cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge pull request #179192 from sersorrel/xcftools-cve-2019-5086

Browse source
This commit is contained in:
Sandro 2022-07-05 14:59:35 +02:00 committed by GitHub
commit 0cd5eefaec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pkgs/tools/graphics/xcftools/default.nix
View file

@ -1,4 +1,4 @@
{lib, stdenv, fetchurl, libpng, perl, gettext }:
{lib, stdenv, fetchpatch, fetchurl, libpng, perl, gettext }:
stdenv.mkDerivation rec {
pname = "xcftools";
@ -11,7 +11,15 @@ stdenv.mkDerivation rec {
buildInputs = [ libpng perl gettext ];
patchPhase = ''
patches = [
(fetchpatch {
name = "CVE-2019-5086.CVE-2019-5087.patch";
url = "https://github.com/gladk/xcftools/commit/59c38e3e45b9112c2bcb4392bccf56e297854f8a.patch";
sha256 = "sha256-a1Biv6viXzTSaLDzinOyu0HdDTUPsKITsdKu9B9Y8GE=";
})
];
postPatch = ''
# Required if building with libpng-1.6, innocuous otherwise
substituteInPlace xcf2png.c \
--replace png_voidp_NULL NULL \