diff options
author | Efraim Flashner <efraim@flashner.co.il> | 2020-03-04 10:15:06 +0200 |
---|---|---|
committer | Efraim Flashner <efraim@flashner.co.il> | 2020-03-04 10:52:52 +0200 |
commit | 790b66e34fd81cdda246361303072065e6339c97 (patch) | |
tree | 5ce27aeeea0f79b91e3f0bcf4f77039cd3f6d842 /gnu/packages/compression.scm | |
parent | cc51c03ff867d4633505354819c6d88af88bf919 (diff) | |
download | patches-790b66e34fd81cdda246361303072065e6339c97.tar patches-790b66e34fd81cdda246361303072065e6339c97.tar.gz |
gnu: zziplib: Fix CVE-2018-16548.
* gnu/packages/compression.scm (zziplib)[replacement]: New field.
(zziplib/fixed): New private variable.
* gnu/packages/patches/zziplib-CVE-2018-16548.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
Diffstat (limited to 'gnu/packages/compression.scm')
-rw-r--r-- | gnu/packages/compression.scm | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index ee10bd03ce..6463b50735 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1584,6 +1584,7 @@ recreates the stored directory structure by default.") (package (name "zziplib") (version "0.13.69") + (replacement zziplib/fixed) (home-page "https://github.com/gdraheim/zziplib") (source (origin (method git-fetch) @@ -1621,6 +1622,13 @@ recreates the stored directory structure by default.") ;; files carry the Zlib license; see "docs/copying.html" for details. (license (list license:lgpl2.0+ license:mpl1.1)))) +(define zziplib/fixed + (package + (inherit zziplib) + (source (origin + (inherit (package-source zziplib)) + (patches (search-patches "zziplib-CVE-2018-16548.patch")))))) + (define-public libzip (package (name "libzip") |