amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: expat: Fix CVE-2016-0718. Improve fix for CVE-2015-1283.

Browse source 
* gnu/packages/patches/expat-CVE-2015-1283-refix.patch,
gnu/packages/patches/expat-CVE-2016-0718.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/xml.scm (expat)[replacement]: New field.
(expat/fixed): New variable.
[source]: Use new patches.
This commit is contained in:
Leo Famulari 2016-05-18 13:26:17 -04:00
parent 9684e30b9b
commit 119b83989d
No known key found for this signature in database
GPG key ID: 2646FA30BACA7F08
4 changed files with 816 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
gnu/packages/xml.scm
View file

@ -7,6 +7,7 @@
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2015 Raimon Grau <raimonster@gmail.com>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
@ -44,6 +45,7 @@
(define-public expat
(package
(name "expat")
(replacement expat/fixed)
(version "2.1.0")
(source (origin
(method url-fetch)
@ -62,6 +64,15 @@ stream-oriented parser in which an application registers handlers for
things the parser might find in the XML document (like start tags).")
(license license:expat)))
(define expat/fixed
(package
(inherit expat)
(source (origin
(inherit (package-source expat))
(patches (search-patches "expat-CVE-2015-1283.patch"
"expat-CVE-2015-1283-refix.patch"
"expat-CVE-2016-0718.patch"))))))
(define-public libxml2
(package
(name "libxml2")