gnu: unzip: Add fixes for CVE-2014-{8139,8140,8141}.

* gnu/packages/patches/unzip-CVE-2014-8139.patch, gnu/packages/patches/unzip-CVE-2014-8140.patch, gnu/packages/patches/unzip-CVE-2014-8141.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/zip.scm (unzip): Add patches.
author: Mark H Weaver <mhw@netris.org> 2014-12-30 14:46:21 -0500
committer: Mark H Weaver <mhw@netris.org> 2014-12-30 14:48:13 -0500
commit: e5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0 (patch)
tree: e033809b82b840dc259b7d1a430cf32edb17b02a /gnu/packages/zip.scm
parent: c7bdc7ece5650be75314dc302f3cdcf02806857b (diff)
download: guix-e5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/gnu/packages/zip.scm b/gnu/packages/zip.scm
index 29ab555ae4..230907becb 100644
--- a/gnu/packages/zip.scm
+++ b/gnu/packages/zip.scm
@@ -79,7 +79,10 @@ Compression ratios of 2:1 to 3:1 are common for text files.")
       (uri (string-append "mirror://sourceforge/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/unzip60.tar.gz"))
       (sha256
        (base32
-        "0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"))))
+        "0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"))
+      (patches (list (search-patch "unzip-CVE-2014-8139.patch")
+                     (search-patch "unzip-CVE-2014-8140.patch")
+                     (search-patch "unzip-CVE-2014-8141.patch")))))
     (build-system gnu-build-system)
     ;; no inputs; bzip2 is not supported, since not compiled with BZ_NO_STDIO
     (arguments
author	Mark H Weaver <mhw@netris.org>	2014-12-30 14:46:21 -0500
committer	Mark H Weaver <mhw@netris.org>	2014-12-30 14:48:13 -0500
commit	e5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0 (patch)
tree	e033809b82b840dc259b7d1a430cf32edb17b02a /gnu/packages/zip.scm
parent	c7bdc7ece5650be75314dc302f3cdcf02806857b (diff)
download	guix-e5da2f38c3ca8d4626c1b87e045d00d28c1bf4d0.tar.gz