summary refs log tree commit diff
path: root/gnu/packages/pulseaudio.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-05-01 14:24:50 -0400
committerLeo Famulari <leo@famulari.name>2017-05-01 15:52:58 -0400
commit1c4a500aae53b8cd33d1266eb3809b859ae2555d (patch)
treea75d8a8d7e4cb2df7c20234a94522b59ed213e0f /gnu/packages/pulseaudio.scm
parentd5b091290d9b0afe1f57d469f4fd388ac3b3b917 (diff)
downloadguix-1c4a500aae53b8cd33d1266eb3809b859ae2555d.tar.gz
gnu: libsndfile: Fix CVE-2017-{8361,8362,8363,8365}.
* gnu/packages/patches/libsndfile-CVE-2017-8361-8363-8365.patch,
gnu/packages/patches/libsndfile-CVE-2017-8362.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field.
(libsndfile/fixed): New variable.
Diffstat (limited to 'gnu/packages/pulseaudio.scm')
-rw-r--r--gnu/packages/pulseaudio.scm13
1 files changed, 13 insertions, 0 deletions
diff --git a/gnu/packages/pulseaudio.scm b/gnu/packages/pulseaudio.scm
index c52f265cc1..92ebe6f3eb 100644
--- a/gnu/packages/pulseaudio.scm
+++ b/gnu/packages/pulseaudio.scm
@@ -45,6 +45,7 @@
 (define-public libsndfile
   (package
     (name "libsndfile")
+    (replacement libsndfile/fixed)
     (version "1.0.28")
     (source (origin
              (method url-fetch)
@@ -76,6 +77,18 @@ SPARC.  Hopefully the design of the library will also make it easy to extend
 for reading and writing new sound file formats.")
     (license l:gpl2+)))
 
+(define libsndfile/fixed
+  (package
+    (inherit libsndfile)
+    (source
+      (origin
+        (inherit (package-source libsndfile))
+        (patches
+          (append
+            (origin-patches (package-source libsndfile))
+            (search-patches "libsndfile-CVE-2017-8361-8363-8365.patch"
+                            "libsndfile-CVE-2017-8362.patch")))))))
+
 (define-public libsamplerate
   (package
     (name "libsamplerate")                     ; aka. Secret Rabbit Code (SRC)