pyrox.dev
vorbis-tools: security patches and fix meta
Patches: CVE-2014-9638, CVE-2014-9639, CVE-2015-6749, and some non-security.
Also drop glibc from buildInputs.
+20
-5
pkgs/applications/audio/vorbis-tools/default.nix
+20
-5
pkgs/applications/audio/vorbis-tools/default.nix
···
1
-
{stdenv, fetchurl, libogg, libvorbis, libao, pkgconfig, curl, glibc
2
-
, speex, flac}:
3
4
stdenv.mkDerivation {
5
name = "vorbis-tools-1.4.0";
6
src = fetchurl {
···
8
sha256 = "1g12bnh5ah08v529y72kfdz5lhvy75iaz7f9jskyby23m9dkk2d3";
9
};
10
11
-
buildInputs = [ libogg libvorbis libao pkgconfig curl speex glibc flac ];
12
13
-
meta = {
14
longDescription = ''
15
A set of command-line tools to manipulate Ogg Vorbis audio
16
files, notably the `ogg123' player and the `oggenc' encoder.
17
'';
18
homepage = http://xiph.org/vorbis/;
19
-
license = stdenv.lib.licenses.gpl2;
20
};
21
}
···
1
+
{ stdenv, fetchurl, fetchzip, libogg, libvorbis, libao, pkgconfig, curl
2
+
, speex, flac }:
3
4
+
let
5
+
debPatch = fetchzip {
6
+
url = "mirror://debian/pool/main/v/vorbis-tools/vorbis-tools_1.4.0-6.debian.tar.xz";
7
+
sha256 = "1xmmpdvxyr84lazlg23c6ck5ic97ga2rkiqabb1d98ix2zdzyqz5";
8
+
};
9
+
in
10
stdenv.mkDerivation {
11
name = "vorbis-tools-1.4.0";
12
src = fetchurl {
···
14
sha256 = "1g12bnh5ah08v529y72kfdz5lhvy75iaz7f9jskyby23m9dkk2d3";
15
};
16
17
+
postPatch = ''
18
+
for patch in $(ls "${debPatch}"/patches/*.{diff,patch} | grep -v debian_subdir)
19
+
do patch -p1 < "$patch"
20
+
done
21
+
'';
22
23
+
buildInputs = [ libogg libvorbis libao pkgconfig curl speex flac ];
24
+
25
+
meta = with stdenv.lib; {
26
+
description = "Extra tools for Ogg-Vorbis audio codec";
27
longDescription = ''
28
A set of command-line tools to manipulate Ogg Vorbis audio
29
files, notably the `ogg123' player and the `oggenc' encoder.
30
'';
31
homepage = http://xiph.org/vorbis/;
32
+
license = licenses.gpl2;
33
+
platforms = platforms.all;
34
};
35
}
36
+