summary refs log tree commit diff
path: root/pkgs/tools/graphics
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/graphics')
-rw-r--r--pkgs/tools/graphics/lsix/default.nix4
-rw-r--r--pkgs/tools/graphics/netpbm/default.nix4
-rw-r--r--pkgs/tools/graphics/spirv-cross/default.nix6
-rw-r--r--pkgs/tools/graphics/ueberzugpp/default.nix4
-rw-r--r--pkgs/tools/graphics/vulkan-extension-layer/default.nix10
-rw-r--r--pkgs/tools/graphics/vulkan-tools-lunarg/default.nix39
-rw-r--r--pkgs/tools/graphics/vulkan-tools-lunarg/gtest.patch34
-rw-r--r--pkgs/tools/graphics/vulkan-tools/default.nix40
-rw-r--r--pkgs/tools/graphics/vulkan-tools/use-nix-moltenvk.patch123
-rw-r--r--pkgs/tools/graphics/xcolor/default.nix2
-rw-r--r--pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch17
-rw-r--r--pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch26
-rw-r--r--pkgs/tools/graphics/zbar/default.nix6
13 files changed, 89 insertions, 226 deletions
diff --git a/pkgs/tools/graphics/lsix/default.nix b/pkgs/tools/graphics/lsix/default.nix
index a9f8aa21bf1..dcf078654b8 100644
--- a/pkgs/tools/graphics/lsix/default.nix
+++ b/pkgs/tools/graphics/lsix/default.nix
@@ -2,13 +2,13 @@
 
 stdenvNoCC.mkDerivation rec {
   pname = "lsix";
-  version = "1.8";
+  version = "1.8.2";
 
   src = fetchFromGitHub {
     owner = "hackerb9";
     repo = pname;
     rev = version;
-    sha256 = "sha256-Qx6/PFm1XBmEI6iI+Ref9jNe6sXIhsVL4VQ1CX+caZE=";
+    sha256 = "sha256-xlOlAfZonSo/RERt5WxPqMvppVrY5/Yhh7SgCCsYDQE=";
   };
 
   nativeBuildInputs = [ makeWrapper ];
diff --git a/pkgs/tools/graphics/netpbm/default.nix b/pkgs/tools/graphics/netpbm/default.nix
index dd446fb26c7..105169c5e03 100644
--- a/pkgs/tools/graphics/netpbm/default.nix
+++ b/pkgs/tools/graphics/netpbm/default.nix
@@ -95,6 +95,10 @@ stdenv.mkDerivation {
     runHook postConfigure
   '';
 
+  env = lib.optionalAttrs stdenv.cc.isClang {
+    NIX_CFLAGS_COMPILE = "-Wno-implicit-function-declaration";
+  };
+
   installPhase = ''
     runHook preInstall
 
diff --git a/pkgs/tools/graphics/spirv-cross/default.nix b/pkgs/tools/graphics/spirv-cross/default.nix
index 1bf20910cf5..642a49c39b8 100644
--- a/pkgs/tools/graphics/spirv-cross/default.nix
+++ b/pkgs/tools/graphics/spirv-cross/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation (finalAttrs: {
   pname = "spirv-cross";
-  version = "1.3.261.0";
+  version = "1.3.268.0";
 
   src = fetchFromGitHub {
     owner = "KhronosGroup";
     repo = "SPIRV-Cross";
-    rev = "sdk-${finalAttrs.version}";
-    hash = "sha256-abVqLovvcKBJhGhSCbyD5mc1DSfvh4TWssGxi52ukQ8=";
+    rev = "vulkan-sdk-${finalAttrs.version}";
+    hash = "sha256-UIk5hihUPjXNzEeO2laS4dUef/rEExxXAZjMcftx+3A=";
   };
 
   nativeBuildInputs = [ cmake python3 ];
diff --git a/pkgs/tools/graphics/ueberzugpp/default.nix b/pkgs/tools/graphics/ueberzugpp/default.nix
index 60e7e7221a1..81598312645 100644
--- a/pkgs/tools/graphics/ueberzugpp/default.nix
+++ b/pkgs/tools/graphics/ueberzugpp/default.nix
@@ -24,8 +24,6 @@
 , wayland-protocols
 , enableX11 ? stdenv.isLinux
 , xorg
-, withoutStdRanges ? stdenv.isDarwin
-, range-v3
 }:
 
 stdenv.mkDerivation rec {
@@ -69,8 +67,6 @@ stdenv.mkDerivation rec {
   ] ++ lib.optionals enableX11 [
     xorg.libX11
     xorg.xcbutilimage
-  ] ++ lib.optionals withoutStdRanges [
-    range-v3
   ];
 
   cmakeFlags = lib.optionals (!enableOpencv) [
diff --git a/pkgs/tools/graphics/vulkan-extension-layer/default.nix b/pkgs/tools/graphics/vulkan-extension-layer/default.nix
index 96edbcad83f..dae55225a0b 100644
--- a/pkgs/tools/graphics/vulkan-extension-layer/default.nix
+++ b/pkgs/tools/graphics/vulkan-extension-layer/default.nix
@@ -1,19 +1,19 @@
-{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, writeText, vulkan-headers, jq, libX11, libXrandr, libxcb, wayland }:
+{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, writeText, vulkan-headers, vulkan-utility-libraries,  jq, libX11, libXrandr, libxcb, wayland }:
 
 stdenv.mkDerivation rec {
   pname = "vulkan-extension-layer";
-  version = "1.3.261";
+  version = "1.3.268.0";
 
   src = fetchFromGitHub {
     owner = "KhronosGroup";
     repo = "Vulkan-ExtensionLayer";
-    rev = "v${version}";
-    hash = "sha256-MeW7mmbjgqEvXEnAYzTNu4omC4fqq1fplIVjDpV2LcA=";
+    rev = "vulkan-sdk-${version}";
+    hash = "sha256-rSKPTeTDOz6IeJGRt9aIu1VH8VfVzXNYZfjdiSXEJxg=";
   };
 
   nativeBuildInputs = [ cmake pkg-config jq ];
 
-  buildInputs = [ vulkan-headers libX11 libXrandr libxcb wayland ];
+  buildInputs = [ vulkan-headers vulkan-utility-libraries libX11 libXrandr libxcb wayland ];
 
   # Help vulkan-loader find the validation layers
   setupHook = writeText "setup-hook" ''
diff --git a/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix b/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix
index 072876e46de..ab593a9bc4d 100644
--- a/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix
+++ b/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix
@@ -16,23 +16,22 @@
 , which
 , xcbutilkeysyms
 , xcbutilwm
+, valijson
 , vulkan-headers
 , vulkan-loader
-, symlinkJoin
-, vulkan-validation-layers
+, vulkan-utility-libraries
 , writeText
 }:
 
 stdenv.mkDerivation rec {
   pname = "vulkan-tools-lunarg";
-  version = "1.3.261";
+  version = "1.3.268.0";
 
   src = fetchFromGitHub {
    owner = "LunarG";
    repo = "VulkanTools";
-   rev = "v${version}";
-   hash = "sha256-Kem3nWVaMeDEsidKYMsWr9Bu0yBgjjennDB0sKBDogA=";
-   fetchSubmodules = true;
+   rev = "vulkan-sdk-${version}";
+   hash = "sha256-2ZUD+RBsl35QV3250JOPCIoJb4sJcBsiRE4SZaS6ROs=";
  };
 
   nativeBuildInputs = [ cmake python3 jq which pkg-config ];
@@ -45,6 +44,10 @@ stdenv.mkDerivation rec {
     libXrandr
     libffi
     libxcb
+    valijson
+    vulkan-headers
+    vulkan-loader
+    vulkan-utility-libraries
     wayland
     xcbutilkeysyms
     xcbutilwm
@@ -52,27 +55,10 @@ stdenv.mkDerivation rec {
 
   cmakeFlags = [
     "-DVULKAN_HEADERS_INSTALL_DIR=${vulkan-headers}"
-    "-DVULKAN_LOADER_INSTALL_DIR=${vulkan-loader}"
-    "-DVULKAN_VALIDATIONLAYERS_INSTALL_DIR=${
-      symlinkJoin {
-        name = "vulkan-validation-layers-merged";
-        paths = [ vulkan-validation-layers.headers vulkan-validation-layers ];
-      }
-    }"
-    # Hide dev warnings that are useless for packaging
-    "-Wno-dev"
   ];
 
   preConfigure = ''
-    # We need to run this update script which generates some source files,
-    # Remove the line in it which calls 'git submodule update' though.
-    # Also patch the scripts in ./scripts
-    update=update_external_sources.sh
-    patchShebangs $update
     patchShebangs scripts/*
-    sed -i '/^git /d' $update
-    ./$update
-
     substituteInPlace via/CMakeLists.txt --replace "jsoncpp_static" "jsoncpp"
   '';
 
@@ -85,13 +71,6 @@ stdenv.mkDerivation rec {
     done
   '';
 
-  patches = [
-    ./gtest.patch
-  ];
-
-  # Same as vulkan-validation-layers
-  dontPatchELF = true;
-
   # Help vulkan-loader find the validation layers
   setupHook = writeText "setup-hook" ''
     export XDG_CONFIG_DIRS=@out@/etc''${XDG_CONFIG_DIRS:+:''${XDG_CONFIG_DIRS}}
diff --git a/pkgs/tools/graphics/vulkan-tools-lunarg/gtest.patch b/pkgs/tools/graphics/vulkan-tools-lunarg/gtest.patch
deleted file mode 100644
index cf062a8591f..00000000000
--- a/pkgs/tools/graphics/vulkan-tools-lunarg/gtest.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-diff --git a/external/googletest/googlemock/CMakeLists.txt b/external/googletest/googlemock/CMakeLists.txt
-index e7df8ec53d..869bfcb716 100644
---- a/external/googletest/googlemock/CMakeLists.txt
-+++ b/external/googletest/googlemock/CMakeLists.txt
-@@ -111,10 +111,10 @@ endif()
- if (DEFINED CMAKE_VERSION AND NOT "${CMAKE_VERSION}" VERSION_LESS "2.8.11")
-   target_include_directories(gmock SYSTEM INTERFACE
-     "$<BUILD_INTERFACE:${gmock_build_include_dirs}>"
--    "$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>")
-+    "$<INSTALL_INTERFACE:${CMAKE_INSTALL_FULL_INCLUDEDIR}>")
-   target_include_directories(gmock_main SYSTEM INTERFACE
-     "$<BUILD_INTERFACE:${gmock_build_include_dirs}>"
--    "$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>")
-+    "$<INSTALL_INTERFACE:${CMAKE_INSTALL_FULL_INCLUDEDIR}>")
- endif()
- 
- ########################################################################
-diff --git a/external/googletest/googletest/CMakeLists.txt b/external/googletest/googletest/CMakeLists.txt
-index abdd98b79a..7ae174d566 100644
---- a/external/googletest/googletest/CMakeLists.txt
-+++ b/external/googletest/googletest/CMakeLists.txt
-@@ -138,10 +138,10 @@ set_target_properties(gtest_main PROPERTIES VERSION ${GOOGLETEST_VERSION})
- if (DEFINED CMAKE_VERSION AND NOT "${CMAKE_VERSION}" VERSION_LESS "2.8.11")
-   target_include_directories(gtest SYSTEM INTERFACE
-     "$<BUILD_INTERFACE:${gtest_build_include_dirs}>"
--    "$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>")
-+    "$<INSTALL_INTERFACE:${CMAKE_INSTALL_FULL_INCLUDEDIR}>")
-   target_include_directories(gtest_main SYSTEM INTERFACE
-     "$<BUILD_INTERFACE:${gtest_build_include_dirs}>"
--    "$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>")
-+    "$<INSTALL_INTERFACE:${CMAKE_INSTALL_FULL_INCLUDEDIR}>")
- endif()
- target_link_libraries(gtest_main PUBLIC gtest)
-
diff --git a/pkgs/tools/graphics/vulkan-tools/default.nix b/pkgs/tools/graphics/vulkan-tools/default.nix
index 9327bd9c9d6..e148f51d868 100644
--- a/pkgs/tools/graphics/vulkan-tools/default.nix
+++ b/pkgs/tools/graphics/vulkan-tools/default.nix
@@ -22,13 +22,13 @@
 
 stdenv.mkDerivation rec {
   pname = "vulkan-tools";
-  version = "1.3.261";
+  version = "1.3.268.0";
 
   src = fetchFromGitHub {
     owner = "KhronosGroup";
     repo = "Vulkan-Tools";
-    rev = "v${version}";
-    hash = "sha256-C5FVkI9F/dgIS8qp7VaOn9J2zoNLb1PnmgAemsVO6zM=";
+    rev = "vulkan-sdk-${version}";
+    hash = "sha256-IsMxiAR4ak6kC3BNYhtI+JVNkEka4ZceSElxk39THXg=";
   };
 
   nativeBuildInputs = [
@@ -57,27 +57,19 @@ stdenv.mkDerivation rec {
     Cocoa
   ];
 
-  libraryPath = lib.strings.makeLibraryPath [ vulkan-loader ];
-
-  patches = [
-    # Vulkan-Tools expects to find the MoltenVK ICD and `libMoltenVK.dylib` in its source repo.
-    # Patch it to use the already-built binaries and ICD in nixpkgs.
-    ./use-nix-moltenvk.patch
-  ];
-
-  # vkcube.app and vkcubepp.app require `ibtool`, but the version in `xib2nib` is not capable of
-  # building these apps. Build them using `ibtool` from Xcode, but don’t allow any other binaries
-  # into the sandbox. Note that the CLT are not supported because `ibtool` requires Xcode.
-  sandboxProfile = lib.optionalString stdenv.isDarwin ''
-    (allow process-exec
-      (literal "/usr/bin/ibtool")
-      (regex "/Xcode.app/Contents/Developer/usr/bin/ibtool")
-      (regex "/Xcode.app/Contents/Developer/usr/bin/xcodebuild"))
-    (allow file-read*)
-    (deny file-read* (subpath "/usr/local") (with no-log))
-    (allow file-write* (subpath "/private/var/folders"))
+  postPatch = lib.optionalString stdenv.isDarwin ''
+    # Modify mac_common.cmake to find the ICD where nixpkgs puts it.
+    substituteInPlace mac_common.cmake \
+      --replace MoltenVK/icd/MoltenVK_icd.json MoltenVK_icd.json
+    # Remove the unconditional check for `ibtool` since the cube demo that needs it won’t be built.
+    sed -e '/#.*Interface Builder/,/^endif()/d' -i mac_common.cmake
+    # Install `vulkaninfo` to $out/bin even on Darwin.
+    substituteInPlace vulkaninfo/CMakeLists.txt \
+      --replace 'install(TARGETS vulkaninfo RUNTIME DESTINATION "vulkaninfo")' 'install(TARGETS vulkaninfo)'
   '';
 
+  libraryPath = lib.strings.makeLibraryPath [ vulkan-loader ];
+
   dontPatchELF = true;
 
   cmakeFlags = [
@@ -91,7 +83,8 @@ stdenv.mkDerivation rec {
     "-Wno-dev"
   ] ++ lib.optionals stdenv.isDarwin [
     "-DMOLTENVK_REPO_ROOT=${moltenvk}/share/vulkan/icd.d"
-    "-DIBTOOL=/usr/bin/ibtool"
+    # Don’t build the cube demo because it requires `ibtool`, which is not available in nixpkgs.
+    "-DBUILD_CUBE=OFF"
   ];
 
   meta = with lib; {
@@ -102,7 +95,6 @@ stdenv.mkDerivation rec {
       use of the Vulkan API.
     '';
     homepage    = "https://github.com/KhronosGroup/Vulkan-Tools";
-    hydraPlatforms = [ "x86_64-linux" "i686-linux" ];
     platforms   = platforms.unix;
     license     = licenses.asl20;
     maintainers = [ maintainers.ralith ];
diff --git a/pkgs/tools/graphics/vulkan-tools/use-nix-moltenvk.patch b/pkgs/tools/graphics/vulkan-tools/use-nix-moltenvk.patch
deleted file mode 100644
index 5d09bff9c95..00000000000
--- a/pkgs/tools/graphics/vulkan-tools/use-nix-moltenvk.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-diff --git a/cube/CMakeLists.txt b/cube/CMakeLists.txt
-index a2f026e7..327f5dba 100644
---- a/cube/CMakeLists.txt
-+++ b/cube/CMakeLists.txt
-@@ -257,14 +257,7 @@ else()
- endif()
- 
- if(APPLE)
--    # Keep RPATH so fixup_bundle can use it to find libraries
--    set_target_properties(vkcube PROPERTIES INSTALL_RPATH_USE_LINK_PATH TRUE)
--    install(TARGETS vkcube BUNDLE DESTINATION "cube")
--    # Fix up the library references to be self-contained within the bundle.
--    install(CODE "
--        include(BundleUtilities)
--        fixup_bundle(\${CMAKE_INSTALL_PREFIX}/cube/vkcube.app \"\" \"${Vulkan_LIBRARY_DIR}\")
--        ")
-+    install(TARGETS vkcube BUNDLE DESTINATION "Applications")
- else()
-     install(TARGETS vkcube RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
- endif()
-@@ -302,14 +295,7 @@ else()
- endif()
- 
- if(APPLE)
--    # Keep RPATH so fixup_bundle can use it to find libraries
--    set_target_properties(vkcubepp PROPERTIES INSTALL_RPATH_USE_LINK_PATH TRUE)
--    install(TARGETS vkcubepp BUNDLE DESTINATION "cube")
--    # Fix up the library references to be self-contained within the bundle.
--    install(CODE "
--        include(BundleUtilities)
--        fixup_bundle(\${CMAKE_INSTALL_PREFIX}/cube/vkcubepp.app \"\" \"${Vulkan_LIBRARY_DIR}\")
--        ")
-+    install(TARGETS vkcubepp BUNDLE DESTINATION "Applications")
- else()
-     install(TARGETS vkcubepp RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
- endif()
-diff --git a/cube/macOS/cube/cube.cmake b/cube/macOS/cube/cube.cmake
-index 9b823f95..0c43a2c9 100644
---- a/cube/macOS/cube/cube.cmake
-+++ b/cube/macOS/cube/cube.cmake
-@@ -72,12 +72,14 @@ set_source_files_properties("${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json"
- # Copy the MoltenVK lib into the bundle.
- if(${CMAKE_GENERATOR} MATCHES "^Xcode.*")
-     add_custom_command(TARGET vkcube POST_BUILD
--                       COMMAND ${CMAKE_COMMAND} -E copy "${MOLTENVK_DIR}/MoltenVK/dylib/macOS/libMoltenVK.dylib"
-+                       COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG>/vkcube.app/Contents/Frameworks
-+                       COMMAND ${CMAKE_COMMAND} -E create_symlink "${MOLTENVK_DIR}/lib/libMoltenVK.dylib"
-                                ${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG>/vkcube.app/Contents/Frameworks/libMoltenVK.dylib
-                        DEPENDS vulkan)
- else()
-     add_custom_command(TARGET vkcube POST_BUILD
--                       COMMAND ${CMAKE_COMMAND} -E copy "${MOLTENVK_DIR}/MoltenVK/dylib/macOS/libMoltenVK.dylib"
-+                       COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/vkcube.app/Contents/Frameworks
-+                       COMMAND ${CMAKE_COMMAND} -E create_symlink "${MOLTENVK_DIR}/lib/libMoltenVK.dylib"
-                                ${CMAKE_CURRENT_BINARY_DIR}/vkcube.app/Contents/Frameworks/libMoltenVK.dylib
-                        DEPENDS vulkan)
- endif()
-diff --git a/cube/macOS/cubepp/cubepp.cmake b/cube/macOS/cubepp/cubepp.cmake
-index eae4de3c..e528ae26 100644
---- a/cube/macOS/cubepp/cubepp.cmake
-+++ b/cube/macOS/cubepp/cubepp.cmake
-@@ -74,12 +74,14 @@ set_source_files_properties("${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json"
- # Copy the MoltenVK lib into the bundle.
- if(${CMAKE_GENERATOR} MATCHES "^Xcode.*")
-     add_custom_command(TARGET vkcubepp POST_BUILD
--                       COMMAND ${CMAKE_COMMAND} -E copy "${MOLTENVK_DIR}/MoltenVK/dylib/macOS/libMoltenVK.dylib"
-+                       COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG>/vkcubepp.app/Contents/Frameworks
-+                       COMMAND ${CMAKE_COMMAND} -E create_symlink "${MOLTENVK_DIR}/lib/libMoltenVK.dylib"
-                                ${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG>/vkcubepp.app/Contents/Frameworks/libMoltenVK.dylib
-                        DEPENDS vulkan)
- else()
-     add_custom_command(TARGET vkcubepp POST_BUILD
--                       COMMAND ${CMAKE_COMMAND} -E copy "${MOLTENVK_DIR}/MoltenVK/dylib/macOS/libMoltenVK.dylib"
-+                       COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/vkcubepp.app/Contents/Frameworks
-+                       COMMAND ${CMAKE_COMMAND} -E create_symlink "${MOLTENVK_DIR}/lib/libMoltenVK.dylib"
-                                ${CMAKE_CURRENT_BINARY_DIR}/vkcubepp.app/Contents/Frameworks/libMoltenVK.dylib
-                        DEPENDS vulkan)
- endif()
-diff --git a/mac_common.cmake b/mac_common.cmake
-index bad3c414..b498906d 100644
---- a/mac_common.cmake
-+++ b/mac_common.cmake
-@@ -23,9 +23,8 @@ set(MOLTENVK_DIR ${MOLTENVK_REPO_ROOT})
- # MoltenVK JSON File
- 
- execute_process(COMMAND mkdir -p ${CMAKE_BINARY_DIR}/staging-json)
--execute_process(COMMAND sed -e "/\"library_path\":/s$:[[:space:]]*\"[[:space:]]*[\\.\\/]*$: \"..\\/..\\/..\\/Frameworks\\/$"
--                        ${MOLTENVK_DIR}/MoltenVK/icd/MoltenVK_icd.json
--                OUTPUT_FILE ${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json)
-+execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink ${MOLTENVK_DIR}/MoltenVK_icd.json
-+                        ${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json)
- 
- # ~~~
- # Modify the ICD JSON file to adjust the library path.
-@@ -36,10 +35,9 @@ execute_process(COMMAND sed -e "/\"library_path\":/s$:[[:space:]]*\"[[:space:]]*
- # ~~~
- add_custom_target(MoltenVK_icd-staging-json ALL
-                   COMMAND mkdir -p ${CMAKE_BINARY_DIR}/staging-json
--                  COMMAND sed -e "/\"library_path\":/s$:[[:space:]]*\"[[:space:]]*[\\.\\/]*$: \"..\\/..\\/..\\/Frameworks\\/$"
--                          ${MOLTENVK_DIR}/MoltenVK/icd/MoltenVK_icd.json > ${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json
--                  VERBATIM
--                  DEPENDS "${MOLTENVK_DIR}/MoltenVK/icd/MoltenVK_icd.json")
-+                  COMMAND ${CMAKE_COMMAND} -E create_symlink ${MOLTENVK_DIR}/MoltenVK_icd.json
-+                          ${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json
-+                  DEPENDS "${MOLTENVK_DIR}/MoltenVK_icd.json")
- set_source_files_properties(${CMAKE_BINARY_DIR}/staging-json/MoltenVK_icd.json PROPERTIES GENERATED TRUE)
- 
- find_library(COCOA NAMES Cocoa)
-diff --git a/vulkaninfo/CMakeLists.txt b/vulkaninfo/CMakeLists.txt
-index d23dcf89..32aa0ebb 100644
---- a/vulkaninfo/CMakeLists.txt
-+++ b/vulkaninfo/CMakeLists.txt
-@@ -136,9 +136,5 @@ elseif(APPLE)
-     add_definitions(-DVK_USE_PLATFORM_MACOS_MVK -DVK_USE_PLATFORM_METAL_EXT)
- endif()
- 
--if(APPLE)
--    install(TARGETS vulkaninfo RUNTIME DESTINATION "vulkaninfo")
--else()
--    install(TARGETS vulkaninfo RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
--endif()
-+install(TARGETS vulkaninfo RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
- 
diff --git a/pkgs/tools/graphics/xcolor/default.nix b/pkgs/tools/graphics/xcolor/default.nix
index 1ef2c807bde..dabe14d895f 100644
--- a/pkgs/tools/graphics/xcolor/default.nix
+++ b/pkgs/tools/graphics/xcolor/default.nix
@@ -41,7 +41,7 @@ rustPlatform.buildRustPackage rec {
   meta = with lib; {
     description = "Lightweight color picker for X11";
     homepage = "https://github.com/Soft/xcolor";
-    maintainers = with lib.maintainers; [ fortuneteller2k ];
+    maintainers = with lib.maintainers; [ moni ];
     license = licenses.mit;
   };
 }
diff --git a/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch
new file mode 100644
index 00000000000..7b7ca5a0bef
--- /dev/null
+++ b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40889.patch
@@ -0,0 +1,17 @@
+Simple bounds checks for CVE-2023-40889, based on third-party
+fix by Remi Meier @
+https://github.com/Raemi/zbar/commit/5e8acc6974f17e56c3ddaa5509870beb8d7a599c
+
+--- a/zbar/qrcode/qrdec.c
++++ b/zbar/qrcode/qrdec.c
+@@ -3900,8 +3900,8 @@ void qr_reader_match_centers(qr_reader *_reader,qr_code_data_list *_qrlist,
+     /*TODO: We might be able to accelerate this step significantly by
+        considering the remaining finder centers in a more intelligent order,
+        based on the first finder center we just chose.*/
+-    for(j=i+1;!mark[i]&&j<_ncenters;j++){
+-      for(k=j+1;!mark[j]&&k<_ncenters;k++)if(!mark[k]){
++    for(j=i+1; i < _ncenters && !mark[i]&&j<_ncenters;j++){
++      for(k=j+1; j < _ncenters && !mark[j]&&k<_ncenters;k++)if(!mark[k]){
+         qr_finder_center *c[3];
+         qr_code_data      qrdata;
+         int               version;
diff --git a/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch
new file mode 100644
index 00000000000..3576df214ae
--- /dev/null
+++ b/pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch
@@ -0,0 +1,26 @@
+Simple bounds checks for CVE-2023-40890
+
+--- a/zbar/decoder/databar.c
++++ b/zbar/decoder/databar.c
+@@ -23,6 +23,8 @@
+ 
+ #include <config.h>
+ #include <zbar.h>
++#include <stdlib.h>
++#include <stdio.h>
+ 
+ #ifdef DEBUG_DATABAR
+ # define DEBUG_LEVEL (DEBUG_DATABAR)
+@@ -691,6 +693,12 @@ lookup_sequence (databar_segment_t *seg,
+             fixed = -1;
+         s <<= 1;
+         dbprintf(2, "%x", s);
++
++        if (i > 20) {
++            fprintf(stderr, "Bug: Out-of-bounds condition detected\n");
++            exit(99);
++        }
++
+         seq[i++] = s++;
+         seq[i++] = s;
+     }
diff --git a/pkgs/tools/graphics/zbar/default.nix b/pkgs/tools/graphics/zbar/default.nix
index f9b84d2656a..5a1d7e94fdf 100644
--- a/pkgs/tools/graphics/zbar/default.nix
+++ b/pkgs/tools/graphics/zbar/default.nix
@@ -1,6 +1,7 @@
 { stdenv
 , lib
 , fetchFromGitHub
+, fetchpatch
 , imagemagickBig
 , pkg-config
 , withXorg ? true
@@ -42,6 +43,11 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-VhVrngAX7pXZp+szqv95R6RGAJojp3svdbaRKigGb0w=";
   };
 
+  patches = [
+    ./0.23.92-CVE-2023-40889.patch
+    ./0.23.92-CVE-2023-40890.patch
+  ];
+
   nativeBuildInputs = [
     pkg-config
     xmlto
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-25 04:18:01 +0000