diff options
| author | Tobias Geerinckx-Rice <me@tobias.gr> | 2020-02-17 04:55:47 +0100 |
|---|---|---|
| committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2020-02-17 05:14:29 +0100 |
| commit | f5255ed3d3689c793b87939d30df7e2e3443b004 (patch) | |
| tree | e26b90d6b2e46ca0fcae1077ca103890759ddfbb /gnu/packages/compression.scm | |
| parent | de5bc83cd3245d76c8769e14cd1d6fb5256de28b (diff) | |
gnu: upx: Update to 3.96.
* gnu/packages/compression.scm (upx): Update to 3.96.
[source]: Remove patch.
[arguments]: Remove CHECK_WHITESPACE work-around.
[properties]: Remove obsolete hidden CVE.
* gnu/packages/patches/upx-fix-CVE-2017-15056.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Diffstat (limited to 'gnu/packages/compression.scm')
| -rw-r--r-- | gnu/packages/compression.scm | 15 |
1 files changed, 3 insertions, 12 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index a65e320a9b..3f4b99bfcf 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1903,15 +1903,14 @@ decompression is a little bit slower.") (define-public upx (package (name "upx") - (version "3.94") + (version "3.96") (source (origin (method url-fetch) (uri (string-append "https://github.com/upx/upx/releases/download/v" version "/upx-" version "-src.tar.xz")) (sha256 (base32 - "08anybdliqsbsl6x835iwzljahnm9i7v26icdjkcv33xmk6p5vw1")) - (patches (search-patches "upx-fix-CVE-2017-15056.patch")))) + "051pk5jk8fcfg5mpgzj43z5p4cn7jy5jbyshyn78dwjqr7slsxs7")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl))) @@ -1920,10 +1919,7 @@ decompression is a little bit slower.") ("zlib" ,zlib))) (arguments `(#:make-flags - (list "all" - ;; CHECK_WHITESPACE does not seem to work. - ;; See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/upx. - "CHECK_WHITESPACE=true") + (list "all") #:phases (modify-phases %standard-phases (delete 'configure) @@ -1945,11 +1941,6 @@ decompression is a little bit slower.") #t)) ))) (home-page "https://upx.github.io/") - ;; CVE-2017-16869 is about Mach-O files which is not of a big concern for Guix. - ;; See https://github.com/upx/upx/issues/146 and - ;; https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-16869. - ;; The issue will be fixed after version 3.94. - (properties `((lint-hidden-cve . ("CVE-2017-16869")))) (synopsis "Compression tool for executables") (description "The Ultimate Packer for eXecutables (UPX) is an executable file |