diff options
| author | Leo Famulari <leo@famulari.name> | 2018-01-10 01:04:19 -0800 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2018-01-11 14:13:17 -0800 |
| commit | 138c08899ba73049de8afd2b74a8cf6845a1d9e1 (patch) | |
| tree | 0e7dd7ca0be3498a7b1b5a9b48f1e2361b0107a2 /gnu/packages/xiph.scm | |
| parent | ce577655a3829a64014afcd520c8405114443d89 (diff) | |
| download | gnu-guix-138c08899ba73049de8afd2b74a8cf6845a1d9e1.tar gnu-guix-138c08899ba73049de8afd2b74a8cf6845a1d9e1.tar.gz | |
gnu: libvorbis: Fix CVE-2017-{14632,14633}.
* gnu/packages/patches/libvorbis-CVE-2017-14632.patch,
gnu/packages/patches/libvorbis-CVE-2017-14633.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/xiph.scm (libvorbis)[replacement]: New field.
(libvorbis/fixed): New variable.
Diffstat (limited to 'gnu/packages/xiph.scm')
| -rw-r--r-- | gnu/packages/xiph.scm | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/gnu/packages/xiph.scm b/gnu/packages/xiph.scm index 9277f57ad4..e9ab06de42 100644 --- a/gnu/packages/xiph.scm +++ b/gnu/packages/xiph.scm @@ -79,6 +79,7 @@ periodic timestamps for seeking.") (define libvorbis (package (name "libvorbis") + (replacement libvorbis/fixed) (version "1.3.5") (source (origin (method url-fetch) @@ -102,6 +103,14 @@ polyphonic) audio and music at fixed and variable bitrates from 16 to "See COPYING in the distribution.")) (home-page "http://xiph.org/vorbis/"))) +(define libvorbis/fixed + (package + (inherit libvorbis) + (source (origin + (inherit (package-source libvorbis)) + (patches (search-patches "libvorbis-CVE-2017-14633.patch" + "libvorbis-CVE-2017-14632.patch")))))) + (define libtheora (package (name "libtheora") |