diff options
author | Leo Famulari <leo@famulari.name> | 2016-12-30 14:29:48 -0500 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2016-12-30 14:33:21 -0500 |
commit | 858b9afeaf1b41dc524b50c568dccb38c8ef4e73 (patch) | |
tree | 9bc1d4e34027d2a435abd4a566c37a9bca7c0195 /gnu | |
parent | 6023041346c79f7ac4105bba2552a82019fae840 (diff) | |
download | gnu-guix-858b9afeaf1b41dc524b50c568dccb38c8ef4e73.tar gnu-guix-858b9afeaf1b41dc524b50c568dccb38c8ef4e73.tar.gz |
gnu: libpng: Mention CVE-2016-10087.
* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: Rename to ...
* gnu/packages/patches/libpng-CVE-2016-10087.patch: ... this.
* gnu/local.mk (dist_patch_DATA): Adjust.
* gnu/packages/image.scm (libpng/fixed)[source]: Use renamed patch.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/local.mk | 2 | ||||
-rw-r--r-- | gnu/packages/image.scm | 2 | ||||
-rw-r--r-- | gnu/packages/patches/libpng-CVE-2016-10087.patch (renamed from gnu/packages/patches/libpng-fix-null-ptr-dereference.patch) | 3 |
3 files changed, 4 insertions, 3 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index b7c182fbf6..69633131e6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -675,7 +675,7 @@ dist_patch_DATA = \ %D%/packages/patches/libmad-armv7-thumb-pt2.patch \ %D%/packages/patches/libmad-frame-length.patch \ %D%/packages/patches/libmad-mips-newgcc.patch \ - %D%/packages/patches/libpng-fix-null-ptr-dereference.patch \ + %D%/packages/patches/libpng-CVE-2016-10087.patch \ %D%/packages/patches/libssh-0.6.5-CVE-2016-0739.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 687596f966..ab4d3b0e57 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -95,7 +95,7 @@ library. It supports almost all PNG features and is extensible.") (source (origin (inherit (package-source libpng)) - (patches (search-patches "libpng-fix-null-ptr-dereference.patch")))))) + (patches (search-patches "libpng-CVE-2016-10087.patch")))))) (define-public libpng-1.2 (package diff --git a/gnu/packages/patches/libpng-fix-null-ptr-dereference.patch b/gnu/packages/patches/libpng-CVE-2016-10087.patch index 192459162b..8093b3e448 100644 --- a/gnu/packages/patches/libpng-fix-null-ptr-dereference.patch +++ b/gnu/packages/patches/libpng-CVE-2016-10087.patch @@ -1,5 +1,6 @@ -Fix a null pointer dereference in png_set_text_2(): +Fix CVE-2016-10087, a null pointer dereference in png_set_text_2(): +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 http://seclists.org/oss-sec/2016/q4/777 Patch adapted from upstream source repository: |