gnu: libjpeg-turbo: Replace with 2.0.2 [security fixes].
This fixes CVE-2018-20330 and CVE-2018-19664. * gnu/packages/image.scm (libjpeg-turbo)[replacement]: New field. (libjpeg-turbo-2.0.2): New public variable.
This commit is contained in:
parent
ec92d786be
commit
0296142087
|
@ -1299,6 +1299,7 @@ PNG, and performs PNG integrity checks and corrections.")
|
|||
(package
|
||||
(name "libjpeg-turbo")
|
||||
(version "2.0.1")
|
||||
(replacement libjpeg-turbo-2.0.2)
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/libjpeg-turbo/"
|
||||
|
@ -1328,6 +1329,18 @@ and decompress to 32-bit and big-endian pixel buffers (RGBX, XBGR, etc.).")
|
|||
license:ijg ;the libjpeg library and associated tools
|
||||
license:zlib)))) ;the libjpeg-turbo SIMD extensions
|
||||
|
||||
(define-public libjpeg-turbo-2.0.2
|
||||
(package
|
||||
(inherit libjpeg-turbo)
|
||||
(version "2.0.2")
|
||||
(source (origin
|
||||
(inherit (package-source libjpeg-turbo))
|
||||
(uri (string-append "mirror://sourceforge/libjpeg-turbo/"
|
||||
version "/libjpeg-turbo-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1v9gx1gdzgxf51nd55ncq7rghmj4x9x91rby50ag36irwngmkf5c"))))))
|
||||
|
||||
(define-public niftilib
|
||||
(package
|
||||
(name "niftilib")
|
||||
|
|
Loading…
Reference in New Issue