From c2c93abd18c37f438006cded8124ff0a32a0e4a7 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 28 Mar 2022 00:03:35 -0400 Subject: gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032]. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://seclists.org/oss-sec/2022/q1/191 * gnu/packages/compression.scm (zlib)[replacement]: New field. (zlib-1.2.12): New variable. --- gnu/packages/compression.scm | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'gnu') diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index 82b93e23b2..223283eeb4 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -103,6 +103,7 @@ (define-module (gnu packages compression) (define-public zlib (package (name "zlib") + (replacement zlib-1.2.12) (version "1.2.11") (source (origin @@ -164,6 +165,21 @@ (define-public zlib in compression.") (license license:zlib))) +(define-public zlib-1.2.12 + (package + (inherit zlib) + (version "1.2.12") + (source + (origin + (method url-fetch) + (uri (list (string-append "http://zlib.net/zlib-" + version ".tar.gz") + (string-append "mirror://sourceforge/libpng/zlib/" + version "/zlib-" version ".tar.gz"))) + (sha256 + (base32 + "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i")))))) + (define-public minizip (package (name "minizip") -- cgit v1.2.3