~ruther/guix-local: gnu: libxcursor: Replace with 1.1.15 [fixes CVE-2017-16612].

4fc61dac3ce201c72b312a6cfed5b3d4b96850f7 — Marius Bakke 8 years ago 0e7fb0c

gnu: libxcursor: Replace with 1.1.15 [fixes CVE-2017-16612].

* gnu/packages/xorg.scm (libxcursor-1.1.15): New public variable.
(libxcursor)[replacement]: New field.

patch browse .tar.gz .zip

1 files changed, 13 insertions(+), 0 deletions(-)

M gnu/packages/xorg.scm

M gnu/packages/xorg.scm => gnu/packages/xorg.scm +13 -0

@@ 5307,6 5307,7 @@ draggable titlebars and borders.")
   (package
     (name "libxcursor")
     (version "1.1.14")
+    (replacement libxcursor-1.1.15)
     (source
       (origin
         (method url-fetch)


@@ 5339,6 5340,18 @@ draggable titlebars and borders.")
     (description "Xorg Cursor management library.")
     (license license:x11)))
 
+;; For CVE-2017-16612.
+(define-public libxcursor-1.1.15
+  (package
+    (inherit libxcursor)
+    (version "1.1.15")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://xorg/individual/lib/libXcursor-"
+                                  version ".tar.bz2"))
+              (sha256
+               (base32
+                "0syzlfvh29037p0vnlc8f3jxz8nl55k65blswsakklkwsc6nfki9"))))))
 
 (define-public libxt
   (package