ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-12-25 22:08:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: imagemagick: Update to 6.9.3-10.

Browse source 
Fixes CVE-2016–3714.

* gnu/packages/imagemagick.scm (imagemagick): Update to 6.9.3-10.
[source]: Remove patch.
* gnu/packages/patches/imagemagick-test-segv.patch: Delete.
* gnu/local.mk (dist_patch_DATA): Remove patch file from distribution.
This commit is contained in:
David Thompson 2016-05-04 12:46:01 -04:00
parent 11057c4b58
commit d663e5e600
No known key found for this signature in database
GPG key ID: 8328C7470FF1D807
3 changed files with 2 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
gnu/local.mk
View file

@ -544,7 +544,6 @@ dist_patch_DATA = \
gnu/packages/patches/icu4c-CVE-2015-1270.patch \ gnu/packages/patches/icu4c-CVE-2015-1270.patch \
gnu/packages/patches/icu4c-CVE-2015-4760.patch \ gnu/packages/patches/icu4c-CVE-2015-4760.patch \
gnu/packages/patches/ilmbase-fix-tests.patch \ gnu/packages/patches/ilmbase-fix-tests.patch \
gnu/packages/patches/imagemagick-test-segv.patch \
gnu/packages/patches/imlib2-CVE-2016-4024.patch \ gnu/packages/patches/imlib2-CVE-2016-4024.patch \
gnu/packages/patches/irrlicht-mesa-10.patch \ gnu/packages/patches/irrlicht-mesa-10.patch \
gnu/packages/patches/jasper-CVE-2007-2721.patch \ gnu/packages/patches/jasper-CVE-2007-2721.patch \

5
gnu/packages/imagemagick.scm
View file

@ -40,15 +40,14 @@ (define-module (gnu packages imagemagick)
(define-public imagemagick (define-public imagemagick
(package (package
(name "imagemagick") (name "imagemagick")
(version "6.9.2-1") (version "6.9.3-10")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "mirror://imagemagick/ImageMagick-" (uri (string-append "mirror://imagemagick/ImageMagick-"
version ".tar.xz")) version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"159afhqrj22jlz745ccbgnkdiwvn8pjcc96jic0iv9ms7gqxwln5")) "0sik2jl1cywnpr5xm28mjhs1l8kxry65f3v2kqzp0cczhwf04gz3"))))
(patches (search-patches "imagemagick-test-segv.patch"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
`(#:configure-flags '("--with-frozenpaths") `(#:configure-flags '("--with-frozenpaths")

20
gnu/packages/patches/imagemagick-test-segv.patch
View file

@ -1,20 +0,0 @@
This patch works around a segmentation fault in 'Magick++/tests/color' when
running 'Magick++/tests/tests.tap'. Here we get an exception early on, which
is supposedly harmless:
Caught exception: color: UnableToOpenConfigureFile `colors.xml' @ warning/configure.c/GetConfigureOptions/706
However, when the stack unwinders run, 'UnregisterDOTImage' gets called even
though 'RegisterDOTImage' hadn't been called yet; thus, 'graphic_context' in
coders/dot.c is NULL, leading to the segfault.
--- ImageMagick-6.9.2-1/coders/dot.c 2015-09-16 17:32:42.900323334 +0200
+++ ImageMagick-6.9.2-1/coders/dot.c 2015-09-16 17:32:48.312367636 +0200
@@ -240,6 +240,7 @@ ModuleExport void UnregisterDOTImage(voi
(void) UnregisterMagickInfo("GV");
(void) UnregisterMagickInfo("DOT");
#if defined(MAGICKCORE_GVC_DELEGATE)
+ if (graphic_context != NULL)
gvFreeContext(graphic_context);
#endif
}