#76819 - [PATCH v7 00/35] Add lint-hidden-cpe-vendors property

GNU bug report logs - #76819
[PATCH v7 00/35] Add lint-hidden-cpe-vendors property

Reported by: Nicolas Graves <ngraves <at> ngraves.fr>

Date: Fri, 7 Mar 2025 18:36:01 UTC

Severity: normal

Tags: patch

View this message in rfc822 format

From: Nicolas Graves <ngraves <at> ngraves.fr> To: 76819 <at> debbugs.gnu.org Cc: ludo <at> gnu.org, Nicolas Graves <ngraves <at> ngraves.fr> Subject: [bug#76819] [PATCH v7 00/35] Add lint-hidden-cpe-vendors property Date: Fri, 7 Mar 2025 19:32:40 +0100

I hope it's good this time! I've also added some new security fixes on top. Nicolas Graves (20): gnu: got: Add lint-hidden-cpe-vendors property. gnu: tinyxml: Fix CVE-2023-34194. gnu: wayvnc: Update to 0.9.1. gnu: neatvnc: Update to 0.9.4. gnu: opus: Add lint-hidden-cve property. gnu: jq: Add lint-hidden-cve property. gnu: highlight: Add lint-hidden-cpe-vendors property. gnu: yasm: Refresh package definition. gnu: music: Add lint-hidden-cpe-vendors property. gnu: indent: Update to 2.2.13-0.1737c92. gnu: snappy: Add cpe-name property. gnu: zchunk: Update to 1.5.1. gnu: dash: Add lint-hidden-cpe-vendors property. gnu: git: Use lint-hidden-cpe-vendors. gnu: soil: Add lint-hidden-cpe-vendors property. gnu: re2c: Update to 4.1. gnu: libconfuse: Patch CVE-2022-40320. gnu: libxls: Update to 1.6.3. gnu: ruby-git: Update to 3.0.0. gnu: yajl: Patch CVE-2023-33460. Nicolas Graves via Guix-patches via (15): cve: Add cpe-vendor and lint-hidden-cpe-vendors properties. gnu: halibut: Add cpe-vendor property. gnu: portfolio: Update to 1.0.1. gnu: folders: Add lint-hidden-cpe-vendors property. gnu: spectra: Add lint-hidden-cpe-vendors property. gnu: express: Add lint-hidden-cpe-vendors property. gnu: cli: Add lint-hidden-cpe-vendors property. gnu: h2c: Add lint-hidden-cpe-vendors property. gnu: xenon: Update to 0.9.3. gnu: bolt: Update to 0.9.8. gnu: bwm-ng: Add lint-hidden-cpe-vendors property. gnu: onedrive: Update to 2.5.2. gnu: dex: Update to 0.10.1. gnu: immer: Add lint-hidden-cpe-vendors property. gnu: cvs: Add lint-hidden-cpe-vendors property. gnu/local.mk | 4 +- gnu/packages/algebra.scm | 1 + gnu/packages/assembly.scm | 5 +- gnu/packages/bioinformatics.scm | 4 +- gnu/packages/code.scm | 66 +++++--- gnu/packages/compression.scm | 7 +- gnu/packages/cpp.scm | 2 + gnu/packages/curl.scm | 1 + gnu/packages/documentation.scm | 14 +- gnu/packages/esolangs.scm | 1 + gnu/packages/gl.scm | 3 +- gnu/packages/gnome-xyz.scm | 5 +- gnu/packages/linux.scm | 16 +- gnu/packages/networking.scm | 1 + .../patches/indent-CVE-2024-0911.patch | 61 ------- .../patches/libconfuse-CVE-2022-40320.patch | 38 +++++ .../patches/tinyxml-CVE-2023-34194.patch | 28 +++ .../patches/yajl-CVE-2023-33460.patch | 38 +++++ gnu/packages/pretty-print.scm | 3 +- gnu/packages/re2c.scm | 4 +- gnu/packages/ruby.scm | 4 +- gnu/packages/shells.scm | 3 +- gnu/packages/statistics.scm | 4 +- gnu/packages/sync.scm | 5 +- gnu/packages/textutils.scm | 4 +- gnu/packages/version-control.scm | 22 +-- gnu/packages/vnc.scm | 8 +- gnu/packages/web.scm | 9 +- gnu/packages/xdisorg.scm | 17 +- gnu/packages/xiph.scm | 5 +- gnu/packages/xml.scm | 3 +- guix/cve.scm | 160 +++++++++++------- guix/lint.scm | 10 +- tests/cve.scm | 14 +- 34 files changed, 350 insertions(+), 220 deletions(-) delete mode 100644 gnu/packages/patches/indent-CVE-2024-0911.patch create mode 100644 gnu/packages/patches/libconfuse-CVE-2022-40320.patch create mode 100644 gnu/packages/patches/tinyxml-CVE-2023-34194.patch create mode 100644 gnu/packages/patches/yajl-CVE-2023-33460.patch -- 2.48.1

This bug report was last modified 99 days ago.

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #76819 [PATCH v7 00/35] Add lint-hidden-cpe-vendors property

GNU bug report logs - #76819
[PATCH v7 00/35] Add lint-hidden-cpe-vendors property