amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: gd: Replace with 2.2.5.

Browse source 
Fixes CVE-2017-6362 and CVE-2017-7890.

* gnu/packages/gd.scm (gd)[replacement]: New field.
(gd-2.2.5): New variable.
* gnu/packages/php.scm (gd-for-php): Remove variable
(php)[inputs]: Replace GD-FOR-PHP with GD-2.2.5.
* gnu/packages/patches/gd-CVE-2017-7890.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
Marius Bakke 2017-08-30 23:41:08 +02:00
parent cad88b8533
commit 4f68156140
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
4 changed files with 19 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

13
gnu/packages/php.scm
View file

@ -49,17 +49,6 @@
#:use-module (guix build-system gnu)
#:use-module ((guix licenses) #:prefix license:))
(define gd-for-php
(package
(inherit gd)
(source (origin
(inherit (package-source gd))
(patches
(append
(origin-patches (package-source gd))
(search-patches "gd-CVE-2017-7890.patch")))))))
(define-public php
(package
(name "php")
@ -293,7 +282,7 @@
("curl" ,curl)
("cyrus-sasl" ,cyrus-sasl)
("freetype" ,freetype)
("gd" ,gd-for-php)
("gd" ,gd-2.2.5)
("gdbm" ,gdbm)
("glibc" ,glibc)
("gmp" ,gmp)