summary refs log tree commit diff
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2020-10-22 21:20:47 +0200
committerTobias Geerinckx-Rice <me@tobias.gr>2020-10-22 21:23:50 +0200
commitd32b210f282ef74caf9890e1d4ffe8eb04bd64e5 (patch)
treea92b3946faaa870ab1a4c7129579c39cb1df3b5e
parent910ea2e1d281ef4096c8fdec24be5d1e67da0260 (diff)
downloadguix-d32b210f282ef74caf9890e1d4ffe8eb04bd64e5.tar.gz
gnu: freetype: Replace with 2.10.4 [fixes CVE-2020-15999].
* gnu/packages/fontutils.scm (freetype)[replacement]: New field, set to...
(freetype/fixed): ...this new variable.
-rw-r--r--gnu/packages/fontutils.scm16
1 files changed, 15 insertions, 1 deletions
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index b3852fe093..eec5093dea 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2017 Nikita <nikita@n0.is>
-;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2018, 2019 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2019, 2020 Marius Bakke <mbakke@fastmail.com>
@@ -69,6 +69,7 @@
   (package
    (name "freetype")
    (version "2.10.1")
+   (replacement freetype/fixed)
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://savannah/freetype/freetype-"
@@ -97,6 +98,19 @@ anti-aliased glyph bitmap generation with 256 gray levels.")
    (license license:freetype)           ; some files have other licenses
    (home-page "https://www.freetype.org/")))
 
+(define freetype/fixed
+  ;; Security fix for CVE-2020-15999.
+  (package
+    (inherit freetype)
+    (version "2.10.4")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "mirror://savannah/freetype/freetype-"
+                           version ".tar.xz"))
+       (sha256
+        (base32 "112pyy215chg7f7fmp2l9374chhhpihbh8wgpj5nj6avj3c59a46"))))))
+
 (define-public ttfautohint
   (package
     (name "ttfautohint")