aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2016-01-21 00:28:03 -0500
committerMark H Weaver <mhw@netris.org>2016-01-21 00:30:15 -0500
commit86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1 (patch)
tree9d0ee514085917f8bad1ec34754197cde838295a /gnu/packages/image.scm
parenta2190cccc2f2b371cf4a4259519ee3466f2f63ac (diff)
downloadguix-86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1.tar
guix-86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1.tar.gz
gnu: libtiff: Update to 4.0.6. Add fixes for CVE-2015-{8665,8683}.
* gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch, gnu/packages/patches/libtiff-oob-accesses-in-decode.patch, gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff): Update to 4.0.6. [source]: Add patches.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm10
1 files changed, 7 insertions, 3 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index d3ed92fde8..bf120f0184 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015 Alex Kost <alezost@gmail.com>
;;; Copyright © 2014 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
@@ -131,13 +131,17 @@ maximum quality factor.")
(define-public libtiff
(package
(name "libtiff")
- (version "4.0.5")
+ (version "4.0.6")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.remotesensing.org/pub/libtiff/tiff-"
version ".tar.gz"))
(sha256 (base32
- "171hgy4mylwmvdm7gp6ffjva81m4j56v3fbqsbfl7avzxn1slpp2"))))
+ "136nf1rj9dp5jgv1p7z4dk0xy3wki1w0vfjbk82f645m0w4samsd"))
+ (patches (map search-patch
+ '("libtiff-oob-accesses-in-decode.patch"
+ "libtiff-oob-write-in-nextdecode.patch"
+ "libtiff-CVE-2015-8665+CVE-2015-8683.patch")))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.3 MiB of HTML documentation