[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
10/12: gnu: libwebp: Replace with 1.3.1. [fixes CVE-2023-1999]
From: |
guix-commits |
Subject: |
10/12: gnu: libwebp: Replace with 1.3.1. [fixes CVE-2023-1999] |
Date: |
Wed, 16 Aug 2023 17:16:41 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit 63cf5a2a4eb64c31f5811b77e182965fd3320af0
Author: Hilton Chain <hako@ultrarare.space>
AuthorDate: Mon Jul 17 15:29:03 2023 +0800
gnu: libwebp: Replace with 1.3.1. [fixes CVE-2023-1999]
* gnu/packages/image.scm (libwebp/fixed): New variable.
(libwebp)[replacement]: Assign it to new field.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
---
gnu/packages/image.scm | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index d0867d738b..75f9e3c691 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1432,6 +1432,7 @@ language bindings to VIGRA.")
(package
(name "libwebp")
(version "1.2.4")
+ (replacement libwebp/fixed)
(source
(origin
;; No tarballs are provided for >0.6.1.
@@ -1470,6 +1471,22 @@ to PNG when lossy compression is acceptable for the
red/green/blue color
channels.")
(license license:bsd-3)))
+(define libwebp/fixed
+ (package
+ (inherit libwebp)
+ (name "libwebp")
+ (version "1.3.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://chromium.googlesource.com/webm/libwebp")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1aas6gwy7kfcq34cil781kcsl286khh9grwcx7k4d2n1g7zcpl3m"))))))
+
(define-public libmng
(package
(name "libmng")
- branch master updated (07dc3d0247 -> 1bd44b425b), guix-commits, 2023/08/16
- 04/12: gnu: tor: Update to 0.4.7.14., guix-commits, 2023/08/16
- 01/12: gnu: cuirass: Update to 7416bb9., guix-commits, 2023/08/16
- 12/12: gnu: ddclient: Remove package., guix-commits, 2023/08/16
- 03/12: guix home: Create /tmp in container if needed., guix-commits, 2023/08/16
- 02/12: gnu: perf: Add now required dependency on libtraceevent., guix-commits, 2023/08/16
- 06/12: gnu: qpwgraph: Update to 0.5.2., guix-commits, 2023/08/16
- 07/12: Update email addresses for Juliana Sims., guix-commits, 2023/08/16
- 05/12: gnu: git-lfs: Update to 3.4.0., guix-commits, 2023/08/16
- 10/12: gnu: libwebp: Replace with 1.3.1. [fixes CVE-2023-1999],
guix-commits <=
- 11/12: Revert "services: Add ddclient service.", guix-commits, 2023/08/16
- 08/12: services: posgresql: Add option to specify UID/GID for postgres user., guix-commits, 2023/08/16
- 09/12: gnu: guile-png: Update to 0.7.0., guix-commits, 2023/08/16