[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47422: tar is vulnerable to CVE-2021-20193
From: |
phodina |
Subject: |
bug#47422: tar is vulnerable to CVE-2021-20193 |
Date: |
Fri, 05 Nov 2021 05:14:13 +0000 |
Hi,
here's patch for the master branch as I'm not sure what is the roadmap for
merging core-updates into master.
The obvious downside is that the update triggers large rebuild of core packages
:-/
---8<-------------cut here----------start------------>8----
[PATCH] gnu: tar: Update to 1.34.
* gnu/package/base.scm (tar): Update to 1.34.
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index ea2e102c15..6ebe30464e 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -179,14 +179,14 @@ (define-public sed
(define-public tar
(package
(name "tar")
- (version "1.32")
+ (version "1.34")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/tar/tar-"
version ".tar.xz"))
(sha256
(base32
- "1n7xy657ii0sa42zx6944v2m4v9qrh6sqgmw17l3nch3y43sxlyh"))
+ "0a0x87anh9chbi2cgcyy7pmnm5hzk4yd1w2j8gm1wplwhwkbvgk3"))
(patches (search-patches "tar-skip-unreliable-tests.patch"
"tar-remove-wholesparse-check.patch"))))
(build-system gnu-build-system)
--
2.33.1
- bug#47422: tar is vulnerable to CVE-2021-20193,
phodina <=