pyrox.dev
graphicsmagick: 1.3.21 -> 1.3.23, disable popen (security)
http://permalink.gmane.org/gmane.comp.security.oss.general/19669
+11
-5
pkgs/applications/graphics/graphicsmagick/default.nix
+11
-5
pkgs/applications/graphics/graphicsmagick/default.nix
···
1
1
{stdenv, fetchurl, bzip2, freetype, graphviz, ghostscript
2
2
, libjpeg, libpng, libtiff, libxml2, zlib, libtool, xz
3
-
, libX11, quantumdepth ? 8}:
3
+
, libX11, libwebp, quantumdepth ? 8}:
4
4
5
-
let version = "1.3.21"; in
5
+
let version = "1.3.23"; in
6
6
7
7
stdenv.mkDerivation {
8
8
name = "graphicsmagick-${version}";
9
9
10
10
src = fetchurl {
11
11
url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
12
-
sha256 = "07rwpxy62r9m4r2cg6yll2nr698mxyvbji8vgsivcxhpk56k0ich";
12
+
sha256 = "03g6l2h8cmf231y1vma0z7x85070jm1ysgs9ppqcd3jj56jka9gx";
13
13
};
14
14
15
-
configureFlags = "--enable-shared --with-quantum-depth=" + toString quantumdepth;
15
+
patches = [ ./disable-popen.patch ];
16
+
17
+
configureFlags = [
18
+
"--enable-shared"
19
+
"--with-quantum-depth=${toString quantumdepth}"
20
+
"--with-gslib=yes"
21
+
];
16
22
17
23
buildInputs =
18
24
[ bzip2 freetype ghostscript graphviz libjpeg libpng libtiff libX11 libxml2
19
-
zlib libtool
25
+
zlib libtool libwebp
20
26
];
21
27
22
28
nativeBuildInputs = [ xz ];
+12
pkgs/applications/graphics/graphicsmagick/disable-popen.patch
+12
pkgs/applications/graphics/graphicsmagick/disable-popen.patch
···
1
+
http://permalink.gmane.org/gmane.comp.security.oss.general/19669
2
+
3
+
--- a/magick/blob.c Sat Nov 07 14:49:16 2015 -0600
4
+
+++ b/magick/blob.c Sun May 29 14:12:57 2016 -0500
5
+
@@ -68,6 +68,7 @@
6
+
*/
7
+
#define DefaultBlobQuantum 65541
8
+
9
+
+#undef HAVE_POPEN
10
+
11
+
/*
12
+
Enum declarations.