GNU bug report logs -
#74035
[PATCH 00/24] [security fixes] for near-leaf packages
Previous Next
Reported by: Nicolas Graves <ngraves <at> ngraves.fr>
Date: Sat, 26 Oct 2024 22:34:02 UTC
Severity: normal
Tags: patch
Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Nicolas Graves via Guix-patches via <guix-patches <at> gnu.org> writes:
> This fixes CVE-2021-40153 and CVE-2021-41072.
>
> * gnu/packages/compression.scm (squashfs-tools): Update to 4.6.1.
> [arguments]: Improve style.
> <#:make-flags>: Add INSTALL_MANPAGES_DIR value.
> <#:phases>: Remove phase 'install-documentation. Add phase
> 'patch-generated-source-shebangs.
> [native-inputs]: Add coreutils-minimal, help2man, which.
> [inputs]: Rewrite.
> ---
> gnu/packages/compression.scm | 52 ++++++++++++++++++------------------
> 1 file changed, 26 insertions(+), 26 deletions(-)
>
> diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
> index 97696ff0ef..7627717db6 100644
> --- a/gnu/packages/compression.scm
> +++ b/gnu/packages/compression.scm
> @@ -1023,7 +1023,7 @@ (define-public lz4
> (define-public squashfs-tools
> (package
> (name "squashfs-tools")
> - (version "4.5")
> + (version "4.6.1")
> (source
> (origin
> (method git-fetch)
> @@ -1032,34 +1032,34 @@ (define-public squashfs-tools
> (commit version)))
> (file-name (git-file-name name version))
> (sha256
> - (base32 "18d4nwa22vgb8j2badngjngw63f0lj501cvlh3920wqy2mqxwav6"))))
> + (base32 "14nisidxx2d2qivyv7xfcg59qkj4fjiniir7nvymazdsng63gcr1"))))
> (build-system gnu-build-system)
> (arguments
> - `(#:tests? #f ; no check target
> - #:make-flags
> - (list (string-append "CC=" ,(cc-for-target))
> - "XZ_SUPPORT=1"
> - "LZO_SUPPORT=1"
> - "LZ4_SUPPORT=1"
> - "ZSTD_SUPPORT=1"
> - (string-append "INSTALL_DIR=" (assoc-ref %outputs "out") "/bin"))
> - #:phases
> - (modify-phases %standard-phases
> - (replace 'configure
> - (lambda _
> - (chdir "squashfs-tools")))
> - (add-after 'install 'install-documentation
> - ;; Install what very little usage documentation is provided.
> - (lambda* (#:key outputs #:allow-other-keys)
> - (let* ((out (assoc-ref outputs "out"))
> - (doc (string-append out "/share/doc/" ,name)))
> - (install-file "../USAGE" doc)))))))
> + (list
> + #:tests? #f ; no check target
> + #:make-flags
> + #~(list
> + (string-append "CC=" #$(cc-for-target))
> + "XZ_SUPPORT=1"
> + "LZO_SUPPORT=1"
> + "LZ4_SUPPORT=1"
> + "ZSTD_SUPPORT=1"
> + (string-append "INSTALL_DIR=" #$output "/bin")
> + (string-append "INSTALL_MANPAGES_DIR=" #$output "/share/man/man1"))
> + #:phases
> + #~(modify-phases %standard-phases
> + (replace 'configure
> + (lambda _
> + (chdir "squashfs-tools")))
> + (add-after 'patch-source-shebangs 'patch-generated-source-shebangs
> + (lambda _
> + (substitute* (find-files "generate-manpages" "\\.sh")
> + (("print \"#!/bin/sh")
> + (string-append "print \"#!" (which "sh")))))))))
> + (native-inputs
> + (list coreutils-minimal help2man which))
> (inputs
> - `(("lz4" ,lz4)
> - ("lzo" ,lzo)
> - ("xz" ,xz)
> - ("zlib" ,zlib)
> - ("zstd:lib" ,zstd "lib")))
> + (list lz4 lzo xz zlib `(,zstd "lib")))
> (home-page "https://github.com/plougher/squashfs-tools")
> (synopsis "Tools to create and extract squashfs file systems")
> (description
apply
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 192 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.