diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2018-12-30 11:38:19 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2018-12-30 11:57:51 +0100 |
| commit | bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1 (patch) | |
| tree | 790db66441c318b33b9f877befce14f46bcd1962 /pkgs/development/libraries/exiv2/default.nix | |
| parent | a4e098519b33c1cdda41d55fc30d9a0a7782bf0d (diff) | |
| download | nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.tar nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.tar.gz nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.tar.bz2 nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.tar.lz nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.tar.xz nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.tar.zst nixpkgs-bf7d1b538d0325452a5ae7bd1a8abff1e5c784f1.zip | |
exiv2: 0.26.2018.06.09 -> 0.26.2018.12.30 (security)
The bump includes all the patches we had and adds some more, e.g. for CVE-2017-1000127. I don't think all CVEs get fixed by that, but 0.27 would currently break too many packages; /cc #50496.
Diffstat (limited to 'pkgs/development/libraries/exiv2/default.nix')
| -rw-r--r-- | pkgs/development/libraries/exiv2/default.nix | 28 |
1 files changed, 3 insertions, 25 deletions
diff --git a/pkgs/development/libraries/exiv2/default.nix b/pkgs/development/libraries/exiv2/default.nix index c26a2a20a81..ea782fc6986 100644 --- a/pkgs/development/libraries/exiv2/default.nix +++ b/pkgs/development/libraries/exiv2/default.nix @@ -2,38 +2,16 @@ , autoconf }: stdenv.mkDerivation rec { - name = "exiv2-0.26.2018.06.09"; + name = "exiv2-0.26.2018.12.30"; #url = "http://www.exiv2.org/builds/${name}-trunk.tar.gz"; src = fetchFromGitHub rec { owner = "exiv2"; repo = "exiv2"; - rev = "4aa57ad"; - sha256 = "1kblpxbi4wlb0l57xmr7g23zn9adjmfswhs6kcwmd7skwi2yivcd"; + rev = "f5d0b25"; # https://github.com/Exiv2/exiv2/commits/0.26 + sha256 = "1blaz3g8dlij881g14nv2nsgr984wy6ypbwgi2pixk978p0gm70i"; }; - patches = [ - (fetchurl rec { - name = "CVE-2017-9239.patch"; - url = let patchname = "0006-1296-Fix-submitted.patch"; - in "https://src.fedoraproject.org/lookaside/pkgs/exiv2/${patchname}" - + "/sha512/${sha512}/${patchname}"; - sha512 = "3f9242dbd4bfa9dcdf8c9820243b13dc14990373a800c4ebb6cf7eac5653cfef" - + "e6f2c47a94fbee4ed24f0d8c2842729d721f6100a2b215e0f663c89bfefe9e32"; - }) - # Two backports from master, submitted as https://github.com/Exiv2/exiv2/pull/398 - (fetchpatch { - name = "CVE-2018-12264.diff"; - url = "https://github.com/vcunat/exiv2/commit/fd18e853.diff"; - sha256 = "0y7ahh45lpaiazjnfllndfaa5pyixh6z4kcn2ywp7qy4ra7qpwdr"; - }) - (fetchpatch { - name = "CVE-2018-12265.diff"; - url = "https://github.com/vcunat/exiv2/commit/9ed1671bd4.diff"; - sha256 = "1cn446pfcgsh1bn9vxikkkcy1cqq7ghz2w291h1094ydqg6w7q6w"; - }) - ]; - postPatch = "patchShebangs ./src/svn_version.sh"; preConfigure = "make config"; # needed because not using tarball |