unrtf: patch against CVE-2016-10091

author: Graham Christensen <graham@grahamc.com> 2017-01-11 07:25:38 -0500
committer: Graham Christensen <graham@grahamc.com> 2017-01-11 20:11:01 -0500
commit: 2dab7782f3e46932bb5ca2d3e994428bfe03b134 (patch)
tree: 1a718d78fc417953d05e8d0bb88cbac9c8264ec6 /pkgs/tools/text/unrtf
parent: b8b18925460d0697bcd6623b2029309786180b34 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/tools/text/unrtf/default.nix b/pkgs/tools/text/unrtf/default.nix
index 34eea38eb7334..c1b4aa1cf2c6e 100644
--- a/pkgs/tools/text/unrtf/default.nix
+++ b/pkgs/tools/text/unrtf/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, autoconf, automake, libiconv }:
+{ stdenv, fetchurl, fetchpatch, autoconf, automake, libiconv }:
 
 stdenv.mkDerivation rec {
   name = "unrtf-${version}";
@@ -9,6 +9,14 @@ stdenv.mkDerivation rec {
     sha256 = "1pcdzf2h1prn393dkvg93v80vh38q0v817xnbwrlwxbdz4k7i8r2";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2016-10091-0001-convert.c-Use-safe-buffer-size-and-snprintf.patch";
+      url = "https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=849705;filename=0001-convert.c-Use-safe-buffer-size-and-snprintf.patch;msg=20";
+      sha256 = "0s0fjvm3zdm9967sijlipfrwjs0h23n2n8fa6f40xxp8y5qq5a0b";
+    })
+  ];
+
   nativeBuildInputs = [ autoconf automake ];
 
   buildInputs = [ ] ++ stdenv.lib.optional stdenv.isDarwin libiconv;
author	Graham Christensen <graham@grahamc.com>	2017-01-11 07:25:38 -0500
committer	Graham Christensen <graham@grahamc.com>	2017-01-11 20:11:01 -0500
commit	2dab7782f3e46932bb5ca2d3e994428bfe03b134 (patch)
tree	1a718d78fc417953d05e8d0bb88cbac9c8264ec6 /pkgs/tools/text/unrtf
parent	b8b18925460d0697bcd6623b2029309786180b34 (diff)