diff mbox series

[bug#46640] gnu: lrzip: Update to 0.640.

Message ID 20210219174646.12152-1-vincent.legoll@gmail.com
State Accepted
Headers show
Series [bug#46640] gnu: lrzip: Update to 0.640. | expand

Checks

Context Check Description
cbaines/submitting builds success
cbaines/comparison success View comparision
cbaines/git branch success View Git branch
cbaines/applying patch success View Laminar job
cbaines/issue success View issue

Commit Message

Vincent Legoll Feb. 19, 2021, 5:46 p.m. UTC 
* gnu/packages/patches/lrzip-CVE-2017-8842.patch: Remove file...
* gnu/local.mk (dist_patch_DATA): ...from here.
* gnu/packages/compression.scm (lrzip): Update to 0.640.
[source]: Replace ".bz2" by ".xz", remove patch.
[inputs]: Add lz4.
---
 gnu/local.mk                                  |  1 -
 gnu/packages/compression.scm                  |  8 +++----
 .../patches/lrzip-CVE-2017-8842.patch         | 23 -------------------
 3 files changed, 4 insertions(+), 28 deletions(-)
 delete mode 100644 gnu/packages/patches/lrzip-CVE-2017-8842.patch

Comments

Vincent Legoll Feb. 19, 2021, 5:48 p.m. UTC | #1 
I checked that the removed patch has been applied upstream

On Fri, Feb 19, 2021 at 6:48 PM GNU bug Tracking System
<help-debbugs@gnu.org> wrote:
>
> Thank you for filing a new bug report with debbugs.gnu.org.
>
> This is an automatically generated reply to let you know your message
> has been received.
>
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due course.
>
> Your message has been sent to the package maintainer(s):
>  guix-patches@gnu.org
>
> If you wish to submit further information on this problem, please
> send it to 46640@debbugs.gnu.org.
>
> Please do not send mail to help-debbugs@gnu.org unless you wish
> to report a problem with the Bug-tracking system.
>
> --
> 46640: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=46640
> GNU Bug Tracking System
> Contact help-debbugs@gnu.org with problems
Leo Famulari Feb. 20, 2021, 6:41 p.m. UTC | #2 
On Fri, Feb 19, 2021 at 06:46:46PM +0100, Vincent Legoll wrote:
> * gnu/packages/patches/lrzip-CVE-2017-8842.patch: Remove file...
> * gnu/local.mk (dist_patch_DATA): ...from here.
> * gnu/packages/compression.scm (lrzip): Update to 0.640.
> [source]: Replace ".bz2" by ".xz", remove patch.
> [inputs]: Add lz4.

Thanks! I added your name to the list of authors and pushed as
51697aab42f3dea316b5b396ebd342b44b65193d
Vincent Legoll Feb. 20, 2021, 6:50 p.m. UTC | #3 
On Sat, Feb 20, 2021 at 7:41 PM Leo Famulari <leo@famulari.name> wrote:
> Thanks! I added your name to the list of authors and pushed as
> 51697aab42f3dea316b5b396ebd342b44b65193d

Thanks, that's one thing I (almost) always forget...
diff mbox series

Patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 0dd5fc2a29..8b0aac3bcd 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1328,7 +1328,6 @@  dist_patch_DATA =						\
   %D%/packages/patches/llvm-9-fix-scev-miscompilation.patch	\
   %D%/packages/patches/lm-sensors-hwmon-attrs.patch		\
   %D%/packages/patches/lrcalc-includes.patch    		\
-  %D%/packages/patches/lrzip-CVE-2017-8842.patch		\
   %D%/packages/patches/lsh-fix-x11-forwarding.patch		\
   %D%/packages/patches/lsof-fatal-test-failures.patch		\
   %D%/packages/patches/lua-CVE-2014-5461.patch                      \
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 89107141ec..38ea6d924b 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1109,16 +1109,15 @@  human-readable output.")
 (define-public lrzip
   (package
     (name "lrzip")
-    (version "0.631")
+    (version "0.640")
     (source
      (origin
        (method url-fetch)
        (uri (string-append
-             "http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.bz2"))
+             "http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.xz"))
        (sha256
         (base32
-         "0mb449vmmwpkalq732jdyginvql57nxyd31sszb108yps1lf448d"))
-       (patches (search-patches "lrzip-CVE-2017-8842.patch"))))
+         "175466drfpz8rsfr0pzfn5rqrj3wmcmcs3i2sfmw366w2kbjm4j9"))))
     (build-system gnu-build-system)
     (native-inputs
      `(;; nasm is only required when building for 32-bit x86 platforms
@@ -1129,6 +1128,7 @@  human-readable output.")
        ("perl" ,perl)))
     (inputs
      `(("bzip2" ,bzip2)
+       ("lz4" ,lz4)
        ("lzo" ,lzo)
        ("zlib" ,zlib)))
     (home-page "http://ck.kolivas.org/apps/lrzip/")
diff --git a/gnu/packages/patches/lrzip-CVE-2017-8842.patch b/gnu/packages/patches/lrzip-CVE-2017-8842.patch
deleted file mode 100644
index 89b4f2f5d9..0000000000
--- a/gnu/packages/patches/lrzip-CVE-2017-8842.patch
+++ /dev/null
@@ -1,23 +0,0 @@ 
-From 38386bd482c0a8102a79958cb3eddcb97a167ca3 Mon Sep 17 00:00:00 2001
-From: Con Kolivas <kernel@kolivas.org>
-Date: Fri, 9 Mar 2018 17:39:40 +1100
-Subject: [PATCH] CVE-2017-8842 Fix divide-by-zero in bufRead::get
-
----
- libzpaq/libzpaq.h | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/libzpaq/libzpaq.h b/libzpaq/libzpaq.h
-index 93387da..cbe211d 100644
---- a/libzpaq/libzpaq.h
-+++ b/libzpaq/libzpaq.h
-@@ -465,7 +465,8 @@ struct bufRead: public libzpaq::Reader {
- 
- 	int get() {
- 		if (progress && !(*s_len % 128)) {
--			int pct = (total_len - *s_len) * 100 / total_len;
-+			int pct = (total_len > 0) ?
-+				(total_len - *s_len) * 100 / total_len : 100;
- 
- 			if (pct / 10 != *last_pct / 10) {
- 				int i;