gnu: openjpeg: Add fixes for CVE-2016-{9850,9851}.

* gnu/packages/image.scm (openjpeg)[replacement]: New field.
(openjpeg/fixed): New variable, patch against CVE-2016-9850,
CVE-2016-9851.
* gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

1 files changed, 13 insertions, 0 deletions

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 36c07cb9bc..b9669ce177 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -444,6 +444,7 @@ work.")
 (define-public openjpeg
   (package
     (name "openjpeg")
+    (replacement openjpeg/fixed)
     (version "2.1.1")
     (source
       (origin
@@ -480,9 +481,21 @@ error-resilience, a Java-viewer for j2k-images, ...")
     (home-page "https://github.com/uclouvain/openjpeg")
     (license license:bsd-2)))
 
+(define openjpeg/fixed
+  (package
+    (inherit openjpeg)
+    (source
+      (origin
+        (inherit (package-source openjpeg))
+        (patches
+          (append
+            (origin-patches (package-source openjpeg))
+            (search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch")))))))
+
 (define-public openjpeg-1
   (package (inherit openjpeg)
     (name "openjpeg")
+    (replacement #f)
     (version "1.5.2")
     (source
      (origin