From 0769cea6970444dd5f5db75f9863ec6ff428e7cb Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Mon, 23 Jan 2017 18:33:21 -0500
Subject: gnu: openjpeg: Fix CVE-2016-{9572,9573}.

* gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/image.scm (openjpeg-2.1.2)[source]: Use it.
---
 gnu/packages/image.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/image.scm')

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 637819947c..54b7dd6e22 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -498,7 +498,8 @@ error-resilience, a Java-viewer for j2k-images, ...")
          (base32
           "19yz4g0c45sm8y1z01j9djsrl1mkz3pmw7fykc6hkvrqymp7prsc"))
         (patches
-          (search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch"))))))
+          (search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch"
+                          "openjpeg-CVE-2016-9572-CVE-2016-9573.patch"))))))
 
 (define-public openjpeg-1
   (package (inherit openjpeg)
-- 
cgit v1.2.3