diff options
author | Pierre Bourdon <delroth@gmail.com> | 2019-03-26 02:44:16 +0100 |
---|---|---|
committer | Pierre Bourdon <delroth@gmail.com> | 2019-03-26 02:46:57 +0100 |
commit | 91c46d17d5c8b3a69cbae62d91290e53168fe9d2 (patch) | |
tree | 1036f6ac5622da2c1749157b81fe8ce4ad18897c /pkgs/misc/ghostscript | |
parent | 749c0a9c16e4ab6cee82884e949eb9fac93f6261 (diff) |
ghostscript: add patch for CVE-2019-6116
This is tagged as version 9.26a in the ghostpdl repo, but unfortunately there are no tarballs released with that version number so far. We'll continue calling this version 9.26 for now for simplicity's sake (and we can switch to 9.26a and remove the patch when it's properly released). Fixes #58262 Fixes #58089
Diffstat (limited to 'pkgs/misc/ghostscript')
-rw-r--r-- | pkgs/misc/ghostscript/default.nix | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index 10481c217851d..a12d7d7d5acdc 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -1,6 +1,6 @@ { config, stdenv, lib, fetchurl, pkgconfig, zlib, expat, openssl, autoconf , libjpeg, libpng, libtiff, freetype, fontconfig, libpaper, jbig2dec -, libiconv, ijs, lcms2 +, libiconv, ijs, lcms2, fetchpatch , cupsSupport ? config.ghostscript.cups or (!stdenv.isDarwin), cups ? null , x11Support ? cupsSupport, xlibsWrapper ? null # with CUPS, X11 only adds very little }: @@ -46,6 +46,11 @@ stdenv.mkDerivation rec { patches = [ ./urw-font-files.patch ./doc-no-ref.diff + (fetchpatch { + name = "CVE-2019-6116"; + url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=d3537a54740d78c5895ec83694a07b3e4f616f61"; + sha256 = "1hr8bpi87bbg1kvv28kflmfh1dhzxw66p9q0ddvbrj72qd86p3kx"; + }) ]; outputs = [ "out" "man" "doc" ]; |