From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36592) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gMcAP-0007bl-80 for guix-patches@gnu.org; Tue, 13 Nov 2018 12:08:00 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gMbww-00045k-Ll for guix-patches@gnu.org; Tue, 13 Nov 2018 11:54:09 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:46286) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gMbwv-00045T-QR for guix-patches@gnu.org; Tue, 13 Nov 2018 11:54:01 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gMbwv-0003ib-La for guix-patches@gnu.org; Tue, 13 Nov 2018 11:54:01 -0500 Subject: [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]. Resent-Message-ID: Date: Tue, 13 Nov 2018 11:53:10 -0500 From: Leo Famulari Message-ID: <20181113165310.GC8498@jasmine.lan> References: <871s7r3095.fsf@gmail.com> <87k1lj1le4.fsf@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="gr/z0/N6AeWAPJVB" Content-Disposition: inline In-Reply-To: <87k1lj1le4.fsf@gmail.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Alex Vong Cc: 33347@debbugs.gnu.org --gr/z0/N6AeWAPJVB Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 12, 2018 at 03:09:39AM +0800, Alex Vong wrote: > (replace 'configure > (lambda* (#:key outputs #:allow-other-keys) > + (define (use-latest-json-parser file) > + (substitute* file > + (("engine/external/json-parser/json\\.h") > + "json-parser/json.h") > + (("json_parse_ex\\(&JsonSettings, pFileData, aError\\);= ") > + "json_parse_ex(&JsonSettings, > + pFileData, > + strlen(pFileData), > + aError);"))) > + Please add a code comment explaining this. > - ;; FIXME: teeworlds bundles the sources of "pnglite", a two-file PNG > - ;; library without a build system. These sorts of mini-libraries are designed to be copied and pasted into host projects rather than packaged on their own. That's why they don't include a build system. For example, many cryptographic primitive implementations are distributed this way =E2=80=94 that's why you never see= a package for 'SHA256'. Is there a particular reason we should unbundle pnglite? --gr/z0/N6AeWAPJVB Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlvrAXUACgkQJkb6MLrK fwg5rBAAkV7c6kOp6J0nBxmTjX8ChY3gvrjMyF7S0xBJrR7xLQBz1C+bICdFk7qQ LS5XQ/m0thJmyCIUsaN9XXqTNvX37d3B+ZGqL+DoW1QZ919H98TqMrFxnTaQd+4q qwbQpRFbj1WRgkwQYVydPwall1BzwnxRkxp63UrIa4fnloExaSzLZQKE28ckrDeL OahayLKL/OHqs5ufRDq5TPRFYrccnfc4G29r3tWMf/AxP0bnrpG7ArXf9c9lRdib LvZwfDy3c4Er6fOj7idk90M1+SdTfcXO2mpYCFQ65f/E8vQuxHF7KlOgLGb2upKn 2WECnLFag+10CVgnUGozi7N1N9M+Z8vg4zdnExD5fdlnry205I1itt/+0Al7nvEc hyc1CRyhBxSVqSnPplILL7uXv95UVCppyvJrxaWmsS4pLOOXPbIg1X3t4gaSEvO2 dSrgXHwXJDoR/KQ8aJKaiywKrggNeR9nLipySSVLkPyMi4YW43EC2q6XzKUJurB/ aDtwKVwpseBZ+cKdVBcJQyhjJr6gToB1noCuS0cfJ+EKBJ188kHbGTsa/3ulrHZ8 S43QqjCiw4brxD2dHVtQj/cVZnFH0KkFXF9iGIjvdYKVjn6VWBtZ7CaW36gPRwud LbX46/Dq6hl7wuiidqZzoMtD1pJ5VgIWMvszVXjbnibg55doOrg= =xckU -----END PGP SIGNATURE----- --gr/z0/N6AeWAPJVB--