Merge pull request #323260 from LeSuisse/poppler-CVE-2024-6239

poppler: apply patch for CVE-2024-6239
author: Robert Scott <code@humanleg.org.uk> 2024-07-01 20:45:25 +0100
committer: GitHub <noreply@github.com> 2024-07-01 20:45:25 +0100
commit: 71b8797926a6f12c3fed2a264352c04eff962a43 (patch)
tree: 2863e8c8261878a0eae55c87ff6d981bb8de6656 /pkgs/development/libraries
parent: f3ff4d1c513b059acf844829aaafbf42ce42e2e9 (diff)
parent: e89babc6c260405e53c7b66543fcccecb91cea14 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/pkgs/development/libraries/poppler/default.nix b/pkgs/development/libraries/poppler/default.nix
index 17ab3f100b81a..8eeb31e96c483 100644
--- a/pkgs/development/libraries/poppler/default.nix
+++ b/pkgs/development/libraries/poppler/default.nix
@@ -2,6 +2,7 @@
 , stdenv
 , fetchurl
 , fetchFromGitLab
+, fetchpatch
 , cairo
 , cmake
 , boost
@@ -55,6 +56,15 @@ stdenv.mkDerivation (finalAttrs: rec {
     hash = "sha256-GRh6P90F8z59YExHmcGD3lygEYZAyIs3DdzzE2NDIi4=";
   };
 
+  patches = [
+    (fetchpatch {
+      # https://access.redhat.com/security/cve/CVE-2024-6239
+      name = "CVE-2024-6239.patch";
+      url = "https://gitlab.freedesktop.org/poppler/poppler/-/commit/0554731052d1a97745cb179ab0d45620589dd9c4.patch";
+      hash = "sha256-I78wJ4l1DSh+x/e00ZL8uvrGdBH+ufp+EDm0A1XWyCU=";
+    })
+  ];
+
   nativeBuildInputs = [
     cmake
     ninja
author	Robert Scott <code@humanleg.org.uk>	2024-07-01 20:45:25 +0100
committer	GitHub <noreply@github.com>	2024-07-01 20:45:25 +0100
commit	71b8797926a6f12c3fed2a264352c04eff962a43 (patch)
tree	2863e8c8261878a0eae55c87ff6d981bb8de6656 /pkgs/development/libraries
parent	f3ff4d1c513b059acf844829aaafbf42ce42e2e9 (diff)
parent	e89babc6c260405e53c7b66543fcccecb91cea14 (diff)