libgxps: fix CVE-2018-10733

This commit is contained in:
Andreas Rammhold 2018-10-15 23:55:47 +02:00
parent 5f75f72497
commit 6ad3088b12

View file

@ -1,5 +1,5 @@
{ stdenv, fetchurl, meson, ninja, pkgconfig, glib, gobjectIntrospection, cairo
, libarchive, freetype, libjpeg, libtiff, gnome3
, libarchive, freetype, libjpeg, libtiff, gnome3, fetchpatch
}:
let
@ -13,6 +13,19 @@ in stdenv.mkDerivation rec {
sha256 = "412b1343bd31fee41f7204c47514d34c563ae34dafa4cc710897366bd6cd0fae";
};
patches = [
(fetchpatch {
name = "CVE-2018-10733-1.patch";
url = https://gitlab.gnome.org/GNOME/libgxps/commit/b458226e162fe1ffe7acb4230c114a52ada5131b.patch;
sha256 = "0pqg9iwkg69qknj7vkgn26c32fndy55byxivd4km0vjfhfyx69hd";
})
(fetchpatch {
name = "CVE-2018-10733-2.patch";
url = https://gitlab.gnome.org/GNOME/libgxps/commit/133fe2a96e020d4ca65c6f64fb28a404050ebbfd.patch;
sha256 = "19n01x8zs05wf801mkz4mypvapph7h941md3hr3rj0ry6r88pkir";
})
];
nativeBuildInputs = [ meson ninja pkgconfig gobjectIntrospection ];
buildInputs = [ glib cairo freetype libjpeg libtiff ];
propagatedBuildInputs = [ libarchive ];