[bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}.

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}.

From:	Leo Famulari
Subject:	[bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}.
Date:	Thu, 6 Jul 2017 19:40:38 -0400
User-agent:	Mutt/1.8.3 (2017-05-23)

On Fri, Jul 07, 2017 at 06:31:36AM +0800, Alex Vong wrote:
> * gnu/packages/patches/libtiff-CVE-2017-9936.patch,
>   gnu/packages/patches/libtiff-CVE-2017-10688.patch: New files.
> * gnu/packages/image.scm (libtiff-4.0.8)[source]: Add patches.
> * gnu/local.mk (dist_patch_DATA): Add them.

> +Patch lifted from upstream source repository (the changes to 'ChangeLog'
> +don't apply to the libtiff 4.0.8 release tarball):
> +
> +https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1

This is actually not the upstream source repository. It's a 3rd party
unofficial mirror.

To the chagrin of young packagers everywhere, libtiff is still using
CVS. Unless somebody beats me to it, I'll extract the patches from their
CVS repo later tonight.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}., Alex Vong, 2017/07/06
- [bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}., Leo Famulari <=
  - bug#27603: [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}., Leo Famulari, 2017/07/07
    - [bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}., Alex Vong, 2017/07/07
    - [bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}., Leo Famulari, 2017/07/07

Prev by Date: [bug#27604] [PATCH] gnu: youtube-dl: Update to 2017.07.02.
Next by Date: [bug#27600] [PATCH] gnu: xorg-server: Fix CVE-2017-{10971, 10972}.
Previous by thread: [bug#27603] [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}.
Next by thread: bug#27603: [PATCH] gnu: libtiff: Fix CVE-2017-{9936,10688}.
Index(es):
- Date
- Thread