summary refs log tree commit diff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-06-14 22:26:15 -0400
committerLeo Famulari <leo@famulari.name>2017-06-15 11:28:21 -0400
commit8d138ea087104479dc7f4b72e6ad16e212106cfd (patch)
tree6b045b1342d243c0f76b7fb10e92a0931b0b5d5a /gnu/packages/image.scm
parentec7e9eeae6167bc5b16673d448e710468216ca05 (diff)
downloadguix-8d138ea087104479dc7f4b72e6ad16e212106cfd.tar.gz
gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].
Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.

* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm1
1 files changed, 1 insertions, 0 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index abac17d6d7..b94c006b15 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -393,6 +393,7 @@ collection of tools for doing simple manipulations of TIFF images.")
        (method url-fetch)
        (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-"
                            version ".tar.gz"))
+       (patches (search-patches "libtiff-tiffgetfield-bugs.patch"))
        (sha256
         (base32
          "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))))