GNU bug report logs -
#74035
[PATCH 00/24] [security fixes] for near-leaf packages
Previous Next
Reported by: Nicolas Graves <ngraves <at> ngraves.fr>
Date: Sat, 26 Oct 2024 22:34:02 UTC
Severity: normal
Tags: patch
Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
This fixes CVE-2023-29479 and CVE-2023-29480.
* gnu/packages/openpgp.scm (rnp): Update to 0.17.1.
[arguments]: Improve style using gexps.
<#:phases>: Add phase 'inject-sexpp-source.
[inputs]: Add sexpp.
---
gnu/packages/openpgp.scm | 52 +++++++++++++++++++++++-----------------
1 file changed, 30 insertions(+), 22 deletions(-)
diff --git a/gnu/packages/openpgp.scm b/gnu/packages/openpgp.scm
index 356908ab1f..baf786c5ee 100644
--- a/gnu/packages/openpgp.scm
+++ b/gnu/packages/openpgp.scm
@@ -23,6 +23,7 @@ (define-module (gnu packages openpgp)
#:use-module (guix git-download)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix gexp)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages)
#:use-module (gnu packages check)
@@ -98,10 +99,10 @@ (define-public dkgpg
(license license:gpl2+)))
(define-public rnp
- (let ((day-of-release "2022-09-22"))
+ (let ((day-of-release "2024-05-14"))
(package
(name "rnp")
- (version "0.16.2")
+ (version "0.17.1")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -110,33 +111,40 @@ (define-public rnp
(file-name (git-file-name name version))
(sha256
(base32
- "13z5kxm48a72w4m2crwgdjdng4a4pwxsd72r2z3a4pcakfp2swi8"))))
+ "052872b6a88vkcc58alxcm532y6dra5qqd997jga41v72h3pnj4d"))))
(build-system cmake-build-system)
- (arguments `(#:configure-flags
- '("-DBUILD_SHARED_LIBS=on"
- "-DBUILD_TESTING=on"
- "-DDOWNLOAD_GTEST=off"
- "-DDOWNLOAD_RUBYRNP=off")
- #:phases
- (modify-phases %standard-phases
- (add-after 'unpack 'patch-tests
- (lambda _
- (substitute* "src/tests/support.cpp"
- (("\"cp\"") (search-input-file inputs "/bin/cp")))))
- (replace 'check
- (lambda* (#:key tests? #:allow-other-keys)
- (when tests?
- ;; Some OpenPGP certificates used by the tests expire.
- ;; To work around that, set the time to roughly the
- ;; release date.
- (invoke "faketime" ,day-of-release "make" "test")))))))
+ (arguments
+ (list
+ #:configure-flags
+ ''("-DBUILD_SHARED_LIBS=on"
+ "-DBUILD_TESTING=on"
+ "-DDOWNLOAD_GTEST=off"
+ "-DDOWNLOAD_RUBYRNP=off")
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'patch-tests
+ (lambda _
+ (substitute* "src/tests/support.cpp"
+ (("\"cp\"") (search-input-file inputs "/bin/cp")))))
+ (add-after 'unpack 'inject-sexpp-source
+ (lambda _
+ (rmdir "src/libsexpp")
+ (symlink #$(package-source (this-package-input "sexpp"))
+ "src/libsexpp")))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ ;; Some OpenPGP certificates used by the tests expire.
+ ;; To work around that, set the time to roughly the
+ ;; release date.
+ (invoke "faketime" #$day-of-release "make" "test")))))))
(native-inputs
(list gnupg ; for tests
googletest ; for tests
libfaketime ; for tests
pkg-config
python))
- (inputs (list botan bzip2 json-c zlib))
+ (inputs (list botan bzip2 json-c sexpp zlib))
(synopsis
"RFC4880-compliant OpenPGP library written in C++")
(description
--
2.46.0
This bug report was last modified 192 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.