--- Begin Message ---
Subject: |
[PATCH] gnu: libx11: Replace with 1.6.6 [security fixes]. |
Date: |
Thu, 23 Aug 2018 16:59:47 +0200 |
This fixes CVE-2018-14599, CVE-2018-14600, and CVE-2018-14598.
* gnu/packages/xorg.scm (libx11)[replacement]: New field.
(libx11-1.6.6): New public variable.
---
gnu/packages/xorg.scm | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 0a78b8ee7..f67206454 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5239,6 +5239,7 @@ draggable titlebars and borders.")
(package
(name "libx11")
(version "1.6.5")
+ (replacement libx11-1.6.6)
(source
(origin
(method url-fetch)
@@ -5268,6 +5269,18 @@ draggable titlebars and borders.")
(description "Xorg Core X11 protocol client library.")
(license license:x11)))
+;; Replacement package to fix multiple security bugs:
+;; <http://seclists.org/oss-sec/2018/q3/146>.
+(define-public libx11-1.6.6
+ (package/inherit libx11
+ (version "1.6.6")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://xorg/individual/lib/libX11-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
"0ks1mxlda7nxfmffihi15ljsn50q8dknl33i2xag8xzc80fiizk5"))))))
+
;; packages of height 5 in the propagated-inputs tree
(define-public libxcursor
--
2.18.0
--- End Message ---
--- Begin Message ---
Subject: |
Re: [bug#32508] [PATCH] gnu: libx11: Replace with 1.6.6 [security fixes]. |
Date: |
Sat, 25 Aug 2018 16:35:38 +0200 |
User-agent: |
Notmuch/0.27 (https://notmuchmail.org) Emacs/26.1 (x86_64-pc-linux-gnu) |
Leo Famulari <address@hidden> writes:
>> +;; Replacement package to fix multiple security bugs:
>> +;; <http://seclists.org/oss-sec/2018/q3/146>.
>> +(define-public libx11-1.6.6
>> + (package/inherit libx11
>
> Does it need to use package/inherit? My understanding is that procedure
> is primarily useful for packages that inherit from another package foo,
> when foo is being grafted. For example, the current situation with
> cups-minimal and cups.
Ah yes; you're right: in this case we don't need package/inherit because
we are not inheriting an existing graft. I always mix those up, thanks
for catching it!
Pushed as 94e9d750a22e30459732d2ae14d71c5f3acabd91.
signature.asc
Description: PGP signature
--- End Message ---