gnu: p7zip: Fix CVE-2016-9256.

* gnu/packages/compression.scm (p7zip)[source]: Add patch.
* gnu/packages/patches/p7zip-CVE-2016-9296.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

gnu: qemu: Patch CVE-2017-{2615, 5578, 5579, 5856}.

* gnu/packages/qemu.scm (qemu)[source]: Add patches.
* gnu/packages/patches/qemu-CVE-2017-2615,
gnu/packages/patches/qemu-CVE-2017-5578,
gnu/packages/patches/qemu-CVE-2017-5579,
gnu/packages/patches/qemu-CVE-2017-5856: New files.
* gnu/local.mk (dist_patch_DATA): Register them.

gnu: gst-plugins-base: Fix build on 32bit.

* gnu/packages/patches/gst-plugins-base-fix-test-on-32bit.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gstreamer.scm (gst-plugins-base)[source]: Use it.

gnu: httpd: Update to 2.4.25 [fixes CVE-2016-{0736,2161,5387,8743}].

* gnu/packages/web.scm (httpd): Update to 2.4.25.
[source]: Remove obsolete patch 'httpd-CVE-2016-8740.patch'.
* gnu/packages/patches/httpd-CVE-2016-8740.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.

gnu: libevent: Skip tests that fail on 32bit.

* gnu/packages/patches/libevent-2.1-skip-failing-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/libevent.scm (libevent)[source]: Use it.

gnu: libevent: Update to 2.1.8 [security fixes].

* gnu/packages/libevent.scm (libevent): Update to 2.1.8.
[inputs]: Change 'python-wrapper' to 'python-2'. Move 'which' to ...
[native-inputs]: ... here. New field.
(libevent-2.0): New variable.
* gnu/packages/patches/libevent-2.1-dns-tests.patch,
  gnu/packages/patches/libevent-2.0-evdns-fix-remote-stack-overread.patch
  gnu/packages/patches/libevent-2.0-evdns-fix-searching-empty-hostnames.patch
  gnu/packages/patches/libevent-2.0-evutil-fix-buffer-overflow.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[inputs]: Change 'libevent' to 'libevent-2.0'.

gnu: Add omake.

* gnu/packages/ocaml.scm (omake): New variable.
* gnu/packages/patches/omake-fix-non-determinism.patch: New file.
* gnu/local.mk (dist_patch_DATA): New patch.

gnu: Add xinetd.

* gnu/packages/web.scm (xinetd): New variable.
* gnu/packages/patches/xinetd-CVE-2013-4342.patch,
gnu/packages/patches/xinetd-fix-fd-leak.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add patches.

Signed-off-by: Leo Famulari <leo@famulari.name>

gnu: ghc-8: Update to 8.0.2.

* gnu/packages/haskell.scm (ghc-8): Update to 8.0.2.
  [arguments]: Remove #:modules, #:imported-modules and phase
  configure-testsuite.
* gnu/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch:
  New file.
* gnu/local.mk (dist_patch_DATA): Add it.

gnu: Add ldc@1.1.0-beta6.

* gnu/packages/ldc.scm (ldc-1.1.0-beta6, ldc-beta): New variables.
* gnu/packages/patches/ldc-1.1.0-disable-dmd-tests.patch: New file.
* gnu/packages/patches/ldc-1.1.0-disable-phobos-tests.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>

gnu: openjpeg: Fix CVE-2016-{9572,9573}.

* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg-2.1.2)[source]: Use it.

gnu: gnupg: Update to 2.1.18.

* gnu/packages/gnupg.scm (gnupg): Update to 2.1.18.
[source]: Remove patch.
* gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.

gnu: khal: Update to 0.9.0.

* gnu/packages/calendar.scm (khal): Update to 0.9.0
[source]: Remove obsolete patch.
* gnu/packages/patches/khal-disable-failing-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Add it.

gnu: libupnp: Update to 1.6.21.

* gnu/packages/libupnp.scm (libupnp): Update to 1.6.21.
[source]: Remove obsolete patches.
* gnu/packages/patches/libupnp-CVE-2016-6255.patch,
gnu/packages/patches/libupnp-CVE-2016-8863.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.

gnu: lcms: Fix an out-of-bounds read.

* gnu/packages/patches/lcms-fix-out-of-bounds-read.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/ghostscript.scm (lcms)[replacement]: New field.
[properties]: Specify the 'cpe-name'.
(lcms/fixed): New variable.

gnu: duplicity: Update to 0.7.11.

* gnu/packages/backup.scm (duplicity): Update to 0.7.11.
  [source]: Remove patches.
  [inputs]: Add lftp, update gnupg, remove python-2, make python2-lockfile a
  propagated input, make python2-mock a native-input.
  [propagated-inputs]: Add python2-lockfile, python2-urllib3.
  [native-inputs]: Add python2-pexpect, python2-mock.
  [arguments]: Add build phase to embed gnupg store name.
* gnu/packages/patches/duplicity-piped-password.patch: Delete it.
* gnu/packages/patches/duplicity-test_selection-tmp.patch: Delete it.
* gnu/local.mk (dist_patch_DATA): Remove patches.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>

gnu: libtiff: Fix CVE-2017-5225.

* gnu/packages/patches/libtiff-CVE-2017-5225.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.

gnu: qemu: Patch CVE-2016-10155, CVE-2017-5552.

* gnu/packages/qemu.scm (qemu)[source]: Add patches.
* gnu/packages/patches/qemu-CVE-2016-10155.patch,
gnu/packages/patches/qemu-CVE-2017-5552.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.

gnu: Add compton.

* gnu/packages/compton.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add compton.scm

Signed-off-by: Ludovic Courtès <ludo@gnu.org>

tests: Add 'nginx-service-type' test.

* gnu/tests/web.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.