gnu: libgcrypt: Fix CVE-2017-0379.

* gnu/packages/gnupg.scm (libgcrypt)[replacement]: New field. (libgcrypt/fixed): New variable.
author: Efraim Flashner <efraim@flashner.co.il> 2017-08-29 23:30:43 +0300
committer: Efraim Flashner <efraim@flashner.co.il> 2017-08-29 23:32:16 +0300
commit: 08cba8cca4375d3dda5ad2cabdd2485eac6338bf (patch)
tree: 1e93bf03ad4804cae68093cffac9bf17180a99d5 /gnu/packages
parent: 0ae32da8d687600bff509d8abaccefd317fd3e42 (diff)
download: guix-08cba8cca4375d3dda5ad2cabdd2485eac6338bf.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index c442ce8aed..d6f0722f6e 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -81,6 +81,7 @@ Daemon and possibly more in the future.")
 
 (define-public libgcrypt
   (package
+    (replacement libgcrypt/fixed)
     (name "libgcrypt")
     (version "1.7.8")
     (source (origin
@@ -115,6 +116,18 @@ generation.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libgcrypt")))))
 
+(define libgcrypt/fixed
+  (package
+    (inherit libgcrypt)
+    (version "1.8.1")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+                                 version ".tar.bz2"))
+             (sha256
+              (base32
+               "1cvqd9jk5qshbh48yh3ixw4zyr4n5k50r3475rrh20xfn7w7aa3s"))))))
+
 (define-public libassuan
   (package
     (name "libassuan")
author	Efraim Flashner <efraim@flashner.co.il>	2017-08-29 23:30:43 +0300
committer	Efraim Flashner <efraim@flashner.co.il>	2017-08-29 23:32:16 +0300
commit	08cba8cca4375d3dda5ad2cabdd2485eac6338bf (patch)
tree	1e93bf03ad4804cae68093cffac9bf17180a99d5 /gnu/packages
parent	0ae32da8d687600bff509d8abaccefd317fd3e42 (diff)
download	guix-08cba8cca4375d3dda5ad2cabdd2485eac6338bf.tar.gz