aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-09-20 18:49:26 +0200
committerMarius Bakke <mbakke@fastmail.com>2017-09-20 18:49:26 +0200
commit58366883f2f1516a4a02f5b4e2a70e86481827b5 (patch)
treefa67d714c4596164b341118132728a48135f4759 /gnu/packages/patches
parentf40aef6b3b56e1e5fb6e6ac29bd372000e13982f (diff)
parent9a1c4a981bdd7eeca76aaf73a57d6841918821c2 (diff)
downloadguix-58366883f2f1516a4a02f5b4e2a70e86481827b5.tar.gz
guix-58366883f2f1516a4a02f5b4e2a70e86481827b5.zip
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/bluez-CVE-2017-1000250.patch42
-rw-r--r--gnu/packages/patches/calibre-drop-unrar.patch49
-rw-r--r--gnu/packages/patches/csound-header-ordering.patch20
-rw-r--r--gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch85
-rw-r--r--gnu/packages/patches/file-CVE-2017-1000249.patch27
-rw-r--r--gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch14
-rw-r--r--gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch13
-rw-r--r--gnu/packages/patches/graphicsmagick-CVE-2017-11403+CVE-2017-14103.patch137
-rw-r--r--gnu/packages/patches/graphicsmagick-CVE-2017-14042.patch80
-rw-r--r--gnu/packages/patches/graphicsmagick-CVE-2017-14165.patch72
-rw-r--r--gnu/packages/patches/httpd-CVE-2017-9798.patch22
-rw-r--r--gnu/packages/patches/libarchive-CVE-2017-14166.patch45
-rw-r--r--gnu/packages/patches/libzip-CVE-2017-12858.patch45
-rw-r--r--gnu/packages/patches/meson-for-build-rpath.patch24
-rw-r--r--gnu/packages/patches/newsbeuter-CVE-2017-14500.patch43
-rw-r--r--gnu/packages/patches/openfoam-4.1-cleanup.patch243
-rw-r--r--gnu/packages/patches/openjpeg-CVE-2017-14151.patch46
-rw-r--r--gnu/packages/patches/openjpeg-CVE-2017-14152.patch38
-rw-r--r--gnu/packages/patches/openjpeg-CVE-2017-14164.patch89
-rw-r--r--gnu/packages/patches/perl-text-markdown-discount-use-system-markdown.patch32
-rw-r--r--gnu/packages/patches/python-acme-dont-use-openssl-rand.patch28
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-13711.patch89
-rw-r--r--gnu/packages/patches/qemu-CVE-2017-14167.patch69
-rw-r--r--gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch355
-rw-r--r--gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch355
-rw-r--r--gnu/packages/patches/ruby-rubygems-2612-ruby24.patch437
-rw-r--r--gnu/packages/patches/ruby-rubygems-2613-ruby24.patch355
27 files changed, 1238 insertions, 1616 deletions
diff --git a/gnu/packages/patches/bluez-CVE-2017-1000250.patch b/gnu/packages/patches/bluez-CVE-2017-1000250.patch
new file mode 100644
index 0000000000..81f209d7b2
--- /dev/null
+++ b/gnu/packages/patches/bluez-CVE-2017-1000250.patch
@@ -0,0 +1,42 @@
+Description: CVE-2017-1000250: information disclosure vulnerability in service_search_attr_req
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/875633
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1489446
+Bug-SuSE: https://bugzilla.suse.com/show_bug.cgi?id=1057342
+Forwarded: no
+Author: Armis Security <security@armis.com>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2017-09-13
+
+--- a/src/sdpd-request.c
++++ b/src/sdpd-request.c
+@@ -918,15 +918,20 @@ static int service_search_attr_req(sdp_r
+ /* continuation State exists -> get from cache */
+ sdp_buf_t *pCache = sdp_get_cached_rsp(cstate);
+ if (pCache) {
+- uint16_t sent = MIN(max, pCache->data_size - cstate->cStateValue.maxBytesSent);
+- pResponse = pCache->data;
+- memcpy(buf->data, pResponse + cstate->cStateValue.maxBytesSent, sent);
+- buf->data_size += sent;
+- cstate->cStateValue.maxBytesSent += sent;
+- if (cstate->cStateValue.maxBytesSent == pCache->data_size)
+- cstate_size = sdp_set_cstate_pdu(buf, NULL);
+- else
+- cstate_size = sdp_set_cstate_pdu(buf, cstate);
++ if (cstate->cStateValue.maxBytesSent >= pCache->data_size) {
++ status = SDP_INVALID_CSTATE;
++ SDPDBG("Got bad cstate with invalid size");
++ } else {
++ uint16_t sent = MIN(max, pCache->data_size - cstate->cStateValue.maxBytesSent);
++ pResponse = pCache->data;
++ memcpy(buf->data, pResponse + cstate->cStateValue.maxBytesSent, sent);
++ buf->data_size += sent;
++ cstate->cStateValue.maxBytesSent += sent;
++ if (cstate->cStateValue.maxBytesSent == pCache->data_size)
++ cstate_size = sdp_set_cstate_pdu(buf, NULL);
++ else
++ cstate_size = sdp_set_cstate_pdu(buf, cstate);
++ }
+ } else {
+ status = SDP_INVALID_CSTATE;
+ SDPDBG("Non-null continuation state, but null cache buffer");
diff --git a/gnu/packages/patches/calibre-drop-unrar.patch b/gnu/packages/patches/calibre-drop-unrar.patch
deleted file mode 100644
index adf977b183..0000000000
--- a/gnu/packages/patches/calibre-drop-unrar.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-Recreated old debian patch on the latest calibre version
-
-From 6764e4c211e50d4f4633dbabfba7cbc3089c51dc Mon Sep 17 00:00:00 2001
-From: Brendan Tildesley <brendan.tildesley@openmailbox.org>
-Date: Sat, 13 May 2017 21:12:12 +1000
-Subject: [PATCH] Remove unrar extension
-
----
- setup/extensions.json | 11 -----------
- src/calibre/ebooks/metadata/archive.py | 2 +-
- 2 files changed, 1 insertion(+), 12 deletions(-)
-
-diff --git a/setup/extensions.json b/setup/extensions.json
-index 1f6d1fb5fd..127390450f 100644
---- a/setup/extensions.json
-+++ b/setup/extensions.json
-@@ -211,16 +211,5 @@
- "sources": "calibre/devices/mtp/unix/devices.c calibre/devices/mtp/unix/libmtp.c",
- "headers": "calibre/devices/mtp/unix/devices.h calibre/devices/mtp/unix/upstream/music-players.h calibre/devices/mtp/unix/upstream/device-flags.h",
- "libraries": "mtp"
-- },
-- {
-- "name": "unrar",
-- "sources": "unrar/rar.cpp unrar/strlist.cpp unrar/strfn.cpp unrar/pathfn.cpp unrar/savepos.cpp unrar/smallfn.cpp unrar/global.cpp unrar/file.cpp unrar/filefn.cpp unrar/filcreat.cpp unrar/archive.cpp unrar/arcread.cpp unrar/unicode.cpp unrar/system.cpp unrar/isnt.cpp unrar/crypt.cpp unrar/crc.cpp unrar/rawread.cpp unrar/encname.cpp unrar/resource.cpp unrar/match.cpp unrar/timefn.cpp unrar/rdwrfn.cpp unrar/consio.cpp unrar/options.cpp unrar/ulinks.cpp unrar/errhnd.cpp unrar/rarvm.cpp unrar/secpassword.cpp unrar/rijndael.cpp unrar/getbits.cpp unrar/sha1.cpp unrar/extinfo.cpp unrar/extract.cpp unrar/volume.cpp unrar/list.cpp unrar/find.cpp unrar/unpack.cpp unrar/cmddata.cpp unrar/filestr.cpp unrar/scantree.cpp calibre/utils/unrar.cpp",
-- "inc_dirs": "unrar",
-- "defines": "SILENT RARDLL UNRAR _FILE_OFFSET_BITS=64 _LARGEFILE_SOURCE",
-- "windows_defines": "SILENT RARDLL UNRAR",
-- "haiku_defines": "LITTLE_ENDIAN SILENT RARDLL UNRAR _FILE_OFFSET_BITS=64 _LARGEFILE_SOURCE _BSD_SOURCE",
-- "haiku_libraries": "bsd",
-- "optimize_level": 2,
-- "windows_libraries": "User32 Advapi32 kernel32 Shell32"
- }
- ]
-diff --git a/src/calibre/ebooks/metadata/archive.py b/src/calibre/ebooks/metadata/archive.py
-index f5c0b7bed3..32257dcdae 100644
---- a/src/calibre/ebooks/metadata/archive.py
-+++ b/src/calibre/ebooks/metadata/archive.py
-@@ -44,7 +44,7 @@ class ArchiveExtract(FileTypePlugin):
- description = _('Extract common e-book formats from archive files '
- '(ZIP/RAR). Also try to autodetect if they are actually '
- 'CBZ/CBR files.')
-- file_types = set(['zip', 'rar'])
-+ file_types = set(['zip'])
- supported_platforms = ['windows', 'osx', 'linux']
- on_import = True
-
---
-2.12.2
-
diff --git a/gnu/packages/patches/csound-header-ordering.patch b/gnu/packages/patches/csound-header-ordering.patch
deleted file mode 100644
index 3640d123dd..0000000000
--- a/gnu/packages/patches/csound-header-ordering.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Prevent compilation issues with boost-1.60.0.
-
-Reported upstream at https://github.com/csound/csound/issues/570
-
---- Csound6.05/Opcodes/chua/ChuaOscillator.cpp 2015-04-25 14:06:22.995646234 -0500
-+++ Csound6.05/Opcodes/chua/ChuaOscillator.cpp 2015-12-21 10:31:58.182362640 -0600
-@@ -117,11 +117,12 @@
- // d = sys_variables(12);
- // gnor = a*(x.^3) + b*(x.^2) + c*x + d;
-
--#include <OpcodeBase.hpp>
- #include <boost/numeric/ublas/vector.hpp>
- using namespace boost::numeric;
- #include <cmath>
-
-+#include <OpcodeBase.hpp>
-+
- #undef CS_KSMPS
- #define CS_KSMPS (opds.insdshead->ksmps)
-
diff --git a/gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch b/gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch
new file mode 100644
index 0000000000..7e45d30129
--- /dev/null
+++ b/gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch
@@ -0,0 +1,85 @@
+This patch fixes a remote code execution vulnerability reported here:
+
+ https://bugs.gnu.org/28350
+ http://www.openwall.com/lists/oss-security/2017/09/11/1
+
+From 9ad0fcc54442a9a01d41be19880250783426db70 Mon Sep 17 00:00:00 2001
+From: Lars Ingebrigtsen <larsi@gnus.org>
+Date: Fri, 8 Sep 2017 20:23:31 -0700
+Subject: Remove unsafe enriched mode translations
+
+* lisp/gnus/mm-view.el (mm-inline-text):
+Do not worry about enriched or richtext type.
+* lisp/textmodes/enriched.el (enriched-translations):
+Remove translations for FUNCTION, display (Bug#28350).
+(enriched-handle-display-prop, enriched-decode-display-prop): Remove.
+---
+ lisp/gnus/mm-view.el | 4 ----
+ lisp/textmodes/enriched.el | 32 --------------------------------
+ 2 files changed, 36 deletions(-)
+
+diff --git a/lisp/gnus/mm-view.el b/lisp/gnus/mm-view.el
+index e5859d0..77ad271 100644
+--- a/lisp/gnus/mm-view.el
++++ b/lisp/gnus/mm-view.el
+@@ -383,10 +383,6 @@
+ (goto-char (point-max))))
+ (save-restriction
+ (narrow-to-region b (point))
+- (when (member type '("enriched" "richtext"))
+- (set-text-properties (point-min) (point-max) nil)
+- (ignore-errors
+- (enriched-decode (point-min) (point-max))))
+ (mm-handle-set-undisplayer
+ handle
+ `(lambda ()
+diff --git a/lisp/textmodes/enriched.el b/lisp/textmodes/enriched.el
+index beb6c6d..a8f0d38 100644
+--- a/lisp/textmodes/enriched.el
++++ b/lisp/textmodes/enriched.el
+@@ -117,12 +117,7 @@ expression, which is evaluated to get the string to insert.")
+ (full "flushboth")
+ (center "center"))
+ (PARAMETER (t "param")) ; Argument of preceding annotation
+- ;; The following are not part of the standard:
+- (FUNCTION (enriched-decode-foreground "x-color")
+- (enriched-decode-background "x-bg-color")
+- (enriched-decode-display-prop "x-display"))
+ (read-only (t "x-read-only"))
+- (display (nil enriched-handle-display-prop))
+ (unknown (nil format-annotate-value))
+ ; (font-size (2 "bigger") ; unimplemented
+ ; (-2 "smaller"))
+@@ -477,32 +472,5 @@ Return value is \(begin end name positive-p), or nil if none was found."
+ (message "Warning: no color specified for <x-bg-color>")
+ nil))
+
+-;;; Handling the `display' property.
+-
+-
+-(defun enriched-handle-display-prop (old new)
+- "Return a list of annotations for a change in the `display' property.
+-OLD is the old value of the property, NEW is the new value. Value
+-is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
+-close and OPEN a list of annotations to open. Each of these lists
+-has the form `(ANNOTATION PARAM ...)'."
+- (let ((annotation "x-display")
+- (param (prin1-to-string (or old new))))
+- (if (null old)
+- (cons nil (list (list annotation param)))
+- (cons (list (list annotation param)) nil))))
+-
+-(defun enriched-decode-display-prop (start end &optional param)
+- "Decode a `display' property for text between START and END.
+-PARAM is a `<param>' found for the property.
+-Value is a list `(START END SYMBOL VALUE)' with START and END denoting
+-the range of text to assign text property SYMBOL with value VALUE."
+- (let ((prop (when (stringp param)
+- (condition-case ()
+- (car (read-from-string param))
+- (error nil)))))
+- (unless prop
+- (message "Warning: invalid <x-display> parameter %s" param))
+- (list start end 'display prop)))
+
+ ;;; enriched.el ends here
diff --git a/gnu/packages/patches/file-CVE-2017-1000249.patch b/gnu/packages/patches/file-CVE-2017-1000249.patch
new file mode 100644
index 0000000000..505acf1592
--- /dev/null
+++ b/gnu/packages/patches/file-CVE-2017-1000249.patch
@@ -0,0 +1,27 @@
+https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793.patch
+http://openwall.com/lists/oss-security/2017/09/05/3
+
+The patch is minorly modified to apply to file-5.30
+
+From 35c94dc6acc418f1ad7f6241a6680e5327495793 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Sun, 27 Aug 2017 07:55:02 +0000
+Subject: [PATCH] Fix always true condition (Thomas Jarosch)
+
+---
+ src/readelf.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index 81451827..5f425c97 100644
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -511,7 +511,7 @@ do_bid_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
+ size_t noff, size_t doff, int *flags)
+ {
+ if (namesz == 4 && strcmp((char *)&nbuf[noff], "GNU") == 0 &&
+- type == NT_GNU_BUILD_ID && (descsz >= 4 || descsz <= 20)) {
++ type == NT_GNU_BUILD_ID && (descsz >= 4 && descsz <= 20)) {
+ uint8_t desc[20];
+ const char *btype;
+ uint32_t i;
diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
new file mode 100644
index 0000000000..d9f0cc1212
--- /dev/null
+++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
@@ -0,0 +1,14 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8327>.
+
+--- a/util.c 2014-06-20 19:26:18 +0000
++++ b/util.c 2015-10-30 15:45:03 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"#*?()[]{}";
++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {
+
diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
new file mode 100644
index 0000000000..d3c3024220
--- /dev/null
+++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
@@ -0,0 +1,13 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8560>.
+
+--- a/util.c 2015-10-30 15:45:03 +0000
++++ b/util.c 2015-12-12 23:27:21 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2017-11403+CVE-2017-14103.patch b/gnu/packages/patches/graphicsmagick-CVE-2017-11403+CVE-2017-14103.patch
new file mode 100644
index 0000000000..dbcaea1343
--- /dev/null
+++ b/gnu/packages/patches/graphicsmagick-CVE-2017-11403+CVE-2017-14103.patch
@@ -0,0 +1,137 @@
+http://www.openwall.com/lists/oss-security/2017/09/01/6
+
+CVE-2017-11403:
+http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37
+
+CVE-2017-14103:
+http://hg.code.sf.net/p/graphicsmagick/code/rev/98721124e51f
+
+some changes were made to make the patch apply
+
+# HG changeset patch
+# User Glenn Randers-Pehrson <glennrp+bmo@gmail.com>
+# Date 1503875721 14400
+# Node ID 98721124e51fd5ec0c6fba64bce2e218869632d2
+# Parent f0f2ea85a2930f3b6dcd72352719adb9660f2aad
+Attempt to fix Issue 440.
+
+diff -ru a/coders/png.c b/coders/png.c
+--- a/coders/png.c 1969-12-31 19:00:00.000000000 -0500
++++ b/coders/png.c 2017-09-10 11:31:56.543194173 -0400
+@@ -3106,7 +3106,9 @@
+ if (length > PNG_MAX_UINT || count == 0)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(CorruptImageError,CorruptImage,image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ "chunk length (%lu) > PNG_MAX_UINT",length);
++ return ((Image*)NULL);
+ }
+
+ chunk=(unsigned char *) NULL;
+@@ -3117,13 +3119,16 @@
+ if (chunk == (unsigned char *) NULL)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
+- image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " Could not allocate chunk memory");
++ return ((Image*)NULL);
+ }
+ if (ReadBlob(image,length,chunk) < length)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(CorruptImageError,CorruptImage,image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " chunk reading was incomplete");
++ return ((Image*)NULL);
+ }
+ p=chunk;
+ }
+@@ -3198,7 +3203,7 @@
+ jng_width, jng_height);
+ MagickFreeMemory(chunk);
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
++ return ((Image *)NULL);
+ }
+
+ /* Temporarily set width and height resources to match JHDR */
+@@ -3233,8 +3238,9 @@
+ if (color_image == (Image *) NULL)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
+- image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " could not open color_image blob");
++ return ((Image *)NULL);
+ }
+ if (logging)
+ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
+@@ -3245,7 +3251,9 @@
+ if (status == MagickFalse)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(CoderError,UnableToOpenBlob,color_image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " could not open color_image blob");
++ return ((Image *)NULL);
+ }
+
+ if (!image_info->ping && jng_color_type >= 12)
+@@ -3255,17 +3263,18 @@
+ if (alpha_image_info == (ImageInfo *) NULL)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(ResourceLimitError,
+- MemoryAllocationFailed, image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " could not allocate alpha_image_info",length);
++ return ((Image *)NULL);
+ }
+ GetImageInfo(alpha_image_info);
+ alpha_image=AllocateImage(alpha_image_info);
+ if (alpha_image == (Image *) NULL)
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+- ThrowReaderException(ResourceLimitError,
+- MemoryAllocationFailed,
+- alpha_image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " could not allocate alpha_image");
++ return ((Image *)NULL);
+ }
+ if (logging)
+ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
+@@ -3277,7 +3286,9 @@
+ {
+ DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyImage(alpha_image);
+- ThrowReaderException(CoderError,UnableToOpenBlob,image);
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " could not allocate alpha_image blob");
++ return ((Image *)NULL);
+ }
+ if (jng_alpha_compression_method == 0)
+ {
+@@ -3613,6 +3624,8 @@
+ alpha_image = (Image *)NULL;
+ DestroyImageInfo(alpha_image_info);
+ alpha_image_info = (ImageInfo *)NULL;
++ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
++ " Destroy the JNG image");
+ DestroyImage(jng_image);
+ jng_image = (Image *)NULL;
+ }
+@@ -5146,8 +5159,8 @@
+
+ if (image == (Image *) NULL)
+ {
+- DestroyImageList(previous);
+ CloseBlob(previous);
++ DestroyImageList(previous);
+ MngInfoFreeStruct(mng_info,&have_mng_structure);
+ return((Image *) NULL);
+ }
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2017-14042.patch b/gnu/packages/patches/graphicsmagick-CVE-2017-14042.patch
new file mode 100644
index 0000000000..46f6b032c7
--- /dev/null
+++ b/gnu/packages/patches/graphicsmagick-CVE-2017-14042.patch
@@ -0,0 +1,80 @@
+http://openwall.com/lists/oss-security/2017/08/28/5
+http://hg.code.sf.net/p/graphicsmagick/code/rev/3bbf7a13643d
+
+some changes were made to make the patch apply
+
+# HG changeset patch
+# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
+# Date 1503268616 18000
+# Node ID 3bbf7a13643df3be76b0e19088a6cc632eea2072
+# Parent 83a5b946180835f260bcb91e3d06327a8e2577e3
+PNM: For binary formats, verify sufficient backing file data before memory request.
+
+diff -r 83a5b9461808 -r 3bbf7a13643d coders/pnm.c
+--- a/coders/pnm.c Sun Aug 20 17:31:35 2017 -0500
++++ b/coders/pnm.c Sun Aug 20 17:36:56 2017 -0500
+@@ -569,7 +569,7 @@
+ (void) LogMagickEvent(CoderEvent,GetMagickModule(),"Colors: %u",
+ image->colors);
+ }
+- number_pixels=image->columns*image->rows;
++ number_pixels=MagickArraySize(image->columns,image->rows);
+ if (number_pixels == 0)
+ ThrowReaderException(CorruptImageError,NegativeOrZeroImageSize,image);
+ if (image->storage_class == PseudoClass)
+@@ -858,14 +858,14 @@
+ if (1 == bits_per_sample)
+ {
+ /* PBM */
+- bytes_per_row=((image->columns+7) >> 3);
++ bytes_per_row=((image->columns+7U) >> 3);
+ import_options.grayscale_miniswhite=MagickTrue;
+ quantum_type=GrayQuantum;
+ }
+ else
+ {
+ /* PGM & XV_332 */
+- bytes_per_row=((bits_per_sample+7)/8)*image->columns;
++ bytes_per_row=MagickArraySize(((bits_per_sample+7U)/8U),image->columns);
+ if (XV_332_Format == format)
+ {
+ quantum_type=IndexQuantum;
+@@ -878,7 +878,8 @@
+ }
+ else
+ {
+- bytes_per_row=(((bits_per_sample+7)/8)*samples_per_pixel)*image->columns;
++ bytes_per_row=MagickArraySize((((bits_per_sample+7)/8)*samples_per_pixel),
++ image->columns);
+ if (3 == samples_per_pixel)
+ {
+ /* PPM */
+@@ -915,6 +916,28 @@
+ is_monochrome=MagickFalse;
+ }
+ }
++
++ /* Validate file size before allocating memory */
++ if (BlobIsSeekable(image))
++ {
++ const magick_off_t file_size = GetBlobSize(image);
++ const magick_off_t current_offset = TellBlob(image);
++ if ((file_size > 0) &&
++ (current_offset > 0) &&
++ (file_size > current_offset))
++ {
++ const magick_off_t remaining = file_size-current_offset;
++ const magick_off_t needed = (magick_off_t) image->rows *
++ (magick_off_t) bytes_per_row;
++ if ((remaining < (magick_off_t) bytes_per_row) ||
++ (remaining < needed))
++ {
++ ThrowException(exception,CorruptImageError,UnexpectedEndOfFile,
++ image->filename);
++ break;
++ }
++ }
++ }
+
+ scanline_set=AllocateThreadViewDataArray(image,exception,bytes_per_row,1);
+ if (scanline_set == (ThreadViewDataSet *) NULL)
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2017-14165.patch b/gnu/packages/patches/graphicsmagick-CVE-2017-14165.patch
new file mode 100644
index 0000000000..1f55d90d38
--- /dev/null
+++ b/gnu/packages/patches/graphicsmagick-CVE-2017-14165.patch
@@ -0,0 +1,72 @@
+http://hg.code.sf.net/p/graphicsmagick/code/raw-rev/493da54370aa
+http://openwall.com/lists/oss-security/2017/09/06/4
+
+some changes were made to make the patch apply
+
+# HG changeset patch
+# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
+# Date 1503257388 18000
+# Node ID 493da54370aa42cb430c52a69eb75db0001a5589
+# Parent f8724674907902b7bc37c04f252fe30fbdd88e6f
+SUN: Verify that file header data length, and file length are sufficient for claimed image dimensions.
+
+diff -r f87246749079 -r 493da54370aa coders/sun.c
+--- a/coders/sun.c Sun Aug 20 12:21:03 2017 +0200
++++ b/coders/sun.c Sun Aug 20 14:29:48 2017 -0500
+@@ -498,6 +498,12 @@
+ if (sun_info.depth < 8)
+ image->depth=sun_info.depth;
+
++ if (image_info->ping)
++ {
++ CloseBlob(image);
++ return(image);
++ }
++
+ /*
+ Compute bytes per line and bytes per image for an unencoded
+ image.
+@@ -522,15 +528,37 @@
+ if (bytes_per_image > sun_info.length)
+ ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
+
+- if (image_info->ping)
+- {
+- CloseBlob(image);
+- return(image);
+- }
+ if (sun_info.type == RT_ENCODED)
+ sun_data_length=(size_t) sun_info.length;
+ else
+ sun_data_length=bytes_per_image;
++
++ /*
++ Verify that data length claimed by header is supported by file size
++ */
++ if (sun_info.type == RT_ENCODED)
++ {
++ if (sun_data_length < bytes_per_image/255U)
++ {
++ ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
++ }
++ }
++ if (BlobIsSeekable(image))
++ {
++ const magick_off_t file_size = GetBlobSize(image);
++ const magick_off_t current_offset = TellBlob(image);
++ if ((file_size > 0) &&
++ (current_offset > 0) &&
++ (file_size > current_offset))
++ {
++ const magick_off_t remaining = file_size-current_offset;
++ if (remaining < (magick_off_t) sun_data_length)
++ {
++ ThrowReaderException(CorruptImageError,UnexpectedEndOfFile,image);
++ }
++ }
++ }
++
+ sun_data=MagickAllocateMemory(unsigned char *,sun_data_length);
+ if (sun_data == (unsigned char *) NULL)
+ ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,image);
+
diff --git a/gnu/packages/patches/httpd-CVE-2017-9798.patch b/gnu/packages/patches/httpd-CVE-2017-9798.patch
new file mode 100644
index 0000000000..8391a3db4a
--- /dev/null
+++ b/gnu/packages/patches/httpd-CVE-2017-9798.patch
@@ -0,0 +1,22 @@
+Fixes "options bleed", aka. CVE-2017-9798:
+
+ https://nvd.nist.gov/vuln/detail/CVE-2017-9798
+ https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
+
+From <https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch>.
+
+--- a/server/core.c 2017/08/16 16:50:29 1805223
++++ b/server/core.c 2017/09/08 13:13:11 1807754
+@@ -2266,6 +2266,12 @@
+ /* method has not been registered yet, but resource restriction
+ * is always checked before method handling, so register it.
+ */
++ if (cmd->pool == cmd->temp_pool) {
++ /* In .htaccess, we can't globally register new methods. */
++ return apr_psprintf(cmd->pool, "Could not register method '%s' "
++ "for %s from .htaccess configuration",
++ method, cmd->cmd->name);
++ }
+ methnum = ap_method_register(cmd->pool,
+ apr_pstrdup(cmd->pool, method));
+ }
diff --git a/gnu/packages/patches/libarchive-CVE-2017-14166.patch b/gnu/packages/patches/libarchive-CVE-2017-14166.patch
new file mode 100644
index 0000000000..a122848440
--- /dev/null
+++ b/gnu/packages/patches/libarchive-CVE-2017-14166.patch
@@ -0,0 +1,45 @@
+Fix CVE-2017-14166:
+
+https://github.com/libarchive/libarchive/issues/935
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
+
+Patch copied from upstream source repository:
+
+https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
+
+From fa7438a0ff4033e4741c807394a9af6207940d71 Mon Sep 17 00:00:00 2001
+From: Joerg Sonnenberger <joerg@bec.de>
+Date: Tue, 5 Sep 2017 18:12:19 +0200
+Subject: [PATCH] Do something sensible for empty strings to make fuzzers
+ happy.
+
+---
+ libarchive/archive_read_support_format_xar.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c
+index 7a22beb9d..93eeacc5e 100644
+--- a/libarchive/archive_read_support_format_xar.c
++++ b/libarchive/archive_read_support_format_xar.c
+@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt)
+ uint64_t l;
+ int digit;
+
++ if (char_cnt == 0)
++ return (0);
++
+ l = 0;
+ digit = *p - '0';
+ while (digit >= 0 && digit < 10 && char_cnt-- > 0) {
+@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt)
+ {
+ int64_t l;
+ int digit;
+-
++
++ if (char_cnt == 0)
++ return (0);
++
+ l = 0;
+ while (char_cnt-- > 0) {
+ if (*p >= '0' && *p <= '7')
diff --git a/gnu/packages/patches/libzip-CVE-2017-12858.patch b/gnu/packages/patches/libzip-CVE-2017-12858.patch
deleted file mode 100644
index 8125173f95..0000000000
--- a/gnu/packages/patches/libzip-CVE-2017-12858.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-Fix CVE-2017-12858:
-
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12858
-
-Patch copied from upstream source repository:
-
-https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796
-
-From 2217022b7d1142738656d891e00b3d2d9179b796 Mon Sep 17 00:00:00 2001
-From: Thomas Klausner <tk@giga.or.at>
-Date: Mon, 14 Aug 2017 10:55:44 +0200
-Subject: [PATCH] Fix double free().
-
-Found by Brian 'geeknik' Carpenter using AFL.
----
- THANKS | 1 +
- lib/zip_dirent.c | 3 ---
- 2 files changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/THANKS b/THANKS
-index be0cca9..a80ee1d 100644
---- a/THANKS
-+++ b/THANKS
-@@ -12,6 +12,7 @@ BALATON Zoltan <balaton@eik.bme.hu>
- Benjamin Gilbert <bgilbert@backtick.net>
- Boaz Stolk <bstolk@aweta.nl>
- Bogdan <bogiebog@gmail.com>
-+Brian 'geeknik' Carpenter <geeknik@protonmail.ch>
- Chris Nehren <cnehren+libzip@pobox.com>
- Coverity <info@coverity.com>
- Dane Springmeyer <dane.springmeyer@gmail.com>
-diff --git a/lib/zip_dirent.c b/lib/zip_dirent.c
-index a369900..e5a7cc9 100644
---- a/lib/zip_dirent.c
-+++ b/lib/zip_dirent.c
-@@ -579,9 +579,6 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo
- }
-
- if (!_zip_dirent_process_winzip_aes(zde, error)) {
-- if (!from_buffer) {
-- _zip_buffer_free(buffer);
-- }
- return -1;
- }
-
diff --git a/gnu/packages/patches/meson-for-build-rpath.patch b/gnu/packages/patches/meson-for-build-rpath.patch
new file mode 100644
index 0000000000..4e20c9aed3
--- /dev/null
+++ b/gnu/packages/patches/meson-for-build-rpath.patch
@@ -0,0 +1,24 @@
+This patch removes a part of meson that clears the rpath upon installation.
+This will only be applied to a special version of meson, used for the
+meson-build-system.
+
+Patch by Peter Mikkelsen <petermikkelsen10@gmail.com>
+
+--- meson-0.42.0/mesonbuild/scripts/meson_install.py.orig 2017-09-09 01:49:39.147374148 +0200
++++ meson-0.42.0/mesonbuild/scripts/meson_install.py 2017-09-09 01:51:01.209134717 +0200
+@@ -345,15 +345,6 @@
+ print("Symlink creation does not work on this platform. "
+ "Skipping all symlinking.")
+ printed_symlink_error = True
+- if is_elf_platform() and os.path.isfile(outname):
+- try:
+- e = depfixer.Elf(outname, False)
+- e.fix_rpath(install_rpath)
+- except SystemExit as e:
+- if isinstance(e.code, int) and e.code == 0:
+- pass
+- else:
+- raise
+
+ def run(args):
+ global install_log_file
diff --git a/gnu/packages/patches/newsbeuter-CVE-2017-14500.patch b/gnu/packages/patches/newsbeuter-CVE-2017-14500.patch
new file mode 100644
index 0000000000..449105e42a
--- /dev/null
+++ b/gnu/packages/patches/newsbeuter-CVE-2017-14500.patch
@@ -0,0 +1,43 @@
+https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333.patch
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14500
+
+From 26f5a4350f3ab5507bb8727051c87bb04660f333 Mon Sep 17 00:00:00 2001
+From: Alexander Batischev <eual.jp@gmail.com>
+Date: Sat, 16 Sep 2017 19:31:43 +0300
+Subject: [PATCH] Work around shell code in podcast names (#598)
+
+---
+ src/pb_controller.cpp | 6 +++---
+ src/queueloader.cpp | 2 +-
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/pb_controller.cpp b/src/pb_controller.cpp
+index 09b5e897..213216cd 100644
+--- a/src/pb_controller.cpp
++++ b/src/pb_controller.cpp
+@@ -306,9 +306,9 @@ void pb_controller::play_file(const std::string& file) {
+ if (player == "")
+ return;
+ cmdline.append(player);
+- cmdline.append(" \"");
+- cmdline.append(utils::replace_all(file,"\"", "\\\""));
+- cmdline.append("\"");
++ cmdline.append(" \'");
++ cmdline.append(utils::replace_all(file,"'", "%27"));
++ cmdline.append("\'");
+ stfl::reset();
+ LOG(LOG_DEBUG, "pb_controller::play_file: running `%s'", cmdline.c_str());
+ ::system(cmdline.c_str());
+diff --git a/src/queueloader.cpp b/src/queueloader.cpp
+index c1dabdd8..ae725e04 100644
+--- a/src/queueloader.cpp
++++ b/src/queueloader.cpp
+@@ -130,7 +130,7 @@ std::string queueloader::get_filename(const std::string& str) {
+ strftime(lbuf, sizeof(lbuf), "%Y-%b-%d-%H%M%S.unknown", localtime(&t));
+ fn.append(lbuf);
+ } else {
+- fn.append(base);
++ fn.append(utils::replace_all(base, "'", "%27"));
+ }
+ return fn;
+ }
diff --git a/gnu/packages/patches/openfoam-4.1-cleanup.patch b/gnu/packages/patches/openfoam-4.1-cleanup.patch
new file mode 100644
index 0000000000..37effa5c9c
--- /dev/null
+++ b/gnu/packages/patches/openfoam-4.1-cleanup.patch
@@ -0,0 +1,243 @@
+# This patch removes all need for the ThirdParty files of OpenFOAM.
+
+# Derived from EasyBuild patch by Ward Poelmans <wpoely86@gmail.com>.
+# Modified for GNU Guix by Paul Garlick <pgarlick@tourbillion-technology.com>.
+
+diff -ur OpenFOAM-4.x-version-4.1.org/applications/utilities/mesh/manipulation/setSet/Allwmake OpenFOAM-4.x-version-4.1/applications/utilities/mesh/manipulation/setSet/Allwmake
+--- OpenFOAM-4.x-version-4.1.org/applications/utilities/mesh/manipulation/setSet/Allwmake
++++ OpenFOAM-4.x-version-4.1/applications/utilities/mesh/manipulation/setSet/Allwmake
+@@ -9,7 +9,7 @@
+ #
+ # use readline if available
+ #
+-if [ -f /usr/include/readline/readline.h ]
++if true
+ then
+ echo "Found <readline/readline.h> -- enabling readline support."
+ export COMP_FLAGS="-DHAS_READLINE"
+diff -ur OpenFOAM-4.x-version-4.1.org/etc/bashrc OpenFOAM-4.x-version-4.1/etc/bashrc
+--- OpenFOAM-4.x-version-4.1.org/etc/bashrc
++++ OpenFOAM-4.x-version-4.1/etc/bashrc
+@@ -43,8 +43,10 @@
+ # Please set to the appropriate path if the default is not correct.
+ #
+ [ $BASH_SOURCE ] && \
+-export FOAM_INST_DIR=$(cd ${BASH_SOURCE%/*/*/*} && pwd -P) || \
++export FOAM_INST_DIR=$(cd $(dirname $BASH_SOURCE)/../.. && pwd -P) || \
+ export FOAM_INST_DIR=$HOME/$WM_PROJECT
++# For GNU Guix: set initially for build then re-set at runtime
++#
+ # export FOAM_INST_DIR=~$WM_PROJECT
+ # export FOAM_INST_DIR=/opt/$WM_PROJECT
+ # export FOAM_INST_DIR=/usr/local/$WM_PROJECT
+diff -ur OpenFOAM-4.x-version-4.1.org/etc/config.sh/CGAL OpenFOAM-4.x-version-4.1/etc/config.sh/CGAL
+--- OpenFOAM-4.x-version-4.1.org/etc/config.sh/CGAL
++++ OpenFOAM-4.x-version-4.1/etc/config.sh/CGAL
+@@ -36,37 +36,7 @@
+ #
+ #------------------------------------------------------------------------------
+
+-boost_version=boost-system
+-cgal_version=cgal-system
+-#cgal_version=CGAL-4.8
+-
+-if [ -z "$SOURCE_CGAL_VERSIONS_ONLY" ]
+-then
+-
+- common_path=$WM_THIRD_PARTY_DIR/platforms/$WM_ARCH$WM_COMPILER
+-
+- export BOOST_ARCH_PATH=$common_path/$boost_version
+- export CGAL_ARCH_PATH=$common_path/$cgal_version
+-
+- if [ "$FOAM_VERBOSE" -a "$PS1" ]
+- then
+- echo "Using CGAL and boost" 1>&2
+- echo " $cgal_version at $CGAL_ARCH_PATH" 1>&2
+- echo " $boost_version at $BOOST_ARCH_PATH" 1>&2
+- fi
+-
+- if [ -d "$CGAL_ARCH_PATH" -a "$cgal_version" != "cgal-system" ]
+- then
+- _foamAddLib $CGAL_ARCH_PATH/lib
+- fi
+-
+- if [ -d "$BOOST_ARCH_PATH" -a "$boost_version" != "boost-system" ]
+- then
+- _foamAddLib $BOOST_ARCH_PATH/lib
+- fi
+-
+- unset boost_version cgal_version common_path
+-
+-fi
++export CGAL_ARCH_PATH=$CGAL_ROOT
++export BOOST_ARCH_PATH=$BOOST_ROOT
+
+ #------------------------------------------------------------------------------
+diff -ur OpenFOAM-4.x-version-4.1.org/etc/config.sh/gperftools OpenFOAM-4.x-version-4.1/etc/config.sh/gperftools
+--- OpenFOAM-4.x-version-4.1.org/etc/config.sh/gperftools
++++ OpenFOAM-4.x-version-4.1/etc/config.sh/gperftools
+@@ -29,13 +29,5 @@
+ #
+ #------------------------------------------------------------------------------
+
+-version=svn
+-gperftools_install=$WM_THIRD_PARTY_DIR/platforms/$WM_ARCH$WM_COMPILER
+-
+-GPERFTOOLS_VERSION=gperftools-$version
+-GPERFTOOLS_ARCH_PATH=$gperftools_install/$GPERFTOOLS_VERSION
+-
+-export PATH=$GPERFTOOLS_ARCH_PATH/bin:$PATH
+-export LD_LIBRARY_PATH=$GPERFTOOLS_ARCH_PATH/lib:$LD_LIBRARY_PATH
+
+ #------------------------------------------------------------------------------
+diff -ur OpenFOAM-4.x-version-4.1.org/etc/config.sh/metis OpenFOAM-4.x-version-4.1/etc/config.sh/metis
+--- OpenFOAM-4.x-version-4.1.org/etc/config.sh/metis
++++ OpenFOAM-4.x-version-4.1/etc/config.sh/metis
+@@ -34,7 +34,7 @@
+ #
+ #------------------------------------------------------------------------------
+
+-export METIS_VERSION=metis-5.1.0
+-export METIS_ARCH_PATH=$WM_THIRD_PARTY_DIR/platforms/$WM_ARCH$WM_COMPILER$WM_PRECISION_OPTION$WM_LABEL_OPTION/$METIS_VERSION
++export METIS_VERSION=metis-$METISVERSION
++export METIS_ARCH_PATH=$METIS_ROOT
+
+ #------------------------------------------------------------------------------
+diff -ur OpenFOAM-4.x-version-4.1.org/etc/config.sh/scotch OpenFOAM-4.x-version-4.1/etc/config.sh/scotch
+--- OpenFOAM-4.x-version-4.1.org/etc/config.sh/scotch
++++ OpenFOAM-4.x-version-4.1/etc/config.sh/scotch
+@@ -37,7 +37,7 @@
+ #
+ #------------------------------------------------------------------------------
+
+-export SCOTCH_VERSION=scotch_6.0.3
+-export SCOTCH_ARCH_PATH=$WM_THIRD_PARTY_DIR/platforms/$WM_ARCH$WM_COMPILER$WM_PRECISION_OPTION$WM_LABEL_OPTION/$SCOTCH_VERSION
++export SCOTCH_VERSION=scotch_$SCOTCHVERSION
++export SCOTCH_ARCH_PATH=$SCOTCH_ROOT
+
+ #------------------------------------------------------------------------------
+diff -ur OpenFOAM-4.x-version-4.1.org/etc/config.sh/settings OpenFOAM-4.x-version-4.1/etc/config.sh/settings
+--- OpenFOAM-4.x-version-4.1.org/etc/config.sh/settings
++++ OpenFOAM-4.x-version-4.1/etc/config.sh/settings
+@@ -279,6 +279,9 @@
+ ;;
+ system)
+ # Use system compiler
++ # Use system GMP and MPFR packages
++ export GMP_ARCH_PATH=$GMP_ROOT
++ export MPFR_ARCH_PATH=$MPFR_ROOT
+ ;;
+ *)
+ echo "Warn: WM_COMPILER_TYPE='$WM_COMPILER_TYPE' is unsupported" 1>&2
+diff -ur OpenFOAM-4.x-version-4.1.org/src/parallel/decompose/ptscotchDecomp/Make/options OpenFOAM-4.x-version-4.1/src/parallel/decompose/ptscotchDecomp/Make/options
+--- OpenFOAM-4.x-version-4.1.org/src/parallel/decompose/ptscotchDecomp/Make/options
++++ OpenFOAM-4.x-version-4.1/src/parallel/decompose/ptscotchDecomp/Make/options
+@@ -5,8 +5,7 @@
+ $(PFLAGS) $(PINC) \
+ -I$(SCOTCH_ROOT)/include \
+ -I$(SCOTCH_ARCH_PATH)/include/$(FOAM_MPI) \
+- -I/usr/include/scotch \
+ -I../decompositionMethods/lnInclude
+
+ LIB_LIBS = \
+- -L$(SCOTCH_ROOT)/lib -L$(FOAM_EXT_LIBBIN)/$(FOAM_MPI) -lptscotch -lptscotcherrexit -lscotch ${LINK_FLAGS} -lrt
++ -L$(SCOTCH_ROOT)/lib -L$(MPI_ARCH_PATH)/lib -lptscotch -lptscotcherrexit -lscotch ${LINK_FLAGS} -lrt
+diff -ur OpenFOAM-4.x-version-4.1.org/src/parallel/decompose/scotchDecomp/Make/options OpenFOAM-4.x-version-4.1/src/parallel/decompose/scotchDecomp/Make/options
+--- OpenFOAM-4.x-version-4.1.org/src/parallel/decompose/scotchDecomp/Make/options
++++ OpenFOAM-4.x-version-4.1/src/parallel/decompose/scotchDecomp/Make/options
+@@ -9,8 +9,7 @@
+ $(PFLAGS) $(PINC) \
+ -I$(SCOTCH_ROOT)/include \
+ -I$(SCOTCH_ARCH_PATH)/include \
+- -I/usr/include/scotch \
+ -I../decompositionMethods/lnInclude
+
+ LIB_LIBS = \
+- -L$(SCOTCH_ROOT)/lib -L$(FOAM_EXT_LIBBIN) -lscotch -lscotcherrexit -lrt
++ -L$(SCOTCH_ROOT)/lib -lscotch -lscotcherrexit -lrt
+diff -ur OpenFOAM-4.x-version-4.1.org/wmake/makefiles/general OpenFOAM-4.x-version-4.1/wmake/makefiles/general
+--- OpenFOAM-4.x-version-4.1.org/wmake/makefiles/general
++++ OpenFOAM-4.x-version-4.1/wmake/makefiles/general
+@@ -33,7 +33,6 @@
+ # The Makefile uses a POSIX shell
+ #------------------------------------------------------------------------------
+
+-SHELL = /bin/sh
+
+
+ #------------------------------------------------------------------------------
+diff -ur OpenFOAM-4.x-version-4.1.org/wmake/wmake OpenFOAM-4.x-version-4.1/wmake/wmake
+--- OpenFOAM-4.x-version-4.1.org/wmake/wmake
++++ OpenFOAM-4.x-version-4.1/wmake/wmake
+@@ -163,7 +163,7 @@
+ then
+ if [ "$WM_NCOMPPROCS" -gt 1 -a ! "$MAKEFLAGS" ]
+ then
+- lockDir=$HOME/.$WM_PROJECT/.wmake
++ lockDir=$(cd $(dirname $BASH_SOURCE)/../.. && pwd -P)/.$WM_PROJECT/.wmake
+
+ if [ -d $lockDir ]
+ then
+diff -ur OpenFOAM-4.x-version-4.1.org/wmake/wmakeScheduler OpenFOAM-4.x-version-4.1/wmake/wmakeScheduler
+--- OpenFOAM-4.x-version-4.1.org/wmake/wmakeScheduler
++++ OpenFOAM-4.x-version-4.1/wmake/wmakeScheduler
+@@ -53,7 +53,7 @@
+ # csh sets HOST, bash sets HOSTNAME
+ : ${HOST:=$HOSTNAME}
+
+-lockDir=$HOME/.$WM_PROJECT/.wmake
++lockDir=$(cd $(dirname $BASH_SOURCE)/../.. && pwd -P)/.$WM_PROJECT/.wmake
+
+ # Fallback - 1 core on current host
+ : ${WM_HOSTS:=$HOST:1}
+diff -ur OpenFOAM-4.x-version-4.1.org/wmake/wmakeSchedulerUptime OpenFOAM-4.x-version-4.1/wmake/wmakeSchedulerUptime
+--- OpenFOAM-4.x-version-4.1.org/wmake/wmakeSchedulerUptime
++++ OpenFOAM-4.x-version-4.1/wmake/wmakeSchedulerUptime
+@@ -53,7 +53,7 @@
+ # csh sets HOST, bash sets HOSTNAME
+ : ${HOST:=$HOSTNAME}
+
+-lockDir=$HOME/.$WM_PROJECT/.wmake
++lockDir=$(cd $(dirname $BASH_SOURCE)/../.. && pwd -P)/.$WM_PROJECT/.wmake
+ # Fallback - 1 core on current host
+ : ${WM_HOSTS:=$HOST:1}
+
+diff -ur OpenFOAM-4.x-version-4.1.org/src/parallel/decompose/metisDecomp/metisDecomp.C OpenFOAM-4.x-version-4.1/src/parallel/decompose/metisDecomp/metisDecomp.C
+--- OpenFOAM-4.x-version-4.1.org/src/parallel/decompose/metisDecomp/metisDecomp.C
++++ OpenFOAM-4.x-version-4.1/src/parallel/decompose/metisDecomp/metisDecomp.C
+@@ -67,7 +67,7 @@
+
+ // Processor weights initialised with no size, only used if specified in
+ // a file
+- Field<scalar> processorWeights;
++ Field<floatScalar> processorWeights;
+
+ // Cell weights (so on the vertices of the dual)
+ List<label> cellWeights;
+diff -ur OpenFOAM-4.x-version-4.1.org/wmake/rules/General/CGAL OpenFOAM-4.x-version-4.1/wmake/rules/General/CGAL
+--- OpenFOAM-4.x-version-4.1.org/wmake/rules/General/CGAL
++++ OpenFOAM-4.x-version-4.1/wmake/rules/General/CGAL
+@@ -6,9 +6,10 @@
+ -I/usr/include
+
+ CGAL_LIBS = \
+- -L$(MPFR_ARCH_PATH)/lib$(WM_COMPILER_LIB_ARCH) \
+- -L$(GMP_ARCH_PATH)/lib$(WM_COMPILER_LIB_ARCH) \
++ -L$(MPFR_ARCH_PATH)/lib \
++ -L$(GMP_ARCH_PATH)/lib \
+ -L$(BOOST_ARCH_PATH)/lib \
+ -L$(CGAL_ARCH_PATH)/lib \
+ -lCGAL \
++ -lgmp \
+ -lmpfr
+diff -ur OpenFOAM-4.x-version-4.1.org/wmake/rules/linux64Gcc/c++ OpenFOAM-4.x-version-4.1/wmake/rules/linux64Gcc/c++
+--- OpenFOAM-4.x-version-4.1.org/wmake/rules/linux64Gcc/c++
++++ OpenFOAM-4.x-version-4.1/wmake/rules/linux64Gcc/c++
+@@ -20,5 +20,5 @@
+
+ LINK_LIBS = $(c++DBUG)
+
+-LINKLIBSO = $(CC) $(c++FLAGS) -shared -Xlinker --add-needed -Xlinker --no-as-needed
+-LINKEXE = $(CC) $(c++FLAGS) -Xlinker --add-needed -Xlinker --no-as-needed
++LINKLIBSO = $(CC) $(c++FLAGS) $(LDFLAGS) -shared -Xlinker --add-needed -Xlinker --no-as-needed
++LINKEXE = $(CC) $(c++FLAGS) $(LDFLAGS) -Xlinker --add-needed -Xlinker --no-as-needed
diff --git a/gnu/packages/patches/openjpeg-CVE-2017-14151.patch b/gnu/packages/patches/openjpeg-CVE-2017-14151.patch
new file mode 100644
index 0000000000..4fcf6af6db
--- /dev/null
+++ b/gnu/packages/patches/openjpeg-CVE-2017-14151.patch
@@ -0,0 +1,46 @@
+https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
+http://openwall.com/lists/oss-security/2017/09/06/1
+
+From afb308b9ccbe129608c9205cf3bb39bbefad90b9 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Mon, 14 Aug 2017 17:20:37 +0200
+Subject: [PATCH] Encoder: grow buffer size in
+ opj_tcd_code_block_enc_allocate_data() to avoid write heap buffer overflow in
+ opj_mqc_flush (#982)
+
+---
+ src/lib/openjp2/tcd.c | 7 +++++--
+ tests/nonregression/test_suite.ctest.in | 2 ++
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
+index 301c7213e..53cdcf64d 100644
+--- a/src/lib/openjp2/tcd.c
++++ b/src/lib/openjp2/tcd.c
+@@ -1187,8 +1187,11 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate_data(opj_tcd_cblk_enc_t *
+ {
+ OPJ_UINT32 l_data_size;
+
+- /* The +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
+- l_data_size = 1 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
++ /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
++ /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
++ /* TODO: is there a theoretical upper-bound for the compressed code */
++ /* block size ? */
++ l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
+ (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
+
+ if (l_data_size > p_code_block->data_size) {
+diff --git a/tests/nonregression/test_suite.ctest.in b/tests/nonregression/test_suite.ctest.in
+index aaf40d7d0..ffd964c2a 100644
+--- a/tests/nonregression/test_suite.ctest.in
++++ b/tests/nonregression/test_suite.ctest.in
+@@ -169,6 +169,8 @@ opj_compress -i @INPUT_NR_PATH@/Bretagne2.ppm -o @TEMP_PATH@/Bretagne2_empty_ban
+ # Same rate as Bretagne2_4.j2k
+ opj_compress -i @INPUT_NR_PATH@/Bretagne2.ppm -o @TEMP_PATH@/Bretagne2_empty_band_r800.j2k -t 2591,1943 -n 2 -r 800
+
++opj_compress -i @INPUT_NR_PATH@/issue982.bmp -o @TEMP_PATH@/issue982.j2k -n 1
++
+ # DECODER TEST SUITE
+ opj_decompress -i @INPUT_NR_PATH@/Bretagne2.j2k -o @TEMP_PATH@/Bretagne2.j2k.pgx
+ opj_decompress -i @INPUT_NR_PATH@/_00042.j2k -o @TEMP_PATH@/_00042.j2k.pgx
diff --git a/gnu/packages/patches/openjpeg-CVE-2017-14152.patch b/gnu/packages/patches/openjpeg-CVE-2017-14152.patch
new file mode 100644
index 0000000000..6c083be123
--- /dev/null
+++ b/gnu/packages/patches/openjpeg-CVE-2017-14152.patch
@@ -0,0 +1,38 @@
+https://github.com/uclouvain/openjpeg/commit/4241ae6fbbf1de9658764a80944dc8108f2b4154.patch
+http://openwall.com/lists/oss-security/2017/09/06/2
+
+From 4241ae6fbbf1de9658764a80944dc8108f2b4154 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Tue, 15 Aug 2017 11:55:58 +0200
+Subject: [PATCH] Fix assertion in debug mode / heap-based buffer overflow in
+ opj_write_bytes_LE for Cinema profiles with numresolutions = 1 (#985)
+
+---
+ src/lib/openjp2/j2k.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
+index a2521ebbc..54b490a8c 100644
+--- a/src/lib/openjp2/j2k.c
++++ b/src/lib/openjp2/j2k.c
+@@ -6573,10 +6573,16 @@ static void opj_j2k_set_cinema_parameters(opj_cparameters_t *parameters,
+
+ /* Precincts */
+ parameters->csty |= 0x01;
+- parameters->res_spec = parameters->numresolution - 1;
+- for (i = 0; i < parameters->res_spec; i++) {
+- parameters->prcw_init[i] = 256;
+- parameters->prch_init[i] = 256;
++ if (parameters->numresolution == 1) {
++ parameters->res_spec = 1;
++ parameters->prcw_init[0] = 128;
++ parameters->prch_init[0] = 128;
++ } else {
++ parameters->res_spec = parameters->numresolution - 1;
++ for (i = 0; i < parameters->res_spec; i++) {
++ parameters->prcw_init[i] = 256;
++ parameters->prch_init[i] = 256;
++ }
+ }
+
+ /* The progression order shall be CPRL */
diff --git a/gnu/packages/patches/openjpeg-CVE-2017-14164.patch b/gnu/packages/patches/openjpeg-CVE-2017-14164.patch
new file mode 100644
index 0000000000..2bfc5a6a85
--- /dev/null
+++ b/gnu/packages/patches/openjpeg-CVE-2017-14164.patch
@@ -0,0 +1,89 @@
+https://github.com/uclouvain/openjpeg/commit/dcac91b8c72f743bda7dbfa9032356bc8110098a.patch
+http://openwall.com/lists/oss-security/2017/09/06/3
+
+From dcac91b8c72f743bda7dbfa9032356bc8110098a Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Wed, 16 Aug 2017 17:09:10 +0200
+Subject: [PATCH] opj_j2k_write_sot(): fix potential write heap buffer overflow
+ (#991)
+
+---
+ src/lib/openjp2/j2k.c | 25 ++++++++++++++++++++-----
+ 1 file changed, 20 insertions(+), 5 deletions(-)
+
+diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
+index 54b490a8c..16915452e 100644
+--- a/src/lib/openjp2/j2k.c
++++ b/src/lib/openjp2/j2k.c
+@@ -832,13 +832,15 @@ static OPJ_BOOL opj_j2k_write_tlm(opj_j2k_t *p_j2k,
+ * Writes the SOT marker (Start of tile-part)
+ *
+ * @param p_j2k J2K codec.
+- * @param p_data FIXME DOC
+- * @param p_data_written FIXME DOC
++ * @param p_data Output buffer
++ * @param p_total_data_size Output buffer size
++ * @param p_data_written Number of bytes written into stream
+ * @param p_stream the stream to write data to.
+ * @param p_manager the user event manager.
+ */
+ static OPJ_BOOL opj_j2k_write_sot(opj_j2k_t *p_j2k,
+ OPJ_BYTE * p_data,
++ OPJ_UINT32 p_total_data_size,
+ OPJ_UINT32 * p_data_written,
+ const opj_stream_private_t *p_stream,
+ opj_event_mgr_t * p_manager);
+@@ -4201,6 +4203,7 @@ static OPJ_BOOL opj_j2k_write_tlm(opj_j2k_t *p_j2k,
+
+ static OPJ_BOOL opj_j2k_write_sot(opj_j2k_t *p_j2k,
+ OPJ_BYTE * p_data,
++ OPJ_UINT32 p_total_data_size,
+ OPJ_UINT32 * p_data_written,
+ const opj_stream_private_t *p_stream,
+ opj_event_mgr_t * p_manager
+@@ -4214,6 +4217,12 @@ static OPJ_BOOL opj_j2k_write_sot(opj_j2k_t *p_j2k,
+ OPJ_UNUSED(p_stream);
+ OPJ_UNUSED(p_manager);
+
++ if (p_total_data_size < 12) {
++ opj_event_msg(p_manager, EVT_ERROR,
++ "Not enough bytes in output buffer to write SOT marker\n");
++ return OPJ_FALSE;
++ }
++
+ opj_write_bytes(p_data, J2K_MS_SOT,
+ 2); /* SOT */
+ p_data += 2;
+@@ -11480,7 +11489,8 @@ static OPJ_BOOL opj_j2k_write_first_tile_part(opj_j2k_t *p_j2k,
+
+ l_current_nb_bytes_written = 0;
+ l_begin_data = p_data;
+- if (! opj_j2k_write_sot(p_j2k, p_data, &l_current_nb_bytes_written, p_stream,
++ if (! opj_j2k_write_sot(p_j2k, p_data, p_total_data_size,
++ &l_current_nb_bytes_written, p_stream,
+ p_manager)) {
+ return OPJ_FALSE;
+ }
+@@ -11572,7 +11582,10 @@ static OPJ_BOOL opj_j2k_write_all_tile_parts(opj_j2k_t *p_j2k,
+ l_part_tile_size = 0;
+ l_begin_data = p_data;
+
+- if (! opj_j2k_write_sot(p_j2k, p_data, &l_current_nb_bytes_written, p_stream,
++ if (! opj_j2k_write_sot(p_j2k, p_data,
++ p_total_data_size,
++ &l_current_nb_bytes_written,
++ p_stream,
+ p_manager)) {
+ return OPJ_FALSE;
+ }
+@@ -11615,7 +11628,9 @@ static OPJ_BOOL opj_j2k_write_all_tile_parts(opj_j2k_t *p_j2k,
+ l_part_tile_size = 0;
+ l_begin_data = p_data;
+
+- if (! opj_j2k_write_sot(p_j2k, p_data, &l_current_nb_bytes_written, p_stream,
++ if (! opj_j2k_write_sot(p_j2k, p_data,
++ p_total_data_size,
++ &l_current_nb_bytes_written, p_stream,
+ p_manager)) {
+ return OPJ_FALSE;
+ }
diff --git a/gnu/packages/patches/perl-text-markdown-discount-use-system-markdown.patch b/gnu/packages/patches/perl-text-markdown-discount-use-system-markdown.patch
new file mode 100644
index 0000000000..e0df632a04
--- /dev/null
+++ b/gnu/packages/patches/perl-text-markdown-discount-use-system-markdown.patch
@@ -0,0 +1,32 @@
+Description: Use the markdown library provided by the libmarkdown2 package.
+Author: Alessandro Ghedini <al3xbio@gmail.com>
+Origin: vendor
+Forwarded: not-needed
+Last-Update: 2012-01-01
+
+--- a/Makefile.PL
++++ b/Makefile.PL
+@@ -57,12 +57,6 @@
+
+
+
+-sub MY::postamble {
+- return sprintf('
+-$(MYEXTLIB):
+- %s
+-', qq{( cd $extdir; CC='cc -fPIC' sh configure.sh; make )\n});
+-}
+
+ WriteMakefile(
+ NAME => 'Text::Markdown::Discount',
+@@ -71,8 +65,6 @@
+ ($] >= 5.005 ?
+ (ABSTRACT_FROM => 'lib/Text/Markdown/Discount.pm',
+ AUTHOR => 'Masayoshi Sekimura <sekimura@cpan.org>') : ()),
+- LIBS => '-L' . $extdir,
+- INC => '-I. -I' . $extdir,
+- MYEXTLIB => $myextlib,
+- clean => { FILES => $clean_files },
++ LIBS => '-lmarkdown',
++ INC => '-I.',
+ );
diff --git a/gnu/packages/patches/python-acme-dont-use-openssl-rand.patch b/gnu/packages/patches/python-acme-dont-use-openssl-rand.patch
new file mode 100644
index 0000000000..78920629c0
--- /dev/null
+++ b/gnu/packages/patches/python-acme-dont-use-openssl-rand.patch
@@ -0,0 +1,28 @@
+Fix build with PyOpenSSL > 17.2.0.
+
+See <https://github.com/certbot/certbot/issues/5111>.
+
+Patch copied from upstream source repository:
+https://github.com/certbot/certbot/commit/f6be07da74c664b57ac8c053585f919c79f9af44
+
+diff --git a/acme/crypto_util.py b/acme/crypto_util.py
+index de15284c03..b8fba03488 100644
+--- a/acme/crypto_util.py
++++ b/acme/crypto_util.py
+@@ -2,6 +2,7 @@
+ import binascii
+ import contextlib
+ import logging
++import os
+ import re
+ import socket
+ import sys
+@@ -243,7 +244,7 @@ def gen_ss_cert(key, domains, not_before=None,
+ """
+ assert domains, "Must provide one or more hostnames for the cert."
+ cert = OpenSSL.crypto.X509()
+- cert.set_serial_number(int(binascii.hexlify(OpenSSL.rand.bytes(16)), 16))
++ cert.set_serial_number(int(binascii.hexlify(os.urandom(16)), 16))
+ cert.set_version(2)
+
+ extensions = [
diff --git a/gnu/packages/patches/qemu-CVE-2017-13711.patch b/gnu/packages/patches/qemu-CVE-2017-13711.patch
new file mode 100644
index 0000000000..4070115419
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2017-13711.patch
@@ -0,0 +1,89 @@
+Fix CVE-2017-13711:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13711
+
+Patch copied from upstream source repository:
+
+https://git.qemu.org/?p=qemu.git;a=commitdiff;h=1201d308519f1e915866d7583d5136d03cc1d384
+
+From 1201d308519f1e915866d7583d5136d03cc1d384 Mon Sep 17 00:00:00 2001
+From: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Date: Fri, 25 Aug 2017 01:35:53 +0200
+Subject: [PATCH] slirp: fix clearing ifq_so from pending packets
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The if_fastq and if_batchq contain not only packets, but queues of packets
+for the same socket. When sofree frees a socket, it thus has to clear ifq_so
+from all the packets from the queues, not only the first.
+
+Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ slirp/socket.c | 39 +++++++++++++++++++++++----------------
+ 1 file changed, 23 insertions(+), 16 deletions(-)
+
+diff --git a/slirp/socket.c b/slirp/socket.c
+index ecec0295a9..cb7b5b608d 100644
+--- a/slirp/socket.c
++++ b/slirp/socket.c
+@@ -59,6 +59,27 @@ socreate(Slirp *slirp)
+ return(so);
+ }
+
++/*
++ * Remove references to so from the given message queue.
++ */
++static void
++soqfree(struct socket *so, struct quehead *qh)
++{
++ struct mbuf *ifq;
++
++ for (ifq = (struct mbuf *) qh->qh_link;
++ (struct quehead *) ifq != qh;
++ ifq = ifq->ifq_next) {
++ if (ifq->ifq_so == so) {
++ struct mbuf *ifm;
++ ifq->ifq_so = NULL;
++ for (ifm = ifq->ifs_next; ifm != ifq; ifm = ifm->ifs_next) {
++ ifm->ifq_so = NULL;
++ }
++ }
++ }
++}
++
+ /*
+ * remque and free a socket, clobber cache
+ */
+@@ -66,23 +87,9 @@ void
+ sofree(struct socket *so)
+ {
+ Slirp *slirp = so->slirp;
+- struct mbuf *ifm;
+
+- for (ifm = (struct mbuf *) slirp->if_fastq.qh_link;
+- (struct quehead *) ifm != &slirp->if_fastq;
+- ifm = ifm->ifq_next) {
+- if (ifm->ifq_so == so) {
+- ifm->ifq_so = NULL;
+- }
+- }
+-
+- for (ifm = (struct mbuf *) slirp->if_batchq.qh_link;
+- (struct quehead *) ifm != &slirp->if_batchq;
+- ifm = ifm->ifq_next) {
+- if (ifm->ifq_so == so) {
+- ifm->ifq_so = NULL;
+- }
+- }
++ soqfree(so, &slirp->if_fastq);
++ soqfree(so, &slirp->if_batchq);
+
+ if (so->so_emu==EMU_RSH && so->extra) {
+ sofree(so->extra);
+--
+2.14.1
+
diff --git a/gnu/packages/patches/qemu-CVE-2017-14167.patch b/gnu/packages/patches/qemu-CVE-2017-14167.patch
new file mode 100644
index 0000000000..a6007ac082
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2017-14167.patch
@@ -0,0 +1,69 @@
+Fix CVE-2017-14167:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14167
+http://seclists.org/oss-sec/2017/q3/407
+
+Patch copied from upstream development mailing list:
+
+https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html
+
+From: Prasad J Pandit <address@hidden>
+
+While loading kernel via multiboot-v1 image, (flags & 0x00010000)
+indicates that multiboot header contains valid addresses to load
+the kernel image. These addresses are used to compute kernel
+size and kernel text offset in the OS image. Validate these
+address values to avoid an OOB access issue.
+
+This is CVE-2017-14167.
+
+Reported-by: Thomas Garnier <address@hidden>
+Signed-off-by: Prasad J Pandit <address@hidden>
+---
+ hw/i386/multiboot.c | 19 +++++++++++++++++++
+ 1 file changed, 19 insertions(+)
+
+Update: add CVE-ID to the commit message.
+
+diff --git a/hw/i386/multiboot.c b/hw/i386/multiboot.c
+index 6001f4caa2..c7b70c91d5 100644
+--- a/hw/i386/multiboot.c
++++ b/hw/i386/multiboot.c
+@@ -221,15 +221,34 @@ int load_multiboot(FWCfgState *fw_cfg,
+ uint32_t mh_header_addr = ldl_p(header+i+12);
+ uint32_t mh_load_end_addr = ldl_p(header+i+20);
+ uint32_t mh_bss_end_addr = ldl_p(header+i+24);
++
+ mh_load_addr = ldl_p(header+i+16);
++ if (mh_header_addr < mh_load_addr) {
++ fprintf(stderr, "invalid mh_load_addr address\n");
++ exit(1);
++ }
++
+ uint32_t mb_kernel_text_offset = i - (mh_header_addr - mh_load_addr);
+ uint32_t mb_load_size = 0;
+ mh_entry_addr = ldl_p(header+i+28);
+
+ if (mh_load_end_addr) {
++ if (mh_bss_end_addr < mh_load_addr) {
++ fprintf(stderr, "invalid mh_bss_end_addr address\n");
++ exit(1);
++ }
+ mb_kernel_size = mh_bss_end_addr - mh_load_addr;
++
++ if (mh_load_end_addr < mh_load_addr) {
++ fprintf(stderr, "invalid mh_load_end_addr address\n");
++ exit(1);
++ }
+ mb_load_size = mh_load_end_addr - mh_load_addr;
+ } else {
++ if (kernel_file_size < mb_kernel_text_offset) {
++ fprintf(stderr, "invalid kernel_file_size\n");
++ exit(1);
++ }
+ mb_kernel_size = kernel_file_size - mb_kernel_text_offset;
+ mb_load_size = mb_kernel_size;
+ }
+--
+2.13.5
+
diff --git a/gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch b/gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch
deleted file mode 100644
index d68b836c71..0000000000
--- a/gnu/packages/patches/ruby-2.2.7-rubygems-2613-ruby22.patch
+++ /dev/null
@@ -1,355 +0,0 @@
-diff --git lib/rubygems.rb lib/rubygems.rb
-index f48496aa31..0e1855b148 100644
---- ruby-2.2.7/lib/rubygems.rb
-+++ ruby-2.2.7/lib/rubygems.rb
-@@ -9,7 +9,7 @@ require 'rbconfig'
- require 'thread'
-
- module Gem
-- VERSION = '2.4.5.2'
-+ VERSION = '2.4.5.3'
- end
-
- # Must be first since it unloads the prelude from 1.9.2
-diff --git lib/rubygems/commands/query_command.rb lib/rubygems/commands/query_command.rb
-index 432250e033..44364cfab2 100644
---- ruby-2.2.7/lib/rubygems/commands/query_command.rb
-+++ ruby-2.2.7/lib/rubygems/commands/query_command.rb
-@@ -218,7 +218,7 @@ is too hard to use.
- end
- end
-
-- output << make_entry(matching_tuples, platforms)
-+ output << clean_text(make_entry(matching_tuples, platforms))
- end
- end
-
-@@ -336,7 +336,8 @@ is too hard to use.
- end
-
- def spec_summary entry, spec
-- entry << "\n\n" << format_text(spec.summary, 68, 4)
-+ summary = truncate_text(spec.summary, "the summary for #{spec.full_name}")
-+ entry << "\n\n" << format_text(summary, 68, 4)
- end
-
- end
-diff --git lib/rubygems/installer.rb lib/rubygems/installer.rb
-index 10fc1a34a5..a27569fe2e 100644
---- ruby-2.2.7/lib/rubygems/installer.rb
-+++ ruby-2.2.7/lib/rubygems/installer.rb
-@@ -646,6 +646,11 @@ class Gem::Installer
- unpack or File.writable?(gem_home)
- end
-
-+ def verify_spec_name
-+ return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN
-+ raise Gem::InstallError, "#{spec} has an invalid name"
-+ end
-+
- ##
- # Return the text for an application file.
-
-@@ -771,6 +776,8 @@ TEXT
-
- ensure_loadable_spec
-
-+ verify_spec_name
-+
- if options[:install_as_default]
- Gem.ensure_default_gem_subdirectories gem_home
- else
-diff --git lib/rubygems/remote_fetcher.rb lib/rubygems/remote_fetcher.rb
-index b1f6dd17fc..2b9d61c0a1 100644
---- ruby-2.2.7/lib/rubygems/remote_fetcher.rb
-+++ ruby-2.2.7/lib/rubygems/remote_fetcher.rb
-@@ -96,7 +96,7 @@ class Gem::RemoteFetcher
- else
- target = res.target.to_s.strip
-
-- if /\.#{Regexp.quote(host)}\z/ =~ target
-+ if URI("http://" + target).host.end_with?(".#{host}")
- return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
- end
-
-diff --git lib/rubygems/specification.rb lib/rubygems/specification.rb
-index ab1cd92270..faca837128 100644
---- ruby-2.2.7/lib/rubygems/specification.rb
-+++ ruby-2.2.7/lib/rubygems/specification.rb
-@@ -106,6 +106,8 @@ class Gem::Specification < Gem::BasicSpecification
-
- private_constant :LOAD_CACHE if defined? private_constant
-
-+ VALID_NAME_PATTERN = /\A[a-zA-Z0-9\.\-\_]+\z/ # :nodoc:
-+
- # :startdoc:
-
- ##
-@@ -2477,9 +2479,15 @@ class Gem::Specification < Gem::BasicSpecification
- end
- end
-
-- unless String === name then
-+ if !name.is_a?(String) then
- raise Gem::InvalidSpecificationException,
-- "invalid value for attribute name: \"#{name.inspect}\""
-+ "invalid value for attribute name: \"#{name.inspect}\" must be a string"
-+ elsif name !~ /[a-zA-Z]/ then
-+ raise Gem::InvalidSpecificationException,
-+ "invalid value for attribute name: #{name.dump} must include at least one letter"
-+ elsif name !~ VALID_NAME_PATTERN then
-+ raise Gem::InvalidSpecificationException,
-+ "invalid value for attribute name: #{name.dump} can only include letters, numbers, dashes, and underscores"
- end
-
- if raw_require_paths.empty? then
-diff --git lib/rubygems/text.rb lib/rubygems/text.rb
-index 5c9287ad2e..86a722ffc0 100644
---- ruby-2.2.7/lib/rubygems/text.rb
-+++ ruby-2.2.7/lib/rubygems/text.rb
-@@ -5,13 +5,26 @@ require 'rubygems'
-
- module Gem::Text
-
-+ ##
-+ # Remove any non-printable characters and make the text suitable for
-+ # printing.
-+ def clean_text(text)
-+ text.gsub(/[\000-\b\v-\f\016-\037\177]/, ".".freeze)
-+ end
-+
-+ def truncate_text(text, description, max_length = 100_000)
-+ raise ArgumentError, "max_length must be positive" unless max_length > 0
-+ return text if text.size <= max_length
-+ "Truncating #{description} to #{max_length.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse} characters:\n" + text[0, max_length]
-+ end
-+
- ##
- # Wraps +text+ to +wrap+ characters and optionally indents by +indent+
- # characters
-
- def format_text(text, wrap, indent=0)
- result = []
-- work = text.dup
-+ work = clean_text(text)
-
- while work.length > wrap do
- if work =~ /^(.{0,#{wrap}})[ \n]/ then
-diff --git test/rubygems/test_gem_commands_query_command.rb test/rubygems/test_gem_commands_query_command.rb
-index 43fa82571d..ccd2621874 100644
---- ruby-2.2.7/test/rubygems/test_gem_commands_query_command.rb
-+++ ruby-2.2.7/test/rubygems/test_gem_commands_query_command.rb
-@@ -147,6 +147,86 @@ a (2)
- This is a lot of text. This is a lot of text. This is a lot of text.
- This is a lot of text.
-
-+pl (1)
-+ Platform: i386-linux
-+ Author: A User
-+ Homepage: http://example.com
-+
-+ this is a summary
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
-+ def test_execute_details_cleans_text
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'a', 2 do |s|
-+ s.summary = 'This is a lot of text. ' * 4
-+ s.authors = ["Abraham Lincoln \x01", "\x02 Hirohito"]
-+ s.homepage = "http://a.example.com/\x03"
-+ end
-+
-+ fetcher.legacy_platform
-+ end
-+
-+ @cmd.handle_options %w[-r -d]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** REMOTE GEMS ***
-+
-+a (2)
-+ Authors: Abraham Lincoln ., . Hirohito
-+ Homepage: http://a.example.com/.
-+
-+ This is a lot of text. This is a lot of text. This is a lot of text.
-+ This is a lot of text.
-+
-+pl (1)
-+ Platform: i386-linux
-+ Author: A User
-+ Homepage: http://example.com
-+
-+ this is a summary
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
-+ def test_execute_details_truncates_summary
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'a', 2 do |s|
-+ s.summary = 'This is a lot of text. ' * 10_000
-+ s.authors = ["Abraham Lincoln \x01", "\x02 Hirohito"]
-+ s.homepage = "http://a.example.com/\x03"
-+ end
-+
-+ fetcher.legacy_platform
-+ end
-+
-+ @cmd.handle_options %w[-r -d]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** REMOTE GEMS ***
-+
-+a (2)
-+ Authors: Abraham Lincoln ., . Hirohito
-+ Homepage: http://a.example.com/.
-+
-+ Truncating the summary for a-2 to 100,000 characters:
-+#{" This is a lot of text. This is a lot of text. This is a lot of text.\n" * 1449} This is a lot of te
-+
- pl (1)
- Platform: i386-linux
- Author: A User
-diff --git test/rubygems/test_gem_installer.rb test/rubygems/test_gem_installer.rb
-index 6f8012feb8..aba73af181 100644
---- ruby-2.2.7/test/rubygems/test_gem_installer.rb
-+++ ruby-2.2.7/test/rubygems/test_gem_installer.rb
-@@ -1214,6 +1214,26 @@ gem 'other', version
- end
- end
-
-+ def test_pre_install_checks_malicious_name
-+ spec = util_spec '../malicious', '1'
-+ def spec.full_name # so the spec is buildable
-+ "malicious-1"
-+ end
-+ def spec.validate; end
-+
-+ util_build_gem spec
-+
-+ gem = File.join(@gemhome, 'cache', spec.file_name)
-+
-+ use_ui @ui do
-+ @installer = Gem::Installer.at gem
-+ e = assert_raises Gem::InstallError do
-+ @installer.pre_install_checks
-+ end
-+ assert_equal '#<Gem::Specification name=../malicious version=1> has an invalid name', e.message
-+ end
-+ end
-+
- def test_shebang
- util_make_exec @spec, "#!/usr/bin/ruby"
-
-diff --git test/rubygems/test_gem_remote_fetcher.rb test/rubygems/test_gem_remote_fetcher.rb
-index 63dd8feb38..ca4627810b 100644
---- ruby-2.2.7/test/rubygems/test_gem_remote_fetcher.rb
-+++ ruby-2.2.7/test/rubygems/test_gem_remote_fetcher.rb
-@@ -181,6 +181,21 @@ gems:
- dns.verify
- end
-
-+ def test_api_endpoint_ignores_trans_domain_values_that_end_with_original_in_path
-+ uri = URI.parse "http://example.com/foo"
-+ target = MiniTest::Mock.new
-+ target.expect :target, "evil.com/a.example.com"
-+
-+ dns = MiniTest::Mock.new
-+ dns.expect :getresource, target, [String, Object]
-+
-+ fetch = Gem::RemoteFetcher.new nil, dns
-+ assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri)
-+
-+ target.verify
-+ dns.verify
-+ end
-+
- def test_api_endpoint_ignores_trans_domain_values
- uri = URI.parse "http://gems.example.com/foo"
- target = MiniTest::Mock.new
-diff --git test/rubygems/test_gem_specification.rb test/rubygems/test_gem_specification.rb
-index 3cadc55d5d..4f7076a03a 100644
---- ruby-2.2.7/test/rubygems/test_gem_specification.rb
-+++ ruby-2.2.7/test/rubygems/test_gem_specification.rb
-@@ -2610,7 +2610,37 @@ http://opensource.org/licenses/alphabetical
- @a1.validate
- end
-
-- assert_equal 'invalid value for attribute name: ":json"', e.message
-+ assert_equal 'invalid value for attribute name: ":json" must be a string', e.message
-+
-+ @a1.name = []
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"[]\" must be a string", e.message
-+
-+ @a1.name = ""
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"\" must include at least one letter", e.message
-+
-+ @a1.name = "12345"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"12345\" must include at least one letter", e.message
-+
-+ @a1.name = "../malicious"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"../malicious\" can only include letters, numbers, dashes, and underscores", e.message
-+
-+ @a1.name = "\ba\t"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"\\ba\\t\" can only include letters, numbers, dashes, and underscores", e.message
- end
-
- def test_validate_non_nil
-diff --git test/rubygems/test_gem_text.rb test/rubygems/test_gem_text.rb
-index e5cfc41e61..9b270b481b 100644
---- ruby-2.2.7/test/rubygems/test_gem_text.rb
-+++ ruby-2.2.7/test/rubygems/test_gem_text.rb
-@@ -35,6 +35,10 @@ Without the wrapping, the text might not look good in the RSS feed.
- assert_equal expected, format_text(text, 78)
- end
-
-+ def test_format_removes_nonprintable_characters
-+ assert_equal "text with weird .. stuff .", format_text("text with weird \x1b\x02 stuff \x7f", 40)
-+ end
-+
- def test_min3
- assert_equal 1, min3(1, 1, 1)
- assert_equal 1, min3(1, 1, 2)
-@@ -71,4 +75,11 @@ Without the wrapping, the text might not look good in the RSS feed.
- assert_equal 7, levenshtein_distance("xxxxxxx", "ZenTest")
- assert_equal 7, levenshtein_distance("zentest", "xxxxxxx")
- end
-+
-+ def test_truncate_text
-+ assert_equal "abc", truncate_text("abc", "desc")
-+ assert_equal "Truncating desc to 2 characters:\nab", truncate_text("abc", "desc", 2)
-+ s = "ab" * 500_001
-+ assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000)
-+ end
- end
diff --git a/gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch b/gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch
deleted file mode 100644
index 8f4758293e..0000000000
--- a/gnu/packages/patches/ruby-2.3.4-rubygems-2613-ruby23.patch
+++ /dev/null
@@ -1,355 +0,0 @@
-diff --git lib/rubygems.rb lib/rubygems.rb
-index 04031c765c..9c0219ce06 100644
---- ruby-2.3.4/lib/rubygems.rb
-+++ ruby-2.3.4/lib/rubygems.rb
-@@ -10,7 +10,7 @@
- require 'thread'
-
- module Gem
-- VERSION = '2.5.2'
-+ VERSION = '2.5.2.1'
- end
-
- # Must be first since it unloads the prelude from 1.9.2
-diff --git lib/rubygems/commands/query_command.rb lib/rubygems/commands/query_command.rb
-index d6196b44ed..61e9808860 100644
---- ruby-2.3.4/lib/rubygems/commands/query_command.rb
-+++ ruby-2.3.4/lib/rubygems/commands/query_command.rb
-@@ -226,7 +226,7 @@ def output_versions output, versions
- end
- end
-
-- output << make_entry(matching_tuples, platforms)
-+ output << clean_text(make_entry(matching_tuples, platforms))
- end
- end
-
-@@ -344,7 +344,8 @@ def spec_platforms entry, platforms
- end
-
- def spec_summary entry, spec
-- entry << "\n\n" << format_text(spec.summary, 68, 4)
-+ summary = truncate_text(spec.summary, "the summary for #{spec.full_name}")
-+ entry << "\n\n" << format_text(summary, 68, 4)
- end
-
- end
-diff --git lib/rubygems/installer.rb lib/rubygems/installer.rb
-index 85358e0d1a..709b77d126 100644
---- ruby-2.3.4/lib/rubygems/installer.rb
-+++ ruby-2.3.4/lib/rubygems/installer.rb
-@@ -693,6 +693,11 @@ def verify_gem_home(unpack = false) # :nodoc:
- unpack or File.writable?(gem_home)
- end
-
-+ def verify_spec_name
-+ return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN
-+ raise Gem::InstallError, "#{spec} has an invalid name"
-+ end
-+
- ##
- # Return the text for an application file.
-
-@@ -812,6 +817,8 @@ def pre_install_checks
-
- ensure_loadable_spec
-
-+ verify_spec_name
-+
- if options[:install_as_default]
- Gem.ensure_default_gem_subdirectories gem_home
- else
-diff --git lib/rubygems/remote_fetcher.rb lib/rubygems/remote_fetcher.rb
-index fda1e067ef..254bebfadf 100644
---- ruby-2.3.4/lib/rubygems/remote_fetcher.rb
-+++ ruby-2.3.4/lib/rubygems/remote_fetcher.rb
-@@ -104,7 +104,7 @@ def api_endpoint(uri)
- else
- target = res.target.to_s.strip
-
-- if /\.#{Regexp.quote(host)}\z/ =~ target
-+ if URI("http://" + target).host.end_with?(".#{host}")
- return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
- end
-
-diff --git lib/rubygems/specification.rb lib/rubygems/specification.rb
-index 8e2557cdb2..dd4fde1776 100644
---- ruby-2.3.4/lib/rubygems/specification.rb
-+++ ruby-2.3.4/lib/rubygems/specification.rb
-@@ -108,6 +108,8 @@ class Gem::Specification < Gem::BasicSpecification
-
- private_constant :LOAD_CACHE if defined? private_constant
-
-+ VALID_NAME_PATTERN = /\A[a-zA-Z0-9\.\-\_]+\z/ # :nodoc:
-+
- # :startdoc:
-
- ##
-@@ -2665,9 +2667,15 @@ def validate packaging = true
- end
- end
-
-- unless String === name then
-+ if !name.is_a?(String) then
- raise Gem::InvalidSpecificationException,
-- "invalid value for attribute name: \"#{name.inspect}\""
-+ "invalid value for attribute name: \"#{name.inspect}\" must be a string"
-+ elsif name !~ /[a-zA-Z]/ then
-+ raise Gem::InvalidSpecificationException,
-+ "invalid value for attribute name: #{name.dump} must include at least one letter"
-+ elsif name !~ VALID_NAME_PATTERN then
-+ raise Gem::InvalidSpecificationException,
-+ "invalid value for attribute name: #{name.dump} can only include letters, numbers, dashes, and underscores"
- end
-
- if raw_require_paths.empty? then
-diff --git lib/rubygems/text.rb lib/rubygems/text.rb
-index 732f1b99f2..b944b62c27 100644
---- ruby-2.3.4/lib/rubygems/text.rb
-+++ ruby-2.3.4/lib/rubygems/text.rb
-@@ -6,13 +6,26 @@
-
- module Gem::Text
-
-+ ##
-+ # Remove any non-printable characters and make the text suitable for
-+ # printing.
-+ def clean_text(text)
-+ text.gsub(/[\000-\b\v-\f\016-\037\177]/, ".".freeze)
-+ end
-+
-+ def truncate_text(text, description, max_length = 100_000)
-+ raise ArgumentError, "max_length must be positive" unless max_length > 0
-+ return text if text.size <= max_length
-+ "Truncating #{description} to #{max_length.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse} characters:\n" + text[0, max_length]
-+ end
-+
- ##
- # Wraps +text+ to +wrap+ characters and optionally indents by +indent+
- # characters
-
- def format_text(text, wrap, indent=0)
- result = []
-- work = text.dup
-+ work = clean_text(text)
-
- while work.length > wrap do
- if work =~ /^(.{0,#{wrap}})[ \n]/ then
-diff --git test/rubygems/test_gem_commands_query_command.rb test/rubygems/test_gem_commands_query_command.rb
-index 78c15a1770..9ec715492f 100644
---- ruby-2.3.4/test/rubygems/test_gem_commands_query_command.rb
-+++ ruby-2.3.4/test/rubygems/test_gem_commands_query_command.rb
-@@ -116,6 +116,86 @@ def test_execute_details
- This is a lot of text. This is a lot of text. This is a lot of text.
- This is a lot of text.
-
-+pl (1)
-+ Platform: i386-linux
-+ Author: A User
-+ Homepage: http://example.com
-+
-+ this is a summary
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
-+ def test_execute_details_cleans_text
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'a', 2 do |s|
-+ s.summary = 'This is a lot of text. ' * 4
-+ s.authors = ["Abraham Lincoln \x01", "\x02 Hirohito"]
-+ s.homepage = "http://a.example.com/\x03"
-+ end
-+
-+ fetcher.legacy_platform
-+ end
-+
-+ @cmd.handle_options %w[-r -d]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** REMOTE GEMS ***
-+
-+a (2)
-+ Authors: Abraham Lincoln ., . Hirohito
-+ Homepage: http://a.example.com/.
-+
-+ This is a lot of text. This is a lot of text. This is a lot of text.
-+ This is a lot of text.
-+
-+pl (1)
-+ Platform: i386-linux
-+ Author: A User
-+ Homepage: http://example.com
-+
-+ this is a summary
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
-+ def test_execute_details_truncates_summary
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'a', 2 do |s|
-+ s.summary = 'This is a lot of text. ' * 10_000
-+ s.authors = ["Abraham Lincoln \x01", "\x02 Hirohito"]
-+ s.homepage = "http://a.example.com/\x03"
-+ end
-+
-+ fetcher.legacy_platform
-+ end
-+
-+ @cmd.handle_options %w[-r -d]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** REMOTE GEMS ***
-+
-+a (2)
-+ Authors: Abraham Lincoln ., . Hirohito
-+ Homepage: http://a.example.com/.
-+
-+ Truncating the summary for a-2 to 100,000 characters:
-+#{" This is a lot of text. This is a lot of text. This is a lot of text.\n" * 1449} This is a lot of te
-+
- pl (1)
- Platform: i386-linux
- Author: A User
-diff --git test/rubygems/test_gem_installer.rb test/rubygems/test_gem_installer.rb
-index 5ec71d0a01..1092a0c68f 100644
---- ruby-2.3.4/test/rubygems/test_gem_installer.rb
-+++ ruby-2.3.4/test/rubygems/test_gem_installer.rb
-@@ -1227,6 +1227,26 @@ def test_pre_install_checks_wrong_rubygems_version
- end
- end
-
-+ def test_pre_install_checks_malicious_name
-+ spec = util_spec '../malicious', '1'
-+ def spec.full_name # so the spec is buildable
-+ "malicious-1"
-+ end
-+ def spec.validate; end
-+
-+ util_build_gem spec
-+
-+ gem = File.join(@gemhome, 'cache', spec.file_name)
-+
-+ use_ui @ui do
-+ @installer = Gem::Installer.at gem
-+ e = assert_raises Gem::InstallError do
-+ @installer.pre_install_checks
-+ end
-+ assert_equal '#<Gem::Specification name=../malicious version=1> has an invalid name', e.message
-+ end
-+ end
-+
- def test_shebang
- util_make_exec @spec, "#!/usr/bin/ruby"
-
-diff --git test/rubygems/test_gem_remote_fetcher.rb test/rubygems/test_gem_remote_fetcher.rb
-index 49b6b6656c..a3919c8ef2 100644
---- ruby-2.3.4/test/rubygems/test_gem_remote_fetcher.rb
-+++ ruby-2.3.4/test/rubygems/test_gem_remote_fetcher.rb
-@@ -253,6 +253,21 @@ def test_api_endpoint_ignores_trans_domain_values_that_end_with_original
- dns.verify
- end
-
-+ def test_api_endpoint_ignores_trans_domain_values_that_end_with_original_in_path
-+ uri = URI.parse "http://example.com/foo"
-+ target = MiniTest::Mock.new
-+ target.expect :target, "evil.com/a.example.com"
-+
-+ dns = MiniTest::Mock.new
-+ dns.expect :getresource, target, [String, Object]
-+
-+ fetch = Gem::RemoteFetcher.new nil, dns
-+ assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri)
-+
-+ target.verify
-+ dns.verify
-+ end
-+
- def test_api_endpoint_timeout_warning
- uri = URI.parse "http://gems.example.com/foo"
-
-diff --git test/rubygems/test_gem_specification.rb test/rubygems/test_gem_specification.rb
-index bc1c8d2ca7..9a49bbbf59 100644
---- ruby-2.3.4/test/rubygems/test_gem_specification.rb
-+++ ruby-2.3.4/test/rubygems/test_gem_specification.rb
-@@ -2974,7 +2974,37 @@ def test_validate_name
- @a1.validate
- end
-
-- assert_equal 'invalid value for attribute name: ":json"', e.message
-+ assert_equal 'invalid value for attribute name: ":json" must be a string', e.message
-+
-+ @a1.name = []
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"[]\" must be a string", e.message
-+
-+ @a1.name = ""
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"\" must include at least one letter", e.message
-+
-+ @a1.name = "12345"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"12345\" must include at least one letter", e.message
-+
-+ @a1.name = "../malicious"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"../malicious\" can only include letters, numbers, dashes, and underscores", e.message
-+
-+ @a1.name = "\ba\t"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"\\ba\\t\" can only include letters, numbers, dashes, and underscores", e.message
- end
-
- def test_validate_non_nil
-diff --git test/rubygems/test_gem_text.rb test/rubygems/test_gem_text.rb
-index a6e22e04da..04f3f605e8 100644
---- ruby-2.3.4/test/rubygems/test_gem_text.rb
-+++ ruby-2.3.4/test/rubygems/test_gem_text.rb
-@@ -36,6 +36,10 @@ def test_format_text_trailing # for two spaces after .
- assert_equal expected, format_text(text, 78)
- end
-
-+ def test_format_removes_nonprintable_characters
-+ assert_equal "text with weird .. stuff .", format_text("text with weird \x1b\x02 stuff \x7f", 40)
-+ end
-+
- def test_min3
- assert_equal 1, min3(1, 1, 1)
- assert_equal 1, min3(1, 1, 2)
-@@ -74,4 +78,11 @@ def test_levenshtein_distance_replace
- assert_equal 7, levenshtein_distance("xxxxxxx", "ZenTest")
- assert_equal 7, levenshtein_distance("zentest", "xxxxxxx")
- end
-+
-+ def test_truncate_text
-+ assert_equal "abc", truncate_text("abc", "desc")
-+ assert_equal "Truncating desc to 2 characters:\nab", truncate_text("abc", "desc", 2)
-+ s = "ab" * 500_001
-+ assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000)
-+ end
- end
diff --git a/gnu/packages/patches/ruby-rubygems-2612-ruby24.patch b/gnu/packages/patches/ruby-rubygems-2612-ruby24.patch
deleted file mode 100644
index 8ee32c0c6e..0000000000
--- a/gnu/packages/patches/ruby-rubygems-2612-ruby24.patch
+++ /dev/null
@@ -1,437 +0,0 @@
-diff --git lib/rubygems.rb lib/rubygems.rb
-index 5cd1a4c47a..bc5bf9b4c2 100644
---- ruby-2.4.1/lib/rubygems.rb
-+++ ruby-2.4.1/lib/rubygems.rb
-@@ -10,7 +10,7 @@
- require 'thread'
-
- module Gem
-- VERSION = "2.6.11"
-+ VERSION = "2.6.12"
- end
-
- # Must be first since it unloads the prelude from 1.9.2
-@@ -234,6 +234,7 @@ def self.needs
-
- def self.finish_resolve(request_set=Gem::RequestSet.new)
- request_set.import Gem::Specification.unresolved_deps.values
-+ request_set.import Gem.loaded_specs.values.map {|s| Gem::Dependency.new(s.name, s.version) }
-
- request_set.resolve_current.each do |s|
- s.full_spec.activate
-diff --git lib/rubygems/commands/open_command.rb lib/rubygems/commands/open_command.rb
-index a89b7421e3..059635e835 100644
---- ruby-2.4.1/lib/rubygems/commands/open_command.rb
-+++ ruby-2.4.1/lib/rubygems/commands/open_command.rb
-@@ -72,7 +72,7 @@ def open_editor path
- end
-
- def spec_for name
-- spec = Gem::Specification.find_all_by_name(name, @version).last
-+ spec = Gem::Specification.find_all_by_name(name, @version).first
-
- return spec if spec
-
-diff --git lib/rubygems/commands/query_command.rb lib/rubygems/commands/query_command.rb
-index f25d120b88..70f8127292 100644
---- ruby-2.4.1/lib/rubygems/commands/query_command.rb
-+++ ruby-2.4.1/lib/rubygems/commands/query_command.rb
-@@ -86,7 +86,7 @@ def execute
- name = Array(options[:name])
- else
- args = options[:args].to_a
-- name = options[:exact] ? args : args.map{|arg| /#{arg}/i }
-+ name = options[:exact] ? args.map{|arg| /\A#{Regexp.escape(arg)}\Z/ } : args.map{|arg| /#{arg}/i }
- end
-
- prerelease = options[:prerelease]
-diff --git lib/rubygems/commands/sources_command.rb lib/rubygems/commands/sources_command.rb
-index 9832afd214..7e46963a4c 100644
---- ruby-2.4.1/lib/rubygems/commands/sources_command.rb
-+++ ruby-2.4.1/lib/rubygems/commands/sources_command.rb
-@@ -44,7 +44,7 @@ def add_source source_uri # :nodoc:
- source = Gem::Source.new source_uri
-
- begin
-- if Gem.sources.include? source_uri then
-+ if Gem.sources.include? source then
- say "source #{source_uri} already present in the cache"
- else
- source.load_specs :released
-diff --git lib/rubygems/dependency_list.rb lib/rubygems/dependency_list.rb
-index 35fe7c4c1a..d8314eaf60 100644
---- ruby-2.4.1/lib/rubygems/dependency_list.rb
-+++ ruby-2.4.1/lib/rubygems/dependency_list.rb
-@@ -104,7 +104,7 @@ def find_name(full_name)
- end
-
- def inspect # :nodoc:
-- "#<%s:0x%x %p>" % [self.class, object_id, map { |s| s.full_name }]
-+ "%s %p>" % [super[0..-2], map { |s| s.full_name }]
- end
-
- ##
-diff --git lib/rubygems/installer.rb lib/rubygems/installer.rb
-index f4d3e728de..967543c2d1 100644
---- ruby-2.4.1/lib/rubygems/installer.rb
-+++ ruby-2.4.1/lib/rubygems/installer.rb
-@@ -214,7 +214,7 @@ def check_executable_overwrite filename # :nodoc:
-
- ruby_executable = true
- existing = io.read.slice(%r{
-- ^(
-+ ^\s*(
- gem \s |
- load \s Gem\.bin_path\( |
- load \s Gem\.activate_bin_path\(
-@@ -701,6 +701,8 @@ def verify_gem_home(unpack = false) # :nodoc:
- # Return the text for an application file.
-
- def app_script_text(bin_file_name)
-+ # note that the `load` lines cannot be indented, as old RG versions match
-+ # against the beginning of the line
- return <<-TEXT
- #{shebang bin_file_name}
- #
-@@ -723,7 +725,12 @@ def app_script_text(bin_file_name)
- end
- end
-
-+if Gem.respond_to?(:activate_bin_path)
- load Gem.activate_bin_path('#{spec.name}', '#{bin_file_name}', version)
-+else
-+gem #{spec.name.dump}, version
-+load Gem.bin_path(#{spec.name.dump}, #{bin_file_name.dump}, version)
-+end
- TEXT
- end
-
-diff --git lib/rubygems/platform.rb lib/rubygems/platform.rb
-index d22d91ae54..2dd9ed5782 100644
---- ruby-2.4.1/lib/rubygems/platform.rb
-+++ ruby-2.4.1/lib/rubygems/platform.rb
-@@ -112,7 +112,7 @@ def initialize(arch)
- end
-
- def inspect
-- "#<%s:0x%x @cpu=%p, @os=%p, @version=%p>" % [self.class, object_id, *to_a]
-+ "%s @cpu=%p, @os=%p, @version=%p>" % [super[0..-2], *to_a]
- end
-
- def to_a
-diff --git lib/rubygems/security.rb lib/rubygems/security.rb
-index 119d6d56f7..6963ca156f 100644
---- ruby-2.4.1/lib/rubygems/security.rb
-+++ ruby-2.4.1/lib/rubygems/security.rb
-@@ -455,7 +455,7 @@ def self.create_cert_self_signed subject, key, age = ONE_YEAR,
-
- ##
- # Creates a new key pair of the specified +length+ and +algorithm+. The
-- # default is a 2048 bit RSA key.
-+ # default is a 3072 bit RSA key.
-
- def self.create_key length = KEY_LENGTH, algorithm = KEY_ALGORITHM
- algorithm.new length
-diff --git lib/rubygems/server.rb lib/rubygems/server.rb
-index 81df0e608e..df4eb566d3 100644
---- ruby-2.4.1/lib/rubygems/server.rb
-+++ ruby-2.4.1/lib/rubygems/server.rb
-@@ -657,7 +657,7 @@ def root(req, res)
- "only_one_executable" => true,
- "full_name" => "rubygems-#{Gem::VERSION}",
- "has_deps" => false,
-- "homepage" => "http://docs.rubygems.org/",
-+ "homepage" => "http://guides.rubygems.org/",
- "name" => 'rubygems',
- "ri_installed" => true,
- "summary" => "RubyGems itself",
-diff --git lib/rubygems/specification.rb lib/rubygems/specification.rb
-index a2f289d162..500f0af768 100644
---- ruby-2.4.1/lib/rubygems/specification.rb
-+++ ruby-2.4.1/lib/rubygems/specification.rb
-@@ -2105,7 +2105,7 @@ def inspect # :nodoc:
- if $DEBUG
- super
- else
-- "#<#{self.class}:0x#{__id__.to_s(16)} #{full_name}>"
-+ "#{super[0..-2]} #{full_name}>"
- end
- end
-
-diff --git lib/rubygems/test_case.rb lib/rubygems/test_case.rb
-index 86b68e1efb..4e48f1eb4c 100644
---- ruby-2.4.1/lib/rubygems/test_case.rb
-+++ ruby-2.4.1/lib/rubygems/test_case.rb
-@@ -484,7 +484,7 @@ def git_gem name = 'a', version = 1
-
- system @git, 'add', gemspec
- system @git, 'commit', '-a', '-m', 'a non-empty commit message', '--quiet'
-- head = Gem::Util.popen('git', 'rev-parse', 'master').strip
-+ head = Gem::Util.popen(@git, 'rev-parse', 'master').strip
- end
-
- return name, git_spec.version, directory, head
-@@ -1498,6 +1498,8 @@ def self.key_path key_name
- begin
- gem 'rdoc'
- require 'rdoc'
-+
-+ require 'rubygems/rdoc'
- rescue LoadError, Gem::LoadError
- end
-
-@@ -1514,3 +1516,4 @@ def self.key_path key_name
- pid = $$
- END {tmpdirs.each {|dir| Dir.rmdir(dir)} if $$ == pid}
- Gem.clear_paths
-+Gem.loaded_specs.clear
-diff --git test/rubygems/test_gem.rb test/rubygems/test_gem.rb
-index a605f9cdfe..62b36dfd41 100644
---- ruby-2.4.1/test/rubygems/test_gem.rb
-+++ ruby-2.4.1/test/rubygems/test_gem.rb
-@@ -75,6 +75,29 @@ def test_self_finish_resolve_wtf
- end
- end
-
-+ def test_self_finish_resolve_respects_loaded_specs
-+ save_loaded_features do
-+ a1 = new_spec "a", "1", "b" => "> 0"
-+ b1 = new_spec "b", "1", "c" => ">= 1"
-+ b2 = new_spec "b", "2", "c" => ">= 2"
-+ c1 = new_spec "c", "1"
-+ c2 = new_spec "c", "2"
-+
-+ install_specs c1, c2, b1, b2, a1
-+
-+ a1.activate
-+ c1.activate
-+
-+ assert_equal %w(a-1 c-1), loaded_spec_names
-+ assert_equal ["b (> 0)"], unresolved_names
-+
-+ Gem.finish_resolve
-+
-+ assert_equal %w(a-1 b-1 c-1), loaded_spec_names
-+ assert_equal [], unresolved_names
-+ end
-+ end
-+
- def test_self_install
- spec_fetcher do |f|
- f.gem 'a', 1
-@@ -492,7 +515,7 @@ def test_self_find_files_with_gemfile
- skip if RUBY_VERSION <= "1.8.7"
-
- cwd = File.expand_path("test/rubygems", @@project_dir)
-- $LOAD_PATH.unshift cwd
-+ actual_load_path = $LOAD_PATH.unshift(cwd).dup
-
- discover_path = File.join 'lib', 'sff', 'discover.rb'
-
-@@ -518,12 +541,12 @@ def test_self_find_files_with_gemfile
- expected = [
- File.expand_path('test/rubygems/sff/discover.rb', @@project_dir),
- File.join(foo1.full_gem_path, discover_path)
-- ]
-+ ].sort
-
-- assert_equal expected, Gem.find_files('sff/discover')
-- assert_equal expected, Gem.find_files('sff/**.rb'), '[ruby-core:31730]'
-+ assert_equal expected, Gem.find_files('sff/discover').sort
-+ assert_equal expected, Gem.find_files('sff/**.rb').sort, '[ruby-core:31730]'
- ensure
-- assert_equal cwd, $LOAD_PATH.shift unless RUBY_VERSION <= "1.8.7"
-+ assert_equal cwd, actual_load_path.shift unless RUBY_VERSION <= "1.8.7"
- end
-
- def test_self_find_latest_files
-diff --git test/rubygems/test_gem_commands_open_command.rb test/rubygems/test_gem_commands_open_command.rb
-index 3ec38972e6..a96fa6ea23 100644
---- ruby-2.4.1/test/rubygems/test_gem_commands_open_command.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_commands_open_command.rb
-@@ -24,7 +24,8 @@ def test_execute
- @cmd.options[:args] = %w[foo]
- @cmd.options[:editor] = "#{Gem.ruby} -e0 --"
-
-- spec = gem 'foo'
-+ gem 'foo', '1.0.0'
-+ spec = gem 'foo', '1.0.1'
- mock = MiniTest::Mock.new
- mock.expect(:call, true, [spec.full_gem_path])
-
-diff --git test/rubygems/test_gem_commands_query_command.rb test/rubygems/test_gem_commands_query_command.rb
-index 223f205b2d..d8d682b136 100644
---- ruby-2.4.1/test/rubygems/test_gem_commands_query_command.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_commands_query_command.rb
-@@ -642,7 +642,7 @@ def test_execute_local_details
- assert_equal expected, @ui.output
- end
-
-- def test_execute_exact
-+ def test_execute_exact_remote
- spec_fetcher do |fetcher|
- fetcher.spec 'coolgem-omg', 3
- fetcher.spec 'coolgem', '4.2.1'
-@@ -665,6 +665,60 @@ def test_execute_exact
- assert_equal expected, @ui.output
- end
-
-+ def test_execute_exact_local
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'coolgem-omg', 3
-+ fetcher.spec 'coolgem', '4.2.1'
-+ fetcher.spec 'wow_coolgem', 1
-+ end
-+
-+ @cmd.handle_options %w[--exact coolgem]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** LOCAL GEMS ***
-+
-+coolgem (4.2.1)
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ end
-+
-+ def test_execute_exact_multiple
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'coolgem-omg', 3
-+ fetcher.spec 'coolgem', '4.2.1'
-+ fetcher.spec 'wow_coolgem', 1
-+
-+ fetcher.spec 'othergem-omg', 3
-+ fetcher.spec 'othergem', '1.2.3'
-+ fetcher.spec 'wow_othergem', 1
-+ end
-+
-+ @cmd.handle_options %w[--exact coolgem othergem]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** LOCAL GEMS ***
-+
-+coolgem (4.2.1)
-+
-+*** LOCAL GEMS ***
-+
-+othergem (1.2.3)
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ end
-+
- private
-
- def add_gems_to_fetcher
-diff --git test/rubygems/test_gem_commands_sources_command.rb test/rubygems/test_gem_commands_sources_command.rb
-index 014b4b4c12..d5b6d99419 100644
---- ruby-2.4.1/test/rubygems/test_gem_commands_sources_command.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_commands_sources_command.rb
-@@ -108,6 +108,58 @@ def test_execute_add_redundant_source
- assert_equal '', @ui.error
- end
-
-+ def test_execute_add_redundant_source_trailing_slash
-+ # Remove pre-existing gem source (w/ slash)
-+ repo_with_slash = "http://gems.example.com/"
-+ @cmd.handle_options %W[--remove #{repo_with_slash}]
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+ source = Gem::Source.new repo_with_slash
-+ assert_equal false, Gem.sources.include?(source)
-+
-+ expected = <<-EOF
-+#{repo_with_slash} removed from sources
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+
-+ # Re-add pre-existing gem source (w/o slash)
-+ repo_without_slash = "http://gems.example.com"
-+ @cmd.handle_options %W[--add #{repo_without_slash}]
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+ source = Gem::Source.new repo_without_slash
-+ assert_equal true, Gem.sources.include?(source)
-+
-+ expected = <<-EOF
-+http://gems.example.com/ removed from sources
-+http://gems.example.com added to sources
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+
-+ # Re-add original gem source (w/ slash)
-+ @cmd.handle_options %W[--add #{repo_with_slash}]
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+ source = Gem::Source.new repo_with_slash
-+ assert_equal true, Gem.sources.include?(source)
-+
-+ expected = <<-EOF
-+http://gems.example.com/ removed from sources
-+http://gems.example.com added to sources
-+source http://gems.example.com/ already present in the cache
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
- def test_execute_add_http_rubygems_org
- http_rubygems_org = 'http://rubygems.org'
-
-diff --git test/rubygems/test_gem_installer.rb test/rubygems/test_gem_installer.rb
-index 6ceb2c6dfc..882981d344 100644
---- ruby-2.4.1/test/rubygems/test_gem_installer.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_installer.rb
-@@ -62,7 +62,12 @@ def test_app_script_text
- end
- end
-
-+if Gem.respond_to?(:activate_bin_path)
- load Gem.activate_bin_path('a', 'executable', version)
-+else
-+gem "a", version
-+load Gem.bin_path("a", "executable", version)
-+end
- EOF
-
- wrapper = @installer.app_script_text 'executable'
-diff --git test/rubygems/test_require.rb test/rubygems/test_require.rb
-index dd606e44d4..936f78fb2a 100644
---- ruby-2.4.1/test/rubygems/test_require.rb
-+++ ruby-2.4.1/test/rubygems/test_require.rb
-@@ -301,6 +301,17 @@ def test_default_gem_only
- assert_equal %w(default-2.0.0.0), loaded_spec_names
- end
-
-+ def test_realworld_default_gem
-+ skip "no default gems on ruby < 2.0" unless RUBY_VERSION >= "2"
-+ cmd = <<-RUBY
-+ $stderr = $stdout
-+ require "json"
-+ puts Gem.loaded_specs["json"].default_gem?
-+ RUBY
-+ output = Gem::Util.popen(Gem.ruby, "-e", cmd).strip
-+ assert_equal "true", output
-+ end
-+
- def test_default_gem_and_normal_gem
- default_gem_spec = new_default_spec("default", "2.0.0.0",
- nil, "default/gem.rb")
diff --git a/gnu/packages/patches/ruby-rubygems-2613-ruby24.patch b/gnu/packages/patches/ruby-rubygems-2613-ruby24.patch
deleted file mode 100644
index c253cc912d..0000000000
--- a/gnu/packages/patches/ruby-rubygems-2613-ruby24.patch
+++ /dev/null
@@ -1,355 +0,0 @@
-diff --git lib/rubygems.rb lib/rubygems.rb
-index bc5bf9b4c2..55aa85b8b2 100644
---- ruby-2.4.1/lib/rubygems.rb
-+++ ruby-2.4.1/lib/rubygems.rb
-@@ -10,7 +10,7 @@
- require 'thread'
-
- module Gem
-- VERSION = "2.6.12"
-+ VERSION = "2.6.13"
- end
-
- # Must be first since it unloads the prelude from 1.9.2
-diff --git lib/rubygems/commands/query_command.rb lib/rubygems/commands/query_command.rb
-index 70f8127292..44144203e0 100644
---- ruby-2.4.1/lib/rubygems/commands/query_command.rb
-+++ ruby-2.4.1/lib/rubygems/commands/query_command.rb
-@@ -226,7 +226,7 @@ def output_versions output, versions
- end
- end
-
-- output << make_entry(matching_tuples, platforms)
-+ output << clean_text(make_entry(matching_tuples, platforms))
- end
- end
-
-@@ -353,7 +353,8 @@ def spec_platforms entry, platforms
- end
-
- def spec_summary entry, spec
-- entry << "\n\n" << format_text(spec.summary, 68, 4)
-+ summary = truncate_text(spec.summary, "the summary for #{spec.full_name}")
-+ entry << "\n\n" << format_text(summary, 68, 4)
- end
-
- end
-diff --git lib/rubygems/installer.rb lib/rubygems/installer.rb
-index 967543c2d1..6fd3399dd4 100644
---- ruby-2.4.1/lib/rubygems/installer.rb
-+++ ruby-2.4.1/lib/rubygems/installer.rb
-@@ -697,6 +697,11 @@ def verify_gem_home(unpack = false) # :nodoc:
- unpack or File.writable?(gem_home)
- end
-
-+ def verify_spec_name
-+ return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN
-+ raise Gem::InstallError, "#{spec} has an invalid name"
-+ end
-+
- ##
- # Return the text for an application file.
-
-@@ -823,6 +828,8 @@ def pre_install_checks
-
- ensure_loadable_spec
-
-+ verify_spec_name
-+
- if options[:install_as_default]
- Gem.ensure_default_gem_subdirectories gem_home
- else
-diff --git lib/rubygems/remote_fetcher.rb lib/rubygems/remote_fetcher.rb
-index e6a13d4b8c..8f0cf0b402 100644
---- ruby-2.4.1/lib/rubygems/remote_fetcher.rb
-+++ ruby-2.4.1/lib/rubygems/remote_fetcher.rb
-@@ -110,7 +110,7 @@ def api_endpoint(uri)
- else
- target = res.target.to_s.strip
-
-- if /\.#{Regexp.quote(host)}\z/ =~ target
-+ if URI("http://" + target).host.end_with?(".#{host}")
- return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
- end
-
-diff --git lib/rubygems/specification.rb lib/rubygems/specification.rb
-index 500f0af768..88e320c05a 100644
---- ruby-2.4.1/lib/rubygems/specification.rb
-+++ ruby-2.4.1/lib/rubygems/specification.rb
-@@ -108,6 +108,8 @@ class Gem::Specification < Gem::BasicSpecification
-
- private_constant :LOAD_CACHE if defined? private_constant
-
-+ VALID_NAME_PATTERN = /\A[a-zA-Z0-9\.\-\_]+\z/ # :nodoc:
-+
- # :startdoc:
-
- ##
-@@ -2671,9 +2673,15 @@ def validate packaging = true
- end
- end
-
-- unless String === name then
-+ if !name.is_a?(String) then
- raise Gem::InvalidSpecificationException,
-- "invalid value for attribute name: \"#{name.inspect}\""
-+ "invalid value for attribute name: \"#{name.inspect}\" must be a string"
-+ elsif name !~ /[a-zA-Z]/ then
-+ raise Gem::InvalidSpecificationException,
-+ "invalid value for attribute name: #{name.dump} must include at least one letter"
-+ elsif name !~ VALID_NAME_PATTERN then
-+ raise Gem::InvalidSpecificationException,
-+ "invalid value for attribute name: #{name.dump} can only include letters, numbers, dashes, and underscores"
- end
-
- if raw_require_paths.empty? then
-diff --git lib/rubygems/text.rb lib/rubygems/text.rb
-index 732f1b99f2..b944b62c27 100644
---- ruby-2.4.1/lib/rubygems/text.rb
-+++ ruby-2.4.1/lib/rubygems/text.rb
-@@ -6,13 +6,26 @@
-
- module Gem::Text
-
-+ ##
-+ # Remove any non-printable characters and make the text suitable for
-+ # printing.
-+ def clean_text(text)
-+ text.gsub(/[\000-\b\v-\f\016-\037\177]/, ".".freeze)
-+ end
-+
-+ def truncate_text(text, description, max_length = 100_000)
-+ raise ArgumentError, "max_length must be positive" unless max_length > 0
-+ return text if text.size <= max_length
-+ "Truncating #{description} to #{max_length.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse} characters:\n" + text[0, max_length]
-+ end
-+
- ##
- # Wraps +text+ to +wrap+ characters and optionally indents by +indent+
- # characters
-
- def format_text(text, wrap, indent=0)
- result = []
-- work = text.dup
-+ work = clean_text(text)
-
- while work.length > wrap do
- if work =~ /^(.{0,#{wrap}})[ \n]/ then
-diff --git test/rubygems/test_gem_commands_query_command.rb test/rubygems/test_gem_commands_query_command.rb
-index d8d682b136..469223c6c0 100644
---- ruby-2.4.1/test/rubygems/test_gem_commands_query_command.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_commands_query_command.rb
-@@ -116,6 +116,86 @@ def test_execute_details
- This is a lot of text. This is a lot of text. This is a lot of text.
- This is a lot of text.
-
-+pl (1)
-+ Platform: i386-linux
-+ Author: A User
-+ Homepage: http://example.com
-+
-+ this is a summary
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
-+ def test_execute_details_cleans_text
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'a', 2 do |s|
-+ s.summary = 'This is a lot of text. ' * 4
-+ s.authors = ["Abraham Lincoln \x01", "\x02 Hirohito"]
-+ s.homepage = "http://a.example.com/\x03"
-+ end
-+
-+ fetcher.legacy_platform
-+ end
-+
-+ @cmd.handle_options %w[-r -d]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** REMOTE GEMS ***
-+
-+a (2)
-+ Authors: Abraham Lincoln ., . Hirohito
-+ Homepage: http://a.example.com/.
-+
-+ This is a lot of text. This is a lot of text. This is a lot of text.
-+ This is a lot of text.
-+
-+pl (1)
-+ Platform: i386-linux
-+ Author: A User
-+ Homepage: http://example.com
-+
-+ this is a summary
-+ EOF
-+
-+ assert_equal expected, @ui.output
-+ assert_equal '', @ui.error
-+ end
-+
-+ def test_execute_details_truncates_summary
-+ spec_fetcher do |fetcher|
-+ fetcher.spec 'a', 2 do |s|
-+ s.summary = 'This is a lot of text. ' * 10_000
-+ s.authors = ["Abraham Lincoln \x01", "\x02 Hirohito"]
-+ s.homepage = "http://a.example.com/\x03"
-+ end
-+
-+ fetcher.legacy_platform
-+ end
-+
-+ @cmd.handle_options %w[-r -d]
-+
-+ use_ui @ui do
-+ @cmd.execute
-+ end
-+
-+ expected = <<-EOF
-+
-+*** REMOTE GEMS ***
-+
-+a (2)
-+ Authors: Abraham Lincoln ., . Hirohito
-+ Homepage: http://a.example.com/.
-+
-+ Truncating the summary for a-2 to 100,000 characters:
-+#{" This is a lot of text. This is a lot of text. This is a lot of text.\n" * 1449} This is a lot of te
-+
- pl (1)
- Platform: i386-linux
- Author: A User
-diff --git test/rubygems/test_gem_installer.rb test/rubygems/test_gem_installer.rb
-index 882981d344..dd049214fb 100644
---- ruby-2.4.1/test/rubygems/test_gem_installer.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_installer.rb
-@@ -1448,6 +1448,26 @@ def test_pre_install_checks_wrong_rubygems_version
- end
- end
-
-+ def test_pre_install_checks_malicious_name
-+ spec = util_spec '../malicious', '1'
-+ def spec.full_name # so the spec is buildable
-+ "malicious-1"
-+ end
-+ def spec.validate; end
-+
-+ util_build_gem spec
-+
-+ gem = File.join(@gemhome, 'cache', spec.file_name)
-+
-+ use_ui @ui do
-+ @installer = Gem::Installer.at gem
-+ e = assert_raises Gem::InstallError do
-+ @installer.pre_install_checks
-+ end
-+ assert_equal '#<Gem::Specification name=../malicious version=1> has an invalid name', e.message
-+ end
-+ end
-+
- def test_shebang
- util_make_exec @spec, "#!/usr/bin/ruby"
-
-diff --git test/rubygems/test_gem_remote_fetcher.rb test/rubygems/test_gem_remote_fetcher.rb
-index cb994462cd..fbb7d89019 100644
---- ruby-2.4.1/test/rubygems/test_gem_remote_fetcher.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_remote_fetcher.rb
-@@ -241,6 +241,21 @@ def test_api_endpoint_ignores_trans_domain_values_that_end_with_original
- dns.verify
- end
-
-+ def test_api_endpoint_ignores_trans_domain_values_that_end_with_original_in_path
-+ uri = URI.parse "http://example.com/foo"
-+ target = MiniTest::Mock.new
-+ target.expect :target, "evil.com/a.example.com"
-+
-+ dns = MiniTest::Mock.new
-+ dns.expect :getresource, target, [String, Object]
-+
-+ fetch = Gem::RemoteFetcher.new nil, dns
-+ assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri)
-+
-+ target.verify
-+ dns.verify
-+ end
-+
- def test_api_endpoint_timeout_warning
- uri = URI.parse "http://gems.example.com/foo"
-
-diff --git test/rubygems/test_gem_specification.rb test/rubygems/test_gem_specification.rb
-index d43289d745..0fcc11e78f 100644
---- ruby-2.4.1/test/rubygems/test_gem_specification.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_specification.rb
-@@ -2985,7 +2985,37 @@ def test_validate_name
- @a1.validate
- end
-
-- assert_equal 'invalid value for attribute name: ":json"', e.message
-+ assert_equal 'invalid value for attribute name: ":json" must be a string', e.message
-+
-+ @a1.name = []
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"[]\" must be a string", e.message
-+
-+ @a1.name = ""
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"\" must include at least one letter", e.message
-+
-+ @a1.name = "12345"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"12345\" must include at least one letter", e.message
-+
-+ @a1.name = "../malicious"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"../malicious\" can only include letters, numbers, dashes, and underscores", e.message
-+
-+ @a1.name = "\ba\t"
-+ e = assert_raises Gem::InvalidSpecificationException do
-+ @a1.validate
-+ end
-+ assert_equal "invalid value for attribute name: \"\\ba\\t\" can only include letters, numbers, dashes, and underscores", e.message
- end
-
- def test_validate_non_nil
-diff --git test/rubygems/test_gem_text.rb test/rubygems/test_gem_text.rb
-index a6e22e04da..04f3f605e8 100644
---- ruby-2.4.1/test/rubygems/test_gem_text.rb
-+++ ruby-2.4.1/test/rubygems/test_gem_text.rb
-@@ -36,6 +36,10 @@ def test_format_text_trailing # for two spaces after .
- assert_equal expected, format_text(text, 78)
- end
-
-+ def test_format_removes_nonprintable_characters
-+ assert_equal "text with weird .. stuff .", format_text("text with weird \x1b\x02 stuff \x7f", 40)
-+ end
-+
- def test_min3
- assert_equal 1, min3(1, 1, 1)
- assert_equal 1, min3(1, 1, 2)
-@@ -74,4 +78,11 @@ def test_levenshtein_distance_replace
- assert_equal 7, levenshtein_distance("xxxxxxx", "ZenTest")
- assert_equal 7, levenshtein_distance("zentest", "xxxxxxx")
- end
-+
-+ def test_truncate_text
-+ assert_equal "abc", truncate_text("abc", "desc")
-+ assert_equal "Truncating desc to 2 characters:\nab", truncate_text("abc", "desc", 2)
-+ s = "ab" * 500_001
-+ assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000)
-+ end
- end