summary refs log tree commit diff
path: root/gnu/packages/pdf.scm
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-11-07 22:56:53 -0500
committerLeo Famulari <leo@famulari.name>2016-11-08 11:03:14 -0500
commit667e777b4e4b7303b6f30a001fe2539b7207b65b (patch)
treedbe21fc67ed8aca23b6d2bdafe468f99ef5ed326 /gnu/packages/pdf.scm
parent81bf2ccbc408fc2e959d3f5ab019938dad2ce616 (diff)
downloadguix-667e777b4e4b7303b6f30a001fe2539b7207b65b.tar.gz
gnu: mupdf: Fix CVE-2016-{7504,7505,7506,7563,7564,9017,9136} in bundled mujs.
* gnu/packages/patches/mupdf-CVE-2016-7504.patch,
gnu/packages/patches/mupdf-CVE-2016-7505.patch
gnu/packages/patches/mupdf-CVE-2016-7506.patch
gnu/packages/patches/mupdf-CVE-2016-7563.patch
gnu/packages/patches/mupdf-CVE-2016-7564.patch
gnu/packages/patches/mupdf-CVE-2016-9017.patch
gnu/packages/patches/mupdf-CVE-2016-9136.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/pdf.scm (mupdf)[source]: Use them.
Diffstat (limited to 'gnu/packages/pdf.scm')
-rw-r--r--gnu/packages/pdf.scm9
1 files changed, 8 insertions, 1 deletions
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index 8aabacc9cc..ee33e3c9d1 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -491,7 +491,14 @@ extracting content or merging files.")
         (patches (search-patches "mupdf-build-with-openjpeg-2.1.patch"
                                  "mupdf-CVE-2016-6265.patch"
                                  "mupdf-CVE-2016-6525.patch"
-                                 "mupdf-CVE-2016-8674.patch"))
+                                 "mupdf-CVE-2016-7504.patch"
+                                 "mupdf-CVE-2016-7505.patch"
+                                 "mupdf-CVE-2016-7506.patch"
+                                 "mupdf-CVE-2016-7563.patch"
+                                 "mupdf-CVE-2016-7564.patch"
+                                 "mupdf-CVE-2016-8674.patch"
+                                 "mupdf-CVE-2016-9017.patch"
+                                 "mupdf-CVE-2016-9136.patch"))
         (modules '((guix build utils)))
         (snippet
             ;; Delete all the bundled libraries except for mujs, which is