summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-11-28 17:51:05 +0100
committerMarius Bakke <mbakke@fastmail.com>2017-11-29 12:53:08 +0100
commit4fc61dac3ce201c72b312a6cfed5b3d4b96850f7 (patch)
tree2d71412fe98a5a4947ecc81d38a3498f298944bb
parent0e7fb0cd9b91e873b5f9d04c49472b06aff6911f (diff)
downloadguix-4fc61dac3ce201c72b312a6cfed5b3d4b96850f7.tar.gz
gnu: libxcursor: Replace with 1.1.15 [fixes CVE-2017-16612].
* gnu/packages/xorg.scm (libxcursor-1.1.15): New public variable.
(libxcursor)[replacement]: New field.
-rw-r--r--gnu/packages/xorg.scm13
1 files changed, 13 insertions, 0 deletions
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 994476ed63..1c1ddd4bf1 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5307,6 +5307,7 @@ draggable titlebars and borders.")
   (package
     (name "libxcursor")
     (version "1.1.14")
+    (replacement libxcursor-1.1.15)
     (source
       (origin
         (method url-fetch)
@@ -5339,6 +5340,18 @@ draggable titlebars and borders.")
     (description "Xorg Cursor management library.")
     (license license:x11)))
 
+;; For CVE-2017-16612.
+(define-public libxcursor-1.1.15
+  (package
+    (inherit libxcursor)
+    (version "1.1.15")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://xorg/individual/lib/libXcursor-"
+                                  version ".tar.bz2"))
+              (sha256
+               (base32
+                "0syzlfvh29037p0vnlc8f3jxz8nl55k65blswsakklkwsc6nfki9"))))))
 
 (define-public libxt
   (package