tjh.dev
libxslt: add patch for CVE-2019-11068
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
(cherry picked from commit 84b810f8e3dfc4e5649558c8898d686909905ace)
authored by
c0bw3b
and committed by
Vladimír Čunát
87b79be3
940d8c90
+9
-1
pkgs/development/libraries/libxslt/default.nix
+9
-1
pkgs/development/libraries/libxslt/default.nix
···
1
-
{ stdenv, fetchurl, libxml2, findXMLCatalogs, python2, libgcrypt
1
+
{ stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs, python2, libgcrypt
2
2
, cryptoSupport ? false
3
3
, pythonSupport ? stdenv.buildPlatform == stdenv.hostPlatform
4
4
}:
···
17
17
url = "http://xmlsoft.org/sources/${name}.tar.gz";
18
18
sha256 = "1j1q1swnsy8jgi9x7mclvkrqhfgn09886gdlr9wzk7a08i8n0dlf";
19
19
};
20
+
21
+
patches = [
22
+
(fetchpatch {
23
+
name = "CVE-2019-11068.patch";
24
+
url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch";
25
+
sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8";
26
+
})
27
+
];
20
28
21
29
outputs = [ "bin" "dev" "out" "man" "doc" ] ++ stdenv.lib.optional pythonSupport "py";
22
30