summary refs log tree commit diff
diff options
context:
space:
mode:
authorDima <dgoldin+github@protonmail.ch>2019-10-22 17:35:20 +0200
committerDima <dgoldin+github@protonmail.ch>2019-10-22 17:41:21 +0200
commit9524bf3034433f41648011513f9b508fee35c02d (patch)
tree3104bda95f812b5f2f837454df9496e17cb7e3b4
parent2695914175575e9ad8ae9a602a9c9668ff6e24d5 (diff)
downloadnixpkgs-9524bf3034433f41648011513f9b508fee35c02d.tar
nixpkgs-9524bf3034433f41648011513f9b508fee35c02d.tar.gz
nixpkgs-9524bf3034433f41648011513f9b508fee35c02d.tar.bz2
nixpkgs-9524bf3034433f41648011513f9b508fee35c02d.tar.lz
nixpkgs-9524bf3034433f41648011513f9b508fee35c02d.tar.xz
nixpkgs-9524bf3034433f41648011513f9b508fee35c02d.tar.zst
nixpkgs-9524bf3034433f41648011513f9b508fee35c02d.zip
pango: 1.43.0, backport CVE-2019-1010238 fix
There was a previous fix for this in
https://github.com/NixOS/nixpkgs/pull/71571

But some things, most notably pygtk, still rely on deprecated pango
APIs that are not available past 1.43, this backports the CVE
fix to this version.
Diffstat
-rw-r--r--pkgs/development/libraries/pango/default.nix5
1 files changed, 5 insertions, 0 deletions
diff --git a/pkgs/development/libraries/pango/default.nix b/pkgs/development/libraries/pango/default.nix
index 0f84b382f4d..0aa1caf7e64 100644
--- a/pkgs/development/libraries/pango/default.nix
+++ b/pkgs/development/libraries/pango/default.nix
@@ -42,6 +42,11 @@ in stdenv.mkDerivation rec {
       url = "https://gitlab.gnome.org/GNOME/pango/commit/546f4c242d6f4fe312de3b7c918a848e5172e18d.patch";
       sha256 = "1cqhy4xbwx3ad7z5d1ks7smf038b9as8c6qy84rml44h0fgiq4m2";
     })
+    (fetchpatch {
+      # Fixes CVE-2019-1010238
+      url = "https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54.diff";
+      sha256 = "001g3anvwghdrn3yfgi8cp64j0n3l0zwgiphc1izqg7zr76s87fk";
+    })
   ];
 
   mesonFlags = [
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-23 10:48:21 +0000