07/10: gnu: upx: Update to 4.2.4.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

07/10: gnu: upx: Update to 4.2.4.

From:	guix-commits
Subject:	07/10: gnu: upx: Update to 4.2.4.
Date:	Wed, 6 Nov 2024 17:14:03 -0500 (EST)

civodul pushed a commit to branch master
in repository guix.

commit 3553c7f4feea3e3b3b418ec1e66ab64b4c1db48d
Author: Nicolas Graves <ngraves@ngraves.fr>
AuthorDate: Sun Oct 27 19:31:32 2024 +0100

    gnu: upx: Update to 4.2.4.
    
    * gnu/packages/compression.scm (upx): Update to 4.2.4.
    [properties]: Add lint-hidden-cve property.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>
---
 gnu/packages/compression.scm | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 7627717db6..b3eca16191 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -2438,15 +2438,14 @@ decompression is a little bit slower.")
 (define-public upx
   (package
     (name "upx")
-    (version "4.1.0")
+    (version "4.2.4")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://github.com/upx/upx/releases/download/v";
                            version "/upx-" version "-src.tar.xz"))
        (sha256
-        (base32
-         "1l273pwa573x9l3izw75cz8ysn2g8w8w3s56rahppa3ya65zg0h5"))))
+        (base32 "1i71p03861hlf5x1w217l67zm5inm449zhbg6kpv8zyj0wb5dmjy"))))
     (build-system cmake-build-system)
     (home-page "https://upx.github.io/";)
     (synopsis "Compression tool for executables")
@@ -2455,6 +2454,8 @@ decompression is a little bit slower.")
 compressor.  UPX typically reduces the file size of programs and shared
 libraries by around 50%--70%, thus reducing disk space, network load times,
 download times, and other distribution and storage costs.")
+    ;; These CVEs have been fixed since 4.0.2 but are still linted.
+    (properties `((lint-hidden-cve . ("CVE-2023-23456" "CVE-2023-23457"))))
     (license license:gpl2+)))
 
 (define-public quazip-0

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (ba9466481d -> f0ac12fa1a), guix-commits, 2024/11/06
- 03/10: gnu: librewolf: Update to 132.0-1 [security fixes]., guix-commits, 2024/11/06
- 06/10: gnu: libgda: Rename patch for guix lint., guix-commits, 2024/11/06
- 01/10: gnu: openmpix: Add dependency on zlib., guix-commits, 2024/11/06
- 02/10: gnu: nss-rapid: Update to 3.105., guix-commits, 2024/11/06
- 04/10: gnu: emacs-eldev: Update to 1.10.3., guix-commits, 2024/11/06
- 09/10: gnu: openvswitch: Update to 3.4.0., guix-commits, 2024/11/06
- 10/10: gnu: quagga: Fix build and hide CVE., guix-commits, 2024/11/06
- 08/10: gnu: sylpheed: Add release-monitoring-url property., guix-commits, 2024/11/06
- 07/10: gnu: upx: Update to 4.2.4., guix-commits <=
- 05/10: gnu: gerbv: Add lint-hidden-cve property., guix-commits, 2024/11/06

Prev by Date: 08/10: gnu: sylpheed: Add release-monitoring-url property.
Next by Date: 05/10: gnu: gerbv: Add lint-hidden-cve property.
Previous by thread: 08/10: gnu: sylpheed: Add release-monitoring-url property.
Next by thread: 05/10: gnu: gerbv: Add lint-hidden-cve property.
Index(es):
- Date
- Thread