xdg-utils: update from git to fix CVE-2014-9622

Fixes #6193.
Disabling docs generation might be another alternative
to the build-time dependency blowup.

That KDE patch no longer applies, but the code seems to take KDE5 into
account already. CC @ttuegel.
This commit is contained in:
Vladimír Čunát 2015-02-07 07:30:05 +01:00
parent 098ed10f39
commit 346c8d7a98
2 changed files with 9 additions and 31 deletions

View File

@ -1,25 +0,0 @@
From 2059662f6bd5de59144d6825d93cb5783110cd97 Mon Sep 17 00:00:00 2001
From: Thomas Tuegel <ttuegel@gmail.com>
Date: Sat, 24 Jan 2015 17:07:50 -0600
Subject: [PATCH] xdg-open: recognize KDE_SESSION_VERSION
---
scripts/xdg-open | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/xdg-open b/scripts/xdg-open
index b8db0aa..9fcf458 100755
--- a/scripts/xdg-open
+++ b/scripts/xdg-open
@@ -341,7 +341,7 @@ open_kde()
if kde-open -v 2>/dev/null 1>&2; then
kde-open "$1"
else
- if [ x"$KDE_SESSION_VERSION" = x"4" ]; then
+ if [ $KDE_SESSION_VERSION -gt 3 ]; then
kfmclient openURL "$1"
else
kfmclient exec "$1"
--
2.1.4

View File

@ -1,14 +1,16 @@
{ stdenv, fetchurl, file }:
{ stdenv, fetchgit, file, libxslt, docbook_xml_dtd_412, docbook_xsl, xmlto, w3m }:
stdenv.mkDerivation rec {
name = "xdg-utils-1.1.0-rc1";
name = "xdg-utils-1.1.0-rc3p7";
src = fetchurl {
url = "http://portland.freedesktop.org/download/${name}.tar.gz";
sha256 = "00lisw4x43sp189lb7dz46j2l09y5v2fijk3d0sxx3mvwj55a1bv";
src = fetchgit {
url = "git://anongit.freedesktop.org/xdg/xdg-utils";
rev = "e8ee3b18d16e41b95148111b920a0c8beed3ac6c";
sha256 = "0qy9h7vh6sw7wmadjvasw4sdhb9fvv7bn32ifgasdx7ag3r3939w";
};
patches = [ ./0001-xdg-open-recognize-KDE_SESSION_VERSION.patch ];
# just needed when built from git
buildInputs = [ libxslt docbook_xml_dtd_412 docbook_xsl xmlto w3m ];
postInstall = ''
substituteInPlace $out/bin/xdg-mime --replace /usr/bin/file ${file}/bin/file
@ -22,3 +24,4 @@ stdenv.mkDerivation rec {
platforms = stdenv.lib.platforms.linux;
};
}