From 20df2ee697bb5057a476a926a363d71cc8944c84 Mon Sep 17 00:00:00 2001 From: John Kehayias Date: Wed, 4 Oct 2023 18:21:45 -0400 Subject: gnu: libxpm: Graft with 3.5.17 [security fixes]. Fixes CVE-2023-43788 and CVE-2023-43789. See the X.Org security advisory for more information. * gnu/packages/xorg.scm (libxpm)[replacement]: New field, set to ... (libxpm/fixed): ... this new variable. --- gnu/packages/xorg.scm | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'gnu/packages/xorg.scm') diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index 519b2ae37b..4b3c96794d 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -36,6 +36,7 @@ ;;; Copyright © 2021 Lu Hui ;;; Copyright © 2023 Zheng Junjie <873216071@qq.com> ;;; Copyright © 2023 Janneke Nieuwenhuizen +;;; Copyright © 2023 John Kehayias ;;; ;;; This file is part of GNU Guix. ;;; @@ -1432,6 +1433,7 @@ treat it as part of their software base when porting.") (package (name "libxpm") (version "3.5.13") + (replacement libxpm/fixed) (source (origin (method url-fetch) @@ -1455,6 +1457,21 @@ treat it as part of their software base when porting.") (description "XPM (X Pixmap) image file format library.") (license license:x11))) +(define-public libxpm/fixed + (package + (inherit libxpm) + (version "3.5.17") + (source + (origin + (method url-fetch) + (uri (string-append + "mirror://xorg/individual/lib/libXpm-" + version + ".tar.xz")) + (sha256 + (base32 + "0hvf49qy55gwldpwpw7ihcmn5i2iinpjh2rbha63hzcy060izcv4")))))) + (define-public libxres (package (name "libxres") -- cgit v1.2.3