summary refs log tree commit diff
path: root/gnu/packages
diff options
context:
space:
mode:
authorLéo Le Bouter <lle-bout@zaclys.net>2021-03-10 00:45:48 +0100
committerLéo Le Bouter <lle-bout@zaclys.net>2021-03-10 00:52:47 +0100
commit6320700b114f09c09fbe613e2032abe077d28583 (patch)
tree3c43ad86953bfa2c3effc0776ffc9bef2465faa3 /gnu/packages
parent82a2f182c59cd9adef4991e0adfb575fec95e52d (diff)
downloadguix-6320700b114f09c09fbe613e2032abe077d28583.tar.gz
gnu: libtiff: Update to 4.2.0 [security fixes].
Non-exhaustively, fixes CVE-2020-35523, CVE-2020-35522 and CVE-2020-35521.

* gnu/packages/image.scm (libtiff/fixed): New variable.
(libtiff)[replacement]: Graft.
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/image.scm14
1 files changed, 14 insertions, 0 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index a68ff66448..94d5e4d358 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -590,6 +590,7 @@ extracting icontainer icon files.")
        (sha256
         (base32
          "0d46bdvxdiv59lxnb0xz9ywm8arsr6xsapi5s6y6vnys2wjz6aax"))))
+   (replacement libtiff/fixed)
    (build-system gnu-build-system)
    (outputs '("out"
               "doc"))                           ;1.3 MiB of HTML documentation
@@ -612,6 +613,19 @@ collection of tools for doing simple manipulations of TIFF images.")
                                   "See COPYRIGHT in the distribution."))
    (home-page "http://www.simplesystems.org/libtiff/")))
 
+(define-public libtiff/fixed
+  (package
+    (inherit libtiff)
+    (version "4.2.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.osgeo.org/libtiff/tiff-"
+                           version ".tar.gz"))
+       (sha256
+        (base32
+         "1jrkjv0xya9radddn8idxvs2gqzp3l2b1s8knlizmn7ad3jq817b"))))))
+
 (define-public leptonica
   (package
     (name "leptonica")
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-21 18:01:00 +0000