This is an automated email from the git hooks/post-receive script.
mbakke pushed a commit to branch master
in repository guix.
The following commit(s) were added to refs/heads/master by this push:
new 924a78b114 gnu: aspell: Fix CVE-2019-25051 with a graft.
924a78b114 is described below
commit 924a78b1148e8a433178c6e9737e0029691b0022
Author: Marius Bakke <[email protected]>
AuthorDate: Wed Aug 10 09:50:02 2022 +0200
gnu: aspell: Fix CVE-2019-25051 with a graft.
This partially reverts commit 468c95e9415bc303cfa36c9b67bbd2ce0abe904b in
order to prevent rebuilding 2k+ packages via 'inkscape'.
* gnu/packages/aspell.scm (aspell)[replacement]: New field.
[source](patches): Remove "aspell-CVE-2019-25051.patch".
(aspell/replacement): New private variable.
---
gnu/packages/aspell.scm | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/aspell.scm b/gnu/packages/aspell.scm
index d2737ee79a..ec0dafbc7a 100644
--- a/gnu/packages/aspell.scm
+++ b/gnu/packages/aspell.scm
@@ -47,6 +47,7 @@
(package
(name "aspell")
(version "0.60.8")
+ (replacement aspell/replacement)
(source
(origin
(method url-fetch)
@@ -55,8 +56,7 @@
(sha256
(base32
"1wi60ankalmh8ds7nplz434jd7j94gdvbahdwsr539rlad8pxdzr"))
- (patches (search-patches "aspell-default-dict-dir.patch"
- "aspell-CVE-2019-25051.patch"))))
+ (patches (search-patches "aspell-default-dict-dir.patch"))))
(build-system gnu-build-system)
(arguments
`(#:phases
@@ -93,6 +93,16 @@ documents written in the UTF-8 encoding and its ability to
use multiple
dictionaries, including personal ones.")
(license lgpl2.1+)))
+;; Replacement package with security fixes.
+(define aspell/replacement
+ (package
+ (inherit aspell)
+ (source
+ (origin
+ (inherit (package-source aspell))
+ (patches (append (origin-patches (package-source aspell))
+ (search-patches "aspell-CVE-2019-25051.patch")))))))
+
;;;
;;; Dictionaries.
;;;
