* gnu/packages/patches/libvirt-CVE-2017-1000256.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (libvirt)[source]: Use it.
* gnu/packages/python.scm (python-unittest2): Update to 1.1.0.
[source]: Use PYPI-URI. Add two patches.
[arguments]: Add phase to run tests.
[propagated-inputs]: Add PYTHON-SIX and PYTHON-TRACEBACK2.
(python2-unittest2): Use 'package-with-python2'.
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: Rename to ...
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: ... this.
* gnu/packages/patches/python-unittest2-python3-compat.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/patches/mupdf-CVE-2017-15587.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (mupdf)[source](patches): Use it.
Fixes CVE-2017-{13078,13079,13080,13081,13082,13087,13088}.
See these announcements for more information:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txthttps://www.krackattacks.com/
* gnu/packages/patches/wpa-supplicant-CVE-2017-13082.patch,
gnu/packages/patches/wpa-supplicant-fix-key-reuse.patch,
gnu/packages/patches/wpa-supplicant-fix-nonce-reuse.patch
gnu/packages/patches/wpa-supplicant-fix-zeroed-keys.patch,
gnu/packages/patches/wpa-supplicant-krack-followups.patch: New files.
* gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Use them.
* gnu/local.mk (dist_patch_DATA): Add them.
See <https://bugzilla.gnome.org/show_bug.cgi?id=776504> for the license change.
* gnu/packages/patches/glib-respect-datadir.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/glib.scm (glib): Update to 2.54.1.
[source](patches): Add 'glib-respect-datadir.patch'.
[arguments]<#:phases>: Re-enable timezone test.
[license]: Change to LGPL2.1+.
While at it, remove leftover patches since libxml2/fixed went missing
without conflict in c01ef97594.
* gnu/packages/patches/libxml2-CVE-2017-0663.patch,
gnu/packages/patches/libxml2-CVE-2017-7375.patch,
gnu/packages/patches/libxml2-CVE-2017-7376.patch,
gnu/packages/patches/libxml2-CVE-2017-9047+CVE-2017-9048.patch,
gnu/packages/patches/libxml2-CVE-2017-9049+CVE-2017-9050.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/xml.scm (libxml2): Update to 2.9.6.
* gnu/packages/python.scm (python2-unittest2): Update to 1.1.0.
* gnu/packages/patches/python2-unittest2-remove-argparse.patch: New file.
* gnu/local.mk: Add it.
Fixes bug #24069. perl is made a native input to all of the gcc-* packages
except for gcc-boot0; perl-boot0 is made a native input to gcc-final.
* gnu/packages/patches/gcc-fix-texi2pod.patch: Add patch file to fix texi2pod.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gcc.scm (gcc-4.7, gcc-4.8, gcc-4.9, gcc-5): Use it.
(gcc-4.7)[native-inputs]: Add perl.
(gcc-4.9)[native-inputs]: Likewise.
* gnu/packages/commencement.scm (gcc-boot0)[native-inputs]: Remove perl.
(gcc-final)[native-inputs]: Add perl-boot0.
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
The GPG signature for the bz2 tarball is bad, but the checksum matches the
signed release announcement, and contents are identical to the good .gz.
* gnu/packages/xorg.scm (xorg-server): Update to 1.19.4.
[source]: Remove obsolete patches.
* gnu/packages/patches/xorg-server-CVE-2017-10971.patch,
gnu/packages/patches/xorg-server-CVE-2017-10972.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/ocaml.scm (ocaml-graph): New variable.
* gnu/packages/patches/ocaml-graph-honor-source-date-epoch.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/fontutils.scm (fontforge): Update to 20170731.
[source]: Remove patch, remove snippet.
[arguments]: Enable tests. Remove phase to build showttf.
[inputs]: Use python-wrapper instead of python.
[home-page]: Update to new home page.
* gnu/packages/patches/fontforge-svg-modtime.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This is a follow-up to commit 164fccea7e.
* gnu/packages/patches/bluez-CVE-2017-1000250.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/python-acme-dont-use-openssl-rand.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/tls.scm (python-acme)[source]: Use it.
* gnu/packages/markdown.scm (perl-text-markdown-discount): New variable.
* gnu/packages/patches/perl-text-markdown-discount-use-system-markdown.patch:
New file.
* gnu/packages/patches/bluez-CVE-2017-1000250.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (bluez)[replacement]: New field.
(bluez/fixed): New variable.
* gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch:
New file.
* gnu/packages/emacs.scm (emacs)[source](patches): Add it.
* gnu/local.mk (dist_patch_DATA): Add it.
This is a followup to commit d02aabaf1b.
* gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
* gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/backup.scm (libarchive)[replacement]: New field.
(libarchive-3.3.2): New variable.
* gnu/packages/patches/libarchive-CVE-2017-14166.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/file.scm (file)[replacement]: New field.
(file/fixed): New variable.
* gnu/packages/commencement.scm (file-boot0): Use package/inherit.
* gnu/packages/patches/file-CVE-2017-1000249.patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/metabat-remove-compilation-date.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/bioinformatics.scm (metabat): Update to 2.12.1.
[source]: Remove it. Use url-fetch.
* gnu/packages/patches/python2-larch-coverage-4.0a6-compatibility.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python2-larch)[source]: Use it.
[arguments]: Move 'check' phase to before 'build' phase.
* gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ruby.scm (ruby-2.2.7)[source]: Use it.
* gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ruby.scm (ruby-2.3.4)[source]: Use it.
* gnu/packages/patches/libzip-CVE-2017-12858.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/compression.scm (libzip)[source]: Use it.
* gnu/packages/patches/newsbeuter-CVE-2017-12904.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/syndication.scm (newsbeuter)[source]: Use it.
* gnu/packages/python.scm (python-pygit2): Update to 0.26.0.
* gnu/packages/patches/python-pygit2-disable-network-tests.patch: Skip one
more test. Use unittest.skipIf instead of deleting sections.
* gnu/packages/patches/bcftools-regidx-unsigned-char.patch: New file.
* gnu/packages/bioinformatics.scm (bcftools)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/linux.scm (e2fsprogs): Update to 1.43.5.
[source]: Use patch.
* gnu/packages/patches/cvs-2017-12836.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/version-control.scm (cvs)[source]: Use it.
* gnu/packages/patches/curl-bounds-check.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/curl.scm (curl-7.55.0)[source]: Use it.
* gnu/packages/patches/catdoc-CVE-2017-11110.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/textutils.scm (catdoc)[source]: Use it.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
In addition to the patches we already had (which are not mentioned in the
ChangeLog, but verified by following their respective GitHub issues) this
release also fixes CVE-2016-9112, CVE-2016-5139, CVE-2016-5152, CVE-2016-5158,
CVE-2016-5159, CVE-2016-1626 and CVE-2016-1628.
See <https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md> for details.
* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch,
gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg): Update to 2.2.0.
[source](patches): Remove.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Add phase to patch
hard-coded openjpeg-2.1 path.
Based on commit 01a61d7040
by Leo Famulari <leo@famulari.name>.
* gnu/packages/patches/libtasn1-CVE-2017-10790.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (libtasn1)[replacement]: New field.
(libtasn1/fixed): New variable.
* gnu/packages/patches/libtasn1-CVE-2017-10790.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/tls.scm (libtasn1/fixed)[source]: Use it.
* gnu/packages/patches/erlang-man-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/erlang.scm (erlang)[source]: Use it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This release includes minor code changes and many certificate updates:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.32_release_notes>
* gnu/packages/certs.scm (nss-certs): Update to 3.32.
* gnu/packages/gnuzilla.scm (nss): Update to 3.32.
[arguments]: Prevent another test file from being installed.
* gnu/packages/patches/nss-pkgconfig.patch: Adjust.
* gnu/packages/patches/perl-dbd-mysql-CVE-2017-10788.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/databases.scm (perl-dbd-mysql)[source]: Use it.
* gnu/packages/patches/guile-bytestructures-name-clash.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/guile.scm (guile-bytestructures)[source]: Use it.
[arguments]: Unpack the source.
[native-inputs]: New field.
(guile2.0-bytestructures): New variable.
Reported by Leo Famulari.
* gnu/packages/patches/metabat-fix-boost-issue.patch: New file.
* gnu/packages/bioinformatics.scm (metabat): Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/bioinformatics.scm (bcftools): Update to 1.4.1.
[arguments]: Move Makefile modifications from here ...
[source]: ... to added patch. Adjust patch for update to 1.4.
* gnu/packages/patches/bcftools-fix-makefile.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/patches/quassel-fix-tls-check.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/irc.scm (quassel)[source]: Use it.
Signed-off-by: Leo Famulari <leo@famulari.name>
This is a followup to c799eb2eb8.
* gnu/packages/patches/python-fake-factory-fix-build-32bit.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/libusb.scm (libusb-0.1): New variable.
* gnu/packages/patches/libusb-0.1-disable-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/packages/make-bootstrap.scm (%guile-static): Replace GUILE-2.0
with GUILE-2.2. Use "guile-2.2-default-utf8.patch" instead of
"guile-default-utf8.patch".
* gnu/packages/patches/guile-2.2-default-utf8.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/qemu-CVE-2017-11334.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/virtualization.scm (qemu)[source]: Use it.
* gnu/packages/patches/chicken-CVE-2017-11343.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/scheme.scm (chicken)[source]: Use it.
* gnu/packages/patches/sooperlooper-build-with-wx-30.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/music.scm (sooperlooper): New variable.
* gnu/packages/patches/evince-CVE-2017-1000083.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (evince)[source]: Use it.
* gnu/packages/patches/spice-CVE-2017-7506.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/spice.scm (spice)[source]: Use it.
* gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ncurses.scm (ncurses)[replacement]: New field.
(ncurses/fixed): New variable.
* gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch: New
file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler/fixed)[source]: Add the patch.
* gnu/packages/patches/ghostscript-no-header-creationdate.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ghostscript.scm (ghostscript): Use it.
* gnu/packages/patches/ghostscript-no-header-uuid.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ghostscript.scm (ghostscript): Use it.
* gnu/packages/patches/ghostscript-no-header-id.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it
* gnu/packages/ghostscript.scm (ghostscript): Use it.
Fixes <https://bugs.gnu.org/27593>.
* gnu/packages/patches/groff-source-date-epoch.patch: New file.
* gnu/local.mk: Add it.
* gnu/packages/groff.scm (groff)[source]: Add it.
* gnu/packages/patches/dblatex-remove-multirow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/docbook.scm (dblatex)[source]: Use patch.
[inputs]: Replace "texlive" with a texlive-union.
This is a followup to commit 95bbaa02aa.
See <https://bugs.gnu.org/27621> for more information.
Poppler 0.56.0's ABI is not compatible with Poppler 0.52.0, so it's not
possible to graft the newer version in place of the older one.
This change leaves CVE-2017-9775 unfixed for now.
* gnu/packages/patches/poppler-CVE-2017-9776.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler-0.56.0): Replace with ...
(poppler/fixed): ... new variable.
(poppler)[replacement]: Replaced with poppler/fixed.
* gnu/packages/patches/python-pyopenssl-17.1.0-test-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-pyopenssl)[source]: Use it.
* gnu/packages/python.scm (python-pyopenssl, python2-pyopenssl): Update to 17.1.0.
[source]: Remove patch.
[native-inputs]: Add PYTHON-PRETEND.
[arguments]<#:phases>: Disable the network test here instead of via a patch.
Also disable one new test.
* gnu/packages/patches/python-pyopenssl-skip-network-test.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Fixes <https://bugs.gnu.org/27551>.
Reported by Leo Famulari <leo@famulari.name>.
This reinstates the following commits:
e3ddb1e83 * gnu: guile-cairo: Switch to Guile 2.2.
ae5c6ef39 * gnu: guile-gnome: Update to 2.16.5.
0fd8013fc * gnu: guile-rsvg: Update to commit 05c6a2fd.
66b9183c4 * gnu: guile-lib: Switch to Guile 2.2.
and adds the following changes:
* gnu/bootloader/grub.scm (svg->png): Add 'package->derivation' call for
GUILE-2.2. Pass #:guile-for-build to 'gexp->derivation'.
* gnu/build/svg.scm (svg->png): Add 'em' and 'ex' to the 'let-values'
form to account for all the values returned by
'rsvg-handle-get-dimensions', which Guile 2.2 does not truncate.
* gnu/packages/gtk.scm (guile-rsvg): Update to commit 05c6a2fd.
[source](url): Change to gitlab.com.
(snippet): Use @GUILE_EFFECTIVE_VERSION@ instead of "2.0".
* gnu/packages/patches/guile-rsvg-pkgconfig.patch: Use
"$GUILE_EFFECTIVE_VERSION" instead of "2.0".
* gnu/packages/patches/shishi-fix-libgcrypt-detection.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/kerberos.scm (shishi)[source]: Use it.
[inputs]: Use libgcrypt instead of libgcrypt-1.5.
[arguments]: Set 'ac_cv_libgcrypt=yes' in #:configure-flags.
* gnu/packages/gnupg.scm (libgcrypt-1.5): Remove variable.
* gnu/packages/patches/intltool-perl-compatibility.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/glib.scm (intltool)[source]: Use it.
See <http://lists.gnu.org/archive/html/bug-guix/2017-05/msg00015.html> for the
rationale.
* gnu/packages/patches/ansible-wrap-program-hack.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/admin.scm (ansible)[source]: Use it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/networking.scm (quagga): New variable.
* gnu/packages/patches/quagga-reproducible-build.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
This is followup to 665d6a5916.
Fixes <https://bugs.gnu.org/27489>.
* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24, glibc-2.23)
(glibc-2.22): Add glibc-vectorized-strcspn-guards.patch to patches.
Move a comment where it belongs.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch: Swap with ...
* gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: ... this.
* gnu/packages/patches/glibc-vectorized-strcspn-guards.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it. Fix formatting.
* gnu/packages/patches/exim-CVE-2017-1000369.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (exim)[source]: Use it.
This commit applies the patch to the libtiff package, not the grafting
replacement.
* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff)[source]: Use it.
Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.
* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
* gnu/packages/embedded.scm (propeller-gcc-4): New variable.
* gnu/packages/patches/gcc-4.6-gnu-inline.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/osip-CVE-2017-7853.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/telephony.scm (osip)[source]: Use it.
Partly fixes <https://bugs.gnu.org/26976>.
* gnu/packages/patches/guile-ssh-channel-finalization.patch: New file.
* gnu/packages/ssh.scm (guile-ssh)[source](patches): Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/libmwaw-CVE-2017-9433.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libreoffice.scm (libmwaw)[source]: Use it.
This update addresses the following security advisories:
GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.
See <https://gnutls.org/security.html> and <https://gnutls.org/news.html>.
* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register patches.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls-3.5.13): New variable.
(gnutls/guile-2.2)[replacement]: New field. Set #f.
[source]: Inherit from GNUTLS-3.5.13.
* gnu/packages/patches/gcc-asan-powerpc-missing-include.patch: New file.
* gnu/packages/gcc.scm (gcc-5)[source](patches): Add it.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/perl.scm (perl)[replacement]: New field.
(perl/fixed): New variable.
* gnu/packages/patches/perl-file-path-CVE-2017-6512.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/graphics.scm (openscenegraph): New variable.
* gnu/packages/patches/openscenegraph-ffmpeg3.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
This commit reverts 'patch' hack introduced in
a48a1071a6 and fixes bug in the Clar test
framework.
Patch is proposed to Clar upstream as
<https://github.com/vmg/clar/pull/78>.
* gnu/local.mk: Add libgit2-0.25.1-mtime-0.patch.
* gnu/packages/patches/libgit2-0.25.1-mtime-0.patch: New file.
* gnu/packages/version-control.scm (libgit2)[arguments]:
Remove 'apply-patch' phase.
[inputs]: Remove "patch".
[source]: Add 'patches' field.
Signed-off-by: Sergei Trofimovich <slyfox@inbox.ru>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/openldap-CVE-2017-9287.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/openldap.scm (openldap)[replacement]: New field.
(openldap/fixed): New variable.
* gnu/packages/image.scm (jasper): Update to 2.0.13.
[source]: Use GitHub URL and set the file-name. Remove
'jasper-CVE-2017-6850.patch'.
* gnu/packages/patches/jasper-CVE-2017-6850.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/patches/rxvt-unicode-escape-sequences.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xdisorg.scm (rxvt-unicode)[source]: Use it.
See 'ChangeLog' in the source distribution for more information about
the bugs and security issues fixed in this release.
* gnu/packages/image.scm (libtiff)[replacement]: Replace with libtiff-4.0.8.
(libtiff/fixed): Replace with ...
(libtiff-4.0.8): New variable.
* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
This is a followup to 6a09628cb1.
(picked from the wrong branch, sorry!)
* gnu/packages/tls.scm (libtasn1)[source]: Remove upstreamed patch.
* gnu/packages/patches/libtasn1-CVE-2017-6891.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.