gnu: libgcrypt: Fix CVE-2018-0495.

* gnu/packages/gnupg.scm (libgcrypt)[replacement]: New field.
(libgcrypt/fixed): New package.
This commit is contained in:
Efraim Flashner 2018-06-13 22:28:48 +03:00
parent 85d79a79e4
commit 03439df66f
No known key found for this signature in database
GPG Key ID: 41AAE7DCCA3D8351
1 changed files with 14 additions and 0 deletions

View File

@ -108,6 +108,7 @@ Daemon and possibly more in the future.")
(define-public libgcrypt (define-public libgcrypt
(package (package
(replacement libgcrypt/fixed)
(name "libgcrypt") (name "libgcrypt")
(version "1.8.2") (version "1.8.2")
(source (origin (source (origin
@ -142,6 +143,19 @@ generation.")
(properties '((ftp-server . "ftp.gnupg.org") (properties '((ftp-server . "ftp.gnupg.org")
(ftp-directory . "/gcrypt/libgcrypt"))))) (ftp-directory . "/gcrypt/libgcrypt")))))
(define libgcrypt/fixed
(package
(inherit libgcrypt)
(name "libgcrypt")
(version "1.8.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
"0z5gs1khzyknyfjr19k8gk4q148s6q987ya85cpn0iv70fz91v36"))))))
(define-public libassuan (define-public libassuan
(package (package
(name "libassuan") (name "libassuan")