diff --git a/gnu/local.mk b/gnu/local.mk index ca15f3096d..6426673539 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -807,7 +807,6 @@ dist_patch_DATA = \ %D%/packages/patches/findutils-localstatedir.patch \ %D%/packages/patches/findutils-makedev.patch \ %D%/packages/patches/findutils-test-xargs.patch \ - %D%/packages/patches/flac-CVE-2017-6888.patch \ %D%/packages/patches/flann-cmake-3.11.patch \ %D%/packages/patches/flint-ldconfig.patch \ %D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \ diff --git a/gnu/packages/patches/flac-CVE-2017-6888.patch b/gnu/packages/patches/flac-CVE-2017-6888.patch deleted file mode 100644 index d2583201b4..0000000000 --- a/gnu/packages/patches/flac-CVE-2017-6888.patch +++ /dev/null @@ -1,29 +0,0 @@ -https://git.xiph.org/?p=flac.git;a=patch;h=4f47b63e9c971e6391590caf00a0f2a5ed612e67 - -From 4f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo -Date: Sat, 8 Apr 2017 18:34:49 +1000 -Subject: [PATCH] stream_decoder.c: Fix a memory leak - -Leak reported by Secunia Research. ---- - src/libFLAC/stream_decoder.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c -index 14d5fe7f..a5527511 100644 ---- a/src/libFLAC/stream_decoder.c -+++ b/src/libFLAC/stream_decoder.c -@@ -1753,6 +1753,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre - } - memset (obj->comments[i].entry, 0, obj->comments[i].length) ; - if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) { -+ /* Current i-th entry is bad, so we delete it. */ -+ free (obj->comments[i].entry) ; -+ obj->comments[i].entry = NULL ; - obj->num_comments = i; - goto skip; - } --- -2.11.0 - diff --git a/gnu/packages/xiph.scm b/gnu/packages/xiph.scm index 804cfd39a7..bac6ac0d4d 100644 --- a/gnu/packages/xiph.scm +++ b/gnu/packages/xiph.scm @@ -235,15 +235,14 @@ It currently supports: (define flac (package (name "flac") - (version "1.3.2") + (version "1.3.3") (source (origin (method url-fetch) (uri (string-append "https://downloads.xiph.org/releases/flac/flac-" version ".tar.xz")) (sha256 (base32 - "0gymm2j3276kr9nz6vmgfwsdfrq6c449n40a0mzz8h6wc7nw7kwi")) - (patches (search-patches "flac-CVE-2017-6888.patch")))) + "0j0p9sf56a2fm2hkjnf7x3py5ir49jyavg4q5zdyd7bcf6yq4gi1")))) (build-system gnu-build-system) (arguments `(#:parallel-tests? #f))