From b3d20b82809a2895402936a162e0ddc5725cb1cd Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Mon, 30 May 2016 06:42:02 +0300
Subject: gnu: vorbis-tools: Fix CVE-2014-9638, CVE-2014-9639, CVE-2014-9640.

* gnu/packages/xiph.scm (vorbis-tools)[source]: Add patches.
* gnu/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch,
gnu/packages/patches/vorbis-tools-CVE-2014-9640.patch: New variables.
* gnu/local.mk (dist_patch_DATA): Add them.
---
 gnu/packages/xiph.scm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/xiph.scm')

diff --git a/gnu/packages/xiph.scm b/gnu/packages/xiph.scm
index 68f76d5c5c..d1597e96ea 100644
--- a/gnu/packages/xiph.scm
+++ b/gnu/packages/xiph.scm
@@ -270,7 +270,10 @@ Kate stream.")
             (sha256
              (base32
               "1g12bnh5ah08v529y72kfdz5lhvy75iaz7f9jskyby23m9dkk2d3"))
-            (patches (search-patches "vorbis-tools-CVE-2015-6749.patch"))))
+            (patches (search-patches 
+                       "vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch"
+                       "vorbis-tools-CVE-2014-9640.patch"
+                       "vorbis-tools-CVE-2015-6749.patch"))))
    (build-system gnu-build-system)
    (inputs `(("ao" ,ao)
              ("curl" ,curl)
-- 
cgit v1.2.3