diff options
author | Leo Famulari <leo@famulari.name> | 2017-07-09 02:11:33 -0400 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2017-07-09 02:25:27 -0400 |
commit | b3cc304b3050e89858c88947fbd7d76c108b5d67 (patch) | |
tree | c9db6f5f4e8ebb42c13424677fe4ff762af2da14 /gnu/local.mk | |
parent | 447f75825fbe473f0684d4664dde01d9d3a02d75 (diff) | |
download | gnu-guix-b3cc304b3050e89858c88947fbd7d76c108b5d67.tar gnu-guix-b3cc304b3050e89858c88947fbd7d76c108b5d67.tar.gz |
gnu: poppler: Use an ABI-compatible replacement to fix CVE-2017-9776.
This is a followup to commit 95bbaa02aa63bc5eae36f686f1ed9915663aa4cf.
See <https://bugs.gnu.org/27621> for more information.
Poppler 0.56.0's ABI is not compatible with Poppler 0.52.0, so it's not
possible to graft the newer version in place of the older one.
This change leaves CVE-2017-9775 unfixed for now.
* gnu/packages/patches/poppler-CVE-2017-9776.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (poppler-0.56.0): Replace with ...
(poppler/fixed): ... new variable.
(poppler)[replacement]: Replaced with poppler/fixed.
Diffstat (limited to 'gnu/local.mk')
-rw-r--r-- | gnu/local.mk | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 1bcd790f26..20c78af072 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -913,6 +913,7 @@ dist_patch_DATA = \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ %D%/packages/patches/polkit-drop-test.patch \ %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch \ + %D%/packages/patches/poppler-CVE-2017-9776.patch \ %D%/packages/patches/portaudio-audacity-compat.patch \ %D%/packages/patches/portmidi-modular-build.patch \ %D%/packages/patches/procmail-ambiguous-getline-debian.patch \ |