mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
gnu: lcms: Mention CVE-2016-10165.
* gnu/packages/patches/lcms-fix-out-of-bounds-read.patch: Rename to ... * gnu/packages/patches/lcms-CVE-2016-10165.patch: ... this. * gnu/local.mk (dist_patch_DATA): Adjust. * gnu/packages/ghostscript.scm (lcms)[source]: Use renamed patch. Signed-off-by: Marius Bakke <mbakke@fastmail.com>
This commit is contained in:
parent
e4f43bc517
commit
ed7732bc62
3 changed files with 6 additions and 3 deletions
|
@ -9,6 +9,7 @@
|
||||||
# Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
|
# Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
|
||||||
# Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
|
# Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
|
||||||
# Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
|
# Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
|
||||||
|
# Copyright © 2016, 2017 Alex Vong <alexvong1995@gmail.com>
|
||||||
#
|
#
|
||||||
# This file is part of GNU Guix.
|
# This file is part of GNU Guix.
|
||||||
#
|
#
|
||||||
|
@ -656,7 +657,7 @@ dist_patch_DATA = \
|
||||||
%D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch \
|
%D%/packages/patches/kobodeluxe-midicon-segmentation-fault.patch \
|
||||||
%D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch \
|
%D%/packages/patches/kobodeluxe-graphics-window-signed-char.patch \
|
||||||
%D%/packages/patches/laby-make-install.patch \
|
%D%/packages/patches/laby-make-install.patch \
|
||||||
%D%/packages/patches/lcms-fix-out-of-bounds-read.patch \
|
%D%/packages/patches/lcms-CVE-2016-10165.patch \
|
||||||
%D%/packages/patches/ldc-disable-tests.patch \
|
%D%/packages/patches/ldc-disable-tests.patch \
|
||||||
%D%/packages/patches/ldc-1.1.0-disable-dmd-tests.patch \
|
%D%/packages/patches/ldc-1.1.0-disable-dmd-tests.patch \
|
||||||
%D%/packages/patches/ldc-1.1.0-disable-phobos-tests.patch \
|
%D%/packages/patches/ldc-1.1.0-disable-phobos-tests.patch \
|
||||||
|
|
|
@ -45,7 +45,7 @@ (define-public lcms
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (string-append "mirror://sourceforge/lcms/lcms/" version
|
(uri (string-append "mirror://sourceforge/lcms/lcms/" version
|
||||||
"/lcms2-" version ".tar.gz"))
|
"/lcms2-" version ".tar.gz"))
|
||||||
(patches (search-patches "lcms-fix-out-of-bounds-read.patch"))
|
(patches (search-patches "lcms-CVE-2016-10165.patch"))
|
||||||
(sha256 (base32
|
(sha256 (base32
|
||||||
"08pvl289g0mbznzx5l6ibhaldsgx41kwvdn2c974ga9fkli2pl36"))))
|
"08pvl289g0mbznzx5l6ibhaldsgx41kwvdn2c974ga9fkli2pl36"))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
Fix an out-of-bounds heap read in Type_MLU_Read():
|
Fix CVE-2016-10165, an out-of-bounds heap read in Type_MLU_Read():
|
||||||
|
|
||||||
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10165
|
||||||
http://seclists.org/oss-sec/2016/q3/288
|
http://seclists.org/oss-sec/2016/q3/288
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1367357
|
https://bugzilla.redhat.com/show_bug.cgi?id=1367357
|
||||||
|
https://security-tracker.debian.org/tracker/CVE-2016-10165
|
||||||
|
|
||||||
Patch copied from upstream source repository:
|
Patch copied from upstream source repository:
|
||||||
|
|
Loading…
Reference in a new issue