From 84e082e31706411e7f9c3189a83f8ed0b4016fe7 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Fri, 19 Feb 2021 18:09:57 -0500
Subject: gnu: Python: Fix CVE-2021-3177.

* gnu/packages/patches/python-3.8-CVE-2021-3177.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/python.scm (python-3.8)[replacement]: New field.
(python-3.8/fixed): New variable.
---
 gnu/packages/python.scm | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'gnu/packages/python.scm')

diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 730c371fdac..5c5be0d78ca 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -364,6 +364,7 @@ data types.")
 (define-public python-3.8
   (package (inherit python-2)
     (name "python")
+    (replacement python-3.8/fixed)
     (version "3.8.2")
     (source (origin
               (method url-fetch)
@@ -521,6 +522,14 @@ data types.")
                                         (version-major+minor version)
                                         "/site-packages"))))))))
 
+(define python-3.8/fixed
+  (package
+    (inherit python-3.8)
+    (source (origin
+              (inherit (package-source python-3.8))
+              (patches (append (search-patches "python-3.8-CVE-2021-3177.patch")
+                               (origin-patches (package-source python-3.8))))))))
+
 (define-public python-3.9
   (package (inherit python-3.8)
     (name "python-next")
-- 
cgit v1.3