diff options
author | Jack Hill <jackhill@jackhill.us> | 2019-07-10 16:23:03 -0400 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2019-07-12 00:39:01 +0200 |
commit | 5a836ce38c9c29e9c2bd306007347486b90c5064 (patch) | |
tree | ebc96aa474b77590be1871d2a75d941513c9b163 /gnu/packages/xml.scm | |
parent | f85c8dd8aec96869d7b56e2e926d2e2e758da1cf (diff) | |
download | guix-5a836ce38c9c29e9c2bd306007347486b90c5064.tar guix-5a836ce38c9c29e9c2bd306007347486b90c5064.tar.gz |
gnu: expat: fix CVE-2018-20843
* gnu/packages/xml.scm (expat)[replacement]: New field.
(expat/fixed): New variable.
* gnu/packages/patches/expat-CVE-2018-20843.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add patch file.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
Diffstat (limited to 'gnu/packages/xml.scm')
-rw-r--r-- | gnu/packages/xml.scm | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index e3260be103..0cd9319c95 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -66,6 +66,7 @@ (define-public expat (package (name "expat") + (replacement expat/fixed) (version "2.2.6") (source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c)))) (origin @@ -88,6 +89,14 @@ stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags).") (license license:expat))) +(define expat/fixed + (package + (inherit expat) + (source + (origin + (inherit (package-source expat)) + (patches (search-patches "expat-CVE-2018-20843.patch")))))) + (define-public libebml (package (name "libebml") |