amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: rnp: Update to 0.17.1. [security fixes]

Browse source 
This fixes CVE-2023-29479 and CVE-2023-29480.

* gnu/packages/openpgp.scm (rnp): Update to 0.17.1.
[arguments]: Improve style using gexps.
<#:phases>: Add phase 'inject-sexpp-source.
[inputs]: Add sexpp.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Co-authored-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Change-Id: Ic1d4740da168cd9fde8b642f279c2c77a1c3806f
This commit is contained in:
Nicolas Graves 2024-11-06 00:13:58 +01:00 committed by Maxim Cournoyer
parent 603407fa0a
commit 7b8c099f3e
No known key found for this signature in database
GPG key ID: 1260E46482E63562
1 changed files with 32 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

33
gnu/packages/openpgp.scm
View file

@ -23,6 +23,7 @@
#:use-module (guix git-download) #:use-module (guix git-download)
#:use-module (guix build-system cmake) #:use-module (guix build-system cmake)
#:use-module (guix build-system gnu) #:use-module (guix build-system gnu)
#:use-module (guix gexp)
#:use-module ((guix licenses) #:prefix license:) #:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages) #:use-module (gnu packages)
#:use-module (gnu packages check) #:use-module (gnu packages check)
@ -98,10 +99,10 @@ environments.")
(license license:gpl2+))) (license license:gpl2+)))
(define-public rnp (define-public rnp
(let ((day-of-release "2022-09-22")) (let ((day-of-release "2024-05-14"))
(package (package
(name "rnp") (name "rnp")
(version "0.16.2") (version "0.17.1")
(source (origin (source (origin
(method git-fetch) (method git-fetch)
(uri (git-reference (uri (git-reference
@ -110,33 +111,39 @@ environments.")
(file-name (git-file-name name version)) (file-name (git-file-name name version))
(sha256 (sha256
(base32 (base32
"13z5kxm48a72w4m2crwgdjdng4a4pwxsd72r2z3a4pcakfp2swi8")))) "052872b6a88vkcc58alxcm532y6dra5qqd997jga41v72h3pnj4d"))))
(build-system cmake-build-system) (build-system cmake-build-system)
(arguments `(#:configure-flags (arguments
'("-DBUILD_SHARED_LIBS=on" (list
#:configure-flags
#~(list "-DBUILD_SHARED_LIBS=on"
"-DSYSTEM_LIBSEXPP=on"
;; Lower the minimum tuning ratio from 6 to 4, as suggested
;; upstream to avoid the s2k_iteration_tuning failing.
"-DS2K_MINIMUM_TUNING_RATIO=4"
"-DBUILD_TESTING=on" "-DBUILD_TESTING=on"
"-DDOWNLOAD_GTEST=off" "-DDOWNLOAD_GTEST=off"
"-DDOWNLOAD_RUBYRNP=off") "-DDOWNLOAD_RUBYRNP=off")
#:phases #:phases
(modify-phases %standard-phases #~(modify-phases %standard-phases
(add-after 'unpack 'patch-tests
(lambda _
(substitute* "src/tests/support.cpp"
(("\"cp\"") (search-input-file inputs "/bin/cp")))))
(replace 'check (replace 'check
(lambda* (#:key tests? #:allow-other-keys) (lambda* (#:key tests? parallel-tests? #:allow-other-keys)
(when tests? (when tests?
;; Some OpenPGP certificates used by the tests expire. ;; Some OpenPGP certificates used by the tests expire.
;; To work around that, set the time to roughly the ;; To work around that, set the time to roughly the
;; release date. ;; release date.
(invoke "faketime" ,day-of-release "make" "test"))))))) (setenv "CTEST_OUTPUT_ON_FAILURE" "1")
(invoke "faketime" #$day-of-release "ctest"
"-j" (if parallel-tests?
(number->string (parallel-job-count))
"1"))))))))
(native-inputs (native-inputs
(list gnupg ;for tests (list gnupg ;for tests
googletest ;for tests googletest ;for tests
libfaketime ;for tests libfaketime ;for tests
pkg-config pkg-config
python)) python))
(inputs (list botan bzip2 json-c zlib)) (inputs (list botan bzip2 json-c sexpp zlib))
(synopsis (synopsis
"RFC4880-compliant OpenPGP library written in C++") "RFC4880-compliant OpenPGP library written in C++")
(description (description