gnu: libksba: Graft to 1.6.2 [fixes CVE-2022-3515].

* gnu/packages/gnupg.scm (libksba/fixed): New variable. (libksba): Use it as grafted replacement.
author: Tobias Geerinckx-Rice <me@tobias.gr> 2022-10-16 02:00:00 +0200
committer: Tobias Geerinckx-Rice <me@tobias.gr> 2022-10-16 02:00:00 +0200
commit: 033cbd11a837dbc7602799f15d691221653e1996 (patch)
tree: b9e1741c1050e8662255c3e5a2fef81801dd75c4 /gnu/packages/gnupg.scm
parent: 7fdbd37e12ea214ecfcb685343f5e05182b7f3b5 (diff)
download: guix-033cbd11a837dbc7602799f15d691221653e1996.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index f9f39d6116..ce9ef48796 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -224,6 +224,7 @@ provided.")
   (package
     (name "libksba")
     (version "1.6.0")
+    (replacement libksba/fixed)
     (source
      (origin
       (method url-fetch)
@@ -253,6 +254,18 @@ specifications are building blocks of S/MIME and TLS.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libksba")))))
 
+(define libksba/fixed
+  (package
+    (inherit libksba)
+    (version "1.6.2")
+        (source
+     (origin
+      (method url-fetch)
+      (uri (string-append
+            "mirror://gnupg/libksba/libksba-" version ".tar.bz2"))
+      (sha256
+       (base32 "0wf9j9hlzvgn0vz6zg3fvcmpdr62v8bz1kzsvzdbs4lqqp51rq7w"))))))
+
 (define-public npth
   (package
     (name "npth")
author	Tobias Geerinckx-Rice <me@tobias.gr>	2022-10-16 02:00:00 +0200
committer	Tobias Geerinckx-Rice <me@tobias.gr>	2022-10-16 02:00:00 +0200
commit	033cbd11a837dbc7602799f15d691221653e1996 (patch)
tree	b9e1741c1050e8662255c3e5a2fef81801dd75c4 /gnu/packages/gnupg.scm
parent	7fdbd37e12ea214ecfcb685343f5e05182b7f3b5 (diff)
download	guix-033cbd11a837dbc7602799f15d691221653e1996.tar.gz