summary refs log tree commit diff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-23 15:34:16 -0400
committerLeo Famulari <leo@famulari.name>2016-08-29 20:20:52 -0400
commited5940b6172bbdf5b4787183b19623219f6c7347 (patch)
treee2372977a36958f4d1e433e41062ea86ec58ce28 /gnu/packages/image.scm
parent9c85fea912df843cf223cf14e765a553043c354a (diff)
downloadguix-ed5940b6172bbdf5b4787183b19623219f6c7347.tar.gz
gnu: libtiff: Fix CVE-2016-{3623,3945,3990,3991,5321,5323}.
* gnu/packages/image.scm (libtiff)[replacement]: New field.
(libtiff/fixed): New variable.
* gnu/packages/patches/libtiff-CVE-2016-3623.patch,
gnu/packages/patches/libtiff-CVE-2016-3945.patch,
gnu/packages/patches/libtiff-CVE-2016-3990.patch,
gnu/packages/patches/libtiff-CVE-2016-3991.patch,
gnu/packages/patches/libtiff-CVE-2016-5321.patch,
gnu/packages/patches/libtiff-CVE-2016-5323.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm17
1 files changed, 17 insertions, 0 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 7d72492b1a..72a3204ae6 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -150,6 +150,7 @@ maximum quality factor.")
 (define-public libtiff
   (package
    (name "libtiff")
+   (replacement libtiff/fixed)
    (version "4.0.6")
    (source (origin
             (method url-fetch)
@@ -182,6 +183,22 @@ collection of tools for doing simple manipulations of TIFF images.")
                                   "See COPYRIGHT in the distribution."))
    (home-page "http://www.remotesensing.org/libtiff/")))
 
+(define libtiff/fixed
+  (package
+    (inherit libtiff)
+    (source (origin
+              (inherit (package-source libtiff))
+              (patches (search-patches
+                         "libtiff-oob-accesses-in-decode.patch"
+                         "libtiff-oob-write-in-nextdecode.patch"
+                         "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
+                         "libtiff-CVE-2016-3623.patch"
+                         "libtiff-CVE-2016-3945.patch"
+                         "libtiff-CVE-2016-3990.patch"
+                         "libtiff-CVE-2016-3991.patch"
+                         "libtiff-CVE-2016-5321.patch"
+                         "libtiff-CVE-2016-5323.patch"))))))
+
 (define-public libwmf
   (package
     (name "libwmf")