amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: timescaledb: Update to 2.16.1. [security fixes]

Browse source 
This fixes CVE-2023-25149.

* gnu/packages/databases.scm (timescaledb): Update to 2.16.1.
[arguments]<#:phases>: Remove comment and symlink trick in
'prepare-tests phase.
This commit is contained in:
Nicolas Graves 2024-10-19 12:00:39 +02:00 committed by Zheng Junjie
parent 7c1b70cc3a
commit d16498fd53
No known key found for this signature in database
GPG key ID: 3B5AA993E1A2DFF0
1 changed files with 3 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

21
gnu/packages/databases.scm
View file

@ -1412,7 +1412,7 @@ pictures, sounds, or video.")
(define-public timescaledb (define-public timescaledb
(package (package
(name "timescaledb") (name "timescaledb")
(version "2.8.1") (version "2.16.1")
(source (origin (source (origin
(method git-fetch) (method git-fetch)
(uri (git-reference (uri (git-reference
@ -1421,7 +1421,7 @@ pictures, sounds, or video.")
(file-name (git-file-name name version)) (file-name (git-file-name name version))
(sha256 (sha256
(base32 (base32
"1gbadna0ilmqad7sbrixm12wd71h43njhsbp1kh5lispb6drdb6r")) "1v17x00a15il4r3rbr0waqjv1nwzy6rcqxgfi2hdk1x235s5dg5h"))
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet
;; Remove files carrying the proprietary TIMESCALE license. ;; Remove files carrying the proprietary TIMESCALE license.
@ -1476,22 +1476,7 @@ pictures, sounds, or video.")
(pg-union (string-append (getcwd) "/../pg-union"))) (pg-union (string-append (getcwd) "/../pg-union")))
(match inputs (match inputs
(((names . directories) ...) (((names . directories) ...)
;; PG will only load extensions from its own $libdir, (union-build pg-union (cons #$output directories))))
;; which it calculates based on argv[0]. As of
;; PostgreSQL 13.6, it calls 'canonicalize_path' on
;; argv[0] so a merge symlink is not enough to trick
;; it; thus, the code below makes a full copy of PG
;; and friends such that 'pg_config --libdir', for
;; instance, points to PG-UNION, allowing it to load
;; the timescaledb extension.
;; TODO: The above comment and the #:symlink trick can
;; be removed in the next rebuild cycle.
(union-build pg-union (cons #$output directories)
#:symlink
(lambda (old new)
(if (file-is-directory? old)
(copy-recursively old new)
(copy-file old new))))))
(setenv "PATH" (string-append pg-union "/bin:" (setenv "PATH" (string-append pg-union "/bin:"
(getenv "PATH"))) (getenv "PATH")))
(invoke "initdb" "-D" pg-data) (invoke "initdb" "-D" pg-data)