On Wed, Aug 30, 2017 at 11:45:56PM +0200, Marius Bakke wrote:
> Fixes CVE-2017-6362 and CVE-2017-7890.
> 
> * gnu/packages/gd.scm (gd)[replacement]: New field.
> (gd-2.2.5): New variable.
> * gnu/packages/php.scm (gd-for-php): Remove variable
> (php)[inputs]: Replace GD-FOR-PHP with GD-2.2.5.
> * gnu/packages/patches/gd-CVE-2017-7890.patch: Delete file.
> * gnu/local.mk (dist_patch_DATA): Remove it.

LGTM, thank you!