aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/zip.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2014-12-30 14:46:21 -0500
committerMark H Weaver <mhw@netris.org>2014-12-30 14:48:13 -0500
commite5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0 (patch)
treee033809b82b840dc259b7d1a430cf32edb17b02a /gnu/packages/zip.scm
parentc7bdc7ece5650be75314dc302f3cdcf02806857b (diff)
downloadgnu-guix-e5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0.tar
gnu-guix-e5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0.tar.gz
gnu: unzip: Add fixes for CVE-2014-{8139,8140,8141}.
* gnu/packages/patches/unzip-CVE-2014-8139.patch, gnu/packages/patches/unzip-CVE-2014-8140.patch, gnu/packages/patches/unzip-CVE-2014-8141.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/zip.scm (unzip): Add patches.
Diffstat (limited to 'gnu/packages/zip.scm')
-rw-r--r--gnu/packages/zip.scm5
1 files changed, 4 insertions, 1 deletions
diff --git a/gnu/packages/zip.scm b/gnu/packages/zip.scm
index 29ab555ae4..230907becb 100644
--- a/gnu/packages/zip.scm
+++ b/gnu/packages/zip.scm
@@ -79,7 +79,10 @@ Compression ratios of 2:1 to 3:1 are common for text files.")
(uri (string-append "mirror://sourceforge/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/unzip60.tar.gz"))
(sha256
(base32
- "0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"))))
+ "0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"))
+ (patches (list (search-patch "unzip-CVE-2014-8139.patch")
+ (search-patch "unzip-CVE-2014-8140.patch")
+ (search-patch "unzip-CVE-2014-8141.patch")))))
(build-system gnu-build-system)
;; no inputs; bzip2 is not supported, since not compiled with BZ_NO_STDIO
(arguments