From 83f83ca4345be7221dd63e4451e3cf5ef1374117 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Tue, 7 Feb 2017 03:08:04 +0100 Subject: [PATCH] jbig2dec: patch for CVE-2016-9601 Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697457 A new release containing this fix is expected in march; until then, apply patch from upstream. Note that there have been essentially no changes between 0.13 and this patch. --- pkgs/development/libraries/jbig2dec/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/jbig2dec/default.nix b/pkgs/development/libraries/jbig2dec/default.nix index 8828d0057f36..45df4876be1f 100644 --- a/pkgs/development/libraries/jbig2dec/default.nix +++ b/pkgs/development/libraries/jbig2dec/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchurl, fetchpatch }: stdenv.mkDerivation rec { name = "jbig2dec-0.13"; @@ -8,6 +8,14 @@ stdenv.mkDerivation rec { sha256 = "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s"; }; + patches = + [ (fetchpatch { + url = "http://git.ghostscript.com/?p=jbig2dec.git;a=patch;h=e698d5c11d27212aa1098bc5b1673a3378563092"; + sha256 = "1fc8xm1z98xj2zkcl0zj7dpjjsbz3vn61b59jnkhcyzy3iiczv7f"; + name = "CVE-2016-9601.patch"; + }) + ]; + meta = { homepage = https://www.ghostscript.com/jbig2dec.html; description = "Decoder implementation of the JBIG2 image compression format";