From b1989c12501e880afab62d3ff961791906fef350 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Fri, 16 Feb 2018 22:28:58 +0100
Subject: gnu: freetype: Fix CVE-2018-6942.

* gnu/packages/patches/freetype-CVE-2018-6942.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/fontutils.scm (freetype)[replacement]: New field.
(freetype/fixed): New variable.
---
 gnu/packages/fontutils.scm | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'gnu/packages/fontutils.scm')

diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index 664cbdb902..a04441a005 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -54,6 +54,7 @@
   (package
    (name "freetype")
    (version "2.8.1")
+   (replacement freetype/fixed)
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://savannah/freetype/freetype-"
@@ -78,6 +79,13 @@ anti-aliased glyph bitmap generation with 256 gray levels.")
    (license license:freetype)           ; some files have other licenses
    (home-page "https://www.freetype.org/")))
 
+(define freetype/fixed
+  (package/inherit freetype
+                   (source
+                    (origin
+                      (inherit (package-source freetype))
+                      (patches (search-patches "freetype-CVE-2018-6942.patch"))))))
+
 (define-public ttfautohint
   (package
     (name "ttfautohint")
-- 
cgit v1.2.3