aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorAlex Griffin <a@ajgrf.com>2017-01-03 08:49:01 -0600
committerLeo Famulari <leo@famulari.name>2017-01-03 23:39:21 -0500
commitf3a53f3c8feedfad2a33462225dca8ea077b151b (patch)
tree7ebb6887a0feb80373f1ca2ea52dd7cb27b2c2eb /gnu/packages
parent8efd807f9584a1ffdc0dbc513c66eb2ac5b635b2 (diff)
downloadpatches-f3a53f3c8feedfad2a33462225dca8ea077b151b.tar
patches-f3a53f3c8feedfad2a33462225dca8ea077b151b.tar.gz
gnu: slock: Update to 1.4.
* gnu/packages/suckless.scm (slock): Update to 1.4. [source] Remove CVE-2016-6866 patch (no longer needed). * gnu/packages/patches/slock-CVE-2016-6866.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Leo Famulari <leo@famulari.name>
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/patches/slock-CVE-2016-6866.patch51
-rw-r--r--gnu/packages/suckless.scm6
2 files changed, 3 insertions, 54 deletions
diff --git a/gnu/packages/patches/slock-CVE-2016-6866.patch b/gnu/packages/patches/slock-CVE-2016-6866.patch
deleted file mode 100644
index 2f94b8c1a9..0000000000
--- a/gnu/packages/patches/slock-CVE-2016-6866.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-Fix CVE-2016-6866.
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6866
-https://security-tracker.debian.org/tracker/CVE-2016-6866
-
-Copied from upstream source repository:
-http://git.suckless.org/slock/commit/?id=d8bec0f6fdc8a246d78cb488a0068954b46fcb29
-
-From d8bec0f6fdc8a246d78cb488a0068954b46fcb29 Mon Sep 17 00:00:00 2001
-From: Markus Teich <markus.teich@stusta.mhn.de>
-Date: Tue, 30 Aug 2016 22:59:06 +0000
-Subject: fix CVE-2016-6866
-
----
-diff --git a/slock.c b/slock.c
-index 847b328..8ed59ca 100644
---- a/slock.c
-+++ b/slock.c
-@@ -123,7 +123,7 @@ readpw(Display *dpy)
- readpw(Display *dpy, const char *pws)
- #endif
- {
-- char buf[32], passwd[256];
-+ char buf[32], passwd[256], *encrypted;
- int num, screen;
- unsigned int len, color;
- KeySym ksym;
-@@ -159,7 +159,11 @@ readpw(Display *dpy, const char *pws)
- #ifdef HAVE_BSD_AUTH
- running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
- #else
-- running = !!strcmp(crypt(passwd, pws), pws);
-+ errno = 0;
-+ if (!(encrypted = crypt(passwd, pws)))
-+ fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
-+ else
-+ running = !!strcmp(encrypted, pws);
- #endif
- if (running) {
- XBell(dpy, 100);
-@@ -312,6 +316,8 @@ main(int argc, char **argv) {
-
- #ifndef HAVE_BSD_AUTH
- pws = getpw();
-+ if (strlen(pws) < 2)
-+ die("slock: failed to get user password hash.\n");
- #endif
-
- if (!(dpy = XOpenDisplay(NULL)))
---
-cgit v0.9.0.3-65-g4555
diff --git a/gnu/packages/suckless.scm b/gnu/packages/suckless.scm
index 820d550d6e..a501bb5f2d 100644
--- a/gnu/packages/suckless.scm
+++ b/gnu/packages/suckless.scm
@@ -6,6 +6,7 @@
;;; Copyright © 2015 Dmitry Bogatov <KAction@gnu.org>
;;; Copyright © 2015 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2017 Alex Griffin <a@ajgrf.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -106,15 +107,14 @@ numbers of user-defined menu items efficiently.")
(define-public slock
(package
(name "slock")
- (version "1.3")
+ (version "1.4")
(source (origin
(method url-fetch)
(uri (string-append "http://dl.suckless.org/tools/slock-"
version ".tar.gz"))
- (patches (search-patches "slock-CVE-2016-6866.patch"))
(sha256
(base32
- "065xa9hl7zn0lv2f7yjxphqsa35rg6dn9hv10gys0sh4ljpa7d5s"))))
+ "0sif752303dg33f14k6pgwq2jp1hjyhqv6x4sy3sj281qvdljf5m"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no tests