gnu: graphicsmagick: Update to 1.3.25-1-56c8cae [security fixes].

Fixes CVE-2016-7800, CVE-2016-7996, CVE-2016-7997, and several other flaws.

* gnu/packages/imagemagick.scm (graphicsmagick): Update to 1.3.25-1-56c8cae.
[source]: Change method from 'url-fetch' to 'hg-fetch'.  Add 'file-name'.
This commit is contained in:
Mark H Weaver 2016-10-13 04:57:40 -04:00
parent e98e9f4e85
commit 1cc213850a
No known key found for this signature in database
GPG Key ID: 7CEF29847562C516
1 changed files with 52 additions and 43 deletions

View File

@ -3,6 +3,7 @@
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -24,6 +25,7 @@
#:use-module (guix build-system gnu) #:use-module (guix build-system gnu)
#:use-module (guix build-system perl) #:use-module (guix build-system perl)
#:use-module (guix download) #:use-module (guix download)
#:use-module (guix hg-download)
#:use-module (guix utils) #:use-module (guix utils)
#:use-module ((guix licenses) #:prefix license:) #:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages) #:use-module (gnu packages)
@ -157,48 +159,55 @@ script.")
(license (package-license imagemagick)))) (license (package-license imagemagick))))
(define-public graphicsmagick (define-public graphicsmagick
(package (let ((changeset "56c8cae") ; 3e01b
(name "graphicsmagick") (revision "1"))
(version "1.3.25") (package
(source (origin (name "graphicsmagick")
(method url-fetch) (version (string-append "1.3.25-" revision "." changeset))
(uri (string-append "ftp://ftp.graphicsmagick.org/pub/" (source (origin
"GraphicsMagick/" (version-major+minor version) (method hg-fetch)
"/GraphicsMagick-" version ".tar.xz")) (uri (hg-reference
(sha256 (url "http://hg.code.sf.net/p/graphicsmagick/code")
(base32 (changeset changeset)))
"17xcc7pfcmiwpfr1g8ys5a7bdnvqzka53vg3kkzhwwz0s99gljyn")))) (file-name (string-append name "-" version "-checkout"))
(build-system gnu-build-system) ;;(method url-fetch)
(arguments ;;(uri (string-append "ftp://ftp.graphicsmagick.org/pub/"
`(#:configure-flags ;; "GraphicsMagick/" (version-major+minor version)
(list "--with-frozenpaths" ;; "/GraphicsMagick-" version ".tar.xz"))
"--enable-shared=yes" (sha256
"--with-x=yes" (base32
(string-append "--with-gs-font-dir=" "1s9apvkn0kxr6i4i5wlkfw1prja02rgk689n3cf822zc0dkycxdh"))))
(assoc-ref %build-inputs "gs-fonts") (build-system gnu-build-system)
"/share/fonts/type1/ghostscript")))) (arguments
(inputs `(#:configure-flags
`(("graphviz" ,graphviz) (list "--with-frozenpaths"
("ghostscript" ,ghostscript) "--enable-shared=yes"
("gs-fonts" ,gs-fonts) "--with-x=yes"
("lcms" ,lcms) (string-append "--with-gs-font-dir="
("libx11" ,libx11) (assoc-ref %build-inputs "gs-fonts")
("libxml2" ,libxml2) "/share/fonts/type1/ghostscript"))))
("libtiff" ,libtiff) (inputs
("libpng" ,libpng) `(("graphviz" ,graphviz)
("libjpeg" ,libjpeg) ("ghostscript" ,ghostscript)
("freetype" ,freetype) ("gs-fonts" ,gs-fonts)
("bzip2" ,bzip2) ("lcms" ,lcms)
("xz" ,xz) ("libx11" ,libx11)
("zlib" ,zlib))) ("libxml2" ,libxml2)
(native-inputs ("libtiff" ,libtiff)
`(("pkg-config" ,pkg-config))) ("libpng" ,libpng)
(outputs '("out" ; 13 MiB ("libjpeg" ,libjpeg)
"doc")) ; ~7 MiB ("freetype" ,freetype)
(home-page "http://www.graphicsmagick.org") ("bzip2" ,bzip2)
(synopsis "Create, edit, compose, or convert bitmap images") ("xz" ,xz)
(description ("zlib" ,zlib)))
"GraphicsMagick provides a comprehensive collection of utilities, (native-inputs
`(("pkg-config" ,pkg-config)))
(outputs '("out" ; 13 MiB
"doc")) ; ~7 MiB
(home-page "http://www.graphicsmagick.org")
(synopsis "Create, edit, compose, or convert bitmap images")
(description
"GraphicsMagick provides a comprehensive collection of utilities,
programming interfaces, and GUIs, to support file format conversion, image programming interfaces, and GUIs, to support file format conversion, image
processing, and 2D vector rendering.") processing, and 2D vector rendering.")
(license license:expat))) (license license:expat))))