summary refs log tree commit diff
path: root/gnu/packages/xml.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/xml.scm')
-rw-r--r--gnu/packages/xml.scm10
1 files changed, 8 insertions, 2 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index a860f98053..e0d795b62f 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -3,7 +3,7 @@
 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
-;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2015 Raimon Grau <raimonster@gmail.com>
@@ -41,7 +41,8 @@
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system perl)
   #:use-module (guix build-system python)
-  #:use-module (gnu packages linux))
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages pkg-config))
 
 (define-public expat
   (package
@@ -51,6 +52,9 @@
              (method url-fetch)
              (uri (string-append "mirror://sourceforge/expat/expat/"
                                  version "/expat-" version ".tar.bz2"))
+             (patches (search-patches "expat-CVE-2012-6702-and-CVE-2016-5300.patch"
+                                      "expat-CVE-2015-1283-refix.patch"
+                                      "expat-CVE-2016-0718.patch"))
              (sha256
               (base32
                "0ryyjgvy7jq0qb7a9mhc1giy3bzn56aiwrs8dpydqngplbjq9xdg"))))
@@ -612,6 +616,8 @@ XSL-T processor.  It also performs any necessary post-processing.")
      `(("gnutls" ,gnutls)
        ("libgcrypt" ,libgcrypt)
        ("libltdl" ,libltdl)))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)))
     (home-page "http://www.libexpat.org/")
     (synopsis "XML Security Library")
     (description