diff options
121 files changed, 2738 insertions, 3291 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 781c28accb..9e1e14fdf9 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -521,7 +521,6 @@ dist_patch_DATA = \ %D%/packages/patches/bigloo-gc-shebangs.patch \ %D%/packages/patches/binutils-ld-new-dtags.patch \ %D%/packages/patches/binutils-loongson-workaround.patch \ - %D%/packages/patches/binutils-mips-bash-bug.patch \ %D%/packages/patches/blast+-fix-makefile.patch \ %D%/packages/patches/byobu-writable-status.patch \ %D%/packages/patches/cairo-CVE-2016-9082.patch \ @@ -547,7 +546,6 @@ dist_patch_DATA = \ %D%/packages/patches/cool-retro-term-memory-leak-1.patch \ %D%/packages/patches/cool-retro-term-remove-non-free-fonts.patch \ %D%/packages/patches/coreutils-cut-huge-range-test.patch \ - %D%/packages/patches/coreutils-fix-cross-compilation.patch \ %D%/packages/patches/cpio-CVE-2016-2037.patch \ %D%/packages/patches/cpufrequtils-fix-aclocal.patch \ %D%/packages/patches/cracklib-CVE-2016-6318.patch \ @@ -575,9 +573,7 @@ dist_patch_DATA = \ %D%/packages/patches/emacs-scheme-complete-scheme-r5rs-info.patch \ %D%/packages/patches/emacs-source-date-epoch.patch \ %D%/packages/patches/eudev-rules-directory.patch \ - %D%/packages/patches/eudev-conflicting-declaration.patch \ %D%/packages/patches/evilwm-lost-focus-bug.patch \ - %D%/packages/patches/expat-CVE-2016-0718-fix-regression.patch \ %D%/packages/patches/exim-CVE-2017-1000369.patch \ %D%/packages/patches/fabric-tests.patch \ %D%/packages/patches/fastcap-mulGlobal.patch \ @@ -590,22 +586,20 @@ dist_patch_DATA = \ %D%/packages/patches/fcgi-2.4.0-gcc44-fixes.patch \ %D%/packages/patches/fcgi-2.4.0-poll.patch \ %D%/packages/patches/findutils-localstatedir.patch \ + %D%/packages/patches/findutils-gnulib-multi-core.patch \ %D%/packages/patches/findutils-test-xargs.patch \ %D%/packages/patches/flint-ldconfig.patch \ %D%/packages/patches/fltk-shared-lib-defines.patch \ %D%/packages/patches/fltk-xfont-on-demand.patch \ - %D%/packages/patches/fontconfig-charwidth-symbol-conflict.patch \ - %D%/packages/patches/fontconfig-path-max.patch \ %D%/packages/patches/fontforge-svg-modtime.patch \ %D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ - %D%/packages/patches/freetype-CVE-2017-8105.patch \ - %D%/packages/patches/freetype-CVE-2017-8287.patch \ %D%/packages/patches/fuse-overlapping-headers.patch \ %D%/packages/patches/gawk-shell.patch \ %D%/packages/patches/gcc-arm-bug-71399.patch \ %D%/packages/patches/gcc-arm-link-spec-fix.patch \ + %D%/packages/patches/gcc-asan-powerpc-missing-include.patch \ %D%/packages/patches/gcc-cross-environment-variables.patch \ %D%/packages/patches/gcc-libvtv-runpath.patch \ %D%/packages/patches/gcc-strmov-store-file-names.patch \ @@ -626,14 +620,13 @@ dist_patch_DATA = \ %D%/packages/patches/gegl-CVE-2012-4433.patch \ %D%/packages/patches/gemma-intel-compat.patch \ %D%/packages/patches/geoclue-config.patch \ + %D%/packages/patches/gettext-multi-core.patch \ + %D%/packages/patches/gettext-gnulib-multi-core.patch \ %D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \ - %D%/packages/patches/ghostscript-CVE-2013-5653.patch \ - %D%/packages/patches/ghostscript-CVE-2015-3228.patch \ - %D%/packages/patches/ghostscript-CVE-2016-7976.patch \ - %D%/packages/patches/ghostscript-CVE-2016-7978.patch \ - %D%/packages/patches/ghostscript-CVE-2016-7979.patch \ - %D%/packages/patches/ghostscript-CVE-2016-8602.patch \ %D%/packages/patches/ghostscript-CVE-2017-8291.patch \ + %D%/packages/patches/ghostscript-no-header-id.patch \ + %D%/packages/patches/ghostscript-no-header-uuid.patch \ + %D%/packages/patches/ghostscript-no-header-creationdate.patch \ %D%/packages/patches/ghostscript-runpath.patch \ %D%/packages/patches/glib-networking-ssl-cert-file.patch \ %D%/packages/patches/glib-tests-timer.patch \ @@ -658,7 +651,9 @@ dist_patch_DATA = \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ %D%/packages/patches/graphite2-ffloat-store.patch \ + %D%/packages/patches/grep-gnulib-lock.patch \ %D%/packages/patches/grep-timing-sensitive-test.patch \ + %D%/packages/patches/groff-source-date-epoch.patch \ %D%/packages/patches/gsl-test-i686.patch \ %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ @@ -698,6 +693,7 @@ dist_patch_DATA = \ %D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ + %D%/packages/patches/intltool-perl-compatibility.patch \ %D%/packages/patches/isl-0.11.1-aarch64-support.patch \ %D%/packages/patches/jbig2dec-ignore-testtest.patch \ %D%/packages/patches/jbig2dec-CVE-2016-9601.patch \ @@ -746,6 +742,7 @@ dist_patch_DATA = \ %D%/packages/patches/libgdata-fix-tests.patch \ %D%/packages/patches/libgdata-glib-duplicate-tests.patch \ %D%/packages/patches/libgit2-use-after-free.patch \ + %D%/packages/patches/libffi-3.2.1-complex-alpha.patch \ %D%/packages/patches/libjxr-fix-function-signature.patch \ %D%/packages/patches/libjxr-fix-typos.patch \ %D%/packages/patches/liboop-mips64-deplibs-fix.patch \ @@ -762,26 +759,9 @@ dist_patch_DATA = \ %D%/packages/patches/libssh-hostname-parser-bug.patch \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ - %D%/packages/patches/libtasn1-CVE-2017-6891.patch \ %D%/packages/patches/libtheora-config-guess.patch \ - %D%/packages/patches/libtiff-CVE-2016-10092.patch \ - %D%/packages/patches/libtiff-CVE-2016-10093.patch \ - %D%/packages/patches/libtiff-CVE-2016-10094.patch \ %D%/packages/patches/libtiff-CVE-2016-10688.patch \ - %D%/packages/patches/libtiff-CVE-2017-5225.patch \ %D%/packages/patches/libtiff-CVE-2017-9936.patch \ - %D%/packages/patches/libtiff-assertion-failure.patch \ - %D%/packages/patches/libtiff-divide-by-zero-ojpeg.patch \ - %D%/packages/patches/libtiff-divide-by-zero-tiffcp.patch \ - %D%/packages/patches/libtiff-divide-by-zero-tiffcrop.patch \ - %D%/packages/patches/libtiff-divide-by-zero.patch \ - %D%/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch \ - %D%/packages/patches/libtiff-heap-overflow-tif-dirread.patch \ - %D%/packages/patches/libtiff-heap-overflow-tiffcp.patch \ - %D%/packages/patches/libtiff-heap-overflow-tiffcrop.patch \ - %D%/packages/patches/libtiff-invalid-read.patch \ - %D%/packages/patches/libtiff-null-dereference.patch \ - %D%/packages/patches/libtiff-tiffcp-underflow.patch \ %D%/packages/patches/libtiff-tiffgetfield-bugs.patch \ %D%/packages/patches/libtiff-tiffycbcrtorgb-integer-overflow.patch \ %D%/packages/patches/libtiff-tiffycbcrtorgbinit-integer-overflow.patch \ @@ -789,6 +769,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ + %D%/packages/patches/libunistring-gnulib-multi-core.patch \ %D%/packages/patches/libvpx-CVE-2016-2818.patch \ %D%/packages/patches/libxcb-python-3.5-compat.patch \ %D%/packages/patches/libxml2-CVE-2016-4658.patch \ @@ -827,7 +808,6 @@ dist_patch_DATA = \ %D%/packages/patches/mcrypt-CVE-2012-4409.patch \ %D%/packages/patches/mcrypt-CVE-2012-4426.patch \ %D%/packages/patches/mcrypt-CVE-2012-4527.patch \ - %D%/packages/patches/mesa-fix-32bit-test-failures.patch \ %D%/packages/patches/mesa-skip-disk-cache-test.patch \ %D%/packages/patches/mesa-wayland-egl-symbols-check-mips.patch \ %D%/packages/patches/metabat-remove-compilation-date.patch \ @@ -898,7 +878,6 @@ dist_patch_DATA = \ %D%/packages/patches/perl-gd-options-passthrough-and-fontconfig.patch \ %D%/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch \ %D%/packages/patches/perl-net-amazon-s3-moose-warning.patch \ - %D%/packages/patches/perl-net-ssleay-disable-ede-test.patch \ %D%/packages/patches/perl-net-dns-resolver-programmable-fix.patch \ %D%/packages/patches/perl-no-sys-dirs.patch \ %D%/packages/patches/perl-module-pluggable-search.patch \ @@ -917,8 +896,6 @@ dist_patch_DATA = \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ %D%/packages/patches/polkit-drop-test.patch \ %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch \ - %D%/packages/patches/poppler-CVE-2017-9776.patch \ - %D%/packages/patches/poppler-fix-crash-with-broken-documents.patch \ %D%/packages/patches/portaudio-audacity-compat.patch \ %D%/packages/patches/portmidi-modular-build.patch \ %D%/packages/patches/procmail-ambiguous-getline-debian.patch \ @@ -942,7 +919,6 @@ dist_patch_DATA = \ %D%/packages/patches/python-3.5-fix-tests.patch \ %D%/packages/patches/python-3.5-getentropy-on-old-kernels.patch \ %D%/packages/patches/python-dendropy-fix-tests.patch \ - %D%/packages/patches/python-file-double-encoding-bug.patch \ %D%/packages/patches/python-fix-tests.patch \ %D%/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch \ %D%/packages/patches/python-genshi-buildable-on-python-2.7.patch \ @@ -999,6 +975,7 @@ dist_patch_DATA = \ %D%/packages/patches/scotch-test-threading.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ + %D%/packages/patches/shishi-fix-libgcrypt-detection.patch \ %D%/packages/patches/slim-session.patch \ %D%/packages/patches/slim-config.patch \ %D%/packages/patches/slim-sigusr1.patch \ @@ -1065,6 +1042,7 @@ dist_patch_DATA = \ %D%/packages/patches/weechat-python.patch \ %D%/packages/patches/wget-CVE-2017-6508.patch \ %D%/packages/patches/wget-fix-504-test-timeout.patch \ + %D%/packages/patches/wget-perl-5.26.patch \ %D%/packages/patches/wicd-bitrate-none-fix.patch \ %D%/packages/patches/wicd-get-selected-profile-fix.patch \ %D%/packages/patches/wicd-urwid-1.3.patch \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index ac8f155fcf..5fa9d5b06c 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -167,10 +167,10 @@ and provides a \"top-like\" mode (monitoring).") `(("pkg-config" ,pkg-config) ;; This is the Guile we use as a cross-compiler... - ("guile" ,guile-2.0))) + ("guile" ,guile-2.2))) (inputs ;; ... and this is the one that appears in shebangs when cross-compiling. - `(("guile" ,guile-2.0))) + `(("guile" ,guile-2.2))) (synopsis "System service manager") (description "The GNU Shepherd is a daemon-managing daemon, meaning that it supervises diff --git a/gnu/packages/algebra.scm b/gnu/packages/algebra.scm index d4405a5bf9..c57c703700 100644 --- a/gnu/packages/algebra.scm +++ b/gnu/packages/algebra.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016, 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> ;;; @@ -479,7 +480,6 @@ binary.") (base32 "0amh9ik44jfg66csyvf4zz1l878c4755kjndq9j0270akflgrbb2")))) (build-system gnu-build-system) - (inputs `(("readline" ,readline))) (native-inputs `(("ed" ,ed) ("flex" ,flex) diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index 74e49e46db..1ef4e42015 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -179,8 +179,7 @@ backups (called chunks) to allow easy burning to CD/DVD.") (define-public libarchive (package (name "libarchive") - (replacement libarchive-3.3.1) - (version "3.2.2") + (version "3.3.1") (source (origin (method url-fetch) @@ -188,7 +187,7 @@ backups (called chunks) to allow easy burning to CD/DVD.") version ".tar.gz")) (sha256 (base32 - "03q6y428rg723c9fj1vidzjw46w1vf8z0h95lkvz1l9jw571j739")))) + "1rr40hxlm9vy5z2zb5w7pyfkgd1a4s061qapm83s19accb8mpji9")))) (build-system gnu-build-system) ;; TODO: Add -L/path/to/nettle in libarchive.pc. (inputs diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 81f8b3c8d6..d42aa55560 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -7,6 +7,8 @@ ;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> ;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org> +;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org> +;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> ;;; ;;; This file is part of GNU Guix. @@ -87,7 +89,8 @@ command-line arguments, multiple languages, and so on.") (sha256 (base32 "1dcasjp3a578nrvzrcn38mpizb8w1q6mvfzhjmcqqgkf0nsivj72")) - (patches (search-patches "grep-timing-sensitive-test.patch")))) + (patches (search-patches "grep-timing-sensitive-test.patch" + "grep-gnulib-lock.patch")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl))) ;some of the tests require it (arguments @@ -228,14 +231,14 @@ differences.") (define-public diffutils (package (name "diffutils") - (version "3.5") + (version "3.6") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/diffutils/diffutils-" version ".tar.xz")) (sha256 (base32 - "0csmqfz8ks23kdjsq0v2ll1acqiz8lva06dj19mwmymrsp69ilys")))) + "1mivg0fy3a6fcn535ln8nkgfj6vxh5hsxxs5h6692wxmsjyyh8fn")))) (build-system gnu-build-system) (synopsis "Comparing and merging files") (description @@ -258,8 +261,13 @@ interactive means to merge two files.") (sha256 (base32 "178nn4dl7wbcw499czikirnkniwnx36argdnqgz4ik9i6zvwkm6y")) - (patches (search-patches "findutils-localstatedir.patch" - "findutils-test-xargs.patch")))) + (patches (search-patches + "findutils-localstatedir.patch" + "findutils-test-xargs.patch" + ;; test-lock has performance issues on multi-core + ;; machines, it hangs or takes a long time to complete. + ;; This is a commit from gnulib to fix this issue. + "findutils-gnulib-multi-core.patch")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list @@ -285,15 +293,15 @@ used to apply commands with arbitrarily long arguments.") (define-public coreutils (package (name "coreutils") - (version "8.26") + (version "8.27") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/coreutils/coreutils-" version ".tar.xz")) (sha256 (base32 - "13lspazc7xkviy93qz7ks9jv4sldvgmwpq36ghrbrqpq93br8phm")) - (patches (search-patches "coreutils-fix-cross-compilation.patch")))) + "0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8")) + (patches (search-patches "coreutils-cut-huge-range-test.patch")))) (build-system gnu-build-system) (inputs `(("acl" ,acl) ; TODO: add SELinux ("gmp" ,gmp) ;bignums in 'expr', yay! @@ -308,21 +316,12 @@ used to apply commands with arbitrarily long arguments.") ;; copy of help2man. However, don't pass it when cross-compiling since ;; that would lead it to try to run programs to get their '--help' output ;; for help2man. - `(,@(if (%current-target-system) - '() - `(("perl" ,perl))) - - ;; Apply this patch only on ARM to avoid a full rebuild. - ;; TODO: Move to 'patches' in the next update cycle. - ,@(if (string-prefix? "arm" (or (%current-target-system) - (%current-system))) - `(("cut-test.patch" - ,(search-patch "coreutils-cut-huge-range-test.patch"))) - '()))) + (if (%current-target-system) + '() + `(("perl" ,perl)))) (outputs '("out" "debug")) (arguments `(#:parallel-build? #f ; help2man may be called too early - #:parallel-tests? #f ; race condition fixed after 8.26 #:phases (alist-cons-before 'build 'patch-shell-references (lambda* (#:key inputs #:allow-other-keys) @@ -337,22 +336,7 @@ used to apply commands with arbitrarily long arguments.") (substitute* (find-files "tests" "\\.sh$") (("#!/bin/sh") (format #f "#!~a/bin/sh" bash))))) - - ,@(if (string-prefix? "arm" (or (%current-target-system) - (%current-system))) - '((alist-cons-before - 'build 'patch-cut-test - (lambda* (#:key inputs native-inputs - #:allow-other-keys) - (let ((patch (or (assoc-ref inputs - "cut-test.patch") - (assoc-ref native-inputs - "cut-test.patch")))) - (zero? - (system* "patch" "-p1" "--force" - "--input" patch)))) - %standard-phases)) - '(%standard-phases))))) + %standard-phases))) (synopsis "Core GNU utilities (file, text, shell)") (description "GNU Coreutils includes all of the basic command-line tools that are @@ -362,29 +346,6 @@ functionality beyond that which is outlined in the POSIX standard.") (license gpl3+) (home-page "https://www.gnu.org/software/coreutils/"))) -;; We add version 8.27 here for use in (gnu system) due to a time -;; zone bug in `date' versions 8.25 - 8.26. -;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23035 -;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26238 -(define-public coreutils-8.27 - (package - (inherit coreutils) - (version "8.27") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/coreutils/coreutils-" - version ".tar.xz")) - (sha256 - (base32 - "0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8")))) - (arguments - (if (string-prefix? "arm" (or (%current-target-system) - (%current-system))) - (substitute-keyword-arguments (package-arguments coreutils) - ((#:phases phases) - `(alist-delete 'patch-cut-test ,phases))) - (package-arguments coreutils))))) - (define-public coreutils-minimal ;; Coreutils without its optional dependencies. (package @@ -434,17 +395,16 @@ change. GNU make offers many powerful extensions over the standard utility.") (define-public binutils (package (name "binutils") - (version "2.27") + (version "2.28") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/binutils/binutils-" version ".tar.bz2")) (sha256 (base32 - "125clslv17xh1sab74343fg6v31msavpmaa1c1394zsqa773g5rn")) + "0wiasgns7i8km8nrxas265sh2dfpsw93b3qw195ipc90w4z475v2")) (patches (search-patches "binutils-ld-new-dtags.patch" - "binutils-loongson-workaround.patch" - "binutils-mips-bash-bug.patch")))) + "binutils-loongson-workaround.patch")))) (build-system gnu-build-system) ;; TODO: Add dependency on zlib + those for Gold. @@ -456,10 +416,6 @@ change. GNU make offers many powerful extensions over the standard utility.") ;; Don't search under /usr/lib & co. "--with-lib-path=/no-ld-lib-path" - ;; Glibc 2.17 has a "comparison of unsigned - ;; expression >= 0 is always true" in wchar.h. - "--disable-werror" - ;; Install BFD. It ends up in a hidden directory, ;; but it's here. "--enable-install-libbfd" @@ -482,7 +438,7 @@ included.") (define* (make-ld-wrapper name #:key (target (const #f)) binutils - (guile (canonical-package guile-2.0)) + (guile (canonical-package guile-2.2)) (bash (canonical-package bash)) (guile-for-build guile)) "Return a package called NAME that contains a wrapper for the 'ld' program @@ -558,7 +514,6 @@ store.") (package (name "glibc") (version "2.25") - (replacement glibc-2.25-patched) (source (origin (method url-fetch) (uri (string-append "mirror://gnu/glibc/glibc-" @@ -576,7 +531,12 @@ store.") (modules '((guix build utils))) (patches (search-patches "glibc-ldd-x86_64.patch" "glibc-versioned-locpath.patch" - "glibc-o-largefile.patch")))) + "glibc-o-largefile.patch" + "glibc-memchr-overflow-i686.patch" + "glibc-vectorized-strcspn-guards.patch" + "glibc-CVE-2017-1000366-pt1.patch" + "glibc-CVE-2017-1000366-pt2.patch" + "glibc-CVE-2017-1000366-pt3.patch")))) (build-system gnu-build-system) ;; Glibc's <limits.h> refers to <linux/limit.h>, for instance, so glibc @@ -588,10 +548,6 @@ store.") (arguments `(#:out-of-source? #t - ;; In version 2.21, there a race in the 'elf' directory, see - ;; <http://lists.gnu.org/archive/html/guix-devel/2015-02/msg00709.html>. - #:parallel-build? #f - ;; The libraries have an empty RUNPATH, but some, such as the versioned ;; libraries (libdl-2.24.so, etc.) have ld.so marked as NEEDED. Since ;; these libraries are always going to be found anyway, just skip @@ -667,19 +623,6 @@ store.") ;; 4.7.1. ((" -lgcc_s") "")) - ;; Apply patch only on i686. - ;; TODO: Move the patch to 'patches' in the next update cycle. - ,@(if (string-prefix? "i686" (or (%current-target-system) - (%current-system))) - `((unless (zero? (system* "patch" "-p1" "--force" - "--input" - (or (assoc-ref native-inputs - "glibc-memchr-overflow-i686.patch") - (assoc-ref inputs - "glibc-memchr-overflow-i686.patch")))) - (error "patch failed for glibc-memchr-overflow-i686.patch"))) - '()) - ;; Have `system' use that Bash. (substitute* "sysdeps/posix/system.c" (("#define[[:blank:]]+SHELL_PATH.*$") @@ -723,15 +666,7 @@ store.") ;; install the message catalogs, with 'msgfmt'. (native-inputs `(("texinfo" ,texinfo) ("perl" ,perl) - ("gettext" ,gettext-minimal) - - ;; Apply this patch only on i686 to avoid a full rebuild. - ;; TODO: Move to 'patches' in the next update cycle. - ,@(if (string-prefix? "i686" (or (%current-target-system) - (%current-system))) - `(("glibc-memchr-overflow-i686.patch" - ,(search-patch "glibc-memchr-overflow-i686.patch"))) - '()))) + ("gettext" ,gettext-minimal))) (native-search-paths ;; Search path for packages that provide locale data. This is useful @@ -780,71 +715,6 @@ with the Linux kernel.") ;; Add libmachuser.so and libhurduser.so to libc.so's search path. ;; See <http://lists.gnu.org/archive/html/bug-hurd/2015-07/msg00051.html>. `(modify-phases ,original-phases - ;; TODO: This is almost an exact copy of the phase of the same name - ;; in glibc/linux. The only difference is that the i686 patch is - ;; not applied here. In the next update cycle the patch moves to - ;; the patches field and this overwritten phase won't be needed any - ;; more. - (replace 'pre-configure - (lambda* (#:key inputs native-inputs outputs - #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append out "/bin")) - ;; FIXME: Normally we would look it up only in INPUTS - ;; but cross-base uses it as a native input. - (bash (or (assoc-ref inputs "static-bash") - (assoc-ref native-inputs "static-bash")))) - ;; Install the rpc data base file under `$out/etc/rpc'. - ;; FIXME: Use installFlags = [ "sysconfdir=$(out)/etc" ]; - (substitute* "sunrpc/Makefile" - (("^\\$\\(inst_sysconfdir\\)/rpc(.*)$" _ suffix) - (string-append out "/etc/rpc" suffix "\n")) - (("^install-others =.*$") - (string-append "install-others = " out "/etc/rpc\n"))) - - (substitute* "Makeconfig" - ;; According to - ;; <http://www.linuxfromscratch.org/lfs/view/stable/chapter05/glibc.html>, - ;; linking against libgcc_s is not needed with GCC - ;; 4.7.1. - ((" -lgcc_s") "")) - - ;; Have `system' use that Bash. - (substitute* "sysdeps/posix/system.c" - (("#define[[:blank:]]+SHELL_PATH.*$") - (format #f "#define SHELL_PATH \"~a/bin/bash\"\n" - bash))) - - ;; Same for `popen'. - (substitute* "libio/iopopen.c" - (("/bin/sh") - (string-append bash "/bin/sh"))) - - ;; Same for the shell used by the 'exec' functions for - ;; scripts that lack a shebang. - (substitute* (find-files "." "^paths\\.h$") - (("#define[[:blank:]]+_PATH_BSHELL[[:blank:]].*$") - (string-append "#define _PATH_BSHELL \"" - bash "/bin/sh\"\n"))) - - ;; Nscd uses __DATE__ and __TIME__ to create a string to - ;; make sure the client and server come from the same - ;; libc. Use something deterministic instead. - (substitute* "nscd/nscd_stat.c" - (("static const char compilation\\[21\\] =.*$") - (string-append - "static const char compilation[21] = \"" - (string-take (basename out) 20) "\";\n"))) - - ;; Make sure we don't retain a reference to the - ;; bootstrap Perl. - (substitute* "malloc/mtrace.pl" - (("^#!.*") - ;; The shebang can be omitted, because there's the - ;; "bilingual" eval/exec magic at the top of the file. - "") - (("exec @PERL@") - "exec perl"))))) (add-after 'install 'augment-libc.so (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out"))) @@ -902,19 +772,6 @@ GLIBC/HURD for a Hurd host" (define-syntax glibc (identifier-syntax (glibc-for-target))) -(define glibc-2.25-patched - (package - (inherit glibc) - (source (origin - (inherit (package-source glibc)) - (patches (search-patches "glibc-ldd-x86_64.patch" - "glibc-versioned-locpath.patch" - "glibc-o-largefile.patch" - "glibc-vectorized-strcspn-guards.patch" - "glibc-CVE-2017-1000366-pt1.patch" - "glibc-CVE-2017-1000366-pt2.patch" - "glibc-CVE-2017-1000366-pt3.patch")))))) - ;; Below are old libc versions, which we use mostly to build locale data in ;; the old format (which the new libc cannot cope with.) diff --git a/gnu/packages/bash.scm b/gnu/packages/bash.scm index 34cfa08944..0d0982d438 100644 --- a/gnu/packages/bash.scm +++ b/gnu/packages/bash.scm @@ -211,33 +211,33 @@ without modification.") (outputs (delete "include" (package-outputs bash))) (arguments - (let ((args `(#:modules ((guix build gnu-build-system) - (guix build utils) - (srfi srfi-1) - (srfi srfi-26)) - ,@(package-arguments bash)))) - (substitute-keyword-arguments args - ((#:configure-flags flags) - `(list "--without-bash-malloc" - "--disable-readline" - "--disable-history" - "--disable-help-builtin" - "--disable-progcomp" - "--disable-net-redirections" - "--disable-nls" + (substitute-keyword-arguments (package-arguments bash) + ((#:modules _ '()) + '((guix build gnu-build-system) + (guix build utils) + (srfi srfi-1) + (srfi srfi-26))) + ((#:configure-flags flags '()) + `(list "--without-bash-malloc" + "--disable-readline" + "--disable-history" + "--disable-help-builtin" + "--disable-progcomp" + "--disable-net-redirections" + "--disable-nls" - ;; Pretend 'dlopen' is missing so we don't build loadable - ;; modules and related code. - "ac_cv_func_dlopen=no" + ;; Pretend 'dlopen' is missing so we don't build loadable + ;; modules and related code. + "ac_cv_func_dlopen=no" - ,@(if (%current-target-system) - '("bash_cv_job_control_missing=no" - "bash_cv_getcwd_malloc=yes") - '()))) - ((#:phases phases) - `(modify-phases ,phases - ;; No loadable modules. - (delete 'move-development-files)))))))) + ,@(if (%current-target-system) + '("bash_cv_job_control_missing=no" + "bash_cv_getcwd_malloc=yes") + '()))) + ((#:phases phases) + `(modify-phases ,phases + ;; No loadable modules. + (delete 'move-development-files))))))) (define-public static-bash ;; Statically-linked Bash that contains nothing but the 'bash' binary and diff --git a/gnu/packages/bdw-gc.scm b/gnu/packages/bdw-gc.scm index b9732374d7..790a238579 100644 --- a/gnu/packages/bdw-gc.scm +++ b/gnu/packages/bdw-gc.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2012, 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> +;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -23,7 +24,8 @@ #:use-module (guix packages) #:use-module (guix download) #:use-module (guix build-system gnu) - #:use-module (gnu packages pkg-config)) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages hurd)) (define-public libgc (package @@ -38,8 +40,20 @@ "143x7g0d0k6250ai6m2x3l4y352mzizi4wbgrmahxscv2aqjhjm1")))) (build-system gnu-build-system) (arguments - '(#:configure-flags '(;; Install gc_cpp.h et al. - "--enable-cplusplus"))) + `(#:configure-flags + (list + ;; Install gc_cpp.h et al. + "--enable-cplusplus" + ;; In GNU/Hurd systems during the 'Check' phase, + ;; there is a deadlock caused by the 'gctest' test. + ;; To disable the error set "--disable-gcj-support" + ;; to configure script. See bug report and discussion: + ;; <https://lists.opendylan.org/pipermail/bdwgc/2017-April/006275.html> + ;; <https://lists.gnu.org/archive/html/bug-hurd/2017-01/msg00008.html> + ,@(if (hurd-triplet? (or (%current-system) + (%current-target-system))) + '("--disable-gcj-support") + '())))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs `(("libatomic-ops" ,libatomic-ops))) (outputs '("out" "debug")) diff --git a/gnu/packages/boost.scm b/gnu/packages/boost.scm index dfaa853533..4c7308e9d6 100644 --- a/gnu/packages/boost.scm +++ b/gnu/packages/boost.scm @@ -28,14 +28,15 @@ #:use-module (guix build-system gnu) #:use-module (gnu packages) #:use-module (gnu packages compression) + #:use-module (gnu packages icu4c) + #:use-module (gnu packages perl) #:use-module (gnu packages python) - #:use-module (gnu packages shells) - #:use-module (gnu packages perl)) + #:use-module (gnu packages shells)) (define-public boost (package (name "boost") - (version "1.63.0") + (version "1.64.0") (source (origin (method url-fetch) (uri (string-append @@ -44,9 +45,10 @@ ".tar.bz2")) (sha256 (base32 - "1c5kzhcqahnic55dxcnw7r80qvwx5sfa2sa97yzv7xjrywljbbmy")))) + "0cikd35xfkpg9nnl76yqqnqxnf3hyfjjww8xjd4akflprsm5rk3v")))) (build-system gnu-build-system) - (inputs `(("zlib" ,zlib))) + (inputs `(("icu4c" ,icu4c) + ("zlib" ,zlib))) (native-inputs `(("perl" ,perl) ("python" ,python-2) diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm index 9ae6175280..2d8d89f754 100644 --- a/gnu/packages/bootloaders.scm +++ b/gnu/packages/bootloaders.scm @@ -118,10 +118,7 @@ (native-inputs `(("unifont" ,unifont) ("bison" ,bison) - ;; Due to a bug in flex >= 2.6.2, GRUB must be built with an older flex: - ;; <http://lists.gnu.org/archive/html/grub-devel/2017-02/msg00133.html> - ;; TODO Try building with flex > 2.6.3. - ("flex" ,flex-2.6.1) + ("flex" ,flex) ("texinfo" ,texinfo) ("help2man" ,help2man) @@ -244,7 +241,7 @@ menu to select one of the installed operating systems.") (build-system gnu-build-system) (native-inputs `(("bison" ,bison) - ("flex" ,flex-2.6.1))) ; A bug in flex prevents building with flex-2.6.3. + ("flex" ,flex))) (arguments `(#:make-flags (list "CC=gcc" diff --git a/gnu/packages/bootstrap.scm b/gnu/packages/bootstrap.scm index f43decc96e..ba733b3a9e 100644 --- a/gnu/packages/bootstrap.scm +++ b/gnu/packages/bootstrap.scm @@ -162,6 +162,7 @@ successful, or false to signal an error." gnu-triplet->nix-system) (%current-system)))) "Return the name of Glibc's dynamic linker for SYSTEM." + ;; See the 'SYSDEP_KNOWN_INTERPRETER_NAMES' cpp macro in libc. (cond ((string=? system "x86_64-linux") "/lib/ld-linux-x86-64.so.2") ((string=? system "i686-linux") "/lib/ld-linux.so.2") ((string=? system "armhf-linux") "/lib/ld-linux-armhf.so.3") @@ -170,6 +171,7 @@ successful, or false to signal an error." ((string=? system "i686-gnu") "/lib/ld.so.1") ((string=? system "aarch64-linux") "/lib/ld-linux-aarch64.so.1") ((string=? system "powerpc-linux") "/lib/ld.so.1") + ((string=? system "powerpc64le-linux") "/lib/ld64.so.2") ((string=? system "alpha-linux") "/lib/ld-linux.so.2") ;; XXX: This one is used bare-bones, without a libc, so add a case diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm index 54cf89bf47..2b67881ede 100644 --- a/gnu/packages/commencement.scm +++ b/gnu/packages/commencement.scm @@ -509,14 +509,7 @@ the bootstrap environment." (propagated-inputs `(("kernel-headers" ,(kernel-headers-boot0)))) (native-inputs `(("texinfo" ,texinfo-boot0) - ("perl" ,perl-boot0) - ;; Apply this patch only on i686 to avoid a full rebuild. - ;; TODO: Remove in the next update cycle. - ,@(if (string-prefix? "i686" (or (%current-target-system) - (%current-system))) - `(("glibc-memchr-overflow-i686.patch" - ,(search-patch "glibc-memchr-overflow-i686.patch"))) - '()))) + ("perl" ,perl-boot0))) (inputs `(;; The boot inputs. That includes the bootstrap libc. We don't want ;; it in $CPATH, hence the 'pre-configure' phase above. @@ -806,13 +799,14 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%" (define bash-final ;; Link with `-static-libgcc' to make sure we don't retain a reference - ;; to the bootstrap GCC. + ;; to the bootstrap GCC. Use "bash-minimal" to avoid an extra dependency + ;; on Readline and ncurses. (let ((bash (package - (inherit bash) + (inherit bash-minimal) (arguments `(#:disallowed-references ,(assoc-ref %boot3-inputs "coreutils&co") - ,@(package-arguments bash)))))) + ,@(package-arguments bash-minimal)))))) (package-with-bootstrap-guile (package-with-explicit-inputs (static-libgcc-package bash) %boot3-inputs @@ -828,7 +822,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%" ;; This package must be public because other modules refer to it. However, ;; mark it as hidden so that 'fold-packages' ignores it. (package-with-bootstrap-guile - (package-with-explicit-inputs (hidden-package guile-2.0/fixed) + (package-with-explicit-inputs (hidden-package guile-2.2/fixed) %boot4-inputs (current-source-location) #:guile %bootstrap-guile))) @@ -849,12 +843,10 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%" (define-public ld-wrapper ;; The final 'ld' wrapper, which uses the final Guile and Binutils. - (package (inherit ld-wrapper-boot3) - (name "ld-wrapper") - (inputs `(("guile" ,guile-final) - ("bash" ,bash-final) - ,@(fold alist-delete (package-inputs ld-wrapper-boot3) - '("guile" "bash")))))) + (make-ld-wrapper "ld-wrapper" + #:binutils binutils-final + #:guile guile-final + #:bash bash-final)) (define %boot5-inputs ;; Now with UTF-8 locales. Remember that the bootstrap binaries were built @@ -947,7 +939,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%" the implicit inputs of 'gnu-build-system', return that one, otherwise return PACKAGE. -The goal is to avoid duplication in cases like GUILE-FINAL vs. GUILE-2.0, +The goal is to avoid duplication in cases like GUILE-FINAL vs. GUILE-2.2, COREUTILS-FINAL vs. COREUTILS, etc." ;; XXX: This doesn't handle dependencies of the final inputs, such as ;; libunistring, GMP, etc. diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index ede35f9f5b..6ed4519344 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -212,84 +212,78 @@ file; as a result, it is often used in conjunction with \"tar\", resulting in (home-page "https://www.gnu.org/software/gzip/"))) (define-public bzip2 - (let ((build-shared-lib - ;; Build a shared library. - '(lambda* (#:key inputs #:allow-other-keys) - (patch-makefile-SHELL "Makefile-libbz2_so") - (zero? (system* "make" "-f" "Makefile-libbz2_so")))) - (install-shared-lib - '(lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (libdir (string-append out "/lib"))) - (for-each (lambda (file) - (let ((base (basename file))) - (format #t "installing `~a' to `~a'~%" - base libdir) - (copy-file file - (string-append libdir "/" base)))) - (find-files "." "^libbz2\\.so"))))) - (set-cross-environment - '(lambda* (#:key target #:allow-other-keys) - (substitute* (find-files "." "Makefile") - (("CC=.*$") - (string-append "CC = " target "-gcc\n")) - (("AR=.*$") - (string-append "AR = " target "-ar\n")) - (("RANLIB=.*$") - (string-append "RANLIB = " target "-ranlib\n")) - (("^all:(.*)test" _ prerequisites) - ;; Remove 'all' -> 'test' dependency. - (string-append "all:" prerequisites "\n")))))) - (package - (name "bzip2") - (version "1.0.6") - (source (origin - (method url-fetch) - (uri (string-append "http://www.bzip.org/" version "/bzip2-" - version ".tar.gz")) - (sha256 - (base32 - "1kfrc7f0ja9fdn6j1y6yir6li818npy6217hvr3wzmnmzhs8z152")))) - (build-system gnu-build-system) - (arguments - `(#:modules ((guix build gnu-build-system) - (guix build utils) - (srfi srfi-1)) - #:phases - ,(if (%current-target-system) - - ;; Cross-compilation: use the cross tools. - `(alist-cons-before - 'build 'build-shared-lib ,build-shared-lib - (alist-cons-after - 'install 'install-shared-lib ,install-shared-lib - (alist-replace 'configure ,set-cross-environment - %standard-phases))) - - ;; Native compilation: build the shared library. - `(alist-cons-before - 'build 'build-shared-lib ,build-shared-lib - (alist-cons-after - 'install 'install-shared-lib ,install-shared-lib - (alist-delete 'configure %standard-phases)))) + (package + (name "bzip2") + (version "1.0.6") + (source (origin + (method url-fetch) + (uri (string-append "http://www.bzip.org/" version "/bzip2-" + version ".tar.gz")) + (sha256 + (base32 + "1kfrc7f0ja9fdn6j1y6yir6li818npy6217hvr3wzmnmzhs8z152")))) + (build-system gnu-build-system) + (arguments + `(#:modules ((guix build gnu-build-system) + (guix build utils) + (srfi srfi-1)) + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key target #:allow-other-keys) + (if ,(%current-target-system) + ;; Cross-compilation: use the cross tools. + (substitute* (find-files "." "Makefile") + (("CC=.*$") + (string-append "CC = " target "-gcc\n")) + (("AR=.*$") + (string-append "AR = " target "-ar\n")) + (("RANLIB=.*$") + (string-append "RANLIB = " target "-ranlib\n")) + (("^all:(.*)test" _ prerequisites) + ;; Remove 'all' -> 'test' dependency. + (string-append "all:" prerequisites "\n"))) + #t))) + (add-before 'build 'build-shared-lib + (lambda* (#:key inputs #:allow-other-keys) + (patch-makefile-SHELL "Makefile-libbz2_so") + (zero? (system* "make" "-f" "Makefile-libbz2_so")))) + (add-after 'install 'install-shared-lib + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (libdir (string-append out "/lib"))) + (for-each (lambda (file) + (let ((base (basename file))) + (format #t "installing `~a' to `~a'~%" + base libdir) + (copy-file file + (string-append libdir "/" base)))) + (find-files "." "^libbz2\\.so"))) + #t)) + (add-after 'install-shared-lib 'patch-scripts + (lambda* (#:key outputs inputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out"))) + (substitute* (string-append out "/bin/bzdiff") + (("/bin/rm") "rm"))) + #t))) - #:make-flags (list (string-append "PREFIX=" - (assoc-ref %outputs "out"))) + #:make-flags (list (string-append "PREFIX=" + (assoc-ref %outputs "out"))) - ;; Don't attempt to run the tests when cross-compiling. - ,@(if (%current-target-system) - '(#:tests? #f) - '()))) - (synopsis "High-quality data compression program") - (description - "bzip2 is a freely available, patent free (see below), high-quality data + ;; Don't attempt to run the tests when cross-compiling. + ,@(if (%current-target-system) + '(#:tests? #f) + '()))) + (synopsis "High-quality data compression program") + (description + "bzip2 is a freely available, patent free (see below), high-quality data compressor. It typically compresses files to within 10% to 15% of the best available techniques (the PPM family of statistical compressors), whilst being around twice as fast at compression and six times faster at decompression.") - (license (license:non-copyleft "file://LICENSE" - "See LICENSE in the distribution.")) - (home-page "http://www.bzip.org/")))) + (license (license:non-copyleft "file://LICENSE" + "See LICENSE in the distribution.")) + (home-page "http://www.bzip.org/"))) (define-public lbzip2 (package @@ -462,14 +456,14 @@ some compression ratio).") (define-public lzip (package (name "lzip") - (version "1.16") + (version "1.18") (source (origin (method url-fetch) (uri (string-append "mirror://savannah/lzip/lzip-" version ".tar.gz")) (sha256 (base32 - "0l9724rw1l3hg2ldr3n7ihqich4m9nc6y7l302bvdj4jmxdw530j")))) + "1p8lvc22sv3damld9ng8y6i8z2dvvpsbi9v7yhr5bc2a20m8iya7")))) (build-system gnu-build-system) (home-page "http://www.nongnu.org/lzip/lzip.html") (synopsis "Lossless data compressor based on the LZMA algorithm") diff --git a/gnu/packages/cups.scm b/gnu/packages/cups.scm index accfe410ba..cb852e7268 100644 --- a/gnu/packages/cups.scm +++ b/gnu/packages/cups.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org> ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; Copyright © 2017 Mark H Weaver <mhw@netris.org> @@ -53,7 +53,7 @@ (define-public cups-filters (package (name "cups-filters") - (version "1.13.1") + (version "1.14.1") (source(origin (method url-fetch) (uri @@ -61,7 +61,7 @@ "cups-filters-" version ".tar.xz")) (sha256 (base32 - "0s7hylp2lcvc1vrqpywpv7lspkrh4xf7cyi4nbg10cf38rshj474")) + "0175jhqpsyn7bkh7w43ydhyws5zsdak05hr1fsadvzslvwqkffgi")) (modules '((guix build utils))) (snippet ;; install backends, banners and filters to cups-filters output @@ -141,7 +141,7 @@ filters for the PDF-centric printing workflow introduced by OpenPrinting.") (define-public cups-minimal (package (name "cups-minimal") - (version "2.2.1") + (version "2.2.4") (source (origin (method url-fetch) @@ -149,7 +149,7 @@ filters for the PDF-centric printing workflow introduced by OpenPrinting.") version "/cups-" version "-source.tar.gz")) (sha256 (base32 - "1m8rwhbk0l8n19iwm51r2569jj15d0x6mpqhfig0bk3pm4577f43")))) + "1k4qxafmapq6hzbkh273fdyzkj9alw6ppwz5k933bhsi4svlsvar")))) (build-system gnu-build-system) (arguments `(#:configure-flags diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index a9f219b621..af15aa38c4 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -40,15 +40,14 @@ (define-public curl (package (name "curl") - (replacement curl-7.54.1) - (version "7.53.0") + (version "7.54.1") (source (origin (method url-fetch) (uri (string-append "https://curl.haxx.se/download/curl-" version ".tar.lzma")) (sha256 (base32 - "1k0i31xygb804c61llhin5wbpcscg4gfqmbxcfkpdr1alwh7igrq")))) + "0vnv3cz0s1l5cjby86hm0x6pgzqijmdm97qa9q5px200956z6yib")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.2 MiB of man3 pages @@ -120,16 +119,3 @@ tunneling, and so on.") (license (license:non-copyleft "file://COPYING" "See COPYING in the distribution.")) (home-page "https://curl.haxx.se/"))) - -(define curl-7.54.1 - (package - (inherit curl) - (version "7.54.1") - (source - (origin - (method url-fetch) - (uri (string-append "https://curl.haxx.se/download/curl-" - version ".tar.lzma")) - (sha256 - (base32 - "0vnv3cz0s1l5cjby86hm0x6pgzqijmdm97qa9q5px200956z6yib")))))) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index bd0ff32426..4aafba02f1 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -126,14 +126,14 @@ either single machines or networked clusters.") (define-public gdbm (package (name "gdbm") - (version "1.12") + (version "1.13") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/gdbm/gdbm-" version ".tar.gz")) (sha256 (base32 - "1smwz4x5qa4js0zf1w3asq6z7mh20zlgwbh2bk5dczw6xrk22yyr")))) + "0lx201q20dvc70f8a3c9s7s18z15inlxvbffph97ngvrgnyjq9cx")))) (arguments `(#:configure-flags '("--enable-libgdbm-compat"))) (build-system gnu-build-system) (home-page "http://www.gnu.org.ua/software/gdbm") @@ -730,7 +730,7 @@ for example from a shell script.") (define-public sqlite (package (name "sqlite") - (version "3.17.0") + (version "3.19.3") (source (origin (method url-fetch) (uri (let ((numeric-version @@ -746,7 +746,7 @@ for example from a shell script.") numeric-version ".tar.gz"))) (sha256 (base32 - "0k472gq0p706jq4529p60znvw02hdf172qxgbdv59q0n7anqbr54")))) + "00b3l2qglpl1inx21fckiwxnfq5xf6441flc79rqg7zdvh1rq4h6")))) (build-system gnu-build-system) (inputs `(("readline" ,readline))) (arguments diff --git a/gnu/packages/ed.scm b/gnu/packages/ed.scm index 5014229952..d30d7bcfa8 100644 --- a/gnu/packages/ed.scm +++ b/gnu/packages/ed.scm @@ -28,14 +28,14 @@ (define-public ed (package (name "ed") - (version "1.14.1") + (version "1.14.2") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/ed/ed-" version ".tar.lz")) (sha256 (base32 - "0ajm69pma7gigddlrq2qi4dsllz9vhm8gqwpkcdagdd2yaw7xfgz")))) + "1nqhk3n1s1p77g2bjnj55acicsrlyb2yasqxqwpx0w0djfx64ygm")))) (build-system gnu-build-system) (native-inputs `(("lzip" ,lzip))) (arguments diff --git a/gnu/packages/embedded.scm b/gnu/packages/embedded.scm index e509647eae..29a3e543e5 100644 --- a/gnu/packages/embedded.scm +++ b/gnu/packages/embedded.scm @@ -447,7 +447,7 @@ with a layered architecture of JTAG interface and TAP support.") ,@(package-arguments xbinutils))) (native-inputs `(("bison" ,bison) - ("flex" ,flex-2.6.1) ; needed because of yywrap error + ("flex" ,flex) ("texinfo" ,texinfo) ("dejagnu" ,dejagnu) ,@(package-native-inputs xbinutils)))))) @@ -827,7 +827,7 @@ simulator.") (base32 "14b3h2ji740s8zq5vwm4qdcxs4aa4wxi6wb9di3bv1h39x14nyr9")))) ("texinfo" ,texinfo) - ("flex" ,flex-2.6.1) ; A bug in flex prevents building with flex-2.6.3. + ("flex" ,flex) ("bison" ,bison) ("guile-1.8" ,guile-1.8) ("which" ,base:which))) diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm index a6239877a0..050e6715b1 100644 --- a/gnu/packages/file.scm +++ b/gnu/packages/file.scm @@ -28,14 +28,14 @@ (define-public file (package (name "file") - (version "5.28") + (version "5.30") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.astron.com/pub/file/file-" version ".tar.gz")) (sha256 (base32 - "04p0w9ggqq6cqvwhyni0flji1z0rwrz896hmhkxd2mc6dca5xjqf")))) + "057jpcyy8ws7q4s4sm8r1rxb8xycdbng2z4y9i98f094wlr28k39")))) (build-system gnu-build-system) ;; When cross-compiling, this package depends upon a native install of diff --git a/gnu/packages/flex.scm b/gnu/packages/flex.scm index 1470b967da..fdda5f365d 100644 --- a/gnu/packages/flex.scm +++ b/gnu/packages/flex.scm @@ -32,7 +32,7 @@ (define-public flex (package (name "flex") - (version "2.6.3") + (version "2.6.4") (source (origin (method url-fetch) (uri (string-append @@ -41,7 +41,7 @@ "flex-" version ".tar.gz")) (sha256 (base32 - "1an2cn2z85mkpgqcinh1fhhcd7993qm2lil1yxic8iz76ci79ck8")))) + "15g9bv236nzi665p9ggqjlfn4dwck5835vf0bbw2cz7h5c1swyp8")))) (build-system gnu-build-system) (inputs (let ((bison-for-tests @@ -85,20 +85,3 @@ regular expressions for each rule. Whenever it finds a match, it executes the corresponding C code.") (license (non-copyleft "file://COPYING" "See COPYING in the distribution.")))) - -;;; Many packages fail to build with flex > 2.6.1, due to this bug in flex: -;;; <https://github.com/westes/flex/issues/162> -;;; We must not use a flex before 2.6.1, due to CVE-2016-6354. -;;; TODO Try using flex > 2.6.3. -(define-public flex-2.6.1 - (package - (inherit flex) - (version "2.6.1") - (source (origin - (method url-fetch) - (uri (string-append "https://github.com/westes/flex" - "/releases/download/v" version "/" - "flex-" version ".tar.xz")) - (sha256 - (base32 - "0gqhk4vkwy4gl9xbpgkljph8c0a5kpijz6wd0p5r9q202qn42yic")))))) diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index 75736a73d0..bd74c4d6aa 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -34,6 +34,7 @@ #:use-module (gnu packages bison) #:use-module (gnu packages flex) #:use-module (gnu packages glib) + #:use-module (gnu packages gperf) #:use-module (gnu packages xorg) #:use-module (gnu packages gtk) #:use-module (gnu packages xml) @@ -48,14 +49,13 @@ (define-public freetype (package (name "freetype") - (replacement freetype/fixed) - (version "2.7.1") + (version "2.8") (source (origin (method url-fetch) (uri (string-append "mirror://savannah/freetype/freetype-" version ".tar.bz2")) (sha256 (base32 - "121gm15ayfg3rglby8ifh8384mcjb9dhmx9j40zl7yszw72b4frs")))) + "02xlj611alpvl3h33hvfw1jyxc1vp9mzwcckkiglkhn3hknh7im3")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) @@ -74,15 +74,6 @@ anti-aliased glyph bitmap generation with 256 gray levels.") (license license:freetype) ; some files have other licenses (home-page "https://www.freetype.org/"))) -(define freetype/fixed - (package - (inherit freetype) - (source - (origin - (inherit (package-source freetype)) - (patches (search-patches "freetype-CVE-2017-8105.patch" - "freetype-CVE-2017-8287.patch")))))) - (define-public ttfautohint (package (name "ttfautohint") @@ -235,22 +226,21 @@ fonts to/from the WOFF2 format.") (define-public fontconfig (package (name "fontconfig") - (version "2.12.1") + (version "2.12.3") (source (origin (method url-fetch) (uri (string-append "https://www.freedesktop.org/software/fontconfig/release/fontconfig-" version ".tar.bz2")) - (patches (search-patches "fontconfig-charwidth-symbol-conflict.patch" - "fontconfig-path-max.patch")) (sha256 (base32 - "1wy7svvp7df6bjpg1m5vizb3ngd7rhb20vpclv3x3qa71khs6jdl")))) + "1ggq6jmz3mlzk4xjs615aqw9h3hq33chjn82bhli26kk09kby95x")))) (build-system gnu-build-system) (propagated-inputs `(("expat" ,expat) ("freetype" ,freetype))) (inputs `(("gs-fonts" ,gs-fonts))) (native-inputs - `(("pkg-config" ,pkg-config))) + `(("gperf" ,gperf) ; Try dropping this for > 2.12.3. + ("pkg-config" ,pkg-config))) (arguments `(#:configure-flags (list "--with-cache-dir=/var/cache/fontconfig" @@ -268,10 +258,12 @@ fonts to/from the WOFF2 format.") "PYTHON=false") #:phases (modify-phases %standard-phases - (add-after 'unpack 'fix-tests-for-freetype-2.7.1 + (add-before 'configure 'regenerate-fcobjshash + ;; XXX The pre-generated gperf files are broken. + ;; See <https://bugs.freedesktop.org/show_bug.cgi?id=101280>. (lambda _ - (substitute* "test/run-test.sh" - (("\\\| sort") "| cut -d' ' -f2 | sort")) + (delete-file "src/fcobjshash.h") + (delete-file "src/fcobjshash.gperf") #t)) (replace 'install (lambda _ @@ -385,8 +377,7 @@ applications should be.") (define-public graphite2 (package (name "graphite2") - (version "1.3.9") - (replacement graphite2/fixed) + (version "1.3.10") (source (origin (method url-fetch) @@ -395,7 +386,7 @@ applications should be.") (patches (search-patches "graphite2-ffloat-store.patch")) (sha256 (base32 - "0rs5h7m340z75kygx8d72cps0q6yvvqa9i788vym7585cfv8a0gc")))) + "1bm1rl2ww0m8rvmknh8fpajyz9xqv43qs9qrzf7xd5gaz6rf7zch")))) (build-system cmake-build-system) (native-inputs `(("python" ,python-2) ; because of "import imap" in tests @@ -411,21 +402,6 @@ and returns a sequence of positioned glyphids from the font.") (license license:lgpl2.1+) (home-page "https://github.com/silnrsi/graphite"))) -(define graphite2/fixed - (package - (inherit graphite2) - (name "graphite2") - (source - (origin - (method url-fetch) - (uri (let ((version "1.3.10")) - (string-append "https://github.com/silnrsi/graphite/releases/" - "download/" version "/" name "-" version ".tgz"))) - (patches (search-patches "graphite2-ffloat-store.patch")) - (sha256 - (base32 - "1bm1rl2ww0m8rvmknh8fpajyz9xqv43qs9qrzf7xd5gaz6rf7zch")))))) - (define-public potrace (package (name "potrace") diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm index f0e8dae3e8..6b1bc762ba 100644 --- a/gnu/packages/gcc.scm +++ b/gnu/packages/gcc.scm @@ -213,7 +213,7 @@ where the OS part is overloaded to denote a specific ABI---into GCC ;; Fix the dynamic linker's file name. (substitute* (find-files "gcc/config" "^(linux|gnu|sysv4)(64|-elf|-eabi)?\\.h$") - (("#define (GLIBC|GNU_USER)_DYNAMIC_LINKER([^ ]*).*$" + (("#define (GLIBC|GNU_USER)_DYNAMIC_LINKER([^ \t]*).*$" _ gnu-user suffix) (format #f "#define ~a_DYNAMIC_LINKER~a \"~a\"~%" gnu-user suffix @@ -382,6 +382,7 @@ Go. It also includes runtime support libraries for these languages.") "0fihlcy5hnksdxk0sn6bvgnyq8gfrgs8m794b1jxwd1dxinzg3b0")) (patches (search-patches "gcc-arm-bug-71399.patch" "gcc-strmov-store-file-names.patch" + "gcc-asan-powerpc-missing-include.patch" "gcc-5.0-libvtv-runpath.patch" "gcc-5-source-date-epoch-1.patch" "gcc-5-source-date-epoch-2.patch")))))) diff --git a/gnu/packages/gettext.scm b/gnu/packages/gettext.scm index 0484b8089e..44535859cb 100644 --- a/gnu/packages/gettext.scm +++ b/gnu/packages/gettext.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Alex Kost <alezost@gmail.com> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> +;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -45,7 +46,13 @@ version ".tar.gz")) (sha256 (base32 - "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z")))) + "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z")) + ;; test-lock has performance issues on multi-core machines, + ;; it hangs or takes a long time to complete. + ;; There is one commit in gettext and one commit + ;; in gettext's embedded gnulib to fix this issue. + (patches (search-patches "gettext-multi-core.patch" + "gettext-gnulib-multi-core.patch")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;8 MiB of HTML diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index dc5dbcc856..b15b032a72 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2013, 2015, 2016 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com> ;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; ;;; This file is part of GNU Guix. ;;; @@ -129,85 +130,101 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package - (name "ghostscript") - (replacement ghostscript/fixed) - (version "9.14.0") - ;; XXX Try removing the bundled copy of jbig2dec. - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-" - version ".tar.xz")) - (sha256 - (base32 - "0q4jj41p0qbr4mgcc9q78f5zs8cm1g57wgryhsm2yq4lfslm3ib1")) - (patches (search-patches "ghostscript-CVE-2013-5653.patch" - "ghostscript-CVE-2015-3228.patch" - "ghostscript-CVE-2016-7976.patch" - "ghostscript-CVE-2016-7978.patch" - "ghostscript-CVE-2016-7979.patch" - "ghostscript-CVE-2016-8602.patch" - "ghostscript-runpath.patch")) - (modules '((guix build utils))) - (snippet - ;; Honor --docdir. - '(substitute* "Makefile.in" - (("^docdir=.*$") "docdir = @docdir@\n") - (("^exdir=.*$") "exdir = $(docdir)/examples\n"))))) - (build-system gnu-build-system) - (outputs '("out" "doc")) ;16 MiB of HTML/PS doc + examples - (inputs `(("freetype" ,freetype) - ("lcms" ,lcms) - ("libjpeg-8" ,libjpeg-8) - ("libpng" ,libpng) - ("libpaper" ,libpaper) - ("libtiff" ,libtiff) - ("zlib" ,zlib))) - (native-inputs - `(("perl" ,perl) - ("pkg-config" ,pkg-config) ; needed to find libtiff - ("python" ,python-wrapper) - ("tcl" ,tcl))) - (arguments - `(#:disallowed-references ("doc") - #:phases - (modify-phases %standard-phases - (add-after 'configure 'patch-config-files - (lambda _ - (substitute* "base/all-arch.mak" - (("/bin/sh") (which "sh"))) - (substitute* "base/unixhead.mak" - (("/bin/sh") (which "sh"))))) - (add-after 'configure 'remove-doc-reference - (lambda _ - ;; Don't retain a reference to the 'doc' output in 'gs'. - ;; The only use of this definition is in the output of - ;; 'gs --help', so this change is fine. - (substitute* "base/gscdef.c" - (("GS_DOCDIR") - "\"~/.guix-profile/share/doc/ghostscript\"")))) - (replace 'build + (name "ghostscript") + (version "9.21") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/ArtifexSoftware/" + "ghostpdl-downloads/releases/download/gs" + (string-delete #\. version) + "/ghostscript-" version ".tar.xz")) + (sha256 + (base32 + "0lyhjcrkmd5fcmh8h56bs4xr9k4jasmikv5vsix1hd4ai0ad1q9b")) + (patches (search-patches "ghostscript-runpath.patch" + "ghostscript-CVE-2017-8291.patch" + "ghostscript-no-header-creationdate.patch" + "ghostscript-no-header-id.patch" + "ghostscript-no-header-uuid.patch")) + (modules '((guix build utils))) + (snippet + ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so + ;; we leave it, at least for now. + ;; TODO Try unbundling ijs, which is developed alongside Ghostscript. + '(begin + (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg" + "lcms2" "libpng" + "tiff" "zlib")))))) + (build-system gnu-build-system) + (outputs '("out" "doc")) ;19 MiB of HTML/PS doc + examples + (arguments + `(#:disallowed-references ("doc") + #:configure-flags + (list "--with-system-libtiff" + "LIBS=-lz" + (string-append "ZLIBDIR=" + (assoc-ref %build-inputs "zlib") "/include") + "--enable-dynamic") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'fix-doc-dir (lambda _ - ;; Build 'libgs.so', but don't build the statically-linked 'gs' - ;; binary (saves 18 MiB). - (zero? (system* "make" "so" "-j" - (number->string (parallel-job-count)))))) - (replace 'install + ;; Honor --docdir. + (substitute* "Makefile.in" + (("^docdir=.*$") "docdir = @docdir@\n") + (("^exdir=.*$") "exdir = $(docdir)/examples\n")) + #t)) + (add-after 'configure 'remove-doc-reference (lambda _ - (zero? (system* "make" "soinstall")))) - (add-after 'install 'create-gs-symlink - (lambda* (#:key outputs #:allow-other-keys) - (let ((out (assoc-ref outputs "out"))) - ;; some programs depend on having a 'gs' binary available - (symlink "gsc" (string-append out "/bin/gs")))))))) - (synopsis "PostScript and PDF interpreter") - (description - "Ghostscript is an interpreter for the PostScript language and the PDF + ;; Don't retain a reference to the 'doc' output in 'gs'. + ;; The only use of this definition is in the output of + ;; 'gs --help', so this change is fine. + (substitute* "base/gscdef.c" + (("GS_DOCDIR") + "\"~/.guix-profile/share/doc/ghostscript\"")) + #t)) + (add-after 'configure 'patch-config-files + (lambda _ + (substitute* "base/unixhead.mak" + (("/bin/sh") (which "sh"))) + #t)) + (replace 'build + (lambda _ + ;; Build 'libgs.so', but don't build the statically-linked 'gs' + ;; binary (saves 22 MiB). + (zero? (system* "make" "so" "-j" + (number->string (parallel-job-count)))))) + (replace 'install + (lambda _ + (zero? (system* "make" "soinstall")))) + (add-after 'install 'create-gs-symlink + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + ;; Some programs depend on having a 'gs' binary available. + (symlink "gsc" (string-append out "/bin/gs")) + #t)))))) + (native-inputs + `(("perl" ,perl) + ("python" ,python-wrapper) + ("tcl" ,tcl))) + (inputs + `(("freetype" ,freetype) + ("jbig2dec" ,jbig2dec) + ("lcms2" ,lcms) + ("libjpeg" ,libjpeg) + ("libpaper" ,libpaper) + ("libpng" ,libpng) + ("libtiff" ,libtiff) + ("zlib" ,zlib))) + (synopsis "PostScript and PDF interpreter") + (description + "Ghostscript is an interpreter for the PostScript language and the PDF file format. It also includes a C library that implements the graphics capabilities of the PostScript language. It supports a wide variety of output file formats and printers.") - (license license:agpl3+) - (home-page "https://www.gnu.org/software/ghostscript/") - (properties '((upstream-name . "gnu-ghostscript"))))) + (home-page "https://www.ghostscript.com/") + (license license:agpl3+))) (define-public ghostscript/x (package/inherit ghostscript @@ -216,27 +233,11 @@ output file formats and printers.") ("libxt" ,libxt) ,@(package-inputs ghostscript))))) -(define ghostscript/fixed - (package - (inherit ghostscript) - (source - (origin - (inherit (package-source ghostscript)) - (patches - (append - (origin-patches (package-source ghostscript)) - (search-patches "ghostscript-CVE-2017-8291.patch"))))))) - (define-public ijs (package (name "ijs") - (version "9.14.0") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-" - version ".tar.xz")) - (sha256 (base32 - "0q4jj41p0qbr4mgcc9q78f5zs8cm1g57wgryhsm2yq4lfslm3ib1")))) + (version (package-version ghostscript)) + (source (package-source ghostscript)) (build-system gnu-build-system) (native-inputs `(("libtool" ,libtool) @@ -244,31 +245,29 @@ output file formats and printers.") ("autoconf" ,autoconf))) (arguments `(#:phases - (alist-cons-after - 'unpack 'autogen - (lambda _ - ;; need to regenerate macros - (system* "autoreconf" "-if") - ;; do not run configure - (substitute* "autogen.sh" - (("^.*\\$srcdir/configure.*") "")) - (system* "bash" "autogen.sh") - - ;; create configure script in ./ijs/ - (chdir "ijs") - ;; do not run configure - (substitute* "autogen.sh" - (("^.*\\$srcdir/configure.*") "") - (("^ + && echo Now type.*$") "")) - (zero? (system* "bash" "autogen.sh"))) - %standard-phases))) + (modify-phases %standard-phases + (add-after 'unpack 'autogen + (lambda _ + ;; need to regenerate macros + (system* "autoreconf" "-if") + ;; do not run configure + (substitute* "autogen.sh" + (("^.*\\$srcdir/configure.*") "")) + (system* "bash" "autogen.sh") + ;; create configure script in ./ijs/ + (chdir "ijs") + ;; do not run configure + (substitute* "autogen.sh" + (("^.*\\$srcdir/configure.*") "") + (("^ + && echo Now type.*$") "")) + (zero? (system* "bash" "autogen.sh"))))))) (synopsis "IJS driver framework for inkjet and other raster devices") (description "IJS is a protocol for transmission of raster page images. This package provides the reference implementation of the raster printer driver architecture.") (license license:expat) - (home-page "https://www.gnu.org/software/ghostscript/"))) + (home-page (package-home-page ghostscript)))) (define-public gs-fonts (package @@ -286,6 +285,10 @@ architecture.") (build-system gnu-build-system) (arguments `(#:tests? #f ; nothing to check, just files to copy + + #:modules ((guix build gnu-build-system) + (guix build utils) + (srfi srfi-1)) #:phases (modify-phases %standard-phases (delete 'configure) @@ -309,13 +312,13 @@ Ghostscript. It currently includes the 35 standard PostScript fonts.") (define-public libspectre (package (name "libspectre") - (version "0.2.7") + (version "0.2.8") (source (origin (method url-fetch) (uri (string-append "https://libspectre.freedesktop.org/releases/libspectre-" version ".tar.gz")) (sha256 (base32 - "1v63lqc6bhhxwkpa43qmz8phqs8ci4dhzizyy16d3vkb20m846z8")))) + "1a67iglsc3r05mzngyg9kb1gy8whq4fgsnyjwi7bqfw2i7rnl9b5")))) (build-system gnu-build-system) (inputs `(("ghostscript" ,ghostscript))) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/gl.scm b/gnu/packages/gl.scm index 08f6187f8a..d017e375c9 100644 --- a/gnu/packages/gl.scm +++ b/gnu/packages/gl.scm @@ -30,6 +30,7 @@ #:use-module (gnu packages bison) #:use-module (gnu packages compression) #:use-module (gnu packages documentation) + #:use-module (gnu packages elf) #:use-module (gnu packages flex) #:use-module (gnu packages fontutils) #:use-module (gnu packages freedesktop) @@ -216,7 +217,7 @@ also known as DXTn or DXTC) for Mesa.") (define-public mesa (package (name "mesa") - (version "17.0.6") + (version "17.1.4") (source (origin (method url-fetch) @@ -226,10 +227,9 @@ also known as DXTn or DXTC) for Mesa.") version "/mesa-" version ".tar.xz"))) (sha256 (base32 - "17d60jjzg4ddm95gk2cqx0xz6b9anmmz6ax4majwr3gis2yg7v49")) + "1bcwxin7nmbnv92xav381b6qxscsx1zzc71ryfvj03cglbkb1wq6")) (patches - (search-patches "mesa-fix-32bit-test-failures.patch" - "mesa-wayland-egl-symbols-check-mips.patch" + (search-patches "mesa-wayland-egl-symbols-check-mips.patch" "mesa-skip-disk-cache-test.patch")))) (build-system gnu-build-system) (propagated-inputs @@ -246,6 +246,7 @@ also known as DXTn or DXTC) for Mesa.") `(("expat" ,expat) ("dri2proto" ,dri2proto) ("dri3proto" ,dri3proto) + ("libelf" ,libelf) ;required for r600 when using llvm ("libva" ,(force libva-without-mesa)) ("libxml2" ,libxml2) ;; TODO: Add 'libxml2-python' for OpenGL ES 1.1 and 2.0 support @@ -261,7 +262,8 @@ also known as DXTn or DXTC) for Mesa.") ("wayland" ,wayland))) (native-inputs `(("pkg-config" ,pkg-config) - ("python" ,python-2))) + ("python" ,python-2) + ("which" ,(@ (gnu packages base) which)))) (arguments `(#:configure-flags '(,@(match (%current-system) @@ -293,7 +295,7 @@ also known as DXTn or DXTC) for Mesa.") ,@(match (%current-system) ((or "x86_64-linux" "i686-linux") '("--with-dri-drivers=i915,i965,nouveau,r200,radeon,swrast" - "--enable-gallium-llvm")) ; default is x86/x86_64 only + "--enable-llvm")) ; default is x86/x86_64 only (_ '("--with-dri-drivers=nouveau,r200,radeon,swrast")))) #:phases diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm index fcd1daf5e8..926703e159 100644 --- a/gnu/packages/glib.scm +++ b/gnu/packages/glib.scm @@ -347,6 +347,7 @@ bindings to call into the C library.") (uri (string-append "https://launchpad.net/intltool/trunk/" version "/+download/intltool-" version ".tar.gz")) + (patches (search-patches "intltool-perl-compatibility.patch")) (sha256 (base32 "1karx4sb7bnm2j67q0q74hspkfn6lqprpy5r99vkn5bb36a4viv7")))) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 3491f4be1c..1e2e9ad711 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -1074,7 +1074,7 @@ dealing with different structured file formats.") (define-public librsvg (package (name "librsvg") - (version "2.40.16") + (version "2.40.17") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" @@ -1082,7 +1082,7 @@ dealing with different structured file formats.") name "-" version ".tar.xz")) (sha256 (base32 - "0bpz6gsq8xi1pb5k9ax6vinph460v14znch3y5yz167s0dmwz2yl")))) + "1k39gyf7f5m9x0jvpcxvfcqswdb04xhm1lbwbjabn1f4xk5wbxp6")))) (build-system gnu-build-system) (arguments `(#:phases @@ -2315,7 +2315,11 @@ libxml to ease remote use of the RESTful API.") (build-system gnu-build-system) (outputs '("out" "doc")) (arguments - `(#:configure-flags + `(#:modules ((guix build utils) + (guix build gnu-build-system) + (ice-9 popen)) + + #:configure-flags (list (string-append "--with-html-dir=" (assoc-ref %outputs "doc") "/share/gtk-doc/html") @@ -2325,34 +2329,77 @@ libxml to ease remote use of the RESTful API.") #:phases (modify-phases %standard-phases (add-before 'configure 'disable-unconnected-socket-test - ;; This test fails due to missing /etc/nsswitch.conf - ;; in the build environment. - (lambda _ - (substitute* "tests/socket-test.c" - ((".*/sockets/unconnected.*") "")) - #t)) + ;; This test fails due to missing /etc/nsswitch.conf + ;; in the build environment. + (lambda _ + (substitute* "tests/socket-test.c" + ((".*/sockets/unconnected.*") "")) + #t)) (add-before 'check 'pre-check - (lambda _ - ;; The 'check-local' target runs 'env LANG=C sort -u', - ;; unset 'LC_ALL' to make 'LANG' working. - (unsetenv "LC_ALL") - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") - ;; HTTPD in Guix uses mod_event and does not build prefork. - (substitute* "tests/httpd.conf" - (("^LoadModule mpm_prefork_module.*$") "\n")) - #t)) + (lambda _ + ;; The 'check-local' target runs 'env LANG=C sort -u', + ;; unset 'LC_ALL' to make 'LANG' working. + (unsetenv "LC_ALL") + ;; The ca-certificates.crt is not available in the build + ;; environment. + (setenv "SSL_CERT_FILE" "/dev/null") + ;; HTTPD in Guix uses mod_event and does not build prefork. + (substitute* "tests/httpd.conf" + (("^LoadModule mpm_prefork_module.*$") "\n")) + + ;; Generate a self-signed certificate that has "localhost" as its + ;; 'dnsName'. Failing to do that, and starting with GnuTLS + ;; 3.5.12, tests such as "ssl-tests" fail: + ;; + ;; ERROR:ssl-test.c:406:do_tls_interaction_test: Unexpected status 6 Unacceptable TLS certificate (expected 200 OK) + ;; + ;; 'certtool' is interactive so we have to pipe it the answers. + ;; Reported at <https://bugzilla.gnome.org/show_bug.cgi?id=784696>. + (let ((pipe (open-output-pipe "certtool --generate-self-signed \ + --load-privkey tests/test-key.pem --outfile tests/test-cert.pem"))) + (for-each (lambda (line) + (display line pipe) + (newline pipe)) + '("" ;Common name + "" ;UID + "Guix" ;Organizational unit name + "GNU" ;Organization name + "" ;Locality name + "" ;State or province + "" ;Country + "" ;subject's domain component (DC) + "" ;E-mail + "" ;serial number + "-1" ;expiration time + "N" ;belong to authority? + "N" ;web client certificate? + "N" ;IPsec IKE? + "Y" ;web server certificate? + "localhost" ;dnsName of subject + "" ;dnsName of subject (end) + "" ;URI of subject + "127.0.0.1" ;IP address of subject + "" ;signing? + "" ;encryption? + "" ;sign OCSP requests? + "" ;sign code? + "" ;time stamping? + "" ;email protection? + "" ;URI of the CRL distribution point + "y" ;above info OK? + )) + (close-pipe pipe)) + #t)) (replace 'install - (lambda _ - (zero? - (system* "make" - ;; Install vala bindings into $out. - (string-append "vapidir=" %output - "/share/vala/vapi") - "install"))))))) - (native-inputs - `(("glib:bin" ,glib "bin") ; for glib-mkenums + (lambda _ + (zero? + (system* "make" + ;; Install vala bindings into $out. + (string-append "vapidir=" %output + "/share/vala/vapi") + "install"))))))) + (native-inputs + `(("glib:bin" ,glib "bin") ; for glib-mkenums ("gobject-introspection" ,gobject-introspection) ("intltool" ,intltool) ("pkg-config" ,pkg-config) @@ -2361,6 +2408,7 @@ libxml to ease remote use of the RESTful API.") ;; These are needed for the tests. ;; FIXME: Add PHP once available. ("curl" ,curl) + ("gnutls" ,gnutls) ;for 'certtool' ("httpd" ,httpd))) (propagated-inputs ;; libsoup-2.4.pc refers to all these. diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index e71ec8dce6..0276d7d0f1 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -58,7 +58,7 @@ (define-public libgpg-error (package (name "libgpg-error") - (version "1.26") + (version "1.27") (source (origin (method url-fetch) @@ -66,7 +66,7 @@ version ".tar.bz2")) (sha256 (base32 - "0sgfia0syq78k1c9h10rkhc1nfv5v097icrprlx2x4qn074wnjsc")))) + "1li95ni122fzinzlmxbln63nmgij63irxfvi52ws4zfbzv3am4sg")))) (build-system gnu-build-system) (home-page "https://gnupg.org") (synopsis "Library of error values for GnuPG components") @@ -82,15 +82,14 @@ Daemon and possibly more in the future.") (define-public libgcrypt (package (name "libgcrypt") - (replacement libgcrypt-1.7.8) - (version "1.7.6") + (version "1.7.8") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-" version ".tar.bz2")) (sha256 (base32 - "1g05prhgqw4ryd0w433q8nhds0h93kf47hfjagi2r7dghkpaysk2")))) + "16f1rsv4y4w2pk1il2jbcqggsb6mrlfva5vayd205fp68zm7d0ll")))) (build-system gnu-build-system) (propagated-inputs `(("libgpg-error-host" ,libgpg-error))) @@ -116,30 +115,6 @@ generation.") (properties '((ftp-server . "ftp.gnupg.org") (ftp-directory . "/gcrypt/libgcrypt"))))) -(define libgcrypt-1.7.8 - (package - (inherit libgcrypt) - (version "1.7.8") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-" - version ".tar.bz2")) - (sha256 - (base32 - "16f1rsv4y4w2pk1il2jbcqggsb6mrlfva5vayd205fp68zm7d0ll")))))) - -(define-public libgcrypt-1.5 - (package (inherit libgcrypt) - (version "1.5.6") - (source - (origin - (method url-fetch) - (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-" - version ".tar.bz2")) - (sha256 - (base32 - "0ydy7bgra5jbq9mxl5x031nif3m6y3balc6ndw2ngj11wnsjc61h")))))) - (define-public libassuan (package (name "libassuan") diff --git a/gnu/packages/groff.scm b/gnu/packages/groff.scm index 46e1ccf233..67dd1dbfa6 100644 --- a/gnu/packages/groff.scm +++ b/gnu/packages/groff.scm @@ -40,12 +40,18 @@ (uri (string-append "mirror://gnu/groff/groff-" version ".tar.gz")) (sha256 (base32 - "1998v2kcs288d3y7kfxpvl369nqi06zbbvjzafyvyl3pr7bajj1s")))) + "1998v2kcs288d3y7kfxpvl369nqi06zbbvjzafyvyl3pr7bajj1s")) + (patches (search-patches "groff-source-date-epoch.patch")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;12MiB of PS, PDF, HTML, and examples - (inputs `(("ghostscript" ,ghostscript) - ("netpbm" ,netpbm))) + + ;; Note: groff's HTML backend uses executables from netpbm when they are in + ;; $PATH. In practice, not having them doesn't prevent it from install its + ;; own HTML doc, nor does it change its capabilities, so we removed netpbm + ;; from 'inputs'. + + (inputs `(("ghostscript" ,ghostscript))) (native-inputs `(("bison" ,bison) ("perl" ,perl) ("psutils" ,psutils) diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index b654bbc96e..f86d7ead80 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -153,7 +153,11 @@ without requiring the source code to be rewritten.") (inputs `(("libffi" ,libffi) ("readline" ,readline) ,@(libiconv-if-needed) - ,@(if (target-mingw?) '() `(("bash" ,bash))))) + + ;; We need Bash when cross-compiling because some of the scripts + ;; in bin/ refer to it. Use 'bash-minimal' because we don't need + ;; an interactive Bash with Readline and all. + ,@(if (target-mingw?) '() `(("bash" ,bash-minimal))))) (propagated-inputs `( ;; These ones aren't normally needed here, but since `libguile-2.0.la' ;; reads `-lltdl -lunistring', adding them here will add the needed @@ -212,24 +216,20 @@ without requiring the source code to be rewritten.") (home-page "https://www.gnu.org/software/guile/") (license license:lgpl3+))) -(define-public guile-2.0/fixed - ;; A package of Guile 2.0 that's rarely changed. It is the one used - ;; in the `base' module, and thus changing it entails a full rebuild. - (package - (inherit guile-2.0) - (properties '((hidden? . #t))))) ;people should install 'guile-2.0' - (define-public guile-2.2 (package (inherit guile-2.0) (name "guile") (version "2.2.2") (source (origin (method url-fetch) + + ;; Note: we are limited to one of the compression formats + ;; supported by the bootstrap binaries, so no lzip here. (uri (string-append "mirror://gnu/guile/guile-" version - ".tar.lz")) + ".tar.xz")) (sha256 (base32 - "1dnh75h4rkx1zflpsngznkwcd6afn6zrc5x3xq7n946pm5bnx5bq")) + "1azm25zcmxif0skxfrp11d2wc89nrzpjaann9yxdw6pvjxhs948w")) (modules '((guix build utils))) ;; Remove the pre-built object files. Instead, build everything @@ -249,6 +249,17 @@ without requiring the source code to be rewritten.") (files '("lib/guile/2.2/site-ccache" "share/guile/site/2.2"))))))) +(define-public guile-2.2/fixed + ;; A package of Guile 2.2 that's rarely changed. It is the one used + ;; in the `base' module, and thus changing it entails a full rebuild. + (package + (inherit guile-2.2) + (properties '((hidden? . #t) ;people should install 'guile-2.2' + (timeout . 72000) ;20 hours + (max-silent-time . 36000))) ;10 hours (needed on ARM + ; when heavily loaded) + (replacement #f))) + (define-public guile-next (deprecated-package "guile-next" guile-2.2)) diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 224319f84f..3461285850 100644 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -33,7 +33,6 @@ (package (name "icu4c") (version "58.2") - (replacement icu4c/fixed) (source (origin (method url-fetch) (uri (string-append @@ -42,6 +41,9 @@ "/icu4c-" (string-map (lambda (x) (if (char=? x #\.) #\_ x)) version) "-src.tgz")) + (patches + (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch" + "icu4c-reset-keyword-list-iterator.patch")) (sha256 (base32 "036shcb3f8bm1lynhlsb4kpjm9s9c2vdiir01vg216rs2l8482ib")))) (build-system gnu-build-system) @@ -68,15 +70,6 @@ C/C++ part.") (license x11) (home-page "http://site.icu-project.org/"))) -(define icu4c/fixed - (package - (inherit icu4c) - (source (origin - (inherit (package-source icu4c)) - (patches - (search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch" - "icu4c-reset-keyword-list-iterator.patch")))))) - (define-public java-icu4j (package (name "java-icu4j") diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 139be62819..1b230b5700 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -66,7 +66,7 @@ (define-public libpng (package (name "libpng") - (version "1.6.28") + (version "1.6.29") (source (origin (method url-fetch) (uri (list (string-append "mirror://sourceforge/libpng/libpng16/" @@ -78,7 +78,8 @@ "ftp://ftp.simplesystems.org/pub/libpng/png/src/history" "/libpng16/libpng-" version ".tar.xz"))) (sha256 - (base32 "0ylgyx93hnk38haqrh8prd3ax5ngzwvjqw5cxw7p9nxmwsfyrlyq")))) + (base32 + "0fgjqp7x6jynacmqh6dj72cn6nnf6yxjfqqqfsxrx0pyx22bcia2")))) (build-system gnu-build-system) ;; libpng.la says "-lz", so propagate it. @@ -333,31 +334,21 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (replacement libtiff-4.0.8) - (version "4.0.7") - (source (origin - (method url-fetch) - (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" - version ".tar.gz")) - (patches (search-patches "libtiff-heap-overflow-tiffcp.patch" - "libtiff-null-dereference.patch" - "libtiff-heap-overflow-tif-dirread.patch" - "libtiff-heap-overflow-pixarlog-luv.patch" - "libtiff-divide-by-zero.patch" - "libtiff-divide-by-zero-ojpeg.patch" - "libtiff-tiffcp-underflow.patch" - "libtiff-invalid-read.patch" - "libtiff-CVE-2016-10092.patch" - "libtiff-heap-overflow-tiffcrop.patch" - "libtiff-divide-by-zero-tiffcrop.patch" - "libtiff-CVE-2016-10093.patch" - "libtiff-divide-by-zero-tiffcp.patch" - "libtiff-assertion-failure.patch" - "libtiff-CVE-2016-10094.patch" - "libtiff-CVE-2017-5225.patch")) - (sha256 - (base32 - "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) + (version "4.0.8") + (source + (origin + (method url-fetch) + (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" + version ".tar.gz")) + (patches + (search-patches "libtiff-tiffgetfield-bugs.patch" + "libtiff-CVE-2016-10688.patch" + "libtiff-CVE-2017-9936.patch" + "libtiff-tiffycbcrtorgb-integer-overflow.patch" + "libtiff-tiffycbcrtorgbinit-integer-overflow.patch")) + (sha256 + (base32 + "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.3 MiB of HTML documentation @@ -367,9 +358,6 @@ extracting icontainer icon files.") (assoc-ref %outputs "doc") "/share/doc/" ,name "-" ,version)))) - ;; Build with a patched GCC to work around <http://bugs.gnu.org/24703>. - (native-inputs - `(("gcc@5" ,gcc-5))) (inputs `(("zlib" ,zlib) ("libjpeg" ,libjpeg))) (synopsis "Library for handling TIFF files") @@ -382,24 +370,6 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.simplesystems.org/libtiff/"))) -(define libtiff-4.0.8 - (package - (inherit libtiff) - (version "4.0.8") - (source - (origin - (method url-fetch) - (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" - version ".tar.gz")) - (patches (search-patches "libtiff-tiffgetfield-bugs.patch" - "libtiff-CVE-2016-10688.patch" - "libtiff-CVE-2017-9936.patch" - "libtiff-tiffycbcrtorgb-integer-overflow.patch" - "libtiff-tiffycbcrtorgbinit-integer-overflow.patch")) - (sha256 - (base32 - "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr")))))) - (define-public leptonica (package (name "leptonica") diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm index 6be7c82bc0..24583d82ea 100644 --- a/gnu/packages/kerberos.scm +++ b/gnu/packages/kerberos.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2012, 2013 Nikita Karetnikov <nikita@karetnikov.org> ;;; Copyright © 2012, 2017 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -23,8 +24,10 @@ (define-module (gnu packages kerberos) #:use-module (gnu packages) + #:use-module (gnu packages autotools) #:use-module (gnu packages bison) #:use-module (gnu packages perl) + #:use-module (gnu packages gettext) #:use-module (gnu packages gnupg) #:use-module (gnu packages libidn) #:use-module (gnu packages linux) @@ -32,6 +35,7 @@ #:use-module (gnu packages compression) #:use-module (gnu packages databases) #:use-module (gnu packages readline) + #:use-module (gnu packages texinfo) #:use-module (gnu packages tls) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) @@ -42,7 +46,7 @@ (define-public mit-krb5 (package (name "mit-krb5") - (version "1.14.4") + (version "1.15.1") (source (origin (method url-fetch) (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" @@ -50,20 +54,13 @@ "/krb5-" version ".tar.gz")) (sha256 (base32 - "158bgq9xcg5ljgzia1880ak7m9g6vf2r009rzdqif5n9h111m9h3")))) + "0igbi5d095c2hgpn2cixpc4q2ij8vgg2bx7yjfly5zfmvlqqhz23")))) (build-system gnu-build-system) (native-inputs `(("bison" ,bison) ("perl" ,perl))) (arguments - `(;; Work around "No rule to make target '../../include/gssapi/gssapi.h', - ;; needed by 'authgss_prot.so'." - #:parallel-build? #f - - ;; Likewise with tests. - #:parallel-tests? #f - - ;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call + `(;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call ;; while running the tests in 'src/tests'. #:tests? ,(string=? (%current-system) "x86_64-linux") @@ -104,25 +101,23 @@ cryptography.") (method url-fetch) (uri (string-append "mirror://gnu/shishi/shishi-" version ".tar.gz")) + (patches (search-patches "shishi-fix-libgcrypt-detection.patch")) (sha256 (base32 "032qf72cpjdfffq1yq54gz3ahgqf2ijca4vl31sfabmjzq9q370d")))) (build-system gnu-build-system) + (arguments + '(;; This is required since we patch some of the build scripts. + ;; Remove for the next Shishi release after 1.0.2 or when + ;; removing 'shishi-fix-libgcrypt-detection.patch'. + #:configure-flags '("ac_cv_libgcrypt=yes"))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs `(("gnutls" ,gnutls) ("libidn" ,libidn) ("linux-pam" ,linux-pam-1.2) ("zlib" ,zlib) - ;; libgcrypt 1.6 fails because of the following test: - ;; #include <gcrypt.h> - ;; /* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c - ;; will fail on startup if we don't have 1.4.4 or later, so - ;; test for it early. */ - ;; #if !defined GCRY_MODULE_ID_USER - ;; error too old libgcrypt - ;; #endif - ("libgcrypt" ,libgcrypt-1.5) + ("libgcrypt" ,libgcrypt) ("libtasn1" ,libtasn1))) (home-page "https://www.gnu.org/software/shishi/") (synopsis "Implementation of the Kerberos 5 network security system") diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in index ebfd8332c4..82bd2196cf 100644 --- a/gnu/packages/ld-wrapper.in +++ b/gnu/packages/ld-wrapper.in @@ -15,7 +15,7 @@ main="(@ (gnu build-support ld-wrapper) ld-wrapper)" exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line)))" "$@" !# ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -35,6 +35,7 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line)) (define-module (gnu build-support ld-wrapper) #:use-module (srfi srfi-1) #:use-module (ice-9 match) + #:autoload (ice-9 rdelim) (read-string) #:export (ld-wrapper)) ;;; Commentary: @@ -222,9 +223,44 @@ impure library ~s~%" '() library-files)) +(define (expand-arguments args) + ;; Expand ARGS such that "response file" arguments, such as "@args.txt", are + ;; expanded (info "(gcc) Overall Options"). + (define (response-file-arguments file) + (when %debug? + (format (current-error-port) + "ld-wrapper: attempting to read arguments from '~a'~%" file)) + + ;; FIXME: Options can contain whitespace if they are protected by single + ;; or double quotes; this is not implemented here. + (string-tokenize (call-with-input-file file read-string))) + + (define result + (fold-right (lambda (arg result) + (if (string-prefix? "@" arg) + (let ((file (string-drop arg 1))) + (append (catch 'system-error + (lambda () + (response-file-arguments file)) + (lambda args + ;; FILE doesn't exist or cannot be read so + ;; leave ARG as is. + (list arg))) + result)) + (cons arg result))) + '() + args)) + + ;; If there are "@" arguments in RESULT *and* we can expand them (they don't + ;; refer to nonexistent files), then recurse. + (if (equal? result args) + result + (expand-arguments result))) + (define (ld-wrapper . args) ;; Invoke the real `ld' with ARGS, augmented with `-rpath' switches. - (let* ((path (library-search-path args)) + (let* ((args (expand-arguments args)) + (path (library-search-path args)) (libs (library-files-linked args path)) (args (append args (rpath-arguments libs)))) (when %debug? diff --git a/gnu/packages/libevent.scm b/gnu/packages/libevent.scm index c903352bbc..bda15393f6 100644 --- a/gnu/packages/libevent.scm +++ b/gnu/packages/libevent.scm @@ -121,7 +121,7 @@ programs.") (define-public libuv (package (name "libuv") - (version "1.11.0") + (version "1.12.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/libuv/libuv/archive/v" @@ -129,7 +129,7 @@ programs.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0yhw86011l2dg2prms0d86szygrix4pxpgnyzs7iljy2xk3fxivf")))) + "0l0jrb5q3i8br10c8skc6xdwlxkmlpn3n0kngaqd68fsi1593kj1")))) (build-system gnu-build-system) (arguments '(#:phases (alist-cons-after @@ -157,8 +157,8 @@ similar IOCP, and event ports, asynchronous TCP/UDP sockets, asynchronous DNS resolution, asynchronous file system operations, and threading primitives.") ;; A few files fall under other non-copyleft licenses; see 'LICENSE' for - ;; details. - (license x11))) + ;; details. Documentation is CC-BY 4.0 as of 1.12.0; see 'LICENSE-docs'. + (license (list expat cc-by4.0)))) (define-public perl-anyevent (package diff --git a/gnu/packages/libffi.scm b/gnu/packages/libffi.scm index 13938f7ee8..16475affe6 100644 --- a/gnu/packages/libffi.scm +++ b/gnu/packages/libffi.scm @@ -42,7 +42,8 @@ name "-" version ".tar.gz")) (sha256 (base32 - "0dya49bnhianl0r65m65xndz6ls2jn1xngyn72gd28ls3n7bnvnh")))) + "0dya49bnhianl0r65m65xndz6ls2jn1xngyn72gd28ls3n7bnvnh")) + (patches (search-patches "libffi-3.2.1-complex-alpha.patch")))) (build-system gnu-build-system) (arguments `(#:phases (alist-cons-after 'install 'post-install ,post-install-phase diff --git a/gnu/packages/libidn.scm b/gnu/packages/libidn.scm index da6c7efb6f..fc91fe263e 100644 --- a/gnu/packages/libidn.scm +++ b/gnu/packages/libidn.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012 Andreas Enge <andreas@enge.fr> -;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> ;;; ;;; This file is part of GNU Guix. @@ -20,6 +20,7 @@ (define-module (gnu packages libidn) #:use-module (gnu packages) + #:use-module (gnu packages compression) #:use-module (gnu packages libunistring) #:use-module (guix licenses) #:use-module (guix packages) @@ -53,42 +54,19 @@ Java libraries.") (define-public libidn2 (package (name "libidn2") - (version "0.16") + (version "2.0.2") (source (origin (method url-fetch) - (uri (string-append "ftp://alpha.gnu.org/gnu/libidn/libidn2-" - version ".tar.gz")) + (uri (string-append "mirror://gnu/libidn/" name "-" version + ".tar.lz")) (sha256 (base32 - "13v8kh4d5nfkymai88zlw3h7k4x9khrpdpv97waf4ah8ykzrxb9g")))) - ;; XXX: Make sure to remove the 'create-pkg-config' phase - ;; below when this package is updated to >= 0.17. + "0pqaj8d01aj4i110669fincqs10kgynyqcrmq2q7pss8v9dcd1jq")))) + (native-inputs + `(("lzip" ,lzip))) (inputs `(("libunistring" ,libunistring))) (build-system gnu-build-system) - (arguments - `(#:phases - (modify-phases %standard-phases - (add-after 'install 'create-pkgconfig-file - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (pkgconfig (string-append out "/lib/pkgconfig"))) - (mkdir-p pkgconfig) - (call-with-output-file (string-append pkgconfig "/libidn2.pc") - (lambda (port) - (format port "prefix=~a -exec_prefix=${prefix} -libdir=${exec_prefix}/lib -includedir=${prefix}/include - -Name: Libidn2 -Description: Library implementing IDNA2008 and TR46 -Version: ~a -Libs: -L${libdir} -lidn2 -Cflags: -I${includedir} -" - out ,version))) - #t)))))) (synopsis "Internationalized domain name library for IDNA2008") (description "Libidn2 is an internationalized domain library implementing the IDNA2008 specifications. Libidn2 is believed to be a complete IDNA2008 diff --git a/gnu/packages/libsigsegv.scm b/gnu/packages/libsigsegv.scm index 41e7345351..2a44819820 100644 --- a/gnu/packages/libsigsegv.scm +++ b/gnu/packages/libsigsegv.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il> ;;; ;;; This file is part of GNU Guix. ;;; @@ -25,14 +26,14 @@ (define-public libsigsegv (package (name "libsigsegv") - (version "2.10") + (version "2.11") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/libsigsegv/libsigsegv-" version ".tar.gz")) (sha256 - (base32 "16hrs8k3nmc7a8jam5j1fpspd6sdpkamskvsdpcw6m29vnis8q44")))) + (base32 "063swdvq7mbmc1clv0rnh20grwln1zfc2qnm0sa1hivcxyr2wz6x")))) (build-system gnu-build-system) (home-page "https://www.gnu.org/software/libsigsegv/") (synopsis "Library for handling page faults") @@ -44,12 +45,12 @@ ;; linux-libre-headers-cross-mips64el-linux-gnu-3.3.8/include/asm/sigcontext.h:57:8: error: redefinition of 'struct sigcontext' (if (string-contains (or (%current-target-system) (%current-system)) "mips64el") - `(#:phases (alist-cons-before - 'configure 'patch-mips-old-h - (lambda _ - (substitute* "src/fault-linux-mips-old.h" - (("#include <asm/sigcontext\\.h>") ""))) - %standard-phases)) + `(#:phases (modify-phases %standard-phases + (add-before 'configure 'patch-mips-old-h + (lambda _ + (substitute* "src/fault-linux-mips-old.h" + (("#include <asm/sigcontext\\.h>") "")) + #t)))) '())) (description "GNU libsigsegv is a library to handle page faults, which occur when a diff --git a/gnu/packages/libunistring.scm b/gnu/packages/libunistring.scm index 212bec4b49..df02f68cea 100644 --- a/gnu/packages/libunistring.scm +++ b/gnu/packages/libunistring.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org> +;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -24,6 +25,7 @@ #:use-module (guix packages) #:use-module (guix download) #:use-module (guix build-system gnu) + #:use-module (gnu packages) #:use-module (gnu packages base)) (define-public libunistring @@ -37,7 +39,11 @@ version ".tar.xz")) (sha256 (base32 - "15z76qrmrvkc3c6hfq2lzzqysgd21s682f2smycfab5g598n8drf")))) + "15z76qrmrvkc3c6hfq2lzzqysgd21s682f2smycfab5g598n8drf")) + ;; test-lock has performance issues on multi-core machines, + ;; it hangs or takes a long time to complete. + ;; This is a commit from gnulib to fix this issue. + (patches (search-patches "libunistring-gnulib-multi-core.patch")))) (propagated-inputs (libiconv-if-needed)) (build-system gnu-build-system) (arguments diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 5c96056576..d0dcb259b9 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -123,6 +123,7 @@ ((string-prefix? "arm" arch) "arm") ((string-prefix? "aarch64" arch) "arm64") ((string-prefix? "alpha" arch) "alpha") + ((string-prefix? "powerpc" arch) "powerpc") ;including "powerpc64le" (else arch)))) (define-public (system->defconfig system) @@ -130,6 +131,7 @@ defconfig. Return the appropiate make target if applicable, otherwise return \"defconfig\"." (cond ((string-prefix? "powerpc-" system) "pmac32_defconfig") + ((string-prefix? "powerpc64le-" system) "ppc64_defconfig") (else "defconfig"))) (define (linux-libre-urls version) @@ -490,7 +492,7 @@ providing the system administrator with some help in common tasks.") (define-public util-linux (package (name "util-linux") - (version "2.29.2") + (version "2.30") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/linux/utils/" @@ -498,7 +500,7 @@ providing the system administrator with some help in common tasks.") name "-" version ".tar.xz")) (sha256 (base32 - "1qz81w8vzrmy8xn9yx7ls4amkbgwx6vr62pl6kv9g7r0g3ba9kmc")) + "13d0ax8bcapga8phj2nclx86w57ddqxbr98ajibpzjq6d7zs8262")) (patches (search-patches "util-linux-tests.patch")) (modules '((guix build utils))) (snippet @@ -659,7 +661,7 @@ slabtop, and skill.") (build-system gnu-build-system) (inputs `(("libusb" ,libusb) - ("eudev" ,eudev-with-hwdb))) + ("eudev" ,eudev))) (native-inputs `(("pkg-config" ,pkg-config))) (home-page "http://www.linux-usb.org/") @@ -901,7 +903,7 @@ intercept and print the system calls executed by the program.") (define-public alsa-lib (package (name "alsa-lib") - (version "1.1.3") + (version "1.1.4.1") (source (origin (method url-fetch) (uri (string-append @@ -909,7 +911,7 @@ intercept and print the system calls executed by the program.") version ".tar.bz2")) (sha256 (base32 - "174n2psp0328xcy2f1ayls67598bxli6q9cf00d2qnac3012aa3i")))) + "0xjvi381105gldhv0z872a0x58sghznyx19j45lw5iyi2h68gfwi")))) (build-system gnu-build-system) (home-page "https://www.alsa-project.org/") (synopsis "The Advanced Linux Sound Architecture libraries") @@ -1908,7 +1910,7 @@ from the module-init-tools project.") ;; The post-systemd fork, maintained by Gentoo. (package (name "eudev") - (version "3.2.1") + (version "3.2.2") (source (origin (method url-fetch) (uri (string-append @@ -1916,10 +1918,18 @@ from the module-init-tools project.") version ".tar.gz")) (sha256 (base32 - "06gyyl90n85x8i7lfhns514y1kg1ians13l467admyzy3kjxkqsp")) - (patches (search-patches "eudev-rules-directory.patch" - "eudev-conflicting-declaration.patch")))) + "0qqgbgpm5wdllk0s04pf80nwc8pr93xazwri1bylm1f15zn5ck1y")) + (patches (search-patches "eudev-rules-directory.patch")))) (build-system gnu-build-system) + (arguments + '(#:phases (modify-phases %standard-phases + (add-after 'install 'build-hwdb + (lambda* (#:key outputs #:allow-other-keys) + ;; Build OUT/etc/udev/hwdb.bin. This allows 'lsusb' and + ;; similar tools to display product names. + (let ((out (assoc-ref outputs "out"))) + (zero? (system* (string-append out "/bin/udevadm") + "hwdb" "--update")))))))) (native-inputs `(("pkg-config" ,pkg-config) ("perl" ,perl) @@ -1938,19 +1948,7 @@ time.") (license license:gpl2+))) (define-public eudev-with-hwdb - ;; TODO: Merge with 'eudev'. - (package - (inherit eudev) - (name "eudev-with-hwdb") - (arguments - '(#:phases (modify-phases %standard-phases - (add-after 'install 'build-hwdb - (lambda* (#:key outputs #:allow-other-keys) - ;; Build OUT/etc/udev/hwdb.bin. This allows 'lsusb' and - ;; similar tools to display product names. - (let ((out (assoc-ref outputs "out"))) - (zero? (system* (string-append out "/bin/udevadm") - "hwdb" "--update")))))))))) + (deprecated-package "eudev-with-hwdb" eudev)) (define-public lvm2 (package diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 1bf049fc4c..352ce636e6 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -1850,7 +1850,7 @@ implemented in ANSI C, and MPI for communications.") (build-system gnu-build-system) (inputs `(("zlib" ,zlib) - ("flex" ,flex-2.6.1) ; A bug in flex prevents building with flex-2.6.3. + ("flex" ,flex) ("bison" ,bison))) (arguments `(#:phases diff --git a/gnu/packages/ncurses.scm b/gnu/packages/ncurses.scm index 0b23baf129..d8b72a12c0 100644 --- a/gnu/packages/ncurses.scm +++ b/gnu/packages/ncurses.scm @@ -37,12 +37,12 @@ (define-public ncurses (package (name "ncurses") - (replacement ncurses/fixed) (version "6.0") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/ncurses/ncurses-" version ".tar.gz")) + (patches (search-patches "ncurses-CVE-2017-10684-10685.patch")) (sha256 (base32 "0q3jck7lna77z5r42f13c4xglc7azd19pxfrjrpgp2yf615w4lgm")))) @@ -189,17 +189,6 @@ ncursesw library provides wide character support.") (license x11) (home-page "https://www.gnu.org/software/ncurses/"))) -(define ncurses/fixed - (package - (inherit ncurses) - (source - (origin - (inherit (package-source ncurses)) - (patches - (append - (origin-patches (package-source ncurses)) - (search-patches "ncurses-CVE-2017-10684-10685.patch"))))))) - (define-public dialog (package (name "dialog") diff --git a/gnu/packages/netpbm.scm b/gnu/packages/netpbm.scm index cd0c3d950d..2d76d7e067 100644 --- a/gnu/packages/netpbm.scm +++ b/gnu/packages/netpbm.scm @@ -36,7 +36,7 @@ (define-public netpbm (package (name "netpbm") - (version "10.61.01") + (version "10.78.3") (source (origin (method svn-fetch) ;; At the time of first packaging, the "super-stable" and @@ -48,10 +48,10 @@ ;; To determine the correct release: "svn log version.mk". (uri (svn-reference (url "http://svn.code.sf.net/p/netpbm/code/advanced") - (revision 1832))) + (revision 2965))) (sha256 (base32 - "1mj1pqq18yj0yb6l24zfjls7axhqmiv0pvcaabl5xvc4a0dm543j")) + "1k7as9qi1942wyjxpvbf02wg0h4braw44m3m3vvi8sm9y5z1m967")) (file-name (string-append name "-" version "-checkout")) (modules '((guix build utils))) (snippet @@ -87,6 +87,9 @@ (drop "ppmtopjxl" in "converter/ppm") ;; Remove timestamps from the generated code. + (substitute* "buildtools/makepointerman" + (("gmctime[(][)]") + "\"Thu Jan 1 00:00:00 1970\"")) (substitute* "buildtools/stamp-date" (("^DATE=.*") "DATE=\"Thu Jan 01 00:00:00+0000 1970\"\n") @@ -124,8 +127,8 @@ (let ((rgb (string-append (assoc-ref inputs "xorg-rgb") "/share/X11/rgb.txt"))) - (substitute* "pm_config.in.h" - (("/usr/share/X11/rgb.txt") rgb)) + (substitute* "config.mk" + (("/usr/share/netpbm/rgb.txt") rgb)) ;; Our Ghostscript no longer provides the 'gs' command, only ;; 'gsc', so look for that instead. @@ -146,7 +149,15 @@ (("all-in-place.test") "") (("pnmpsnr.test") "") (("pnmremap1.test") "") - (("gif-roundtrip.test") "")) + (("gif-roundtrip.test") "") + + ;; These two tests started failing in netpbm-10.78.3. + (("jpeg-roundtrip.test") "") + (("pbmtext.test") "") + + ;; Skip tests that use nonfree programs that we don't build. + (("ps-alt-roundtrip.test") "" ) + (("pbm-misc-converters.test") "")) #t)) (replace 'install (lambda* (#:key outputs make-flags #:allow-other-keys) diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index b7e13f0a68..08307e37b9 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -40,8 +40,7 @@ (define-public openldap (package (name "openldap") - (replacement openldap/fixed) - (version "2.4.44") + (version "2.4.45") (source (origin (method url-fetch) @@ -51,14 +50,14 @@ "ftp://mirror.switch.ch/mirror/OpenLDAP/" "openldap-release/openldap-" version ".tgz") (string-append - "ftp://ftp.OpenLDAP.org/pub/OpenLDAP/" + "https://www.openldap.org/software/download/OpenLDAP/" "openldap-release/openldap-" version ".tgz") (string-append "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/" "openldap-release/openldap-" version ".tgz"))) (sha256 (base32 - "0044p20hx07fwgw2mbwj1fkx04615hhs1qyx4mawj2bhqvrnppnp")))) + "091qvwk5dkcpp17ziabcnh3rg3m7qwzw2pihfcd1d5fdxgywzmnd")))) (build-system gnu-build-system) (inputs `(("bdb" ,bdb-5.3) ("cyrus-sasl" ,cyrus-sasl) @@ -71,23 +70,25 @@ (arguments `(#:tests? #f #:phases - (alist-cons-after - 'configure 'provide-libtool - (lambda _ (copy-file (which "libtool") "libtool")) - %standard-phases))) + (modify-phases %standard-phases + (add-after 'configure 'provide-libtool + (lambda _ (copy-file (which "libtool") "libtool") + #t)) + (add-after 'install 'patch-sasl-path + ;; Give -L arguments for cyrus-sasl to avoid propagation. + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out")) + (sasl (assoc-ref inputs "cyrus-sasl"))) + (substitute* (map (lambda (f) (string-append out "/" f)) + '("lib/libldap.la" "lib/libldap_r.la")) + (("-lsasl2" lib) + (string-append "-L" sasl "/lib " lib))) + #t)))))) (synopsis "Implementation of the Lightweight Directory Access Protocol") (description "OpenLDAP is a free implementation of the Lightweight Directory Access Protocol.") (license openldap2.8) - (home-page "http://www.openldap.org/"))) - -(define openldap/fixed - (package - (inherit openldap) - (source - (origin - (inherit (package-source openldap)) - (patches (search-patches "openldap-CVE-2017-9287.patch")))))) + (home-page "https://www.openldap.org/"))) (define-public nss-pam-ldapd (package diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index af91ec1d76..8cc18162aa 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -248,7 +248,7 @@ (base32 "1giy2aprjmn5fp9c4s9r125fljw4wv6ixy5739i5bffw4jgr0f9r")))))) (propagated-inputs - `(("gnutls" ,gnutls/guile-2.2) ;for 'guix download' & co. + `(("gnutls" ,gnutls) ("guile-json" ,guile-json) ("guile-ssh" ,guile-ssh))) @@ -274,7 +274,7 @@ the Nix package manager.") `(("guile" ,guile-2.0) ,@(alist-delete "guile" (package-inputs guix)))) (propagated-inputs - `(("gnutls" ,gnutls) + `(("gnutls" ,gnutls/guile-2.0) ("guile-json" ,guile2.0-json) ("guile-ssh" ,guile2.0-ssh))))) diff --git a/gnu/packages/patches/binutils-mips-bash-bug.patch b/gnu/packages/patches/binutils-mips-bash-bug.patch deleted file mode 100644 index 08d3a79749..0000000000 --- a/gnu/packages/patches/binutils-mips-bash-bug.patch +++ /dev/null @@ -1,22 +0,0 @@ -Bash 4.2.0(1)-release, which we use during bootstrap, does not yield the -"x" case in: - - case x"$EMULATION_NAME" in x) ;; *) ;; esac - -when 'EMULATION_NAME' is undefined. Bash 4.3.30(1)-release doesn't have this -problem. Work around it. - -This Bash bug was fixed -in <http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-007>. - ---- a/ld/emulparams/elf32bmipn32-defs.sh -+++ b/ld/emulparams/elf32bmipn32-defs.sh -@@ -13,7 +13,7 @@ LITTLE_OUTPUT_FORMAT="elf32-littlemips" - TEMPLATE_NAME=elf32 - EXTRA_EM_FILE=mipself - --case x"$EMULATION_NAME" in -+case "x$EMULATION_NAME" in - xelf32*n32*) ELFSIZE=32 ;; - xelf64*) ELFSIZE=64 ;; - x) ;; diff --git a/gnu/packages/patches/coreutils-cut-huge-range-test.patch b/gnu/packages/patches/coreutils-cut-huge-range-test.patch index 0be2cef2b8..e3a0ef28eb 100644 --- a/gnu/packages/patches/coreutils-cut-huge-range-test.patch +++ b/gnu/packages/patches/coreutils-cut-huge-range-test.patch @@ -1,22 +1,33 @@ This patch fixes 100% reproducible test failures on arm-linux-gnueabihf in our -the build environment chroot, as reported at <https://bugs.gnu.org/26253>. -It is a followup to this upstream patch: +the build environment chroot, as reported at <https://bugs.gnu.org/26253>, +and now on x86_64-linux-gnu as well. It is a variant of this upstream patch: - commit 28803c8a3144d5d4363cdbd148bbe067af1a67c2 - Author: Pádraig Brady <P@draigBrady.com> - Date: Fri Mar 3 00:25:54 2017 -0800 + commit f5422009389678680dba9ff4ecb7d33632ee3383 + Author: Ludovic Courtès <ludo@gnu.org> + Date: Mon Mar 27 20:34:39 2017 -0700 - tests: avoid a spurious failure on older debian + tests: avoid false ulimit failure on some systems + + * tests/misc/cut-huge-range.sh: On some systems returns_ may + use more memory, so incorporate that in the determination + of the ulimit value to use. Noticed on ARMv7 with bash-4.4.12, + and x86_64 with bash-4.2.37. + Fixes http://bugs.gnu.org/26253 ... which appeared to be insufficient. +diff --git a/tests/misc/cut-huge-range.sh b/tests/misc/cut-huge-range.sh +index 6b3c5b6ed..55b7b640e 100755 --- a/tests/misc/cut-huge-range.sh +++ b/tests/misc/cut-huge-range.sh -@@ -22,6 +22,7 @@ getlimits_ +@@ -20,9 +20,9 @@ + print_ver_ cut + getlimits_ - vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \ +-vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \ ++vm=$(get_min_ulimit_v_ sh -c 'cut -b1 /dev/null') \ || skip_ "this shell lacks ulimit support" -+vm=$(($vm + $(getconf PAGESIZE))) # avoid spurious failures + vm=$(($vm + 1000)) # avoid spurious failures # sed script to subtract one from the input. # Each input line should consist of a positive decimal number. diff --git a/gnu/packages/patches/coreutils-fix-cross-compilation.patch b/gnu/packages/patches/coreutils-fix-cross-compilation.patch deleted file mode 100644 index 3f0d35c33e..0000000000 --- a/gnu/packages/patches/coreutils-fix-cross-compilation.patch +++ /dev/null @@ -1,15 +0,0 @@ -Coreutils fails to cross compile for other platforms because cu_install_program -is not being evaluated properly. This patch fixes it. -See <https://lists.gnu.org/archive/html/coreutils/2017-01/msg00039.html> ---- a/Makefile.in -+++ b/Makefile.in -@@ -5023,7 +5023,7 @@ pr = progs-readme - @CROSS_COMPILING_FALSE@cu_install_program = src/ginstall - - # Use the just-built 'ginstall', when not cross-compiling. --@CROSS_COMPILING_TRUE@cu_install_program = @INSTALL_PROGRAM@ -+@CROSS_COMPILING_TRUE@cu_install_program := @INSTALL@ - info_TEXINFOS = doc/coreutils.texi - doc_coreutils_TEXINFOS = \ - doc/perm.texi \ - diff --git a/gnu/packages/patches/eudev-conflicting-declaration.patch b/gnu/packages/patches/eudev-conflicting-declaration.patch deleted file mode 100644 index f5399e20d3..0000000000 --- a/gnu/packages/patches/eudev-conflicting-declaration.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix build failure due to conflicting declaration of -keyboard_lookup_key() in gperf-3.1: - -https://bugs.gentoo.org/show_bug.cgi?id=604864 - -Patch copied from upstream source repository: - -https://github.com/gentoo/eudev/commit/5bab4d8de0dcbb8e2e7d4d5125b4aea1652a0d60 - -From 5bab4d8de0dcbb8e2e7d4d5125b4aea1652a0d60 Mon Sep 17 00:00:00 2001 -From: "Anthony G. Basile" <blueness@gentoo.org> -Date: Thu, 5 Jan 2017 16:21:17 -0500 -Subject: [PATCH] src/udev/udev-builtin-keyboard.c: fix build with gperf 3.1 - -Signed-off-by: Anthony G. Basile <blueness@gentoo.org> ---- - src/udev/udev-builtin-keyboard.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/src/udev/udev-builtin-keyboard.c b/src/udev/udev-builtin-keyboard.c -index 73171c3..fad3520 100644 ---- a/src/udev/udev-builtin-keyboard.c -+++ b/src/udev/udev-builtin-keyboard.c -@@ -28,7 +28,6 @@ - - #include "udev.h" - --static const struct key *keyboard_lookup_key(const char *str, unsigned len); - #include "keyboard-keys-from-name.h" - #include "keyboard-keys-to-name.h" - diff --git a/gnu/packages/patches/expat-CVE-2016-0718-fix-regression.patch b/gnu/packages/patches/expat-CVE-2016-0718-fix-regression.patch deleted file mode 100644 index b489401fea..0000000000 --- a/gnu/packages/patches/expat-CVE-2016-0718-fix-regression.patch +++ /dev/null @@ -1,35 +0,0 @@ -Fix regression caused by fix for CVE-2016-0718 when building with -DXML_UNICODE. - -Discussion: - -https://sourceforge.net/p/expat/bugs/539/ - -Patch copied from upstream source repository: - -https://sourceforge.net/p/expat/code_git/ci/af507cef2c93cb8d40062a0abe43a4f4e9158fb2/ - -From af507cef2c93cb8d40062a0abe43a4f4e9158fb2 Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping <sebastian@pipping.org> -Date: Sun, 17 Jul 2016 20:22:29 +0200 -Subject: [PATCH 1/2] Fix regression bug #539 (needs -DXML_UNICODE) - -Thanks to Andy Wang and Karl Waclawek! ---- - expat/lib/xmlparse.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c -index b308e67..0d5dd7b 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -2468,7 +2468,7 @@ doContent(XML_Parser parser, - &fromPtr, rawNameEnd, - (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1); - convLen = (int)(toPtr - (XML_Char *)tag->buf); -- if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) { -+ if ((fromPtr >= rawNameEnd) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) { - tag->name.strLen = convLen; - break; - } --- -2.10.0 diff --git a/gnu/packages/patches/findutils-gnulib-multi-core.patch b/gnu/packages/patches/findutils-gnulib-multi-core.patch new file mode 100644 index 0000000000..5a37f4f1f9 --- /dev/null +++ b/gnu/packages/patches/findutils-gnulib-multi-core.patch @@ -0,0 +1,294 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib +by Bruno Haible <bruno@clisp.org>. + +diff --git a/tests/test-lock.c b/tests/test-lock.c +index a992f64..fb18dee 100644 +--- a/tests/test-lock.c ++++ b/tests/test-lock.c +@@ -1,5 +1,5 @@ + /* Test of locking in multithreaded situations. +- Copyright (C) 2005, 2008-2015 Free Software Foundation, Inc. ++ Copyright (C) 2005, 2008-2017 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -50,6 +50,28 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a semaphore or a lock is used to protect ++ these variables. If set to 1, 'volatile' is used; this is theoretically ++ equivalent but can lead to much slower execution (e.g. 30x slower total ++ run time on a 40-core machine), because 'volatile' does not imply any ++ synchronization/communication between different CPUs. */ ++#define USE_VOLATILE 0 ++ ++#if USE_POSIX_THREADS && HAVE_SEMAPHORE_H ++/* Whether to use a semaphore to communicate information between threads. ++ If set to 0, a lock is used. If set to 1, a semaphore is used. ++ Uncomment this to reduce the dependencies of this test. */ ++# define USE_SEMAPHORE 1 ++/* Mac OS X provides only named semaphores (sem_open); its facility for ++ unnamed semaphores (sem_init) does not work. */ ++# if defined __APPLE__ && defined __MACH__ ++# define USE_NAMED_SEMAPHORE 1 ++# else ++# define USE_UNNAMED_SEMAPHORE 1 ++# endif ++#endif ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -90,6 +112,12 @@ + + #include "glthread/thread.h" + #include "glthread/yield.h" ++#if USE_SEMAPHORE ++# include <errno.h> ++# include <fcntl.h> ++# include <semaphore.h> ++# include <unistd.h> ++#endif + + #if ENABLE_DEBUGGING + # define dbgprintf printf +@@ -103,6 +131,132 @@ + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#elif USE_SEMAPHORE ++/* This atomic_int implementation can only support the values 0 and 1. ++ It is initially 0 and can be set to 1 only once. */ ++# if USE_UNNAMED_SEMAPHORE ++struct atomic_int { ++ sem_t semaphore; ++}; ++#define atomic_int_semaphore(ai) (&(ai)->semaphore) ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ sem_init (&ai->semaphore, 0, 0); ++} ++# endif ++# if USE_NAMED_SEMAPHORE ++struct atomic_int { ++ sem_t *semaphore; ++}; ++#define atomic_int_semaphore(ai) ((ai)->semaphore) ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ sem_t *s; ++ unsigned int count; ++ for (count = 0; ; count++) ++ { ++ char name[80]; ++ /* Use getpid() in the name, so that different processes running at the ++ same time will not interfere. Use ai in the name, so that different ++ atomic_int in the same process will not interfere. Use a count in ++ the name, so that even in the (unlikely) case that a semaphore with ++ the specified name already exists, we can try a different name. */ ++ sprintf (name, "test-lock-%lu-%p-%u", ++ (unsigned long) getpid (), ai, count); ++ s = sem_open (name, O_CREAT | O_EXCL, 0600, 0); ++ if (s == SEM_FAILED) ++ { ++ if (errno == EEXIST) ++ /* Retry with a different name. */ ++ continue; ++ else ++ { ++ perror ("sem_open failed"); ++ abort (); ++ } ++ } ++ else ++ { ++ /* Try not to leave a semaphore hanging around on the file system ++ eternally, if we can avoid it. */ ++ sem_unlink (name); ++ break; ++ } ++ } ++ ai->semaphore = s; ++} ++# endif ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ if (sem_trywait (atomic_int_semaphore (ai)) == 0) ++ { ++ if (sem_post (atomic_int_semaphore (ai))) ++ abort (); ++ return 1; ++ } ++ else if (errno == EAGAIN) ++ return 0; ++ else ++ abort (); ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ if (new_value == 0) ++ /* It's already initialized with 0. */ ++ return; ++ /* To set the value 1: */ ++ if (sem_post (atomic_int_semaphore (ai))) ++ abort (); ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -170,12 +324,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -200,7 +354,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -210,7 +365,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -254,12 +409,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -284,7 +439,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -295,7 +451,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -356,12 +512,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -386,7 +542,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -396,7 +553,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/fontconfig-charwidth-symbol-conflict.patch b/gnu/packages/patches/fontconfig-charwidth-symbol-conflict.patch deleted file mode 100644 index 8ebe33bc6c..0000000000 --- a/gnu/packages/patches/fontconfig-charwidth-symbol-conflict.patch +++ /dev/null @@ -1,82 +0,0 @@ -The first patch is copied from the upstream source repository: - -https://cgit.freedesktop.org/fontconfig/commit/?id=1ab5258f7c2abfafcd63a760ca08bf93591912da - -The second patch is adapted from a message to from the OpenEmbedded mailing list: - -http://lists.openembedded.org/pipermail/openembedded-core/2016-December/130213.html - -From 1ab5258f7c2abfafcd63a760ca08bf93591912da Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 14 Dec 2016 16:11:05 -0800 -Subject: Avoid conflicts with integer width macros from TS 18661-1:2014 - -glibc 2.25+ has now defined these macros in <limits.h> -https://sourceware.org/git/?p=glibc.git;a=commit;h=5b17fd0da62bf923cb61d1bb7b08cf2e1f1f9c1a - -Create an alias for FC_CHAR_WIDTH for ABI compatibility - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -diff --git a/fontconfig/fontconfig.h b/fontconfig/fontconfig.h -index 5c72b22..070a557 100644 ---- a/fontconfig/fontconfig.h -+++ b/fontconfig/fontconfig.h -@@ -128,7 +128,8 @@ typedef int FcBool; - #define FC_USER_CACHE_FILE ".fonts.cache-" FC_CACHE_VERSION - - /* Adjust outline rasterizer */ --#define FC_CHAR_WIDTH "charwidth" /* Int */ -+#define FC_CHARWIDTH "charwidth" /* Int */ -+#define FC_CHAR_WIDTH FC_CHARWIDTH - #define FC_CHAR_HEIGHT "charheight"/* Int */ - #define FC_MATRIX "matrix" /* FcMatrix */ - -diff --git a/src/fcobjs.h b/src/fcobjs.h -index 1fc4f65..d27864b 100644 ---- a/src/fcobjs.h -+++ b/src/fcobjs.h -@@ -51,7 +51,7 @@ FC_OBJECT (DPI, FcTypeDouble, NULL) - FC_OBJECT (RGBA, FcTypeInteger, NULL) - FC_OBJECT (SCALE, FcTypeDouble, NULL) - FC_OBJECT (MINSPACE, FcTypeBool, NULL) --FC_OBJECT (CHAR_WIDTH, FcTypeInteger, NULL) -+FC_OBJECT (CHARWIDTH, FcTypeInteger, NULL) - FC_OBJECT (CHAR_HEIGHT, FcTypeInteger, NULL) - FC_OBJECT (MATRIX, FcTypeMatrix, NULL) - FC_OBJECT (CHARSET, FcTypeCharSet, FcCompareCharSet) --- -cgit v0.10.2 - -From 20cddc824c6501c2082cac41b162c34cd5fcc530 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem at gmail.com> -Date: Sun, 11 Dec 2016 14:32:00 -0800 -Subject: [PATCH] Avoid conflicts with integer width macros from TS - 18661-1:2014 - -glibc 2.25+ has now defined these macros in <limits.h> -https://sourceware.org/git/?p=glibc.git;a=commit;h=5b17fd0da62bf923cb61d1bb7b08cf2e1f1f9c1a - -Signed-off-by: Khem Raj <raj.khem at gmail.com> ---- -Upstream-Status: Submitted - - fontconfig/fontconfig.h | 2 +- - src/fcobjs.h | 2 +- - src/fcobjshash.gperf | 2 +- - src/fcobjshash.h | 2 +- - 4 files changed, 4 insertions(+), 4 deletions(-) - -Index: fontconfig-2.12.1/src/fcobjshash.h -=================================================================== ---- fontconfig-2.12.1.orig/src/fcobjshash.h -+++ fontconfig-2.12.1/src/fcobjshash.h -@@ -284,7 +284,7 @@ FcObjectTypeLookup (register const char - {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str43,FC_CHARSET_OBJECT}, - {-1}, - #line 47 "fcobjshash.gperf" -- {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str45,FC_CHAR_WIDTH_OBJECT}, -+ {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str45,FC_CHARWIDTH_OBJECT}, - #line 48 "fcobjshash.gperf" - {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str46,FC_CHAR_HEIGHT_OBJECT}, - #line 55 "fcobjshash.gperf" diff --git a/gnu/packages/patches/fontconfig-path-max.patch b/gnu/packages/patches/fontconfig-path-max.patch deleted file mode 100644 index e12f60ef00..0000000000 --- a/gnu/packages/patches/fontconfig-path-max.patch +++ /dev/null @@ -1,124 +0,0 @@ -This patch fix the build on GNU/Hurd, due to PATH_MAX isn't defined. - -The patch was adapted from upstream source repository: -'<https://cgit.freedesktop.org/fontconfig/commit/?id=abdb6d658e1a16410dd1c964e365a3ebd5039e7c>' -Commit: abdb6d658e1a16410dd1c964e365a3ebd5039e7c - ---- - src/fcdefault.c | 34 +++++++++++++++++++++++++++------- - src/fcint.h | 6 ++++++ - src/fcstat.c | 12 +++++++++++- - 3 files changed, 44 insertions(+), 8 deletions(-) - -diff --git a/src/fcdefault.c b/src/fcdefault.c -index 6647a8f..5afd7ec 100644 ---- a/src/fcdefault.c -+++ b/src/fcdefault.c -@@ -148,17 +148,34 @@ retry: - prgname = FcStrdup (""); - #else - # if defined (HAVE_GETEXECNAME) -- const char *p = getexecname (); -+ char *p = FcStrdup(getexecname ()); - # elif defined (HAVE_READLINK) -- char buf[PATH_MAX + 1]; -- int len; -+ size_t size = FC_PATH_MAX; - char *p = NULL; - -- len = readlink ("/proc/self/exe", buf, sizeof (buf) - 1); -- if (len != -1) -+ while (1) - { -- buf[len] = '\0'; -- p = buf; -+ char *buf = malloc (size); -+ ssize_t len; -+ -+ if (!buf) -+ break; -+ -+ len = readlink ("/proc/self/exe", buf, size - 1); -+ if (len < 0) -+ { -+ free (buf); -+ break; -+ } -+ if (len < size - 1) -+ { -+ buf[len] = 0; -+ p = buf; -+ break; -+ } -+ -+ free (buf); -+ size *= 2; - } - # else - char *p = NULL; -@@ -176,6 +193,9 @@ retry: - - if (!prgname) - prgname = FcStrdup (""); -+ -+ if (p) -+ free (p); - #endif - - if (!fc_atomic_ptr_cmpexch (&default_prgname, NULL, prgname)) { -diff --git a/src/fcint.h b/src/fcint.h -index ac911ad..dad34c5 100644 ---- a/src/fcint.h -+++ b/src/fcint.h -@@ -70,6 +70,12 @@ extern pfnSHGetFolderPathA pSHGetFolderPathA; - # define FC_DIR_SEPARATOR_S "/" - #endif - -+#ifdef PATH_MAX -+#define FC_PATH_MAX PATH_MAX -+#else -+#define FC_PATH_MAX 128 -+#endif -+ - #if __GNUC__ >= 4 - #define FC_UNUSED __attribute__((unused)) - #else -diff --git a/src/fcstat.c b/src/fcstat.c -index 1734fa4..f6e1aaa 100644 ---- a/src/fcstat.c -+++ b/src/fcstat.c -@@ -278,8 +278,13 @@ FcDirChecksum (const FcChar8 *dir, time_t *checksum) - { - #endif - struct stat statb; -- char f[PATH_MAX + 1]; -+ char *f = malloc (len + 1 + dlen + 1); - -+ if (!f) -+ { -+ ret = -1; -+ goto bail; -+ } - memcpy (f, dir, len); - f[len] = FC_DIR_SEPARATOR; - memcpy (&f[len + 1], files[n]->d_name, dlen); -@@ -287,11 +292,16 @@ FcDirChecksum (const FcChar8 *dir, time_t *checksum) - if (lstat (f, &statb) < 0) - { - ret = -1; -+ free (f); - goto bail; - } - if (S_ISDIR (statb.st_mode)) -+ { -+ free (f); - goto bail; -+ } - -+ free (f); - dtype = statb.st_mode; - #ifdef HAVE_STRUCT_DIRENT_D_TYPE - } --- -2.11.0 - diff --git a/gnu/packages/patches/freetype-CVE-2017-8105.patch b/gnu/packages/patches/freetype-CVE-2017-8105.patch deleted file mode 100644 index 1891c4ab5f..0000000000 --- a/gnu/packages/patches/freetype-CVE-2017-8105.patch +++ /dev/null @@ -1,56 +0,0 @@ -Fix CVE-2017-8105: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105 -https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 - -Patch copied from upstream source repository: - -https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 - -From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001 -From: Werner Lemberg <wl@gnu.org> -Date: Fri, 24 Mar 2017 09:15:10 +0100 -Subject: [PATCH] [psaux] Better protect `flex' handling. - -Reported as - - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 - -* src/psaux/t1decode.c (t1_decoder_parse_charstrings) -<callothersubr>: Since there is not a single flex operator but a -series of subroutine calls, malformed fonts can call arbitrary other -operators after the start of a flex, possibly adding points. For -this reason we have to check the available number of points before -inserting a point. ---- - ChangeLog | 15 +++++++++++++++ - src/psaux/t1decode.c | 9 +++++++++ - 2 files changed, 24 insertions(+) - -diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c -index af7b465e..7dd45135 100644 ---- a/src/psaux/t1decode.c -+++ b/src/psaux/t1decode.c -@@ -780,10 +780,19 @@ - /* point without adding any point to the outline */ - idx = decoder->num_flex_vectors++; - if ( idx > 0 && idx < 7 ) -+ { -+ /* in malformed fonts it is possible to have other */ -+ /* opcodes in the middle of a flex (which don't */ -+ /* increase `num_flex_vectors'); we thus have to */ -+ /* check whether we can add a point */ -+ if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) ) -+ goto Syntax_Error; -+ - t1_builder_add_point( builder, - x, - y, - (FT_Byte)( idx == 3 || idx == 6 ) ); -+ } - } - break; - --- -2.12.2 - diff --git a/gnu/packages/patches/freetype-CVE-2017-8287.patch b/gnu/packages/patches/freetype-CVE-2017-8287.patch deleted file mode 100644 index d1145a87ee..0000000000 --- a/gnu/packages/patches/freetype-CVE-2017-8287.patch +++ /dev/null @@ -1,44 +0,0 @@ -Fix CVE-2017-8287: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287 -https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 - -Patch copied from upstream source repository: -https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 - -From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001 -From: Werner Lemberg <wl@gnu.org> -Date: Sun, 26 Mar 2017 08:32:09 +0200 -Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety - guard. - -Reported as - - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 ---- - ChangeLog | 8 ++++++++ - src/psaux/psobjs.c | 8 ++++++++ - 2 files changed, 16 insertions(+) - -diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c -index d18e821a..0baf8368 100644 ---- a/src/psaux/psobjs.c -+++ b/src/psaux/psobjs.c -@@ -1718,6 +1718,14 @@ - first = outline->n_contours <= 1 - ? 0 : outline->contours[outline->n_contours - 2] + 1; - -+ /* in malformed fonts it can happen that a contour was started */ -+ /* but no points were added */ -+ if ( outline->n_contours && first == outline->n_points ) -+ { -+ outline->n_contours--; -+ return; -+ } -+ - /* We must not include the last point in the path if it */ - /* is located on the first point. */ - if ( outline->n_points > 1 ) --- -2.12.2 - diff --git a/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch b/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch new file mode 100644 index 0000000000..74b10c4a44 --- /dev/null +++ b/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch @@ -0,0 +1,20 @@ +Add missing include that triggers a build failure on PowerPC: + + ../../../../gcc-5.4.0/libsanitizer/asan/asan_linux.cc: In function ‘bool __asan::AsanInterceptsSignal(int)’: + ../../../../gcc-5.4.0/libsanitizer/asan/asan_linux.cc:222:20: error: ‘SIGSEGV’ was not declared in this scope + return signum == SIGSEGV && common_flags()->handle_segv; + ^ +From <https://patchwork.ozlabs.org/patch/725596/>. + +diff --git a/libsanitizer/asan/asan_linux.cc b/libsanitizer/asan/asan_linux.cc +index c504168..59087b9 100644 +--- a/libsanitizer/asan/asan_linux.cc ++++ b/libsanitizer/asan/asan_linux.cc +@@ -29,6 +29,7 @@ + #include <dlfcn.h> + #include <fcntl.h> + #include <pthread.h> ++#include <signal.h> + #include <stdio.h> + #include <unistd.h> + #include <unwind.h> diff --git a/gnu/packages/patches/gettext-gnulib-multi-core.patch b/gnu/packages/patches/gettext-gnulib-multi-core.patch new file mode 100644 index 0000000000..5ccdbe4ca1 --- /dev/null +++ b/gnu/packages/patches/gettext-gnulib-multi-core.patch @@ -0,0 +1,178 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib +by Bruno Haible <bruno@clisp.org>. + +diff --git a/gettext-tools/gnulib-tests/test-lock.c b/gettext-tools/gnulib-tests/test-lock.c +index cb734b4e6..aa6de2739 100644 +--- a/gettext-tools/gnulib-tests/test-lock.c ++++ b/gettext-tools/gnulib-tests/test-lock.c +@@ -50,6 +50,13 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a lock is used to protect these variables. ++ If set to 1, 'volatile' is used; this is theoretically equivalent but can ++ lead to much slower execution (e.g. 30x slower total run time on a 40-core ++ machine. */ ++#define USE_VOLATILE 0 ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -103,6 +110,51 @@ + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -170,12 +222,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -200,7 +252,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -210,7 +263,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -254,12 +307,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -284,7 +337,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -295,7 +349,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -356,12 +410,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -386,7 +440,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -396,7 +451,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/gettext-multi-core.patch b/gnu/packages/patches/gettext-multi-core.patch new file mode 100644 index 0000000000..31a378cfd0 --- /dev/null +++ b/gnu/packages/patches/gettext-multi-core.patch @@ -0,0 +1,185 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 1afbcb06fded2a427b761dd1615b1e48e1e853cc in Gettext +by Bruno Haible <bruno@clisp.org>. + +diff --git a/gettext-runtime/tests/test-lock.c b/gettext-runtime/tests/test-lock.c +index d279d1d60..51cec3d6b 100644 +--- a/gettext-runtime/tests/test-lock.c ++++ b/gettext-runtime/tests/test-lock.c +@@ -1,5 +1,5 @@ + /* Test of locking in multithreaded situations. +- Copyright (C) 2005, 2008-2016 Free Software Foundation, Inc. ++ Copyright (C) 2005, 2008-2017 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as published by +@@ -50,6 +50,13 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a lock is used to protect these variables. ++ If set to 1, 'volatile' is used; this is theoretically equivalent but can ++ lead to much slower execution (e.g. 30x slower total run time on a 40-core ++ machine. */ ++#define USE_VOLATILE 0 ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -214,6 +221,51 @@ static inline void * gl_thread_self_pointer (void) + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -281,12 +333,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -311,7 +363,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -321,7 +374,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -365,12 +418,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -395,7 +448,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -406,7 +460,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -467,12 +521,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -497,7 +551,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -507,7 +562,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch b/gnu/packages/patches/ghostscript-CVE-2013-5653.patch deleted file mode 100644 index 622266b176..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch +++ /dev/null @@ -1,85 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8 - -From ab109aaeb3ddba59518b036fb288402a65cf7ce8 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Sat, 5 Mar 2016 14:56:03 -0800 -Subject: [PATCH] Bug 694724: Have filenameforall and getenv honor SAFER - ---- - Resource/Init/gs_init.ps | 2 ++ - psi/zfile.c | 36 ++++++++++++++++++++---------------- - 2 files changed, 22 insertions(+), 16 deletions(-) - -diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps -index fa33d88..99888ac 100644 ---- a/Resource/Init/gs_init.ps -+++ b/Resource/Init/gs_init.ps -@@ -2018,6 +2018,7 @@ readonly def - - /.locksafe { - .locksafe_userparams -+ systemdict /getenv {pop //false} put - % setpagedevice has the side effect of clearing the page, but - % we will just document that. Using setpagedevice keeps the device - % properties and pagedevice .LockSafetyParams in agreement even -@@ -2036,6 +2037,7 @@ readonly def - %% - /.locksafeglobal { - .locksafe_userparams -+ systemdict /getenv {pop //false} put - % setpagedevice has the side effect of clearing the page, but - % we will just document that. Using setpagedevice keeps the device - % properties and pagedevice .LockSafetyParams in agreement even -diff --git a/psi/zfile.c b/psi/zfile.c -index 320ecd5..0b9f299 100644 ---- a/psi/zfile.c -+++ b/psi/zfile.c -@@ -371,22 +371,26 @@ file_continue(i_ctx_t *i_ctx_p) - - if (len < devlen) - return_error(e_rangecheck); /* not even room for device len */ -- memcpy((char *)pscratch->value.bytes, iodev->dname, devlen); -- code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen, -- len - devlen); -- if (code == ~(uint) 0) { /* all done */ -- esp -= 5; /* pop proc, pfen, devlen, iodev , mark */ -- return o_pop_estack; -- } else if (code > len) /* overran string */ -- return_error(e_rangecheck); -- else { -- push(1); -- ref_assign(op, pscratch); -- r_set_size(op, code + devlen); -- push_op_estack(file_continue); /* come again */ -- *++esp = pscratch[2]; /* proc */ -- return o_push_estack; -- } -+ -+ do { -+ memcpy((char *)pscratch->value.bytes, iodev->dname, devlen); -+ code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen, -+ len - devlen); -+ if (code == ~(uint) 0) { /* all done */ -+ esp -= 5; /* pop proc, pfen, devlen, iodev , mark */ -+ return o_pop_estack; -+ } else if (code > len) /* overran string */ -+ return_error(e_rangecheck); -+ else if (iodev != iodev_default(imemory) -+ || (check_file_permissions_reduced(i_ctx_p, (char *)pscratch->value.bytes, code + devlen, "PermitFileReading")) == 0) { -+ push(1); -+ ref_assign(op, pscratch); -+ r_set_size(op, code + devlen); -+ push_op_estack(file_continue); /* come again */ -+ *++esp = pscratch[2]; /* proc */ -+ return o_push_estack; -+ } -+ } while(1); - } - /* Cleanup procedure for enumerating files */ - static int --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch b/gnu/packages/patches/ghostscript-CVE-2015-3228.patch deleted file mode 100644 index c19fdb1d43..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch +++ /dev/null @@ -1,32 +0,0 @@ -The file names in the upstream patch below were modified to apply to GNU -ghostscript. - -From 0c0b0859ae1aba64861599f0e7f74f143f305932 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Tue, 7 Jul 2015 16:57:41 +0100 -Subject: [PATCH] Bug 696041: sanity check for memory allocation. - -In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the -variable holding the actual number of bytes we allocate. - -No cluster differences ---- - gs/base/gsmalloc.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/base/gsmalloc.c b/base/gsmalloc.c -index 624552d..cad79c2 100644 ---- a/base/gsmalloc.c -+++ b/base/gsmalloc.c -@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size, client_name_t cname) - } else { - uint added = size + sizeof(gs_malloc_block_t); - -- if (mmem->limit - added < mmem->used) -+ if (added <= size || mmem->limit - added < mmem->used) - set_msg("exceeded limit"); - else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0) - set_msg("failed"); --- -2.4.6 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch b/gnu/packages/patches/ghostscript-CVE-2016-7976.patch deleted file mode 100644 index 0a09f89016..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch +++ /dev/null @@ -1,185 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d - -From 6d444c273da5499a4cd72f21cb6d4c9a5256807d Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Wed, 5 Oct 2016 09:55:55 +0100 -Subject: [PATCH] Bug 697178: Add a file permissions callback - -For the rare occasions when the graphics library directly opens a file -(currently for reading), this allows us to apply any restrictions on -file access normally applied in the interpteter. ---- - base/gsicc_manage.c | 10 ++++++---- - base/gslibctx.c | 12 +++++++++++- - base/gslibctx.h | 7 +++++++ - psi/imain.c | 2 ++ - psi/int.mak | 2 +- - psi/zfile.c | 19 +++++++++++++++++++ - psi/zfile.h | 7 +++++++ - 7 files changed, 53 insertions(+), 6 deletions(-) - -diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c -index 931c2a6..e9c09c3 100644 ---- a/base/gsicc_manage.c -+++ b/base/gsicc_manage.c -@@ -1028,10 +1028,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc, - } - - /* First just try it like it is */ -- str = sfopen(pname, "rb", mem_gc); -- if (str != NULL) { -- *strp = str; -- return 0; -+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) { -+ str = sfopen(pname, "rb", mem_gc); -+ if (str != NULL) { -+ *strp = str; -+ return 0; -+ } - } - - /* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */ -diff --git a/base/gslibctx.c b/base/gslibctx.c -index eaa0458..37ce1ca 100644 ---- a/base/gslibctx.c -+++ b/base/gslibctx.c -@@ -121,7 +121,7 @@ int gs_lib_ctx_init( gs_memory_t *mem ) - mem->gs_lib_ctx = NULL; - return -1; - } -- -+ pio->client_check_file_permission = NULL; - gp_get_realtime(pio->real_time_0); - - return 0; -@@ -262,3 +262,13 @@ void errflush(const gs_memory_t *mem) - fflush(mem->gs_lib_ctx->fstderr); - /* else nothing to flush */ - } -+ -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ int code = 0; -+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) { -+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission); -+ } -+ return code; -+} -diff --git a/base/gslibctx.h b/base/gslibctx.h -index 7a4e110..020e2d9 100644 ---- a/base/gslibctx.h -+++ b/base/gslibctx.h -@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server; - # define gs_font_dir_DEFINED - typedef struct gs_font_dir_s gs_font_dir; - #endif -+ -+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - typedef struct gs_lib_ctx_s - { - gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */ -@@ -59,6 +62,7 @@ typedef struct gs_lib_ctx_s - bool dict_auto_expand; /* ps dictionary: false level 1 true level 2 or 3 */ - /* A table of local copies of the IODevices */ - struct gx_io_device_s **io_device_table; -+ client_check_file_permission_t client_check_file_permission; - /* Define the default value of AccurateScreens that affects setscreen - and setcolorscreen. */ - bool screen_accurate_screens; -@@ -108,6 +112,9 @@ int - void gs_lib_ctx_set_icc_directory(const gs_memory_t *mem_gc, const char* pname, - int dir_namelen); - -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - #define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout) - #define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr) - -diff --git a/psi/imain.c b/psi/imain.c -index 9a9bb5d..6874128 100644 ---- a/psi/imain.c -+++ b/psi/imain.c -@@ -57,6 +57,7 @@ - #include "ivmspace.h" - #include "idisp.h" /* for setting display device callback */ - #include "iplugin.h" -+#include "zfile.h" - - #ifdef PACIFY_VALGRIND - #include "valgrind.h" -@@ -215,6 +216,7 @@ gs_main_init1(gs_main_instance * minst) - "the_gs_name_table"); - if (code < 0) - return code; -+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions; - } - code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */ - if (code < 0) -diff --git a/psi/int.mak b/psi/int.mak -index 4654afc..bb30d51 100644 ---- a/psi/int.mak -+++ b/psi/int.mak -@@ -1868,7 +1868,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\ - $(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\ - $(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\ - $(iinit_h) $(main_h) $(oper_h) $(ostack_h)\ -- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) -+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h) - $(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c - - #****** $(CCINT) interp.c -diff --git a/psi/zfile.c b/psi/zfile.c -index 2c6c958..2f27f82 100644 ---- a/psi/zfile.c -+++ b/psi/zfile.c -@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len, - return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup); - } - -+/* z_check_file_permissions: see zfile.h for explanation -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p; -+ gs_parsed_file_name_t pname; -+ const char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting"; -+ int code = gs_parse_file_name(&pname, fname, len, imemory); -+ if (code < 0) -+ return code; -+ -+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0) -+ return e_invalidfileaccess; -+ -+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup); -+ return code; -+} -+ - /* <name_string> <access_string> file <file> */ - int /* exported for zsysvm.c */ - zfile(i_ctx_t *i_ctx_p) -diff --git a/psi/zfile.h b/psi/zfile.h -index fdf1373..a9399c7 100644 ---- a/psi/zfile.h -+++ b/psi/zfile.h -@@ -22,4 +22,11 @@ - int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn, - const char *file_access, stream **ps, gs_memory_t *mem); - -+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission) -+ * to allow applying the above permissions checks when opening file(s) from -+ * the graphics library -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, -+ const int len, const char *permission); - #endif --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch b/gnu/packages/patches/ghostscript-CVE-2016-7978.patch deleted file mode 100644 index 81cb26e9ed..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 6f749c0c44e7b9e09737b9f29edf29925a34f0cf Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Wed, 5 Oct 2016 09:59:25 +0100 -Subject: [PATCH] Bug 697179: Reference count device icc profile - -when copying a device ---- - base/gsdevice.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/base/gsdevice.c b/base/gsdevice.c -index 778106f..aea986a 100644 ---- a/base/gsdevice.c -+++ b/base/gsdevice.c -@@ -614,6 +614,7 @@ gx_device_init(gx_device * dev, const gx_device * proto, gs_memory_t * mem, - dev->memory = mem; - dev->retained = !internal; - rc_init(dev, mem, (internal ? 0 : 1)); -+ rc_increment(dev->icc_struct); - } - - void --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch b/gnu/packages/patches/ghostscript-CVE-2016-7979.patch deleted file mode 100644 index a557adfdea..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch +++ /dev/null @@ -1,48 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=875a0095f37626a721c7ff57d606a0f95af03913 - -From 875a0095f37626a721c7ff57d606a0f95af03913 Mon Sep 17 00:00:00 2001 -From: Ken Sharp <ken.sharp@artifex.com> -Date: Wed, 5 Oct 2016 10:10:58 +0100 -Subject: [PATCH] DSC parser - validate parameters - -Bug #697190 ".initialize_dsc_parser doesn't validate the parameter is a dict type before using it." - -Regardless of any security implications, its simply wrong for a PostScript -operator not to validate its parameter(s). - -No differences expected. ---- - psi/zdscpars.c | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/psi/zdscpars.c b/psi/zdscpars.c -index c05e154..9b4b605 100644 ---- a/psi/zdscpars.c -+++ b/psi/zdscpars.c -@@ -150,11 +150,16 @@ zinitialize_dsc_parser(i_ctx_t *i_ctx_p) - ref local_ref; - int code; - os_ptr const op = osp; -- dict * const pdict = op->value.pdict; -- gs_memory_t * const mem = (gs_memory_t *)dict_memory(pdict); -- dsc_data_t * const data = -- gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init"); -+ dict *pdict; -+ gs_memory_t *mem; -+ dsc_data_t *data; - -+ check_read_type(*op, t_dictionary); -+ -+ pdict = op->value.pdict; -+ mem = (gs_memory_t *)dict_memory(pdict); -+ -+ data = gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init"); - if (!data) - return_error(e_VMerror); - data->document_level = 0; --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch b/gnu/packages/patches/ghostscript-CVE-2016-8602.patch deleted file mode 100644 index aaf20b6c6c..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch +++ /dev/null @@ -1,47 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 - -From f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Sat, 8 Oct 2016 16:10:27 +0100 -Subject: [PATCH] Bug 697203: check for sufficient params in .sethalftone5 - -and param types ---- - psi/zht2.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/psi/zht2.c b/psi/zht2.c -index fb4a264..dfa27a4 100644 ---- a/psi/zht2.c -+++ b/psi/zht2.c -@@ -82,14 +82,22 @@ zsethalftone5(i_ctx_t *i_ctx_p) - gs_memory_t *mem; - uint edepth = ref_stack_count(&e_stack); - int npop = 2; -- int dict_enum = dict_first(op); -+ int dict_enum; - ref rvalue[2]; - int cname, colorant_number; - byte * pname; - uint name_size; - int halftonetype, type = 0; - gs_state *pgs = igs; -- int space_index = r_space_index(op - 1); -+ int space_index; -+ -+ if (ref_stack_count(&o_stack) < 2) -+ return_error(e_stackunderflow); -+ check_type(*op, t_dictionary); -+ check_type(*(op - 1), t_dictionary); -+ -+ dict_enum = dict_first(op); -+ space_index = r_space_index(op - 1); - - mem = (gs_memory_t *) idmemory->spaces_indexed[space_index]; - --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch index db80b6ddec..d38bd593c0 100644 --- a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch +++ b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch @@ -1,15 +1,60 @@ Fix CVE-2017-8291: -https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8291 +https://bugs.ghostscript.com/show_bug.cgi?id=697799 +https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate) +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291 -This patch is adapted from these two Artifex Ghostscript commits by Leo -Famulari <leo@famulari.name>: +Patches copied from upstream source repository: -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d;hp=4f83478c88c2e05d6e8d79ca4557eb039354d2f3 -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3;hp=5603e8fc3e59c435318877efe627967ee6baebb8 +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3 +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad + +From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Thu, 27 Apr 2017 13:03:33 +0100 +Subject: [PATCH] Bug 697799: have .eqproc check its parameters + +The Ghostscript custom operator .eqproc was not check the number or type of +the parameters it was given. +--- + psi/zmisc3.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/psi/zmisc3.c b/psi/zmisc3.c +index 54b304246..37293ff4b 100644 +--- a/psi/zmisc3.c ++++ b/psi/zmisc3.c +@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) + ref2_t stack[MAX_DEPTH + 1]; + ref2_t *top = stack; + ++ if (ref_stack_count(&o_stack) < 2) ++ return_error(gs_error_stackunderflow); ++ if (!r_is_array(op - 1) || !r_is_array(op)) { ++ return_error(gs_error_typecheck); ++ } ++ + make_array(&stack[0].proc1, 0, 1, op - 1); + make_array(&stack[0].proc2, 0, 1, op); + for (;;) { +-- +2.13.0 + +From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Thu, 27 Apr 2017 13:21:31 +0100 +Subject: [PATCH] Bug 697799: have .rsdparams check its parameters + +The Ghostscript internal operator .rsdparams wasn't checking the number or +type of the operands it was being passed. Do so. +--- + psi/zfrsd.c | 22 +++++++++++++++------- + 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/psi/zfrsd.c b/psi/zfrsd.c -index fb4bce9..2629afa 100644 +index 191107d8a..950588d69 100644 --- a/psi/zfrsd.c +++ b/psi/zfrsd.c @@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p) @@ -24,9 +69,9 @@ index fb4bce9..2629afa 100644 + int code = 0; + + if (ref_stack_count(&o_stack) < 1) -+ return_error(e_stackunderflow); ++ return_error(gs_error_stackunderflow); + if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { -+ return_error(e_typecheck); ++ return_error(gs_error_typecheck); + } make_empty_array(&empty_array, a_readonly); @@ -35,15 +80,15 @@ index fb4bce9..2629afa 100644 + && dict_find_string(op, "Filter", &pFilter) > 0) { if (!r_is_array(pFilter)) { if (!r_has_type(pFilter, t_name)) - return_error(e_typecheck); + return_error(gs_error_typecheck); @@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p) - return_error(e_typecheck); + return_error(gs_error_typecheck); } } - code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); + if (r_has_type(op, t_dictionary)) + code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); - if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */ + if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */ return code; - if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0 - ) @@ -54,20 +99,97 @@ index fb4bce9..2629afa 100644 push(1); op[-1] = *pFilter; if (pDecodeParms) +-- +2.13.0 + +From 57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Wed, 3 May 2017 12:05:45 +0100 +Subject: [PATCH] Bug 697846: revision to commit 4f83478c88 (.eqproc) + +When using the "DELAYBIND" feature, it turns out that .eqproc can be called with +parameters that are not both procedures. In this case, it turns out, the +expectation is for the operator to return 'false', rather than throw an error. +--- + psi/zmisc3.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + diff --git a/psi/zmisc3.c b/psi/zmisc3.c -index 54b3042..0d357f1 100644 +index 37293ff4b..3f01d39a3 100644 --- a/psi/zmisc3.c +++ b/psi/zmisc3.c -@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) - ref2_t stack[MAX_DEPTH + 1]; - ref2_t *top = stack; +@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p) + return gs_cliprestore(igs); + } -+ if (ref_stack_count(&o_stack) < 2) -+ return_error(e_stackunderflow); -+ if (!r_is_array(op - 1) || !r_is_array(op)) { -+ return_error(e_typecheck); -+ } ++static inline bool ++eqproc_check_type(ref *r) ++{ ++ return r_has_type(r, t_array) ++ || r_has_type(r, t_mixedarray) ++ || r_has_type(r, t_shortarray) ++ || r_has_type(r, t_oparray); ++} + + /* <proc1> <proc2> .eqproc <bool> */ + /* + * Test whether two procedures are equal to depth 10. +@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p) + + if (ref_stack_count(&o_stack) < 2) + return_error(gs_error_stackunderflow); +- if (!r_is_array(op - 1) || !r_is_array(op)) { +- return_error(gs_error_typecheck); ++ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) { ++ make_false(op - 1); ++ pop(1); ++ return 0; + } + make_array(&stack[0].proc1, 0, 1, op - 1); - make_array(&stack[0].proc2, 0, 1, op); - for (;;) { +-- +2.13.0 + +From ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Thu, 11 May 2017 14:07:48 +0100 +Subject: [PATCH] Bug 697892: fix check for op stack underflow. + +In the original fix, I used the wrong method to check for stack underflow, this +is using the correct method. +--- + psi/zfrsd.c | 3 +-- + psi/zmisc3.c | 3 +-- + 2 files changed, 2 insertions(+), 4 deletions(-) + +diff --git a/psi/zfrsd.c b/psi/zfrsd.c +index 950588d69..9c035b96d 100644 +--- a/psi/zfrsd.c ++++ b/psi/zfrsd.c +@@ -54,8 +54,7 @@ zrsdparams(i_ctx_t *i_ctx_p) + uint i; + int code = 0; + +- if (ref_stack_count(&o_stack) < 1) +- return_error(gs_error_stackunderflow); ++ check_op(1); + if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { + return_error(gs_error_typecheck); + } +diff --git a/psi/zmisc3.c b/psi/zmisc3.c +index 3f01d39a3..43803b55b 100644 +--- a/psi/zmisc3.c ++++ b/psi/zmisc3.c +@@ -65,8 +65,7 @@ zeqproc(i_ctx_t *i_ctx_p) + ref2_t stack[MAX_DEPTH + 1]; + ref2_t *top = stack; + +- if (ref_stack_count(&o_stack) < 2) +- return_error(gs_error_stackunderflow); ++ check_op(2); + if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) { + make_false(op - 1); + pop(1); +-- +2.13.0 + diff --git a/gnu/packages/patches/ghostscript-no-header-creationdate.patch b/gnu/packages/patches/ghostscript-no-header-creationdate.patch new file mode 100644 index 0000000000..92ddbdade0 --- /dev/null +++ b/gnu/packages/patches/ghostscript-no-header-creationdate.patch @@ -0,0 +1,22 @@ +This patch makes emission of /CreationDate and /ModDate headers optional. + +If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will +not write out the "/ID" field (if that's permissible). + +Upstream does not want to do this. + +See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 +diff --git a/orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c b/bb/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c +index 0fb067e..b342e2c 100644 +--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c ++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c +@@ -305,6 +305,9 @@ pdf_initialize_ids(gx_device_pdf * pdev) + * date and time, rather than (for example) %%CreationDate from the + * PostScript file. We think this is wrong, but we do the same. + */ ++ if (!getenv("GS_GENERATE_UUIDS") || ++ (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && ++ strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0)) + { + struct tm tms; + time_t t; diff --git a/gnu/packages/patches/ghostscript-no-header-id.patch b/gnu/packages/patches/ghostscript-no-header-id.patch new file mode 100644 index 0000000000..19b71aadb5 --- /dev/null +++ b/gnu/packages/patches/ghostscript-no-header-id.patch @@ -0,0 +1,57 @@ +This patch makes the "/ID" field optional. + +If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will +not write out the "/ID" field (if that's permissible). + +Upstream does not want to do this. + +See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 +diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c +--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c 2017-07-09 23:30:28.960479189 +0200 ++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c 2017-07-09 23:34:34.306524488 +0200 +@@ -1580,8 +1580,11 @@ + * +1 for the linearisation dict and +1 for the primary hint stream. + */ + linear_params->FirsttrailerOffset = gp_ftell_64(linear_params->Lin_File.file); +- gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R/ID[%s%s]/Prev %d>>\nstartxref\r\n0\n%%%%EOF\n \n", +- linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber, fileID, fileID, 0); ++ gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R", ++ linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber); ++ if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) /* ID is mandatory when encrypting */ ++ gs_sprintf(LDict, "/ID[%s%s]", fileID, fileID); ++ gs_sprintf(LDict, "/Prev %d>>\nstartxref\r\n0\n%%%%EOF\n \n", 0); + fwrite(LDict, strlen(LDict), 1, linear_params->Lin_File.file); + + /* Write document catalog (Part 4) */ +@@ -2102,8 +2105,11 @@ + * in the missing values. + */ + code = gp_fseek_64(linear_params->sfile, linear_params->FirsttrailerOffset, SEEK_SET); +- gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R/ID[%s%s]/Prev %"PRId64">>\nstartxref\r\n0\n%%%%EOF\n", +- linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber, fileID, fileID, mainxref); ++ gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R", ++ linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber); ++ if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) /* ID is mandatory when encrypting */ ++ gs_sprintf(LDict, "/ID[%s%s]", fileID, fileID); ++ gs_sprintf(LDict, "/Prev %"PRId64">>\nstartxref\r\n0\n%%%%EOF\n", mainxref); + fwrite(LDict, strlen(LDict), 1, linear_params->sfile); + + code = gp_fseek_64(linear_params->sfile, pdev->ResourceUsage[HintStreamObj].LinearisedOffset, SEEK_SET); +@@ -2674,10 +2680,12 @@ + stream_puts(s, "trailer\n"); + pprintld3(s, "<< /Size %ld /Root %ld 0 R /Info %ld 0 R\n", + pdev->next_id, Catalog_id, Info_id); +- stream_puts(s, "/ID ["); +- psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); +- psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); +- stream_puts(s, "]\n"); ++ if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) { /* ID is mandatory when encrypting */ ++ stream_puts(s, "/ID ["); ++ psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); ++ psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); ++ stream_puts(s, "]\n"); ++ } + if (pdev->OwnerPassword.size > 0) { + pprintld1(s, "/Encrypt %ld 0 R ", Encrypt_id); + } +Nur in gnu-ghostscript-9.14.0/devices/vector: gdevpdf.c.orig. diff --git a/gnu/packages/patches/ghostscript-no-header-uuid.patch b/gnu/packages/patches/ghostscript-no-header-uuid.patch new file mode 100644 index 0000000000..473531220c --- /dev/null +++ b/gnu/packages/patches/ghostscript-no-header-uuid.patch @@ -0,0 +1,50 @@ +This patch makes the UUIDs in the XMP header optional, depending on the +setting of the environment variable GS_GENERATE_UUIDS. + +If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will +not write out the Document UUID field and also will write the Instance ID +field value as "". + +Upstream does not want to do this. + +See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 +diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c aa/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c +--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c 2017-07-09 23:30:28.960479189 +0200 ++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c 2017-07-10 01:04:12.252478276 +0200 +@@ -617,7 +617,7 @@ + return code; + + /* PDF/A XMP reference recommends setting UUID to empty. If not empty must be a URI */ +- if (pdev->PDFA != 0) ++ if (pdev->PDFA != 0 || (getenv("GS_GENERATE_UUIDS") && (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") == 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") == 0))) + instance_uuid[0] = 0x00; + + cre_date_time_len = pdf_get_docinfo_item(pdev, "/CreationDate", cre_date_time, sizeof(cre_date_time)); +@@ -719,15 +719,18 @@ + pdf_xml_tag_close(s, "rdf:Description"); + pdf_xml_newline(s); + +- pdf_xml_tag_open_beg(s, "rdf:Description"); +- pdf_xml_attribute_name(s, "rdf:about"); +- pdf_xml_attribute_value(s, instance_uuid); +- pdf_xml_attribute_name(s, "xmlns:xapMM"); +- pdf_xml_attribute_value(s, "http://ns.adobe.com/xap/1.0/mm/"); +- pdf_xml_attribute_name(s, "xapMM:DocumentID"); +- pdf_xml_attribute_value(s, document_uuid); +- pdf_xml_tag_end_empty(s); +- pdf_xml_newline(s); ++ if (!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0)) ++ { ++ pdf_xml_tag_open_beg(s, "rdf:Description"); ++ pdf_xml_attribute_name(s, "rdf:about"); ++ pdf_xml_attribute_value(s, instance_uuid); ++ pdf_xml_attribute_name(s, "xmlns:xapMM"); ++ pdf_xml_attribute_value(s, "http://ns.adobe.com/xap/1.0/mm/"); ++ pdf_xml_attribute_name(s, "xapMM:DocumentID"); ++ pdf_xml_attribute_value(s, document_uuid); ++ pdf_xml_tag_end_empty(s); ++ pdf_xml_newline(s); ++ } + + pdf_xml_tag_open_beg(s, "rdf:Description"); + pdf_xml_attribute_name(s, "rdf:about"); diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch index c7dcfd4529..9f161e45b3 100644 --- a/gnu/packages/patches/ghostscript-runpath.patch +++ b/gnu/packages/patches/ghostscript-runpath.patch @@ -1,17 +1,18 @@ -This patch adds $(libdir) to the RUNPATH of 'gsc' and 'gsx'. - ---- gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:45.386957927 +0200 -+++ gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:49.222982359 +0200 -@@ -91,11 +91,11 @@ $(GS_SO_MAJOR): $(GS_SO_MAJOR_MINOR) +diff --git a/base/unix-dll.mak b/base/unix-dll.mak +index 9d57a99..36ef1ff 100644 +--- a/base/unix-dll.mak ++++ b/base/unix-dll.mak +@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS) # Build the small Ghostscript loaders, with Gtk+ and without - $(GSSOC_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER) + $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS) $(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \ - -L$(BINDIR) -l$(GS_SO_BASE) + -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir) - $(GSSOX_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER) + $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS) $(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \ - -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) + -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir) - # ------------------------- Recursive make targets ------------------------- # + $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS) + $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE) diff --git a/gnu/packages/patches/grep-gnulib-lock.patch b/gnu/packages/patches/grep-gnulib-lock.patch new file mode 100644 index 0000000000..68c33f1031 --- /dev/null +++ b/gnu/packages/patches/grep-gnulib-lock.patch @@ -0,0 +1,32 @@ +This patch fix error on 'gnulib' library required to build +'grep' package on GNU/Hurd. +The patch was adapted from upstream source repository: +'<http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commit;h=4084b3a1094372b960ce4a97634e08f4538c8bdd>' + +Commit: 4084b3a1094372b960ce4a97634e08f4538c8bdd + +diff --git a/lib/glthread/lock.c b/lib/glthread/lock.c +index 061562b..afc86f4 100644 +--- a/lib/glthread/lock.c ++++ b/lib/glthread/lock.c +@@ -30,7 +30,7 @@ + + /* ------------------------- gl_rwlock_t datatype ------------------------- */ + +-# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1)) ++# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1))) + + # ifdef PTHREAD_RWLOCK_INITIALIZER + +diff --git a/lib/glthread/lock.h b/lib/glthread/lock.h +index ec16d39..67932aa 100644 +--- a/lib/glthread/lock.h ++++ b/lib/glthread/lock.h +@@ -179,7 +179,7 @@ typedef pthread_mutex_t gl_lock_t; + + /* ------------------------- gl_rwlock_t datatype ------------------------- */ + +-# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1)) ++# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1))) + + # ifdef PTHREAD_RWLOCK_INITIALIZER diff --git a/gnu/packages/patches/groff-source-date-epoch.patch b/gnu/packages/patches/groff-source-date-epoch.patch new file mode 100644 index 0000000000..53c590b049 --- /dev/null +++ b/gnu/packages/patches/groff-source-date-epoch.patch @@ -0,0 +1,299 @@ +Adds support for the environment variable SOURCE_DATE_EPOCH. + +See: https://sources.debian.net/patches/groff/1.22.3-9/source-date-epoch.patch/ + +From abc23bc9245e18468817f2838361c3a08f7521e2 Mon Sep 17 00:00:00 2001 +From: Colin Watson <cjwatson@debian.org> +Date: Thu, 5 Nov 2015 11:47:34 +0000 +Subject: Implement `SOURCE_DATE_EPOCH' for reproducible builds. + +Author: Colin Watson <cjwatson@debian.org> +Forwarded: yes +Last-Update: 2015-11-05 + +Patch-Name: source-date-epoch.patch +--- + doc/groff.texinfo | 6 +++++ + src/devices/grohtml/grohtml.man | 7 ++++++ + src/devices/grohtml/post-html.cpp | 5 ++-- + src/devices/gropdf/gropdf.man | 7 ++++++ + src/devices/gropdf/gropdf.pl | 3 ++- + src/devices/grops/grops.man | 7 ++++++ + src/devices/grops/ps.cpp | 3 ++- + src/include/curtime.h | 23 ++++++++++++++++++ + src/libs/libgroff/Makefile.sub | 2 ++ + src/libs/libgroff/curtime.cpp | 51 +++++++++++++++++++++++++++++++++++++++ + src/roff/troff/input.cpp | 3 ++- + 11 files changed, 112 insertions(+), 5 deletions(-) + create mode 100644 src/include/curtime.h + create mode 100644 src/libs/libgroff/curtime.cpp + +diff --git a/doc/groff.texinfo b/doc/groff.texinfo +index 066b5274..1d3c7a9f 100644 +--- a/doc/groff.texinfo ++++ b/doc/groff.texinfo +@@ -1453,6 +1453,12 @@ default directory (on Unix and GNU/Linux systems, this is usually + @item GROFF_TYPESETTER + @tindex GROFF_TYPESETTER@r{, environment variable} + The default output device. ++ ++@item SOURCE_DATE_EPOCH ++@tindex SOURCE_DATE_EPOCH@r{, environment variable} ++A timestamp (expressed as seconds since the Unix epoch) to use in place of ++the current time when initializing time-based built-in registers such as ++@code{\n[seconds]}. + @end table + + Note that MS-DOS and MS-Windows ports of @code{groff} use semi-colons, +diff --git a/src/devices/grohtml/grohtml.man b/src/devices/grohtml/grohtml.man +index 51eae224..4be4abbc 100644 +--- a/src/devices/grohtml/grohtml.man ++++ b/src/devices/grohtml/grohtml.man +@@ -419,6 +419,13 @@ and + for more details. + . + . ++.TP ++.SM ++.B SOURCE_DATE_EPOCH ++A timestamp (expressed as seconds since the Unix epoch) to use as the ++creation timestamp in place of the current time. ++. ++. + .\" -------------------------------------------------------------------- + .SH BUGS + .\" -------------------------------------------------------------------- +diff --git a/src/devices/grohtml/post-html.cpp b/src/devices/grohtml/post-html.cpp +index fefbf014..b5fc5167 100644 +--- a/src/devices/grohtml/post-html.cpp ++++ b/src/devices/grohtml/post-html.cpp +@@ -28,6 +28,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ + #include "html.h" + #include "html-text.h" + #include "html-table.h" ++#include "curtime.h" + + #include <time.h> + +@@ -5013,7 +5014,7 @@ void html_printer::do_file_components (void) + .put_string(Version_string) + .end_comment(); + +- t = time(0); ++ t = current_time(); + html.begin_comment("CreationDate: ") + .put_string(ctime(&t), strlen(ctime(&t))-1) + .end_comment(); +@@ -5126,7 +5127,7 @@ html_printer::~html_printer() + .put_string(Version_string) + .end_comment(); + +- t = time(0); ++ t = current_time(); + html.begin_comment("CreationDate: ") + .put_string(ctime(&t), strlen(ctime(&t))-1) + .end_comment(); +diff --git a/src/devices/gropdf/gropdf.man b/src/devices/gropdf/gropdf.man +index 3bbace6a..cc0c82f1 100644 +--- a/src/devices/gropdf/gropdf.man ++++ b/src/devices/gropdf/gropdf.man +@@ -1029,6 +1029,13 @@ and + for more details. + . + . ++.TP ++.SM ++.B SOURCE_DATE_EPOCH ++A timestamp (expressed as seconds since the Unix epoch) to use as the ++creation timestamp in place of the current time. ++. ++. + .\" -------------------------------------------------------------------- + .SH FILES + .\" -------------------------------------------------------------------- +diff --git a/src/devices/gropdf/gropdf.pl b/src/devices/gropdf/gropdf.pl +index 035d1238..c25c4c67 100644 +--- a/src/devices/gropdf/gropdf.pl ++++ b/src/devices/gropdf/gropdf.pl +@@ -239,13 +239,14 @@ elsif (exists($ppsz{$papersz})) + @defaultmb=@mediabox=(0,0,$ppsz{$papersz}->[0],$ppsz{$papersz}->[1]); + } + +-my (@dt)=localtime(time); ++my (@dt)=localtime($ENV{SOURCE_DATE_EPOCH} || time); + my $dt=PDFDate(\@dt); + + my %info=('Creator' => "(groff version $cfg{GROFF_VERSION})", + 'Producer' => "(gropdf version $cfg{GROFF_VERSION})", + 'ModDate' => "($dt)", + 'CreationDate' => "($dt)"); ++ + while (<>) + { + chomp; +diff --git a/src/devices/grops/grops.man b/src/devices/grops/grops.man +index 99fb7486..272c2d18 100644 +--- a/src/devices/grops/grops.man ++++ b/src/devices/grops/grops.man +@@ -1419,6 +1419,13 @@ and + for more details. + . + . ++.TP ++.SM ++.B SOURCE_DATE_EPOCH ++A timestamp (expressed as seconds since the Unix epoch) to use as the ++creation timestamp in place of the current time. ++. ++. + .\" -------------------------------------------------------------------- + .SH FILES + .\" -------------------------------------------------------------------- +diff --git a/src/devices/grops/ps.cpp b/src/devices/grops/ps.cpp +index 745a503b..03e65372 100644 +--- a/src/devices/grops/ps.cpp ++++ b/src/devices/grops/ps.cpp +@@ -28,6 +28,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ + #include "cset.h" + #include "nonposix.h" + #include "paper.h" ++#include "curtime.h" + + #include "ps.h" + #include <time.h> +@@ -1390,7 +1391,7 @@ ps_printer::~ps_printer() + #else + time_t + #endif +- t = time(0); ++ t = current_time(); + fputs(ctime(&t), out.get_file()); + } + for (font_pointer_list *f = font_list; f; f = f->next) { +diff --git a/src/include/curtime.h b/src/include/curtime.h +new file mode 100644 +index 00000000..a4105196 +--- /dev/null ++++ b/src/include/curtime.h +@@ -0,0 +1,23 @@ ++/* Copyright (C) 2015 Free Software Foundation, Inc. ++ ++This file is part of groff. ++ ++groff is free software; you can redistribute it and/or modify it under ++the terms of the GNU General Public License as published by the Free ++Software Foundation, either version 2 of the License, or ++(at your option) any later version. ++ ++groff is distributed in the hope that it will be useful, but WITHOUT ANY ++WARRANTY; without even the implied warranty of MERCHANTABILITY or ++FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++for more details. ++ ++The GNU General Public License version 2 (GPL2) is available in the ++internet at <http://www.gnu.org/licenses/gpl-2.0.txt>. */ ++ ++#ifdef LONG_FOR_TIME_T ++long ++#else ++time_t ++#endif ++current_time(); +diff --git a/src/libs/libgroff/Makefile.sub b/src/libs/libgroff/Makefile.sub +index 840d9934..4cb4937a 100644 +--- a/src/libs/libgroff/Makefile.sub ++++ b/src/libs/libgroff/Makefile.sub +@@ -32,6 +32,7 @@ OBJS=\ + cmap.$(OBJEXT) \ + color.$(OBJEXT) \ + cset.$(OBJEXT) \ ++ curtime.$(OBJEXT) \ + device.$(OBJEXT) \ + errarg.$(OBJEXT) \ + error.$(OBJEXT) \ +@@ -82,6 +83,7 @@ CCSRCS=\ + $(srcdir)/cmap.cpp \ + $(srcdir)/color.cpp \ + $(srcdir)/cset.cpp \ ++ $(srcdir)/curtime.cpp \ + $(srcdir)/device.cpp \ + $(srcdir)/errarg.cpp \ + $(srcdir)/error.cpp \ +diff --git a/src/libs/libgroff/curtime.cpp b/src/libs/libgroff/curtime.cpp +new file mode 100644 +index 00000000..00821b7f +--- /dev/null ++++ b/src/libs/libgroff/curtime.cpp +@@ -0,0 +1,51 @@ ++/* Copyright (C) 2015 Free Software Foundation, Inc. ++ ++This file is part of groff. ++ ++groff is free software; you can redistribute it and/or modify it under ++the terms of the GNU General Public License as published by the Free ++Software Foundation, either version 2 of the License, or ++(at your option) any later version. ++ ++groff is distributed in the hope that it will be useful, but WITHOUT ANY ++WARRANTY; without even the implied warranty of MERCHANTABILITY or ++FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++for more details. ++ ++The GNU General Public License version 2 (GPL2) is available in the ++internet at <http://www.gnu.org/licenses/gpl-2.0.txt>. */ ++ ++#include <errno.h> ++#include <limits.h> ++#include <stdlib.h> ++#include <string.h> ++#include <time.h> ++ ++#include "errarg.h" ++#include "error.h" ++ ++#ifdef LONG_FOR_TIME_T ++long ++#else ++time_t ++#endif ++current_time() ++{ ++ char *source_date_epoch = getenv("SOURCE_DATE_EPOCH"); ++ ++ if (source_date_epoch) { ++ errno = 0; ++ char *endptr; ++ long epoch = strtol(source_date_epoch, &endptr, 10); ++ ++ if ((errno == ERANGE && (epoch == LONG_MAX || epoch == LONG_MIN)) || ++ (errno != 0 && epoch == 0)) ++ fatal("$SOURCE_DATE_EPOCH: strtol: %1", strerror(errno)); ++ if (endptr == source_date_epoch) ++ fatal("$SOURCE_DATE_EPOCH: no digits found: %1", endptr); ++ if (*endptr != '\0') ++ fatal("$SOURCE_DATE_EPOCH: trailing garbage: %1", endptr); ++ return epoch; ++ } else ++ return time(0); ++} +diff --git a/src/roff/troff/input.cpp b/src/roff/troff/input.cpp +index 9594f074..f7d2c18a 100644 +--- a/src/roff/troff/input.cpp ++++ b/src/roff/troff/input.cpp +@@ -36,6 +36,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ + #include "input.h" + #include "defs.h" + #include "unicode.h" ++#include "curtime.h" + + // Needed for getpid() and isatty() + #include "posix.h" +@@ -8138,7 +8139,7 @@ static void init_registers() + #else /* not LONG_FOR_TIME_T */ + time_t + #endif /* not LONG_FOR_TIME_T */ +- t = time(0); ++ t = current_time(); + // Use struct here to work around misfeature in old versions of g++. + struct tm *tt = localtime(&t); + set_number_reg("seconds", int(tt->tm_sec)); diff --git a/gnu/packages/patches/intltool-perl-compatibility.patch b/gnu/packages/patches/intltool-perl-compatibility.patch new file mode 100644 index 0000000000..b895ca7cb9 --- /dev/null +++ b/gnu/packages/patches/intltool-perl-compatibility.patch @@ -0,0 +1,76 @@ +This patch fixes a regex parsing compatibility issue with Perl 5.26.0. +It manifests during the configure phase of at-spi2-core like this: + +------ +Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in m/^(.*)\${ <-- HERE ?([A-Z_]+)}?(.*)$/ at /gnu/store/...-intltool-0.51.0/bin/intltool-update line 1065. +------ + +Copied from Gentoo and MSYS2: + +https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-util/intltool/files/intltool-0.51.0-perl-5.26.patch?id=1105187fc65d8bf643e682fcef39620dcfd9326a +https://github.com/Alexpux/MSYS2-packages/blob/0d3f442553ae4fc8798e32cbf44c4252fa8f3c07/intltool/perl-5.22-compatibility.patch + +#diff -ruN intltool-0.51.0.orig/intltool-update.in intltool-0.51.0/intltool-update.in +#--- intltool-0.51.0.orig/intltool-update.in 2017-06-28 00:47:20.889269294 +0200 +#+++ intltool-0.51.0/intltool-update.in 2017-06-28 00:48:14.592271529 +0200 +#@@ -1068,7 +1068,7 @@ +# my $untouched = $1; +# my $sub = ""; +# # Ignore recursive definitions of variables +#- $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\${?$2}?/; +#+ $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\$\{?$2}?/; +# +# return SubstituteVariable ("$untouched$sub$rest"); +# } +--- intltool-0.51.0.orig/intltool-update.in 2015-03-09 02:39:54.000000000 +0100 ++++ intltool-0.51.0.orig/intltool-update.in 2015-06-19 01:52:07.171228154 +0200 +@@ -1062,7 +1062,7 @@ + } + } + +- if ($str =~ /^(.*)\${?([A-Z_]+)}?(.*)$/) ++ if ($str =~ /^(.*)\$\{?([A-Z_]+)}?(.*)$/) + { + my $rest = $3; + my $untouched = $1; +@@ -1068,7 +1068,7 @@ + my $untouched = $1; + my $sub = ""; + # Ignore recursive definitions of variables +- $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\${?$2}?/; ++ $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\$\{?$2}?/; + + return SubstituteVariable ("$untouched$sub$rest"); + } +@@ -1190,10 +1190,10 @@ + $name =~ s/\(+$//g; + $version =~ s/\(+$//g; + +- $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\${?AC_PACKAGE_NAME}?/); +- $varhash{"PACKAGE"} = $name if (not $name =~ /\${?PACKAGE}?/); +- $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\${?AC_PACKAGE_VERSION}?/); +- $varhash{"VERSION"} = $version if (not $name =~ /\${?VERSION}?/); ++ $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\$\{?AC_PACKAGE_NAME}?/); ++ $varhash{"PACKAGE"} = $name if (not $name =~ /\$\{?PACKAGE}?/); ++ $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\$\{?AC_PACKAGE_VERSION}?/); ++ $varhash{"VERSION"} = $version if (not $name =~ /\$\{?VERSION}?/); + } + + if ($conf_source =~ /^AC_INIT\(([^,\)]+),([^,\)]+)[,]?([^,\)]+)?/m) +@@ -1219,11 +1219,11 @@ + $version =~ s/\(+$//g; + $bugurl =~ s/\(+$//g if (defined $bugurl); + +- $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\${?AC_PACKAGE_NAME}?/); +- $varhash{"PACKAGE"} = $name if (not $name =~ /\${?PACKAGE}?/); +- $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\${?AC_PACKAGE_VERSION}?/); +- $varhash{"VERSION"} = $version if (not $name =~ /\${?VERSION}?/); +- $varhash{"PACKAGE_BUGREPORT"} = $bugurl if (defined $bugurl and not $bugurl =~ /\${?\w+}?/); ++ $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\$\{?AC_PACKAGE_NAME}?/); ++ $varhash{"PACKAGE"} = $name if (not $name =~ /\$\{?PACKAGE}?/); ++ $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\$\{?AC_PACKAGE_VERSION}?/); ++ $varhash{"VERSION"} = $version if (not $name =~ /\$\{?VERSION}?/); ++ $varhash{"PACKAGE_BUGREPORT"} = $bugurl if (defined $bugurl and not $bugurl =~ /\$\{?\w+}?/); + } + + # \s makes this not work, why? diff --git a/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch b/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch new file mode 100644 index 0000000000..ebbc0635a5 --- /dev/null +++ b/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch @@ -0,0 +1,28 @@ +The patch fixes build failure of form: + ../src/alpha/osf.S:298:2: error: #error "osf.S out of sync with ffi.h" +Upstream fixed the bug in a more invasive way +but didn't have releases since 3.2.1. + +The patch is taken from Gentoo: +https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/libffi/files/libffi-3.2.1-complex_alpha.patch + +--- libffi-3.2.1/src/alpha/osf.S 2015-01-16 10:46:15.000000000 +0100 ++++ libffi-3.2.1/src/alpha/osf.S 2015-01-16 10:46:24.000000000 +0100 +@@ -279,6 +279,7 @@ + .gprel32 $load_64 # FFI_TYPE_SINT64 + .gprel32 $load_none # FFI_TYPE_STRUCT + .gprel32 $load_64 # FFI_TYPE_POINTER ++ .gprel32 $load_none # FFI_TYPE_COMPLEX + + /* Assert that the table above is in sync with ffi.h. */ + +@@ -294,7 +295,8 @@ + || FFI_TYPE_SINT64 != 12 \ + || FFI_TYPE_STRUCT != 13 \ + || FFI_TYPE_POINTER != 14 \ +- || FFI_TYPE_LAST != 14 ++ || FFI_TYPE_COMPLEX != 15 \ ++ || FFI_TYPE_LAST != 15 + #error "osf.S out of sync with ffi.h" + #endif + diff --git a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch b/gnu/packages/patches/libtasn1-CVE-2017-6891.patch deleted file mode 100644 index 1f847ed025..0000000000 --- a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch +++ /dev/null @@ -1,51 +0,0 @@ -Fix CVE-2017-6891: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891 - -Patch copied from upstream source repository: - -https://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=5520704d075802df25ce4ffccc010ba1641bd484 - -From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@redhat.com> -Date: Thu, 18 May 2017 18:03:34 +0200 -Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node() - -This prevents a stack overflow in asn1_find_node() which -is triggered by too long variable names in the definitions -files. That means that applications have to deliberately -pass a too long 'name' constant to asn1_write_value() -and friends. Reported by Jakub Jirasek. - -Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> ---- - lib/parser_aux.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/lib/parser_aux.c b/lib/parser_aux.c -index b4a7370..976ab38 100644 ---- a/lib/parser_aux.c -+++ b/lib/parser_aux.c -@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; -@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; --- -2.13.0 - diff --git a/gnu/packages/patches/libtiff-CVE-2016-10092.patch b/gnu/packages/patches/libtiff-CVE-2016-10092.patch deleted file mode 100644 index d5fd796169..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10092.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix CVE-2016-10092: - -http://bugzilla.maptools.org/show_bug.cgi?id=2620 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092 -https://security-tracker.debian.org/tracker/CVE-2016-10092 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: fix readContigStripsIntoBuffer() in -i (ignore) - mode so that the output buffer is correctly incremented to avoid write - outside bounds. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1178; previous revision: 1.1177 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.47; previous revision: 1.46 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.46 -retrieving revision 1.47 -diff -u -r1.46 -r1.47 ---- libtiff/tools/tiffcrop.c 18 Nov 2016 14:58:46 -0000 1.46 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.46 2016-11-18 14:58:46 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -3698,7 +3698,7 @@ - (unsigned long) strip, (unsigned long)rows); - return 0; - } -- bufp += bytes_read; -+ bufp += stripsize; - } - - return 1; diff --git a/gnu/packages/patches/libtiff-CVE-2016-10093.patch b/gnu/packages/patches/libtiff-CVE-2016-10093.patch deleted file mode 100644 index 5897ec1029..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10093.patch +++ /dev/null @@ -1,53 +0,0 @@ -Fix CVE-2016-10093: - -http://bugzilla.maptools.org/show_bug.cgi?id=2610 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093 -https://security-tracker.debian.org/tracker/CVE-2016-10093 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: fix uint32 underflow/overflow that can cause - heap-based buffer overflow. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1187; previous revision: 1.1186 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.59; previous revision: 1.58 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.58 -retrieving revision 1.59 -diff -u -r1.58 -r1.59 ---- libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59 -@@ -1163,7 +1163,7 @@ - - static void - cpStripToTile(uint8* out, uint8* in, -- uint32 rows, uint32 cols, int outskew, int inskew) -+ uint32 rows, uint32 cols, int outskew, int64 inskew) - { - while (rows-- > 0) { - uint32 j = cols; -@@ -1320,7 +1320,7 @@ - tdata_t tilebuf; - uint32 imagew = TIFFScanlineSize(in); - uint32 tilew = TIFFTileRowSize(in); -- int iskew = imagew - tilew; -+ int64 iskew = (int64)imagew - (int64)tilew; - uint8* bufp = (uint8*) buf; - uint32 tw, tl; - uint32 row; -@@ -1348,7 +1348,7 @@ - status = 0; - goto done; - } -- if (colb + tilew > imagew) { -+ if (colb > iskew) { - uint32 width = imagew - colb; - uint32 oskew = tilew - width; - cpStripToTile(bufp + colb, diff --git a/gnu/packages/patches/libtiff-CVE-2016-10094.patch b/gnu/packages/patches/libtiff-CVE-2016-10094.patch deleted file mode 100644 index 9018773565..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10094.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2016-10094: - -http://bugzilla.maptools.org/show_bug.cgi?id=2640 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094 -https://security-tracker.debian.org/tracker/CVE-2016-10094 - -2016-12-20 Even Rouault <even.rouault at spatialys.com> - - * tools/tiff2pdf.c: avoid potential heap-based overflow in - t2p_readwrite_pdf_image_tile(). - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1199; previous revision: 1.1198 -/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c -new revision: 1.101; previous revision: 1.100 - -Index: libtiff/tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.100 -retrieving revision 1.101 -diff -u -r1.100 -r1.101 ---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 -+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:28:17 -0000 1.101 -@@ -2895,7 +2895,7 @@ - return(0); - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { -- if (count >= 4) { -+ if (count > 4) { - int retTIFFReadRawTile; - /* Ignore EOI marker of JpegTables */ - _TIFFmemcpy(buffer, jpt, count - 2); diff --git a/gnu/packages/patches/libtiff-CVE-2017-5225.patch b/gnu/packages/patches/libtiff-CVE-2017-5225.patch deleted file mode 100644 index 3158b49360..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-5225.patch +++ /dev/null @@ -1,86 +0,0 @@ -Fix CVE-2017-5225 (Heap based buffer overflow in tools/tiffcp): - -http://bugzilla.maptools.org/show_bug.cgi?id=2656 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225 -https://security-tracker.debian.org/tracker/CVE-2017-5225 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and - cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based -overflow. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and - http://bugzilla.maptools.org/show_bug.cgi?id=2657 - - -less C/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1210; previous revision: 1.1209 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.61; previous revision: 1.60 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.60 -retrieving revision 1.61 -diff -u -r1.60 -r1.61 ---- libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60 -+++ libtiff/tools/tiffcp.c 11 Jan 2017 19:26:14 -0000 1.61 -#@@ -1,4 +1,4 @@ -#-/* $Id: tiffcp.c,v 1.60 2016-12-03 16:50:02 erouault Exp $ */ -#+/* $Id: tiffcp.c,v 1.61 2017-01-11 19:26:14 erouault Exp $ */ -# -# /* -# * Copyright (c) 1988-1997 Sam Leffler -@@ -591,7 +591,7 @@ - static int - tiffcp(TIFF* in, TIFF* out) - { -- uint16 bitspersample, samplesperpixel = 1; -+ uint16 bitspersample = 1, samplesperpixel = 1; - uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK; - copyFunc cf; - uint32 width, length; -@@ -1067,6 +1067,16 @@ - register uint32 n; - uint32 row; - tsample_t s; -+ uint16 bps = 0; -+ -+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps != 8 ) -+ { -+ TIFFError(TIFFFileName(in), -+ "Error, can only handle BitsPerSample=8 in %s", -+ "cpContig2SeparateByRow"); -+ return 0; -+ } - - inbuf = _TIFFmalloc(scanlinesizein); - outbuf = _TIFFmalloc(scanlinesizeout); -@@ -1120,6 +1130,16 @@ - register uint32 n; - uint32 row; - tsample_t s; -+ uint16 bps = 0; -+ -+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps != 8 ) -+ { -+ TIFFError(TIFFFileName(in), -+ "Error, can only handle BitsPerSample=8 in %s", -+ "cpSeparate2ContigByRow"); -+ return 0; -+ } - - inbuf = _TIFFmalloc(scanlinesizein); - outbuf = _TIFFmalloc(scanlinesizeout); -@@ -1784,7 +1804,7 @@ - uint32 w, l, tw, tl; - int bychunk; - -- (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, &shortv); -+ (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &shortv); - if (shortv != config && bitspersample != 8 && samplesperpixel > 1) { - fprintf(stderr, - "%s: Cannot handle different planar configuration w/ bits/sample != 8\n", diff --git a/gnu/packages/patches/libtiff-assertion-failure.patch b/gnu/packages/patches/libtiff-assertion-failure.patch deleted file mode 100644 index ef747fbdd7..0000000000 --- a/gnu/packages/patches/libtiff-assertion-failure.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix assertion failure in readSeparateTilesIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2605 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: replace assert( (bps % 8) == 0 ) by a non assert -check. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1188; previous revision: 1.1187 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.60; previous revision: 1.59 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.59 -retrieving revision 1.60 -diff -u -r1.59 -r1.60 ---- libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60 -@@ -45,7 +45,6 @@ - #include <string.h> - - #include <ctype.h> --#include <assert.h> - - #ifdef HAVE_UNISTD_H - # include <unistd.h> -@@ -1393,7 +1392,12 @@ - status = 0; - goto done; - } -- assert( bps % 8 == 0 ); -+ if( (bps % 8) != 0 ) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot handle BitsPerSample that is not a multiple of 8"); -+ status = 0; -+ goto done; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { -@@ -1584,7 +1588,12 @@ - _TIFFfree(obuf); - return 0; - } -- assert( bps % 8 == 0 ); -+ if( (bps % 8) != 0 ) -+ { -+ TIFFError(TIFFFileName(out), "Error, cannot handle BitsPerSample that is not a multiple of 8"); -+ _TIFFfree(obuf); -+ return 0; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { diff --git a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch b/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch deleted file mode 100644 index 2a96b68521..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch +++ /dev/null @@ -1,63 +0,0 @@ -Fix divide-by-zero in OJPEGDecodeRaw(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2611 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case of failure -in - OJPEGPreDecode(). This will avoid a divide by zero, and potential other -issues. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1177; previous revision: 1.1176 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c -new revision: 1.66; previous revision: 1.65 - -Index: libtiff/libtiff/tif_ojpeg.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v -retrieving revision 1.65 -retrieving revision 1.66 -diff -u -r1.65 -r1.66 ---- libtiff/libtiff/tif_ojpeg.c 4 Sep 2016 21:32:56 -0000 1.65 -+++ libtiff/libtiff/tif_ojpeg.c 3 Dec 2016 11:15:18 -0000 1.66 -@@ -1,4 +1,4 @@ --/* $Id: tif_ojpeg.c,v 1.65 2016-09-04 21:32:56 erouault Exp $ */ -+/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */ - - /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0 - specification is now totally obsolete and deprecated for new applications and -@@ -244,6 +244,7 @@ - - typedef struct { - TIFF* tif; -+ int decoder_ok; - #ifndef LIBJPEG_ENCAP_EXTERNAL - JMP_BUF exit_jmpbuf; - #endif -@@ -722,6 +723,7 @@ - } - sp->write_curstrile++; - } -+ sp->decoder_ok = 1; - return(1); - } - -@@ -784,8 +786,14 @@ - static int - OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s) - { -+ static const char module[]="OJPEGDecode"; - OJPEGState* sp=(OJPEGState*)tif->tif_data; - (void)s; -+ if( !sp->decoder_ok ) -+ { -+ TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized"); -+ return 0; -+ } - if (sp->libjpeg_jpeg_query_style==0) - { - if (OJPEGDecodeRaw(tif,buf,cc)==0) diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch deleted file mode 100644 index d3f1c2b60e..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch +++ /dev/null @@ -1,104 +0,0 @@ -Fix two divide-by-zero bugs in readSeparateTilesIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2597 -http://bugzilla.maptools.org/show_bug.cgi?id=2607 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples -tag is - missing. - Reported by Agostino sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1183; previous revision: 1.1182 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.57; previous revision: 1.56 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.56 -retrieving revision 1.57 -diff -u -r1.56 -r1.57 ---- libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -1378,7 +1378,7 @@ - uint8* bufp = (uint8*) buf; - uint32 tw, tl; - uint32 row; -- uint16 bps, bytes_per_sample; -+ uint16 bps = 0, bytes_per_sample; - - tilebuf = _TIFFmalloc(tilesize); - if (tilebuf == 0) -@@ -1387,6 +1387,12 @@ - (void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw); - (void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl); - (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps == 0 ) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot read BitsPerSample"); -+ status = 0; -+ goto done; -+ } - assert( bps % 8 == 0 ); - bytes_per_sample = bps/8; - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples -tag is - missing. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1186; previous revision: 1.1185 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.58; previous revision: 1.57 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.57 -retrieving revision 1.58 -diff -u -r1.57 -r1.58 ---- libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.58 2016-12-03 15:44:15 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -1569,7 +1569,7 @@ - uint8* bufp = (uint8*) buf; - uint32 tl, tw; - uint32 row; -- uint16 bps, bytes_per_sample; -+ uint16 bps = 0, bytes_per_sample; - - obuf = _TIFFmalloc(TIFFTileSize(out)); - if (obuf == NULL) -@@ -1578,6 +1578,12 @@ - (void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); - (void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); - (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps == 0 ) -+ { -+ TIFFError(TIFFFileName(out), "Error, cannot read BitsPerSample"); -+ _TIFFfree(obuf); -+ return 0; -+ } - assert( bps % 8 == 0 ); - bytes_per_sample = bps/8; - diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch deleted file mode 100644 index 823293f1cf..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch +++ /dev/null @@ -1,57 +0,0 @@ -Fix divide-by-zero in readSeparateStripsIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2619 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: fix integer division by zero when BitsPerSample is -missing. - Reported by Agostina Sarubo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1180; previous revision: 1.1179 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.49; previous revision: 1.48 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -r1.48 -r1.49 ---- libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 13:00:04 -0000 1.49 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.49 2016-12-03 13:00:04 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -1164,7 +1164,7 @@ - tdata_t obuf; - - (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); -- (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -+ (void) TIFFGetFieldDefaulted(out, TIFFTAG_BITSPERSAMPLE, &bps); - bytes_per_sample = (bps + 7) / 8; - if( width == 0 || - (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || -@@ -4760,7 +4760,7 @@ - int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1; - uint32 j; - int32 bytes_read = 0; -- uint16 bps, planar; -+ uint16 bps = 0, planar; - uint32 nstrips; - uint32 strips_per_sample; - uint32 src_rowsize, dst_rowsize, rows_processed, rps; -@@ -4780,7 +4780,7 @@ - } - - memset (srcbuffs, '\0', sizeof(srcbuffs)); -- TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, &bps); - TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &planar); - TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps); - if (rps > length) diff --git a/gnu/packages/patches/libtiff-divide-by-zero.patch b/gnu/packages/patches/libtiff-divide-by-zero.patch deleted file mode 100644 index 6dbd4666cd..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix an integer overflow in TIFFReadEncodedStrip() that led to division-by-zero: - -http://bugzilla.maptools.org/show_bug.cgi?id=2596 - -2016-12-02 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in - TIFFReadEncodedStrip() that caused an integer division by zero. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1173; previous revision: 1.1172 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c -new revision: 1.50; previous revision: 1.49 -/cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v <-- libtiff/tiffiop.h -new revision: 1.90; previous revision: 1.89 - -Index: libtiff/libtiff/tif_read.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v -retrieving revision 1.49 -retrieving revision 1.50 -diff -u -r1.49 -r1.50 ---- libtiff/libtiff/tif_read.c 10 Jul 2016 18:00:21 -0000 1.49 -+++ libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50 -@@ -1,4 +1,4 @@ --/* $Id: tif_read.c,v 1.49 2016-07-10 18:00:21 erouault Exp $ */ -+/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -346,7 +346,7 @@ - rowsperstrip=td->td_rowsperstrip; - if (rowsperstrip>td->td_imagelength) - rowsperstrip=td->td_imagelength; -- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip); -+ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip); - stripinplane=(strip%stripsperplane); - plane=(uint16)(strip/stripsperplane); - rows=td->td_imagelength-stripinplane*rowsperstrip; -Index: libtiff/libtiff/tiffiop.h -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v -retrieving revision 1.89 -retrieving revision 1.90 -diff -u -r1.89 -r1.90 ---- libtiff/libtiff/tiffiop.h 23 Jan 2016 21:20:34 -0000 1.89 -+++ libtiff/libtiff/tiffiop.h 2 Dec 2016 21:56:56 -0000 1.90 -@@ -1,4 +1,4 @@ --/* $Id: tiffiop.h,v 1.89 2016-01-23 21:20:34 erouault Exp $ */ -+/* $Id: tiffiop.h,v 1.90 2016-12-02 21:56:56 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -250,6 +250,10 @@ - #define TIFFhowmany_32(x, y) (((uint32)x < (0xffffffff - (uint32)(y-1))) ? \ - ((((uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \ - 0U) -+/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */ -+/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */ -+#define TIFFhowmany_32_maxuint_compat(x, y) \ -+ (((uint32)(x) / (uint32)(y)) + ((((uint32)(x) % (uint32)(y)) != 0) ? 1 : 0)) - #define TIFFhowmany8_32(x) (((x)&0x07)?((uint32)(x)>>3)+1:(uint32)(x)>>3) - #define TIFFroundup_32(x, y) (TIFFhowmany_32(x,y)*(y)) - #define TIFFhowmany_64(x, y) ((((uint64)(x))+(((uint64)(y))-1))/((uint64)(y))) diff --git a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch b/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch deleted file mode 100644 index 2d5e23586d..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch +++ /dev/null @@ -1,131 +0,0 @@ -Fix heap-based buffer overflow in _TIFFmemcpy(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2604 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based buffer - overflow on generation of PixarLog / LUV compressed files, with - ColorMap, TransferFunction attached and nasty plays with bitspersample. - The fix for LUV has not been tested, but suffers from the same kind - of issue of PixarLog. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1175; previous revision: 1.1174 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v <-- libtiff/tif_luv.c -new revision: 1.44; previous revision: 1.43 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v <-- -libtiff/tif_pixarlog.c -new revision: 1.49; previous revision: 1.48 - -Index: libtiff/libtiff/tif_luv.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v -retrieving revision 1.43 -retrieving revision 1.44 -diff -u -r1.43 -r1.44 ---- libtiff/libtiff/tif_luv.c 4 Sep 2016 21:32:56 -0000 1.43 -+++ libtiff/libtiff/tif_luv.c 2 Dec 2016 23:05:51 -0000 1.44 -@@ -1,4 +1,4 @@ --/* $Id: tif_luv.c,v 1.43 2016-09-04 21:32:56 erouault Exp $ */ -+/* $Id: tif_luv.c,v 1.44 2016-12-02 23:05:51 erouault Exp $ */ - - /* - * Copyright (c) 1997 Greg Ward Larson -@@ -158,6 +158,7 @@ - typedef struct logLuvState LogLuvState; - - struct logLuvState { -+ int encoder_state; /* 1 if encoder correctly initialized */ - int user_datafmt; /* user data format */ - int encode_meth; /* encoding method */ - int pixel_size; /* bytes per pixel */ -@@ -1552,6 +1553,7 @@ - td->td_photometric, "must be either LogLUV or LogL"); - break; - } -+ sp->encoder_state = 1; - return (1); - notsupported: - TIFFErrorExt(tif->tif_clientdata, module, -@@ -1563,19 +1565,27 @@ - static void - LogLuvClose(TIFF* tif) - { -+ LogLuvState* sp = (LogLuvState*) tif->tif_data; - TIFFDirectory *td = &tif->tif_dir; - -+ assert(sp != 0); - /* - * For consistency, we always want to write out the same - * bitspersample and sampleformat for our TIFF file, - * regardless of the data format being used by the application. - * Since this routine is called after tags have been set but - * before they have been recorded in the file, we reset them here. -+ * Note: this is really a nasty approach. See PixarLogClose - */ -- td->td_samplesperpixel = -- (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3; -- td->td_bitspersample = 16; -- td->td_sampleformat = SAMPLEFORMAT_INT; -+ if( sp->encoder_state ) -+ { -+ /* See PixarLogClose. Might avoid issues with tags whose size depends -+ * on those below, but not completely sure this is enough. */ -+ td->td_samplesperpixel = -+ (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3; -+ td->td_bitspersample = 16; -+ td->td_sampleformat = SAMPLEFORMAT_INT; -+ } - } - - static void -Index: libtiff/libtiff/tif_pixarlog.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -r1.48 -r1.49 ---- libtiff/libtiff/tif_pixarlog.c 23 Sep 2016 22:12:18 -0000 1.48 -+++ libtiff/libtiff/tif_pixarlog.c 2 Dec 2016 23:05:51 -0000 1.49 -@@ -1,4 +1,4 @@ --/* $Id: tif_pixarlog.c,v 1.48 2016-09-23 22:12:18 erouault Exp $ */ -+/* $Id: tif_pixarlog.c,v 1.49 2016-12-02 23:05:51 erouault Exp $ */ - - /* - * Copyright (c) 1996-1997 Sam Leffler -@@ -1233,8 +1233,10 @@ - static void - PixarLogClose(TIFF* tif) - { -+ PixarLogState* sp = (PixarLogState*) tif->tif_data; - TIFFDirectory *td = &tif->tif_dir; - -+ assert(sp != 0); - /* In a really sneaky (and really incorrect, and untruthful, and - * troublesome, and error-prone) maneuver that completely goes against - * the spirit of TIFF, and breaks TIFF, on close, we covertly -@@ -1243,8 +1245,19 @@ - * readers that don't know about PixarLog, or how to set - * the PIXARLOGDATFMT pseudo-tag. - */ -- td->td_bitspersample = 8; -- td->td_sampleformat = SAMPLEFORMAT_UINT; -+ -+ if (sp->state&PLSTATE_INIT) { -+ /* We test the state to avoid an issue such as in -+ * http://bugzilla.maptools.org/show_bug.cgi?id=2604 -+ * What appends in that case is that the bitspersample is 1 and -+ * a TransferFunction is set. The size of the TransferFunction -+ * depends on 1<<bitspersample. So if we increase it, an access -+ * out of the buffer will happen at directory flushing. -+ * Another option would be to clear those targs. -+ */ -+ td->td_bitspersample = 8; -+ td->td_sampleformat = SAMPLEFORMAT_UINT; -+ } - } - - static void diff --git a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch b/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch deleted file mode 100644 index 68889b121b..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch +++ /dev/null @@ -1,132 +0,0 @@ -Fix heap-based buffer overflow in TIFFFillStrip(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2608 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_dirread.c: modify ChopUpSingleUncompressedStrip() to - instanciate compute ntrips as TIFFhowmany_32(td->td_imagelength, -rowsperstrip), - instead of a logic based on the total size of data. Which is faulty is - the total size of data is not sufficient to fill the whole image, and -thus - results in reading outside of the StripByCounts/StripOffsets arrays -when - using TIFFReadScanline(). - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608. - - * libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done - for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273 -since - the above change is a better fix that makes it unnecessary. - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1176; previous revision: 1.1175 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- -libtiff/tif_dirread.c -new revision: 1.205; previous revision: 1.204 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v <-- libtiff/tif_strip.c -new revision: 1.38; previous revision: 1.37 - -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.204 -retrieving revision 1.205 -diff -u -r1.204 -r1.205 ---- libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 -+++ libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205 -@@ -1,4 +1,4 @@ --/* $Id: tif_dirread.c,v 1.204 2016-11-16 15:14:15 erouault Exp $ */ -+/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -5502,8 +5502,7 @@ - uint64 rowblockbytes; - uint64 stripbytes; - uint32 strip; -- uint64 nstrips64; -- uint32 nstrips32; -+ uint32 nstrips; - uint32 rowsperstrip; - uint64* newcounts; - uint64* newoffsets; -@@ -5534,18 +5533,17 @@ - return; - - /* -- * never increase the number of strips in an image -+ * never increase the number of rows per strip - */ - if (rowsperstrip >= td->td_rowsperstrip) - return; -- nstrips64 = TIFFhowmany_64(bytecount, stripbytes); -- if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */ -- return; -- nstrips32 = (uint32)nstrips64; -+ nstrips = TIFFhowmany_32(td->td_imagelength, rowsperstrip); -+ if( nstrips == 0 ) -+ return; - -- newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64), -+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripByteCounts\" array"); -- newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64), -+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripOffsets\" array"); - if (newcounts == NULL || newoffsets == NULL) { - /* -@@ -5562,18 +5560,18 @@ - * Fill the strip information arrays with new bytecounts and offsets - * that reflect the broken-up format. - */ -- for (strip = 0; strip < nstrips32; strip++) { -+ for (strip = 0; strip < nstrips; strip++) { - if (stripbytes > bytecount) - stripbytes = bytecount; - newcounts[strip] = stripbytes; -- newoffsets[strip] = offset; -+ newoffsets[strip] = stripbytes ? offset : 0; - offset += stripbytes; - bytecount -= stripbytes; - } - /* - * Replace old single strip info with multi-strip info. - */ -- td->td_stripsperimage = td->td_nstrips = nstrips32; -+ td->td_stripsperimage = td->td_nstrips = nstrips; - TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip); - - _TIFFfree(td->td_stripbytecount); -Index: libtiff/libtiff/tif_strip.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v -retrieving revision 1.37 -retrieving revision 1.38 -diff -u -r1.37 -r1.38 ---- libtiff/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37 -+++ libtiff/libtiff/tif_strip.c 3 Dec 2016 11:02:15 -0000 1.38 -@@ -1,4 +1,4 @@ --/* $Id: tif_strip.c,v 1.37 2016-11-09 23:00:49 erouault Exp $ */ -+/* $Id: tif_strip.c,v 1.38 2016-12-03 11:02:15 erouault Exp $ */ - - /* - * Copyright (c) 1991-1997 Sam Leffler -@@ -63,15 +63,6 @@ - TIFFDirectory *td = &tif->tif_dir; - uint32 nstrips; - -- /* If the value was already computed and store in td_nstrips, then return it, -- since ChopUpSingleUncompressedStrip might have altered and resized the -- since the td_stripbytecount and td_stripoffset arrays to the new value -- after the initial affectation of td_nstrips = TIFFNumberOfStrips() in -- tif_dirread.c ~line 3612. -- See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */ -- if( td->td_nstrips ) -- return td->td_nstrips; -- - nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 : - TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip)); - if (td->td_planarconfig == PLANARCONFIG_SEPARATE) diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch deleted file mode 100644 index f0fef08bf3..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix heap buffer overflow in tiffcp when parsing number of inks: - -http://bugzilla.maptools.org/show_bug.cgi?id=2599 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tif_dir.c: when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is -called, - limit the return number of inks to SamplesPerPixel, so that code that -parses - ink names doesn't go past the end of the buffer. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1184; previous revision: 1.1183 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c -new revision: 1.128; previous revision: 1.127 - -Index: libtiff/libtiff/tif_dir.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v -retrieving revision 1.127 -retrieving revision 1.128 -diff -u -r1.127 -r1.128 ---- libtiff/libtiff/tif_dir.c 25 Oct 2016 21:35:15 -0000 1.127 -+++ libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128 -@@ -1,4 +1,4 @@ --/* $Id: tif_dir.c,v 1.127 2016-10-25 21:35:15 erouault Exp $ */ -+/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -854,6 +854,32 @@ - if( fip == NULL ) /* cannot happen since TIFFGetField() already checks it */ - return 0; - -+ if( tag == TIFFTAG_NUMBEROFINKS ) -+ { -+ int i; -+ for (i = 0; i < td->td_customValueCount; i++) { -+ uint16 val; -+ TIFFTagValue *tv = td->td_customValues + i; -+ if (tv->info->field_tag != tag) -+ continue; -+ val = *(uint16 *)tv->value; -+ /* Truncate to SamplesPerPixel, since the */ -+ /* setting code for INKNAMES assume that there are SamplesPerPixel */ -+ /* inknames. */ -+ /* Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 */ -+ if( val > td->td_samplesperpixel ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,"_TIFFVGetField", -+ "Truncating NumberOfInks from %u to %u", -+ val, td->td_samplesperpixel); -+ val = td->td_samplesperpixel; -+ } -+ *va_arg(ap, uint16*) = val; -+ return 1; -+ } -+ return 0; -+ } -+ - /* - * We want to force the custom code to be used for custom - * fields even if the tag happens to match a well known diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch deleted file mode 100644 index 8166c55758..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix heap-based buffer overflow in combineSeparateSamples16bits(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2621 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: add 3 extra bytes at end of strip buffer in - readSeparateStripsIntoBuffer() to avoid read outside of heap allocated -buffer. - Reported by Agostina Sarubo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1179; previous revision: 1.1178 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.48; previous revision: 1.47 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.47 -retrieving revision 1.48 -diff -u -r1.47 -r1.48 ---- libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -4815,10 +4815,17 @@ - nstrips = TIFFNumberOfStrips(in); - strips_per_sample = nstrips /spp; - -+ /* Add 3 padding bytes for combineSeparateSamples32bits */ -+ if( (size_t) stripsize > 0xFFFFFFFFU - 3U ) -+ { -+ TIFFError("readSeparateStripsIntoBuffer", "Integer overflow when calculating buffer size."); -+ exit(-1); -+ } -+ - for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - srcbuffs[s] = NULL; -- buff = _TIFFmalloc(stripsize); -+ buff = _TIFFmalloc(stripsize + 3); - if (!buff) - { - TIFFError ("readSeparateStripsIntoBuffer", -@@ -4827,6 +4834,9 @@ - _TIFFfree (srcbuffs[i]); - return 0; - } -+ buff[stripsize] = 0; -+ buff[stripsize+1] = 0; -+ buff[stripsize+2] = 0; - srcbuffs[s] = buff; - } - diff --git a/gnu/packages/patches/libtiff-invalid-read.patch b/gnu/packages/patches/libtiff-invalid-read.patch deleted file mode 100644 index 92742d8757..0000000000 --- a/gnu/packages/patches/libtiff-invalid-read.patch +++ /dev/null @@ -1,64 +0,0 @@ -Fix invalid read in t2p_writeproc(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2639 - -2016-12-20 Even Rouault <even.rouault at spatialys.com> - - * tools/tiff2pdf.c: avoid potential invalid memory read in - t2p_writeproc. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1198; previous revision: 1.1197 -/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c -new revision: 1.100; previous revision: 1.99 - -Index: libtiff/tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.99 -retrieving revision 1.100 -diff -u -r1.99 -r1.100 ---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:13:26 -0000 1.99 -+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 -@@ -2896,6 +2896,7 @@ - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { - if (count >= 4) { -+ int retTIFFReadRawTile; - /* Ignore EOI marker of JpegTables */ - _TIFFmemcpy(buffer, jpt, count - 2); - bufferoffset += count - 2; -@@ -2903,22 +2904,23 @@ - table_end[0] = buffer[bufferoffset-2]; - table_end[1] = buffer[bufferoffset-1]; - xuint32 = bufferoffset; -- bufferoffset -= 2; -- bufferoffset += TIFFReadRawTile( -+ bufferoffset -= 2; -+ retTIFFReadRawTile= TIFFReadRawTile( - input, - tile, - (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), - -1); -+ if( retTIFFReadRawTile < 0 ) -+ { -+ _TIFFfree(buffer); -+ t2p->t2p_error = T2P_ERR_ERROR; -+ return(0); -+ } -+ bufferoffset += retTIFFReadRawTile; - /* Overwrite SOI marker of image scan with previously */ - /* saved end of JpegTables */ - buffer[xuint32-2]=table_end[0]; - buffer[xuint32-1]=table_end[1]; -- } else { -- bufferoffset += TIFFReadRawTile( -- input, -- tile, -- (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), -- -1); - } - } - t2pWriteFile(output, (tdata_t) buffer, bufferoffset); diff --git a/gnu/packages/patches/libtiff-null-dereference.patch b/gnu/packages/patches/libtiff-null-dereference.patch deleted file mode 100644 index 8c6345b804..0000000000 --- a/gnu/packages/patches/libtiff-null-dereference.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix NULL pointer dereference in TIFFReadRawData(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2594 - - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffinfo.c: fix null pointer dereference in -r mode when - * the -image has - no StripByteCount tag. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1182; previous revision: 1.1181 -/cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v <-- tools/tiffinfo.c -new revision: 1.26; previous revision: 1.25 - -Index: libtiff/tools/tiffinfo.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v -retrieving revision 1.25 -retrieving revision 1.26 -diff -u -r1.25 -r1.26 ---- libtiff/tools/tiffinfo.c 12 Nov 2016 20:06:05 -0000 1.25 -+++ libtiff/tools/tiffinfo.c 3 Dec 2016 14:18:49 -0000 1.26 -@@ -1,4 +1,4 @@ --/* $Id: tiffinfo.c,v 1.25 2016-11-12 20:06:05 bfriesen Exp $ */ -+/* $Id: tiffinfo.c,v 1.26 2016-12-03 14:18:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -417,7 +417,7 @@ - uint64* stripbc=NULL; - - TIFFGetField(tif, TIFFTAG_STRIPBYTECOUNTS, &stripbc); -- if (nstrips > 0) { -+ if (stripbc != NULL && nstrips > 0) { - uint32 bufsize = (uint32) stripbc[0]; - tdata_t buf = _TIFFmalloc(bufsize); - tstrip_t s; diff --git a/gnu/packages/patches/libtiff-tiffcp-underflow.patch b/gnu/packages/patches/libtiff-tiffcp-underflow.patch deleted file mode 100644 index 5615cbb3e1..0000000000 --- a/gnu/packages/patches/libtiff-tiffcp-underflow.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix a integer underflow in tiffcp that led to heap overflows in -TIFFReverseBits(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2598 - -2016-12-02 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that - can cause various issues, such as buffer overflows in the library. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1174; previous revision: 1.1173 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.56; previous revision: 1.55 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.55 -retrieving revision 1.56 -diff -u -r1.55 -r1.56 ---- libtiff/tools/tiffcp.c 8 Oct 2016 15:54:57 -0000 1.55 -+++ libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.55 2016-10-08 15:54:57 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -985,7 +985,7 @@ - tstrip_t s, ns = TIFFNumberOfStrips(in); - uint32 row = 0; - _TIFFmemset(buf, 0, stripsize); -- for (s = 0; s < ns; s++) { -+ for (s = 0; s < ns && row < imagelength; s++) { - tsize_t cc = (row + rowsperstrip > imagelength) ? - TIFFVStripSize(in, imagelength - row) : stripsize; - if (TIFFReadEncodedStrip(in, s, buf, cc) < 0 diff --git a/gnu/packages/patches/libunistring-gnulib-multi-core.patch b/gnu/packages/patches/libunistring-gnulib-multi-core.patch new file mode 100644 index 0000000000..709b20c6d2 --- /dev/null +++ b/gnu/packages/patches/libunistring-gnulib-multi-core.patch @@ -0,0 +1,178 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib +by Bruno Haible <bruno@clisp.org>. + +diff --git a/tests/test-lock.c b/tests/test-lock.c +index cb734b4e6..aa6de2739 100644 +--- a/tests/test-lock.c ++++ b/tests/test-lock.c +@@ -50,6 +50,13 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a lock is used to protect these variables. ++ If set to 1, 'volatile' is used; this is theoretically equivalent but can ++ lead to much slower execution (e.g. 30x slower total run time on a 40-core ++ machine. */ ++#define USE_VOLATILE 0 ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -103,6 +110,51 @@ + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -170,12 +222,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -200,7 +252,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -210,7 +263,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -254,12 +307,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -284,7 +337,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -295,7 +349,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -356,12 +410,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -386,7 +440,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -396,7 +451,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/mesa-fix-32bit-test-failures.patch b/gnu/packages/patches/mesa-fix-32bit-test-failures.patch deleted file mode 100644 index e21e87cef6..0000000000 --- a/gnu/packages/patches/mesa-fix-32bit-test-failures.patch +++ /dev/null @@ -1,58 +0,0 @@ -Fix a test failure when building for 32 bit architectures: - -http://lists.gnu.org/archive/html/guix-devel/2017-04/msg00381.html - -Patch copied from upstream source repository: - -https://cgit.freedesktop.org/mesa/mesa/commit/?id=61bbb25a080e48a8ca897ba7f6e73cc6a8e9b5b8 - -From 61bbb25a080e48a8ca897ba7f6e73cc6a8e9b5b8 Mon Sep 17 00:00:00 2001 -From: Grazvydas Ignotas <notasas@gmail.com> -Date: Thu, 9 Mar 2017 02:54:53 +0200 -Subject: [PATCH] util/disk_cache: fix size subtraction on 32bit - -Negating size_t on 32bit produces a 32bit result. This was effectively -adding values close to UINT_MAX to the cache size (the files are usually -small) instead of intended subtraction. -Fixes 'make check' disk_cache failures on 32bit. - -Signed-off-by: Grazvydas Ignotas <notasas@gmail.com> -Reviewed-by: Timothy Arceri <tarceri@itsqueeze.com> ---- - src/util/disk_cache.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/util/disk_cache.c b/src/util/disk_cache.c -index 5470688df3..facdcecf7c 100644 ---- a/src/util/disk_cache.c -+++ b/src/util/disk_cache.c -@@ -603,7 +603,7 @@ evict_random_item(struct disk_cache *cache) - free(dir_path); - - if (size) { -- p_atomic_add(cache->size, - size); -+ p_atomic_add(cache->size, - (uint64_t)size); - return; - } - -@@ -624,7 +624,7 @@ evict_random_item(struct disk_cache *cache) - free(dir_path); - - if (size) -- p_atomic_add(cache->size, - size); -+ p_atomic_add(cache->size, - (uint64_t)size); - } - - void -#@@ -646,7 +646,7 @@ disk_cache_remove(struct disk_cache *cache, const cache_key key) -# free(filename); -# -# if (sb.st_size) -#- p_atomic_add(cache->size, - sb.st_size); -#+ p_atomic_add(cache->size, - (uint64_t)sb.st_size); -# } -# -# /* From the zlib docs: --- -2.12.2 - diff --git a/gnu/packages/patches/mesa-skip-disk-cache-test.patch b/gnu/packages/patches/mesa-skip-disk-cache-test.patch index 4377110475..b3f9367fd5 100644 --- a/gnu/packages/patches/mesa-skip-disk-cache-test.patch +++ b/gnu/packages/patches/mesa-skip-disk-cache-test.patch @@ -5,16 +5,15 @@ for now. --- a/src/compiler/glsl/tests/cache_test.c +++ b/src/compiler/glsl/tests/cache_test.c -@@ -137,11 +137,6 @@ +@@ -170,11 +170,6 @@ unsetenv("MESA_GLSL_CACHE_DIR"); unsetenv("XDG_CACHE_HOME"); -- cache = disk_cache_create(); +- cache = disk_cache_create("test", "make_check"); - expect_non_null(cache, "disk_cache_create with no environment variables"); - - disk_cache_destroy(cache); - /* Test with XDG_CACHE_HOME set */ setenv("XDG_CACHE_HOME", CACHE_TEST_TMP "/xdg-cache-home", 1); - cache = disk_cache_create(); - + cache = disk_cache_create("test", "make_check"); diff --git a/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch b/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch deleted file mode 100644 index 16f136fb54..0000000000 --- a/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch +++ /dev/null @@ -1,23 +0,0 @@ -Disable a test that fails with openssl-1.0.2b. - ---- Net-SSLeay-1.68/t/local/33_x509_create_cert.t.orig 2014-06-07 02:01:39.000000000 -0400 -+++ Net-SSLeay-1.68/t/local/33_x509_create_cert.t 2015-06-12 03:38:57.620286888 -0400 -@@ -2,7 +2,7 @@ - - use strict; - use warnings; --use Test::More tests => 123; -+use Test::More tests => 122; - use Net::SSLeay qw/MBSTRING_ASC MBSTRING_UTF8 EVP_PK_RSA EVP_PKT_SIGN EVP_PKT_ENC/; - use File::Spec; - use utf8; -@@ -101,7 +101,8 @@ - like(my $key_pem3 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg1), qr/-----BEGIN (ENCRYPTED|RSA) PRIVATE KEY-----/, "PEM_get_string_PrivateKey+passwd+enc_alg"); - - ok(my $alg2 = Net::SSLeay::EVP_get_cipherbyname("DES-EDE3-OFB"), "EVP_get_cipherbyname"); -- like(my $key_pem4 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg2), qr/-----BEGIN (ENCRYPTED|RSA) PRIVATE KEY-----/, "PEM_get_string_PrivateKey+passwd+enc_alg"); -+ # This test fails with openssl-1.0.2b -+ #like(my $key_pem4 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg2), qr/-----BEGIN (ENCRYPTED|RSA) PRIVATE KEY-----/, "PEM_get_string_PrivateKey+passwd+enc_alg"); - - is(Net::SSLeay::X509_NAME_print_ex($name), "O=Company Name,C=UK,CN=Common name text X509", "X509_NAME_print_ex"); - diff --git a/gnu/packages/patches/perl-no-sys-dirs.patch b/gnu/packages/patches/perl-no-sys-dirs.patch index da91fef3b4..31d53e0353 100644 --- a/gnu/packages/patches/perl-no-sys-dirs.patch +++ b/gnu/packages/patches/perl-no-sys-dirs.patch @@ -1,6 +1,7 @@ Don't look for headers and libraries in "traditional" locations. -Patch from Nixpkgs by Eelco Dolstra <eelco.dolstra@logicblox.com>. +Patch adapted from Nixpkgs, originally by Eelco Dolstra +<eelco.dolstra@logicblox.com>. diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/Configure perl-5.20.0/Configure --- perl-5.20.0-orig/Configure 2014-05-26 15:34:18.000000000 +0200 @@ -185,39 +186,6 @@ diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/hints/linux.sh perl-5.20.0/hints/li case "$plibpth" in '') plibpth=`LANG=C LC_ALL=C $gcc $ccflags $ldflags -print-search-dirs | grep libraries | cut -f2- -d= | tr ':' $trnl | grep -v 'gcc' | sed -e 's:/$::'` -@@ -178,32 +159,6 @@ - ;; - esac - --case "$libc" in --'') --# If you have glibc, then report the version for ./myconfig bug reporting. --# (Configure doesn't need to know the specific version since it just uses --# gcc to load the library for all tests.) --# We don't use __GLIBC__ and __GLIBC_MINOR__ because they --# are insufficiently precise to distinguish things like --# libc-2.0.6 and libc-2.0.7. -- for p in $plibpth -- do -- for trylib in libc.so.6 libc.so -- do -- if $test -e $p/$trylib; then -- libc=`ls -l $p/$trylib | awk '{print $NF}'` -- if $test "X$libc" != X; then -- break -- fi -- fi -- done -- if $test "X$libc" != X; then -- break -- fi -- done -- ;; --esac -- - # Are we using ELF? Thanks to Kenneth Albanowski <kjahds@kjahds.com> - # for this test. - cat >try.c <<'EOM' @@ -367,33 +322,6 @@ ;; esac @@ -252,3 +220,40 @@ diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/hints/linux.sh perl-5.20.0/hints/li # Linux on Synology. if [ -f /etc/synoinfo.conf -a -d /usr/syno ]; then # Tested on Synology DS213 and DS413 +diff --git a/hints/linux.sh b/hints/linux.sh +index 3f38ea0..97aed11 100644 +--- a/hints/linux.sh ++++ b/hints/linux.sh +@@ -195,32 +195,6 @@ case "$usequadmath" in + ;; + esac + +-case "$libc" in +-'') +-# If you have glibc, then report the version for ./myconfig bug reporting. +-# (Configure doesn't need to know the specific version since it just uses +-# gcc to load the library for all tests.) +-# We don't use __GLIBC__ and __GLIBC_MINOR__ because they +-# are insufficiently precise to distinguish things like +-# libc-2.0.6 and libc-2.0.7. +- for p in $plibpth +- do +- for trylib in libc.so.6 libc.so +- do +- if $test -e $p/$trylib; then +- libc=`ls -l $p/$trylib | awk '{print $NF}'` +- if $test "X$libc" != X; then +- break +- fi +- fi +- done +- if $test "X$libc" != X; then +- break +- fi +- done +- ;; +-esac +- + if ${sh:-/bin/sh} -c exit; then + echo '' + echo 'You appear to have a working bash. Good.' diff --git a/gnu/packages/patches/poppler-CVE-2017-9776.patch b/gnu/packages/patches/poppler-CVE-2017-9776.patch deleted file mode 100644 index 17a2807171..0000000000 --- a/gnu/packages/patches/poppler-CVE-2017-9776.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2017-9776: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776 -https://bugs.freedesktop.org/show_bug.cgi?id=101541 - -Patch copied from upstream source repository: - -https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc - -From 55db66c69fd56826b8523710046deab1a8d14ba2 Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Wed, 21 Jun 2017 00:55:20 +0200 -Subject: [PATCH] Fix crash in malformed documents - ---- - poppler/JBIG2Stream.cc | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc -index 48535883..d89108c8 100644 ---- a/poppler/JBIG2Stream.cc -+++ b/poppler/JBIG2Stream.cc -@@ -896,7 +896,7 @@ void JBIG2Bitmap::combine(JBIG2Bitmap *bitmap, int x, int y, - oneByte = x0 == ((x1 - 1) & ~7); - - for (yy = y0; yy < y1; ++yy) { -- if (unlikely(y + yy) >= h) -+ if (unlikely((y + yy >= h) || (y + yy < 0))) - continue; - - // one byte per line -- need to mask both left and right side --- -2.13.2 - diff --git a/gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch b/gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch deleted file mode 100644 index 353a16e322..0000000000 --- a/gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch +++ /dev/null @@ -1,61 +0,0 @@ -Copied from: - - https://cgit.freedesktop.org/poppler/poppler/patch/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a - -From 5c9b08a875b07853be6c44e43ff5f7f059df666a Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Sat, 27 May 2017 00:09:17 +0200 -Subject: pdfunite: Fix crash with broken documents - -Sometimes we can't parse pages so check before accessing them - -Thanks to Jiaqi Peng for the report - -Fixes bugs #101153 and #101149 - -diff --git a/utils/pdfunite.cc b/utils/pdfunite.cc -index dfe48bf..c32e201 100644 ---- a/utils/pdfunite.cc -+++ b/utils/pdfunite.cc -@@ -7,7 +7,7 @@ - // Copyright (C) 2011-2015, 2017 Thomas Freitag <Thomas.Freitag@alfa.de> - // Copyright (C) 2012 Arseny Solokha <asolokha@gmx.com> - // Copyright (C) 2012 Fabio D'Urso <fabiodurso@hotmail.it> --// Copyright (C) 2012, 2014 Albert Astals Cid <aacid@kde.org> -+// Copyright (C) 2012, 2014, 2017 Albert Astals Cid <aacid@kde.org> - // Copyright (C) 2013 Adrian Johnson <ajohnson@redneon.com> - // Copyright (C) 2013 Hib Eris <hib@hiberis.nl> - // Copyright (C) 2015 Arthur Stavisky <vovodroid@gmail.com> -@@ -268,15 +268,15 @@ int main (int argc, char *argv[]) - catDict->lookup("OutputIntents", &intents); - catDict->lookupNF("AcroForm", &afObj); - Ref *refPage = docs[0]->getCatalog()->getPageRef(1); -- if (!afObj.isNull()) { -+ if (!afObj.isNull() && refPage) { - docs[0]->markAcroForm(&afObj, yRef, countRef, 0, refPage->num, refPage->num); - } - catDict->lookupNF("OCProperties", &ocObj); -- if (!ocObj.isNull() && ocObj.isDict()) { -+ if (!ocObj.isNull() && ocObj.isDict() && refPage) { - docs[0]->markPageObjects(ocObj.getDict(), yRef, countRef, 0, refPage->num, refPage->num); - } - catDict->lookup("Names", &names); -- if (!names.isNull() && names.isDict()) { -+ if (!names.isNull() && names.isDict() && refPage) { - docs[0]->markPageObjects(names.getDict(), yRef, countRef, 0, refPage->num, refPage->num); - } - if (intents.isArray() && intents.arrayGetLength() > 0) { -@@ -353,6 +353,10 @@ int main (int argc, char *argv[]) - - for (i = 0; i < (int) docs.size(); i++) { - for (j = 1; j <= docs[i]->getNumPages(); j++) { -+ if (!docs[i]->getCatalog()->getPage(j)) { -+ continue; -+ } -+ - PDFRectangle *cropBox = NULL; - if (docs[i]->getCatalog()->getPage(j)->isCropped()) - cropBox = docs[i]->getCatalog()->getPage(j)->getCropBox(); --- -cgit v0.10.2 - diff --git a/gnu/packages/patches/python-file-double-encoding-bug.patch b/gnu/packages/patches/python-file-double-encoding-bug.patch deleted file mode 100644 index bbe825c36a..0000000000 --- a/gnu/packages/patches/python-file-double-encoding-bug.patch +++ /dev/null @@ -1,50 +0,0 @@ -Fix bug that breaks file's Python bindings when using Python 3. This patch -should not be applied when using Python 2. - -Copied from upstream source repository: - -https://github.com/file/file/commit/73e043d2a986234b187a00ed0c8d1f7bf83df372 - -From 73e043d2a986234b187a00ed0c8d1f7bf83df372 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas <christos@zoulas.com> -Date: Tue, 28 Jun 2016 17:10:22 +0000 -Subject: [PATCH] PR/562: Reiner Herrmann: Avoid double encoding with python3 - ---- - python/magic.py | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/python/magic.py b/python/magic.py -index c48f7d5..b0f7a17 100644 ---- a/python/magic.py -+++ b/python/magic.py -@@ -134,7 +134,7 @@ class Magic(object): - if isinstance(r, str): - return r - else: -- return str(r).encode('utf-8') -+ return str(r, 'utf-8') - - def descriptor(self, fd): - """ -@@ -152,7 +152,7 @@ class Magic(object): - if isinstance(r, str): - return r - else: -- return str(r).encode('utf-8') -+ return str(r, 'utf-8') - - def error(self): - """ -@@ -163,7 +163,7 @@ class Magic(object): - if isinstance(e, str): - return e - else: -- return str(e).encode('utf-8') -+ return str(e, 'utf-8') - - def setflags(self, flags): - """ --- -2.10.1 - diff --git a/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch b/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch new file mode 100644 index 0000000000..3db42feac9 --- /dev/null +++ b/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch @@ -0,0 +1,32 @@ +Fix building of Shishi with libgcrypt 1.6 and later. + +Patch copied from Debian: + +https://anonscm.debian.org/cgit/collab-maint/shishi.git/tree/debian/patches/fix_gcrypt_detection.diff?id=948301ae648a542a408da250755aeed58a6e3542 + +Description: Fix autoconf gnutls detection to also accept gcrypt 1.6. +Author: Andreas Metzler <ametzler@debian.org> +Bug-Debian: http://bugs.debian.org/753150 +Origin: vendor +Forwarded: no +Last-Update: 2014-07-18 + +--- shishi-1.0.2.orig/gl/m4/gc.m4 ++++ shishi-1.0.2/gl/m4/gc.m4 +@@ -12,10 +12,12 @@ AC_DEFUN([gl_GC], + if test "$libgcrypt" != no; then + AC_LIB_HAVE_LINKFLAGS([gcrypt], [gpg-error], [ + #include <gcrypt.h> +-/* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c +- will fail on startup if we don't have 1.4.4 or later, so +- test for it early. */ +-#if !defined GCRY_MODULE_ID_USER ++/* gc-libgcrypt.c will fail on startup if we don't have libgcrypt 1.4.4 or ++ later, test for it early. by checking for either ++ - GCRY_MODULE_ID_USER which was added in 1.4.4 and dropped in 1.6 or ++ - GCRYPT_VERSION_NUMBER which was added in 1.6. ++ */ ++#if !defined GCRY_MODULE_ID_USER && !defined GCRYPT_VERSION_NUMBER + error too old libgcrypt + #endif + ]) diff --git a/gnu/packages/patches/wget-perl-5.26.patch b/gnu/packages/patches/wget-perl-5.26.patch new file mode 100644 index 0000000000..ee3a984daa --- /dev/null +++ b/gnu/packages/patches/wget-perl-5.26.patch @@ -0,0 +1,96 @@ +This upstream commit adjusts tests for Perl 5.26. + +commit 7ffe93cabb181f39ad5091c31ab9f61bd940a55f +Author: Anton Yuzhaninov <citrin+github@citrin.ru> +Date: Wed Apr 5 19:06:42 2017 +0300 + + Fix perl warnings in tests + + * tests/FTPServer.pm: Escape '{' in RE to fix warnings + * tests/FTPTest.pm: Likewise + * tests/HTTPServer.pm: Likewise + * tests/HTTPTest.pm: Likewise + * tests/Test-proxied-https-auth-keepalive.px: Likewise + * tests/Test-proxied-https-auth.px: Likewise + Escape '{' in RE to fix warnings: + Unescaped left brace in regex is deprecated, passed through in regex; + marked by <-- HERE in m/{{ <-- HERE port}}/ + +diff --git a/tests/FTPServer.pm b/tests/FTPServer.pm +index a5185d66..cac80942 100644 +--- a/tests/FTPServer.pm ++++ b/tests/FTPServer.pm +@@ -589,7 +589,7 @@ sub new + foreach my $file (keys %{$self->{_input}}) + { + my $ref = \$self->{_input}{$file}{content}; +- $$ref =~ s/{{port}}/$self->sockport/eg; ++ $$ref =~ s/\Q{{port}}/$self->sockport/eg; + } + + return $self; +diff --git a/tests/FTPTest.pm b/tests/FTPTest.pm +index 50385ad0..0a1c768c 100644 +--- a/tests/FTPTest.pm ++++ b/tests/FTPTest.pm +@@ -53,7 +53,7 @@ sub _substitute_port + { + my $self = shift; + my $ret = shift; +- $ret =~ s/{{port}}/$self->{_server}->sockport/eg; ++ $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg; + return $ret; + } + +diff --git a/tests/HTTPServer.pm b/tests/HTTPServer.pm +index dd8ec043..78609f65 100644 +--- a/tests/HTTPServer.pm ++++ b/tests/HTTPServer.pm +@@ -310,7 +310,7 @@ sub _substitute_port + { + my $self = shift; + my $ret = shift; +- $ret =~ s/{{port}}/$self->sockport/eg; ++ $ret =~ s/\Q{{port}}/$self->sockport/eg; + return $ret; + } + +diff --git a/tests/HTTPTest.pm b/tests/HTTPTest.pm +index 00f079f8..6225c7f1 100644 +--- a/tests/HTTPTest.pm ++++ b/tests/HTTPTest.pm +@@ -47,7 +47,7 @@ sub _substitute_port + { + my $self = shift; + my $ret = shift; +- $ret =~ s/{{port}}/$self->{_server}->sockport/eg; ++ $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg; + return $ret; + } + +diff --git a/tests/Test-proxied-https-auth-keepalive.px b/tests/Test-proxied-https-auth-keepalive.px +index 049bebec..2a18ccfd 100755 +--- a/tests/Test-proxied-https-auth-keepalive.px ++++ b/tests/Test-proxied-https-auth-keepalive.px +@@ -153,7 +153,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee" + . " --password=Dodgson -e https_proxy=localhost:{{port}}" + . " --no-check-certificate" + . " https://no.such.domain/needs-auth.txt"; +-$cmdline =~ s/{{port}}/$SOCKET->sockport()/e; ++$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e; + + if (defined $srcdir) { + $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl'; +diff --git a/tests/Test-proxied-https-auth.px b/tests/Test-proxied-https-auth.px +index ce4e736c..878114e7 100755 +--- a/tests/Test-proxied-https-auth.px ++++ b/tests/Test-proxied-https-auth.px +@@ -152,7 +152,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee" + . " --password=Dodgson -e https_proxy=localhost:{{port}}" + . " --no-check-certificate" + . " https://no.such.domain/needs-auth.txt"; +-$cmdline =~ s/{{port}}/$SOCKET->sockport()/e; ++$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e; + + if (defined $srcdir) { + $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl'; diff --git a/gnu/packages/pciutils.scm b/gnu/packages/pciutils.scm index 7c9856468d..e428aaedb0 100644 --- a/gnu/packages/pciutils.scm +++ b/gnu/packages/pciutils.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014, 2015, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; ;;; This file is part of GNU Guix. @@ -30,7 +30,7 @@ (define-public pciutils (package (name "pciutils") - (version "3.5.4") + (version "3.5.5") (source (origin (method url-fetch) (uri (string-append @@ -38,7 +38,7 @@ version ".tar.xz")) (sha256 (base32 - "0rpy7kkb2y89wmbcbfjjjxsk2x89v5xxhxib4vpl131ip5m3qab4")))) + "1x9rb5y82rzg8b67lh42yy9ag9xr7kzibz566lffd41g37xghqhx")))) (build-system gnu-build-system) (arguments '(#:phases @@ -56,12 +56,18 @@ ;; $prefix/share/man, and wrongly so. (string-append "MANDIR := " (assoc-ref outputs "out") "/share/man\n")) + (("^SHARED=.*$") ;; Build libpciutils.so. "SHARED := yes\n") (("^ZLIB=.*$") - ;; Ask for zlib support. - "ZLIB := yes\n")))) + ;; Ask for zlib support, for 'pci.ids.gz' decompression. + "ZLIB := yes\n") + + (("^IDSDIR=.*$") + ;; Installation directory of 'pci.ids.gz'. + "IDSDIR = $(SHAREDIR)/hwdata\n")) + #t)) (replace 'install (lambda* (#:key outputs #:allow-other-keys) ;; Install the commands, library, and .pc files. @@ -85,5 +91,6 @@ "The PCI Utilities are a collection of programs for inspecting and manipulating configuration of PCI devices, all based on a common portable library libpci which offers access to the PCI configuration space on a variety -of operating systems. This includes the 'lspci' and 'setpci' commands.") +of operating systems. This includes the @command{lspci} and @command{setpci} +commands.") (license license:gpl2+))) diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm index 67a8db1c73..61aaf7c153 100644 --- a/gnu/packages/pcre.scm +++ b/gnu/packages/pcre.scm @@ -34,7 +34,6 @@ (package (name "pcre") (version "8.40") - (replacement pcre/fixed) (source (origin (method url-fetch) (uri (list @@ -43,6 +42,7 @@ "pcre-" version ".tar.bz2") (string-append "mirror://sourceforge/pcre/pcre/" version "/pcre-" version ".tar.bz2"))) + (patches (search-patches "pcre-CVE-2017-7186.patch")) (sha256 (base32 "1x7lpjn7jhk0n3sdvggxrlrhab8kkfjwl7qix0ypw9nlx8lpmqh0")))) @@ -72,13 +72,6 @@ POSIX regular expression API.") (license license:bsd-3) (home-page "http://www.pcre.org/"))) -(define pcre/fixed - (package - (inherit pcre) - (source (origin - (inherit (package-source pcre)) - (patches (search-patches "pcre-CVE-2017-7186.patch")))))) - (define-public pcre2 (package (name "pcre2") diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 7b76955e23..0993543c20 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -76,15 +76,14 @@ (define-public poppler (package (name "poppler") - (replacement poppler/fixed) - (version "0.52.0") + (version "0.56.0") (source (origin (method url-fetch) (uri (string-append "https://poppler.freedesktop.org/poppler-" version ".tar.xz")) (sha256 (base32 - "14hrrac2f1phi5j0qn283457w06vsp9gr075yqjrm7w370bnd2sj")))) + "0wviayidfv2ix2ql0d4nl9r1ia6qi5kc1nybd9vjx27dk7gvm7c6")))) (build-system gnu-build-system) ;; FIXME: ;; use libcurl: no @@ -130,23 +129,15 @@ (license license:gpl2+) (home-page "https://poppler.freedesktop.org/"))) -(define poppler/fixed - (package (inherit poppler) - (source - (origin - (inherit (package-source poppler)) - (patches (search-patches "poppler-fix-crash-with-broken-documents.patch" - "poppler-CVE-2017-9776.patch")))))) - (define-public poppler-qt4 - (package/inherit poppler + (package (inherit poppler) (name "poppler-qt4") (inputs `(("qt-4" ,qt-4) ,@(package-inputs poppler))) (synopsis "Qt4 frontend for the Poppler PDF rendering library"))) (define-public poppler-qt5 - (package/inherit poppler + (package (inherit poppler) (name "poppler-qt5") (inputs `(("qtbase" ,qtbase) ,@(package-inputs poppler))) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index 6a59e6bf86..876bad80d8 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -51,16 +51,16 @@ ;; Yeah, Perl... It is required early in the bootstrap process by Linux. (package (name "perl") - (replacement perl/fixed) - (version "5.24.0") + (version "5.26.0") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/src/5.0/perl-" version ".tar.gz")) (sha256 (base32 - "00jj8zr8fnihrxxhl8h936ssczv5x86qb618yz1ig40d1rp0qhvy")) + "0zxn9hd7mqgq06ikyi6k70ngbvjf01z1paw0jd25byyl0rlwdrzb")) (patches (search-patches + "perl-file-path-CVE-2017-6512.patch" "perl-no-sys-dirs.patch" "perl-autosplit-default-time.patch" "perl-deterministic-ordering.patch" @@ -148,17 +148,6 @@ (home-page "http://www.perl.org/") (license gpl1+))) ; or "Artistic" -(define perl/fixed - (package - (inherit perl) - (source - (origin - (inherit (package-source perl)) - (patches - (append - (origin-patches (package-source perl)) - (search-patches "perl-file-path-CVE-2017-6512.patch"))))))) - (define-public perl-algorithm-c3 (package (name "perl-algorithm-c3") diff --git a/gnu/packages/pkg-config.scm b/gnu/packages/pkg-config.scm index 01069d27a5..12f17f1e3c 100644 --- a/gnu/packages/pkg-config.scm +++ b/gnu/packages/pkg-config.scm @@ -30,7 +30,7 @@ (define-public %pkg-config (package (name "pkg-config") - (version "0.29.1") + (version "0.29.2") (source (origin (method url-fetch) (uri (list @@ -46,7 +46,7 @@ version ".tar.gz"))) (sha256 (base32 - "00dh1jn8rbppmgbhhgqhmbh3c58b0gccy39rsjdlcma50sg3rd5y")))) + "14fmwzki1rlz8bs2p810lk6jqdxsk966d8drgsjmi54cd00rrikg")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-internal-glib"))) (native-search-paths diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm index 92ebe6f3eb..846c174fa7 100644 --- a/gnu/packages/pulseaudio.scm +++ b/gnu/packages/pulseaudio.scm @@ -45,13 +45,14 @@ (define-public libsndfile (package (name "libsndfile") - (replacement libsndfile/fixed) (version "1.0.28") (source (origin (method url-fetch) (uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-" version ".tar.gz")) - (patches (search-patches "libsndfile-armhf-type-checks.patch")) + (patches (search-patches "libsndfile-armhf-type-checks.patch" + "libsndfile-CVE-2017-8361-8363-8365.patch" + "libsndfile-CVE-2017-8362.patch")) (sha256 (base32 "1afzm7jx34jhqn32clc5xghyjglccam2728yxlx37yj2y0lkkwqz")))) @@ -77,18 +78,6 @@ SPARC. Hopefully the design of the library will also make it easy to extend for reading and writing new sound file formats.") (license l:gpl2+))) -(define libsndfile/fixed - (package - (inherit libsndfile) - (source - (origin - (inherit (package-source libsndfile)) - (patches - (append - (origin-patches (package-source libsndfile)) - (search-patches "libsndfile-CVE-2017-8361-8363-8365.patch" - "libsndfile-CVE-2017-8362.patch"))))))) - (define-public libsamplerate (package (name "libsamplerate") ; aka. Secret Rabbit Code (SRC) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index d110a1cb32..ba9153b68b 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -342,8 +342,11 @@ data types.") (base32 "1c6v1n9nz4mlx9mw1125fxpmbrgniqdbbx9hnqx44maqazb2mzpf")) (snippet - '(delete-file - "Lib/ctypes/test/test_win32.py")))) ; fails on aarch64 + '(begin + (for-each delete-file + '("Lib/ctypes/test/test_win32.py" ; fails on aarch64 + "Lib/test/test_fcntl.py")) + #t)))) (arguments (substitute-keyword-arguments (package-arguments python-2) ((#:tests? _) #t))) (native-search-paths @@ -1874,7 +1877,9 @@ code introspection, and logging.") (propagated-inputs `(("python-py" ,python-py))) (native-inputs - `(("python-nose" ,python-nose) + `(;; Tests need the "regular" bash since 'bash-final' lacks `compgen`. + ("bash" ,bash) + ("python-nose" ,python-nose) ("python-mock" ,python-mock))) (home-page "http://pytest.org") (synopsis "Python testing library") @@ -1911,9 +1916,8 @@ and many external plugins.") line))) #t))))) (native-inputs - `(("python-nose" ,python-nose) - ("python-mock" ,python-mock) - ("python-hypothesis" ,python-hypothesis))) + `(("python-hypothesis" ,python-hypothesis) + ,@(package-native-inputs python-pytest))) (properties `((python2-variant . ,(delay python2-pytest-3.0)))))) (define-public python2-pytest-3.0 @@ -7636,10 +7640,6 @@ Python's @code{ctypes} foreign function interface (FFI).") (package (inherit file) (name "python-file") - (source (origin - (inherit (package-source file)) - ;; This patch should not be applied to python2-file. - (patches (search-patches "python-file-double-encoding-bug.patch")))) (build-system python-build-system) (arguments '(#:tests? #f ;no tests diff --git a/gnu/packages/swig.scm b/gnu/packages/swig.scm index acf0529377..b931db412b 100644 --- a/gnu/packages/swig.scm +++ b/gnu/packages/swig.scm @@ -31,7 +31,7 @@ (define-public swig (package (name "swig") - (version "3.0.10") + (version "3.0.12") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/" name "/" name "/" @@ -39,8 +39,16 @@ name "-" version ".tar.gz")) (sha256 (base32 - "0k7ljh07rla6223lhvljgg881b2qr7hmrfgic9a0j1pckpislf99")))) + "0kf99ygrjs5616gsqhz1l7bib3a12izmxi7g48bwblbymr3z9ybw")))) (build-system gnu-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'set-env + ;; Required since Perl 5.26.0's removal of the current + ;; working directory from @INC. + ;; TODO Try removing this for later versions of SWIG. + (lambda _ (setenv "PERL_USE_UNSAFE_INC" "1") #t))))) (native-inputs `(("boost" ,boost) ("pcre" ,pcre "bin"))) ;for 'pcre-config' (inputs `(;; Provide these to run the corresponding tests. diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index f80f7d3bcd..869d0a7036 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -8,6 +8,7 @@ ;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net> ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com> +;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> ;;; ;;; This file is part of GNU Guix. @@ -53,8 +54,7 @@ (define-public libtasn1 (package (name "libtasn1") - (replacement libtasn1/fixed) - (version "4.10") + (version "4.12") (source (origin (method url-fetch) @@ -62,7 +62,7 @@ version ".tar.gz")) (sha256 (base32 - "00jsix5hny0g768zv4hk78dib7w0qmk5fbizf4jj37r51nd4s6k8")))) + "0ls7jdq3y5fnrwg0pzhq11m21r8pshac2705bczz6mqjc8pdllv7")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl))) (home-page "https://www.gnu.org/software/libtasn1/") @@ -74,15 +74,6 @@ networking, allowing for formal validation of data according to some specifications.") (license license:lgpl2.0+))) -(define libtasn1/fixed - (package - (inherit libtasn1) - (source - (origin - (inherit (package-source libtasn1)) - (patches - (search-patches "libtasn1-CVE-2017-6891.patch")))))) - (define-public asn1c (package (name "asn1c") @@ -143,8 +134,7 @@ living in the same process.") (define-public gnutls (package (name "gnutls") - (replacement gnutls-3.5.13) - (version "3.5.9") + (version "3.5.13") (source (origin (method url-fetch) (uri @@ -153,15 +143,16 @@ living in the same process.") (string-append "mirror://gnupg/gnutls/v" (version-major+minor version) "/gnutls-" version ".tar.xz")) + (patches + (search-patches "gnutls-skip-trust-store-test.patch" + "gnutls-skip-pkgconfig-test.patch")) (sha256 (base32 - "0l9971841jsfdcvcyhas17sk5rsby6x5vvwcmmj4x3zi9q60zcc2")))) + "15ihq6p0hnnhs8cnjrkj40dmlcaa1jjg8xg0g2ydbnlqs454ixbr")))) (build-system gnu-build-system) (arguments '(#:configure-flags - (list (string-append "--with-guile-site-dir=" - (assoc-ref %outputs "out") - "/share/guile/site/2.0") + (list ;; GnuTLS doesn't consult any environment variables to specify ;; the location of the system-wide trust store. Instead it has a ;; configure-time option. Unless specified, its configure script @@ -198,7 +189,7 @@ living in the same process.") ("pkg-config" ,pkg-config) ("which" ,which))) (inputs - `(("guile" ,guile-2.0))) + `(("guile" ,guile-2.2))) (propagated-inputs ;; These are all in the 'Requires.private' field of gnutls.pc. `(("libtasn1" ,libtasn1) @@ -216,43 +207,21 @@ required structures.") (properties '((ftp-server . "ftp.gnutls.org") (ftp-directory . "/gcrypt/gnutls"))))) -(define gnutls-3.5.13 ;GNUTLS-SA-2017-{3,4} - (package - (inherit gnutls) - ;; We use 'D' instead of '13' here to keep the store file name at - ;; the same length. See <https://bugs.gnu.org/27308>. - (version "3.5.D") - (source (origin - (method url-fetch) - (uri - (string-append "mirror://gnupg/gnutls/v" - (version-major+minor version) - "/gnutls-3.5.13.tar.xz")) - (patches - (search-patches "gnutls-skip-trust-store-test.patch" - "gnutls-skip-pkgconfig-test.patch")) - (sha256 - (base32 - "15ihq6p0hnnhs8cnjrkj40dmlcaa1jjg8xg0g2ydbnlqs454ixbr")))))) - (define-public gnutls/guile-2.2 - ;; GnuTLS for Guile 2.2. This is supported by GnuTLS >= 3.5.5. + (deprecated-package "guile2.2-gnutls" gnutls)) + +(define-public gnutls/guile-2.0 + ;; GnuTLS for Guile 2.0. (package (inherit gnutls) - (source (package-source gnutls-3.5.13)) - (name "guile2.2-gnutls") - (arguments - ;; Remove '--with-guile-site-dir=…/2.0'. - (substitute-keyword-arguments (package-arguments gnutls) - ((#:configure-flags flags) - `(cdr ,flags)))) - (inputs `(("guile" ,guile-2.2) + (name "guile2.0-gnutls") + (inputs `(("guile" ,guile-2.0) ,@(alist-delete "guile" (package-inputs gnutls)))))) (define-public openssl (package (name "openssl") - (version "1.0.2k") + (version "1.0.2l") (source (origin (method url-fetch) (uri (list (string-append "ftp://ftp.openssl.org/source/" @@ -262,7 +231,14 @@ required structures.") "/" name "-" version ".tar.gz"))) (sha256 (base32 - "1h6qi35w6hv6rd73p4cdgdzg732pdrfgpp37cgwz1v9a3z37ffbb")) + "037kvpisc6qh5dkppcwbm5bg2q800xh2hma3vghz8xcycmdij1yf")) + (snippet + '(begin + ;; Remove ELF files. 'substitute*' can't read them. + (delete-file "test/ssltest_old") + (delete-file "test/v3ext") + (delete-file "test/x509aux") + #t)) (patches (search-patches "openssl-runpath.patch" "openssl-c-rehash-in.patch")))) (build-system gnu-build-system) @@ -610,32 +586,19 @@ certificates for free.") (define-public perl-net-ssleay (package (name "perl-net-ssleay") - (version "1.68") + (version "1.81") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/M/MI/MIKEM/" "Net-SSLeay-" version ".tar.gz")) (sha256 (base32 - "1m2wwzhjwsg0drlhp9w12fl6bsgj69v8gdz72jqrqll3qr7f408p")))) + "0z8vya34g88bc41kx955sv7y4niwbbywji8liqbl52v29qbvdjq0")))) (build-system perl-build-system) - (native-inputs - `(("patch" ,patch) - ("patch/disable-ede-test" - ,(search-patch "perl-net-ssleay-disable-ede-test.patch")))) (inputs `(("openssl" ,openssl))) (arguments `(#:phases (modify-phases %standard-phases - (add-after - 'unpack 'apply-patch - (lambda* (#:key inputs #:allow-other-keys) - ;; XXX We apply this patch here instead of in the 'origin' because - ;; this package's build system fails badly when the source file - ;; times are zeroed. - ;; XXX Try removing this patch for perl-net-ssleay > 1.68 - (zero? (system* "patch" "--force" "-p1" "-i" - (assoc-ref inputs "patch/disable-ede-test"))))) (add-before 'configure 'set-ssl-prefix (lambda* (#:key inputs #:allow-other-keys) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index e91bc1f13e..8e60f64790 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -1026,6 +1026,13 @@ to perl-code, for faster generation of access_log lines.") (base32 "02afhlrdq5hh5g8b32fa79fqq5i76qzwfqqvfi9zi57h31szl536")))) (build-system perl-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'set-env + ;; Fix the build with Perl 5.26.0. Try removing this phase for later + ;; versions of perl-authen-sasl. + (lambda _ (setenv "PERL_USE_UNSAFE_INC" "1") #t))))) (propagated-inputs `(("perl-digest-hmac" ,perl-digest-hmac) ("perl-gssapi" ,perl-gssapi))) diff --git a/gnu/packages/wget.scm b/gnu/packages/wget.scm index a73c68004d..3673ad5cc4 100644 --- a/gnu/packages/wget.scm +++ b/gnu/packages/wget.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org> -;;; Copyright © 2014, 2015 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014, 2015, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; ;;; This file is part of GNU Guix. @@ -41,11 +41,27 @@ (uri (string-append "mirror://gnu/wget/wget-" version ".tar.xz")) (patches (search-patches "wget-CVE-2017-6508.patch" - "wget-fix-504-test-timeout.patch")) + "wget-fix-504-test-timeout.patch" + "wget-perl-5.26.patch")) (sha256 (base32 "1ljcfhbkdsd0zjfm520rbl1ai62fc34i7c45sfj244l8f6b0p58c")))) (build-system gnu-build-system) + (arguments + '(#:phases (modify-phases %standard-phases + (add-before 'check 'disable-https-tests + (lambda _ + ;; XXX: Skip TLS tests, which fail with "The + ;; certificate's owner does not match hostname" as + ;; reported at: + ;; <https://lists.gnu.org/archive/html/bug-wget/2017-07/msg00012.html>. + ;; The problem appears to be due to a change in GnuTLS + ;; 3.5.12, whereby 'gnutls_x509_crt_check_hostname2' no + ;; longer matches IP address against the 'CN' or + ;; 'DNSname' fields of certificates. + (substitute* "testenv/Makefile" + (("SSL_TESTS=1") "")) + #t))))) (inputs `(("gnutls" ,gnutls) ("libidn2" ,libidn2) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index 650352f58f..513b0eb999 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -66,8 +66,7 @@ (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("gettext" ,gettext-minimal) - ; A bug in flex prevents building with flex-2.6.3. - ("flex" ,flex-2.6.1) + ("flex" ,flex) ("bison" ,bison) ("perl" ,perl))) (inputs diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm index 9f63de2ace..ecf7c82396 100644 --- a/gnu/packages/xdisorg.scm +++ b/gnu/packages/xdisorg.scm @@ -287,7 +287,7 @@ rasterisation.") (define-public libdrm (package (name "libdrm") - (version "2.4.80") + (version "2.4.81") (source (origin (method url-fetch) @@ -297,7 +297,7 @@ rasterisation.") ".tar.bz2")) (sha256 (base32 - "1wa9cnzf60xwx67zq9ay48xr3j3sn1z80q77jpbzmkg906b52am8")) + "1bhimr6za2ddisrvrv1qqd7c2a59s7jc954sjycq2w68b8cmrh4c")) (patches (search-patches "libdrm-symbol-check.patch")))) (build-system gnu-build-system) (inputs diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index 67d6c8e8df..3cf1de305f 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -55,17 +55,14 @@ (define-public expat (package (name "expat") - (version "2.2.0") - (replacement expat-2.2.1) + (version "2.2.1") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/expat/expat/" version "/expat-" version ".tar.bz2")) - (patches - (search-patches "expat-CVE-2016-0718-fix-regression.patch")) (sha256 (base32 - "1zq4lnwjlw8s9mmachwfvfjf2x3lk24jm41746ykhdcvs7r0zrfr")))) + "11c8jy1wvllvlk7xdc5cm8hdhg0hvs8j0aqy6s702an8wkdcls0q")))) (build-system gnu-build-system) (home-page "http://www.libexpat.org/") (synopsis "Stream-oriented XML parser library written in C") @@ -75,18 +72,6 @@ stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags).") (license license:expat))) -(define expat-2.2.1 ; Fixes CVE-2017-9233, CVE-2016-9063 and other issues. - (package - (inherit expat) - (version "2.2.1") - (source (origin - (method url-fetch) - (uri (string-append "mirror://sourceforge/expat/expat/" - version "/expat-" version ".tar.bz2")) - (sha256 - (base32 - "11c8jy1wvllvlk7xdc5cm8hdhg0hvs8j0aqy6s702an8wkdcls0q")))))) - (define-public libebml (package (name "libebml") diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index 6adf2e2fc0..846b5cb013 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -57,6 +57,7 @@ #:use-module (gnu packages llvm) #:use-module (gnu packages m4) #:use-module (gnu packages ncurses) + #:use-module (gnu packages pciutils) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) @@ -1112,8 +1113,29 @@ themselves.") (base32 "16dr80rdw5bzdyhahvilfjrflj7scs2yl2mmghsb84f3nglm8b3m")))) (build-system gnu-build-system) + (arguments + '(;; Make sure libpciaccess can read compressed 'pci.ids' files as + ;; provided by pciutils. + #:configure-flags + (list "--with-zlib" + (string-append "--with-pciids-path=" + (assoc-ref %build-inputs "pciutils") + "/share/hwdata")) + + #:phases + (modify-phases %standard-phases + (add-after 'install 'add-L-zlib + (lambda* (#:key inputs outputs #:allow-other-keys) + ;; Provide '-LZLIB/lib' next to '-lz' in the .la file. + (let ((zlib (assoc-ref inputs "zlib")) + (out (assoc-ref outputs "out"))) + (substitute* (string-append out "/lib/libpciaccess.la") + (("-lz") + (string-append "-L" zlib "/lib -lz"))) + #t)))))) (inputs - `(("zlib" ,zlib))) + `(("zlib" ,zlib) + ("pciutils" ,pciutils))) ;for 'pci.ids.gz' (native-inputs `(("pkg-config" ,pkg-config))) (home-page "https://www.x.org/wiki/") @@ -1125,7 +1147,7 @@ themselves.") (define-public libpthread-stubs (package (name "libpthread-stubs") - (version "0.3") + (version "0.4") (source (origin (method url-fetch) @@ -1135,7 +1157,7 @@ themselves.") ".tar.bz2")) (sha256 (base32 - "16bjv3in19l84hbri41iayvvg4ls9gv1ma0x0qlbmwy67i7dbdim")))) + "0cz7s9w8lqgzinicd4g36rjg08zhsbyngh0w68c3np8nlc8mkl74")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) (home-page "https://www.x.org/wiki/") @@ -1558,7 +1580,7 @@ by the legacy X11 font system.") (define-public presentproto (package (name "presentproto") - (version "1.0") + (version "1.1") (source (origin (method url-fetch) @@ -1568,7 +1590,7 @@ by the legacy X11 font system.") ".tar.bz2")) (sha256 (base32 - "1kir51aqg9cwazs14ivcldcn3mzadqgykc9cg87rm40zf947sb41")))) + "1f96dlgfwhsd0834z8ydjzjnb0cwha5r6lxgia4say4zhsl276zn")))) (build-system gnu-build-system) (home-page "https://www.x.org/wiki/") (synopsis "Xorg PresentProto protocol headers") @@ -1819,7 +1841,7 @@ management to participate in an X11R6 session.") (define-public util-macros (package (name "util-macros") - (version "1.19.0") + (version "1.19.1") (source (origin (method url-fetch) @@ -1829,7 +1851,7 @@ management to participate in an X11R6 session.") ".tar.bz2")) (sha256 (base32 - "1fnhpryf55l0yqajxn0cxan3kvsjzi67nlanz8clwqzf54cb2d98")))) + "19h6wflpmh7xxqr6lk5z8pds6r9r0dn7ijbvaacymx2q0m05km0q")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) (arguments @@ -3743,7 +3765,7 @@ extension to the X11 protocol. It includes: (define-public xkeyboard-config (package (name "xkeyboard-config") - (version "2.20") + (version "2.21") (source (origin (method url-fetch) @@ -3753,7 +3775,7 @@ extension to the X11 protocol. It includes: ".tar.bz2")) (sha256 (base32 - "0d619g4r0w1f6q5qmaqjnsc0956gi02fqgpisqffzqy4acjwggyi")))) + "1iffxpchy6dfgbby23nfsqqk17h9lfddlmjnhwagqag1z94p1h9h")))) (build-system gnu-build-system) (inputs `(("gettext" ,gettext-minimal) diff --git a/gnu/system.scm b/gnu/system.scm index ee1e10f82d..e813bfc20c 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -514,10 +514,16 @@ explicitly appear in OS." bash-completion + ;; XXX: We don't use (canonical-package guile-2.2) here because that + ;; would create a collision in the global profile between the GMP + ;; variant propagated by 'guile-final' and the GMP variant propagated + ;; by 'gnutls', itself propagated by 'guix'. + guile-2.2 + ;; The packages below are also in %FINAL-INPUTS, so take them from ;; there to avoid duplication. (map canonical-package - (list guile-2.2 bash coreutils-8.27 findutils grep sed + (list bash coreutils findutils grep sed diffutils patch gawk tar gzip bzip2 xz lzip)))) (define %default-issue diff --git a/guix/build-system/cmake.scm b/guix/build-system/cmake.scm index 25ac262d5d..ee116c5a4c 100644 --- a/guix/build-system/cmake.scm +++ b/guix/build-system/cmake.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com> +;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -56,24 +57,38 @@ #:rest arguments) "Return a bag for NAME." (define private-keywords - '(#:source #:target #:cmake #:inputs #:native-inputs)) - - (and (not target) ;XXX: no cross-compilation - (bag - (name name) - (system system) - (host-inputs `(,@(if source - `(("source" ,source)) - '()) - ,@inputs - - ;; Keep the standard inputs of 'gnu-build-system'. - ,@(standard-packages))) - (build-inputs `(("cmake" ,cmake) - ,@native-inputs)) - (outputs outputs) - (build cmake-build) - (arguments (strip-keyword-arguments private-keywords arguments))))) + `(#:source #:cmake #:inputs #:native-inputs #:outputs + ,@(if target '() '(#:target)))) + + (bag + (name name) + (system system) + (target target) + (build-inputs `(,@(if source + `(("source" ,source)) + '()) + ,@`(("cmake" ,cmake)) + ,@native-inputs + ,@(if target + ;; Use the standard cross inputs of + ;; 'gnu-build-system'. + (standard-cross-packages target 'host) + '()) + ;; Keep the standard inputs of 'gnu-build-system'. + ,@(standard-packages))) + (host-inputs inputs) + + ;; The cross-libc is really a target package, but for bootstrapping + ;; reasons, we can't put it in 'host-inputs'. Namely, 'cross-gcc' is a + ;; native package, so it would end up using a "native" variant of + ;; 'cross-libc' (built with 'gnu-build'), whereas all the other packages + ;; would use a target variant (built with 'gnu-cross-build'.) + (target-inputs (if target + (standard-cross-packages target 'target) + '())) + (outputs outputs) + (build (if target cmake-cross-build cmake-build)) + (arguments (strip-keyword-arguments private-keywords arguments)))) (define* (cmake-build store name inputs #:key (guile #f) @@ -145,6 +160,115 @@ provides a 'CMakeLists.txt' file as its build system." #:outputs outputs #:guile-for-build guile-for-build)) + +;;; +;;; Cross-compilation. +;;; + +(define* (cmake-cross-build store name + #:key + target native-drvs target-drvs + (guile #f) + (outputs '("out")) + (configure-flags ''()) + (search-paths '()) + (native-search-paths '()) + (make-flags ''()) + (out-of-source? #t) + (build-type "RelWithDebInfo") + (tests? #f) ; nothing can be done + (test-target "test") + (parallel-build? #t) (parallel-tests? #f) + (validate-runpath? #t) + (patch-shebangs? #t) + (strip-binaries? #t) + (strip-flags ''("--strip-debug" + "--enable-deterministic-archives")) + (strip-directories ''("lib" "lib64" "libexec" + "bin" "sbin")) + (phases '(@ (guix build cmake-build-system) + %standard-phases)) + (system (%current-system)) + (build (nix-system->gnu-triplet system)) + (imported-modules %cmake-build-system-modules) + (modules '((guix build cmake-build-system) + (guix build utils)))) + "Cross-build NAME using CMAKE for TARGET, where TARGET is a GNU triplet and +with INPUTS. This assumes that SOURCE provides a 'CMakeLists.txt' file as its +build system." + (define builder + `(begin + (use-modules ,@modules) + (let () + (define %build-host-inputs + ',(map (match-lambda + ((name (? derivation? drv) sub ...) + `(,name . ,(apply derivation->output-path drv sub))) + ((name path) + `(,name . ,path))) + native-drvs)) + + (define %build-target-inputs + ',(map (match-lambda + ((name (? derivation? drv) sub ...) + `(,name . ,(apply derivation->output-path drv sub))) + ((name (? package? pkg) sub ...) + (let ((drv (package-cross-derivation store pkg + target system))) + `(,name . ,(apply derivation->output-path drv sub)))) + ((name path) + `(,name . ,path))) + target-drvs)) + + (cmake-build #:source ,(match (assoc-ref native-drvs "source") + (((? derivation? source)) + (derivation->output-path source)) + ((source) + source) + (source + source)) + #:system ,system + #:build ,build + #:target ,target + #:outputs %outputs + #:inputs %build-target-inputs + #:native-inputs %build-host-inputs + #:search-paths ',(map search-path-specification->sexp + search-paths) + #:native-search-paths ',(map + search-path-specification->sexp + native-search-paths) + #:phases ,phases + #:configure-flags ,configure-flags + #:make-flags ,make-flags + #:out-of-source? ,out-of-source? + #:build-type ,build-type + #:tests? ,tests? + #:test-target ,test-target + #:parallel-build? ,parallel-build? + #:parallel-tests? ,parallel-tests? + #:validate-runpath? ,validate-runpath? + #:patch-shebangs? ,patch-shebangs? + #:strip-binaries? ,strip-binaries? + #:strip-flags ,strip-flags + #:strip-directories ,strip-directories)))) + + (define guile-for-build + (match guile + ((? package?) + (package-derivation store guile system #:graft? #f)) + (#f ; the default + (let* ((distro (resolve-interface '(gnu packages commencement))) + (guile (module-ref distro 'guile-final))) + (package-derivation store guile system #:graft? #f))))) + + (build-expression->derivation store name builder + #:system system + #:inputs (append native-drvs target-drvs) + #:outputs outputs + #:modules imported-modules + #:guile-for-build guile-for-build)) + (define cmake-build-system (build-system (name 'cmake) diff --git a/guix/build-system/gnu.scm b/guix/build-system/gnu.scm index 7cf0cafc0f..047ace7e6b 100644 --- a/guix/build-system/gnu.scm +++ b/guix/build-system/gnu.scm @@ -30,6 +30,7 @@ gnu-build gnu-build-system standard-packages + standard-cross-packages package-with-explicit-inputs package-with-extra-configure-variable static-libgcc-package diff --git a/guix/build/cmake-build-system.scm b/guix/build/cmake-build-system.scm index 27f2b5c872..128ab28fe5 100644 --- a/guix/build/cmake-build-system.scm +++ b/guix/build/cmake-build-system.scm @@ -32,7 +32,7 @@ ;; Code: (define* (configure #:key outputs (configure-flags '()) (out-of-source? #t) - build-type + build-type target #:allow-other-keys) "Configure the given package." (let* ((out (assoc-ref outputs "out")) @@ -59,6 +59,15 @@ ,(string-append "-DCMAKE_INSTALL_RPATH=" out "/lib") ;; enable verbose output from builds "-DCMAKE_VERBOSE_MAKEFILE=ON" + + ;; Cross-build + ,@(if target + (list (string-append "-DCMAKE_C_COMPILER=" + target "-gcc") + (if (string-contains target "mingw") + "-DCMAKE_SYSTEM_NAME=Windows" + "-DCMAKE_SYSTEM_NAME=Linux")) + '()) ,@configure-flags))) (format #t "running 'cmake' with arguments ~s~%" args) (zero? (apply system* "cmake" args))))) diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm index 1786e2e3c9..e37b751403 100644 --- a/guix/build/gnu-build-system.scm +++ b/guix/build/gnu-build-system.scm @@ -39,6 +39,13 @@ ;; ;; Code: +(cond-expand + (guile-2.2 + ;; Guile 2.2.2 has a bug whereby 'time-monotonic' objects have seconds and + ;; nanoseconds swapped (fixed in Guile commit 886ac3e). Work around it. + (define time-monotonic time-tai)) + (else #t)) + (define* (set-SOURCE-DATE-EPOCH #:rest _) "Set the 'SOURCE_DATE_EPOCH' environment variable. This is used by tools that incorporate timestamps as a way to tell them to use a fixed timestamp. @@ -521,6 +528,25 @@ DOCUMENTATION-COMPRESSOR-FLAGS." ;; Return #t if FILE has hard links. (> (stat:nlink (lstat file)) 1)) + (define (points-to-symlink? symlink) + ;; Return #t if SYMLINK points to another symbolic link. + (let* ((target (readlink symlink)) + (target-absolute (if (string-prefix? "/" target) + target + (string-append (dirname symlink) + "/" target)))) + (catch 'system-error + (lambda () + (symbolic-link? target-absolute)) + (lambda args + (if (= ENOENT (system-error-errno args)) + (begin + (format (current-error-port) + "The symbolic link '~a' target is missing: '~a'\n" + symlink target-absolute) + #f) + (apply throw args)))))) + (define (maybe-compress-directory directory regexp) (or (not (directory-exists? directory)) (match (find-files directory regexp) @@ -538,12 +564,17 @@ DOCUMENTATION-COMPRESSOR-FLAGS." ;; Compress the non-symlink files, and adjust symlinks to refer ;; to the compressed files. Leave files that have hard links ;; unchanged ('gzip' would refuse to compress them anyway.) - (and (zero? (apply system* documentation-compressor - (append documentation-compressor-flags - (remove has-links? regular-files)))) - (every retarget-symlink - (filter (cut string-match regexp <>) - symlinks))))))))) + ;; Also, do not retarget symbolic links pointing to other + ;; symbolic links, since these are not compressed. + (and (every retarget-symlink + (filter (lambda (symlink) + (and (not (points-to-symlink? symlink)) + (string-match regexp symlink))) + symlinks)) + (zero? + (apply system* documentation-compressor + (append documentation-compressor-flags + (remove has-links? regular-files))))))))))) (define (maybe-compress output) (and (maybe-compress-directory (string-append output "/share/man") diff --git a/guix/build/utils.scm b/guix/build/utils.scm index e8efb0653a..7391307c87 100644 --- a/guix/build/utils.scm +++ b/guix/build/utils.scm @@ -32,7 +32,12 @@ #:use-module (rnrs bytevectors) #:use-module (rnrs io ports) #:re-export (alist-cons - alist-delete) + alist-delete + + ;; Note: Re-export 'delete' to allow for proper syntax matching + ;; in 'modify-phases' forms. See + ;; <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26805#16>. + delete) #:export (%store-directory store-file-name? strip-store-file-name @@ -79,6 +84,7 @@ fold-port-matches remove-store-references wrap-program + invoke locale-category->string)) @@ -574,6 +580,15 @@ Where every <*-phase-name> is an expression evaluating to a symbol, and ((_ phases (add-after old-phase-name new-phase-name new-phase)) (alist-cons-after old-phase-name new-phase-name new-phase phases)))) +(define (invoke program . args) + "Invoke PROGRAM with the given ARGS. Raise an error if the exit +code is non-zero; otherwise return #t." + (let ((status (apply system* program args))) + (unless (zero? status) + (error (format #f "program ~s exited with non-zero code" program) + status)) + #t)) + ;;; ;;; Text substitution (aka. sed). diff --git a/guix/packages.scm b/guix/packages.scm index f60303404f..3528db442f 100644 --- a/guix/packages.scm +++ b/guix/packages.scm @@ -581,7 +581,12 @@ specifies modules in scope when evaluating SNIPPET." #:fail-on-error? #t))))) (zero? (apply system* (string-append #+tar "/bin/tar") - "cvfa" #$output + "cvf" #$output + ;; The bootstrap xz does not support + ;; threaded compression (introduced in + ;; 5.2.0), but it ignores the extra flag. + (string-append "--use-compress-program=" + #+xz "/bin/xz --threads=0") ;; avoid non-determinism in the archive "--mtime=@0" "--owner=root:0" |