summary refs log tree commit diff
path: root/gnu/packages/compression.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/compression.scm')
-rw-r--r--gnu/packages/compression.scm47
1 files changed, 22 insertions, 25 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 37da33908f..1f76f9ac1e 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1580,6 +1580,7 @@ recreates the stored directory structure by default.")
   (package
     (name "zziplib")
     (version "0.13.69")
+    (replacement zziplib/fixed)
     (home-page "https://github.com/gdraheim/zziplib")
     (source (origin
               (method git-fetch)
@@ -1617,21 +1618,29 @@ recreates the stored directory structure by default.")
     ;; files carry the Zlib license; see "docs/copying.html" for details.
     (license (list license:lgpl2.0+ license:mpl1.1))))
 
+(define zziplib/fixed
+  (package
+    (inherit zziplib)
+    (source (origin
+              (inherit (package-source zziplib))
+              (patches (search-patches "zziplib-CVE-2018-16548.patch"))))))
+
 (define-public libzip
   (package
     (name "libzip")
-    (version "1.5.2")
+    (version "1.6.1")
     (source (origin
               (method url-fetch)
               (uri (string-append
                     "https://libzip.org/download/libzip-" version ".tar.xz"))
               (sha256
                (base32
-                "1d53shcy7nvls5db573bbdlm25lfz1iw2zshng5f00cssi5lvpmk"))))
+                "0h9nsgkw0dk4srsvmz6xy6f9l4h815xn07j8h40l8gqvcxxaqpbh"))))
     (native-inputs
      `(("perl" ,perl)))
     (inputs
      `(("gnutls" ,gnutls)
+       ("liblzma" ,xz)
        ("openssl" ,openssl)
        ("zlib" ,zlib)))
     (build-system cmake-build-system)
@@ -1899,15 +1908,14 @@ decompression is a little bit slower.")
 (define-public upx
   (package
     (name "upx")
-    (version "3.94")
+    (version "3.96")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://github.com/upx/upx/releases/download/v"
-                                 version "/" name "-" version "-src.tar.xz"))
+                                 version "/upx-" version "-src.tar.xz"))
              (sha256
               (base32
-               "08anybdliqsbsl6x835iwzljahnm9i7v26icdjkcv33xmk6p5vw1"))
-             (patches (search-patches "upx-fix-CVE-2017-15056.patch"))))
+               "051pk5jk8fcfg5mpgzj43z5p4cn7jy5jbyshyn78dwjqr7slsxs7"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("perl" ,perl)))
@@ -1916,36 +1924,25 @@ decompression is a little bit slower.")
        ("zlib" ,zlib)))
     (arguments
      `(#:make-flags
-       (list "all"
-             ;; CHECK_WHITESPACE does not seem to work.
-             ;; See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/upx.
-             "CHECK_WHITESPACE=true")
+       (list "all")
        #:phases
        (modify-phases %standard-phases
-         (delete 'configure)
-         (delete 'check)
-         (delete 'install)
+         (delete 'configure)            ; no configure script
+         (delete 'check)                ; no test suite
          (add-before 'build 'patch-exec-bin-sh
            (lambda _
-             (substitute* (find-files "Makefile")
-               (("/bin/sh") (which "sh")))
-             (substitute* "src/Makefile"
+             (substitute* (list "Makefile"
+                                "src/Makefile")
                (("/bin/sh") (which "sh")))
              #t))
-         (add-after 'build 'install-upx
+         (replace 'install
            (lambda* (#:key outputs #:allow-other-keys)
              (let* ((out (assoc-ref outputs "out"))
-                   (bin (string-append out "/bin")))
+                    (bin (string-append out "/bin")))
                (mkdir-p bin)
                (copy-file "src/upx.out" (string-append bin "/upx")))
-             #t))
-         )))
+             #t)))))
     (home-page "https://upx.github.io/")
-    ;; CVE-2017-16869 is about Mach-O files which is not of a big concern for Guix.
-    ;; See https://github.com/upx/upx/issues/146 and
-    ;; https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-16869.
-    ;; The issue will be fixed after version 3.94.
-    (properties `((lint-hidden-cve . ("CVE-2017-16869"))))
     (synopsis "Compression tool for executables")
     (description
      "The Ultimate Packer for eXecutables (UPX) is an executable file