diff options
| -rw-r--r-- | gnu/local.mk | 1 | ||||
| -rw-r--r-- | gnu/packages/compression.scm | 9 | ||||
| -rw-r--r-- | gnu/packages/patches/lrzip-CVE-2017-8842.patch | 23 |
3 files changed, 5 insertions, 28 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 5588cda2e1..33da7b979a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1328,7 +1328,6 @@ dist_patch_DATA = \ %D%/packages/patches/llvm-9-fix-scev-miscompilation.patch \ %D%/packages/patches/lm-sensors-hwmon-attrs.patch \ %D%/packages/patches/lrcalc-includes.patch \ - %D%/packages/patches/lrzip-CVE-2017-8842.patch \ %D%/packages/patches/lsh-fix-x11-forwarding.patch \ %D%/packages/patches/lsof-fatal-test-failures.patch \ %D%/packages/patches/lua-CVE-2014-5461.patch \ diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index 89107141ec..1db8b093a3 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -31,6 +31,7 @@ ;;; Copyright © 2020 Guillaume Le Vaillant <glv@posteo.net> ;;; Copyright © 2020 Léo Le Bouter <lle-bout@zaclys.net> ;;; Copyright © 2021 Antoine Côté <antoine.cote@posteo.net> +;;; Copyright © 2021 Vincent Legoll <vincent.legoll@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -1109,16 +1110,15 @@ human-readable output.") (define-public lrzip (package (name "lrzip") - (version "0.631") + (version "0.640") (source (origin (method url-fetch) (uri (string-append - "http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.bz2")) + "http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.xz")) (sha256 (base32 - "0mb449vmmwpkalq732jdyginvql57nxyd31sszb108yps1lf448d")) - (patches (search-patches "lrzip-CVE-2017-8842.patch")))) + "175466drfpz8rsfr0pzfn5rqrj3wmcmcs3i2sfmw366w2kbjm4j9")))) (build-system gnu-build-system) (native-inputs `(;; nasm is only required when building for 32-bit x86 platforms @@ -1129,6 +1129,7 @@ human-readable output.") ("perl" ,perl))) (inputs `(("bzip2" ,bzip2) + ("lz4" ,lz4) ("lzo" ,lzo) ("zlib" ,zlib))) (home-page "http://ck.kolivas.org/apps/lrzip/") diff --git a/gnu/packages/patches/lrzip-CVE-2017-8842.patch b/gnu/packages/patches/lrzip-CVE-2017-8842.patch deleted file mode 100644 index 89b4f2f5d9..0000000000 --- a/gnu/packages/patches/lrzip-CVE-2017-8842.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 38386bd482c0a8102a79958cb3eddcb97a167ca3 Mon Sep 17 00:00:00 2001 -From: Con Kolivas <kernel@kolivas.org> -Date: Fri, 9 Mar 2018 17:39:40 +1100 -Subject: [PATCH] CVE-2017-8842 Fix divide-by-zero in bufRead::get - ---- - libzpaq/libzpaq.h | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/libzpaq/libzpaq.h b/libzpaq/libzpaq.h -index 93387da..cbe211d 100644 ---- a/libzpaq/libzpaq.h -+++ b/libzpaq/libzpaq.h -@@ -465,7 +465,8 @@ struct bufRead: public libzpaq::Reader { - - int get() { - if (progress && !(*s_len % 128)) { -- int pct = (total_len - *s_len) * 100 / total_len; -+ int pct = (total_len > 0) ? -+ (total_len - *s_len) * 100 / total_len : 100; - - if (pct / 10 != *last_pct / 10) { - int i; |