From e14ab0ad070b4eafa19fc1df81b7b5c3de1dc1b2 Mon Sep 17 00:00:00 2001
From: Ludovic Courtès <ludo@gnu.org>
Date: Mon, 18 Sep 2017 15:41:03 +0200
Subject: gnu: httpd: Patch "options bleed" [fixes CVE-2017-9798].

* gnu/packages/patches/httpd-CVE-2017-9798.patch: New file.
* gnu/packages/web.scm (httpd)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
---
 gnu/packages/web.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/web.scm')

diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 72892ffe22..6c9316a401 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -107,7 +107,8 @@
                                  version ".tar.bz2"))
              (sha256
               (base32
-               "0fn1778mxhf78np2d8qlycg1c2ak18rxax41plahasca4clc3z3i"))))
+               "0fn1778mxhf78np2d8qlycg1c2ak18rxax41plahasca4clc3z3i"))
+             (patches (search-patches "httpd-CVE-2017-9798.patch"))))
     (build-system gnu-build-system)
     (native-inputs `(("pcre" ,pcre "bin")))       ;for 'pcre-config'
     (inputs `(("apr" ,apr)
-- 
cgit v1.2.3