diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2016-10-14 13:16:11 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2016-10-14 13:16:11 +0200 |
commit | 061758490fe8f411604e5aefdf258ed576946120 (patch) | |
tree | 3a5ac25404972027350b800f96b2bac1788eb3b6 /pkgs/applications/graphics | |
parent | 6eeea6effda7636f003603d96b0a7b98d40ed50d (diff) | |
parent | 6351c4d24b4cf0c75d51aeb8cd3c3720488a111d (diff) | |
download | nixlib-061758490fe8f411604e5aefdf258ed576946120.tar nixlib-061758490fe8f411604e5aefdf258ed576946120.tar.gz nixlib-061758490fe8f411604e5aefdf258ed576946120.tar.bz2 nixlib-061758490fe8f411604e5aefdf258ed576946120.tar.lz nixlib-061758490fe8f411604e5aefdf258ed576946120.tar.xz nixlib-061758490fe8f411604e5aefdf258ed576946120.tar.zst nixlib-061758490fe8f411604e5aefdf258ed576946120.zip |
Merge branch 'master' into staging
... to get the openssl mass rebuild: 942dbf89c.
Diffstat (limited to 'pkgs/applications/graphics')
4 files changed, 24 insertions, 9 deletions
diff --git a/pkgs/applications/graphics/ImageMagick/default.nix b/pkgs/applications/graphics/ImageMagick/default.nix index d481bb934d4c..c7d1adfdd182 100644 --- a/pkgs/applications/graphics/ImageMagick/default.nix +++ b/pkgs/applications/graphics/ImageMagick/default.nix @@ -11,8 +11,8 @@ let else throw "ImageMagick is not supported on this platform."; cfg = { - version = "6.9.5-10"; - sha256 = "0cxjzqzca80vf6sfx4z9zq4wq2w0vy9ajp9kf88jb4na8mwsn198"; + version = "6.9.6-2"; + sha256 = "139h9lycxw3lszn052m34xm0rqyanin4nb529vxjcrkkzqilh91r"; patches = []; } # Freeze version on mingw so we don't need to port the patch too often. diff --git a/pkgs/applications/graphics/PythonMagick/default.nix b/pkgs/applications/graphics/PythonMagick/default.nix index 5ab7d4d8a694..a8d0d490f8bb 100644 --- a/pkgs/applications/graphics/PythonMagick/default.nix +++ b/pkgs/applications/graphics/PythonMagick/default.nix @@ -2,7 +2,7 @@ let - version = "0.9.12"; + version = "0.9.14"; in @@ -10,8 +10,8 @@ stdenv.mkDerivation rec { name = "pythonmagick-${version}"; src = fetchurl { - url = "http://www.imagemagick.org/download/python/releases/PythonMagick-${version}.tar.xz"; - sha256 = "1l1kr3d7l40fkxgs6mrlxj65alv2jizm9hhgg9i9g90a8qj8642b"; + url = "mirror://imagemagick/python/releases/PythonMagick-${version}.tar.xz"; + sha256 = "1flkdfi3c19wy2qcfzax1cqvmmri10rvmhc2y85gmagqvv01zz22"; }; buildInputs = [python boost pkgconfig imagemagick]; diff --git a/pkgs/applications/graphics/gimp/plugins/default.nix b/pkgs/applications/graphics/gimp/plugins/default.nix index 1d32ea724faf..9fd669551dec 100644 --- a/pkgs/applications/graphics/gimp/plugins/default.nix +++ b/pkgs/applications/graphics/gimp/plugins/default.nix @@ -57,6 +57,7 @@ rec { sed -e 's,^\(GIMP_PLUGIN_DIR=\).*,\1'"$out/${gimp.name}-plugins", \ -e 's,^\(GIMP_DATA_DIR=\).*,\1'"$out/share/${gimp.name}", -i configure ''; + hardeningDisable = [ "format" ]; meta = with stdenv.lib; { description = "The GIMP Animation Package"; homepage = http://www.gimp.org; diff --git a/pkgs/applications/graphics/graphicsmagick/default.nix b/pkgs/applications/graphics/graphicsmagick/default.nix index 70d8feaa2753..2e573e09b31a 100644 --- a/pkgs/applications/graphics/graphicsmagick/default.nix +++ b/pkgs/applications/graphics/graphicsmagick/default.nix @@ -1,6 +1,6 @@ -{stdenv, fetchurl, bzip2, freetype, graphviz, ghostscript -, libjpeg, libpng, libtiff, libxml2, zlib, libtool, xz -, libX11, libwebp, quantumdepth ? 8}: +{ stdenv, fetchurl, fetchpatch, bzip2, freetype, graphviz, ghostscript +, libjpeg, libpng, libtiff, libxml2, zlib, libtool, xz, libX11 +, libwebp, quantumdepth ? 8 }: let version = "1.3.25"; in @@ -12,7 +12,21 @@ stdenv.mkDerivation { sha256 = "17xcc7pfcmiwpfr1g8ys5a7bdnvqzka53vg3kkzhwwz0s99gljyn"; }; - patches = [ ./disable-popen.patch ]; + patches = [ + ./disable-popen.patch + (fetchpatch { + url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-4/debian/patches/CVE-2016-7996_CVE-2016-7997.patch"; + sha256 = "0xsby2z8n7cnnln7szjznq7iaabq323wymvdjra59yb41aix74r2"; + }) + (fetchpatch { + url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-4/debian/patches/CVE-2016-7800_part1.patch"; + sha256 = "02s0x9bkbnm5wrd0d2x9ld4d9z5xqpfk310lyylyr5zlnhqxmwgn"; + }) + (fetchpatch { + url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-4/debian/patches/CVE-2016-7800_part2.patch"; + sha256 = "1h4xv3i1aq5avsd584rwa5sa7ca8f7w9ggmh7j2llqq5kymwsv5f"; + }) + ]; configureFlags = [ "--enable-shared" |