From cd463399ff9462c90e271e8fd853c2da7051235f Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Sat, 30 Jan 2021 12:01:45 -0500 Subject: [PATCH] dia: fix CVE-2019-19451 --- pkgs/applications/graphics/dia/CVE-2019-19451.patch | 11 +++++++++++ pkgs/applications/graphics/dia/default.nix | 4 ++++ 2 files changed, 15 insertions(+) create mode 100644 pkgs/applications/graphics/dia/CVE-2019-19451.patch diff --git a/pkgs/applications/graphics/dia/CVE-2019-19451.patch b/pkgs/applications/graphics/dia/CVE-2019-19451.patch new file mode 100644 index 000000000000..28d6598330a3 --- /dev/null +++ b/pkgs/applications/graphics/dia/CVE-2019-19451.patch @@ -0,0 +1,11 @@ +diff -ru a/app/app_procs.c b/app/app_procs.c +--- a/app/app_procs.c 2021-01-30 11:09:52.000000000 -0500 ++++ b/app/app_procs.c 2021-01-30 11:11:05.000000000 -0500 +@@ -785,6 +785,7 @@ + + if (!filename) { + g_print (_("Filename conversion failed: %s\n"), filenames[i]); ++ ++i; + continue; + } + diff --git a/pkgs/applications/graphics/dia/default.nix b/pkgs/applications/graphics/dia/default.nix index 6fe8aed8f674..d9de3eb7fc12 100644 --- a/pkgs/applications/graphics/dia/default.nix +++ b/pkgs/applications/graphics/dia/default.nix @@ -13,6 +13,10 @@ stdenv.mkDerivation { sha256 = "1fyxfrzdcs6blxhkw3bcgkksaf3byrsj4cbyrqgb4869k3ynap96"; }; + patches = [ + ./CVE-2019-19451.patch + ]; + buildInputs = [ gtk2 libxml2 gettext python libxml2Python docbook5 libxslt docbook_xsl libart_lgpl ]