diff options
| author | Mark H Weaver <mhw@netris.org> | 2014-12-30 14:13:20 -0500 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2014-12-30 14:48:13 -0500 |
| commit | c7bdc7ece5650be75314dc302f3cdcf02806857b (patch) | |
| tree | a9e7d038daf6e113e79d50255c0143c3719a4cbb /gnu/packages/cpio.scm | |
| parent | 1c69e4ce3f33242ee8d209b8078fc78a73355446 (diff) | |
| download | guix-c7bdc7ece5650be75314dc302f3cdcf02806857b.tar.gz | |
gnu: cpio: Add fixes for CVE-2014-9112.
* gnu/packages/patches/cpio-CVE-2014-9112-pt1.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt2.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt3.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt4.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/cpio.scm (cpio): Add patches. Add 'autoconf' to native-inputs.
Diffstat (limited to 'gnu/packages/cpio.scm')
| -rw-r--r-- | gnu/packages/cpio.scm | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/gnu/packages/cpio.scm b/gnu/packages/cpio.scm index eff146ded5..87f85d00e8 100644 --- a/gnu/packages/cpio.scm +++ b/gnu/packages/cpio.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org> +;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,6 +20,7 @@ (define-module (gnu packages cpio) #:use-module (guix licenses) #:use-module (gnu packages) + #:use-module (gnu packages autotools) #:use-module (guix packages) #:use-module (guix download) #:use-module (guix build-system gnu)) @@ -34,8 +36,19 @@ (sha256 (base32 "1gavgpzqwgkpagjxw72xgxz52y1ifgz0ckqh8g7cckz7jvyhp0mv")) - (patches (list (search-patch "cpio-gets-undeclared.patch"))))) + (patches (list (search-patch "cpio-CVE-2014-9112-pt1.patch") + (search-patch "cpio-CVE-2014-9112-pt2.patch") + (search-patch "cpio-CVE-2014-9112-pt3.patch") + (search-patch "cpio-CVE-2014-9112-pt4.patch") + (search-patch "cpio-CVE-2014-9112-pt5.patch") + (search-patch "cpio-gets-undeclared.patch"))))) (build-system gnu-build-system) + + ;; FIXME: autoconf is needed to run autom4te, to update to test suite + ;; after the CVE-2014-9112 patches. Remove this when cpio is + ;; updated to post-2.11. + (native-inputs `(("autoconf" ,autoconf))) + (home-page "https://www.gnu.org/software/cpio/") (synopsis "Manage cpio and tar file archives") (description |