summary refs log tree commit diff
path: root/gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch
AgeCommit message (Collapse)Author
2017-08-10gnu: openjpeg: Update to 2.2.0 [security fixes].Marius Bakke
In addition to the patches we already had (which are not mentioned in the ChangeLog, but verified by following their respective GitHub issues) this release also fixes CVE-2016-9112, CVE-2016-5139, CVE-2016-5152, CVE-2016-5158, CVE-2016-5159, CVE-2016-1626 and CVE-2016-1628. See <https://github.com/uclouvain/openjpeg/blob/v2.2.0/CHANGELOG.md> for details. * gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch, gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/image.scm (openjpeg): Update to 2.2.0. [source](patches): Remove. * gnu/packages/gstreamer.scm (gst-plugins-bad)[arguments]: Add phase to patch hard-coded openjpeg-2.1 path.
2017-01-24gnu: openjpeg: Fix CVE-2016-{9572,9573}.Leo Famulari
* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (openjpeg-2.1.2)[source]: Use it.