diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/archivers')
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/bomutils/default.nix | 25 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/gnutar/default.nix | 5 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/innoextract/default.nix | 4 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/maxcso/default.nix | 26 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/p7zip/12-CVE-2016-9296.patch | 23 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/p7zip/13-CVE-2017-17969.patch | 35 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/p7zip/default.nix | 47 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/undmg/default.nix | 11 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/undmg/setup-hook.sh | 2 | ||||
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/wimlib/default.nix | 4 |
10 files changed, 83 insertions, 99 deletions
diff --git a/nixpkgs/pkgs/tools/archivers/bomutils/default.nix b/nixpkgs/pkgs/tools/archivers/bomutils/default.nix new file mode 100644 index 00000000000..fc68184be31 --- /dev/null +++ b/nixpkgs/pkgs/tools/archivers/bomutils/default.nix @@ -0,0 +1,25 @@ +{ stdenv +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "bomutils"; + version = "0.2"; + + src = fetchFromGitHub { + owner = "hogliux"; + repo = pname; + rev = version; + sha256 = "1i7nhbq1fcbrjwfg64znz8p4l7662f7qz2l6xcvwd5z93dnmgmdr"; + }; + + makeFlags = [ "PREFIX=$(out)" ]; + + meta = with stdenv.lib; { + homepage = "https://github.com/hogliux/bomutils"; + description = "Open source tools to create bill-of-materials files used in macOS installers"; + platforms = platforms.all; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ prusnak ]; + }; +} diff --git a/nixpkgs/pkgs/tools/archivers/gnutar/default.nix b/nixpkgs/pkgs/tools/archivers/gnutar/default.nix index 749f795c449..672c99d80c0 100644 --- a/nixpkgs/pkgs/tools/archivers/gnutar/default.nix +++ b/nixpkgs/pkgs/tools/archivers/gnutar/default.nix @@ -1,5 +1,10 @@ { stdenv, fetchurl, autoreconfHook, acl }: +# Note: this package is used for bootstrapping fetchurl, and thus +# cannot use fetchpatch! All mutable patches (generated by GitHub or +# cgit) that are needed here should be included directly in Nixpkgs as +# files. + stdenv.mkDerivation rec { pname = "gnutar"; version = "1.32"; diff --git a/nixpkgs/pkgs/tools/archivers/innoextract/default.nix b/nixpkgs/pkgs/tools/archivers/innoextract/default.nix index 5dab1950145..da26639fcb5 100644 --- a/nixpkgs/pkgs/tools/archivers/innoextract/default.nix +++ b/nixpkgs/pkgs/tools/archivers/innoextract/default.nix @@ -3,11 +3,11 @@ , withGog ? false, unar ? null }: stdenv.mkDerivation rec { - name = "innoextract-1.8"; + name = "innoextract-1.9"; src = fetchurl { url = "https://constexpr.org/innoextract/files/${name}.tar.gz"; - sha256 = "0saj50n8ds85shygy4mq1h6s99510r9wgjjdll4dmvhra4lzcy2y"; + sha256 = "09l1z1nbl6ijqqwszdwch9mqr54qb7df0wp2sd77v17dq6gsci33"; }; buildInputs = [ python lzma boost ]; diff --git a/nixpkgs/pkgs/tools/archivers/maxcso/default.nix b/nixpkgs/pkgs/tools/archivers/maxcso/default.nix new file mode 100644 index 00000000000..333b0dcabc3 --- /dev/null +++ b/nixpkgs/pkgs/tools/archivers/maxcso/default.nix @@ -0,0 +1,26 @@ +{ stdenv, fetchFromGitHub, libuv, lz4, zlib }: + +stdenv.mkDerivation rec { + pname = "maxcso"; + version = "1.12.0"; + + src = fetchFromGitHub { + owner = "unknownbrackets"; + repo = "maxcso"; + rev = "v${version}"; + sha256 = "10r0vb3ndpq1pw5224d48nim5xz8jj94zhlfy29br6h6jblq8zap"; + }; + + buildInputs = [ libuv lz4 zlib ]; + + makeFlags = [ "PREFIX=$(out)" ]; + + meta = with stdenv.lib; { + homepage = "https://github.com/unknownbrackets/maxcso"; + description = + "A fast ISO to CSO compression program for use with PSP and PS2 emulators, which uses multiple algorithms for best compression ratio"; + maintainers = with maintainers; [ david-sawatzke ]; + platforms = platforms.linux ++ platforms.darwin; + license = licenses.isc; + }; +} diff --git a/nixpkgs/pkgs/tools/archivers/p7zip/12-CVE-2016-9296.patch b/nixpkgs/pkgs/tools/archivers/p7zip/12-CVE-2016-9296.patch deleted file mode 100644 index 42245c92c0a..00000000000 --- a/nixpkgs/pkgs/tools/archivers/p7zip/12-CVE-2016-9296.patch +++ /dev/null @@ -1,23 +0,0 @@ -From: Robert Luberda <robert@debian.org> -Date: Sat, 19 Nov 2016 08:48:08 +0100 -Subject: Fix nullptr dereference (CVE-2016-9296) - -Patch taken from https://sourceforge.net/p/p7zip/bugs/185/ ---- - CPP/7zip/Archive/7z/7zIn.cpp | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/CPP/7zip/Archive/7z/7zIn.cpp b/CPP/7zip/Archive/7z/7zIn.cpp -index b0c6b98..7c6dde2 100644 ---- a/CPP/7zip/Archive/7z/7zIn.cpp -+++ b/CPP/7zip/Archive/7z/7zIn.cpp -@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams( - if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i]) - ThrowIncorrect(); - } -- HeadersSize += folders.PackPositions[folders.NumPackStreams]; -+ if (folders.PackPositions) -+ HeadersSize += folders.PackPositions[folders.NumPackStreams]; - return S_OK; - } - diff --git a/nixpkgs/pkgs/tools/archivers/p7zip/13-CVE-2017-17969.patch b/nixpkgs/pkgs/tools/archivers/p7zip/13-CVE-2017-17969.patch deleted file mode 100644 index a9787c4a908..00000000000 --- a/nixpkgs/pkgs/tools/archivers/p7zip/13-CVE-2017-17969.patch +++ /dev/null @@ -1,35 +0,0 @@ -From: =?utf-8?q?Antoine_Beaupr=C3=A9?= <anarcat@debian.org> -Date: Fri, 2 Feb 2018 11:11:41 +0100 -Subject: Heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp - -Origin: vendor, https://sourceforge.net/p/p7zip/bugs/_discuss/thread/0920f369/27d7/attachment/CVE-2017-17969.patch -Forwarded: https://sourceforge.net/p/p7zip/bugs/_discuss/thread/0920f369/#27d7 -Bug: https://sourceforge.net/p/p7zip/bugs/204/ -Bug-Debian: https://bugs.debian.org/888297 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17969 -Reviewed-by: Salvatore Bonaccorso <carnil@debian.org> -Last-Update: 2018-02-01 -Applied-Upstream: 18.00-beta ---- - CPP/7zip/Compress/ShrinkDecoder.cpp | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/CPP/7zip/Compress/ShrinkDecoder.cpp b/CPP/7zip/Compress/ShrinkDecoder.cpp -index 80b7e67..ca37764 100644 ---- a/CPP/7zip/Compress/ShrinkDecoder.cpp -+++ b/CPP/7zip/Compress/ShrinkDecoder.cpp -@@ -121,8 +121,13 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * - { - _stack[i++] = _suffixes[cur]; - cur = _parents[cur]; -+ if (cur >= kNumItems || i >= kNumItems) -+ break; - } -- -+ -+ if (cur >= kNumItems || i >= kNumItems) -+ break; -+ - _stack[i++] = (Byte)cur; - lastChar2 = (Byte)cur; - diff --git a/nixpkgs/pkgs/tools/archivers/p7zip/default.nix b/nixpkgs/pkgs/tools/archivers/p7zip/default.nix index d6ad699eaa8..a155c1717eb 100644 --- a/nixpkgs/pkgs/tools/archivers/p7zip/default.nix +++ b/nixpkgs/pkgs/tools/archivers/p7zip/default.nix @@ -1,32 +1,22 @@ -{ stdenv, fetchurl, fetchpatch, lib, enableUnfree ? false }: +{ stdenv, fetchFromGitHub, lib, enableUnfree ? false }: stdenv.mkDerivation rec { pname = "p7zip"; - version = "16.02"; + version = "17.01"; - src = fetchurl { - url = "mirror://sourceforge/p7zip/p7zip_${version}_src_all.tar.bz2"; - sha256 = "5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f"; - }; - patches = [ - ./12-CVE-2016-9296.patch - ./13-CVE-2017-17969.patch - (fetchpatch { - name = "3-CVE-2018-5996.patch"; - url = "https://raw.githubusercontent.com/termux/termux-packages/master/packages/p7zip/3-CVE-2018-5996.patch"; - sha256 = "1zivvkazmza0653i498ccp3zbpbpc7dvxl3zxwllbx41b6n589yp"; - }) - (fetchpatch { - name = "4-CVE-2018-10115.patch"; - url = "https://raw.githubusercontent.com/termux/termux-packages/master/packages/p7zip/4-CVE-2018-10115.patch"; - sha256 = "1cr7q8gnrk9yp6dcvxaqi1yhdbgp964nkv65ls41mw1kdfm44zn6"; - }) - ]; + src = fetchFromGitHub { + owner = "szcnick"; + repo = pname; + rev = "v${version}"; + sha256 = "0gczdmypwbfnxzb11rjrrndjkkb3jzxfby2cchn5j8ysny13mfps"; + } + ; # Default makefile is full of impurities on Darwin. The patch doesn't hurt Linux so I'm leaving it unconditional postPatch = '' sed -i '/CC=\/usr/d' makefile.macosx_llvm_64bits + chmod +x install.sh # I think this is a typo and should be CXX? Either way let's kill it sed -i '/XX=\/usr/d' makefile.macosx_llvm_64bits @@ -43,10 +33,10 @@ stdenv.mkDerivation rec { preConfigure = '' makeFlagsArray=(DEST_HOME=$out) - buildFlags=all3 - '' + stdenv.lib.optionalString stdenv.isDarwin '' - cp makefile.macosx_llvm_64bits makefile.machine - ''; + buildFlags=all3 + '' + stdenv.lib.optionalString stdenv.isDarwin '' + cp makefile.macosx_llvm_64bits makefile.machine +''; enableParallelBuilding = true; @@ -55,15 +45,10 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE = stdenv.lib.optionalString stdenv.cc.isClang "-Wno-error=c++11-narrowing"; meta = { - homepage = "http://p7zip.sourceforge.net/"; - description = "A port of the 7-zip archiver"; + homepage = "https://github.com/szcnick/p7zip"; + description = "A new p7zip fork with additional codecs and improvements (forked from https://sourceforge.net/projects/p7zip/)"; platforms = stdenv.lib.platforms.unix; maintainers = [ stdenv.lib.maintainers.raskin ]; - knownVulnerabilities = [ - # p7zip is abandoned, according to this thread on its forums: - # https://sourceforge.net/p/p7zip/discussion/383043/thread/fa143cf2/#1817 - "p7zip is abandoned and may not receive important security fixes" - ]; # RAR code is under non-free UnRAR license, but we remove it license = if enableUnfree then lib.licenses.unfree else lib.licenses.lgpl2Plus; }; diff --git a/nixpkgs/pkgs/tools/archivers/undmg/default.nix b/nixpkgs/pkgs/tools/archivers/undmg/default.nix index 79b861de485..0eaabdb627d 100644 --- a/nixpkgs/pkgs/tools/archivers/undmg/default.nix +++ b/nixpkgs/pkgs/tools/archivers/undmg/default.nix @@ -1,18 +1,19 @@ -{ stdenv, fetchFromGitHub, zlib, bzip2 }: +{ stdenv, fetchFromGitHub, zlib, bzip2, lzfse, pkg-config }: stdenv.mkDerivation rec { - version = "1.0.3"; + version = "1.1.0"; pname = "undmg"; src = fetchFromGitHub { owner = "matthewbauer"; repo = "undmg"; rev = "v${version}"; - sha256 = "1pxqw92h2w75d4jwiihwnkhnsfk09cddh3flgrqwh9r3ry14fgbb"; - + sha256 = "0rb4h89jrl04vwf6p679ipa4mp95hzmc1ca11wqbanv3xd1kcpxm"; }; - buildInputs = [ zlib bzip2 ]; + nativeBuildInputs = [ pkg-config ]; + + buildInputs = [ zlib bzip2 lzfse ]; setupHook = ./setup-hook.sh; diff --git a/nixpkgs/pkgs/tools/archivers/undmg/setup-hook.sh b/nixpkgs/pkgs/tools/archivers/undmg/setup-hook.sh index e5c8dda23b6..bc7ed76107e 100644 --- a/nixpkgs/pkgs/tools/archivers/undmg/setup-hook.sh +++ b/nixpkgs/pkgs/tools/archivers/undmg/setup-hook.sh @@ -1,5 +1,5 @@ unpackCmdHooks+=(_tryUnpackDmg) _tryUnpackDmg() { if ! [[ "$curSrc" =~ \.dmg$ ]]; then return 1; fi - undmg < "$curSrc" + undmg "$curSrc" } diff --git a/nixpkgs/pkgs/tools/archivers/wimlib/default.nix b/nixpkgs/pkgs/tools/archivers/wimlib/default.nix index da01602cca4..51f75ee923d 100644 --- a/nixpkgs/pkgs/tools/archivers/wimlib/default.nix +++ b/nixpkgs/pkgs/tools/archivers/wimlib/default.nix @@ -8,7 +8,7 @@ }: stdenv.mkDerivation rec { - version = "1.13.1"; + version = "1.13.2"; pname = "wimlib"; nativeBuildInputs = [ pkgconfig makeWrapper ]; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://wimlib.net/downloads/${pname}-${version}.tar.gz"; - sha256 = "0pxgrpr3dr81rcf2jh71aiiq3v4anc5sj1nld18f2vhvbijbrx27"; + sha256 = "0id9ym3hzij4kpdrk0sz3ijxp5r0z1md5jch83pml9hdy1zbx5bj"; }; preBuild = '' |