From 21b3b755151028647081fe96d2992b3743531d71 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 11 Mar 2021 05:34:28 -0500 Subject: gnu: glib: Fix CVE-2021-27218 and CVE-2021-27219. * gnu/packages/patches/glib-CVE-2021-27218.patch, gnu/packages/patches/glib-CVE-2021-27219-01.patch, gnu/packages/patches/glib-CVE-2021-27219-02.patch, gnu/packages/patches/glib-CVE-2021-27219-03.patch, gnu/packages/patches/glib-CVE-2021-27219-04.patch, gnu/packages/patches/glib-CVE-2021-27219-05.patch, gnu/packages/patches/glib-CVE-2021-27219-06.patch, gnu/packages/patches/glib-CVE-2021-27219-07.patch, gnu/packages/patches/glib-CVE-2021-27219-08.patch, gnu/packages/patches/glib-CVE-2021-27219-09.patch, gnu/packages/patches/glib-CVE-2021-27219-10.patch, gnu/packages/patches/glib-CVE-2021-27219-11.patch, gnu/packages/patches/glib-CVE-2021-27219-12.patch, gnu/packages/patches/glib-CVE-2021-27219-13.patch, gnu/packages/patches/glib-CVE-2021-27219-14.patch, gnu/packages/patches/glib-CVE-2021-27219-15.patch, gnu/packages/patches/glib-CVE-2021-27219-16.patch, gnu/packages/patches/glib-CVE-2021-27219-17.patch, gnu/packages/patches/glib-CVE-2021-27219-18.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/glib.scm (glib)[replacement]: New field. (glib/fixed): New variable. --- gnu/packages/glib.scm | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) (limited to 'gnu/packages/glib.scm') diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm index 9cc2b1b69e..520b723722 100644 --- a/gnu/packages/glib.scm +++ b/gnu/packages/glib.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2013, 2014, 2015, 2016, 2019, 2020 Ludovic Courtès ;;; Copyright © 2013, 2015 Andreas Enge ;;; Copyright © 2013 Nikita Karetnikov -;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2021 Mark H Weaver ;;; Copyright © 2016, 2020 Efraim Flashner ;;; Copyright © 2016 Lukas Gradl ;;; Copyright © 2017, 2018, 2019 Ricardo Wurmus @@ -172,6 +172,7 @@ shared NFS home directories.") (package (name "glib") (version "2.62.6") + (replacement glib/fixed) (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" @@ -390,6 +391,33 @@ dynamic loading, and an object system.") (home-page "https://developer.gnome.org/glib/") (license license:lgpl2.1+))) +(define glib/fixed + (package + (inherit glib) + (source (origin + (inherit (package-source glib)) + (patches + (append (search-patches "glib-CVE-2021-27218.patch" + "glib-CVE-2021-27219-01.patch" + "glib-CVE-2021-27219-02.patch" + "glib-CVE-2021-27219-03.patch" + "glib-CVE-2021-27219-04.patch" + "glib-CVE-2021-27219-05.patch" + "glib-CVE-2021-27219-06.patch" + "glib-CVE-2021-27219-07.patch" + "glib-CVE-2021-27219-08.patch" + "glib-CVE-2021-27219-09.patch" + "glib-CVE-2021-27219-10.patch" + "glib-CVE-2021-27219-11.patch" + "glib-CVE-2021-27219-12.patch" + "glib-CVE-2021-27219-13.patch" + "glib-CVE-2021-27219-14.patch" + "glib-CVE-2021-27219-15.patch" + "glib-CVE-2021-27219-16.patch" + "glib-CVE-2021-27219-17.patch" + "glib-CVE-2021-27219-18.patch") + (origin-patches (package-source glib)))))))) + (define-public glib-with-documentation ;; glib's doc must be built in a separate package since it requires gtk-doc, ;; which in turn depends on glib. -- cgit v1.2.3