guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

branch master updated: gnu: aspell: Fix CVE-2019-25051 with a graft.

From: guix-commits
Subject: branch master updated: gnu: aspell: Fix CVE-2019-25051 with a graft.
Date: Wed, 10 Aug 2022 03:53:31 -0400 
This is an automated email from the git hooks/post-receive script.

mbakke pushed a commit to branch master
in repository guix.

The following commit(s) were added to refs/heads/master by this push:
     new 924a78b114 gnu: aspell: Fix CVE-2019-25051 with a graft.
924a78b114 is described below

commit 924a78b1148e8a433178c6e9737e0029691b0022
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Wed Aug 10 09:50:02 2022 +0200

    gnu: aspell: Fix CVE-2019-25051 with a graft.
    
    This partially reverts commit 468c95e9415bc303cfa36c9b67bbd2ce0abe904b in
    order to prevent rebuilding 2k+ packages via 'inkscape'.
    
    * gnu/packages/aspell.scm (aspell)[replacement]: New field.
    [source](patches): Remove "aspell-CVE-2019-25051.patch".
    (aspell/replacement): New private variable.
---
 gnu/packages/aspell.scm | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/aspell.scm b/gnu/packages/aspell.scm
index d2737ee79a..ec0dafbc7a 100644
--- a/gnu/packages/aspell.scm
+++ b/gnu/packages/aspell.scm
@@ -47,6 +47,7 @@
   (package
     (name "aspell")
     (version "0.60.8")
+    (replacement aspell/replacement)
     (source
      (origin
       (method url-fetch)
@@ -55,8 +56,7 @@
       (sha256
        (base32
         "1wi60ankalmh8ds7nplz434jd7j94gdvbahdwsr539rlad8pxdzr"))
-      (patches (search-patches "aspell-default-dict-dir.patch"
-                               "aspell-CVE-2019-25051.patch"))))
+      (patches (search-patches "aspell-default-dict-dir.patch"))))
     (build-system gnu-build-system)
     (arguments
      `(#:phases
@@ -93,6 +93,16 @@ documents written in the UTF-8 encoding and its ability to 
use multiple
 dictionaries, including personal ones.")
     (license lgpl2.1+)))
 
+;; Replacement package with security fixes.
+(define aspell/replacement
+  (package
+    (inherit aspell)
+    (source
+     (origin
+       (inherit (package-source aspell))
+       (patches (append (origin-patches (package-source aspell))
+                        (search-patches "aspell-CVE-2019-25051.patch")))))))
+
 ;;;
 ;;; Dictionaries.
 ;;;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]