04/06: gnu: libgcrypt: Replace with 1.8.5 [fixes CVE-2019-13627].

[guix-commits]

mbakke pushed a commit to branch master
in repository guix.

commit 24496210ea55bb1a573dcb80f4aa4bd13b861f1d
Author: Marius Bakke <address@hidden>
Date:   Sun Oct 13 21:02:08 2019 +0200

    gnu: libgcrypt: Replace with 1.8.5 [fixes CVE-2019-13627].
    
    * gnu/packages/gnupg.scm (libgcrypt-1.8.5): New variable.
    (libgcrypt)[replacement]: New field.
---
 gnu/packages/gnupg.scm | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index 4ee7ed6..06e5f67 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -14,7 +14,7 @@
 ;;; Copyright © 2017 Leo Famulari <address@hidden>
 ;;; Copyright © 2017 Petter <address@hidden>
 ;;; Copyright © 2018, 2019 Tobias Geerinckx-Rice <address@hidden>
-;;; Copyright © 2018 Marius Bakke <address@hidden>
+;;; Copyright © 2018, 2019 Marius Bakke <address@hidden>
 ;;; Copyright © 2018 Björn Höfling <address@hidden>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -111,6 +111,7 @@ Daemon and possibly more in the future.")
   (package
     (name "libgcrypt")
     (version "1.8.4")
+    (replacement libgcrypt-1.8.5)
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
@@ -143,6 +144,18 @@ generation.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libgcrypt")))))
 
+(define-public libgcrypt-1.8.5
+  (package
+    (inherit libgcrypt)
+    (version "1.8.5")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+                                  version ".tar.bz2"))
+              (sha256
+               (base32
+                "1hvsazms1bfd769q0ngl0r9g5i4m9mpz9jmvvrdzyzk3rfa2ljiv"))))))
+
 (define-public libassuan
   (package
     (name "libassuan")