From 6320700b114f09c09fbe613e2032abe077d28583 Mon Sep 17 00:00:00 2001 From: Léo Le Bouter Date: Wed, 10 Mar 2021 00:45:48 +0100 Subject: gnu: libtiff: Update to 4.2.0 [security fixes]. Non-exhaustively, fixes CVE-2020-35523, CVE-2020-35522 and CVE-2020-35521. * gnu/packages/image.scm (libtiff/fixed): New variable. (libtiff)[replacement]: Graft. --- gnu/packages/image.scm | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'gnu/packages') diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index a68ff66448..94d5e4d358 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -590,6 +590,7 @@ (define-public libtiff (sha256 (base32 "0d46bdvxdiv59lxnb0xz9ywm8arsr6xsapi5s6y6vnys2wjz6aax")))) + (replacement libtiff/fixed) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.3 MiB of HTML documentation @@ -612,6 +613,19 @@ (define-public libtiff "See COPYRIGHT in the distribution.")) (home-page "http://www.simplesystems.org/libtiff/"))) +(define-public libtiff/fixed + (package + (inherit libtiff) + (version "4.2.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://download.osgeo.org/libtiff/tiff-" + version ".tar.gz")) + (sha256 + (base32 + "1jrkjv0xya9radddn8idxvs2gqzp3l2b1s8knlizmn7ad3jq817b")))))) + (define-public leptonica (package (name "leptonica") -- cgit v1.2.3