summary refs log tree commit diff
path: root/pkgs/applications/audio/flac
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/applications/audio/flac')
-rw-r--r--pkgs/applications/audio/flac/default.nix15
1 files changed, 12 insertions, 3 deletions
diff --git a/pkgs/applications/audio/flac/default.nix b/pkgs/applications/audio/flac/default.nix
index b4e4af9f516..0b1a2edc3ba 100644
--- a/pkgs/applications/audio/flac/default.nix
+++ b/pkgs/applications/audio/flac/default.nix
@@ -1,13 +1,22 @@
-{ lib, stdenv, fetchurl, libogg }:
+{ lib, stdenv, fetchurl, fetchpatch, libogg }:
 
 stdenv.mkDerivation rec {
-  name = "flac-1.3.3";
+  pname = "flac";
+  version = "1.3.3";
 
   src = fetchurl {
-    url = "http://downloads.xiph.org/releases/flac/${name}.tar.xz";
+    url = "http://downloads.xiph.org/releases/flac/${pname}-${version}.tar.xz";
     sha256 = "0j0p9sf56a2fm2hkjnf7x3py5ir49jyavg4q5zdyd7bcf6yq4gi1";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2020-0499.patch";
+      url = "https://github.com/xiph/flac/commit/2e7931c27eb15e387da440a37f12437e35b22dd4.patch";
+      sha256 = "160qzq9ms5addz7sx06pnyjjkqrffr54r4wd8735vy4x008z71ah";
+    })
+  ];
+
   buildInputs = [ libogg ];
 
   #doCheck = true; # takes lots of time
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-29 03:15:24 +0000