02/02: gnu: Remove expat/fixed.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/02: gnu: Remove expat/fixed.

From:	guix-commits
Subject:	02/02: gnu: Remove expat/fixed.
Date:	Thu, 11 Jul 2019 19:13:01 -0400 (EDT)

mbakke pushed a commit to branch core-updates
in repository guix.

commit 60ccc1653a8ed040bbdfbc89f010614b0d9c4139
Author: Marius Bakke <address@hidden>
Date:   Fri Jul 12 01:05:13 2019 +0200

    gnu: Remove expat/fixed.
    
    The merge preceding this commit (fb9a23a3f3) ignored the replacement added 
in
    5a836ce38c (gnu: expat: fix CVE-2018-20843), because the fix is already
    present in Expat 2.2.7.  This commit removes the remaining bits.
    
    * gnu/packages/patches/expat-CVE-2018-20843.patch: Delete file.
    * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
    * gnu/packages/xml.scm (expat/fixed): Remove variable.
---
 gnu/local.mk                                    |  1 -
 gnu/packages/patches/expat-CVE-2018-20843.patch | 21 ---------------------
 gnu/packages/xml.scm                            |  8 --------
 3 files changed, 30 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index b9575ad..75cb7b6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -781,7 +781,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/evilwm-lost-focus-bug.patch             \
   %D%/packages/patches/exiv2-CVE-2017-14860.patch              \
   %D%/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch  \
-  %D%/packages/patches/expat-CVE-2018-20843.patch              \
   %D%/packages/patches/extundelete-e2fsprogs-1.44.patch                \
   %D%/packages/patches/fastcap-mulGlobal.patch                 \
   %D%/packages/patches/fastcap-mulSetup.patch                  \
diff --git a/gnu/packages/patches/expat-CVE-2018-20843.patch 
b/gnu/packages/patches/expat-CVE-2018-20843.patch
deleted file mode 100644
index 216fbe9..0000000
--- a/gnu/packages/patches/expat-CVE-2018-20843.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Fix extraction of namespace prefix from XML name.
-Fixes CVE-2018-20843
-
-This patch comes from upstream commit 11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
-https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
-
-CVE is https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
-
-diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
-index 30d55c5..737d7cd 100644
---- a/lib/xmlparse.c
-+++ b/lib/xmlparse.c
-@@ -6071,7 +6071,7 @@ setElementTypePrefix(XML_Parser parser, ELEMENT_TYPE 
*elementType)
-       else
-         poolDiscard(&dtd->pool);
-       elementType->prefix = prefix;
--
-+      break;
-     }
-   }
-   return 1;
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index e708348..78b9b71 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -88,14 +88,6 @@ stream-oriented parser in which an application registers 
handlers for
 things the parser might find in the XML document (like start tags).")
     (license license:expat)))
 
-(define expat/fixed
-  (package
-    (inherit expat)
-    (source
-     (origin
-       (inherit (package-source expat))
-       (patches (search-patches "expat-CVE-2018-20843.patch"))))))
-
 (define-public libebml
   (package
     (name "libebml")

[Prev in Thread]

Current Thread

[Next in Thread]

branch core-updates updated (1c4b72c -> 60ccc16), guix-commits, 2019/07/11
- 02/02: gnu: Remove expat/fixed., guix-commits <=
- 01/02: Merge branch 'master' into core-updates, guix-commits, 2019/07/11

Prev by Date: 02/02: gnu: expat: fix CVE-2018-20843
Next by Date: branch core-updates updated (1c4b72c -> 60ccc16)
Previous by thread: branch core-updates updated (1c4b72c -> 60ccc16)
Next by thread: 01/02: Merge branch 'master' into core-updates
Index(es):
- Date
- Thread