summary refs log tree commit diff
path: root/pkgs/tools/graphics/exif/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/graphics/exif/default.nix')
-rw-r--r--pkgs/tools/graphics/exif/default.nix24
1 files changed, 23 insertions, 1 deletions
diff --git a/pkgs/tools/graphics/exif/default.nix b/pkgs/tools/graphics/exif/default.nix
index 130e2d96124..f07f3d05541 100644
--- a/pkgs/tools/graphics/exif/default.nix
+++ b/pkgs/tools/graphics/exif/default.nix
@@ -1,4 +1,13 @@
-{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, libexif, popt, libintl }:
+{ lib
+, stdenv
+, fetchFromGitHub
+, fetchpatch
+, autoreconfHook
+, pkg-config
+, libexif
+, popt
+, libintl
+}:
 
 stdenv.mkDerivation rec {
   pname = "exif";
@@ -11,6 +20,19 @@ stdenv.mkDerivation rec {
     sha256 = "1xlb1gdwxm3rmw7vlrynhvjp9dkwmvw23mxisdbdmma7ah2nda3i";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-27815.part-1.patch";
+      url = "https://github.com/libexif/exif/commit/f6334d9d32437ef13dc902f0a88a2be0063d9d1c.patch";
+      sha256 = "0mfx7l8w3w1c2mn5h5d6s7gdfyd91wnml8v0f19v5sdn70hx5aa4";
+    })
+    (fetchpatch {
+      name = "CVE-2021-27815.part-2.patch";
+      url = "https://github.com/libexif/exif/commit/eb84b0e3c5f2a86013b6fcfb800d187896a648fa.patch";
+      sha256 = "11lyvy20maisiyhxgxvm85v5l5ba7p0bpd4m0g4ryli32mrwwy0l";
+    })
+  ];
+
   nativeBuildInputs = [ autoreconfHook pkg-config ];
   buildInputs = [ libexif popt libintl ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-04-19 14:39:28 +0000