From 1b78e939aa8ffe1aa7a15f8940fb5df2b74e6c20 Mon Sep 17 00:00:00 2001
From: linsui <linsui555@gmail.com>
Date: Sat, 29 Jul 2023 22:34:47 +0800
Subject: jami: apply CVE patch

---
 .../networking/instant-messengers/jami/default.nix            | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'pkgs/applications/networking/instant-messengers/jami')

diff --git a/pkgs/applications/networking/instant-messengers/jami/default.nix b/pkgs/applications/networking/instant-messengers/jami/default.nix
index 5a002b6be9f38..1b0185447ac03 100644
--- a/pkgs/applications/networking/instant-messengers/jami/default.nix
+++ b/pkgs/applications/networking/instant-messengers/jami/default.nix
@@ -2,6 +2,7 @@
 , lib
 , pkg-config
 , fetchFromGitLab
+, fetchpatch
 , gitUpdater
 , ffmpeg_6
 
@@ -90,7 +91,15 @@ stdenv.mkDerivation rec {
         hash = "sha256-QeD2o6uz9r5vc3Scs1oRKYZ+aNH+01TSxLBj71ssfj4=";
       };
 
-      patches = (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches));
+      patches = (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches)) ++ [
+        (fetchpatch {
+          name = "CVE-2023-27585.patch";
+          url = "https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5.patch";
+          hash = "sha256-+yyKKTKG2FnfyLWnc4S80vYtDzmiu9yRmuqb5eIulPg=";
+        })
+      ];
+
+      patchFlags = [ "-p1" "-l" ];
 
       configureFlags = (readLinesToList ./config/pjsip_args_common)
         ++ lib.optionals stdenv.isLinux (readLinesToList ./config/pjsip_args_linux);
-- 
cgit 1.4.1