01/05: gnu: file: Update to 5.20.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/05: gnu: file: Update to 5.20.

From:	Ludovic Court�s
Subject:	01/05: gnu: file: Update to 5.20.
Date:	Sat, 22 Nov 2014 11:52:38 +0000

civodul pushed a commit to branch core-updates
in repository guix.

commit 0253ab39794ce5d9cf051ac70c632c378a732d8e
Author: Ludovic Courtès <address@hidden>
Date:   Sat Nov 22 12:24:41 2014 +0100

    gnu: file: Update to 5.20.
    
    * gnu/packages/file.scm (file): Update to 5.20.
      (file-5.20): Remove.
    * gnu/packages/patches/file-CVE-2014-3587.patch: Remove.
    * gnu-system.am (dist_patch_DATA): Adjust accordingly.
    * gnu/packages/patchutils.scm (quilt): Use FILE instead of FILE-5.20.
    * gnu/packages/version-control.scm (aegis): Ditto.
---
 gnu-system.am                                 |    1 -
 gnu/packages/file.scm                         |   26 +++++++-----------------
 gnu/packages/patches/file-CVE-2014-3587.patch |   16 ---------------
 gnu/packages/patchutils.scm                   |    2 +-
 gnu/packages/version-control.scm              |    2 +-
 5 files changed, 10 insertions(+), 37 deletions(-)

diff --git a/gnu-system.am b/gnu-system.am
index d3b822c..246f52a 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -340,7 +340,6 @@ dist_patch_DATA =                                           
\
   gnu/packages/patches/duplicity-piped-password.patch          \
   gnu/packages/patches/duplicity-test_selection-tmp.patch      \
   gnu/packages/patches/eudev-rules-directory.patch             \
-  gnu/packages/patches/file-CVE-2014-3587.patch                        \
   gnu/packages/patches/findutils-absolute-paths.patch          \
   gnu/packages/patches/flashrom-use-libftdi1.patch             \
   gnu/packages/patches/flex-bison-tests.patch                  \
diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm
index 070695e..7d8504b 100644
--- a/gnu/packages/file.scm
+++ b/gnu/packages/file.scm
@@ -27,14 +27,14 @@
 (define-public file
   (package
    (name "file")
-   (version "5.19")
-   (source (origin
-            (method url-fetch)
-            (uri (string-append "ftp://ftp.astron.com/pub/file/file-";
-                   version ".tar.gz"))
-            (sha256 (base32
-                     "0z1sgrcfy6d285kj5izy1yypf371bjl3247plh9ppk0svaxv714l"))
-            (patches (list (search-patch "file-CVE-2014-3587.patch")))))
+    (version "5.20")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "ftp://ftp.astron.com/pub/file/file-";
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "0iyjs9z8kp43gz7gva4j67h4p0n53f7q8x3ibai9s01sp3xnphsv"))))
    (build-system gnu-build-system)
 
    ;; When cross-compiling, this package depends upon a native install of
@@ -50,13 +50,3 @@ of the file.")
    (license bsd-2)
    (home-page "http://www.darwinsys.com/file/";)))
 
-(define-public file-5.20                          ;fix for CVE-2014-3710
-  (package (inherit file)
-    (version "5.20")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append "ftp://ftp.astron.com/pub/file/file-";
-                                  version ".tar.gz"))
-              (sha256
-               (base32
-                "0iyjs9z8kp43gz7gva4j67h4p0n53f7q8x3ibai9s01sp3xnphsv"))))))
diff --git a/gnu/packages/patches/file-CVE-2014-3587.patch 
b/gnu/packages/patches/file-CVE-2014-3587.patch
deleted file mode 100644
index cf88bf5..0000000
--- a/gnu/packages/patches/file-CVE-2014-3587.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-Fixes CVE-2014-3587.  Copied from upstream commit
-0641e56be1af003aa02c7c6b0184466540637233.
-
---- file-5.19/src/cdf.c.orig   2014-06-09 09:04:37.000000000 -0400
-+++ file-5.19/src/cdf.c        2014-08-26 11:55:23.887118898 -0400
-@@ -824,6 +824,10 @@
-               q = (const uint8_t *)(const void *)
-                   ((const char *)(const void *)p + ofs
-                   - 2 * sizeof(uint32_t));
-+              if (q < p) {
-+                      DPRINTF(("Wrapped around %p < %p\n", q, p));
-+                      goto out;
-+              }
-               if (q > e) {
-                       DPRINTF(("Ran of the end %p > %p\n", q, e));
-                       goto out;
diff --git a/gnu/packages/patchutils.scm b/gnu/packages/patchutils.scm
index 3dbf724..48f4d29 100644
--- a/gnu/packages/patchutils.scm
+++ b/gnu/packages/patchutils.scm
@@ -96,7 +96,7 @@ listing the files modified by a patch.")
     (build-system gnu-build-system)
     (inputs `(("perl" ,perl)
               ("less" ,less)
-              ("file" ,file-5.20)                 ;work around CVE-2014-3710
+              ("file" ,file)
               ("ed" ,ed)))
     (arguments
      '(#:parallel-tests? #f
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 931297c..0b52f0c 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -507,7 +507,7 @@ accessed and migrated on modern systems.")
     (inputs
      `(("e2fsprogs" ,e2fsprogs)
        ("curl" ,curl)
-       ("file" ,file-5.20)                        ;work around CVE-2014-3710
+       ("file" ,file)
        ("libxml2" ,libxml2)
        ("zlib" ,zlib)
        ("gettext" ,gnu-gettext)))

[Prev in Thread]

Current Thread

[Next in Thread]

branch core-updates created (now 50b87bd), Ludovic Court�s, 2014/11/22
- 04/05: utils: Add 'elf-file?'., Ludovic Court�s, 2014/11/22
- 05/05: build-system/gnu: Strip only ELF files., Ludovic Court�s, 2014/11/22
- 01/05: gnu: file: Update to 5.20., Ludovic Court�s <=
- 02/05: gnu: pkg-config: Update to 0.28., Ludovic Court�s, 2014/11/22
- 03/05: utils: Export 'parallel-job-count'., Ludovic Court�s, 2014/11/22

Prev by Date: 05/05: build-system/gnu: Strip only ELF files.
Next by Date: 02/05: gnu: pkg-config: Update to 0.28.
Previous by thread: 05/05: build-system/gnu: Strip only ELF files.
Next by thread: 02/05: gnu: pkg-config: Update to 0.28.
Index(es):
- Date
- Thread