Leo Famulari <l...@famulari.name> skribis: > On Fri, Sep 09, 2016 at 10:15:58AM +0300, Efraim Flashner wrote: >> On Fri, Sep 09, 2016 at 02:04:40AM -0400, Leo Famulari wrote: >> > diff --git a/gnu/packages/patches/openjpeg-CVE-2016-7163.patch >> > b/gnu/packages/patches/openjpeg-CVE-2016-7163.patch > [...] > >> Was from here down put/left here intentionally? It looks out of place >> >> > +From c16bc057ba3f125051c9966cf1f5b68a05681de4 Mon Sep 17 00:00:00 2001 >> > +From: trylab <try...@users.noreply.github.com> >> > +Date: Tue, 6 Sep 2016 13:55:49 +0800 >> > +Subject: [PATCH] Fix an integer overflow issue (#809) >> > + >> > -- >> > 2.10.0 > > You're right. I had concatenated the two commits out of order, and I > accidentally left this header at the bottom when moving the original > bugfix above the follow-up commit. > > Thank you for catching this. > > I've attached an updated patch. > > From 040531530913dbf26ce42ad27e1914f4d1683bd3 Mon Sep 17 00:00:00 2001 > From: Leo Famulari <l...@famulari.name> > Date: Fri, 9 Sep 2016 01:48:50 -0400 > Subject: [PATCH] gnu: openjpeg-2.*: Fix CVE-2016-7163. > > * gnu/packages/patches/openjpeg-CVE-2016-7163.patch: New file. > * gnu/local.mk (dist_patch_DATA): Add it. > * gnu/packages/image.scm (openjpeg, openjpeg-2.0): Use it.
Go for it. Thank you! Ludo’.
