summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2018-08-23 16:56:02 +0200
committerMarius Bakke <mbakke@fastmail.com>2018-08-25 16:32:06 +0200
commit94e9d750a22e30459732d2ae14d71c5f3acabd91 (patch)
treede6e7784c2639d82782b9322d2e8836b238ff663
parent7789bf953133e7537947989c0ad541ffc3fb7c03 (diff)
downloadguix-94e9d750a22e30459732d2ae14d71c5f3acabd91.tar.gz
gnu: libx11: Replace with 1.6.6 [security fixes].
This fixes CVE-2018-14599, CVE-2018-14600, and CVE-2018-14598.

* gnu/packages/xorg.scm (libx11)[replacement]: New field.
(libx11-1.6.6): New public variable.
-rw-r--r--gnu/packages/xorg.scm15
1 files changed, 15 insertions, 0 deletions
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 0a78b8ee70..3875765d25 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5239,6 +5239,7 @@ draggable titlebars and borders.")
   (package
     (name "libx11")
     (version "1.6.5")
+    (replacement libx11-1.6.6)
     (source
       (origin
         (method url-fetch)
@@ -5268,6 +5269,20 @@ draggable titlebars and borders.")
     (description "Xorg Core X11 protocol client library.")
     (license license:x11)))
 
+;; Replacement package to fix multiple security bugs:
+;; <http://seclists.org/oss-sec/2018/q3/146>.
+(define-public libx11-1.6.6
+  (package
+    (inherit libx11)
+    (version "1.6.6")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://xorg/individual/lib/libX11-"
+                                  version ".tar.bz2"))
+              (sha256
+               (base32
+                "0ks1mxlda7nxfmffihi15ljsn50q8dknl33i2xag8xzc80fiizk5"))))))
+
 ;; packages of height 5 in the propagated-inputs tree
 
 (define-public libxcursor