Merge pull request #130290 from LeSuisse/fig2dev-CVE-2021-3561

fig2dev: apply patch for CVE-2021-3561
This commit is contained in:
Sandro 2021-07-15 19:24:13 +02:00 committed by GitHub
commit e9ffb646fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchurl
, fetchpatch
, ghostscript
, libpng
, makeWrapper
@ -20,6 +21,15 @@ stdenv.mkDerivation rec {
sha256 = "1bm75lf9j54qpbjx8hzp6ixaayp1x9w4v3yxl6vxyw8g5m4sqdk3";
};
patches = [
(fetchpatch {
name = "CVE-2021-3561.patch";
# Using Debian patch since it is not possible to download it directly from Sourceforge
url = "https://sources.debian.org/data/main/f/fig2dev/1:3.2.8-3/debian/patches/33_sanitize-color.patch";
sha256 = "1bppr3li03nj4qjibnddr2f38mpk55pcn5z6k98pf00gabq33fgs";
})
];
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ libpng ];