From 0b18c0b0de9aabb12b4c1503303e4dde410f6470 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Wed, 7 Feb 2018 03:01:11 -0500
Subject: gnu: mupdf: Fix CVE-2017-17858.

* gnu/packages/patches/mupdf-CVE-2017-17858.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/pdf.scm (mupdf)[source]: Use it.
---
 gnu/packages/pdf.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/pdf.scm')

diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index 96773da717..9730e6150c 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -584,7 +584,8 @@ extracting content or merging files.")
         (method url-fetch)
         (uri (string-append "https://mupdf.com/downloads/archive/"
                             name "-" version "-source.tar.xz"))
-        (patches (search-patches "mupdf-build-with-latest-openjpeg.patch"))
+        (patches (search-patches "mupdf-build-with-latest-openjpeg.patch"
+                                 "mupdf-CVE-2017-17858.patch"))
         (sha256
          (base32
           "0b9j0gqbc3jhmx87r6idcsh8lnb30840c3hyx6dk2gdjqqh3hysp"))
-- 
cgit v1.2.3