Message ID | 396046c3090495823f60be9c371f8441f3c4179c.1648440419.git.leo@famulari.name |
---|---|
State | New |
Headers | show |
Series | [bug#54604] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032]. | expand |
Hi Leo, Leo Famulari <leo@famulari.name> skribis: > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 > https://seclists.org/oss-sec/2022/q1/191 > > * gnu/packages/compression.scm (zlib)[replacement]: New field. > (zlib-1.2.12): New variable. LGTM, sorry for the delay, and thanks for taking care of it! Ludo’.
Hi Leo, Ludovic Courtès <ludo@gnu.org> writes: > Hi Leo, > > Leo Famulari <leo@famulari.name> skribis: > >> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 >> https://seclists.org/oss-sec/2022/q1/191 >> >> * gnu/packages/compression.scm (zlib)[replacement]: New field. >> (zlib-1.2.12): New variable. > > LGTM, sorry for the delay, and thanks for taking care of it! Ping! Feel free to apply it.
On Tue, Jan 03, 2023 at 05:31:04PM -0500, Maxim Cournoyer wrote:
> Ping! Feel free to apply it.
Pushed as c2c93abd18c37f438006cded8124ff0a32a0e4a7
I forgot about it, sorry!
Hi Leo, Leo Famulari <leo@famulari.name> writes: > On Tue, Jan 03, 2023 at 05:31:04PM -0500, Maxim Cournoyer wrote: >> Ping! Feel free to apply it. > > Pushed as c2c93abd18c37f438006cded8124ff0a32a0e4a7 > > I forgot about it, sorry! No problem, thank you!
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index 3edaecd951..2287c755b4 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -98,6 +98,7 @@ (define-module (gnu packages compression) (define-public zlib (package (name "zlib") + (replacement zlib-1.2.12) (version "1.2.11") (source (origin @@ -148,6 +149,21 @@ (define-public zlib in compression.") (license license:zlib))) +(define-public zlib-1.2.12 + (package + (inherit zlib) + (version "1.2.12") + (source + (origin + (method url-fetch) + (uri (list (string-append "http://zlib.net/zlib-" + version ".tar.gz") + (string-append "mirror://sourceforge/libpng/zlib/" + version "/zlib-" version ".tar.gz"))) + (sha256 + (base32 + "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i")))))) + (define-public minizip (package (name "minizip")