aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/compression.scm
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2020-02-17 04:55:47 +0100
committerTobias Geerinckx-Rice <me@tobias.gr>2020-02-17 05:14:29 +0100
commitf5255ed3d3689c793b87939d30df7e2e3443b004 (patch)
treee26b90d6b2e46ca0fcae1077ca103890759ddfbb /gnu/packages/compression.scm
parentde5bc83cd3245d76c8769e14cd1d6fb5256de28b (diff)
downloadguix-f5255ed3d3689c793b87939d30df7e2e3443b004.tar
guix-f5255ed3d3689c793b87939d30df7e2e3443b004.tar.gz
gnu: upx: Update to 3.96.
* gnu/packages/compression.scm (upx): Update to 3.96. [source]: Remove patch. [arguments]: Remove CHECK_WHITESPACE work-around. [properties]: Remove obsolete hidden CVE. * gnu/packages/patches/upx-fix-CVE-2017-15056.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
Diffstat (limited to 'gnu/packages/compression.scm')
-rw-r--r--gnu/packages/compression.scm15
1 files changed, 3 insertions, 12 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index a65e320a9b..3f4b99bfcf 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1903,15 +1903,14 @@ decompression is a little bit slower.")
(define-public upx
(package
(name "upx")
- (version "3.94")
+ (version "3.96")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/upx/upx/releases/download/v"
version "/upx-" version "-src.tar.xz"))
(sha256
(base32
- "08anybdliqsbsl6x835iwzljahnm9i7v26icdjkcv33xmk6p5vw1"))
- (patches (search-patches "upx-fix-CVE-2017-15056.patch"))))
+ "051pk5jk8fcfg5mpgzj43z5p4cn7jy5jbyshyn78dwjqr7slsxs7"))))
(build-system gnu-build-system)
(native-inputs
`(("perl" ,perl)))
@@ -1920,10 +1919,7 @@ decompression is a little bit slower.")
("zlib" ,zlib)))
(arguments
`(#:make-flags
- (list "all"
- ;; CHECK_WHITESPACE does not seem to work.
- ;; See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/upx.
- "CHECK_WHITESPACE=true")
+ (list "all")
#:phases
(modify-phases %standard-phases
(delete 'configure)
@@ -1945,11 +1941,6 @@ decompression is a little bit slower.")
#t))
)))
(home-page "https://upx.github.io/")
- ;; CVE-2017-16869 is about Mach-O files which is not of a big concern for Guix.
- ;; See https://github.com/upx/upx/issues/146 and
- ;; https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-16869.
- ;; The issue will be fixed after version 3.94.
- (properties `((lint-hidden-cve . ("CVE-2017-16869"))))
(synopsis "Compression tool for executables")
(description
"The Ultimate Packer for eXecutables (UPX) is an executable file