Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package emacs24
This upload is intended to fix the SSL problems detailed in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816063
One way to see the difference is to save this code (from the bug report)
to a file test-ssl.el:
(require 'cl)
(let ((bad-hosts
(cl-loop for bad
in `("https://wrong.host.badssl.com/";
"https://self-signed.badssl.com/";)
if (condition-case e
(url-retrieve bad (lambda (retrieved) t))
(error nil))
collect bad)))
(if bad-hosts
(error (format "tls misconfigured; retrieved %s ok"
bad-hosts))
(url-retrieve "https://badssl.com";
(lambda (retrieved) t))))
and then run
emacs24 -Q -l test-ssl.el
with -8 and then -9. You should see "tls misconfigured; retrieved
... ok" without the fix.
diff -Nru emacs24-24.5+1/debian/.git-dpm emacs24-24.5+1/debian/.git-dpm
--- emacs24-24.5+1/debian/.git-dpm 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/.git-dpm 2017-04-10 18:30:21.000000000 -0500
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-95bb76711c2b6fa889d47d59b4173949e9a57200
-95bb76711c2b6fa889d47d59b4173949e9a57200
+d715dfdb5101dfbd1a83b2958ced6f3bd757ab92
+d715dfdb5101dfbd1a83b2958ced6f3bd757ab92
62bc68f777c532a970566625e315d68bf0ab4eee
62bc68f777c532a970566625e315d68bf0ab4eee
emacs24_24.5+1.orig.tar.bz2
diff -Nru emacs24-24.5+1/debian/changelog emacs24-24.5+1/debian/changelog
--- emacs24-24.5+1/debian/changelog 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/changelog 2017-04-16 10:07:37.000000000 -0500
@@ -1,3 +1,21 @@
+emacs24 (24.5+1-9) unstable; urgency=medium
+
+ * Improve gnutls security. Remove --insecure and specify a trustfile.
+ Add these upstream patches to fix the problem:
+ 0024-Remove-insecure-from-gnutls-cli-invocation.patch
+ 0025-Refactor-out-gnutls-trustfiles.patch
+ 0026-Make-tls.el-use-trustfiles-by-default.patch
+ Partially addresses #816063.
+
+ * Stop using libgnutls. Add a dependency on gnutls-cli, configure
+ --without-gnutls, and remove the corresponding build dependency so
+ the patches that were just added to improve SSL security will take
+ effect by default. Thanks to Nathaniel Smith for reporting the
+ problem and Antoine Beaupre for providing code to reproduce
+ it. (Closes: 816063)
+
+ -- Rob Browning <r...@defaultvalue.org> Sun, 16 Apr 2017 10:07:37 -0500
+
emacs24 (24.5+1-8) unstable; urgency=medium
* Configure with REL_ALLOC=no to fix crashes. Thanks to Santiago
diff -Nru emacs24-24.5+1/debian/control emacs24-24.5+1/debian/control
--- emacs24-24.5+1/debian/control 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/control 2017-04-16 10:07:37.000000000 -0500
@@ -10,7 +10,7 @@
libgpm-dev [linux-any], libdbus-1-dev,
autoconf, automake, autotools-dev, dpkg-dev (>> 1.10.0), quilt (>= 0.42),
debhelper (>= 9), libxaw7-dev, sharutils, imagemagick, libgtk-3-dev,
- libgnutls28-dev, libxml2-dev, libselinux1-dev [linux-any], libmagick++-dev,
+ libxml2-dev, libselinux1-dev [linux-any], libmagick++-dev,
libgconf2-dev, libasound2-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64],
libacl1-dev,
zlib1g-dev
@@ -92,6 +92,7 @@
Package: emacs24-bin-common
Architecture: any
Depends: emacs24-common (= ${source:Version}), ${shlibs:Depends}, ${misc:Depends}
+ gnutls-bin
Description: GNU Emacs editor's shared, architecture dependent files
GNU Emacs is the extensible self-documenting text editor.
This package contains the architecture dependent infrastructure
diff -Nru emacs24-24.5+1/debian/control.in emacs24-24.5+1/debian/control.in
--- emacs24-24.5+1/debian/control.in 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/control.in 2017-04-16 10:06:33.000000000 -0500
@@ -10,7 +10,7 @@
libgpm-dev [linux-any], libdbus-1-dev,
autoconf, automake, autotools-dev, dpkg-dev (>> 1.10.0), quilt (>= 0.42),
debhelper (>= 9), libxaw7-dev, sharutils, imagemagick, libgtk-3-dev,
- libgnutls28-dev, libxml2-dev, libselinux1-dev [linux-any], libmagick++-dev,
+ libxml2-dev, libselinux1-dev [linux-any], libmagick++-dev,
libgconf2-dev, libasound2-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64],
libacl1-dev,
zlib1g-dev
@@ -92,6 +92,7 @@
Package: @DEB_FLAVOR@-bin-common
Architecture: any
Depends: @DEB_FLAVOR@-common (= ${source:Version}), ${shlibs:Depends}, ${misc:Depends}
+ gnutls-bin
Description: GNU Emacs editor's shared, architecture dependent files
GNU Emacs is the extensible self-documenting text editor.
This package contains the architecture dependent infrastructure
diff -Nru emacs24-24.5+1/debian/patches/0001-Prefer-usr-share-info-emacs-24-over-usr-share-info.patch emacs24-24.5+1/debian/patches/0001-Prefer-usr-share-info-emacs-24-over-usr-share-info.patch
--- emacs24-24.5+1/debian/patches/0001-Prefer-usr-share-info-emacs-24-over-usr-share-info.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0001-Prefer-usr-share-info-emacs-24-over-usr-share-info.patch 2017-04-10 18:30:21.000000000 -0500
@@ -13,7 +13,7 @@
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lisp/info.el b/lisp/info.el
-index 84c0879..2e78620 100644
+index 84c0879060f..2e786208380 100644
--- a/lisp/info.el
+++ b/lisp/info.el
@@ -211,7 +211,8 @@ A header-line does not scroll with the rest of the buffer."
diff -Nru emacs24-24.5+1/debian/patches/0002-Run-debian-startup-and-set-debian-emacs-flavor.patch emacs24-24.5+1/debian/patches/0002-Run-debian-startup-and-set-debian-emacs-flavor.patch
--- emacs24-24.5+1/debian/patches/0002-Run-debian-startup-and-set-debian-emacs-flavor.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0002-Run-debian-startup-and-set-debian-emacs-flavor.patch 2017-04-10 18:30:21.000000000 -0500
@@ -15,7 +15,7 @@
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/lisp/startup.el b/lisp/startup.el
-index c0c52f1..cf7f2e3 100644
+index c0c52f11bb1..cf7f2e39044 100644
--- a/lisp/startup.el
+++ b/lisp/startup.el
@@ -436,6 +436,10 @@ as a list.")
diff -Nru emacs24-24.5+1/debian/patches/0003-Remove-files-that-appear-to-be-incompatible-with-the.patch emacs24-24.5+1/debian/patches/0003-Remove-files-that-appear-to-be-incompatible-with-the.patch
--- emacs24-24.5+1/debian/patches/0003-Remove-files-that-appear-to-be-incompatible-with-the.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0003-Remove-files-that-appear-to-be-incompatible-with-the.patch 2017-04-10 18:30:21.000000000 -0500
@@ -31,7 +31,7 @@
6 files changed, 35 insertions(+), 747 deletions(-)
diff --git a/Makefile.in b/Makefile.in
-index 4987cf6..c8e3b0e 100644
+index 4987cf6bd4c..c8e3b0e8eb8 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -147,7 +147,9 @@ man1dir=$(mandir)/man1
@@ -156,7 +156,7 @@
$(UNINSTALL_DOC):
diff --git a/admin/update_autogen b/admin/update_autogen
-index 0513d07..5b3709d 100755
+index 0513d078db1..5b3709dac2d 100755
--- a/admin/update_autogen
+++ b/admin/update_autogen
@@ -263,8 +263,7 @@ info_dir ()
@@ -170,7 +170,7 @@
## FIXME do not ignore w32 if OS is w32.
case $file in
diff --git a/build-aux/make-info-dir b/build-aux/make-info-dir
-index 5b37cd6..f63c6c67 100755
+index 5b37cd6fd0f..f63c6c672d0 100755
--- a/build-aux/make-info-dir
+++ b/build-aux/make-info-dir
@@ -76,8 +76,7 @@ for topic in "Texinfo documentation system" "Emacs" "Emacs lisp" \
@@ -184,7 +184,7 @@
## FIXME do not ignore w32 if OS is w32.
case $file in
diff --git a/configure.ac b/configure.ac
-index 4291453..bdc76bc 100644
+index 4291453535b..bdc76bca3db 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5117,11 +5117,11 @@ dnl This will work, but you get a config.status that is not quite right
@@ -203,7 +203,7 @@
dnl test/ is not present in release tarfiles.
diff --git a/doc/misc/Makefile.in b/doc/misc/Makefile.in
-index 1644833..6918775 100644
+index 1644833d2b9..69187750d1d 100644
--- a/doc/misc/Makefile.in
+++ b/doc/misc/Makefile.in
@@ -57,18 +57,14 @@ INSTALL_DATA = @INSTALL_DATA@
@@ -938,7 +938,7 @@
mostlyclean:
diff --git a/lisp/help.el b/lisp/help.el
-index 80eb308..d009747 100644
+index 80eb308f67b..d0097472a1d 100644
--- a/lisp/help.el
+++ b/lisp/help.el
@@ -287,6 +287,14 @@ If that doesn't give a function, return nil."
diff -Nru emacs24-24.5+1/debian/patches/0004-Adjust-documentation-references-for-Debian.patch emacs24-24.5+1/debian/patches/0004-Adjust-documentation-references-for-Debian.patch
--- emacs24-24.5+1/debian/patches/0004-Adjust-documentation-references-for-Debian.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0004-Adjust-documentation-references-for-Debian.patch 2017-04-10 18:30:21.000000000 -0500
@@ -12,7 +12,7 @@
1 file changed, 5 insertions(+)
diff --git a/etc/NEWS b/etc/NEWS
-index 7d9e1f0..5e3b3b7 100644
+index 7d9e1f0d83f..5e3b3b746a2 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -14,6 +14,11 @@ and NEWS.1-17 for changes in older Emacs versions.
diff -Nru emacs24-24.5+1/debian/patches/0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch emacs24-24.5+1/debian/patches/0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch
--- emacs24-24.5+1/debian/patches/0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch 2017-04-10 18:30:21.000000000 -0500
@@ -12,7 +12,7 @@
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lisp/version.el b/lisp/version.el
-index 75763b3..a7cf191 100644
+index 75763b3f682..a7cf1917683 100644
--- a/lisp/version.el
+++ b/lisp/version.el
@@ -56,8 +56,8 @@ to the system configuration; look at `system-configuration' instead."
diff -Nru emacs24-24.5+1/debian/patches/0006-Look-for-NEWS-in-order-to-find-etc-rather-than-GNU.patch emacs24-24.5+1/debian/patches/0006-Look-for-NEWS-in-order-to-find-etc-rather-than-GNU.patch
--- emacs24-24.5+1/debian/patches/0006-Look-for-NEWS-in-order-to-find-etc-rather-than-GNU.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0006-Look-for-NEWS-in-order-to-find-etc-rather-than-GNU.patch 2017-04-10 18:30:21.000000000 -0500
@@ -19,7 +19,7 @@
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/callproc.c b/src/callproc.c
-index 6328ba8..78b707b 100644
+index 6328ba8349c..78b707bab9d 100644
--- a/src/callproc.c
+++ b/src/callproc.c
@@ -1633,13 +1633,13 @@ init_callproc (void)
diff -Nru emacs24-24.5+1/debian/patches/0007-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch emacs24-24.5+1/debian/patches/0007-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch
--- emacs24-24.5+1/debian/patches/0007-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0007-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch 2017-04-10 18:30:21.000000000 -0500
@@ -10,7 +10,7 @@
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/admin/unidata/Makefile.in b/admin/unidata/Makefile.in
-index 9781cd5..c73e2b5 100644
+index 9781cd5f273..c73e2b58f31 100644
--- a/admin/unidata/Makefile.in
+++ b/admin/unidata/Makefile.in
@@ -33,12 +33,7 @@ emacs = "${EMACS}" -batch --no-site-file --no-site-lisp
diff -Nru emacs24-24.5+1/debian/patches/0008-Emacs-won-t-assume-grep-supports-GREP_OPTIONS.patch emacs24-24.5+1/debian/patches/0008-Emacs-won-t-assume-grep-supports-GREP_OPTIONS.patch
--- emacs24-24.5+1/debian/patches/0008-Emacs-won-t-assume-grep-supports-GREP_OPTIONS.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0008-Emacs-won-t-assume-grep-supports-GREP_OPTIONS.patch 2017-04-10 18:30:21.000000000 -0500
@@ -24,7 +24,7 @@
2 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/lisp/ChangeLog b/lisp/ChangeLog
-index eb31d5f..7345c6a 100644
+index eb31d5fc2fe..7345c6ac5b5 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1165,6 +1165,16 @@
@@ -45,7 +45,7 @@
* image.el (image-multi-frame-p): Fix thinko - do not force
diff --git a/lisp/progmodes/grep.el b/lisp/progmodes/grep.el
-index d4caf48..0e8c214 100644
+index d4caf48e089..0e8c214aafb 100644
--- a/lisp/progmodes/grep.el
+++ b/lisp/progmodes/grep.el
@@ -77,11 +77,10 @@ in grep buffers, so if you have globally disabled font-lock-mode,
diff -Nru emacs24-24.5+1/debian/patches/0009-Emacs-should-no-longer-hang-during-large-yanks.patch emacs24-24.5+1/debian/patches/0009-Emacs-should-no-longer-hang-during-large-yanks.patch
--- emacs24-24.5+1/debian/patches/0009-Emacs-should-no-longer-hang-during-large-yanks.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0009-Emacs-should-no-longer-hang-during-large-yanks.patch 2017-04-10 18:30:21.000000000 -0500
@@ -38,7 +38,7 @@
4 files changed, 2 insertions(+), 13 deletions(-)
diff --git a/src/dispextern.h b/src/dispextern.h
-index 239c442..cf3d1ec 100644
+index 239c4425646..cf3d1ecaf9c 100644
--- a/src/dispextern.h
+++ b/src/dispextern.h
@@ -3349,7 +3349,6 @@ void unrequest_sigio (void);
@@ -50,7 +50,7 @@
/* Defined in xfaces.c. */
diff --git a/src/emacs.c b/src/emacs.c
-index 9b78a70..b5d3ab4 100644
+index 9b78a70428e..b5d3ab46a00 100644
--- a/src/emacs.c
+++ b/src/emacs.c
@@ -2028,7 +2028,6 @@ shut_down_emacs (int sig, Lisp_Object stuff)
@@ -62,7 +62,7 @@
/* Do this only if terminating normally, we want glyph matrices
etc. in a core dump. */
diff --git a/src/keyboard.c b/src/keyboard.c
-index 945019e..77af44a 100644
+index 945019e8418..77af44a7d46 100644
--- a/src/keyboard.c
+++ b/src/keyboard.c
@@ -3663,8 +3663,7 @@ kbd_buffer_store_event_hold (register struct input_event *event,
@@ -84,7 +84,7 @@
}
#endif /* subprocesses */
diff --git a/src/sysdep.c b/src/sysdep.c
-index 01692c2..4b4801d 100644
+index 01692c2d214..4b4801d58c9 100644
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -649,15 +649,6 @@ unrequest_sigio (void)
diff -Nru emacs24-24.5+1/debian/patches/0010-ELF-unexec-Correct-section-header-index.patch emacs24-24.5+1/debian/patches/0010-ELF-unexec-Correct-section-header-index.patch
--- emacs24-24.5+1/debian/patches/0010-ELF-unexec-Correct-section-header-index.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0010-ELF-unexec-Correct-section-header-index.patch 2017-04-10 18:30:21.000000000 -0500
@@ -28,7 +28,7 @@
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index 59e2725..d4a36f8 100644
+index 59e2725ba20..d4a36f84cb1 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -1016,12 +1016,12 @@ temacs:
diff -Nru emacs24-24.5+1/debian/patches/0011-ELF-unexec-Tidy-code.patch emacs24-24.5+1/debian/patches/0011-ELF-unexec-Tidy-code.patch
--- emacs24-24.5+1/debian/patches/0011-ELF-unexec-Tidy-code.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0011-ELF-unexec-Tidy-code.patch 2017-04-10 18:30:21.000000000 -0500
@@ -26,7 +26,7 @@
1 file changed, 96 insertions(+), 114 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index d4a36f8..f7465cb 100644
+index d4a36f84cb1..f7465cbeeba 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -813,20 +813,11 @@ unexec (const char *new_name, const char *old_name)
diff -Nru emacs24-24.5+1/debian/patches/0012-ELF-unexec-Merge-Alpha-and-MIPS-COFF-debug-handling.patch emacs24-24.5+1/debian/patches/0012-ELF-unexec-Merge-Alpha-and-MIPS-COFF-debug-handling.patch
--- emacs24-24.5+1/debian/patches/0012-ELF-unexec-Merge-Alpha-and-MIPS-COFF-debug-handling.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0012-ELF-unexec-Merge-Alpha-and-MIPS-COFF-debug-handling.patch 2017-04-10 18:30:21.000000000 -0500
@@ -25,7 +25,7 @@
1 file changed, 29 insertions(+), 67 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index f7465cb..07c2ebe 100644
+index f7465cbeeba..07c2ebec04e 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -660,9 +660,6 @@ unexec (const char *new_name, const char *old_name)
diff -Nru emacs24-24.5+1/debian/patches/0013-ELF-unexec-Symbol-table-patching.patch emacs24-24.5+1/debian/patches/0013-ELF-unexec-Symbol-table-patching.patch
--- emacs24-24.5+1/debian/patches/0013-ELF-unexec-Symbol-table-patching.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0013-ELF-unexec-Symbol-table-patching.patch 2017-04-10 18:30:21.000000000 -0500
@@ -22,7 +22,7 @@
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index 07c2ebe..010ecd3 100644
+index 07c2ebec04e..010ecd31b85 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -1119,7 +1119,7 @@ temacs:
diff -Nru emacs24-24.5+1/debian/patches/0014-ELF-unexec-_OBJC_-symbols-in-bss-sections.patch emacs24-24.5+1/debian/patches/0014-ELF-unexec-_OBJC_-symbols-in-bss-sections.patch
--- emacs24-24.5+1/debian/patches/0014-ELF-unexec-_OBJC_-symbols-in-bss-sections.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0014-ELF-unexec-_OBJC_-symbols-in-bss-sections.patch 2017-04-10 18:30:21.000000000 -0500
@@ -26,7 +26,7 @@
1 file changed, 18 insertions(+), 13 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index 010ecd3..58f0ad0 100644
+index 010ecd31b85..58f0ad0bb2c 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -1177,20 +1177,25 @@ temacs:
diff -Nru emacs24-24.5+1/debian/patches/0015-ELF-unexec-R_-_NONE-relocs.patch emacs24-24.5+1/debian/patches/0015-ELF-unexec-R_-_NONE-relocs.patch
--- emacs24-24.5+1/debian/patches/0015-ELF-unexec-R_-_NONE-relocs.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0015-ELF-unexec-R_-_NONE-relocs.patch 2017-04-10 18:30:21.000000000 -0500
@@ -23,7 +23,7 @@
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index 58f0ad0..1d9387e 100644
+index 58f0ad0bb2c..1d9387e534c 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -1203,7 +1203,7 @@ temacs:
diff -Nru emacs24-24.5+1/debian/patches/0016-ELF-unexec-Drive-from-PT_LOAD-header-rather-than-sec.patch emacs24-24.5+1/debian/patches/0016-ELF-unexec-Drive-from-PT_LOAD-header-rather-than-sec.patch
--- emacs24-24.5+1/debian/patches/0016-ELF-unexec-Drive-from-PT_LOAD-header-rather-than-sec.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0016-ELF-unexec-Drive-from-PT_LOAD-header-rather-than-sec.patch 2017-04-10 18:30:21.000000000 -0500
@@ -48,7 +48,7 @@
1 file changed, 77 insertions(+), 213 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index 1d9387e..c659f3e 100644
+index 1d9387e534c..c659f3ed280 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -535,29 +535,6 @@ verify ((! TYPE_SIGNED (ElfW (Half))
diff -Nru emacs24-24.5+1/debian/patches/0017-ELF-unexec-Don-t-insert-a-new-section.patch emacs24-24.5+1/debian/patches/0017-ELF-unexec-Don-t-insert-a-new-section.patch
--- emacs24-24.5+1/debian/patches/0017-ELF-unexec-Don-t-insert-a-new-section.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0017-ELF-unexec-Don-t-insert-a-new-section.patch 2017-04-10 18:30:21.000000000 -0500
@@ -41,7 +41,7 @@
1 file changed, 50 insertions(+), 474 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index c659f3e..9279c76 100644
+index c659f3ed280..9279c760d6f 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -40,347 +40,6 @@ what you give them. Help stamp out software-hoarding! */
diff -Nru emacs24-24.5+1/debian/patches/0018-src-unexelf.c-NEW_PROGRAM_H-Remove-unused-macro-Bug-.patch emacs24-24.5+1/debian/patches/0018-src-unexelf.c-NEW_PROGRAM_H-Remove-unused-macro-Bug-.patch
--- emacs24-24.5+1/debian/patches/0018-src-unexelf.c-NEW_PROGRAM_H-Remove-unused-macro-Bug-.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0018-src-unexelf.c-NEW_PROGRAM_H-Remove-unused-macro-Bug-.patch 2017-04-10 18:30:21.000000000 -0500
@@ -18,7 +18,7 @@
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index 9279c76..f2462d1 100644
+index 9279c760d6f..f2462d1e85e 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -208,8 +208,6 @@ entry_address (void *section_h, ptrdiff_t idx, ptrdiff_t entsize)
diff -Nru emacs24-24.5+1/debian/patches/0019-ELF-unexec-align-section-header.patch emacs24-24.5+1/debian/patches/0019-ELF-unexec-align-section-header.patch
--- emacs24-24.5+1/debian/patches/0019-ELF-unexec-align-section-header.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0019-ELF-unexec-align-section-header.patch 2017-04-10 18:30:21.000000000 -0500
@@ -27,7 +27,7 @@
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/unexelf.c b/src/unexelf.c
-index f2462d1..c69be0d 100644
+index f2462d1e85e..c69be0dfdc0 100644
--- a/src/unexelf.c
+++ b/src/unexelf.c
@@ -247,7 +247,7 @@ unexec (const char *new_name, const char *old_name)
diff -Nru emacs24-24.5+1/debian/patches/0020-Emacs-should-show-GTK-icons-again.patch emacs24-24.5+1/debian/patches/0020-Emacs-should-show-GTK-icons-again.patch
--- emacs24-24.5+1/debian/patches/0020-Emacs-should-show-GTK-icons-again.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0020-Emacs-should-show-GTK-icons-again.patch 2017-04-10 18:30:21.000000000 -0500
@@ -54,7 +54,7 @@
7 files changed, 155 insertions(+), 378 deletions(-)
diff --git a/lisp/ChangeLog b/lisp/ChangeLog
-index 7345c6a..102461e 100644
+index 7345c6ac5b5..102461ebc88 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,9 @@
@@ -68,7 +68,7 @@
* Version 24.5 released.
diff --git a/lisp/term/x-win.el b/lisp/term/x-win.el
-index ca0ae3b..7a41d32 100644
+index ca0ae3bd9e2..7a41d328542 100644
--- a/lisp/term/x-win.el
+++ b/lisp/term/x-win.el
@@ -1475,47 +1475,47 @@ This returns an error if any Emacs frames are X frames, or always under W32."
@@ -172,7 +172,7 @@
(defcustom icon-map-list '(x-gtk-stock-map)
diff --git a/src/ChangeLog b/src/ChangeLog
-index f95a763..1ad3dfe 100644
+index f95a7631737..1ad3dfe1fe5 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,34 @@
@@ -211,7 +211,7 @@
* Version 24.5 released.
diff --git a/src/gtkutil.c b/src/gtkutil.c
-index eddd2b5..68709ed 100644
+index eddd2b535db..68709edfbc2 100644
--- a/src/gtkutil.c
+++ b/src/gtkutil.c
@@ -92,6 +92,16 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
@@ -869,7 +869,7 @@
xg_menu_item_cb_list.prev = xg_menu_item_cb_list.next = 0;
diff --git a/src/gtkutil.h b/src/gtkutil.h
-index 5176be6..37d2900 100644
+index 5176be61f86..37d290069c1 100644
--- a/src/gtkutil.h
+++ b/src/gtkutil.h
@@ -107,8 +107,6 @@ extern void xg_update_frame_menubar (struct frame *f);
@@ -882,7 +882,7 @@
extern void xg_create_scroll_bar (struct frame *f,
diff --git a/src/xmenu.c b/src/xmenu.c
-index 53683c7..77fc4ef 100644
+index 53683c708f1..77fc4ef2956 100644
--- a/src/xmenu.c
+++ b/src/xmenu.c
@@ -793,12 +793,6 @@ set_frame_menubar (struct frame *f, bool first_time, bool deep_p)
@@ -899,7 +899,7 @@
{
/* Make a widget-value tree representing the entire menu trees. */
diff --git a/src/xterm.h b/src/xterm.h
-index 4683a4c..1fb3f0a 100644
+index 4683a4c7877..1fb3f0aad9e 100644
--- a/src/xterm.h
+++ b/src/xterm.h
@@ -491,10 +491,6 @@ struct x_output
diff -Nru emacs24-24.5+1/debian/patches/0021-Emacs-should-work-with-gcc-5.2-and-newer.patch emacs24-24.5+1/debian/patches/0021-Emacs-should-work-with-gcc-5.2-and-newer.patch
--- emacs24-24.5+1/debian/patches/0021-Emacs-should-work-with-gcc-5.2-and-newer.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0021-Emacs-should-work-with-gcc-5.2-and-newer.patch 2017-04-10 18:30:21.000000000 -0500
@@ -24,7 +24,7 @@
1 file changed, 47 insertions(+)
diff --git a/src/gmalloc.c b/src/gmalloc.c
-index cfd39be..9f93b62 100644
+index cfd39be2bb3..9f93b62df93 100644
--- a/src/gmalloc.c
+++ b/src/gmalloc.c
@@ -49,6 +49,17 @@ extern "C"
diff -Nru emacs24-24.5+1/debian/patches/0022-Emacs-should-work-with-glibc-2.24-on-ppc64.patch emacs24-24.5+1/debian/patches/0022-Emacs-should-work-with-glibc-2.24-on-ppc64.patch
--- emacs24-24.5+1/debian/patches/0022-Emacs-should-work-with-glibc-2.24-on-ppc64.patch 2017-01-22 12:05:25.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0022-Emacs-should-work-with-glibc-2.24-on-ppc64.patch 2017-04-10 18:30:21.000000000 -0500
@@ -30,7 +30,7 @@
3 files changed, 26 insertions(+), 26 deletions(-)
diff --git a/admin/CPP-DEFINES b/admin/CPP-DEFINES
-index e475b42..ef35513 100644
+index e475b422500..ef355135d8a 100644
--- a/admin/CPP-DEFINES
+++ b/admin/CPP-DEFINES
@@ -244,7 +244,7 @@ HAVE_NET_IF_DL_H
@@ -43,7 +43,7 @@
HAVE_PNG_H
HAVE_POSIX_MEMALIGN
diff --git a/configure.ac b/configure.ac
-index bdc76bc..18387d8 100644
+index bdc76bca3db..18387d84ec5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1478,15 +1478,17 @@ AC_CHECK_HEADERS_ONCE(
@@ -74,7 +74,7 @@
dnl On Solaris 8 there's a compilation warning for term.h because
diff --git a/src/emacs.c b/src/emacs.c
-index b5d3ab4..eda439a 100644
+index b5d3ab46a00..eda439ac6b1 100644
--- a/src/emacs.c
+++ b/src/emacs.c
@@ -99,7 +99,7 @@ extern void moncontrol (int mode);
diff -Nru emacs24-24.5+1/debian/patches/0023-Emacs-should-no-longer-hang-when-loading-TRAMP.patch emacs24-24.5+1/debian/patches/0023-Emacs-should-no-longer-hang-when-loading-TRAMP.patch
--- emacs24-24.5+1/debian/patches/0023-Emacs-should-no-longer-hang-when-loading-TRAMP.patch 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0023-Emacs-should-no-longer-hang-when-loading-TRAMP.patch 2017-04-10 18:30:21.000000000 -0500
@@ -21,7 +21,7 @@
5 files changed, 89 insertions(+), 53 deletions(-)
diff --git a/lisp/net/tramp-adb.el b/lisp/net/tramp-adb.el
-index f5e2019..cf1e05e 100644
+index f5e201985f9..cf1e05e4d65 100644
--- a/lisp/net/tramp-adb.el
+++ b/lisp/net/tramp-adb.el
@@ -38,6 +38,7 @@
@@ -41,7 +41,7 @@
"^\\(?:[[:digit:]]*|?\\)?\\(?:[[:alnum:]]*@[[:alnum:]]*[^#\\$]*\\)?[#\\$][[:space:]]"
"Regexp used as prompt in almquist shell."
diff --git a/lisp/net/tramp-gvfs.el b/lisp/net/tramp-gvfs.el
-index 1ea52eb..5988a28 100644
+index 1ea52eb670d..5988a284c6e 100644
--- a/lisp/net/tramp-gvfs.el
+++ b/lisp/net/tramp-gvfs.el
@@ -127,6 +127,7 @@
@@ -61,7 +61,7 @@
"Defines seconds since last bluetooth device discovery before rescanning.
A value of 0 would require an immediate discovery during hostname
diff --git a/lisp/net/tramp-sh.el b/lisp/net/tramp-sh.el
-index bd7aec9..0e30bfe 100644
+index bd7aec98f79..0e30bfe08ed 100644
--- a/lisp/net/tramp-sh.el
+++ b/lisp/net/tramp-sh.el
@@ -40,6 +40,7 @@
@@ -202,7 +202,7 @@
(process-adaptive-read-buffering nil)
(coding-system-for-read nil)
diff --git a/lisp/net/tramp-smb.el b/lisp/net/tramp-smb.el
-index d5fe17f..14360b9 100644
+index d5fe17f0939..14360b96fe6 100644
--- a/lisp/net/tramp-smb.el
+++ b/lisp/net/tramp-smb.el
@@ -70,17 +70,20 @@
@@ -251,7 +251,7 @@
"Command switch used together with `tramp-smb-winexe-shell-command'.
This can be used to disable echo etc."
diff --git a/lisp/net/tramp.el b/lisp/net/tramp.el
-index 79242a4..10bb769 100644
+index 79242a46755..10bb76983aa 100644
--- a/lisp/net/tramp.el
+++ b/lisp/net/tramp.el
@@ -73,6 +73,7 @@
diff -Nru emacs24-24.5+1/debian/patches/0024-Remove-insecure-from-gnutls-cli-invocation.patch emacs24-24.5+1/debian/patches/0024-Remove-insecure-from-gnutls-cli-invocation.patch
--- emacs24-24.5+1/debian/patches/0024-Remove-insecure-from-gnutls-cli-invocation.patch 1969-12-31 18:00:00.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0024-Remove-insecure-from-gnutls-cli-invocation.patch 2017-04-10 18:30:21.000000000 -0500
@@ -0,0 +1,66 @@
+From 235ecd401864645d6c14d0aa381af6a86f94a00c Mon Sep 17 00:00:00 2001
+From: Lars Ingebrigtsen <la...@gnus.org>
+Date: Tue, 29 Dec 2015 14:30:53 +0100
+Subject: Remove --insecure from gnutls-cli invocation
+
+Emacs should now use secure TLS connections by default.
+
+The following upstream patch has been added:
+
+ Remove --insecure from gnutls-cli invocation
+
+ * tls.el (tls-program): Default to using secure TLS
+ connections (bug#19284).
+
+Origin: backport, commit:ad9aaa460e2fa446b08124bd8df846e1471c030b
+Bug: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=19284
+Bug-Debian: https://bugs.debian.org/816063
+Forwarded: not-needed
+---
+ lisp/net/tls.el | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/lisp/net/tls.el b/lisp/net/tls.el
+index 9e02945225e..1475f03cb0e 100644
+--- a/lisp/net/tls.el
++++ b/lisp/net/tls.el
+@@ -74,8 +74,8 @@ and `gnutls-cli' (version 2.0.1) output."
+ :type 'regexp
+ :group 'tls)
+
+-(defcustom tls-program '("gnutls-cli --insecure -p %p %h"
+- "gnutls-cli --insecure -p %p %h --protocols ssl3"
++(defcustom tls-program '("gnutls-cli -p %p %h"
++ "gnutls-cli -p %p %h --protocols ssl3"
+ "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
+ "List of strings containing commands to start TLS stream to a host.
+ Each entry in the list is tried until a connection is successful.
+@@ -89,13 +89,13 @@ successful negotiation."
+ :type
+ '(choice
+ (const :tag "Default list of commands"
+- ("gnutls-cli --insecure -p %p %h"
+- "gnutls-cli --insecure -p %p %h --protocols ssl3"
++ ("gnutls-cli -p %p %h"
++ "gnutls-cli -p %p %h --protocols ssl3"
+ "openssl s_client -connect %h:%p -no_ssl2 -ign_eof"))
+ (list :tag "Choose commands"
+ :value
+- ("gnutls-cli --insecure -p %p %h"
+- "gnutls-cli --insecure -p %p %h --protocols ssl3"
++ ("gnutls-cli -p %p %h"
++ "gnutls-cli -p %p %h --protocols ssl3"
+ "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
+ (set :inline t
+ ;; FIXME: add brief `:tag "..."' descriptions.
+@@ -105,8 +105,8 @@ successful negotiation."
+ (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3")
+ (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof")
+ ;; No trust check:
+- (const "gnutls-cli --insecure -p %p %h")
+- (const "gnutls-cli --insecure -p %p %h --protocols ssl3")
++ (const "gnutls-cli -p %p %h")
++ (const "gnutls-cli -p %p %h --protocols ssl3")
+ (const "openssl s_client -connect %h:%p -no_ssl2 -ign_eof"))
+ (repeat :inline t :tag "Other" (string)))
+ (list :tag "List of commands"
diff -Nru emacs24-24.5+1/debian/patches/0025-Refactor-out-gnutls-trustfiles.patch emacs24-24.5+1/debian/patches/0025-Refactor-out-gnutls-trustfiles.patch
--- emacs24-24.5+1/debian/patches/0025-Refactor-out-gnutls-trustfiles.patch 1969-12-31 18:00:00.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0025-Refactor-out-gnutls-trustfiles.patch 2017-04-10 18:30:21.000000000 -0500
@@ -0,0 +1,54 @@
+From 9ca1f6e83aa65507f6f6c178821d5079ddc88bb5 Mon Sep 17 00:00:00 2001
+From: Lars Ingebrigtsen <la...@gnus.org>
+Date: Tue, 29 Dec 2015 14:39:53 +0100
+Subject: Refactor out gnutls-trustfiles
+
+Emacs should now specify a TLS trustfile.
+
+This upstream patch has been added [1/2]:
+
+ Refactor out gnutls-trustfiles
+
+ * lisp/net/gnutls.el (gnutls-trustfiles): Refactor out for reuse by tls.el.
+
+Origin: backport, commit:1ba1e35fbed820ec9d9e1dafbe150f88f29342d8
+Bug: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=19284
+Bug-Debian: https://bugs.debian.org/816063
+Forwarded: not-needed
+---
+ lisp/net/gnutls.el | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
+index 0593c1f29e3..de0b1b3d08f 100644
+--- a/lisp/net/gnutls.el
++++ b/lisp/net/gnutls.el
+@@ -189,12 +189,7 @@ here's a recent version of the list.
+ It must be omitted, a number, or nil; if omitted or nil it
+ defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT."
+ (let* ((type (or type 'gnutls-x509pki))
+- (trustfiles (or trustfiles
+- (delq nil
+- (mapcar (lambda (f) (and f (file-exists-p f) f))
+- (if (functionp gnutls-trustfiles)
+- (funcall gnutls-trustfiles)
+- gnutls-trustfiles)))))
++ (trustfiles (or trustfiles (gnutls-trustfiles)))
+ (priority-string (or priority-string
+ (cond
+ ((eq type 'gnutls-anon)
+@@ -245,6 +240,14 @@ defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT."
+
+ process))
+
++(defun gnutls-trustfiles ()
++ "Return a list of usable trustfiles."
++ (delq nil
++ (mapcar (lambda (f) (and f (file-exists-p f) f))
++ (if (functionp gnutls-trustfiles)
++ (funcall gnutls-trustfiles)
++ gnutls-trustfiles))))
++
+ (declare-function gnutls-error-string "gnutls.c" (error))
+
+ (defun gnutls-message-maybe (doit format &rest params)
diff -Nru emacs24-24.5+1/debian/patches/0026-Make-tls.el-use-trustfiles-by-default.patch emacs24-24.5+1/debian/patches/0026-Make-tls.el-use-trustfiles-by-default.patch
--- emacs24-24.5+1/debian/patches/0026-Make-tls.el-use-trustfiles-by-default.patch 1969-12-31 18:00:00.000000000 -0600
+++ emacs24-24.5+1/debian/patches/0026-Make-tls.el-use-trustfiles-by-default.patch 2017-04-10 18:30:21.000000000 -0500
@@ -0,0 +1,90 @@
+From a3951c32e009143b12d90ea0b219b9019a0102c5 Mon Sep 17 00:00:00 2001
+From: Lars Ingebrigtsen <la...@gnus.org>
+Date: Tue, 29 Dec 2015 14:46:20 +0100
+Subject: Make tls.el use trustfiles by default
+
+Emacs should now specify a TLS trustfile.
+
+This upstream patch has been added [2/2]:
+
+ Make tls.el use trustfiles by default
+
+ * lisp/net/tls.el (tls-program): Add a certfile by default (bug#21227).
+ (open-tls-stream): Insert the trustfile by looking at
+ `gnutls-trustfiles'.
+
+Origin: backport, commit:de5c44fe8811b07eaad6ab5fc53d498e465a43d4
+Bug: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=21227
+Bug-Debian: https://bugs.debian.org/816063
+Forwarded: not-needed
+---
+ lisp/net/tls.el | 28 ++++++++++++++--------------
+ 1 file changed, 14 insertions(+), 14 deletions(-)
+
+diff --git a/lisp/net/tls.el b/lisp/net/tls.el
+index 1475f03cb0e..68a3ff6ae0a 100644
+--- a/lisp/net/tls.el
++++ b/lisp/net/tls.el
+@@ -44,6 +44,8 @@
+
+ ;;; Code:
+
++(require 'gnutls)
++
+ (autoload 'format-spec "format-spec")
+ (autoload 'format-spec-make "format-spec")
+
+@@ -74,9 +76,10 @@ and `gnutls-cli' (version 2.0.1) output."
+ :type 'regexp
+ :group 'tls)
+
+-(defcustom tls-program '("gnutls-cli -p %p %h"
+- "gnutls-cli -p %p %h --protocols ssl3"
+- "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
++(defcustom tls-program
++ '("gnutls-cli --x509cafile %t -p %p %h"
++ "gnutls-cli --x509cafile %t -p %p %h --protocols ssl3"
++ "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
+ "List of strings containing commands to start TLS stream to a host.
+ Each entry in the list is tried until a connection is successful.
+ %h is replaced with server hostname, %p with port to connect to.
+@@ -89,24 +92,20 @@ successful negotiation."
+ :type
+ '(choice
+ (const :tag "Default list of commands"
+- ("gnutls-cli -p %p %h"
+- "gnutls-cli -p %p %h --protocols ssl3"
+- "openssl s_client -connect %h:%p -no_ssl2 -ign_eof"))
++ ("gnutls-cli --x509cafile %t -p %p %h"
++ "gnutls-cli --x509cafile %t -p %p %h --protocols ssl3"
++ "openssl s_client -CAfile %t -connect %h:%p -no_ssl2 -ign_eof"))
+ (list :tag "Choose commands"
+ :value
+- ("gnutls-cli -p %p %h"
+- "gnutls-cli -p %p %h --protocols ssl3"
++ ("gnutls-cli --x509cafile %t -p %p %h"
++ "gnutls-cli --x509cafile %t -p %p %h --protocols ssl3"
+ "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
+ (set :inline t
+ ;; FIXME: add brief `:tag "..."' descriptions.
+ ;; (repeat :inline t :tag "Other" (string))
+- ;; See `tls-checktrust':
+- (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h")
+- (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3")
+- (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof")
+ ;; No trust check:
+- (const "gnutls-cli -p %p %h")
+- (const "gnutls-cli -p %p %h --protocols ssl3")
++ (const "gnutls-cli --insecure -p %p %h")
++ (const "gnutls-cli --insecure -p %p %h --protocols ssl3")
+ (const "openssl s_client -connect %h:%p -no_ssl2 -ign_eof"))
+ (repeat :inline t :tag "Other" (string)))
+ (list :tag "List of commands"
+@@ -227,6 +226,7 @@ Fourth arg PORT is an integer specifying a port to connect to."
+ (format-spec
+ cmd
+ (format-spec-make
++ ?t (car (gnutls-trustfiles))
+ ?h host
+ ?p (if (integerp port)
+ (int-to-string port)
diff -Nru emacs24-24.5+1/debian/patches/series emacs24-24.5+1/debian/patches/series
--- emacs24-24.5+1/debian/patches/series 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/patches/series 2017-04-10 18:30:21.000000000 -0500
@@ -21,3 +21,6 @@
0021-Emacs-should-work-with-gcc-5.2-and-newer.patch
0022-Emacs-should-work-with-glibc-2.24-on-ppc64.patch
0023-Emacs-should-no-longer-hang-when-loading-TRAMP.patch
+0024-Remove-insecure-from-gnutls-cli-invocation.patch
+0025-Refactor-out-gnutls-trustfiles.patch
+0026-Make-tls.el-use-trustfiles-by-default.patch
diff -Nru emacs24-24.5+1/debian/rules emacs24-24.5+1/debian/rules
--- emacs24-24.5+1/debian/rules 2017-01-22 14:32:37.000000000 -0600
+++ emacs24-24.5+1/debian/rules 2017-04-16 10:06:33.000000000 -0500
@@ -315,6 +315,7 @@
confflags += --mandir=/usr/share/man
confflags += --with-pop=yes
confflags += --enable-locallisppath=$(local_lpath)
+confflags += --without-gnutls
# x configure flags
confflags_x := $(confflags)
unblock emacs24/24.5+1-9
Thanks
--
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
