gnu: emacs-minimal: Graft with 29.4 [security fixes].

Arbitrary shell commands are no longer run when turning on Org mode.
This is for security reasons, to avoid running malicious commands.

* gnu/packages/emacs.scm (emacs-minimal/fixed): New variable.
(emacs-minimal)[replacement]: Graft.

Change-Id: Idb74ee0a05486bfe5052c4dd804fbdaec8921774
This commit is contained in:
Zheng Junjie 2024-06-23 11:41:24 +08:00
parent dd5ef2cbdd
commit 868a022cdc
No known key found for this signature in database
GPG key ID: 3B5AA993E1A2DFF0

View file

@ -24,7 +24,7 @@
;;; Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com> ;;; Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com>
;;; Copyright © 2022 Zhu Zihao <all_but_last@163.com> ;;; Copyright © 2022 Zhu Zihao <all_but_last@163.com>
;;; Copyright © 2023 Declan Tsien <declantsien@riseup.net> ;;; Copyright © 2023 Declan Tsien <declantsien@riseup.net>
;;; Copyright © 2023 Zheng Junjie <873216071@qq.com> ;;; Copyright © 2023, 2024 Zheng Junjie <873216071@qq.com>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -101,6 +101,7 @@ (define-public emacs-minimal
(package (package
(name "emacs-minimal") (name "emacs-minimal")
(version "29.3") (version "29.3")
(replacement emacs-minimal/fixed)
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "mirror://gnu/emacs/emacs-" (uri (string-append "mirror://gnu/emacs/emacs-"
@ -334,6 +335,18 @@ (define* (emacs-byte-compile-directory dir)
(files '("lib/tree-sitter"))))) (files '("lib/tree-sitter")))))
(properties `((upstream-name . "emacs"))))) (properties `((upstream-name . "emacs")))))
(define emacs-minimal/fixed
(package
(inherit emacs-minimal)
(version "29.4")
(source
(origin (inherit (package-source emacs-minimal))
(uri (string-append "mirror://gnu/emacs/emacs-"
version ".tar.xz"))
(sha256
(base32
"0dd2mh6maa7dc5f49qdzj7bi4hda4wfm1cvvgq560djcz537k2ds"))))))
(define-public emacs-no-x (define-public emacs-no-x
(package/inherit emacs-minimal (package/inherit emacs-minimal
(name "emacs-no-x") (name "emacs-no-x")