GNU bug report logs -
#69007
diffoscope: Update to 256. [security fixes]
Previous Next
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
The attached patch updates diffoscope to 256, which contains a security
fix for directory traversals when using gpg.
Both diffoscope and it's dependent, reprotest, still build fine!
I am not sure what the expedited process for security updates are, but
if there is anything I can do, please let me know!
live well,
vagrant
[0001-gnu-diffoscope-Update-to-256.-security-fixes.patch (text/x-diff, inline)]
From 9dcababcf0e94ddab30de91054e04400b263879c Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant <at> debian.org>
Date: Fri, 9 Feb 2024 12:58:57 -0800
Subject: [PATCH] gnu: diffoscope: Update to 256. [security fixes]
Fixes: https://salsa.debian.org/reproducible-builds/diffoscope/-/issues/361
* gnu/packages/diffoscope.scm (diffoscope): Update to 256.
---
gnu/packages/diffoscope.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/diffoscope.scm b/gnu/packages/diffoscope.scm
index 626ac00425..f4d271f690 100644
--- a/gnu/packages/diffoscope.scm
+++ b/gnu/packages/diffoscope.scm
@@ -74,7 +74,7 @@ (define-module (gnu packages diffoscope)
(define-public diffoscope
(package
(name "diffoscope")
- (version "255")
+ (version "256")
(source
(origin
(method git-fetch)
@@ -83,7 +83,7 @@ (define-public diffoscope
(commit version)))
(file-name (git-file-name name version))
(sha256
- (base32 "07mkmwp3ni2dh5w5q2vxkc588l5dabcly3jrd8ic62318si7d400"))))
+ (base32 "1sdg314a3hp2kv492130p8w7j8mlhymij7h2rndm4q7gqrshp6jf"))))
(build-system python-build-system)
(arguments
(list
base-commit: 513755d64debb44096f21e323a5b89a7a597d2ca
--
2.39.2
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 1 year and 105 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.