gnu: upx: Update to 3.96.

* gnu/packages/compression.scm (upx): Update to 3.96. [source]: Remove patch. [arguments]: Remove CHECK_WHITESPACE work-around. [properties]: Remove obsolete hidden CVE. * gnu/packages/patches/upx-fix-CVE-2017-15056.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
author: Tobias Geerinckx-Rice <me@tobias.gr> 2020-02-17 04:55:47 +0100
committer: Tobias Geerinckx-Rice <me@tobias.gr> 2020-02-17 05:14:29 +0100
commit: f5255ed3d3689c793b87939d30df7e2e3443b004 (patch)
tree: e26b90d6b2e46ca0fcae1077ca103890759ddfbb /gnu/packages/compression.scm
parent: de5bc83cd3245d76c8769e14cd1d6fb5256de28b (diff)
download: guix-f5255ed3d3689c793b87939d30df7e2e3443b004.tar.gz
1 files changed, 3 insertions, 12 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index a65e320a9b..3f4b99bfcf 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1903,15 +1903,14 @@ decompression is a little bit slower.")
 (define-public upx
   (package
     (name "upx")
-    (version "3.94")
+    (version "3.96")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://github.com/upx/upx/releases/download/v"
                                  version "/upx-" version "-src.tar.xz"))
              (sha256
               (base32
-               "08anybdliqsbsl6x835iwzljahnm9i7v26icdjkcv33xmk6p5vw1"))
-             (patches (search-patches "upx-fix-CVE-2017-15056.patch"))))
+               "051pk5jk8fcfg5mpgzj43z5p4cn7jy5jbyshyn78dwjqr7slsxs7"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("perl" ,perl)))
@@ -1920,10 +1919,7 @@ decompression is a little bit slower.")
        ("zlib" ,zlib)))
     (arguments
      `(#:make-flags
-       (list "all"
-             ;; CHECK_WHITESPACE does not seem to work.
-             ;; See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/upx.
-             "CHECK_WHITESPACE=true")
+       (list "all")
        #:phases
        (modify-phases %standard-phases
          (delete 'configure)
@@ -1945,11 +1941,6 @@ decompression is a little bit slower.")
              #t))
          )))
     (home-page "https://upx.github.io/")
-    ;; CVE-2017-16869 is about Mach-O files which is not of a big concern for Guix.
-    ;; See https://github.com/upx/upx/issues/146 and
-    ;; https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-16869.
-    ;; The issue will be fixed after version 3.94.
-    (properties `((lint-hidden-cve . ("CVE-2017-16869"))))
     (synopsis "Compression tool for executables")
     (description
      "The Ultimate Packer for eXecutables (UPX) is an executable file
author	Tobias Geerinckx-Rice <me@tobias.gr>	2020-02-17 04:55:47 +0100
committer	Tobias Geerinckx-Rice <me@tobias.gr>	2020-02-17 05:14:29 +0100
commit	f5255ed3d3689c793b87939d30df7e2e3443b004 (patch)
tree	e26b90d6b2e46ca0fcae1077ca103890759ddfbb /gnu/packages/compression.scm
parent	de5bc83cd3245d76c8769e14cd1d6fb5256de28b (diff)
download	guix-f5255ed3d3689c793b87939d30df7e2e3443b004.tar.gz