From cd65d600ac6e8701ef9c54f5d09a45cd6c149949 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sat, 26 Nov 2016 15:03:06 -0500
Subject: gnu: cyrus-sasl: Fix CVE-2013-4122.

* gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field.
(cyrus-sasl/fixed): New variable.
[source]: Use patch.
---
 gnu/packages/cyrus-sasl.scm | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'gnu/packages/cyrus-sasl.scm')

diff --git a/gnu/packages/cyrus-sasl.scm b/gnu/packages/cyrus-sasl.scm
index 99ff1e228e..89a4a49797 100644
--- a/gnu/packages/cyrus-sasl.scm
+++ b/gnu/packages/cyrus-sasl.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -30,6 +31,7 @@
 (define-public cyrus-sasl
   (package
    (name "cyrus-sasl")
+   (replacement cyrus-sasl/fixed)
    (version "2.1.26")
    (source (origin
             (method url-fetch)
@@ -64,3 +66,10 @@ server writers.")
    (license (license:non-copyleft "file://COPYING"
                                   "See COPYING in the distribution."))
    (home-page "http://cyrusimap.web.cmu.edu")))
+
+(define cyrus-sasl/fixed
+  (package
+    (inherit cyrus-sasl)
+    (source (origin
+              (inherit (package-source cyrus-sasl))
+              (patches (search-patches "cyrus-sasl-CVE-2013-4122.patch"))))))
-- 
cgit v1.2.3