Merge pull request #130290 from LeSuisse/fig2dev-CVE-2021-3561
fig2dev: apply patch for CVE-2021-3561
This commit is contained in:
commit
e9ffb646fb
1 changed files with 10 additions and 0 deletions
|
@ -1,6 +1,7 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, ghostscript
|
||||
, libpng
|
||||
, makeWrapper
|
||||
|
@ -20,6 +21,15 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "1bm75lf9j54qpbjx8hzp6ixaayp1x9w4v3yxl6vxyw8g5m4sqdk3";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2021-3561.patch";
|
||||
# Using Debian patch since it is not possible to download it directly from Sourceforge
|
||||
url = "https://sources.debian.org/data/main/f/fig2dev/1:3.2.8-3/debian/patches/33_sanitize-color.patch";
|
||||
sha256 = "1bppr3li03nj4qjibnddr2f38mpk55pcn5z6k98pf00gabq33fgs";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
buildInputs = [ libpng ];
|
||||
|
||||
|
|
Loading…
Reference in a new issue