GNU bug report logs - #57546
[PATCH core-updates] gnu: xz: Update to 5.2.6 [security fix].

Previous Next

Package: guix-patches;

Reported by: Greg Hogan <code <at> greghogan.com>

Date: Fri, 2 Sep 2022 17:24:01 UTC

Severity: normal

Tags: patch

Done: Marius Bakke <marius <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Marius Bakke <marius <at> gnu.org>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#57546: closed ([PATCH core-updates] gnu: xz: Update to 5.2.6
 [security fix].)
Date: Thu, 08 Sep 2022 19:53:02 +0000

[Message part 1 (text/plain, inline)]
Your message dated Thu, 08 Sep 2022 21:51:56 +0200
with message-id <87illxve3n.fsf <at> gnu.org>
and subject line Re: [bug#57546] [PATCH core-updates] gnu: xz: Update to 5.2.6 [security fix].
has caused the debbugs.gnu.org bug report #57546,
regarding [PATCH core-updates] gnu: xz: Update to 5.2.6 [security fix].
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
57546: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=57546
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Greg Hogan <code <at> greghogan.com>
To: guix-patches <at> gnu.org
Cc: Greg Hogan <code <at> greghogan.com>
Subject: [PATCH core-updates] gnu: xz: Update to 5.2.6 [security fix].
Date: Fri,  2 Sep 2022 17:22:57 +0000

Includes fix for CVE-2022-1271.

* gnu/packages/compression.scm (xz): Update to 5.2.6.
---
 gnu/packages/compression.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 9e0a132cfc..501db8f38b 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -484,7 +484,7 @@ (define-public pbzip2
 (define-public xz
   (package
    (name "xz")
-   (version "5.2.5")
+   (version "5.2.6")
    (source (origin
             (method url-fetch)
             (uri (list (string-append "http://tukaani.org/xz/xz-" version
@@ -493,7 +493,7 @@ (define-public xz
                                       version ".tar.gz")))
             (sha256
              (base32
-              "045s9agl3bpv3swlwydhgsqh7791957vmgw2plw8f1rks07r3x7n"))))
+              "185kj56a996d04d943xisvpifvnsbr7iplyf2nyjxkbvw6z5l452"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases
-- 
2.37.2




[Message part 3 (message/rfc822, inline)]
From: Marius Bakke <marius <at> gnu.org>
To: Greg Hogan <code <at> greghogan.com>, 57546-done <at> debbugs.gnu.org
Cc: Greg Hogan <code <at> greghogan.com>
Subject: Re: [bug#57546] [PATCH core-updates] gnu: xz: Update to 5.2.6
 [security fix].
Date: Thu, 08 Sep 2022 21:51:56 +0200

[Message part 4 (text/plain, inline)]
Greg Hogan <code <at> greghogan.com> skriver:

> Includes fix for CVE-2022-1271.
>
> * gnu/packages/compression.scm (xz): Update to 5.2.6.

Pushed in d4485c5af7b6f0412b5d536eff62d0c666a5dbe6, thanks!

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 2 years and 317 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.