diff options
author | Marek Mahut <marek.mahut@gmail.com> | 2019-08-23 20:36:31 +0200 |
---|---|---|
committer | Marek Mahut <marek.mahut@gmail.com> | 2019-08-23 20:36:31 +0200 |
commit | 589405a563e2e48a6dd3bc9088b65246e17ec582 (patch) | |
tree | 5d955fff3b062bf3e7d2adf0143f78ffe6897049 /pkgs/development/libraries/opencv | |
parent | a8d3aebdce8a2ffb0134fac33e2e9da18aebeb06 (diff) | |
download | nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.tar nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.tar.gz nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.tar.bz2 nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.tar.lz nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.tar.xz nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.tar.zst nixpkgs-589405a563e2e48a6dd3bc9088b65246e17ec582.zip |
opencv: CVE-2019-14493
Diffstat (limited to 'pkgs/development/libraries/opencv')
-rw-r--r-- | pkgs/development/libraries/opencv/4.x.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/development/libraries/opencv/4.x.nix b/pkgs/development/libraries/opencv/4.x.nix index 85bb2f1effd..3fdc392e92b 100644 --- a/pkgs/development/libraries/opencv/4.x.nix +++ b/pkgs/development/libraries/opencv/4.x.nix @@ -1,5 +1,5 @@ { lib, stdenv -, fetchurl, fetchFromGitHub +, fetchurl, fetchFromGitHub, fetchpatch , cmake, pkgconfig, unzip, zlib, pcre, hdf5 , glog, boost, gflags, protobuf , config @@ -160,6 +160,14 @@ stdenv.mkDerivation rec { cp --no-preserve=mode -r "${contribSrc}/modules" "$NIX_BUILD_TOP/source/opencv_contrib" ''; + patches = [ + (fetchpatch { + url = "https://github.com/opencv/opencv/commit/5691d998ead1d9b0542bcfced36c2dceb3a59023.patch"; + name = "CVE-2019-14493.patch"; + sha256 = "14qva9f5z10apz5q0skdyiclr9sgkhab4fzksy1w3b6j6hg4wm7m"; + }) + ]; + # This prevents cmake from using libraries in impure paths (which # causes build failure on non NixOS) # Also, work around https://github.com/NixOS/nixpkgs/issues/26304 with |