diff options
author | Mark H Weaver <mhw@netris.org> | 2020-06-02 14:05:46 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2020-06-02 14:05:46 -0400 |
commit | 7bc396bf353c5550c49b3f8791b34072ba417d90 (patch) | |
tree | d205b805297d2346fff6a4aabbdf2d536a7b98b5 /gnu/packages/nss.scm | |
parent | 8f7cf3b50cda98afab1bef89bef2d6c01aa2b626 (diff) | |
download | guix-7bc396bf353c5550c49b3f8791b34072ba417d90.tar guix-7bc396bf353c5550c49b3f8791b34072ba417d90.tar.gz |
gnu: nss: Fix CVE-2020-12399 via graft.
* gnu/packages/patches/nss-CVE-2020-12399.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/nss.scm (nss/fixed): New variable.
(nss)[replacement]: Add field.
Diffstat (limited to 'gnu/packages/nss.scm')
-rw-r--r-- | gnu/packages/nss.scm | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index e423bdd3a2..887860157d 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -73,6 +73,7 @@ in the Mozilla clients.") (package (name "nss") (version "3.50") + (replacement nss/fixed) (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -191,3 +192,11 @@ applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.") (license license:mpl2.0))) + +(define nss/fixed + (package + (inherit nss) + (source (origin + (inherit (package-source nss)) + (patches (append (search-patches "nss-CVE-2020-12399.patch") + (origin-patches (package-source nss)))))))) |