diff options
| author | Vladimír Čunát <v@cunat.cz> | 2022-04-13 15:37:29 +0200 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2022-04-13 15:37:29 +0200 |
| commit | d4f138b4aad12ecbb771fed260da8dfd56390ac6 (patch) | |
| tree | 45febd78b9f64ab8cfec82646ede6b9e944d182b /pkgs/development/libraries | |
| parent | 8499e6bd38b8b856a73fdaf06f8c02bf8b6a27a2 (diff) | |
| parent | 93fb95449e872279eca662c02652305eb0ed25f3 (diff) | |
Merge #168133: libtiff: add patches for multiple CVEs
...into staging-21.11
Diffstat (limited to 'pkgs/development/libraries')
| -rw-r--r-- | pkgs/development/libraries/libtiff/default.nix | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libtiff/default.nix b/pkgs/development/libraries/libtiff/default.nix index bae340b849384..c772dbddf6d7e 100644 --- a/pkgs/development/libraries/libtiff/default.nix +++ b/pkgs/development/libraries/libtiff/default.nix @@ -9,6 +9,16 @@ , libjpeg , xz , zlib + +# for passthru.tests +, libgeotiff +, python3Packages +, imagemagick +, graphicsmagick +, gdal +, openimageio +, freeimage +, imlib }: #FIXME: fix aarch64-darwin build and get rid of ./aarch64-darwin.nix @@ -40,6 +50,36 @@ stdenv.mkDerivation rec { url = "https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b.patch"; sha256 = "0ycirjjc1vigj03kwjb92n6jszsl9p17ccw5hry7lli9gxyyr0an"; }) + (fetchpatch { + name = "CVE-2022-0891.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/46dc8fcd4d38c3b6f35ab28e532aee80e6f609d6.patch"; + sha256 = "1zn2pgsmbrjx3g2bpdggvwwbp6i348mikwlx4ws482h2379vmyj1"; + }) + (fetchpatch { + name = "CVE-2022-0865.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/5e18004500cda10d9074bdb6166b054e95b659ed.patch"; + sha256 = "131b9ial6avl2agwk31wp2jkrx59955f4r0dikx1jdaywqb7zhd1"; + }) + (fetchpatch { + name = "CVE-2022-0924.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/408976c44ef0aad975e0d1b6c6dc80d60f9dc665.patch"; + sha256 = "1aqaynp74ijxr3rizvbyz23ncs71pbbcw5src1zv46473sy55s8p"; + }) + (fetchpatch { + name = "CVE-2022-0907.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/f2b656e2e64adde07a6cffd5c8e96bd81a850fea.patch"; + sha256 = "0nsplq671qx0f35qww9mx27raqp3nvslz8iv7f3hxdgldylmh2vs"; + }) + (fetchpatch { + name = "CVE-2022-0909.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/f8d0f9aa1ba04c9ae3bfe869a18141a8b8117ad7.patch"; + sha256 = "1plhk6ildl16bp0k3wvzfd4a97hqfqfbbn7vjinsaasf4v0x3q5j"; + }) + (fetchpatch { + name = "CVE-2022-0908.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85.patch"; + sha256 = "0i61kkjaixdn2p933lpma9s6i0772vhxjxxcwyqagw96lmszrcm7"; + }) ]; outputs = [ "bin" "dev" "dev_private" "out" "man" "doc" ]; @@ -62,6 +102,11 @@ stdenv.mkDerivation rec { doCheck = true; + passthru.tests = { + inherit libgeotiff imagemagick graphicsmagick gdal openimageio freeimage imlib; + inherit (python3Packages) pillow imread; + }; + meta = with lib; { description = "Library and utilities for working with the TIFF image file format"; homepage = "https://libtiff.gitlab.io/libtiff"; |