aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/xml.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-12-24 19:09:03 -0500
committerLeo Famulari <leo@famulari.name>2016-12-24 19:19:32 -0500
commit0c83c6bf2669367e81012391b5bc4ab0406ffbf3 (patch)
treee761872313d0116b9a887103ea8f00a7e18c1832 /gnu/packages/xml.scm
parentdaa481f59ac1ac96d8632a01b1aac208d67988d8 (diff)
downloadguix-0c83c6bf2669367e81012391b5bc4ab0406ffbf3.tar
guix-0c83c6bf2669367e81012391b5bc4ab0406ffbf3.tar.gz
gnu: libxml2: Fix CVE-2016-4658.
* gnu/packages/xml.scm (libxml2)[replacement]: New field. (libxml2/fixed): New variable. * gnu/packages/patches/libxml2-CVE-2016-4658.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
Diffstat (limited to 'gnu/packages/xml.scm')
-rw-r--r--gnu/packages/xml.scm9
1 files changed, 9 insertions, 0 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 594a1a471c..d821338b52 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -74,6 +74,7 @@ things the parser might find in the XML document (like start tags).")
(define-public libxml2
(package
(name "libxml2")
+ (replacement libxml2/fixed)
(version "2.9.4")
(source (origin
(method url-fetch)
@@ -101,6 +102,14 @@ things the parser might find in the XML document (like start tags).")
project (but it is usable outside of the Gnome platform).")
(license license:x11)))
+(define libxml2/fixed
+ (package
+ (inherit libxml2)
+ (source
+ (origin
+ (inherit (package-source libxml2))
+ (patches (search-patches "libxml2-CVE-2016-4658.patch"))))))
+
(define-public python-libxml2
(package (inherit libxml2)
(name "python-libxml2")