mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
gnu: libyaml: Fix CVE-2014-9130.
* gnu/packages/patches/libyaml-CVE-2014-9130.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/web.scm (libyaml): Use it.
This commit is contained in:
parent
d8862778c1
commit
0d567b5531
3 changed files with 32 additions and 0 deletions
|
@ -809,6 +809,7 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/xfce4-session-fix-xflock4.patch \
|
||||
%D%/packages/patches/xfce4-settings-defaults.patch \
|
||||
%D%/packages/patches/xmodmap-asprintf.patch \
|
||||
%D%/packages/patches/libyaml-CVE-2014-9130.patch \
|
||||
%D%/packages/patches/zathura-plugindir-environment-variable.patch
|
||||
|
||||
MISC_DISTRO_FILES = \
|
||||
|
|
30
gnu/packages/patches/libyaml-CVE-2014-9130.patch
Normal file
30
gnu/packages/patches/libyaml-CVE-2014-9130.patch
Normal file
|
@ -0,0 +1,30 @@
|
|||
Fixes CVE-2014-9130
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
|
||||
|
||||
Upstream source:
|
||||
https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
|
||||
|
||||
# HG changeset patch
|
||||
# User Kirill Simonov <xi@resolvent.net>
|
||||
# Date 1417197312 21600
|
||||
# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2
|
||||
# Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33
|
||||
Removed invalid simple key assertion (thank to Jonathan Gray).
|
||||
|
||||
diff --git a/src/scanner.c b/src/scanner.c
|
||||
--- a/src/scanner.c
|
||||
+++ b/src/scanner.c
|
||||
@@ -1106,13 +1106,6 @@
|
||||
&& parser->indent == (ptrdiff_t)parser->mark.column);
|
||||
|
||||
/*
|
||||
- * A simple key is required only when it is the first token in the current
|
||||
- * line. Therefore it is always allowed. But we add a check anyway.
|
||||
- */
|
||||
-
|
||||
- assert(parser->simple_key_allowed || !required); /* Impossible. */
|
||||
-
|
||||
- /*
|
||||
* If the current position may start a simple key, save it.
|
||||
*/
|
||||
|
|
@ -611,6 +611,7 @@ (define-public libyaml
|
|||
(uri (string-append
|
||||
"http://pyyaml.org/download/libyaml/yaml-"
|
||||
version ".tar.gz"))
|
||||
(patches (search-patches "libyaml-CVE-2014-9130.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"0j9731s5zjb8mjx7wzf6vh7bsqi38ay564x6s9nri2nh9cdrg9kx"))))
|
||||
|
|
Loading…
Reference in a new issue