gnu: libx11: Replace with 1.6.6 [security fixes].

This fixes CVE-2018-14599, CVE-2018-14600, and CVE-2018-14598.

* gnu/packages/xorg.scm (libx11)[replacement]: New field.
(libx11-1.6.6): New public variable.
This commit is contained in:
Marius Bakke 2018-08-23 16:56:02 +02:00
parent 7789bf9531
commit 94e9d750a2
No known key found for this signature in database
GPG Key ID: A2A06DF2A33A54FA
1 changed files with 15 additions and 0 deletions

View File

@ -5239,6 +5239,7 @@ draggable titlebars and borders.")
(package (package
(name "libx11") (name "libx11")
(version "1.6.5") (version "1.6.5")
(replacement libx11-1.6.6)
(source (source
(origin (origin
(method url-fetch) (method url-fetch)
@ -5268,6 +5269,20 @@ draggable titlebars and borders.")
(description "Xorg Core X11 protocol client library.") (description "Xorg Core X11 protocol client library.")
(license license:x11))) (license license:x11)))
;; Replacement package to fix multiple security bugs:
;; <http://seclists.org/oss-sec/2018/q3/146>.
(define-public libx11-1.6.6
(package
(inherit libx11)
(version "1.6.6")
(source (origin
(method url-fetch)
(uri (string-append "mirror://xorg/individual/lib/libX11-"
version ".tar.bz2"))
(sha256
(base32
"0ks1mxlda7nxfmffihi15ljsn50q8dknl33i2xag8xzc80fiizk5"))))))
;; packages of height 5 in the propagated-inputs tree ;; packages of height 5 in the propagated-inputs tree
(define-public libxcursor (define-public libxcursor