TakeV/guix
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

gnu: lrzip: Update to 0.640.

Browse source 
* gnu/packages/compression.scm (lrzip): Update to 0.640.
[source]: Remove obsolete patch 'lrzip-CVE-2017-8842.patch'.
[inputs]: Add lz4.
* gnu/packages/patches/lrzip-CVE-2017-8842.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.

Signed-off-by: Leo Famulari <leo@famulari.name>
This commit is contained in:
Vincent Legoll 2021-02-19 18:46:46 +01:00 committed by Leo Famulari
parent 291cf6ede5
commit 51697aab42
No known key found for this signature in database
GPG key ID: 2646FA30BACA7F08
3 changed files with 5 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
gnu/local.mk
View file

@ -1328,7 +1328,6 @@ dist_patch_DATA = \
%D%/packages/patches/llvm-9-fix-scev-miscompilation.patch \
%D%/packages/patches/lm-sensors-hwmon-attrs.patch \
%D%/packages/patches/lrcalc-includes.patch \
%D%/packages/patches/lrzip-CVE-2017-8842.patch \
%D%/packages/patches/lsh-fix-x11-forwarding.patch \
%D%/packages/patches/lsof-fatal-test-failures.patch \
%D%/packages/patches/lua-CVE-2014-5461.patch \

9
gnu/packages/compression.scm
View file

@ -31,6 +31,7 @@
;;; Copyright © 2020 Guillaume Le Vaillant <glv@posteo.net>
;;; Copyright © 2020 Léo Le Bouter <lle-bout@zaclys.net>
;;; Copyright © 2021 Antoine Côté <antoine.cote@posteo.net>
;;; Copyright © 2021 Vincent Legoll <vincent.legoll@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -1109,16 +1110,15 @@ (define-public xdelta
(define-public lrzip
(package
(name "lrzip")
(version "0.631")
(version "0.640")
(source
(origin
(method url-fetch)
(uri (string-append
"http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.bz2"))
"http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.xz"))
(sha256
(base32
"0mb449vmmwpkalq732jdyginvql57nxyd31sszb108yps1lf448d"))
(patches (search-patches "lrzip-CVE-2017-8842.patch"))))
"175466drfpz8rsfr0pzfn5rqrj3wmcmcs3i2sfmw366w2kbjm4j9"))))
(build-system gnu-build-system)
(native-inputs
`(;; nasm is only required when building for 32-bit x86 platforms
@ -1129,6 +1129,7 @@ (define-public lrzip
("perl" ,perl)))
(inputs
`(("bzip2" ,bzip2)
("lz4" ,lz4)
("lzo" ,lzo)
("zlib" ,zlib)))
(home-page "http://ck.kolivas.org/apps/lrzip/")

23
gnu/packages/patches/lrzip-CVE-2017-8842.patch
View file

@ -1,23 +0,0 @@
From 38386bd482c0a8102a79958cb3eddcb97a167ca3 Mon Sep 17 00:00:00 2001
From: Con Kolivas <kernel@kolivas.org>
Date: Fri, 9 Mar 2018 17:39:40 +1100
Subject: [PATCH] CVE-2017-8842 Fix divide-by-zero in bufRead::get
---
libzpaq/libzpaq.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libzpaq/libzpaq.h b/libzpaq/libzpaq.h
index 93387da..cbe211d 100644
--- a/libzpaq/libzpaq.h
+++ b/libzpaq/libzpaq.h
@@ -465,7 +465,8 @@ struct bufRead: public libzpaq::Reader {
int get() {
if (progress && !(*s_len % 128)) {
- int pct = (total_len - *s_len) * 100 / total_len;
+ int pct = (total_len > 0) ?
+ (total_len - *s_len) * 100 / total_len : 100;
if (pct / 10 != *last_pct / 10) {
int i;