mirror/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2025-01-23 10:47:24 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: nss: Graft to fix CVE-2023-0767.

Browse source 
* gnu/packages/nss.scm (nss-next): Update to 3.88.1.
(nss): Add a replacement field pointing to…
(nss/fixed): …this new variable, based on nss-next.
This commit is contained in:
Tobias Geerinckx-Rice 2023-02-12 01:00:04 +01:00
parent 89a1d52821
commit b04ee227a4
No known key found for this signature in database
GPG key ID: 0DB0FF884F556D79
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
gnu/packages/nss.scm
View file

@ -123,6 +123,7 @@ (define-public nspr-next
(define-public nss
(package
(name "nss")
(replacement nss/fixed)
;; Also update and test the nss-certs package, which duplicates version and
;; source to avoid a top-level variable reference & module cycle.
(version "3.81")
@ -259,3 +260,8 @@ (define-public nss-next
(base32
"15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))))
(propagated-inputs (list nspr-next)))) ;required by nss.pc
(define nss/fixed
(package
(inherit nss-next)
(version "3.88"))) ; slight inaccuracy to allow grafting