~ruther/guix-local: gnu: libgcrypt@1.5: Replace with 1.5.6 [fixes CVE-2016-6316].

90e20240e38f41c42cd34e432e825e2410992b20 — Mark H Weaver 9 years ago 2557131

gnu: libgcrypt@1.5: Replace with 1.5.6 [fixes CVE-2016-6316].

* gnu/packages/gnupg.scm (libgcrypt-1.5)[replacement]: New field.
(libgcrypt-1.5.6): New variable.

patch browse .tar.gz

1 files changed, 14 insertions(+), 0 deletions(-)

M gnu/packages/gnupg.scm

M gnu/packages/gnupg.scm => gnu/packages/gnupg.scm +14 -0

@@ 109,6 109,7 @@ generation.")
 
 (define-public libgcrypt-1.5
   (package (inherit libgcrypt)
+    (replacement libgcrypt-1.5.6)
     (version "1.5.4")
     (source
      (origin


@@ 119,6 120,19 @@ generation.")
        (base32
         "0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))
 
+(define-public libgcrypt-1.5.6
+  (package
+    (inherit libgcrypt-1.5)
+    (source
+     (let ((version "1.5.6"))
+       (origin
+         (method url-fetch)
+         (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+                             version ".tar.bz2"))
+         (sha256
+          (base32
+           "0ydy7bgra5jbq9mxl5x031nif3m6y3balc6ndw2ngj11wnsjc61h")))))))
+
 (define-public libassuan
   (package
     (name "libassuan")