aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/libyaml-CVE-2014-9130.patch30
-rw-r--r--gnu/packages/web.scm5
3 files changed, 2 insertions, 34 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index cdb1edbfb7..dfd25c7088 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1211,7 +1211,6 @@ dist_patch_DATA = \
%D%/packages/patches/xinetd-fix-fd-leak.patch \
%D%/packages/patches/xinetd-CVE-2013-4342.patch \
%D%/packages/patches/xmodmap-asprintf.patch \
- %D%/packages/patches/libyaml-CVE-2014-9130.patch \
%D%/packages/patches/zathura-plugindir-environment-variable.patch
MISC_DISTRO_FILES = \
diff --git a/gnu/packages/patches/libyaml-CVE-2014-9130.patch b/gnu/packages/patches/libyaml-CVE-2014-9130.patch
deleted file mode 100644
index 800358c0d6..0000000000
--- a/gnu/packages/patches/libyaml-CVE-2014-9130.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Fixes CVE-2014-9130
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
-
-Upstream source:
-https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
-
-# HG changeset patch
-# User Kirill Simonov <xi@resolvent.net>
-# Date 1417197312 21600
-# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2
-# Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33
-Removed invalid simple key assertion (thank to Jonathan Gray).
-
-diff --git a/src/scanner.c b/src/scanner.c
---- a/src/scanner.c
-+++ b/src/scanner.c
-@@ -1106,13 +1106,6 @@
- && parser->indent == (ptrdiff_t)parser->mark.column);
-
- /*
-- * A simple key is required only when it is the first token in the current
-- * line. Therefore it is always allowed. But we add a check anyway.
-- */
--
-- assert(parser->simple_key_allowed || !required); /* Impossible. */
--
-- /*
- * If the current position may start a simple key, save it.
- */
-
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 19058de2d3..aaf8505ef4 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -1025,17 +1025,16 @@ hash/signatures.")
(define-public libyaml
(package
(name "libyaml")
- (version "0.1.6")
+ (version "0.1.7")
(source
(origin
(method url-fetch)
(uri (string-append
"http://pyyaml.org/download/libyaml/yaml-"
version ".tar.gz"))
- (patches (search-patches "libyaml-CVE-2014-9130.patch"))
(sha256
(base32
- "0j9731s5zjb8mjx7wzf6vh7bsqi38ay564x6s9nri2nh9cdrg9kx"))))
+ "0a87931cx5m14a1x8rbjix3nz7agrcgndf4h392vm62a4rby9240"))))
(build-system gnu-build-system)
(home-page "http://pyyaml.org/wiki/LibYAML")
(synopsis "YAML 1.1 parser and emitter written in C")