From 0e8b7b1c351a2307bfc33211b4d76dbe7dfa01ef Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sun, 11 Dec 2016 01:29:06 -0500
Subject: gnu: openjpeg: Update replacement to 2.1.2 [fixes
 CVE-2016-{7445,8332}].

* gnu/packages/image.scm (openjpeg/fixed): Replace variable with ...
(openjpeg-2.1.2): ... this.
[patches]: Remove patches inherited from openjpeg.
(openjpeg)[replacement]: Replace with openjpeg-2.1.2.
---
 gnu/packages/image.scm | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index b9669ce177..86afb7320b 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -444,7 +444,7 @@ work.")
 (define-public openjpeg
   (package
     (name "openjpeg")
-    (replacement openjpeg/fixed)
+    (replacement openjpeg-2.1.2)
     (version "2.1.1")
     (source
       (origin
@@ -481,16 +481,20 @@ error-resilience, a Java-viewer for j2k-images, ...")
     (home-page "https://github.com/uclouvain/openjpeg")
     (license license:bsd-2)))
 
-(define openjpeg/fixed
+(define openjpeg-2.1.2
   (package
     (inherit openjpeg)
+    (version "2.1.2")
     (source
       (origin
-        (inherit (package-source openjpeg))
+        (method url-fetch)
+        (uri (string-append "https://github.com/uclouvain/openjpeg/archive/v"
+                            version ".tar.gz"))
+        (sha256
+         (base32
+          "19yz4g0c45sm8y1z01j9djsrl1mkz3pmw7fykc6hkvrqymp7prsc"))
         (patches
-          (append
-            (origin-patches (package-source openjpeg))
-            (search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch")))))))
+          (search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch"))))))
 
 (define-public openjpeg-1
   (package (inherit openjpeg)
-- 
cgit v1.2.3