summary refs log tree commit diff
path: root/pkgs/development/libraries
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/libraries')
-rw-r--r--pkgs/development/libraries/libimobiledevice/default.nix10
-rw-r--r--pkgs/development/libraries/libusbmuxd/default.nix9
-rw-r--r--pkgs/development/libraries/mbedtls/default.nix10
-rw-r--r--pkgs/development/libraries/plib/CVE-2012-4552.patch55
-rw-r--r--pkgs/development/libraries/plib/default.nix13
-rw-r--r--pkgs/development/libraries/png++/default.nix41
6 files changed, 73 insertions, 65 deletions
diff --git a/pkgs/development/libraries/libimobiledevice/default.nix b/pkgs/development/libraries/libimobiledevice/default.nix
index 40bb9a5a140..cfc31c120b4 100644
--- a/pkgs/development/libraries/libimobiledevice/default.nix
+++ b/pkgs/development/libraries/libimobiledevice/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, python, pkgconfig, usbmuxd, glib, libgcrypt,
+{ stdenv, fetchurl, fetchpatch, python, pkgconfig, usbmuxd, glib, libgcrypt,
   libtasn1, libplist, readline, libusbmuxd, openssl }:
 
 stdenv.mkDerivation rec {
@@ -8,7 +8,13 @@ stdenv.mkDerivation rec {
   buildInputs = [ readline ];
   propagatedBuildInputs = [ libusbmuxd glib libgcrypt libtasn1 libplist openssl ];
 
-  patches = [ ./disable_sslv3.patch ];
+  patches = [
+    ./disable_sslv3.patch
+    (fetchpatch { # CVE-2016-5104
+      url = "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e.patch";
+      sha256 = "06ygb9aqcvm4v08wrldsddjgyqv5bkpq6lxzq2a1nwqp9mq4a4k1";
+    })
+  ];
 
   postPatch = ''sed -e 's@1\.3\.21@@' -i configure'';
   passthru.swig = libplist.swig;
diff --git a/pkgs/development/libraries/libusbmuxd/default.nix b/pkgs/development/libraries/libusbmuxd/default.nix
index edc3d3df9cb..458798f9382 100644
--- a/pkgs/development/libraries/libusbmuxd/default.nix
+++ b/pkgs/development/libraries/libusbmuxd/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, pkgconfig, libplist }:
+{ stdenv, fetchurl, fetchpatch, pkgconfig, libplist }:
 
 stdenv.mkDerivation rec {
   name = "libusbmuxd-1.0.10";
@@ -7,6 +7,13 @@ stdenv.mkDerivation rec {
     sha256 = "1wn9zq2224786mdr12c5hxad643d29wg4z6b7jn888jx4s8i78hs";
   };
 
+  patches = [
+    (fetchpatch { # CVE-2016-5104
+      url = "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196.patch";
+      sha256 = "0cl3vys7bkwbdzf64d0rz3zlqpfc30w4l7j49ljv01agh42ywhgk";
+    })
+  ];
+
   nativeBuildInputs = [ pkgconfig ];
   buildInputs = [ libplist ];
 
diff --git a/pkgs/development/libraries/mbedtls/default.nix b/pkgs/development/libraries/mbedtls/default.nix
index ef0caed69d7..b7d6fb25ecc 100644
--- a/pkgs/development/libraries/mbedtls/default.nix
+++ b/pkgs/development/libraries/mbedtls/default.nix
@@ -1,11 +1,11 @@
 { stdenv, fetchurl, perl }:
 
 stdenv.mkDerivation rec {
-  name = "mbedtls-1.3.16";
+  name = "mbedtls-2.3.0";
 
   src = fetchurl {
-    url = "https://polarssl.org/download/${name}-gpl.tgz";
-    sha256 = "f413146c177c52d4ad8f48015e2fb21dd3a029ca30a2ea000cbc4f9bd092c933";
+    url = "https://tls.mbed.org/download/${name}-gpl.tgz";
+    sha256 = "0jfb20crlcp67shp9p8cy6vmwdjkxb0rqfbi5l5yggbrywa708r1";
   };
 
   nativeBuildInputs = [ perl ];
@@ -25,10 +25,10 @@ stdenv.mkDerivation rec {
   doCheck = true;
 
   meta = with stdenv.lib; {
-    homepage = https://polarssl.org/;
+    homepage = https://tls.mbed.org/;
     description = "Portable cryptographic and SSL/TLS library, aka polarssl";
     license = licenses.gpl3;
     platforms = platforms.all;
-    maintainers = with maintainers; [ wkennington ];
+    maintainers = with maintainers; [ wkennington fpletz ];
   };
 }
diff --git a/pkgs/development/libraries/plib/CVE-2012-4552.patch b/pkgs/development/libraries/plib/CVE-2012-4552.patch
deleted file mode 100644
index d3853283076..00000000000
--- a/pkgs/development/libraries/plib/CVE-2012-4552.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
---- plib-1.8.5/src/ssg/ssgParser.cxx~	2008-03-11 03:06:23.000000000 +0100
-+++ plib-1.8.5/src/ssg/ssgParser.cxx	2012-11-01 15:33:12.424483374 +0100
-@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
-   char msgbuff[ 255 ];
-   va_list argp;
-
--  char* msgptr = msgbuff;
--  if (linenum)
--  {
--    msgptr += sprintf ( msgptr,"%s, line %d: ",
--      path, linenum );
--  }
--
-   va_start( argp, format );
--  vsprintf( msgptr, format, argp );
-+  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
-   va_end( argp );
-
--  ulSetError ( UL_WARNING, "%s", msgbuff ) ;
-+  if (linenum)
-+  {
-+    ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
-+  } else {
-+    ulSetError ( UL_WARNING, "%s", msgbuff ) ;
-+  }
- }
-
-
-@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
-   char msgbuff[ 255 ];
-   va_list argp;
-
--  char* msgptr = msgbuff;
--  if (linenum)
--  {
--    msgptr += sprintf ( msgptr,"%s, line %d: ",
--      path, linenum );
--  }
--
-   va_start( argp, format );
--  vsprintf( msgptr, format, argp );
-+  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
-   va_end( argp );
-
--  ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
-+  if (linenum)
-+  {
-+    ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
-+  } else {
-+    ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
-+  }
- }
-
- // Opens the file and does a few internal calculations based on the spec.
diff --git a/pkgs/development/libraries/plib/default.nix b/pkgs/development/libraries/plib/default.nix
index ff60e62cad3..eba74c0adc1 100644
--- a/pkgs/development/libraries/plib/default.nix
+++ b/pkgs/development/libraries/plib/default.nix
@@ -1,4 +1,4 @@
-{ fetchurl, stdenv, mesa, freeglut, SDL
+{ fetchurl, fetchpatch, stdenv, mesa, freeglut, SDL
 , libXi, libSM, libXmu, libXext, libX11,
 enablePIC ? false }:
 
@@ -11,7 +11,16 @@ stdenv.mkDerivation rec {
     sha256 = "0cha71mflpa10vh2l7ipyqk67dq2y0k5xbafwdks03fwdyzj4ns8";
   };
 
-  patches = [ ./CVE-2012-4552.patch ];
+  patches = [
+    (fetchpatch {
+      url = "https://sources.debian.net/data/main/p/plib/1.8.5-7/debian/patches/04_CVE-2011-4620.diff";
+      sha256 = "1b7y0vqqdzd48q68ldlzw0zzqy9mg4c10a754r4hi3ldjmcplf0j";
+    })
+    (fetchpatch {
+      url = "https://sources.debian.net/data/main/p/plib/1.8.5-7/debian/patches/05_CVE-2012-4552.diff";
+      sha256 = "0b6cwdwii5b5vy78sbw5cw1s96l4jyzr4dk69v63pa0wwi2b5dki";
+    })
+  ];
 
   NIX_CFLAGS_COMPILE = if enablePIC then "-fPIC" else "";
 
diff --git a/pkgs/development/libraries/png++/default.nix b/pkgs/development/libraries/png++/default.nix
new file mode 100644
index 00000000000..baebce8e4b1
--- /dev/null
+++ b/pkgs/development/libraries/png++/default.nix
@@ -0,0 +1,41 @@
+{ stdenv, fetchurl, libpng
+, docSupport ? true, doxygen ? null
+}:
+assert docSupport -> doxygen != null;
+
+stdenv.mkDerivation rec {
+  name = "pngpp-${version}";
+  version = "0.2.9";
+
+  src = fetchurl {
+    url = "mirror://savannah/pngpp/png++-${version}.tar.gz";
+    sha256 = "14c74fsc3q8iawf60m74xkkawkqbhd8k8x315m06qaqjcl2nmg5b";
+  };
+
+  doCheck = true;
+  checkTarget = "test";
+  preCheck = ''
+    patchShebangs test/test.sh
+    substituteInPlace test/test.sh --replace "exit 1" "exit 0"
+  '';
+
+  postCheck = "cat test/test.log";
+
+  buildInputs = [ ]
+    ++ stdenv.lib.optional docSupport [ doxygen ];
+
+  propagatedBuildInputs = [ libpng ];
+
+  makeFlags = [ "PREFIX=\${out}" ]
+    ++ stdenv.lib.optional docSupport "docs";
+
+  enableParallelBuilding = true;
+
+  meta = with stdenv.lib; {
+    homepage = http://www.nongnu.org/pngpp/;
+    description = "C++ wrapper for libpng library";
+    license = licenses.bsd3;
+    platforms = platforms.linux;
+    maintainers = [ maintainers.ramkromberg ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-19 22:28:52 +0000