From 436dd0463668361476a448d88f6e8653981a7346 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 9 Jun 2016 13:02:11 -0400 Subject: gnu: expat: Fix CVE-2012-6702 and CVE-2016-5300. * gnu/packages/patches/expat-CVE-2012-6702-and-CVE-2016-5300.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xml.scm (expat/fixed): Use it. --- gnu/packages/xml.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'gnu/packages/xml.scm') diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index dc5c60dca8..d5967f7966 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -69,7 +69,8 @@ things the parser might find in the XML document (like start tags).") (inherit expat) (source (origin (inherit (package-source expat)) - (patches (search-patches "expat-CVE-2015-1283.patch" + (patches (search-patches "expat-CVE-2012-6702-and-CVE-2016-5300.patch" + "expat-CVE-2015-1283.patch" "expat-CVE-2015-1283-refix.patch" "expat-CVE-2016-0718.patch")))))) -- cgit 1.4.1