From 10cb88f85cb4a967fac756ee76f6dc60d60d7bef Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sat, 20 May 2017 15:48:11 -0400
Subject: gnu: jbig2dec: Fix CVE-2017-{7885,7975,7976}.

* gnu/packages/patches/jbig2dec-CVE-2017-7885.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7975.patch,
gnu/packages/patches/jbig2dec-CVE-2017-7976.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jbig2dec)[source]: Use them.
---
 gnu/packages/image.scm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index de8043d236..86902d5680 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -509,7 +509,10 @@ arithmetic ops.")
         (sha256
           (base32 "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s"))
         (patches (search-patches "jbig2dec-ignore-testtest.patch"
-                                 "jbig2dec-CVE-2016-9601.patch"))))
+                                 "jbig2dec-CVE-2016-9601.patch"
+                                 "jbig2dec-CVE-2017-7885.patch"
+                                 "jbig2dec-CVE-2017-7975.patch"
+                                 "jbig2dec-CVE-2017-7976.patch"))))
 
     (build-system gnu-build-system)
     (synopsis "Decoder of the JBIG2 image compression format")
-- 
cgit v1.2.3