summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2017-06-29 21:04:09 +0300
committerEfraim Flashner <efraim@flashner.co.il>2017-06-29 21:04:33 +0300
commitef2c7fb5da058030677da4abe9fec177357ee25d (patch)
treea2202e360ed89c943b839fd878d629a003a4e7ee /gnu
parent604e494dc025774b095ac8ffe5206b5d0572c9a1 (diff)
downloadguix-ef2c7fb5da058030677da4abe9fec177357ee25d.tar.gz
gnu: libgcrypt: Add mitigation for CVE-2017-7526.
* gnu/packages/gnupg.scm (libgcrypt)[replacment]: New field.
(libgcrypt-1.7.8): New variable.
(libgcrypt-1.5)[replacment]: New field.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/gnupg.scm17
1 files changed, 16 insertions, 1 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index 9efd32a3f8..e42afbafda 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -4,7 +4,7 @@
 ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
-;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
 ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
@@ -82,6 +82,7 @@ Daemon and possibly more in the future.")
 (define-public libgcrypt
   (package
     (name "libgcrypt")
+    (replacement libgcrypt-1.7.8)
     (version "1.7.6")
     (source (origin
              (method url-fetch)
@@ -115,8 +116,22 @@ generation.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libgcrypt")))))
 
+(define libgcrypt-1.7.8
+  (package
+    (inherit libgcrypt)
+    (replacement #f)
+    (version "1.7.8")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+                                 version ".tar.bz2"))
+             (sha256
+              (base32
+               "16f1rsv4y4w2pk1il2jbcqggsb6mrlfva5vayd205fp68zm7d0ll"))))))
+
 (define-public libgcrypt-1.5
   (package (inherit libgcrypt)
+    (replacement #f)
     (version "1.5.6")
     (source
      (origin