gnu: libtiff: Fix CVE-2017-{9936,10688}.

* gnu/packages/patches/libtiff-CVE-2017-9936.patch, gnu/packages/patches/libtiff-CVE-2017-10688.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them. Signed-off-by: Leo Famulari <leo@famulari.name>
author: Alex Vong <alexvong1995@gmail.com> 2017-07-06 23:55:01 -0400
committer: Leo Famulari <leo@famulari.name> 2017-07-07 00:06:37 -0400
commit: dab536fe1ae5a8775a2b50fa50556445b6ac7818 (patch)
tree: 3fd81db4f5ba7935736a21d165f905d61c8dbe0f /gnu/packages/image.scm
parent: ab104672e15572ff5586ea607b1762e5dc35b2aa (diff)
download: patches-dab536fe1ae5a8775a2b50fa50556445b6ac7818.tar
patches-dab536fe1ae5a8775a2b50fa50556445b6ac7818.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 8a03cbc3c7..fe9d2d5b13 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -391,7 +391,9 @@ collection of tools for doing simple manipulations of TIFF images.")
        (method url-fetch)
        (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-"
                            version ".tar.gz"))
-       (patches (search-patches "libtiff-tiffgetfield-bugs.patch"))
+       (patches (search-patches "libtiff-tiffgetfield-bugs.patch"
+                                "libtiff-CVE-2016-10688.patch"
+                                "libtiff-CVE-2017-9936.patch"))
        (sha256
         (base32
          "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))))
author	Alex Vong <alexvong1995@gmail.com>	2017-07-06 23:55:01 -0400
committer	Leo Famulari <leo@famulari.name>	2017-07-07 00:06:37 -0400
commit	dab536fe1ae5a8775a2b50fa50556445b6ac7818 (patch)
tree	3fd81db4f5ba7935736a21d165f905d61c8dbe0f /gnu/packages/image.scm
parent	ab104672e15572ff5586ea607b1762e5dc35b2aa (diff)
download	patches-dab536fe1ae5a8775a2b50fa50556445b6ac7818.tar patches-dab536fe1ae5a8775a2b50fa50556445b6ac7818.tar.gz