gnu: libxrender: Fix CVE-2016-{7949,7950}.

* gnu/packages/patches/libxrender-CVE-2016-7949.patch,
gnu/packages/patches/libxrender-CVE-2016-7950.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/xorg.scm (libxrender)[replacement]: New field.
(libxrender/fixed): New variable.

1 files changed, 9 insertions, 0 deletions

diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index b6cfbd6e27..2df6631e2a 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -4602,6 +4602,7 @@ cannot be adequately worked around on the client side of the wire.")
 (define-public libxrender
   (package
     (name "libxrender")
+    (replacement libxrender/fixed)
     (version "0.9.9")
     (source
       (origin
@@ -4626,6 +4627,14 @@ cannot be adequately worked around on the client side of the wire.")
     (description "Library for the Render Extension to the X11 protocol.")
     (license license:x11)))
 
+(define libxrender/fixed
+  (package
+    (inherit libxrender)
+    (source (origin
+              (inherit (package-source libxrender))
+              (patches (search-patches
+                         "libxrender-CVE-2016-7949.patch"
+                         "libxrender-CVE-2016-7950.patch"))))))
 
 (define-public libxtst
   (package