summary refs log tree commit diff
path: root/pkgs/tools/security
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r--pkgs/tools/security/opensc/default.nix10
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/tools/security/opensc/default.nix b/pkgs/tools/security/opensc/default.nix
index f14a08c8174..769b87fa8d3 100644
--- a/pkgs/tools/security/opensc/default.nix
+++ b/pkgs/tools/security/opensc/default.nix
@@ -1,5 +1,5 @@
 { stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, zlib, readline, openssl
-, libiconv, pcsclite, libassuan, libXt
+, libiconv, pcsclite, libassuan, libXt, fetchpatch
 , docbook_xsl, libxslt, docbook_xml_dtd_412
 , Carbon, PCSC, buildPackages
 , withApplePCSC ? stdenv.isDarwin
@@ -16,6 +16,14 @@ stdenv.mkDerivation rec {
     sha256 = "10575gb9l38cskq7swyjp0907wlziyxg4ppq33ndz319dsx69d87";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2019-6502.patch";
+      url = "https://github.com/OpenSC/OpenSC/commit/0d7967549751b7032f22b437106b41444aff0ba9.patch";
+      sha256 = "1y42lmz8i9w99hgpakdncnv8f94cqjfabz0v4xg6wfz9akl3ff7d";
+    })
+  ];
+
   nativeBuildInputs = [ pkgconfig autoreconfHook ];
   buildInputs = [
     zlib readline openssl libassuan
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-30 09:27:56 +0000