* [bug#54604] [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].
@ 2022-03-28 4:06 Leo Famulari
2022-04-03 10:35 ` Ludovic Courtès
0 siblings, 1 reply; 5+ messages in thread
From: Leo Famulari @ 2022-03-28 4:06 UTC (permalink / raw)
To: 54604
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://seclists.org/oss-sec/2022/q1/191
* gnu/packages/compression.scm (zlib)[replacement]: New field.
(zlib-1.2.12): New variable.
---
gnu/packages/compression.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 3edaecd951..2287c755b4 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -98,6 +98,7 @@ (define-module (gnu packages compression)
(define-public zlib
(package
(name "zlib")
+ (replacement zlib-1.2.12)
(version "1.2.11")
(source
(origin
@@ -148,6 +149,21 @@ (define-public zlib
in compression.")
(license license:zlib)))
+(define-public zlib-1.2.12
+ (package
+ (inherit zlib)
+ (version "1.2.12")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "http://zlib.net/zlib-"
+ version ".tar.gz")
+ (string-append "mirror://sourceforge/libpng/zlib/"
+ version "/zlib-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i"))))))
+
(define-public minizip
(package
(name "minizip")
--
2.34.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [bug#54604] [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].
2022-03-28 4:06 [bug#54604] [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032] Leo Famulari
@ 2022-04-03 10:35 ` Ludovic Courtès
2023-01-03 22:31 ` Maxim Cournoyer
0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2022-04-03 10:35 UTC (permalink / raw)
To: Leo Famulari; +Cc: 54604
Hi Leo,
Leo Famulari <leo@famulari.name> skribis:
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
> https://seclists.org/oss-sec/2022/q1/191
>
> * gnu/packages/compression.scm (zlib)[replacement]: New field.
> (zlib-1.2.12): New variable.
LGTM, sorry for the delay, and thanks for taking care of it!
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [bug#54604] [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].
2022-04-03 10:35 ` Ludovic Courtès
@ 2023-01-03 22:31 ` Maxim Cournoyer
2023-01-04 18:01 ` bug#54604: " Leo Famulari
0 siblings, 1 reply; 5+ messages in thread
From: Maxim Cournoyer @ 2023-01-03 22:31 UTC (permalink / raw)
To: Leo Famulari; +Cc: Ludovic Courtès, 54604
Hi Leo,
Ludovic Courtès <ludo@gnu.org> writes:
> Hi Leo,
>
> Leo Famulari <leo@famulari.name> skribis:
>
>> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
>> https://seclists.org/oss-sec/2022/q1/191
>>
>> * gnu/packages/compression.scm (zlib)[replacement]: New field.
>> (zlib-1.2.12): New variable.
>
> LGTM, sorry for the delay, and thanks for taking care of it!
Ping! Feel free to apply it.
--
Thanks,
Maxim
^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#54604: [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].
2023-01-03 22:31 ` Maxim Cournoyer
@ 2023-01-04 18:01 ` Leo Famulari
2023-01-04 20:22 ` [bug#54604] " Maxim Cournoyer
0 siblings, 1 reply; 5+ messages in thread
From: Leo Famulari @ 2023-01-04 18:01 UTC (permalink / raw)
To: Maxim Cournoyer; +Cc: Ludovic Courtès, 54604-done
On Tue, Jan 03, 2023 at 05:31:04PM -0500, Maxim Cournoyer wrote:
> Ping! Feel free to apply it.
Pushed as c2c93abd18c37f438006cded8124ff0a32a0e4a7
I forgot about it, sorry!
^ permalink raw reply [flat|nested] 5+ messages in thread
* [bug#54604] [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].
2023-01-04 18:01 ` bug#54604: " Leo Famulari
@ 2023-01-04 20:22 ` Maxim Cournoyer
0 siblings, 0 replies; 5+ messages in thread
From: Maxim Cournoyer @ 2023-01-04 20:22 UTC (permalink / raw)
To: Leo Famulari; +Cc: Ludovic Courtès, 54604-done
Hi Leo,
Leo Famulari <leo@famulari.name> writes:
> On Tue, Jan 03, 2023 at 05:31:04PM -0500, Maxim Cournoyer wrote:
>> Ping! Feel free to apply it.
>
> Pushed as c2c93abd18c37f438006cded8124ff0a32a0e4a7
>
> I forgot about it, sorry!
No problem, thank you!
--
Thanks,
Maxim
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-01-04 20:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-28 4:06 [bug#54604] [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032] Leo Famulari
2022-04-03 10:35 ` Ludovic Courtès
2023-01-03 22:31 ` Maxim Cournoyer
2023-01-04 18:01 ` bug#54604: " Leo Famulari
2023-01-04 20:22 ` [bug#54604] " Maxim Cournoyer
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).