summary refs log tree commit diff
path: root/gnu/packages/xml.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-06-09 13:02:11 -0400
committerLeo Famulari <leo@famulari.name>2016-06-10 20:33:45 -0400
commit436dd0463668361476a448d88f6e8653981a7346 (patch)
tree35af936e544284e6b6de52ae8ebb273687c08333 /gnu/packages/xml.scm
parenta50afcf9312d25a7b0982832fa63f79f5921b912 (diff)
downloadguix-436dd0463668361476a448d88f6e8653981a7346.tar.gz
gnu: expat: Fix CVE-2012-6702 and CVE-2016-5300.
* gnu/packages/patches/expat-CVE-2012-6702-and-CVE-2016-5300.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xml.scm (expat/fixed): Use it.
Diffstat (limited to 'gnu/packages/xml.scm')
-rw-r--r--gnu/packages/xml.scm3
1 files changed, 2 insertions, 1 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index dc5c60dca8..d5967f7966 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -69,7 +69,8 @@ things the parser might find in the XML document (like start tags).")
     (inherit expat)
     (source (origin
               (inherit (package-source expat))
-              (patches (search-patches "expat-CVE-2015-1283.patch"
+              (patches (search-patches "expat-CVE-2012-6702-and-CVE-2016-5300.patch"
+                                       "expat-CVE-2015-1283.patch"
                                        "expat-CVE-2015-1283-refix.patch"
                                        "expat-CVE-2016-0718.patch"))))))