On Sun, Feb 11, 2018, at 3:08 PM, Marius Bakke wrote:
> Leo Famulari <l...@famulari.name> writes:
> 
> >> From a28e82e1e3d480d5edf374cea062536d4c8d6d82 Mon Sep 17 00:00:00 2001
> >> From: Marius Bakke <mba...@fastmail.com>
> >> Date: Sun, 11 Feb 2018 11:46:27 +0100
> >> Subject: [PATCH] gnu: libreoffice: Update to 5.4.5.1 [CVE-2018-6871].
> >> 
> >> * gnu/packages/check.scm (cppunit-1.14): New public variable.
> >> * gnu/packages/libreoffice.scm (xmlsec-src-libreoffice): Remove variable.
> >> (libreoffice): Update to 5.4.5.1.
> >> [native-inputs]: Change CPPUNIT to CPPUNIT-1.14.
> >> [inputs]: Add GPGME and XMLSEC-NSS.  Remove XMLSEC-SRC-LIBREOFFICE.  
> >> Replace
> >> LIBJPEG with LIBJPEG-TURBO.
> >> [arguments]: Remove xmlsec code from PREPARE-SRC-PHASE.  Make sure GPGME++
> >> headers are found.  Add workaround for <https://bugs.gentoo.org/641812>.  
> >> Add
> >> "--disable-pdfium" to #:configure-flags.
> >> * gnu/packages/xml.scm (xmlsec-nss): New public variable.
> >
> > The only change I suggest is to remove the obsolete comment at the
> > beginning of libreoffice's native-inputs about the xmlsec tarball.
> 
> Good catch.  It seems the autoconf and automake inputs are no longer
> required.  But I unfortunately spoke too soon earlier, it failed very
> late in the build:
> 
> [build CMP] filter/source/xsltdialog/xsltdlg
> ld: cannot find -lltdl
> collect2: error: ld returned 1 exit status
> make[1]: *** [/tmp/guix-build-libreoffice-5.4.5.1.drv-0/
> libreoffice-5.4.5.1/xmlsecurity/Library_xsec_xmlsec.mk:10: /tmp/guix-
> build-libreoffice-5.4.5.1.drv-0/libreoffice-5.4.5.1/instdir/program/
> libxsec_xmlsec.so] Error 1
> make[1]: *** Waiting for unfinished jobs....
> make: *** [Makefile:269: build] Error 2
> phase `build' failed after 2114.1 seconds
> 
> I've attached a revised patch that adds libltdl, and removes the
> automake inputs.  However, I have to leave now, so could you please
> verify that it works and push?  I can provide moral support on #guix if
> nothing else :-)
> 
> TIA!

Never mind, it was actually completed by the time I packed up.
 I pushed it (and fixed the merge conflict in xml.scm, sorry about that!).

Thanks for staying on top of the never-ending CVE stream :-)



Reply via email to