diff options
Diffstat (limited to 'pkgs/development/libraries/openexr/default.nix')
-rw-r--r-- | pkgs/development/libraries/openexr/default.nix | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/pkgs/development/libraries/openexr/default.nix b/pkgs/development/libraries/openexr/default.nix index ba0263bcad13b..38e0fadd07389 100644 --- a/pkgs/development/libraries/openexr/default.nix +++ b/pkgs/development/libraries/openexr/default.nix @@ -28,13 +28,35 @@ stdenv.mkDerivation rec { extraPrefix = "OpenEXR/IlmImf/"; sha256 = "1wa2jn6sa0n3phaqvklnlbgk1bz60y756ad4jk4d757pzpnannsy"; }) + (fetchpatch { + name = "CVE-2021-3933.patch"; + url = "https://github.com/AcademySoftwareFoundation/openexr/commit/5db6f7aee79e3e75e8c3780b18b28699614dd08e.patch"; + stripLen = 4; + extraPrefix = "OpenEXR/IlmImf/"; + sha256 = "sha256-DrpldpNgN5pWKzIuuPIrynGX3EpP8YhJlu+lLfNFGxQ="; + }) + + # Backport gcc-13 fix: + # https://github.com/AcademySoftwareFoundation/openexr/pull/1264 + ./gcc-13.patch ]; + # tests are determined to use /var/tmp on unix + postPatch = '' + find . -name tmpDir.h | while read -r f ; do + substituteInPlace $f --replace '/var/tmp' "$TMPDIR" + done + ''; + cmakeFlags = lib.optional stdenv.hostPlatform.isStatic "-DCMAKE_SKIP_RPATH=ON"; nativeBuildInputs = [ cmake ]; propagatedBuildInputs = [ ilmbase zlib ]; + # https://github.com/AcademySoftwareFoundation/openexr/issues/1400 + # https://github.com/AcademySoftwareFoundation/openexr/issues/1281 + doCheck = !stdenv.isAarch32 && !stdenv.isi686; + meta = with lib; { description = "A high dynamic-range (HDR) image file format"; homepage = "https://www.openexr.com/"; |