From f5255ed3d3689c793b87939d30df7e2e3443b004 Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Mon, 17 Feb 2020 04:55:47 +0100
Subject: gnu: upx: Update to 3.96.

* gnu/packages/compression.scm (upx): Update to 3.96.
[source]: Remove patch.
[arguments]: Remove CHECK_WHITESPACE work-around.
[properties]: Remove obsolete hidden CVE.
* gnu/packages/patches/upx-fix-CVE-2017-15056.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/packages/compression.scm | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

(limited to 'gnu/packages/compression.scm')

diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index a65e320a9b..3f4b99bfcf 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1903,15 +1903,14 @@ decompression is a little bit slower.")
 (define-public upx
   (package
     (name "upx")
-    (version "3.94")
+    (version "3.96")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://github.com/upx/upx/releases/download/v"
                                  version "/upx-" version "-src.tar.xz"))
              (sha256
               (base32
-               "08anybdliqsbsl6x835iwzljahnm9i7v26icdjkcv33xmk6p5vw1"))
-             (patches (search-patches "upx-fix-CVE-2017-15056.patch"))))
+               "051pk5jk8fcfg5mpgzj43z5p4cn7jy5jbyshyn78dwjqr7slsxs7"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("perl" ,perl)))
@@ -1920,10 +1919,7 @@ decompression is a little bit slower.")
        ("zlib" ,zlib)))
     (arguments
      `(#:make-flags
-       (list "all"
-             ;; CHECK_WHITESPACE does not seem to work.
-             ;; See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/upx.
-             "CHECK_WHITESPACE=true")
+       (list "all")
        #:phases
        (modify-phases %standard-phases
          (delete 'configure)
@@ -1945,11 +1941,6 @@ decompression is a little bit slower.")
              #t))
          )))
     (home-page "https://upx.github.io/")
-    ;; CVE-2017-16869 is about Mach-O files which is not of a big concern for Guix.
-    ;; See https://github.com/upx/upx/issues/146 and
-    ;; https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-16869.
-    ;; The issue will be fixed after version 3.94.
-    (properties `((lint-hidden-cve . ("CVE-2017-16869"))))
     (synopsis "Compression tool for executables")
     (description
      "The Ultimate Packer for eXecutables (UPX) is an executable file
-- 
cgit v1.2.3