aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk2
-rw-r--r--gnu/packages/image.scm2
-rw-r--r--gnu/packages/patches/libpng-CVE-2016-10087.patch (renamed from gnu/packages/patches/libpng-fix-null-ptr-dereference.patch)3
3 files changed, 4 insertions, 3 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index b7c182fbf6..69633131e6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -675,7 +675,7 @@ dist_patch_DATA = \
%D%/packages/patches/libmad-armv7-thumb-pt2.patch \
%D%/packages/patches/libmad-frame-length.patch \
%D%/packages/patches/libmad-mips-newgcc.patch \
- %D%/packages/patches/libpng-fix-null-ptr-dereference.patch \
+ %D%/packages/patches/libpng-CVE-2016-10087.patch \
%D%/packages/patches/libssh-0.6.5-CVE-2016-0739.patch \
%D%/packages/patches/libtar-CVE-2013-4420.patch \
%D%/packages/patches/libtheora-config-guess.patch \
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 687596f966..ab4d3b0e57 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -95,7 +95,7 @@ library. It supports almost all PNG features and is extensible.")
(source
(origin
(inherit (package-source libpng))
- (patches (search-patches "libpng-fix-null-ptr-dereference.patch"))))))
+ (patches (search-patches "libpng-CVE-2016-10087.patch"))))))
(define-public libpng-1.2
(package
diff --git a/gnu/packages/patches/libpng-fix-null-ptr-dereference.patch b/gnu/packages/patches/libpng-CVE-2016-10087.patch
index 192459162b..8093b3e448 100644
--- a/gnu/packages/patches/libpng-fix-null-ptr-dereference.patch
+++ b/gnu/packages/patches/libpng-CVE-2016-10087.patch
@@ -1,5 +1,6 @@
-Fix a null pointer dereference in png_set_text_2():
+Fix CVE-2016-10087, a null pointer dereference in png_set_text_2():
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
http://seclists.org/oss-sec/2016/q4/777
Patch adapted from upstream source repository: