[bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-

From:	Leo Famulari
Subject:	[bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541].
Date:	Tue, 13 Nov 2018 11:53:10 -0500
User-agent:	Mutt/1.10.1 (2018-07-13)

On Mon, Nov 12, 2018 at 03:09:39AM +0800, Alex Vong wrote:
>           (replace 'configure
>             (lambda* (#:key outputs #:allow-other-keys)
> +             (define (use-latest-json-parser file)
> +               (substitute* file
> +                 (("engine/external/json-parser/json\\.h")
> +                  "json-parser/json.h")
> +                 (("json_parse_ex\\(&JsonSettings, pFileData, aError\\);")
> +                  "json_parse_ex(&JsonSettings,
> +                                 pFileData,
> +                                 strlen(pFileData),
> +                                 aError);")))
> +

Please add a code comment explaining this.

> -    ;; FIXME: teeworlds bundles the sources of "pnglite", a two-file PNG
> -    ;; library without a build system.

These sorts of mini-libraries are designed to be copied and pasted into
host projects rather than packaged on their own. That's why they don't
include a build system. For example, many cryptographic primitive
implementations are distributed this way — that's why you never see a
package for 'SHA256'. Is there a particular reason we should unbundle
pnglite?

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#33347] [PATCH 0/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/11
- [bug#33347] [PATCH 1/4] gnu: Add pnglite., Alex Vong, 2018/11/11
- [bug#33347] [PATCH 2/4] gnu: Add json-parser., Alex Vong, 2018/11/11
  - [bug#33347] [PATCH 2/4] gnu: Add json-parser., Leo Famulari, 2018/11/13
    - [bug#33347] [PATCH 2/4] gnu: Add json-parser., Alex Vong, 2018/11/14
- [bug#33347] [PATCH 3/4] gnu: Add json-parser., Alex Vong, 2018/11/11
  - [bug#33347] [PATCH 3/4] gnu: Add json-parser., Leo Famulari, 2018/11/13
    - [bug#33347] [PATCH 3/4] gnu: Add json-parser., Alex Vong, 2018/11/14
- [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/11
  - [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Leo Famulari <=
    - [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/14
    - [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Leo Famulari, 2018/11/14
    - [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/14
    - [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/21
    - [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Leo Famulari, 2018/11/21
    - bug#33347: [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/21
- [bug#33347] [PATCH 0/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Alex Vong, 2018/11/11
- [bug#33347] [PATCH 0/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541]., Leo Famulari, 2018/11/13

Prev by Date: [bug#33347] [PATCH 0/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541].
Next by Date: [bug#33347] [PATCH 2/4] gnu: Add json-parser.
Previous by thread: [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541].
Next by thread: [bug#33347] [PATCH 4/4] gnu: teeworlds: Update to 0.7.0 [fixes CVE-2018-18541].
Index(es):
- Date
- Thread