GNU bug report logs -
#74984
[PATCH] gnu: age: Patch for security vulnerability
Previous Next
Reported by: Ashish SHUKLA <ashish.is <at> lostca.se>
Date: Thu, 19 Dec 2024 23:00:02 UTC
Severity: normal
Tags: patch
Done: Hilton Chain <hako <at> ultrarare.space>
Bug is archived. No further changes may be made.
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
See https://github.com/advisories/GHSA-32gq-x56h-299c
* gnu/packages/golang-crypto.scm (go-filippo-io-age): [source]
<patches> Add a patch.
Change-Id: I2cf58e864446589d9016415f2400f74797f0f87e
---
gnu/packages/golang-crypto.scm | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/golang-crypto.scm b/gnu/packages/golang-crypto.scm
index 0fd96eaa54..dc290635c1 100644
--- a/gnu/packages/golang-crypto.scm
+++ b/gnu/packages/golang-crypto.scm
@@ -44,6 +44,7 @@ (define-module (gnu packages golang-crypto)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix build-system go)
#:use-module (guix gexp)
+ #:use-module (guix download)
#:use-module (guix git-download)
#:use-module (guix packages)
#:use-module (guix utils)
@@ -133,7 +134,14 @@ (define-public go-filippo-io-age
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "1dms32lxqgjipmlisng7dmy1sdw0qscj43x9lmpadyzbzc64lhrv"))))
+ (base32 "1dms32lxqgjipmlisng7dmy1sdw0qscj43x9lmpadyzbzc64lhrv"))
+ (patches
+ (list
+ ;; https://github.com/advisories/GHSA-32gq-x56h-299c
+ (origin
+ (method url-fetch)
+ (uri "https://github.com/FiloSottile/age/commit/482cf6fc9babd3ab06f6606762aac10447222201.patch")
+ (sha256 (base32 "19lkq2xbv3l0sxp7z9r7qgdi2v18bkaqg9kkyvc3qzyk5nsk56j6")))))))
(build-system go-build-system)
(arguments
(list
base-commit: 07b4b1d055c36c6c61d39273c26974771dbfe805
--
2.47.1
This bug report was last modified 153 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.