libxml2: add patch for CVE-2020-7595

author: Andrew Dunham <andrew@du.nham.ca> 2020-02-01 14:34:21 -0800
committer: Andrew Dunham <andrew@du.nham.ca> 2020-02-01 15:23:47 -0800
commit: 147f32ac2b1cfa2c08ecc8fea7e67559aff61402 (patch)
tree: b55cee4feaf70a01e939b73f1b1ce97679a7a6be /pkgs/development/libraries/libxml2/default.nix
parent: 5ff1a53a32b332e3b1a1e295e12e184c65833d13 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix
index 42515b7373c18..c07a5699f9235 100644
--- a/pkgs/development/libraries/libxml2/default.nix
+++ b/pkgs/development/libraries/libxml2/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchurl
+{ stdenv, lib, fetchurl, fetchpatch
 , zlib, xz, python, ncurses, findXMLCatalogs
 , pythonSupport ? stdenv.buildPlatform == stdenv.hostPlatform
 , icuSupport ? false, icu ? null
@@ -27,6 +27,11 @@ stdenv.mkDerivation rec {
     #   https://github.com/NixOS/nixpkgs/pull/63174
     #   https://github.com/NixOS/nixpkgs/pull/72342
     ./utf8-xmlErrorFuncHandler.patch
+    (fetchpatch {
+      name = "CVE-2020-7595.patch";
+      url = "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c8907645d2e155f0d89d4d9895ac5112b5.patch";
+      sha256 = "0klvaxkzakkpyq0m44l9xrpn5kwaii194sqsivfm6zhnb9hhl15l";
+    })
   ];
 
   outputs = [ "bin" "dev" "out" "man" "doc" ]
author	Andrew Dunham <andrew@du.nham.ca>	2020-02-01 14:34:21 -0800
committer	Andrew Dunham <andrew@du.nham.ca>	2020-02-01 15:23:47 -0800
commit	147f32ac2b1cfa2c08ecc8fea7e67559aff61402 (patch)
tree	b55cee4feaf70a01e939b73f1b1ce97679a7a6be /pkgs/development/libraries/libxml2/default.nix
parent	5ff1a53a32b332e3b1a1e295e12e184c65833d13 (diff)