From df2dd07b880432a0205dd399fede6dee5b9af76b Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Thu, 26 May 2016 22:29:24 -0400
Subject: gnu: libxml2: Update replacement to 2.9.4 [security fixes].

This fixes CVE-2016-{1762, 1833, 1834, 1835, 1836, 1837, 1838, 1839,
1840, 3627, 3705, 4483}.

* gnu/packages/patches/libxml2-CVE-2016-3627.patch,
gnu/packages/patches/libxml2-CVE-2016-3705.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/xml.scm (libxml2/fixed): Update to 2.9.4.
[source]: Remove patches.
---
 gnu/packages/xml.scm | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'gnu/packages/xml.scm')

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 782e356a70..dc5c60dca8 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -107,10 +107,16 @@ project (but it is usable outside of the Gnome platform).")
 (define libxml2/fixed
   (package
     (inherit libxml2)
-    (source (origin
-              (inherit (package-source libxml2))
-              (patches (search-patches "libxml2-CVE-2016-3627.patch"
-                                       "libxml2-CVE-2016-3705.patch"))))))
+    (source
+     (let ((name "libxml2")
+           (version "2.9.4"))
+       (origin
+         (method url-fetch)
+         (uri (string-append "ftp://xmlsoft.org/libxml2/libxml2-"
+                             version ".tar.gz"))
+         (sha256
+          (base32
+           "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz")))))))
 
 (define-public python-libxml2
   (package (inherit libxml2)
-- 
cgit v1.2.3