From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52732) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dEdl9-0005sW-4s for guix-patches@gnu.org; Sat, 27 May 2017 11:36:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dEdl4-0000oW-QZ for guix-patches@gnu.org; Sat, 27 May 2017 11:36:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:38235) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dEdl4-0000oS-Lt for guix-patches@gnu.org; Sat, 27 May 2017 11:36:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dEdl4-0006ID-GQ for guix-patches@gnu.org; Sat, 27 May 2017 11:36:02 -0400 Subject: bug#27102: [PATCH] gnu: libtiff: Update replacement to 4.0.8 [security fixes]. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:52697) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dEdkp-0005rq-4o for guix-patches@gnu.org; Sat, 27 May 2017 11:35:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dEdkm-0000lx-2t for guix-patches@gnu.org; Sat, 27 May 2017 11:35:47 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:58075) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dEdkl-0000lt-NS for guix-patches@gnu.org; Sat, 27 May 2017 11:35:43 -0400 Received: from localhost.localdomain (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 80F9B7E51B for ; Sat, 27 May 2017 11:35:42 -0400 (EDT) From: Leo Famulari Date: Sat, 27 May 2017 11:35:37 -0400 Message-Id: <6291a7c0abb54219be27e0b9137f7e2c772ef6c3.1495899337.git.leo@famulari.name> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 27102@debbugs.gnu.org See 'ChangeLog' in the source distribution for more information about the bugs and security issues fixed in this release. * gnu/packages/image.scm (libtiff)[replacement]: Replace with libtiff-4.0.8. (libtiff/fixed): Replace with ... (libtiff-4.0.8): New variable. --- gnu/packages/image.scm | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 86902d568..2a13404d6 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -335,7 +335,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (replacement libtiff/fixed) + (replacement libtiff-4.0.8) (version "4.0.7") (source (origin (method url-fetch) @@ -384,18 +384,18 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.simplesystems.org/libtiff/"))) -(define libtiff/fixed +(define libtiff-4.0.8 (package (inherit libtiff) + (version "4.0.8") (source (origin - (inherit (package-source libtiff)) - (patches - (append - (origin-patches (package-source libtiff)) - (search-patches "libtiff-CVE-2017-7593.patch" - "libtiff-CVE-2017-7594.patch" - "libtiff-multiple-UBSAN-crashes.patch"))))))) + (method url-fetch) + (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" + version ".tar.gz")) + (sha256 + (base32 + "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr")))))) (define-public libwmf (package -- 2.13.0