aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-29 20:58:13 -0400
committerLeo Famulari <leo@famulari.name>2016-08-29 21:04:17 -0400
commit568230c3787002af8c174838c334e39f0128a2bb (patch)
tree87527c7b927ab5247f8d9195c4f66ecea9f8365b
parent4b4fc92fe59833701b3a023fb4befde8196424cb (diff)
downloadguix-568230c3787002af8c174838c334e39f0128a2bb.tar
guix-568230c3787002af8c174838c334e39f0128a2bb.tar.gz
gnu: libtiff: Incorporate grafted security patches.
* gnu/packages/image.scm (libtiff)[source]: Add patches from libtiff/fixed. [replacement]: Remove field. (libtiff/fixed): Remove variable.
-rw-r--r--gnu/packages/image.scm27
1 files changed, 8 insertions, 19 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 4fdc4ae252..067759b522 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -150,7 +150,6 @@ maximum quality factor.")
(define-public libtiff
(package
(name "libtiff")
- (replacement libtiff/fixed)
(version "4.0.6")
(source (origin
(method url-fetch)
@@ -161,7 +160,14 @@ maximum quality factor.")
(patches (search-patches
"libtiff-oob-accesses-in-decode.patch"
"libtiff-oob-write-in-nextdecode.patch"
- "libtiff-CVE-2015-8665+CVE-2015-8683.patch"))))
+ "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
+ "libtiff-CVE-2016-3623.patch"
+ "libtiff-CVE-2016-3945.patch"
+ "libtiff-CVE-2016-3990.patch"
+ "libtiff-CVE-2016-3991.patch"
+ "libtiff-CVE-2016-5314.patch"
+ "libtiff-CVE-2016-5321.patch"
+ "libtiff-CVE-2016-5323.patch"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.3 MiB of HTML documentation
@@ -183,23 +189,6 @@ collection of tools for doing simple manipulations of TIFF images.")
"See COPYRIGHT in the distribution."))
(home-page "http://www.remotesensing.org/libtiff/")))
-(define libtiff/fixed
- (package
- (inherit libtiff)
- (source (origin
- (inherit (package-source libtiff))
- (patches (search-patches
- "libtiff-oob-accesses-in-decode.patch"
- "libtiff-oob-write-in-nextdecode.patch"
- "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
- "libtiff-CVE-2016-3623.patch"
- "libtiff-CVE-2016-3945.patch"
- "libtiff-CVE-2016-3990.patch"
- "libtiff-CVE-2016-3991.patch"
- "libtiff-CVE-2016-5314.patch"
- "libtiff-CVE-2016-5321.patch"
- "libtiff-CVE-2016-5323.patch"))))))
-
(define-public libwmf
(package
(name "libwmf")