diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2020-11-26 23:20:07 +0100 |
---|---|---|
committer | Frederik Rietdijk <freddyrietdijk@fridh.nl> | 2020-11-27 20:33:58 +0100 |
commit | ab61f1622b617fc4b418341dbfffd143c9dd8605 (patch) | |
tree | e42770b368c34aa0647b871e56601048feaad73e /pkgs/development/libraries/libxml2 | |
parent | ce9c51385634933ddc3a578fcf404561bb8f2694 (diff) |
libxml2: fix CVE-2020-24977
Fixes an out-of-bounds read when using xmllint with the --htmlout parameter. Fixes: CVE-2020-24977
Diffstat (limited to 'pkgs/development/libraries/libxml2')
-rw-r--r-- | pkgs/development/libraries/libxml2/default.nix | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 5e290b25832d4..4a73d851bd9ee 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -28,14 +28,19 @@ stdenv.mkDerivation rec { # https://github.com/NixOS/nixpkgs/pull/72342 ./utf8-xmlErrorFuncHandler.patch (fetchpatch { + name = "CVE-2019-20388.patch"; + url = "https://gitlab.gnome.org/GNOME/libxml2/commit/6088a74bcf7d0c42e24cff4594d804e1d3c9fbca.patch"; + sha256 = "070s7al2r2k92320h9cdfc2097jy4kk04d0disc98ddc165r80jl"; + }) + (fetchpatch { name = "CVE-2020-7595.patch"; url = "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c8907645d2e155f0d89d4d9895ac5112b5.patch"; sha256 = "0klvaxkzakkpyq0m44l9xrpn5kwaii194sqsivfm6zhnb9hhl15l"; }) (fetchpatch { - name = "CVE-2019-20388.patch"; - url = "https://gitlab.gnome.org/GNOME/libxml2/commit/6088a74bcf7d0c42e24cff4594d804e1d3c9fbca.patch"; - sha256 = "070s7al2r2k92320h9cdfc2097jy4kk04d0disc98ddc165r80jl"; + name = "CVE-2020-24977.patch"; + url = "https://gitlab.gnome.org/GNOME/libxml2/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2.patch"; + sha256 = "093f1ic5qfiq8nk9mc6b8p1qcs8m9hir3ardr6r5il4zi2dnjrj4"; }) ]; |