alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

xcftools: patch CVE-2019-5086 and CVE-2019-5087

Browse source
This commit is contained in:
ash 2022-06-26 14:50:43 +01:00
parent 8e31351a7b
commit 576a97a0d0
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pkgs/tools/graphics/xcftools/default.nix
View file

@ -1,4 +1,4 @@
{lib, stdenv, fetchurl, libpng, perl, gettext }:
{lib, stdenv, fetchpatch, fetchurl, libpng, perl, gettext }:
stdenv.mkDerivation rec {
pname = "xcftools";
@ -11,7 +11,15 @@ stdenv.mkDerivation rec {
buildInputs = [ libpng perl gettext ];
patchPhase = ''
patches = [
(fetchpatch {
name = "CVE-2019-5086.CVE-2019-5087.patch";
url = "https://github.com/gladk/xcftools/commit/59c38e3e45b9112c2bcb4392bccf56e297854f8a.patch";
sha256 = "sha256-a1Biv6viXzTSaLDzinOyu0HdDTUPsKITsdKu9B9Y8GE=";
})
];
postPatch = ''
# Required if building with libpng-1.6, innocuous otherwise
substituteInPlace xcf2png.c \
--replace png_voidp_NULL NULL \