From 5ff0c8997a2ddf71af477883584a5f9ccd9b757f Mon Sep 17 00:00:00 2001
From: Kaelyn Takata <kaelyn.alexi@protonmail.com>
Date: Fri, 16 Jun 2023 18:47:52 +0000
Subject: gnu: libx11: Graft with 1.8.6 [security fixes].

Includes fix for: CVE-2023-3138.

* gnu/packages/xorg.scm (libx11-fixed): New variable.
(libx11)[replacement]: Graft.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
---
 gnu/packages/xorg.scm | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'gnu')

diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 38bd38a85f..08cbd8d757 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5307,6 +5307,7 @@ Wayland.")
   (package
     (name "libx11")
     (version "1.8.1")
+    (replacement libx11-fixed)          ;security fixes
     (source
      (origin
        (method url-fetch)
@@ -5336,6 +5337,19 @@ Wayland.")
     (description "Xorg Core X11 protocol client library.")
     (license license:x11)))
 
+(define-public libx11-fixed
+  (package
+    (inherit libx11)
+    (version "1.8.6")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "mirror://xorg/individual/lib/libX11-"
+                           version ".tar.xz"))
+       (sha256
+        (base32
+         "1jawl8zp1h7hdmxx1sc6kmxkki187d9yixr2l03ai6wqqry5nlsr"))))))
+
 ;; packages of height 5 in the propagated-inputs tree
 
 (define-public libxcursor
-- 
cgit v1.2.3