summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-29 20:58:13 -0400
committerLeo Famulari <leo@famulari.name>2016-08-29 21:04:17 -0400
commit568230c3787002af8c174838c334e39f0128a2bb (patch)
tree87527c7b927ab5247f8d9195c4f66ecea9f8365b
parent4b4fc92fe59833701b3a023fb4befde8196424cb (diff)
downloadguix-568230c3787002af8c174838c334e39f0128a2bb.tar.gz
gnu: libtiff: Incorporate grafted security patches.
* gnu/packages/image.scm (libtiff)[source]: Add patches from libtiff/fixed.
[replacement]: Remove field.
(libtiff/fixed): Remove variable.
-rw-r--r--gnu/packages/image.scm27
1 files changed, 8 insertions, 19 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 4fdc4ae252..067759b522 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -150,7 +150,6 @@ maximum quality factor.")
 (define-public libtiff
   (package
    (name "libtiff")
-   (replacement libtiff/fixed)
    (version "4.0.6")
    (source (origin
             (method url-fetch)
@@ -161,7 +160,14 @@ maximum quality factor.")
             (patches (search-patches
                       "libtiff-oob-accesses-in-decode.patch"
                       "libtiff-oob-write-in-nextdecode.patch"
-                      "libtiff-CVE-2015-8665+CVE-2015-8683.patch"))))
+                      "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
+                      "libtiff-CVE-2016-3623.patch"
+                      "libtiff-CVE-2016-3945.patch"
+                      "libtiff-CVE-2016-3990.patch"
+                      "libtiff-CVE-2016-3991.patch"
+                      "libtiff-CVE-2016-5314.patch"
+                      "libtiff-CVE-2016-5321.patch"
+                      "libtiff-CVE-2016-5323.patch"))))
    (build-system gnu-build-system)
    (outputs '("out"
               "doc"))                           ;1.3 MiB of HTML documentation
@@ -183,23 +189,6 @@ collection of tools for doing simple manipulations of TIFF images.")
                                   "See COPYRIGHT in the distribution."))
    (home-page "http://www.remotesensing.org/libtiff/")))
 
-(define libtiff/fixed
-  (package
-    (inherit libtiff)
-    (source (origin
-              (inherit (package-source libtiff))
-              (patches (search-patches
-                         "libtiff-oob-accesses-in-decode.patch"
-                         "libtiff-oob-write-in-nextdecode.patch"
-                         "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
-                         "libtiff-CVE-2016-3623.patch"
-                         "libtiff-CVE-2016-3945.patch"
-                         "libtiff-CVE-2016-3990.patch"
-                         "libtiff-CVE-2016-3991.patch"
-                         "libtiff-CVE-2016-5314.patch"
-                         "libtiff-CVE-2016-5321.patch"
-                         "libtiff-CVE-2016-5323.patch"))))))
-
 (define-public libwmf
   (package
     (name "libwmf")