On Sat, Nov 26, 2016 at 03:34:23PM -0500, Kei Kebreau wrote: > Leo Famulari <l...@famulari.name> writes: > > > On Sat, Nov 26, 2016 at 03:03:46PM -0500, Leo Famulari wrote: > >> * gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file. > >> * gnu/local.mk (dist_patch_DATA): Add it. > >> * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field. > >> (cyrus-sasl/fixed): New variable. > >> [source]: Use patch. > > > >> diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch > >> b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch > >> new file mode 100644 > >> index 0000000..4e79947 > >> --- /dev/null > >> +++ b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch > >> @@ -0,0 +1,130 @@ > >> +Fix CVE-2013-4122. > >> + > >> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122 > >> + > >> +Upstream patch: > >> +https://cgit.cyrus.foundation/cyrus-sasl/patch/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d > > > > I forgot to update this URL to the new repo: > > > > https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d > > > > I can't reach the cyrus.foundation repo. > > Neither can I. This patch looks good with the new repo!
Okay, I pushed it to master and ungrafted on core-updates.
signature.asc
Description: PGP signature
