summary refs log tree commit diff
path: root/gnu/local.mk
diff options
context:
space:
mode:
authorAlex Vong <alexvong1995@gmail.com>2019-01-05 23:20:41 +0800
committerAlex Vong <alexvong1995@gmail.com>2019-01-07 05:42:34 +0800
commitc824dedf711dc4aa33e005fa291a3aec58a9e2e2 (patch)
tree9869dce2671ec91de478d2bd63b5aa4fc09690d9 /gnu/local.mk
parentb7ec276e570a4c41d2b333848c7488d65322209c (diff)
downloadguix-c824dedf711dc4aa33e005fa291a3aec58a9e2e2.tar.gz
gnu: libarchive: Replace with libarchive 3.3.3 and fix CVE-2018-{1000877,1000878,1000880}.
* gnu/packages/backup.scm (libarchive)[source, home-page]: Use HTTPS.
[replacement]: New field.
(libarchive-3.3.3): New variable.
* gnu/packages/patches/libarchive-CVE-2018-1000877.patch,
gnu/packages/patches/libarchive-CVE-2018-1000878.patch,
gnu/packages/patches/libarchive-CVE-2018-1000880.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
Diffstat (limited to 'gnu/local.mk')
-rw-r--r--gnu/local.mk5
1 files changed, 4 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 6b57f36552..36d0ca541b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -9,7 +9,7 @@
 # Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
 # Copyright © 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
 # Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
-# Copyright © 2016, 2017, 2018 Alex Vong <alexvong1995@gmail.com>
+# Copyright © 2016, 2017, 2018, 2019 Alex Vong <alexvong1995@gmail.com>
 # Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
 # Copyright © 2016, 2017 Jan Nieuwenhuizen <janneke@gnu.org>
 # Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
@@ -879,6 +879,9 @@ dist_patch_DATA =						\
   %D%/packages/patches/liba52-use-mtune-not-mcpu.patch		\
   %D%/packages/patches/libarchive-CVE-2017-14166.patch		\
   %D%/packages/patches/libarchive-CVE-2017-14502.patch		\
+  %D%/packages/patches/libarchive-CVE-2018-1000877.patch	\
+  %D%/packages/patches/libarchive-CVE-2018-1000878.patch	\
+  %D%/packages/patches/libarchive-CVE-2018-1000880.patch	\
   %D%/packages/patches/libbase-fix-includes.patch		\
   %D%/packages/patches/libbase-use-own-logging.patch		\
   %D%/packages/patches/libbonobo-activation-test-race.patch	\