gnu: procmail: Fix CVE-2014-3618.

* gnu/packages/patches/procmail-CVE-2014-3618.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (procmail): Use it.

gnu: elfutils: Update to 0.166 [fixes CVE-2014-9447].

* gnu/packages/elf.scm (elfutils): Update to 0.166.

gnu: luajit: Update to 2.0.4.

* gnu/packages/lua.scm (luajit): Update to 2.0.4.

gnu: lua: Update to 5.2.4.

* gnu/packages/lua.scm (lua): Update to 5.2.4.

gnu: lua: Use 'modify-phases'.

* gnu/packages/lua.scm (lua)[arguments]: Use 'modify-phases'.

gnu: lua-5.1: Fix CVE-2014-5461.

* gnu/packages/lua.scm (lua-5.1)[source]: Add patch.
* gnu/packages/patches/lua-CVE-2014-5461: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

gnu: retroarch: Update to 1.3.4.

* gnu/packages/games.scm (retroarch): Update to 1.3.4.

gnu: libyaml: Update to 0.1.6 [fixes CVE-2014-2525].

* gnu/packages/web.scm (libyaml): Update to 0.1.6.

services: Add urandom-seed-service.

Fixes <http://bugs.gnu.org/23605>.

* gnu/services/base.scm (urandom-seed-service): New procedure.
(%random-seed-file, urandom-seed-service-type): New variables.
(%urandom-seed-shepherd-service): New procedure.
(%base-services): Call 'urandom-seed-service'.
* doc/guix.texi (Base Services): Document it.

gnu: potrace: Update to 1.13 [fixes CVE-2013-7437].

* gnu/packages/fontutils.scm (potrace): Update to 1.13.

gnu: Add Guile-GNOME.

* gnu/packages/gtk.scm (guile-gnome): New variable.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>

gnu: Update diamond to 0.8.3.

* gnu/packages/bioinformatics.scm (diamond): Update to 0.8.3.

gnu: Add gcide.

* gnu/packages/dictionaries.scm (gcide): New variable.

gnu: wxmaxima: Wrap with GSETTINGS_SCHEMA_DIR and XDG_DATA_DIRS.

Fixes <http://bugs.gnu.org/22709> and <http://bugs.gnu.org/23260>.

* gnu/packages/math.scm (wxmaxima)[arguments]: Wrap with
GSETTINGS_SCHEMA_DIR and XDG_DATA_DIRS.

gnu: gprolog: Don't install files into "$out/gprolog-1.4.4".

* gnu/packages/gprolog.scm (gprolog)[arguments]: Pass '--with-install-dir'
to #:configure-flags.

gnu: Add wiredtiger.

* gnu/packages/database.scm (wiredtiger): New variable.

cve: Use a more compact format for the list of package/versions.

On a warm cache, "guix lint -c cve vorbis-tools" goes down
from 6.5s to 2.4s.

* guix/cve.scm (cpe->package-name): Change to return two values instead
of a pair.
(cpe->product-alist): New procedure.
(%parse-vulnerability-feed): Use it instead of 'filter-map'.
(fetch-vulnerabilities): Bump sexp format version to 1.
(vulnerabilities->lookup-proc): Adjust accordingly.  When #:version is
omitted, return a list of vulnerabilities instead of a list of
version/vulnerability pairs.
* tests/cve.scm (%expected-vulnerabilities)
("vulnerabilities->lookup-proc): Adjust accordingly.

guix package: Inherit the transformed version number.

Previously, 'guix package -i emacs --with-source=./emacs-42.tar.gz'
would fail to use "42" as the version number in the manifest entry.

Reported by piyo on #guix.

* guix/scripts/package.scm (process-actions)[transform-entry]: Inherit
the version number from the result of TRANSFORM when it's a package.
* tests/guix-package.sh: Test it.

gnu: gd: Update to 2.2.1 [fixes CVE-2015-{8874, 8877}].

* gnu/packages/patches/gd-CVE-2016-3074.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/gd.scm (gd): Update to 2.2.1.
[source]: Remove patch. Update source URL.

gnu: scrot: Add source mirror.

* gnu/packages/xdisorg.scm (scrot)[source]: Add fossies mirror.