gnu: libgcrypt: Replace with 1.7.3 [fixes CVE-2016-6316].

* gnu/packages/gnupg.scm (libgcrypt)[replacement]: New field. (libgcrypt-1.7.3): New variable.
author: Mark H Weaver <mhw@netris.org> 2016-08-17 19:10:16 -0400
committer: Mark H Weaver <mhw@netris.org> 2016-08-17 19:24:56 -0400
commit: 67f5adbae657f40e595051bd4bd7a7b9d744a09c (patch)
tree: d6484ca620a1a234101bffd14007568747935abb
parent: 90e20240e38f41c42cd34e432e825e2410992b20 (diff)
download: guix-67f5adbae657f40e595051bd4bd7a7b9d744a09c.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index ae741962e4..27de7bc417 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -74,6 +74,7 @@ Daemon and possibly more in the future.")
 (define-public libgcrypt
   (package
     (name "libgcrypt")
+    (replacement libgcrypt-1.7.3)
     (version "1.7.0")
     (source (origin
              (method url-fetch)
@@ -107,6 +108,19 @@ generation.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libgcrypt")))))
 
+(define-public libgcrypt-1.7.3
+  (package
+    (inherit libgcrypt)
+    (source
+     (let ((version "1.7.3"))
+       (origin
+         (method url-fetch)
+         (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+                             version ".tar.bz2"))
+         (sha256
+          (base32
+           "0wbh6fq5zi9wg2xcfvfpwh7dv52jihivx1vm4h91c2kx0w8n3b6x")))))))
+
 (define-public libgcrypt-1.5
   (package (inherit libgcrypt)
     (replacement libgcrypt-1.5.6)
author	Mark H Weaver <mhw@netris.org>	2016-08-17 19:10:16 -0400
committer	Mark H Weaver <mhw@netris.org>	2016-08-17 19:24:56 -0400
commit	67f5adbae657f40e595051bd4bd7a7b9d744a09c (patch)
tree	d6484ca620a1a234101bffd14007568747935abb
parent	90e20240e38f41c42cd34e432e825e2410992b20 (diff)
download	guix-67f5adbae657f40e595051bd4bd7a7b9d744a09c.tar.gz