user controlled location when starting again.
+This would allow code from that library to be executed under the
+wpa_supplicant process privileges.
+
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+---
+ wpa_supplicant/config.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
+index b1c7870..fdd9643 100644
+--- a/wpa_supplicant/config.c
++++ b/wpa_supplicant/config.c
+@@ -478,6 +478,12 @@ static int wpa_config_parse_psk(const struct parse_data *data,
+ 		}
+ 		wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)",
+ 				      (u8 *) value, len);
++		if (has_ctrl_char((u8 *) value, len)) {
++			wpa_printf(MSG_ERROR,
++				   "Line %d: Invalid passphrase character",
++				   line);
++			return -1;
++		}
+ 		if (ssid->passphrase && os_strlen(ssid->passphrase) == len &&
+ 		    os_memcmp(ssid->passphrase, value, len) == 0) {
+ 			/* No change to the previously configured value */
+-- 
+1.9.1
+
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch
new file mode 100644
index 0000000000..684d25de96
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch
@@ -0,0 +1,82 @@
+From 0fe5a234240a108b294a87174ad197f6b5cb38e9 Mon Sep 17 00:00:00 2001
+From: Paul Stewart <pstew@google.com>
+Date: Thu, 3 Mar 2016 15:40:19 -0800
+Subject: [PATCH 3/5] Remove newlines from wpa_supplicant config network
+ output
+
+Spurious newlines output while writing the config file can corrupt the
+wpa_supplicant configuration. Avoid writing these for the network block
+parameters. This is a generic filter that cover cases that may not have
+been explicitly addressed with a more specific commit to avoid control
+characters in the psk parameter.
+
+Signed-off-by: Paul Stewart <pstew@google.com>
+---
+ src/utils/common.c      | 11 +++++++++++
+ src/utils/common.h      |  1 +
+ wpa_supplicant/config.c | 15 +++++++++++++--
+ 3 files changed, 25 insertions(+), 2 deletions(-)
+
+diff --git a/src/utils/common.c b/src/utils/common.c
+index 27b7c02..9856463 100644
+--- a/src/utils/common.c
++++ b/src/utils/common.c
+@@ -709,6 +709,17 @@ int has_ctrl_char(const u8 *data, size_t len)
+ }
+ 
+ 
++int has_newline(const char *str)
++{
++	while (*str) {
++		if (*str == '\n' || *str == '\r')
++			return 1;
++		str++;
++	}
++	return 0;
++}
++
++
+ size_t merge_byte_arrays(u8 *res, size_t res_len,
+ 			 const u8 *src1, size_t src1_len,
+ 			 const u8 *src2, size_t src2_len)
+diff --git a/src/utils/common.h b/src/utils/common.h
+index a972240..d19927b 100644
+--- a/src/utils/common.h
++++ b/src/utils/common.h
+@@ -489,6 +489,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len);
+ char * wpa_config_parse_string(const char *value, size_t *len);
+ int is_hex(const u8 *data, size_t len);
+ int has_ctrl_char(const u8 *data, size_t len);
++int has_newline(const char *str);
+ size_t merge_byte_arrays(u8 *res, size_t res_len,
+ 			 const u8 *src1, size_t src1_len,
+ 			 const u8 *src2, size_t src2_len);
+diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
+index fdd9643..eb97cd5 100644
+--- a/wpa_supplicant/config.c
++++ b/wpa_supplicant/config.c
+@@ -2699,8 +2699,19 @@ char * wpa_config_get(struct wpa_ssid *ssid, const char *var)
+ 
+ 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
+ 		const struct parse_data *field = &ssid_fields[i];
+-		if (os_strcmp(var, field->name) == 0)
+-			return field->writer(field, ssid);
++		if (os_strcmp(var, field->name) == 0) {
++			char *ret = field->writer(field, ssid);
++
++			if (ret && has_newline(ret)) {
++				wpa_printf(MSG_ERROR,
++					   "Found newline in value for %s; not returning it",
++					   var);
++				os_free(ret);
++				ret = NULL;
++			}
++
++			return ret;
++		}
+ 	}
+ 
+ 	return NULL;
+-- 
+1.9.1
+
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch
new file mode 100644
index 0000000000..2dd38fee31
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch
@@ -0,0 +1,62 @@
+From b166cd84a77a6717be9600bf95378a0055d6f5a5 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Tue, 5 Apr 2016 23:33:10 +0300
+Subject: [PATCH 4/5] Reject SET_CRED commands with newline characters in the
+ string values
+
+Most of the cred block parameters are written as strings without
+filtering and if there is an embedded newline character in the value,
+unexpected configuration file data might be written.
+
+This fixes an issue where wpa_supplicant could have updated the
+configuration file cred parameter with arbitrary data from the control
+interface or D-Bus interface. While those interfaces are supposed to be
+accessible only for trusted users/applications, it may be possible that
+an untrusted user has access to a management software component that
+does not validate the credential value before passing it to
+wpa_supplicant.
+
+This could allow such an untrusted user to inject almost arbitrary data
+into the configuration file. Such configuration file could result in
+wpa_supplicant trying to load a library (e.g., opensc_engine_path,
+pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user
+controlled location when starting again. This would allow code from that
+library to be executed under the wpa_supplicant process privileges.
+
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+---
+ wpa_supplicant/config.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
+index eb97cd5..69152ef 100644
+--- a/wpa_supplicant/config.c
++++ b/wpa_supplicant/config.c
+@@ -2896,6 +2896,8 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
+ 
+ 	if (os_strcmp(var, "password") == 0 &&
+ 	    os_strncmp(value, "ext:", 4) == 0) {
++		if (has_newline(value))
++			return -1;
+ 		str_clear_free(cred->password);
+ 		cred->password = os_strdup(value);
+ 		cred->ext_password = 1;
+@@ -2946,9 +2948,14 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
+ 	}
+ 
+ 	val = wpa_config_parse_string(value, &len);
+-	if (val == NULL) {
++	if (val == NULL ||
++	    (os_strcmp(var, "excluded_ssid") != 0 &&
++	     os_strcmp(var, "roaming_consortium") != 0 &&
++	     os_strcmp(var, "required_roaming_consortium") != 0 &&
++	     has_newline(val))) {
+ 		wpa_printf(MSG_ERROR, "Line %d: invalid field '%s' string "
+ 			   "value '%s'.", line, var, value);
++		os_free(val);
+ 		return -1;
+ 	}
+ 
+-- 
+1.9.1
+
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch
new file mode 100644
index 0000000000..5f42aa9219
--- /dev/null
+++ b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch
@@ -0,0 +1,50 @@
+From 2a3f56502b52375c3bf113cf92adfa99bad6b488 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Tue, 5 Apr 2016 23:55:48 +0300
+Subject: [PATCH 5/5] Reject SET commands with newline characters in the
+ string values
+
+Many of the global configuration parameters are written as strings
+without filtering and if there is an embedded newline character in the
+value, unexpected configuration file data might be written.
+
+This fixes an issue where wpa_supplicant could have updated the
+configuration file global parameter with arbitrary data from the control
+interface or D-Bus interface. While those interfaces are supposed to be
+accessible only for trusted users/applications, it may be possible that
+an untrusted user has access to a management software component that
+does not validate the value of a parameter before passing it to
+wpa_supplicant.
+
+This could allow such an untrusted user to inject almost arbitrary data
+into the configuration file. Such configuration file could result in
+wpa_supplicant trying to load a library (e.g., opensc_engine_path,
+pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user
+controlled location when starting again. This would allow code from that
+library to be executed under the wpa_supplicant process privileges.
+
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+---
+ wpa_supplicant/config.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
+index 69152ef..d9a1603 100644
+--- a/wpa_supplicant/config.c
++++ b/wpa_supplicant/config.c
+@@ -3764,6 +3764,12 @@ static int wpa_global_config_parse_str(const struct global_parse_data *data,
+ 		return -1;
+ 	}
+ 
++	if (has_newline(pos)) {
++		wpa_printf(MSG_ERROR, "Line %d: invalid %s value with newline",
++			   line, data->name);
++		return -1;
++	}
++
+ 	tmp = os_strdup(pos);
+ 	if (tmp == NULL)
+ 		return -1;
+-- 
+1.9.1
+
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index 08f7598ce7..4edf965afd 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -52,20 +52,16 @@
 (define-public poppler
   (package
    (name "poppler")
-   (version "0.37.0")
-   (replacement poppler/fixed)
+   (version "0.43.0")
    (source (origin
             (method url-fetch)
             (uri (string-append "https://poppler.freedesktop.org/poppler-"
                                 version ".tar.xz"))
-            (sha256 (base32
-                     "1vjvd0md8y37hlq3lsj0l01a3v3mzm572rzpn1311frvmrg9r7xq"))))
+            (sha256
+             (base32
+              "0mi4zf0pz3x3fx3ir7szz1n57nywgbpd4mp2r7mvf47f4rmf4867"))))
    (build-system gnu-build-system)
-   ;; FIXME: more dependencies could  be added
-   ;;  cairo output:       no (requires cairo >= 1.10.0)
-   ;;  qt4 wrapper:        no
-   ;;    introspection:    no
-   ;;  use gtk-doc:        no
+   ;; FIXME:
    ;;  use libcurl:        no
    (inputs `(("fontconfig" ,fontconfig)
              ("freetype" ,freetype)
@@ -84,7 +80,8 @@
              ("glib" ,glib)))
    (native-inputs
       `(("pkg-config" ,pkg-config)
-        ("glib" ,glib "bin")))                    ; glib-mkenums, etc.
+        ("glib" ,glib "bin")                      ; glib-mkenums, etc.
+        ("gobject-introspection" ,gobject-introspection)))
    (arguments
     `(#:tests? #f ; no test data provided with the tarball
       #:configure-flags
@@ -108,13 +105,6 @@
    (license license:gpl2+)
    (home-page "http://poppler.freedesktop.org/")))
 
-(define poppler/fixed
-  (package
-    (inherit poppler)
-    (source (origin
-              (inherit (package-source poppler))
-              (patches (search-patches "poppler-CVE-2015-8868.patch"))))))
-
 (define-public poppler-qt4
   (package (inherit poppler)
    (name "poppler-qt4")
diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm
index c0ee504b24..9e3fbf462c 100644
--- a/gnu/packages/qemu.scm
+++ b/gnu/packages/qemu.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015, 2016 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -54,30 +55,20 @@
 (define-public qemu
   (package
     (name "qemu")
-    (version "2.5.0")
+    (version "2.5.1.1")
     (source (origin
              (method url-fetch)
              (uri (string-append "http://wiki.qemu-project.org/download/qemu-"
                                  version ".tar.bz2"))
              (sha256
               (base32
-               "1m3j6xl7msrniidkvr5pw9d44yba5m7hm42xz8xy77v105s8hhrl"))
-             (patches (search-patches
-                       "qemu-virtio-9p-use-accessor-to-get-thread-pool.patch"
-                       "qemu-CVE-2015-8558.patch"
-                       "qemu-CVE-2015-8567.patch"
-                       "qemu-CVE-2016-1922.patch"
-                       "qemu-CVE-2015-8613.patch"
-                       "qemu-CVE-2015-8701.patch"
-                       "qemu-CVE-2015-8743.patch"
-                       "qemu-CVE-2016-1568.patch"
-                       "qemu-CVE-2015-8619.patch"
-                       "qemu-CVE-2016-1981.patch"
-                       "qemu-usb-ehci-oob-read.patch"
-                       "qemu-CVE-2016-2197.patch"))))
+               "1rpgr1v6gnsdb4bcxwn1krsz4d4h9xgvlg6ark648nkn8dp99n98"))))
     (build-system gnu-build-system)
     (arguments
-     '(#:phases (alist-replace
+     '(;; FIXME: On x86_64, the test 'check-qtest-x86_64' sometimes fails when
+       ;; parallel builds are enabled.
+       #:parallel-tests? #f
+       #:phases (alist-replace
                  'configure
                  (lambda* (#:key inputs outputs (configure-flags '())
                            #:allow-other-keys)
diff --git a/gnu/packages/qt.scm b/gnu/packages/qt.scm
index 7b2be4f4e9..097ec06d2a 100644
--- a/gnu/packages/qt.scm
+++ b/gnu/packages/qt.scm
@@ -56,44 +56,6 @@
   #:use-module (gnu packages xorg)
   #:use-module (gnu packages xml))
 
-(define-public libxkbcommon
-  (package
-    (name "libxkbcommon")
-    (version "0.5.0")
-    (source (origin
-             (method url-fetch)
-             (uri (string-append "http://xkbcommon.org/download/" name "-"
-                                 version ".tar.xz"))
-             (sha256
-              (base32
-               "176ii5dn2wh74q48sd8ac37ljlvgvp5f506glr96z6ibfhj7igch"))))
-    (build-system gnu-build-system)
-    (inputs
-     `(("libx11" ,libx11)
-       ("libxcb" ,libxcb)
-       ("xkeyboard-config" ,xkeyboard-config)))
-    (native-inputs
-     `(("bison" ,bison)
-       ("pkg-config" ,pkg-config)))
-    (arguments
-     `(#:configure-flags
-       (list (string-append "--with-xkb-config-root="
-                            (assoc-ref %build-inputs "xkeyboard-config")
-                            "/share/X11/xkb")
-             (string-append "--with-x-locale-root="
-                            (assoc-ref %build-inputs "libx11")
-                            "/share/X11/locale"))))
-    (home-page "http://xkbcommon.org/")
-    (synopsis "Library to handle keyboard descriptions")
-    (description "Xkbcommon is a library to handle keyboard descriptions,
-including loading them from disk, parsing them and handling their
-state.  It is mainly meant for client toolkits, window systems, and other
-system applications; currently that includes Wayland, kmscon, GTK+, Qt,
-Clutter, and more.  Despite the name, it is not currently used by anything
-X11 (yet).")
-    (license (x11-style "file://COPYING"
-                        "See 'COPYING' in the distribution."))))
-
 (define-public qt
   (package
     (name "qt")
diff --git a/gnu/packages/rdf.scm b/gnu/packages/rdf.scm
index 958716a447..4d5fd4d0ac 100644
--- a/gnu/packages/rdf.scm
+++ b/gnu/packages/rdf.scm
@@ -33,7 +33,7 @@
   #:use-module (gnu packages compression)
   #:use-module (gnu packages curl)
   #:use-module (gnu packages cyrus-sasl)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages gnupg)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages multiprecision)
diff --git a/gnu/packages/serialization.scm b/gnu/packages/serialization.scm
index b03e27cb95..8dfd21d6a5 100644
--- a/gnu/packages/serialization.scm
+++ b/gnu/packages/serialization.scm
@@ -22,7 +22,7 @@
   #:use-module (guix download)
   #:use-module (guix build-system cmake)
   #:use-module (gnu packages)
-  #:use-module (gnu packages doxygen))
+  #:use-module (gnu packages documentation))
 
 (define-public cereal
   (package
diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm
index 3d0faf7572..7b3483206f 100644
--- a/gnu/packages/statistics.scm
+++ b/gnu/packages/statistics.scm
@@ -4,6 +4,7 @@
 ;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2016 Pjotr Prins <pjotr.guix@thebird.nl>
+;;; Copyright © 2016 Roel Janssen <roel@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -98,7 +99,7 @@ be output in text, PostScript, PDF or HTML.")
 (define-public r
   (package
     (name "r")
-    (version "3.2.5")
+    (version "3.3.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://cran/src/base/R-"
@@ -106,7 +107,7 @@ be output in text, PostScript, PDF or HTML.")
                                   version ".tar.gz"))
               (sha256
                (base32
-                "1dc0iybjk9kr1nghz3fpir6mb9hb9rnrz9bgh00w5pg5vir5cx30"))))
+                "1r0i0cqs3p0vrpiwq0zg5kbrmja9rmaijyzf9f23v6d5n5ab2mlj"))))
     (build-system gnu-build-system)
     (arguments
      `(#:make-flags
@@ -120,10 +121,14 @@ be output in text, PostScript, PDF or HTML.")
           ;; Set default pager to "cat", because otherwise it is "false",
           ;; making "help()" print nothing at all.
           (lambda _ (setenv "PAGER" "cat") #t))
-         (add-before
-          'check 'set-timezone
+         (add-before 'check 'set-timezone
           ;; Some tests require the timezone to be set.
-          (lambda _ (setenv "TZ" "UTC") #t))
+          (lambda* (#:key inputs #:allow-other-keys)
+            (setenv "TZ" "UTC")
+            (setenv "TZDIR"
+                    (string-append (assoc-ref inputs "tzdata")
+                                   "/share/zoneinfo"))
+            #t))
          (add-after 'build 'make-info
           (lambda _ (zero? (system* "make" "info"))))
          (add-after 'build 'install-info
@@ -160,6 +165,8 @@ be output in text, PostScript, PDF or HTML.")
        ("xz" ,xz)))
     (inputs
      `(("cairo" ,cairo)
+       ("curl" ,curl)
+       ("tzdata" ,tzdata)
        ("gfortran" ,gfortran)
        ("icu4c" ,icu4c)
        ("libjpeg" ,libjpeg)
@@ -252,6 +259,24 @@ purposes for which more comprehensive (and widely tested) libraries such as
 OpenSSL should be used.")
     (license license:gpl2+)))
 
+(define-public r-estimability
+  (package
+    (name "r-estimability")
+    (version "1.1-1")
+    (source (origin
+              (method url-fetch)
+              (uri (cran-uri "estimability" version))
+              (sha256
+               (base32
+                "049adh8i0ad0m0qln2ylqdxcs5v2q9zfignn2a50r5f93ip2ay6w"))))
+    (build-system r-build-system)
+    (home-page "http://cran.r-project.org/web/packages/estimability")
+    (synopsis "Tools for assessing estimability of linear predictions")
+    (description "Provides tools for determining estimability of linear
+functions of regression coefficients, and 'epredict' methods that handle
+non-estimable cases correctly.")
+    (license license:gpl2+)))
+
 (define-public r-gtable
   (package
     (name "r-gtable")
@@ -1239,6 +1264,27 @@ inference for statistical models.")
        `(("python2-setuptools" ,python2-setuptools)
          ,@(package-native-inputs stats))))))
 
+(define-public r-coda
+  (package
+    (name "r-coda")
+    (version "0.18-1")
+    (source (origin
+              (method url-fetch)
+              (uri (cran-uri "coda" version))
+              (sha256
+               (base32
+                "03sc780734zj2kqcm8lkyvf76fql0jbfhkblpn8l58zmb6cqi958"))))
+    (build-system r-build-system)
+    (propagated-inputs
+     `(("r-lattice" ,r-lattice)))
+    (home-page "http://cran.r-project.org/web/packages/coda")
+    (synopsis "This is a package for Output Analysis and Diagnostics for MCMC")
+    (description "This package provides functions for summarizing and plotting
+the output from Markov Chain Monte Carlo (MCMC) simulations, as well as
+diagnostic tests of convergence to the equilibrium distribution of the Markov
+chain.")
+    (license license:gpl2+)))
+
 (define-public r-xml2
   (package
     (name "r-xml2")
@@ -2393,6 +2439,25 @@ things.  RSP is ideal for self-contained scientific reports and R package
 vignettes.")
     (license license:lgpl2.1+)))
 
+(define-public r-mvtnorm
+  (package
+    (name "r-mvtnorm")
+    (version "1.0-5")
+    (source (origin
+              (method url-fetch)
+              (uri (cran-uri "mvtnorm" version))
+              (sha256
+               (base32
+                "1pc1mi2h063gh4a40009xk5j6pf5bm4274i5kycln38dixsry3yh"))))
+    (build-system r-build-system)
+    (inputs
+     `(("gfortran" ,gfortran)))
+    (home-page "http://mvtnorm.R-forge.R-project.org")
+    (synopsis "Package for multivariate normal and t-distributions")
+    (description "This package can compute multivariate normal and
+t-probabilities, quantiles, random deviates and densities.")
+    (license license:gpl2)))
+
 (define-public r-matrixstats
   (package
     (name "r-matrixstats")
diff --git a/gnu/packages/suckless.scm b/gnu/packages/suckless.scm
index c921f8e767..f582aea42f 100644
--- a/gnu/packages/suckless.scm
+++ b/gnu/packages/suckless.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
 ;;; Copyright © 2015 Amirouche Boubekki <amirouche@hypermove.net>
+;;; Copyright © 2016 Al McElrath <hello@yrns.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -22,10 +23,13 @@
   #:use-module (guix packages)
   #:use-module (guix download)
   #:use-module (guix build-system gnu)
+  #:use-module (guix build-system glib-or-gtk)
   #:use-module (gnu packages)
+  #:use-module (gnu packages gnome)
   #:use-module (gnu packages xorg)
   #:use-module (gnu packages fonts)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages webkit)
   #:use-module (gnu packages fontutils))
 
 (define-public dwm
@@ -189,3 +193,38 @@ implements 256 colors, most VT10X escape sequences, utf8, X11 copy/paste,
 antialiased fonts (using fontconfig), fallback fonts, resizing, and line
 drawing.")
     (license license:x11)))
+
+(define-public surf
+  (package
+    (name "surf")
+    (version "0.7")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "http://dl.suckless.org/surf/surf-"
+                           version ".tar.gz"))
+       (sha256
+        (base32
+         "0jj93izd8fizxfa6ln9w1h9bwki81sz5dhskh5x1rl34zd38aq4m"))))
+    (build-system glib-or-gtk-build-system)
+    (arguments
+     '(#:tests? #f ; no tests
+       #:make-flags (list "CC=gcc"
+                          (string-append "PREFIX=" %output))
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure))))
+    (inputs
+     `(("glib-networking" ,glib-networking)
+       ("gsettings-desktop-schemas" ,gsettings-desktop-schemas)
+       ("webkitgtk" ,webkitgtk/gtk+-2)))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)))
+    (home-page "http://surf.suckless.org/")
+    (synopsis "Simple web browser")
+    (description
+     "Surf is a simple web browser based on WebKit/GTK+.  It is able to
+display websites and follow links.  It supports the XEmbed protocol which
+makes it possible to embed it in another application.  Furthermore, one can
+point surf to another URI by setting its XProperties.")
+    (license license:x11)))
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index f1e7a21c1c..e61428510a 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -198,6 +198,7 @@ required structures.")
   (package
    (name "openssl")
    (version "1.0.2g")
+   (replacement openssl/fixed)
    (source (origin
              (method url-fetch)
              (uri (list (string-append "ftp://ftp.openssl.org/source/"
@@ -333,18 +334,38 @@ required structures.")
    (license license:openssl)
    (home-page "http://www.openssl.org/")))
 
+(define openssl/fixed
+  (package
+    (inherit openssl)
+    (source
+     (let ((name "openssl")
+           (version "1.0.2h"))
+       (origin
+         (method url-fetch)
+         (uri (list (string-append "ftp://ftp.openssl.org/source/"
+                                   name "-" version ".tar.gz")
+                    (string-append "ftp://ftp.openssl.org/source/old/"
+                                   (string-trim-right version char-set:letter)
+                                   "/" name "-" version ".tar.gz")))
+         (sha256
+          (base32
+           "06996ds1rk8xhnyb5y273a7xkcxhggp4bq1g02rab55d7bjhfh0x"))
+         (patches (search-patches "openssl-runpath.patch"
+                                  "openssl-c-rehash-in.patch")))))))
+
 (define-public libressl
   (package
     (name "libressl")
-    (version "2.3.3")
+    (version "2.3.4")
     (source
      (origin
       (method url-fetch)
       (uri (string-append
              "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-"
              version ".tar.gz"))
-      (sha256 (base32
-               "1a8anm8nsfyxds03csk738m2cmzjbsb867my1rz5ij3w31k32wvn"))))
+      (sha256
+       (base32
+        "1ag65pbvdikqj5y1w780jicl3ngi9ld2332ki6794y0gcar3a4bs"))))
     (build-system gnu-build-system)
     (native-search-paths
       ;; FIXME: These two variables must designate a single file or directory
diff --git a/gnu/packages/tv.scm b/gnu/packages/tv.scm
index f58c03623e..2db71b8491 100644
--- a/gnu/packages/tv.scm
+++ b/gnu/packages/tv.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015 Alex Kost <alezost@gmail.com>
+;;; Copyright © 2015, 2016 Alex Kost <alezost@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -22,30 +22,29 @@
   #:use-module (guix build-system gnu)
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (gnu packages)
-  #:use-module (gnu packages xorg)
-  #:use-module (gnu packages image)
   #:use-module (gnu packages compression)
+  #:use-module (gnu packages fontutils)
+  #:use-module (gnu packages image)
+  #:use-module (gnu packages linux)
   #:use-module (gnu packages xml)
-  #:use-module (gnu packages fontutils))
+  #:use-module (gnu packages xorg))
 
 (define-public tvtime
   (package
     (name "tvtime")
-    (version "1.0.2")
+    (version "1.0.10")
     (source (origin
               (method url-fetch)
-              (uri (string-append "mirror://sourceforge/tvtime/tvtime-"
-                                  version ".tar.gz"))
+              (uri (string-append
+                    "http://linuxtv.org/downloads/tvtime/tvtime-"
+                    version ".tar.gz"))
               (sha256
                (base32
-                "08q5gzbyz0lxb730rz6d6amkzimlc7nanv6n50j2bpw4n2xa9wmf"))
-              (patches (search-patches "tvtime-videodev2.patch"
-                                       "tvtime-pngoutput.patch"
-                                       "tvtime-xmltv.patch"
-                                       "tvtime-gcc41.patch"))))
+                "1mk6dni82n8jv5wsrrpqzcwrg9ccx9vijb5sbm7gqm2y0h40q5y9"))))
     (build-system gnu-build-system)
     (inputs
-     `(("libx11" ,libx11)
+     `(("alsa-lib" ,alsa-lib)
+       ("libx11" ,libx11)
        ("libxext" ,libxext)
        ("libxt" ,libxt)
        ("libxtst" ,libxtst)
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 94339012f5..796fd7ad67 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -3,7 +3,7 @@
 ;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
 ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
+;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl@gnu.org>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2014, 2016 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
@@ -27,7 +27,7 @@
 
 (define-module (gnu packages version-control)
   #:use-module ((guix licenses)
-                #:select (asl2.0 bsd-2
+                #:select (asl2.0 bsd-2 bsd-3
                           gpl1+ gpl2 gpl2+ gpl3+ lgpl2.1
                           public-domain x11-style))
   #:use-module (guix utils)
@@ -40,7 +40,7 @@
   #:use-module (guix build-system trivial)
   #:use-module (gnu packages apr)
   #:use-module (gnu packages autotools)
-  #:use-module (gnu packages asciidoc)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages base)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages cook)
@@ -605,14 +605,14 @@ control to Git repositories.")
 (define-public mercurial
   (package
     (name "mercurial")
-    (version "3.7.3")
+    (version "3.8.1")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://www.mercurial-scm.org/"
                                  "release/mercurial-" version ".tar.gz"))
              (sha256
               (base32
-               "0c2vkad9piqkggyk8y310rf619qgdfcwswnk3nv21mg2fhnw96f0"))))
+               "156m6269xdqq7mpw01c6b065k29xnb8b9lyzn1b0nlz5il2izkps"))))
     (build-system python-build-system)
     (arguments
      `(;; Restrict to Python 2, as Python 3 would require
@@ -1012,6 +1012,58 @@ as possible.  Resolution of contention for source files, a major headache for
 any project with more than one developer, is one of Aegis's major functions.")
     (license gpl3+)))
 
+(define-public reposurgeon
+  (package
+    (name "reposurgeon")
+    (version "3.37")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://www.catb.org/~esr/" name "/"
+                                  name "-" version ".tar.xz"))
+              (sha256
+               (base32
+                "14asjg4xy3mhh5z0r3k7c1wv9y803j2zfq32g5q5m95sf7yzygan"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:tests? #f                      ;no test suite distributed
+       #:make-flags
+       (list (string-append "target=" (assoc-ref %outputs "out")))
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure)
+         (add-before 'build 'fix-docbook
+           (lambda* (#:key inputs #:allow-other-keys)
+             (substitute* (find-files "." "\\.xml$")
+               (("docbook/docbookx.dtd")
+                (string-append (assoc-ref inputs "docbook-xml")
+                               "/xml/dtd/docbook/docbookx.dtd")))
+             #t))
+         (add-after 'install 'install-emacs-data
+           (lambda* (#:key outputs #:allow-other-keys)
+             (install-file "reposurgeon-mode.el"
+                           (string-append (assoc-ref outputs "out")
+                                          "/share/emacs/site-lisp")))))))
+    (inputs
+     `(("python" ,python-wrapper)))
+    (native-inputs
+     `(("asciidoc" ,asciidoc)
+       ("docbook-xml" ,docbook-xml-4.1.2)
+       ("docbook-xsl" ,docbook-xsl)
+       ("libxml2" ,libxml2)
+       ("xmlto" ,xmlto)))
+    (home-page "http://www.catb.org/~esr/reposurgeon/")
+    (synopsis "Edit version-control repository history")
+    (description "Reposurgeon enables risky operations that version-control
+systems don't want to let you do, such as editing past comments and metadata
+and removing commits.  It works with any version control system that can
+export and import Git fast-import streams, including Git, Mercurial, Fossil,
+Bazaar, CVS, RCS, and Src.  It can also read Subversion dump files directly
+and can thus be used to script production of very high-quality conversions
+from Subversion to any supported Distributed Version Control System (DVCS).")
+    ;; Most files are distributed under bsd-2, except 'repocutter' which is
+    ;; under bsd-3.
+    (license (list bsd-2 bsd-3))))
+
 (define-public tig
   (package
     (name "tig")
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 6060702022..6578a4031f 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -373,14 +373,14 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
 (define-public ffmpeg
   (package
     (name "ffmpeg")
-    (version "3.0")
+    (version "3.0.2")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
                                  version ".tar.xz"))
              (sha256
               (base32
-               "0w74b165l4ry4y72f4xmgd357pvbc7yr61y313v3ai6787p2rwqj"))))
+               "08sjp4dxgcinmv9ly7nm24swmn2cnbbhvph44ihlplf4n33kr542"))))
     (build-system gnu-build-system)
     (inputs
      `(("fontconfig" ,fontconfig)
@@ -529,7 +529,7 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
               (format #t "setting LD_LIBRARY_PATH to ~s~%" path)
               (setenv "LD_LIBRARY_PATH" path)
               #t))))))
-    (home-page "http://www.ffmpeg.org/")
+    (home-page "https://www.ffmpeg.org/")
     (synopsis "Audio and video framework")
     (description "FFmpeg is a complete, cross-platform solution to record,
 convert and stream audio and video.  It includes the libavcodec
@@ -860,7 +860,7 @@ projects while introducing many more.")
 (define-public youtube-dl
   (package
     (name "youtube-dl")
-    (version "2016.04.06")
+    (version "2016.05.01")
     (source (origin
               (method url-fetch)
               (uri (string-append "http://youtube-dl.org/downloads/"
@@ -868,7 +868,7 @@ projects while introducing many more.")
                                   version ".tar.gz"))
               (sha256
                (base32
-                "1kdrjwrn0x1wmvansvd2222gfqnld4zdihf2jwnz36112r1p8nhi"))))
+                "1w04afmwq5pjvp3nl2k59q0cigqrj9n8fwkydcfldwpq83l15j5d"))))
     (build-system python-build-system)
     (home-page "http://youtube-dl.org")
     (arguments
@@ -1266,14 +1266,15 @@ from various services and pipes them into a video playing application.")
 (define-public mlt
   (package
     (name "mlt")
-    (version "0.9.8")
+    (version "6.2.0")
     (source (origin
               (method url-fetch)
-              (uri (string-append "mirror://sourceforge/mlt/mlt/mlt-"
-                                  version ".tar.gz"))
+              (uri (string-append "https://github.com/mltframework/mlt/"
+                                  "archive/v" version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
               (sha256
                (base32
-                "0rmrkj7z9g3nr4099f3ff0r14l3ixcfnlx2cdbkqa6pxin0pv9bz"))))
+                "1zwzfgxrcbwkxnkiwv0a1rzxdnnaly90yyarl9wdw84nx11ffbnx"))))
     (build-system gnu-build-system)
     (arguments
      `(#:tests? #f ; no tests
@@ -1299,11 +1300,12 @@ from various services and pipes them into a video playing application.")
        ("jack" ,jack-1)
        ("ladspa" ,ladspa)
        ("libsamplerate" ,libsamplerate)
+       ("pulseaudio" ,pulseaudio)
        ("sdl" ,sdl)
        ("sox" ,sox)))
     (native-inputs
      `(("pkg-config" ,pkg-config)))
-    (home-page "http://www.mltframework.org/")
+    (home-page "https://www.mltframework.org/")
     (synopsis "Author, manage, and run multitrack audio/video compositions")
     (description
      "MLT is a multimedia framework, designed and developed for television
@@ -1316,14 +1318,14 @@ tools, XML authoring components, and an extensible plug-in based API.")
 (define-public v4l-utils
   (package
     (name "v4l-utils")
-    (version "1.8.1")
+    (version "1.10.0")
     (source (origin
               (method url-fetch)
-              (uri (string-append "http://linuxtv.org/downloads/v4l-utils"
+              (uri (string-append "https://linuxtv.org/downloads/v4l-utils"
                                   "/v4l-utils-" version ".tar.bz2"))
               (sha256
                (base32
-                "0cqv8drw0z0kfmz4f50a8kzbrz6vbj6j6q78030hgshr7yq1jqig"))))
+                "0srkwh3r6f0bkb4kp0d7i0mlmp8babs3qc22cdy1sw4awmzd5skq"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags
@@ -1349,7 +1351,7 @@ be used for realtime video capture via Linux-specific APIs.")
 (define-public obs
   (package
     (name "obs")
-    (version "0.13.2")
+    (version "0.14.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://github.com/jp9000/obs-studio"
@@ -1357,7 +1359,7 @@ be used for realtime video capture via Linux-specific APIs.")
               (file-name (string-append name "-" version ".tar.gz"))
               (sha256
                (base32
-                "1awaqlhlzlqqnwqixw54z40hqcnr3fwlclq4vlsy2kvsfyqjfr2b"))))
+                "1w07ign2swfigmsjd2jyaqqdnj2zpzs8hzsjzzk5l377jbx3ml5g"))))
     (build-system cmake-build-system)
     (arguments '(#:tests? #f)) ; no tests
     (native-inputs
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index d7c2616dfe..477b05189c 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -3,6 +3,7 @@
 ;;; Copyright © 2013, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -148,7 +149,7 @@ and probably others.")
 (define-public openvpn
   (package
     (name "openvpn")
-    (version "2.3.6")
+    (version "2.3.9")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -156,7 +157,7 @@ and probably others.")
                     version ".tar.xz"))
               (sha256
                (base32
-                "1v8h2nshxnvn2zyr08vzkfby1kc7ma6bi0s6hix389cj9krjxbmd"))))
+                "1hfwmdsp7s34qx34qgwrpp89h30744lbsks6y619cdh27bpnpwaj"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags '("--enable-iproute2=yes")))
@@ -178,14 +179,14 @@ traversing network address translators (NATs) and firewalls.")
 (define-public tinc
   (package
     (name "tinc")
-    (version "1.0.26")
+    (version "1.0.28")
     (source (origin
               (method url-fetch)
               (uri (string-append "http://tinc-vpn.org/packages/"
                                   name "-" version ".tar.gz"))
               (sha256
                (base32
-                "08ds8s32cjslms1q227ihd6jz35583v378ij4pknfa5xngfijhrb"))))
+                "0i5kx3hza359nclyhb60kxlzqyx0phmg175350hww28g6scjcl0b"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index a0e1ec9422..5df4765d3c 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -42,7 +42,7 @@
   #:use-module (guix build-system r)
   #:use-module (gnu packages)
   #:use-module (gnu packages apr)
-  #:use-module (gnu packages asciidoc)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages docbook)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages compression)
@@ -109,14 +109,14 @@ and its related documentation.")
 (define-public nginx
   (package
     (name "nginx")
-    (version "1.8.1")
+    (version "1.10.0")
     (source (origin
               (method url-fetch)
               (uri (string-append "http://nginx.org/download/nginx-"
                                   version ".tar.gz"))
               (sha256
                (base32
-                "1dwpyw4pvhj68vxramqxm8f79pqz9lrm8mvifbn49h3615ikqjwg"))))
+                "0kdyqa5xaxvhz6y75ixs05mzygk3kszzdq5h0gnlrg35vp1lgmlf"))))
     (build-system gnu-build-system)
     (inputs `(("pcre" ,pcre)
               ("openssl" ,openssl)
diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm
index 60842efab2..5f32fc478d 100644
--- a/gnu/packages/wm.scm
+++ b/gnu/packages/wm.scm
@@ -6,6 +6,7 @@
 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
 ;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org>
 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Al McElrath <hello@yrns.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -33,10 +34,10 @@
   #:use-module (gnu packages base)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages perl)
+  #:use-module (gnu packages pulseaudio)
   #:use-module (gnu packages xorg)
   #:use-module (gnu packages xdisorg)
-  #:use-module (gnu packages qt)
-  #:use-module (gnu packages asciidoc)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages xml)
   #:use-module (gnu packages m4)
   #:use-module (gnu packages docbook)
@@ -108,14 +109,14 @@ the leaves of a full binary tree.")
 (define-public i3status
   (package
     (name "i3status")
-    (version "2.9")
+    (version "2.10")
     (source (origin
               (method url-fetch)
-              (uri (string-append "http://i3wm.org/i3status/i3status-"
+              (uri (string-append "https://i3wm.org/i3status/i3status-"
                                   version ".tar.bz2"))
               (sha256
                (base32
-                "1qwxbrga2fi5wf742hh9ajwa8b2kpzkjjnhjlz4wlpv21i80kss2"))))
+                "1497dsvb32z9xljmxz95dnyvsbayn188ilm3l4ys8m5h25vd1xfs"))))
     (build-system gnu-build-system)
     (arguments
      `(#:make-flags (list "CC=gcc" (string-append "PREFIX=" %output))
@@ -128,10 +129,13 @@ the leaves of a full binary tree.")
        ("libconfuse" ,libconfuse)
        ("libyajl" ,libyajl)
        ("alsa-lib" ,alsa-lib)
-       ("wireless-tools" ,wireless-tools)
+       ("pulseaudio" ,pulseaudio)
+       ("libnl" ,libnl)
        ("libcap" ,libcap)
        ("asciidoc" ,asciidoc)))
-    (home-page "http://i3wm.org/i3status/")
+    (native-inputs
+     `(("pkg-config" ,pkg-config)))
+    (home-page "https://i3wm.org/i3status/")
     (synopsis "Status bar for i3bar, dzen2, xmobar or similar programs")
     (description "i3status is a small program for generating a status bar for
 i3bar, dzen2, xmobar or similar programs.  It is designed to be very efficient
@@ -148,7 +152,7 @@ commands would.")
     (version "4.12")
     (source (origin
               (method url-fetch)
-              (uri (string-append "http://i3wm.org/downloads/i3-"
+              (uri (string-append "https://i3wm.org/downloads/i3-"
                                   version ".tar.bz2"))
               (sha256
                (base32
@@ -182,7 +186,7 @@ commands would.")
      `(("which" ,which)
        ("perl" ,perl)
        ("pkg-config" ,pkg-config)))
-    (home-page "http://i3wm.org/")
+    (home-page "https://i3wm.org/")
     (synopsis "Improved tiling window manager")
     (description "A tiling window manager, completely written
 from scratch.  i3 is primarily targeted at advanced users and
diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm
index 67bca6d894..c060a39009 100644
--- a/gnu/packages/xdisorg.scm
+++ b/gnu/packages/xdisorg.scm
@@ -37,7 +37,7 @@
   #:use-module (guix build-system glib-or-gtk)
   #:use-module (guix build-system python)
   #:use-module (gnu packages)
-  #:use-module (gnu packages asciidoc)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages image)
@@ -54,8 +54,8 @@
   #:use-module (gnu packages guile)
   #:use-module (gnu packages xml)
   #:use-module (gnu packages gtk)
-  #:use-module (gnu packages qt)
-  #:use-module (gnu packages xorg))
+  #:use-module (gnu packages xorg)
+  #:use-module (gnu packages bison))
 
 ;; packages outside the x.org system proper
 
@@ -122,6 +122,44 @@ can also be used for copying files, as an alternative to sftp/scp, thus
 avoiding password prompts when X11 forwarding has already been setup.")
     (license license:gpl2+)))
 
+(define-public libxkbcommon
+  (package
+    (name "libxkbcommon")
+    (version "0.5.0")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append "http://xkbcommon.org/download/" name "-"
+                                 version ".tar.xz"))
+             (sha256
+              (base32
+               "176ii5dn2wh74q48sd8ac37ljlvgvp5f506glr96z6ibfhj7igch"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("libx11" ,libx11)
+       ("libxcb" ,libxcb)
+       ("xkeyboard-config" ,xkeyboard-config)))
+    (native-inputs
+     `(("bison" ,bison)
+       ("pkg-config" ,pkg-config)))
+    (arguments
+     `(#:configure-flags
+       (list (string-append "--with-xkb-config-root="
+                            (assoc-ref %build-inputs "xkeyboard-config")
+                            "/share/X11/xkb")
+             (string-append "--with-x-locale-root="
+                            (assoc-ref %build-inputs "libx11")
+                            "/share/X11/locale"))))
+    (home-page "http://xkbcommon.org/")
+    (synopsis "Library to handle keyboard descriptions")
+    (description "Xkbcommon is a library to handle keyboard descriptions,
+including loading them from disk, parsing them and handling their
+state.  It is mainly meant for client toolkits, window systems, and other
+system applications; currently that includes Wayland, kmscon, GTK+, Qt,
+Clutter, and more.  Despite the name, it is not currently used by anything
+X11 (yet).")
+    (license (license:x11-style "file://COPYING"
+                                "See 'COPYING' in the distribution."))))
+
 (define-public xdotool
   (package
     (name "xdotool")
@@ -196,7 +234,7 @@ following the mouse.")
 (define-public pixman
   (package
     (name "pixman")
-    (version "0.32.8")
+    (version "0.34.0")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -204,7 +242,7 @@ following the mouse.")
                     version ".tar.gz"))
               (sha256
                (base32
-                "0pfn0247sjsi95kwjih0wwqpp28wadihqk1bn28x6iqbqhbxwnjp"))))
+                "13m842m9ffac3m9r0b4lvwjhwzg3w4353djkjpf00s0wnm4v5di1"))))
     (build-system gnu-build-system)
     (inputs
      `(("libpng" ,libpng)
diff --git a/gnu/packages/xiph.scm b/gnu/packages/xiph.scm
index 244f0c84b4..68f76d5c5c 100644
--- a/gnu/packages/xiph.scm
+++ b/gnu/packages/xiph.scm
@@ -27,7 +27,7 @@
   #:use-module (gnu packages bison)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages curl)
-  #:use-module (gnu packages doxygen)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages image)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
diff --git a/gnu/services/herd.scm b/gnu/services/herd.scm
index 9cb33a9fd0..7a9db90012 100644
--- a/gnu/services/herd.scm
+++ b/gnu/services/herd.scm
@@ -17,12 +17,27 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu services herd)
-  #:use-module (guix ui)
-  #:use-module (guix utils)
+  #:use-module (guix combinators)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-11)
+  #:use-module (srfi srfi-34)
+  #:use-module (srfi srfi-35)
   #:use-module (ice-9 match)
-  #:export (current-services
+  #:export (shepherd-error?
+            service-not-found-error?
+            service-not-found-error-service
+            action-not-found-error?
+            action-not-found-error-service
+            action-not-found-error-action
+            action-exception-error?
+            action-exception-error-service
+            action-exception-error-action
+            action-exception-error-key
+            action-exception-error-arguments
+            unknown-shepherd-error?
+            unknown-shepherd-error-sexp
+
+            current-services
             unload-services
             unload-service
             load-services
@@ -61,31 +76,54 @@ return the socket."
   (let ((connection (open-connection)))
     body ...))
 
-(define (report-action-error error)
-  "Report ERROR, an sexp received by a shepherd client in reply to COMMAND, a
-command object."
+(define-condition-type &shepherd-error &error
+  shepherd-error?)
+
+(define-condition-type &service-not-found-error &shepherd-error
+  service-not-found-error?
+  (service service-not-found-error-service))
+
+(define-condition-type &action-not-found-error &shepherd-error
+  action-not-found-error?
+  (service action-not-found-error-service)
+  (action  action-not-found-error-action))
+
+(define-condition-type &action-exception-error &shepherd-error
+  action-exception-error?
+  (service action-exception-error-service)
+  (action  action-exception-error-action)
+  (key     action-exception-error-key)
+  (args    action-exception-error-arguments))
+
+(define-condition-type &unknown-shepherd-error &shepherd-error
+  unknown-shepherd-error?
+  (sexp   unknown-shepherd-error-sexp))
+
+(define (raise-shepherd-error error)
+  "Raise an error condition corresponding to ERROR, an sexp received by a
+shepherd client in reply to COMMAND, a command object.  Return #t if ERROR
+does not denote an error."
   (match error
     (('error ('version 0 x ...) 'service-not-found service)
-     (report-error (_ "service '~a' could not be found~%")
-                   service))
+     (raise (condition (&service-not-found-error
+                        (service service)))))
     (('error ('version 0 x ...) 'action-not-found action service)
-     (report-error (_ "service '~a' does not have an action '~a'~%")
-                   service action))
+     (raise (condition (&action-not-found-error
+                        (service service)
+                        (action action)))))
     (('error ('version 0 x ...) 'action-exception action service
              key (args ...))
-     (report-error (_ "exception caught while executing '~a' \
-on service '~a':~%")
-                   action service)
-     (print-exception (current-error-port) #f key args))
+     (raise (condition (&action-exception-error
+                        (service service)
+                        (action action)
+                        (key key) (args args)))))
     (('error . _)
-     (report-error (_ "something went wrong: ~s~%")
-                   error))
+     (raise (condition (&unknown-shepherd-error (sexp error)))))
     (#f                                           ;not an error
      #t)))
 
 (define (display-message message)
-  ;; TRANSLATORS: Nothing to translate here.
-  (info (_ "shepherd: ~a~%") message))
+  (format (current-error-port) "shepherd: ~a~%" message))
 
 (define* (invoke-action service action arguments cont)
   "Invoke ACTION on SERVICE with ARGUMENTS.  On success, call CONT with the
@@ -107,10 +145,10 @@ result.  Otherwise return #f."
       (('reply ('version 0 x ...) ('result y) ('error error)
                ('messages messages))
        (for-each display-message messages)
-       (report-action-error error)
+       (raise-shepherd-error error)
        #f)
       (x
-       (warning (_ "invalid shepherd reply~%"))
+       ;; invalid reply
        #f))))
 
 (define-syntax-rule (with-shepherd-action service (action args ...)
@@ -129,7 +167,8 @@ of pairs."
 
 (define (current-services)
   "Return two lists: the list of currently running services, and the list of
-currently stopped services."
+currently stopped services.  Return #f and #f if the list of services could
+not be obtained."
   (with-shepherd-action 'root ('status) services
     (match services
       ((('service ('version 0 _ ...) _ ...) ...)
@@ -144,7 +183,6 @@ currently stopped services."
               '()
               services))
       (x
-       (warning (_ "failed to obtain list of shepherd services~%"))
        (values #f #f)))))
 
 (define (unload-service service)
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 5a0a211236..af2a60936b 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -24,6 +25,7 @@
   #:use-module (gnu system shadow)
   #:use-module (gnu system pam)
   #:use-module (gnu packages admin)
+  #:use-module (gnu packages connman)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages tor)
   #:use-module (gnu packages messaging)
@@ -45,7 +47,8 @@
             tor-service
             bitlbee-service
             wicd-service
-            network-manager-service))
+            network-manager-service
+            connman-service))
 
 ;;; Commentary:
 ;;;
@@ -652,4 +655,48 @@ and @command{wicd-curses} user interfaces."
 that attempting to keep active network connectivity when available."
   (service network-manager-service-type network-manager))
 
+
+;;;
+;;; Connman
+;;;
+
+(define %connman-activation
+  ;; Activation gexp for Connman.
+  #~(begin
+      (use-modules (guix build utils))
+      (mkdir-p "/var/lib/connman/")
+      (mkdir-p "/var/lib/connman-vpn/")))
+
+(define (connman-shepherd-service connman)
+  "Return a shepherd service for Connman"
+  (list (shepherd-service
+         (documentation "Run Connman")
+         (provision '(networking))
+         (requirement '(user-processes dbus-system loopback))
+         (start #~(make-forkexec-constructor
+                   (list (string-append #$connman
+                                        "/sbin/connmand")
+                         "-n" "-r")))
+         (stop #~(make-kill-destructor)))))
+
+(define connman-service-type
+  (service-type (name 'connman)
+                (extensions
+                 (list (service-extension shepherd-root-service-type
+                                          connman-shepherd-service)
+                       (service-extension dbus-root-service-type list)
+                       (service-extension activation-service-type
+                                          (const %connman-activation))
+                       ;; Add connman to the system profile.
+                       (service-extension profile-service-type list)))))
+
+(define* (connman-service #:key (connman connman))
+  "Return a service that runs @url{https://01.org/connman,Connman}, a network
+connection manager.
+
+This service adds the @var{connman} package to the global profile, providing
+several the @command{connmanctl} command to interact with the daemon and
+configure networking."
+  (service connman-service-type connman))
+
 ;;; networking.scm ends here
diff --git a/gnu/system.scm b/gnu/system.scm
index 768ca9cab2..96ea153cd0 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -82,6 +82,8 @@
             operating-system-file-systems
             operating-system-store-file-system
             operating-system-activation-script
+            operating-system-user-accounts
+            operating-system-shepherd-service-names
 
             operating-system-derivation
             operating-system-profile
@@ -578,6 +580,22 @@ hardware-related operations as necessary when booting a Linux container."
     ;; BOOT is the script as a monadic value.
     (service-parameters boot)))
 
+(define (operating-system-user-accounts os)
+  "Return the list of user accounts of OS."
+  (let* ((services (operating-system-services os))
+         (account  (fold-services services
+                                  #:target-type account-service-type)))
+    (filter user-account?
+            (service-parameters account))))
+
+(define (operating-system-shepherd-service-names os)
+  "Return the list of Shepherd service names for OS."
+  (append-map shepherd-service-provision
+              (service-parameters
+               (fold-services (operating-system-services os)
+                              #:target-type
+                              shepherd-root-service-type))))
+
 (define* (operating-system-derivation os #:key container?)
   "Return a derivation that builds OS."
   (let* ((services (operating-system-services os #:container? container?))
diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
index 6e62aeee57..f09e8c24f2 100644
--- a/gnu/system/shadow.scm
+++ b/gnu/system/shadow.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -160,9 +161,9 @@ fi
 # Adjust the prompt depending on whether we're in 'guix environment'.
 if [ -n \"$GUIX_ENVIRONMENT\" ]
 then
-    export PS1='\\u@\\h \\w [env]\\$ '
+    PS1='\\u@\\h \\w [env]\\$ '
 else
-    export PS1='\\u@\\h \\w\\$ '
+    PS1='\\u@\\h \\w\\$ '
 fi
 alias ls='ls -p --color'
 alias ll='ls -l'\n"))
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 2fbef6a3fc..676e89df98 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -58,6 +58,7 @@
 
   #:export (expression->derivation-in-linux-vm
             qemu-image
+            virtualized-operating-system
             system-qemu-image
 
             system-qemu-image/shared-store
@@ -468,7 +469,7 @@ with '-virtfs' options for the host file systems listed in SHARED-FS."
      " -no-reboot -net nic,model=virtio \
   " #$@(map virtfs-option shared-fs) " \
   -net user \
-  -serial stdio -vga std \
+  -vga std \
   -drive file=" #$image
   ",if=virtio,cache=writeback,werror=report,readonly \
   -m 256"))
diff --git a/gnu/tests.scm b/gnu/tests.scm
new file mode 100644
index 0000000000..08d8315ea0
--- /dev/null
+++ b/gnu/tests.scm
@@ -0,0 +1,130 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu tests)
+  #:use-module (guix gexp)
+  #:use-module (gnu system)
+  #:use-module (gnu services)
+  #:use-module (gnu services shepherd)
+  #:export (backdoor-service-type
+            marionette-operating-system))
+
+;;; Commentary:
+;;;
+;;; This module provides the infrastructure to run operating system tests.
+;;; The most important part of that is tools to instrument the OS under test,
+;;; essentially allowing to run in a virtual machine controlled by the host
+;;; system--hence the name "marionette".
+;;;
+;;; Code:
+
+(define (marionette-shepherd-service imported-modules)
+  "Return the Shepherd service for the marionette REPL"
+  (define device
+    "/dev/hvc0")
+
+  (list (shepherd-service
+         (provision '(marionette))
+         (requirement '(udev))                    ;so that DEVICE is available
+         (modules '((ice-9 match)
+                    (srfi srfi-9 gnu)
+                    (guix build syscalls)
+                    (rnrs bytevectors)))
+         (imported-modules `((guix build syscalls)
+                             ,@imported-modules))
+         (start
+          #~(lambda ()
+              (define (clear-echo termios)
+                (set-field termios (termios-local-flags)
+                           (logand (lognot (local-flags ECHO))
+                                   (termios-local-flags termios))))
+
+              (define (self-quoting? x)
+                (letrec-syntax ((one-of (syntax-rules ()
+                                          ((_) #f)
+                                          ((_ pred rest ...)
+                                           (or (pred x)
+                                               (one-of rest ...))))))
+                  (one-of symbol? string? pair? null? vector?
+                          bytevector? number? boolean?)))
+
+              (match (primitive-fork)
+                (0
+                 (dynamic-wind
+                   (const #t)
+                   (lambda ()
+                     (let* ((repl    (open-file #$device "r+0"))
+                            (termios (tcgetattr (fileno repl)))
+                            (console (open-file "/dev/console" "r+0")))
+                       ;; Don't echo input back.
+                       (tcsetattr (fileno repl) (tcsetattr-action TCSANOW)
+                                  (clear-echo termios))
+
+                       ;; Redirect output to the console.
+                       (close-fdes 1)
+                       (close-fdes 2)
+                       (dup2 (fileno console) 1)
+                       (dup2 (fileno console) 2)
+                       (close-port console)
+
+                       (display 'ready repl)
+                       (let loop ()
+                         (newline repl)
+
+                         (match (read repl)
+                           ((? eof-object?)
+                            (primitive-exit 0))
+                           (expr
+                            (catch #t
+                              (lambda ()
+                                (let ((result (primitive-eval expr)))
+                                  (write (if (self-quoting? result)
+                                             result
+                                             (object->string result))
+                                         repl)))
+                              (lambda (key . args)
+                                (print-exception (current-error-port)
+                                                 (stack-ref (make-stack #t) 1)
+                                                 key args)
+                                (write #f repl)))))
+                         (loop))))
+                   (lambda ()
+                     (primitive-exit 1))))
+                (pid
+                 pid))))
+         (stop #~(make-kill-destructor)))))
+
+(define marionette-service-type
+  ;; This is the type of the "marionette" service, allowing a guest system to
+  ;; be manipulated from the host.  This marionette REPL is essentially a
+  ;; universal marionette.
+  (service-type (name 'marionette-repl)
+                (extensions
+                 (list (service-extension shepherd-root-service-type
+                                          marionette-shepherd-service)))))
+
+(define* (marionette-operating-system os
+                                      #:key (imported-modules '()))
+  "Return a marionetteed variant of OS such that OS can be used as a marionette
+in a virtual machine--i.e., controlled from the host system."
+  (operating-system
+    (inherit os)
+    (services (cons (service marionette-service-type imported-modules)
+                    (operating-system-user-services os)))))
+
+;;; tests.scm ends here
diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm
new file mode 100644
index 0000000000..0f19449508
--- /dev/null
+++ b/gnu/tests/base.scm
@@ -0,0 +1,164 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu tests base)
+  #:use-module (gnu tests)
+  #:use-module (gnu system)
+  #:use-module (gnu system grub)
+  #:use-module (gnu system file-systems)
+  #:use-module (gnu system shadow)
+  #:use-module (gnu system vm)
+  #:use-module (gnu services)
+  #:use-module (gnu services shepherd)
+  #:use-module (guix gexp)
+  #:use-module (guix store)
+  #:use-module (guix monads)
+  #:use-module (guix packages)
+  #:use-module (srfi srfi-1)
+  #:export (%test-basic-os))
+
+(define %simple-os
+  (operating-system
+    (host-name "komputilo")
+    (timezone "Europe/Berlin")
+    (locale "en_US.UTF-8")
+
+    (bootloader (grub-configuration (device "/dev/sdX")))
+    (file-systems (cons (file-system
+                          (device "my-root")
+                          (title 'label)
+                          (mount-point "/")
+                          (type "ext4"))
+                        %base-file-systems))
+    (firmware '())
+
+    (users (cons (user-account
+                  (name "alice")
+                  (comment "Bob's sister")
+                  (group "users")
+                  (supplementary-groups '("wheel" "audio" "video"))
+                  (home-directory "/home/alice"))
+                 %base-user-accounts))))
+
+
+(define %test-basic-os
+  ;; Monadic derivation that instruments %SIMPLE-OS, runs it in a VM, and runs
+  ;; a series of basic functionality tests.
+  (mlet* %store-monad ((os -> (marionette-operating-system
+                               %simple-os
+                               #:imported-modules '((gnu services herd)
+                                                    (guix combinators))))
+                       (run   (system-qemu-image/shared-store-script
+                               os #:graphic? #f)))
+    (define test
+      #~(begin
+          (use-modules (gnu build marionette)
+                       (srfi srfi-1)
+                       (srfi srfi-26)
+                       (srfi srfi-64)
+                       (ice-9 match))
+
+          (define marionette
+            (make-marionette (list #$run)))
+
+          (mkdir #$output)
+          (chdir #$output)
+
+          (test-begin "basic")
+
+          (test-assert "uname"
+            (match (marionette-eval '(uname) marionette)
+              (#("Linux" "komputilo" version _ "x86_64")
+               (string-prefix? #$(package-version
+                                  (operating-system-kernel os))
+                               version))))
+
+          (test-assert "shell and user commands"
+            ;; Is everything in $PATH?
+            (zero? (marionette-eval '(system "
+. /etc/profile
+set -e -x
+guix --version
+ls --version
+grep --version
+info --version")
+                                    marionette)))
+
+          (test-assert "accounts"
+            (let ((users (marionette-eval '(begin
+                                             (use-modules (ice-9 match))
+                                             (let loop ((result '()))
+                                               (match (getpw)
+                                                 (#f (reverse result))
+                                                 (x  (loop (cons x result))))))
+                                          marionette)))
+              (lset= string=?
+                     (map passwd:name users)
+                     (list
+                      #$@(map user-account-name
+                              (operating-system-user-accounts os))))))
+
+          (test-assert "shepherd services"
+            (let ((services (marionette-eval '(begin
+                                                (use-modules (gnu services herd))
+                                                (call-with-values current-services
+                                                  append))
+                                             marionette)))
+              (lset= eq?
+                     (pk 'services services)
+                     '(root #$@(operating-system-shepherd-service-names
+                                (virtualized-operating-system os '()))))))
+
+          (test-equal "login on tty1"
+            "root\n"
+            (begin
+              (marionette-control "sendkey ctrl-alt-f1" marionette)
+              ;; Wait for the 'term-tty1' service to be running (using
+              ;; 'start-service' is the simplest and most reliable way to do
+              ;; that.)
+              (marionette-eval
+               '(begin
+                  (use-modules (gnu services herd))
+                  (start-service 'term-tty1))
+               marionette)
+
+              ;; Now we can type.
+              (marionette-type "root\n\nid -un > logged-in\n" marionette)
+
+              ;; It can take a while before the shell commands are executed.
+              (let loop ((i 0))
+                (unless (or (file-exists? "/root/logged-in") (> i 15))
+                  (sleep 1)
+                  (loop (+ i 1))))
+              (marionette-eval '(use-modules (rnrs io ports)) marionette)
+              (marionette-eval '(call-with-input-file "/root/logged-in"
+                                  get-string-all)
+                               marionette)))
+
+          (test-assert "screendump"
+            (begin
+              (marionette-control (string-append "screendump " #$output
+                                                 "/tty1.ppm")
+                                  marionette)
+              (file-exists? "tty1.ppm")))
+
+          (test-end)
+          (exit (= (test-runner-fail-count (test-runner-current)) 0))))
+
+    (gexp->derivation "basic" test
+                      #:modules '((gnu build marionette)))))