Merge pull request #168720 from risicle/ris-mruby-CVE-2022-1212

mruby: add patch for CVE-2022-1212
2022-04-15 11:12:44 -05:00 · 2022-04-15 11:12:44 -05:00 · bc0fe654e6
commit bc0fe654e6
parent b5c4279c49 fbfa7ea82d
1 changed files with 9 additions and 1 deletions
--- a/pkgs/development/compilers/mruby/default.nix
+++ b/pkgs/development/compilers/mruby/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, ruby, bison, rake, fetchFromGitHub }:
+{ lib, stdenv, ruby, bison, rake, fetchFromGitHub, fetchpatch }:

 stdenv.mkDerivation rec {
  pname = "mruby";
@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
    sha256  = "sha256-C3K7ZooaOMa+V2HjxwiKxrrMb7ffl4QAgPsftRtb60c=";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2022-1212.patch";
+      url = "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6.patch";
+      sha256  = "1bl8wm6v7v18zgxqvm4kbn8g97a75phzrdah279xqw1qvplbd2w7";
+    })
+  ];
+
  nativeBuildInputs = [ ruby bison rake ];

  # Necessary so it uses `gcc` instead of `ld` for linking.