diff options
author | Robert Scott <code@humanleg.org.uk> | 2019-11-10 13:44:53 +0000 |
---|---|---|
committer | Renaud <c0bw3b@users.noreply.github.com> | 2019-11-10 14:44:53 +0100 |
commit | e5bd0cfcd530f261670dfc7ea54cf416841179e5 (patch) | |
tree | 31437189134db97cb4f718cd135f1665f54d2a5d | |
parent | 4beb94ccc001b20ffa44aa076983c1023b192cd5 (diff) |
jhead: add patches for CVE-2019-1010301, CVE-2019-1010302
(#73115) (cherry picked from commit 7dacaa056c4a1054759ae813eb9f91b0633601de)
-rw-r--r-- | pkgs/tools/graphics/jhead/default.nix | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/pkgs/tools/graphics/jhead/default.nix b/pkgs/tools/graphics/jhead/default.nix index e4405455097d2..e6d2465efe1c8 100644 --- a/pkgs/tools/graphics/jhead/default.nix +++ b/pkgs/tools/graphics/jhead/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, libjpeg }: +{ stdenv, fetchurl, fetchpatch, libjpeg }: stdenv.mkDerivation rec { name = "jhead-${version}"; @@ -9,6 +9,19 @@ stdenv.mkDerivation rec { sha256 = "1hn0yqcicq3qa20h1g313l1a671r8mccpb9gz0w1056r500lw6c2"; }; + patches = [ + (fetchpatch { + name = "CVE-2019-1010301.patch"; + url = "https://sources.debian.org/data/main/j/jhead/1:3.03-3/debian/patches/36_CVE-2019-1010301"; + sha256 = "1vvrg50z5y7sjhfi973wh1q1v79sqp7hk5d4z0dlnx3fqgkjrx7q"; + }) + (fetchpatch { + name = "CVE-2019-1010302.patch"; + url = "https://sources.debian.org/data/main/j/jhead/1:3.03-3/debian/patches/37_CVE-2019-1010302"; + sha256 = "1h11mpsi7hpwbi8kpnkjwn6zpqf88f132h0rsg8sggcs3vva2x8y"; + }) + ]; + buildInputs = [ libjpeg ]; patchPhase = '' |