aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2022-01-16 01:00:00 +0100
committerTobias Geerinckx-Rice <me@tobias.gr>2022-01-16 01:00:00 +0100
commit2045852b096131a714409aa0cc4fe17938f60b15 (patch)
tree82dccbd7050a4b472279ad180a2c6e7a2d6f2e43
parentbd19671f8a500f7bd5d17f8d08e4119a774acb46 (diff)
downloadguix-2045852b096131a714409aa0cc4fe17938f60b15.tar.gz
guix-2045852b096131a714409aa0cc4fe17938f60b15.zip
gnu: expat: Add replacement for [security fixes].
Fixes CVE-2021-45960, CVE-2021-46143, and CVE-2022-22822…22827. * gnu/packages/xml.scm (expat/fixed): New variable. (expat)[replacement]: Use it.
-rw-r--r--gnu/packages/xml.scm18
1 files changed, 18 insertions, 0 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index b89115a051..771c577618 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -119,6 +119,7 @@ the entire document.")
(package
(name "expat")
(version "2.4.1")
+ (replacement expat/fixed)
(source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
(origin
(method url-fetch)
@@ -154,6 +155,23 @@ stream-oriented parser in which an application registers handlers for
things the parser might find in the XML document (like start tags).")
(license license:expat)))
+(define expat/fixed
+ (package
+ (inherit expat)
+ (version "2.4.3")
+ (source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "mirror://sourceforge/expat/expat/"
+ version "/expat-" version ".tar.xz")
+ (string-append
+ "https://github.com/libexpat/libexpat/releases/download/R_"
+ (string-map dot->underscore version)
+ "/expat-" version ".tar.xz")))
+ (sha256
+ (base32
+ "12kp4h40cpyqqpjqaldag0xq4ig1ljzpkzy9i2marc7blnqz3ydi")))))))
+
(define-public libebml
(package
(name "libebml")