guix-devel/gnu
Tobias Geerinckx-Rice bbf8832f16
gnu: optipng: Update to 0.7.7 [security fixes].
This release claims to fix 2 vulnerabilities:
- ‘an integer overflow vulnerability in the TIFF decoder’
  (CVE-2017-1000229, previously patched in Guix), and
- ‘a buffer overflow vulnerability in the GIF decoder’.

* gnu/packages/image.scm (optipng): Update to 0.7.7.
[source]: Remove patch.
[arguments]: Substitute INVOKE for SYSTEM* and end phase with #t.
* gnu/packages/patches/optipng-CVE-2017-1000229.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
2018-02-23 16:00:04 +01:00
..
bootloader gnu: Pass "--target=i386-pc" when installing GRUB for legacy BIOS. 2018-02-18 12:28:56 +01:00
build marionette: Use QEMU's "VM channel" mechanism. 2018-02-19 22:04:11 +01:00
packages gnu: optipng: Update to 0.7.7 [security fixes]. 2018-02-23 16:00:04 +01:00
services services: certbot: Allow to set a deploy hook. 2018-02-22 21:43:54 +01:00
system Merge branch 'master' into core-updates 2018-02-16 13:14:26 -05:00
tests tests: Remove outdated comment. 2018-02-19 22:04:11 +01:00
artwork.scm
bootloader.scm
local.mk gnu: optipng: Update to 0.7.7 [security fixes]. 2018-02-23 16:00:04 +01:00
packages.scm
services.scm services: Missing services are automatically instantiated. 2018-01-21 00:24:03 +01:00
system.scm Merge branch 'master' into core-updates 2018-01-23 17:01:07 -05:00
tests.scm marionette: Use QEMU's "VM channel" mechanism. 2018-02-19 22:04:11 +01:00