From 033cbd11a837dbc7602799f15d691221653e1996 Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Sun, 16 Oct 2022 02:00:00 +0200
Subject: gnu: libksba: Graft to 1.6.2 [fixes CVE-2022-3515].

* gnu/packages/gnupg.scm (libksba/fixed): New variable.
(libksba): Use it as grafted replacement.
---
 gnu/packages/gnupg.scm | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'gnu')

diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index f9f39d6116..ce9ef48796 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -224,6 +224,7 @@ provided.")
   (package
     (name "libksba")
     (version "1.6.0")
+    (replacement libksba/fixed)
     (source
      (origin
       (method url-fetch)
@@ -253,6 +254,18 @@ specifications are building blocks of S/MIME and TLS.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libksba")))))
 
+(define libksba/fixed
+  (package
+    (inherit libksba)
+    (version "1.6.2")
+        (source
+     (origin
+      (method url-fetch)
+      (uri (string-append
+            "mirror://gnupg/libksba/libksba-" version ".tar.bz2"))
+      (sha256
+       (base32 "0wf9j9hlzvgn0vz6zg3fvcmpdr62v8bz1kzsvzdbs4lqqp51rq7w"))))))
+
 (define-public npth
   (package
     (name "npth")
-- 
cgit v1.2.3