Message ID | 20220823143020.471916-1-me@gyara.moe |
---|---|
State | Accepted |
Headers | show |
Series | [bug#57354,1/2] gnu: rust-regex-syntax: Update to 0.6.27. | expand |
Context | Check | Description |
---|---|---|
cbaines/comparison | success | View comparision |
cbaines/git-branch | success | View Git branch |
cbaines/applying patch | success | View Laminar job |
cbaines/issue | success | View issue |
cbaines/comparison | success | View comparision |
cbaines/git-branch | success | View Git branch |
cbaines/applying patch | success | View Laminar job |
cbaines/issue | success | View issue |
Hi gyara, Thanks a lot for this security fix. Since this will rebuild 'librsvg', which has ~550 dependent packages, I added these patches to the about-to-be-merged 'staging' branch. (it's not ideal either, since it is supposed to be "frozen"; but we cannot graft Rust packages and would instead have to add a graft for a patched librsvg, which seemed a lot of work for 'just' 550 rebuilds) PS: In the future, please mention the changed variable in the commit message (see the commit log for examples). I did that on your behalf. Pushed in: 1063d918b9 gnu: rust-regex-syntax: Update to 0.6.27. 1cf3737093 gnu: rust-regex: Update to 1.6.0 [fixes CVE-2022-24713].
diff --git a/gnu/packages/crates-io.scm b/gnu/packages/crates-io.scm index cfafce9aa3..9c44fec198 100644 --- a/gnu/packages/crates-io.scm +++ b/gnu/packages/crates-io.scm @@ -48811,14 +48811,14 @@ (define-public rust-regex-automata-0.1 (define-public rust-regex-syntax-0.6 (package (name "rust-regex-syntax") - (version "0.6.25") + (version "0.6.27") (source (origin (method url-fetch) (uri (crate-uri "regex-syntax" version)) (file-name (string-append name "-" version ".tar.gz")) (sha256 - (base32 "16y87hz1bxmmz6kk360cxwfm3jnbsxb3x4zw9x1gzz7khic2i5zl")))) + (base32 "0i32nnvyzzkvz1rqp2qyfxrp2170859z8ck37jd63c8irrrppy53")))) (build-system cargo-build-system) (home-page "https://github.com/rust-lang/regex") (synopsis "Regular expression parser")