gnu: libtar: Fix CVE-2013-4420.

* gnu/packages/compression.scm (libtar)[source]: Add patch.
* gnu/packages/patches/libtar-CVE-2013-4420.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.

This is a follow-up to 89d80159b1da81c4017b46a575c3ec5dd9a96c90.

gnu: glibc: Refer to the target kernel headers when cross-compiling.

This fixes a regression introduced in
efc4eb147512fa7a2c6d74d9b296cfc22b1ef198 whereby the build process
corresponding to 'guix build glibc --target=mips64el-linux-gnu' would
refer to the native headers instead of the target headers, leading to a
build failure:

  ../sysdeps/unix/sysv/linux/statfs64.c: In function ‘__statfs64’:
  ../sysdeps/unix/sysv/linux/statfs64.c:73:1: error: control reaches end of non-void function [-Werror=return-type]
   }
   ^

When we were using CROSS_CPATH instead of CROSS_C_INCLUDE_PATH, the
problem was hidden by the fact that CPATH corresponds to '-I' whereas
C_INCLUDE_PATH corresponds to '-isystem', and '-isystem' directories are
searched after '-I' directories.

* gnu/packages/base.scm (glibc)[arguments]: Refer to the kernel headers
from '%build-target-inputs' when cross-building.

gnu: libtar: Update to 1.2.20 [fixes CVE-2013-4397, CVE-2013-4420].

* gnu/packages/compression.scm (libtar): Update to 1.2.20.
[source]: Add Debian mirror.
[arguments]: Add 'autoconf phase.
[native-inputs]: Add autoconf, automake, libtool.
[inputs]: Add zlib.
[home-page]: Point to temporary home.

gnu: pciutils: Add kmod support.

* gnu/packages/pciutils.scm (pciutils)[inputs]: Add kmod.

gnu: pciutils: Use 'modify-phases'.

* gnu/packages/pciutils.scm (pciutils)[arguments]: Use 'modify-phases'.

gnu: pciutils: Update to 3.5.1.

* gnu/packages/pciutils.scm (pciutils): Update to 3.5.1.

gnu: rpm: Fix CVE-2014-8118.

* gnu/packages/patches/rpm-CVE-2014-8118.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/package-management.scm (rpm): Use it.

gnu: rpm: Update to 4.12.0.1.

* gnu/packages/package-management.scm (rpm): Update to 4.12.0.1.

gnu: zeromq: Update to 4.0.7 [fixes CVE-2014-9721].

* gnu/packages/networking.scm (zeromq): Update to 4.0.7.

gnu: libsodium: Update to 1.0.10.

* gnu/packages/crypto.scm (libsodium): Update to 1.0.10.

gnu: procmail: Fix CVE-2014-3618.

* gnu/packages/patches/procmail-CVE-2014-3618.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (procmail): Use it.

gnu: elfutils: Update to 0.166 [fixes CVE-2014-9447].

* gnu/packages/elf.scm (elfutils): Update to 0.166.

gnu: luajit: Update to 2.0.4.

* gnu/packages/lua.scm (luajit): Update to 2.0.4.

gnu: lua: Update to 5.2.4.

* gnu/packages/lua.scm (lua): Update to 5.2.4.

gnu: lua: Use 'modify-phases'.

* gnu/packages/lua.scm (lua)[arguments]: Use 'modify-phases'.

gnu: lua-5.1: Fix CVE-2014-5461.

* gnu/packages/lua.scm (lua-5.1)[source]: Add patch.
* gnu/packages/patches/lua-CVE-2014-5461: New file.
* gnu/local.mk (dist_patch_DATA): Add it.

gnu: retroarch: Update to 1.3.4.

* gnu/packages/games.scm (retroarch): Update to 1.3.4.

gnu: libyaml: Update to 0.1.6 [fixes CVE-2014-2525].

* gnu/packages/web.scm (libyaml): Update to 0.1.6.

services: Add urandom-seed-service.

Fixes <http://bugs.gnu.org/23605>.

* gnu/services/base.scm (urandom-seed-service): New procedure.
(%random-seed-file, urandom-seed-service-type): New variables.
(%urandom-seed-shepherd-service): New procedure.
(%base-services): Call 'urandom-seed-service'.
* doc/guix.texi (Base Services): Document it.

gnu: potrace: Update to 1.13 [fixes CVE-2013-7437].

* gnu/packages/fontutils.scm (potrace): Update to 1.13.