1 files changed, 7 insertions, 18 deletions

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 548c1df44d..93668519a5 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -73,7 +73,7 @@
 (define-public libpng
   (package
    (name "libpng")
-   (version "1.6.29")
+   (version "1.6.34")
    (source (origin
             (method url-fetch)
             (uri (list (string-append "mirror://sourceforge/libpng/libpng16/"
@@ -86,7 +86,7 @@
                         "/libpng16/libpng-" version ".tar.xz")))
             (sha256
              (base32
-              "0fgjqp7x6jynacmqh6dj72cn6nnf6yxjfqqqfsxrx0pyx22bcia2"))))
+              "1xjr0v34fyjgnhvaa1zixcpx5yvxcg4zwvfh0fyklfyfj86rc7ig"))))
    (build-system gnu-build-system)
 
    ;; libpng.la says "-lz", so propagate it.
@@ -390,21 +390,15 @@ extracting icontainer icon files.")
 (define-public libtiff
   (package
    (name "libtiff")
-   (version "4.0.8")
+   (version "4.0.9")
    (source
      (origin
        (method url-fetch)
        (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-"
                            version ".tar.gz"))
-       (patches
-         (search-patches "libtiff-tiffgetfield-bugs.patch"
-                         "libtiff-CVE-2016-10688.patch"
-                         "libtiff-CVE-2017-9936.patch"
-                         "libtiff-tiffycbcrtorgb-integer-overflow.patch"
-                         "libtiff-tiffycbcrtorgbinit-integer-overflow.patch"))
        (sha256
         (base32
-         "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))
+         "1kfg4q01r4mqn7dj63ifhi6pmqzbf4xax6ni6kkk81ri5kndwyvf"))))
    (build-system gnu-build-system)
    (outputs '("out"
               "doc"))                           ;1.3 MiB of HTML documentation
@@ -483,20 +477,15 @@ arithmetic ops.")
 (define-public jbig2dec
   (package
     (name "jbig2dec")
-    (version "0.13")
+    (version "0.14")
     (source
       (origin
         (method url-fetch)
         (uri (string-append "http://downloads.ghostscript.com/public/" name "/"
                             name "-" version ".tar.gz"))
         (sha256
-          (base32 "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s"))
-        (patches (search-patches "jbig2dec-ignore-testtest.patch"
-                                 "jbig2dec-CVE-2016-9601.patch"
-                                 "jbig2dec-CVE-2017-7885.patch"
-                                 "jbig2dec-CVE-2017-7975.patch"
-                                 "jbig2dec-CVE-2017-7976.patch"))))
-
+          (base32 "0k01hp0q4275fj4rbr1gy64svfraw5w7wvwl08yjhvsnpb1rid11"))
+        (patches (search-patches "jbig2dec-ignore-testtest.patch"))))
     (build-system gnu-build-system)
     (synopsis "Decoder of the JBIG2 image compression format")
     (description