From 66fa2d318a1e4da3679fa1c5a70cd3972dc0efbf Mon Sep 17 00:00:00 2001
From: Jelle Licht <jlicht@fsfe.org>
Date: Tue, 16 Feb 2021 23:28:58 +0100
Subject: gnu: http-parser: Update to 2.9.4-1.ec8b5ee [fixes CVE-2020-8287].

Fixes CVE-2020-8287.

* gnu/packages/web.scm (http-parser): Update to 2.9.4-1.ec8b5ee.
  [source]: Add patch to mitigate CVE.
* gnu/packages/patches/patches/http-parser-CVE-2020-8287.patch: New file.
* gnu/local.mk [dist_patch_DATA]: New patch.
---
 gnu/local.mk | 1 +
 1 file changed, 1 insertion(+)

(limited to 'gnu/local.mk')

diff --git a/gnu/local.mk b/gnu/local.mk
index ae5a65cfcf..ab0c1b0e97 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1164,6 +1164,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/hdf-eos5-remove-gctp.patch		\
   %D%/packages/patches/hdf-eos5-fix-szip.patch			\
   %D%/packages/patches/hdf-eos5-fortrantests.patch		\
+  %D%/packages/patches/http-parser-CVE-2020-8287.patch		\
   %D%/packages/patches/http-parser-fix-assertion-on-armhf.patch	\
   %D%/packages/patches/hubbub-sort-entities.patch		\
   %D%/packages/patches/hurd-cross.patch				\
-- 
cgit v1.2.3