aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/xorg.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-11-28 17:58:21 +0100
committerMarius Bakke <mbakke@fastmail.com>2017-11-29 12:53:08 +0100
commit1ec0b7407f27a12adc6978d98832c41226465101 (patch)
treeb8de725e599310db714da9ff3c7ef525a255dacc /gnu/packages/xorg.scm
parent4fc61dac3ce201c72b312a6cfed5b3d4b96850f7 (diff)
downloadguix-1ec0b7407f27a12adc6978d98832c41226465101.tar
guix-1ec0b7407f27a12adc6978d98832c41226465101.tar.gz
gnu: libxfont@2: Update replacement to 2.0.3 [fixes CVE-2017-16611].
* gnu/packages/xorg.scm (libxfont2/fixed): Rename to ... (libxfont2-2.0.3): ... this. Make public. [version]: New field. [source]: Add URI and SHA256. Remove patches. (libxfont2)[replacement]: Change LIBXFONT2/FIXED to LIBXFONT2-2.0.3. * gnu/packages/patches/libxfont-CVE-2017-13720.patch, gnu/packages/patches/libxfont-CVE-2017-13722.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/xorg.scm')
-rw-r--r--gnu/packages/xorg.scm16
1 files changed, 12 insertions, 4 deletions
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 1c1ddd4bf1..8c32608f8f 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -4892,7 +4892,7 @@ new API's in libXft, or the legacy API's in libX11.")
(package
(inherit libxfont)
(version "2.0.1")
- (replacement libxfont2/fixed)
+ (replacement libxfont2-2.0.3)
(source (origin
(method url-fetch)
(uri (string-append "mirror://xorg/individual/lib/libXfont2-"
@@ -4901,14 +4901,22 @@ new API's in libXft, or the legacy API's in libX11.")
(base32
"0znvwk36nhmyqpmhbm9mzisgixp1mp5qkfald8x1n5yxbm3vpyz9"))))))
-(define libxfont2/fixed
+;; Fixes the following security vulnerabilities:
+;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13720
+;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13722
+;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16612
+(define-public libxfont2-2.0.3
(package
(inherit libxfont2)
+ (version "2.0.3")
(source
(origin
(inherit (package-source libxfont2))
- (patches (search-patches "libxfont-CVE-2017-13720.patch"
- "libxfont-CVE-2017-13722.patch"))))))
+ (uri (string-append "mirror://xorg/individual/lib/libXfont2-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0klwmimmhm3axpj8pwn5l41lbggh47r5aazhw63zxkbwfgyvg2hf"))))))
(define-public libxi
(package