From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56252) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e74K3-00017u-5j for guix-patches@gnu.org; Tue, 24 Oct 2017 14:53:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e74Jy-0004hB-Md for guix-patches@gnu.org; Tue, 24 Oct 2017 14:53:07 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:51490) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e74Jy-0004h3-Ir for guix-patches@gnu.org; Tue, 24 Oct 2017 14:53:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1e74Jy-0008RP-Ce for guix-patches@gnu.org; Tue, 24 Oct 2017 14:53:02 -0400 Subject: [bug#28972] [PATCH] gnu: Remove unrar. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:56206) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e74Jf-000157-IQ for guix-patches@gnu.org; Tue, 24 Oct 2017 14:52:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e74Jb-0004bF-7G for guix-patches@gnu.org; Tue, 24 Oct 2017 14:52:43 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:56445) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e74Ja-0004as-Ve for guix-patches@gnu.org; Tue, 24 Oct 2017 14:52:39 -0400 Received: from jasmine.lan (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 967777F9A9 for ; Tue, 24 Oct 2017 14:52:37 -0400 (EDT) From: Leo Famulari Date: Tue, 24 Oct 2017 14:52:34 -0400 Message-Id: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 28972@debbugs.gnu.org This package is abandoned upstream and contains serious bugs: http://seclists.org/oss-sec/2017/q3/329 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14120 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14121 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14122 * gnu/packages/compression.scm (unrar): Remove variable. --- gnu/packages/compression.scm | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index a2bf3a186..c06c3c52e 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1285,24 +1285,6 @@ or junctions, and always follows hard links.") archives from InstallShield installers.") (license license:expat))) -(define-public unrar - (package - (name "unrar") - (version "0.0.1") - (source (origin - (method url-fetch) - (uri (string-append - "http://download.gna.org/unrar/unrar-" version ".tar.gz")) - (sha256 - (base32 - "1fgmjaxffj3shyxgy765jhxwz1cq88hk0fih1bsdzyvymyyz6mz7")))) - (build-system gnu-build-system) - (home-page "http://download.gna.org/unrar") - (synopsis "RAR archive extraction tool") - (description "Unrar is a simple command-line program to list and extract -RAR archives.") - (license license:gpl2+))) - (define-public zstd (package (name "zstd") -- 2.14.3