aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/fontutils.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-04-29 11:55:33 -0400
committerLeo Famulari <leo@famulari.name>2017-04-29 12:14:03 -0400
commit86f48a8dbff4528d1351676f429fa6a3d0afefd5 (patch)
treeac666c84c45aac84390df9dcd1444af40e4e8513 /gnu/packages/fontutils.scm
parente24d52713140f339e3ac366f31d27dd413edd557 (diff)
downloadguix-86f48a8dbff4528d1351676f429fa6a3d0afefd5.tar
guix-86f48a8dbff4528d1351676f429fa6a3d0afefd5.tar.gz
gnu: freetype: Fix CVE-2017-{8105,8287}.
* gnu/packages/patches/freetype-CVE-2017-8105.patch, gnu/packages/patches/freetype-CVE-2017-8287.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/fontutils.scm (freetype)[replacement]: New field. (freetype/fixed): New variable.
Diffstat (limited to 'gnu/packages/fontutils.scm')
-rw-r--r--gnu/packages/fontutils.scm10
1 files changed, 10 insertions, 0 deletions
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index cc6d1df597..1c4d7d07ff 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -48,6 +48,7 @@
(define-public freetype
(package
(name "freetype")
+ (replacement freetype/fixed)
(version "2.7.1")
(source (origin
(method url-fetch)
@@ -73,6 +74,15 @@ anti-aliased glyph bitmap generation with 256 gray levels.")
(license license:freetype) ; some files have other licenses
(home-page "https://www.freetype.org/")))
+(define freetype/fixed
+ (package
+ (inherit freetype)
+ (source
+ (origin
+ (inherit (package-source freetype))
+ (patches (search-patches "freetype-CVE-2017-8105.patch"
+ "freetype-CVE-2017-8287.patch"))))))
+
(define-public ttfautohint
(package
(name "ttfautohint")