[bug#30448] Update librsync to 2.0.1

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#30448] Update librsync to 2.0.1

From:	Leo Famulari
Subject:	[bug#30448] Update librsync to 2.0.1
Date:	Tue, 13 Feb 2018 14:01:13 -0500
User-agent:	Mutt/1.9.3 (2018-01-21)

librsync 2.0.1 is available at a new upstream URL:

https://github.com/librsync/librsync/releases

Patch attached.

This would also include the fix for CVE-2014-8242, which is about use of
a cryptographically broken hash function (truncated MD4), released in
librsync 1.0.0.

However, at least btar and rdiff-backup aren't compatible with this new
version of librsync (I'm still building deja-dup to test its
compatibility).

Additionally, I noticed that the built package doesn't keep any
references to bzip2 or zlib, which seems wrong to me.

Is anyone using one of the dependent packages interested in looking more
closely at this?

0001-gnu-librsync-Update-to-2.0.1.patch
Description: Text document

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#30448] Update librsync to 2.0.1, Leo Famulari <=
- [bug#30448] Update librsync to 2.0.1, Ludovic Courtès, 2018/02/15

Prev by Date: [bug#30446] [PATCH 2/3] gnu: Add intelmetool.
Next by Date: [bug#30446] [PATCH 1/3] gnu: Add ifdtool.
Previous by thread: [bug#30446] [PATCH 0/3] Add Intel ME tools.
Next by thread: [bug#30448] Update librsync to 2.0.1
Index(es):
- Date
- Thread