[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
05/06: gnu: expat: Replace with 2.2.9 [fixes CVE-2019-15903].
From: |
guix-commits |
Subject: |
05/06: gnu: expat: Replace with 2.2.9 [fixes CVE-2019-15903]. |
Date: |
Sun, 13 Oct 2019 16:50:09 -0400 (EDT) |
mbakke pushed a commit to branch master
in repository guix.
commit e436379c9412cf1550a6c977a5ede1aa4b8a1e04
Author: Marius Bakke <address@hidden>
Date: Sun Oct 13 21:06:53 2019 +0200
gnu: expat: Replace with 2.2.9 [fixes CVE-2019-15903].
* gnu/packages/xml.scm (expat-2.2.9): New variable.
(expat)[replacement]: New field.
---
gnu/packages/xml.scm | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 54dc92f..59f3011 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -13,7 +13,7 @@
;;; Copyright © 2016 Jan Nieuwenhuizen <address@hidden>
;;; Copyright © 2016, 2017 ng0 <address@hidden>
;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <address@hidden>
-;;; Copyright © 2016, 2017, 2018 Marius Bakke <address@hidden>
+;;; Copyright © 2016, 2017, 2018, 2019 Marius Bakke <address@hidden>
;;; Copyright © 2017 Adriano Peluso <address@hidden>
;;; Copyright © 2017 Gregor Giesen <address@hidden>
;;; Copyright © 2017 Alex Vong <address@hidden>
@@ -67,6 +67,7 @@
(package
(name "expat")
(version "2.2.7")
+ (replacement expat-2.2.9)
(source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
(origin
(method url-fetch)
@@ -88,6 +89,23 @@ stream-oriented parser in which an application registers
handlers for
things the parser might find in the XML document (like start tags).")
(license license:expat)))
+(define expat-2.2.9
+ (package
+ (inherit expat)
+ (version "2.2.9")
+ (source (let ((dot->underscore (lambda (c) (if (char=? #\. c) #\_ c))))
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "mirror://sourceforge/expat/expat/"
+ version "/expat-" version ".tar.xz")
+ (string-append
+
"https://github.com/libexpat/libexpat/releases/download/R_"
+ (string-map dot->underscore version)
+ "/expat-" version ".tar.xz")))
+ (sha256
+ (base32
+ "1960mmgbb4cm64n1p0nz3hrs1pw03hkrfcw8prmnn4622mdrd9hy")))))))
+
(define-public libebml
(package
(name "libebml")
- branch master updated (0475c88 -> 6485528), guix-commits, 2019/10/13
- 02/06: gnu: nghttp2: Replace with 1.39.2 [fixes CVE-2019-9511, CVE-2019-9513]., guix-commits, 2019/10/13
- 03/06: gnu: curl: Replace with 7.66.0 [fixes CVE-2019-5481, CVE-2019-5482]., guix-commits, 2019/10/13
- 04/06: gnu: libgcrypt: Replace with 1.8.5 [fixes CVE-2019-13627]., guix-commits, 2019/10/13
- 05/06: gnu: expat: Replace with 2.2.9 [fixes CVE-2019-15903].,
guix-commits <=
- 01/06: gnu: OpenSSL@1.0: Replace with 1.0.2t [fixes CVE-2019-1547, CVE-2019-1563]., guix-commits, 2019/10/13
- 06/06: gnu: librsvg: Update to 2.46.0., guix-commits, 2019/10/13