aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2022-03-28 00:03:35 -0400
committerLeo Famulari <leo@famulari.name>2023-01-04 12:54:39 -0500
commitc2c93abd18c37f438006cded8124ff0a32a0e4a7 (patch)
tree25c71001c018e9e0a49a6cd85e0c5e19af969657
parent5fd9d3ba82faddf8393027655d4a10a1562dac47 (diff)
downloadguix-c2c93abd18c37f438006cded8124ff0a32a0e4a7.tar
guix-c2c93abd18c37f438006cded8124ff0a32a0e4a7.tar.gz
gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://seclists.org/oss-sec/2022/q1/191 * gnu/packages/compression.scm (zlib)[replacement]: New field. (zlib-1.2.12): New variable.
-rw-r--r--gnu/packages/compression.scm16
1 files changed, 16 insertions, 0 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 82b93e23b2..223283eeb4 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -103,6 +103,7 @@
(define-public zlib
(package
(name "zlib")
+ (replacement zlib-1.2.12)
(version "1.2.11")
(source
(origin
@@ -164,6 +165,21 @@ independent of the input data and can be reduced, if necessary, at some cost
in compression.")
(license license:zlib)))
+(define-public zlib-1.2.12
+ (package
+ (inherit zlib)
+ (version "1.2.12")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "http://zlib.net/zlib-"
+ version ".tar.gz")
+ (string-append "mirror://sourceforge/libpng/zlib/"
+ version "/zlib-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i"))))))
+
(define-public minizip
(package
(name "minizip")