diff options
author | Leo Famulari <leo@famulari.name> | 2016-05-31 13:23:17 -0400 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2016-05-31 13:33:09 -0400 |
commit | 4d93a76138246ba1f9d6f81da4039e89e14570be (patch) | |
tree | 1a2335254f0f4574bdfae3505c37b7a1bc533c23 /gnu/packages/patches | |
parent | 151afd84dc9bf8f13de79a689f7f163fba7254ec (diff) | |
download | guix-4d93a76138246ba1f9d6f81da4039e89e14570be.tar.gz |
gnu: graphicsmagick: Update to 1.3.24 [security update].
Fixes CVE-2016-{2317, 2318, 5118} and many other security issues described in 'NEWS.txt'. * gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. * gnu/packages/imagemagick.scm (graphicsmagick): Update to 1.3.24. [source]: Remove patch.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch b/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch deleted file mode 100644 index ddd1ce93f4..0000000000 --- a/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch +++ /dev/null @@ -1,19 +0,0 @@ -Fix CVE-2016-5118 (popen() shell vulnerability via filename). - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118 - -Upstream patch copied from the bug announcement: -http://seclists.org/oss-sec/2016/q2/432 -https://marc.info/?l=oss-security&m=146455222600609&w=2 - -diff -r 33200fc645f6 magick/blob.c ---- a/magick/blob.c Sat Nov 07 14:49:16 2015 -0600 -+++ b/magick/blob.c Sun May 29 14:12:57 2016 -0500 -@@ -68,6 +68,7 @@ - */ - #define DefaultBlobQuantum 65541 - -+#undef HAVE_POPEN - - /* - Enum declarations. |