GNU bug report logs - #74035
[PATCH 00/24] [security fixes] for near-leaf packages

Previous Next

Package: guix-patches;

Reported by: Nicolas Graves <ngraves <at> ngraves.fr>

Date: Sat, 26 Oct 2024 22:34:02 UTC

Severity: normal

Tags: patch

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Zheng Junjie <zhengjunjie <at> iscas.ac.cn>
To: 74035 <at> debbugs.gnu.org
Cc: ngraves <at> ngraves.fr
Subject: [bug#74035] [PATCH v2 17/26] gnu: gifsicle: Update to 1.95. [security fixes]
Date: Mon, 04 Nov 2024 19:58:54 +0800

[Message part 1 (text/plain, inline)]
Nicolas Graves via Guix-patches via <guix-patches <at> gnu.org> writes:

> This fixes CVE-2023-44821 and CVE-2023-46009.
>
> * gnu/packages/image.scm (gifsicle): Update to 1.95.
> ---
>  gnu/packages/image.scm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
> index 7f17c71aef..0d6593dc21 100644
> --- a/gnu/packages/image.scm
> +++ b/gnu/packages/image.scm
> @@ -2172,14 +2172,14 @@ (define-public swappy
>  (define-public gifsicle
>    (package
>     (name "gifsicle")
> -   (version "1.94")
> +   (version "1.95")
>     (source
>       (origin
>         (method url-fetch)
>         (uri (string-append "https://www.lcdf.org/gifsicle/gifsicle-"
>                             version ".tar.gz"))
>         (sha256
> -        (base32 "16zq5wd6fyjgy0p0mak15k3mh1zpqb9rg6gqfpg215kqq02p1jab"))))
> +        (base32 "0l69gn562l7a1l10zz1bfs756ipd682idgpk60qs3llz013icwdj"))))
>     (build-system gnu-build-system)
>     (arguments
>      '(#:phases
apply, and build from git source, use g-expressions.

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 247 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.