diff options
author | Andreas Rammhold <andreas@rammhold.de> | 2019-01-30 23:50:48 +0100 |
---|---|---|
committer | Andreas Rammhold <andreas@rammhold.de> | 2019-01-30 23:50:48 +0100 |
commit | 66601282cca987bb23a8eac95aac0c1e4d3c9e2f (patch) | |
tree | 04378af7dfedff04d5c3310c5f397b911aaa8ec3 /pkgs/development | |
parent | 4a200fbbf0a26c55e5ecb280cf173569bd813197 (diff) | |
download | nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.tar nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.tar.gz nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.tar.bz2 nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.tar.lz nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.tar.xz nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.tar.zst nixpkgs-66601282cca987bb23a8eac95aac0c1e4d3c9e2f.zip |
qt59.qtvirtualkeyboard: fix CVE-2018-19865
CVE-2018-19865 tracks the issue of qtvirtualkeyboard where it logs all user input. With this commit we are applying the recommended patches form the upstream project. More details can be obtained from the Qt annoucement [1]. [1] https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
Diffstat (limited to 'pkgs/development')
-rw-r--r-- | pkgs/development/libraries/qt-5/5.9/default.nix | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/pkgs/development/libraries/qt-5/5.9/default.nix b/pkgs/development/libraries/qt-5/5.9/default.nix index 4acc6a6393f..68c6745bcb5 100644 --- a/pkgs/development/libraries/qt-5/5.9/default.nix +++ b/pkgs/development/libraries/qt-5/5.9/default.nix @@ -17,7 +17,7 @@ top-level attribute to `top-level/all-packages.nix`. { newScope, - stdenv, fetchurl, makeSetupHook, + stdenv, fetchurl, fetchpatch, makeSetupHook, bison, cups ? null, harfbuzz, libGL, perl, gstreamer, gst-plugins-base, gtk3, dconf, cf-private, @@ -44,6 +44,25 @@ let qtserialport = [ ./qtserialport.patch ]; qttools = [ ./qttools.patch ]; qtwebkit = [ ./qtwebkit.patch ]; + qtvirtualkeyboard = [ + (fetchpatch { + name = "CVE-2018-19865-A.patch"; + url = "https://codereview.qt-project.org/gitweb?p=qt/qtvirtualkeyboard.git;a=patch;h=61780a113f02b3c62fb14516fe8ea47d91f9ed9a"; + sha256 = "0jd4nzaz9ndm9ryvrkav7kjs437l661288diklhbmgh249f8gki0"; + }) + (fetchpatch { + name = "CVE-2018-19865-B.patch"; + url = "https://codereview.qt-project.org/gitweb?p=qt/qtvirtualkeyboard.git;a=patch;h=c0ac7a4c684e2fed60a72ceee53da89eea3f95a7"; + sha256 = "0yvxrx5vx6845vgnq8ml3q93y61py5j0bvhqj7nqvpbmyj1wy1p3"; + + }) + (fetchpatch { + name = "CVE-2018-19865-C.patch"; + url = "https://codereview.qt-project.org/gitweb?p=qt/qtvirtualkeyboard.git;a=patch;h=a2e7b8412f56841e12ed20a39f4a38e32d3c1e30"; + sha256 = "1yijysa9gy5xbxndx5ri0dkfrjqja0d1bsx52qz4mhzi4pkbib02"; + }) + ]; + }; mkDerivation = |