gnu: jq: Fix CVE-2015-8863.

* gnu/packages/patches/jq-CVE-2015-8863.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/web.scm (jq)[source]: Use it. Signed-off-by: Leo Famulari <leo@famulari.name>
author: Jelle Licht <jlicht@fsfe.org> 2016-08-11 17:02:41 +0200
committer: Leo Famulari <leo@famulari.name> 2016-08-11 15:42:32 -0400
commit: f2b4c18cd96a69e375d7d9b5ad1c09f8fc065571 (patch)
tree: 5cc3181c3004df7937ddae75f5ec52ee51c08bf7 /gnu/packages/web.scm
parent: e08ca4b9665a2ed35da04e450eb34c3975c05059 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index fa791ffbe1..9106295061 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -3293,7 +3293,11 @@ It uses the uwsgi protocol for all the networking/interprocess communications.")
                                   "/" name "-" version ".tar.gz"))
               (sha256
                (base32
-                "0g29kyz4ykasdcrb0zmbrp2jqs9kv1wz9swx849i2d1ncknbzln4"))))
+                "0g29kyz4ykasdcrb0zmbrp2jqs9kv1wz9swx849i2d1ncknbzln4"))
+              ;; This patch has been pushed and the vulnerability will be
+              ;; fixed in the next release after 1.5.
+              ;; https://github.com/stedolan/jq/issues/995
+              (patches (search-patches "jq-CVE-2015-8863.patch"))))
     (inputs
      `(("oniguruma" ,oniguruma)))
     (native-inputs
author	Jelle Licht <jlicht@fsfe.org>	2016-08-11 17:02:41 +0200
committer	Leo Famulari <leo@famulari.name>	2016-08-11 15:42:32 -0400
commit	f2b4c18cd96a69e375d7d9b5ad1c09f8fc065571 (patch)
tree	5cc3181c3004df7937ddae75f5ec52ee51c08bf7 /gnu/packages/web.scm
parent	e08ca4b9665a2ed35da04e450eb34c3975c05059 (diff)