gnu: libgcrypt: Fix CVE-2018-0495.

* gnu/packages/gnupg.scm (libgcrypt)[replacement]: New field. (libgcrypt/fixed): New package.
author: Efraim Flashner <efraim@flashner.co.il> 2018-06-13 22:28:48 +0300
committer: Efraim Flashner <efraim@flashner.co.il> 2018-06-14 11:06:48 +0300
commit: 03439df66fc2699b22e5786b33324e5432cfe8cf (patch)
tree: d96f7d12516756e25a459d9228081bea90b87ed0
parent: 85d79a79e4b721e24cdfb11a90beef6d566c499a (diff)
download: guix-03439df66fc2699b22e5786b33324e5432cfe8cf.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index ecd280f6db..6a0defb46f 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -108,6 +108,7 @@ Daemon and possibly more in the future.")
 
 (define-public libgcrypt
   (package
+    (replacement libgcrypt/fixed)
     (name "libgcrypt")
     (version "1.8.2")
     (source (origin
@@ -142,6 +143,19 @@ generation.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libgcrypt")))))
 
+(define libgcrypt/fixed
+  (package
+    (inherit libgcrypt)
+    (name "libgcrypt")
+    (version "1.8.3")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+                                 version ".tar.bz2"))
+             (sha256
+              (base32
+               "0z5gs1khzyknyfjr19k8gk4q148s6q987ya85cpn0iv70fz91v36"))))))
+
 (define-public libassuan
   (package
     (name "libassuan")
author	Efraim Flashner <efraim@flashner.co.il>	2018-06-13 22:28:48 +0300
committer	Efraim Flashner <efraim@flashner.co.il>	2018-06-14 11:06:48 +0300
commit	03439df66fc2699b22e5786b33324e5432cfe8cf (patch)
tree	d96f7d12516756e25a459d9228081bea90b87ed0
parent	85d79a79e4b721e24cdfb11a90beef6d566c499a (diff)
download	guix-03439df66fc2699b22e5786b33324e5432cfe8cf.tar.gz