me
/
guix
Archived
1
0
Fork 0
Code

gnu: libyaml: Update to 0.1.7. 

* gnu/packages/web.scm (libyaml): Update to 0.1.7.
[source]: Remove patch.
* gnu/packages/patches/libyaml-CVE-2014-9130.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
master
Tobias Geerinckx-Rice 2018-06-19 15:12:30 +02:00
parent 8893218a7d
commit ab5fc6a982
No known key found for this signature in database
GPG Key ID: 0DB0FF884F556D79
3 changed files with 2 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gnu/local.mk
View File

@ -1211,7 +1211,6 @@ dist_patch_DATA = \
%D%/packages/patches/xinetd-fix-fd-leak.patch \ %D%/packages/patches/xinetd-fix-fd-leak.patch \
%D%/packages/patches/xinetd-CVE-2013-4342.patch \ %D%/packages/patches/xinetd-CVE-2013-4342.patch \
%D%/packages/patches/xmodmap-asprintf.patch \ %D%/packages/patches/xmodmap-asprintf.patch \
%D%/packages/patches/libyaml-CVE-2014-9130.patch \
%D%/packages/patches/zathura-plugindir-environment-variable.patch %D%/packages/patches/zathura-plugindir-environment-variable.patch
MISC_DISTRO_FILES = \ MISC_DISTRO_FILES = \

30
gnu/packages/patches/libyaml-CVE-2014-9130.patch
View File

@ -1,30 +0,0 @@
Fixes CVE-2014-9130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
Upstream source:
https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
# HG changeset patch
# User Kirill Simonov <xi@resolvent.net>
# Date 1417197312 21600
# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2
# Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33
Removed invalid simple key assertion (thank to Jonathan Gray).
diff --git a/src/scanner.c b/src/scanner.c
--- a/src/scanner.c
+++ b/src/scanner.c
@@ -1106,13 +1106,6 @@
&& parser->indent == (ptrdiff_t)parser->mark.column);
/*
- * A simple key is required only when it is the first token in the current
- * line. Therefore it is always allowed. But we add a check anyway.
- */
-
- assert(parser->simple_key_allowed || !required); /* Impossible. */
-
- /*
* If the current position may start a simple key, save it.
*/

5
gnu/packages/web.scm
View File

@ -1025,17 +1025,16 @@ hash/signatures.")
(define-public libyaml (define-public libyaml
(package (package
(name "libyaml") (name "libyaml")
(version "0.1.6") (version "0.1.7")
(source (source
(origin (origin
(method url-fetch) (method url-fetch)
(uri (string-append (uri (string-append
"http://pyyaml.org/download/libyaml/yaml-" "http://pyyaml.org/download/libyaml/yaml-"
version ".tar.gz")) version ".tar.gz"))
(patches (search-patches "libyaml-CVE-2014-9130.patch"))
(sha256 (sha256
(base32 (base32
"0j9731s5zjb8mjx7wzf6vh7bsqi38ay564x6s9nri2nh9cdrg9kx")))) "0a87931cx5m14a1x8rbjix3nz7agrcgndf4h392vm62a4rby9240"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(home-page "http://pyyaml.org/wiki/LibYAML") (home-page "http://pyyaml.org/wiki/LibYAML")
(synopsis "YAML 1.1 parser and emitter written in C") (synopsis "YAML 1.1 parser and emitter written in C")