From 0f97e7e5cdd4cbe75cdec99305a689a5f357a83a Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Fri, 9 Sep 2016 01:48:50 -0400
Subject: gnu: openjpeg-2.*: Fix CVE-2016-7163.

* gnu/packages/patches/openjpeg-CVE-2016-7163.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg, openjpeg-2.0): Use it.
---
 gnu/packages/image.scm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index aafe705d59..be0bb6feac 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -390,7 +390,8 @@ work.")
         (file-name (string-append name "-" version ".tar.gz"))
         (sha256
          (base32
-          "1anv0rjkbxw9kx91wvlfpb3dhppibda6kb1papny46bjzi3pzhl2"))))
+          "1anv0rjkbxw9kx91wvlfpb3dhppibda6kb1papny46bjzi3pzhl2"))
+        (patches (search-patches "openjpeg-CVE-2016-7163.patch"))))
     (build-system cmake-build-system)
     (arguments
       ;; Trying to run `$ make check' results in a no rule fault.
@@ -427,7 +428,8 @@ error-resilience, a Java-viewer for j2k-images, ...")
        (sha256
         (base32 "1c2xc3nl2mg511b63rk7hrckmy14681p1m44mzw3n1fyqnjm0b0z"))
        (patches (search-patches "openjpeg-use-after-free-fix.patch"
-                                "openjpeg-CVE-2015-6581.patch"))))))
+                                "openjpeg-CVE-2015-6581.patch"
+                                "openjpeg-CVE-2016-7163.patch"))))))
 
 (define-public openjpeg-1
   (package (inherit openjpeg)
-- 
cgit v1.2.3