diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2014-03-23 12:25:20 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2014-03-23 12:25:20 +0100 |
| commit | 02b85f51913be7d95dba25b90eace31b862edcae (patch) | |
| tree | 58ca46f356a1c990ab665b2198f2491c63705d12 | |
| parent | 1941168c3d4c03441a92093dfb7be4ae507711ae (diff) | |
| download | nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.tar nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.tar.gz nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.tar.bz2 nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.tar.lz nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.tar.xz nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.tar.zst nixpkgs-02b85f51913be7d95dba25b90eace31b862edcae.zip | |
libjpeg(_turbo): minor update 1.3.0 -> .1
The security patch got incorporated into the release.
| -rw-r--r-- | pkgs/development/libraries/libjpeg-turbo/default.nix | 6 | ||||
| -rw-r--r-- | pkgs/development/libraries/libjpeg-turbo/libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch | 40 |
2 files changed, 2 insertions, 44 deletions
diff --git a/pkgs/development/libraries/libjpeg-turbo/default.nix b/pkgs/development/libraries/libjpeg-turbo/default.nix index 8976e743192..bf27e074dd5 100644 --- a/pkgs/development/libraries/libjpeg-turbo/default.nix +++ b/pkgs/development/libraries/libjpeg-turbo/default.nix @@ -1,15 +1,13 @@ { stdenv, fetchurl, nasm }: stdenv.mkDerivation rec { - name = "libjpeg-turbo-1.3.0"; + name = "libjpeg-turbo-1.3.1"; src = fetchurl { url = "mirror://sourceforge/libjpeg-turbo/${name}.tar.gz"; - sha256 = "0d0jwdmj3h89bxdxlwrys2mw18mqcj4rzgb5l2ndpah8zj600mr6"; + sha256 = "1fbgcvlnn3d5gvf0v9jnlcabpv2z3nwxclzyabahxi6x2xs90cn1"; }; - patches = [ ./libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch ]; - buildInputs = [ nasm ]; doCheck = true; diff --git a/pkgs/development/libraries/libjpeg-turbo/libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch b/pkgs/development/libraries/libjpeg-turbo/libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch deleted file mode 100644 index 8c0f9c75054..00000000000 --- a/pkgs/development/libraries/libjpeg-turbo/libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch +++ /dev/null @@ -1,40 +0,0 @@ -Thanks to the sources below; this patch discovered via Gentoo. - -http://bugzilla.redhat.com/show_bug.cgi?id=1031734 -http://bugzilla.redhat.com/show_bug.cgi?id=1031749 -http://sourceforge.net/p/libjpeg-turbo/code/1090/ - ---- libjpeg-turbo-1.3.0/jdmarker.c -+++ libjpeg-turbo-1.3.0/jdmarker.c -@@ -304,7 +304,7 @@ - /* Process a SOS marker */ - { - INT32 length; -- int i, ci, n, c, cc; -+ int i, ci, n, c, cc, pi; - jpeg_component_info * compptr; - INPUT_VARS(cinfo); - -@@ -348,6 +348,13 @@ - - TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc, - compptr->dc_tbl_no, compptr->ac_tbl_no); -+ -+ /* This CSi (cc) should differ from the previous CSi */ -+ for (pi = 0; pi < i; pi++) { -+ if (cinfo->cur_comp_info[pi] == compptr) { -+ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc); -+ } -+ } - } - - /* Collect the additional scan parameters Ss, Se, Ah/Al. */ -@@ -465,6 +472,8 @@ - for (i = 0; i < count; i++) - INPUT_BYTE(cinfo, huffval[i], return FALSE); - -+ MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8)); -+ - length -= count; - - if (index & 0x10) { /* AC table definition */ |