diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2022-01-26 12:52:59 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2022-01-26 17:54:59 +0100 |
| commit | 3993d33d1c0129b1ca6f0fd122fe2bbe48e4f093 (patch) | |
| tree | 182bbe63da023c76e743cbda553bf315bc4ea579 /gnu/packages/polkit.scm | |
| parent | 73d775f518e8bf9c658cb0a161b22209c71e75aa (diff) | |
gnu: polkit: Fix CVE-2021-4034.
* gnu/packages/patches/polkit-CVE-2021-4034.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/polkit.scm (polkit-mozjs)[replacement]: New field.
* gnu/packages/polkit.scm (polkit-mozjs/fixed): New variable.
Diffstat (limited to 'gnu/packages/polkit.scm')
| -rw-r--r-- | gnu/packages/polkit.scm | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/gnu/packages/polkit.scm b/gnu/packages/polkit.scm index e4f4b1276f..1ae94be751 100644 --- a/gnu/packages/polkit.scm +++ b/gnu/packages/polkit.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 Andy Wingo <wingo@igalia.com> -;;; Copyright © 2015, 2021 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2015, 2021-2022 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2017 Huang Ying <huang.ying.caritas@gmail.com> @@ -54,6 +54,7 @@ (package (name "polkit") (version "0.120") + (replacement polkit-mozjs/fixed) (source (origin (method url-fetch) (uri (string-append @@ -146,6 +147,16 @@ making process with respect to granting access to privileged operations for unprivileged applications.") (license lgpl2.0+))) +(define-public polkit-mozjs/fixed + (package + (inherit polkit-mozjs) + (version "0.121") + (source (origin + (inherit (package-source polkit-mozjs)) + (patches (cons (search-patch "polkit-CVE-2021-4034.patch") + (origin-patches + (package-source polkit-mozjs)))))))) + ;;; Variant of polkit built with Duktape, a lighter JavaScript engine compared ;;; to mozjs. (define-public polkit-duktape |