<
aboutsummaryrefslogtreecommitdiff
path: root/gnu/services/guix.scm
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2024-09-19 09:57:10 +0300
committerEfraim Flashner <efraim@flashner.co.il>2024-09-19 09:57:10 +0300
commit610b395424c02274800d85585cb542ad66d9afea (patch)
tree90207e9c3dff4bc79af0d341d644c4bcebc6a5e9 /gnu/services/guix.scm
parent1b6ce1796abdf497f61f426d61339318f4f4f23d (diff)
downloadguix-610b395424c02274800d85585cb542ad66d9afea.tar.gz
guix-610b395424c02274800d85585cb542ad66d9afea.zip
gnu: expat: Fix security vulnerabilities.
Fixes CVE-2024-45490, CVE-2024-45491, CVE-2024-45492. * gnu/packages/xml.scm (expat)[replacement]: New field. (expat/fixed): New variable. * gnu/packages/patches/expat-CVE-2024-45490.patch, gnu/packages/patches/expat-CVE-2024-45491.patch, gnu/packages/patches/expat-CVE-2024-45492.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them. Change-Id: I74d5d7bce98d6c983b989c1afec7cf28777d1617
Diffstat (limited to 'gnu/services/guix.scm')
0 files changed, 0 insertions, 0 deletions
ww.gnu.org/licenses/>. (define-module (test-size) #:use-module (guix store) #:use-module (guix monads) #:use-module (guix packages) #:use-module (guix derivations) #:use-module (guix gexp) #:use-module (guix tests) #:use-module (guix scripts size) #:use-module (gnu packages) #:use-module (gnu packages bootstrap) #:use-module (ice-9 match) #:use-module (srfi srfi-1) #:use-module (srfi srfi-64)) (test-begin "size") (test-assertm "store-profile" (mlet* %store-monad ((file1 (gexp->derivation "file1" #~(symlink #$%bootstrap-guile #$output))) (file2 (text-file* "file2" "the file => " file1))) (define (matching-profile item) (lambda (profile) (string=? item (profile-file profile)))) (mbegin %store-monad (built-derivations (list file2)) (mlet %store-monad ((profiles (store-profile (list (derivation->output-path file2)))) (bash (interned-file (search-bootstrap-binary "bash" (%current-system)) "bash" #:recursive? #t)) (guile (package->derivation %bootstrap-guile))) (define (lookup-profile item) (find (matching-profile (if (derivation? item) (derivation->output-path item) item)) profiles)) (letrec-syntax ((match* (syntax-rules (=>) ((_ ((drv => profile) rest ...) body) (match (lookup-profile drv) ((? profile? profile) (match* (rest ...) body)))) ((_ () body) body)))) ;; Make sure we get all three profiles with sensible values. (return (and (= (length profiles) 4) (match* ((file1 => profile1) (file2 => profile2) (guile => profile3) (bash => profile4)) ;dependency of GUILE (and (> (profile-closure-size profile2) 0) (= (profile-closure-size profile2) (+ (profile-self-size profile1) (profile-self-size profile2) (profile-self-size profile3) (profile-self-size profile4)))))))))))) (test-assertm "store-profile with multiple items" (mlet* %store-monad ((file1 (gexp->derivation "file1" #~(symlink #$%bootstrap-guile #$output))) (file2 (text-file* "file2" "the file => " file1))) (mbegin %store-monad (built-derivations (list file2)) (mlet %store-monad ((profiles (store-profile (list (derivation->output-path file2) (derivation->output-path file1)))) (reference (store-profile (list (derivation->output-path file2))))) (return (and (= (length profiles) 4) (lset= equal? profiles reference))))))) (test-end "size") ;;; Local Variables: ;;; eval: (put 'match* 'scheme-indent-function 1) ;;; End: