On Sun, Jan 15, 2017 at 06:05:02PM -0500, Mark H Weaver wrote:
> Hi Leo,
>
> Leo Famulari writes:
>
> > From 34cc0dc9d9451d540f8733ebca2a3db54a073aa0 Mon Sep 17 00:00:00 2001
> > From: Marius Bakke
> > Date: Thu, 12 Jan 2017 19:06:55 +0100
> > Subject: [PATCH 1/2] gnu: mupdf: Fix CVE-2016-{1013
Hi Leo,
Leo Famulari writes:
> From 34cc0dc9d9451d540f8733ebca2a3db54a073aa0 Mon Sep 17 00:00:00 2001
> From: Marius Bakke
> Date: Thu, 12 Jan 2017 19:06:55 +0100
> Subject: [PATCH 1/2] gnu: mupdf: Fix CVE-2016-{10132,10133} in bundled mujs.
>
> * gnu/packages/patches/mupdf-mujs-CVE-2016-10132.
Leo Famulari writes:
> On Sun, Jan 15, 2017 at 08:05:48PM +0100, Marius Bakke wrote:
>> Is it possible to use the 'package-input-rewriting' procedure here? See
>> example at the end of section 5.1.0:
>>
>> https://www.gnu.org/software/guix/manual/guix.html#Defining-Packages
>>
>> Otherwise this
On Sun, Jan 15, 2017 at 08:05:48PM +0100, Marius Bakke wrote:
> Is it possible to use the 'package-input-rewriting' procedure here? See
> example at the end of section 5.1.0:
>
> https://www.gnu.org/software/guix/manual/guix.html#Defining-Packages
>
> Otherwise this LGTM, thanks a lot!
Okay, ple
Leo Famulari writes:
> On Thu, Jan 12, 2017 at 07:59:40PM -0500, Mark H Weaver wrote:
>> Here's what we can do: in addition to mupdf itself, we can also add a
>> graft for cups-filters (our only package that includes mupdf as an
>> input). The replacement for cups-filters would change its mupdf
On Thu, Jan 12, 2017 at 07:59:40PM -0500, Mark H Weaver wrote:
> Here's what we can do: in addition to mupdf itself, we can also add a
> graft for cups-filters (our only package that includes mupdf as an
> input). The replacement for cups-filters would change its mupdf input
> to refer directly to
Leo Famulari writes:
> On Thu, Jan 12, 2017 at 07:59:40PM -0500, Mark H Weaver wrote:
>> Leo Famulari writes:
>> > If we can't graft it, we should build it on a branch on Hydra.
>>
>> Here's what we can do: in addition to mupdf itself, we can also add a
>> graft for cups-filters (our only packa
On Thu, Jan 12, 2017 at 07:59:40PM -0500, Mark H Weaver wrote:
> Leo Famulari writes:
> > If we can't graft it, we should build it on a branch on Hydra.
>
> Here's what we can do: in addition to mupdf itself, we can also add a
> graft for cups-filters (our only package that includes mupdf as an
>
Leo Famulari writes:
> On Thu, Jan 12, 2017 at 08:46:52PM +0100, Marius Bakke wrote:
>> Leo Famulari writes:
>>
>> > Through cups, this requires ~600 rebuilds. I wonder if we can graft it?
>> > That is, is the ABI compatible?
>>
>> Good question. The null pointer dereference patch renames a fu
On Thu, Jan 12, 2017 at 08:46:52PM +0100, Marius Bakke wrote:
> Leo Famulari writes:
>
> > Can you include links to the upstream bug reports in the patch files?
>
> Good catch; added.
>
> > Through cups, this requires ~600 rebuilds. I wonder if we can graft it?
> > That is, is the ABI compatibl
Leo Famulari writes:
> Can you include links to the upstream bug reports in the patch files?
Good catch; added.
> Through cups, this requires ~600 rebuilds. I wonder if we can graft it?
> That is, is the ABI compatible?
Good question. The null pointer dereference patch renames a function,
and
On Thu, Jan 12, 2017 at 07:06:55PM +0100, Marius Bakke wrote:
> * gnu/packages/patches/mupdf-mujs-heap-buffer-overflow.patch: New file.
> * gnu/packages/patches/mupdf-mujs-null-pointer-dereference.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/pdf.scm (mupdf)[source
12 matches
Mail list logo
