~ruther/guix-local: gnu: libxslt: Replace with 1.1.29 [fixes CVE-2016-{1683,1684}].

3ebba94d45e4cc9c5242f812b29c826904506b02 — Mark H Weaver 9 years ago cb1436d

gnu: libxslt: Replace with 1.1.29 [fixes CVE-2016-{1683,1684}].

* gnu/packages/xml.scm (libxslt)[replacement]: New field.
(libxslt/fixed): New variable.

patch browse .tar.gz

1 files changed, 15 insertions(+), 1 deletions(-)

M gnu/packages/xml.scm

M gnu/packages/xml.scm => gnu/packages/xml.scm +15 -1

@@ 4,7 4,7 @@
 ;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
 ;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2015 Raimon Grau <raimonster@gmail.com>
 ;;; Copyright © 2016 Leo Famulari <leo@famulari.name>


@@ 154,6 154,7 @@ project (but it is usable outside of the Gnome platform).")
   (package
     (name "libxslt")
     (version "1.1.28")
+    (replacement libxslt/fixed)  ; CVE-2016-1683 and CVE-2016-1684
     (source (origin
              (method url-fetch)
              (uri (string-append "ftp://xmlsoft.org/libxslt/libxslt-"


@@ 174,6 175,19 @@ project (but it is usable outside of the Gnome platform).")
 based on libxml for XML parsing, tree manipulation and XPath support.")
     (license license:x11)))
 
+(define-public libxslt/fixed
+  (package
+    (inherit libxslt)
+    (source
+     (let ((version "1.1.29"))
+       (origin
+         (method url-fetch)
+         (uri (string-append "ftp://xmlsoft.org/libxslt/libxslt-"
+                             version ".tar.gz"))
+         (sha256
+          (base32
+           "1klh81xbm9ppzgqk339097i39b7fnpmlj8lzn8bpczl3aww6x5xm")))))))
+
 (define-public perl-xml-parser
   (package
     (name "perl-xml-parser")