commit 2dab7782f3e46932bb5ca2d3e994428bfe03b134

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

fork atom

unrtf: patch against CVE-2016-10091

Graham Christensen 9 years ago 2dab7782 b8b18925

+9 -1

1 changed file

expand all

unified split

pkgs

tools

text

unrtf

default.nix

+9 -1

pkgs/tools/text/unrtf/default.nix

··· 1 - { stdenv, fetchurl, autoconf, automake, libiconv }: 1 + { stdenv, fetchurl, fetchpatch, autoconf, automake, libiconv }: 2 2 3 3 stdenv.mkDerivation rec { 4 4 name = "unrtf-${version}"; ··· 8 8 url = "https://www.gnu.org/software/unrtf/${name}.tar.gz"; 9 9 sha256 = "1pcdzf2h1prn393dkvg93v80vh38q0v817xnbwrlwxbdz4k7i8r2"; 10 10 }; 11 + 12 + patches = [ 13 + (fetchpatch { 14 + name = "CVE-2016-10091-0001-convert.c-Use-safe-buffer-size-and-snprintf.patch"; 15 + url = "https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=849705;filename=0001-convert.c-Use-safe-buffer-size-and-snprintf.patch;msg=20"; 16 + sha256 = "0s0fjvm3zdm9967sijlipfrwjs0h23n2n8fa6f40xxp8y5qq5a0b"; 17 + }) 18 + ]; 11 19 12 20 nativeBuildInputs = [ autoconf automake ]; 13 21