aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/compression.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-08-27 19:39:21 -0400
committerLeo Famulari <leo@famulari.name>2017-08-27 19:51:45 -0400
commit9baa969758557857a4c8614278b59db9786ae1eb (patch)
tree31a66bbc91f0d1ac2b687ddeef26f5e1b1fe9e9a /gnu/packages/compression.scm
parent152fc9594ebe85c2ba76bb679d7b56945dcbe648 (diff)
downloadgnu-guix-9baa969758557857a4c8614278b59db9786ae1eb.tar
gnu-guix-9baa969758557857a4c8614278b59db9786ae1eb.tar.gz
gnu: libzip: Fix CVE-2017-12858.
* gnu/packages/patches/libzip-CVE-2017-12858.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/compression.scm (libzip)[source]: Use it.
Diffstat (limited to 'gnu/packages/compression.scm')
-rw-r--r--gnu/packages/compression.scm1
1 files changed, 1 insertions, 0 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 0a97ba7e60..4e316e0b5a 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1525,6 +1525,7 @@ manipulate, read, and write Zip archive files.")
(method url-fetch)
(uri (string-append
"https://nih.at/libzip/libzip-" version ".tar.gz"))
+ (patches (search-patches "libzip-CVE-2017-12858.patch"))
(sha256
(base32
"17vxj2ffsxwh8lkc6801ppmwj15jp8q58rin76znxfbx88789ybc"))))