[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs.
|
From: |
Mark H Weaver |
|
Subject: |
Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs. |
|
Date: |
Sun, 15 Jan 2017 18:05:02 -0500 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Hi Leo,
Leo Famulari <address@hidden> writes:
> From 34cc0dc9d9451d540f8733ebca2a3db54a073aa0 Mon Sep 17 00:00:00 2001
> From: Marius Bakke <address@hidden>
> Date: Thu, 12 Jan 2017 19:06:55 +0100
> Subject: [PATCH 1/2] gnu: mupdf: Fix CVE-2016-{10132,10133} in bundled mujs.
>
> * gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch,
> gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/pdf.scm (mupdf)[replacement]: New field.
We should indeed add a 'replacement' field to 'mupdf', but that part of
the patch seems to have gotten lost:
> diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
> index 9b3571e67..5efc5e6d1 100644
> --- a/gnu/packages/pdf.scm
> +++ b/gnu/packages/pdf.scm
> @@ -6,10 +6,11 @@
> ;;; Copyright © 2016 Roel Janssen <address@hidden>
> ;;; Coypright © 2016 ng0 <address@hidden>
> ;;; Coypright © 2016 Efraim Flashner <address@hidden>
> -;;; Coypright © 2016 Marius Bakke <address@hidden>
> +;;; Coypright © 2016, 2017 Marius Bakke <address@hidden>
> ;;; Coypright © 2016 Ludovic Courtès <address@hidden>
> ;;; Coypright © 2016 Julien Lepiller <address@hidden>
> ;;; Copyright © 2016 Arun Isaac <address@hidden>
> +;;; Copyright © 2017 Leo Famulari <address@hidden>
> ;;;
> ;;; This file is part of GNU Guix.
> ;;;
> @@ -538,6 +539,18 @@ line tools for batch rendering (pdfdraw), rewriting
> files (pdfclean),
> and examining the file structure (pdfshow).")
> (license license:agpl3+)))
>
> +(define mupdf/fixed
> + (package
> + (inherit mupdf)
> + (source
> + (origin
> + (inherit (package-source mupdf))
> + (patches
> + (append
> + (origin-patches (package-source mupdf))
> + (search-patches "mupdf-mujs-CVE-2016-10132.patch"
> + "mupdf-mujs-CVE-2016-10133.patch")))))))
> +
> (define-public qpdf
> (package
> (name "qpdf")
Also, you should probably add a "Co-authored-by:" header in the commit
log for yourself :)
Otherwise it looks good to me.
Thanks to both of you for working on it!
Mark
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., (continued)
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Leo Famulari, 2017/01/12
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Marius Bakke, 2017/01/12
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Leo Famulari, 2017/01/15
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Marius Bakke, 2017/01/15
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Leo Famulari, 2017/01/15
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Marius Bakke, 2017/01/15
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs.,
Mark H Weaver <=
- Re: [PATCH] gnu: mupdf: Fix some security problems in bundled mujs., Leo Famulari, 2017/01/15