diff options
Diffstat (limited to 'gnu/packages/patches')
| -rw-r--r-- | gnu/packages/patches/cssc-gets-undeclared.patch | 17 | ||||
| -rw-r--r-- | gnu/packages/patches/cssc-missing-include.patch | 12 | ||||
| -rw-r--r-- | gnu/packages/patches/gtkglext-remove-pangox-dependency.patch | 132 | ||||
| -rw-r--r-- | gnu/packages/patches/module-init-tools-moduledir.patch | 168 | ||||
| -rw-r--r-- | gnu/packages/patches/openssl-CVE-2010-5298.patch | 27 | ||||
| -rw-r--r-- | gnu/packages/patches/openssl-extension-checking-fixes.patch | 40 | ||||
| -rw-r--r-- | gnu/packages/patches/util-linux-perl.patch | 15 |
7 files changed, 212 insertions, 199 deletions
diff --git a/gnu/packages/patches/cssc-gets-undeclared.patch b/gnu/packages/patches/cssc-gets-undeclared.patch new file mode 100644 index 0000000000..68c607cf58 --- /dev/null +++ b/gnu/packages/patches/cssc-gets-undeclared.patch @@ -0,0 +1,17 @@ +CSSC uses a gets in a couple of places. For security reasons, modern gnulib +does not allow this. This patch allows it again. +--- CSSC-1.3.0/gl/lib/stdio.in.h 2010-05-15 00:15:35.000000000 +0200 ++++ CSSC-1.3.0/gl/lib/stdio.in.h 2014-02-03 21:27:10.000000000 +0100 +@@ -135,12 +135,6 @@ + "use gnulib module fflush for portable POSIX compliance"); + #endif + +-/* It is very rare that the developer ever has full control of stdin, +- so any use of gets warrants an unconditional warning. Assume it is +- always declared, since it is required by C89. */ +-#undef gets +-_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); +- + #if @GNULIB_FOPEN@ + # if @REPLACE_FOPEN@ + # if !(defined __cplusplus && defined GNULIB_NAMESPACE) diff --git a/gnu/packages/patches/cssc-missing-include.patch b/gnu/packages/patches/cssc-missing-include.patch new file mode 100644 index 0000000000..3cef9c15f1 --- /dev/null +++ b/gnu/packages/patches/cssc-missing-include.patch @@ -0,0 +1,12 @@ +Added a missing include file (necessary for gid_t and others). +So far as I am aware, this has not been added upstream yet. +--- CSSC-1.3.0/src/file.h 2010-05-16 19:31:33.000000000 +0200 ++++ CSSC-1.3.0/src/file.h 2014-02-03 21:48:30.000000000 +0100 +@@ -30,6 +30,7 @@ + #ifndef CSSC__FILE_H__ + #define CSSC__FILE_H__ + ++#include <sys/types.h> + #include "filelock.h" + + enum create_mode { diff --git a/gnu/packages/patches/gtkglext-remove-pangox-dependency.patch b/gnu/packages/patches/gtkglext-remove-pangox-dependency.patch deleted file mode 100644 index 4f03785322..0000000000 --- a/gnu/packages/patches/gtkglext-remove-pangox-dependency.patch +++ /dev/null @@ -1,132 +0,0 @@ -This patch removes the dependency on pangox which has been deprecated. It -achieves the same result as the upstream patch at -https://git.gnome.org/browse/gtkglext/commit/?id=df7a7b35b80b395d7ba411c7f727970a46fb0588 -Like the upstream patch, it removes the functions gdk_gl_font_use_pango_font, -and gdk_gl_font_use_pango_font_for_display from the API. - -diff -r -U 3 a/configure b/configure ---- a/configure 2006-02-05 04:17:47.000000000 +0100 -+++ b/configure 2013-12-26 12:55:21.000000000 +0100 -@@ -19880,14 +19880,12 @@ - gtk+-2.0 >= 2.0.0 \\ - gdk-2.0 >= 2.0.0 \\ - pango >= 1.0.0 \\ --pangox >= 1.0.0 \\ - gmodule-2.0 >= 2.0.0 \\ - \"") >&5 - ($PKG_CONFIG --exists --print-errors "\ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - ") 2>&5 - ac_status=$? -@@ -19897,7 +19895,6 @@ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - " 2>/dev/null` - else -@@ -19916,14 +19913,12 @@ - gtk+-2.0 >= 2.0.0 \\ - gdk-2.0 >= 2.0.0 \\ - pango >= 1.0.0 \\ --pangox >= 1.0.0 \\ - gmodule-2.0 >= 2.0.0 \\ - \"") >&5 - ($PKG_CONFIG --exists --print-errors "\ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - ") 2>&5 - ac_status=$? -@@ -19933,7 +19928,6 @@ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - " 2>/dev/null` - else -@@ -19958,7 +19952,6 @@ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - "` - else -@@ -19966,7 +19959,6 @@ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - "` - fi -@@ -19977,7 +19969,6 @@ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - ) were not met: - -@@ -19994,7 +19985,6 @@ - gtk+-2.0 >= 2.0.0 \ - gdk-2.0 >= 2.0.0 \ - pango >= 1.0.0 \ --pangox >= 1.0.0 \ - gmodule-2.0 >= 2.0.0 \ - ) were not met: - -@@ -25420,7 +25410,7 @@ - # CFLAGS and LIBS - ################################################## - --GDKGLEXT_PACKAGES="gdk-2.0 pango pangox gmodule-2.0" -+GDKGLEXT_PACKAGES="gdk-2.0 pango gmodule-2.0" - GDKGLEXT_EXTRA_CFLAGS="$GL_CFLAGS $GDKGLEXT_WIN_CFLAGS" - GDKGLEXT_EXTRA_LIBS="$GL_LIBS $GDKGLEXT_WIN_LIBS" - GDKGLEXT_DEP_CFLAGS="$GDKGLEXT_EXTRA_CFLAGS `$PKG_CONFIG --cflags $GDKGLEXT_PACKAGES`" -diff -r -U 3 a/gdk/x11/Makefile.in b/gdk/x11/Makefile.in ---- a/gdk/x11/Makefile.in 2006-02-05 04:17:42.000000000 +0100 -+++ b/gdk/x11/Makefile.in 2013-12-26 13:12:04.000000000 +0100 -@@ -257,7 +257,6 @@ - gdkgldrawable-x11.c \ - gdkglpixmap-x11.c \ - gdkglwindow-x11.c \ -- gdkglfont-x11.c \ - gdkglglxext.c - - -@@ -288,7 +287,7 @@ - am__objects_1 = - am__objects_2 = gdkglquery-x11.lo gdkglconfig-x11.lo gdkgloverlay-x11.lo \ - gdkglcontext-x11.lo gdkgldrawable-x11.lo gdkglpixmap-x11.lo \ -- gdkglwindow-x11.lo gdkglfont-x11.lo gdkglglxext.lo -+ gdkglwindow-x11.lo gdkglglxext.lo - am__objects_3 = $(am__objects_1) $(am__objects_2) - am_libgdkglext_x11_la_OBJECTS = $(am__objects_3) - libgdkglext_x11_la_OBJECTS = $(am_libgdkglext_x11_la_OBJECTS) -@@ -299,7 +298,6 @@ - @AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/gdkglconfig-x11.Plo \ - @AMDEP_TRUE@ ./$(DEPDIR)/gdkglcontext-x11.Plo \ - @AMDEP_TRUE@ ./$(DEPDIR)/gdkgldrawable-x11.Plo \ --@AMDEP_TRUE@ ./$(DEPDIR)/gdkglfont-x11.Plo \ - @AMDEP_TRUE@ ./$(DEPDIR)/gdkglglxext.Plo \ - @AMDEP_TRUE@ ./$(DEPDIR)/gdkgloverlay-x11.Plo \ - @AMDEP_TRUE@ ./$(DEPDIR)/gdkglpixmap-x11.Plo \ -@@ -349,7 +347,6 @@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkglconfig-x11.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkglcontext-x11.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkgldrawable-x11.Plo@am__quote@ --@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkglfont-x11.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkglglxext.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkgloverlay-x11.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gdkglpixmap-x11.Plo@am__quote@ diff --git a/gnu/packages/patches/module-init-tools-moduledir.patch b/gnu/packages/patches/module-init-tools-moduledir.patch new file mode 100644 index 0000000000..68d7988f53 --- /dev/null +++ b/gnu/packages/patches/module-init-tools-moduledir.patch @@ -0,0 +1,168 @@ +This patch changes 'modprobe' & co. so they honor the 'LINUX_MODULE_DIRECTORY' +environment variable, rather than looking for modules exclusively in +/lib/modules. + +Patch by David Guibert, from Nixpkgs; adjusted to use 'LINUX_MODULE_DIRECTORY' +rather than 'MODULE_DIR' as the variable name. + +commit cf2c95edb7918bc658f6cae93793c1949fc9cb6e +Author: David Guibert <david.guibert@gmail.com> +Date: Fri Aug 5 14:20:12 2011 +0200 + + introduce module-dir + +diff --git a/depmod.c b/depmod.c +index a1d2f8c..9362a35 100644 +--- a/depmod.c ++++ b/depmod.c +@@ -48,9 +48,6 @@ + + #include "testing.h" + +-#ifndef MODULE_DIR +-#define MODULE_DIR "/lib/modules/" +-#endif + + #ifndef MODULE_BUILTIN_KEY + #define MODULE_BUILTIN_KEY "built-in" +@@ -1516,6 +1513,7 @@ static int parse_config_file(const char *filename, + char *line; + unsigned int linenum = 0; + FILE *cfile; ++ char *module_dir; + + cfile = fopen(filename, "r"); + if (!cfile) { +@@ -1525,6 +1523,10 @@ static int parse_config_file(const char *filename, + return 0; + } + ++ if((module_dir = getenv("LINUX_MODULE_DIRECTORY")) == NULL) { ++ module_dir = "/lib/modules/"; ++ } ++ + while ((line = getline_wrapped(cfile, &linenum)) != NULL) { + char *ptr = line; + char *cmd, *modname; +@@ -1550,7 +1552,7 @@ static int parse_config_file(const char *filename, + continue; + } + nofail_asprintf(&dirname, "%s%s%s/%s", basedir, +- MODULE_DIR, kernelversion, search_path); ++ module_dir, kernelversion, search_path); + len = strlen(dirname); + *search = add_search(dirname, len, *search); + free(dirname); +@@ -1565,7 +1567,7 @@ static int parse_config_file(const char *filename, + continue; + + nofail_asprintf(&pathname, "%s%s%s/%s/%s.ko", basedir, +- MODULE_DIR, kernelversion, subdir, modname); ++ module_dir, kernelversion, subdir, modname); + + *overrides = add_override(pathname, *overrides); + free(pathname); +@@ -1737,6 +1739,7 @@ int main(int argc, char *argv[]) + char *basedir = "", *dirname, *version; + char *system_map = NULL, *module_symvers = NULL; + int i; ++ char *module_dir; + const char *config = NULL; + + if (native_endianness() == 0) +@@ -1832,7 +1835,11 @@ int main(int argc, char *argv[]) + if (optind == argc) + all = 1; + +- nofail_asprintf(&dirname, "%s%s%s", basedir, MODULE_DIR, version); ++ if((module_dir = getenv("LINUX_MODULE_DIRECTORY")) == NULL) { ++ module_dir = "/lib/modules/"; ++ } ++ ++ nofail_asprintf(&dirname, "%s%s%s", basedir, module_dir, version); + + if (maybe_all) { + if (!doing_stdout && !depfile_out_of_date(dirname)) +@@ -1850,7 +1857,7 @@ int main(int argc, char *argv[]) + size_t len; + + nofail_asprintf(&dirname, "%s%s%s/updates", basedir, +- MODULE_DIR, version); ++ module_dir, version); + len = strlen(dirname); + search = add_search(dirname, len, search); + } +diff --git a/modinfo.c b/modinfo.c +index 1dd8469..67b1041 100644 +--- a/modinfo.c ++++ b/modinfo.c +@@ -19,9 +19,6 @@ + #include "zlibsupport.h" + #include "testing.h" + +-#ifndef MODULE_DIR +-#define MODULE_DIR "/lib/modules" +-#endif + + struct param + { +@@ -193,6 +190,11 @@ static struct elf_file *grab_module(const char *name, + struct utsname buf; + char *depname, *p, *moddir; + struct elf_file *module; ++ char *module_dir; ++ ++ if((module_dir = getenv("LINUX_MODULE_DIRECTORY")) == NULL) { ++ module_dir = "/lib/modules/"; ++ } + + if (strchr(name, '.') || strchr(name, '/')) { + module = grab_elf_file(name); +@@ -207,9 +209,9 @@ static struct elf_file *grab_module(const char *name, + kernel = buf.release; + } + if (strlen(basedir)) +- nofail_asprintf(&moddir, "%s/%s/%s", basedir, MODULE_DIR, kernel); ++ nofail_asprintf(&moddir, "%s/%s/%s", basedir, module_dir, kernel); + else +- nofail_asprintf(&moddir, "%s/%s", MODULE_DIR, kernel); ++ nofail_asprintf(&moddir, "%s/%s", module_dir, kernel); + + /* Search for it in modules.dep. */ + nofail_asprintf(&depname, "%s/%s", moddir, "modules.dep"); +diff --git a/modprobe.c b/modprobe.c +index 5464f45..d9fbf9d 100644 +--- a/modprobe.c ++++ b/modprobe.c +@@ -86,10 +86,6 @@ typedef enum + + } modprobe_flags_t; + +-#ifndef MODULE_DIR +-#define MODULE_DIR "/lib/modules" +-#endif +- + /** + * print_usage - output the prefered program usage + * +@@ -2136,6 +2132,7 @@ int main(int argc, char *argv[]) + struct modprobe_conf conf = {}; + + recursion_depth = 0; ++ char *module_dir = NULL; + + /* Prepend options from environment. */ + argv = merge_args(getenv("MODPROBE_OPTIONS"), argv, &argc); +@@ -2233,7 +2230,11 @@ int main(int argc, char *argv[]) + if (argc < optind + 1 && !dump_config && !list_only) + print_usage(argv[0]); + +- nofail_asprintf(&dirname, "%s%s/%s", basedir, MODULE_DIR, buf.release); ++ if((module_dir = getenv("LINUX_MODULE_DIRECTORY")) == NULL) { ++ module_dir = "/lib/modules"; ++ } ++ ++ nofail_asprintf(&dirname, "%s%s/%s", basedir, module_dir, buf.release); + + /* Old-style -t xxx wildcard? Only with -l. */ + if (list_only) { diff --git a/gnu/packages/patches/openssl-CVE-2010-5298.patch b/gnu/packages/patches/openssl-CVE-2010-5298.patch deleted file mode 100644 index 707a24dff0..0000000000 --- a/gnu/packages/patches/openssl-CVE-2010-5298.patch +++ /dev/null @@ -1,27 +0,0 @@ -From db978be7388852059cf54e42539a363d549c5bfd Mon Sep 17 00:00:00 2001 -From: Kurt Roeckx <kurt@roeckx.be> -Date: Sun, 13 Apr 2014 15:05:30 +0200 -Subject: [PATCH] Don't release the buffer when there still is data in it - -RT: 2167, 3265 ---- - ssl/s3_pkt.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c -index b9e45c7..32e9207 100644 ---- a/ssl/s3_pkt.c -+++ b/ssl/s3_pkt.c -@@ -1055,7 +1055,8 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) - { - s->rstate=SSL_ST_READ_HEADER; - rr->off=0; -- if (s->mode & SSL_MODE_RELEASE_BUFFERS) -+ if (s->mode & SSL_MODE_RELEASE_BUFFERS && -+ s->s3->rbuf.left == 0) - ssl3_release_read_buffer(s); - } - } --- -1.9.1 - diff --git a/gnu/packages/patches/openssl-extension-checking-fixes.patch b/gnu/packages/patches/openssl-extension-checking-fixes.patch deleted file mode 100644 index 3fdd893563..0000000000 --- a/gnu/packages/patches/openssl-extension-checking-fixes.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 300b9f0b704048f60776881f1d378c74d9c32fbd Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" <steve@openssl.org> -Date: Tue, 15 Apr 2014 18:48:54 +0100 -Subject: [PATCH] Extension checking fixes. - -When looking for an extension we need to set the last found -position to -1 to properly search all extensions. - -PR#3309. ---- - crypto/x509v3/v3_purp.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c -index 6c40c7d..5f931db 100644 ---- a/crypto/x509v3/v3_purp.c -+++ b/crypto/x509v3/v3_purp.c -@@ -389,8 +389,8 @@ static void x509v3_cache_extensions(X509 *x) - /* Handle proxy certificates */ - if((pci=X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) { - if (x->ex_flags & EXFLAG_CA -- || X509_get_ext_by_NID(x, NID_subject_alt_name, 0) >= 0 -- || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) { -+ || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0 -+ || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) { - x->ex_flags |= EXFLAG_INVALID; - } - if (pci->pcPathLengthConstraint) { -@@ -670,7 +670,7 @@ static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, - return 0; - - /* Extended Key Usage MUST be critical */ -- i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, 0); -+ i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, -1); - if (i_ext >= 0) - { - X509_EXTENSION *ext = X509_get_ext((X509 *) x, i_ext); --- -1.9.1 - diff --git a/gnu/packages/patches/util-linux-perl.patch b/gnu/packages/patches/util-linux-perl.patch new file mode 100644 index 0000000000..c657a1b5ae --- /dev/null +++ b/gnu/packages/patches/util-linux-perl.patch @@ -0,0 +1,15 @@ +Use this common trick that exploits similarities between sh and Perl syntax +to avoid a hard dependency on Perl. Instead, this script will work only +when 'perl' is available in $PATH. + +--- util-linux-2.21.2/misc-utils/chkdupexe.pl 2012-05-15 13:51:45.000000000 +0200 ++++ util-linux-2.21.2/misc-utils/chkdupexe.pl 2014-06-01 22:46:06.000000000 +0200 +@@ -1,5 +1,6 @@ +-#!@PERL@ -w +-# ++eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}' ++ & eval 'exec perl -wS "$0" $argv:q' ++ if 0; + # chkdupexe version 2.1.1 + # + # Simple script to look for and list duplicate executables and dangling |