diff options
author | Leo Famulari <leo@famulari.name> | 2016-08-29 20:55:55 -0400 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2016-08-29 21:03:52 -0400 |
commit | 4b4fc92fe59833701b3a023fb4befde8196424cb (patch) | |
tree | cc98061da62368e84f2b1a32e600e9258c24b54a /gnu | |
parent | a007d699e760bea80baed64b4a3ff59351fa1801 (diff) | |
parent | 4e9d5055fbf88ae43a7db7e901359e895fa729e8 (diff) |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/local.mk | 7 | ||||
-rw-r--r-- | gnu/packages/bioinformatics.scm | 4 | ||||
-rw-r--r-- | gnu/packages/calendar.scm | 33 | ||||
-rw-r--r-- | gnu/packages/image.scm | 18 | ||||
-rw-r--r-- | gnu/packages/imagemagick.scm | 4 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-3623.patch | 30 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-3945.patch | 94 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-3990.patch | 31 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-3991.patch | 123 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-5314.patch | 45 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-5321.patch | 25 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-5323.patch | 88 | ||||
-rw-r--r-- | gnu/packages/python.scm | 44 | ||||
-rw-r--r-- | gnu/packages/ruby.scm | 15 |
14 files changed, 518 insertions, 43 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index faa6e535ef..26eacd1043 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -626,6 +626,13 @@ dist_patch_DATA = \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ %D%/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \ + %D%/packages/patches/libtiff-CVE-2016-3623.patch \ + %D%/packages/patches/libtiff-CVE-2016-3945.patch \ + %D%/packages/patches/libtiff-CVE-2016-3990.patch \ + %D%/packages/patches/libtiff-CVE-2016-3991.patch \ + %D%/packages/patches/libtiff-CVE-2016-5314.patch \ + %D%/packages/patches/libtiff-CVE-2016-5321.patch \ + %D%/packages/patches/libtiff-CVE-2016-5323.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 2bd71c858b..ed20b562e5 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -1903,7 +1903,7 @@ identify enrichments with functional annotations of the genome.") (define-public diamond (package (name "diamond") - (version "0.8.18") + (version "0.8.20") (source (origin (method url-fetch) (uri (string-append @@ -1912,7 +1912,7 @@ identify enrichments with functional annotations of the genome.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1r8klhbzn5cfzg9g69dd0sk4c0bd8cg1g5id8blsqi273bymm4jl")))) + "16bhwpxqzq2nfkh9522rwcc1p97ygszjmhphz69x2jk501jf9wkg")))) (build-system cmake-build-system) (arguments '(#:tests? #f ; no "check" target diff --git a/gnu/packages/calendar.scm b/gnu/packages/calendar.scm index 3b5aba72c8..7f3d05d08e 100644 --- a/gnu/packages/calendar.scm +++ b/gnu/packages/calendar.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -80,42 +81,16 @@ data units.") (define-public khal (package (name "khal") - (version "0.7.0") + (version "0.8.3") (source (origin (method url-fetch) (uri (pypi-uri "khal" version)) (sha256 (base32 - "00llxj7cv31mjsx0j6zxmyi9s1q20yvfkn025xcy8cv1ylfwic66")) - (modules '((guix build utils))) - ;; Patch broken path in 'doc' Makefile. - ;; Patch sent upstream: https://github.com/geier/khal/pull/307 - (snippet - '(substitute* "doc/source/Makefile" - (("../../../khal/khal/settings/khal.spec") - "../../khal/settings/khal.spec" ))))) + "1qryqs5d8jsl7j22pjjfkfdi4m8m3nn3n44b890pq85xkw599ihy")))) (build-system python-build-system) (arguments `(#:phases (modify-phases %standard-phases - (add-after 'unpack 'disable-tests - (lambda _ - ;; Bug reported for test_only_update_old_event: - ;; https://github.com/geier/khal/issues/309 - (substitute* "tests/khalendar_test.py" - (("test_only_update_old_event") - "disabled_only_update_old_event")) - - ;; Bug reported for test_dt_two_tz: - ;; https://github.com/pimutils/khal/issues/382 - (substitute* "tests/event_test.py" - (("test_dt_two_tz") - "disabled_dt_two_tz")) - ;; Another timezone / DST issue: - ;; https://github.com/pimutils/khal/issues/146 - (substitute* "tests/event_test.py" - (("test_raw_dt") - "disabled_raw_dt")))) - ;; Building the manpage requires khal to be installed. (add-after 'install 'manpage (lambda* (#:key outputs #:allow-other-keys) @@ -136,9 +111,11 @@ data units.") (zero? (system* "py.test" "tests"))))))) (native-inputs `(("python-pytest" ,python-pytest) + ("python-pytest-cov" ,python-pytest-cov) ("python-setuptools-scm" ,python-setuptools-scm) ;; Required for tests ("tzdata" ,tzdata) + ("python-freezegun" ,python-freezegun) ;; Required to build manpage ("python-sphinxcontrib-newsfeed" ,python-sphinxcontrib-newsfeed) ("python-sphinx" ,python-sphinx))) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 7d72492b1a..4fdc4ae252 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -150,6 +150,7 @@ maximum quality factor.") (define-public libtiff (package (name "libtiff") + (replacement libtiff/fixed) (version "4.0.6") (source (origin (method url-fetch) @@ -182,6 +183,23 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.remotesensing.org/libtiff/"))) +(define libtiff/fixed + (package + (inherit libtiff) + (source (origin + (inherit (package-source libtiff)) + (patches (search-patches + "libtiff-oob-accesses-in-decode.patch" + "libtiff-oob-write-in-nextdecode.patch" + "libtiff-CVE-2015-8665+CVE-2015-8683.patch" + "libtiff-CVE-2016-3623.patch" + "libtiff-CVE-2016-3945.patch" + "libtiff-CVE-2016-3990.patch" + "libtiff-CVE-2016-3991.patch" + "libtiff-CVE-2016-5314.patch" + "libtiff-CVE-2016-5321.patch" + "libtiff-CVE-2016-5323.patch")))))) + (define-public libwmf (package (name "libwmf") diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm index a554b73a4e..f824abf3f4 100644 --- a/gnu/packages/imagemagick.scm +++ b/gnu/packages/imagemagick.scm @@ -41,14 +41,14 @@ (define-public imagemagick (package (name "imagemagick") - (version "6.9.5-7") + (version "6.9.5-8") (source (origin (method url-fetch) (uri (string-append "mirror://imagemagick/ImageMagick-" version ".tar.xz")) (sha256 (base32 - "00arcvyhsy9i5gp3b0lhfvs04qwhxpmq0bfsv4ipllinb6mjgxf5")))) + "0ds21sk1pczf2cwi62rqp6b8x2m24sb6xn82ivzh13m42phzigav")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch") diff --git a/gnu/packages/patches/libtiff-CVE-2016-3623.patch b/gnu/packages/patches/libtiff-CVE-2016-3623.patch new file mode 100644 index 0000000000..08705861e3 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-3623.patch @@ -0,0 +1,30 @@ +Fix CVE-2016-3623. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623 +http://bugzilla.maptools.org/show_bug.cgi?id=2569 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.16 -r1.17 tools/rgb2ycbcr.c + +Index: tools/rgb2ycbcr.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/rgb2ycbcr.c,v +retrieving revision 1.16 +retrieving revision 1.17 +diff -u -r1.16 -r1.17 +--- libtiff/tools/rgb2ycbcr.c 21 Jun 2015 01:09:10 -0000 1.16 ++++ libtiff/tools/rgb2ycbcr.c 15 Aug 2016 21:26:56 -0000 1.17 +@@ -95,9 +95,13 @@ + break; + case 'h': + horizSubSampling = atoi(optarg); ++ if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 ) ++ usage(-1); + break; + case 'v': + vertSubSampling = atoi(optarg); ++ if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 ) ++ usage(-1); + break; + case 'r': + rowsperstrip = atoi(optarg); diff --git a/gnu/packages/patches/libtiff-CVE-2016-3945.patch b/gnu/packages/patches/libtiff-CVE-2016-3945.patch new file mode 100644 index 0000000000..8ec62bab99 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-3945.patch @@ -0,0 +1,94 @@ +Fix CVE-2016-3945 (integer overflow in size of allocated +buffer, when -b mode is enabled, that could result in out-of-bounds +write). + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945 +http://bugzilla.maptools.org/show_bug.cgi?id=2545 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.21 -r1.22 tools/tiff2rgba.c + +Index: tools/tiff2rgba.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2rgba.c,v +retrieving revision 1.21 +retrieving revision 1.22 +diff -u -r1.21 -r1.22 +--- libtiff/tools/tiff2rgba.c 21 Jun 2015 01:09:10 -0000 1.21 ++++ libtiff/tools/tiff2rgba.c 15 Aug 2016 20:06:41 -0000 1.22 +@@ -147,6 +147,7 @@ + uint32 row, col; + uint32 *wrk_line; + int ok = 1; ++ uint32 rastersize, wrk_linesize; + + TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width); + TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height); +@@ -163,7 +164,13 @@ + /* + * Allocate tile buffer + */ +- raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32)); ++ rastersize = tile_width * tile_height * sizeof (uint32); ++ if (tile_width != (rastersize / tile_height) / sizeof( uint32)) ++ { ++ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer"); ++ exit(-1); ++ } ++ raster = (uint32*)_TIFFmalloc(rastersize); + if (raster == 0) { + TIFFError(TIFFFileName(in), "No space for raster buffer"); + return (0); +@@ -173,7 +180,13 @@ + * Allocate a scanline buffer for swapping during the vertical + * mirroring pass. + */ +- wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32)); ++ wrk_linesize = tile_width * sizeof (uint32); ++ if (tile_width != wrk_linesize / sizeof (uint32)) ++ { ++ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer"); ++ exit(-1); ++ } ++ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize); + if (!wrk_line) { + TIFFError(TIFFFileName(in), "No space for raster scanline buffer"); + ok = 0; +@@ -249,6 +262,7 @@ + uint32 row; + uint32 *wrk_line; + int ok = 1; ++ uint32 rastersize, wrk_linesize; + + TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width); + TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height); +@@ -263,7 +277,13 @@ + /* + * Allocate strip buffer + */ +- raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32)); ++ rastersize = width * rowsperstrip * sizeof (uint32); ++ if (width != (rastersize / rowsperstrip) / sizeof( uint32)) ++ { ++ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer"); ++ exit(-1); ++ } ++ raster = (uint32*)_TIFFmalloc(rastersize); + if (raster == 0) { + TIFFError(TIFFFileName(in), "No space for raster buffer"); + return (0); +@@ -273,7 +293,13 @@ + * Allocate a scanline buffer for swapping during the vertical + * mirroring pass. + */ +- wrk_line = (uint32*)_TIFFmalloc(width * sizeof (uint32)); ++ wrk_linesize = width * sizeof (uint32); ++ if (width != wrk_linesize / sizeof (uint32)) ++ { ++ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer"); ++ exit(-1); ++ } ++ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize); + if (!wrk_line) { + TIFFError(TIFFFileName(in), "No space for raster scanline buffer"); + ok = 0; diff --git a/gnu/packages/patches/libtiff-CVE-2016-3990.patch b/gnu/packages/patches/libtiff-CVE-2016-3990.patch new file mode 100644 index 0000000000..7641c3073b --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-3990.patch @@ -0,0 +1,31 @@ +Fix CVE-2016-3990 (write buffer overflow in PixarLogEncode if more input +samples are provided than expected by PixarLogSetupEncode). + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990 +http://bugzilla.maptools.org/show_bug.cgi?id=2544 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.45 -r1.46 libtiff/tif_pixarlog.c + +Index: libtiff/tif_pixarlog.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v +retrieving revision 1.45 +retrieving revision 1.46 +diff -u -r1.45 -r1.46 +--- libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:37:33 -0000 1.45 ++++ libtiff/libtiff/tif_pixarlog.c 15 Aug 2016 20:49:48 -0000 1.46 +@@ -1141,6 +1141,13 @@ + } + + llen = sp->stride * td->td_imagewidth; ++ /* Check against the number of elements (of size uint16) of sp->tbuf */ ++ if( n > td->td_rowsperstrip * llen ) ++ { ++ TIFFErrorExt(tif->tif_clientdata, module, ++ "Too many input bytes provided"); ++ return 0; ++ } + + for (i = 0, up = sp->tbuf; i < n; i += llen, up += llen) { + switch (sp->user_datafmt) { diff --git a/gnu/packages/patches/libtiff-CVE-2016-3991.patch b/gnu/packages/patches/libtiff-CVE-2016-3991.patch new file mode 100644 index 0000000000..cb05f0007f --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-3991.patch @@ -0,0 +1,123 @@ +Fix CVE-2016-3991 (out-of-bounds write in loadImage()). + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991 +http://bugzilla.maptools.org/show_bug.cgi?id=2543 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.37 -r1.38 tools/tiffcrop.c + +Index: tools/tiffcrop.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v +retrieving revision 1.37 +retrieving revision 1.38 +diff -u -r1.37 -r1.38 +--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37 ++++ libtiff/tools/tiffcrop.c 15 Aug 2016 21:05:40 -0000 1.38 +@@ -798,6 +798,11 @@ + } + + tile_buffsize = tilesize; ++ if (tilesize == 0 || tile_rowsize == 0) ++ { ++ TIFFError("readContigTilesIntoBuffer", "Tile size or tile rowsize is zero"); ++ exit(-1); ++ } + + if (tilesize < (tsize_t)(tl * tile_rowsize)) + { +@@ -807,7 +812,12 @@ + tilesize, tl * tile_rowsize); + #endif + tile_buffsize = tl * tile_rowsize; +- } ++ if (tl != (tile_buffsize / tile_rowsize)) ++ { ++ TIFFError("readContigTilesIntoBuffer", "Integer overflow when calculating buffer size."); ++ exit(-1); ++ } ++ } + + tilebuf = _TIFFmalloc(tile_buffsize); + if (tilebuf == 0) +@@ -1210,6 +1220,12 @@ + !TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps) ) + return 1; + ++ if (tilesize == 0 || tile_rowsize == 0 || tl == 0 || tw == 0) ++ { ++ TIFFError("writeBufferToContigTiles", "Tile size, tile row size, tile width, or tile length is zero"); ++ exit(-1); ++ } ++ + tile_buffsize = tilesize; + if (tilesize < (tsize_t)(tl * tile_rowsize)) + { +@@ -1219,6 +1235,11 @@ + tilesize, tl * tile_rowsize); + #endif + tile_buffsize = tl * tile_rowsize; ++ if (tl != tile_buffsize / tile_rowsize) ++ { ++ TIFFError("writeBufferToContigTiles", "Integer overflow when calculating buffer size"); ++ exit(-1); ++ } + } + + tilebuf = _TIFFmalloc(tile_buffsize); +@@ -5945,12 +5966,27 @@ + TIFFGetField(in, TIFFTAG_TILELENGTH, &tl); + + tile_rowsize = TIFFTileRowSize(in); ++ if (ntiles == 0 || tlsize == 0 || tile_rowsize == 0) ++ { ++ TIFFError("loadImage", "File appears to be tiled, but the number of tiles, tile size, or tile rowsize is zero."); ++ exit(-1); ++ } + buffsize = tlsize * ntiles; ++ if (tlsize != (buffsize / ntiles)) ++ { ++ TIFFError("loadImage", "Integer overflow when calculating buffer size"); ++ exit(-1); ++ } + +- + if (buffsize < (uint32)(ntiles * tl * tile_rowsize)) + { + buffsize = ntiles * tl * tile_rowsize; ++ if (ntiles != (buffsize / tl / tile_rowsize)) ++ { ++ TIFFError("loadImage", "Integer overflow when calculating buffer size"); ++ exit(-1); ++ } ++ + #ifdef DEBUG2 + TIFFError("loadImage", + "Tilesize %u is too small, using ntiles * tilelength * tilerowsize %lu", +@@ -5969,8 +6005,25 @@ + TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); + stsize = TIFFStripSize(in); + nstrips = TIFFNumberOfStrips(in); ++ if (nstrips == 0 || stsize == 0) ++ { ++ TIFFError("loadImage", "File appears to be striped, but the number of stipes or stripe size is zero."); ++ exit(-1); ++ } ++ + buffsize = stsize * nstrips; +- ++ if (stsize != (buffsize / nstrips)) ++ { ++ TIFFError("loadImage", "Integer overflow when calculating buffer size"); ++ exit(-1); ++ } ++ uint32 buffsize_check; ++ buffsize_check = ((length * width * spp * bps) + 7); ++ if (length != ((buffsize_check - 7) / width / spp / bps)) ++ { ++ TIFFError("loadImage", "Integer overflow detected."); ++ exit(-1); ++ } + if (buffsize < (uint32) (((length * width * spp * bps) + 7) / 8)) + { + buffsize = ((length * width * spp * bps) + 7) / 8; diff --git a/gnu/packages/patches/libtiff-CVE-2016-5314.patch b/gnu/packages/patches/libtiff-CVE-2016-5314.patch new file mode 100644 index 0000000000..e5380f8639 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-5314.patch @@ -0,0 +1,45 @@ +Fix CVE-2016-5314. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314 +bugzilla.maptools.org/show_bug.cgi?id=2554 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.43 -r1.44 libtiff/tif_pixarlog.c + +Index: libtiff/tif_pixarlog.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v +retrieving revision 1.43 +retrieving revision 1.44 +diff -u -r1.43 -r1.44 +--- libtiff/libtiff/tif_pixarlog.c 27 Dec 2015 20:14:11 -0000 1.43 ++++ libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:12:19 -0000 1.44 +@@ -459,6 +459,7 @@ + typedef struct { + TIFFPredictorState predict; + z_stream stream; ++ tmsize_t tbuf_size; /* only set/used on reading for now */ + uint16 *tbuf; + uint16 stride; + int state; +@@ -694,6 +695,7 @@ + sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size); + if (sp->tbuf == NULL) + return (0); ++ sp->tbuf_size = tbuf_size; + if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) + sp->user_datafmt = PixarLogGuessDataFmt(td); + if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) { +@@ -783,6 +785,12 @@ + TIFFErrorExt(tif->tif_clientdata, module, "ZLib cannot deal with buffers this size"); + return (0); + } ++ /* Check that we will not fill more than what was allocated */ ++ if (sp->stream.avail_out > sp->tbuf_size) ++ { ++ TIFFErrorExt(tif->tif_clientdata, module, "sp->stream.avail_out > sp->tbuf_size"); ++ return (0); ++ } + do { + int state = inflate(&sp->stream, Z_PARTIAL_FLUSH); + if (state == Z_STREAM_END) { diff --git a/gnu/packages/patches/libtiff-CVE-2016-5321.patch b/gnu/packages/patches/libtiff-CVE-2016-5321.patch new file mode 100644 index 0000000000..2afca18e1d --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-5321.patch @@ -0,0 +1,25 @@ +Fix CVE-2016-5321. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321 +http://bugzilla.maptools.org/show_bug.cgi?id=2558 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.35 -r1.36 tools/tiffcrop.c + +Index: tools/tiffcrop.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v +retrieving revision 1.35 +retrieving revision 1.36 +diff -u -r1.35 -r1.36 +--- libtiff/tools/tiffcrop.c 19 Aug 2015 02:31:04 -0000 1.35 ++++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36 +@@ -989,7 +989,7 @@ + nrow = (row + tl > imagelength) ? imagelength - row : tl; + for (col = 0; col < imagewidth; col += tw) + { +- for (s = 0; s < spp; s++) ++ for (s = 0; s < spp && s < MAX_SAMPLES; s++) + { /* Read each plane of a tile set into srcbuffs[s] */ + tbytes = TIFFReadTile(in, srcbuffs[s], col, row, 0, s); + if (tbytes < 0 && !ignore) diff --git a/gnu/packages/patches/libtiff-CVE-2016-5323.patch b/gnu/packages/patches/libtiff-CVE-2016-5323.patch new file mode 100644 index 0000000000..8b2a043d29 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-5323.patch @@ -0,0 +1,88 @@ +Fix CVE-2016-5323. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323 +http://bugzilla.maptools.org/show_bug.cgi?id=2559 + +Patch extracted from upstream CVS repo with: +$ cvs diff -u -r1.36 -r1.37 tools/tiffcrop.c + +Index: tools/tiffcrop.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v +retrieving revision 1.36 +retrieving revision 1.37 +diff -u -r1.36 -r1.37 +--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36 ++++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37 +@@ -3738,7 +3738,7 @@ + + matchbits = maskbits << (8 - src_bit - bps); + /* load up next sample from each plane */ +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + buff1 = ((*src) & matchbits) << (src_bit); +@@ -3837,7 +3837,7 @@ + src_bit = bit_offset % 8; + + matchbits = maskbits << (16 - src_bit - bps); +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + if (little_endian) +@@ -3947,7 +3947,7 @@ + src_bit = bit_offset % 8; + + matchbits = maskbits << (32 - src_bit - bps); +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + if (little_endian) +@@ -4073,7 +4073,7 @@ + src_bit = bit_offset % 8; + + matchbits = maskbits << (64 - src_bit - bps); +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + if (little_endian) +@@ -4263,7 +4263,7 @@ + + matchbits = maskbits << (8 - src_bit - bps); + /* load up next sample from each plane */ +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + buff1 = ((*src) & matchbits) << (src_bit); +@@ -4362,7 +4362,7 @@ + src_bit = bit_offset % 8; + + matchbits = maskbits << (16 - src_bit - bps); +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + if (little_endian) +@@ -4471,7 +4471,7 @@ + src_bit = bit_offset % 8; + + matchbits = maskbits << (32 - src_bit - bps); +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + if (little_endian) +@@ -4597,7 +4597,7 @@ + src_bit = bit_offset % 8; + + matchbits = maskbits << (64 - src_bit - bps); +- for (s = 0; s < spp; s++) ++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) + { + src = in[s] + src_offset + src_byte; + if (little_endian) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index de8f054c5e..c34a2495a6 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -7216,13 +7216,13 @@ processes across test runs.") (define-public python-icalendar (package (name "python-icalendar") - (version "3.9.1") + (version "3.10") (source (origin (method url-fetch) (uri (pypi-uri "icalendar" version)) (sha256 (base32 - "0fhrczdj3jxy5bvswphp3vys7vwv5c9bpwg7asykqwa3z6253q6q")))) + "01amnk3621s7fagfla86npd25knbqirchg7h1jpqxqp103d02bs7")))) (build-system python-build-system) (propagated-inputs `(("python-dateutil-2" ,python-dateutil-2) @@ -10218,3 +10218,43 @@ List. Forked from and using the same API as the publicsuffix package.") (native-inputs `(("python2-setuptools" ,python2-setuptools) ,@(package-native-inputs base)))))) + +(define-public python-freezegun + (package + (name "python-freezegun") + (version "0.3.7") + (source + (origin + (method url-fetch) + (uri (pypi-uri "freezegun" version)) + (sha256 + (base32 + "14l19x06v5jkq4rdwbmfyw4x9lrjb2300afrk21r1ash7y1y9a0w")))) + (build-system python-build-system) + (native-inputs + `(("python-mock" ,python-mock) + ("python-nose" ,python-nose) + ("python-coverage" ,python-coverage) + ("python-dateutil-2" ,python-dateutil-2))) + (inputs + `(("python-six" ,python-six))) + (arguments + `(#:phases (modify-phases %standard-phases + ;; The tests are normally executed via `make test`, but the PyPi + ;; package does not include the Makefile. + (replace 'check + (lambda _ + (zero? (system* "nosetests" "./tests/"))))))) + (home-page "https://github.com/spulec/freezegun") + (synopsis "Test utility for mocking the datetime module") + (description + "FreezeGun is a library that allows your python tests to travel through +time by mocking the datetime module.") + (license license:asl2.0))) + +(define-public python2-freezegun + (let ((base (package-with-python2 (strip-python2-variant python-freezegun)))) + (package (inherit base) + (native-inputs + `(("python2-setuptools" ,python2-setuptools) + ,@(package-native-inputs base)))))) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 52cdef1066..46588dd002 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -4120,21 +4120,18 @@ call.") `(#:test-target "spec" #:phases (modify-phases %standard-phases - (add-before 'build 'remove-git-lsfiles-and-extra-gemspecs - (lambda _ - (for-each (lambda (file) - (substitute* file - (("git ls-files") "find * |sort"))) - (list "concurrent-ruby.gemspec" - "support/file_map.rb")) - #t)) - (add-before 'build 'remove-extra-gemspecs + (add-before 'replace-git-ls-files 'remove-extra-gemspecs (lambda _ ;; Delete extra gemspec files so 'first-gemspec' chooses the ;; correct one. (delete-file "concurrent-ruby-edge.gemspec") (delete-file "concurrent-ruby-ext.gemspec") #t)) + (add-before 'build 'replace-git-ls-files2 + (lambda _ + (substitute* "support/file_map.rb" + (("git ls-files") "find * |sort")) + #t)) (add-before 'check 'rake-compile ;; Fix the test error described at ;; https://github.com/ruby-concurrency/concurrent-ruby/pull/408 |