From 2a0e3d163581f053138508b0d40a28e07dc37923 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Wed, 20 Dec 2017 19:39:59 -0500
Subject: gnu: libarchive: Fix CVE-2017-14502.

* gnu/packages/patches/libarchive-CVE-2017-14502.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/backup.scm (libarchive-3.3.2)[source]: Use it.
---
 gnu/packages/backup.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/backup.scm')

diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index e634d6ab96..fab71d055a 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -253,7 +253,8 @@ random access nor for in-place modification.")
        (method url-fetch)
        (uri (string-append "http://libarchive.org/downloads/libarchive-"
                            version ".tar.gz"))
-       (patches (search-patches "libarchive-CVE-2017-14166.patch"))
+       (patches (search-patches "libarchive-CVE-2017-14166.patch"
+                                "libarchive-CVE-2017-14502.patch"))
        (sha256
         (base32
          "1km0mzfl6in7l5vz9kl09a88ajx562rw93ng9h2jqavrailvsbgd"))))))
-- 
cgit v1.2.3