gnu: cgit: Update to 1.2.1 [fixes CVE-2018-14912].
* gnu/packages/version-control.scm (cgit): Update to 1.2.1. [inputs]: Use the source of GIT.
This commit is contained in:
Leo Famulari
parent
4e23e8d809
commit
19a3e7f84a
1 changed files with 7 additions and 17 deletions
|
|
@ -143,8 +143,8 @@ as well as the classic centralized workflow.")
|
||||||
(define-public git
|
(define-public git
|
||||||
(package
|
(package
|
||||||
(name "git")
|
(name "git")
|
||||||
;; XXX When updating Git, check if the special 'git:src' input to cgit needs
|
;; XXX When updating Git, check if the special 'git-source' input to cgit
|
||||||
;; to be updated as well.
|
;; needs to be updated as well.
|
||||||
(version "2.18.0")
|
(version "2.18.0")
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
|
|
@ -558,9 +558,7 @@ collaboration using typical untrusted file hosts or services.")
|
||||||
(define-public cgit
|
(define-public cgit
|
||||||
(package
|
(package
|
||||||
(name "cgit")
|
(name "cgit")
|
||||||
;; XXX When updating cgit, try removing the special 'git:src' input and
|
(version "1.2.1")
|
||||||
;; using the source of the git package.
|
|
||||||
(version "1.1")
|
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (string-append
|
(uri (string-append
|
||||||
|
|
@ -568,7 +566,7 @@ collaboration using typical untrusted file hosts or services.")
|
||||||
version ".tar.xz"))
|
version ".tar.xz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"142qcgs8dwnzhymn0a7xx47p9fc2z5wrb86ah4a9iz0mpqlsz288"))))
|
"1gw2j5xc5qdx2hwiwkr8h6kgya7v9d9ff9j32ga1dys0cca7qm1w"))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
'(#:tests? #f ; XXX: fail to build the in-source git.
|
'(#:tests? #f ; XXX: fail to build the in-source git.
|
||||||
|
|
@ -580,7 +578,7 @@ collaboration using typical untrusted file hosts or services.")
|
||||||
(lambda* (#:key inputs #:allow-other-keys)
|
(lambda* (#:key inputs #:allow-other-keys)
|
||||||
;; Unpack the source of git into the 'git' directory.
|
;; Unpack the source of git into the 'git' directory.
|
||||||
(invoke "tar" "--strip-components=1" "-C" "git" "-xf"
|
(invoke "tar" "--strip-components=1" "-C" "git" "-xf"
|
||||||
(assoc-ref inputs "git:src"))))
|
(assoc-ref inputs "git-source"))))
|
||||||
(add-after 'unpack 'patch-absolute-file-names
|
(add-after 'unpack 'patch-absolute-file-names
|
||||||
(lambda* (#:key inputs #:allow-other-keys)
|
(lambda* (#:key inputs #:allow-other-keys)
|
||||||
(define (quoted-file-name input path)
|
(define (quoted-file-name input path)
|
||||||
|
|
@ -642,16 +640,8 @@ collaboration using typical untrusted file hosts or services.")
|
||||||
("bzip2" ,bzip2)
|
("bzip2" ,bzip2)
|
||||||
("xz" ,xz)))
|
("xz" ,xz)))
|
||||||
(inputs
|
(inputs
|
||||||
`(;; Cgit directly accesses some internal Git interfaces that changed in
|
`(;; Building cgit requires a Git source tree.
|
||||||
;; Git 2.12. Try removing this special input and using the source of the
|
("git-source" ,(package-source git))
|
||||||
;; Git package for cgit > 1.1.
|
|
||||||
("git:src"
|
|
||||||
,(origin
|
|
||||||
(method url-fetch)
|
|
||||||
(uri "mirror://kernel.org/software/scm/git/git-2.10.5.tar.xz")
|
|
||||||
(sha256
|
|
||||||
(base32
|
|
||||||
"1r2aa19gnrvm2y4fqcvpw1g9l72n48axqmpgv18s6d0y2p72vhzj"))))
|
|
||||||
("openssl" ,openssl)
|
("openssl" ,openssl)
|
||||||
("groff" ,groff)
|
("groff" ,groff)
|
||||||
("python" ,python)
|
("python" ,python)
|
||||||
|
|
|
||||||
Reference in a new issue