Merge branch 'master' into core-updates

gnu: glibc@2.22: Fix security issues.

Fixes CVE-2015-{5180,7547}, CVE-2016-{3075,3706,4429}.

* gnu/packages/base.scm (glibc@2.22)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

gnu: glibc@2.23: Fix CVE-2015-5180, CVE-2016-{3075,3706,4429}.

* gnu/packages/base.scm (glibc@2.23)[source]: Add patches.
* gnu/packages/patches/glibc-CVE-2016-3075.patch,
gnu/packages/patches/glibc-CVE-2016-3706.patch,
gnu/packages/patches/glibc-CVE-2016-4429.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.

gnu: glibc@2.24: Fix CVE-2015-5180.

* gnu/packages/base.scm (glibc@2.24)[source]: Add patch.
* gnu/packages/patches/glibc-CVE-2015-5180.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

Merge branch 'master' into core-updates

gnu: Remove glibc@2.21 and its traces.

* gnu/packages/base.scm (glibc-2.21): Remove.
* gnu/system/locale.scm (localedef-command)[maybe-version-directory]:
Remove.  Replace call with use of 'package-version'.
(single-locale-directory): Remove 'version>=' conditional.

packages: Mark 'replacement' as an "innate" field.

Suggested by Mark H Weaver
at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>.

* guix/packages.scm (<package>)[replacement]: Mark as "innate".
* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24)
(glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove
'replacement' field, which was set to #f.
* gnu/packages/commencement.scm (perl-boot0): Likewise.
* gnu/packages/fontutils.scm (graphite2/fixed): Likewise.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise.
* gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise.
* gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise.
* gnu/packages/icu4c.scm (icu4c/fixed): Likewise.
* gnu/packages/image.scm (libpng-apng): Likewise.
* gnu/packages/make-bootstrap.scm (%guile-static): Likewise.
* gnu/packages/pcre.scm (pcre/fixed): Likewise.
* gnu/packages/perl.scm (perl/fixed): Likewise.
* gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1)
(ruby-1.8): Likewise.
* gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise.
* gnu/packages/xml.scm (expat-2.2.1): Likewise.

gnu: glibc: Fix build on i686.

This is followup to 503a4df904b8d4b82caebdb17db9c5f76a952418.
Fixes <https://bugs.gnu.org/27489>.

* gnu/packages/base.scm (glibc/linux): Add
"glibc-vectorized-strcspn-guards.patch" to patches.

gnu: glibc/linux: Add patches for CVE-2017-1000366.

* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/base.scm (glibc/linux)[source](patches): Add them.
[replacement]: Remove.
(glibc-2.25-patched): Remove.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)
(glibc-locales): Remove 'replacement' field.

Merge branch 'master' into core-updates

gnu: glibc: Fix replacement on i686.

This is followup to 665d6a59161769e10b52ffcbcd5cd2db22f32681.
Fixes <https://bugs.gnu.org/27489>.

* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24, glibc-2.23)
(glibc-2.22): Add glibc-vectorized-strcspn-guards.patch to patches.
Move a comment where it belongs.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch: Swap with ...
* gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: ... this.
* gnu/packages/patches/glibc-vectorized-strcspn-guards.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.  Fix formatting.

gnu: glibc: Add mitigations for CVE-2017-1000366.

* gnu/packages/base.scm (glibc/linux)[replacement]: New field.
(glibc-2.25-patched): New variable.
(glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21)[source]: Add patches.
[replacement]: New field.
(glibc-locales)[replacement]: New field.
* gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch,
gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.

Modified-By: Mark H Weaver <mhw@netris.org>

gnu: glibc-2.22: Return #t from 'fix-pwd' phase.

Based on a patch by Efraim Flashner <efraim@flashner.co.il>.

* gnu/packages/base.scm (glibc-2.22)[arguments]: Return #t from 'fix-pwd'
phase.

gnu: glibc: Move i686 patch to source field.

This is a rewrite of changes introduced by commits
b2fd8f63679aa4f244c36fdca62f23c00b8eded9,
c2e4f14ac8cd3e1ce7f46a192ad0c9acc084b210,
441e99d433583fdf76910c3f9323f78a1d1bbaf3 and
d03b34cf190b5790ee1884ae551634f5f736f4f1.

* gnu/packages/base.scm (glibc/linux)[source]: Add i686 patch.
[arguments]: Remove conditional patch application from build phase.
[native-inputs]: Remove patch.
(glibc/hurd)[arguments]: Inherit pre-configure build phase from glibc/linux.
* gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash)[native-inputs]:
Remove patch.

gnu: Remove workaround for <https://bugs.gnu.org/26238>.

* gnu/packages/base.scm (coreutils-8.27): Remove variable.
* gnu/system.scm (%base-packages): Change back to COREUTILS.

gnu: binutils: Update to 2.28.

* gnu/packages/base.scm (binutils): Update to 2.28.
[source]<patches>: Remove upstreamed patch.
[arguments]<#:configure-flags>: Remove "--disable-werror"
* gnu/packages/patches/binutils-mips-bash-bug.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.

gnu: diffutils: Update to 3.6.

* gnu/packages/base.scm (diffutils): Update to 3.6.

Merge branch 'master' into core-updates

Merge branch 'master' into staging

gnu: glibc/hurd: Do not apply i686 patch.

This is a follow-up to commit c2e4f14ac8cd3e1ce7f46a192ad0c9acc084b210.

* gnu/packages/base.scm (glibc/hurd)[arguments]: Override pre-configure phase
with a copy that does not include the patch application.