aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/compression.scm
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2022-08-08 19:13:07 +0300
committerEfraim Flashner <efraim@flashner.co.il>2022-08-08 19:21:45 +0300
commit5e009a88746bf3c20b29626a8671055c47a42bd0 (patch)
tree514012154dfb0cc5a7566abfa42979b284ed01ea /gnu/packages/compression.scm
parentb8424f0cddd6be29a51b778790dd5a4ca10007c4 (diff)
downloadguix-5e009a88746bf3c20b29626a8671055c47a42bd0.tar
guix-5e009a88746bf3c20b29626a8671055c47a42bd0.tar.gz
gnu: unzip: Patch for CVE-2022-0529 and CVE-2022-0530.
* gnu/packages/compression.scm (unzip)[replacement]: New field. (unzip/fixed): New variable. * gnu/packages/patches/unzip-CVE-2022-0529+CVE-2022-0530.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
Diffstat (limited to 'gnu/packages/compression.scm')
-rw-r--r--gnu/packages/compression.scm10
1 files changed, 10 insertions, 0 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index e5bc3813c5..6854bcafe4 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1768,6 +1768,7 @@ Compression ratios of 2:1 to 3:1 are common for text files.")
(package (inherit zip)
(name "unzip")
(version "6.0")
+ (replacement unzip/fixed)
(source
(origin
(method url-fetch)
@@ -1850,6 +1851,15 @@ recreates the stored directory structure by default.")
(license (license:non-copyleft "file://LICENSE"
"See LICENSE in the distribution."))))
+(define unzip/fixed
+ (package (inherit unzip)
+ (source
+ (origin
+ (inherit (package-source unzip))
+ (patches (append
+ (origin-patches (package-source unzip))
+ (search-patches "unzip-CVE-2022-0529+CVE-2022-0530.patch")))))))
+
(define-public ziptime
(let ((commit "2a5bc9dfbf7c6a80e5f7cb4dd05b4036741478bc")
(revision "0"))
generated by cgit v1.2.3 (git 2.25.4) at 2024-07-03 06:24:33 +0000