aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2016-08-17 19:10:16 -0400
committerMark H Weaver <mhw@netris.org>2016-08-17 19:24:56 -0400
commit67f5adbae657f40e595051bd4bd7a7b9d744a09c (patch)
treed6484ca620a1a234101bffd14007568747935abb
parent90e20240e38f41c42cd34e432e825e2410992b20 (diff)
downloadguix-67f5adbae657f40e595051bd4bd7a7b9d744a09c.tar
guix-67f5adbae657f40e595051bd4bd7a7b9d744a09c.tar.gz
gnu: libgcrypt: Replace with 1.7.3 [fixes CVE-2016-6316].
* gnu/packages/gnupg.scm (libgcrypt)[replacement]: New field. (libgcrypt-1.7.3): New variable.
-rw-r--r--gnu/packages/gnupg.scm14
1 files changed, 14 insertions, 0 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index ae741962e4..27de7bc417 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -74,6 +74,7 @@ Daemon and possibly more in the future.")
(define-public libgcrypt
(package
(name "libgcrypt")
+ (replacement libgcrypt-1.7.3)
(version "1.7.0")
(source (origin
(method url-fetch)
@@ -107,6 +108,19 @@ generation.")
(properties '((ftp-server . "ftp.gnupg.org")
(ftp-directory . "/gcrypt/libgcrypt")))))
+(define-public libgcrypt-1.7.3
+ (package
+ (inherit libgcrypt)
+ (source
+ (let ((version "1.7.3"))
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0wbh6fq5zi9wg2xcfvfpwh7dv52jihivx1vm4h91c2kx0w8n3b6x")))))))
+
(define-public libgcrypt-1.5
(package (inherit libgcrypt)
(replacement libgcrypt-1.5.6)