summary refs log tree commit diff
path: root/pkgs
diff options
context:
space:
mode:
authorTredwellGit <tredwell@tutanota.com>2021-08-17 02:31:11 +0000
committerTredwellGit <tredwell@tutanota.com>2021-08-17 02:31:11 +0000
commita83f82576b578531eb2894e0d7b279b59af23cd6 (patch)
tree4ae10ec48cf2fe8ba66909a0918e7bc8afab0054 /pkgs
parent4dfde9ac8e30f12baf1e68f9497d773bbe76bb23 (diff)
ffmpeg: patch CVE-2021-33815 and CVE-2021-38114
https://nvd.nist.gov/vuln/detail/CVE-2021-33815
https://nvd.nist.gov/vuln/detail/CVE-2021-38114
Diffstat (limited to 'pkgs')
-rw-r--r--pkgs/development/libraries/ffmpeg-full/default.nix2
-rw-r--r--pkgs/development/libraries/ffmpeg/4.nix10
2 files changed, 11 insertions, 1 deletions
diff --git a/pkgs/development/libraries/ffmpeg-full/default.nix b/pkgs/development/libraries/ffmpeg-full/default.nix
index 3dca11008f721..2fe9178766674 100644
--- a/pkgs/development/libraries/ffmpeg-full/default.nix
+++ b/pkgs/development/libraries/ffmpeg-full/default.nix
@@ -244,7 +244,7 @@ assert opensslExtlib -> gnutls == null && openssl != null && nonfreeLicensing;
 
 stdenv.mkDerivation rec {
   pname = "ffmpeg-full";
-  inherit (ffmpeg) src version;
+  inherit (ffmpeg) src version patches;
 
   prePatch = ''
     patchShebangs .
diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix
index d557c87ebdf6d..f3758ca539244 100644
--- a/pkgs/development/libraries/ffmpeg/4.nix
+++ b/pkgs/development/libraries/ffmpeg/4.nix
@@ -13,6 +13,16 @@ callPackage ./generic.nix (rec {
   darwinFrameworks = [ Cocoa CoreMedia VideoToolbox ];
 
   patches = [
+    (fetchpatch {
+      name = "CVE-2021-33815.patch";
+      url = "https://github.com/FFmpeg/FFmpeg/commit/26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777.patch";
+      sha256 = "0l8dqga5845f7d3wdbvd05i23saldq4pm2cyfdgszbr0c18sxagf";
+    })
+    (fetchpatch {
+      name = "CVE-2021-38114.patch";
+      url = "https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1.patch";
+      sha256 = "0gwkc7v1wsh4j0am2nnskhsca1b5aqzhcfd41sd9mh2swsdyf27i";
+    })
     # Fix incorrect segment length in HLS child playlist with fmp4 segment format
     # FIXME remove in version 4.5
     # https://trac.ffmpeg.org/ticket/9193
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-27 13:45:14 +0000