bug#30061: [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}.

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#30061: [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}.

From:	Leo Famulari
Subject:	bug#30061: [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}.
Date:	Thu, 11 Jan 2018 14:33:22 -0800
User-agent:	Mutt/1.9.2 (2017-12-15)

On Thu, Jan 11, 2018 at 10:25:33PM +0100, Ludovic Courtès wrote:
> Hi,
> 
> Leo Famulari <address@hidden> skribis:
> 
> > * gnu/packages/patches/libvorbis-CVE-2017-14632.patch,
> > gnu/packages/patches/libvorbis-CVE-2017-14633.patch: New files.
> > * gnu/local.mk (dist_patch_DATA): Add them.
> > * gnu/packages/xiph.scm (libvorbis)[replacement]: New field.
> > (libvorbis/fixed): New variable.
> 
> LGTM.

Pushed as 138c08899ba73049de8afd2b74a8cf6845a1d9e1

> On ‘core-updates’, should we perform a rebuild instead of grafting?

Yes, I merged master into core-updates and ungrafted libvorbis in
e6ebc7b13225f0eddc404b7d8e136120b962181e

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#30061] [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}., Leo Famulari, 2018/01/10
- [bug#30061] [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}., Ludovic Courtès, 2018/01/11
  - bug#30061: [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}., Leo Famulari <=

Prev by Date: bug#29880: [PATCH] gnu: grep: Add PCRE support.
Next by Date: [bug#29928] [PATCH 0/5] Optimize profile hooks
Previous by thread: [bug#30061] [PATCH] gnu: libvorbis: Fix CVE-2017-{14632,14633}.
Next by thread: [bug#30062] [PATCH core-updates] gnu: java-ops4j-pax-tinybundles: Disable failing test.
Index(es):
- Date
- Thread