diff mbox series

[bug#74034,14/21] gnu: quagga: Fix build and hide CVE.

Message ID 20241026224125.29272-14-ngraves@ngraves.fr
State New
Headers show
Series Add lint-hidden-cve property for near-leaf packages. | expand

Commit Message

Nicolas Graves Oct. 26, 2024, 10:41 p.m. UTC
* gnu/packages/networking.scm (quagga)
[inputs]: Add libxcrypt.
[properties]: Add lint-hidden-cve property.
---
 gnu/packages/networking.scm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index d98179cf2f..53bc670c41 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -3138,7 +3138,7 @@  (define-public quagga
                         (delete-file "vtysh/extract.pl")))))
     (build-system gnu-build-system)
     (native-inputs (list gawk gcc-9 pkg-config perl dejagnu))
-    (inputs (list readline c-ares))
+    (inputs (list c-ares libxcrypt readline))
     (synopsis "Routing Software Suite")
     (description "Quagga is a routing software suite, providing implementations
 of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms.
@@ -3149,6 +3149,10 @@  (define-public quagga
 clients which typically implement a routing protocol and communicate routing
 updates to the zebra daemon.")
     (home-page "https://www.nongnu.org/quagga/")
+    ;; This CVE concerns systemd services files that we currently don't use.
+    ;; If we were to use them, a fixing patch can be found here:
+    ;; https://build.opensuse.org/request/show/1035188
+    (properties '((lint-hidden-cve . ("CVE-2021-44038"))))
     (license license:gpl2+)))
 
 (define-public bgpq3