aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/gnuzilla.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2015-08-12 17:41:15 -0400
committerMark H Weaver <mhw@netris.org>2015-08-12 20:37:44 -0400
commitc037a0f7ce79d8d67e08694ae20e407b1280d84e (patch)
tree60e6810db94ef46a96682ed2bd80acdec23b5fff /gnu/packages/gnuzilla.scm
parentf74c577ce08399106a7ed4abe1b7d26e82fefd10 (diff)
downloadguix-c037a0f7ce79d8d67e08694ae20e407b1280d84e.tar
guix-c037a0f7ce79d8d67e08694ae20e407b1280d84e.tar.gz
gnu: icecat: Add fixes for CVE-2015-{4473,4482,4488,4489,4491,4492}.
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable to backport some of the patches (for upstream bugs 1182711 and 1146213). I was also unable to backport CVE-2015-4484 (upstream bug 1171540) and CVE-2015-4487 (upstream bug 1171603). I was unable to find any commit in the upstream repository that claims to address bug 1105914 (CVE-2015-4478). * gnu/packages/patches/icecat-CVE-2015-4473-partial.patch, gnu/packages/patches/icecat-CVE-2015-4482.patch, gnu/packages/patches/icecat-CVE-2015-4488.patch, gnu/packages/patches/icecat-CVE-2015-4489.patch, gnu/packages/patches/icecat-CVE-2015-4491.patch, gnu/packages/patches/icecat-CVE-2015-4492.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
Diffstat (limited to 'gnu/packages/gnuzilla.scm')
-rw-r--r--gnu/packages/gnuzilla.scm8
1 files changed, 7 insertions, 1 deletions
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 0200039f5c..bfd1f5dc7b 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -240,7 +240,13 @@ standards.")
(sha256
(base32
"11wx29mb5pcg4mgk07a6vjwh52ca90k0x4m9wv0v3y5dmp88f01p"))
- (patches (map search-patch '("icecat-CVE-2015-4495.patch"
+ (patches (map search-patch '("icecat-CVE-2015-4473-partial.patch"
+ "icecat-CVE-2015-4482.patch"
+ "icecat-CVE-2015-4488.patch"
+ "icecat-CVE-2015-4489.patch"
+ "icecat-CVE-2015-4491.patch"
+ "icecat-CVE-2015-4492.patch"
+ "icecat-CVE-2015-4495.patch"
"icecat-enable-acceleration-and-webgl.patch"
"icecat-freetype-2.6.patch"
"icecat-libvpx-1.4.patch")))