me
/
guix
Archived
1
0
Fork 0
Code

gnu: libsndfile: Replace with 1.0.30 [security fixes]. 

This replacement fixes CVE-2017-17456, CVE-2017-17457, CVE-2018-19661,
CVE-2018-19662, CVE-2018-19758, and CVE-2019-3832.

* gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field.
(libsndfile-1.0.30): New variable.
master
Marius Bakke 2020-09-27 20:18:23 +02:00
parent 6f04c0b702
commit 7d366a8387
No known key found for this signature in database
GPG Key ID: A2A06DF2A33A54FA
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
gnu/packages/pulseaudio.scm
View File

@ -13,6 +13,7 @@
;;; Copyright © 2020 Amin Bandali <bandali@gnu.org> ;;; Copyright © 2020 Amin Bandali <bandali@gnu.org>
;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de> ;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de>
;;; Copyright © 2020 Pierre Neidhardt <mail@ambrevar.xyz> ;;; Copyright © 2020 Pierre Neidhardt <mail@ambrevar.xyz>
;;; Copyright © 2020 Marius Bakke <marius@gnu.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -71,6 +72,7 @@
(package (package
(name "libsndfile") (name "libsndfile")
(version "1.0.28") (version "1.0.28")
(replacement libsndfile-1.0.30)
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-" (uri (string-append "http://www.mega-nerd.com/libsndfile/files/libsndfile-"
@ -104,6 +106,41 @@ SPARC. Hopefully the design of the library will also make it easy to extend
for reading and writing new sound file formats.") for reading and writing new sound file formats.")
(license l:gpl2+))) (license l:gpl2+)))
;; Replacement package to fix multiple security vulnerabilities.
(define libsndfile-1.0.30
(package
(inherit libsndfile)
(version "1.0.30")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/erikd/libsndfile"
"/releases/download/v" version
"/libsndfile-" version ".tar.bz2"))
(sha256
(base32
"0gsbg8ni496h55mx2p9999fk0xvbsjyz6v678a0l75b5fqs8d2gc"))
(modules '((ice-9 textual-ports) (guix build utils)))
(snippet
'(begin
;; Remove carriage returns (CRLF) to prevent bogus
;; errors from bash like "$'\r': command not found".
(let ((data (call-with-input-file
"tests/pedantic-header-test.sh.in"
(lambda (port)
(string-join
(string-split (get-string-all port)
#\return))))))
(call-with-output-file "tests/pedantic-header-test.sh.in"
(lambda (port) (format port data))))
;; While at it, fix hard coded executable name.
(substitute* "tests/test_wrapper.sh.in"
(("^/usr/bin/env") "env"))
#t))))
(native-inputs
`(("python" ,python)
,@(package-native-inputs libsndfile)))))
(define-public libsamplerate (define-public libsamplerate
(package (package
(name "libsamplerate") ; aka. Secret Rabbit Code (SRC) (name "libsamplerate") ; aka. Secret Rabbit Code (SRC)