From ae953ead0faf115e5d16f15b48a3c2316228a8f7 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Sat, 11 Feb 2017 19:12:10 +0100
Subject: gnu: spice: Fix CVE-2016-9577 and CVE-2016-9578.

* gnu/packages/patches/spice-CVE-2016-9577.patch,
  gnu/packages/patches/spice-CVE-2016-9578-1.patch,
  gnu/packages/patches/spice-CVE-2016-9578-2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/spice.scm (spice)[source]: Use them.
---
 gnu/packages/spice.scm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/spice.scm')

diff --git a/gnu/packages/spice.scm b/gnu/packages/spice.scm
index 9600905848..5a6188e032 100644
--- a/gnu/packages/spice.scm
+++ b/gnu/packages/spice.scm
@@ -208,7 +208,11 @@ which allows users to view a desktop computing environment.")
                 "spice-" version ".tar.bz2"))
               (sha256
                (base32
-                "0za03i77j8i3g5l2np2j7vy8cqsdbkm9wbv4hjnaqq9xhz2sa0gr"))))
+                "0za03i77j8i3g5l2np2j7vy8cqsdbkm9wbv4hjnaqq9xhz2sa0gr"))
+              (patches
+               (search-patches "spice-CVE-2016-9577.patch"
+                               "spice-CVE-2016-9578-1.patch"
+                               "spice-CVE-2016-9578-2.patch"))))
     (build-system gnu-build-system)
     (propagated-inputs
       `(("openssl" ,openssl)
-- 
cgit v1.2.3