From 1f90b80f8bf776cce5c312b3c519c3fa79fc79f5 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Wed, 5 Oct 2016 13:27:53 -0400
Subject: gnu: libxtst: Fix CVE-2016-{7951,7952}.

* gnu/packages/patches/libxtst-CVE-2016-7951-CVE-2016-7952.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/xorg.scm (libxtst)[replacement]: New field.
(libxtst/fixed): New variable.
---
 gnu/packages/xorg.scm | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'gnu/packages/xorg.scm')

diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 2df6631e2a..111de2b65a 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -4639,6 +4639,7 @@ cannot be adequately worked around on the client side of the wire.")
 (define-public libxtst
   (package
     (name "libxtst")
+    (replacement libxtst/fixed)
     (version "1.2.2")
     (source
       (origin
@@ -4674,6 +4675,13 @@ The RECORD extension supports the recording and reporting of all core X
 protocol and arbitrary X extension protocol.")
     (license license:x11)))
 
+(define libxtst/fixed
+  (package
+    (inherit libxtst)
+    (source (origin
+              (inherit (package-source libxtst))
+              (patches (search-patches
+                         "libxtst-CVE-2016-7951-CVE-2016-7952.patch"))))))
 
 (define-public libxv
   (package
-- 
cgit v1.2.3