diff options
| author | Nicolas Graves <ngraves@ngraves.fr> | 2024-10-25 09:39:45 +0200 |
|---|---|---|
| committer | Andreas Enge <andreas@enge.fr> | 2024-10-28 10:06:42 +0100 |
| commit | 386399296a48c3ee34b9cc8d2fe08c95635a77af (patch) | |
| tree | 42d5ae23378af3c613b77923a31de62a9d6e69dd /gnu/packages/compression.scm | |
| parent | 3566cabecc0337f64b8a3e2ef276a93d99f440c7 (diff) | |
| download | guix-386399296a48c3ee34b9cc8d2fe08c95635a77af.tar guix-386399296a48c3ee34b9cc8d2fe08c95635a77af.tar.gz | |
gnu: libtar: Patch CVEs. [security fixes]
This fixes CVE-2021-33643, CVE-2021-33644, CVE-2021-33645,
CVE-2021-33646.
* gnu/packages/compression.scm (libtar)[source]<patches>: Add patches
here...
* gnu/local.mk (dist_patch_DATA): ...and here.
* gnu/packages/patches/libtar-CVE-2021-33643-CVE-2021-33644.patch,
gnu/packages/patches/libtar-CVE-2021-33645-CVE-2021-33646.patch: New files.
Signed-off-by: Andreas Enge <andreas@enge.fr>
Change-Id: I60a6b753fddc1a0d08f96010ef3d57ec66c2251b
Diffstat (limited to 'gnu/packages/compression.scm')
| -rw-r--r-- | gnu/packages/compression.scm | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index d35666c13f..97696ff0ef 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -240,7 +240,10 @@ the @code{zlib} source.") (sha256 (base32 "02cihzl77ia0dcz7z2cga2412vyhhs5pa2355q4wpwbyga2lrwjh")) - (patches (search-patches "libtar-CVE-2013-4420.patch")))) + (patches + (search-patches "libtar-CVE-2013-4420.patch" + "libtar-CVE-2021-33643-CVE-2021-33644.patch" + "libtar-CVE-2021-33645-CVE-2021-33646.patch")))) (build-system gnu-build-system) (arguments `(#:tests? #f)) ; no "check" target (native-inputs |