summary refs log tree commit diff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-07-07 00:31:08 -0400
committerLeo Famulari <leo@famulari.name>2017-07-10 13:31:58 -0400
commit61adfb00b11cc16a70e60f19fd8e0a838a3ef608 (patch)
tree810e892a251a6f61377422b8ea83c3db8ef7aebc /gnu/packages/image.scm
parent625e7cd654418aa8c5af9f49189d67b9d550b8ea (diff)
downloadguix-61adfb00b11cc16a70e60f19fd8e0a838a3ef608.tar.gz
gnu: libtiff: Fix two integer overflows.
* gnu/packages/patches/libtiff-tiffycbcrtorgb-integer-overflow.patch,
gnu/packages/patches/libtiff-tiffycbcrtorgbinit-integer-overflow.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm4
1 files changed, 3 insertions, 1 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index a9e005768f..139be62819 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -393,7 +393,9 @@ collection of tools for doing simple manipulations of TIFF images.")
                            version ".tar.gz"))
        (patches (search-patches "libtiff-tiffgetfield-bugs.patch"
                                 "libtiff-CVE-2016-10688.patch"
-                                "libtiff-CVE-2017-9936.patch"))
+                                "libtiff-CVE-2017-9936.patch"
+                                "libtiff-tiffycbcrtorgb-integer-overflow.patch"
+                                "libtiff-tiffycbcrtorgbinit-integer-overflow.patch"))
        (sha256
         (base32
          "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))))