GNU bug report logs -
#73683
[PATCH] gnu: vips: Update to 8.15.3. [security fixes]
Previous Next
Reported by: Nicolas Graves <ngraves <at> ngraves.fr>
Date: Mon, 7 Oct 2024 22:07:02 UTC
Severity: normal
Tags: patch
Done: Zheng Junjie <zhengjunjie <at> iscas.ac.cn>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Mon, 14 Oct 2024 10:20:29 +0800
with message-id <87y12r5ssy.fsf <at> iscas.ac.cn>
and subject line Re: [bug#73683] [PATCH] gnu: vips: Update to 8.15.3. [security fixes]
has caused the debbugs.gnu.org bug report #73683,
regarding [PATCH] gnu: vips: Update to 8.15.3. [security fixes]
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
73683: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=73683
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
This fixes CVE-2023-40032.
* gnu/packages/image-processing.scm (vips): Update to 8.15.3.
[build-system]: Switch to meson-build-system.
[inputs]: Add glib:bin.
---
gnu/packages/image-processing.scm | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/image-processing.scm b/gnu/packages/image-processing.scm
index 033e006d06..1a24837ac8 100644
--- a/gnu/packages/image-processing.scm
+++ b/gnu/packages/image-processing.scm
@@ -23,6 +23,7 @@
;;; Copyright © 2022 Tomasz Jeneralczyk <tj <at> schwi.pl>
;;; Copyright © 2022 Paul A. Patience <paul <at> apatience.com>
;;; Copyright © 2023 Cairn <cairn <at> pm.me>
+;;; Copyright © 2024 Nicolas Graves <ngraves <at> ngraves.fr>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -49,6 +50,7 @@ (define-module (gnu packages image-processing)
#:use-module (guix build-system qt)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system meson)
#:use-module (guix build-system python)
#:use-module (guix build-system pyproject)
#:use-module (gnu packages)
@@ -776,16 +778,16 @@ (define-public opencv
(define-public vips
(package
(name "vips")
- (version "8.13.1")
+ (version "8.15.3")
(source
(origin
(method url-fetch)
(uri (string-append
"https://github.com/libvips/libvips/releases/download/v"
- version "/vips-" version ".tar.gz"))
+ version "/vips-" version ".tar.xz"))
(sha256
- (base32 "00kp3439jcqv9l2gcjg88xzvlq8clv54z1m3x66i3chvarz7ndxd"))))
- (build-system gnu-build-system)
+ (base32 "182j20dw38f1nyfx8cf7cjsr0k4nl7lfk3wm2d0ddypa6vsxj9ry"))))
+ (build-system meson-build-system)
(native-inputs
(list gobject-introspection pkg-config))
(inputs
@@ -793,6 +795,7 @@ (define-public vips
fftw
giflib
glib
+ (list glib "bin")
hdf5
imagemagick
lcms
--
2.46.0
[Message part 3 (message/rfc822, inline)]
[Message part 4 (text/plain, inline)]
Nicolas Graves via Guix-patches via <guix-patches <at> gnu.org> writes:
> This fixes CVE-2023-40032.
>
> * gnu/packages/image-processing.scm (vips): Update to 8.15.3.
> [build-system]: Switch to meson-build-system.
> [inputs]: Add glib:bin.
> ---
> gnu/packages/image-processing.scm | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/gnu/packages/image-processing.scm b/gnu/packages/image-processing.scm
> index 033e006d06..1a24837ac8 100644
> --- a/gnu/packages/image-processing.scm
> +++ b/gnu/packages/image-processing.scm
> @@ -23,6 +23,7 @@
> ;;; Copyright © 2022 Tomasz Jeneralczyk <tj <at> schwi.pl>
> ;;; Copyright © 2022 Paul A. Patience <paul <at> apatience.com>
> ;;; Copyright © 2023 Cairn <cairn <at> pm.me>
> +;;; Copyright © 2024 Nicolas Graves <ngraves <at> ngraves.fr>
> ;;;
> ;;; This file is part of GNU Guix.
> ;;;
> @@ -49,6 +50,7 @@ (define-module (gnu packages image-processing)
> #:use-module (guix build-system qt)
> #:use-module (guix build-system cmake)
> #:use-module (guix build-system gnu)
> + #:use-module (guix build-system meson)
> #:use-module (guix build-system python)
> #:use-module (guix build-system pyproject)
> #:use-module (gnu packages)
> @@ -776,16 +778,16 @@ (define-public opencv
> (define-public vips
> (package
> (name "vips")
> - (version "8.13.1")
> + (version "8.15.3")
> (source
> (origin
> (method url-fetch)
> (uri (string-append
> "https://github.com/libvips/libvips/releases/download/v"
> - version "/vips-" version ".tar.gz"))
> + version "/vips-" version ".tar.xz"))
> (sha256
> - (base32 "00kp3439jcqv9l2gcjg88xzvlq8clv54z1m3x66i3chvarz7ndxd"))))
> - (build-system gnu-build-system)
> + (base32 "182j20dw38f1nyfx8cf7cjsr0k4nl7lfk3wm2d0ddypa6vsxj9ry"))))
> + (build-system meson-build-system)
> (native-inputs
> (list gobject-introspection pkg-config))
> (inputs
> @@ -793,6 +795,7 @@ (define-public vips
> fftw
> giflib
> glib
> + (list glib "bin")
> hdf5
> imagemagick
> lcms
push, and add commit to fetch sources from git.
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 276 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.