aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/xorg.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-12-05 23:41:30 +0100
committerMarius Bakke <mbakke@fastmail.com>2017-12-05 23:41:30 +0100
commit77181815ae70cf573b6fa390a4400b718835aa8a (patch)
tree731ccaaccc7a69ddc90f04bb71a6a39aa5f3be5a /gnu/packages/xorg.scm
parente3f9406b7c4b3b1afe3dd6affb7f7898434d607a (diff)
parent35377cfa908340e51fd22af7369aef15499d4a36 (diff)
downloadguix-77181815ae70cf573b6fa390a4400b718835aa8a.tar
guix-77181815ae70cf573b6fa390a4400b718835aa8a.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/xorg.scm')
-rw-r--r--gnu/packages/xorg.scm35
1 files changed, 33 insertions, 2 deletions
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index adf2dffff8..4ea0fcd5e2 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -4855,7 +4855,7 @@ an X Window System display.")
(define-public libxfont
(package
(name "libxfont")
- (version "1.5.3")
+ (version "1.5.4")
(source
(origin
(method url-fetch)
@@ -4865,7 +4865,7 @@ an X Window System display.")
".tar.bz2"))
(sha256
(base32
- "1l4k3i3xzqdmaszykh6bb2ah78p6c3z7fak7xzgq2d38s87w31db"))))
+ "0hiji1bvpl78aj3a3141hkk353aich71wv8l5l2z51scfy878zqs"))))
(build-system gnu-build-system)
(propagated-inputs
`(("fontsproto" ,fontsproto)
@@ -4892,6 +4892,7 @@ new API's in libXft, or the legacy API's in libX11.")
(package
(inherit libxfont)
(version "2.0.2")
+ (replacement libxfont2-2.0.3)
(source (origin
(method url-fetch)
(uri (string-append "mirror://xorg/individual/lib/libXfont2-"
@@ -4900,6 +4901,23 @@ new API's in libXft, or the legacy API's in libX11.")
(base32
"04f1lswh1ridkycgaivf1hrr77l5ap8smbfr2rqjrm7phwxqs24l"))))))
+;; Fixes the following security vulnerabilities:
+;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13720
+;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13722
+;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16612
+(define-public libxfont2-2.0.3
+ (package
+ (inherit libxfont2)
+ (version "2.0.3")
+ (source
+ (origin
+ (inherit (package-source libxfont2))
+ (uri (string-append "mirror://xorg/individual/lib/libXfont2-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0klwmimmhm3axpj8pwn5l41lbggh47r5aazhw63zxkbwfgyvg2hf"))))))
+
(define-public libxi
(package
(name "libxi")
@@ -5297,6 +5315,7 @@ draggable titlebars and borders.")
(package
(name "libxcursor")
(version "1.1.14")
+ (replacement libxcursor-1.1.15)
(source
(origin
(method url-fetch)
@@ -5329,6 +5348,18 @@ draggable titlebars and borders.")
(description "Xorg Cursor management library.")
(license license:x11)))
+;; For CVE-2017-16612.
+(define-public libxcursor-1.1.15
+ (package
+ (inherit libxcursor)
+ (version "1.1.15")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://xorg/individual/lib/libXcursor-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0syzlfvh29037p0vnlc8f3jxz8nl55k65blswsakklkwsc6nfki9"))))))
(define-public libxt
(package