diff options
Diffstat (limited to 'gnu/packages')
-rw-r--r-- | gnu/packages/gtk.scm | 29 | ||||
-rw-r--r-- | gnu/packages/patches/gdk-pixbuf-list-dir.patch | 35 |
2 files changed, 3 insertions, 61 deletions
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index d7c18f90e1..2d95fada21 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -9,7 +9,7 @@ ;;; Copyright © 2015 Andy Wingo <wingo@igalia.com> ;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com> ;;; Coypright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net> -;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Fabian Harfert <fhmgufs@web.de> ;;; Copyright © 2016 Kei Kebreau <kkebreau@posteo.net> ;;; Copyright © 2016 Patrick Hetu <patrick.hetu@auf.org> @@ -427,8 +427,7 @@ highlighting and other features typical of a source code editor.") (define-public gdk-pixbuf (package (name "gdk-pixbuf") - (replacement gdk-pixbuf-2.36.10) - (version "2.36.6") + (version "2.36.10") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" @@ -436,8 +435,7 @@ highlighting and other features typical of a source code editor.") name "-" version ".tar.xz")) (sha256 (base32 - "034279k49ydawnagqd7b1rz741n20k4y3grybzwp26zd146bjpj5")) - (patches (search-patches "gdk-pixbuf-list-dir.patch")))) + "1klsjkdbashd8yb8xjsc9ff3bz32n2id5s79nrrmqiw9df4zmxpq")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--with-x11") @@ -484,7 +482,6 @@ in the GNOME project.") (define-public gdk-pixbuf+svg (package (inherit gdk-pixbuf) (name "gdk-pixbuf+svg") - (replacement gdk-pixbuf+svg-2.36.10) (inputs `(("librsvg" ,librsvg) ,@(package-inputs gdk-pixbuf))) @@ -508,26 +505,6 @@ in the GNOME project.") (synopsis "GNOME image loading and manipulation library, with SVG support"))) -;; Graft replacement packages to fix these vulnerabilities. -;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2862 -;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2870 -;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6311 -(define-public gdk-pixbuf-2.36.10 - (package (inherit gdk-pixbuf) - (version "2.36.A") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnome/sources/gdk-pixbuf/2.36/" - "gdk-pixbuf-2.36.10.tar.xz")) - (sha256 - (base32 - "1klsjkdbashd8yb8xjsc9ff3bz32n2id5s79nrrmqiw9df4zmxpq")))))) - -(define-public gdk-pixbuf+svg-2.36.10 - (package (inherit gdk-pixbuf+svg) - (version "2.36.A") - (source (origin (inherit (package-source gdk-pixbuf-2.36.10)))))) - (define-public at-spi2-core (package (name "at-spi2-core") diff --git a/gnu/packages/patches/gdk-pixbuf-list-dir.patch b/gnu/packages/patches/gdk-pixbuf-list-dir.patch deleted file mode 100644 index 137914a19c..0000000000 --- a/gnu/packages/patches/gdk-pixbuf-list-dir.patch +++ /dev/null @@ -1,35 +0,0 @@ -Sort directory entries so that the output of -‘gdk-pixbuf-query-loaders’ is deterministic. - -See: https://bugzilla.gnome.org/show_bug.cgi?id=777332 ---- gdk-pixbuf-2.34.0/gdk-pixbuf/queryloaders.c.orig 2017-01-11 00:17:32.865843062 +0100 -+++ gdk-pixbuf-2.34.0/gdk-pixbuf/queryloaders.c 2017-01-16 16:12:03.420667874 +0100 -@@ -354,16 +354,27 @@ - - dir = g_dir_open (path, 0, NULL); - if (dir) { -+ GList *entries = NULL; - const char *dent; - - while ((dent = g_dir_read_name (dir))) { - gint len = strlen (dent); - if (len > SOEXT_LEN && - strcmp (dent + len - SOEXT_LEN, SOEXT) == 0) { -- query_module (contents, path, dent); -+ entries = g_list_append (entries, g_strdup (dent)); - } - } - g_dir_close (dir); -+ /* Sort directory entries so that the output of -+ ‘gdk-pixbuf-query-loaders’ is deterministic. */ -+ entries = g_list_sort (entries, (GCompareFunc) strcmp); -+ GList *xentries; -+ for (xentries = entries; xentries; xentries = g_list_next (xentries)) { -+ dent = xentries->data; -+ query_module (contents, path, dent); -+ g_free (xentries->data); -+ } -+ g_list_free (entries); - } - #else - g_string_append_printf (contents, "# dynamic loading of modules not supported\n"); |