pyrox.dev
libxslt: fix CVE-2015-7995 by upstream patch
+10
-3
pkgs/development/libraries/libxslt/default.nix
+10
-3
pkgs/development/libraries/libxslt/default.nix
···
1
-
{ stdenv, fetchurl, libxml2, findXMLCatalogs }:
1
+
{ stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs }:
2
2
3
3
stdenv.mkDerivation rec {
4
4
name = "libxslt-1.1.28";
···
8
8
sha256 = "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz";
9
9
};
10
10
11
+
patches = stdenv.lib.optional stdenv.isSunOS ./patch-ah.patch
12
+
++ [
13
+
(fetchpatch {
14
+
name = "CVE-2015-7995.patch";
15
+
url = "http://git.gnome.org/browse/libxslt/patch/?id=7ca19df892ca22";
16
+
sha256 = "1xzg0q94dzbih9nvqp7g9ihz0a3qb0w23l1158m360z9smbi8zbd";
17
+
})
18
+
];
19
+
11
20
outputs = [ "out" "doc" ];
12
21
13
22
buildInputs = [ libxml2 ];
14
23
15
24
propagatedBuildInputs = [ findXMLCatalogs ];
16
-
17
-
patches = stdenv.lib.optionals stdenv.isSunOS [ ./patch-ah.patch ];
18
25
19
26
configureFlags = [
20
27
"--with-libxml-prefix=${libxml2}"