From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:32994) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d7qeR-0002Wg-CG for guix-patches@gnu.org; Mon, 08 May 2017 17:57:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d7qeN-0007TQ-Gu for guix-patches@gnu.org; Mon, 08 May 2017 17:57:07 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:57687) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d7qeL-0007Sr-UM for guix-patches@gnu.org; Mon, 08 May 2017 17:57:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1d7qeL-0001YJ-N2 for guix-patches@gnu.org; Mon, 08 May 2017 17:57:01 -0400 Subject: bug#26836: [PATCH] gnu: libarchive: Update to 3.3.1. Resent-Message-ID: Date: Mon, 8 May 2017 17:56:11 -0400 From: Leo Famulari Message-ID: <20170508215611.GA3476@jasmine> References: <20170508190714.15902-1-kei@openmailbox.org> <20170508192548.GA20051@jasmine> <878tm7kqbf.fsf@openmailbox.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="lrZ03NoBR/3+SXJZ" Content-Disposition: inline In-Reply-To: <878tm7kqbf.fsf@openmailbox.org> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Kei Kebreau Cc: 26836@debbugs.gnu.org --lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 08, 2017 at 05:10:28PM -0400, Kei Kebreau wrote: > Leo Famulari writes: >=20 > > On Mon, May 08, 2017 at 03:07:14PM -0400, Kei Kebreau wrote: > >> Fixes CVE-2016-{10209,10350} and CVE-2017-5601. > >>=20 > >> * gnu/packages/backup.scm (libarchive): Update to 3.3.1. > > > > Thanks! > > > > Can you use a graft instead? Then, the commit message can be like this: > > > > gnu: libarchive: Replace with 3.3.1 [security fixes]. > > > > Fixes CVE-2016-{10209,10350}, CVE-2017-5601. > > > > * gnu/packages/backup.scm (libarchive)[replacement]: New field. > > (libarchive-3.3.1): New variable. >=20 > Like the patch I've attached? > From 45d3157bb61bb8b5f26ff13feb672759b6043e6f Mon Sep 17 00:00:00 2001 > From: Kei Kebreau > Date: Mon, 8 May 2017 14:58:07 -0400 > Subject: [PATCH] gnu: libarchive: Replace with 3.3.1 [security fixes]. > To: 26836@debbugs.gnu.org >=20 > Fixes CVE-2016-{10209,10350} and CVE-2017-5601. >=20 > * gnu/packages/backup.scm (libarchive)[replacement]: New field. > (libarchive-3.3.1): New variable. Thanks, LGTM! --lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlkQ6XcACgkQJkb6MLrK fwi/ThAAjA6VOmdiNfDJUMbf8pjjOal+KmK3Mlkn2B+twMPAwOtJC/B2DPZ/7nIq 7kNUCSz+PpnwOSek5V0alLZxIeXdPDaNdwzpojptrmCvy8cYTRDzAg3AckIhDdlb Y6YEs3UoMqOSDSnxwHUQpWUU+eQ1gGHB5UUXtuepiAmvHPlzuKVIWHCicvb/aXuv ClM0Ui09VnA7/BDIdYUPsC7kJwH7UWjgGDjRzSuxWRUblPSybPShiBklGuu2Jq8w A5MfUM3aCAZoCqc1t9og0dSC8yppoTx0IwCznd6A4m3h7uvTAxTCozSi48PxDHCv p8n1ssdXEa3THi1hWp0dvI8cZci9AlPanRN2YKAcntFgm4Y0tJJkmtHEkHHs2LsB yMQakKUXZnUrmm2OrIUTwVjllCD3mvo0ZxQNtEKGaQNFjJcX0d3CB/B/9NKlva4K dpA71Unn3IoIxakaZycai2da4cwxToW4cOq06U+vB890EATQifUSHcN4F9Z0Lr2g 7+gT9KngpMEdBa0w8yIEK187AdizxJ4O8UMrXK1uEa2ZInObMVRyOSiRNnIA6PMp 1Cd0ZRqKaTv9+mloTD725kPSDAy3EMGu2olQpHBRQ57HBZ7/fBmLa0F+f+qoCbdi G4j3djYHraUX1zsVr0zPXLWAGYlTJW6BWmELUA1fxQO4Bkcw5HM= =P+qq -----END PGP SIGNATURE----- --lrZ03NoBR/3+SXJZ--