Merge pull request #260191 from LeSuisse/libcue-CVE-2023-43641

libcue: apply patch for CVE-2023-43641
2023-10-10 19:09:04 +03:00 · 2023-10-10 19:09:04 +03:00 · 97ec5b4c08
commit 97ec5b4c08
parent b08ed15261 6335cf6cdf
1 changed files with 9 additions and 1 deletions
--- a/pkgs/development/libraries/libcue/default.nix
+++ b/pkgs/development/libraries/libcue/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, cmake, bison, flex }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, bison, flex }:

 stdenv.mkDerivation rec {
  pname = "libcue";
@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
    sha256 = "1iqw4n01rv2jyk9lksagyxj8ml0kcfwk67n79zy1r6zv1xfp5ywm";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2023-43641.patch";
+      url = "https://github.com/lipnitsk/libcue/commit/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch";
+      hash = "sha256-NjnSMUfman/SwLFWDIhtz2jCOLfpXGGGjO3QwRGURNg=";
+    })
+  ];
+
  nativeBuildInputs = [ cmake bison flex ];

  doCheck = false; # fails all the tests (ctest)