From: Z572 <zhengjunjie@iscas.ac.cn>
To: 74035@debbugs.gnu.org
Cc: ngraves@ngraves.fr
Subject: [bug#74035] [PATCH v2 09/26] gnu: darkhttpd: Update to 1.16. [security fixes]
Date: Mon, 04 Nov 2024 17:40:32 +0800 [thread overview]
Message-ID: <87ikt3ibfz.fsf@iscas.ac.cn> (raw)
In-Reply-To: <20241103160239.6772-9-ngraves@ngraves.fr> (Nicolas Graves via Guix-patches via's message of "Sun, 3 Nov 2024 17:02:04 +0100")
[-- Attachment #1: Type: text/plain, Size: 2186 bytes --]
Nicolas Graves via Guix-patches via <guix-patches@gnu.org> writes:
> This fixes CVE-2024-23770 and CVE-2024-23771.
>
> * gnu/packages/web.scm (darkhttpd): Update to 1.16.
> [arguments]: Improve style.
> ---
> gnu/packages/web.scm | 24 +++++++++++-------------
> 1 file changed, 11 insertions(+), 13 deletions(-)
>
> diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
> index 34739bf088..eb27d3448c 100644
> --- a/gnu/packages/web.scm
> +++ b/gnu/packages/web.scm
> @@ -6417,7 +6417,7 @@ (define-public surfraw
> (define-public darkhttpd
> (package
> (name "darkhttpd")
> - (version "1.13")
> + (version "1.16")
> (source
> (origin
> (method git-fetch)
> @@ -6426,20 +6426,18 @@ (define-public darkhttpd
> (commit (string-append "v" version))))
> (file-name (git-file-name name version))
> (sha256
> - (base32 "0w11xq160q9yyffv4mw9ncp1n0dl50d9plmwxb0yijaaxls9i4sk"))))
> + (base32 "15mmq1v8p50mm9wx5w6g4rlr40b7d044lw7rs1wyzdiw9lcnihvm"))))
> (build-system gnu-build-system)
> (arguments
> - `(#:make-flags
> - (list (string-append "CC=" ,(cc-for-target)))
> - #:tests? #f ; No test suite
> - #:phases
> - (modify-phases %standard-phases
> - (delete 'configure) ; no configure script
> - (replace 'install
> - (lambda* (#:key outputs #:allow-other-keys)
> - (install-file "darkhttpd"
> - (string-append (assoc-ref outputs "out")
> - "/bin")))))))
> + (list
> + #:make-flags #~(list (string-append "CC=" #$(cc-for-target)))
> + #:tests? #f ; No test suite
> + #:phases
> + #~(modify-phases %standard-phases
> + (delete 'configure) ; no configure script
> + (replace 'install
> + (lambda _
> + (install-file "darkhttpd" (string-append #$output "/bin")))))))
> (synopsis "Simple static web server")
> (description "darkhttpd is a simple static web server. It is
> standalone and does not need inetd or ucspi-tcp. It does not need any
apply, and enable tests.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next prev parent reply other threads:[~2024-11-04 9:41 UTC|newest]
Thread overview: 88+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-26 22:29 [bug#74035] [PATCH 00/24] [security fixes] for near-leaf packages Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 01/24] gnu: python-django-4.2: Update to 4.2.16. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 02/24] gnu: maradns: Update to 3.5.0036. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 03/24] gnu: maradns: Improve style Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 04/24] gnu: libmobi: Update to 0.12. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 05/24] gnu: bart: Update to 0.9.00. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 06/24] gnu: wireshark: Update to 4.4.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 07/24] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 08/24] gnu: darkhttpd: Update to 1.16. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 09/24] gnu: xlsxio: Update to 0.2.35. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 10/24] gnu: pypy: Update to 7.3.17. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 11/24] gnu: indent: Remove uneeded arguments Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 12/24] gnu: indent: Add patch for CVE-2024-0911. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 13/24] gnu: squashfs-tools: Update to 4.6.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 14/24] gnu: shapelib: Update to 1.6.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 15/24] gnu: libzapojit: Update to 0.0.3-1.99d49ba. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 16/24] gnu: gifsicle: Update to 1.95. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 17/24] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 18/24] gnu: openvpn: Update to 2.6.12. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 19/24] gnu: youtube-dl: Deprecate package Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 20/24] gnu: liblouis: Update to 3.31.0. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 21/24] gnu: unicorn: Update to 2.1.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 22/24] gnu: Add sexpp Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 23/24] gnu: rnp: Update to 0.17.1. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 24/24] gnu: cjson: Update to 1.7.18. " Nicolas Graves via Guix-patches via
2024-11-03 16:01 ` [bug#74035] [PATCH v2 01/26] gnu: libyang: Update to 3.4.2. " Nicolas Graves via Guix-patches via
2024-11-03 16:01 ` [bug#74035] [PATCH v2 02/26] gnu: python-django-4.2: Update to 4.2.16. " Nicolas Graves via Guix-patches via
2024-11-04 16:08 ` Zheng Junjie
2024-11-03 16:01 ` [bug#74035] [PATCH v2 03/26] gnu: maradns: Update to 3.5.0036. " Nicolas Graves via Guix-patches via
2024-11-04 16:09 ` Zheng Junjie
2024-11-03 16:01 ` [bug#74035] [PATCH v2 04/26] gnu: maradns: Improve style Nicolas Graves via Guix-patches via
2024-11-04 16:09 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 05/26] gnu: libmobi: Update to 0.12. [security fixes] Nicolas Graves via Guix-patches via
2024-11-04 11:57 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 06/26] gnu: bart: Update to 0.9.00. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 07/26] gnu: wireshark: Update to 4.4.1. " Nicolas Graves via Guix-patches via
2024-11-04 9:38 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 08/26] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 09/26] gnu: darkhttpd: Update to 1.16. " Nicolas Graves via Guix-patches via
2024-11-04 9:40 ` Z572 [this message]
2024-11-03 16:02 ` [bug#74035] [PATCH v2 10/26] gnu: xlsxio: Update to 0.2.35. " Nicolas Graves via Guix-patches via
2024-11-04 16:12 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 11/26] gnu: pypy: Update to 7.3.17. " Nicolas Graves via Guix-patches via
2024-11-04 9:39 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 12/26] gnu: indent: Remove uneeded arguments Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 13/26] gnu: indent: Add patch for CVE-2024-0911. [security fixes] Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 14/26] gnu: squashfs-tools: Update to 4.6.1. " Nicolas Graves via Guix-patches via
2024-11-04 11:59 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 15/26] gnu: shapelib: Update to 1.6.1. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 16/26] gnu: libzapojit: Update to 0.0.3-1.99d49ba. " Nicolas Graves via Guix-patches via
2024-11-04 16:06 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 17/26] gnu: gifsicle: Update to 1.95. " Nicolas Graves via Guix-patches via
2024-11-04 11:58 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 18/26] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 19/26] gnu: openvpn: Update to 2.6.12. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 20/26] gnu: liblouis: Update to 3.31.0. " Nicolas Graves via Guix-patches via
2024-11-04 11:58 ` Zheng Junjie
2024-11-06 16:09 ` Ludovic Courtès
2024-11-07 11:21 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 21/26] gnu: youtube-dl: Deprecate package Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 22/26] gnu: unicorn: Update to 2.1.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 23/26] gnu: Add sexpp Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 24/26] gnu: rnp: Update to 0.17.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 25/26] gnu: cjson: Update to 1.7.18. " Nicolas Graves via Guix-patches via
2024-11-04 9:39 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 26/26] gnu: snapcast: Update to 0.29.0. " Nicolas Graves via Guix-patches via
2024-11-04 16:08 ` [bug#74035] [PATCH v2 01/26] gnu: libyang: Update to 3.4.2. " Zheng Junjie
2024-11-05 23:10 ` [bug#74035] [PATCH v3 0/8] [security] fixes for near-leaf packages Nicolas Graves via Guix-patches via
2024-11-05 23:10 ` [bug#74035] [PATCH v3 1/8] gnu: bart: Update to 0.9.00. [security fixes] Nicolas Graves via Guix-patches via
2024-11-05 23:10 ` [bug#74035] [PATCH v3 2/8] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-11-05 23:10 ` [bug#74035] [PATCH v3 3/8] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 1/8] gnu: bart: Update to 0.9.00. " Nicolas Graves via Guix-patches via
2024-11-11 11:47 ` Maxim Cournoyer
2024-11-11 15:23 ` Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 2/8] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 3/8] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 4/8] gnu: openvpn: Update to 2.6.12. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 5/8] gnu: youtube-dl: Deprecate package Nicolas Graves via Guix-patches via
2024-11-11 11:48 ` Maxim Cournoyer
2024-11-11 15:22 ` Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 6/8] gnu: unicorn: Update to 2.1.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 7/8] gnu: Add sexpp Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 8/8] gnu: rnp: Update to 0.17.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-11 13:14 ` Maxim Cournoyer
2024-11-11 15:23 ` Nicolas Graves via Guix-patches via
2024-11-12 11:54 ` bug#74035: " Maxim Cournoyer
2024-11-12 14:12 ` [bug#74035] " Maxim Cournoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ikt3ibfz.fsf@iscas.ac.cn \
--to=zhengjunjie@iscas.ac.cn \
--cc=74035@debbugs.gnu.org \
--cc=ngraves@ngraves.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).