gnu: aspell: Fix CVE-2019-25051 with a graft.

This partially reverts commit 468c95e941 in order to prevent rebuilding 2k+ packages via 'inkscape'. * gnu/packages/aspell.scm (aspell)[replacement]: New field. [source](patches): Remove "aspell-CVE-2019-25051.patch". (aspell/replacement): New private variable.
2025-01-19 05:57:04 +01:00 · 2022-08-10 09:50:02 +02:00 · 2022-08-10 09:50:02 +02:00 · 924a78b114
commit 924a78b114
parent 2111a4eee7
1 changed files with 12 additions and 2 deletions
--- a/gnu/packages/aspell.scm
+++ b/gnu/packages/aspell.scm
@ -47,6 +47,7 @@ (define-public aspell
  (package
    (name "aspell")
    (version "0.60.8")
+    (replacement aspell/replacement)
    (source
     (origin
      (method url-fetch)
@ -55,8 +56,7 @@ (define-public aspell
      (sha256
       (base32
        "1wi60ankalmh8ds7nplz434jd7j94gdvbahdwsr539rlad8pxdzr"))
-      (patches (search-patches "aspell-default-dict-dir.patch"
-                               "aspell-CVE-2019-25051.patch"))))
+      (patches (search-patches "aspell-default-dict-dir.patch"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases
@ -93,6 +93,16 @@ (define-public aspell
 dictionaries, including personal ones.")
    (license lgpl2.1+)))

+;; Replacement package with security fixes.
+(define aspell/replacement
+  (package
+    (inherit aspell)
+    (source
+     (origin
+       (inherit (package-source aspell))
+       (patches (append (origin-patches (package-source aspell))
+                        (search-patches "aspell-CVE-2019-25051.patch")))))))
+
 ;;;
 ;;; Dictionaries.
 ;;;