gnu: gd: Fix CVE-2016-8670.

* gnu/packages/patches/gd-CVE-2016-8670.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gd.scm (gd)[source]: Use it.

gnu: services sddm  Fix typo.

* gnu/services/sddm.scm: sddm-confiugration? --> sddm-configuration?

gnu: guitarix: Update to 0.35.2.

* gnu/packages/audio.scm (guitarix): Update to 0.35.2.

gnu: gx-switchless-wah-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-switchless-wah-lv2)[arguments]: Add phase
"escape-shell-commands".

gnu: gx-slow-gear-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-slow-gear-lv2)[arguments]: Add phase
"escape-shell-commands".

gnu: gx-vintage-fuzz-master-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-vintage-fuzz-master-lv2)[arguments]: Add
phase "escape-shell-commands".

gnu: gx-super-fuzz-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-super-fuzz-lv2)[arguments]: Add phase
"escape-shell-commands".

gnu: gx-voodoo-fuzz-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-voodoo-fuzz-lv2)[arguments]: Add phase
"escape-shell-commands".

gnu: gx-hyperion-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-hyperion-lv2)[arguments]: Add phase
"escape-shell-commands".

gnu: gx-saturator-lv2: Fix SSE detection.

* gnu/packages/music.scm (gx-saturator-lv2)[arguments]: Add phase
"escape-shell-commands".

grafts: 'graft-derivation' does now introduce grafts that shadow other grafts.

Partly fixes <http://bugs.gnu.org/24418>.

* guix/grafts.scm (cumulative-grafts)[graft-origin?]: New procedure.
[dependency-grafts]: Use it in new 'if' around recursive call.
* tests/grafts.scm ("graft-derivation, grafts are not shadowed"): New test.

packages: 'package-grafts' applies grafts on replacement.

Partly fixes <http://bugs.gnu.org/24418>.

* guix/packages.scm (input-graft): Compute 'new' with #:graft? #t.
(input-cross-graft): Likewise.
* tests/packages.scm ("package-grafts, indirect grafts, cross"): Comment
out.
("replacement also grafted"): New test.

gnu: libraw: Update to 0.17.2 [fixes CVE-2015-{8366,8367}].

* gnu/packages/photo.scm (libraw): Update to 0.17.2.

Signed-off-by: Leo Famulari <leo@famulari.name>

gnu: freeimage: Use 'modify-phases' syntax.

* gnu/packages/image.scm (freeimage)[arguments]: Use 'modify-phases'
syntax.

gnu: freeimage: Fix CVE-2016-5684.

* gnu/packages/image.scm (freeimage)[source]: Add patch.
* gnu/packages/patches/freeimage-CVE-2016-5684.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

gnu: mail: Add notifymuch.

* gnu/packages/mail.scm (notifymuch): New variable.

gnu: dbus: Replace with 1.10.12 [security fix].

Fixes <https://bugs.freedesktop.org/show_bug.cgi?id=98157>
"format string vulnerability processing ActivationFailure messages"

* gnu/packages/glib.scm (dbus)[replacement]: New field.
(dbus-1.10.12): New variable.

gnu: Add jack-keyboard.

* gnu/packages/music.scm (jack-keyboard): New variable.

gnu: Add gx-switchless-wah-lv2.

* gnu/packages/music.scm (gx-switchless-wah-lv2): New variable.

gnu: Add gx-slow-gear-lv2.

* gnu/packages/music.scm (gx-slow-gear-lv2): New variable.