From e99dd67ad8634cbfa62a3e6996f03c6d73487e53 Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Mon, 30 May 2016 06:04:46 +0300
Subject: gnu: libtar: Fix CVE-2013-4420.

* gnu/packages/compression.scm (libtar)[source]: Add patch.
* gnu/packages/patches/libtar-CVE-2013-4420.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.

This is a follow-up to 89d80159b1da81c4017b46a575c3ec5dd9a96c90.
---
 gnu/packages/compression.scm | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/compression.scm')

diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 8148ecb070..5746ca3e03 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -34,6 +34,7 @@
   #:use-module (guix git-download)
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system perl)
+  #:use-module (gnu packages)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages backup)
   #:use-module (gnu packages base)
@@ -122,7 +123,8 @@ utility.  Instead of being written in Java, FastJar is written in C.")
                      version ".orig.tar.gz")))
             (sha256
              (base32
-              "02cihzl77ia0dcz7z2cga2412vyhhs5pa2355q4wpwbyga2lrwjh"))))
+              "02cihzl77ia0dcz7z2cga2412vyhhs5pa2355q4wpwbyga2lrwjh"))
+            (patches (search-patches "libtar-CVE-2013-4420.patch"))))
    (build-system gnu-build-system)
    (arguments
     `(#:tests? #f ;no "check" target
-- 
cgit v1.2.3