pango: 1.43.0, backport CVE-2019-1010238 fix

There was a previous fix for this in
https://github.com/NixOS/nixpkgs/pull/71571

But some things, most notably pygtk, still rely on deprecated pango
APIs that are not available past 1.43, this backports the CVE
fix to this version.
This commit is contained in:
Dima 2019-10-22 17:35:20 +02:00
parent 2695914175
commit 9524bf3034

View File

@ -42,6 +42,11 @@ in stdenv.mkDerivation rec {
url = "https://gitlab.gnome.org/GNOME/pango/commit/546f4c242d6f4fe312de3b7c918a848e5172e18d.patch";
sha256 = "1cqhy4xbwx3ad7z5d1ks7smf038b9as8c6qy84rml44h0fgiq4m2";
})
(fetchpatch {
# Fixes CVE-2019-1010238
url = "https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54.diff";
sha256 = "001g3anvwghdrn3yfgi8cp64j0n3l0zwgiphc1izqg7zr76s87fk";
})
];
mesonFlags = [