branch security-updates updated (f5a9103 -> 2c9f0b0)

[Mark H. Weaver]

mhw pushed a change to branch security-updates
in repository guix.

      from  f5a9103   gnu: dbus: Incorporate "dbus-helper-search-path.patch".
      adds  89e58e8   libotr: Update to 4.1.1 [fixes CVE-2016-2851].
      adds  5adb3a4   gnu: libotr: Remove version 3.2.1.
      adds  f973342   gnu: pidgin-otr: Update to 4.0.2.
      adds  fb9ca51   gnu: simple-scan: Update to 3.19.91.
      adds  289adba   gnu: gnuplot: Use texlive-minimal instead of texlive-bin.
      adds  aad375c   gnu: statistics: Remove import of unused texlive module.
      adds  fde6060   gnu: po4a: Use texlive-minimal instead of texlive-bin.
      adds  8bcdc23   gnu: texlive: Make texlive-bin and texlive-texmf private.
      adds  bec7f35   ui: Do not call 'port-filename' on closed file ports.
      adds  204d34f   substitute: Error out on unsupported URL schemes.
      adds  ce6027b   gnu: nautilus: Don't propagate gtk+.
      adds  82f145e   gnu: custom-gcc: Delete broken or conflicting executables.
      adds  0d88031   gnu: bind-utils: Update to 9.10.3-P4 [fixes 
CVE-2016-1285, CVE-2016-1286].
      adds  2f9862f   gnu: isc-dhcp: Update bundled bind to 9.9.8-P4 [fixes 
CVE-2016-1285, CVE-2016-1286].
      adds  9b7bd1b   substitute: Add HTTPS support.
      adds  ec27843   substitute: Optimize HTTP pipelining over TLS.
      adds  c3499ad   gnu: icecat: Add several security fixes.
      adds  83820c0   gnu: obs: Update to 0.13.2.
      adds  9720651   gnu: libass: Update to 0.13.2.
      adds  1e42d8b   gnu: complexity: Update to 1.10.
      adds  1d11617   gnu: the-silver-searcher: Update to 0.31.0.
      adds  591f1d3   gnu: lcov: Update to 1.12.
      adds  34a6f4d   gnu: cppunit: Update to 1.13.2.
      adds  a232ce4   gnu: catch: Update to 1.3.5.
      adds  efa3752   gnu: openssh: Update to 7.2p2 [fixes CVE-2016-3115].
      adds  ff22f01   gnu: dropbear: Update to 2016.72 [fixes CVE-2016-3116].
      adds  9514662   gnu: Add nload.
      adds  7bf4bd0   gnu: linux-libre: Update to 4.4.5.
      adds  a0a7143   gnu: Add bioawk.
      adds  d381962   gnu: Add powwow.
      adds  cf557af   cve: Make CPE patch level part of the version string.
      adds  baacf04   doc: Suggest `guix.scm' for upstream maintainers.
      adds  ef0f0d5   gnu: vorbis-tools: Patch buffer overflow [fixes 
CVE-2015-6749].
      adds  6a25e59   cve: Read entire CVE databases for the current year and 
the past year.
      adds  66a30a3   gnu: libevent: Update to 2.0.22 [fixes CVE-2015-6525].
      adds  b5f990a   doc: Add footnote about pointing ~/.config/guix/latest at 
user's checkout
      adds  bce6f7c   gnu: openexr: Disable broken test to fix build on i686.
      adds  81a9653   gnu: webkitgtk: Update to 2.10.8 [fixes CVE-2016-1726].
      adds  0ede252   gnu: Add fluxbox.
      adds  8e755b1   gnu: mupdf: Simplify package.
      adds  dfbe56c   gnu: mupdf: Update to 1.8.
      adds  e1c644a   gnu: accountsservice: Use HTTPS URL.
      adds  9591e11   gnu: samba: Update to 4.3.6 [fixes CVE-2015-7560, 
CVE-2016-0771].
       new  2c9f0b0   Merge branch 'master' into security-updates

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 doc/contributing.texi                              |    8 +-
 doc/guix.texi                                      |   37 +-
 gnu-system.am                                      |   19 +-
 gnu/packages/admin.scm                             |    5 +-
 gnu/packages/bioinformatics.scm                    |   43 +
 gnu/packages/check.scm                             |   17 +-
 gnu/packages/code.scm                              |   14 +-
 gnu/packages/dns.scm                               |    5 +-
 gnu/packages/freedesktop.scm                       |    2 +-
 gnu/packages/games.scm                             |   25 +
 gnu/packages/gcc.scm                               |   12 +-
 gnu/packages/gettext.scm                           |    2 +-
 gnu/packages/gnome.scm                             |   27 +-
 gnu/packages/gnuzilla.scm                          |   19 +-
 gnu/packages/graphics.scm                          |   14 +
 gnu/packages/libevent.scm                          |   11 +-
 gnu/packages/linux.scm                             |    4 +-
 gnu/packages/maths.scm                             |    4 +-
 gnu/packages/messaging.scm                         |   20 +-
 gnu/packages/networking.scm                        |   23 +
 gnu/packages/patches/icecat-CVE-2015-4477.patch    |   37 +
 gnu/packages/patches/icecat-CVE-2015-7207.patch    | 1140 ++++++++++++++++++++
 .../patches/icecat-CVE-2016-1952-pt01.patch        |  356 ++++++
 .../patches/icecat-CVE-2016-1952-pt02.patch        |   58 +
 .../patches/icecat-CVE-2016-1952-pt03.patch        |   60 +
 .../patches/icecat-CVE-2016-1952-pt04.patch        |   53 +
 .../patches/icecat-CVE-2016-1952-pt05.patch        |   32 +
 .../patches/icecat-CVE-2016-1952-pt06.patch        |  103 ++
 gnu/packages/patches/icecat-CVE-2016-1954.patch    |   32 +
 gnu/packages/patches/icecat-CVE-2016-1960.patch    |   55 +
 gnu/packages/patches/icecat-CVE-2016-1961.patch    |   33 +
 gnu/packages/patches/icecat-CVE-2016-1962.patch    |  107 ++
 gnu/packages/patches/icecat-CVE-2016-1964.patch    |   54 +
 gnu/packages/patches/icecat-CVE-2016-1965.patch    |   44 +
 gnu/packages/patches/icecat-CVE-2016-1966.patch    |   36 +
 gnu/packages/patches/icecat-CVE-2016-1974.patch    |  530 +++++++++
 gnu/packages/patches/icecat-bug-1248851.patch      |   37 +
 gnu/packages/patches/mupdf-buildsystem-fix.patch   |   69 --
 .../patches/vorbis-tools-CVE-2015-6749.patch       |   44 +
 gnu/packages/pdf.scm                               |   38 +-
 gnu/packages/samba.scm                             |    5 +-
 gnu/packages/ssh.scm                               |    8 +-
 gnu/packages/statistics.scm                        |    1 -
 gnu/packages/texlive.scm                           |    4 +-
 gnu/packages/video.scm                             |    8 +-
 gnu/packages/webkit.scm                            |    6 +-
 gnu/packages/wm.scm                                |   72 ++-
 gnu/packages/xiph.scm                              |    3 +-
 guix/cve.scm                                       |   66 +-
 guix/scripts/substitute.scm                        |   43 +-
 guix/ui.scm                                        |   10 +-
 51 files changed, 3236 insertions(+), 219 deletions(-)
 create mode 100644 gnu/packages/patches/icecat-CVE-2015-4477.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2015-7207.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1954.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1960.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1961.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1962.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1964.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1965.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1966.patch
 create mode 100644 gnu/packages/patches/icecat-CVE-2016-1974.patch
 create mode 100644 gnu/packages/patches/icecat-bug-1248851.patch
 delete mode 100644 gnu/packages/patches/mupdf-buildsystem-fix.patch
 create mode 100644 gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch