diff options
author | Léo Le Bouter <lle-bout@zaclys.net> | 2021-03-30 02:10:19 +0200 |
---|---|---|
committer | Léo Le Bouter <lle-bout@zaclys.net> | 2021-03-30 02:21:25 +0200 |
commit | 9feef62b73e284e106717a386624d6da90750a3d (patch) | |
tree | 48886275eeca43c4dc5f4f53d6ca29a5c0c7745e /gnu/packages/compression.scm | |
parent | aae012e91e66e3edcc486db7bd4939fb34ed3b24 (diff) |
gnu: zstd: Downgrade to 1.4.4 and make security graft saner.
* gnu/packages/patches/zstd-CVE-2021-24031_CVE-2021-24032.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (zstd-1.4.9): Remove.
(zstd/fixed): New variable. Apply patch.
(zstd)[replacement]: Graft with zstd/fixed.
Diffstat (limited to 'gnu/packages/compression.scm')
-rw-r--r-- | gnu/packages/compression.scm | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index ef73e6038b..5ed4b4ce98 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1409,7 +1409,7 @@ or junctions, and always follows hard links.") "v" version "/zstd-" version ".tar.gz")) (sha256 (base32 "05ckxap00qvc0j51d3ci38150cxsw82w7s9zgd5fgzspnzmp1vsr")))) - (replacement zstd-1.4.9) + (replacement zstd/fixed) (build-system gnu-build-system) (outputs '("out" ;1.2MiB executables and documentation "lib" ;1.2MiB shared library and headers @@ -1469,21 +1469,16 @@ speed.") license:public-domain ; zlibWrapper/examples/fitblk* license:zlib)))) ; zlibWrapper/{gz*.c,gzguts.h} -(define-public zstd-1.4.9 +(define zstd/fixed (package (inherit zstd) - (name "zstd") - (version "1.4.9") (source (origin - (method url-fetch) - (uri (string-append "https://github.com/facebook/zstd/releases/download/" - "v" version "/zstd-" version ".tar.gz")) - (sha256 - (base32 "14yj7309gsvg39rki4xqnd6w5idmqi0655v1fc0mk1m2kvhp9b19")))) - (arguments - (substitute-keyword-arguments (package-arguments zstd) - ((#:tests? _ #t) #f))))) + (inherit (package-source zstd)) + (patches + (search-patches + ;; From Ubuntu focal-security + "zstd-CVE-2021-24031_CVE-2021-24032.patch")))))) (define-public pzstd (package/inherit zstd |