(address . guix-patches@gnu.org)(address . alexvong1995@gmail.com)
Tag: security
Hello,
This patch grafts sqlite to its latest version. It also changes all the
sqlite-* packages to use 'package/inherit' so that they get the
replacement as well. See https://bugs.gnu.org/33751 for details.
From 9d0fae1e1fa2fc13bd794bb2dbeb89750c772cfb Mon Sep 17 00:00:00 2001
From: Alex Vong <alexvong1995@gmail.com>
Date: Tue, 18 Dec 2018 10:36:52 +0800
Subject: [PATCH] gnu: sqlite: Replace with 3.26.0 [security fixes].
Fixes https://bugs.gnu.org/33751.
Reported by Marius Bakke <mbakke@fastmail.com>.
* gnu/packages/databases.scm (sqlite-3.26.0): New public variable.
(sqlite)[replacement]: Use it.
(sqlite-with-fts5): Use 'package/inherit'.
(sqlite-with-column-metadata): Likewise.
---
gnu/packages/databases.scm | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)
Toggle diff (63 lines)
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 0fa6d451e..78d9a6739 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -24,7 +24,7 @@
;;; Copyright © 2017 Adriano Peluso <catonano@gmail.com>
;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
-;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
+;;; Copyright © 2017, 2018 Alex Vong <alexvong1995@gmail.com>
;;; Copyright © 2017, 2018 Ben Woodcroft <donttrustben@gmail.com>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2017, 2018 Pierre Langlois <pierre.langlois@gmx.com>
@@ -1183,6 +1183,7 @@ changes.")
(define-public sqlite
(package
(name "sqlite")
+ (replacement sqlite-3.26.0)
(version "3.24.0")
(source (origin
(method url-fetch)
@@ -1219,9 +1220,29 @@ widely deployed SQL database engine in the world. The source code for SQLite
is in the public domain.")
(license license:public-domain)))
+(define-public sqlite-3.26.0
+ (package/inherit sqlite
+ (version "3.26.0")
+ (source (origin
+ (method url-fetch)
+ (uri (let ((numeric-version
+ (match (string-split version #\.)
+ ((first-digit other-digits ...)
+ (string-append first-digit
+ (string-pad-right
+ (string-concatenate
+ (map (cut string-pad <> 2 #\0)
+ other-digits))
+ 6 #\0))))))
+ (string-append "https://sqlite.org/2018/sqlite-autoconf-"
+ numeric-version ".tar.gz")))
+ (sha256
+ (base32
+ "0pdzszb4sp73hl36siiv3p300jvfvbcdxi2rrmkwgs6inwznmajx"))))))
+
;; This is used by Tracker.
(define-public sqlite-with-fts5
- (package (inherit sqlite)
+ (package/inherit sqlite
(name "sqlite-with-fts5")
(arguments
(substitute-keyword-arguments (package-arguments sqlite)
@@ -1230,7 +1251,7 @@ is in the public domain.")
;; This is used by Qt.
(define-public sqlite-with-column-metadata
- (package (inherit sqlite)
+ (package/inherit sqlite
(name "sqlite-with-column-metadata")
(arguments
(substitute-keyword-arguments (package-arguments sqlite)
--
2.19.2
Cheers,
Alex
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQQwb8uPLAHCXSnTBVZh71Au9gJS8gUCXBhhHwAKCRBh71Au9gJS
8uQDAP9K/j4Fho5Y0tGj2rPYQLgh2/X4rJ+Ad+xIKAtSja48xAEAyWKJMtJibdKy
D55YjKFBOZJ59CTp0rJcPU+WYFdBgQk=
=sDdb
-----END PGP SIGNATURE-----