summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/image.scm5
-rw-r--r--gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch31
3 files changed, 2 insertions, 35 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 63f84ab459..60b3b652f1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1086,7 +1086,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/libgnome-encoding.patch			\
   %D%/packages/patches/libgnomeui-utf8.patch			\
   %D%/packages/patches/libgpg-error-gawk-compat.patch		\
-  %D%/packages/patches/libjpeg-turbo-CVE-2019-2201.patch	\
   %D%/packages/patches/libjxr-fix-function-signature.patch	\
   %D%/packages/patches/libjxr-fix-typos.patch			\
   %D%/packages/patches/libotr-test-auth-fix.patch		\
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index c433429656..c70a60584b 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1487,15 +1487,14 @@ is hereby granted."))))
 (define-public libjpeg-turbo
   (package
     (name "libjpeg-turbo")
-    (version "2.0.3")
+    (version "2.0.4")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://sourceforge/libjpeg-turbo/"
                                   version "/libjpeg-turbo-" version ".tar.gz"))
-              (patches (search-patches "libjpeg-turbo-CVE-2019-2201.patch"))
               (sha256
                (base32
-                "1ds16bnj17v6hzd43w8pzijz3imd9am4hw75ir0fxm240m8dwij2"))))
+                "01ill8bgjyk582wipx7sh7gj2nidylpbzvwhx0wkcm6mxx3qbp9k"))))
     (build-system cmake-build-system)
     (native-inputs
      `(("nasm" ,nasm)))
diff --git a/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch b/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch
deleted file mode 100644
index 35f2bf5963..0000000000
--- a/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Fix integer overflow which can potentially lead to RCE.
-
-https://www.openwall.com/lists/oss-security/2019/11/11/1
-https://nvd.nist.gov/vuln/detail/CVE-2019-2201
-
-The problem was partially fixed in 2.0.3.  This patch is a follow-up.
-https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
-https://github.com/libjpeg-turbo/libjpeg-turbo/commit/c30b1e72dac76343ef9029833d1561de07d29bad
-
-diff --git a/tjbench.c b/tjbench.c
-index a7d397318..13a5bde62 100644
---- a/tjbench.c
-+++ b/tjbench.c
-@@ -171,7 +171,7 @@ static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf,
-   }
-   /* Set the destination buffer to gray so we know whether the decompressor
-      attempted to write to it */
--  memset(dstBuf, 127, pitch * scaledh);
-+  memset(dstBuf, 127, (size_t)pitch * scaledh);
- 
-   if (doYUV) {
-     int width = doTile ? tilew : scaledw;
-@@ -193,7 +193,7 @@ static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf,
-     double start = getTime();
- 
-     for (row = 0, dstPtr = dstBuf; row < ntilesh;
--         row++, dstPtr += pitch * tileh) {
-+         row++, dstPtr += (size_t)pitch * tileh) {
-       for (col = 0, dstPtr2 = dstPtr; col < ntilesw;
-            col++, tile++, dstPtr2 += ps * tilew) {
-         int width = doTile ? min(tilew, w - col * tilew) : scaledw;