mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-02-16 15:58:36 +00:00
Code Issues Wiki Activity

Merge pull request #55894 from andrew-d/andrew/cairo-CVE-2018-19876

Browse source 
cairo: apply patch for CVE-2018-19876
This commit is contained in:
worldofpeace 2019-02-17 03:52:37 +00:00 committed by GitHub
parent fd48a94b62 7c28cb299d
commit bad2db31b7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
pkgs/development/libraries/cairo/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgconfig, libiconv
{ stdenv, fetchurl, fetchpatch, pkgconfig, libiconv
, libintl, expat, zlib, libpng, pixman, fontconfig, freetype, xorg
, gobjectSupport ? true, glib
, xcbSupport ? true # no longer experimental since 1.12
@ -20,6 +20,19 @@ in stdenv.mkDerivation rec {
sha256 = "0c930mk5xr2bshbdljv005j3j8zr47gqmkry3q6qgvqky6rjjysy";
};
patches = [
# Fixes CVE-2018-19876; see Nixpkgs issue #55384
# CVE information: https://nvd.nist.gov/vuln/detail/CVE-2018-19876
# Upstream PR: https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5
#
# This patch is the merged commit from the above PR.
(fetchpatch {
name = "CVE-2018-19876.patch";
url = "https://gitlab.freedesktop.org/cairo/cairo/commit/6edf572ebb27b00d3c371ba5ae267e39d27d5b6d.patch";
sha256 = "112hgrrsmcwxh1r52brhi5lksq4pvrz4xhkzcf2iqp55jl2pb7n1";
})
];
outputs = [ "out" "dev" "devdoc" ];
outputBin = "dev"; # very small