diff options
| author | Leo Famulari <leo@famulari.name> | 2018-04-30 16:29:36 -0400 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2018-04-30 21:07:58 -0400 |
| commit | 9eecf9bc13bd3746ce5a073c59920110c6cf3dd7 (patch) | |
| tree | f084bd5e0d0f84eba0e0de17b96bffeed5b12a32 /gnu/packages/patches/gimp-CVE-2017-17787.patch | |
| parent | 08a752526df91de3a1779ccaa0946833618d775d (diff) | |
| download | guix-9eecf9bc13bd3746ce5a073c59920110c6cf3dd7.tar guix-9eecf9bc13bd3746ce5a073c59920110c6cf3dd7.tar.gz | |
gnu: gimp: Update to 2.10.0.
* gnu/packages/gimp.scm (gimp): Update to 2.10.0.
[inputs]: Add glib-networking, gexiv2, libmypaint, mypaint-brushes and
poppler-data.
[native-inputs]: Add glib:bin.
[source]: Remove obsolete patches and use HTTPS URL.
[home-page]: Use HTTPS URL.
* gnu/packages/patches/gimp-CVE-2017-17784.patch,
gnu/packages/patches/gimp-CVE-2017-17785.patch,
gnu/packages/patches/gimp-CVE-2017-17786.patch,
gnu/packages/patches/gimp-CVE-2017-17787.patch,
gnu/packages/patches/gimp-CVE-2017-17789.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/patches/gimp-CVE-2017-17787.patch')
| -rw-r--r-- | gnu/packages/patches/gimp-CVE-2017-17787.patch | 42 |
1 files changed, 0 insertions, 42 deletions
diff --git a/gnu/packages/patches/gimp-CVE-2017-17787.patch b/gnu/packages/patches/gimp-CVE-2017-17787.patch deleted file mode 100644 index b5310d33d9..0000000000 --- a/gnu/packages/patches/gimp-CVE-2017-17787.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix CVE-2017-17787: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787 -https://bugzilla.gnome.org/show_bug.cgi?id=790853 - -Patch copied from upstream source repository: - -https://git.gnome.org/browse/gimp/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d - -From 87ba505fff85989af795f4ab6a047713f4d9381d Mon Sep 17 00:00:00 2001 -From: Jehan <jehan@girinstud.io> -Date: Thu, 21 Dec 2017 12:49:41 +0100 -Subject: [PATCH] Bug 790853 - (CVE-2017-17787) heap overread in psp importer. - -As any external data, we have to check that strings being read at fixed -length are properly nul-terminated. - -(cherry picked from commit eb2980683e6472aff35a3117587c4f814515c74d) ---- - plug-ins/common/file-psp.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c -index 4cbafe37b1..e350e4d88d 100644 ---- a/plug-ins/common/file-psp.c -+++ b/plug-ins/common/file-psp.c -@@ -890,6 +890,12 @@ read_creator_block (FILE *f, - g_free (string); - return -1; - } -+ if (string[length - 1] != '\0') -+ { -+ g_message ("Creator keyword data not nul-terminated"); -+ g_free (string); -+ return -1; -+ } - switch (keyword) - { - case PSP_CRTR_FLD_TITLE: --- -2.15.1 - |