diff options
author | Mark H Weaver <mhw@netris.org> | 2016-01-21 00:28:03 -0500 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2016-01-21 00:30:15 -0500 |
commit | 86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1 (patch) | |
tree | 9d0ee514085917f8bad1ec34754197cde838295a /gnu/packages/image.scm | |
parent | a2190cccc2f2b371cf4a4259519ee3466f2f63ac (diff) | |
download | guix-86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1.tar guix-86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1.tar.gz |
gnu: libtiff: Update to 4.0.6. Add fixes for CVE-2015-{8665,8683}.
* gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch,
gnu/packages/patches/libtiff-oob-accesses-in-decode.patch,
gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff): Update to 4.0.6.
[source]: Add patches.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r-- | gnu/packages/image.scm | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index d3ed92fde8..bf120f0184 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> -;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> +;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014, 2015 Alex Kost <alezost@gmail.com> ;;; Copyright © 2014 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> @@ -131,13 +131,17 @@ maximum quality factor.") (define-public libtiff (package (name "libtiff") - (version "4.0.5") + (version "4.0.6") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.remotesensing.org/pub/libtiff/tiff-" version ".tar.gz")) (sha256 (base32 - "171hgy4mylwmvdm7gp6ffjva81m4j56v3fbqsbfl7avzxn1slpp2")))) + "136nf1rj9dp5jgv1p7z4dk0xy3wki1w0vfjbk82f645m0w4samsd")) + (patches (map search-patch + '("libtiff-oob-accesses-in-decode.patch" + "libtiff-oob-write-in-nextdecode.patch" + "libtiff-CVE-2015-8665+CVE-2015-8683.patch"))))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.3 MiB of HTML documentation |