mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-23 06:01:15 +00:00
libvorbis: Fix CVE-2017-14160, CVE-2017-14632 & CVE-2017-14633
This commit is contained in:
parent
c80dc05ed6
commit
15b1432435
|
@ -1,4 +1,4 @@
|
||||||
{ stdenv, fetchurl, libogg, pkgconfig }:
|
{ stdenv, fetchurl, libogg, pkgconfig, fetchpatch }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "libvorbis-1.3.5";
|
name = "libvorbis-1.3.5";
|
||||||
|
@ -10,6 +10,23 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
outputs = [ "out" "dev" "doc" ];
|
outputs = [ "out" "dev" "doc" ];
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993.patch";
|
||||||
|
sha256 = "0xhsa96n3dlh2l85bxpz4b9m78mfxfgi2ibhjp77110a0nvkjr6h";
|
||||||
|
name = "CVE-2017-14633";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://github.com/xiph/vorbis/commit/c1c2831fc7306d5fbd7bc800324efd12b28d327f.patch";
|
||||||
|
sha256 = "17lb86105im6fc0h0cx5sn94p004jsdbbs2vj1m9ll6z9yb4rxwc";
|
||||||
|
name = "CVE-2017-14632";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "https://gitlab.xiph.org/xiph/vorbis/uploads/a68cf70fa10c8081a633f77b5c6576b7/0001-CVE-2017-14160-make-sure-we-don-t-overflow.patch";
|
||||||
|
sha256 = "0v21p59cb3z77ch1v6q5dcrd733h91f3m8ifnd7kkkr8gzn17d5x";
|
||||||
|
name = "CVE-2017-14160";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [ pkgconfig ];
|
nativeBuildInputs = [ pkgconfig ];
|
||||||
propagatedBuildInputs = [ libogg ];
|
propagatedBuildInputs = [ libogg ];
|
||||||
|
|
Loading…
Reference in a new issue