Leo Famulari <l...@famulari.name> writes: > On Sat, Nov 26, 2016 at 03:03:46PM -0500, Leo Famulari wrote: >> * gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file. >> * gnu/local.mk (dist_patch_DATA): Add it. >> * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field. >> (cyrus-sasl/fixed): New variable. >> [source]: Use patch. > >> diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch >> b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch >> new file mode 100644 >> index 0000000..4e79947 >> --- /dev/null >> +++ b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch >> @@ -0,0 +1,130 @@ >> +Fix CVE-2013-4122. >> + >> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122 >> + >> +Upstream patch: >> +https://cgit.cyrus.foundation/cyrus-sasl/patch/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d > > I forgot to update this URL to the new repo: > > https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d > > I can't reach the cyrus.foundation repo.
Neither can I. This patch looks good with the new repo!
signature.asc
Description: PGP signature
