From 0c5a8007fe3cfc792bf5f692342a84165f706441 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Wed, 14 Jun 2017 16:34:10 -0400
Subject: gnu: zziplib: Fix CVE-2017-{5974,5975,5976,5978,5979,5981}.

* gnu/packages/patches/zziplib-CVE-2017-5974.patch,
gnu/packages/patches/zziplib-CVE-2017-5975.patch,
gnu/packages/patches/zziplib-CVE-2017-5976.patch,
gnu/packages/patches/zziplib-CVE-2017-5978.patch,
gnu/packages/patches/zziplib-CVE-2017-5979.patch,
gnu/packages/patches/zziplib-CVE-2017-5981.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/zip.scm (zziplib)[source]: Use them.
---
 gnu/packages/zip.scm | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'gnu/packages/zip.scm')

diff --git a/gnu/packages/zip.scm b/gnu/packages/zip.scm
index 8feb4fea21..018891359b 100644
--- a/gnu/packages/zip.scm
+++ b/gnu/packages/zip.scm
@@ -136,6 +136,12 @@ recreates the stored directory structure by default.")
       (uri (string-append "mirror://sourceforge/zziplib/zziplib13/"
                           version "/zziplib-"
                           version ".tar.bz2"))
+      (patches (search-patches "zziplib-CVE-2017-5974.patch"
+                               "zziplib-CVE-2017-5975.patch"
+                               "zziplib-CVE-2017-5976.patch"
+                               "zziplib-CVE-2017-5978.patch"
+                               "zziplib-CVE-2017-5979.patch"
+                               "zziplib-CVE-2017-5981.patch"))
       (sha256
        (base32
         "0nsjqxw017hiyp524p9316283jlf5piixc1091gkimhz38zh7f51"))))
-- 
cgit v1.2.3