From 6f873731a030dd7ecbd8a5e756b38b26306f6966 Mon Sep 17 00:00:00 2001
From: Léo Le Bouter <lle-bout@zaclys.net>
Date: Sat, 6 Mar 2021 02:42:34 +0100
Subject: gnu: zstd: Update to 1.4.9 [security fixes].

Fixes CVE-2021-24031 and CVE-2021-24032.

* gnu/packages/compression.scm (zstd-1.4.9): New variable.
* gnu/packages/compression.scm (zstd): Update to 1.4.9.
[replacement]: Graft with 'zstd-1.4.9'.
---
 gnu/packages/compression.scm | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'gnu/packages/compression.scm')

diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 3561dc6bbe..ee7f607dcb 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -1442,6 +1442,7 @@ or junctions, and always follows hard links.")
                            "v" version "/zstd-" version ".tar.gz"))
        (sha256
         (base32 "05ckxap00qvc0j51d3ci38150cxsw82w7s9zgd5fgzspnzmp1vsr"))))
+    (replacement zstd-1.4.9)
     (build-system gnu-build-system)
     (outputs '("out"                    ;1.2MiB executables and documentation
                "lib"                    ;1.2MiB shared library and headers
@@ -1501,6 +1502,19 @@ speed.")
                    license:public-domain ; zlibWrapper/examples/fitblk*
                    license:zlib))))      ; zlibWrapper/{gz*.c,gzguts.h}
 
+(define-public zstd-1.4.9
+  (package
+    (inherit zstd)
+    (name "zstd")
+    (version "1.4.9")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://github.com/facebook/zstd/releases/download/"
+                           "v" version "/zstd-" version ".tar.gz"))
+       (sha256
+        (base32 "14yj7309gsvg39rki4xqnd6w5idmqi0655v1fc0mk1m2kvhp9b19"))))))
+
 (define-public pzstd
   (package
     (name "pzstd")
-- 
cgit v1.2.3