nckx pushed a commit to branch master
in repository guix.
commit b04ee227a47419291391a2b6e857e41ed1c32155
Author: Tobias Geerinckx-Rice <[email protected]>
AuthorDate: Sun Feb 12 01:00:04 2023 +0100
gnu: nss: Graft to fix CVE-2023-0767.
* gnu/packages/nss.scm (nss-next): Update to 3.88.1.
(nss): Add a replacement field pointing to…
(nss/fixed): …this new variable, based on nss-next.
---
gnu/packages/nss.scm | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index c06807c808..60247f34a2 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -123,6 +123,7 @@ in the Mozilla clients.")
(define-public nss
(package
(name "nss")
+ (replacement nss/fixed)
;; Also update and test the nss-certs package, which duplicates version and
;; source to avoid a top-level variable reference & module cycle.
(version "3.81")
@@ -259,3 +260,8 @@ security standards.")
(base32
"15il9fsmixa1r4446zq1wl627sg0hz9h67w6kjxz273xz3nl7li7"))))
(propagated-inputs (list nspr-next)))) ;required by nss.pc
+
+(define nss/fixed
+ (package
+ (inherit nss-next)
+ (version "3.88"))) ; slight inaccuracy to allow grafting
