[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#28996] [PATCH] gnu: expat: Update replacement to 2.2.4 [security fi

From: Tobias Geerinckx-Rice
Subject: [bug#28996] [PATCH] gnu: expat: Update replacement to 2.2.4 [security fixes].
Date: Wed, 25 Oct 2017 18:25:37 +0200

See 'Changes' in the source distribution for more information about the
fixed security issues.

* gnu/packages/xml.scm (expat)[replacement]: Update to 2.2.4.
(expat-2.2.2): Replace with ...
(expat-2.2.4): ... new variable.

Commit message shamelessly lifted from Leo's previous graft.

 gnu/packages/xml.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm
index 163743c07..2cdf4faa5 100644
--- a/gnu/packages/xml.scm
+++ b/gnu/packages/xml.scm
@@ -58,7 +58,7 @@
     (name "expat")
     (version "2.2.1")
-    (replacement expat-2.2.2)
+    (replacement expat-2.2.4)
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://sourceforge/expat/expat/"
@@ -75,17 +75,17 @@ stream-oriented parser in which an application registers 
handlers for
 things the parser might find in the XML document (like start tags).")
     (license license:expat)))
-(define expat-2.2.2  ; Fixes CVE-2017-9233, CVE-2016-9063 and other issues.
+(define expat-2.2.4  ; Fix CVE-{2016-9063,2017-9233,2017-11742} & other issues.
     (inherit expat)
-    (version "2.2.2")
+    (version "2.2.4")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://sourceforge/expat/expat/"
                                  version "/expat-" version ".tar.bz2"))
-               "0ik0r39ala9c6hj4kxrk933klgwkzlkbrfhvhaykx8l1rwgr2xj3"))))))
+               "17h1fb9zvqvf0sr78j211bngc6jpql5wzar8fg9b52jzjvdqbb83"))))))
 (define-public libebml

reply via email to

[Prev in Thread] Current Thread [Next in Thread]