--- Begin Message ---
Subject: |
[PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032]. |
Date: |
Mon, 28 Mar 2022 00:06:59 -0400 |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://seclists.org/oss-sec/2022/q1/191
* gnu/packages/compression.scm (zlib)[replacement]: New field.
(zlib-1.2.12): New variable.
---
gnu/packages/compression.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 3edaecd951..2287c755b4 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -98,6 +98,7 @@ (define-module (gnu packages compression)
(define-public zlib
(package
(name "zlib")
+ (replacement zlib-1.2.12)
(version "1.2.11")
(source
(origin
@@ -148,6 +149,21 @@ (define-public zlib
in compression.")
(license license:zlib)))
+(define-public zlib-1.2.12
+ (package
+ (inherit zlib)
+ (version "1.2.12")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "http://zlib.net/zlib-"
+ version ".tar.gz")
+ (string-append "mirror://sourceforge/libpng/zlib/"
+ version "/zlib-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i"))))))
+
(define-public minizip
(package
(name "minizip")
--
2.34.0
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#54604: [PATCH] gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032]. |
Date: |
Wed, 4 Jan 2023 13:01:30 -0500 |
On Tue, Jan 03, 2023 at 05:31:04PM -0500, Maxim Cournoyer wrote:
> Ping! Feel free to apply it.
Pushed as c2c93abd18c37f438006cded8124ff0a32a0e4a7
I forgot about it, sorry!
--- End Message ---