diff options
Diffstat (limited to 'gnu/packages/image.scm')
| -rw-r--r-- | gnu/packages/image.scm | 79 |
1 files changed, 22 insertions, 57 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 54b7dd6e22..59113e3066 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -65,7 +65,6 @@ (define-public libpng (package (name "libpng") - (replacement libpng/fixed) (version "1.6.25") (source (origin (method url-fetch) @@ -76,6 +75,7 @@ (string-append "ftp://ftp.simplesystems.org/pub/libpng/png/src" "/libpng15/libpng-" version ".tar.xz"))) + (patches (search-patches "libpng-CVE-2016-10087.patch")) (sha256 (base32 "04c8inn745hw25wz2dc5vll5n5d2gsndj01i4srwzgz8861qvzh9")))) (build-system gnu-build-system) @@ -90,18 +90,9 @@ library. It supports almost all PNG features and is extensible.") (license license:zlib) (home-page "http://www.libpng.org/pub/png/libpng.html"))) -(define libpng/fixed - (package - (inherit libpng) - (source - (origin - (inherit (package-source libpng)) - (patches (search-patches "libpng-CVE-2016-10087.patch")))))) - (define-public libpng-1.2 (package (inherit libpng) - (replacement #f) (version "1.2.57") (source (origin @@ -259,12 +250,27 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (replacement libtiff/fixed) (version "4.0.7") (source (origin (method url-fetch) (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" version ".tar.gz")) + (patches (search-patches "libtiff-heap-overflow-tiffcp.patch" + "libtiff-null-dereference.patch" + "libtiff-heap-overflow-tif-dirread.patch" + "libtiff-heap-overflow-pixarlog-luv.patch" + "libtiff-divide-by-zero.patch" + "libtiff-divide-by-zero-ojpeg.patch" + "libtiff-tiffcp-underflow.patch" + "libtiff-invalid-read.patch" + "libtiff-CVE-2016-10092.patch" + "libtiff-heap-overflow-tiffcrop.patch" + "libtiff-divide-by-zero-tiffcrop.patch" + "libtiff-CVE-2016-10093.patch" + "libtiff-divide-by-zero-tiffcp.patch" + "libtiff-assertion-failure.patch" + "libtiff-CVE-2016-10094.patch" + "libtiff-CVE-2017-5225.patch")) (sha256 (base32 "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) @@ -292,29 +298,6 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.simplesystems.org/libtiff/"))) -(define libtiff/fixed - (package - (inherit libtiff) - (source - (origin - (inherit (package-source libtiff)) - (patches (search-patches "libtiff-heap-overflow-tiffcp.patch" - "libtiff-null-dereference.patch" - "libtiff-heap-overflow-tif-dirread.patch" - "libtiff-heap-overflow-pixarlog-luv.patch" - "libtiff-divide-by-zero.patch" - "libtiff-divide-by-zero-ojpeg.patch" - "libtiff-tiffcp-underflow.patch" - "libtiff-invalid-read.patch" - "libtiff-CVE-2016-10092.patch" - "libtiff-heap-overflow-tiffcrop.patch" - "libtiff-divide-by-zero-tiffcrop.patch" - "libtiff-CVE-2016-10093.patch" - "libtiff-divide-by-zero-tiffcp.patch" - "libtiff-assertion-failure.patch" - "libtiff-CVE-2016-10094.patch" - "libtiff-CVE-2017-5225.patch")))))) - (define-public libwmf (package (name "libwmf") @@ -446,8 +429,7 @@ work.") (define-public openjpeg (package (name "openjpeg") - (replacement openjpeg-2.1.2) - (version "2.1.1") + (version "2.1.2") (source (origin (method url-fetch) @@ -457,9 +439,11 @@ work.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1anv0rjkbxw9kx91wvlfpb3dhppibda6kb1papny46bjzi3pzhl2")) + "19yz4g0c45sm8y1z01j9djsrl1mkz3pmw7fykc6hkvrqymp7prsc")) (patches (search-patches "openjpeg-CVE-2016-5157.patch" - "openjpeg-CVE-2016-7163.patch")))) + "openjpeg-CVE-2016-7163.patch" + "openjpeg-CVE-2016-9850-CVE-2016-9851.patch" + "openjpeg-CVE-2016-9572-CVE-2016-9573.patch")))) (build-system cmake-build-system) (arguments ;; Trying to run `$ make check' results in a no rule fault. @@ -483,28 +467,9 @@ error-resilience, a Java-viewer for j2k-images, ...") (home-page "https://github.com/uclouvain/openjpeg") (license license:bsd-2))) -(define openjpeg-2.1.2 - (package - (inherit openjpeg) - (name "openjpeg") - (version "2.1.2") - (source - (origin - (method url-fetch) - (uri (string-append "https://github.com/uclouvain/openjpeg/archive/v" - version ".tar.gz")) - (file-name (string-append name "-" version ".tar.gz")) - (sha256 - (base32 - "19yz4g0c45sm8y1z01j9djsrl1mkz3pmw7fykc6hkvrqymp7prsc")) - (patches - (search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch" - "openjpeg-CVE-2016-9572-CVE-2016-9573.patch")))))) - (define-public openjpeg-1 (package (inherit openjpeg) (name "openjpeg") - (replacement #f) (version "1.5.2") (source (origin |