summaryrefslogtreecommitdiff
path: root/gnu/packages/flex.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-03-07 22:37:58 -0500
committerLeo Famulari <leo@famulari.name>2017-03-08 00:07:07 -0500
commitaac67f210df820e84cdd380dc061e417ebd2154e (patch)
treea80e04b0532a9a27fb84b404e10fc69097e29a1d /gnu/packages/flex.scm
parent093c6f8bc734246491530e58b363fbdd6782f439 (diff)
downloadguix-patches-aac67f210df820e84cdd380dc061e417ebd2154e.tar
guix-patches-aac67f210df820e84cdd380dc061e417ebd2154e.tar.gz
gnu: Add flex-2.6.1.
* gnu/packages/flex.scm (flex-2.6.1): New variable.
Diffstat (limited to 'gnu/packages/flex.scm')
-rw-r--r--gnu/packages/flex.scm17
1 files changed, 17 insertions, 0 deletions
diff --git a/gnu/packages/flex.scm b/gnu/packages/flex.scm
index 2d31660f3e..1470b967da 100644
--- a/gnu/packages/flex.scm
+++ b/gnu/packages/flex.scm
@@ -85,3 +85,20 @@ regular expressions for each rule. Whenever it finds a match, it
executes the corresponding C code.")
(license (non-copyleft "file://COPYING"
"See COPYING in the distribution."))))
+
+;;; Many packages fail to build with flex > 2.6.1, due to this bug in flex:
+;;; <https://github.com/westes/flex/issues/162>
+;;; We must not use a flex before 2.6.1, due to CVE-2016-6354.
+;;; TODO Try using flex > 2.6.3.
+(define-public flex-2.6.1
+ (package
+ (inherit flex)
+ (version "2.6.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/westes/flex"
+ "/releases/download/v" version "/"
+ "flex-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0gqhk4vkwy4gl9xbpgkljph8c0a5kpijz6wd0p5r9q202qn42yic"))))))
generated by cgit v1.2.3 (git 2.44.0) at 2024-05-19 20:10:51 +0000