aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
authorMarius Bakke <marius@gnu.org>2022-01-30 15:36:39 +0100
committerMarius Bakke <marius@gnu.org>2022-01-30 17:04:34 +0100
commit5c9c7856a6074027db762ba6c094dba07e62ba13 (patch)
treeb4f11c2a636d3a35834150407178cd0add5ea850 /gnu
parentbb5f6d8cef399d31dd43936649748bb4f816de56 (diff)
downloadguix-5c9c7856a6074027db762ba6c094dba07e62ba13.tar.gz
guix-5c9c7856a6074027db762ba6c094dba07e62ba13.zip
gnu: expat: Update replacement to 2.4.4 [fixes CVE-2022-23852, CVE-2022-23990].
* gnu/packages/xml.scm (expat/fixed): Update to 2.4.4.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/xml.scm4
1 files changed, 2 insertions, 2 deletions
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 771c577618..6a897648eb 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -158,7 +158,7 @@ things the parser might find in the XML document (like start tags).")
(define expat/fixed
(package
(inherit expat)
- (version "2.4.3")
+ (version "2.4.4")
(source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
(origin
(method url-fetch)
@@ -170,7 +170,7 @@ things the parser might find in the XML document (like start tags).")
"/expat-" version ".tar.xz")))
(sha256
(base32
- "12kp4h40cpyqqpjqaldag0xq4ig1ljzpkzy9i2marc7blnqz3ydi")))))))
+ "1f0iqdy21wcd5nbfgsf8r2d5ilh15mrv8qmm37nw4l9k6xp5vlmm")))))))
(define-public libebml
(package