From 86fa2ea92f431fe9d23d41aa22c198ec2ce9a5f1 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Thu, 21 Jan 2016 00:28:03 -0500
Subject: gnu: libtiff: Update to 4.0.6.  Add fixes for CVE-2015-{8665,8683}.

* gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch,
  gnu/packages/patches/libtiff-oob-accesses-in-decode.patch,
  gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (libtiff): Update to 4.0.6.
  [source]: Add patches.
---
 gnu-system.am | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'gnu-system.am')

diff --git a/gnu-system.am b/gnu-system.am
index fe421a9569..d37775d235 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -547,6 +547,9 @@ dist_patch_DATA =						\
   gnu/packages/patches/libmad-frame-length.patch		\
   gnu/packages/patches/libmad-mips-newgcc.patch			\
   gnu/packages/patches/libtheora-config-guess.patch		\
+  gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \
+  gnu/packages/patches/libtiff-oob-accesses-in-decode.patch	\
+  gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch	\
   gnu/packages/patches/libtool-skip-tests2.patch		\
   gnu/packages/patches/libsndfile-CVE-2014-9496.patch		\
   gnu/packages/patches/libsndfile-CVE-2015-7805.patch		\
-- 
cgit v1.2.3