From f0ac12fa1a261854c662a9746d06e7667bef1470 Mon Sep 17 00:00:00 2001 From: Nicolas Graves Date: Sun, 27 Oct 2024 19:31:35 +0100 Subject: gnu: quagga: Fix build and hide CVE. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/networking.scm (quagga) [inputs]: Add libxcrypt. [properties]: Add lint-hidden-cve property. Signed-off-by: Ludovic Courtès --- gnu/packages/networking.scm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'gnu/packages/networking.scm') diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index 01975eb048..6e3a355bd4 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -3143,7 +3143,7 @@ does not use SSH and requires a pre-shared symmetric key.") (delete-file "vtysh/extract.pl"))))) (build-system gnu-build-system) (native-inputs (list gawk gcc-9 pkg-config perl dejagnu)) - (inputs (list readline c-ares)) + (inputs (list c-ares libxcrypt readline)) (synopsis "Routing Software Suite") (description "Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms. @@ -3154,6 +3154,10 @@ Zserv API over a Unix or TCP stream to Quagga clients. It is these Zserv clients which typically implement a routing protocol and communicate routing updates to the zebra daemon.") (home-page "https://www.nongnu.org/quagga/") + ;; This CVE concerns systemd services files that we currently don't use. + ;; If we were to use them, a fixing patch can be found here: + ;; https://build.opensuse.org/request/show/1035188 + (properties '((lint-hidden-cve . ("CVE-2021-44038")))) (license license:gpl2+))) (define-public bgpq3 -- cgit v1.2.3