* gnu/packages/patches/gd-CVE-2018-1000222.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gd.scm (gd/fixed): New variable.
* gnu/packages/php.scm (gd-for-php)[source]: Use 'gd-CVE-2018-1000222.patch'.
The following CVEs are fixed with this release: CVE-2018-15908,
CVE-2018-15909, CVE-2018-15910, CVE-2018-15911, CVE-2018-16509,
CVE-2018-16510, CVE-2018-16511, CVE-2018-16513, CVE-2018-16539,
CVE-2018-16540, CVE-2018-16541, CVE-2018-16542, CVE-2018-16543.
* gnu/packages/patches/ghostscript-CVE-2018-10194.patch: Delete file.
* gnu/packages/patches/ghostscript-CVE-2018-16509.patch,
gnu/packages/patches/ghostscript-bug-699708.patch: New files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Update to 9.24.
[source](patches): Remove 'ghostscript-CVE-2018-10194.patch' and
'ghostscript-runpath.patch'. Add 'ghostscript-CVE-2018-16509.patch' and
'ghostscript-bug-699708.patch'.
[arguments]: Add LDFLAGS to #:configure-flags, and a phase to create output
directory.
Fixes <https://bugs.gnu.org/31726>.
Thanks to Jack Hill <jackhill@jackhill.us> for exploring different solutions
at <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=31726>.
* gnu/packages/patches/haskell-mode-unused-variables.patch,
gnu/packages/patches/haskell-mode-make-check.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/emacs.scm (haskell-mode)[source]: Use them.
[arguments]: Adjust 'pre-build' phase to embed file name.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/netsurf-message-timestamp.patch: New patch.
* gnu/packages/patches/netsurf-system-utf8proc.patch: Adjust to new source.
* gnu/packages/web.scm (netsurf): Upgrade to 3.8.
[source]: Add the new patch.
* gnu/packages/compression.scm (snappy)[source]: Build with ‘-O2’.
* gnu/package/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/dropbear-CVE-2018-15599.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (dropbear)[source]: Use it.
* gnu/packages/patches/grub-check-error-efibootmgr.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/bootloaders.scm (grub)[source](patches): New field.
* gnu/packages/patches/openssh-CVE-2018-15473.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ssh.scm (openssh)[source]: Use it.
Fixes <https://bugs.gnu.org/32397>.
Reported by fis trivial <ybbs.daans@hotmail.com>.
* gnu/packages/patches/gcc-4.8-libsanitizer-fix.patch: New file.
* gnu/packages/gcc.scm (gcc-4.8)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
It seems a recent version of sqlite broke Clementine's first startup. It turns
out we can patch clementine to fix the problem instead of providing a different
sqlite package:
<https://github.com/clementine-player/Clementine/pull/5669>
* gnu/packages/databases.scm (sqlite-with-fts3): Remove.
* gnu/packages/music.scm (clementine)[inputs]: Replace sqlite-with-fts3 with
sqlite.
[source]: Add clementine-fix-sqlite.patch.
* gnu/packages/patches/clementine-fix-sqlite.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Leo Famulari <leo@famulari.name>
Also includes a fix for CVE-2018-0732, and a different approach to
fixing CVE-2018-0495.
* gnu/packages/tls.scm (openssl-next): Update to 1.1.0i.
[sources]: Remove CVE patches.
* gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch: Delete...
* gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: ...both files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/patches/wpa-supplicant-CVE-2018-14526.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Use it.
* gnu/packages/patches/lxc-CVE-2018-6556.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (lxc)[source]: Use it.
* gnu/packages/patches/mariadb-client-test-32bit.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/databases.scm (mariadb)[source](patches): Add it.
[arguments]: Increase retry count and test timeout. Disable test
main.myisampack.
Fixes a regression introduced in a3ed69b694
where dmeventd.static fails to link against libm and breaks "lvm2-static".
* gnu/packages/patches/lvm2-static-link.patch: Patch make.tmpl.in.