(address . guix-patches@gnu.org)(name . Greg Hogan)(address . code@greghogan.com)
20230322135514.169558-1-code@greghogan.com
[staging PATCH 0/4] Update hdf5.
- Done
Details
- 2 participants
- Greg Hogan
- Maxim Cournoyer
- Owner
- unassigned
- Submitted by
- Greg Hogan
- Severity
- normal
G
G
[staging PATCH 1/4] gnu: hdf5@1.8: Update to 1.8.23.
(address . 62380@debbugs.gnu.org)(name . Greg Hogan)(address . code@greghogan.com)
20230322135711.181552-1-code@greghogan.com
* gnu/packages/maths.scm (hdf5-1.8): Update to 1.8.23.
---
gnu/packages/maths.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Toggle diff (24 lines)
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 1492753223..512a9d7be2 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -1389,7 +1389,7 @@ (define-public hdf4-alt
(define-public hdf5-1.8
(package
(name "hdf5")
- (version "1.8.22")
+ (version "1.8.23")
(source
(origin
(method url-fetch)
@@ -1404,7 +1404,7 @@ (define-public hdf5-1.8
(string-append major minor)))
"/src/hdf5-" version ".tar.bz2")))
(sha256
- (base32 "194ki2s5jrgl4czkvy5nc9nwjyapah0fj72l0gb0aysplp38i6v8"))
+ (base32 "0km65mr6dgk4ia2dqr1b9dzw9qg15j5z35ymbys9cnny51z1zb39"))
(patches (search-patches "hdf5-config-date.patch"))))
(build-system gnu-build-system)
(inputs
--
2.40.0
G
[staging PATCH 2/4] gnu: hdf5@1.10: Update to 1.10.9.
(address . 62380@debbugs.gnu.org)(name . Greg Hogan)(address . code@greghogan.com)
20230322135711.181552-2-code@greghogan.com
* gnu/packages/maths.scm (hdf5-1.10): Update to 1.10.9.
---
gnu/packages/maths.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Toggle diff (24 lines)
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 512a9d7be2..e6ce7ee045 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -1514,7 +1514,7 @@ (define-public hdf5-1.8
(define-public hdf5-1.10
(package
(inherit hdf5-1.8)
- (version "1.10.7")
+ (version "1.10.9")
(source
(origin
(method url-fetch)
@@ -1528,7 +1528,7 @@ (define-public hdf5-1.10
(take (string-split version #\.) 2))
"/src/hdf5-" version ".tar.bz2")))
(sha256
- (base32 "0pm5xxry55i0h7wmvc7svzdaa90rnk7h78rrjmnlkz2ygsn8y082"))
+ (base32 "14gih7kmjx4h3lc7pg4fwcl28hf1qqkf2x7rljpxqvzkjrqbxi00"))
(patches (search-patches "hdf5-config-date.patch"))))))
(define-public hdf5-1.12
--
2.40.0
G
[staging PATCH 3/4] gnu: hdf5@1.12: Update to 1.12.2.
(address . 62380@debbugs.gnu.org)(name . Greg Hogan)(address . code@greghogan.com)
20230322135711.181552-3-code@greghogan.com
* gnu/packages/maths.scm (hdf5-1.12): Update to 1.12.2.
---
gnu/packages/maths.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Toggle diff (24 lines)
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index e6ce7ee045..451a861e95 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -1534,7 +1534,7 @@ (define-public hdf5-1.10
(define-public hdf5-1.12
(package
(inherit hdf5-1.8)
- (version "1.12.1")
+ (version "1.12.2")
(source
(origin
(method url-fetch)
@@ -1548,7 +1548,7 @@ (define-public hdf5-1.12
(take (string-split version #\.) 2))
"/src/hdf5-" version ".tar.bz2")))
(sha256
- (base32 "074g3z504xf77ff38igs30i1aqxpm508p7yw78ykva7dncrgbyda"))
+ (base32 "1zlawdzb0gsvcxif14fwr5ap2gk4b6j02wirr2hcx8hkcbivp20s"))
(patches (search-patches "hdf5-config-date.patch"))))))
(define-public hdf5
--
2.40.0
G
[staging PATCH 4/4] gnu: Add hdf5@1.14.
(address . 62380@debbugs.gnu.org)(name . Greg Hogan)(address . code@greghogan.com)
20230322135711.181552-4-code@greghogan.com
* gnu/packages/maths.scm (hdf5-1.14): New variable.
---
gnu/packages/maths.scm | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
Toggle diff (33 lines)
diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 451a861e95..d6d3658445 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -1551,6 +1551,26 @@ (define-public hdf5-1.12
(base32 "1zlawdzb0gsvcxif14fwr5ap2gk4b6j02wirr2hcx8hkcbivp20s"))
(patches (search-patches "hdf5-config-date.patch"))))))
+(define-public hdf5-1.14
+ (package
+ (inherit hdf5-1.8)
+ (version "1.14.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "https://support.hdfgroup.org/ftp/HDF5/releases/"
+ "hdf5-" (version-major+minor version)
+ "/hdf5-" version "/src/hdf5-"
+ version ".tar.bz2")
+ (string-append "https://support.hdfgroup.org/ftp/HDF5/"
+ "current"
+ (apply string-append
+ (take (string-split version #\.) 2))
+ "/src/hdf5-" version ".tar.bz2")))
+ (sha256
+ (base32 "181bdh8hp7v9xqwcby3lknr92lxlicc2hqscba3f5nhf8lrr9rz4"))
+ (patches (search-patches "hdf5-config-date.patch"))))))
+
(define-public hdf5
;; Default version of HDF5.
hdf5-1.10)
--
2.40.0
M
Re: bug#62380: [staging PATCH 0/4] Update hdf5.
(name . Greg Hogan)(address . code@greghogan.com)(address . 62380-done@debbugs.gnu.org)
87fs9ly516.fsf_-_@gmail.com
Hello,
I've installed the series to staging. It seems it could have also been
on the limit to go to master, so in the future feel free to submit for
master.
Something we should look into is hide the (false positive, I assume?)
CVEs reported by guix lint:
Toggle snippet (5 lines)
gnu/packages/maths.scm:1390:2: hdf5@1.8.23: probably vulnerable to CVE-2020-10809, CVE-2020-10810, CVE-2020-10811, CVE-2020-10812
gnu/packages/maths.scm:1515:2: hdf5@1.10.9: probably vulnerable to CVE-2020-10809, CVE-2020-10810, CVE-2020-10811, CVE-2020-10812
gnu/packages/maths.scm:1535:2: hdf5@1.12.2: probably vulnerable to CVE-2021-37501
This can be done by adding lint-hidden-cve properties, with explanatory comments.
--
Thanks,
Maxim
Closed
?