openscad: add patches for CVE-2022-0496 & CVE-2022-0497

author: Robert Scott <code@humanleg.org.uk> 2022-08-30 19:57:55 +0100
committer: Robert Scott <code@humanleg.org.uk> 2022-08-30 19:57:55 +0100
commit: 3bfe6bfca2fbe5f7f6c9d640172d482bfdcec815 (patch)
tree: cd75eac031dfb0afe1f63f30a2bd2ea406be388d /pkgs/applications/graphics/openscad
parent: 83a5f62886c8df8e9fb7ff4561a537b64a492db9 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/pkgs/applications/graphics/openscad/default.nix b/pkgs/applications/graphics/openscad/default.nix
index 98afab94f3d16..646594d4afba7 100644
--- a/pkgs/applications/graphics/openscad/default.nix
+++ b/pkgs/applications/graphics/openscad/default.nix
@@ -1,5 +1,6 @@
 { lib, stdenv
 , fetchFromGitHub
+, fetchpatch
 , qtbase
 , qtmultimedia
 , qscintilla
@@ -42,6 +43,19 @@ mkDerivation rec {
     sha256 = "sha256-2tOLqpFt5klFPxHNONnHVzBKEFWn4+ufx/MU+eYbliA=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2022-0496.patch";
+      url = "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41.patch";
+      sha256 = "sha256-q3SLj2b5aM/IQ8vIDj4iVcwCajgyJ5juNV/KN35uxfI=";
+    })
+    (fetchpatch {
+      name = "CVE-2022-0497.patch";
+      url = "https://github.com/openscad/openscad/commit/84addf3c1efbd51d8ff424b7da276400bbfa1a4b.patch";
+      sha256 = "sha256-KNEVu10E2d4G2x+FJcuHo2tjD8ygMRuhUcW9NbN98bM=";
+    })
+  ];
+
   nativeBuildInputs = [ bison flex pkg-config gettext qmake ];
 
   buildInputs = [
author	Robert Scott <code@humanleg.org.uk>	2022-08-30 19:57:55 +0100
committer	Robert Scott <code@humanleg.org.uk>	2022-08-30 19:57:55 +0100
commit	3bfe6bfca2fbe5f7f6c9d640172d482bfdcec815 (patch)
tree	cd75eac031dfb0afe1f63f30a2bd2ea406be388d /pkgs/applications/graphics/openscad
parent	83a5f62886c8df8e9fb7ff4561a537b64a492db9 (diff)