GNU bug report logs -
#32508
[PATCH] gnu: libx11: Replace with 1.6.6 [security fixes].
Previous Next
Reported by: Marius Bakke <mbakke <at> fastmail.com>
Date: Thu, 23 Aug 2018 15:01:01 UTC
Severity: normal
Tags: patch
Done: Marius Bakke <mbakke <at> fastmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
This fixes CVE-2018-14599, CVE-2018-14600, and CVE-2018-14598.
* gnu/packages/xorg.scm (libx11)[replacement]: New field.
(libx11-1.6.6): New public variable.
---
gnu/packages/xorg.scm | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 0a78b8ee7..f67206454 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5239,6 +5239,7 @@ draggable titlebars and borders.")
(package
(name "libx11")
(version "1.6.5")
+ (replacement libx11-1.6.6)
(source
(origin
(method url-fetch)
@@ -5268,6 +5269,18 @@ draggable titlebars and borders.")
(description "Xorg Core X11 protocol client library.")
(license license:x11)))
+;; Replacement package to fix multiple security bugs:
+;; <http://seclists.org/oss-sec/2018/q3/146>.
+(define-public libx11-1.6.6
+ (package/inherit libx11
+ (version "1.6.6")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://xorg/individual/lib/libX11-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "0ks1mxlda7nxfmffihi15ljsn50q8dknl33i2xag8xzc80fiizk5"))))))
+
;; packages of height 5 in the propagated-inputs tree
(define-public libxcursor
--
2.18.0
This bug report was last modified 6 years and 271 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.