diff options
| author | Klaus Aehlig <klaus.aehlig@huawei.com> | 2024-04-02 10:12:03 +0200 |
|---|---|---|
| committer | Klaus Aehlig <klaus.aehlig@huawei.com> | 2024-04-02 10:16:09 +0200 |
| commit | 568da4f568f4efb48c2f35e5003df9aeeafe7f07 (patch) | |
| tree | a61183988a0a6691f9b32d1f4c033db40a05322b | |
| parent | c82ad4d012157d06095b80dce1abf5f635714eb1 (diff) | |
| download | justbuild-568da4f568f4efb48c2f35e5003df9aeeafe7f07.tar.gz | |
Revert "third-party: Update lzma to v5.6.1"
This reverts commit 0db6f248a04f5a23102b4208c1f28b3633c6ef8a.
We have our own build description for lzma, hence we are likely not
affected by CVE-2024-3094. Nevertheless, we should not encourage the
use or distribution of an archive that contains a known backdoor.
Reverting this commit also points us to a mirror that is still
fetchable.
| -rw-r--r-- | etc/import/TARGETS.lzma | 2 | ||||
| -rw-r--r-- | etc/import/src/liblzma/check/TARGETS.lzma | 2 | ||||
| -rw-r--r-- | etc/repos.json | 10 |
3 files changed, 7 insertions, 7 deletions
diff --git a/etc/import/TARGETS.lzma b/etc/import/TARGETS.lzma index 9e402a4e..8c25dc3d 100644 --- a/etc/import/TARGETS.lzma +++ b/etc/import/TARGETS.lzma @@ -176,7 +176,7 @@ , "then": ["-DHAVE_LZIP_DECODER"] } , [ "-DHAVE_CLOCK_GETTIME" - , "-DHAVE_CLOCK_MONOTONIC" + , "-DHAVE_DECL_CLOCK_MONOTONIC" , "-DHAVE_PTHREAD_CONDATTR_SETCLOCK" , "-DTUKLIB_SYMBOL_PREFIX=lzma_" , "-DHAVE_FUNC_ATTRIBUTE_CONSTRUCTOR" diff --git a/etc/import/src/liblzma/check/TARGETS.lzma b/etc/import/src/liblzma/check/TARGETS.lzma index 01dc3ef4..da930c24 100644 --- a/etc/import/src/liblzma/check/TARGETS.lzma +++ b/etc/import/src/liblzma/check/TARGETS.lzma @@ -4,7 +4,7 @@ , "hdrs": { "type": "++" , "$1": - [ ["check.h", "crc_common.h", "crc_x86_clmul.h"] + [ ["check.h", "crc_macros.h"] , { "type": "if" , "cond": {"type": "var", "name": "ENABLE_SMALL"} , "then": [] diff --git a/etc/repos.json b/etc/repos.json index eaedf303..ea441b42 100644 --- a/etc/repos.json +++ b/etc/repos.json @@ -341,11 +341,11 @@ , "lzma": { "repository": { "type": "archive" - , "content": "c2429460d7a0ed583a93cc3267ed4127d1179f36" - , "fetch": "https://github.com/tukaani-project/xz/releases/download/v5.6.1/xz-5.6.1.tar.gz" - , "sha256": "2398f4a8e53345325f44bdd9f0cc7401bd9025d736c6d43b372f4dea77bf75b8" - , "sha512": "8af100eb83288f032e4813be2bf8de7d733c8761f77f078776c1391709241ad8fe3192d107664786e2543677915c5eeb3fe7add5c53b48b50c10a9de7c9f4fda" - , "subdir": "xz-5.6.1" + , "content": "6dae9322046ff66b7074c33b24be9a98f5cee42a" + , "fetch": "https://github.com/xz-mirror/xz/archive/refs/tags/v5.4.0.tar.gz" + , "sha256": "26ec069c41e5dfae221825b9f28a4934cb6ce3bedd3f55bc0a08073f7c2e42fd" + , "sha512": "60aba20197d329a1e0d86b32de8a9727a98e5ff6f1eda6111c5ddf85086edeefcf9e2cc3998d237e248bf4af7cf746923b45d236e6b47d88f63cf3d57cae9e8f" + , "subdir": "xz-5.4.0" } , "target_root": "import targets" , "target_file_name": "TARGETS.lzma" |