summaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-29 20:55:55 -0400
committerLeo Famulari <leo@famulari.name>2016-08-29 21:03:52 -0400
commit4b4fc92fe59833701b3a023fb4befde8196424cb (patch)
treecc98061da62368e84f2b1a32e600e9258c24b54a /gnu
parenta007d699e760bea80baed64b4a3ff59351fa1801 (diff)
parent4e9d5055fbf88ae43a7db7e901359e895fa729e8 (diff)
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu')
-rw-r--r--gnu/local.mk7
-rw-r--r--gnu/packages/bioinformatics.scm4
-rw-r--r--gnu/packages/calendar.scm33
-rw-r--r--gnu/packages/image.scm18
-rw-r--r--gnu/packages/imagemagick.scm4
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3623.patch30
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3945.patch94
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3990.patch31
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3991.patch123
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5314.patch45
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5321.patch25
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5323.patch88
-rw-r--r--gnu/packages/python.scm44
-rw-r--r--gnu/packages/ruby.scm15
14 files changed, 518 insertions, 43 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index faa6e535ef..26eacd1043 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -626,6 +626,13 @@ dist_patch_DATA = \
%D%/packages/patches/libtar-CVE-2013-4420.patch \
%D%/packages/patches/libtheora-config-guess.patch \
%D%/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \
+ %D%/packages/patches/libtiff-CVE-2016-3623.patch \
+ %D%/packages/patches/libtiff-CVE-2016-3945.patch \
+ %D%/packages/patches/libtiff-CVE-2016-3990.patch \
+ %D%/packages/patches/libtiff-CVE-2016-3991.patch \
+ %D%/packages/patches/libtiff-CVE-2016-5314.patch \
+ %D%/packages/patches/libtiff-CVE-2016-5321.patch \
+ %D%/packages/patches/libtiff-CVE-2016-5323.patch \
%D%/packages/patches/libtiff-oob-accesses-in-decode.patch \
%D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \
%D%/packages/patches/libtool-skip-tests2.patch \
diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm
index 2bd71c858b..ed20b562e5 100644
--- a/gnu/packages/bioinformatics.scm
+++ b/gnu/packages/bioinformatics.scm
@@ -1903,7 +1903,7 @@ identify enrichments with functional annotations of the genome.")
(define-public diamond
(package
(name "diamond")
- (version "0.8.18")
+ (version "0.8.20")
(source (origin
(method url-fetch)
(uri (string-append
@@ -1912,7 +1912,7 @@ identify enrichments with functional annotations of the genome.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1r8klhbzn5cfzg9g69dd0sk4c0bd8cg1g5id8blsqi273bymm4jl"))))
+ "16bhwpxqzq2nfkh9522rwcc1p97ygszjmhphz69x2jk501jf9wkg"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f ; no "check" target
diff --git a/gnu/packages/calendar.scm b/gnu/packages/calendar.scm
index 3b5aba72c8..7f3d05d08e 100644
--- a/gnu/packages/calendar.scm
+++ b/gnu/packages/calendar.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -80,42 +81,16 @@ data units.")
(define-public khal
(package
(name "khal")
- (version "0.7.0")
+ (version "0.8.3")
(source (origin
(method url-fetch)
(uri (pypi-uri "khal" version))
(sha256
(base32
- "00llxj7cv31mjsx0j6zxmyi9s1q20yvfkn025xcy8cv1ylfwic66"))
- (modules '((guix build utils)))
- ;; Patch broken path in 'doc' Makefile.
- ;; Patch sent upstream: https://github.com/geier/khal/pull/307
- (snippet
- '(substitute* "doc/source/Makefile"
- (("../../../khal/khal/settings/khal.spec")
- "../../khal/settings/khal.spec" )))))
+ "1qryqs5d8jsl7j22pjjfkfdi4m8m3nn3n44b890pq85xkw599ihy"))))
(build-system python-build-system)
(arguments
`(#:phases (modify-phases %standard-phases
- (add-after 'unpack 'disable-tests
- (lambda _
- ;; Bug reported for test_only_update_old_event:
- ;; https://github.com/geier/khal/issues/309
- (substitute* "tests/khalendar_test.py"
- (("test_only_update_old_event")
- "disabled_only_update_old_event"))
-
- ;; Bug reported for test_dt_two_tz:
- ;; https://github.com/pimutils/khal/issues/382
- (substitute* "tests/event_test.py"
- (("test_dt_two_tz")
- "disabled_dt_two_tz"))
- ;; Another timezone / DST issue:
- ;; https://github.com/pimutils/khal/issues/146
- (substitute* "tests/event_test.py"
- (("test_raw_dt")
- "disabled_raw_dt"))))
-
;; Building the manpage requires khal to be installed.
(add-after 'install 'manpage
(lambda* (#:key outputs #:allow-other-keys)
@@ -136,9 +111,11 @@ data units.")
(zero? (system* "py.test" "tests")))))))
(native-inputs
`(("python-pytest" ,python-pytest)
+ ("python-pytest-cov" ,python-pytest-cov)
("python-setuptools-scm" ,python-setuptools-scm)
;; Required for tests
("tzdata" ,tzdata)
+ ("python-freezegun" ,python-freezegun)
;; Required to build manpage
("python-sphinxcontrib-newsfeed" ,python-sphinxcontrib-newsfeed)
("python-sphinx" ,python-sphinx)))
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 7d72492b1a..4fdc4ae252 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -150,6 +150,7 @@ maximum quality factor.")
(define-public libtiff
(package
(name "libtiff")
+ (replacement libtiff/fixed)
(version "4.0.6")
(source (origin
(method url-fetch)
@@ -182,6 +183,23 @@ collection of tools for doing simple manipulations of TIFF images.")
"See COPYRIGHT in the distribution."))
(home-page "http://www.remotesensing.org/libtiff/")))
+(define libtiff/fixed
+ (package
+ (inherit libtiff)
+ (source (origin
+ (inherit (package-source libtiff))
+ (patches (search-patches
+ "libtiff-oob-accesses-in-decode.patch"
+ "libtiff-oob-write-in-nextdecode.patch"
+ "libtiff-CVE-2015-8665+CVE-2015-8683.patch"
+ "libtiff-CVE-2016-3623.patch"
+ "libtiff-CVE-2016-3945.patch"
+ "libtiff-CVE-2016-3990.patch"
+ "libtiff-CVE-2016-3991.patch"
+ "libtiff-CVE-2016-5314.patch"
+ "libtiff-CVE-2016-5321.patch"
+ "libtiff-CVE-2016-5323.patch"))))))
+
(define-public libwmf
(package
(name "libwmf")
diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm
index a554b73a4e..f824abf3f4 100644
--- a/gnu/packages/imagemagick.scm
+++ b/gnu/packages/imagemagick.scm
@@ -41,14 +41,14 @@
(define-public imagemagick
(package
(name "imagemagick")
- (version "6.9.5-7")
+ (version "6.9.5-8")
(source (origin
(method url-fetch)
(uri (string-append "mirror://imagemagick/ImageMagick-"
version ".tar.xz"))
(sha256
(base32
- "00arcvyhsy9i5gp3b0lhfvs04qwhxpmq0bfsv4ipllinb6mjgxf5"))))
+ "0ds21sk1pczf2cwi62rqp6b8x2m24sb6xn82ivzh13m42phzigav"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch")
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3623.patch b/gnu/packages/patches/libtiff-CVE-2016-3623.patch
new file mode 100644
index 0000000000..08705861e3
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3623.patch
@@ -0,0 +1,30 @@
+Fix CVE-2016-3623.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
+http://bugzilla.maptools.org/show_bug.cgi?id=2569
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.16 -r1.17 tools/rgb2ycbcr.c
+
+Index: tools/rgb2ycbcr.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/rgb2ycbcr.c,v
+retrieving revision 1.16
+retrieving revision 1.17
+diff -u -r1.16 -r1.17
+--- libtiff/tools/rgb2ycbcr.c 21 Jun 2015 01:09:10 -0000 1.16
++++ libtiff/tools/rgb2ycbcr.c 15 Aug 2016 21:26:56 -0000 1.17
+@@ -95,9 +95,13 @@
+ break;
+ case 'h':
+ horizSubSampling = atoi(optarg);
++ if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 )
++ usage(-1);
+ break;
+ case 'v':
+ vertSubSampling = atoi(optarg);
++ if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 )
++ usage(-1);
+ break;
+ case 'r':
+ rowsperstrip = atoi(optarg);
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3945.patch b/gnu/packages/patches/libtiff-CVE-2016-3945.patch
new file mode 100644
index 0000000000..8ec62bab99
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3945.patch
@@ -0,0 +1,94 @@
+Fix CVE-2016-3945 (integer overflow in size of allocated
+buffer, when -b mode is enabled, that could result in out-of-bounds
+write).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945
+http://bugzilla.maptools.org/show_bug.cgi?id=2545
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.21 -r1.22 tools/tiff2rgba.c
+
+Index: tools/tiff2rgba.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2rgba.c,v
+retrieving revision 1.21
+retrieving revision 1.22
+diff -u -r1.21 -r1.22
+--- libtiff/tools/tiff2rgba.c 21 Jun 2015 01:09:10 -0000 1.21
++++ libtiff/tools/tiff2rgba.c 15 Aug 2016 20:06:41 -0000 1.22
+@@ -147,6 +147,7 @@
+ uint32 row, col;
+ uint32 *wrk_line;
+ int ok = 1;
++ uint32 rastersize, wrk_linesize;
+
+ TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
+ TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
+@@ -163,7 +164,13 @@
+ /*
+ * Allocate tile buffer
+ */
+- raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32));
++ rastersize = tile_width * tile_height * sizeof (uint32);
++ if (tile_width != (rastersize / tile_height) / sizeof( uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
++ exit(-1);
++ }
++ raster = (uint32*)_TIFFmalloc(rastersize);
+ if (raster == 0) {
+ TIFFError(TIFFFileName(in), "No space for raster buffer");
+ return (0);
+@@ -173,7 +180,13 @@
+ * Allocate a scanline buffer for swapping during the vertical
+ * mirroring pass.
+ */
+- wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32));
++ wrk_linesize = tile_width * sizeof (uint32);
++ if (tile_width != wrk_linesize / sizeof (uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
++ exit(-1);
++ }
++ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
+ if (!wrk_line) {
+ TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
+ ok = 0;
+@@ -249,6 +262,7 @@
+ uint32 row;
+ uint32 *wrk_line;
+ int ok = 1;
++ uint32 rastersize, wrk_linesize;
+
+ TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
+ TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
+@@ -263,7 +277,13 @@
+ /*
+ * Allocate strip buffer
+ */
+- raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32));
++ rastersize = width * rowsperstrip * sizeof (uint32);
++ if (width != (rastersize / rowsperstrip) / sizeof( uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
++ exit(-1);
++ }
++ raster = (uint32*)_TIFFmalloc(rastersize);
+ if (raster == 0) {
+ TIFFError(TIFFFileName(in), "No space for raster buffer");
+ return (0);
+@@ -273,7 +293,13 @@
+ * Allocate a scanline buffer for swapping during the vertical
+ * mirroring pass.
+ */
+- wrk_line = (uint32*)_TIFFmalloc(width * sizeof (uint32));
++ wrk_linesize = width * sizeof (uint32);
++ if (width != wrk_linesize / sizeof (uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
++ exit(-1);
++ }
++ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
+ if (!wrk_line) {
+ TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
+ ok = 0;
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3990.patch b/gnu/packages/patches/libtiff-CVE-2016-3990.patch
new file mode 100644
index 0000000000..7641c3073b
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3990.patch
@@ -0,0 +1,31 @@
+Fix CVE-2016-3990 (write buffer overflow in PixarLogEncode if more input
+samples are provided than expected by PixarLogSetupEncode).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990
+http://bugzilla.maptools.org/show_bug.cgi?id=2544
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.45 -r1.46 libtiff/tif_pixarlog.c
+
+Index: libtiff/tif_pixarlog.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
+retrieving revision 1.45
+retrieving revision 1.46
+diff -u -r1.45 -r1.46
+--- libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:37:33 -0000 1.45
++++ libtiff/libtiff/tif_pixarlog.c 15 Aug 2016 20:49:48 -0000 1.46
+@@ -1141,6 +1141,13 @@
+ }
+
+ llen = sp->stride * td->td_imagewidth;
++ /* Check against the number of elements (of size uint16) of sp->tbuf */
++ if( n > td->td_rowsperstrip * llen )
++ {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Too many input bytes provided");
++ return 0;
++ }
+
+ for (i = 0, up = sp->tbuf; i < n; i += llen, up += llen) {
+ switch (sp->user_datafmt) {
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3991.patch b/gnu/packages/patches/libtiff-CVE-2016-3991.patch
new file mode 100644
index 0000000000..cb05f0007f
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3991.patch
@@ -0,0 +1,123 @@
+Fix CVE-2016-3991 (out-of-bounds write in loadImage()).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991
+http://bugzilla.maptools.org/show_bug.cgi?id=2543
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.37 -r1.38 tools/tiffcrop.c
+
+Index: tools/tiffcrop.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
+retrieving revision 1.37
+retrieving revision 1.38
+diff -u -r1.37 -r1.38
+--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
++++ libtiff/tools/tiffcrop.c 15 Aug 2016 21:05:40 -0000 1.38
+@@ -798,6 +798,11 @@
+ }
+
+ tile_buffsize = tilesize;
++ if (tilesize == 0 || tile_rowsize == 0)
++ {
++ TIFFError("readContigTilesIntoBuffer", "Tile size or tile rowsize is zero");
++ exit(-1);
++ }
+
+ if (tilesize < (tsize_t)(tl * tile_rowsize))
+ {
+@@ -807,7 +812,12 @@
+ tilesize, tl * tile_rowsize);
+ #endif
+ tile_buffsize = tl * tile_rowsize;
+- }
++ if (tl != (tile_buffsize / tile_rowsize))
++ {
++ TIFFError("readContigTilesIntoBuffer", "Integer overflow when calculating buffer size.");
++ exit(-1);
++ }
++ }
+
+ tilebuf = _TIFFmalloc(tile_buffsize);
+ if (tilebuf == 0)
+@@ -1210,6 +1220,12 @@
+ !TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps) )
+ return 1;
+
++ if (tilesize == 0 || tile_rowsize == 0 || tl == 0 || tw == 0)
++ {
++ TIFFError("writeBufferToContigTiles", "Tile size, tile row size, tile width, or tile length is zero");
++ exit(-1);
++ }
++
+ tile_buffsize = tilesize;
+ if (tilesize < (tsize_t)(tl * tile_rowsize))
+ {
+@@ -1219,6 +1235,11 @@
+ tilesize, tl * tile_rowsize);
+ #endif
+ tile_buffsize = tl * tile_rowsize;
++ if (tl != tile_buffsize / tile_rowsize)
++ {
++ TIFFError("writeBufferToContigTiles", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
+ }
+
+ tilebuf = _TIFFmalloc(tile_buffsize);
+@@ -5945,12 +5966,27 @@
+ TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
+
+ tile_rowsize = TIFFTileRowSize(in);
++ if (ntiles == 0 || tlsize == 0 || tile_rowsize == 0)
++ {
++ TIFFError("loadImage", "File appears to be tiled, but the number of tiles, tile size, or tile rowsize is zero.");
++ exit(-1);
++ }
+ buffsize = tlsize * ntiles;
++ if (tlsize != (buffsize / ntiles))
++ {
++ TIFFError("loadImage", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
+
+-
+ if (buffsize < (uint32)(ntiles * tl * tile_rowsize))
+ {
+ buffsize = ntiles * tl * tile_rowsize;
++ if (ntiles != (buffsize / tl / tile_rowsize))
++ {
++ TIFFError("loadImage", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
++
+ #ifdef DEBUG2
+ TIFFError("loadImage",
+ "Tilesize %u is too small, using ntiles * tilelength * tilerowsize %lu",
+@@ -5969,8 +6005,25 @@
+ TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
+ stsize = TIFFStripSize(in);
+ nstrips = TIFFNumberOfStrips(in);
++ if (nstrips == 0 || stsize == 0)
++ {
++ TIFFError("loadImage", "File appears to be striped, but the number of stipes or stripe size is zero.");
++ exit(-1);
++ }
++
+ buffsize = stsize * nstrips;
+-
++ if (stsize != (buffsize / nstrips))
++ {
++ TIFFError("loadImage", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
++ uint32 buffsize_check;
++ buffsize_check = ((length * width * spp * bps) + 7);
++ if (length != ((buffsize_check - 7) / width / spp / bps))
++ {
++ TIFFError("loadImage", "Integer overflow detected.");
++ exit(-1);
++ }
+ if (buffsize < (uint32) (((length * width * spp * bps) + 7) / 8))
+ {
+ buffsize = ((length * width * spp * bps) + 7) / 8;
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5314.patch b/gnu/packages/patches/libtiff-CVE-2016-5314.patch
new file mode 100644
index 0000000000..e5380f8639
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-5314.patch
@@ -0,0 +1,45 @@
+Fix CVE-2016-5314.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314
+bugzilla.maptools.org/show_bug.cgi?id=2554
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.43 -r1.44 libtiff/tif_pixarlog.c
+
+Index: libtiff/tif_pixarlog.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
+retrieving revision 1.43
+retrieving revision 1.44
+diff -u -r1.43 -r1.44
+--- libtiff/libtiff/tif_pixarlog.c 27 Dec 2015 20:14:11 -0000 1.43
++++ libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:12:19 -0000 1.44
+@@ -459,6 +459,7 @@
+ typedef struct {
+ TIFFPredictorState predict;
+ z_stream stream;
++ tmsize_t tbuf_size; /* only set/used on reading for now */
+ uint16 *tbuf;
+ uint16 stride;
+ int state;
+@@ -694,6 +695,7 @@
+ sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size);
+ if (sp->tbuf == NULL)
+ return (0);
++ sp->tbuf_size = tbuf_size;
+ if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN)
+ sp->user_datafmt = PixarLogGuessDataFmt(td);
+ if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) {
+@@ -783,6 +785,12 @@
+ TIFFErrorExt(tif->tif_clientdata, module, "ZLib cannot deal with buffers this size");
+ return (0);
+ }
++ /* Check that we will not fill more than what was allocated */
++ if (sp->stream.avail_out > sp->tbuf_size)
++ {
++ TIFFErrorExt(tif->tif_clientdata, module, "sp->stream.avail_out > sp->tbuf_size");
++ return (0);
++ }
+ do {
+ int state = inflate(&sp->stream, Z_PARTIAL_FLUSH);
+ if (state == Z_STREAM_END) {
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5321.patch b/gnu/packages/patches/libtiff-CVE-2016-5321.patch
new file mode 100644
index 0000000000..2afca18e1d
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-5321.patch
@@ -0,0 +1,25 @@
+Fix CVE-2016-5321.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
+http://bugzilla.maptools.org/show_bug.cgi?id=2558
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.35 -r1.36 tools/tiffcrop.c
+
+Index: tools/tiffcrop.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
+retrieving revision 1.35
+retrieving revision 1.36
+diff -u -r1.35 -r1.36
+--- libtiff/tools/tiffcrop.c 19 Aug 2015 02:31:04 -0000 1.35
++++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
+@@ -989,7 +989,7 @@
+ nrow = (row + tl > imagelength) ? imagelength - row : tl;
+ for (col = 0; col < imagewidth; col += tw)
+ {
+- for (s = 0; s < spp; s++)
++ for (s = 0; s < spp && s < MAX_SAMPLES; s++)
+ { /* Read each plane of a tile set into srcbuffs[s] */
+ tbytes = TIFFReadTile(in, srcbuffs[s], col, row, 0, s);
+ if (tbytes < 0 && !ignore)
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5323.patch b/gnu/packages/patches/libtiff-CVE-2016-5323.patch
new file mode 100644
index 0000000000..8b2a043d29
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-5323.patch
@@ -0,0 +1,88 @@
+Fix CVE-2016-5323.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
+http://bugzilla.maptools.org/show_bug.cgi?id=2559
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.36 -r1.37 tools/tiffcrop.c
+
+Index: tools/tiffcrop.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
+retrieving revision 1.36
+retrieving revision 1.37
+diff -u -r1.36 -r1.37
+--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
++++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
+@@ -3738,7 +3738,7 @@
+
+ matchbits = maskbits << (8 - src_bit - bps);
+ /* load up next sample from each plane */
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ buff1 = ((*src) & matchbits) << (src_bit);
+@@ -3837,7 +3837,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (16 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -3947,7 +3947,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (32 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4073,7 +4073,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (64 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4263,7 +4263,7 @@
+
+ matchbits = maskbits << (8 - src_bit - bps);
+ /* load up next sample from each plane */
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ buff1 = ((*src) & matchbits) << (src_bit);
+@@ -4362,7 +4362,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (16 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4471,7 +4471,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (32 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4597,7 +4597,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (64 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index de8f054c5e..c34a2495a6 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -7216,13 +7216,13 @@ processes across test runs.")
(define-public python-icalendar
(package
(name "python-icalendar")
- (version "3.9.1")
+ (version "3.10")
(source (origin
(method url-fetch)
(uri (pypi-uri "icalendar" version))
(sha256
(base32
- "0fhrczdj3jxy5bvswphp3vys7vwv5c9bpwg7asykqwa3z6253q6q"))))
+ "01amnk3621s7fagfla86npd25knbqirchg7h1jpqxqp103d02bs7"))))
(build-system python-build-system)
(propagated-inputs
`(("python-dateutil-2" ,python-dateutil-2)
@@ -10218,3 +10218,43 @@ List. Forked from and using the same API as the publicsuffix package.")
(native-inputs
`(("python2-setuptools" ,python2-setuptools)
,@(package-native-inputs base))))))
+
+(define-public python-freezegun
+ (package
+ (name "python-freezegun")
+ (version "0.3.7")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "freezegun" version))
+ (sha256
+ (base32
+ "14l19x06v5jkq4rdwbmfyw4x9lrjb2300afrk21r1ash7y1y9a0w"))))
+ (build-system python-build-system)
+ (native-inputs
+ `(("python-mock" ,python-mock)
+ ("python-nose" ,python-nose)
+ ("python-coverage" ,python-coverage)
+ ("python-dateutil-2" ,python-dateutil-2)))
+ (inputs
+ `(("python-six" ,python-six)))
+ (arguments
+ `(#:phases (modify-phases %standard-phases
+ ;; The tests are normally executed via `make test`, but the PyPi
+ ;; package does not include the Makefile.
+ (replace 'check
+ (lambda _
+ (zero? (system* "nosetests" "./tests/")))))))
+ (home-page "https://github.com/spulec/freezegun")
+ (synopsis "Test utility for mocking the datetime module")
+ (description
+ "FreezeGun is a library that allows your python tests to travel through
+time by mocking the datetime module.")
+ (license license:asl2.0)))
+
+(define-public python2-freezegun
+ (let ((base (package-with-python2 (strip-python2-variant python-freezegun))))
+ (package (inherit base)
+ (native-inputs
+ `(("python2-setuptools" ,python2-setuptools)
+ ,@(package-native-inputs base))))))
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index 52cdef1066..46588dd002 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -4120,21 +4120,18 @@ call.")
`(#:test-target "spec"
#:phases
(modify-phases %standard-phases
- (add-before 'build 'remove-git-lsfiles-and-extra-gemspecs
- (lambda _
- (for-each (lambda (file)
- (substitute* file
- (("git ls-files") "find * |sort")))
- (list "concurrent-ruby.gemspec"
- "support/file_map.rb"))
- #t))
- (add-before 'build 'remove-extra-gemspecs
+ (add-before 'replace-git-ls-files 'remove-extra-gemspecs
(lambda _
;; Delete extra gemspec files so 'first-gemspec' chooses the
;; correct one.
(delete-file "concurrent-ruby-edge.gemspec")
(delete-file "concurrent-ruby-ext.gemspec")
#t))
+ (add-before 'build 'replace-git-ls-files2
+ (lambda _
+ (substitute* "support/file_map.rb"
+ (("git ls-files") "find * |sort"))
+ #t))
(add-before 'check 'rake-compile
;; Fix the test error described at
;; https://github.com/ruby-concurrency/concurrent-ruby/pull/408