aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarius Bakke <marius@gnu.org>2022-08-10 09:50:02 +0200
committerMarius Bakke <marius@gnu.org>2022-08-10 09:52:52 +0200
commit924a78b1148e8a433178c6e9737e0029691b0022 (patch)
treedb818082756232fc2c684254ad423535a9b9c3a2
parent2111a4eee7441213156e9df04dd141cf19d91fdc (diff)
downloadguix-924a78b1148e8a433178c6e9737e0029691b0022.tar
guix-924a78b1148e8a433178c6e9737e0029691b0022.tar.gz
gnu: aspell: Fix CVE-2019-25051 with a graft.
This partially reverts commit 468c95e9415bc303cfa36c9b67bbd2ce0abe904b in order to prevent rebuilding 2k+ packages via 'inkscape'. * gnu/packages/aspell.scm (aspell)[replacement]: New field. [source](patches): Remove "aspell-CVE-2019-25051.patch". (aspell/replacement): New private variable.
-rw-r--r--gnu/packages/aspell.scm14
1 files changed, 12 insertions, 2 deletions
diff --git a/gnu/packages/aspell.scm b/gnu/packages/aspell.scm
index d2737ee79a..ec0dafbc7a 100644
--- a/gnu/packages/aspell.scm
+++ b/gnu/packages/aspell.scm
@@ -47,6 +47,7 @@
(package
(name "aspell")
(version "0.60.8")
+ (replacement aspell/replacement)
(source
(origin
(method url-fetch)
@@ -55,8 +56,7 @@
(sha256
(base32
"1wi60ankalmh8ds7nplz434jd7j94gdvbahdwsr539rlad8pxdzr"))
- (patches (search-patches "aspell-default-dict-dir.patch"
- "aspell-CVE-2019-25051.patch"))))
+ (patches (search-patches "aspell-default-dict-dir.patch"))))
(build-system gnu-build-system)
(arguments
`(#:phases
@@ -93,6 +93,16 @@ documents written in the UTF-8 encoding and its ability to use multiple
dictionaries, including personal ones.")
(license lgpl2.1+)))
+;; Replacement package with security fixes.
+(define aspell/replacement
+ (package
+ (inherit aspell)
+ (source
+ (origin
+ (inherit (package-source aspell))
+ (patches (append (origin-patches (package-source aspell))
+ (search-patches "aspell-CVE-2019-25051.patch")))))))
+
;;;
;;; Dictionaries.
;;;