From 72faef96c6e9265589e66fbe9a15dd1c62ac1265 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Sun, 15 Jan 2023 12:31:10 +0100
Subject: libgda: apply patch for CVE-2021-39359

Upstream issue: https://gitlab.gnome.org/GNOME/libgda/-/issues/249
---
 pkgs/development/libraries/libgda/6.x.nix     | 6 ++++++
 pkgs/development/libraries/libgda/default.nix | 5 +++++
 2 files changed, 11 insertions(+)

diff --git a/pkgs/development/libraries/libgda/6.x.nix b/pkgs/development/libraries/libgda/6.x.nix
index c02c6116e64..1f551ec9b4b 100644
--- a/pkgs/development/libraries/libgda/6.x.nix
+++ b/pkgs/development/libraries/libgda/6.x.nix
@@ -50,6 +50,12 @@ stdenv.mkDerivation rec {
       url = "https://gitlab.gnome.org/GNOME/libgda/-/commit/57f618a3b2a3758ee3dcbf9bbdc566122dd8566d.patch";
       sha256 = "pyfymUd61m1kHaGyMbUQMma+szB8mlqGWwcFBBQawf8=";
     })
+
+    (fetchpatch {
+      name = "CVE-2021-39359.patch";
+      url = "https://gitlab.gnome.org/GNOME/libgda/-/commit/bebdffb4de586fb43fd07ac549121f4b22f6812d.patch";
+      sha256 = "sha256-UjHP1nhb5n6TOdaMdQeE2s828T4wv/0ycG3FAk+I1QA=";
+    })
   ];
 
   nativeBuildInputs = [
diff --git a/pkgs/development/libraries/libgda/default.nix b/pkgs/development/libraries/libgda/default.nix
index e29482a34d4..1ef0a397c8e 100644
--- a/pkgs/development/libraries/libgda/default.nix
+++ b/pkgs/development/libraries/libgda/default.nix
@@ -37,6 +37,11 @@ stdenv.mkDerivation rec {
       url = "https://gitlab.gnome.org/GNOME/libgda/-/commit/9859479884fad5f39e6c37e8995e57c28b11b1b9.diff";
       sha256 = "158sncc5bg9lkri1wb0i1ri1nhx4c34rzi47gbfkwphlp7qd4qqv";
     })
+    (fetchpatch {
+      name = "CVE-2021-39359.patch";
+      url = "https://src.fedoraproject.org/rpms/libgda5/raw/72bb769f12e861e27e883dac5fab34f1ba4bd97e/f/bebdffb4de586fb43fd07ac549121f4b22f6812d.patch";
+      sha256 = "sha256-hIKuY5NEqOzntdlLb541bA4xZU5ypTRmV1u765K6KbM=";
+    })
   ];
 
   nativeBuildInputs = [
-- 
cgit 1.4.1