01/01: gnu: myrepos: Update to 1.20180726.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: myrepos: Update to 1.20180726.

From:	Efraim Flashner
Subject:	01/01: gnu: myrepos: Update to 1.20180726.
Date:	Wed, 31 Oct 2018 15:57:36 -0400 (EDT)

efraim pushed a commit to branch master
in repository guix.

commit c16913d34df610f5e1560ab8da953e32b3a4e7d7
Author: Efraim Flashner <address@hidden>
Date:   Wed Oct 31 21:56:36 2018 +0200

    gnu: myrepos: Update to 1.20180726.
    
    * gnu/packages/version-control.scm (myrepos): Update to 1.20180726.
    [source]: Remove patch.
    * gnu/packages/patches/myrepos-CVE-2018-7032.patch: Remove file.
    * gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                     |  1 -
 gnu/packages/patches/myrepos-CVE-2018-7032.patch | 69 ------------------------
 gnu/packages/version-control.scm                 |  5 +-
 3 files changed, 2 insertions(+), 73 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 6075e47..3207cec 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -973,7 +973,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/mupen64plus-ui-console-notice.patch     \
   %D%/packages/patches/mupen64plus-video-z64-glew-correct-path.patch    \
   %D%/packages/patches/mutt-store-references.patch             \
-  %D%/packages/patches/myrepos-CVE-2018-7032.patch             \
   %D%/packages/patches/net-tools-bitrot.patch                  \
   %D%/packages/patches/netcdf-date-time.patch                  \
   %D%/packages/patches/netcdf-tst_h_par.patch                  \
diff --git a/gnu/packages/patches/myrepos-CVE-2018-7032.patch 
b/gnu/packages/patches/myrepos-CVE-2018-7032.patch
deleted file mode 100644
index ce9493e..0000000
--- a/gnu/packages/patches/myrepos-CVE-2018-7032.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-http://source.myrepos.branchable.com/?p=source.git;a=patch;h=40a3df21c73f1bb1b6915cc6fa503f50814664c8
-This can be removed with the next release. It was modified slightly to apply
-
-From 40a3df21c73f1bb1b6915cc6fa503f50814664c8 Mon Sep 17 00:00:00 2001
-From: Paul Wise <address@hidden>
-Date: Sun, 11 Feb 2018 21:57:49 +0800
-Subject: [PATCH] Mitigate vulnerabilities caused by some git remotes being
- able to execute code
-
-Set GIT_PROTOCOL_FROM_USER=0 with git versions newer than 2.12.
-
-Prevent remote websites from causing cloning of local repositories.
-
-Manually whitelist known-safe protocols (http, https, git, ssh)
-when using git versions older than 2.12.
-
-Fixes: CVE-2018-7032
-Fixes: https://bugs.debian.org/840014
-Suggestions-by: Jakub Wilk <address@hidden>
-Reported-by: Jakub Wilk <address@hidden>
----
- webcheckout | 22 +++++++++++++++++++++-
- 1 file changed, 21 insertions(+), 1 deletion(-)
-
-diff --git a/webcheckout b/webcheckout
-index e98da5c..de497ba 100755
---- a/webcheckout
-+++ b/webcheckout
-@@ -71,6 +71,16 @@ use Getopt::Long;
- use warnings;
- use strict;
- 
-+# Mitigate some git remote types being dangerous
-+my $git_unsafe = 1;
-+my $git_version = `git --version`;
-+$git_version =~ s{^git version }{};
-+my ($major, $minor) = split(/\./, $git_version);
-+if (int($major) >= 2 && int($minor) >= 12) {
-+      $ENV{GIT_PROTOCOL_FROM_USER} = 0;
-+      $git_unsafe = 0;
-+}
-+
- # What to download.
- my $url;
- 
-@@ -89,7 +99,17 @@ my $destdir;
- 
- # how to perform checkouts
- my %handlers=(
--      git => sub { doit("git", "clone", shift, $destdir) },
--      svn => sub { doit("svn", "checkout", shift, $destdir) },
--      bzr => sub { doit("bzr", "branch", shift, $destdir) },
-+      git => sub {
-+              my $git_url = shift;
-+              # Reject unsafe URLs with older versions of git
-+              # that do not already check the URL safety.
-+              if ($git_unsafe && $git_url !~ 
m{^(?:(?:https?|git|ssh):[^:]|(?:[-_.A-Za-z0-9]+@)?[-_.A-Za-z0-9]+:(?!:|//))}) {
-+                      print STDERR "potentially unsafe git URL, may fail, 
touch local files or execute arbitrary code\n";
-+                      return 1;
-+              }
-+              # Reject cloning local directories too, webcheckout is for 
remote repos
-+              doit(qw(git -c protocol.file.allow=user clone --), $git_url, 
$destdir)
-+      },
-+      svn => sub { doit(qw(svn checkout --), shift, $destdir) },
-+      bzr => sub { doit(qw(bzr branch --), shift, $destdir) },
- );
--- 
-2.11.0
-
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index ccb1f5d..df0b2f0 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -1730,7 +1730,7 @@ modification time.")
 (define-public myrepos
   (package
     (name "myrepos")
-    (version "1.20171231")
+    (version "1.20180726")
     (source
      (origin
        (method git-fetch)
@@ -1739,8 +1739,7 @@ modification time.")
              (commit version)))
        (file-name (string-append name "-" version "-checkout"))
        (sha256
-        (base32 "10q7lpx152xnkk701fscn4dq99q9znnmv3bc2482khhjg7z8rps0"))
-       (patches (search-patches "myrepos-CVE-2018-7032.patch"))))
+        (base32 "0jphw61plm8cgklja6hs639xhdvxgvjwbr6jpvjwpp7hc5gmhms5"))))
     (build-system gnu-build-system)
     (inputs
      `(("perl" ,perl)))

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (c438e0c -> c16913d), Efraim Flashner, 2018/10/31
- 01/01: gnu: myrepos: Update to 1.20180726., Efraim Flashner <=

Prev by Date: branch master updated (c438e0c -> c16913d)
Next by Date: 03/10: Keep (gnu packages video) module imports in order.
Previous by thread: branch master updated (c438e0c -> c16913d)
Next by thread: branch master updated (c16913d -> 66a2a47)
Index(es):
- Date
- Thread