summary refs log tree commit diff
path: root/gnu/packages/gtk.scm
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2016-11-28 19:25:21 +0200
committerEfraim Flashner <efraim@flashner.co.il>2016-11-29 09:45:48 +0200
commitc51d926c740f98883ce3332852e826f57fdf4566 (patch)
tree288bd18a68556ea3a4b8bf876876fbf01b5f2b99 /gnu/packages/gtk.scm
parenteb55f018219e5912fc5606c4e1881a64f8fa5710 (diff)
downloadguix-c51d926c740f98883ce3332852e826f57fdf4566.tar.gz
gnu: cairo: Fix CVE-2016-9082.
* gnu/packages/gtk.scm (cairo)[replacement]: New field.
(cairo/fixed): New variable.
(cairo-xcb)[source]: Use patch.
[replacement]: New field, set false.
* gnu/packages/pdf.scm (poppler)[inputs]: Custom cairo should be
replaced by a new custom patched cairo.
* gnu/packages/patches/cairo-CVE-2016-9082.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
Diffstat (limited to 'gnu/packages/gtk.scm')
-rw-r--r--gnu/packages/gtk.scm12
1 files changed, 12 insertions, 0 deletions
diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
index 17bd9c9b00..8a258b54cc 100644
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@@ -100,6 +100,7 @@ tools have full access to view and control running applications.")
 (define-public cairo
   (package
    (name "cairo")
+   (replacement cairo/fixed)
    (version "1.14.6")
    (source (origin
             (method url-fetch)
@@ -153,6 +154,10 @@ affine transformation (scale, rotation, shear, etc.).")
   (package
     (inherit cairo)
     (name "cairo-xcb")
+    (source (origin
+              (inherit (package-source cairo))
+              (patches (search-patches "cairo-CVE-2016-9082.patch"))))
+    (replacement #f)
     (inputs
      `(("mesa" ,mesa)
        ,@(package-inputs cairo)))
@@ -162,6 +167,13 @@ affine transformation (scale, rotation, shear, etc.).")
        '("--enable-xlib-xcb" "--enable-gl" "--enable-egl")))
     (synopsis "2D graphics library (with X11 support)")))
 
+(define cairo/fixed
+  (package
+    (inherit cairo)
+    (source (origin
+              (inherit (package-source cairo))
+              (patches (search-patches "cairo-CVE-2016-9082.patch"))))))
+
 (define-public harfbuzz
   (package
    (name "harfbuzz")