gnu: cairo: Fix CVE-2016-9082.

* gnu/packages/gtk.scm (cairo)[replacement]: New field. (cairo/fixed): New variable. (cairo-xcb)[source]: Use patch. [replacement]: New field, set false. * gnu/packages/pdf.scm (poppler)[inputs]: Custom cairo should be replaced by a new custom patched cairo. * gnu/packages/patches/cairo-CVE-2016-9082.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it.
2026-05-29 12:35:15 +02:00 · 2016-11-28 19:25:21 +02:00
parent eb55f01821
commit c51d926c74
4 changed files with 146 additions and 0 deletions
@@ -100,6 +100,7 @@ tools have full access to view and control running applications.")
 (define-public cairo
  (package
   (name "cairo")
+   (replacement cairo/fixed)
   (version "1.14.6")
   (source (origin
            (method url-fetch)
@@ -153,6 +154,10 @@ affine transformation (scale, rotation, shear, etc.).")
  (package
    (inherit cairo)
    (name "cairo-xcb")
+    (source (origin
+              (inherit (package-source cairo))
+              (patches (search-patches "cairo-CVE-2016-9082.patch"))))
+    (replacement #f)
    (inputs
     `(("mesa" ,mesa)
       ,@(package-inputs cairo)))
@@ -162,6 +167,13 @@ affine transformation (scale, rotation, shear, etc.).")
       '("--enable-xlib-xcb" "--enable-gl" "--enable-egl")))
    (synopsis "2D graphics library (with X11 support)")))

+(define cairo/fixed
+  (package
+    (inherit cairo)
+    (source (origin
+              (inherit (package-source cairo))
+              (patches (search-patches "cairo-CVE-2016-9082.patch"))))))
+
 (define-public harfbuzz
  (package
   (name "harfbuzz")