This is a follow-up to ad8254c23a, which
unexpectedly caused a test failure in the Python test suite.
* gnu/packages/patches/openssl-1.1.1e-revert-detect-eof.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/tls.scm (openssl)[source](patches): Add it.
Fixes <https://bugs.gnu.org/24076>.
Reported by Danny Milosavljevic <dannym@scratchpost.org>.
* gnu/packages/patches/gnupg-default-pinentry.patch: New file.
* gnu/packages/gnupg.scm (gnupg)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (net-tools)[supported-systems]: Remove the Hurd.
* gnu/packages/patches/inetutils-hurd.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/admin.scm (inetutils): Use it. Disable some features on the
Hurd.
[native-inputs]: Include net-tools only on supported systems
* gnu/packages/linux.scm (kmod)[supported-systems]: Remove the Hurd.
* gnu/packages/patches/pciutils-hurd-configure.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pciutils.scm (pciutils): Use it.
[inputs]: Include kmod only for supported systems.
* gnu/packages/patches/fontconfig-hurd-path-max.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/fontutils.scm (fontconfig): Use it.
* gnu/packages/patches/icu4c-CVE-2020-10531.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/icu4c.scm (icu4c)[replacement]: New field.
(icu4c/fixed): New variable.
* gnu/packages/make-bootstrap.scm (gcc-static): Use gcc-5. This fixes
building libstdc++-boot0 with a newly built %bootstrap-gcc.
(%gcc-stripped): Likewise.
(gcc-for-bootstrap): Likewise.
* gnu/packages/patches/gcc-5-hurd.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gcc.scm (gcc-5): Use it.
As discussed on IRC, keeping bootstrap Guile on 2.0 simplifies adding new
architectures and removes the need for parameterizing
gnu/packages/bootstrap.scm.
This reverts commit 2acfe022a7.
* gnu/packages/make-bootstrap.scm (%guile-static): Revert to guile-2.0. Retain
build recipe.
* gnu/packages/patches/guile-relocatable.patch: Update for Guile 2.0.14.
* gnu/packages/patches/glibc-hurd-signal-sa-siginfo.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc): Use it.
This follows up commit 2e9c43aa9a, which was
incomplete. Fixes <https://bugs.gnu.org/39358>.
* gnu/packages/patches/ghc-testsuite-dlopen-pie.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly. Also use tabs instead
of spaces on surrounding patches.
* gnu/packages/haskell.scm (ghc-8.6)[native-inputs]: Add patch for
"ghc-testsuite".
[arguments]: Remove incomplete workaround for the same issue.
Add a "lib" output to cross-gcc. This requires an upstream GCC patch adding
support for --with-toolexeclibdir configure option. This option allows to
install cross-built GCC libraries in a specific location.
This also fixes the computation of TOOLDIR_BASE_PREFIX, that fails when
/gnu/store/... directories are involved.
* gnu/packages/patches/gcc-7-cross-toolexeclibdir.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/cross-base.scm (cross-gcc)[source]: Apply it,
[outputs]: add a "lib" output,
(cross-gcc-snippet): fix TOOLDIR_BASE_PREFIX.
* gnu/packages/crypto.scm (hash-extender): New variable.
* gnu/packages/patches/hash-extender-test-suite.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register the new file.
* gnu/packages/patches/ffmpeg-prefer-dav1d.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/video.scm (ffmpeg)[source]: Use it.
* gnu/packages/games.scm (foobillard++): New variable.
* gnu/packages/patches/foobillard++-pkg-config.patch: New file.
* gnu/local.mk: Reference new file.
* gnu/packages/kde-pim.scm (kdepim-runtime): New variable.
* gnu/packages/patches/kdepim-runtime-Fix-missing-link-libraries.patch:
New file.
* gnu/local.mk: Add it.
* gnu/packages/kde-pim.scm (libksieve): New variable.
* gnu/packages/patches/libksieve-Fix-missing-link-libraries.patch:
New file.
* gnu/local.mk: Add it.
This patch became obsolete when the update to 9.3.0 was merged (commit 3dade1d59e).
* gnu/packages/patches/gcc-9-libsanitizer-mode-size.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/gcc.scm (gcc-9)[source](patches): Remove it.
* gnu/packages/fribidi.scm (bidiv): New variable.
* gnu/packages/patches/bidiv-update-fribidi.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/fifengine-swig-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/games.scm (fifengine)[source](patches): New field.
[arguments]: Remove hard coded Python version from #:configure-flags.
* gnu/packages/algebra.scm (eigen): Update to 3.3.7.
[source]: Add a patch to fix a test failure.
* gnu/packages/patches/eigen-stabilise-sparseqr-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/bluez-CVE-2020-0556.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (bluez)[replacement]: New field.
(bluez/fixed): New variable.
* gnu/packages/guile.scm (guile-3.0): Update to 3.0.1 with
"guile-3.0-crash.patch".
* gnu/packages/patches/guile-3.0-crash.patch: New file.
* gnu/local.mk (dist_patch_DATA): Use it.
Fix coreutils cross-compilation for aarch64 that was broken by 8.32
update. The following error occured:
src/ls.c: In function 'print_dir':
src/ls.c:3026:24: error: 'SYS_getdents' undeclared (first use in this function); did you mean 'SYS_getdents64'?
if (syscall (SYS_getdents, dirfd (dirp), NULL, 0) == -1
^~~~~~~~~~~~
SYS_getdents64
* gnu/packages/patches/coreutils-ls.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (coreutils): Apply it.
* gnu/packages/patches/qemu-CVE-2020-8608.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (qemu)[source]: Use it.
* gnu/packages/guile.scm (guile-2.2.7): New variable.
(guile-2.2/bug-fix): Redefine as a deprecated alias for GUILE-2.2.7.
* gnu/packages/admin.scm (shepherd)[native-inputs, inputs]: Use GUILE-2.2.7.
* gnu/packages/patches/guile-finalization-crash.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/maths.scm (suitesparse): Update to 5.7.1.
[source]: The latest releases of SuiteSparse have only been published on GitHub.
Fetch from git tag as GitHub releases page only contains autogenerated tarballs
that guix lint complains about. Apply new patch for Mongoose's CMakeList.txt to
find SuiteSparse_config.
[arguments]: Add CMake flags used by new components GraphBLAS and Mongoose.
[native-inputs]: Add CMake and m4 needed to build GraphBLAS and Mongoose.
* gnu/packages/patches/suitesparse-mongoose-cmake.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Leo Famulari <leo@famulari.name>
* gnu/packages/compression.scm (zziplib)[replacement]: New field.
(zziplib/fixed): New private variable.
* gnu/packages/patches/zziplib-CVE-2018-16548.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/qtbase-QTBUG-81715.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/qt.scm (qtbase-patched): New public variable.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/packages/emulation.scm (desmume): add patches
* gnu/packages/patches/desmume-gcc6-fixes.patch: new file
* gnu/packages/patches/desmume-gcc7-fixes.patch: new file
* gnu/local.mk (dist_patch_DATA): register the above
Note: desmume-gcc6-fixes.patch contains some CRLF line endings.
Signed-off-by: Jakub Kądziołka <kuba@kadziolka.net>
* gnu/packages/patches/datefudge-gettimeofday.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/time.scm (datefudge)[source] Use it.
* gnu/packages/aidc.scm (qrcodegen-cpp): New variable.
* gnu/packages/patches/qrcodegen-cpp-make-install.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
This patch was added in eb5f3ea100 and no longer
necessary since the update to 2.26.3 in f32ca55778.
* gnu/packages/patches/webkitgtk-icu-65.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/webkit.scm (webkitgtk)[source](patches): Remove.
* gnu/packages/patches/qemu-CVE-2020-1711.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (qemu)[source]: Use it.
* gnu/packages/kde-internet.scm (konversation): New variable.
* gnu/packages/patches/konversation-Fix-build-with-Qt-5.11.patch: New file.
* gnu/lokal.mk: Add it.
* gnu/packages/sdl.scm (sdl-pango): New variable.
* gnu/packages/patches/sdl-pango-api_additions.patch: New file.
* gnu/packages/patches/sdl-pango-blit_overflow.patch: New file.
* gnu/packages/patches/sdl-pango-fillrect_crash.patch: New file.
* gnu/packages/patches/sdl-pango-fix-explicit-SDLPango_CopyFTBitmapToSurface.patch:
New file.
* gnu/packages/patches/sdl-pango-matrix_declarations.patch: New file.
* gnu/packages/patches/sdl-pango-sans-serif.patch: New file.
* gnu/local.mk (sdl-pango): Reference patches.
add
It's still unclear (to me) whether our opensmtpd package is affected,
but this change has been delayed for long enough in any case.
* gnu/packages/mail.scm (opensmtpd-next): Rename to…
(opensmtpd): …this.
* gnu/packages/patches/opensmtpd-fix-crash.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/virtualization.scm (qemu): Update to 4.2.0.
[source]: Use new patch.
* gnu/packages/patches/qemu-fix-documentation-build-failure.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mes.scm (mes): Update to 0.22. Remove store name patch. Add
MES_PREFIX to native-search-paths.
* gnu/packages/patches/mes-remove-store-name.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/mes.scm (mes-rb5): Depend on gzip instead of xz; this enables
unpacking the now unpatched mes source. Update to check bin/mes-mescc-0.21.
* gnu/packages/games.scm (gzdoom): Update to 4.3.2.
[source]: Use GIT-FETCH and GIT-FILE-NAME. Apply system libgme patch.
Update snippet.
[arguments]: Allow system libgme. Update substitution file names.
[inputs]: Use fluidsynth@2.
* gnu/packages/patches/gzdoom-find-system-libgme.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/usb-modeswitch.scm (usb-modeswitch): Update to 2.6.0.
[source]: Remove snippet that deletes jimtcl, which is no longer bundled.
Remove patch. Use HTTPS.
[arguments]: Adapt to changed file names.
[home-page] Use HTTPS.
[license]: Fix missing BSD-2 license.
* gnu/packages/patches/usb-modeswitch-accept-config-arg.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/games.scm (xmoto): New variable.
* gnu/packages/patches/xmoto-remove-glext.patch: New file.
* gnu/packages/patches/xmoto-reproducible.patch: New file.
* gnu/packages/patches/xmoto-utf8.patch: New file.
* gnu/local.mk (dist_patch_DATA): Reference new files.
* gnu/packages/patches/curl-use-ssl-cert-env.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/curl.scm (curl)[source]: Use the patch.
[native-search-paths]: Add the new variables.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/packages/patches/pango-skip-libthai-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/gtk.scm (pango): Update to 1.44.7.
[source](patches): New field.
[build-system]: Switch to MESON-BUILD-SYSTEM.
[arguments]: Disable tests that require the Cantarell font.
[inputs]: Move LIBXFT ...
[propagated-inputs]: ... here.
(pango-1.42): New public variable.
* gnu/packages/gnome.scm (librsvg)[inputs]: Change from PANGO to PANGO-1.42.
* gnu/packages/bootloaders (u-boot): Update to 2020.01.
[source]: Remove patch u-boot-fix-mkimage-header-verification.
[native-inputs]: Update to use python 3 and add perl.
(u-boot-tools)[configure]: Use tools-only_defconfig.
[arguments]: Update phase updating python-coverage to work with python 3.
Drop obsolete substitution for test_ofplatdata.
Disable code coverage tests and binman tests.
* gnu/packages/patches/u-boot-fix-mkimage-header-verification.patch: Remove file.
* gnu/local.mk [dist_patch_DATA]: Update accordingly.
* gnu/packages/patches/vigra-python-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/image.scm (vigra)[source](patches): New field.
[inputs]: Change PYTHON-2 and PYTHON2-NUMPY to PYTHON and PYTHON-NUMPY.
[native-inputs]: Change from PYTHON2-NOSE to PYTHON.
[arguments]: Adjust #:configure-flags accordingly.
This also removes test-specific code to ease the Python 3 transition, and
because it is mostly obsolete.
* gnu/packages/patches/ceph-detect-rocksdb.patch,
gnu/packages/patches/ceph-skip-unittest_blockdev.patch,
gnu/packages/patches/ceph-skip-collect-sys-info-test.patch: Delete files.
* gnu/packages/patches/ceph-boost-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/storage.scm (ceph): Update to 14.2.5.
[source](patches): Adjust as above.
[source](snippet): Remove bundled "fmt", "c-ares" and "googletest".
[arguments]: Add "-DCMAKE_INSTALL_DATADIR" and "-DWITH_RADOSGW_AMQP_ENDPOINT"
and "-DWITH_TESTS" in #:configure-flags; remove "-DWITH_XIO". Remove obsolete
substitutions. Don't install 'ceph-disk' and 'ceph-detect-init', which no
longer exists. Remove test-specific substitutions and phases. Adjust for
Python 2->3 in inputs.
[native-inputs]: Remove INETUTILS, JQ, PERL, XMLSTARLET, PYTHON2-CRAM,
PYTHON2-VIRTUALENV, PYTHON2-CONFIGOBJ, PYTHON2-COVERAGE, PYTHON2-DISCOVER,
PYTHON2-FLAKE8, PYTHON2-MOCK, PYTHON2-NOSE, PYTHON2-PIP, PYTHON2-PYTEST,
PYTHON2-SUBUNIT PYTHON2-TESTREPOSITORY, PYTHON2-TESTTOOLS, and PYTHON2-TOX.
[inputs]: Change from BOOST to BOOST-WITH-PYTHON3. Remove GPTFDISK, PARTED,
PYTHON-2, PYTHON2-SIX, PYTHON2-PRETTYTABLE, and PYTHON-3. Add PYTHON-SIX,
PYTHON-PRETTYTABLE, PYTHON-WRAPPER, LIBCAP-NG, LIBNL, NCURSES, and RDMA-CORE.
* gnu/local.mk (libtgvoip): Add patches for libtgvoip-disable-sse2.patch
and libtgvoip-disable-webrtc.patch
* gnu/packages/patches/libtgvoip-disable-sse2.patch: New file.
* gnu/packages/patches/libtgvoip-disable-webrtc.patch: New file.
* gnu/packages/telephony.scm (libtgvoip): Fix building on i686-linux.
[source]: Reference patches for correcting failing build on i686-linux
architecture.
Reported-by: Diego Nicola Barbato <dnbarbato@posteo.de>
Fixes <bugs.gnu.org/38944>.
* gnu/local.mk (GNU_SYSTEM_MODULES): Replace gprolog.scm => prolog.scm.
* gnu/packages/{gprolog.scm -> prolog.scm}: Rename file so it is not
implementation specific.
`guix lint` reports two CVEs, both are unrelated:
- CVE-2018-5200: for vendor "pandora" and some 4.2.2.x version
- CVE-2019-9133: windows only (I assume it it alsow relates to the "pandora"
vendor, since the version the CVE refers to as "solving the issue" does not
exist at KDE.)
* gnu/packages/kde-multimedia.scm (kmplayer): New variable.
* gnu/packages/patches/kmplayer-aarch64.patch,
gnu/packages/patches/kmplayer-upstream_Fix-build-with-Qt-5.9.patch: New
files.
* gnu/local.mk: Add them.
Patches should fix all CVEs reported by `guix lint`:
CVE-2015-7747; CVE-2017-6827, CVE-2017-6828, CVE-2017-6829,
CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833,
CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837,
CVE-2017-6838, CVE-2017-6839; CVE-2018-13440; CVE-2018-17095
Since the patches do not reference to CVEs, it's a bit hard to tell which
patch actually closes which CVE. Debian reports all these to be closed by
the patches below and NixPkgs provides references.
* gnu/packages/audio.scm (audiofile): New variable.
* gnu/packages/patches/audiofile-fix-datatypes-in-tests.patch,
gnu/packages/patches/audiofile-fix-sign-conversion.patch,
gnu/packages/patches/audiofile-CVE-2015-7747.patch,
gnu/packages/patches/audiofile-CVE-2018-13440.patch,
gnu/packages/patches/audiofile-CVE-2018-17095.patch,
gnu/packages/patches/audiofile-Check-the-number-of-coefficients.patch,
gnu/packages/patches/audiofile-Fail-on-error-in-parseFormat.patch,
gnu/packages/patches/audiofile-Fix-index-overflow-in-IMA.cpp.patch,
gnu/packages/patches/audiofile-Fix-multiply-overflow-sfconvert.patch,
gnu/packages/patches/audiofile-Fix-overflow-in-MSADPCM-decodeSam.patch,
gnu/packages/patches/audiofile-division-by-zero-BlockCodec-runPull.patch,
gnu/packages/patches/audiofile-hurd.patch,
gnu/packages/patches/audiofile-signature-of-multiplyCheckOverflow.patch:
New files.
* gnu/local.mk: Add them.
* gnu/packages/patches/libgeotiff-adapt-test-script-for-proj-6.2.patch:
New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/geo.scm (libgeotiff): Update to 1.5.1.
[inputs]: Replace proj.4 with proj.
[sources]: Add libgeotiff-adapt-test-script-for-proj-6.2.patch
to patches.
* gnu/packages/embedded.scm (gcc-arm-none-eabi-7-2018-q2-update): New
variable.
* gnu/packages/patches/gcc-7-cross-environment-variables.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Add `emacs-next' for building latest Emacs from git.
* gnu/packages/emacs.scm (emacs-next): New variable.
(emacs): make the autoload deletion snippet not fail when eshell/esh-groups.el
does not exist. This enables reuse of the entire snippet field of `emacs' for
`emacs-next'.
* gnu/packages/patches/emacs27-exec-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the above patch file to it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
The merge preceding this commit ignored the 'replacement' added to nss in
commit 04b33ce205, because the security fix is
already present in NSS 3.48. This commit removes the remaining bits.
* gnu/packages/patches/nss-CVE-2019-11745.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/nss.scm (nss/fixed): Remove variable.
* gnu/packages/patches/guile-finalization-crash.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/guile.scm (guile-2.2/bug-fix): New variable.
* gnu/packages/patches/websocket-fix-for-boost-1.70.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/web.scm (websocketpp): Use it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/mes-remove-store-name.patch: New file, from upstream.
* gnu/packages/mes.scm (mes): Use it. Add `www.' to homepage.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/compression.scm (ncompress): New variable.
* gnu/packages/patches/compress-fix-softlinks.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/glibc-CVE-2019-19126.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/base.scm (glibc): Update to 2.30.
[source](patches): Adjust for 2.30.
(glibc-2.29): New public variable.
* gnu/local.mk: Include lisp-xyz.scm.
* gnu/packages/lisp-xyz.scm: New file.
* gnu/packages/lisp.scm: Move all lisp libraries to lisp-xyz.scm, uglify-js to
javascript.scm and stumpwm to wm.scm.
* gnu/packages/javascript.scm: Add uglify-js.
* gnu/packages/wm.scm: Add stumpwm.
* gnu/packages/bioinformatics.scm: Find uglify-js in javascript.scm.
* gnu/packages/machine-learning.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* gnu/packages/web.scm: Find uglify-js in javascript.scm.
* gnu/packages/web-browsers.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* guix/build-system/minify.scm (default-uglify-js): Find uglify-js in
javascript module instead of lisp.
* gnu/local.mk: Include lisp-xyz.scm.
* gnu/packages/lisp-xyz.scm: New file.
* gnu/packages/lisp.scm: Move all lisp libraries to lisp-xyz.scm, uglify-js to
javascript.scm and stumpwm to wm.scm.
* gnu/packages/javascript.scm: Add uglify-js.
* gnu/packages/wm.scm: Add stumpwm.
* gnu/packages/bioinformatics.scm: Find uglify-js in javascript.scm.
* gnu/packages/machine-learning.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* gnu/packages/web.scm: Find uglify-js in javascript.scm.
* gnu/packages/web-browsers.scm: Depend on lisp-xyz.scm instead of lisp.scm.
* guix/build-system/minify.scm (default-uglify-js): Find uglify-js in
javascript module instead of lisp.
Includes fixes for CVE-2019-11745, CVE-2019-17005, CVE-2019-17008,
CVE-2019-17009, CVE-2019-17010, CVE-2019-17011, and CVE-2019-17012.
* gnu/packages/patches/icecat-gnuzilla-fixes.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update hash for the firefox source tarball. Update to the
latest from gnuzilla.git. Don't apply icecat-gnuzilla-fixes.patch. Remove
determinism fix in makeicecat that is now upstream. Tweak a status message.
(icecat)[arguments]: Add "--with-unsigned-addon-scopes=app" configure flag.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt.
* gnu/packages/patches/handbrake-opt-in-nvenc.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/video.scm (handbrake)[source]: Upgrade to 1.3.0. Remove
patch.
[native-inputs]: Remove cmake and curl.
[inputs]: Add dav1d and numactl.
[arguments]: Add "--disable-nvenc" to configure flags in place of patch.
Adjust "bootstrap" phase in response to upstream changes.
Add "patch-SHELL" and "relax-reqs" phases.