~ruther/guix-local

ref: 575e5e4e51e01aed1044cd8ba9e00a9631eba794 guix-local/gnu/packages/image.scm -rw-r--r-- 47.3 KiB
696f1d0f — Leo Famulari 8 years ago 
gnu: libpng-apng: Be sure to apply the APNG patch.

* gnu/packages/image.scm (libpng-apng)[arguments]: Check the return status of
the patching procedures.

gnu: libpng-apng: Update to 1.6.28.

Fixes <https://bugs.gnu.org/27556>.

* gnu/packages/image.scm (libpng-apng): Update to 1.6.28.
Remove inherit of 'libpng'.
[version]: Use own version, remove 'package-version libpng'.
[source]: Don't inherit the source of libpng.
[arguments]: Update hash of libpng-apng source.

Signed-off-by: Leo Famulari <leo@famulari.name>
61adfb00 — Leo Famulari 8 years ago 
gnu: libtiff: Fix two integer overflows.

* gnu/packages/patches/libtiff-tiffycbcrtorgb-integer-overflow.patch,
gnu/packages/patches/libtiff-tiffycbcrtorgbinit-integer-overflow.patch:
New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them.
ed40e7c5 — Marius Bakke 8 years ago 
gnu: libjpeg-turbo: Update to 1.5.2.

* gnu/packages/image.scm (libjpeg-turbo): Update to 1.5.2.
[arguments]<#:phases>: Remove.
dab536fe — Alex Vong 8 years ago 
gnu: libtiff: Fix CVE-2017-{9936,10688}.

* gnu/packages/patches/libtiff-CVE-2017-9936.patch,
gnu/packages/patches/libtiff-CVE-2017-10688.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use them.

Signed-off-by: Leo Famulari <leo@famulari.name>
d5ec5ed7 — Ludovic Courtès 8 years ago 
packages: Mark 'replacement' as an "innate" field.

Suggested by Mark H Weaver
at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>.

* guix/packages.scm (<package>)[replacement]: Mark as "innate".
* gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24)
(glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove
'replacement' field, which was set to #f.
* gnu/packages/commencement.scm (perl-boot0): Likewise.
* gnu/packages/fontutils.scm (graphite2/fixed): Likewise.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise.
* gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise.
* gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise.
* gnu/packages/icu4c.scm (icu4c/fixed): Likewise.
* gnu/packages/image.scm (libpng-apng): Likewise.
* gnu/packages/make-bootstrap.scm (%guile-static): Likewise.
* gnu/packages/pcre.scm (pcre/fixed): Likewise.
* gnu/packages/perl.scm (perl/fixed): Likewise.
* gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1)
(ruby-1.8): Likewise.
* gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise.
* gnu/packages/xml.scm (expat-2.2.1): Likewise.
d17e085a — Leo Famulari 8 years ago 
gnu: Remove libwmf.

This package contains many security vulnerabilities and is no longer maintained
upstream. See this discussion for more information:

https://lists.gnu.org/archive/html/guix-devel/2017-05/msg00478.html

* gnu/packages/image.scm (libwmf): Remove variable.
* gnu/packages/wv.scm (wv)[inputs]: Remove libwmf.
[arguments]: Remove field.
* gnu/packages/abiword.scm (abiword)[inputs]: Remove libwmf.
[source]: Remove patch 'abiword-wmf-version-lookup-fix.patch'.
* gnu/packages/patches/abiword-wmf-version-lookup-fix.patch,
gnu/packages/patches/libwmf-CAN-2004-0941.patch,
gnu/packages/patches/libwmf-CVE-2006-3376.patch,
gnu/packages/patches/libwmf-CVE-2007-0455.patch,
gnu/packages/patches/libwmf-CVE-2007-2756.patch,
gnu/packages/patches/libwmf-CVE-2007-3472.patch,
gnu/packages/patches/libwmf-CVE-2007-3473.patch,
gnu/packages/patches/libwmf-CVE-2007-3477.patch,
gnu/packages/patches/libwmf-CVE-2009-1364.patch,
gnu/packages/patches/libwmf-CVE-2009-3546.patch,
gnu/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch,
gnu/packages/patches/libwmf-CVE-2015-4695.patch,
gnu/packages/patches/libwmf-CVE-2015-4696.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
148585c2 — Arun Isaac 8 years ago 
gnu: Move contents of zip module into compression module.

* gnu/packages/zip.scm (zip, unzip, zziplib, perl-zip): Move to...
* gnu/packages/compression.scm: ...here.
* gnu/packages/zip.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Unregister deleted file.
* po/packages/POTFILES.in: Unregister deleted file.
* gnu/packages/{audio, avr, bioinformatics, busybox, cdrom, ci, compression,
docbook, documentation, fonts, fpga, game-development, games, gl, gnome,
gnuzilla, graphics, guile, haskell, image, java, kodi, ldc, libreoffice,
markup, maths, mc, monitoring, music, php, pretty-print, python, scheme,
smalltalk, statistics, synergy, tex, textutils, video, web-browsers, xml,
zip}.scm, guix/build-system/{ant, font}.scm, guix/{download, packages}.scm:
Adapt module import.
340502ba — Tobias Geerinckx-Rice 8 years ago 
gnu: leptonica: Update to 1.74.4.

* gnu/packages/image.scm (leptonica): Update to 1.74.4.
8d138ea0 — Leo Famulari 8 years ago 
gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].

Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.

* gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
f66ea7b8 — Marius Bakke 8 years ago 
gnu: exiv2: Update to 0.26.

* gnu/packages/image.scm (exiv2): Update to 0.26.
[source]: Add new download location.
4a897c49 — Leo Famulari 8 years ago 
gnu: jasper: Update to 2.0.13.

* gnu/packages/image.scm (jasper): Update to 2.0.13.
[source]: Use GitHub URL and set the file-name. Remove
'jasper-CVE-2017-6850.patch'.
* gnu/packages/patches/jasper-CVE-2017-6850.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
0b8e89f6 — Ludovic Courtès 8 years ago 
gnu: libtiff@4.0.8: Fix source URL.

* gnu/packages/image.scm (libtiff-4.0.8)[origin]: Use 'ftp://' not
'http://'.
6f8cda18 — Marius Bakke 8 years ago 
Merge branch 'master' into staging
22e6656d — Leo Famulari 8 years ago 
gnu: libtiff: Update replacement to 4.0.8 [security fixes].

See 'ChangeLog' in the source distribution for more information about
the bugs and security issues fixed in this release.

* gnu/packages/image.scm (libtiff)[replacement]: Replace with libtiff-4.0.8.
(libtiff/fixed): Replace with ...
(libtiff-4.0.8): New variable.
* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
e4cddbbc — Marius Bakke 8 years ago 
Merge branch 'master' into staging
10cb88f8 — Leo Famulari 8 years ago 
gnu: jbig2dec: Fix CVE-2017-{7885,7975,7976}.

* gnu/packages/patches/jbig2dec-CVE-2017-7885.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7975.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7976.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jbig2dec)[source]: Use them.
61b1df6f — Marius Bakke 8 years ago 
Merge branch 'master' into staging
2f8b9c46 — Hartmut Goebel 9 years ago 
gnu: Add pngcrunch.

* gnu/packages/image.scm (pngcrunch): New variable.
484f7a88 — Kei Kebreau 9 years ago 
gnu: libtiff: Add fixes several security flaws.

Fixes CVE-2017-{7593, 7594, 7595, 7596, 7597, 7598, 7599, 7600, 7601, 7602}.

* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff)[replacement]: New field.
(libtiff/fixed): New variable.
Next