zziplib: apply patches for CVE-2018-16548

(cherry picked from commit aa74d076c973edcfeb4e0953894475cc6f164829)

1 files changed, 16 insertions, 0 deletions

diff --git a/pkgs/development/libraries/zziplib/default.nix b/pkgs/development/libraries/zziplib/default.nix
index 010c73336b924..e9d53b43ddbbc 100644
--- a/pkgs/development/libraries/zziplib/default.nix
+++ b/pkgs/development/libraries/zziplib/default.nix
@@ -15,6 +15,22 @@ stdenv.mkDerivation rec {
       url = "https://github.com/gdraheim/zziplib/commit/f609ae8971f3c0ce6.diff";
       sha256 = "0jhiz4fgr93wzh6q03avn95b2nsf6402jaki6hxirxyhs5v9ahry";
     })
+
+    (fetchpatch {
+      name = "CVE-2018-16548-part1.patch";
+      url = "https://github.com/gdraheim/zziplib/commit/9411bde3e4a70a81ff3ffd256b71927b2d90dcbb.patch";
+      sha256 = "0cy8i182zbvcqzs5z2j13d5sl7hbh59pkgw4xkyg5yz739q4fp9b";
+    })
+    (fetchpatch {
+      name = "CVE-2018-16548-part2.patch";
+      url = "https://github.com/gdraheim/zziplib/commit/d2e5d5c53212e54a97ad64b793a4389193fec687.patch";
+      sha256 = "153wd4vab8xqj9avcpx8g2zw9qsp9nkaqi7yc65pz3r7xfcxwdla";
+    })
+    (fetchpatch {
+      name = "CVE-2018-16548-part3.patch";
+      url = "https://github.com/gdraheim/zziplib/commit/0e1dadb05c1473b9df2d7b8f298dab801778ef99.patch";
+      sha256 = "0fs6dns8l7dz5a900397g8b7x62z72b0pbpdmwk1hnx6vb7z5rz5";
+    })
   ];
   postPatch = ''
     sed -i -e s,--export-dynamic,, configure