bug#46106: closed ([PATCH] gnu: Add quark.)

emacs-bug-tracker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#46106: closed ([PATCH] gnu: Add quark.)

From:	GNU bug Tracking System
Subject:	bug#46106: closed ([PATCH] gnu: Add quark.)
Date:	Tue, 02 Feb 2021 10:04:01 +0000

Your message dated Tue, 02 Feb 2021 11:03:30 +0100
with message-id <87bld2g51p.fsf@gnu.org>
and subject line Re: bug#46106: [PATCH] gnu: Add quark.
has caused the debbugs.gnu.org bug report #46106,
regarding [PATCH] gnu: Add quark.
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
46106: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=46106
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

--- Begin Message --- Subject: [PATCH] gnu: Add quark. Date: Mon, 25 Jan 2021 14:00:23 -0500

From: Morgan Smith <Morgan.J.Smith@outlook.com>

* gnu/packages/web.scm (quark): New variable.
---

So linting this package brings up CVE-2019-15520. This CVE is for a completely
different program that also happens to be called quark.

---
 gnu/packages/web.scm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 16c99af9d3..63a5637c87 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -8039,3 +8039,36 @@ handling library written in C89 (\"ANSI C\").  uriparser 
is fast and supports
 Unicode.")
       (home-page "https://uriparser.github.io/";)
       (license license:bsd-3))))
+
+(define-public quark
+  ;; No releases yet
+  (let ((revision "0")
+        (commit "c6a9055e5a30be570e30da8d216c39662c3a3f99"))
+    (package
+      (name "quark")
+      (version "0.0.0")
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://git.suckless.org/quark/";)
+                      (commit commit)))
+                (file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1znvnr30xi5vgd6n3wvgv9pwj992zpzzjk0fmq28ydf1l6kqvkm7"))))
+      (build-system gnu-build-system)
+      (arguments
+       `(#:tests? #f ; no tests
+         #:make-flags
+         (list (string-append "CC=" ,(cc-for-target))
+               (string-append "PREFIX=" %output))
+         #:phases
+         (modify-phases %standard-phases
+           (delete 'configure)))) ; no configure script
+      (home-page "https://tools.suckless.org/quark/";)
+      (synopsis "Small and simple HTTP GET/HEAD-only web server for static
+content")
+      (description "An extremely small and simple HTTP GET/HEAD only web
+server for static content.  TLS is not natively supported and should be
+provided by a TLS reverse proxy (e.g. tlstunnel, hitch or stunnel).")
+      (license license:isc))))
-- 
2.30.0

--- End Message ---

--- Begin Message --- Subject: Re: bug#46106: [PATCH] gnu: Add quark. Date: Tue, 02 Feb 2021 11:03:30 +0100 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Hi,

Morgan.J.Smith@outlook.com skribis:

> From: Morgan Smith <Morgan.J.Smith@outlook.com>
>
> * gnu/packages/web.scm (quark): New variable.

Applied with the changes below.

Thanks,
Ludo’.

diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 1366637de6..879eb160ea 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -8022,7 +8022,7 @@ Unicode.")
         (commit "c6a9055e5a30be570e30da8d216c39662c3a3f99"))
     (package
       (name "quark")
-      (version "0.0.0")
+      (version (git-version "0.0.0" revision commit))
       (source (origin
                 (method git-fetch)
                 (uri (git-reference
@@ -8044,7 +8044,12 @@ Unicode.")
       (home-page "https://tools.suckless.org/quark/";)
       (synopsis "Small and simple HTTP GET/HEAD-only web server for static
 content")
-      (description "An extremely small and simple HTTP GET/HEAD only web
-server for static content.  TLS is not natively supported and should be
+      (description "Quark is an extremely small and simple HTTP GET/HEAD only
+web server for static content.  TLS is not natively supported and should be
 provided by a TLS reverse proxy (e.g. tlstunnel, hitch or stunnel).")
-      (license license:isc))))
+      (license license:isc)
+
+      ;; XXX: Ignore this CVE to work around a name clash with the unrelated
+      ;; "cpe:2.3:a:comelz:quark" package.  The proper fix is for (guix cve)
+      ;; to account for "vendor names".
+      (properties '((lint-hidden-cve . ("CVE-2019-15520")))))))

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

bug#46106: closed ([PATCH] gnu: Add quark.), GNU bug Tracking System <=

Prev by Date: bug#46251: closed ([PATCH] Update parse-float to 0.0.0-2.3074765)
Next by Date: bug#42802: closed (Unhandled FTP exception when using GNU importer)
Previous by thread: bug#46251: closed ([PATCH] Update parse-float to 0.0.0-2.3074765)
Next by thread: bug#42802: closed (Unhandled FTP exception when using GNU importer)
Index(es):
- Date
- Thread