From 9a53a79fc54e01932bd727ec519403ea4c2c3efc Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Tue, 9 Aug 2022 22:39:26 +0300
Subject: gnu: gnupg: Patch CVE-2022-34903.

* gnu/packages/gnupg.scm (gnupg)[replacement]: New field.
(gnupg/replacement): New variable.
* gnu/packages/patches/gnupg-CVE-2022-34903.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
---
 gnu/packages/gnupg.scm | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'gnu/packages/gnupg.scm')

diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index 08fa1570d6..90215a6877 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -285,6 +285,7 @@ (define-public gnupg
     ;; Note2: 2.2.33 currently suffers from regressions, so do not update to it
     ;; (see: https://dev.gnupg.org/T5742).
     (version "2.2.32")
+    (replacement gnupg/fixed)
     (source (origin
               (method url-fetch)
               (uri (string-append "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-" version
@@ -352,6 +353,15 @@ (define-public gnupg
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/gnupg")))))
 
+(define gnupg/fixed
+  (package
+    (inherit gnupg)
+    (source (origin
+              (inherit (package-source gnupg))
+              (patches
+                (append (origin-patches (package-source gnupg))
+                        (search-patches "gnupg-CVE-2022-34903.patch")))))))
+
 (define-public gnupg-1
   (package (inherit gnupg)
     (version "1.4.23")
-- 
cgit v1.2.3