GNU bug report logs - #74035
[PATCH 00/24] [security fixes] for near-leaf packages

Previous Next

Full log

Message #164 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Z572 <zhengjunjie <at> iscas.ac.cn>
To: Nicolas Graves via Guix-patches via <guix-patches <at> gnu.org>
Cc: Nicolas Graves <ngraves <at> ngraves.fr>, 74035 <at> debbugs.gnu.org
Subject: Re: [bug#74035] [PATCH v2 25/26] gnu: cjson: Update to 1.7.18.
 [security fixes]
Date: Mon, 04 Nov 2024 17:39:24 +0800

[Message part 1 (text/plain, inline)]

Nicolas Graves via Guix-patches via <guix-patches <at> gnu.org> writes:

> This fixes CVE-2023-50471 and CVE-2023-50472.
>
> * gnu/packages/javascript.scm (cjson): Update to 1.7.18.
> ---
>  gnu/packages/javascript.scm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/javascript.scm b/gnu/packages/javascript.scm
> index 4f97dcfef6..b48acf47dc 100644
> --- a/gnu/packages/javascript.scm
> +++ b/gnu/packages/javascript.scm
> @@ -49,7 +49,7 @@ (define-module (gnu packages javascript)
>  (define-public cjson
>    (package
>      (name "cjson")
> -    (version "1.7.16")
> +    (version "1.7.18")
>      (source (origin
>                (method git-fetch)
>                (uri (git-reference
> @@ -57,7 +57,7 @@ (define-public cjson
>                      (commit (string-append "v" version))))
>                (file-name (git-file-name name version))
>                (sha256
> -               (base32 "00599lzzb0vszk317n0gln7wizdpchy4warxgpj3khrir73pphbb"))))
> +               (base32 "08p37q4i3za3dgz7wynma1fh8y4rq7pyzyjzcda710nxrmsm1pyv"))))
>      (build-system cmake-build-system)
>      (arguments
>       `(#:configure-flags '("-DENABLE_CJSON_UTILS=On")))

apply

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.