aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/image.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-10-26 22:58:28 +0200
committerMarius Bakke <mbakke@fastmail.com>2017-10-27 00:50:09 +0200
commit4119376d66f2016dd60e5da6b36d90894b6a74f4 (patch)
treec73fcc6714130eb51fb03feb314433673609ca1e /gnu/packages/image.scm
parentba2cd6c2d8f40bc4d3fb91dd4c6ea05b8a586dec (diff)
downloadguix-4119376d66f2016dd60e5da6b36d90894b6a74f4.tar.gz
guix-4119376d66f2016dd60e5da6b36d90894b6a74f4.zip
gnu: exiv2: Add upstream security fixes.
Fixes CVE-2017-14859, CVE-2017-14860, CVE-2017-14862 and CVE-2017-14864. * gnu/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch, gnu/packages/patches/exiv2-CVE-2017-14860.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them. * gnu/packages/image.scm (exiv2)[source]: Use them.
Diffstat (limited to 'gnu/packages/image.scm')
-rw-r--r--gnu/packages/image.scm2
1 files changed, 2 insertions, 0 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index b53247de82..df8ac67e41 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -866,6 +866,8 @@ channels.")
version ".tar.gz")
(string-append "https://fossies.org/linux/misc/exiv2-"
version ".tar.gz")))
+ (patches (search-patches "exiv2-CVE-2017-14860.patch"
+ "exiv2-CVE-2017-14859-14862-14864.patch"))
(sha256
(base32
"1yza317qxd8yshvqnay164imm0ks7cvij8y8j86p1gqi1153qpn7"))))