diff options
| author | David Anderson <dave@natulte.net> | 2020-03-14 00:34:13 -0700 |
|---|---|---|
| committer | David Anderson <dave@natulte.net> | 2020-03-17 01:11:24 -0700 |
| commit | b5f90159aff36d07099e8311f265f46b1d2adf7a (patch) | |
| tree | faf3020342bc4c28823b4c0f002d7ac20e1282d6 /pkgs/development/libraries/libvorbis | |
| parent | 4a8a014be4b476c38c8a6bf6952b5b410e27f63b (diff) | |
| download | nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.tar nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.tar.gz nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.tar.bz2 nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.tar.lz nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.tar.xz nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.tar.zst nixpkgs-b5f90159aff36d07099e8311f265f46b1d2adf7a.zip | |
libvorbis: document that patch for CVE-2017-14160 also fixes CVE-2018-10393.
Fixes #57159. Signed-off-by: David Anderson <dave@natulte.net>
Diffstat (limited to 'pkgs/development/libraries/libvorbis')
| -rw-r--r-- | pkgs/development/libraries/libvorbis/default.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libvorbis/default.nix b/pkgs/development/libraries/libvorbis/default.nix index 263fa0a5216..40d21b58b55 100644 --- a/pkgs/development/libraries/libvorbis/default.nix +++ b/pkgs/development/libraries/libvorbis/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { (fetchpatch { url = "https://gitlab.xiph.org/xiph/vorbis/uploads/a68cf70fa10c8081a633f77b5c6576b7/0001-CVE-2017-14160-make-sure-we-don-t-overflow.patch"; sha256 = "0v21p59cb3z77ch1v6q5dcrd733h91f3m8ifnd7kkkr8gzn17d5x"; - name = "CVE-2017-14160"; + name = "CVE-2017-14160+CVE-2018-10393.patch"; }) (fetchpatch { url = "https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaa.diff"; |