diff options
| author | Andreas Rammhold <andreas@rammhold.de> | 2017-11-28 00:24:02 +0100 |
|---|---|---|
| committer | Andreas Rammhold <andreas@rammhold.de> | 2017-11-28 18:41:53 +0100 |
| commit | fe1f2285803fb5da7a4f265822fd34987b30e279 (patch) | |
| tree | a205baa288490f8a15a572e735677cfc8e2faa4e /pkgs/development/libraries/ffmpeg-full | |
| parent | 2492f4556590e0565bcbf3cebb38b1b99b89f1c3 (diff) | |
ffmpeg-full-3.4: apply patch for CVE-2017-16840
Diffstat (limited to 'pkgs/development/libraries/ffmpeg-full')
| -rw-r--r-- | pkgs/development/libraries/ffmpeg-full/default.nix | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/pkgs/development/libraries/ffmpeg-full/default.nix b/pkgs/development/libraries/ffmpeg-full/default.nix index b50025aa108a4..41e863d4512ba 100644 --- a/pkgs/development/libraries/ffmpeg-full/default.nix +++ b/pkgs/development/libraries/ffmpeg-full/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, perl, texinfo, yasm +{ stdenv, fetchurl, fetchpatch, pkgconfig, perl, texinfo, yasm , hostPlatform /* * Licensing options (yes some are listed twice, filters and such are not listed) @@ -238,7 +238,16 @@ stdenv.mkDerivation rec { sha256 = "1vzvpx8ixy8m44f8qwp833hv253hpghybgzbc4n8b3div3j0dvmf"; }; - patchPhase = ''patchShebangs . + patches = [ + (fetchurl { + name = "CVE-2017-16840.patch"; + url = "http://git.videolan.org/?p=ffmpeg.git;a=patch;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74"; + sha256 = "0zx0vh110hrykk7j863j04bx6igm2q8dlkv25mf5g4rbxafpqig3"; + }) + ]; + + prePatch = '' + patchShebangs . '' + stdenv.lib.optionalString stdenv.isDarwin '' sed -i 's/#ifndef __MAC_10_11/#if 1/' ./libavcodec/audiotoolboxdec.c '' + stdenv.lib.optionalString (frei0r != null) '' |