gnu: freetype: Replace with 2.10.4 [fixes CVE-2020-15999].

* gnu/packages/fontutils.scm (freetype)[replacement]: New field, set to... (freetype/fixed): ...this new variable.
2020-10-22 21:20:47 +02:00 · 2020-10-22 21:20:47 +02:00 · d32b210f28
parent 910ea2e1d2
commit d32b210f28
1 changed files with 15 additions and 1 deletions
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@ -6,7 +6,7 @@
 ;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2017 Nikita <nikita@n0.is>
-;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2018, 2019 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2019, 2020 Marius Bakke <mbakke@fastmail.com>
@ -69,6 +69,7 @@ (define-public freetype
  (package
   (name "freetype")
   (version "2.10.1")
+   (replacement freetype/fixed)
   (source (origin
            (method url-fetch)
            (uri (string-append "mirror://savannah/freetype/freetype-"
@ -97,6 +98,19 @@ (define-public freetype
   (license license:freetype)           ; some files have other licenses
   (home-page "https://www.freetype.org/")))

+(define freetype/fixed
+  ;; Security fix for CVE-2020-15999.
+  (package
+    (inherit freetype)
+    (version "2.10.4")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "mirror://savannah/freetype/freetype-"
+                           version ".tar.xz"))
+       (sha256
+        (base32 "112pyy215chg7f7fmp2l9374chhhpihbh8wgpj5nj6avj3c59a46"))))))
+
 (define-public ttfautohint
  (package
    (name "ttfautohint")