summary refs log tree commit diff
path: root/gnu/packages/mp3.scm
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2016-05-30 17:17:09 +0300
committerEfraim Flashner <efraim@flashner.co.il>2016-05-30 20:13:24 +0300
commit1f521b7055a464439774332f1a69ed31b565715f (patch)
treefaf684a35c09085ca54ba8589a156bbfe43926af /gnu/packages/mp3.scm
parent3d55d04ab8f11cf8e9612c0ef92b10347a867309 (diff)
downloadguix-1f521b7055a464439774332f1a69ed31b565715f.tar.gz
gnu: id3lib: Fix CVE-2007-4460.
* gnu/packages/mp3.scm (id3lib)[source]: Add patch.
* gnu/packages/patches/id3lib-CVE-2007-4460.patch: New variable.
* gnu/local.mk (dist_patch_DATA): Add it.
Diffstat (limited to 'gnu/packages/mp3.scm')
-rw-r--r--gnu/packages/mp3.scm6
1 files changed, 3 insertions, 3 deletions
diff --git a/gnu/packages/mp3.scm b/gnu/packages/mp3.scm
index 997c50f5f4..8451f0ac9f 100644
--- a/gnu/packages/mp3.scm
+++ b/gnu/packages/mp3.scm
@@ -108,11 +108,11 @@ versions of ID3v2.")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://sourceforge/id3lib/id3lib/"
-                                version "/id3lib-"
-                                version ".tar.gz"))
+                                version "/id3lib-" version ".tar.gz"))
             (sha256
              (base32
-              "0yfhqwk0w8q2hyv1jib1008jvzmwlpsxvc8qjllhna6p1hycqj97"))))
+              "0yfhqwk0w8q2hyv1jib1008jvzmwlpsxvc8qjllhna6p1hycqj97"))
+            (patches (search-patches "id3lib-CVE-2007-4460.patch"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases