diff options
author | Leo Famulari <leo@famulari.name> | 2017-05-01 14:24:50 -0400 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2017-05-01 15:52:58 -0400 |
commit | 1c4a500aae53b8cd33d1266eb3809b859ae2555d (patch) | |
tree | a75d8a8d7e4cb2df7c20234a94522b59ed213e0f /gnu/packages/pulseaudio.scm | |
parent | d5b091290d9b0afe1f57d469f4fd388ac3b3b917 (diff) | |
download | guix-1c4a500aae53b8cd33d1266eb3809b859ae2555d.tar.gz |
gnu: libsndfile: Fix CVE-2017-{8361,8362,8363,8365}.
* gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch, gnu/packages/patches/libsndfile-CVE-2017-8362.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field. (libsndfile/fixed): New variable.
Diffstat (limited to 'gnu/packages/pulseaudio.scm')
-rw-r--r-- | gnu/packages/pulseaudio.scm | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm index c52f265cc1..92ebe6f3eb 100644 --- a/gnu/packages/pulseaudio.scm +++ b/gnu/packages/pulseaudio.scm @@ -45,6 +45,7 @@ (define-public libsndfile (package (name "libsndfile") + (replacement libsndfile/fixed) (version "1.0.28") (source (origin (method url-fetch) @@ -76,6 +77,18 @@ SPARC. Hopefully the design of the library will also make it easy to extend for reading and writing new sound file formats.") (license l:gpl2+))) +(define libsndfile/fixed + (package + (inherit libsndfile) + (source + (origin + (inherit (package-source libsndfile)) + (patches + (append + (origin-patches (package-source libsndfile)) + (search-patches "libsndfile-CVE-2017-8361-8363-8365.patch" + "libsndfile-CVE-2017-8362.patch"))))))) + (define-public libsamplerate (package (name "libsamplerate") ; aka. Secret Rabbit Code (SRC) |