From 4f6815614097630dfe507df7bae768d37f3f0627 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 30 Aug 2017 23:41:08 +0200
Subject: gnu: gd: Replace with 2.2.5.

Fixes CVE-2017-6362 and CVE-2017-7890.

* gnu/packages/gd.scm (gd)[replacement]: New field.
(gd-2.2.5): New variable.
* gnu/packages/php.scm (gd-for-php): Remove variable
(php)[inputs]: Replace GD-FOR-PHP with GD-2.2.5.
* gnu/packages/patches/gd-CVE-2017-7890.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/packages/php.scm | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

(limited to 'gnu/packages/php.scm')

diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm
index d0afab0931..44fa78d624 100644
--- a/gnu/packages/php.scm
+++ b/gnu/packages/php.scm
@@ -49,17 +49,6 @@
   #:use-module (guix build-system gnu)
   #:use-module ((guix licenses) #:prefix license:))
 
-(define gd-for-php
-  (package
-    (inherit gd)
-    (source (origin
-             (inherit (package-source gd))
-             (patches 
-               (append
-                 (origin-patches (package-source gd))
-                 (search-patches "gd-CVE-2017-7890.patch")))))))
-
-
 (define-public php
   (package
     (name "php")
@@ -293,7 +282,7 @@
        ("curl" ,curl)
        ("cyrus-sasl" ,cyrus-sasl)
        ("freetype" ,freetype)
-       ("gd" ,gd-for-php)
+       ("gd" ,gd-2.2.5)
        ("gdbm" ,gdbm)
        ("glibc" ,glibc)
        ("gmp" ,gmp)
-- 
cgit v1.2.3


From 1cf306639ce85b59446e9a9b5a1ee344754680a6 Mon Sep 17 00:00:00 2001
From: Julien Lepiller <julien@lepiller.eu>
Date: Fri, 1 Sep 2017 14:15:09 +0200
Subject: gnu: php: Update to 7.1.9.

* gnu/packages/php.scm (php): Update to 7.1.9.
---
 gnu/packages/php.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'gnu/packages/php.scm')

diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm
index 44fa78d624..bcf1d00829 100644
--- a/gnu/packages/php.scm
+++ b/gnu/packages/php.scm
@@ -52,7 +52,7 @@
 (define-public php
   (package
     (name "php")
-    (version "7.1.8")
+    (version "7.1.9")
     (home-page "https://secure.php.net/")
     (source (origin
               (method url-fetch)
@@ -60,7 +60,7 @@
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1aramb6dm57pr2iz61id9vzfy7h5qkb6bf7dxhrwnjk0723qahw9"))
+                "130y50nawipd12nbs10661vzk8gvy7zsqcsxvj29mwaivm4a777c"))
               (modules '((guix build utils)))
               (snippet
                '(with-directory-excursion "ext"
-- 
cgit v1.2.3


From 41a1ac1b22577c786d1f23ec4475d4f0ffcde9c4 Mon Sep 17 00:00:00 2001
From: Julien Lepiller <julien@lepiller.eu>
Date: Thu, 28 Sep 2017 20:03:10 +0200
Subject: gnu: php: Update to 7.1.10.

* gnu/packages/php.scm (php): Update to 7.1.10.
---
 gnu/packages/php.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'gnu/packages/php.scm')

diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm
index bcf1d00829..fdea6c6d8f 100644
--- a/gnu/packages/php.scm
+++ b/gnu/packages/php.scm
@@ -52,7 +52,7 @@
 (define-public php
   (package
     (name "php")
-    (version "7.1.9")
+    (version "7.1.10")
     (home-page "https://secure.php.net/")
     (source (origin
               (method url-fetch)
@@ -60,7 +60,7 @@
                                   name "-" version ".tar.xz"))
               (sha256
                (base32
-                "130y50nawipd12nbs10661vzk8gvy7zsqcsxvj29mwaivm4a777c"))
+                "02y52ml1svksx6fclg47vim2hnsva3531db7msrhpb9f39vzm3ib"))
               (modules '((guix build utils)))
               (snippet
                '(with-directory-excursion "ext"
-- 
cgit v1.2.3