From 4119376d66f2016dd60e5da6b36d90894b6a74f4 Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Thu, 26 Oct 2017 22:58:28 +0200
Subject: gnu: exiv2: Add upstream security fixes.

Fixes CVE-2017-14859, CVE-2017-14860, CVE-2017-14862 and CVE-2017-14864.

* gnu/packages/patches/exiv2-CVE-2017-14859-14862-14864.patch,
gnu/packages/patches/exiv2-CVE-2017-14860.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/image.scm (exiv2)[source]: Use them.
---
 gnu/packages/image.scm | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index b53247de82..df8ac67e41 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -866,6 +866,8 @@ channels.")
                                        version ".tar.gz")
                         (string-append "https://fossies.org/linux/misc/exiv2-"
                                        version ".tar.gz")))
+             (patches (search-patches "exiv2-CVE-2017-14860.patch"
+                                      "exiv2-CVE-2017-14859-14862-14864.patch"))
              (sha256
               (base32
                "1yza317qxd8yshvqnay164imm0ks7cvij8y8j86p1gqi1153qpn7"))))
-- 
cgit v1.2.3