gnu: nss: Graft to fix CVE-2023-0767.

* gnu/packages/nss.scm (nss-next): Update to 3.88.1. (nss): Add a replacement field pointing to… (nss/fixed): …this new variable, based on nss-next.
author: Tobias Geerinckx-Rice <me@tobias.gr> 2023-02-12 01:00:04 +0100
committer: Tobias Geerinckx-Rice <me@tobias.gr> 2023-02-12 01:00:28 +0100
commit: b04ee227a47419291391a2b6e857e41ed1c32155 (patch)
tree: 1a0cb02579ac0a9896d8945f024d05eb2b0f7db8 /gnu/packages/nss.scm
parent: 89a1d52821c1d8f7accb812ca371738fab577227 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index c06807c808..60247f34a2 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -123,6 +123,7 @@ in the Mozilla clients.")
 (define-public nss
   (package
     (name "nss")
+    (replacement nss/fixed)
     ;; Also update and test the nss-certs package, which duplicates version and
     ;; source to avoid a top-level variable reference & module cycle.
     (version "3.81")
@@ -259,3 +260,8 @@ security standards.")
                (base32
                 "15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))))
     (propagated-inputs (list nspr-next)))) ;required by nss.pc
+
+(define nss/fixed
+  (package
+    (inherit nss-next)
+    (version "3.88")))                  ; slight inaccuracy to allow grafting
author	Tobias Geerinckx-Rice <me@tobias.gr>	2023-02-12 01:00:04 +0100
committer	Tobias Geerinckx-Rice <me@tobias.gr>	2023-02-12 01:00:28 +0100
commit	b04ee227a47419291391a2b6e857e41ed1c32155 (patch)
tree	1a0cb02579ac0a9896d8945f024d05eb2b0f7db8 /gnu/packages/nss.scm
parent	89a1d52821c1d8f7accb812ca371738fab577227 (diff)