3
0
Fork 0
forked from mirrors/nixpkgs

cups: 2.4.1 -> 2.4.2

Fixes CVE-2022-26691.
https://github.com/OpenPrinting/cups/releases/tag/v2.4.2
This commit is contained in:
Thomas Gerbet 2022-05-27 12:03:37 +02:00
parent ccdd189373
commit c590c23f49

View file

@ -1,5 +1,6 @@
{ lib, stdenv
, fetchurl
, fetchpatch
, pkg-config
, removeReferencesTo
, zlib
@ -26,19 +27,32 @@ stdenv.mkDerivation rec {
pname = "cups";
# After 2.2.6, CUPS requires headers only available in macOS 10.12+
version = if stdenv.isDarwin then "2.2.6" else "2.4.1";
version = if stdenv.isDarwin then "2.2.6" else "2.4.2";
src = fetchurl (if stdenv.isDarwin then {
url = "https://github.com/apple/cups/releases/download/v${version}/cups-${version}-source.tar.gz";
sha256 = "16qn41b84xz6khrr2pa2wdwlqxr29rrrkjfi618gbgdkq9w5ff20";
} else {
url = "https://github.com/OpenPrinting/cups/releases/download/v${version}/cups-${version}-source.tar.gz";
sha256 = "sha256-xzOfdfjU8t7FDGczQaRfwGtohbttQ2bWv1mk5sEK4Xg=";
sha256 = "sha256-8DzLQLCH0eMJQKQOAUHcu6Jj85l0wg658lIQZsnGyQg=";
});
outputs = [ "out" "lib" "dev" "man" ];
patches = lib.optional (version == "2.2.6") ./0001-TargetConditionals.patch;
patches = lib.optionals (version == "2.2.6") [
./0001-TargetConditionals.patch
(fetchpatch {
name = "CVE-2022-26691.patch";
url = "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444.patch";
sha256 = "sha256-IKOtV7bCS6PstwK6YqnYRYTeH562jWwkley86p+6Of8=";
excludes = [ "CHANGES.md" ];
})
(fetchpatch {
name = "CVE-2022-26691-fix-comment.patch";
url = "https://github.com/OpenPrinting/cups/commit/411b6136f450a583ee08c3880fa09dbe837eb3f1.patch";
sha256 = "sha256-dVopmr34c9N5H2ZZz52rXVnHQBuDTNo8M40x9455+jQ=";
})
];
postPatch = ''
substituteInPlace cups/testfile.c \