gnu: tcpdump: Update to 4.9.0 [security fixes].

Fixes CVE-2016-{7922,7923,7924,7925,7926,7927,7928,7929,7930,7931,7932,7933
7934,7935,7936,7937,7938,7939,7940,7973,7974,7975,7983,7984,7985,7986,7992,7993,
8574,8575} and CVE-2017-{5202,5203,5204,5205,5341,5342,5482,5483,5484,5485,
5486}.

* gnu/packages/admin.scm (tcpdump): Update to 4.9.0.
[source]: Add alternate URL and set the file-name.
This commit is contained in:
Leo Famulari 2017-01-30 14:50:23 -05:00
parent df4a2b44d3
commit af7d72b16c
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
1 changed files with 14 additions and 4 deletions

View File

@ -633,14 +633,24 @@ network statistics collection, security monitoring, network debugging, etc.")
(define-public tcpdump
(package
(name "tcpdump")
(version "4.7.4")
(version "4.9.0")
(source (origin
(method url-fetch)
(uri (string-append "http://www.tcpdump.org/release/tcpdump-"
version ".tar.gz"))
;; We use this Debian URL while the upstream URL is still
;; officially private. This is the result of a botched
;; coordinated release of tcpdump 4.9.0. I verified with
;; the tcpdump maintainers that the upstream URL provides
;; the same data as this Debian URL.
(uri
(list
(string-append "http://http.debian.net/debian/pool/main/t/"
name "/" name "_" version ".orig.tar.gz")
(string-append "http://www.tcpdump.org/release/tcpdump-"
version ".tar.gz")))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1byr8w6grk08fsq0444jmcz9ar89lq9nf4mjq2cny0w9k8k21rbb"))))
"0pjsxsy8l71i813sa934cwf1ryp9xbr7nxwsvnzavjdirchq3sga"))))
(build-system gnu-build-system)
(inputs `(("libpcap" ,libpcap)
("openssl" ,openssl)))