aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/pdf.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-01-12 19:06:55 +0100
committerLeo Famulari <leo@famulari.name>2017-01-15 20:24:30 -0500
commitaf8c7e10147acd105fe33f60baab2d1d21f38f7b (patch)
treeb3ffefc2be903e19b020432d26266c3e94baffe0 /gnu/packages/pdf.scm
parent6da5bb7b1b7ddf4aa5a5efcb83250506bcd67036 (diff)
downloadgnu-guix-af8c7e10147acd105fe33f60baab2d1d21f38f7b.tar
gnu-guix-af8c7e10147acd105fe33f60baab2d1d21f38f7b.tar.gz
gnu: mupdf: Fix CVE-2016-{10132,10133} in bundled mujs.
* gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch, gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/pdf.scm (mupdf)[replacement]: New field. (mupdf/fixed): New variable. Co-authored-by: Leo Famulari <leo@famulari.name>
Diffstat (limited to 'gnu/packages/pdf.scm')
-rw-r--r--gnu/packages/pdf.scm16
1 files changed, 15 insertions, 1 deletions
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index 9b3571e67b..5e1c0db51e 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -6,10 +6,11 @@
;;; Copyright © 2016 Roel Janssen <roel@gnu.org>
;;; Coypright © 2016 ng0 <ng0@we.make.ritual.n0.is>
;;; Coypright © 2016 Efraim Flashner <efraim@flashner.co.il>
-;;; Coypright © 2016 Marius Bakke <mbakke@fastmail.com>
+;;; Coypright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
;;; Coypright © 2016 Ludovic Courtès <ludo@gnu.org>
;;; Coypright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net>
+;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -480,6 +481,7 @@ extracting content or merging files.")
(define-public mupdf
(package
(name "mupdf")
+ (replacement mupdf/fixed)
(version "1.10a")
(source
(origin
@@ -538,6 +540,18 @@ line tools for batch rendering (pdfdraw), rewriting files (pdfclean),
and examining the file structure (pdfshow).")
(license license:agpl3+)))
+(define mupdf/fixed
+ (package
+ (inherit mupdf)
+ (source
+ (origin
+ (inherit (package-source mupdf))
+ (patches
+ (append
+ (origin-patches (package-source mupdf))
+ (search-patches "mupdf-mujs-CVE-2016-10132.patch"
+ "mupdf-mujs-CVE-2016-10133.patch")))))))
+
(define-public qpdf
(package
(name "qpdf")