GNU bug report logs -
#74050
[PATCH 0/6] Add lint-hidden-cve property for near-leaf packages.
Previous Next
Reported by: Nicolas Graves <ngraves <at> ngraves.fr>
Date: Sun, 27 Oct 2024 18:26:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #23 received at 74050 <at> debbugs.gnu.org (full text, mbox):
* gnu/packages/networking.scm (quagga)
[inputs]: Add libxcrypt.
[properties]: Add lint-hidden-cve property.
---
gnu/packages/networking.scm | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 67584be64b..910299a0a6 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -3139,7 +3139,7 @@ (define-public quagga
(delete-file "vtysh/extract.pl")))))
(build-system gnu-build-system)
(native-inputs (list gawk gcc-9 pkg-config perl dejagnu))
- (inputs (list readline c-ares))
+ (inputs (list c-ares libxcrypt readline))
(synopsis "Routing Software Suite")
(description "Quagga is a routing software suite, providing implementations
of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms.
@@ -3150,6 +3150,10 @@ (define-public quagga
clients which typically implement a routing protocol and communicate routing
updates to the zebra daemon.")
(home-page "https://www.nongnu.org/quagga/")
+ ;; This CVE concerns systemd services files that we currently don't use.
+ ;; If we were to use them, a fixing patch can be found here:
+ ;; https://build.opensuse.org/request/show/1035188
+ (properties '((lint-hidden-cve . ("CVE-2021-44038"))))
(license license:gpl2+)))
(define-public bgpq3
--
2.46.0
This bug report was last modified 278 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.