me
/
guix
Archived
1
0
Fork 0
Code

gnu: cyrus-sasl: Update to 2.1.28. 

* gnu/packages/cyrus-sasl.scm (cyrus-sasl): Update to 2.1.28.
[source](uri): Use new download location.
[source](patches): Remove.
[native-inputs]: Remove.
[arguments]: Remove #:phases.  Use G-expression.
* gnu/packages/patches/cyrus-sasl-CVE-2019-19906.patch,
gnu/packages/patches/cyrus-sasl-ac-try-run-fix.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
master
Marius Bakke 2022-07-20 03:05:47 +02:00
parent fff973b03c
commit 093f13610b
No known key found for this signature in database
GPG Key ID: A2A06DF2A33A54FA
3 changed files with 17 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gnu/local.mk
View File

@ -981,8 +981,6 @@ dist_patch_DATA = \
%D%/packages/patches/curl-use-ssl-cert-env.patch \ %D%/packages/patches/curl-use-ssl-cert-env.patch \
%D%/packages/patches/cursynth-wave-rand.patch \ %D%/packages/patches/cursynth-wave-rand.patch \
%D%/packages/patches/cvs-CVE-2017-12836.patch \ %D%/packages/patches/cvs-CVE-2017-12836.patch \
%D%/packages/patches/cyrus-sasl-ac-try-run-fix.patch \
%D%/packages/patches/cyrus-sasl-CVE-2019-19906.patch \
%D%/packages/patches/c++-gsl-find-system-gtest.patch \ %D%/packages/patches/c++-gsl-find-system-gtest.patch \
%D%/packages/patches/c++-gsl-move-array-bounds-tests.patch \ %D%/packages/patches/c++-gsl-move-array-bounds-tests.patch \
%D%/packages/patches/date-output-pkg-config-files.patch \ %D%/packages/patches/date-output-pkg-config-files.patch \

39
gnu/packages/cyrus-sasl.scm
View File

@ -3,6 +3,7 @@
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2022 Marius Bakke <marius@gnu.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -26,6 +27,7 @@
#:use-module (gnu packages kerberos) #:use-module (gnu packages kerberos)
#:use-module (gnu packages tls) #:use-module (gnu packages tls)
#:use-module ((guix licenses) #:prefix license:) #:use-module ((guix licenses) #:prefix license:)
#:use-module (guix gexp)
#:use-module (guix packages) #:use-module (guix packages)
#:use-module (guix download) #:use-module (guix download)
#:use-module (guix build-system gnu)) #:use-module (guix build-system gnu))
@ -33,42 +35,35 @@
(define-public cyrus-sasl (define-public cyrus-sasl
(package (package
(name "cyrus-sasl") (name "cyrus-sasl")
(version "2.1.27") (version "2.1.28")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (list (string-append (uri (string-append "https://github.com/cyrusimap/cyrus-sasl"
"https://cyrusimap.org/releases/cyrus-sasl-" "/releases/download/cyrus-sasl-" version
version ".tar.gz") "/cyrus-sasl-" version ".tar.gz"))
(string-append
"ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-"
version ".tar.gz")))
(sha256 (base32 (sha256 (base32
"1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6")) "135kbgyfpa1mwqp5dm223yr6ddzi4vjm7cr414d7rmhys2mwdkvw"))))
(patches (search-patches "cyrus-sasl-ac-try-run-fix.patch"
"cyrus-sasl-CVE-2019-19906.patch"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(native-inputs
(list autoconf automake libtool))
(inputs (list gdbm openssl)) (inputs (list gdbm openssl))
(propagated-inputs (propagated-inputs
(list ;; cyrus-sasl.pc refers to -lkrb5, so propagate it. (list ;; cyrus-sasl.pc refers to -lkrb5, so propagate it.
mit-krb5)) mit-krb5))
(arguments (arguments
'(#:configure-flags (list (string-append "--with-plugindir=" (list
(assoc-ref %outputs "out") #:configure-flags #~(list (string-append "--with-plugindir="
"/lib/sasl2")) #$output "/lib/sasl2")
;; When cross-compiling the build system is
;; unable to determine whether SPNEGO is
;; supported; Kerberos does, so enable it.
#$@(if (%current-target-system)
'("ac_cv_gssapi_supports_spnego=yes")
'()))
;; The 'plugins' directory has shared source files, such as ;; The 'plugins' directory has shared source files, such as
;; 'plugin_common.c'. When building the shared libraries there, libtool ;; 'plugin_common.c'. When building the shared libraries there, libtool
;; ends up doing "ln -s plugin_common.lo plugin_common.o", which can ;; ends up doing "ln -s plugin_common.lo plugin_common.o", which can
;; fail with EEXIST when building things in parallel. ;; fail with EEXIST when building things in parallel.
#:parallel-build? #f #:parallel-build? #f))
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'autogen
(lambda _
(invoke "autoreconf" "-vif"))))))
(synopsis "Simple Authentication Security Layer implementation") (synopsis "Simple Authentication Security Layer implementation")
(description (description
"SASL (Simple Authentication Security Layer) is an Internet "SASL (Simple Authentication Security Layer) is an Internet

25
gnu/packages/patches/cyrus-sasl-CVE-2019-19906.patch
View File

@ -1,25 +0,0 @@
From dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Tue, 18 Feb 2020 19:05:12 +0000
Subject: [PATCH] Fix #587
Off by one error in common.c, CVE-2019-19906.
Thanks to Stephan Zeisberg for reporting
---
lib/common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/common.c b/lib/common.c
index bc3bf1df..9969d6aa 100644
--- a/lib/common.c
+++ b/lib/common.c
@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
if (add==NULL) add = "(null)";
- addlen=strlen(add); /* only compute once */
+ addlen=strlen(add)+1; /* only compute once */
if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
return SASL_NOMEM;