Commit Graph

169 Commits

Author SHA1 Message Date
Kei Kebreau 484f7a8862
gnu: libtiff: Add fixes several security flaws.
Fixes CVE-2017-{7593, 7594, 7595, 7596, 7597, 7598, 7599, 7600, 7601, 7602}.

* gnu/packages/patches/libtiff-CVE-2017-7593.patch,
gnu/packages/patches/libtiff-CVE-2017-7594.patch,
gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff)[replacement]: New field.
(libtiff/fixed): New variable.
2017-05-07 06:57:53 -04:00
Marius Bakke 1aa78816f9
gnu: imlib2: Update to 1.4.10.
* gnu/packages/image.scm (imlib2): Update to 1.4.10.
2017-04-21 15:36:37 +02:00
Efraim Flashner 0eb0fe2d30
gnu: jasper: Fixx CVE-2017-6850.
* gnu/packages/image.scm (jasper)[source]: Add patch.
* gnu/packages/patches/jasper-CVE-2017-6850.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-04-12 06:19:56 +03:00
Leo Famulari 9167488490
gnu: jbig2dec: Fix CVE-2016-9601.
* gnu/packages/patches/jbig2dec-CVE-2016-9601.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (jbig2dec)[source]: Use it.
2017-04-02 19:38:56 -04:00
Marius Bakke 77ab6983a1
gnu: devil: Update to 1.8.0.
* gnu/packages/patches/devil-CVE-2009-3994.patch,
gnu/packages/patches/devil-fix-libpng.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (devil): Update to 1.8.0.
[source]: Remove patches and snippet.
[build-system]: Change to CMAKE-BUILD-SYSTEM.
[arguments]: Disable tests. Remove #:configure-flags and add a
'change-directory' phase. Remove 'fix-tests' phase.
[inputs]: Change LIBJPEG to LIBJPEG-TURBO.
2017-03-24 00:12:00 +01:00
Ricardo Wurmus dc8a34ed46
gnu: freeimage: Fix build with GCC 5.
* gnu/packages/patches/freeimage-fix-build-with-gcc-5.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (freeimage)[source]: Add patch.
2017-03-22 14:45:44 +01:00
Efraim Flashner 378de69c59
Merge remote-tracking branch 'origin/master' into core-updates 2017-03-22 12:57:37 +02:00
Efraim Flashner 60092c181c
gnu: zimg: Update to 2.5.
* gnu/packages/image.scm (zimg): Update to 2.5.
2017-03-21 22:35:32 +02:00
Leo Famulari 957699ee92
gnu: openjpeg: Remove obsolete patches.
* gnu/packages/patches/openjpeg-CVE-2016-5157.patch,
gnu/packages/patches/openjpeg-CVE-2016-7163.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/image.scm (openjpeg)[source]: Remove them.
2017-03-20 18:24:58 -04:00
Mark H Weaver f67337e23e
Merge branch 'master' into core-updates 2017-03-19 18:52:12 -04:00
Ricardo Wurmus f729a4d8b2
gnu: niftilib: Simplify build phases.
* gnu/packages/image.scm (niftilib)[arguments]: Use make-flags instead of
replacing "configure" phase; simplify "install" phase.
2017-03-19 14:26:33 +01:00
John Darrington 21122bd79e
gnu: Add niftilib.
* gnu/packages/image.scm (niftilib): New variable.
2017-03-18 15:25:59 +01:00
Marius Bakke 2a047d59e0
gnu: libwebp: Update to 0.6.0.
* gnu/packages/image.scm (libwebp): Update to 0.6.0.
[source]: Remove patch.
* gnu/packages/patches/libwebp-CVE-2016-9085.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-03-17 20:41:15 +01:00
Kei Kebreau 8f98581613
gnu: libpng-apng: Remove unnecessary call to libtool.
* gnu/packages/image.scm (libpng-apng)[phases]: Remove it.
2017-03-17 11:36:27 -04:00
ng0 114a325e8f
gnu: Add libpng-apng.
* gnu/packages/image.scm (libpng-apng): New variable.

Co-authored-by: Kei Kebreau <kei@openmailbox.org>
2017-03-17 11:25:15 -04:00
Ludovic Courtès e90e0fad1b
Merge branch 'master' into core-updates 2017-03-09 16:35:41 +01:00
Marius Bakke aa6738ddb6
gnu: jasper: Update to 2.0.12.
* gnu/packages/image.scm (jasper): Update to 2.0.12.
2017-03-03 17:11:02 +01:00
Efraim Flashner 864738baaa
gnu: libpng: Update to 1.6.28.
* gnu/packages/image.scm (libpng): Update to 1.6.28.
[source]: Remove patch.
* gnu/packages/patches/libpng-CVE-2016-10087.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2017-02-20 10:54:25 +02:00
Efraim Flashner 913059a120
gnu: libpng: Update source urls.
* gnu/packages/image.scm (libpng)[source]: Add 'history' location for
older versions.
2017-02-20 09:35:06 +02:00
Leo Famulari 66707558b6
gnu: openjpeg: Incorporate grafted changes.
* gnu/packages/image.scm (openjpeg)[replacement]: Remove field.
[source]: Update to 2.1.2. Add patches
'openjpeg-CVE-2016-9850-CVE-2016-9851.patch' and
'openjpeg-CVE-2016-9572-CVE-2016-9573.patch'.
(openjpeg-1)[replacement]: Remove field.
(openjpeg-2.1.2): Remove variable.
2017-01-25 13:23:26 -05:00
Leo Famulari 29705bc29f
gnu: libtiff: Incorporate grafted patches.
* gnu/packages/image.scm (libtiff)[replacement]: Remove field.
[source]: Add patches from libtiff/fixed.
(libtiff/fixed): Remove variable.
2017-01-25 13:23:26 -05:00
Leo Famulari 9b1bb70904
gnu: libpng: Incorporate grafted patch.
* gnu/packages/image.scm (libpng)[replacement]: Remove field.
[source]: Add patch 'libpng-CVE-2016-10087.patch'.
(libpng-1.2)[replacement]: Remove field.
(libpng/fixed): Remove variable.
2017-01-25 13:23:25 -05:00
Leo Famulari 0769cea697
gnu: openjpeg: Fix CVE-2016-{9572,9573}.
* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg-2.1.2)[source]: Use it.
2017-01-24 16:19:03 -05:00
Leo Famulari 62cf8fa7cd
gnu: libtiff: Fix CVE-2017-5225.
* gnu/packages/patches/libtiff-CVE-2017-5225.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2017-01-23 02:13:38 -05:00
Leo Famulari 4b96149d8b
gnu: libtiff: Fix CVE-2016-{10092,10093,10094} and others.
* gnu/packages/patches/libtiff-CVE-2016-10092.patch,
gnu/packages/patches/libtiff-CVE-2016-10093.patch,
gnu/packages/patches/libtiff-CVE-2016-10094.patch,
gnu/packages/patches/libtiff-assertion-failure.patch,
gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch,
gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch,
gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch,
gnu/packages/patches/libtiff-divide-by-zero.patch,
gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch,
gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch,
gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch,
gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch,
gnu/packages/patches/libtiff-invalid-read.patch,
gnu/packages/patches/libtiff-null-dereference.patch,
gnu/packages/patches/libtiff-tiffcp-underflow.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff)[replacement]: New field.
(libtiff/fixed): New variable.
2017-01-10 17:52:42 -05:00
Tobias Geerinckx-Rice 3b3b60d037
gnu: Use HTTPS for all sourceforge.net home pages.
* gnu/packages/admin.scm (mingetty, clusterssh)[home-page]: Use HTTPS.
* gnu/packages/audio.scm (libbs2b, soxr)[home-page]: Likewise.
* gnu/packages/bioinformatics.scm (bless)[home-page]: Likewise.
* gnu/packages/display-managers.scm (slim)[home-page]: Likewise.
* gnu/packages/games.scm (extremetuxracer)[home-page]: Likewise.
* gnu/packages/ghostscript.scm (gs-fonts)[home-page]: Likewise.
* gnu/packages/haskell.scm (ghc-regex-base, ghc-regex-posix,
ghc-regex-compat)[home-page]: Likewise.
* gnu/packages/image.scm (imlib2)[home-page]: Likewise.
* gnu/packages/libreoffice.scm (librevenge, libcmis, libodfgen, libmwaw)
[home-page]: Likewise.
* gnu/packages/linux.scm (hdparm, acpid, libavc1394, rng-tools)
[home-page]: Likewise.
* gnu/packages/mail.scm (esmtp)[home-page]: Likewise.
* gnu/packages/mp3.scm (ripperx)[home-page]: Likewise.
* gnu/packages/onc-rpc.scm (libtirpc)[home-page]: Likewise.
* gnu/packages/perl.scm (perl-czplib)[home-page]: Likewise.
* gnu/packages/python.scm (python-pyasn1-modules)[home-page]: Likewise.
* gnu/packages/xdisorg.scm (xosd)[home-page]: Likewise.
2017-01-04 05:14:22 +01:00
Efraim Flashner 4b50daab00
gnu: jasper: Update to 2.0.10.
* gnu/packages/image.scm (jasper): Update to 2.0.10.
2017-01-02 21:48:38 +02:00
Leo Famulari 858b9afeaf
gnu: libpng: Mention CVE-2016-10087.
* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: Rename to ...
* gnu/packages/patches/libpng-CVE-2016-10087.patch: ... this.
* gnu/local.mk (dist_patch_DATA): Adjust.
* gnu/packages/image.scm (libpng/fixed)[source]: Use renamed patch.
2016-12-30 14:33:21 -05:00
Leo Famulari fc604eda3d
gnu: libpng-1.2: Update to 1.2.57 [security update].
* gnu/packages/image.scm (libpng-1.2): Update to 1.2.57.
[replacement]: New field.
2016-12-29 13:41:43 -05:00
Leo Famulari 322e724bfa
gnu: libpng: Fix a null pointer dereference [fixes security issue].
* gnu/packages/patches/libpng-fix-null-ptr-dereference.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libpng)[replacement]: New field.
(libpng/fixed): New variable.
2016-12-29 13:36:00 -05:00
Taylan Ulrich Bayırlı/Kammer d02fb7cec6
gnu: leptonica: Update to 1.74.0.
* gnu/packages/image.scm (leptonica): Update to 1.74.0.

Signed-off-by: Marius Bakke <mbakke@fastmail.com>
2016-12-25 13:48:57 +01:00
Alex Kost bee075e706
gnu: libjpeg-turbo: Fix typo.
This is a followup to commit e90a706e16.

* gnu/packages/image.scm (libjpeg-turbo): Remove extra "\".
2016-12-13 19:56:07 +03:00
Efraim Flashner e90a706e16
gnu: libjpeg-turbo: Fix build on mips.
* gnu/packages/image.scm (libjpeg-turbo)[arguments]: Add substitution to
set variable type before use.
2016-12-13 11:15:32 +02:00
Leo Famulari 4a990395d7
Merge branch 'staging' 2016-12-11 15:03:52 -05:00
Leo Famulari 5ce09ef18f
gnu: openjpeg-2.1.2: Use a meaningful file-name for the source code.
This is a followup to commit 0e8b7b1c35.

* gnu/packages/image.scm (openjpeg-2.1.2)[source]: Give a meaningful
file-name.
2016-12-11 02:25:16 -05:00
Leo Famulari 0e8b7b1c35
gnu: openjpeg: Update replacement to 2.1.2 [fixes CVE-2016-{7445,8332}].
* gnu/packages/image.scm (openjpeg/fixed): Replace variable with ...
(openjpeg-2.1.2): ... this.
[patches]: Remove patches inherited from openjpeg.
(openjpeg)[replacement]: Replace with openjpeg-2.1.2.
2016-12-11 02:04:31 -05:00
Mark H Weaver d94691e0c2
Merge branch 'master' into staging 2016-12-10 23:03:57 -05:00
Efraim Flashner a304b6c362
gnu: openjpeg: Add fixes for CVE-2016-{9850,9851}.
* gnu/packages/image.scm (openjpeg)[replacement]: New field.
(openjpeg/fixed): New variable, patch against CVE-2016-9850,
CVE-2016-9851.
* gnu/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2016-12-10 21:46:45 +02:00
Efraim Flashner a6cd85742d
gnu: jasper: Update to 2.0.6.
* gnu/packages/image.scm (jasper): Update to 2.0.6.
2016-12-10 20:59:19 +02:00
Marius Bakke a351fc8369
Merge branch 'master' into staging 2016-12-04 17:41:36 +01:00
Alex Kost 023f0fb06e
gnu: exiv2: Move to (gnu packages image).
* gnu/packages/geeqie.scm (exiv2): Move to...
* gnu/packages/image.scm: ... here.
* gnu/packages/gnome.scm: Adjust the used modules.
* gnu/packages/gnunet.scm: Likewise.
* gnu/packages/gps.scm: Likewise.
2016-12-04 17:39:48 +03:00
Marius Bakke 8a7cbc882a
Merge branch 'master' into staging 2016-11-30 18:24:32 +01:00
Tobias Geerinckx-Rice 37e05d64e4
gnu: Add libjpeg-turbo.
* gnu/packages/image.scm (libjpeg-turbo): New variable.
2016-11-29 19:15:47 +01:00
Efraim Flashner c7a70c336f
gnu: jasper: Update to 2.0.0 [fixes security issues].
* gnu/packages/image.scm (jasper): Update to 2.0.0.
[build-system]: Switch to cmake-build-system.
2016-11-27 22:19:55 +02:00
Leo Famulari 0bd1097c50
gnu: libtiff: Update to 4.0.7.
* gnu/packages/image.scm (libtiff): Update to 4.0.7.
[source]: Update URL and remove obsolete patches.
[home-page]: Update URL.
[native-inputs]: Add gcc-5.
(libtiff-4.0.7): Delete variable.
* gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch,
gnu/packages/patches/libtiff-CVE-2016-3623.patch,
gnu/packages/patches/libtiff-CVE-2016-3945.patch,
gnu/packages/patches/libtiff-CVE-2016-3990.patch,
gnu/packages/patches/libtiff-CVE-2016-3991.patch,
gnu/packages/patches/libtiff-CVE-2016-5314.patch,
gnu/packages/patches/libtiff-CVE-2016-5321.patch,
gnu/packages/patches/libtiff-CVE-2016-5323.patch,
gnu/packages/patches/libtiff-oob-accesses-in-decode.patch,
gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2016-11-23 22:53:43 -05:00
Leo Famulari be72eb98fa
gnu: libtiff: Update replacement to 4.0.7.
* gnu/packages/image.scm (libtiff)[replacement]: Update to 4.0.7.
(libtiff-4.0.7): New variable. Update home-page and source URLs.
(libtiff/fixed): Delete variable.
* gnu/packages/patches/libtiff-CVE-2016-5652.patch,
gnu/packages/patches/libtiff-CVE-2016-9273.patch,
gnu/packages/patches/libtiff-CVE-2016-9297.patch,
gnu/packages/patches/libtiff-CVE-2016-9448.patch,
gnu/packages/patches/libtiff-uint32-overflow.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
2016-11-22 12:30:36 -05:00
Alex Kost 7c90d0f40e
gnu: packages: Use gettext-minimal.
* gnu/packages/crypto.scm (tomb): Use 'gettext-minimal' instead of
'gnu-gettext'.
* gnu/packages/emacs.scm (m17n-db): Likewise.
* gnu/packages/ftp.scm (weex): Likewise.
* gnu/packages/games.scm (chromium-bsu): Likewise.
* gnu/packages/image.scm (steghide): Likewise.
* gnu/packages/linux.scm (radeontop): Likewise.
* gnu/packages/mpd.scm (sonata): Likewise.
* gnu/packages/networking.scm (whois): Likewise.
* gnu/packages/package-management.scm (guix-0.11.0): Likewise.
* gnu/packages/psyc.scm (psyclpc): Likewise.
* gnu/packages/syndication.scm (newsbeuter): Likewise.
* gnu/packages/vim.scm (vim-full): Likewise.
2016-11-21 19:47:30 +03:00
Leo Famulari 2fedcd1895
gnu: libtiff: Fix CVE-2016-9448.
* gnu/packages/patches/libtiff-CVE-2016-9448.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2016-11-19 11:31:00 -05:00
Leo Famulari 1339a8ed1c
gnu: libtiff: Fix some buffer overflows.
* gnu/packages/patches/libtiff-uint32-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2016-11-16 19:59:28 -05:00
Leo Famulari 7cea56e2ac
gnu: libtiff: Fix CVE-2016-9297.
* gnu/packages/patches/libtiff-CVE-2016-9297.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (libtiff/fixed)[source]: Use it.
2016-11-16 19:59:24 -05:00