aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--emacs/25.3/01_all_gc-align-sparc.patch31
-rw-r--r--emacs/25.3/02_all_imagemagick-7.patch86
-rw-r--r--emacs/25.3/03_all_glibc-2.34.patch20
-rw-r--r--emacs/25.3/04_all_etags.patch255
-rw-r--r--emacs/25.3/05_all_etags-metachar.patch99
-rw-r--r--emacs/25.3/06_all_htmlfontify.patch22
-rw-r--r--emacs/26.3/07_all_configure-decl.patch66
-rw-r--r--emacs/26.3/08_all_org-remote-unsafe.patch30
-rw-r--r--emacs/27.2/08_all_configure-decl.patch66
-rw-r--r--emacs/27.2/09_all_untrusted-content.patch84
-rw-r--r--emacs/27.2/10_all_org-remote-unsafe.patch30
-rw-r--r--emacs/28.2/09_all_configure-decl.patch66
-rw-r--r--emacs/28.2/10_all_org-macro-eval.patch35
-rw-r--r--emacs/28.2/11_all_untrusted-content.patch84
-rw-r--r--emacs/28.2/12_all_org-remote-unsafe.patch30
-rw-r--r--emacs/29.1/01_all_xdisp-segfault.patch32
-rw-r--r--emacs/29.1/02_all_modeline.patch28
-rw-r--r--emacs/29.1/03_all_zlib-inflate.patch22
-rw-r--r--emacs/29.1/04_all_tree-sitter.patch21
-rw-r--r--emacs/29.1/05_all_small-ja-dic.patch92
-rw-r--r--emacs/29.2/01_all_sanity-check.patch (renamed from emacs/29.1/06_all_sanity-check.patch)0
-rw-r--r--emacs/29.2/02_all_epg-gpmsm.patch38
-rw-r--r--emacs/29.2/03_all_configure-decl.patch52
-rw-r--r--emacs/29.3/01_all_sanity-check.patch13
-rw-r--r--emacs/29.3/02_all_epg-gpmsm.patch38
25 files changed, 632 insertions, 708 deletions
diff --git a/emacs/25.3/01_all_gc-align-sparc.patch b/emacs/25.3/01_all_gc-align-sparc.patch
deleted file mode 100644
index b76cf99..0000000
--- a/emacs/25.3/01_all_gc-align-sparc.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix segmentation fault on sparc64 with 32 bit userland.
-https://bugs.gentoo.org/647238
-
-Backported from upstream git:
-
-commit db64a866f6971c5d63565253c0c8d8db15d4a4dc
-Author: Paul Eggert <eggert@cs.ucla.edu>
-Date: Tue Mar 20 09:54:20 2018 -0700
-
- Port to 32-bit sparc64
-
- Problem reported by Ulrich Mueller; fix suggested by Eli Zaretskii
- and Andreas Schwab (Bug#30855).
- * src/alloc.c (mark_memory): Call mark_maybe_object only on
- pointers that are properly aligned for Lisp_Object.
-
---- emacs-25.3-orig/src/alloc.c
-+++ emacs-25.3/src/alloc.c
-@@ -4892,7 +4892,11 @@
- for (pp = start; (void *) pp < end; pp += GC_POINTER_ALIGNMENT)
- {
- mark_maybe_pointer (*(void **) pp);
-- mark_maybe_object (*(Lisp_Object *) pp);
-+
-+ verify (alignof (Lisp_Object) % GC_POINTER_ALIGNMENT == 0);
-+ if (alignof (Lisp_Object) == GC_POINTER_ALIGNMENT
-+ || (uintptr_t) pp % alignof (Lisp_Object) == 0)
-+ mark_maybe_object (*(Lisp_Object *) pp);
- }
- }
-
diff --git a/emacs/25.3/02_all_imagemagick-7.patch b/emacs/25.3/02_all_imagemagick-7.patch
deleted file mode 100644
index 873fdcd..0000000
--- a/emacs/25.3/02_all_imagemagick-7.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-Support ImageMagick version 7.
-https://bugs.gentoo.org/665058
-https://debbugs.gnu.org/25967
-
-This backports and consolidates the following commits from upstream git:
-
-commit 3cc42bb60099c32f64e57d2ee33c8321adba7942
-Author: Glenn Morris <rgm@gnu.org>
-Date: Thu Aug 30 13:56:08 2018 -0400
-
- * configure.ac: Fix goofs in my recent ImageMagick change.
-
-commit 42ed35c68b7c199aa797e655fdc3547c5c3087d2
-Author: Paul Eggert <eggert@cs.ucla.edu>
-Date: Thu Aug 30 10:03:43 2018 -0700
-
- Pacify -Wdouble-promotion in ImageMagick code
-
-commit bf1b147b55e1328efca6e40181e79dd9a369895d
-Author: Glenn Morris <rgm@gnu.org>
-Date: Mon Aug 27 22:03:25 2018 -0400
-
- * configure.ac, src/image.c: Tweak previous ImageMagick change.
-
-commit 5729486951e6a60db55ea17ee3bac9baf8b54f6a
-Author: Karl Otness <karl@karlotness.com>
-Date: Mon Aug 27 21:57:44 2018 -0400
-
- Support ImageMagick version 7 (bug#25967)
-
---- emacs-25.3-orig/configure.ac
-+++ emacs-25.3/configure.ac
-@@ -2405,10 +2405,14 @@
- HAVE_IMAGEMAGICK=no
- if test "${HAVE_X11}" = "yes" || test "${HAVE_NS}" = "yes" || test "${HAVE_W32}" = "yes"; then
- if test "${with_imagemagick}" != "no"; then
-- ## 6.3.5 is the earliest version known to work; see Bug#17339.
-- ## 6.8.2 makes Emacs crash; see Bug#13867.
-- IMAGEMAGICK_MODULE="Wand >= 6.3.5 Wand != 6.8.2"
-- EMACS_CHECK_MODULES([IMAGEMAGICK], [$IMAGEMAGICK_MODULE])
-+ EMACS_CHECK_MODULES([IMAGEMAGICK], [MagickWand >= 7])
-+ if test $HAVE_IMAGEMAGICK = yes; then
-+ AC_DEFINE([HAVE_IMAGEMAGICK7], 1, [Define to 1 if using ImageMagick7.])
-+ else
-+ ## 6.3.5 is the earliest version known to work; see Bug#17339.
-+ ## 6.8.2 makes Emacs crash; see Bug#13867.
-+ EMACS_CHECK_MODULES([IMAGEMAGICK], [Wand >= 6.3.5 Wand != 6.8.2])
-+ fi
- AC_SUBST(IMAGEMAGICK_CFLAGS)
- AC_SUBST(IMAGEMAGICK_LIBS)
-
---- emacs-25.3-orig/src/image.c
-+++ emacs-25.3/src/image.c
-@@ -8240,11 +8240,20 @@
- /* The GIF library also defines DrawRectangle, but its never used in Emacs.
- Therefore rename the function so it doesn't collide with ImageMagick. */
- #define DrawRectangle DrawRectangleGif
--#include <wand/MagickWand.h>
-+
-+#ifdef HAVE_IMAGEMAGICK7
-+# include <MagickWand/MagickWand.h>
-+# include <MagickCore/version.h>
-+/* ImageMagick 7 compatibility definitions. */
-+# define PixelSetMagickColor PixelSetPixelColor
-+typedef PixelInfo MagickPixelPacket;
-+#else
-+# include <wand/MagickWand.h>
-+# include <magick/version.h>
-+#endif
-
- /* ImageMagick 6.5.3 through 6.6.5 hid PixelGetMagickColor for some reason.
- Emacs seems to work fine with the hidden version, so unhide it. */
--#include <magick/version.h>
- #if 0x653 <= MagickLibVersion && MagickLibVersion <= 0x665
- extern WandExport void PixelGetMagickColor (const PixelWand *,
- MagickPixelPacket *);
-@@ -8744,7 +8753,8 @@
- #endif /* HAVE_MAGICKEXPORTIMAGEPIXELS */
- {
- size_t image_height;
-- MagickRealType color_scale = 65535.0 / QuantumRange;
-+ double quantum_range = QuantumRange;
-+ MagickRealType color_scale = 65535.0 / quantum_range;
-
- /* Try to create a x pixmap to hold the imagemagick pixmap. */
- if (!image_create_x_image_and_pixmap (f, img, width, height, 0,
diff --git a/emacs/25.3/03_all_glibc-2.34.patch b/emacs/25.3/03_all_glibc-2.34.patch
deleted file mode 100644
index 1ecad71..0000000
--- a/emacs/25.3/03_all_glibc-2.34.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Fix compilation with glibc-2.34
-https://bugs.gentoo.org/803644
-
-In glibc-2.34, definition of SIGSTKSZ has changed from a fixed value
-to sysconf(_SC_SIGSTKSZ), which cannot be used in the definition of a
-static array. In 2.33, the default SIGSTKSZ was 8192, but apparently
-some arches (e.g. aarch64 and sparc) used 16384. Hardcode the larger
-of these values.
-
---- emacs-25.3/src/sysdep.c
-+++ emacs-25.3/src/sysdep.c
-@@ -1624,7 +1624,7 @@
-
- /* Alternate stack used by SIGSEGV handler below. */
-
--static unsigned char sigsegv_stack[SIGSTKSZ];
-+static unsigned char sigsegv_stack[16384];
-
-
- /* Return true if SIGINFO indicates a stack overflow. */
diff --git a/emacs/25.3/04_all_etags.patch b/emacs/25.3/04_all_etags.patch
deleted file mode 100644
index a9f857f..0000000
--- a/emacs/25.3/04_all_etags.patch
+++ /dev/null
@@ -1,255 +0,0 @@
-Fix ctags command execution vulnerability (CVE-2022-45939)
-Backported from emacs-29 branch
-https://bugs.gentoo.org/883687
-
-commit d48bb4874bc6cd3e69c7a15fc3c91cc141025c51
-Author: Xi Lu <lx@shellcodes.org>
-Date: Fri Nov 25 14:38:29 2022 +0800
-
- Fixed ctags local command execute vulnerability
-
---- emacs-25.3/lib-src/etags.c
-+++ emacs-25.3/lib-src/etags.c
-@@ -374,7 +374,7 @@
-
- static language *get_language_from_langname (const char *);
- static void readline (linebuffer *, FILE *);
--static long readline_internal (linebuffer *, FILE *, char const *);
-+static long readline_internal (linebuffer *, FILE *, char const *, const bool);
- static bool nocase_tail (const char *);
- static void get_tag (char *, char **);
-
-@@ -396,7 +396,9 @@
- static void pfnote (char *, bool, char *, int, int, long);
- static void invalidate_nodes (fdesc *, node **);
- static void put_entries (node *);
-+static void clean_matched_file_tag (char const * const, char const * const);
-
-+static void do_move_file (const char *, const char *);
- static char *concat (const char *, const char *, const char *);
- static char *skip_spaces (char *);
- static char *skip_non_spaces (char *);
-@@ -1293,7 +1295,7 @@
- if (parsing_stdin)
- fatal ("cannot parse standard input "
- "AND read file names from it");
-- while (readline_internal (&filename_lb, stdin, "-") > 0)
-+ while (readline_internal (&filename_lb, stdin, "-", false) > 0)
- process_file_name (filename_lb.buffer, lang);
- }
- else
-@@ -1341,9 +1343,6 @@
- /* From here on, we are in (CTAGS && !cxref_style) */
- if (update)
- {
-- char *cmd =
-- xmalloc (strlen (tagfile) + whatlen_max +
-- sizeof "mv..OTAGS;fgrep -v '\t\t' OTAGS >;rm OTAGS");
- for (i = 0; i < current_arg; ++i)
- {
- switch (argbuffer[i].arg_type)
-@@ -1354,17 +1353,8 @@
- default:
- continue; /* the for loop */
- }
-- char *z = stpcpy (cmd, "mv ");
-- z = stpcpy (z, tagfile);
-- z = stpcpy (z, " OTAGS;fgrep -v '\t");
-- z = stpcpy (z, argbuffer[i].what);
-- z = stpcpy (z, "\t' OTAGS >");
-- z = stpcpy (z, tagfile);
-- strcpy (z, ";rm OTAGS");
-- if (system (cmd) != EXIT_SUCCESS)
-- fatal ("failed to execute shell command");
-+ clean_matched_file_tag (tagfile, argbuffer[i].what);
- }
-- free (cmd);
- append_to_tagfile = true;
- }
-
-@@ -1393,6 +1383,51 @@
- return EXIT_SUCCESS;
- }
-
-+/*
-+ * Equivalent to: mv tags OTAGS;grep -Fv ' filename ' OTAGS >tags;rm OTAGS
-+ */
-+static void
-+clean_matched_file_tag (const char* tagfile, const char* match_file_name)
-+{
-+ FILE *otags_f = fopen ("OTAGS", "wb");
-+ FILE *tag_f = fopen (tagfile, "rb");
-+
-+ if (otags_f == NULL)
-+ pfatal ("OTAGS");
-+
-+ if (tag_f == NULL)
-+ pfatal (tagfile);
-+
-+ int buf_len = strlen (match_file_name) + sizeof ("\t\t ") + 1;
-+ char *buf = xmalloc (buf_len);
-+ snprintf (buf, buf_len, "\t%s\t", match_file_name);
-+
-+ linebuffer line;
-+ linebuffer_init (&line);
-+ while (readline_internal (&line, tag_f, tagfile, true) > 0)
-+ {
-+ if (ferror (tag_f))
-+ pfatal (tagfile);
-+
-+ if (strstr (line.buffer, buf) == NULL)
-+ {
-+ fprintf (otags_f, "%s\n", line.buffer);
-+ if (ferror (tag_f))
-+ pfatal (tagfile);
-+ }
-+ }
-+ free (buf);
-+ free (line.buffer);
-+
-+ if (fclose (otags_f) == EOF)
-+ pfatal ("OTAGS");
-+
-+ if (fclose (tag_f) == EOF)
-+ pfatal (tagfile);
-+
-+ do_move_file ("OTAGS", tagfile);
-+ return;
-+}
-
- /*
- * Return a compressor given the file name. If EXTPTR is non-zero,
-@@ -1780,7 +1815,7 @@
-
- /* Else look for sharp-bang as the first two characters. */
- if (parser == NULL
-- && readline_internal (&lb, inf, infilename) > 0
-+ && readline_internal (&lb, inf, infilename, false) > 0
- && lb.len >= 2
- && lb.buffer[0] == '#'
- && lb.buffer[1] == '!')
-@@ -6059,7 +6094,7 @@
- if (regexfp == NULL)
- pfatal (regexfile);
- linebuffer_init (&regexbuf);
-- while (readline_internal (&regexbuf, regexfp, regexfile) > 0)
-+ while (readline_internal (&regexbuf, regexfp, regexfile, false) > 0)
- analyze_regex (regexbuf.buffer);
- free (regexbuf.buffer);
- if (fclose (regexfp) != 0)
-@@ -6391,11 +6426,13 @@
-
- /*
- * Read a line of text from `stream' into `lbp', excluding the
-- * newline or CR-NL, if any. Return the number of characters read from
-- * `stream', which is the length of the line including the newline.
-+ * newline or CR-NL (if `leave_cr` is false), if any. Return the
-+ * number of characters read from `stream', which is the length
-+ * of the line including the newline.
- *
-- * On DOS or Windows we do not count the CR character, if any before the
-- * NL, in the returned length; this mirrors the behavior of Emacs on those
-+ * On DOS or Windows, if `leave_cr` is false, we do not count the
-+ * CR character, if any before the NL, in the returned length;
-+ * this mirrors the behavior of Emacs on those
- * platforms (for text files, it translates CR-NL to NL as it reads in the
- * file).
- *
-@@ -6403,7 +6440,7 @@
- * appended to `filebuf'.
- */
- static long
--readline_internal (linebuffer *lbp, FILE *stream, char const *filename)
-+readline_internal (linebuffer *lbp, FILE *stream, char const *filename, const bool leave_cr)
- {
- char *buffer = lbp->buffer;
- char *p = lbp->buffer;
-@@ -6433,19 +6470,19 @@
- break;
- }
- if (c == '\n')
-- {
-- if (p > buffer && p[-1] == '\r')
-- {
-- p -= 1;
-- chars_deleted = 2;
-- }
-- else
-- {
-- chars_deleted = 1;
-- }
-- *p = '\0';
-- break;
-- }
-+ {
-+ if (!leave_cr && p > buffer && p[-1] == '\r')
-+ {
-+ p -= 1;
-+ chars_deleted = 2;
-+ }
-+ else
-+ {
-+ chars_deleted = 1;
-+ }
-+ *p = '\0';
-+ break;
-+ }
- *p++ = c;
- }
- lbp->len = p - buffer;
-@@ -6479,7 +6516,7 @@
- long result;
-
- linecharno = charno; /* update global char number of line start */
-- result = readline_internal (lbp, stream, infilename); /* read line */
-+ result = readline_internal (lbp, stream, infilename, false); /* read line */
- lineno += 1; /* increment global line number */
- charno += result; /* increment global char number */
-
-@@ -6839,6 +6876,46 @@
- return templt;
- }
-
-+static void
-+do_move_file(const char *src_file, const char *dst_file)
-+{
-+ if (rename (src_file, dst_file) == 0)
-+ return;
-+
-+ FILE *src_f = fopen (src_file, "rb");
-+ FILE *dst_f = fopen (dst_file, "wb");
-+
-+ if (src_f == NULL)
-+ pfatal (src_file);
-+
-+ if (dst_f == NULL)
-+ pfatal (dst_file);
-+
-+ int c;
-+ while ((c = fgetc (src_f)) != EOF)
-+ {
-+ if (ferror (src_f))
-+ pfatal (src_file);
-+
-+ if (ferror (dst_f))
-+ pfatal (dst_file);
-+
-+ if (fputc (c, dst_f) == EOF)
-+ pfatal ("cannot write");
-+ }
-+
-+ if (fclose (src_f) == EOF)
-+ pfatal (src_file);
-+
-+ if (fclose (dst_f) == EOF)
-+ pfatal (dst_file);
-+
-+ if (unlink (src_file) == -1)
-+ pfatal ("unlink error");
-+
-+ return;
-+}
-+
- /* Return a newly allocated string containing the file name of FILE
- relative to the absolute directory DIR (which should end with a slash). */
- static char *
diff --git a/emacs/25.3/05_all_etags-metachar.patch b/emacs/25.3/05_all_etags-metachar.patch
deleted file mode 100644
index 31ffc14..0000000
--- a/emacs/25.3/05_all_etags-metachar.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-Fix etags local command injection vulnerability (CVE-2022-48337)
-Backported from emacs-28 branch
-https://bugs.gentoo.org/897950
-https://debbugs.gnu.org/59817
-
-commit e339926272a598bd9ee7e02989c1662b89e64cf0
-Author: Xi Lu <lx@shellcodes.org>
-Date: Tue Dec 6 15:42:40 2022 +0800
-
- Fix etags local command injection vulnerability
-
---- emacs-25.3/lib-src/etags.c
-+++ emacs-25.3/lib-src/etags.c
-@@ -398,6 +398,7 @@
- static void put_entries (node *);
- static void clean_matched_file_tag (char const * const, char const * const);
-
-+static char *escape_shell_arg_string (char *);
- static void do_move_file (const char *, const char *);
- static char *concat (const char *, const char *, const char *);
- static char *skip_spaces (char *);
-@@ -1658,13 +1659,16 @@
- else
- {
- #if MSDOS || defined (DOS_NT)
-- char *cmd1 = concat (compr->command, " \"", real_name);
-- char *cmd = concat (cmd1, "\" > ", tmp_name);
-+ int buf_len = strlen (compr->command) + strlen (" \"\" > \"\"") + strlen (real_name) + strlen (tmp_name) + 1;
-+ char *cmd = xmalloc (buf_len);
-+ snprintf (cmd, buf_len, "%s \"%s\" > \"%s\"", compr->command, real_name, tmp_name);
- #else
-- char *cmd1 = concat (compr->command, " '", real_name);
-- char *cmd = concat (cmd1, "' > ", tmp_name);
-+ char *new_real_name = escape_shell_arg_string (real_name);
-+ char *new_tmp_name = escape_shell_arg_string (tmp_name);
-+ int buf_len = strlen (compr->command) + strlen (" > ") + strlen (new_real_name) + strlen (new_tmp_name) + 1;
-+ char *cmd = xmalloc (buf_len);
-+ snprintf (cmd, buf_len, "%s %s > %s", compr->command, new_real_name, new_tmp_name);
- #endif
-- free (cmd1);
- int tmp_errno;
- if (system (cmd) == -1)
- {
-@@ -6876,6 +6880,55 @@
- return templt;
- }
-
-+/*
-+ * Adds single quotes around a string, if found single quotes, escaped it.
-+ * Return a newly-allocated string.
-+ *
-+ * For example:
-+ * escape_shell_arg_string("test.txt") => 'test.txt'
-+ * escape_shell_arg_string("'test.txt") => ''\''test.txt'
-+ */
-+static char *
-+escape_shell_arg_string (char *str)
-+{
-+ char *p = str;
-+ int need_space = 2; /* ' at begin and end */
-+
-+ while (*p != '\0')
-+ {
-+ if (*p == '\'')
-+ need_space += 4; /* ' to '\'', length is 4 */
-+ else
-+ need_space++;
-+
-+ p++;
-+ }
-+
-+ char *new_str = xnew (need_space + 1, char);
-+ new_str[0] = '\'';
-+ new_str[need_space-1] = '\'';
-+
-+ int i = 1; /* skip first byte */
-+ p = str;
-+ while (*p != '\0')
-+ {
-+ new_str[i] = *p;
-+ if (*p == '\'')
-+ {
-+ new_str[i+1] = '\\';
-+ new_str[i+2] = '\'';
-+ new_str[i+3] = '\'';
-+ i += 3;
-+ }
-+
-+ i++;
-+ p++;
-+ }
-+
-+ new_str[need_space] = '\0';
-+ return new_str;
-+}
-+
- static void
- do_move_file(const char *src_file, const char *dst_file)
- {
diff --git a/emacs/25.3/06_all_htmlfontify.patch b/emacs/25.3/06_all_htmlfontify.patch
deleted file mode 100644
index 6870c0b..0000000
--- a/emacs/25.3/06_all_htmlfontify.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Fix htmlfontify.el command injection vulnerability (CVE-2022-48339)
-Backported from emacs-28 branch
-https://bugs.gentoo.org/897950
-https://debbugs.gnu.org/60295
-
-commit 807d2d5b3a7cd1d0e3f7dd24de22770f54f5ae16
-Author: Xi Lu <lx@shellcodes.org>
-Date: Sat Dec 24 16:28:54 2022 +0800
-
- Fix htmlfontify.el command injection vulnerability.
-
---- emacs-25.3/lisp/htmlfontify.el
-+++ emacs-25.3/lisp/htmlfontify.el
-@@ -1898,7 +1898,7 @@
-
- (defun hfy-text-p (srcdir file)
- "Is SRCDIR/FILE text? Uses `hfy-istext-command' to determine this."
-- (let* ((cmd (format hfy-istext-command (expand-file-name file srcdir)))
-+ (let* ((cmd (format hfy-istext-command (shell-quote-argument (expand-file-name file srcdir))))
- (rsp (shell-command-to-string cmd)))
- (string-match "text" rsp)))
-
diff --git a/emacs/26.3/07_all_configure-decl.patch b/emacs/26.3/07_all_configure-decl.patch
new file mode 100644
index 0000000..ac55b9f
--- /dev/null
+++ b/emacs/26.3/07_all_configure-decl.patch
@@ -0,0 +1,66 @@
+Fix implicit function declarations in configure.ac (XOpenDisplay, malloc)
+Backported from master branch
+https://bugs.gentoo.org/898304
+
+commit 6c1413d5ef0d1fea639b0d8c83a0c0065d99359b
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:49:25 2022 +0100
+
+ configure: Remove obsolete check for -b i486-linuxaout
+
+commit 121a9ff9f6fc69066ce30c2dbe6cbfbfdca6aeaa
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:51:08 2022 +0100
+
+ Fix alternate stack test in configure
+
+--- emacs-26.3/configure.ac
++++ emacs-26.3/configure.ac
+@@ -2421,39 +2421,6 @@
+ export LD_RUN_PATH
+ fi
+
+- if test "${opsys}" = "gnu-linux"; then
+- AC_CACHE_CHECK([whether X on GNU/Linux needs -b to link], [emacs_cv_b_link],
+- [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_first_failure=no],
+- [xgnu_linux_first_failure=yes])
+- if test "${xgnu_linux_first_failure}" = "yes"; then
+- OLD_CPPFLAGS="$CPPFLAGS"
+- OLD_LIBS="$LIBS"
+- CPPFLAGS="$CPPFLAGS -b i486-linuxaout"
+- LIBS="$LIBS -b i486-linuxaout"
+- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_second_failure=no],
+- [xgnu_linux_second_failure=yes])
+- if test "${xgnu_linux_second_failure}" = "yes"; then
+- # If we get the same failure with -b, there is no use adding -b.
+- # So leave it out. This plays safe.
+- emacs_cv_b_link=no
+- else
+- emacs_cv_b_link=yes
+- fi
+- CPPFLAGS=$OLD_CPPFLAGS
+- LIBS=$OLD_LIBS
+- else
+- emacs_cv_b_link=no
+- fi])
+- if test "x$emacs_cv_b_link" = xyes ; then
+- LD_SWITCH_X_SITE="$LD_SWITCH_X_SITE -b i486-linuxaout"
+- C_SWITCH_X_SITE="$C_SWITCH_X_SITE -b i486-linuxaout"
+- fi
+- fi
+-
+ # Reportedly, some broken Solaris systems have XKBlib.h but are missing
+ # header files included from there.
+ AC_CACHE_CHECK([for Xkb], [emacs_cv_xkb],
+@@ -4170,6 +4137,7 @@
+ [emacs_cv_alternate_stack],
+ [AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM([[#include <signal.h>
++ #include <stdlib.h>
+ ]],
+ [[stack_t ss;
+ struct sigaction sa;
diff --git a/emacs/26.3/08_all_org-remote-unsafe.patch b/emacs/26.3/08_all_org-remote-unsafe.patch
new file mode 100644
index 0000000..9124db5
--- /dev/null
+++ b/emacs/26.3/08_all_org-remote-unsafe.patch
@@ -0,0 +1,30 @@
+org-mode should consider remote files unsafe
+Backported from emacs-29 branch
+https://bugs.gentoo.org/927727
+
+commit 2bc865ace050ff118db43f01457f95f95112b877
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 14:59:20 2024 +0300
+
+ org-file-contents: Consider all remote files unsafe
+
+--- emacs-26.3/lisp/org/org.el
++++ emacs-26.3/lisp/org/org.el
+@@ -5297,12 +5297,16 @@ org-file-contents
+ If NOCACHE is non-nil, do a fresh fetch of FILE even if cached version
+ is available. This option applies only if FILE is a URL."
+ (let* ((is-url (org-file-url-p file))
++ (is-remote (condition-case nil
++ (file-remote-p file)
++ ;; In case of error, be safe.
++ (t t)))
+ (cache (and is-url
+ (not nocache)
+ (gethash file org--file-cache))))
+ (cond
+ (cache)
+- (is-url
++ ((or is-url is-remote)
+ (with-current-buffer (url-retrieve-synchronously file)
+ (goto-char (point-min))
+ ;; Move point to after the url-retrieve header.
diff --git a/emacs/27.2/08_all_configure-decl.patch b/emacs/27.2/08_all_configure-decl.patch
new file mode 100644
index 0000000..0e95515
--- /dev/null
+++ b/emacs/27.2/08_all_configure-decl.patch
@@ -0,0 +1,66 @@
+Fix implicit function declarations in configure.ac (XOpenDisplay, malloc)
+Backported from master branch
+https://bugs.gentoo.org/898304
+
+commit 6c1413d5ef0d1fea639b0d8c83a0c0065d99359b
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:49:25 2022 +0100
+
+ configure: Remove obsolete check for -b i486-linuxaout
+
+commit 121a9ff9f6fc69066ce30c2dbe6cbfbfdca6aeaa
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:51:08 2022 +0100
+
+ Fix alternate stack test in configure
+
+--- emacs-27.2/configure.ac
++++ emacs-27.2/configure.ac
+@@ -2505,39 +2505,6 @@
+ export LD_RUN_PATH
+ fi
+
+- if test "${opsys}" = "gnu-linux"; then
+- AC_CACHE_CHECK([whether X on GNU/Linux needs -b to link], [emacs_cv_b_link],
+- [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_first_failure=no],
+- [xgnu_linux_first_failure=yes])
+- if test "${xgnu_linux_first_failure}" = "yes"; then
+- OLD_CPPFLAGS="$CPPFLAGS"
+- OLD_LIBS="$LIBS"
+- CPPFLAGS="$CPPFLAGS -b i486-linuxaout"
+- LIBS="$LIBS -b i486-linuxaout"
+- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_second_failure=no],
+- [xgnu_linux_second_failure=yes])
+- if test "${xgnu_linux_second_failure}" = "yes"; then
+- # If we get the same failure with -b, there is no use adding -b.
+- # So leave it out. This plays safe.
+- emacs_cv_b_link=no
+- else
+- emacs_cv_b_link=yes
+- fi
+- CPPFLAGS=$OLD_CPPFLAGS
+- LIBS=$OLD_LIBS
+- else
+- emacs_cv_b_link=no
+- fi])
+- if test "x$emacs_cv_b_link" = xyes ; then
+- LD_SWITCH_X_SITE="$LD_SWITCH_X_SITE -b i486-linuxaout"
+- C_SWITCH_X_SITE="$C_SWITCH_X_SITE -b i486-linuxaout"
+- fi
+- fi
+-
+ # Reportedly, some broken Solaris systems have XKBlib.h but are missing
+ # header files included from there.
+ AC_CACHE_CHECK([for Xkb], [emacs_cv_xkb],
+@@ -4397,6 +4364,7 @@
+ [emacs_cv_alternate_stack],
+ [AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM([[#include <signal.h>
++ #include <stdlib.h>
+ ]],
+ [[stack_t ss;
+ struct sigaction sa;
diff --git a/emacs/27.2/09_all_untrusted-content.patch b/emacs/27.2/09_all_untrusted-content.patch
new file mode 100644
index 0000000..0ff1d36
--- /dev/null
+++ b/emacs/27.2/09_all_untrusted-content.patch
@@ -0,0 +1,84 @@
+New variable untrusted-content
+Backported from emacs-29 branch
+https://bugs.gentoo.org/927727
+
+commit ccc188fcf98ad9166ee551fac9d94b2603c3a51b
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:43:51 2024 +0300
+
+ * lisp/files.el (untrusted-content): New variable.
+
+commit 937b9042ad7426acdcca33e3d931d8f495bdd804
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:44:30 2024 +0300
+
+ * lisp/gnus/mm-view.el (mm-display-inline-fontify): Mark contents untrusted.
+
+commit 6f9ea396f49cbe38c2173e0a72ba6af3e03b271c
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:47:24 2024 +0300
+
+ org-latex-preview: Add protection when `untrusted-content' is non-nil
+
+--- emacs-27.2/lisp/files.el
++++ emacs-27.2/lisp/files.el
+@@ -588,6 +588,14 @@
+ Some modes may wish to set this to nil to prevent directory-local
+ settings being applied, but still respect file-local ones.")
+
++(defvar-local untrusted-content nil
++ "Non-nil means that current buffer originated from an untrusted source.
++Email clients and some other modes may set this non-nil to mark the
++buffer contents as untrusted.
++
++This variable might be subject to change without notice.")
++(put 'untrusted-content 'permanent-local t)
++
+ ;; This is an odd variable IMO.
+ ;; You might wonder why it is needed, when we could just do:
+ ;; (set (make-local-variable 'enable-local-variables) nil)
+--- emacs-27.2/lisp/gnus/mm-view.el
++++ emacs-27.2/lisp/gnus/mm-view.el
+@@ -466,6 +466,7 @@ mm-display-inline-fontify
+ (setq coding-system (mm-find-buffer-file-coding-system)))
+ (setq text (buffer-string))))
+ (with-temp-buffer
++ (setq untrusted-content t)
+ (buffer-disable-undo)
+ (mm-enable-multibyte)
+ (insert (cond ((eq charset 'gnus-decoded)
+--- emacs-27.2/lisp/org/org.el
++++ emacs-27.2/lisp/org/org.el
+@@ -1077,6 +1077,24 @@
+ :package-version '(Org . "8.0")
+ :type 'boolean)
+
++(defvar untrusted-content) ; defined in files.el
++(defvar org--latex-preview-when-risky nil
++ "If non-nil, enable LaTeX preview in Org buffers from unsafe source.
++
++Some specially designed LaTeX code may generate huge pdf or log files
++that may exhaust disk space.
++
++This variable controls how to handle LaTeX preview when rendering LaTeX
++fragments that originate from incoming email messages. It has no effect
++when Org mode is unable to determine the origin of the Org buffer.
++
++An Org buffer is considered to be from unsafe source when the
++variable `untrusted-content' has a non-nil value in the buffer.
++
++If this variable is non-nil, LaTeX previews are rendered unconditionally.
++
++This variable may be renamed or changed in the future.")
++
+ (defcustom org-insert-mode-line-in-empty-file nil
+ "Non-nil means insert the first line setting Org mode in empty files.
+ When the function `org-mode' is called interactively in an empty file, this
+@@ -15827,6 +15845,7 @@ org-latex-preview
+ (interactive "P")
+ (cond
+ ((not (display-graphic-p)) nil)
++ ((and untrusted-content (not org--latex-preview-when-risky)) nil)
+ ;; Clear whole buffer.
+ ((equal arg '(64))
+ (org-clear-latex-preview (point-min) (point-max))
diff --git a/emacs/27.2/10_all_org-remote-unsafe.patch b/emacs/27.2/10_all_org-remote-unsafe.patch
new file mode 100644
index 0000000..65f6a34
--- /dev/null
+++ b/emacs/27.2/10_all_org-remote-unsafe.patch
@@ -0,0 +1,30 @@
+org-mode should consider remote files unsafe
+Backported from emacs-29 branch
+https://bugs.gentoo.org/927727
+
+commit 2bc865ace050ff118db43f01457f95f95112b877
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 14:59:20 2024 +0300
+
+ org-file-contents: Consider all remote files unsafe
+
+--- emacs-27.2/lisp/org/org.el
++++ emacs-27.2/lisp/org/org.el
+@@ -4665,12 +4665,16 @@ org-file-contents
+ If NOCACHE is non-nil, do a fresh fetch of FILE even if cached version
+ is available. This option applies only if FILE is a URL."
+ (let* ((is-url (org-file-url-p file))
++ (is-remote (condition-case nil
++ (file-remote-p file)
++ ;; In case of error, be safe.
++ (t t)))
+ (cache (and is-url
+ (not nocache)
+ (gethash file org--file-cache))))
+ (cond
+ (cache)
+- (is-url
++ ((or is-url is-remote)
+ (with-current-buffer (url-retrieve-synchronously file)
+ (goto-char (point-min))
+ ;; Move point to after the url-retrieve header.
diff --git a/emacs/28.2/09_all_configure-decl.patch b/emacs/28.2/09_all_configure-decl.patch
new file mode 100644
index 0000000..1e86f54
--- /dev/null
+++ b/emacs/28.2/09_all_configure-decl.patch
@@ -0,0 +1,66 @@
+Fix implicit function declarations in configure.ac (XOpenDisplay, malloc)
+Backported from master branch
+https://bugs.gentoo.org/898304
+
+commit 6c1413d5ef0d1fea639b0d8c83a0c0065d99359b
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:49:25 2022 +0100
+
+ configure: Remove obsolete check for -b i486-linuxaout
+
+commit 121a9ff9f6fc69066ce30c2dbe6cbfbfdca6aeaa
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:51:08 2022 +0100
+
+ Fix alternate stack test in configure
+
+--- emacs-28.2/configure.ac
++++ emacs-28.2/configure.ac
+@@ -2491,39 +2491,6 @@
+ export LD_RUN_PATH
+ fi
+
+- if test "${opsys}" = "gnu-linux"; then
+- AC_CACHE_CHECK([whether X on GNU/Linux needs -b to link], [emacs_cv_b_link],
+- [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_first_failure=no],
+- [xgnu_linux_first_failure=yes])
+- if test "${xgnu_linux_first_failure}" = "yes"; then
+- OLD_CPPFLAGS="$CPPFLAGS"
+- OLD_LIBS="$LIBS"
+- CPPFLAGS="$CPPFLAGS -b i486-linuxaout"
+- LIBS="$LIBS -b i486-linuxaout"
+- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_second_failure=no],
+- [xgnu_linux_second_failure=yes])
+- if test "${xgnu_linux_second_failure}" = "yes"; then
+- # If we get the same failure with -b, there is no use adding -b.
+- # So leave it out. This plays safe.
+- emacs_cv_b_link=no
+- else
+- emacs_cv_b_link=yes
+- fi
+- CPPFLAGS=$OLD_CPPFLAGS
+- LIBS=$OLD_LIBS
+- else
+- emacs_cv_b_link=no
+- fi])
+- if test "x$emacs_cv_b_link" = xyes ; then
+- LD_SWITCH_X_SITE="$LD_SWITCH_X_SITE -b i486-linuxaout"
+- C_SWITCH_X_SITE="$C_SWITCH_X_SITE -b i486-linuxaout"
+- fi
+- fi
+-
+ # Reportedly, some broken Solaris systems have XKBlib.h but are missing
+ # header files included from there.
+ AC_CACHE_CHECK([for Xkb], [emacs_cv_xkb],
+@@ -4629,6 +4596,7 @@
+ [emacs_cv_alternate_stack],
+ [AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM([[#include <signal.h>
++ #include <stdlib.h>
+ ]],
+ [[stack_t ss;
+ struct sigaction sa;
diff --git a/emacs/28.2/10_all_org-macro-eval.patch b/emacs/28.2/10_all_org-macro-eval.patch
new file mode 100644
index 0000000..d3c8bb7
--- /dev/null
+++ b/emacs/28.2/10_all_org-macro-eval.patch
@@ -0,0 +1,35 @@
+Prevent code evaluation in org-macro--set-templates
+Backported from emacs-29 branch
+https://bugs.gentoo.org/927727
+
+commit befa9fcaae29a6c9a283ba371c3c5234c7f644eb
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:19:46 2024 +0300
+
+ org-macro--set-templates: Prevent code evaluation
+
+--- emacs-28.2/lisp/org/org-macro.el
++++ emacs-28.2/lisp/org/org-macro.el
+@@ -103,6 +103,13 @@ org-macro--set-templates
+ (let ((new-templates nil))
+ (pcase-dolist (`(,name . ,value) templates)
+ (let ((old-definition (assoc name new-templates)))
++ ;; This code can be evaluated unconditionally, as a part of
++ ;; loading Org mode. We *must not* evaluate any code present
++ ;; inside the Org buffer while loading. Org buffers may come
++ ;; from various sources, like received email messages from
++ ;; potentially malicious senders. Org mode might be used to
++ ;; preview such messages and no code evaluation from inside the
++ ;; received Org text should ever happen without user consent.
+ (when (and (stringp value) (string-match-p "\\`(eval\\>" value))
+ ;; Pre-process the evaluation form for faster macro expansion.
+ (let* ((args (org-macro--makeargs value))
+@@ -115,7 +122,7 @@ org-macro--set-templates
+ (cadr (read value))
+ (error
+ (user-error "Invalid definition for macro %S" name)))))
+- (setq value (eval (macroexpand-all `(lambda ,args ,body)) t))))
++ (setq value `(lambda ,args ,body))))
+ (cond ((and value old-definition) (setcdr old-definition value))
+ (old-definition)
+ (t (push (cons name (or value "")) new-templates)))))
diff --git a/emacs/28.2/11_all_untrusted-content.patch b/emacs/28.2/11_all_untrusted-content.patch
new file mode 100644
index 0000000..4cd20c0
--- /dev/null
+++ b/emacs/28.2/11_all_untrusted-content.patch
@@ -0,0 +1,84 @@
+New variable untrusted-content
+Backported from emacs-29 branch
+https://bugs.gentoo.org/927727
+
+commit ccc188fcf98ad9166ee551fac9d94b2603c3a51b
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:43:51 2024 +0300
+
+ * lisp/files.el (untrusted-content): New variable.
+
+commit 937b9042ad7426acdcca33e3d931d8f495bdd804
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:44:30 2024 +0300
+
+ * lisp/gnus/mm-view.el (mm-display-inline-fontify): Mark contents untrusted.
+
+commit 6f9ea396f49cbe38c2173e0a72ba6af3e03b271c
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 12:47:24 2024 +0300
+
+ org-latex-preview: Add protection when `untrusted-content' is non-nil
+
+--- emacs-28.2/lisp/files.el
++++ emacs-28.2/lisp/files.el
+@@ -623,6 +623,14 @@
+ Some modes may wish to set this to nil to prevent directory-local
+ settings being applied, but still respect file-local ones.")
+
++(defvar-local untrusted-content nil
++ "Non-nil means that current buffer originated from an untrusted source.
++Email clients and some other modes may set this non-nil to mark the
++buffer contents as untrusted.
++
++This variable might be subject to change without notice.")
++(put 'untrusted-content 'permanent-local t)
++
+ ;; This is an odd variable IMO.
+ ;; You might wonder why it is needed, when we could just do:
+ ;; (setq-local enable-local-variables nil)
+--- emacs-28.2/lisp/gnus/mm-view.el
++++ emacs-28.2/lisp/gnus/mm-view.el
+@@ -504,6 +504,7 @@ mm-display-inline-fontify
+ (setq coding-system (mm-find-buffer-file-coding-system)))
+ (setq text (buffer-string))))
+ (with-temp-buffer
++ (setq untrusted-content t)
+ (buffer-disable-undo)
+ (mm-enable-multibyte)
+ (insert (cond ((eq charset 'gnus-decoded)
+--- emacs-28.2/lisp/org/org.el
++++ emacs-28.2/lisp/org/org.el
+@@ -1092,6 +1092,24 @@
+ :package-version '(Org . "8.0")
+ :type 'boolean)
+
++(defvar untrusted-content) ; defined in files.el
++(defvar org--latex-preview-when-risky nil
++ "If non-nil, enable LaTeX preview in Org buffers from unsafe source.
++
++Some specially designed LaTeX code may generate huge pdf or log files
++that may exhaust disk space.
++
++This variable controls how to handle LaTeX preview when rendering LaTeX
++fragments that originate from incoming email messages. It has no effect
++when Org mode is unable to determine the origin of the Org buffer.
++
++An Org buffer is considered to be from unsafe source when the
++variable `untrusted-content' has a non-nil value in the buffer.
++
++If this variable is non-nil, LaTeX previews are rendered unconditionally.
++
++This variable may be renamed or changed in the future.")
++
+ (defcustom org-insert-mode-line-in-empty-file nil
+ "Non-nil means insert the first line setting Org mode in empty files.
+ When the function `org-mode' is called interactively in an empty file, this
+@@ -16000,6 +16018,7 @@ org-latex-preview
+ (interactive "P")
+ (cond
+ ((not (display-graphic-p)) nil)
++ ((and untrusted-content (not org--latex-preview-when-risky)) nil)
+ ;; Clear whole buffer.
+ ((equal arg '(64))
+ (org-clear-latex-preview (point-min) (point-max))
diff --git a/emacs/28.2/12_all_org-remote-unsafe.patch b/emacs/28.2/12_all_org-remote-unsafe.patch
new file mode 100644
index 0000000..7236589
--- /dev/null
+++ b/emacs/28.2/12_all_org-remote-unsafe.patch
@@ -0,0 +1,30 @@
+org-mode should consider remote files unsafe
+Backported from emacs-29 branch
+https://bugs.gentoo.org/927727
+
+commit 2bc865ace050ff118db43f01457f95f95112b877
+Author: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue Feb 20 14:59:20 2024 +0300
+
+ org-file-contents: Consider all remote files unsafe
+
+--- emacs-28.2/lisp/org/org.el
++++ emacs-28.2/lisp/org/org.el
+@@ -4705,12 +4705,16 @@ org-file-contents
+ If NOCACHE is non-nil, do a fresh fetch of FILE even if cached version
+ is available. This option applies only if FILE is a URL."
+ (let* ((is-url (org-url-p file))
++ (is-remote (condition-case nil
++ (file-remote-p file)
++ ;; In case of error, be safe.
++ (t t)))
+ (cache (and is-url
+ (not nocache)
+ (gethash file org--file-cache))))
+ (cond
+ (cache)
+- (is-url
++ ((or is-url is-remote)
+ (with-current-buffer (url-retrieve-synchronously file)
+ (goto-char (point-min))
+ ;; Move point to after the url-retrieve header.
diff --git a/emacs/29.1/01_all_xdisp-segfault.patch b/emacs/29.1/01_all_xdisp-segfault.patch
deleted file mode 100644
index 835185b..0000000
--- a/emacs/29.1/01_all_xdisp-segfault.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-Fix segmentation fault due to invalid mode-line-format
-Patch backported from master branch
-https://debbugs.gnu.org/64893
-
-commit 7ea3f39deec3d54914077455e70605a14eb7d200
-Author: Eli Zaretskii <eliz@gnu.org>
-Date: Thu Jul 27 15:34:38 2023 +0300
-
- Avoid crashes due to invalid 'mode-line-format'
-
- * src/xdisp.c (display_mode_element, redisplay_window_error):
- Don't take XCAR of what can be Qnil. (Bug#64893)
-
---- emacs-29.1/src/xdisp.c
-+++ emacs-29.1/src/xdisp.c
-@@ -17601,6 +17601,7 @@ redisplay_window_error (Lisp_Object erro
- if (max_redisplay_ticks > 0
- && CONSP (error_data)
- && EQ (XCAR (error_data), Qerror)
-+ && CONSP (XCDR (error_data))
- && STRINGP (XCAR (XCDR (error_data))))
- Vdelayed_warnings_list = Fcons (list2 (XCAR (error_data),
- XCAR (XCDR (error_data))),
-@@ -27091,7 +27092,7 @@ display_mode_element (struct it *it, int
-
- oprops = Fcopy_sequence (oprops);
- tem = props;
-- while (CONSP (tem))
-+ while (CONSP (tem) && CONSP (XCDR (tem)))
- {
- oprops = plist_put (oprops, XCAR (tem),
- XCAR (XCDR (tem)));
diff --git a/emacs/29.1/02_all_modeline.patch b/emacs/29.1/02_all_modeline.patch
deleted file mode 100644
index d51a79e..0000000
--- a/emacs/29.1/02_all_modeline.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Avoid spurious whitespace in the modeline
-Patch backported from master branch
-https://debbugs.gnu.org/58183
-
-commit 8c3338f6ba354218aee12c223d778be4180f892b
-Author: Ulrich Müller <ulm@gentoo.org>
-Date: Fri Jul 28 12:21:42 2023 +0200
-
- Avoid spurious whitespace in the modeline of emacsclient frames
-
- * lisp/bindings.el (mode-line-client): Compute 'help-echo text
- property in advance. (Bug#58183)
-
---- emacs-29/lisp/bindings.el
-+++ emacs-29/lisp/bindings.el
-@@ -226,9 +226,9 @@ mode-line-mule-info
- (put 'mode-line-mule-info 'risky-local-variable t)
-
- (defvar mode-line-client
-- `(""
-- (:propertize ("" (:eval (if (frame-parameter nil 'client) "@" "")))
-- help-echo ,(purecopy "emacsclient frame")))
-+ `(:eval
-+ (if (frame-parameter nil 'client)
-+ ,(propertize "@" 'help-echo (purecopy "emacsclient frame"))))
- "Mode line construct for identifying emacsclient frames.")
- ;; Autoload if this file no longer dumped.
- ;;;###autoload
diff --git a/emacs/29.1/03_all_zlib-inflate.patch b/emacs/29.1/03_all_zlib-inflate.patch
deleted file mode 100644
index b31847a..0000000
--- a/emacs/29.1/03_all_zlib-inflate.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Support decompressing pigz-compressed files
-Patch from master branch
-https://bugs.gentoo.org/911539
-https://debbugs.gnu.org/64893
-
-commit 46b6d175054e8f6bf7cb45e112048c0cf02bfee9
-Author: Amritpal Singh <sysgrammer@protonmail.com>
-Date: Fri Jun 2 10:51:21 2023 +0530
-
- Support files compressed by 'pigz'
-
---- a/src/decompress.c
-+++ b/src/decompress.c
-@@ -151,7 +151,7 @@
- return -1;
-
- accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx);
-- } while (!stream.avail_out);
-+ } while (stream.avail_in && !stream.avail_out);
-
- } while (res != Z_STREAM_END);
-
diff --git a/emacs/29.1/04_all_tree-sitter.patch b/emacs/29.1/04_all_tree-sitter.patch
deleted file mode 100644
index b49c542..0000000
--- a/emacs/29.1/04_all_tree-sitter.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Fix build failure with tree-sitter
-Patch from emacs-29 branch
-https://bugs.gentoo.org/911826
-https://debbugs.gnu.org/65123
-
-commit e1874c4e8bff165abc5c2e842b4381b65da67ebb
-Author: Eli Zaretskii <eliz@gnu.org>
-Date: Mon Aug 7 16:20:17 2023 +0300
-
- * configure.ac (HAVE_TREE_SITTER): Set NEED_DYNLIB=yes (bug#65123).
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -3254,6 +3254,7 @@ AC_DEFUN
- [HAVE_TREE_SITTER=yes], [HAVE_TREE_SITTER=no])
- if test "${HAVE_TREE_SITTER}" = yes; then
- AC_DEFINE(HAVE_TREE_SITTER, 1, [Define if using tree-sitter.])
-+ NEED_DYNLIB=yes
- else
- EMACS_CHECK_MODULES([TREE_SITTER], [tree-sitter >= 0.6.3],
- [HAVE_TREE_SITTER=yes], [HAVE_TREE_SITTER=no])
diff --git a/emacs/29.1/05_all_small-ja-dic.patch b/emacs/29.1/05_all_small-ja-dic.patch
deleted file mode 100644
index 117edbd..0000000
--- a/emacs/29.1/05_all_small-ja-dic.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-Regenerate Japanese dictionary with --with-small-ja-dic option
-Patch from emacs-29 branch
-https://debbugs.gnu.org/66125
-
-Also update the following generated files:
-* leim/small-ja-dic-option
-* lisp/leim/ja-dic/ja-dic.{el,elc}
-
-commit 7d5fee0feaa5740f3fbbfc6d5f13855bf58b9c25
-Author: Eli Zaretskii <eliz@gnu.org>
-Date: Sun Sep 24 15:30:01 2023 +0300
-
- Support regeneration of ja-dic.el under '--with-small-ja-dic'
-
---- a/.gitignore
-+++ b/.gitignore
-@@ -95,6 +95,7 @@ lisp/cedet/semantic/grammar-wy.el
- lisp/eshell/esh-groups.el
- lisp/finder-inf.el
- lisp/leim/ja-dic/
-+leim/small-ja-dic-option
- lisp/leim/leim-list.el
- lisp/leim/quail/4Corner.el
- lisp/leim/quail/ARRAY30.el
---- a/leim/Makefile.in
-+++ b/leim/Makefile.in
-@@ -26,6 +26,7 @@ SHELL =
- # Here are the things that we expect ../configure to edit.
- srcdir=@srcdir@
- top_builddir = @top_builddir@
-+top_srcdir = @top_srcdir@
-
- # Where the generated files go.
- leimdir = ${srcdir}/../lisp/leim
-@@ -134,9 +135,15 @@ ${leimdir}/leim-list.el:
-
- ${leimdir}/ja-dic/ja-dic.el: | $(leimdir)/ja-dic
-
-+# This is used to support regeneration of ja-dic when the SMALL_JA_DIC
-+# option is flipped by the configure-time option.
-+small-ja-dic-option: ../config.status
-+ $(AM_V_GEN)echo "Small ja-dic option: $(SMALL_JA_DIC)" > $@.$$$$ && \
-+ ${top_srcdir}/build-aux/move-if-change $@.$$$$ $@
-+
- .PHONY: generate-ja-dic
- generate-ja-dic: ${leimdir}/ja-dic/ja-dic.el
--${leimdir}/ja-dic/ja-dic.el: $(srcdir)/SKK-DIC/SKK-JISYO.L
-+${leimdir}/ja-dic/ja-dic.el: $(srcdir)/SKK-DIC/SKK-JISYO.L small-ja-dic-option
- $(AM_V_GEN)$(RUN_EMACS) -batch -l ja-dic-cnv \
- -f batch-skkdic-convert -dir "$(leimdir)/ja-dic" $(JA_DIC_NO_REDUCTION_OPTION) "$<"
-
---- a/lisp/international/ja-dic-cnv.el
-+++ b/lisp/international/ja-dic-cnv.el
-@@ -346,6 +346,8 @@ skkdic-convert
- (erase-buffer)
- (buffer-disable-undo)
- (generate-lisp-file-heading ja-dic-filename 'skkdic-convert :code nil)
-+ (insert (format ";; Generated with small ja-dic option: %s\n\n"
-+ (if no-reduction "no" "yes")))
- (insert ";; Original SKK dictionary file: "
- (file-relative-name (expand-file-name filename) dirname)
- "\n\n"
---- a/make-dist
-+++ b/make-dist
-@@ -357,6 +357,7 @@ possibly_non_vc_files=
- MANIFEST aclocal.m4 configure
- admin/charsets/jisx2131-filter
- src/config.in
-+ leim/small-ja-dic-option
- "$(
- find admin doc etc lisp \
- \( -name '*.el' -o -name '*.elc' -o -name '*.map' -o -name '*.stamp' \
---- /dev/null
-+++ b/leim/small-ja-dic-option
-@@ -0,0 +1 @@
-+Small ja-dic option: no
---- a/lisp/leim/ja-dic/ja-dic.el
-+++ b/lisp/leim/ja-dic/ja-dic.el
-@@ -3,6 +3,8 @@
-
- ;; This file is part of GNU Emacs.
-
-+;; Generated with small ja-dic option: no
-+
- ;; Original SKK dictionary file: ../../../leim/SKK-DIC/SKK-JISYO.L
-
- ;;; Start of the header of the original SKK dictionary.
---- a/lisp/leim/ja-dic/ja-dic.elc
-+++ b/lisp/leim/ja-dic/ja-dic.elc
-@@ -5,1 +5,1 @@
--
-+
diff --git a/emacs/29.1/06_all_sanity-check.patch b/emacs/29.2/01_all_sanity-check.patch
index 6509cf7..6509cf7 100644
--- a/emacs/29.1/06_all_sanity-check.patch
+++ b/emacs/29.2/01_all_sanity-check.patch
diff --git a/emacs/29.2/02_all_epg-gpmsm.patch b/emacs/29.2/02_all_epg-gpmsm.patch
new file mode 100644
index 0000000..646798c
--- /dev/null
+++ b/emacs/29.2/02_all_epg-gpmsm.patch
@@ -0,0 +1,38 @@
+Don't enable pinentry loopback mode for gpgsm
+Patch from master branch
+https://debbugs.gnu.org/67012
+
+commit e736a1b5a2aa2dd8dbaba32a408db70822fe434f
+Author: Ulrich Müller <ulm@gentoo.org>
+Date: Fri Nov 17 12:16:54 2023 +0100
+
+ Don't enable pinentry loopback mode for gpgsm
+
+--- a/doc/misc/epa.texi
++++ b/doc/misc/epa.texi
+@@ -640,6 +640,9 @@ GnuPG Pinentry
+ Emacs.
+ @end enumerate
+
++Note that loopback Pinentry does not work with @command{gpgsm},
++therefore EasyPG will ignore this setting for it.
++
+ There are other options available to use Emacs as Pinentry, you might
+ come across a Pinentry called @command{pinentry-emacs} or
+ @command{gpg-agent} option @code{allow-emacs-pinentry}. However,
+--- a/lisp/epg.el
++++ b/lisp/epg.el
+@@ -595,7 +595,12 @@ epg--start
+ (if (epg-context-textmode context) '("--textmode"))
+ (if (epg-context-output-file context)
+ (list "--output" (epg-context-output-file context)))
+- (if (epg-context-pinentry-mode context)
++ (if (and (epg-context-pinentry-mode context)
++ (not
++ ;; loopback doesn't work with gpgsm
++ (and (eq (epg-context-protocol context) 'CMS)
++ (eq (epg-context-pinentry-mode context)
++ 'loopback))))
+ (list "--pinentry-mode"
+ (symbol-name (epg-context-pinentry-mode
+ context))))
diff --git a/emacs/29.2/03_all_configure-decl.patch b/emacs/29.2/03_all_configure-decl.patch
new file mode 100644
index 0000000..dbee941
--- /dev/null
+++ b/emacs/29.2/03_all_configure-decl.patch
@@ -0,0 +1,52 @@
+Fix implicit function declaration in configure.ac (XOpenDisplay)
+Backported from master branch
+https://bugs.gentoo.org/898304
+
+commit 6c1413d5ef0d1fea639b0d8c83a0c0065d99359b
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Fri Dec 23 18:49:25 2022 +0100
+
+ configure: Remove obsolete check for -b i486-linuxaout
+
+--- emacs-29.2/configure.ac
++++ emacs-29.2/configure.ac
+@@ -2695,39 +2695,6 @@
+ export LD_RUN_PATH
+ fi
+
+- if test "${opsys}" = "gnu-linux"; then
+- AC_CACHE_CHECK([whether X on GNU/Linux needs -b to link], [emacs_cv_b_link],
+- [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_first_failure=no],
+- [xgnu_linux_first_failure=yes])
+- if test "${xgnu_linux_first_failure}" = "yes"; then
+- OLD_CPPFLAGS="$CPPFLAGS"
+- OLD_LIBS="$LIBS"
+- CPPFLAGS="$CPPFLAGS -b i486-linuxaout"
+- LIBS="$LIBS -b i486-linuxaout"
+- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
+- [[XOpenDisplay ("foo");]])],
+- [xgnu_linux_second_failure=no],
+- [xgnu_linux_second_failure=yes])
+- if test "${xgnu_linux_second_failure}" = "yes"; then
+- # If we get the same failure with -b, there is no use adding -b.
+- # So leave it out. This plays safe.
+- emacs_cv_b_link=no
+- else
+- emacs_cv_b_link=yes
+- fi
+- CPPFLAGS=$OLD_CPPFLAGS
+- LIBS=$OLD_LIBS
+- else
+- emacs_cv_b_link=no
+- fi])
+- if test "x$emacs_cv_b_link" = xyes ; then
+- LD_SWITCH_X_SITE="$LD_SWITCH_X_SITE -b i486-linuxaout"
+- C_SWITCH_X_SITE="$C_SWITCH_X_SITE -b i486-linuxaout"
+- fi
+- fi
+-
+ # Reportedly, some broken Solaris systems have XKBlib.h but are missing
+ # header files included from there.
+ AC_CACHE_CHECK([for Xkb], [emacs_cv_xkb],
diff --git a/emacs/29.3/01_all_sanity-check.patch b/emacs/29.3/01_all_sanity-check.patch
new file mode 100644
index 0000000..6509cf7
--- /dev/null
+++ b/emacs/29.3/01_all_sanity-check.patch
@@ -0,0 +1,13 @@
+https://bugs.gentoo.org/916180
+
+--- emacs-29.1/Makefile.in
++++ emacs-29.1/Makefile.in
+@@ -417,7 +417,7 @@
+
+ sanity-check:
+ @[ -f .no-advice-on-failure ] && exit 0; true
+- @v=$$(src/emacs${EXEEXT} --batch --eval \
++ @v=$$(src/emacs${EXEEXT} --batch --quick --eval \
+ '(progn (defun f (n) (if (= 0 n) 1 (* n (f (- n 1))))) (princ (f 10)))' \
+ 2> /dev/null); \
+ [ "X$$v" = "X3628800" ] && exit 0; \
diff --git a/emacs/29.3/02_all_epg-gpmsm.patch b/emacs/29.3/02_all_epg-gpmsm.patch
new file mode 100644
index 0000000..646798c
--- /dev/null
+++ b/emacs/29.3/02_all_epg-gpmsm.patch
@@ -0,0 +1,38 @@
+Don't enable pinentry loopback mode for gpgsm
+Patch from master branch
+https://debbugs.gnu.org/67012
+
+commit e736a1b5a2aa2dd8dbaba32a408db70822fe434f
+Author: Ulrich Müller <ulm@gentoo.org>
+Date: Fri Nov 17 12:16:54 2023 +0100
+
+ Don't enable pinentry loopback mode for gpgsm
+
+--- a/doc/misc/epa.texi
++++ b/doc/misc/epa.texi
+@@ -640,6 +640,9 @@ GnuPG Pinentry
+ Emacs.
+ @end enumerate
+
++Note that loopback Pinentry does not work with @command{gpgsm},
++therefore EasyPG will ignore this setting for it.
++
+ There are other options available to use Emacs as Pinentry, you might
+ come across a Pinentry called @command{pinentry-emacs} or
+ @command{gpg-agent} option @code{allow-emacs-pinentry}. However,
+--- a/lisp/epg.el
++++ b/lisp/epg.el
+@@ -595,7 +595,12 @@ epg--start
+ (if (epg-context-textmode context) '("--textmode"))
+ (if (epg-context-output-file context)
+ (list "--output" (epg-context-output-file context)))
+- (if (epg-context-pinentry-mode context)
++ (if (and (epg-context-pinentry-mode context)
++ (not
++ ;; loopback doesn't work with gpgsm
++ (and (eq (epg-context-protocol context) 'CMS)
++ (eq (epg-context-pinentry-mode context)
++ 'loopback))))
+ (list "--pinentry-mode"
+ (symbol-name (epg-context-pinentry-mode
+ context))))