From 70128b8afacf332b0aff69ebcad6868fd158e8ad Mon Sep 17 00:00:00 2001 From: Léo Le Bouter Date: Wed, 10 Mar 2021 11:49:35 +0100 Subject: gnu: cyrus-sasl: Fix CVE-2019-19906. * gnu/packages/patches/cyrus-sasl-CVE-2019-19906.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/cyrus-sasl.scm (cyrus-sasl/fixed): New variable. Apply patch. (cyrus-sasl)[replacement]: Graft. --- gnu/packages/cyrus-sasl.scm | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'gnu/packages/cyrus-sasl.scm') diff --git a/gnu/packages/cyrus-sasl.scm b/gnu/packages/cyrus-sasl.scm index 3e65a1faf6..691349a38f 100644 --- a/gnu/packages/cyrus-sasl.scm +++ b/gnu/packages/cyrus-sasl.scm @@ -45,6 +45,7 @@ (define-public cyrus-sasl (sha256 (base32 "1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6")) (patches (search-patches "cyrus-sasl-ac-try-run-fix.patch")))) + (replacement cyrus-sasl/fixed) (build-system gnu-build-system) (native-inputs `(("autoconf" ,autoconf) @@ -80,3 +81,20 @@ (define-public cyrus-sasl (license (license:non-copyleft "file://COPYING" "See COPYING in the distribution.")) (home-page "https://cyrusimap.org/sasl/"))) + +(define-public cyrus-sasl/fixed + (package + (inherit cyrus-sasl) + (version "2.1.27") + (source (origin + (method url-fetch) + (uri (list (string-append + "https://cyrusimap.org/releases/cyrus-sasl-" + version ".tar.gz") + (string-append + "ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-" + version ".tar.gz"))) + (sha256 (base32 + "1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6")) + (patches (search-patches "cyrus-sasl-ac-try-run-fix.patch" + "cyrus-sasl-CVE-2019-19906.patch")))))) -- cgit v1.2.3