From 94e9d750a22e30459732d2ae14d71c5f3acabd91 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 23 Aug 2018 16:56:02 +0200 Subject: [PATCH] gnu: libx11: Replace with 1.6.6 [security fixes]. This fixes CVE-2018-14599, CVE-2018-14600, and CVE-2018-14598. * gnu/packages/xorg.scm (libx11)[replacement]: New field. (libx11-1.6.6): New public variable. --- gnu/packages/xorg.scm | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index 0a78b8ee70..3875765d25 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -5239,6 +5239,7 @@ draggable titlebars and borders.") (package (name "libx11") (version "1.6.5") + (replacement libx11-1.6.6) (source (origin (method url-fetch) @@ -5268,6 +5269,20 @@ draggable titlebars and borders.") (description "Xorg Core X11 protocol client library.") (license license:x11))) +;; Replacement package to fix multiple security bugs: +;; . +(define-public libx11-1.6.6 + (package + (inherit libx11) + (version "1.6.6") + (source (origin + (method url-fetch) + (uri (string-append "mirror://xorg/individual/lib/libX11-" + version ".tar.bz2")) + (sha256 + (base32 + "0ks1mxlda7nxfmffihi15ljsn50q8dknl33i2xag8xzc80fiizk5")))))) + ;; packages of height 5 in the propagated-inputs tree (define-public libxcursor