pyrox.dev
lol
flac: fix out of bound reads due to heap buffer overflow
Fixes: CVE-2020-0499
authored by
Martin Weinelt
and committed by
github-actions[bot]
279bdc9d
2af2325c
+12
-3
+12
-3
pkgs/applications/audio/flac/default.nix
+12
-3
pkgs/applications/audio/flac/default.nix
···
1
-
{ lib, stdenv, fetchurl, libogg }:
1
+
{ lib, stdenv, fetchurl, fetchpatch, libogg }:
2
2
3
3
stdenv.mkDerivation rec {
4
-
name = "flac-1.3.3";
4
+
pname = "flac";
5
+
version = "1.3.3";
5
6
6
7
src = fetchurl {
7
-
url = "http://downloads.xiph.org/releases/flac/${name}.tar.xz";
8
+
url = "http://downloads.xiph.org/releases/flac/${pname}-${version}.tar.xz";
8
9
sha256 = "0j0p9sf56a2fm2hkjnf7x3py5ir49jyavg4q5zdyd7bcf6yq4gi1";
9
10
};
11
+
12
+
patches = [
13
+
(fetchpatch {
14
+
name = "CVE-2020-0499.patch";
15
+
url = "https://github.com/xiph/flac/commit/2e7931c27eb15e387da440a37f12437e35b22dd4.patch";
16
+
sha256 = "160qzq9ms5addz7sx06pnyjjkqrffr54r4wd8735vy4x008z71ah";
17
+
})
18
+
];
10
19
11
20
buildInputs = [ libogg ];
12
21