diff options
author | Leo Famulari <leo@famulari.name> | 2017-10-08 21:54:56 -0400 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2017-10-09 13:30:01 -0400 |
commit | 719f353405886822676da20b873e5fd452a1bc3b (patch) | |
tree | b8926099e943af238f6d6d7eb06b7ce0a18911cf /gnu | |
parent | adf0c531a845fb03c92e1f28e26e5c31adb95e4a (diff) | |
download | guix-719f353405886822676da20b873e5fd452a1bc3b.tar guix-719f353405886822676da20b873e5fd452a1bc3b.tar.gz |
gnu: mit-krb5: Replace with 1.15.2 [fixes CVE-2017-{11368,11462}].
* gnu/packages/kerberos.scm (mit-krb5)[replacement]: New field.
(mit-krb5-1.15.2): New variable.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/packages/kerberos.scm | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm index 48b2204190..801b4e44a9 100644 --- a/gnu/packages/kerberos.scm +++ b/gnu/packages/kerberos.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> -;;; Copyright © 2016 Leo Famulari <leo@famulari.name> +;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2012, 2013 Nikita Karetnikov <nikita@karetnikov.org> ;;; Copyright © 2012, 2017 Ludovic Courtès <ludo@gnu.org> @@ -46,6 +46,7 @@ (define-public mit-krb5 (package (name "mit-krb5") + (replacement mit-krb5-1.15.2) (version "1.15.1") (source (origin (method url-fetch) @@ -93,6 +94,19 @@ cryptography.") (home-page "http://web.mit.edu/kerberos/") (properties '((cpe-name . "kerberos"))))) +(define mit-krb5-1.15.2 ; CVE-2017-{11368,11462} + (package + (inherit mit-krb5) + (version "1.15.2") + (source (origin + (method url-fetch) + (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" + (version-major+minor version) + "/krb5-" version ".tar.gz")) + (sha256 + (base32 + "0zn8s7anb10hw3nzwjz7vg10fgmmgvwnibn2zrn3nppjxn9f6f8n")))))) + (define-public shishi (package (name "shishi") |