diff options
Diffstat (limited to 'pkgs/development/libraries/openexr/3.nix')
-rw-r--r-- | pkgs/development/libraries/openexr/3.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/pkgs/development/libraries/openexr/3.nix b/pkgs/development/libraries/openexr/3.nix index 24af4e429a020..3cfe173875c03 100644 --- a/pkgs/development/libraries/openexr/3.nix +++ b/pkgs/development/libraries/openexr/3.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitHub +, fetchpatch , zlib , cmake , imath @@ -19,9 +20,26 @@ stdenv.mkDerivation rec { sha256 = "sha256-Bi6yTcZBWTsWWMm3A7FVYblvSXKLSkHmhGvpNYGiOzE="; }; + patches = [ + (fetchpatch { + name = "CVE-2021-45942.patch"; + url = "https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e.patch"; + sha256 = "1qa8662ga5i0lyfi9mkj9s9bygdg7h1i6ahki28c664kxrlsakch"; + }) + ]; + + # tests are determined to use /var/tmp on unix + postPatch = '' + cat <(find . -name tmpDir.h) <(echo src/test/OpenEXRCoreTest/main.cpp) | while read -r f ; do + substituteInPlace $f --replace '/var/tmp' "$TMPDIR" + done + ''; + nativeBuildInputs = [ cmake ]; propagatedBuildInputs = [ imath zlib ]; + doCheck = true; + meta = with lib; { description = "A high dynamic-range (HDR) image file format"; homepage = "https://www.openexr.com/"; |