diff options
author | Marius Bakke <marius@gnu.org> | 2020-09-27 20:18:23 +0200 |
---|---|---|
committer | Marius Bakke <marius@gnu.org> | 2020-09-28 00:46:21 +0200 |
commit | 7d366a8387a57badca220eb93a207ad47b719111 (patch) | |
tree | ae40b8a8bc8a9d84441b431f69266071e6bbf742 | |
parent | 6f04c0b70290c97f2519d7276f5babf407df80e5 (diff) | |
download | guix-7d366a8387a57badca220eb93a207ad47b719111.tar.gz guix-7d366a8387a57badca220eb93a207ad47b719111.zip |
gnu: libsndfile: Replace with 1.0.30 [security fixes].
This replacement fixes CVE-2017-17456, CVE-2017-17457, CVE-2018-19661,
CVE-2018-19662, CVE-2018-19758, and CVE-2019-3832.
* gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field.
(libsndfile-1.0.30): New variable.
-rw-r--r-- | gnu/packages/pulseaudio.scm | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm index 9522d023ad..d1c188fdfd 100644 --- a/gnu/packages/pulseaudio.scm +++ b/gnu/packages/pulseaudio.scm @@ -13,6 +13,7 @@ ;;; Copyright © 2020 Amin Bandali <bandali@gnu.org> ;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de> ;;; Copyright © 2020 Pierre Neidhardt <mail@ambrevar.xyz> +;;; Copyright © 2020 Marius Bakke <marius@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -71,6 +72,7 @@ (package (name "libsndfile") (version "1.0.28") + (replacement libsndfile-1.0.30) (source (origin (method url-fetch) (uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-" @@ -104,6 +106,41 @@ SPARC. Hopefully the design of the library will also make it easy to extend for reading and writing new sound file formats.") (license l:gpl2+))) +;; Replacement package to fix multiple security vulnerabilities. +(define libsndfile-1.0.30 + (package + (inherit libsndfile) + (version "1.0.30") + (source (origin + (method url-fetch) + (uri (string-append "https://github.com/erikd/libsndfile" + "/releases/download/v" version + "/libsndfile-" version ".tar.bz2")) + (sha256 + (base32 + "0gsbg8ni496h55mx2p9999fk0xvbsjyz6v678a0l75b5fqs8d2gc")) + (modules '((ice-9 textual-ports) (guix build utils))) + (snippet + '(begin + ;; Remove carriage returns (CRLF) to prevent bogus + ;; errors from bash like "$'\r': command not found". + (let ((data (call-with-input-file + "tests/pedantic-header-test.sh.in" + (lambda (port) + (string-join + (string-split (get-string-all port) + #\return)))))) + (call-with-output-file "tests/pedantic-header-test.sh.in" + (lambda (port) (format port data)))) + + ;; While at it, fix hard coded executable name. + (substitute* "tests/test_wrapper.sh.in" + (("^/usr/bin/env") "env")) + #t)))) + (native-inputs + `(("python" ,python) + ,@(package-native-inputs libsndfile))))) + (define-public libsamplerate (package (name "libsamplerate") ; aka. Secret Rabbit Code (SRC) |