From 73bec97674389da0ab5a31ad7789efc0df8596f5 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Thu, 9 Nov 2017 11:49:23 +0100 Subject: [PATCH] libexif: fix CVE-2017-7544 Patch application simplified during rebasing. --- pkgs/development/libraries/libexif/default.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/libexif/default.nix b/pkgs/development/libraries/libexif/default.nix index ebcba0fa1553..5a8f5126680e 100644 --- a/pkgs/development/libraries/libexif/default.nix +++ b/pkgs/development/libraries/libexif/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, gettext }: +{ stdenv, fetchurl, fetchpatch, gettext }: stdenv.mkDerivation rec { name = "libexif-0.6.21"; @@ -8,6 +8,15 @@ stdenv.mkDerivation rec { sha256 = "06nlsibr3ylfwp28w8f5466l6drgrnydgxrm4jmxzrmk5svaxk8n"; }; + patches = [ + (fetchpatch { + name = "CVE-2017-7544.patch"; + url = https://sourceforge.net/p/libexif/bugs/_discuss/thread/fc394c4b/489a/attachment/xx.pat; + sha256 = "1qgk8hgnxr8d63jsc4vljxz9yg33mbml280dq4a6050rmk9wq4la"; + }) + ]; + patchFlags = "-p0"; + buildInputs = [ gettext ]; meta = {