From 92ae98e2a0c2ffc807111dbf7616df47a9d3b31c Mon Sep 17 00:00:00 2001
From: Alex Vong <alexvong1995@gmail.com>
Date: Thu, 2 Mar 2017 19:59:05 +0800
Subject: gnu: mupdf: Fix CVE-2017-{5896,5991}.

* gnu/packages/patches/mupdf-CVE-2017-5896.patch,
gnu/packages/patches/mupdf-CVE-2017-5991.patch: New files.
* gnu/packages/pdf.scm (mupdf/fixed)[source]: Add patches.
* gnu/local.mk (dist_patch_DATA): Add them.

Signed-off-by: Leo Famulari <leo@famulari.name>
---
 gnu/packages/pdf.scm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/pdf.scm')

diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index a229d689dd..13dbd0ecd1 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -11,6 +11,7 @@
 ;;; Coypright © 2016 Julien Lepiller <julien@lepiller.eu>
 ;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net>
 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -550,7 +551,9 @@ and examining the file structure (pdfshow).")
           (append
             (origin-patches (package-source mupdf))
             (search-patches "mupdf-mujs-CVE-2016-10132.patch"
-                            "mupdf-mujs-CVE-2016-10133.patch")))))))
+                            "mupdf-mujs-CVE-2016-10133.patch"
+                            "mupdf-CVE-2017-5896.patch"
+                            "mupdf-CVE-2017-5991.patch")))))))
 
 (define-public qpdf
   (package
-- 
cgit v1.2.3