libsForQt5.kimageformats: fix CVE-2021-36083 (#130115)

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-07-14 00:35:09 +02:00 · 2021-07-14 00:35:09 +02:00 · 3d260a2d0e
parent 8a74be2039
commit 3d260a2d0e
1 changed files with 9 additions and 0 deletions
--- a/pkgs/development/libraries/kde-frameworks/kimageformats.nix
+++ b/pkgs/development/libraries/kde-frameworks/kimageformats.nix
@ -15,10 +15,19 @@ mkDerivation {
      url = "https://invent.kde.org/frameworks/kimageformats/-/commit/bf3f94da766d66a0470ab744dbe1ced4697b572d.diff";
      sha256 = "18d67l5kj9sv88jdpi061k9rl3adzkx9l51ng7saylrkfddwc3ig";
    })
+    (fetchpatch { # included in kimageformats >= 5.82
+      name = "CVE-2021-36083.patch";
+      url = "https://invent.kde.org/frameworks/kimageformats/-/commit/297ed9a2fe339bfe36916b9fce628c3242e5be0f.diff";
+      sha256 = "16axaljgaar0j5796x1mjps93y92393x8zywh3nzw7rm9w2qxzml";
+    })
  ];

  nativeBuildInputs = [ extra-cmake-modules ];
  buildInputs = [ karchive openexr libavif qtbase ];
  outputs = [ "out" ]; # plugins only
  CXXFLAGS = "-I${getDev ilmbase}/include/OpenEXR";
+
+  meta = with lib; {
+    broken = versionOlder qtbase.version "5.14";
+  };
 }