tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom

expat: patch CVE-2019-15903 (from Debian, issue #68818)

I hope this URL will last for a few months, feel free to find better.

Vladimír Čunát 531fe80e e5796914

+7
unified split
+7
pkgs/development/libraries/expat/default.nix
··· 15 15 sha256 = "1i7bq9sp2k5348dvbfv26bprzv6ka1abf0j5ixjaff9alndm4f19"; 16 16 stripLen = 1; 17 17 }) 18 + (fetchpatch { 19 + name = "CVE-2019-15903.patch"; 20 + url = "https://sources.debian.org/data/main/e/expat/2.2.7-2/debian/patches/CVE-2019-15903_Deny_internal_entities_closing_the_doctype.patch"; 21 + sha256 = "0lv4392ihpk71fgaf1fz03gandqkaqisal8xrzvcqnvnq4mnmwxp"; 22 + stripLen = 1; 23 + excludes = [ "tests/runtests.c" "Changes" ]; 24 + }) 18 25 ]; 19 26 20 27 outputs = [ "out" "dev" ]; # TODO: fix referrers