From b0415c0361606d8d43cdc0841ad9cf74e1079861 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 30 May 2017 18:04:11 -0400 Subject: gnu: openldap: Fix CVE-2017-9287. * gnu/packages/patches/openldap-CVE-2017-9287.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/openldap.scm (openldap)[replacement]: New field. (openldap/fixed): New variable. --- gnu/packages/openldap.scm | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'gnu/packages/openldap.scm') diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index 987719492f..24bf603c44 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -31,6 +31,7 @@ #:use-module (gnu packages linux) #:use-module (gnu packages python) #:use-module (gnu packages tls) + #:use-module (gnu packages) #:use-module ((guix licenses) #:select (openldap2.8 lgpl2.1+)) #:use-module (guix packages) #:use-module (guix download) @@ -39,6 +40,7 @@ (define-public openldap (package (name "openldap") + (replacement openldap/fixed) (version "2.4.44") (source (origin (method url-fetch) @@ -79,6 +81,14 @@ (license openldap2.8) (home-page "http://www.openldap.org/"))) +(define openldap/fixed + (package + (inherit openldap) + (source + (origin + (inherit (package-source openldap)) + (patches (search-patches "openldap-CVE-2017-9287.patch")))))) + (define-public nss-pam-ldapd (package (name "nss-pam-ldapd") -- cgit 1.4.1