aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-23 15:34:16 -0400
committerLeo Famulari <leo@famulari.name>2016-08-29 20:20:52 -0400
commited5940b6172bbdf5b4787183b19623219f6c7347 (patch)
treee2372977a36958f4d1e433e41062ea86ec58ce28 /gnu/packages/image.scm
parent9c85fea912df843cf223cf14e765a553043c354a (diff)
downloadguix-ed5940b6172bbdf5b4787183b19623219f6c7347.tar
guix-ed5940b6172bbdf5b4787183b19623219f6c7347.tar.gz
gnu: libtiff: Fix CVE-2016-{3623,3945,3990,3991,5321,5323}.
* gnu/packages/image.scm (libtiff)[replacement]: New field. (libtiff/fixed): New variable. * gnu/packages/patches/libtiff-CVE-2016-3623.patch, gnu/packages/patches/libtiff-CVE-2016-3945.patch, gnu/packages/patches/libtiff-CVE-2016-3990.patch, gnu/packages/patches/libtiff-CVE-2016-3991.patch, gnu/packages/patches/libtiff-CVE-2016-5321.patch, gnu/packages/patches/libtiff-CVE-2016-5323.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm17
1 files changed, 17 insertions, 0 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 7d72492b1a..72a3204ae6 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -150,6 +150,7 @@ maximum quality factor.")
(define-public libtiff
(package
(name "libtiff")
+ (replacement libtiff/fixed)
(version "4.0.6")
(source (origin
(method url-fetch)
@@ -182,6 +183,22 @@ collection of tools for doing simple manipulations of TIFF images.")
"See COPYRIGHT in the distribution."))
(home-page "http://www.remotesensing.org/libtiff/")))
+(define libtiff/fixed
+ (package
+ (inherit libtiff)
+ (source (origin
+ (inherit (package-source libtiff))
+ (patches (search-patches
+ "libtiff-oob-accesses-in-decode.patch"
+ "libtiff-oob-write-in-nextdecode.patch"
+ "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
+ "libtiff-CVE-2016-3623.patch"
+ "libtiff-CVE-2016-3945.patch"
+ "libtiff-CVE-2016-3990.patch"
+ "libtiff-CVE-2016-3991.patch"
+ "libtiff-CVE-2016-5321.patch"
+ "libtiff-CVE-2016-5323.patch"))))))
+
(define-public libwmf
(package
(name "libwmf")