GNU bug report logs -
#29487
[PATCH] gnu: libxcursor: Replace with 1.1.15 [fixes CVE-2017-16612].
Previous Next
Reported by: Marius Bakke <mbakke <at> fastmail.com>
Date: Tue, 28 Nov 2017 17:03:03 UTC
Severity: normal
Tags: fixed, patch
Done: ludo <at> gnu.org (Ludovic Courtès)
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
* gnu/packages/xorg.scm (libxcursor-1.1.15): New public variable.
(libxcursor)[replacement]: New field.
---
gnu/packages/xorg.scm | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 994476ed6..1c1ddd4bf 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5307,6 +5307,7 @@ draggable titlebars and borders.")
(package
(name "libxcursor")
(version "1.1.14")
+ (replacement libxcursor-1.1.15)
(source
(origin
(method url-fetch)
@@ -5339,6 +5340,18 @@ draggable titlebars and borders.")
(description "Xorg Cursor management library.")
(license license:x11)))
+;; For CVE-2017-16612.
+(define-public libxcursor-1.1.15
+ (package
+ (inherit libxcursor)
+ (version "1.1.15")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://xorg/individual/lib/libXcursor-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0syzlfvh29037p0vnlc8f3jxz8nl55k65blswsakklkwsc6nfki9"))))))
(define-public libxt
(package
--
2.15.0
This bug report was last modified 7 years and 178 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.