From 271f27864096728ebd05b61d2015ef3fade1dde6 Mon Sep 17 00:00:00 2001
From: Marius Bakke <marius@gnu.org>
Date: Fri, 24 Jul 2020 00:40:37 +0200
Subject: gnu: LibRaw: Update to 0.20.0 [fixes CVE-2020-15503].

* gnu/packages/photo.scm (libraw): Update to 0.20.0.
* gnu/packages/image.scm (freeimage)[source](patches): Add LibRaw
compatibility patch.
---
 gnu/packages/image.scm | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 3fdc6db8a1..c6af458286 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -1030,7 +1030,19 @@ supplies a generic doubly-linked list and some string functions.")
                     (delete-file-recursively (string-append "Source/" dir)))
                   '("LibJPEG" "LibOpenJPEG" "LibPNG" "LibRawLite"
                     "LibJXR" "LibWebP" "OpenEXR" "ZLib"))))
-            (patches (search-patches "freeimage-unbundle.patch"))))
+            (patches
+             (append
+              (search-patches "freeimage-unbundle.patch")
+              ;; Take one patch from Arch Linux that adds LibRaw 0.20 compatibility.
+              (list (origin
+                      (method url-fetch)
+                      (uri "https://raw.githubusercontent.com/archlinux\
+/svntogit-community/ca3e6a52f5a46dec87cbf85e9d84fe370e282c8c/trunk\
+/freeimage-libraw-0.20.patch")
+                      (file-name "freeimage-libraw-compat.patch")
+                      (sha256
+                       (base32
+                        "0cwjxjz0f4gs6igvwqg0p99mnrsrwzkal1l2n08yvz2xq9s5khki"))))))))
    (build-system gnu-build-system)
    (arguments
     '(#:phases
-- 
cgit v1.2.3