Leo Famulari <l...@famulari.name> skribis:

> On Fri, Sep 09, 2016 at 10:15:58AM +0300, Efraim Flashner wrote:
>> On Fri, Sep 09, 2016 at 02:04:40AM -0400, Leo Famulari wrote:
>> > diff --git a/gnu/packages/patches/openjpeg-CVE-2016-7163.patch 
>> > b/gnu/packages/patches/openjpeg-CVE-2016-7163.patch
> [...]
>
>> Was from here down put/left here intentionally? It looks out of place
>> 
>> > +From c16bc057ba3f125051c9966cf1f5b68a05681de4 Mon Sep 17 00:00:00 2001
>> > +From: trylab <try...@users.noreply.github.com>
>> > +Date: Tue, 6 Sep 2016 13:55:49 +0800
>> > +Subject: [PATCH] Fix an integer overflow issue (#809)
>> > +
>> > -- 
>> > 2.10.0
>
> You're right. I had concatenated the two commits out of order, and I
> accidentally left this header at the bottom when moving the original
> bugfix above the follow-up commit.
>
> Thank you for catching this.
>
> I've attached an updated patch.
>
> From 040531530913dbf26ce42ad27e1914f4d1683bd3 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <l...@famulari.name>
> Date: Fri, 9 Sep 2016 01:48:50 -0400
> Subject: [PATCH] gnu: openjpeg-2.*: Fix CVE-2016-7163.
>
> * gnu/packages/patches/openjpeg-CVE-2016-7163.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/image.scm (openjpeg, openjpeg-2.0): Use it.

Go for it.  Thank you!

Ludo’.

Reply via email to