summary refs log tree commit diff
path: root/gnu/packages/nss.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2021-12-02 20:23:43 -0500
committerMark H Weaver <mhw@netris.org>2021-12-03 04:37:21 -0500
commit080a5de2eeb5e0da83ae9fd94488508d5227c4e3 (patch)
tree6609188934c5001a49d51c4d65360f32c76da07a /gnu/packages/nss.scm
parent345b341919304505c11494724c526e559db3eb68 (diff)
downloadguix-080a5de2eeb5e0da83ae9fd94488508d5227c4e3.tar.gz
gnu: nss: Fix CVE-2021-43527 via graft.
* gnu/packages/patches/nss-CVE-2021-43527.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/nss.scm (nss/fixed): New variable
(nss)[replacement]: New field.
Diffstat (limited to 'gnu/packages/nss.scm')
-rw-r--r--gnu/packages/nss.scm6
1 files changed, 5 insertions, 1 deletions
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 25203deb31..e41d016db4 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2021 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2020 Marius Bakke <mbakke@fastmail.com>
@@ -87,6 +87,7 @@ in the Mozilla clients.")
   (package
     (name "nss")
     (version "3.59")
+    (replacement nss/fixed)
     (source (origin
               (method url-fetch)
               (uri (let ((version-with-underscores
@@ -196,3 +197,6 @@ applications.  Applications built with NSS can support SSL v2 and v3, TLS,
 PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
 security standards.")
     (license license:mpl2.0)))
+
+(define nss/fixed
+  (package-with-extra-patches nss (search-patches "nss-CVE-2021-43527.patch")))