diff options
author | peter woodman <peter@shortbus.org> | 2023-01-13 07:09:05 -0500 |
---|---|---|
committer | peter woodman <peter@shortbus.org> | 2023-01-18 13:07:44 -0500 |
commit | 92535dbc02b3ab4c04cf3e36c36aec92bb04aa37 (patch) | |
tree | 72023d6183ac2ec1af07ee831644629777030f4c | |
parent | ea98d035977c05da0da980cf1598c9fa644842ee (diff) | |
download | nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.tar nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.tar.gz nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.tar.bz2 nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.tar.lz nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.tar.xz nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.tar.zst nixpkgs-92535dbc02b3ab4c04cf3e36c36aec92bb04aa37.zip |
giflib: patch to fix CVE-2022-28506
using the same mitigation the fedora project is using
-rw-r--r-- | pkgs/development/libraries/giflib/default.nix | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/pkgs/development/libraries/giflib/default.nix b/pkgs/development/libraries/giflib/default.nix index 795aeb88440..5202dc0edab 100644 --- a/pkgs/development/libraries/giflib/default.nix +++ b/pkgs/development/libraries/giflib/default.nix @@ -8,7 +8,13 @@ stdenv.mkDerivation rec { sha256 = "1gbrg03z1b6rlrvjyc6d41bc8j1bsr7rm8206gb1apscyii5bnii"; }; - patches = lib.optional stdenv.hostPlatform.isDarwin + patches = [ + (fetchpatch { + name = "CVE-2022-28506.patch"; + url = "https://src.fedoraproject.org/rpms/giflib/raw/2e9917bf13df114354163f0c0211eccc00943596/f/CVE-2022-28506.patch"; + sha256 = "sha256-TBemEXkuox8FdS9RvjnWcTWPaHRo4crcwSR9czrUwBY="; + }) + ] ++ lib.optional stdenv.hostPlatform.isDarwin (fetchpatch { # https://sourceforge.net/p/giflib/bugs/133/ name = "darwin-soname.patch"; |