From b04ee227a47419291391a2b6e857e41ed1c32155 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 12 Feb 2023 01:00:04 +0100 Subject: gnu: nss: Graft to fix CVE-2023-0767. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/nss.scm (nss-next): Update to 3.88.1. (nss): Add a replacement field pointing to… (nss/fixed): …this new variable, based on nss-next. --- gnu/packages/nss.scm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index c06807c808..60247f34a2 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -123,6 +123,7 @@ (define-public nspr-next (define-public nss (package (name "nss") + (replacement nss/fixed) ;; Also update and test the nss-certs package, which duplicates version and ;; source to avoid a top-level variable reference & module cycle. (version "3.81") @@ -259,3 +260,8 @@ (define-public nss-next (base32 "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7")))) (propagated-inputs (list nspr-next)))) ;required by nss.pc + +(define nss/fixed + (package + (inherit nss-next) + (version "3.88"))) ; slight inaccuracy to allow grafting -- cgit v1.2.3