jhead: add patches for CVE-2019-1010301, CVE-2019-1010302

author: Robert Scott <code@humanleg.org.uk> 2019-10-31 21:02:34 +0000
committer: Robert Scott <code@humanleg.org.uk> 2019-10-31 21:02:34 +0000
commit: 7dacaa056c4a1054759ae813eb9f91b0633601de (patch)
tree: f59e871f34d46d5e8b267ad1c5fcd6bcb92965f9 /pkgs/tools/graphics/jhead
parent: 08884d6a0f974b457fff579c9b8eeb22d8e3de9b (diff)
1 files changed, 14 insertions, 1 deletions
diff --git a/pkgs/tools/graphics/jhead/default.nix b/pkgs/tools/graphics/jhead/default.nix
index a2592d5522b9a..13df4ede8ecfb 100644
--- a/pkgs/tools/graphics/jhead/default.nix
+++ b/pkgs/tools/graphics/jhead/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, libjpeg }:
+{ stdenv, fetchurl, fetchpatch, libjpeg }:
 
 stdenv.mkDerivation rec {
   pname = "jhead";
@@ -9,6 +9,19 @@ stdenv.mkDerivation rec {
     sha256 = "1hn0yqcicq3qa20h1g313l1a671r8mccpb9gz0w1056r500lw6c2";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2019-1010301.patch";
+      url = "https://sources.debian.org/data/main/j/jhead/1:3.03-3/debian/patches/36_CVE-2019-1010301";
+      sha256 = "1vvrg50z5y7sjhfi973wh1q1v79sqp7hk5d4z0dlnx3fqgkjrx7q";
+    })
+    (fetchpatch {
+      name = "CVE-2019-1010302.patch";
+      url = "https://sources.debian.org/data/main/j/jhead/1:3.03-3/debian/patches/37_CVE-2019-1010302";
+      sha256 = "1h11mpsi7hpwbi8kpnkjwn6zpqf88f132h0rsg8sggcs3vva2x8y";
+    })
+  ];
+
   buildInputs = [ libjpeg ];
 
   patchPhase = ''
author	Robert Scott <code@humanleg.org.uk>	2019-10-31 21:02:34 +0000
committer	Robert Scott <code@humanleg.org.uk>	2019-10-31 21:02:34 +0000
commit	7dacaa056c4a1054759ae813eb9f91b0633601de (patch)
tree	f59e871f34d46d5e8b267ad1c5fcd6bcb92965f9 /pkgs/tools/graphics/jhead
parent	08884d6a0f974b457fff579c9b8eeb22d8e3de9b (diff)