unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#53335] [PATCH] gnu: expat: Add replacement for [security fixes].
@ 2022-01-16  0:00 Tobias Geerinckx-Rice via Guix-patches via
  2022-01-19 18:08 ` bug#53335: " Tobias Geerinckx-Rice via Guix-patches via
  0 siblings, 1 reply; 2+ messages in thread
From: Tobias Geerinckx-Rice via Guix-patches via @ 2022-01-16  0:00 UTC (permalink / raw)
  To: 53335

Fixes CVE-2021-45960, CVE-2021-46143, and CVE-2022-22822…22827.

* gnu/packages/xml.scm (expat/fixed): New variable.
(expat)[replacement]: Use it.
---
 gnu/packages/xml.scm | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index b89115a051..771c577618 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -119,6 +119,7 @@ (define-public expat
   (package
     (name "expat")
     (version "2.4.1")
+    (replacement expat/fixed)
     (source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
               (origin
                 (method url-fetch)
@@ -154,6 +155,23 @@ (define-public expat
 things the parser might find in the XML document (like start tags).")
     (license license:expat)))
 
+(define expat/fixed
+  (package
+    (inherit expat)
+    (version "2.4.3")
+    (source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
+              (origin
+                (method url-fetch)
+                (uri (list (string-append "mirror://sourceforge/expat/expat/"
+                                          version "/expat-" version ".tar.xz")
+                           (string-append
+                            "https://github.com/libexpat/libexpat/releases/download/R_"
+                            (string-map dot->underscore version)
+                            "/expat-" version ".tar.xz")))
+                (sha256
+                 (base32
+                  "12kp4h40cpyqqpjqaldag0xq4ig1ljzpkzy9i2marc7blnqz3ydi")))))))
+
 (define-public libebml
   (package
     (name "libebml")
-- 
2.34.0





^ permalink raw reply related	[flat|nested] 2+ messages in thread

* bug#53335: [PATCH] gnu: expat: Add replacement for [security fixes].
  2022-01-16  0:00 [bug#53335] [PATCH] gnu: expat: Add replacement for [security fixes] Tobias Geerinckx-Rice via Guix-patches via
@ 2022-01-19 18:08 ` Tobias Geerinckx-Rice via Guix-patches via
  0 siblings, 0 replies; 2+ messages in thread
From: Tobias Geerinckx-Rice via Guix-patches via @ 2022-01-19 18:08 UTC (permalink / raw)
  To: 53335-done

[-- Attachment #1: Type: text/plain, Size: 74 bytes --]

Pushed as 2045852b096131a714409aa0cc4fe17938f60b15.

Kind regards,

T G-R

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 247 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-01-19 18:16 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-16  0:00 [bug#53335] [PATCH] gnu: expat: Add replacement for [security fixes] Tobias Geerinckx-Rice via Guix-patches via
2022-01-19 18:08 ` bug#53335: " Tobias Geerinckx-Rice via Guix-patches via

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).