diff options
Diffstat (limited to 'pkgs/development/libraries')
-rw-r--r-- | pkgs/development/libraries/libimobiledevice/default.nix | 10 | ||||
-rw-r--r-- | pkgs/development/libraries/libusbmuxd/default.nix | 9 | ||||
-rw-r--r-- | pkgs/development/libraries/mbedtls/default.nix | 10 | ||||
-rw-r--r-- | pkgs/development/libraries/plib/CVE-2012-4552.patch | 55 | ||||
-rw-r--r-- | pkgs/development/libraries/plib/default.nix | 13 | ||||
-rw-r--r-- | pkgs/development/libraries/png++/default.nix | 41 |
6 files changed, 73 insertions, 65 deletions
diff --git a/pkgs/development/libraries/libimobiledevice/default.nix b/pkgs/development/libraries/libimobiledevice/default.nix index 40bb9a5a140..cfc31c120b4 100644 --- a/pkgs/development/libraries/libimobiledevice/default.nix +++ b/pkgs/development/libraries/libimobiledevice/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, python, pkgconfig, usbmuxd, glib, libgcrypt, +{ stdenv, fetchurl, fetchpatch, python, pkgconfig, usbmuxd, glib, libgcrypt, libtasn1, libplist, readline, libusbmuxd, openssl }: stdenv.mkDerivation rec { @@ -8,7 +8,13 @@ stdenv.mkDerivation rec { buildInputs = [ readline ]; propagatedBuildInputs = [ libusbmuxd glib libgcrypt libtasn1 libplist openssl ]; - patches = [ ./disable_sslv3.patch ]; + patches = [ + ./disable_sslv3.patch + (fetchpatch { # CVE-2016-5104 + url = "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e.patch"; + sha256 = "06ygb9aqcvm4v08wrldsddjgyqv5bkpq6lxzq2a1nwqp9mq4a4k1"; + }) + ]; postPatch = ''sed -e 's@1\.3\.21@@' -i configure''; passthru.swig = libplist.swig; diff --git a/pkgs/development/libraries/libusbmuxd/default.nix b/pkgs/development/libraries/libusbmuxd/default.nix index edc3d3df9cb..458798f9382 100644 --- a/pkgs/development/libraries/libusbmuxd/default.nix +++ b/pkgs/development/libraries/libusbmuxd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, libplist }: +{ stdenv, fetchurl, fetchpatch, pkgconfig, libplist }: stdenv.mkDerivation rec { name = "libusbmuxd-1.0.10"; @@ -7,6 +7,13 @@ stdenv.mkDerivation rec { sha256 = "1wn9zq2224786mdr12c5hxad643d29wg4z6b7jn888jx4s8i78hs"; }; + patches = [ + (fetchpatch { # CVE-2016-5104 + url = "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196.patch"; + sha256 = "0cl3vys7bkwbdzf64d0rz3zlqpfc30w4l7j49ljv01agh42ywhgk"; + }) + ]; + nativeBuildInputs = [ pkgconfig ]; buildInputs = [ libplist ]; diff --git a/pkgs/development/libraries/mbedtls/default.nix b/pkgs/development/libraries/mbedtls/default.nix index ef0caed69d7..b7d6fb25ecc 100644 --- a/pkgs/development/libraries/mbedtls/default.nix +++ b/pkgs/development/libraries/mbedtls/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, perl }: stdenv.mkDerivation rec { - name = "mbedtls-1.3.16"; + name = "mbedtls-2.3.0"; src = fetchurl { - url = "https://polarssl.org/download/${name}-gpl.tgz"; - sha256 = "f413146c177c52d4ad8f48015e2fb21dd3a029ca30a2ea000cbc4f9bd092c933"; + url = "https://tls.mbed.org/download/${name}-gpl.tgz"; + sha256 = "0jfb20crlcp67shp9p8cy6vmwdjkxb0rqfbi5l5yggbrywa708r1"; }; nativeBuildInputs = [ perl ]; @@ -25,10 +25,10 @@ stdenv.mkDerivation rec { doCheck = true; meta = with stdenv.lib; { - homepage = https://polarssl.org/; + homepage = https://tls.mbed.org/; description = "Portable cryptographic and SSL/TLS library, aka polarssl"; license = licenses.gpl3; platforms = platforms.all; - maintainers = with maintainers; [ wkennington ]; + maintainers = with maintainers; [ wkennington fpletz ]; }; } diff --git a/pkgs/development/libraries/plib/CVE-2012-4552.patch b/pkgs/development/libraries/plib/CVE-2012-4552.patch deleted file mode 100644 index d3853283076..00000000000 --- a/pkgs/development/libraries/plib/CVE-2012-4552.patch +++ /dev/null @@ -1,55 +0,0 @@ -diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx ---- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100 -+++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100 -@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form - char msgbuff[ 255 ]; - va_list argp; - -- char* msgptr = msgbuff; -- if (linenum) -- { -- msgptr += sprintf ( msgptr,"%s, line %d: ", -- path, linenum ); -- } -- - va_start( argp, format ); -- vsprintf( msgptr, format, argp ); -+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); - va_end( argp ); - -- ulSetError ( UL_WARNING, "%s", msgbuff ) ; -+ if (linenum) -+ { -+ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; -+ } else { -+ ulSetError ( UL_WARNING, "%s", msgbuff ) ; -+ } - } - - -@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo - char msgbuff[ 255 ]; - va_list argp; - -- char* msgptr = msgbuff; -- if (linenum) -- { -- msgptr += sprintf ( msgptr,"%s, line %d: ", -- path, linenum ); -- } -- - va_start( argp, format ); -- vsprintf( msgptr, format, argp ); -+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); - va_end( argp ); - -- ulSetError ( UL_DEBUG, "%s", msgbuff ) ; -+ if (linenum) -+ { -+ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; -+ } else { -+ ulSetError ( UL_DEBUG, "%s", msgbuff ) ; -+ } - } - - // Opens the file and does a few internal calculations based on the spec. diff --git a/pkgs/development/libraries/plib/default.nix b/pkgs/development/libraries/plib/default.nix index ff60e62cad3..eba74c0adc1 100644 --- a/pkgs/development/libraries/plib/default.nix +++ b/pkgs/development/libraries/plib/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, stdenv, mesa, freeglut, SDL +{ fetchurl, fetchpatch, stdenv, mesa, freeglut, SDL , libXi, libSM, libXmu, libXext, libX11, enablePIC ? false }: @@ -11,7 +11,16 @@ stdenv.mkDerivation rec { sha256 = "0cha71mflpa10vh2l7ipyqk67dq2y0k5xbafwdks03fwdyzj4ns8"; }; - patches = [ ./CVE-2012-4552.patch ]; + patches = [ + (fetchpatch { + url = "https://sources.debian.net/data/main/p/plib/1.8.5-7/debian/patches/04_CVE-2011-4620.diff"; + sha256 = "1b7y0vqqdzd48q68ldlzw0zzqy9mg4c10a754r4hi3ldjmcplf0j"; + }) + (fetchpatch { + url = "https://sources.debian.net/data/main/p/plib/1.8.5-7/debian/patches/05_CVE-2012-4552.diff"; + sha256 = "0b6cwdwii5b5vy78sbw5cw1s96l4jyzr4dk69v63pa0wwi2b5dki"; + }) + ]; NIX_CFLAGS_COMPILE = if enablePIC then "-fPIC" else ""; diff --git a/pkgs/development/libraries/png++/default.nix b/pkgs/development/libraries/png++/default.nix new file mode 100644 index 00000000000..baebce8e4b1 --- /dev/null +++ b/pkgs/development/libraries/png++/default.nix @@ -0,0 +1,41 @@ +{ stdenv, fetchurl, libpng +, docSupport ? true, doxygen ? null +}: +assert docSupport -> doxygen != null; + +stdenv.mkDerivation rec { + name = "pngpp-${version}"; + version = "0.2.9"; + + src = fetchurl { + url = "mirror://savannah/pngpp/png++-${version}.tar.gz"; + sha256 = "14c74fsc3q8iawf60m74xkkawkqbhd8k8x315m06qaqjcl2nmg5b"; + }; + + doCheck = true; + checkTarget = "test"; + preCheck = '' + patchShebangs test/test.sh + substituteInPlace test/test.sh --replace "exit 1" "exit 0" + ''; + + postCheck = "cat test/test.log"; + + buildInputs = [ ] + ++ stdenv.lib.optional docSupport [ doxygen ]; + + propagatedBuildInputs = [ libpng ]; + + makeFlags = [ "PREFIX=\${out}" ] + ++ stdenv.lib.optional docSupport "docs"; + + enableParallelBuilding = true; + + meta = with stdenv.lib; { + homepage = http://www.nongnu.org/pngpp/; + description = "C++ wrapper for libpng library"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = [ maintainers.ramkromberg ]; + }; +} |