diff options
| author | Mark H Weaver <mhw@netris.org> | 2021-03-13 03:41:14 -0500 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2021-03-13 04:58:12 -0500 |
| commit | 74e2c0e00f58c8bf948f7dc7c5ae2876af910d5a (patch) | |
| tree | dba40ada3e2ae08d37d0c76c8650288b378444c4 /gnu/packages/tls.scm | |
| parent | ca8fa11754563786ffbae8de8da21fe086e1f9d2 (diff) | |
| download | guix-74e2c0e00f58c8bf948f7dc7c5ae2876af910d5a.tar.gz | |
gnu: gnutls: Fix CVE-2021-20231 and CVE-2021-20232.
* gnu/packages/patches/gnutls-CVE-2021-20231.patch, gnu/packages/patches/gnutls-CVE-2021-20232.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/tls.scm (gnutls)[replacement]: New field. (gnutls/fixed): New variable. (guile2.2-gnutls): Use package/inherit.
Diffstat (limited to 'gnu/packages/tls.scm')
| -rw-r--r-- | gnu/packages/tls.scm | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index e0741ad310..e8e1350e29 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver <mhw@netris.org> +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2021 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net> ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 David Thompson <davet@gnu.org> @@ -165,6 +165,7 @@ living in the same process.") (package (name "gnutls") (version "3.6.15") + (replacement gnutls/fixed) (source (origin (method url-fetch) ;; Note: Releases are no longer on ftp.gnu.org since the @@ -256,6 +257,15 @@ required structures.") (properties '((ftp-server . "ftp.gnutls.org") (ftp-directory . "/gcrypt/gnutls"))))) +(define gnutls/fixed + (package + (inherit gnutls) + (source (origin + (inherit (package-source gnutls)) + (patches (append (search-patches "gnutls-CVE-2021-20231.patch" + "gnutls-CVE-2021-20232.patch") + (origin-patches (package-source gnutls)))))))) + (define-public gnutls/guile-2.0 ;; GnuTLS for Guile 2.0. (package/inherit gnutls @@ -274,8 +284,7 @@ required structures.") ,@(package-inputs gnutls))))) (define-public guile2.2-gnutls - (package - (inherit gnutls) + (package/inherit gnutls (name "guile2.2-gnutls") (inputs `(("guile" ,guile-2.2) ,@(alist-delete "guile" |