gnu: file: Update to 5.37 [fixes CVE-2019-18218].

* gnu/packages/file.scm (file): Update to 5.37.
* gnu/packages/patches/file-CVE-2019-18218.patch: New file.
* gnu/packages/patches/file-CVE-2018-10360.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.

1 files changed, 0 insertions, 27 deletions

diff --git a/gnu/packages/patches/file-CVE-2018-10360.patch b/gnu/packages/patches/file-CVE-2018-10360.patch
deleted file mode 100644
index 9285611c04..0000000000
--- a/gnu/packages/patches/file-CVE-2018-10360.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22.patch
-The leading part of the patch starting at line 27 was trimmed off.
-This patch should be OK to drop with file@5.35.
-
-From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001
-From: Christos Zoulas <christos@zoulas.com>
-Date: Sat, 9 Jun 2018 16:00:06 +0000
-Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis)
-
----
- src/readelf.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/readelf.c b/src/readelf.c
-index 79c83f9f5..1f41b4611 100644
---- a/src/readelf.c
-+++ b/src/readelf.c
-@@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
- 
- 				cname = (unsigned char *)
- 				    &nbuf[doff + prpsoffsets(i)];
--				for (cp = cname; *cp && isprint(*cp); cp++)
-+				for (cp = cname; cp < nbuf + size && *cp
-+				    && isprint(*cp); cp++)
- 					continue;
- 				/*
- 				 * Linux apparently appends a space at the end