diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-10-23 19:43:02 +0200 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-10-23 19:58:48 +0200 |
commit | 3f4ea9a62b5fa68d57724b2f83c35a191e33b7c8 (patch) | |
tree | 89c23778ff146795ad9924e8582622cc2a5f76fe /gnu/packages/avahi.scm | |
parent | dff0eedb04ac7c61fc1e2ddd4cd577f83f5eb89a (diff) | |
download | guix-3f4ea9a62b5fa68d57724b2f83c35a191e33b7c8.tar guix-3f4ea9a62b5fa68d57724b2f83c35a191e33b7c8.tar.gz |
gnu: avahi: Fix CVE-2018-1000845 and duplicate CVE-2017-6519.
* gnu/packages/avahi.scm (avahi/fixed): New variable.
(avahi)[replacement]: Use it.
* gnu/packages/patches/avahi-CVE-2018-1000845.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Diffstat (limited to 'gnu/packages/avahi.scm')
-rw-r--r-- | gnu/packages/avahi.scm | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/gnu/packages/avahi.scm b/gnu/packages/avahi.scm index e71ffc2982..408be8ed57 100644 --- a/gnu/packages/avahi.scm +++ b/gnu/packages/avahi.scm @@ -35,6 +35,7 @@ (package (name "avahi") (version "0.7") + (replacement avahi/fixed) (home-page "http://avahi.org") (source (origin (method url-fetch) @@ -74,6 +75,16 @@ network. It is an implementation of the mDNS (for \"Multicast DNS\") and DNS-SD (for \"DNS-Based Service Discovery\") protocols.") (license lgpl2.1+))) +(define avahi/fixed + (package/inherit avahi + (source (origin + (inherit (package-source avahi)) + (patches + (append (search-patches "avahi-CVE-2018-1000845.patch") + (origin-patches (package-source avahi)))))) + ;; Hide a duplicate of the CVE fixed above. + (properties `((lint-hidden-cve . ("CVE-2017-6519")))))) + (define-public nss-mdns (package (name "nss-mdns") |