aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2020-03-03 09:21:17 +0200
committerEfraim Flashner <efraim@flashner.co.il>2020-03-03 09:21:17 +0200
commit23f33de151368f52832fd96048b342bd1a6e8c74 (patch)
tree8457999a78d214af85e30ac660f59772f1798686 /gnu
parent3276e123920c2547d537efdcd080b813ba72ce0f (diff)
downloadguix-23f33de151368f52832fd96048b342bd1a6e8c74.tar
guix-23f33de151368f52832fd96048b342bd1a6e8c74.tar.gz
gnu: librsvg: Fix CVE-2019-20446.
* gnu/packages/gnome.scm (librsvg)[replacement]: New field. (librsvg/fixed): New private variable.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/gnome.scm15
1 files changed, 15 insertions, 0 deletions
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index ff262d1fa8..7cfe35d3f0 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -2074,6 +2074,7 @@ dealing with different structured file formats.")
(define-public librsvg
(package
+ (replacement "librsvg/fixed")
(name "librsvg")
(version "2.40.20")
(source (origin
@@ -2138,6 +2139,20 @@ dealing with different structured file formats.")
library.")
(license license:lgpl2.0+)))
+(define librsvg/fixed
+ (package
+ (inherit librsvg)
+ (name "librsvg")
+ (version "2.40.21")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnome/sources/" name "/"
+ (version-major+minor version) "/"
+ name "-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1fljkag2gr7c4k5mn798lgf9903xslz8h51bgvl89nnay42qjqpp"))))))
+
(define* (computed-origin-method gexp-promise hash-algo hash
#:optional (name "source")
#:key (system (%current-system))