From 91675d50824065cc03304d5bdef5212ceb1ce92d Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 18 Dec 2017 22:37:41 +0200 Subject: gnu: rsync: Patch CVE-2017-{16548,17433,17434}. * gnu/packages/rsync.scm (rsync)[source]: Add patches. [properties]: Mark CVE-2017-15994 as not relevant. * gnu/packages/patches/rsync-CVE-2017-16548.patch, gnu/packages/patches/rsync-CVE-2017-17433.patch, gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch, gnu/packages/patches/rsync-CVE-2017-17434-pt1.patch, gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them. --- gnu/packages/rsync.scm | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'gnu/packages/rsync.scm') diff --git a/gnu/packages/rsync.scm b/gnu/packages/rsync.scm index dba4e89a05..d7fc188af2 100644 --- a/gnu/packages/rsync.scm +++ b/gnu/packages/rsync.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013 Andreas Enge ;;; Copyright © 2016 Mark H Weaver +;;; Copyright © 2017 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -38,7 +39,15 @@ version ".tar.gz")) (sha256 (base32 - "1hm1q04hz15509f0p9bflw4d6jzfvpm1d36dxjwihk1wzakn5ypc")))) + "1hm1q04hz15509f0p9bflw4d6jzfvpm1d36dxjwihk1wzakn5ypc")) + (patches (search-patches "rsync-CVE-2017-16548.patch" + "rsync-CVE-2017-17433.patch" + "rsync-CVE-2017-17433-fix-tests.patch" + "rsync-CVE-2017-17434-pt1.patch" + "rsync-CVE-2017-17434-pt2.patch" + )) + )) + (properties `((lint-hidden-cve . ("CVE-2017-15994")))) ; introduced after 3.1.2 (build-system gnu-build-system) (inputs `(("perl" ,perl) ("acl" ,acl))) -- cgit v1.2.3