From 81ffe6377385a3035d75cf9c8a1b61f32796c2ad Mon Sep 17 00:00:00 2001
From: Ludovic Courtès <ludo@gnu.org>
Date: Wed, 6 Nov 2019 12:02:22 +0100
Subject: gnu: cpio: Update to 2.13 [fixes CVE-2015-1197, CVE-2019-14866].

* gnu/packages/cpio.scm (cpio): Update to 2.13.
Remove "cpio-CVE-2016-2037.patch".
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/packages/cpio.scm | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'gnu/packages/cpio.scm')

diff --git a/gnu/packages/cpio.scm b/gnu/packages/cpio.scm
index 77a0c82d2e..58b2f45937 100644
--- a/gnu/packages/cpio.scm
+++ b/gnu/packages/cpio.scm
@@ -28,15 +28,14 @@ (define-module (gnu packages cpio)
 (define-public cpio
   (package
     (name "cpio")
-    (version "2.12")
+    (version "2.13")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnu/cpio/cpio-"
                                  version ".tar.bz2"))
              (sha256
               (base32
-               "0vi9q475h1rki53100zml75vxsykzyhrn70hidy41s5c2rc8r6bh"))
-             (patches (search-patches "cpio-CVE-2016-2037.patch"))))
+               "0vbgnhkawdllgnkdn6zn1f56fczwk0518krakz2qbwhxmv2vvdga"))))
     (build-system gnu-build-system)
     (home-page "https://www.gnu.org/software/cpio/")
     (synopsis "Manage cpio and tar file archives")
-- 
cgit v1.2.3