From bc01cbbc64a150b291b2f3c2387af887ddab59fa Mon Sep 17 00:00:00 2001
From: Lancelot SIX <lsix@lancelotsix.com>
Date: Thu, 18 Aug 2016 09:42:40 +0200
Subject: [PATCH 1/3] libgcrypt_1_5: 1.5.4 -> 1.5.6

Fixes CVE-2016-6316.

See http://lists.gnu.org/archive/html/info-gnu/2016-08/msg00008.html
---
 pkgs/development/libraries/libgcrypt/1.5.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/libgcrypt/1.5.nix b/pkgs/development/libraries/libgcrypt/1.5.nix
index 4287c86dbd5..4139af2eac2 100644
--- a/pkgs/development/libraries/libgcrypt/1.5.nix
+++ b/pkgs/development/libraries/libgcrypt/1.5.nix
@@ -3,11 +3,11 @@
 assert enableCapabilities -> stdenv.isLinux;
 
 stdenv.mkDerivation rec {
-  name = "libgcrypt-1.5.4";
+  name = "libgcrypt-1.5.6";
 
   src = fetchurl {
     url = "mirror://gnupg/libgcrypt/${name}.tar.bz2";
-    sha256 = "0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m";
+    sha256 = "0ydy7bgra5jbq9mxl5x031nif3m6y3balc6ndw2ngj11wnsjc61h";
   };
 
   buildInputs =

From c4a7bdd2480a05f295481e8408c534fca69d2d4e Mon Sep 17 00:00:00 2001
From: Lancelot SIX <lsix@lancelotsix.com>
Date: Thu, 18 Aug 2016 09:49:00 +0200
Subject: [PATCH 2/3] libgcrypt: 1.7.2 -> 1.7.3

Fixes CVE-2016-6316.

See http://lists.gnu.org/archive/html/info-gnu/2016-08/msg00008.html
---
 pkgs/development/libraries/libgcrypt/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/libgcrypt/default.nix b/pkgs/development/libraries/libgcrypt/default.nix
index 58de089a717..237a7ff0094 100644
--- a/pkgs/development/libraries/libgcrypt/default.nix
+++ b/pkgs/development/libraries/libgcrypt/default.nix
@@ -4,11 +4,11 @@ assert enableCapabilities -> stdenv.isLinux;
 
 stdenv.mkDerivation rec {
   name = "libgcrypt-${version}";
-  version = "1.7.2";
+  version = "1.7.3";
 
   src = fetchurl {
     url = "mirror://gnupg/libgcrypt/${name}.tar.bz2";
-    sha256 = "17v8nvvxagcwxz46apzz575l8682kfd78pf00i2kbavfdn8dyd9x";
+    sha256 = "0wbh6fq5zi9wg2xcfvfpwh7dv52jihivx1vm4h91c2kx0w8n3b6x";
   };
 
   outputs = [ "dev" "out" "info" ];

From 6a1e9d253da8e10d887f51a2c872d1fc7f3d87f3 Mon Sep 17 00:00:00 2001
From: Lancelot SIX <lsix@lancelotsix.com>
Date: Thu, 18 Aug 2016 09:53:15 +0200
Subject: [PATCH 3/3] gnupg1orig: 1.4.20 -> 1.4.21

Fixes CVE-2016-6316.

See http://lists.gnu.org/archive/html/info-gnu/2016-08/msg00008.html
---
 pkgs/tools/security/gnupg/1.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/tools/security/gnupg/1.nix b/pkgs/tools/security/gnupg/1.nix
index 4766968b06f..0dbea652959 100644
--- a/pkgs/tools/security/gnupg/1.nix
+++ b/pkgs/tools/security/gnupg/1.nix
@@ -1,11 +1,11 @@
 { stdenv, fetchurl, readline, bzip2 }:
 
 stdenv.mkDerivation rec {
-  name = "gnupg-1.4.20";
+  name = "gnupg-1.4.21";
 
   src = fetchurl {
     url = "mirror://gnupg/gnupg/${name}.tar.bz2";
-    sha256 = "1k7d6zi0zznqsmcjic0yrgfhqklqz3qgd3yac7wxsa7s6088p604";
+    sha256 = "0xi2mshq8f6zbarb5f61c9w2qzwrdbjm4q8fqsrwlzc51h8a6ivb";
   };
 
   buildInputs = [ readline bzip2 ];