summary refs log tree commit diff
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2017-11-30 23:46:55 +0200
committerEfraim Flashner <efraim@flashner.co.il>2017-12-10 21:59:08 +0200
commit9c2d2c13ce1f080dd8cff6a451625883fe6abab3 (patch)
tree62f7b771ed4387be6aa8e43f446731f1dbf5b9be
parentf4007b25476dfd97885f358d2dabbd463f6f6017 (diff)
downloadguix-9c2d2c13ce1f080dd8cff6a451625883fe6abab3.tar.gz
gnu: t1lib: Change how patched CVEs are listed.
* gnu/packages/fontutils.scm (t1lib)[source]: Change patch name.
[properties]: New field, register patched CVEs.
* gnu/packages/patches/CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch:
Rename to CVE-2011-1552+.patch.
* gnu/local.mk (dist_patch_DATA): Change patch name.
-rw-r--r--gnu/local.mk2
-rw-r--r--gnu/packages/fontutils.scm8
-rw-r--r--gnu/packages/patches/t1lib-CVE-2011-1552+.patch (renamed from gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch)0
3 files changed, 7 insertions, 3 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 22f2a8f927..13ad483242 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1071,7 +1071,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/synfigstudio-fix-ui-with-gtk3.patch 	\
   %D%/packages/patches/t1lib-CVE-2010-2642.patch		\
   %D%/packages/patches/t1lib-CVE-2011-0764.patch		\
-  %D%/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch		\
+  %D%/packages/patches/t1lib-CVE-2011-1552+.patch		\
   %D%/packages/patches/tar-CVE-2016-6321.patch			\
   %D%/packages/patches/tar-skip-unreliable-tests.patch		\
   %D%/packages/patches/tcl-mkindex-deterministic.patch		\
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index f20eb45f18..19d5171956 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -303,9 +303,13 @@ high quality, anti-aliased and subpixel rendered text on a display.")
             (sha256 (base32
                      "0nbvjpnmcznib1nlgg8xckrmsw3haa154byds2h90y2g0nsjh4w2"))
             (patches (search-patches
-                       "t1lib-CVE-2010-2642.patch"
+                       "t1lib-CVE-2010-2642.patch" ; 2011-0443, 2011-5244
                        "t1lib-CVE-2011-0764.patch"
-                       "t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch"))))
+                       "t1lib-CVE-2011-1552+.patch")))) ; 2011-1553, 2011-1554
+   (properties `((lint-hidden-cve . ("CVE-2011-0433"
+                                     "CVE-2011-1553"
+                                     "CVE-2011-1554"
+                                     "CVE-2011-5244"))))
    (build-system gnu-build-system)
    (arguments
     ;; Making the documentation requires latex, but t1lib is also an input
diff --git a/gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch b/gnu/packages/patches/t1lib-CVE-2011-1552+.patch
index aaa31f7b93..aaa31f7b93 100644
--- a/gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch
+++ b/gnu/packages/patches/t1lib-CVE-2011-1552+.patch