[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
05/15: gnu: libjpeg-turbo: Replace with 2.0.2 [security fixes].
From: |
guix-commits |
Subject: |
05/15: gnu: libjpeg-turbo: Replace with 2.0.2 [security fixes]. |
Date: |
Sun, 17 Feb 2019 12:46:56 -0500 (EST) |
mbakke pushed a commit to branch master
in repository guix.
commit 0296142087ce22a17ed1cad4ad28661ea02d08fa
Author: Marius Bakke <address@hidden>
Date: Sat Feb 16 19:55:10 2019 +0100
gnu: libjpeg-turbo: Replace with 2.0.2 [security fixes].
This fixes CVE-2018-20330 and CVE-2018-19664.
* gnu/packages/image.scm (libjpeg-turbo)[replacement]: New field.
(libjpeg-turbo-2.0.2): New public variable.
---
gnu/packages/image.scm | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index a4418d4..545fe33 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1299,6 +1299,7 @@ PNG, and performs PNG integrity checks and corrections.")
(package
(name "libjpeg-turbo")
(version "2.0.1")
+ (replacement libjpeg-turbo-2.0.2)
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/libjpeg-turbo/"
@@ -1328,6 +1329,18 @@ and decompress to 32-bit and big-endian pixel buffers
(RGBX, XBGR, etc.).")
license:ijg ;the libjpeg library and associated
tools
license:zlib)))) ;the libjpeg-turbo SIMD extensions
+(define-public libjpeg-turbo-2.0.2
+ (package
+ (inherit libjpeg-turbo)
+ (version "2.0.2")
+ (source (origin
+ (inherit (package-source libjpeg-turbo))
+ (uri (string-append "mirror://sourceforge/libjpeg-turbo/"
+ version "/libjpeg-turbo-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1v9gx1gdzgxf51nd55ncq7rghmj4x9x91rby50ag36irwngmkf5c"))))))
+
(define-public niftilib
(package
(name "niftilib")
- branch master updated (123d92e -> 4092600), guix-commits, 2019/02/17
- 03/15: gnu: keyutils: Update to 1.6., guix-commits, 2019/02/17
- 01/15: gnu: Remove unneeded uses of python{,2}-minimal., guix-commits, 2019/02/17
- 04/15: gnu: libjpeg-turbo: Don't use NAME in source URI., guix-commits, 2019/02/17
- 02/15: gnu: htop: Fix indentation., guix-commits, 2019/02/17
- 07/15: gnu: offlineimap: Update to 7.2.3., guix-commits, 2019/02/17
- 08/15: gnu: xf86-input-libinput: Update to 0.28.2., guix-commits, 2019/02/17
- 05/15: gnu: libjpeg-turbo: Replace with 2.0.2 [security fixes].,
guix-commits <=
- 06/15: gnu: feh: Update to 3.1.3., guix-commits, 2019/02/17
- 11/15: gnu: xf86-video-nouveau: Update to 1.0.16., guix-commits, 2019/02/17
- 10/15: gnu: xf86-video-neomagic: Update to 1.3.0., guix-commits, 2019/02/17
- 15/15: gnu: xf86-video-intel: Update to commit 33ee0c3b21ea279e08d0863f., guix-commits, 2019/02/17
- 14/15: gnu: xf86-video-i128: Update to 1.4.0., guix-commits, 2019/02/17
- 12/15: gnu: xf86-video-tdfx: Update to 1.5.0., guix-commits, 2019/02/17
- 13/15: gnu: xf86-video-mga: Update to 2.0.0., guix-commits, 2019/02/17
- 09/15: gnu: notmuch: Update to 0.28.2., guix-commits, 2019/02/17