summary refs log tree commit diff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-10-30 19:19:21 -0400
committerLeo Famulari <leo@famulari.name>2016-10-30 19:19:21 -0400
commit205f0107bb894745ee740227c090ff90ee599915 (patch)
tree08b2ddba47ce404468d6aba31b768e013dfb1fa3 /gnu/packages/image.scm
parenta8dd960ac0c68957dac281812f0d16f1295a6eaa (diff)
parentb89cbf5832fd920ef85002041bc690204b0174a3 (diff)
downloadguix-205f0107bb894745ee740227c090ff90ee599915.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm19
1 files changed, 19 insertions, 0 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 43e8622c76..6cfc6e5be1 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -186,6 +186,7 @@ extracting icontainer icon files.")
 (define-public libtiff
   (package
    (name "libtiff")
+   (replacement libtiff/fixed)
    (version "4.0.6")
    (source (origin
             (method url-fetch)
@@ -225,6 +226,24 @@ collection of tools for doing simple manipulations of TIFF images.")
                                   "See COPYRIGHT in the distribution."))
    (home-page "http://www.remotesensing.org/libtiff/")))
 
+(define libtiff/fixed
+  (package
+    (inherit libtiff)
+    (source (origin
+              (inherit (package-source libtiff))
+              (patches (search-patches
+                         "libtiff-oob-accesses-in-decode.patch"
+                         "libtiff-oob-write-in-nextdecode.patch"
+                         "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
+                         "libtiff-CVE-2016-3623.patch"
+                         "libtiff-CVE-2016-3945.patch"
+                         "libtiff-CVE-2016-3990.patch"
+                         "libtiff-CVE-2016-3991.patch"
+                         "libtiff-CVE-2016-5314.patch"
+                         "libtiff-CVE-2016-5321.patch"
+                         "libtiff-CVE-2016-5323.patch"
+                         "libtiff-CVE-2016-5652.patch"))))))
+
 (define-public libwmf
   (package
     (name "libwmf")