commit 83f83ca4345be7221dd63e4451e3cf5ef1374117 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

jbig2dec: patch for CVE-2016-9601

Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697457

A new release containing this fix is expected in march; until then,
apply patch from upstream. Note that there have been essentially no
changes between 0.13 and this patch.

Joachim Fasting 9 years ago 83f83ca4 12284fff

+9 -1

1 changed file

expand all

unified split

pkgs

development

libraries

jbig2dec

default.nix

+9 -1

pkgs/development/libraries/jbig2dec/default.nix

··· 1 - { stdenv, fetchurl }: 2 3 stdenv.mkDerivation rec { 4 name = "jbig2dec-0.13"; ··· 7 url = "http://downloads.ghostscript.com/public/jbig2dec/${name}.tar.gz"; 8 sha256 = "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s"; 9 }; 10 11 meta = { 12 homepage = https://www.ghostscript.com/jbig2dec.html;

··· 1 + { stdenv, fetchurl, fetchpatch }: 2 3 stdenv.mkDerivation rec { 4 name = "jbig2dec-0.13"; ··· 7 url = "http://downloads.ghostscript.com/public/jbig2dec/${name}.tar.gz"; 8 sha256 = "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s"; 9 }; 10 + 11 + patches = 12 + [ (fetchpatch { 13 + url = "http://git.ghostscript.com/?p=jbig2dec.git;a=patch;h=e698d5c11d27212aa1098bc5b1673a3378563092"; 14 + sha256 = "1fc8xm1z98xj2zkcl0zj7dpjjsbz3vn61b59jnkhcyzy3iiczv7f"; 15 + name = "CVE-2016-9601.patch"; 16 + }) 17 + ]; 18 19 meta = { 20 homepage = https://www.ghostscript.com/jbig2dec.html;