gnu: wpa_supplicant: Update to 2.8 [security fixes].

This release fixes CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, and CVE-2019-11555. * gnu/packages/admin.scm (wpa-supplicant-minimal): Update to 2.8. [source](snippet): New field. Disable D-Bus. [arguments]: Change CONFIG_TLS to use OpenSSL rather than GnuTLS. This is required by many of the new default build-time settings. [inputs]: Remove GNUTLS and LIBGCRYPT. Add OPENSSL. (wpa-supplicant)[arguments]: Remove obsolete CONFIG_CTRL_IFACE_DBUS=y.
author: Marius Bakke <mbakke@fastmail.com> 2019-04-30 00:05:36 +0200
committer: Marius Bakke <mbakke@fastmail.com> 2019-05-09 13:43:03 +0200
commit: aeb1ed1abcc953694bcd742ae5e3ba5a13506373 (patch)
tree: d9e074cae6af7fc0b3ec7c04b16fc207d9687f46
parent: 3fde051bfdf2418b2dd72b416a8cc241ab44a24f (diff)
download: guix-aeb1ed1abcc953694bcd742ae5e3ba5a13506373.tar.gz
guix-aeb1ed1abcc953694bcd742ae5e3ba5a13506373.zip
1 files changed, 13 insertions, 9 deletions
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 5ab6af71f6..dbc6f7ff2a 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -1130,16 +1130,23 @@ commands and their arguments.")
 (define-public wpa-supplicant-minimal
   (package
     (name "wpa-supplicant-minimal")
-    (version "2.7")
+    (version "2.8")
     (source (origin
               (method url-fetch)
               (uri (string-append
                     "https://w1.fi/releases/wpa_supplicant-"
-                    version
-                    ".tar.gz"))
+                    version ".tar.gz"))
               (sha256
                (base32
-                "0x1hqyahq44jyla8jl6791nnwrgicrhidadikrnqxsm2nw36pskn"))))
+                "15ixzm347n8w6gdvi3j3yks3i15qmp6by9ayvswm34d929m372d6"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  (substitute* "wpa_supplicant/defconfig"
+                    ;; Disable D-Bus to save ~14MiB on the closure size.
+                    (("^CONFIG_CTRL_IFACE_DBUS" line _)
+                     (string-append "#" line)))
+                    #t))))
     (build-system gnu-build-system)
     (arguments
      '(#:phases
@@ -1152,8 +1159,7 @@ commands and their arguments.")
                (display "
       CONFIG_DEBUG_SYSLOG=y
 
-      # Choose GnuTLS (the default is OpenSSL.)
-      CONFIG_TLS=gnutls
+      CONFIG_TLS=openssl
 
       CONFIG_DRIVER_NL80211=y
       CFLAGS += $(shell pkg-config libnl-3.0 --cflags)
@@ -1187,8 +1193,7 @@ commands and their arguments.")
     (inputs
      `(("readline" ,readline)
        ("libnl" ,libnl)
-       ("gnutls" ,gnutls)
-       ("libgcrypt" ,libgcrypt)))                 ;needed by crypto_gnutls.c
+       ("openssl" ,openssl)))
     (native-inputs
      `(("pkg-config" ,pkg-config)))
     (home-page "https://w1.fi/wpa_supplicant/")
@@ -1221,7 +1226,6 @@ command.")
              (lambda _
                (let ((port (open-file ".config" "al")))
                  (display "
-      CONFIG_CTRL_IFACE_DBUS=y
       CONFIG_CTRL_IFACE_DBUS_NEW=y
       CONFIG_CTRL_IFACE_DBUS_INTRO=y\n" port)
                  (close-port port))
author	Marius Bakke <mbakke@fastmail.com>	2019-04-30 00:05:36 +0200
committer	Marius Bakke <mbakke@fastmail.com>	2019-05-09 13:43:03 +0200
commit	aeb1ed1abcc953694bcd742ae5e3ba5a13506373 (patch)
tree	d9e074cae6af7fc0b3ec7c04b16fc207d9687f46
parent	3fde051bfdf2418b2dd72b416a8cc241ab44a24f (diff)
download	guix-aeb1ed1abcc953694bcd742ae5e3ba5a13506373.tar.gz guix-aeb1ed1abcc953694bcd742ae5e3ba5a13506373.zip