gnu: libarchive: Fix CVE-2016-1541.

* gnu/packages/backup.scm (libarchive)[replacement]: New field. (libarchive/fixed): New variable. * gnu/packages/patches/libarchive-CVE-2016-1541.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
author: Leo Famulari <leo@famulari.name> 2016-05-10 16:15:06 -0400
committer: Leo Famulari <leo@famulari.name> 2016-05-11 21:35:35 -0400
commit: e7806e6caad62e0bea6790271ac8db37f5168750 (patch)
tree: 1717dbd25da809ba869846387cc69ca503abb291 /gnu/packages/backup.scm
parent: cf60e76a9503156a8c1047fa446525b28842f7e8 (diff)
download: guix-e7806e6caad62e0bea6790271ac8db37f5168750.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index a7b48f1154..917bee78d9 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -136,6 +136,7 @@ backups (called chunks) to allow easy burning to CD/DVD.")
 (define-public libarchive
   (package
     (name "libarchive")
+    (replacement libarchive/fixed)
     (version "3.1.2")
     (source
      (origin
@@ -193,6 +194,14 @@ archive.  In particular, note that there is currently no built-in support for
 random access nor for in-place modification.")
     (license license:bsd-2)))
 
+(define libarchive/fixed
+  (package
+    (inherit libarchive)
+    (source (origin
+              (inherit (package-source libarchive))
+              (patches (cons (search-patch "libarchive-CVE-2016-1541.patch")
+                             (origin-patches (package-source libarchive))))))))
+
 (define-public rdup
   (package
     (name "rdup")
author	Leo Famulari <leo@famulari.name>	2016-05-10 16:15:06 -0400
committer	Leo Famulari <leo@famulari.name>	2016-05-11 21:35:35 -0400
commit	e7806e6caad62e0bea6790271ac8db37f5168750 (patch)
tree	1717dbd25da809ba869846387cc69ca503abb291 /gnu/packages/backup.scm
parent	cf60e76a9503156a8c1047fa446525b28842f7e8 (diff)
download	guix-e7806e6caad62e0bea6790271ac8db37f5168750.tar.gz