--- Begin Message ---
|
Subject: |
[PATCH] gnu: Add upx. |
|
Date: |
Fri, 18 May 2018 00:51:09 +0200 |
* gnu/packages/compression.scm (ucl): New variable.
* gnu/packages/compression.scm (upx): New variable.
---
gnu/packages/compression.scm | 73 ++++++++++++++++++++++++++++++++++++
1 file changed, 73 insertions(+)
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 562a2bf8b..b0d7cd971 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -2151,3 +2151,76 @@ with @code{deflate} but offers more dense compression.
The specification of the Brotli Compressed Data Format is defined in RFC
7932.")
(license license:expat)))
+
+(define-public ucl
+ (package
+ (name "ucl")
+ (version "1.03")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "http://www.oberhumer.com/opensource/";
+ name "/download/" name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0j036lkwsxvm15gr29n8wn07cqq79dswjs9k54939ms5zngjjrdq"))))
+ (build-system gnu-build-system)
+ (home-page "http://www.oberhumer.com/opensource/ucl/";)
+ (synopsis "Portable lossless data compression library")
+ (description "UCL implements a number of compression algorithms that
+achieve an excellent compression ratio while allowing *very* fast
+decompression. Decompression requires no additional memory.
+
+UCL is an OpenSource re-implementation of some NRV compression algorithms.
+
+As compared to LZO, the UCL algorithms achieve a better compression ratio but
+decompression is a little bit slower. See below for some rough timings.")
+ (license license:gpl2)))
+
+(define-public upx
+ (package
+ (name "upx")
+ (version "3.94")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
"https://github.com/upx/upx/releases/download/v";
+ version "/" name "-" version "-src.tar.xz"))
+ (sha256
+ (base32
+ "08anybdliqsbsl6x835iwzljahnm9i7v26icdjkcv33xmk6p5vw1"))))
+ (build-system gnu-build-system)
+ (native-inputs `(("zlib" ,zlib)
+ ("perl" ,perl)
+ ("ucl" ,ucl)))
+ (arguments
+ `(#:make-flags
+ (list "all"
+ ;; CHECK_WHITESPACE does not seem to work.
+ ;; See
https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/upx.
+ "CHECK_WHITESPACE=true")
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure)
+ (delete 'check)
+ (delete 'install)
+ (add-before 'build 'patch-exec-bin-sh
+ (lambda _
+ (substitute* (find-files "Makefile")
+ (("/bin/sh") (which "sh")))
+ (substitute* "src/Makefile"
+ (("/bin/sh") (which "sh")))
+ #t))
+ (add-after 'build 'install-upx
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin")))
+ (mkdir-p bin)
+ (copy-file "src/upx.out" (string-append bin "/upx")))
+ #t))
+ )))
+ (home-page "https://upx.github.io/";)
+ (synopsis "The Ultimate Packer for eXecutables")
+ (description "UPX is an advanced executable file compressor. UPX will
+typically reduce the file size of programs and DLLs by around 50%-70%, thus
+reducing disk space, network load times, download times and other distribution
+and storage costs.")
+ (license license:gpl2)))
--
2.17.0
--- End Message ---
--- Begin Message ---
|
Subject: |
Re: [bug#31487] [PATCH] gnu: upx: Fix CVE-2017-15056. |
|
Date: |
Sat, 16 Jun 2018 23:57:16 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Hello,
Pierre Neidhardt <address@hidden> skribis:
> * gnu/packages/patches/upx-protect-against-bad-crafted-input.patch: New file.
> * gnu/packages/compression.scm (upx)[source]: Use it.
I renamed the patch so that it includes the CVE id, added it to
gnu/local.mk, and committed.
Thanks!
Ludo’.
--- End Message ---