From: Nicolas Graves via Guix-patches via <guix-patches@gnu.org>
To: 73682@debbugs.gnu.org
Cc: Nicolas Graves <ngraves@ngraves.fr>
Subject: [bug#73682] [PATCH v3 1/3] gnu: varnish: Update to 7.6.0. [security fixes]
Date: Thu, 17 Oct 2024 01:00:40 +0200 [thread overview]
Message-ID: <20241016230045.1878-1-ngraves@ngraves.fr> (raw)
In-Reply-To: <20241007215513.11989-1-ngraves@ngraves.fr>
This fixes CVE-2023-44487.
* gnu/packages/web.scm (varnish): Update to 7.6.0.
[arguments]<#:phases>: Rewrite and update 'use-absolute-file-names
phase. Add phase 'remove-failing-tests.
---
gnu/packages/web.scm | 31 ++++++++++++++++++-------------
1 file changed, 18 insertions(+), 13 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 5d2ab791ae..e283797a62 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -6608,13 +6608,13 @@ (define-public varnish
(package
(name "varnish")
(home-page "https://varnish-cache.org/")
- (version "7.3.0")
+ (version "7.6.0")
(source (origin
(method url-fetch)
(uri (string-append home-page "_downloads/varnish-" version ".tgz"))
(sha256
(base32
- "1rsay4vrg0dvf8d7bpj8dvaax4v949p6x1l6qd3hdabhq87bpnz2"))))
+ "0p2xf4a8bk2w8j9q20fazrc93fwcfhw8zcvdd8ssbahvlg2q78mb"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags (list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib")
@@ -6631,20 +6631,25 @@ (define-public varnish
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'use-absolute-file-names
- (lambda* (#:key native-inputs inputs #:allow-other-keys)
- (let* ((inpts (or native-inputs inputs))
- (sh (search-input-file inpts "/bin/sh"))
- (rm (search-input-file inpts "/bin/rm")))
- (substitute* '("bin/varnishtest/vtc_varnish.c"
- "bin/varnishtest/vtc_process.c"
- "bin/varnishtest/vtc_haproxy.c"
- "bin/varnishtest/tests/u00014.vtc"
- "bin/varnishd/mgt/mgt_vcc.c")
- (("/bin/sh") sh))
+ (lambda _
+ (substitute* '("bin/varnishtest/vtc_varnish.c"
+ "bin/varnishtest/vtc_process.c"
+ "bin/varnishtest/vtc_haproxy.c"
+ "bin/varnishtest/tests/u00014.vtc"
+ "bin/varnishd/mgt/mgt_vcc.c")
+ (("/bin/sh") (which "bash")))
+ (let* ((rm (which "rm")))
(substitute* "bin/varnishd/mgt/mgt_shmem.c"
(("rm -rf") (string-append rm " -rf")))
(substitute* "bin/varnishtest/vtc_main.c"
- (("/bin/rm") rm)))))
+ (("/bin/rm") rm)))
+ (substitute* "bin/varnishtest/tests/u00000.vtc"
+ (("/bin/echo") (which "echo")))))
+ (add-after 'unpack 'remove-failing-tests
+ (lambda _
+ ;; This test seems to fail because of
+ ;; Failed: Servname not supported for ai_socktype
+ (delete-file "bin/varnishtest/tests/b00085.vtc")))
(add-before 'install 'patch-Makefile
(lambda _
(substitute* "Makefile"
--
2.46.0
next prev parent reply other threads:[~2024-10-16 23:02 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-07 21:54 [bug#73682] [PATCH 0/3] gnu: varnish: Update to 7.6.0. [security fixes] Nicolas Graves via Guix-patches via
2024-10-07 22:07 ` [bug#73682] [PATCH 1/3] " Nicolas Graves via Guix-patches via
2024-10-08 6:21 ` [bug#73682] [PATCH 2/3] gnu: varnish-modules: Update to 0.25.0 Nicolas Graves via Guix-patches via
2024-10-08 6:21 ` [bug#73682] [PATCH 3/3] gnu: varnish: Improve style Nicolas Graves via Guix-patches via
2024-10-15 16:25 ` Ludovic Courtès
2024-10-15 19:56 ` [bug#73682] [PATCH v2 1/3] gnu: varnish: Update to 7.6.0. [security fixes] Nicolas Graves via Guix-patches via
2024-10-15 19:56 ` [bug#73682] [PATCH v2 2/3] gnu: varnish-modules: Update to 0.25.0 Nicolas Graves via Guix-patches via
2024-10-15 19:56 ` [bug#73682] [PATCH v2 3/3] gnu: varnish: Improve style Nicolas Graves via Guix-patches via
2024-10-16 23:00 ` Nicolas Graves via Guix-patches via [this message]
2024-10-16 23:00 ` [bug#73682] [PATCH v3 2/3] gnu: varnish-modules: Update to 0.25.0 Nicolas Graves via Guix-patches via
2024-10-16 23:00 ` [bug#73682] [PATCH v3 3/3] gnu: varnish: Improve style Nicolas Graves via Guix-patches via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241016230045.1878-1-ngraves@ngraves.fr \
--to=guix-patches@gnu.org \
--cc=73682@debbugs.gnu.org \
--cc=ngraves@ngraves.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).