diff options
author | Kei Kebreau <kei@openmailbox.org> | 2017-05-06 10:45:57 -0400 |
---|---|---|
committer | Kei Kebreau <kei@openmailbox.org> | 2017-05-07 06:57:53 -0400 |
commit | 484f7a886219ed6d7633c6ee71fc802d677d14ed (patch) | |
tree | a22f4a67fb66ddb9e3d2a42ee366d6150d295bc6 /gnu/packages/image.scm | |
parent | 8e815c5b6903a545c46b674c1cd1cc3180f835db (diff) | |
download | patches-484f7a886219ed6d7633c6ee71fc802d677d14ed.tar patches-484f7a886219ed6d7633c6ee71fc802d677d14ed.tar.gz |
gnu: libtiff: Add fixes several security flaws.
Fixes CVE-2017-{7593, 7594, 7595, 7596, 7597, 7598, 7599, 7600, 7601, 7602}.
* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff)[replacement]: New field.
(libtiff/fixed): New variable.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r-- | gnu/packages/image.scm | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 2027395ca6..1a1108563d 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net> -;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org> +;;; Copyright © 2016, 2017 Kei Kebreau <kei@openmailbox.org> ;;; Copyright © 2017 ng0 <contact.ng0@cryptolab.net> ;;; ;;; This file is part of GNU Guix. @@ -299,6 +299,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") + (replacement libtiff/fixed) (version "4.0.7") (source (origin (method url-fetch) @@ -347,6 +348,19 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.simplesystems.org/libtiff/"))) +(define libtiff/fixed + (package + (inherit libtiff) + (source + (origin + (inherit (package-source libtiff)) + (patches + (append + (origin-patches (package-source libtiff)) + (search-patches "libtiff-CVE-2017-7593.patch" + "libtiff-CVE-2017-7594.patch" + "libtiff-multiple-UBSAN-crashes.patch"))))))) + (define-public libwmf (package (name "libwmf") |