From 080a5de2eeb5e0da83ae9fd94488508d5227c4e3 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 2 Dec 2021 20:23:43 -0500 Subject: gnu: nss: Fix CVE-2021-43527 via graft. * gnu/packages/patches/nss-CVE-2021-43527.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/nss.scm (nss/fixed): New variable (nss)[replacement]: New field. --- gnu/packages/nss.scm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'gnu/packages/nss.scm') diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 25203deb31..e41d016db4 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2021 Mark H Weaver ;;; Copyright © 2016, 2017, 2018, 2019 Efraim Flashner ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice ;;; Copyright © 2020 Marius Bakke @@ -87,6 +87,7 @@ in the Mozilla clients.") (package (name "nss") (version "3.59") + (replacement nss/fixed) (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -196,3 +197,6 @@ applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.") (license license:mpl2.0))) + +(define nss/fixed + (package-with-extra-patches nss (search-patches "nss-CVE-2021-43527.patch"))) -- cgit v1.2.3