pyrox.dev
libsixel: fix CVE-2021-45340 (#372312)
authored by Arne Keller and committed by GitHub d92f98ee 418276cd
+12
pkgs/by-name/li/libsixel/fix-CVE-2021-45340.patch
+12
pkgs/by-name/li/libsixel/fix-CVE-2021-45340.patch
···
1
+
diff --git a/src/stb_image.h b/src/stb_image.h
2
+
index f12c30b..526281c 100644
3
+
--- a/src/stb_image.h
4
+
+++ b/src/stb_image.h
5
+
@@ -1534,6 +1534,7 @@ static unsigned char *stbi__convert_format(unsigned char *data, int img_n, int r
6
+
int i,j;
7
+
unsigned char *good;
8
+
9
+
+ if (data == NULL) return data;
10
+
if (req_comp == img_n) return data;
11
+
STBI_ASSERT(req_comp >= 1 && req_comp <= 4);
12
+
+6
-1
pkgs/by-name/li/libsixel/package.nix
+6
-1
pkgs/by-name/li/libsixel/package.nix
···
19
19
sha256 = "1nny4295ipy4ajcxmmh04c796hcds0y7z7rv3qd17mj70y8j0r2d";
20
20
};
21
21
22
+
patches = [
23
+
# https://github.com/NixOS/nixpkgs/issues/160670
24
+
./fix-CVE-2021-45340.patch
25
+
];
26
+
22
27
buildInputs = [
23
28
gdk-pixbuf
24
29
gd
···
43
48
meta = with lib; {
44
49
description = "SIXEL library for console graphics, and converter programs";
45
50
homepage = "https://github.com/libsixel/libsixel";
46
-
maintainers = [ ];
51
+
maintainers = with lib.maintainers; [ hzeller ];
47
52
license = licenses.mit;
48
53
platforms = platforms.unix;
49
54
};