diff --git a/pkgs/tools/compression/advancecomp/default.nix b/pkgs/tools/compression/advancecomp/default.nix index 8bee8059fe27..46c8f4338c69 100644 --- a/pkgs/tools/compression/advancecomp/default.nix +++ b/pkgs/tools/compression/advancecomp/default.nix @@ -1,5 +1,9 @@ -{ stdenv, fetchFromGitHub -, autoreconfHook, zlib }: +{ stdenv +, fetchFromGitHub +, fetchpatch +, autoreconfHook +, zlib +}: stdenv.mkDerivation rec { pname = "advancecomp"; @@ -15,6 +19,15 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook ]; buildInputs = [ zlib ]; + patches = [ + (fetchpatch { + name = "CVE-2019-9210.patch"; + url = "https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02.patch"; + sha256 = "0cdv9g87c1y8zwhqkd9ba2zjw4slcvg7yzcqv43idvnwb5fl29n7"; + excludes = [ "doc/history.d" ]; + }) + ]; + meta = with stdenv.lib; { description = ''A set of tools to optimize deflate-compressed files''; license = licenses.gpl3 ;