gnu: zlib: Update to 1.2.12 [fixes CVE-2018-25032].

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 https://seclists.org/oss-sec/2022/q1/191 * gnu/packages/compression.scm (zlib)[replacement]: New field. (zlib-1.2.12): New variable.
2022-03-28 00:03:35 -04:00 · 2022-03-28 00:03:35 -04:00 · c2c93abd18
parent 5fd9d3ba82
commit c2c93abd18
1 changed files with 16 additions and 0 deletions
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@ -103,6 +103,7 @@ (define-module (gnu packages compression)
 (define-public zlib
  (package
    (name "zlib")
+    (replacement zlib-1.2.12)
    (version "1.2.11")
    (source
     (origin
@ -164,6 +165,21 @@ (define-public zlib
 in compression.")
    (license license:zlib)))

+(define-public zlib-1.2.12
+  (package
+    (inherit zlib)
+    (version "1.2.12")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (list (string-append "http://zlib.net/zlib-"
+                                 version ".tar.gz")
+                 (string-append "mirror://sourceforge/libpng/zlib/"
+                                version "/zlib-" version ".tar.gz")))
+      (sha256
+       (base32
+        "1n9na4fq4wagw1nzsfjr6wyly960jfa94460ncbf6p1fac44i14i"))))))
+
 (define-public minizip
  (package
    (name "minizip")