* [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates
@ 2018-12-11 1:12 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (2 more replies)
0 siblings, 3 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:12 UTC (permalink / raw)
To: 33701
This late series adds around 1000 rebuilds to the current staging
branch. They also bring many of the GNOME family libraries to the
latest upstream versions.
The good:
* Latest Ghostscript, Poppler, Harfbuzz, GnuTLS, and other
security-critical libraries. Some of these have changed
build systems, or ABIs, so future patching is easier.
* Most/all regressions are already fixed.
The bad:
* GCC7 is now in the closure of cURL (via nghttp2).
The ugly:
* 37 files changed, 1225 insertions(+), 996 deletions(-)
* Total rebuild count for staging is around 4700 packages.
WDYT?
Marius Bakke (23):
gnu: cups-filters: Update to 1.21.5.
gnu: libjpeg-turbo: Update to 2.0.1.
gnu: harfbuzz: Update to 2.2.0.
gnu: poppler: Update to 0.72.0.
gnu: D-Bus: Update to 1.12.12.
gnu: glib: Remove obsolete variable.
gnu: glib: Update to 2.56.3.
gnu: pixman: Update to 0.36.0.
gnu: cairo: Update to 1.16.0.
gnu: libqmi: Update to 1.20.2.
gnu: curl: Remove replacement for 7.62.0.
gnu: ghostscript: Update to 9.26.
gnu: icu4c: Update to 63.1.
gnu: tzdata-for-tests: Update to 2018g.
gnu: nghttp2: Update to 1.35.1.
gnu: nettle: Update to 3.4.1.
gnu: cyrus-sasl: Update to 2.1.27.
gnu: jansson: Update to 2.12.
gnu: GnuTLS: Update to 3.6.5.
gnu: libuv: Update to 1.24.0.
gnu: CMake: Update to 3.13.1.
gnu: meson: Update to 0.49.0.
gnu: glib-networking: Update to 2.59.1.
gnu/local.mk | 12 +-
gnu/packages/base.scm | 18 +-
gnu/packages/build-tools.scm | 4 +-
gnu/packages/cmake.scm | 4 +-
gnu/packages/cups.scm | 4 +-
gnu/packages/curl.scm | 18 +-
gnu/packages/cyrus-sasl.scm | 9 +-
gnu/packages/emacs.scm | 10 +-
gnu/packages/freedesktop.scm | 4 +-
gnu/packages/ghostscript.scm | 8 +-
gnu/packages/glib.scm | 11 +-
gnu/packages/gnome.scm | 73 +--
gnu/packages/gtk.scm | 10 +-
gnu/packages/icu4c.scm | 4 +-
gnu/packages/image.scm | 4 +-
gnu/packages/inkscape.scm | 19 +-
gnu/packages/libevent.scm | 4 +-
gnu/packages/libreoffice.scm | 39 +-
gnu/packages/nettle.scm | 4 +-
.../patches/cairo-CVE-2016-9082.patch | 122 -----
.../patches/cairo-setjmp-wrapper.patch | 78 ---
.../patches/cyrus-sasl-CVE-2013-4122.patch | 130 -----
.../patches/ghostscript-CVE-2018-16509.patch | 193 -------
.../patches/ghostscript-bug-699708.patch | 160 ------
.../glib-networking-ssl-cert-file.patch | 29 -
.../patches/gnutls-skip-pkgconfig-test.patch | 24 -
.../patches/inkscape-poppler-compat3.patch | 499 ++++++++++++++++++
.../patches/poppler-CVE-2018-19149.patch | 80 ---
.../texlive-bin-luatex-poppler-compat.patch | 318 +++++++++++
.../texlive-bin-pdftex-poppler-compat.patch | 188 +++++++
.../texlive-bin-xetex-poppler-compat.patch | 31 ++
gnu/packages/pdf.scm | 13 +-
gnu/packages/scribus.scm | 51 +-
gnu/packages/tex.scm | 10 +-
gnu/packages/tls.scm | 17 +-
gnu/packages/web.scm | 15 +-
gnu/packages/xdisorg.scm | 4 +-
37 files changed, 1225 insertions(+), 996 deletions(-)
delete mode 100644 gnu/packages/patches/cairo-CVE-2016-9082.patch
delete mode 100644 gnu/packages/patches/cairo-setjmp-wrapper.patch
delete mode 100644 gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
delete mode 100644 gnu/packages/patches/ghostscript-CVE-2018-16509.patch
delete mode 100644 gnu/packages/patches/ghostscript-bug-699708.patch
delete mode 100644 gnu/packages/patches/glib-networking-ssl-cert-file.patch
delete mode 100644 gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
create mode 100644 gnu/packages/patches/inkscape-poppler-compat3.patch
delete mode 100644 gnu/packages/patches/poppler-CVE-2018-19149.patch
create mode 100644 gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch
create mode 100644 gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch
create mode 100644 gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch
--
2.20.0
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5.
2018-12-11 1:12 [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
@ 2018-12-11 1:13 ` Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 02/23] gnu: libjpeg-turbo: Update to 2.0.1 Marius Bakke
` (21 more replies)
2018-12-11 20:42 ` [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
2018-12-12 1:05 ` Leo Famulari
2 siblings, 22 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:13 UTC (permalink / raw)
To: 33701
* gnu/packages/cups.scm (cups-filters): Update to 1.21.5.
---
gnu/packages/cups.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/cups.scm b/gnu/packages/cups.scm
index acc58a840e..5eb66feed5 100644
--- a/gnu/packages/cups.scm
+++ b/gnu/packages/cups.scm
@@ -53,7 +53,7 @@
(define-public cups-filters
(package
(name "cups-filters")
- (version "1.21.0")
+ (version "1.21.5")
(source(origin
(method url-fetch)
(uri
@@ -61,7 +61,7 @@
"cups-filters-" version ".tar.xz"))
(sha256
(base32
- "0fs90xx9i4h8gbpligf5kkh21llv4kf5g3bgfbx4z272xkm7bsfi"))
+ "0azq9j7kqy18g6vgmvrbw8i4mcqdp3cbgh7q79x1b8p92w4si6rq"))
(modules '((guix build utils)))
(snippet
;; install backends, banners and filters to cups-filters output
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 02/23] gnu: libjpeg-turbo: Update to 2.0.1.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
@ 2018-12-11 1:13 ` Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 03/23] gnu: harfbuzz: Update to 2.2.0 Marius Bakke
` (20 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:13 UTC (permalink / raw)
To: 33701
* gnu/packages/image.scm (libjpeg-turbo): Update to 2.0.1.
---
gnu/packages/image.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 207faede91..92447c23e2 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1297,14 +1297,14 @@ PNG, and performs PNG integrity checks and corrections.")
(define-public libjpeg-turbo
(package
(name "libjpeg-turbo")
- (version "2.0.0")
+ (version "2.0.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/" name "/" version "/"
name "-" version ".tar.gz"))
(sha256
(base32
- "0s48zz6awd493hmb200abmsizh68fh1jmz98r41n4c8dbl87d23p"))))
+ "1zv6z093l3x3jzygvni7b819j7xhn6d63jhcdrckj7fz67n6ry75"))))
(build-system cmake-build-system)
(native-inputs
`(("nasm" ,nasm)))
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 03/23] gnu: harfbuzz: Update to 2.2.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 02/23] gnu: libjpeg-turbo: Update to 2.0.1 Marius Bakke
@ 2018-12-11 1:13 ` Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 04/23] gnu: poppler: Update to 0.72.0 Marius Bakke
` (19 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:13 UTC (permalink / raw)
To: 33701
* gnu/packages/gtk.scm (harfbuzz): Update to 2.2.0.
---
gnu/packages/gtk.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
index 3b9a4145e5..7a8b6c1852 100644
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@@ -180,7 +180,7 @@ affine transformation (scale, rotation, shear, etc.).")
(define-public harfbuzz
(package
(name "harfbuzz")
- (version "1.8.8")
+ (version "2.2.0")
(source (origin
(method url-fetch)
(uri (string-append "https://www.freedesktop.org/software/"
@@ -188,7 +188,7 @@ affine transformation (scale, rotation, shear, etc.).")
version ".tar.bz2"))
(sha256
(base32
- "1ag3scnm1fcviqgx2p4858y433mr0ndqw6zccnccrqcr9mpcird8"))))
+ "047q63jr513azf3g1y7f5xn60b4jdjs9zsmrx04sfw5rasyzrk5p"))))
(build-system gnu-build-system)
(outputs '("out"
"bin")) ; 160K, only hb-view depend on cairo
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 04/23] gnu: poppler: Update to 0.72.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 02/23] gnu: libjpeg-turbo: Update to 2.0.1 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 03/23] gnu: harfbuzz: Update to 2.2.0 Marius Bakke
@ 2018-12-11 1:13 ` Marius Bakke
2018-12-12 1:08 ` Leo Famulari
2018-12-11 1:13 ` [bug#33701] [PATCH staging 05/23] gnu: D-Bus: Update to 1.12.12 Marius Bakke
` (18 subsequent siblings)
21 siblings, 1 reply; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:13 UTC (permalink / raw)
To: 33701
* gnu/packages/patches/poppler-CVE-2018-19149.patch: Delete file.
* gnu/packages/patches/inkscape-poppler-compat3.patch,
gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch,
gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch,
gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch: New files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/pdf.scm (poppler): Update to 0.72.0.
[replacement]: Remove field.
(poppler/fixed): Remove variable.
* gnu/packages/inkscape.scm (inkscape)[source](patches): Add
'inkscape-poppler-compat{3..5}.patch'.
* gnu/packages/tex.scm (texlive-bin)[source](patches): Update
'texlive-poppler-compat.patch'. Add
'texlive-bin-{lua,pdf,xe}tex-poppler-compat.patch'.
* gnu/packages/emacs.scm (emacs-pdf-tools)[source](modules, snippet): New
fields.
* gnu/packages/scribus.scm (scribus)[source](patches): Add upstream patch origins.
[source](modules, snippet): New fields.
* gnu/packages/libreoffice.scm (libreoffice)[source](patches): Add three
upstream origins.
[source](snippet, modules): New field.
---
gnu/local.mk | 5 +-
gnu/packages/emacs.scm | 10 +-
gnu/packages/inkscape.scm | 19 +-
gnu/packages/libreoffice.scm | 39 +-
.../patches/inkscape-poppler-compat3.patch | 499 ++++++++++++++++++
.../patches/poppler-CVE-2018-19149.patch | 80 ---
.../texlive-bin-luatex-poppler-compat.patch | 318 +++++++++++
.../texlive-bin-pdftex-poppler-compat.patch | 188 +++++++
.../texlive-bin-xetex-poppler-compat.patch | 31 ++
gnu/packages/pdf.scm | 13 +-
gnu/packages/scribus.scm | 51 +-
gnu/packages/tex.scm | 10 +-
12 files changed, 1163 insertions(+), 100 deletions(-)
create mode 100644 gnu/packages/patches/inkscape-poppler-compat3.patch
delete mode 100644 gnu/packages/patches/poppler-CVE-2018-19149.patch
create mode 100644 gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch
create mode 100644 gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch
create mode 100644 gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3f19b3fe79..6541bcc8be 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -832,6 +832,7 @@ dist_patch_DATA = \
%D%/packages/patches/icedtea-7-hotspot-gcc-segfault-workaround.patch \
%D%/packages/patches/id3lib-CVE-2007-4460.patch \
%D%/packages/patches/ilmbase-fix-tests.patch \
+ %D%/packages/patches/inkscape-poppler-compat3.patch \
%D%/packages/patches/intltool-perl-compatibility.patch \
%D%/packages/patches/irrlicht-use-system-libs.patch \
%D%/packages/patches/isl-0.11.1-aarch64-support.patch \
@@ -1061,7 +1062,6 @@ dist_patch_DATA = \
%D%/packages/patches/plink-endian-detection.patch \
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
%D%/packages/patches/podofo-cmake-3.12.patch \
- %D%/packages/patches/poppler-CVE-2018-19149.patch \
%D%/packages/patches/portaudio-audacity-compat.patch \
%D%/packages/patches/portmidi-modular-build.patch \
%D%/packages/patches/postgresql-disable-resolve_symlinks.patch \
@@ -1186,6 +1186,9 @@ dist_patch_DATA = \
%D%/packages/patches/teeworlds-use-latest-wavpack.patch \
%D%/packages/patches/texinfo-perl-compat.patch \
%D%/packages/patches/texinfo-5-perl-compat.patch \
+ %D%/packages/patches/texlive-bin-luatex-poppler-compat.patch \
+ %D%/packages/patches/texlive-bin-pdftex-poppler-compat.patch \
+ %D%/packages/patches/texlive-bin-xetex-poppler-compat.patch \
%D%/packages/patches/telegram-purple-adjust-test.patch \
%D%/packages/patches/texi2html-document-encoding.patch \
%D%/packages/patches/texi2html-i18n.patch \
diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm
index d8a9ffeaed..24446bfc9e 100644
--- a/gnu/packages/emacs.scm
+++ b/gnu/packages/emacs.scm
@@ -1634,7 +1634,15 @@ filters, new key bindings and faces. It can be enabled by
(sha256
(base32
"1i4647vax5na73basc5dz4lh9kprir00fh8ps4i0l1y3ippnjs2s"))
- (patches (search-patches "emacs-pdf-tools-poppler.patch"))))
+ (patches (search-patches "emacs-pdf-tools-poppler.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; In addition to the above patch, we need this additional
+ ;; provision for compatibility with Poppler 0.72:
+ (substitute* "server/poppler-hack.cc"
+ (("getCString") "c_str"))
+ #t))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; there are no tests
diff --git a/gnu/packages/inkscape.scm b/gnu/packages/inkscape.scm
index 1673cc602e..eae8ac962b 100644
--- a/gnu/packages/inkscape.scm
+++ b/gnu/packages/inkscape.scm
@@ -71,7 +71,24 @@
(file-name "inkscape-poppler-compat2.patch")
(sha256
(base32
- "14k9yrfjz4nx3bz9dk91q74mc0i7rvl2qzkwhcy1br71yqjvngn5")))))))
+ "14k9yrfjz4nx3bz9dk91q74mc0i7rvl2qzkwhcy1br71yqjvngn5")))
+ (search-patch "inkscape-poppler-compat3.patch")
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://gitlab.com/inkscape/inkscape/commit/"
+ "d047859d90cef3784e2d13e40887a70d8d517897.diff"))
+ (file-name "inkscape-poppler-compat4.patch")
+ (sha256
+ (base32
+ "0xdfg3q4g4m15z7wna4brjn5j4kr15qiqc2f25vcw2nnr6x54qcp")))
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://gitlab.com/inkscape/inkscape/commit/"
+ "b3d59cc8106da3bf6020a6c47eeb3b8a7bbae1a9.diff"))
+ (file-name "inkscape-poppler-compat5.patch")
+ (sha256
+ (base32
+ "0haviy66q9szizmvb82msfj80bb3wgi1fnq3ml8fyfp8l90a1217")))))))
(build-system cmake-build-system)
(inputs
`(("aspell" ,aspell)
diff --git a/gnu/packages/libreoffice.scm b/gnu/packages/libreoffice.scm
index 45e2f63767..eadf7697ae 100644
--- a/gnu/packages/libreoffice.scm
+++ b/gnu/packages/libreoffice.scm
@@ -984,9 +984,44 @@ converting QuarkXPress file format. It supports versions 3.1 to 4.1.")
(file-name "libreoffice-mdds.patch")
(sha256
(base32
- "0apbmammmp4pk473xiv5vk50r4c5gjvqzf9jkficksvz58q6114f"))))
+ "0apbmammmp4pk473xiv5vk50r4c5gjvqzf9jkficksvz58q6114f")))
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/LibreOffice/core/commit/"
+ "1688a395d05125b83eac6cd5c43f0e3f2f66c491"
+ ".patch"))
+ (file-name "libreoffice-poppler-compat.patch")
+ (sha256
+ (base32
+ "0ia5avmj772mrgs6m4qqf01hs8hzpy3nafidj7w7gqx2zz2s5ih9")))
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/LibreOffice/core/commit/"
+ "5e8bdd9203dd642111c62a6668ee665a20d4ba19"
+ ".patch"))
+ (file-name "libreoffice-poppler-gbool.patch")
+ (sha256
+ (base32
+ "19kc74h5vnk48l2vny8zmm2lkxpwc7g8n9d3wwpg99748dvbmikd")))
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/LibreOffice/core/commit/"
+ "8ff41a26caf51544699863c89598d37d93dc1b21"
+ ".patch"))
+ (file-name "libreoffice-poppler-0.71.patch")
+ (sha256
+ (base32
+ "1dsd0gynjf7d6412dd2sx70xa2s8kld7ibyjdkwg5w9hhi2zxw2f"))))
(search-patches "libreoffice-icu.patch"
- "libreoffice-glm.patch")))))
+ "libreoffice-glm.patch")))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ (for-each (lambda (file)
+ ;; Adjust to renamed function in Poppler 0.72.
+ (substitute* file (("getCString") "c_str")))
+ (find-files "sdext/source/pdfimport/xpdfwrapper"))
+ #t))))
(build-system glib-or-gtk-build-system)
(native-inputs
`(("bison" ,bison)
diff --git a/gnu/packages/patches/inkscape-poppler-compat3.patch b/gnu/packages/patches/inkscape-poppler-compat3.patch
new file mode 100644
index 0000000000..eaaf7d93f1
--- /dev/null
+++ b/gnu/packages/patches/inkscape-poppler-compat3.patch
@@ -0,0 +1,499 @@
+Fix compatibility with Poppler >= 0.69.
+
+This is a combination of these upstream commits:
+https://gitlab.com/inkscape/inkscape/commit/722e121361d0f784083d10e897155b7d4e44e515
+https://gitlab.com/inkscape/inkscape/commit/402c0274420fe39fd2f3393bc7d8d8879d436358
+
+...with slight adjustments for the 0.92.3 release tarball.
+
+diff --git a/CMakeScripts/DefineDependsandFlags.cmake b/CMakeScripts/DefineDependsandFlags.cmake
+--- a/CMakeScripts/DefineDependsandFlags.cmake
++++ b/CMakeScripts/DefineDependsandFlags.cmake
+@@ -116,18 +116,6 @@ if(ENABLE_POPPLER)
+ set(HAVE_POPPLER_GLIB ON)
+ endif()
+ endif()
+- if(POPPLER_VERSION VERSION_GREATER "0.26.0" OR
+- POPPLER_VERSION VERSION_EQUAL "0.26.0")
+- set(POPPLER_EVEN_NEWER_COLOR_SPACE_API ON)
+- endif()
+- if(POPPLER_VERSION VERSION_GREATER "0.29.0" OR
+- POPPLER_VERSION VERSION_EQUAL "0.29.0")
+- set(POPPLER_EVEN_NEWER_NEW_COLOR_SPACE_API ON)
+- endif()
+- if(POPPLER_VERSION VERSION_GREATER "0.58.0" OR
+- POPPLER_VERSION VERSION_EQUAL "0.58.0")
+- set(POPPLER_NEW_OBJECT_API ON)
+- endif()
+ else()
+ set(ENABLE_POPPLER_CAIRO OFF)
+ endif()
+diff --git a/src/extension/internal/pdfinput/pdf-input.cpp b/src/extension/internal/pdfinput/pdf-input.cpp
+--- a/src/extension/internal/pdfinput/pdf-input.cpp
++++ b/src/extension/internal/pdfinput/pdf-input.cpp
+@@ -793,7 +793,7 @@ PdfInput::open(::Inkscape::Extension::Input * /*mod*/, const gchar * uri) {
+ dlg->getImportSettings(prefs);
+
+ // Apply crop settings
+- PDFRectangle *clipToBox = NULL;
++ _POPPLER_CONST PDFRectangle *clipToBox = NULL;
+ double crop_setting;
+ sp_repr_get_double(prefs, "cropTo", &crop_setting);
+
+diff --git a/src/extension/internal/pdfinput/pdf-input.h b/src/extension/internal/pdfinput/pdf-input.h
+--- a/src/extension/internal/pdfinput/pdf-input.h
++++ b/src/extension/internal/pdfinput/pdf-input.h
+@@ -15,6 +15,7 @@
+ #endif
+
+ #ifdef HAVE_POPPLER
++#include "poppler-transition-api.h"
+
+ #include <gtkmm/dialog.h>
+
+diff --git a/src/extension/internal/pdfinput/pdf-parser.cpp b/src/extension/internal/pdfinput/pdf-parser.cpp
+--- a/src/extension/internal/pdfinput/pdf-parser.cpp
++++ b/src/extension/internal/pdfinput/pdf-parser.cpp
+@@ -36,6 +36,7 @@ extern "C" {
+ #include "pdf-parser.h"
+ #include "util/units.h"
+
++#include "glib/poppler-features.h"
+ #include "goo/gmem.h"
+ #include "goo/GooString.h"
+ #include "GlobalParams.h"
+@@ -294,8 +295,8 @@ PdfParser::PdfParser(XRef *xrefA,
+ int /*pageNum*/,
+ int rotate,
+ Dict *resDict,
+- PDFRectangle *box,
+- PDFRectangle *cropBox) :
++ _POPPLER_CONST PDFRectangle *box,
++ _POPPLER_CONST PDFRectangle *cropBox) :
+ xref(xrefA),
+ builder(builderA),
+ subPage(gFalse),
+@@ -317,7 +318,7 @@ PdfParser::PdfParser(XRef *xrefA,
+ builder->setDocumentSize(Inkscape::Util::Quantity::convert(state->getPageWidth(), "pt", "px"),
+ Inkscape::Util::Quantity::convert(state->getPageHeight(), "pt", "px"));
+
+- double *ctm = state->getCTM();
++ const double *ctm = state->getCTM();
+ double scaledCTM[6];
+ for (int i = 0; i < 6; ++i) {
+ baseMatrix[i] = ctm[i];
+@@ -352,7 +353,7 @@ PdfParser::PdfParser(XRef *xrefA,
+ PdfParser::PdfParser(XRef *xrefA,
+ Inkscape::Extension::Internal::SvgBuilder *builderA,
+ Dict *resDict,
+- PDFRectangle *box) :
++ _POPPLER_CONST PDFRectangle *box) :
+ xref(xrefA),
+ builder(builderA),
+ subPage(gTrue),
+@@ -571,7 +572,7 @@ const char *PdfParser::getPreviousOperator(unsigned int look_back) {
+
+ void PdfParser::execOp(Object *cmd, Object args[], int numArgs) {
+ PdfOperator *op;
+- char *name;
++ const char *name;
+ Object *argPtr;
+ int i;
+
+@@ -619,7 +620,7 @@ void PdfParser::execOp(Object *cmd, Object args[], int numArgs) {
+ (this->*op->func)(argPtr, numArgs);
+ }
+
+-PdfOperator* PdfParser::findOp(char *name) {
++PdfOperator* PdfParser::findOp(const char *name) {
+ int a = -1;
+ int b = numOps;
+ int cmp = -1;
+@@ -1751,7 +1752,7 @@ void PdfParser::doShadingPatternFillFallback(GfxShadingPattern *sPat,
+ GBool stroke, GBool eoFill) {
+ GfxShading *shading;
+ GfxPath *savedPath;
+- double *ctm, *btm, *ptm;
++ const double *ctm, *btm, *ptm;
+ double m[6], ictm[6], m1[6];
+ double xMin, yMin, xMax, yMax;
+ double det;
+@@ -1993,7 +1994,7 @@ void PdfParser::doFunctionShFill1(GfxFunctionShading *shading,
+ GfxColor color0M, color1M, colorM0, colorM1, colorMM;
+ GfxColor colors2[4];
+ double functionColorDelta = colorDeltas[pdfFunctionShading-1];
+- double *matrix;
++ const double *matrix;
+ double xM, yM;
+ int nComps, i, j;
+
+@@ -2173,7 +2174,7 @@ void PdfParser::doPatchMeshShFill(GfxPatchMeshShading *shading) {
+ }
+ }
+
+-void PdfParser::fillPatch(GfxPatch *patch, int nComps, int depth) {
++void PdfParser::fillPatch(_POPPLER_CONST GfxPatch *patch, int nComps, int depth) {
+ GfxPatch patch00 = blankPatch();
+ GfxPatch patch01 = blankPatch();
+ GfxPatch patch10 = blankPatch();
+@@ -2581,7 +2582,11 @@ void PdfParser::opShowSpaceText(Object args[], int /*numArgs*/)
+ }
+ }
+
++#if POPPLER_CHECK_VERSION(0,64,0)
+ void PdfParser::doShowText(const GooString *s) {
++#else
++void PdfParser::doShowText(GooString *s) {
++#endif
+ GfxFont *font;
+ int wMode;
+ double riseX, riseY;
+@@ -2590,11 +2595,15 @@ void PdfParser::doShowText(const GooString *s) {
+ double x, y, dx, dy, tdx, tdy;
+ double originX, originY, tOriginX, tOriginY;
+ double oldCTM[6], newCTM[6];
+- double *mat;
++ const double *mat;
+ Object charProc;
+ Dict *resDict;
+ Parser *oldParser;
++#if POPPLER_CHECK_VERSION(0,64,0)
++ const char *p;
++#else
+ char *p;
++#endif
+ int len, n, uLen;
+
+ font = state->getFont();
+@@ -2630,7 +2639,7 @@ void PdfParser::doShowText(const GooString *s) {
+ double lineX = state->getLineX();
+ double lineY = state->getLineY();
+ oldParser = parser;
+- p = g_strdup(s->getCString());
++ p = s->getCString();
+ len = s->getLength();
+ while (len > 0) {
+ n = font->getNextChar(p, len, &code,
+@@ -2685,7 +2694,7 @@ void PdfParser::doShowText(const GooString *s) {
+
+ } else {
+ state->textTransformDelta(0, state->getRise(), &riseX, &riseY);
+- p = g_strdup(s->getCString());
++ p = s->getCString();
+ len = s->getLength();
+ while (len > 0) {
+ n = font->getNextChar(p, len, &code,
+@@ -2731,7 +2740,11 @@ void PdfParser::opXObject(Object args[], int /*numArgs*/)
+ {
+ Object obj1, obj2, obj3, refObj;
+
+- char *name = g_strdup(args[0].getName());
++#if POPPLER_CHECK_VERSION(0,64,0)
++ const char *name = args[0].getName();
++#else
++ char *name = args[0].getName();
++#endif
+ #if defined(POPPLER_NEW_OBJECT_API)
+ if ((obj1 = res->lookupXObject(name)).isNull()) {
+ #else
+@@ -3656,7 +3669,6 @@ void PdfParser::opBeginImage(Object /*args*/[], int /*numArgs*/)
+ Stream *PdfParser::buildImageStream() {
+ Object dict;
+ Object obj;
+- char *key;
+ Stream *str;
+
+ // build dictionary
+@@ -3674,26 +3686,17 @@ Stream *PdfParser::buildImageStream() {
+ obj.free();
+ #endif
+ } else {
+- key = copyString(obj.getName());
+-#if defined(POPPLER_NEW_OBJECT_API)
+- obj = parser->getObj();
+-#else
+- obj.free();
+- parser->getObj(&obj);
+-#endif
+- if (obj.isEOF() || obj.isError()) {
+- gfree(key);
++ Object obj2;
++ _POPPLER_CALL(obj2, parser->getObj);
++ if (obj2.isEOF() || obj2.isError()) {
++ _POPPLER_FREE(obj);
+ break;
+ }
+-#if defined(POPPLER_NEW_OBJECT_API)
+- dict.dictAdd(key, std::move(obj));
+- }
+- obj = parser->getObj();
+-#else
+- dict.dictAdd(key, &obj);
++ _POPPLER_DICTADD(dict, obj.getName(), obj2);
++ _POPPLER_FREE(obj);
++ _POPPLER_FREE(obj2);
+ }
+- parser->getObj(&obj);
+-#endif
++ _POPPLER_CALL(obj, parser->getObj);
+ }
+ if (obj.isEOF()) {
+ error(errSyntaxError, getPos(), "End of file in inline image");
+diff --git a/src/extension/internal/pdfinput/pdf-parser.h b/src/extension/internal/pdfinput/pdf-parser.h
+--- a/src/extension/internal/pdfinput/pdf-parser.h
++++ b/src/extension/internal/pdfinput/pdf-parser.h
+@@ -9,6 +9,7 @@
+ #define PDF_PARSER_H
+
+ #ifdef HAVE_POPPLER
++#include "poppler-transition-api.h"
+
+ #ifdef USE_GCC_PRAGMAS
+ #pragma interface
+@@ -25,6 +26,7 @@ namespace Inkscape {
+ // TODO clean up and remove using:
+ using Inkscape::Extension::Internal::SvgBuilder;
+
++#include "glib/poppler-features.h"
+ #include "goo/gtypes.h"
+ #include "Object.h"
+
+@@ -127,11 +129,14 @@ public:
+
+ // Constructor for regular output.
+ PdfParser(XRef *xrefA, SvgBuilder *builderA, int pageNum, int rotate,
+- Dict *resDict, PDFRectangle *box, PDFRectangle *cropBox);
++ Dict *resDict,
++ _POPPLER_CONST PDFRectangle *box,
++ _POPPLER_CONST PDFRectangle *cropBox);
+
+ // Constructor for a sub-page object.
+ PdfParser(XRef *xrefA, Inkscape::Extension::Internal::SvgBuilder *builderA,
+- Dict *resDict, PDFRectangle *box);
++ Dict *resDict,
++ _POPPLER_CONST PDFRectangle *box);
+
+ virtual ~PdfParser();
+
+@@ -185,7 +190,7 @@ private:
+
+ void go(GBool topLevel);
+ void execOp(Object *cmd, Object args[], int numArgs);
+- PdfOperator *findOp(char *name);
++ PdfOperator *findOp(const char *name);
+ GBool checkArg(Object *arg, TchkType type);
+ int getPos();
+
+@@ -256,7 +261,7 @@ private:
+ double x2, double y2, GfxColor *color2,
+ int nComps, int depth);
+ void doPatchMeshShFill(GfxPatchMeshShading *shading);
+- void fillPatch(GfxPatch *patch, int nComps, int depth);
++ void fillPatch(_POPPLER_CONST GfxPatch *patch, int nComps, int depth);
+ void doEndPath();
+
+ // path clipping operators
+@@ -287,7 +292,12 @@ private:
+ void opMoveShowText(Object args[], int numArgs);
+ void opMoveSetShowText(Object args[], int numArgs);
+ void opShowSpaceText(Object args[], int numArgs);
++#if POPPLER_CHECK_VERSION(0,64,0)
+ void doShowText(const GooString *s);
++#else
++ void doShowText(GooString *s);
++#endif
++
+
+ // XObject operators
+ void opXObject(Object args[], int numArgs);
+diff --git a/src/extension/internal/pdfinput/poppler-transition-api.h b/src/extension/internal/pdfinput/poppler-transition-api.h
+new file mode 100644
+--- /dev/null
++++ b/src/extension/internal/pdfinput/poppler-transition-api.h
+@@ -0,0 +1,39 @@
++#ifndef SEEN_POPPLER_TRANSITION_API_H
++#define SEEN_POPPLER_TRANSITION_API_H
++
++#include <glib/poppler-features.h>
++
++#if POPPLER_CHECK_VERSION(0,70,0)
++#define _POPPLER_CONST const
++#else
++#define _POPPLER_CONST
++#endif
++
++#if POPPLER_CHECK_VERSION(0,69,0)
++#define _POPPLER_DICTADD(dict, key, obj) (dict).dictAdd(key, std::move(obj))
++#elif POPPLER_CHECK_VERSION(0,58,0)
++#define _POPPLER_DICTADD(dict, key, obj) (dict).dictAdd(copyString(key), std::move(obj))
++#else
++#define _POPPLER_DICTADD(dict, key, obj) (dict).dictAdd(copyString(key), &obj)
++#endif
++
++#if POPPLER_CHECK_VERSION(0,58,0)
++#define POPPLER_NEW_OBJECT_API
++#define _POPPLER_FREE(obj)
++#define _POPPLER_CALL(ret, func) (ret = func())
++#define _POPPLER_CALL_ARGS(ret, func, ...) (ret = func(__VA_ARGS__))
++#else
++#define _POPPLER_FREE(obj) (obj).free()
++#define _POPPLER_CALL(ret, func) (*func(&ret))
++#define _POPPLER_CALL_ARGS(ret, func, ...) (*func(__VA_ARGS__, &ret))
++#endif
++
++#if POPPLER_CHECK_VERSION(0, 29, 0)
++#define POPPLER_EVEN_NEWER_NEW_COLOR_SPACE_API
++#endif
++
++#if POPPLER_CHECK_VERSION(0, 25, 0)
++#define POPPLER_EVEN_NEWER_COLOR_SPACE_API
++#endif
++
++#endif
+diff --git a/src/extension/internal/pdfinput/svg-builder.cpp b/src/extension/internal/pdfinput/svg-builder.cpp
+--- a/src/extension/internal/pdfinput/svg-builder.cpp
++++ b/src/extension/internal/pdfinput/svg-builder.cpp
+@@ -625,7 +625,7 @@ gchar *SvgBuilder::_createPattern(GfxPattern *pattern, GfxState *state, bool is_
+ if ( pattern != NULL ) {
+ if ( pattern->getType() == 2 ) { // Shading pattern
+ GfxShadingPattern *shading_pattern = static_cast<GfxShadingPattern *>(pattern);
+- double *ptm;
++ const double *ptm;
+ double m[6] = {1, 0, 0, 1, 0, 0};
+ double det;
+
+@@ -672,7 +672,7 @@ gchar *SvgBuilder::_createTilingPattern(GfxTilingPattern *tiling_pattern,
+
+ Inkscape::XML::Node *pattern_node = _xml_doc->createElement("svg:pattern");
+ // Set pattern transform matrix
+- double *p2u = tiling_pattern->getMatrix();
++ const double *p2u = tiling_pattern->getMatrix();
+ double m[6] = {1, 0, 0, 1, 0, 0};
+ double det;
+ det = _ttm[0] * _ttm[3] - _ttm[1] * _ttm[2]; // see LP Bug 1168908
+@@ -698,7 +698,7 @@ gchar *SvgBuilder::_createTilingPattern(GfxTilingPattern *tiling_pattern,
+ pattern_node->setAttribute("patternUnits", "userSpaceOnUse");
+ // Set pattern tiling
+ // FIXME: don't ignore XStep and YStep
+- double *bbox = tiling_pattern->getBBox();
++ const double *bbox = tiling_pattern->getBBox();
+ sp_repr_set_svg_double(pattern_node, "x", 0.0);
+ sp_repr_set_svg_double(pattern_node, "y", 0.0);
+ sp_repr_set_svg_double(pattern_node, "width", bbox[2] - bbox[0]);
+@@ -751,7 +751,7 @@ gchar *SvgBuilder::_createTilingPattern(GfxTilingPattern *tiling_pattern,
+ */
+ gchar *SvgBuilder::_createGradient(GfxShading *shading, double *matrix, bool for_shading) {
+ Inkscape::XML::Node *gradient;
+- Function *func;
++ _POPPLER_CONST Function *func;
+ int num_funcs;
+ bool extend0, extend1;
+
+@@ -865,7 +865,7 @@ static bool svgGetShadingColorRGB(GfxShading *shading, double offset, GfxRGB *re
+
+ #define INT_EPSILON 8
+ bool SvgBuilder::_addGradientStops(Inkscape::XML::Node *gradient, GfxShading *shading,
+- Function *func) {
++ _POPPLER_CONST Function *func) {
+ int type = func->getType();
+ if ( type == 0 || type == 2 ) { // Sampled or exponential function
+ GfxRGB stop1, stop2;
+@@ -877,9 +877,9 @@ bool SvgBuilder::_addGradientStops(Inkscape::XML::Node *gradient, GfxShading *sh
+ _addStopToGradient(gradient, 1.0, &stop2, 1.0);
+ }
+ } else if ( type == 3 ) { // Stitching
+- StitchingFunction *stitchingFunc = static_cast<StitchingFunction*>(func);
+- double *bounds = stitchingFunc->getBounds();
+- double *encode = stitchingFunc->getEncode();
++ auto stitchingFunc = static_cast<_POPPLER_CONST StitchingFunction*>(func);
++ const double *bounds = stitchingFunc->getBounds();
++ const double *encode = stitchingFunc->getEncode();
+ int num_funcs = stitchingFunc->getNumFuncs();
+
+ // Add stops from all the stitched functions
+@@ -890,7 +890,7 @@ bool SvgBuilder::_addGradientStops(Inkscape::XML::Node *gradient, GfxShading *sh
+ svgGetShadingColorRGB(shading, bounds[i + 1], &color);
+ // Add stops
+ if (stitchingFunc->getFunc(i)->getType() == 2) { // process exponential fxn
+- double expE = (static_cast<ExponentialFunction*>(stitchingFunc->getFunc(i)))->getE();
++ double expE = (static_cast<_POPPLER_CONST ExponentialFunction*>(stitchingFunc->getFunc(i)))->getE();
+ if (expE > 1.0) {
+ expE = (bounds[i + 1] - bounds[i])/expE; // approximate exponential as a single straight line at x=1
+ if (encode[2*i] == 0) { // normal sequence
+@@ -1020,9 +1020,9 @@ void SvgBuilder::updateFont(GfxState *state) {
+ GfxFont *font = state->getFont();
+ // Store original name
+ if (font->getName()) {
+- _font_specification = g_strdup(font->getName()->getCString());
++ _font_specification = font->getName()->getCString();
+ } else {
+- _font_specification = (char*) "Arial";
++ _font_specification = "Arial";
+ }
+
+ // Prune the font name to get the correct font family name
+@@ -1030,7 +1030,7 @@ void SvgBuilder::updateFont(GfxState *state) {
+ char *font_family = NULL;
+ char *font_style = NULL;
+ char *font_style_lowercase = NULL;
+- char *plus_sign = strstr(_font_specification, "+");
++ const char *plus_sign = strstr(_font_specification, "+");
+ if (plus_sign) {
+ font_family = g_strdup(plus_sign + 1);
+ _font_specification = plus_sign + 1;
+@@ -1148,7 +1148,7 @@ void SvgBuilder::updateFont(GfxState *state) {
+ Inkscape::CSSOStringStream os_font_size;
+ double css_font_size = _font_scaling * state->getFontSize();
+ if ( font->getType() == fontType3 ) {
+- double *font_matrix = font->getFontMatrix();
++ const double *font_matrix = font->getFontMatrix();
+ if ( font_matrix[0] != 0.0 ) {
+ css_font_size *= font_matrix[3] / font_matrix[0];
+ }
+@@ -1193,7 +1193,7 @@ void SvgBuilder::updateTextPosition(double tx, double ty) {
+ void SvgBuilder::updateTextMatrix(GfxState *state) {
+ _flushText();
+ // Update text matrix
+- double *text_matrix = state->getTextMat();
++ const double *text_matrix = state->getTextMat();
+ double w_scale = sqrt( text_matrix[0] * text_matrix[0] + text_matrix[2] * text_matrix[2] );
+ double h_scale = sqrt( text_matrix[1] * text_matrix[1] + text_matrix[3] * text_matrix[3] );
+ double max_scale;
+diff --git a/src/extension/internal/pdfinput/svg-builder.h b/src/extension/internal/pdfinput/svg-builder.h
+--- a/src/extension/internal/pdfinput/svg-builder.h
++++ b/src/extension/internal/pdfinput/svg-builder.h
+@@ -15,6 +15,7 @@
+ #endif
+
+ #ifdef HAVE_POPPLER
++#include "poppler-transition-api.h"
+
+ class SPDocument;
+ namespace Inkscape {
+@@ -80,7 +81,7 @@ struct SvgGlyph {
+ bool style_changed; // Set to true if style has to be reset
+ SPCSSAttr *style;
+ int render_mode; // Text render mode
+- char *font_specification; // Pointer to current font specification
++ const char *font_specification; // Pointer to current font specification
+ };
+
+ /**
+@@ -174,7 +175,7 @@ private:
+ void _addStopToGradient(Inkscape::XML::Node *gradient, double offset,
+ GfxRGB *color, double opacity);
+ bool _addGradientStops(Inkscape::XML::Node *gradient, GfxShading *shading,
+- Function *func);
++ _POPPLER_CONST Function *func);
+ gchar *_createTilingPattern(GfxTilingPattern *tiling_pattern, GfxState *state,
+ bool is_stroke=false);
+ // Image/mask creation
+@@ -202,7 +203,7 @@ private:
+
+ SPCSSAttr *_font_style; // Current font style
+ GfxFont *_current_font;
+- char *_font_specification;
++ const char *_font_specification;
+ double _font_scaling;
+ bool _need_font_update;
+ Geom::Affine _text_matrix;
diff --git a/gnu/packages/patches/poppler-CVE-2018-19149.patch b/gnu/packages/patches/poppler-CVE-2018-19149.patch
deleted file mode 100644
index 3641f5f078..0000000000
--- a/gnu/packages/patches/poppler-CVE-2018-19149.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-Fix CVE-2018-19149:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
-https://gitlab.freedesktop.org/poppler/poppler/issues/664
-
-Patch copied from upstream source repository:
-
-https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
-
-From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001
-From: Marek Kasik <mkasik@redhat.com>
-Date: Fri, 20 Apr 2018 11:38:13 +0200
-Subject: [PATCH] Fix crash on missing embedded file
-
-Check whether an embedded file is actually present in the PDF
-and show warning in that case.
-
-https://bugs.freedesktop.org/show_bug.cgi?id=106137
-https://gitlab.freedesktop.org/poppler/poppler/issues/236
----
- glib/poppler-attachment.cc | 26 +++++++++++++++++---------
- glib/poppler-document.cc | 3 ++-
- 2 files changed, 19 insertions(+), 10 deletions(-)
-
-diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc
-index c6502e9d..11ba5bb5 100644
---- a/glib/poppler-attachment.cc
-+++ b/glib/poppler-attachment.cc
-@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file)
- attachment->description = _poppler_goo_string_to_utf8 (emb_file->getDescription ());
-
- embFile = emb_file->getEmbeddedFile();
-- attachment->size = embFile->size ();
-+ if (embFile != NULL && embFile->streamObject()->isStream())
-+ {
-+ attachment->size = embFile->size ();
-
-- if (embFile->createDate ())
-- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
-- if (embFile->modDate ())
-- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
-+ if (embFile->createDate ())
-+ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
-+ if (embFile->modDate ())
-+ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
-
-- if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
-- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
-- embFile->checksum ()->getLength ());
-- priv->obj_stream = embFile->streamObject()->copy();
-+ if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
-+ attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
-+ embFile->checksum ()->getLength ());
-+ priv->obj_stream = embFile->streamObject()->copy();
-+ }
-+ else
-+ {
-+ g_warning ("Missing stream object for embedded file");
-+ g_clear_object (&attachment);
-+ }
-
- return attachment;
- }
-diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc
-index 83f6aea6..ea319344 100644
---- a/glib/poppler-document.cc
-+++ b/glib/poppler-document.cc
-@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument *document)
- attachment = _poppler_attachment_new (emb_file);
- delete emb_file;
-
-- retval = g_list_prepend (retval, attachment);
-+ if (attachment != NULL)
-+ retval = g_list_prepend (retval, attachment);
- }
- return g_list_reverse (retval);
- }
---
-2.19.1
-
diff --git a/gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch
new file mode 100644
index 0000000000..d8b9bf172a
--- /dev/null
+++ b/gnu/packages/patches/texlive-bin-luatex-poppler-compat.patch
@@ -0,0 +1,318 @@
+Fix LuaTeX compatibility with Poppler 0.72.
+
+Upstream LuaTeX have moved from Poppler to "pplib" and thus upstream
+fixes are unavailable. This is based on Arch Linux patches, with minor
+changes for Poppler 0.72:
+https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/texlive-bin&id=f1b424435c8fa31d9296c7a6dc17f939a8332780
+
+diff --git a/texk/web2c/luatexdir/image/pdftoepdf.w b/texk/web2c/luatexdir/image/pdftoepdf.w
+--- a/texk/web2c/luatexdir/image/pdftoepdf.w
++++ b/texk/web2c/luatexdir/image/pdftoepdf.w
+@@ -35,7 +35,7 @@
+
+ extern void md5(Guchar *msg, int msgLen, Guchar *digest);
+
+-static GBool isInit = gFalse;
++static bool isInit = false;
+
+ /* Maintain AVL tree of all PDF files for embedding */
+
+@@ -363,10 +363,10 @@ void copyReal(PDF pdf, double d)
+
+ static void copyString(PDF pdf, GooString * string)
+ {
+- char *p;
++ const char *p;
+ unsigned char c;
+ size_t i, l;
+- p = string->getCString();
++ p = string->c_str();
+ l = (size_t) string->getLength();
+ if (pdf->cave)
+ pdf_out(pdf, ' ');
+@@ -393,7 +393,7 @@ static void copyString(PDF pdf, GooString * string)
+ pdf->cave = true;
+ }
+
+-static void copyName(PDF pdf, char *s)
++static void copyName(PDF pdf, const char *s)
+ {
+ pdf_out(pdf, '/');
+ for (; *s != 0; s++) {
+@@ -468,14 +468,14 @@ static void copyObject(PDF pdf, PdfDocument * pdf_doc, Object * obj)
+ break;
+ /*
+ case objNum:
+- GBool isNum() { return type == objInt || type == objReal; }
++ bool isNum() { return type == objInt || type == objReal; }
+ break;
+ */
+ case objString:
+ copyString(pdf, (GooString *)obj->getString());
+ break;
+ case objName:
+- copyName(pdf, (char *)obj->getName());
++ copyName(pdf, obj->getName());
+ break;
+ case objNull:
+ pdf_add_null(pdf);
+@@ -531,22 +531,22 @@ static PDFRectangle *get_pagebox(Page * page, int pagebox_spec)
+ {
+ switch (pagebox_spec) {
+ case PDF_BOX_SPEC_MEDIA:
+- return page->getMediaBox();
++ return (PDFRectangle *) page->getMediaBox();
+ break;
+ case PDF_BOX_SPEC_CROP:
+- return page->getCropBox();
++ return (PDFRectangle *) page->getCropBox();
+ break;
+ case PDF_BOX_SPEC_BLEED:
+- return page->getBleedBox();
++ return (PDFRectangle *) page->getBleedBox();
+ break;
+ case PDF_BOX_SPEC_TRIM:
+- return page->getTrimBox();
++ return (PDFRectangle *) page->getTrimBox();
+ break;
+ case PDF_BOX_SPEC_ART:
+- return page->getArtBox();
++ return (PDFRectangle *) page->getArtBox();
+ break;
+ default:
+- return page->getMediaBox();
++ return (PDFRectangle *) page->getMediaBox();
+ break;
+ }
+ }
+@@ -587,11 +587,11 @@ void read_pdf_info(image_dict * idict)
+ PDFRectangle *pagebox;
+ int pdf_major_version_found, pdf_minor_version_found;
+ float xsize, ysize, xorig, yorig;
+- if (isInit == gFalse) {
++ if (isInit == false) {
+ if (!(globalParams))
+ globalParams = new GlobalParams();
+- globalParams->setErrQuiet(gFalse);
+- isInit = gTrue;
++ globalParams->setErrQuiet(false);
++ isInit = true;
+ }
+ if (img_type(idict) == IMG_TYPE_PDF)
+ pdf_doc = refPdfDocument(img_filepath(idict), FE_FAIL);
+@@ -966,7 +966,7 @@ void epdf_free()
+ if (PdfDocumentTree != NULL)
+ avl_destroy(PdfDocumentTree, destroyPdfDocument);
+ PdfDocumentTree = NULL;
+- if (isInit == gTrue)
++ if (isInit == true)
+ delete globalParams;
+- isInit = gFalse;
++ isInit = false;
+ }
+diff --git a/texk/web2c/luatexdir/lua/lepdflib.cc b/texk/web2c/luatexdir/lua/lepdflib.cc
+--- a/texk/web2c/luatexdir/lua/lepdflib.cc
++++ b/texk/web2c/luatexdir/lua/lepdflib.cc
+@@ -240,7 +240,7 @@ static int l_new_Attribute(lua_State * L)
+ if (uobj->pd != NULL && uobj->pd->pc != uobj->pc)
+ pdfdoc_changed_error(L);
+ uout = new_Attribute_userdata(L);
+- uout->d = new Attribute(n, nlen, (Object *)uobj->d);
++ uout->d = new Attribute((GooString)n, (Object *)uobj->d);
+ uout->atype = ALLOC_LEPDF;
+ uout->pc = uobj->pc;
+ uout->pd = uobj->pd;
+@@ -439,7 +439,7 @@ static int l_new_Object(lua_State * L)
+ break;
+ case 1:
+ if (lua_isboolean (L,1)) {
+- uout->d = new Object(lua_toboolean(L, 1)? gTrue : gFalse);
++ uout->d = new Object(lua_toboolean(L, 1)? true : false);
+ uout->atype = ALLOC_LEPDF;
+ uout->pc = 0;
+ uout->pd = NULL;
+@@ -596,7 +596,7 @@ static int m_##in##_##function(lua_State * L) \
+ uin = (udstruct *) luaL_checkudata(L, 1, M_##in); \
+ if (uin->pd != NULL && uin->pd->pc != uin->pc) \
+ pdfdoc_changed_error(L); \
+- o = ((in *) uin->d)->function(); \
++ o = (out *) ((in *) uin->d)->function(); \
+ if (o != NULL) { \
+ uout = new_##out##_userdata(L); \
+ uout->d = o; \
+@@ -676,7 +676,7 @@ static int m_##in##_##function(lua_State * L) \
+ pdfdoc_changed_error(L); \
+ gs = (GooString *)((in *) uin->d)->function(); \
+ if (gs != NULL) \
+- lua_pushlstring(L, gs->getCString(), gs->getLength()); \
++ lua_pushlstring(L, gs->c_str(), gs->getLength()); \
+ else \
+ lua_pushnil(L); \
+ return 1; \
+@@ -911,7 +911,7 @@ static int m_Array_getString(lua_State * L)
+ if (i > 0 && i <= len) {
+ gs = new GooString();
+ if (((Array *) uin->d)->getString(i - 1, gs))
+- lua_pushlstring(L, gs->getCString(), gs->getLength());
++ lua_pushlstring(L, gs->c_str(), gs->getLength());
+ else
+ lua_pushnil(L);
+ delete gs;
+@@ -1063,7 +1063,7 @@ static int m_Catalog_getJS(lua_State * L)
+ if (i > 0 && i <= len) {
+ gs = ((Catalog *) uin->d)->getJS(i - 1);
+ if (gs != NULL)
+- lua_pushlstring(L, gs->getCString(), gs->getLength());
++ lua_pushlstring(L, gs->c_str(), gs->getLength());
+ else
+ lua_pushnil(L);
+ delete gs;
+@@ -1125,12 +1125,12 @@ m_poppler_get_INT(Dict, getLength);
+
+ static int m_Dict_add(lua_State * L)
+ {
+- char *s;
++ const char *s;
+ udstruct *uin, *uobj;
+ uin = (udstruct *) luaL_checkudata(L, 1, M_Dict);
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+- s = copyString(luaL_checkstring(L, 2));
++ s = luaL_checkstring(L, 2);
+ uobj = (udstruct *) luaL_checkudata(L, 3, M_Object);
+ ((Dict *) uin->d)->add(s, std::move(*((Object *) uobj->d)));
+ return 0;
+@@ -1378,7 +1378,7 @@ static int m_GooString__tostring(lua_State * L)
+ uin = (udstruct *) luaL_checkudata(L, 1, M_GooString);
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+- lua_pushlstring(L, ((GooString *) uin->d)->getCString(),
++ lua_pushlstring(L, ((GooString *) uin->d)->c_str(),
+ ((GooString *) uin->d)->getLength());
+ return 1;
+ }
+@@ -1527,9 +1527,9 @@ static int m_Object_initBool(lua_State * L)
+ pdfdoc_changed_error(L);
+ luaL_checktype(L, 2, LUA_TBOOLEAN);
+ if (lua_toboolean(L, 2) != 0)
+- *((Object *) uin->d) = Object(gTrue);
++ *((Object *) uin->d) = Object(true);
+ else
+- *((Object *) uin->d) = Object(gFalse);
++ *((Object *) uin->d) = Object(false);
+ return 0;
+ }
+
+@@ -1814,7 +1814,7 @@ static int m_Object_getString(lua_State * L)
+ pdfdoc_changed_error(L);
+ if (((Object *) uin->d)->isString()) {
+ gs = (GooString *)((Object *) uin->d)->getString();
+- lua_pushlstring(L, gs->getCString(), gs->getLength());
++ lua_pushlstring(L, gs->c_str(), gs->getLength());
+ } else
+ lua_pushnil(L);
+ return 1;
+@@ -2051,7 +2051,7 @@ static int m_Object_dictAdd(lua_State * L)
+ pdfdoc_changed_error(L);
+ if (!((Object *) uin->d)->isDict())
+ luaL_error(L, "Object is not a Dict");
+- ((Object *) uin->d)->dictAdd(copyString(s), std::move(*((Object *) uobj->d)));
++ ((Object *) uin->d)->dictAdd(s, std::move(*((Object *) uobj->d)));
+ return 0;
+ }
+
+@@ -2470,9 +2470,9 @@ static int m_PDFDoc_getFileName(lua_State * L)
+ uin = (udstruct *) luaL_checkudata(L, 1, M_PDFDoc);
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+- gs = ((PdfDocument *) uin->d)->doc->getFileName();
++ gs = (GooString *) ((PdfDocument *) uin->d)->doc->getFileName();
+ if (gs != NULL)
+- lua_pushlstring(L, gs->getCString(), gs->getLength());
++ lua_pushlstring(L, gs->c_str(), gs->getLength());
+ else
+ lua_pushnil(L);
+ return 1;
+@@ -2559,9 +2559,9 @@ static int m_PDFDoc_readMetadata(lua_State * L)
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+ if (((PdfDocument *) uin->d)->doc->getCatalog()->isOk()) {
+- gs = ((PdfDocument *) uin->d)->doc->readMetadata();
++ gs = (GooString *) ((PdfDocument *) uin->d)->doc->readMetadata();
+ if (gs != NULL)
+- lua_pushlstring(L, gs->getCString(), gs->getLength());
++ lua_pushlstring(L, gs->c_str(), gs->getLength());
+ else
+ lua_pushnil(L);
+ } else
+@@ -2577,7 +2577,7 @@ static int m_PDFDoc_getStructTreeRoot(lua_State * L)
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+ if (((PdfDocument *) uin->d)->doc->getCatalog()->isOk()) {
+- obj = ((PdfDocument *) uin->d)->doc->getStructTreeRoot();
++ obj = (StructTreeRoot *) ((PdfDocument *) uin->d)->doc->getStructTreeRoot();
+ uout = new_StructTreeRoot_userdata(L);
+ uout->d = obj;
+ uout->pc = uin->pc;
+@@ -3038,12 +3038,12 @@ m_poppler_get_BOOL(Attribute, isHidden);
+
+ static int m_Attribute_setHidden(lua_State * L)
+ {
+- GBool i;
++ bool i;
+ udstruct *uin;
+ uin = (udstruct *) luaL_checkudata(L, 1, M_Attribute);
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+- i = (GBool) lua_toboolean(L, 2);
++ i = (bool) lua_toboolean(L, 2);
+ ((Attribute *) uin->d)->setHidden(i);
+ return 0;
+ }
+@@ -3180,7 +3180,7 @@ static int m_StructElement_getParentRef(lua_State * L)
+ // Ref is false if the C++ functione return false
+ static int m_StructElement_getPageRef(lua_State * L)
+ {
+- GBool b;
++ bool b;
+ Ref *r;
+ udstruct *uin, *uout;
+ uin = (udstruct *) luaL_checkudata(L, 1, M_StructElement);
+@@ -3226,16 +3226,16 @@ static int m_StructElement_setRevision(lua_State * L)
+
+ static int m_StructElement_getText(lua_State * L)
+ {
+- GBool i;
++ bool i;
+ GooString *gs;
+ udstruct *uin;
+ uin = (udstruct *) luaL_checkudata(L, 1, M_StructElement);
+ if (uin->pd != NULL && uin->pd->pc != uin->pc)
+ pdfdoc_changed_error(L);
+- i = (GBool) lua_toboolean(L, 2);
++ i = (bool) lua_toboolean(L, 2);
+ gs = ((StructElement *) uin->d)->getText(i);
+ if (gs != NULL)
+- lua_pushlstring(L, gs->getCString(), gs->getLength());
++ lua_pushlstring(L, gs->c_str(), gs->getLength());
+ else
+ lua_pushnil(L);
+ return 1;
+@@ -3321,7 +3321,7 @@ static int m_StructElement_findAttribute(lua_State * L)
+ {
+ Attribute::Type t;
+ Attribute::Owner o;
+- GBool g;
++ bool g;
+ udstruct *uin, *uout;
+ const Attribute *a;
+ uin = (udstruct *) luaL_checkudata(L, 1, M_StructElement);
+@@ -3329,7 +3329,7 @@ static int m_StructElement_findAttribute(lua_State * L)
+ pdfdoc_changed_error(L);
+ t = (Attribute::Type) luaL_checkint(L,1);
+ o = (Attribute::Owner) luaL_checkint(L,2);
+- g = (GBool) lua_toboolean(L, 3);
++ g = (bool) lua_toboolean(L, 3);
+ a = ((StructElement *) uin->d)->findAttribute(t,g,o);
+
+ if (a!=NULL){
diff --git a/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch
new file mode 100644
index 0000000000..eba4733f32
--- /dev/null
+++ b/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch
@@ -0,0 +1,188 @@
+Fix compatibility with Poppler 0.72.
+
+These files are taken from the upstream "poppler0.72.0.cc" variants and
+diffed against the "newpoppler" files from the 20180414 distribution.
+
+See revision 49336:
+https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/pdftexdir/
+
+--- a/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100
++++ b/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100
+@@ -22,7 +22,7 @@
+ https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk
+ by Arch Linux. A little modifications are made to avoid a crash for
+ some kind of pdf images, such as figure_missing.pdf in gnuplot.
+-The poppler should be 0.59.0 or newer versions.
++The poppler should be 0.72.0 or newer versions.
+ POPPLER_VERSION should be defined.
+ */
+
+@@ -120,7 +120,7 @@
+
+ static InObj *inObjList;
+ static UsedEncoding *encodingList;
+-static GBool isInit = gFalse;
++static bool isInit = false;
+
+ // --------------------------------------------------------------------
+ // Maintain list of open embedded PDF files
+@@ -317,7 +317,7 @@
+ pdf_puts("<<\n");
+ assert(r->type == objFont); // FontDescriptor is in fd_tree
+ for (i = 0, l = obj->dictGetLength(); i < l; ++i) {
+- key = obj->dictGetKey(i);
++ key = (char *)obj->dictGetKey(i);
+ if (strncmp("FontDescriptor", key, strlen("FontDescriptor")) == 0
+ || strncmp("BaseFont", key, strlen("BaseFont")) == 0
+ || strncmp("Encoding", key, strlen("Encoding")) == 0)
+@@ -427,7 +427,7 @@
+ charset = fontdesc.dictLookup("CharSet");
+ if (!charset.isNull() &&
+ charset.isString() && is_subsetable(fontmap))
+- epdf_mark_glyphs(fd, (char *)charset.getString()->getCString());
++ epdf_mark_glyphs(fd, (char *)charset.getString()->c_str());
+ else
+ embed_whole_font(fd);
+ addFontDesc(fontdescRef.getRef(), fd);
+@@ -454,7 +454,7 @@
+ for (i = 0, l = obj->dictGetLength(); i < l; ++i) {
+ fontRef = obj->dictGetValNF(i);
+ if (fontRef.isRef())
+- copyFont(obj->dictGetKey(i), &fontRef);
++ copyFont((char *)obj->dictGetKey(i), &fontRef);
+ else if (fontRef.isDict()) { // some programs generate pdf with embedded font object
+ copyName((char *)obj->dictGetKey(i));
+ pdf_puts(" ");
+@@ -566,7 +566,7 @@
+ pdf_printf("%s", convertNumToPDF(obj->getNum()));
+ } else if (obj->isString()) {
+ s = (GooString *)obj->getString();
+- p = s->getCString();
++ p = (char *)s->c_str();
+ l = s->getLength();
+ if (strlen(p) == (unsigned int) l) {
+ pdf_puts("(");
+@@ -664,7 +664,7 @@
+ ("PDF inclusion: CID fonts are not supported"
+ " (try to disable font replacement to fix this)");
+ }
+- if ((s = ((Gfx8BitFont *) r->font)->getCharName(i)) != 0)
++ if ((s = (char *)((Gfx8BitFont *) r->font)->getCharName(i)) != 0)
+ glyphNames[i] = s;
+ else
+ glyphNames[i] = notdef;
+@@ -683,7 +683,7 @@
+ }
+
+ // get the pagebox according to the pagebox_spec
+-static PDFRectangle *get_pagebox(Page * page, int pagebox_spec)
++static const PDFRectangle *get_pagebox(Page * page, int pagebox_spec)
+ {
+ if (pagebox_spec == pdfboxspecmedia)
+ return page->getMediaBox();
+@@ -715,7 +715,7 @@
+ {
+ PdfDocument *pdf_doc;
+ Page *page;
+- PDFRectangle *pagebox;
++ const PDFRectangle *pagebox;
+ #ifdef POPPLER_VERSION
+ int pdf_major_version_found, pdf_minor_version_found;
+ #else
+@@ -724,8 +724,8 @@
+ // initialize
+ if (!isInit) {
+ globalParams = new GlobalParams();
+- globalParams->setErrQuiet(gFalse);
+- isInit = gTrue;
++ globalParams->setErrQuiet(false);
++ isInit = true;
+ }
+ // open PDF file
+ pdf_doc = find_add_document(image_name);
+@@ -849,7 +849,7 @@
+ pageObj = xref->fetch(pageRef->num, pageRef->gen);
+ pageDict = pageObj.getDict();
+ rotate = page->getRotate();
+- PDFRectangle *pagebox;
++ const PDFRectangle *pagebox;
+ // write the Page header
+ pdf_puts("/Type /XObject\n");
+ pdf_puts("/Subtype /Form\n");
+@@ -977,7 +977,7 @@
+ }
+ l = dic1.getLength();
+ for (i = 0; i < l; i++) {
+- groupDict.dictAdd(copyString(dic1.getKey(i)),
++ groupDict.dictAdd((const char *)copyString(dic1.getKey(i)),
+ dic1.getValNF(i));
+ }
+ // end modification
+@@ -1001,14 +1001,14 @@
+ pdf_puts("/Resources <<\n");
+ for (i = 0, l = obj1->dictGetLength(); i < l; ++i) {
+ obj2 = obj1->dictGetVal(i);
+- key = obj1->dictGetKey(i);
++ key = (char *)obj1->dictGetKey(i);
+ if (strcmp("Font", key) == 0)
+ copyFontResources(&obj2);
+ else if (strcmp("ProcSet", key) == 0)
+ copyProcSet(&obj2);
+ else
+- copyOtherResources(&obj2, key);
++ copyOtherResources(&obj2, (char *)key);
+ }
+ pdf_puts(">>\n");
+ }
+
+--- a/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100
++++ b/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100
+@@ -20,7 +20,7 @@
+ /*
+ This is based on the patch texlive-poppler-0.59.patch <2017-09-19> at
+ https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk
+-by Arch Linux. The poppler should be 0.59.0 or newer versions.
++by Arch Linux. The poppler should be 0.72.0 or newer versions.
+ POPPLER_VERSION should be defined.
+ */
+
+@@ -109,7 +109,7 @@
+ fprintf(stderr, "No SourceName found\n");
+ exit(1);
+ }
+- outname = (char *)srcName.getString()->getCString();
++ outname = (char *)srcName.getString()->c_str();
+ // We cannot free srcName, as objname shares its string.
+ // srcName.free();
+ } else if (objnum > 0) {
+@@ -118,7 +118,7 @@
+ fprintf(stderr, "Not a Stream object\n");
+ exit(1);
+ }
+- sprintf(buf, "%s", fileName->getCString());
++ sprintf(buf, "%s", fileName->c_str());
+ if ((p = strrchr(buf, '.')) == 0)
+ p = strchr(buf, 0);
+ if (objgen == 0)
+@@ -128,7 +128,7 @@
+ outname = buf;
+ } else { // objnum < 0 means we are extracting the XRef table
+ extract_xref_table = true;
+- sprintf(buf, "%s", fileName->getCString());
++ sprintf(buf, "%s", fileName->c_str());
+ if ((p = strrchr(buf, '.')) == 0)
+ p = strchr(buf, 0);
+ sprintf(p, ".xref");
+@@ -173,9 +173,9 @@
+
+ // parse the header: object numbers and offsets
+ objStr.streamReset();
+- str = new EmbedStream(objStr.getStream(), Object(objNull), gTrue, first);
++ str = new EmbedStream(objStr.getStream(), Object(objNull), true, first);
+ lexer = new Lexer(xref, str);
+- parser = new Parser(xref, lexer, gFalse);
++ parser = new Parser(xref, lexer, false);
+ for (n = 0; n < nObjects; ++n) {
+ obj1 = parser->getObj();
+ obj2 = parser->getObj();
+
diff --git a/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch
new file mode 100644
index 0000000000..cac716cc59
--- /dev/null
+++ b/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch
@@ -0,0 +1,31 @@
+Fix compatibility with Poppler 0.72.
+
+Patch taken from upstream:
+https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/xetexdir/pdfimage.cpp?r1=44964&r2=48969&diff_format=u
+
+--- a/texk/web2c/xetexdir/pdfimage.cpp 2017/08/06 07:12:02 44964
++++ b/texk/web2c/xetexdir/pdfimage.cpp 2018/10/22 04:01:42 48969
+@@ -82,19 +82,19 @@
+ switch (pdf_box) {
+ default:
+ case pdfbox_crop:
+- r = page->getCropBox();
++ r = (PDFRectangle *)page->getCropBox();
+ break;
+ case pdfbox_media:
+- r = page->getMediaBox();
++ r = (PDFRectangle *)page->getMediaBox();
+ break;
+ case pdfbox_bleed:
+- r = page->getBleedBox();
++ r = (PDFRectangle *)page->getBleedBox();
+ break;
+ case pdfbox_trim:
+- r = page->getTrimBox();
++ r = (PDFRectangle *)page->getTrimBox();
+ break;
+ case pdfbox_art:
+- r = page->getArtBox();
++ r = (PDFRectangle *)page->getArtBox();
+ break;
+ }
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index 4170e4a0ae..d5e23f6c9e 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -82,15 +82,14 @@
(define-public poppler
(package
(name "poppler")
- (replacement poppler/fixed)
- (version "0.68.0")
+ (version "0.72.0")
(source (origin
(method url-fetch)
(uri (string-append "https://poppler.freedesktop.org/poppler-"
version ".tar.xz"))
(sha256
(base32
- "0n0f7mv24lzv9p3dlzakpdhqg7ygcvl6l40grcz95xldzgq083gr"))))
+ "0lfs1b1jfamxl13zbl5n448dqvl9n8frbv8180y7b7kfyaw7wx61"))))
(build-system cmake-build-system)
;; FIXME:
;; use libcurl: no
@@ -132,14 +131,6 @@
(license license:gpl2+)
(home-page "https://poppler.freedesktop.org/")))
-(define poppler/fixed
- (package
- (inherit poppler)
- (source (origin
- (inherit (package-source poppler))
- (patches (append (origin-patches (package-source poppler))
- (search-patches "poppler-CVE-2018-19149.patch")))))))
-
(define-public poppler-data
(package
(name "poppler-data")
diff --git a/gnu/packages/scribus.scm b/gnu/packages/scribus.scm
index 615d7e23a2..52b96cd5d4 100644
--- a/gnu/packages/scribus.scm
+++ b/gnu/packages/scribus.scm
@@ -56,7 +56,56 @@
(sha256
(base32
"00ys0p6h3iq77kh72dkl0qrf7qvznq18qdrgiq10gfxja1995034"))
- (patches (search-patches "scribus-poppler.patch"))))
+ (patches (append
+ (search-patches "scribus-poppler.patch")
+ (list (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/scribusproject/scribus/commit/"
+ "7d4ceeb5cac32287769e3c0238699e0b3e56c24d.patch"))
+ (file-name "scribus-poppler-0.64.patch")
+ (sha256
+ (base32
+ "1kr27bfzkpabrh42nsrrvlqyycdg9isbavpaa5spgmrhidcg02xj")))
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/scribusproject/scribus/commit/"
+ "76561c1a55cd07c268f8f2b2fea888532933700b.patch"))
+ (file-name "scribus-poppler-config.patch")
+ (sha256
+ (base32
+ "01k18xjj82c3ndzp89dlpfhhdccc8z0acf8b04r592jyr5y9rc19")))
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/scribusproject/scribus/commit/"
+ "8e05d26c19097ac2ad5b4ebbf40a3771ee6faf9c.patch"))
+ (file-name "scribus-poppler-0.69.patch")
+ (sha256
+ (base32
+ "1avdmsj5l543j0irq18nxgiw99n395jj56ih5dsal59fn0wbqk42")))
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://git.archlinux.org/svntogit/"
+ "community.git/plain/trunk/scribus-"
+ "poppler-0.70.patch?h=packages/scribus&id="
+ "8ef43ee2fceb0753ed5a76bb0a11c84775898ffc"))
+ (file-name "scribus-poppler-0.70.patch")
+ (sha256
+ (base32
+ "0dw7ix3jaj0y1q97cmmqwb2qgdx760yhxx86wa8rnx0xhfi5x6qr"))))))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ (for-each (lambda (file)
+ (substitute* file
+ ;; These are required for compatibility with Poppler 0.71.
+ (("GBool") "bool") (("gTrue") "true") (("gFalse") "false")
+ ;; ...and this for Poppler 0.72.
+ (("getCString") "c_str")))
+ (find-files "scribus/plugins/import/pdf"))
+ #t))))
(build-system cmake-build-system)
(arguments
`(#:tests? #f ;no test target
diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm
index 916aa54d58..d345e89430 100644
--- a/gnu/packages/tex.scm
+++ b/gnu/packages/tex.scm
@@ -102,15 +102,19 @@
(patches
(list
;; This is required for compatibility with Poppler 0.64.0 and to fix a
- ;; segmentation fault in dvipdfm-x from XeTeX.
+ ;; segmentation fault in dvipdfm-x from XeTeX, and also contains a fix
+ ;; for CVE-2018-17407.
(origin
(method url-fetch)
(uri (string-append "http://www.linuxfromscratch.org/patches/blfs/"
- "svn/texlive-" version "-source-upstream_fixes-1.patch"))
+ "svn/texlive-" version "-source-upstream_fixes-2.patch"))
(file-name "texlive-poppler-compat.patch")
(sha256
(base32
- "0f8vhyj167y4xj0jx47vkybrcacfpxw0wdn1b777yq3xmhlahhlg")))))))
+ "04sxy1qv9y575mxwyg3y7rx7mh540pfjqx7yni7ncb5wjbq9pq1a")))
+ (search-patch "texlive-bin-luatex-poppler-compat.patch")
+ (search-patch "texlive-bin-pdftex-poppler-compat.patch")
+ (search-patch "texlive-bin-xetex-poppler-compat.patch")))))
(build-system gnu-build-system)
(inputs
`(("texlive-extra-src" ,texlive-extra-src)
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 05/23] gnu: D-Bus: Update to 1.12.12.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (2 preceding siblings ...)
2018-12-11 1:13 ` [bug#33701] [PATCH staging 04/23] gnu: poppler: Update to 0.72.0 Marius Bakke
@ 2018-12-11 1:13 ` Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 06/23] gnu: glib: Remove obsolete variable Marius Bakke
` (17 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:13 UTC (permalink / raw)
To: 33701
* gnu/packages/glib.scm (dbus): Update to 1.12.12.
---
gnu/packages/glib.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 61d8e84d54..39b0a5f9e6 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -79,7 +79,7 @@
(define dbus
(package
(name "dbus")
- (version "1.12.10")
+ (version "1.12.12")
(source (origin
(method url-fetch)
(uri (string-append
@@ -87,7 +87,7 @@
version ".tar.gz"))
(sha256
(base32
- "1xywijmgfad4m3cxp0b4l6kvypwc53ckmhwwzbrc6n32jwj3ssab"))
+ "1y7mxhkw2shd9mi9s62k81lz8npjkrafapr4fyfms7hs04kg4ilm"))
(patches (search-patches "dbus-helper-search-path.patch"))))
(build-system gnu-build-system)
(arguments
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 06/23] gnu: glib: Remove obsolete variable.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (3 preceding siblings ...)
2018-12-11 1:13 ` [bug#33701] [PATCH staging 05/23] gnu: D-Bus: Update to 1.12.12 Marius Bakke
@ 2018-12-11 1:13 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 07/23] gnu: glib: Update to 2.56.3 Marius Bakke
` (16 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:13 UTC (permalink / raw)
To: 33701
* gnu/packages/glib.scm (glib)[arguments]: Don't set DETERMINISTIC_BUILD.
---
gnu/packages/glib.scm | 3 ---
1 file changed, 3 deletions(-)
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 39b0a5f9e6..016fae11f1 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -184,9 +184,6 @@ shared NFS home directories.")
(modify-phases %standard-phases
(add-before 'build 'pre-build
(lambda* (#:key inputs outputs #:allow-other-keys)
- ;; For building deterministic pyc files
- (setenv "DETERMINISTIC_BUILD" "1")
-
;; For tests/gdatetime.c.
(setenv "TZDIR"
(string-append (assoc-ref inputs "tzdata")
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 07/23] gnu: glib: Update to 2.56.3.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (4 preceding siblings ...)
2018-12-11 1:13 ` [bug#33701] [PATCH staging 06/23] gnu: glib: Remove obsolete variable Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 08/23] gnu: pixman: Update to 0.36.0 Marius Bakke
` (15 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/glib.scm (glib): Update to 2.56.3.
---
gnu/packages/glib.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 016fae11f1..dee349395d 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -149,7 +149,7 @@ shared NFS home directories.")
(define glib
(package
(name "glib")
- (version "2.56.2")
+ (version "2.56.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/"
@@ -157,7 +157,7 @@ shared NFS home directories.")
name "-" version ".tar.xz"))
(sha256
(base32
- "12d738n1wpvrn39zvy9xazg5h6vzyiwsw8z1qibcj09mh4bbsjnn"))
+ "1cjcqz77m62zrx7224vl3f2cxwqf28r5xpqb2jy7av0vr2scb959"))
(patches (search-patches "glib-tests-timer.patch"))))
(build-system gnu-build-system)
(outputs '("out" ; everything
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 08/23] gnu: pixman: Update to 0.36.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (5 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 07/23] gnu: glib: Update to 2.56.3 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 09/23] gnu: cairo: Update to 1.16.0 Marius Bakke
` (14 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/xdisorg.scm (pixman): Update to 0.36.0.
---
gnu/packages/xdisorg.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm
index fdbe19c059..de4cac9e94 100644
--- a/gnu/packages/xdisorg.scm
+++ b/gnu/packages/xdisorg.scm
@@ -292,7 +292,7 @@ following the mouse.")
(define-public pixman
(package
(name "pixman")
- (version "0.34.0")
+ (version "0.36.0")
(source (origin
(method url-fetch)
(uri (string-append
@@ -300,7 +300,7 @@ following the mouse.")
version ".tar.gz"))
(sha256
(base32
- "13m842m9ffac3m9r0b4lvwjhwzg3w4353djkjpf00s0wnm4v5di1"))
+ "1blzrx50ssdv0pn56hcv2v0zw0vrjwj1sx22pkgjls1p9n6rr88w"))
(patches (search-patches "pixman-CVE-2016-5296.patch"))))
(build-system gnu-build-system)
(inputs
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 09/23] gnu: cairo: Update to 1.16.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (6 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 08/23] gnu: pixman: Update to 0.36.0 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 10/23] gnu: libqmi: Update to 1.20.2 Marius Bakke
` (13 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/patches/cairo-CVE-2016-9082.patch,
gnu/packages/patches/cairo-setjmp-wrapper.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them/
* gnu/packages/gtk.scm (cairo): Update to 1.16.0.
[source](patches): Remove.
---
gnu/local.mk | 2 -
gnu/packages/gtk.scm | 6 +-
.../patches/cairo-CVE-2016-9082.patch | 122 ------------------
.../patches/cairo-setjmp-wrapper.patch | 78 -----------
4 files changed, 2 insertions(+), 206 deletions(-)
delete mode 100644 gnu/packages/patches/cairo-CVE-2016-9082.patch
delete mode 100644 gnu/packages/patches/cairo-setjmp-wrapper.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 6541bcc8be..aaab4c72ec 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -608,8 +608,6 @@ dist_patch_DATA = \
%D%/packages/patches/boost-fix-icu-build.patch \
%D%/packages/patches/borg-respect-storage-quota.patch \
%D%/packages/patches/byobu-writable-status.patch \
- %D%/packages/patches/cairo-CVE-2016-9082.patch \
- %D%/packages/patches/cairo-setjmp-wrapper.patch \
%D%/packages/patches/calibre-no-updates-dialog.patch \
%D%/packages/patches/calibre-use-packaged-feedparser.patch \
%D%/packages/patches/casync-renameat2-declaration.patch \
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
index 7a8b6c1852..349d6029c4 100644
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@@ -113,16 +113,14 @@ tools have full access to view and control running applications.")
(define-public cairo
(package
(name "cairo")
- (version "1.14.12")
+ (version "1.16.0")
(source (origin
(method url-fetch)
(uri (string-append "https://cairographics.org/releases/cairo-"
version ".tar.xz"))
(sha256
(base32
- "05mzyxkvsfc1annjw2dja8vka01ampp9pp93lg09j8hba06g144c"))
- (patches (search-patches "cairo-CVE-2016-9082.patch"
- "cairo-setjmp-wrapper.patch"))))
+ "0c930mk5xr2bshbdljv005j3j8zr47gqmkry3q6qgvqky6rjjysy"))))
(build-system gnu-build-system)
(propagated-inputs
`(("fontconfig" ,fontconfig)
diff --git a/gnu/packages/patches/cairo-CVE-2016-9082.patch b/gnu/packages/patches/cairo-CVE-2016-9082.patch
deleted file mode 100644
index ad83404194..0000000000
--- a/gnu/packages/patches/cairo-CVE-2016-9082.patch
+++ /dev/null
@@ -1,122 +0,0 @@
-From: Adrian Johnson <ajohnson@redneon.com>
-Date: Thu, 20 Oct 2016 21:12:30 +1030
-Subject: [PATCH] image: prevent invalid ptr access for > 4GB images
-
-Image data is often accessed using:
-
- image->data + y * image->stride
-
-On 64-bit achitectures if the image data is > 4GB, this computation
-will overflow since both y and stride are 32-bit types.
-
-bug report: https://bugs.freedesktop.org/show_bug.cgi?id=98165
-patch: https://bugs.freedesktop.org/attachment.cgi?id=127421
----
- boilerplate/cairo-boilerplate.c | 4 +++-
- src/cairo-image-compositor.c | 4 ++--
- src/cairo-image-surface-private.h | 2 +-
- src/cairo-mesh-pattern-rasterizer.c | 2 +-
- src/cairo-png.c | 2 +-
- src/cairo-script-surface.c | 3 ++-
- 6 files changed, 10 insertions(+), 7 deletions(-)
-
-diff --git a/boilerplate/cairo-boilerplate.c b/boilerplate/cairo-boilerplate.c
-index 7fdbf79..4804dea 100644
---- a/boilerplate/cairo-boilerplate.c
-+++ b/boilerplate/cairo-boilerplate.c
-@@ -42,6 +42,7 @@
- #undef CAIRO_VERSION_H
- #include "../cairo-version.h"
-
-+#include <stddef.h>
- #include <stdlib.h>
- #include <ctype.h>
- #include <assert.h>
-@@ -976,7 +977,8 @@ cairo_surface_t *
- cairo_boilerplate_image_surface_create_from_ppm_stream (FILE *file)
- {
- char format;
-- int width, height, stride;
-+ int width, height;
-+ ptrdiff_t stride;
- int x, y;
- unsigned char *data;
- cairo_surface_t *image = NULL;
-diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
-index 48072f8..3ca0006 100644
---- a/src/cairo-image-compositor.c
-+++ b/src/cairo-image-compositor.c
-@@ -1575,7 +1575,7 @@ typedef struct _cairo_image_span_renderer {
- pixman_image_t *src, *mask;
- union {
- struct fill {
-- int stride;
-+ ptrdiff_t stride;
- uint8_t *data;
- uint32_t pixel;
- } fill;
-@@ -1594,7 +1594,7 @@ typedef struct _cairo_image_span_renderer {
- struct finish {
- cairo_rectangle_int_t extents;
- int src_x, src_y;
-- int stride;
-+ ptrdiff_t stride;
- uint8_t *data;
- } mask;
- } u;
-diff --git a/src/cairo-image-surface-private.h b/src/cairo-image-surface-private.h
-index 8ca694c..7e78d61 100644
---- a/src/cairo-image-surface-private.h
-+++ b/src/cairo-image-surface-private.h
-@@ -71,7 +71,7 @@ struct _cairo_image_surface {
-
- int width;
- int height;
-- int stride;
-+ ptrdiff_t stride;
- int depth;
-
- unsigned owns_data : 1;
-diff --git a/src/cairo-mesh-pattern-rasterizer.c b/src/cairo-mesh-pattern-rasterizer.c
-index 1b63ca8..e7f0db6 100644
---- a/src/cairo-mesh-pattern-rasterizer.c
-+++ b/src/cairo-mesh-pattern-rasterizer.c
-@@ -470,7 +470,7 @@ draw_pixel (unsigned char *data, int width, int height, int stride,
- tg += tg >> 16;
- tb += tb >> 16;
-
-- *((uint32_t*) (data + y*stride + 4*x)) = ((ta << 16) & 0xff000000) |
-+ *((uint32_t*) (data + y*(ptrdiff_t)stride + 4*x)) = ((ta << 16) & 0xff000000) |
- ((tr >> 8) & 0xff0000) | ((tg >> 16) & 0xff00) | (tb >> 24);
- }
- }
-diff --git a/src/cairo-png.c b/src/cairo-png.c
-index 562b743..aa8c227 100644
---- a/src/cairo-png.c
-+++ b/src/cairo-png.c
-@@ -673,7 +673,7 @@ read_png (struct png_read_closure_t *png_closure)
- }
-
- for (i = 0; i < png_height; i++)
-- row_pointers[i] = &data[i * stride];
-+ row_pointers[i] = &data[i * (ptrdiff_t)stride];
-
- png_read_image (png, row_pointers);
- png_read_end (png, info);
-diff --git a/src/cairo-script-surface.c b/src/cairo-script-surface.c
-index ea0117d..91e4baa 100644
---- a/src/cairo-script-surface.c
-+++ b/src/cairo-script-surface.c
-@@ -1202,7 +1202,8 @@ static cairo_status_t
- _write_image_surface (cairo_output_stream_t *output,
- const cairo_image_surface_t *image)
- {
-- int stride, row, width;
-+ int row, width;
-+ ptrdiff_t stride;
- uint8_t row_stack[CAIRO_STACK_BUFFER_SIZE];
- uint8_t *rowdata;
- uint8_t *data;
---
-2.1.4
-
diff --git a/gnu/packages/patches/cairo-setjmp-wrapper.patch b/gnu/packages/patches/cairo-setjmp-wrapper.patch
deleted file mode 100644
index bffac6e041..0000000000
--- a/gnu/packages/patches/cairo-setjmp-wrapper.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-Revert faulty commit to avoid undefined behaviour:
-https://bugs.freedesktop.org/show_bug.cgi?id=104325
-
-Taken from this upstream commit:
-https://cgit.freedesktop.org/cairo/commit/?h=1.14&id=2acc4382c54bd8239361ceed14423412a343d311
-
-diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c
-index cb2e30c..5541bdc 100644
---- a/src/cairo-bentley-ottmann-rectangular.c
-+++ b/src/cairo-bentley-ottmann-rectangular.c
-@@ -593,12 +593,6 @@ sweep_line_insert (sweep_line_t *sweep, rectangle_t *rectangle)
- pqueue_push (sweep, rectangle);
- }
-
--static int
--sweep_line_setjmp (sweep_line_t *sweep_line)
--{
-- return setjmp (sweep_line->unwind);
--}
--
- static cairo_status_t
- _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles,
- int num_rectangles,
-@@ -615,7 +609,7 @@ _cairo_bentley_ottmann_tessellate_rectangular (rectangle_t **rectangles,
- rectangles, num_rectangles,
- fill_rule,
- do_traps, container);
-- if ((status = sweep_line_setjmp (&sweep_line)))
-+ if ((status = setjmp (sweep_line.unwind)))
- return status;
-
- rectangle = rectangle_pop_start (&sweep_line);
-diff --git a/src/cairo-png.c b/src/cairo-png.c
-index e64b14a..068617d 100644
---- a/src/cairo-png.c
-+++ b/src/cairo-png.c
-@@ -158,14 +158,6 @@ png_simple_warning_callback (png_structp png,
- */
- }
-
--static int
--png_setjmp (png_struct *png)
--{
--#ifdef PNG_SETJMP_SUPPORTED
-- return setjmp (png_jmpbuf (png));
--#endif
-- return 0;
--}
-
- /* Starting with libpng-1.2.30, we must explicitly specify an output_flush_fn.
- * Otherwise, we will segfault if we are writing to a stream. */
-@@ -237,8 +229,10 @@ write_png (cairo_surface_t *surface,
- goto BAIL4;
- }
-
-- if (png_setjmp (png))
-+#ifdef PNG_SETJMP_SUPPORTED
-+ if (setjmp (png_jmpbuf (png)))
- goto BAIL4;
-+#endif
-
- png_set_write_fn (png, closure, write_func, png_simple_output_flush_fn);
-
-@@ -577,11 +571,12 @@ read_png (struct png_read_closure_t *png_closure)
- png_set_read_fn (png, png_closure, stream_read_func);
-
- status = CAIRO_STATUS_SUCCESS;
--
-- if (png_setjmp (png)) {
-+#ifdef PNG_SETJMP_SUPPORTED
-+ if (setjmp (png_jmpbuf (png))) {
- surface = _cairo_surface_create_in_error (status);
- goto BAIL;
- }
-+#endif
-
- png_read_info (png, info);
-
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 10/23] gnu: libqmi: Update to 1.20.2.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (7 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 09/23] gnu: cairo: Update to 1.16.0 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 11/23] gnu: curl: Remove replacement for 7.62.0 Marius Bakke
` (12 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/freedesktop.scm (libqmi): Update to 1.20.2.
---
gnu/packages/freedesktop.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/freedesktop.scm b/gnu/packages/freedesktop.scm
index f8e97acf51..536895cba8 100644
--- a/gnu/packages/freedesktop.scm
+++ b/gnu/packages/freedesktop.scm
@@ -763,7 +763,7 @@ which speak the Mobile Interface Broadband Model (MBIM) protocol.")
(define-public libqmi
(package
(name "libqmi")
- (version "1.20.0")
+ (version "1.20.2")
(source (origin
(method url-fetch)
(uri (string-append
@@ -771,7 +771,7 @@ which speak the Mobile Interface Broadband Model (MBIM) protocol.")
name "-" version ".tar.xz"))
(sha256
(base32
- "1d3fca477sdwbv4bsq1cl98qc8sixrzp0gqjcmjj8mlwfk9qqhi1"))))
+ "0i6aw8jyxv84d5x8lj2g9lb8xxf1dyad8n3q0kw164pyig55jd67"))))
(build-system gnu-build-system)
(inputs
`(("libgudev" ,libgudev)))
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 11/23] gnu: curl: Remove replacement for 7.62.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (8 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 10/23] gnu: libqmi: Update to 1.20.2 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 12/23] gnu: ghostscript: Update to 9.26 Marius Bakke
` (11 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/curl.scm (curl): Update to 7.62.0.
[replacement]: Remove field.
(curl-7.62.0): Remove variable.
---
gnu/packages/curl.scm | 18 ++----------------
1 file changed, 2 insertions(+), 16 deletions(-)
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 61313af7d2..9430ece467 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -50,15 +50,14 @@
(define-public curl
(package
(name "curl")
- (version "7.61.1")
- (replacement curl-7.62.0)
+ (version "7.62.0")
(source (origin
(method url-fetch)
(uri (string-append "https://curl.haxx.se/download/curl-"
version ".tar.xz"))
(sha256
(base32
- "148qv1f32290r9pwg07mccawihz4srznkzsdwdl2xllvlgb16n9x"))))
+ "1hbm29r3pirhn4gkcnd94ylc4jzgn3v3v7qbay9awxg7bwx69dfs"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.2 MiB of man3 pages
@@ -142,19 +141,6 @@ tunneling, and so on.")
"See COPYING in the distribution."))
(home-page "https://curl.haxx.se/")))
-(define-public curl-7.62.0
- (package
- (inherit curl)
- (version "7.62.0")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "https://curl.haxx.se/download/curl-"
- version ".tar.xz"))
- (sha256
- (base32
- "1hbm29r3pirhn4gkcnd94ylc4jzgn3v3v7qbay9awxg7bwx69dfs"))))))
-
(define-public kurly
(package
(name "kurly")
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 12/23] gnu: ghostscript: Update to 9.26.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (9 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 11/23] gnu: curl: Remove replacement for 7.62.0 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-12 1:07 ` Leo Famulari
2018-12-11 1:14 ` [bug#33701] [PATCH staging 13/23] gnu: icu4c: Update to 63.1 Marius Bakke
` (10 subsequent siblings)
21 siblings, 1 reply; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/patches/ghostscript-bug-699708.patch,
gnu/packages/patches/ghostscript-CVE-2018-16509.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.26.
[source](patches): Remove obsolete.
---
gnu/local.mk | 2 -
gnu/packages/ghostscript.scm | 8 +-
.../patches/ghostscript-CVE-2018-16509.patch | 193 ------------------
.../patches/ghostscript-bug-699708.patch | 160 ---------------
4 files changed, 3 insertions(+), 360 deletions(-)
delete mode 100644 gnu/packages/patches/ghostscript-CVE-2018-16509.patch
delete mode 100644 gnu/packages/patches/ghostscript-bug-699708.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index aaab4c72ec..45d8effc11 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -738,8 +738,6 @@ dist_patch_DATA = \
%D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \
%D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \
%D%/packages/patches/ghc-haddock-library-unbundle.patch \
- %D%/packages/patches/ghostscript-CVE-2018-16509.patch \
- %D%/packages/patches/ghostscript-bug-699708.patch \
%D%/packages/patches/ghostscript-no-header-id.patch \
%D%/packages/patches/ghostscript-no-header-uuid.patch \
%D%/packages/patches/ghostscript-no-header-creationdate.patch \
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index b46451d94e..d8c0050513 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -135,7 +135,7 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript
(package
(name "ghostscript")
- (version "9.24")
+ (version "9.26")
(source
(origin
(method url-fetch)
@@ -145,10 +145,8 @@ printing, and psresize, for adjusting page sizes.")
"/ghostscript-" version ".tar.xz"))
(sha256
(base32
- "1mk922rnml93w2g42yxiyn8xqanc50cm65irrgh0b6lp4kgifjfl"))
- (patches (search-patches "ghostscript-CVE-2018-16509.patch"
- "ghostscript-bug-699708.patch"
- "ghostscript-no-header-creationdate.patch"
+ "1645f47all5w27bfhiq15vycdm954lmr6agqkrp68ksq6xglgvch"))
+ (patches (search-patches "ghostscript-no-header-creationdate.patch"
"ghostscript-no-header-id.patch"
"ghostscript-no-header-uuid.patch"))
(modules '((guix build utils)))
diff --git a/gnu/packages/patches/ghostscript-CVE-2018-16509.patch b/gnu/packages/patches/ghostscript-CVE-2018-16509.patch
deleted file mode 100644
index 50ffa3cb98..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2018-16509.patch
+++ /dev/null
@@ -1,193 +0,0 @@
-Ghostscript 9.24 was released with an incomplete fix for CVE-2018-16509:
-https://nvd.nist.gov/vuln/detail/CVE-2018-16509
-https://bugs.chromium.org/p/project-zero/issues/detail?id=1640#c19
-https://bugs.ghostscript.com/show_bug.cgi?id=699718
-
-The reproducers no longer work after applying these commits:
-
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e914f1da46e33decc534486598dc3eadf69e6efb
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=643b24dbd002fb9c131313253c307cf3951b3d47
-
-This patch is a "squashed" version of those.
-
-diff --git a/Resource/Init/gs_setpd.ps b/Resource/Init/gs_setpd.ps
-index bba3c8c0e..8fa7c51df 100644
---- a/Resource/Init/gs_setpd.ps
-+++ b/Resource/Init/gs_setpd.ps
-@@ -95,27 +95,41 @@ level2dict begin
- { % Since setpagedevice doesn't create new device objects,
- % we must (carefully) reinstall the old parameters in
- % the same device.
-- .currentpagedevice pop //null currentdevice //null .trysetparams
-+ .currentpagedevice pop //null currentdevice //null
-+ { .trysetparams } .internalstopped
-+ {
-+ //null
-+ } if
- dup type /booleantype eq
- { pop pop }
-- { % This should never happen!
-+ {
- SETPDDEBUG { (Error in .trysetparams!) = pstack flush } if
-- cleartomark pop pop pop
-+ {cleartomark pop pop pop} .internalstopped pop
-+ % if resetting the entire device state failed, at least put back the
-+ % security related key
-+ currentdevice //null //false mark /.LockSafetyParams
-+ currentpagedevice /.LockSafetyParams .knownget not
-+ {systemdict /SAFER .knownget not {//false} } if
-+ .putdeviceparamsonly
- /.installpagedevice cvx /rangecheck signalerror
- }
- ifelse pop pop
- % A careful reading of the Red Book reveals that an erasepage
- % should occur, but *not* an initgraphics.
- erasepage .beginpage
-- } bind def
-+ } bind executeonly def
-
- /.uninstallpagedevice
-- { 2 .endpage { .currentnumcopies //false .outputpage } if
-+ {
-+ {2 .endpage { .currentnumcopies //false .outputpage } if} .internalstopped pop
- nulldevice
- } bind def
-
- (%grestorepagedevice) cvn
-- { .uninstallpagedevice grestore .installpagedevice
-+ {
-+ .uninstallpagedevice
-+ grestore
-+ .installpagedevice
- } bind def
-
- (%grestoreallpagedevice) cvn
-diff --git a/psi/zdevice2.c b/psi/zdevice2.c
-index 0c7080d57..159a0c0d9 100644
---- a/psi/zdevice2.c
-+++ b/psi/zdevice2.c
-@@ -251,8 +251,8 @@ z2currentgstate(i_ctx_t *i_ctx_p)
- /* ------ Wrappers for operators that reset the graphics state. ------ */
-
- /* Check whether we need to call out to restore the page device. */
--static bool
--restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
-+static int
-+restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate * pgs_new)
- {
- gx_device *dev_old = gs_currentdevice(pgs_old);
- gx_device *dev_new;
-@@ -260,9 +260,10 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
- gx_device *dev_t2;
- bool samepagedevice = obj_eq(dev_old->memory, &gs_int_gstate(pgs_old)->pagedevice,
- &gs_int_gstate(pgs_new)->pagedevice);
-+ bool LockSafetyParams = dev_old->LockSafetyParams;
-
- if ((dev_t1 = (*dev_proc(dev_old, get_page_device)) (dev_old)) == 0)
-- return false;
-+ return 0;
- /* If we are going to putdeviceparams in a callout, we need to */
- /* unlock temporarily. The device will be re-locked as needed */
- /* by putdeviceparams from the pgs_old->pagedevice dict state. */
-@@ -271,23 +272,51 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
- dev_new = gs_currentdevice(pgs_new);
- if (dev_old != dev_new) {
- if ((dev_t2 = (*dev_proc(dev_new, get_page_device)) (dev_new)) == 0)
-- return false;
-- if (dev_t1 != dev_t2)
-- return true;
-+ samepagedevice = true;
-+ else if (dev_t1 != dev_t2)
-+ samepagedevice = false;
-+ }
-+
-+ if (LockSafetyParams && !samepagedevice) {
-+ const int required_ops = 512;
-+ const int required_es = 32;
-+
-+ /* The %grestorepagedevice must complete: the biggest danger
-+ is operand stack overflow. As we use get/putdeviceparams
-+ that means pushing all the device params onto the stack,
-+ pdfwrite having by far the largest number of parameters
-+ at (currently) 212 key/value pairs - thus needing (currently)
-+ 424 entries on the op stack. Allowing for working stack
-+ space, and safety margin.....
-+ */
-+ if (required_ops + ref_stack_count(&o_stack) >= ref_stack_max_count(&o_stack)) {
-+ gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
-+ return_error(gs_error_stackoverflow);
-+ }
-+ /* We also want enough exec stack space - 32 is an overestimate of
-+ what we need to complete the Postscript call out.
-+ */
-+ if (required_es + ref_stack_count(&e_stack) >= ref_stack_max_count(&e_stack)) {
-+ gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
-+ return_error(gs_error_execstackoverflow);
-+ }
- }
- /*
- * The current implementation of setpagedevice just sets new
- * parameters in the same device object, so we have to check
- * whether the page device dictionaries are the same.
- */
-- return !samepagedevice;
-+ return samepagedevice ? 0 : 1;
- }
-
- /* - grestore - */
- static int
- z2grestore(i_ctx_t *i_ctx_p)
- {
-- if (!restore_page_device(igs, gs_gstate_saved(igs)))
-+ int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
-+ if (code < 0) return code;
-+
-+ if (code == 0)
- return gs_grestore(igs);
- return push_callout(i_ctx_p, "%grestorepagedevice");
- }
-@@ -297,7 +326,9 @@ static int
- z2grestoreall(i_ctx_t *i_ctx_p)
- {
- for (;;) {
-- if (!restore_page_device(igs, gs_gstate_saved(igs))) {
-+ int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
-+ if (code < 0) return code;
-+ if (code == 0) {
- bool done = !gs_gstate_saved(gs_gstate_saved(igs));
-
- gs_grestore(igs);
-@@ -328,11 +359,15 @@ z2restore(i_ctx_t *i_ctx_p)
- if (code < 0) return code;
-
- while (gs_gstate_saved(gs_gstate_saved(igs))) {
-- if (restore_page_device(igs, gs_gstate_saved(igs)))
-+ code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
-+ if (code < 0) return code;
-+ if (code > 0)
- return push_callout(i_ctx_p, "%restore1pagedevice");
- gs_grestore(igs);
- }
-- if (restore_page_device(igs, gs_gstate_saved(igs)))
-+ code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
-+ if (code < 0) return code;
-+ if (code > 0)
- return push_callout(i_ctx_p, "%restorepagedevice");
-
- code = dorestore(i_ctx_p, asave);
-@@ -355,9 +390,12 @@ static int
- z2setgstate(i_ctx_t *i_ctx_p)
- {
- os_ptr op = osp;
-+ int code;
-
- check_stype(*op, st_igstate_obj);
-- if (!restore_page_device(igs, igstate_ptr(op)))
-+ code = restore_page_device(i_ctx_p, igs, igstate_ptr(op));
-+ if (code < 0) return code;
-+ if (code == 0)
- return zsetgstate(i_ctx_p);
- return push_callout(i_ctx_p, "%setgstatepagedevice");
- }
diff --git a/gnu/packages/patches/ghostscript-bug-699708.patch b/gnu/packages/patches/ghostscript-bug-699708.patch
deleted file mode 100644
index 1567be1c6f..0000000000
--- a/gnu/packages/patches/ghostscript-bug-699708.patch
+++ /dev/null
@@ -1,160 +0,0 @@
-Additional security fix that missed 9.24.
-
-Taken from upstream:
-http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
-
-From fb713b3818b52d8a6cf62c951eba2e1795ff9624 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 6 Sep 2018 09:16:22 +0100
-Subject: [PATCH] Bug 699708 (part 1): 'Hide' non-replaceable error handlers
- for SAFER
-
-We already had a 'private' dictionary for non-standard errors: gserrordict.
-
-This now includes all the default error handlers, the dictionary is made
-noaccess and all the prodedures are bound and executeonly.
-
-When running with -dSAFER, in the event of a Postscript error, instead of
-pulling the handler from errordict, we'll pull it from gserrordict - thus
-malicious input cannot trigger problems by the use of custom error handlers.
-
-errordict remains open and writeable, so files such as the Quality Logic tests
-that install their own handlers will still 'work', with the exception that the
-custom error handlers will not be called.
-
-This is a 'first pass', 'sledgehammer' approach: a nice addition would to allow
-an integrator to specify a list of errors that are not to be replaced (for
-example, embedded applications would probably want to ensure that VMerror is
-always handled as they intend).
----
- Resource/Init/gs_init.ps | 29 ++++++++++++++++++-----------
- psi/interp.c | 30 +++++++++++++++++++++---------
- 2 files changed, 39 insertions(+), 20 deletions(-)
-
-diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
-index 071c39205..bc8b7951c 100644
---- a/Resource/Init/gs_init.ps
-+++ b/Resource/Init/gs_init.ps
-@@ -881,7 +881,7 @@ userdict /.currentresourcefile //null put
- { not exch pop exit } { pop } ifelse
- }
- for exch pop .quit
-- } bind def
-+ } bind executeonly def
- /.errorhandler % <command> <errorname> .errorhandler -
- { % Detect an internal 'stopped'.
- 1 .instopped { //null eq { pop pop stop } if } if
-@@ -926,7 +926,7 @@ userdict /.currentresourcefile //null put
- $error /globalmode get $error /.nosetlocal get and .setglobal
- $error /.inerror //false put
- stop
-- } bind def
-+ } bind executeonly def
- % Define the standard handleerror. We break out the printing procedure
- % (.printerror) so that it can be extended for binary output
- % if the Level 2 facilities are present.
-@@ -976,7 +976,7 @@ userdict /.currentresourcefile //null put
- ifelse % newerror
- end
- flush
-- } bind def
-+ } bind executeonly def
- /.printerror_long % long error printout,
- % $error is on the dict stack
- { % Push the (anonymous) stack printing procedure.
-@@ -1053,14 +1053,14 @@ userdict /.currentresourcefile //null put
- { (Current file position is ) print position = }
- if
-
-- } bind def
-+ } bind executeonly def
- % Define a procedure for clearing the error indication.
- /.clearerror
- { $error /newerror //false put
- $error /errorname //null put
- $error /errorinfo //null put
- 0 .setoserrno
-- } bind def
-+ } bind executeonly def
-
- % Define $error. This must be in local VM.
- .currentglobal //false .setglobal
-@@ -1086,11 +1086,15 @@ end
- /errordict ErrorNames length 3 add dict
- .forcedef % errordict is local, systemdict is global
- .setglobal % back to global VM
--% For greater Adobe compatibility, we put all non-standard errors in a
--% separate dictionary, gserrordict. It does not need to be in local VM,
--% because PostScript programs do not access it.
-+% gserrordict contains all the default error handling methods, but unlike
-+% errordict it is noaccess after creation (also it is in global VM).
-+% When running 'SAFER', we'll ignore the contents of errordict, which
-+% may have been tampered with by the running job, and always use gserrordict
-+% gserrordict also contains any non-standard errors, for better compatibility
-+% with Adobe.
-+%
- % NOTE: the name gserrordict is known to the interpreter.
--/gserrordict 5 dict def
-+/gserrordict ErrorNames length 3 add dict def
- % Register an error in errordict. We make this a procedure because we only
- % register the Level 1 errors here: the rest are registered by "feature"
- % files. However, ErrorNames contains all of the error names regardless of
-@@ -1119,8 +1123,11 @@ errordict begin
- } bind def
- end % errordict
-
--% Put non-standard errors in gserrordict.
--gserrordict /unknownerror errordict /unknownerror get put
-+% Put all the default handlers in gserrordict
-+gserrordict
-+errordict {2 index 3 1 roll put} forall
-+noaccess pop
-+% remove the non-standard errors from errordict
- errordict /unknownerror .undef
- % Define a stable private copy of handleerror that we will always use under
- % JOBSERVER mode.
-diff --git a/psi/interp.c b/psi/interp.c
-index c27b70dca..d41a9d3f5 100644
---- a/psi/interp.c
-+++ b/psi/interp.c
-@@ -661,16 +661,28 @@ again:
- return code;
- if (gs_errorname(i_ctx_p, code, &error_name) < 0)
- return code; /* out-of-range error code! */
-- /*
-- * For greater Adobe compatibility, only the standard PostScript errors
-- * are defined in errordict; the rest are in gserrordict.
-+
-+ /* If LockFilePermissions is true, we only refer to gserrordict, which
-+ * is not accessible to Postcript jobs
- */
-- if (dict_find_string(systemdict, "errordict", &perrordict) <= 0 ||
-- (dict_find(perrordict, &error_name, &epref) <= 0 &&
-- (dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 ||
-- dict_find(perrordict, &error_name, &epref) <= 0))
-- )
-- return code; /* error name not in errordict??? */
-+ if (i_ctx_p->LockFilePermissions) {
-+ if (((dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 ||
-+ dict_find(perrordict, &error_name, &epref) <= 0))
-+ )
-+ return code; /* error name not in errordict??? */
-+ }
-+ else {
-+ /*
-+ * For greater Adobe compatibility, only the standard PostScript errors
-+ * are defined in errordict; the rest are in gserrordict.
-+ */
-+ if (dict_find_string(systemdict, "errordict", &perrordict) <= 0 ||
-+ (dict_find(perrordict, &error_name, &epref) <= 0 &&
-+ (dict_find_string(systemdict, "gserrordict", &perrordict) <= 0 ||
-+ dict_find(perrordict, &error_name, &epref) <= 0))
-+ )
-+ return code; /* error name not in errordict??? */
-+ }
- doref = *epref;
- epref = &doref;
- /* Push the error object on the operand stack if appropriate. */
---
-2.18.0
-
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 13/23] gnu: icu4c: Update to 63.1.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (10 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 12/23] gnu: ghostscript: Update to 9.26 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 14/23] gnu: tzdata-for-tests: Update to 2018g Marius Bakke
` (9 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/icu4c.scm (icu4c): Update to 63.1.
---
gnu/packages/icu4c.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm
index 2d28107e81..6e93d6aed9 100644
--- a/gnu/packages/icu4c.scm
+++ b/gnu/packages/icu4c.scm
@@ -32,7 +32,7 @@
(define-public icu4c
(package
(name "icu4c")
- (version "62.1")
+ (version "63.1")
(source (origin
(method url-fetch)
(uri (string-append
@@ -42,7 +42,7 @@
(string-map (lambda (x) (if (char=? x #\.) #\_ x)) version)
"-src.tgz"))
(sha256
- (base32 "18ssgnwzzpm1g1fvbm9h1fvryiwxvvn5wc3fdakdsl33cs6qdn9x"))))
+ (base32 "17fbk0lm2clsxbmjzvyp245ayx0n4chji3ky1f3fbz2ljjv91i05"))))
(build-system gnu-build-system)
(inputs
`(("perl" ,perl)))
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 14/23] gnu: tzdata-for-tests: Update to 2018g.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (11 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 13/23] gnu: icu4c: Update to 63.1 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 15/23] gnu: nghttp2: Update to 1.35.1 Marius Bakke
` (8 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/base.scm (tzdata-for-tests): Inherit TZDATA.
---
gnu/packages/base.scm | 18 +-----------------
1 file changed, 1 insertion(+), 17 deletions(-)
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 55a0290600..932416a60d 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -1173,23 +1173,7 @@ and daylight-saving rules.")
(define-public tzdata-for-tests
(hidden-package
(package
- (inherit tzdata)
- (version "2018d")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://www.iana.org/time-zones/repository"
- "/releases/tzdata" version ".tar.gz"))
- (sha256
- (base32
- "0m6020dnk9r40z7k36jp13fa06xip3hn0fdx3nly66jzxgffs1ji"))))
- (inputs `(("tzcode" ,(origin
- (method url-fetch)
- (uri (string-append
- "http://www.iana.org/time-zones/repository/releases/tzcode"
- version ".tar.gz"))
- (sha256
- (base32
- "1nd882yhsazmcfqmcqyfig3axycryl30gmizgqhqsx5dpa2lxr3x")))))))))
+ (inherit tzdata))))
(define-public libiconv
(package
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 15/23] gnu: nghttp2: Update to 1.35.1.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (12 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 14/23] gnu: tzdata-for-tests: Update to 2018g Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 16/23] gnu: nettle: Update to 3.4.1 Marius Bakke
` (7 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/web.scm (nghttp2): Update to 1.35.1.
[native-inputs]: Add GCC-7.
[arguments]: Add workaround for <https://bugs.gnu.org/30756>.
---
gnu/packages/web.scm | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index caf56e4119..17deb5c222 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -79,6 +79,7 @@
#:use-module (gnu packages flex)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages kerberos)
+ #:use-module (gnu packages gcc)
#:use-module (gnu packages gd)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
@@ -6696,7 +6697,7 @@ derivation by David Revoy from the original MonsterID by Andreas Gohr.")
(define-public nghttp2
(package
(name "nghttp2")
- (version "1.32.0")
+ (version "1.35.1")
(source
(origin
(method url-fetch)
@@ -6705,12 +6706,13 @@ derivation by David Revoy from the original MonsterID by Andreas Gohr.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0zbgp8f80h2zlfn8cd2ldrmgl81jzcdh1141n71aqmfckzaqj2kh"))))
+ "0fi6qg2w82636wixwkqy7bclpgxslmvg82r431hs8h6aqc4mnzwv"))))
(build-system gnu-build-system)
(outputs (list "out"
"lib")) ; only libnghttp2
(native-inputs
`(("pkg-config" ,pkg-config)
+ ("gcc" ,gcc-7) ; 1.35.0 requires GCC6 or later
;; Required by tests.
("cunit" ,cunit)
@@ -6742,6 +6744,9 @@ derivation by David Revoy from the original MonsterID by Andreas Gohr.")
(("@prefix@")
(assoc-ref outputs "lib")))
#t))
+ (add-before 'configure 'work-around-bug-30756
+ (lambda _
+ (for-each unsetenv '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH")) #t))
(add-before 'check 'set-timezone-directory
(lambda* (#:key inputs #:allow-other-keys)
(setenv "TZDIR" (string-append (assoc-ref inputs "tzdata")
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 16/23] gnu: nettle: Update to 3.4.1.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (13 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 15/23] gnu: nghttp2: Update to 1.35.1 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 17/23] gnu: cyrus-sasl: Update to 2.1.27 Marius Bakke
` (6 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/nettle.scm (nettle): Update to 3.4.1.
---
gnu/packages/nettle.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/nettle.scm b/gnu/packages/nettle.scm
index 1212f32812..1f91b74d8b 100644
--- a/gnu/packages/nettle.scm
+++ b/gnu/packages/nettle.scm
@@ -75,14 +75,14 @@ themselves.")
;; This version is not API-compatible with version 2. In particular, lsh
;; cannot use it yet. So keep it separate.
(package (inherit nettle-2)
- (version "3.4")
+ (version "3.4.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/nettle/nettle-"
version ".tar.gz"))
(sha256
(base32
- "150y8655h629wn946dvzasq16qxsc1m9nf58mifvhl350bgl4ymf"))))
+ "1bcji95n1iz9p9vsgdgr26v6s7zhpsxfbjjwpqcihpfd6lawyhgr"))))
(arguments
(substitute-keyword-arguments (package-arguments nettle-2)
((#:configure-flags flags)
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 17/23] gnu: cyrus-sasl: Update to 2.1.27.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (14 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 16/23] gnu: nettle: Update to 3.4.1 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 18/23] gnu: jansson: Update to 2.12 Marius Bakke
` (5 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/cyrus-sasl.scm (cyrus-sasl): Update to 2.1.27.
[source](patches): Remove.
[inputs]: Move MIT-KRB5 from here ...
[propagated-inputs]: ... to here. New field.
---
gnu/local.mk | 1 -
gnu/packages/cyrus-sasl.scm | 9 +-
.../patches/cyrus-sasl-CVE-2013-4122.patch | 130 ------------------
3 files changed, 5 insertions(+), 135 deletions(-)
delete mode 100644 gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 45d8effc11..0d279e55eb 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -649,7 +649,6 @@ dist_patch_DATA = \
%D%/packages/patches/cube-nocheck.patch \
%D%/packages/patches/cursynth-wave-rand.patch \
%D%/packages/patches/cvs-2017-12836.patch \
- %D%/packages/patches/cyrus-sasl-CVE-2013-4122.patch \
%D%/packages/patches/datamash-arm-tests.patch \
%D%/packages/patches/dbus-helper-search-path.patch \
%D%/packages/patches/deja-dup-use-ref-keyword-for-iter.patch \
diff --git a/gnu/packages/cyrus-sasl.scm b/gnu/packages/cyrus-sasl.scm
index 60c1e0ef94..0a5e464719 100644
--- a/gnu/packages/cyrus-sasl.scm
+++ b/gnu/packages/cyrus-sasl.scm
@@ -31,7 +31,7 @@
(define-public cyrus-sasl
(package
(name "cyrus-sasl")
- (version "2.1.26")
+ (version "2.1.27")
(source (origin
(method url-fetch)
(uri (list (string-append
@@ -40,13 +40,14 @@
(string-append
"ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-"
version ".tar.gz")))
- (patches (search-patches "cyrus-sasl-CVE-2013-4122.patch"))
(sha256 (base32
- "1hvvbcsg21nlncbgs0cgn3iwlnb3vannzwsp6rwvnn9ba4v53g4g"))))
+ "1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6"))))
(build-system gnu-build-system)
(inputs `(("gdbm" ,gdbm)
- ("mit-krb5" ,mit-krb5)
("openssl" ,openssl)))
+ (propagated-inputs
+ `(;; cyrus-sasl.pc refers to -lkrb5, so propagate it.
+ ("mit-krb5" ,mit-krb5)))
(arguments
'(#:configure-flags (list (string-append "--with-plugindir="
(assoc-ref %outputs "out")
diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
deleted file mode 100644
index fc72e42e03..0000000000
--- a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
+++ /dev/null
@@ -1,130 +0,0 @@
-Fix CVE-2013-4122.
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122
-
-Patch copied from upstream source repository:
-https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
-
-From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001
-From: mancha <mancha1@hush.com>
-Date: Thu, 11 Jul 2013 10:08:07 +0100
-Subject: Handle NULL returns from glibc 2.17+ crypt()
-
-Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
-(w/ NULL return) if the salt violates specifications. Additionally,
-on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
-passed to crypt() fail with EPERM (w/ NULL return).
-
-When using glibc's crypt(), check return value to avoid a possible
-NULL pointer dereference.
-
-Patch by mancha1@hush.com.
----
- pwcheck/pwcheck_getpwnam.c | 3 ++-
- pwcheck/pwcheck_getspnam.c | 4 +++-
- saslauthd/auth_getpwent.c | 4 +++-
- saslauthd/auth_shadow.c | 8 +++-----
- 4 files changed, 11 insertions(+), 8 deletions(-)
-
-diff --git a/pwcheck/pwcheck_getpwnam.c b/pwcheck/pwcheck_getpwnam.c
-index 4b34222..400289c 100644
---- a/pwcheck/pwcheck_getpwnam.c
-+++ b/pwcheck/pwcheck_getpwnam.c
-@@ -32,6 +32,7 @@ char *userid;
- char *password;
- {
- char* r;
-+ char* crpt_passwd;
- struct passwd *pwd;
-
- pwd = getpwnam(userid);
-@@ -41,7 +42,7 @@ char *password;
- else if (pwd->pw_passwd[0] == '*') {
- r = "Account disabled";
- }
-- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
-+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
- r = "Incorrect password";
- }
- else {
-diff --git a/pwcheck/pwcheck_getspnam.c b/pwcheck/pwcheck_getspnam.c
-index 2b11286..6d607bb 100644
---- a/pwcheck/pwcheck_getspnam.c
-+++ b/pwcheck/pwcheck_getspnam.c
-@@ -32,13 +32,15 @@ char *userid;
- char *password;
- {
- struct spwd *pwd;
-+ char *crpt_passwd;
-
- pwd = getspnam(userid);
- if (!pwd) {
- return "Userid not found";
- }
-
-- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
-+ crpt_passwd = crypt(password, pwd->sp_pwdp);
-+ if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
- return "Incorrect password";
- }
- else {
-diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c
-index fc8029d..d4ebe54 100644
---- a/saslauthd/auth_getpwent.c
-+++ b/saslauthd/auth_getpwent.c
-@@ -77,6 +77,7 @@ auth_getpwent (
- {
- /* VARIABLES */
- struct passwd *pw; /* pointer to passwd file entry */
-+ char *crpt_passwd; /* encrypted password */
- int errnum;
- /* END VARIABLES */
-
-@@ -105,7 +106,8 @@ auth_getpwent (
- }
- }
-
-- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
-+ crpt_passwd = crypt(password, pw->pw_passwd);
-+ if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
- if (flags & VERBOSE) {
- syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
- }
-diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c
-index 677131b..1988afd 100644
---- a/saslauthd/auth_shadow.c
-+++ b/saslauthd/auth_shadow.c
-@@ -210,8 +210,8 @@ auth_shadow (
- RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
- }
-
-- cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
-- if (strcmp(sp->sp_pwdp, cpw)) {
-+ cpw = crypt(password, sp->sp_pwdp);
-+ if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) {
- if (flags & VERBOSE) {
- /*
- * This _should_ reveal the SHADOW_PW_LOCKED prefix to an
-@@ -221,10 +221,8 @@ auth_shadow (
- syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
- sp->sp_pwdp, cpw);
- }
-- free(cpw);
- RETURN("NO Incorrect password");
- }
-- free(cpw);
-
- /*
- * The following fields will be set to -1 if:
-@@ -286,7 +284,7 @@ auth_shadow (
- RETURN("NO Invalid username");
- }
-
-- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
-+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
- if (flags & VERBOSE) {
- syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
- password, upw->upw_passwd);
---
-cgit v0.12
-
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 18/23] gnu: jansson: Update to 2.12.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (15 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 17/23] gnu: cyrus-sasl: Update to 2.1.27 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 19/23] gnu: GnuTLS: Update to 3.6.5 Marius Bakke
` (4 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/web.scm (jansson): Update to 2.12.
[source](uri): Use bzip2 compressed tarball.
---
gnu/packages/web.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 17deb5c222..f8315d4379 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -510,15 +510,15 @@ libraries for working with JNLP applets.")
(define-public jansson
(package
(name "jansson")
- (version "2.11")
+ (version "2.12")
(source (origin
(method url-fetch)
(uri
(string-append "http://www.digip.org/jansson/releases/jansson-"
- version ".tar.gz"))
+ version ".tar.bz2"))
(sha256
(base32
- "1x5jllzzqamq6kahx9d9a5mrarm9m3f30vfxvcqpi6p4mcnz91bf"))))
+ "1lp1mv8pjp5yziws66cy0dhpcam4bbjqhffk13v4vgdybp674pb4"))))
(build-system gnu-build-system)
(home-page "http://www.digip.org/jansson/")
(synopsis "JSON C library")
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 19/23] gnu: GnuTLS: Update to 3.6.5.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (16 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 18/23] gnu: jansson: Update to 2.12 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 20/23] gnu: libuv: Update to 1.24.0 Marius Bakke
` (3 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/tls.scm (gnutls): Update to 3.6.5.
[source](patches): Remove obsolete.
[source](snippet): Add Guile detection fix.
---
gnu/local.mk | 1 -
.../patches/gnutls-skip-pkgconfig-test.patch | 24 -------------------
gnu/packages/tls.scm | 17 +++++++++----
3 files changed, 12 insertions(+), 30 deletions(-)
delete mode 100644 gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 0d279e55eb..3f2ca7a845 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -772,7 +772,6 @@ dist_patch_DATA = \
%D%/packages/patches/gnucash-price-quotes-perl.patch \
%D%/packages/patches/gnucash-disable-failing-tests.patch \
%D%/packages/patches/gnutls-skip-trust-store-test.patch \
- %D%/packages/patches/gnutls-skip-pkgconfig-test.patch \
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
%D%/packages/patches/gobject-introspection-cc.patch \
%D%/packages/patches/gobject-introspection-girepository.patch \
diff --git a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch b/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
deleted file mode 100644
index 1fad7c14e3..0000000000
--- a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-FIXME: The static test fails with an error such as:
-
-/tmp/guix-build-gnutls-3.5.13.drv-0/ccOnGPmc.o: In function `main':
-c.29617.tmp.c:(.text+0x5): undefined reference to `gnutls_global_init'
-collect2: error: ld returned 1 exit status
-FAIL pkgconfig.sh (exit status: 1)
-
-diff --git a/tests/pkgconfig.sh b/tests/pkgconfig.sh
-index 6bd4e62f9..05aab8278 100755
---- a/tests/pkgconfig.sh
-+++ b/tests/pkgconfig.sh
-@@ -57,11 +57,7 @@ echo "Trying dynamic linking with:"
- echo " * flags: $(${PKGCONFIG} --libs gnutls)"
- echo " * common: ${COMMON}"
- echo " * lib: ${CFLAGS}"
--cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON}
--
--echo ""
--echo "Trying static linking with $(${PKGCONFIG} --libs --static gnutls)"
--cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --static --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON}
-+gcc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON}
-
- rm -f ${TMPFILE} ${TMPFILE_O}
-
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index d9971441c6..73be90d0d3 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -162,7 +162,7 @@ living in the same process.")
(define-public gnutls
(package
(name "gnutls")
- (version "3.5.18")
+ (version "3.6.5")
(source (origin
(method url-fetch)
(uri
@@ -171,12 +171,19 @@ living in the same process.")
(string-append "mirror://gnupg/gnutls/v"
(version-major+minor version)
"/gnutls-" version ".tar.xz"))
- (patches
- (search-patches "gnutls-skip-trust-store-test.patch"
- "gnutls-skip-pkgconfig-test.patch"))
+ (patches (search-patches "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
- "0d02x28fwkkx7xzn7807nww6idchizzq3plx8sfcyiw7wzclh8mf"))))
+ "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; XXX: The generated configure script in GnuTLS 3.6.5
+ ;; apparently does not know about Guile 2.2.
+ (substitute* "configure"
+ (("guile_versions_to_search=\"2\\.0 1\\.8\"")
+ "guile_versions_to_search=\"2.2 2.0 1.8\""))
+ #t))))
(build-system gnu-build-system)
(arguments
`(; Ensure we don't keep a reference to this buggy software.
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 20/23] gnu: libuv: Update to 1.24.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (17 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 19/23] gnu: GnuTLS: Update to 3.6.5 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 21/23] gnu: CMake: Update to 3.13.1 Marius Bakke
` (2 subsequent siblings)
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/libevent.scm (libuv): Update to 1.24.0.
---
gnu/packages/libevent.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/libevent.scm b/gnu/packages/libevent.scm
index 2de29707ca..c9ed941202 100644
--- a/gnu/packages/libevent.scm
+++ b/gnu/packages/libevent.scm
@@ -122,14 +122,14 @@ limited support for fork events.")
(define-public libuv
(package
(name "libuv")
- (version "1.23.0")
+ (version "1.24.0")
(source (origin
(method url-fetch)
(uri (string-append "https://dist.libuv.org/dist/v" version
"/libuv-v" version ".tar.gz"))
(sha256
(base32
- "09yf7c71n8b80nbsv4lsmq5nqmb0rylhpx3z9jgkv5za9lr6sx6i"))))
+ "01pg0zsfr8mxlpipkbpw0dpsl26x5s966f5br7dx9ac29abk419q"))))
(build-system gnu-build-system)
(arguments
'(;; XXX: Some tests want /dev/tty, attempt to make connections, etc.
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 21/23] gnu: CMake: Update to 3.13.1.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (18 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 20/23] gnu: libuv: Update to 1.24.0 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 22/23] gnu: meson: Update to 0.49.0 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 23/23] gnu: glib-networking: Update to 2.59.1 Marius Bakke
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/cmake.scm (cmake): Update to 3.13.1.
---
gnu/packages/cmake.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/cmake.scm b/gnu/packages/cmake.scm
index 5abf087557..7186cf98df 100644
--- a/gnu/packages/cmake.scm
+++ b/gnu/packages/cmake.scm
@@ -44,7 +44,7 @@
(define-public cmake
(package
(name "cmake")
- (version "3.12.2")
+ (version "3.13.1")
(source (origin
(method url-fetch)
(uri (string-append "https://www.cmake.org/files/v"
@@ -52,7 +52,7 @@
"/cmake-" version ".tar.gz"))
(sha256
(base32
- "19410mxgcyvk5q42phaclb1hz6rl08z4yj8iriq706p5k5bli5qg"))
+ "04123d7fgnn1fs5p0nwyq397ss89r0y4wkg9a09qiwkjsvk1rzmy"))
(modules '((guix build utils)))
(snippet
'(begin
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 22/23] gnu: meson: Update to 0.49.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (19 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 21/23] gnu: CMake: Update to 3.13.1 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 23/23] gnu: glib-networking: Update to 2.59.1 Marius Bakke
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/build-tools.scm (meson): Update to 0.49.0.
---
gnu/packages/build-tools.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm
index d42d03cee9..628b36fff5 100644
--- a/gnu/packages/build-tools.scm
+++ b/gnu/packages/build-tools.scm
@@ -158,7 +158,7 @@ files and generates build instructions for the Ninja build system.")
(define-public meson
(package
(name "meson")
- (version "0.48.2")
+ (version "0.49.0")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/mesonbuild/meson/"
@@ -166,7 +166,7 @@ files and generates build instructions for the Ninja build system.")
version ".tar.gz"))
(sha256
(base32
- "01jmm2wmnqhqk6f2gfhzhyzh0il6bjbyl8syy457p76ws2zxisir"))))
+ "0l8m1v7cl5ybm7psfqmmdqbvmnsbb1qhb8ni3hwap3i0mk29a0zv"))))
(build-system python-build-system)
(arguments
`(;; FIXME: Tests require many additional inputs, a fix for the RUNPATH
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 23/23] gnu: glib-networking: Update to 2.59.1.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
` (20 preceding siblings ...)
2018-12-11 1:14 ` [bug#33701] [PATCH staging 22/23] gnu: meson: Update to 0.49.0 Marius Bakke
@ 2018-12-11 1:14 ` Marius Bakke
21 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 1:14 UTC (permalink / raw)
To: 33701
* gnu/packages/gnome.scm (glib-networking): Update to 2.59.1.
[build-system]: Change to MESON-BUILD-SYSTEM.
[arguments]: Remove.
(libsoup)[arguments]: Remove obsolete 'pre-check' code.
---
gnu/local.mk | 1 -
gnu/packages/gnome.scm | 73 +------------------
.../glib-networking-ssl-cert-file.patch | 29 --------
3 files changed, 3 insertions(+), 100 deletions(-)
delete mode 100644 gnu/packages/patches/glib-networking-ssl-cert-file.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3f2ca7a845..03627b98c1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -741,7 +741,6 @@ dist_patch_DATA = \
%D%/packages/patches/ghostscript-no-header-uuid.patch \
%D%/packages/patches/ghostscript-no-header-creationdate.patch \
%D%/packages/patches/giflib-make-reallocarray-private.patch \
- %D%/packages/patches/glib-networking-ssl-cert-file.patch \
%D%/packages/patches/glib-tests-timer.patch \
%D%/packages/patches/glibc-CVE-2015-5180.patch \
%D%/packages/patches/glibc-CVE-2015-7547.patch \
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 9d8e4a8d33..059eb46cdc 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -2396,7 +2396,7 @@ library.")
(define-public glib-networking
(package
(name "glib-networking")
- (version "2.54.1")
+ (version "2.59.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/glib-networking/"
@@ -2404,29 +2404,8 @@ library.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0bq16m9nh3gcz9x2fvygr0iwxd2pxcbrm3lj3kihsnh1afv8g9za"))
- (patches
- (search-patches "glib-networking-ssl-cert-file.patch"))))
- (build-system gnu-build-system)
- (arguments
- `(#:configure-flags
- '("--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt")
- #:phases
- (modify-phases %standard-phases
- (add-before 'configure 'patch-giomoduledir
- ;; Install GIO modules into $out/lib/gio/modules.
- (lambda _
- (substitute* "configure"
- (("GIO_MODULE_DIR=.*")
- (string-append "GIO_MODULE_DIR=" %output
- "/lib/gio/modules\n")))
- #t))
- (add-before 'check 'use-empty-ssl-cert-file
- (lambda _
- ;; The ca-certificates.crt is not available in the build
- ;; environment.
- (setenv "SSL_CERT_FILE" "/dev/null")
- #t)))))
+ "09nf78wzjfvbd722smn4wq4c7njyswg3kvgvim2h635b5dl94jqd"))))
+ (build-system meson-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)
("intltool" ,intltool)))
@@ -2516,55 +2495,9 @@ libxml to ease remote use of the RESTful API.")
;; The 'check-local' target runs 'env LANG=C sort -u',
;; unset 'LC_ALL' to make 'LANG' working.
(unsetenv "LC_ALL")
- ;; The ca-certificates.crt is not available in the build
- ;; environment.
- (setenv "SSL_CERT_FILE" "/dev/null")
;; HTTPD in Guix uses mod_event and does not build prefork.
(substitute* "tests/httpd.conf"
(("^LoadModule mpm_prefork_module.*$") "\n"))
-
- ;; Generate a self-signed certificate that has "localhost" as its
- ;; 'dnsName'. Failing to do that, and starting with GnuTLS
- ;; 3.5.12, tests such as "ssl-tests" fail:
- ;;
- ;; ERROR:ssl-test.c:406:do_tls_interaction_test: Unexpected status 6 Unacceptable TLS certificate (expected 200 OK)
- ;;
- ;; 'certtool' is interactive so we have to pipe it the answers.
- ;; Reported at <https://bugzilla.gnome.org/show_bug.cgi?id=784696>.
- (let ((pipe (open-output-pipe "certtool --generate-self-signed \
- --load-privkey tests/test-key.pem --outfile tests/test-cert.pem")))
- (for-each (lambda (line)
- (display line pipe)
- (newline pipe))
- '("" ;Common name
- "" ;UID
- "Guix" ;Organizational unit name
- "GNU" ;Organization name
- "" ;Locality name
- "" ;State or province
- "" ;Country
- "" ;subject's domain component (DC)
- "" ;E-mail
- "" ;serial number
- "-1" ;expiration time
- "N" ;belong to authority?
- "N" ;web client certificate?
- "N" ;IPsec IKE?
- "Y" ;web server certificate?
- "localhost" ;dnsName of subject
- "" ;dnsName of subject (end)
- "" ;URI of subject
- "127.0.0.1" ;IP address of subject
- "" ;signing?
- "" ;encryption?
- "" ;sign OCSP requests?
- "" ;sign code?
- "" ;time stamping?
- "" ;email protection?
- "" ;URI of the CRL distribution point
- "y" ;above info OK?
- ))
- (close-pipe pipe))
#t))
(replace 'install
(lambda _
diff --git a/gnu/packages/patches/glib-networking-ssl-cert-file.patch b/gnu/packages/patches/glib-networking-ssl-cert-file.patch
deleted file mode 100644
index 32bdd0790f..0000000000
--- a/gnu/packages/patches/glib-networking-ssl-cert-file.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From b010e41346d418220582c20ab8d7f3971e4fb78a Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@gmail.com>
-Date: Fri, 14 Aug 2015 17:28:36 +0800
-Subject: [PATCH] gnutls: Allow overriding the anchor file location by
- 'SSL_CERT_FILE'
-
----
- tls/gnutls/gtlsbackend-gnutls.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/tls/gnutls/gtlsbackend-gnutls.c b/tls/gnutls/gtlsbackend-gnutls.c
-index 55ec1a5..217d3c8 100644
---- a/tls/gnutls/gtlsbackend-gnutls.c
-+++ b/tls/gnutls/gtlsbackend-gnutls.c
-@@ -101,8 +101,10 @@ g_tls_backend_gnutls_real_create_database (GTlsBackendGnutls *self,
- GError **error)
- {
- const gchar *anchor_file = NULL;
-+ anchor_file = g_getenv ("SSL_CERT_FILE");
- #ifdef GTLS_SYSTEM_CA_FILE
-- anchor_file = GTLS_SYSTEM_CA_FILE;
-+ if (!anchor_file)
-+ anchor_file = GTLS_SYSTEM_CA_FILE;
- #endif
- return g_tls_file_database_new (anchor_file, error);
- }
---
-2.4.3
-
--
2.20.0
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates
2018-12-11 1:12 [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
@ 2018-12-11 20:42 ` Marius Bakke
2018-12-12 1:05 ` Leo Famulari
2 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-11 20:42 UTC (permalink / raw)
To: 33701
[-- Attachment #1.1: Type: text/plain, Size: 737 bytes --]
Marius Bakke <mbakke@fastmail.com> writes:
> This late series adds around 1000 rebuilds to the current staging
> branch. They also bring many of the GNOME family libraries to the
> latest upstream versions.
>
> The good:
> * Latest Ghostscript, Poppler, Harfbuzz, GnuTLS, and other
> security-critical libraries. Some of these have changed
> build systems, or ABIs, so future patching is easier.
> * Most/all regressions are already fixed.
Whoops, I spoke too soon: I upgraded glib-networking from 2.58 to 2.59
in the last minute (to fix a test failure), but the change broke libsoup
and possibly more.
In v2 of this series, two patches have diverged. Libsoup was adjusted
to cope with the new "certtool" API from GnuTLS 3.6:
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0019-gnu-GnuTLS-Update-to-3.6.5.patch --]
[-- Type: text/x-patch, Size: 5325 bytes --]
From cab3a4a7fe3e719f2991384c161043bbfae742d6 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Mon, 10 Dec 2018 02:38:32 +0100
Subject: [PATCH staging 19/23] gnu: GnuTLS: Update to 3.6.5.
* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/tls.scm (gnutls): Update to 3.6.5.
[source](patches): Remove obsolete.
[source](snippet): Add Guile detection fix.
* gnu/packages/gnome.scm (libsoup)[arguments]: Adjust 'certtool' invokation to
cope with the new API.
---
gnu/local.mk | 1 -
gnu/packages/gnome.scm | 3 ++-
.../patches/gnutls-skip-pkgconfig-test.patch | 24 -------------------
gnu/packages/tls.scm | 17 +++++++++----
4 files changed, 14 insertions(+), 31 deletions(-)
delete mode 100644 gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 0d279e55eb..3f2ca7a845 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -772,7 +772,6 @@ dist_patch_DATA = \
%D%/packages/patches/gnucash-price-quotes-perl.patch \
%D%/packages/patches/gnucash-disable-failing-tests.patch \
%D%/packages/patches/gnutls-skip-trust-store-test.patch \
- %D%/packages/patches/gnutls-skip-pkgconfig-test.patch \
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
%D%/packages/patches/gobject-introspection-cc.patch \
%D%/packages/patches/gobject-introspection-girepository.patch \
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 9d8e4a8d33..cea9445191 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -2556,7 +2556,8 @@ libxml to ease remote use of the RESTful API.")
"" ;URI of subject
"127.0.0.1" ;IP address of subject
"" ;signing?
- "" ;encryption?
+ "" ;encryption (RSA)?
+ "" ;data encryption?
"" ;sign OCSP requests?
"" ;sign code?
"" ;time stamping?
diff --git a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch b/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
deleted file mode 100644
index 1fad7c14e3..0000000000
--- a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-FIXME: The static test fails with an error such as:
-
-/tmp/guix-build-gnutls-3.5.13.drv-0/ccOnGPmc.o: In function `main':
-c.29617.tmp.c:(.text+0x5): undefined reference to `gnutls_global_init'
-collect2: error: ld returned 1 exit status
-FAIL pkgconfig.sh (exit status: 1)
-
-diff --git a/tests/pkgconfig.sh b/tests/pkgconfig.sh
-index 6bd4e62f9..05aab8278 100755
---- a/tests/pkgconfig.sh
-+++ b/tests/pkgconfig.sh
-@@ -57,11 +57,7 @@ echo "Trying dynamic linking with:"
- echo " * flags: $(${PKGCONFIG} --libs gnutls)"
- echo " * common: ${COMMON}"
- echo " * lib: ${CFLAGS}"
--cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON}
--
--echo ""
--echo "Trying static linking with $(${PKGCONFIG} --libs --static gnutls)"
--cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --static --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON}
-+gcc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON}
-
- rm -f ${TMPFILE} ${TMPFILE_O}
-
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index d9971441c6..73be90d0d3 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -162,7 +162,7 @@ living in the same process.")
(define-public gnutls
(package
(name "gnutls")
- (version "3.5.18")
+ (version "3.6.5")
(source (origin
(method url-fetch)
(uri
@@ -171,12 +171,19 @@ living in the same process.")
(string-append "mirror://gnupg/gnutls/v"
(version-major+minor version)
"/gnutls-" version ".tar.xz"))
- (patches
- (search-patches "gnutls-skip-trust-store-test.patch"
- "gnutls-skip-pkgconfig-test.patch"))
+ (patches (search-patches "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
- "0d02x28fwkkx7xzn7807nww6idchizzq3plx8sfcyiw7wzclh8mf"))))
+ "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; XXX: The generated configure script in GnuTLS 3.6.5
+ ;; apparently does not know about Guile 2.2.
+ (substitute* "configure"
+ (("guile_versions_to_search=\"2\\.0 1\\.8\"")
+ "guile_versions_to_search=\"2.2 2.0 1.8\""))
+ #t))))
(build-system gnu-build-system)
(arguments
`(; Ensure we don't keep a reference to this buggy software.
--
2.20.0
[-- Attachment #1.3: Type: text/plain, Size: 94 bytes --]
...while Glib-Networking was downgraded to 2.58, and removes related
code at the same time:
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.4: 0023-gnu-glib-networking-Update-to-2.58.0.patch --]
[-- Type: text/x-patch, Size: 7968 bytes --]
From ade89abc16f2247e6d5db633f001ff853fa989ba Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Mon, 10 Dec 2018 07:39:52 +0100
Subject: [PATCH staging 23/23] gnu: glib-networking: Update to 2.58.0.
* gnu/packages/gnome.scm (glib-networking): Update to 2.58.0.
[build-system]: Change to MESON-BUILD-SYSTEM.
[arguments]: Explicitly disable libproxy; add phase to appease tests.
(libgdata, libsoup)[arguments]: Remove phase that sets SSL_CERT_FILE.
* gnu/packages/spice.scm (spice)[arguments]: Likewise.
* gnu/packages/web.scm (uhttpmock)[arguments]: Likewise.
---
gnu/local.mk | 1 -
gnu/packages/gnome.scm | 43 +++++--------------
.../glib-networking-ssl-cert-file.patch | 29 -------------
gnu/packages/spice.scm | 6 +--
gnu/packages/web.scm | 9 ----
5 files changed, 12 insertions(+), 76 deletions(-)
delete mode 100644 gnu/packages/patches/glib-networking-ssl-cert-file.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3f2ca7a845..03627b98c1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -741,7 +741,6 @@ dist_patch_DATA = \
%D%/packages/patches/ghostscript-no-header-uuid.patch \
%D%/packages/patches/ghostscript-no-header-creationdate.patch \
%D%/packages/patches/giflib-make-reallocarray-private.patch \
- %D%/packages/patches/glib-networking-ssl-cert-file.patch \
%D%/packages/patches/glib-tests-timer.patch \
%D%/packages/patches/glibc-CVE-2015-5180.patch \
%D%/packages/patches/glibc-CVE-2015-7547.patch \
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index cea9445191..95bfcaf564 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -360,12 +360,6 @@ formats like PNG, SVG, PDF and EPS.")
(arguments
'(#:phases
(modify-phases %standard-phases
- (add-before 'check 'use-empty-ssl-cert-file
- (lambda _
- ;; The ca-certificates.crt is not available in the build
- ;; environment.
- (setenv "SSL_CERT_FILE" "/dev/null")
- #t))
(add-before 'check 'disable-failing-tests
(lambda _
;; The PicasaWeb API tests fail with gnome-online-accounts@3.24.2.
@@ -2396,7 +2390,7 @@ library.")
(define-public glib-networking
(package
(name "glib-networking")
- (version "2.54.1")
+ (version "2.58.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/glib-networking/"
@@ -2404,29 +2398,17 @@ library.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0bq16m9nh3gcz9x2fvygr0iwxd2pxcbrm3lj3kihsnh1afv8g9za"))
- (patches
- (search-patches "glib-networking-ssl-cert-file.patch"))))
- (build-system gnu-build-system)
+ "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx"))))
+ (build-system meson-build-system)
(arguments
- `(#:configure-flags
- '("--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt")
- #:phases
- (modify-phases %standard-phases
- (add-before 'configure 'patch-giomoduledir
- ;; Install GIO modules into $out/lib/gio/modules.
- (lambda _
- (substitute* "configure"
- (("GIO_MODULE_DIR=.*")
- (string-append "GIO_MODULE_DIR=" %output
- "/lib/gio/modules\n")))
- #t))
- (add-before 'check 'use-empty-ssl-cert-file
- (lambda _
- ;; The ca-certificates.crt is not available in the build
- ;; environment.
- (setenv "SSL_CERT_FILE" "/dev/null")
- #t)))))
+ `(#:configure-flags '("-Dlibproxy_support=false")
+ #:phases (modify-phases %standard-phases
+ (add-before 'check 'disable-TLSv1.3
+ (lambda _
+ ;; XXX: One test fails when TLS 1.3 is enabled, fixed in 2.60.0:
+ ;; <https://gitlab.com/gnutls/gnutls/issues/615>.
+ (setenv "G_TLS_GNUTLS_PRIORITY" "NORMAL:-VERS-TLS1.3")
+ #t)))))
(native-inputs
`(("pkg-config" ,pkg-config)
("intltool" ,intltool)))
@@ -2516,9 +2498,6 @@ libxml to ease remote use of the RESTful API.")
;; The 'check-local' target runs 'env LANG=C sort -u',
;; unset 'LC_ALL' to make 'LANG' working.
(unsetenv "LC_ALL")
- ;; The ca-certificates.crt is not available in the build
- ;; environment.
- (setenv "SSL_CERT_FILE" "/dev/null")
;; HTTPD in Guix uses mod_event and does not build prefork.
(substitute* "tests/httpd.conf"
(("^LoadModule mpm_prefork_module.*$") "\n"))
diff --git a/gnu/packages/patches/glib-networking-ssl-cert-file.patch b/gnu/packages/patches/glib-networking-ssl-cert-file.patch
deleted file mode 100644
index 32bdd0790f..0000000000
--- a/gnu/packages/patches/glib-networking-ssl-cert-file.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From b010e41346d418220582c20ab8d7f3971e4fb78a Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@gmail.com>
-Date: Fri, 14 Aug 2015 17:28:36 +0800
-Subject: [PATCH] gnutls: Allow overriding the anchor file location by
- 'SSL_CERT_FILE'
-
----
- tls/gnutls/gtlsbackend-gnutls.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/tls/gnutls/gtlsbackend-gnutls.c b/tls/gnutls/gtlsbackend-gnutls.c
-index 55ec1a5..217d3c8 100644
---- a/tls/gnutls/gtlsbackend-gnutls.c
-+++ b/tls/gnutls/gtlsbackend-gnutls.c
-@@ -101,8 +101,10 @@ g_tls_backend_gnutls_real_create_database (GTlsBackendGnutls *self,
- GError **error)
- {
- const gchar *anchor_file = NULL;
-+ anchor_file = g_getenv ("SSL_CERT_FILE");
- #ifdef GTLS_SYSTEM_CA_FILE
-- anchor_file = GTLS_SYSTEM_CA_FILE;
-+ if (!anchor_file)
-+ anchor_file = GTLS_SYSTEM_CA_FILE;
- #endif
- return g_tls_file_database_new (anchor_file, error);
- }
---
-2.4.3
-
diff --git a/gnu/packages/spice.scm b/gnu/packages/spice.scm
index 94e6aa8438..8ab5a335c8 100644
--- a/gnu/packages/spice.scm
+++ b/gnu/packages/spice.scm
@@ -213,11 +213,7 @@ which allows users to view a desktop computing environment.")
"--enable-automated-tests")
;; Several tests appear to be opening the same sockets concurrently.
- #:parallel-tests? #f
-
- #:phases (modify-phases %standard-phases
- (add-before 'check 'use-empty-ssl-cert-file
- (lambda _ (setenv "SSL_CERT_FILE" "/dev/null") #t)))))
+ #:parallel-tests? #f))
(synopsis "Server implementation of the SPICE protocol")
(description "SPICE is a remote display system built for virtual
environments which allows you to view a computing 'desktop' environment
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index f8315d4379..8dc6927897 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -4241,15 +4241,6 @@ you'd expect.")
(base32
"163py4klka423x7li2b685gmg3a6hjf074mlff2ajhmi3l0lm8x6"))))
(build-system glib-or-gtk-build-system)
- (arguments
- `(#:phases
- (modify-phases %standard-phases
- (add-before 'check 'use-empty-ssl-cert-file
- (lambda _
- ;; Search for ca-certificates.crt files
- ;; during the check phase.
- (setenv "SSL_CERT_FILE" "/dev/null")
- #t)))))
(native-inputs
`(("gobject-introspection" ,gobject-introspection)
;; For check phase.
--
2.20.0
[-- Attachment #1.5: Type: text/plain, Size: 300 bytes --]
The reason for removing SSL_CERT_FILE completely instead of adjusting
the patch is that Glib-Networking no longer does any certificate
handling by itself, instead everything is handed over to GnuTLS. Thus
supporting such a patch is difficult, and it does not seem to be needed
anymore in practice.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates
2018-12-11 1:12 [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
2018-12-11 20:42 ` [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
@ 2018-12-12 1:05 ` Leo Famulari
2018-12-12 20:57 ` bug#33701: " Marius Bakke
2 siblings, 1 reply; 29+ messages in thread
From: Leo Famulari @ 2018-12-12 1:05 UTC (permalink / raw)
To: Marius Bakke; +Cc: 33701
[-- Attachment #1: Type: text/plain, Size: 1005 bytes --]
On Tue, Dec 11, 2018 at 02:12:05AM +0100, Marius Bakke wrote:
> This late series adds around 1000 rebuilds to the current staging
> branch. They also bring many of the GNOME family libraries to the
> latest upstream versions.
>
> The good:
> * Latest Ghostscript, Poppler, Harfbuzz, GnuTLS, and other
> security-critical libraries.
That's great.
> Some of these have changed
> build systems, or ABIs, so future patching is easier.
Okay, makes sense.
> * Most/all regressions are already fixed.
Good :)
> The bad:
> * GCC7 is now in the closure of cURL (via nghttp2).
Oh well.
>
> The ugly:
> * 37 files changed, 1225 insertions(+), 996 deletions(-)
> * Total rebuild count for staging is around 4700 packages.
>
> WDYT?
It seems like a lot, but it's probably not higher than previous staging
branches, right? I have an intuitive sense of how quickly Hydra could
build this, but not for Cuirass on <berlin.guixsd.org>. Does it seem
reasonable to you?
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 12/23] gnu: ghostscript: Update to 9.26.
2018-12-11 1:14 ` [bug#33701] [PATCH staging 12/23] gnu: ghostscript: Update to 9.26 Marius Bakke
@ 2018-12-12 1:07 ` Leo Famulari
0 siblings, 0 replies; 29+ messages in thread
From: Leo Famulari @ 2018-12-12 1:07 UTC (permalink / raw)
To: Marius Bakke; +Cc: 33701
[-- Attachment #1: Type: text/plain, Size: 380 bytes --]
On Tue, Dec 11, 2018 at 02:14:05AM +0100, Marius Bakke wrote:
> * gnu/packages/patches/ghostscript-bug-699708.patch,
> gnu/packages/patches/ghostscript-CVE-2018-16509.patch: Delete files.
> * gnu/local.mk (dist_patch_DATA): Remove them.
> * gnu/packages/ghostscript.scm (ghostscript): Update to 9.26.
> [source](patches): Remove obsolete.
Very good, this is an important update.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* [bug#33701] [PATCH staging 04/23] gnu: poppler: Update to 0.72.0.
2018-12-11 1:13 ` [bug#33701] [PATCH staging 04/23] gnu: poppler: Update to 0.72.0 Marius Bakke
@ 2018-12-12 1:08 ` Leo Famulari
0 siblings, 0 replies; 29+ messages in thread
From: Leo Famulari @ 2018-12-12 1:08 UTC (permalink / raw)
To: Marius Bakke; +Cc: 33701
[-- Attachment #1: Type: text/plain, Size: 358 bytes --]
On Tue, Dec 11, 2018 at 02:13:57AM +0100, Marius Bakke wrote:
> * gnu/packages/scribus.scm (scribus)[source](patches): Add upstream patch origins.
> [source](modules, snippet): New fields.
> * gnu/packages/libreoffice.scm (libreoffice)[source](patches): Add three
> upstream origins.
Can you add some brief comments explaining the purpose of these patches?
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* bug#33701: [PATCH staging 00/23] Glib/GTK+ updates
2018-12-12 1:05 ` Leo Famulari
@ 2018-12-12 20:57 ` Marius Bakke
0 siblings, 0 replies; 29+ messages in thread
From: Marius Bakke @ 2018-12-12 20:57 UTC (permalink / raw)
To: Leo Famulari; +Cc: 33701-done
[-- Attachment #1: Type: text/plain, Size: 825 bytes --]
Leo Famulari <leo@famulari.name> writes:
>>
>> The ugly:
>> * 37 files changed, 1225 insertions(+), 996 deletions(-)
>> * Total rebuild count for staging is around 4700 packages.
>>
>> WDYT?
>
> It seems like a lot, but it's probably not higher than previous staging
> branches, right? I have an intuitive sense of how quickly Hydra could
> build this, but not for Cuirass on <berlin.guixsd.org>. Does it seem
> reasonable to you?
I don't have a feeling for Berlin either, but its x86 build farm is
vastly larger than Hydra. I think they can both handle ~5k * Arches
package builds within a few weeks (modulo regressions).
For x86_64, I expect Berlin to be done within a few days!
I've pushed the series with additional Poppler comments, as well as a
few new package updates. Thanks for checking!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
end of thread, other threads:[~2018-12-12 20:58 UTC | newest]
Thread overview: 29+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-12-11 1:12 [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 01/23] gnu: cups-filters: Update to 1.21.5 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 02/23] gnu: libjpeg-turbo: Update to 2.0.1 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 03/23] gnu: harfbuzz: Update to 2.2.0 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 04/23] gnu: poppler: Update to 0.72.0 Marius Bakke
2018-12-12 1:08 ` Leo Famulari
2018-12-11 1:13 ` [bug#33701] [PATCH staging 05/23] gnu: D-Bus: Update to 1.12.12 Marius Bakke
2018-12-11 1:13 ` [bug#33701] [PATCH staging 06/23] gnu: glib: Remove obsolete variable Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 07/23] gnu: glib: Update to 2.56.3 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 08/23] gnu: pixman: Update to 0.36.0 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 09/23] gnu: cairo: Update to 1.16.0 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 10/23] gnu: libqmi: Update to 1.20.2 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 11/23] gnu: curl: Remove replacement for 7.62.0 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 12/23] gnu: ghostscript: Update to 9.26 Marius Bakke
2018-12-12 1:07 ` Leo Famulari
2018-12-11 1:14 ` [bug#33701] [PATCH staging 13/23] gnu: icu4c: Update to 63.1 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 14/23] gnu: tzdata-for-tests: Update to 2018g Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 15/23] gnu: nghttp2: Update to 1.35.1 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 16/23] gnu: nettle: Update to 3.4.1 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 17/23] gnu: cyrus-sasl: Update to 2.1.27 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 18/23] gnu: jansson: Update to 2.12 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 19/23] gnu: GnuTLS: Update to 3.6.5 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 20/23] gnu: libuv: Update to 1.24.0 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 21/23] gnu: CMake: Update to 3.13.1 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 22/23] gnu: meson: Update to 0.49.0 Marius Bakke
2018-12-11 1:14 ` [bug#33701] [PATCH staging 23/23] gnu: glib-networking: Update to 2.59.1 Marius Bakke
2018-12-11 20:42 ` [bug#33701] [PATCH staging 00/23] Glib/GTK+ updates Marius Bakke
2018-12-12 1:05 ` Leo Famulari
2018-12-12 20:57 ` bug#33701: " Marius Bakke
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.