M gnu/local.mk => gnu/local.mk +2 -0
@@ 610,6 610,8 @@ dist_patch_DATA = \
%D%/packages/patches/fltk-shared-lib-defines.patch \
%D%/packages/patches/fltk-xfont-on-demand.patch \
%D%/packages/patches/fontforge-svg-modtime.patch \
+ %D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \
+ %D%/packages/patches/foomatic-filters-CVE-2015-8560.patch \
%D%/packages/patches/freeimage-CVE-2015-0852.patch \
%D%/packages/patches/freeimage-CVE-2016-5684.patch \
%D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \
A gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch => gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch +14 -0
@@ 0,0 1,14 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8327>.
+
+--- a/util.c 2014-06-20 19:26:18 +0000
++++ b/util.c 2015-10-30 15:45:03 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"#*?()[]{}";
++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {
+
A gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch => gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch +13 -0
@@ 0,0 1,13 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8560>.
+
+--- a/util.c 2015-10-30 15:45:03 +0000
++++ b/util.c 2015-12-12 23:27:21 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {