diff options
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/patches/libyaml-CVE-2014-9130.patch | 30 | ||||
-rw-r--r-- | gnu/packages/web.scm | 5 |
3 files changed, 2 insertions, 34 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index cdb1edbfb7..dfd25c7088 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1211,7 +1211,6 @@ dist_patch_DATA = \ %D%/packages/patches/xinetd-fix-fd-leak.patch \ %D%/packages/patches/xinetd-CVE-2013-4342.patch \ %D%/packages/patches/xmodmap-asprintf.patch \ - %D%/packages/patches/libyaml-CVE-2014-9130.patch \ %D%/packages/patches/zathura-plugindir-environment-variable.patch MISC_DISTRO_FILES = \ diff --git a/gnu/packages/patches/libyaml-CVE-2014-9130.patch b/gnu/packages/patches/libyaml-CVE-2014-9130.patch deleted file mode 100644 index 800358c0d6..0000000000 --- a/gnu/packages/patches/libyaml-CVE-2014-9130.patch +++ /dev/null @@ -1,30 +0,0 @@ -Fixes CVE-2014-9130 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 - -Upstream source: -https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2 - -# HG changeset patch -# User Kirill Simonov <xi@resolvent.net> -# Date 1417197312 21600 -# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2 -# Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33 -Removed invalid simple key assertion (thank to Jonathan Gray). - -diff --git a/src/scanner.c b/src/scanner.c ---- a/src/scanner.c -+++ b/src/scanner.c -@@ -1106,13 +1106,6 @@ - && parser->indent == (ptrdiff_t)parser->mark.column); - - /* -- * A simple key is required only when it is the first token in the current -- * line. Therefore it is always allowed. But we add a check anyway. -- */ -- -- assert(parser->simple_key_allowed || !required); /* Impossible. */ -- -- /* - * If the current position may start a simple key, save it. - */ - diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 19058de2d3..aaf8505ef4 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -1025,17 +1025,16 @@ hash/signatures.") (define-public libyaml (package (name "libyaml") - (version "0.1.6") + (version "0.1.7") (source (origin (method url-fetch) (uri (string-append "http://pyyaml.org/download/libyaml/yaml-" version ".tar.gz")) - (patches (search-patches "libyaml-CVE-2014-9130.patch")) (sha256 (base32 - "0j9731s5zjb8mjx7wzf6vh7bsqi38ay564x6s9nri2nh9cdrg9kx")))) + "0a87931cx5m14a1x8rbjix3nz7agrcgndf4h392vm62a4rby9240")))) (build-system gnu-build-system) (home-page "http://pyyaml.org/wiki/LibYAML") (synopsis "YAML 1.1 parser and emitter written in C") |