[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: graphicsmagick: Update to 1.3.24 [security update].
From: |
Leo Famulari |
Subject: |
01/01: gnu: graphicsmagick: Update to 1.3.24 [security update]. |
Date: |
Tue, 31 May 2016 17:33:22 +0000 (UTC) |
lfam pushed a commit to branch master
in repository guix.
commit 4d93a76138246ba1f9d6f81da4039e89e14570be
Author: Leo Famulari <address@hidden>
Date: Tue May 31 13:23:17 2016 -0400
gnu: graphicsmagick: Update to 1.3.24 [security update].
Fixes CVE-2016-{2317, 2318, 5118} and many other security issues
described in 'NEWS.txt'.
* gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/imagemagick.scm (graphicsmagick): Update to 1.3.24.
[source]: Remove patch.
---
gnu/local.mk | 1 -
gnu/packages/imagemagick.scm | 6 +++---
.../patches/graphicsmagick-CVE-2016-5118.patch | 19 -------------------
3 files changed, 3 insertions(+), 23 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 6e2d765..f669167 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -524,7 +524,6 @@ dist_patch_DATA =
\
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
%D%/packages/patches/gobject-introspection-cc.patch \
%D%/packages/patches/gobject-introspection-girepository.patch \
- %D%/packages/patches/graphicsmagick-CVE-2016-5118.patch \
%D%/packages/patches/grep-timing-sensitive-test.patch \
%D%/packages/patches/grub-CVE-2015-8370.patch \
%D%/packages/patches/grub-gets-undeclared.patch \
diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm
index f129b16..dc03ea4 100644
--- a/gnu/packages/imagemagick.scm
+++ b/gnu/packages/imagemagick.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <address@hidden>
;;; Copyright © 2015 Eric Bavier <address@hidden>
;;; Copyright © 2015 Ricardo Wurmus <address@hidden>
+;;; Copyright © 2016 Leo Famulari <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -154,16 +155,15 @@ script.")
(define-public graphicsmagick
(package
(name "graphicsmagick")
- (version "1.3.23")
+ (version "1.3.24")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.graphicsmagick.org/pub/"
"GraphicsMagick/" (version-major+minor
version)
"/GraphicsMagick-" version ".tar.xz"))
- (patches (search-patches "graphicsmagick-CVE-2016-5118.patch"))
(sha256
(base32
- "03g6l2h8cmf231y1vma0z7x85070jm1ysgs9ppqcd3jj56jka9gx"))))
+ "1q40w5hcl8rcpszm0r7rpr3a9lj390p39zfvavkvlgxyyk7bmgsj"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch
b/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch
deleted file mode 100644
index ddd1ce9..0000000
--- a/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Fix CVE-2016-5118 (popen() shell vulnerability via filename).
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118
-
-Upstream patch copied from the bug announcement:
-http://seclists.org/oss-sec/2016/q2/432
-https://marc.info/?l=oss-security&m=146455222600609&w=2
-
-diff -r 33200fc645f6 magick/blob.c
---- a/magick/blob.c Sat Nov 07 14:49:16 2015 -0600
-+++ b/magick/blob.c Sun May 29 14:12:57 2016 -0500
-@@ -68,6 +68,7 @@
- */
- #define DefaultBlobQuantum 65541
-
-+#undef HAVE_POPEN
-
- /*
- Enum declarations.