summary refs log tree commit diff
path: root/gnu/packages/backup.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/backup.scm')
-rw-r--r--gnu/packages/backup.scm23
1 files changed, 17 insertions, 6 deletions
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 0a2e9b1b90..257dabfe2c 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -135,7 +135,8 @@ backups (called chunks) to allow easy burning to CD/DVD.")
 (define-public libarchive
   (package
     (name "libarchive")
-    (version "3.2.1")
+    (replacement libarchive/fixed)
+    (version "3.1.2")
     (source
      (origin
        (method url-fetch)
@@ -143,7 +144,12 @@ backups (called chunks) to allow easy burning to CD/DVD.")
                            version ".tar.gz"))
        (sha256
         (base32
-         "1lngng84k1kkljl74q0cdqc3s82vn2kimfm02dgm4d6m7x71mvkj"))))
+         "0pixqnrcf35dnqgv0lp7qlcw7k13620qkhgxr288v7p4iz6ym1zb"))
+       (patches
+        (search-patches "libarchive-mtree-filename-length-fix.patch"
+                        "libarchive-fix-lzo-test-case.patch"
+                        "libarchive-CVE-2013-0211.patch"
+                        "libarchive-bsdtar-test.patch"))))
     (build-system gnu-build-system)
     ;; TODO: Add -L/path/to/nettle in libarchive.pc.
     (inputs
@@ -174,10 +180,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
                 (zero? (system* "./libarchive_test" "^test_*_disk*"))
                 (zero? (system* "./bsdcpio_test" "^test_owner_parse"))
                 (zero? (system* "./bsdtar_test"))))
-         %standard-phases))
-       ;; libarchive/test/test_write_format_gnutar_filenames.c needs to be
-       ;; compiled with C99 or C11 or a gnu variant.
-       #:configure-flags '("CFLAGS=-O2 -g -std=c99")))
+         %standard-phases))))
     (home-page "http://libarchive.org/")
     (synopsis "Multi-format archive and compression library")
     (description
@@ -190,6 +193,14 @@ archive.  In particular, note that there is currently no built-in support for
 random access nor for in-place modification.")
     (license license:bsd-2)))
 
+(define libarchive/fixed
+  (package
+    (inherit libarchive)
+    (source (origin
+              (inherit (package-source libarchive))
+              (patches (cons (search-patch "libarchive-CVE-2016-1541.patch")
+                             (origin-patches (package-source libarchive))))))))
+
 (define-public rdup
   (package
     (name "rdup")
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-22 15:36:29 +0000