From 6e4f18cfdd1bf747e77f81b64497f1c05f57a057 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Wed, 8 Jun 2016 13:29:32 -0400
Subject: gnu: libxml2: Add fix for CVE-2016-1762.

* gnu/packages/patches/libxml2-CVE-2016-1762.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (libxml2/fixed)[source]: Add patch.
---
 gnu/packages/xml.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/xml.scm')

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index dc5c60dca8..40ff3e6b4b 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -116,7 +116,8 @@ project (but it is usable outside of the Gnome platform).")
                              version ".tar.gz"))
          (sha256
           (base32
-           "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz")))))))
+           "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz"))
+         (patches (search-patches "libxml2-CVE-2016-1762.patch")))))))
 
 (define-public python-libxml2
   (package (inherit libxml2)
-- 
cgit v1.2.3


From 993b400acb24344d399857010177e7ecaab847b7 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Wed, 8 Jun 2016 18:17:13 -0400
Subject: Revert "gnu: libxml2: Add fix for CVE-2016-1762."

This reverts commit 6e4f18cfdd1bf747e77f81b64497f1c05f57a057.
---
 gnu/packages/xml.scm | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'gnu/packages/xml.scm')

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 40ff3e6b4b..dc5c60dca8 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -116,8 +116,7 @@ project (but it is usable outside of the Gnome platform).")
                              version ".tar.gz"))
          (sha256
           (base32
-           "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz"))
-         (patches (search-patches "libxml2-CVE-2016-1762.patch")))))))
+           "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz")))))))
 
 (define-public python-libxml2
   (package (inherit libxml2)
-- 
cgit v1.2.3


From 436dd0463668361476a448d88f6e8653981a7346 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Thu, 9 Jun 2016 13:02:11 -0400
Subject: gnu: expat: Fix CVE-2012-6702 and CVE-2016-5300.

* gnu/packages/patches/expat-CVE-2012-6702-and-CVE-2016-5300.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (expat/fixed): Use it.
---
 gnu/packages/xml.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/xml.scm')

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index dc5c60dca8..d5967f7966 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -69,7 +69,8 @@ things the parser might find in the XML document (like start tags).")
     (inherit expat)
     (source (origin
               (inherit (package-source expat))
-              (patches (search-patches "expat-CVE-2015-1283.patch"
+              (patches (search-patches "expat-CVE-2012-6702-and-CVE-2016-5300.patch"
+                                       "expat-CVE-2015-1283.patch"
                                        "expat-CVE-2015-1283-refix.patch"
                                        "expat-CVE-2016-0718.patch"))))))
 
-- 
cgit v1.2.3


From e4aab734875a40f991b6ecba1247be6fc248f15f Mon Sep 17 00:00:00 2001
From: Ricardo Wurmus <rekado@elephly.net>
Date: Mon, 6 Jun 2016 14:33:58 +0200
Subject: gnu: xmlsec: Enable gnutls support.

* gnu/packages/xml.scm (xmlsec)[native-inputs]: Add pkg-config.
---
 gnu/packages/xml.scm | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'gnu/packages/xml.scm')

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index d5967f7966..e62bfa7e54 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -3,7 +3,7 @@
 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
-;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2015 Raimon Grau <raimonster@gmail.com>
@@ -40,7 +40,8 @@
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system perl)
   #:use-module (guix build-system python)
-  #:use-module (gnu packages linux))
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages pkg-config))
 
 (define-public expat
   (package
@@ -636,6 +637,8 @@ XSL-T processor.  It also performs any necessary post-processing.")
      `(("gnutls" ,gnutls)
        ("libgcrypt" ,libgcrypt)
        ("libltdl" ,libltdl)))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)))
     (home-page "http://www.libexpat.org/")
     (synopsis "XML Security Library")
     (description
-- 
cgit v1.2.3