From 91674884900cfc2734ebb315d8e376cb3031aad0 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sat, 25 Mar 2017 14:42:33 -0400
Subject: gnu: jbig2dec: Fix CVE-2016-9601.

* gnu/packages/patches/jbig2dec-CVE-2016-9601.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (jbig2dec)[source]: Use it.
---
 gnu/packages/image.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 51b09680a9..b5b3a7283d 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -458,7 +458,8 @@ arithmetic ops.")
                             name "-" version ".tar.gz"))
         (sha256
           (base32 "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s"))
-        (patches (search-patches "jbig2dec-ignore-testtest.patch"))))
+        (patches (search-patches "jbig2dec-ignore-testtest.patch"
+                                 "jbig2dec-CVE-2016-9601.patch"))))
 
     (build-system gnu-build-system)
     (synopsis "Decoder of the JBIG2 image compression format")
-- 
cgit v1.2.3