diff --git a/pkgs/tools/text/catdoc/default.nix b/pkgs/tools/text/catdoc/default.nix index fb0309e75325..2a06b25b11da 100644 --- a/pkgs/tools/text/catdoc/default.nix +++ b/pkgs/tools/text/catdoc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchurl, fetchpatch }: stdenv.mkDerivation rec { name = "catdoc-${version}"; @@ -9,6 +9,13 @@ stdenv.mkDerivation rec { sha256 = "514a84180352b6bf367c1d2499819dfa82b60d8c45777432fa643a5ed7d80796"; }; + patches = [ + (fetchpatch { + url = "https://anonscm.debian.org/git/collab-maint/catdoc.git/diff/debian/patches/05-CVE-2017-11110.patch?id=21dd5b29b11be04149587657dd90253f52dfef0b"; + sha256 = "0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73"; + }) + ]; + configureFlags = "--disable-wordview"; meta = with stdenv.lib; {