gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://seclists.org/oss-sec/2022/q1/191 * gnu/packages/compression.scm (zlib)[replacement]: New field. (zlib-1.2.12): New variable.
author: Leo Famulari <leo@famulari.name> 2022-03-28 00:03:35 -0400
committer: Leo Famulari <leo@famulari.name> 2023-01-04 12:54:39 -0500
commit: c2c93abd18c37f438006cded8124ff0a32a0e4a7 (patch)
tree: 25c71001c018e9e0a49a6cd85e0c5e19af969657 /gnu
parent: 5fd9d3ba82faddf8393027655d4a10a1562dac47 (diff)
download: guix-c2c93abd18c37f438006cded8124ff0a32a0e4a7.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 82b93e23b2..223283eeb4 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -103,6 +103,7 @@
 (define-public zlib
   (package
     (name "zlib")
+    (replacement zlib-1.2.12)
     (version "1.2.11")
     (source
      (origin
@@ -164,6 +165,21 @@ independent of the input data and can be reduced, if necessary, at some cost
 in compression.")
     (license license:zlib)))
 
+(define-public zlib-1.2.12
+  (package
+    (inherit zlib)
+    (version "1.2.12")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (list (string-append "http://zlib.net/zlib-"
+                                 version ".tar.gz")
+                 (string-append "mirror://sourceforge/libpng/zlib/"
+                                version "/zlib-" version ".tar.gz")))
+      (sha256
+       (base32
+        "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i"))))))
+
 (define-public minizip
   (package
     (name "minizip")
author	Leo Famulari <leo@famulari.name>	2022-03-28 00:03:35 -0400
committer	Leo Famulari <leo@famulari.name>	2023-01-04 12:54:39 -0500
commit	c2c93abd18c37f438006cded8124ff0a32a0e4a7 (patch)
tree	25c71001c018e9e0a49a6cd85e0c5e19af969657 /gnu
parent	5fd9d3ba82faddf8393027655d4a10a1562dac47 (diff)
download	guix-c2c93abd18c37f438006cded8124ff0a32a0e4a7.tar.gz