Fix CVE-2014-2524:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524
http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00057.html

Patch copied from:
https://ftp.gnu.org/gnu/readline/readline-6.3-patches/readline63-003

			   READLINE PATCH REPORT
			   =====================

Readline-Release: 6.3
Patch-ID: readline63-003

Bug-Reported-by:
Bug-Reference-ID:
Bug-Reference-URL:

Bug-Description:

There are debugging functions in the readline release that are theoretically
exploitable as security problems.  They are not public functions, but have
global linkage.

Patch (apply with `patch -p0'):

*** ../readline-6.3/util.c	2013-09-02 13:36:12.000000000 -0400
--- util.c	2014-03-20 10:25:53.000000000 -0400
***************
*** 477,480 ****
--- 479,483 ----
  }
  
+ #if defined (DEBUG)
  #if defined (USE_VARARGS)
  static FILE *_rl_tracefp;
***************
*** 539,542 ****
--- 542,546 ----
  }
  #endif
+ #endif /* DEBUG */
ght'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=26224e09ae4f014777ced1fe10f065caf658775e'>refs</a><a class='active' href='/guix/log/tests/pack.scm'>log</a><a href='/guix/tree/tests/pack.scm?id=26224e09ae4f014777ced1fe10f065caf658775e'>tree</a><a href='/guix/commit/tests/pack.scm?id=26224e09ae4f014777ced1fe10f065caf658775e'>commit</a><a href='/guix/diff/tests/pack.scm?id=26224e09ae4f014777ced1fe10f065caf658775e'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/tests/pack.scm'>
<input type='hidden' name='id' value='26224e09ae4f014777ced1fe10f065caf658775e'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=26224e09ae4f014777ced1fe10f065caf658775e'>root</a>/<a href='/guix/log/tests?id=26224e09ae4f014777ced1fe10f065caf658775e'>tests</a>/<a href='/guix/log/tests/pack.scm?id=26224e09ae4f014777ced1fe10f065caf658775e'>pack.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/tests/pack.scm?id=26224e09ae4f014777ced1fe10f065caf658775e&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2020-07-20 23:25:09 +0200'>2020-07-20</span></td><td><a href='/guix/commit/tests/pack.scm?id=b3802495f607fd5e17c5acf0be2ee014036e2464'>pack: Build the store database under a UTF-8 locale.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://bugs.gnu.org/42389&gt;.
Reported by branjam4@gmail.com.

* guix/scripts/pack.scm (store-database)[build]: Add calls to 'setenv'
and 'setlocale'.
* tests/pack.scm ("self-contained-tarball + localstatedir, UTF-8 file
names"): New test.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2020-07-20 23:25:09 +0200'>2020-07-20</span></td><td><a href='/guix/commit/tests/pack.scm?id=181e0dddd68dc58190bd4831ea5d1ecbd420d83a'>pack: 'self-contained-tarball' runs derivation in a UTF-8local.</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/scripts/pack.scm (self-contained-tarball)
[set-utf8-locale]: New variable.
[build]: Use it.
* tests/pack.scm ("self-contained-tarball"): Use a &lt;profile&gt; record
instead of 'profile-derivation'.
</span></span></td><td>Ludovic Courtès</td></tr>