JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

openexr: upstream security patch

Browse Source 
/cc #32459.
This commit is contained in:
Vladimír Čunát 2017-12-10 10:57:29 +01:00
parent c6fbf4a15a
commit aa9fbd036f
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
pkgs/development/libraries/openexr/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, autoconf, automake, libtool, pkgconfig, zlib, ilmbase }:
{ lib, stdenv, fetchurl, fetchpatch, autoconf, automake, libtool, pkgconfig, zlib, ilmbase }:
stdenv.mkDerivation rec {
name = "openexr-${lib.getVersion ilmbase}";
@ -8,6 +8,18 @@ stdenv.mkDerivation rec {
sha256 = "0ca2j526n4wlamrxb85y2jrgcv0gf21b3a19rr0gh4rjqkv1581n";
};
patches = [
./bootstrap.patch
(fetchpatch {
# https://github.com/openexr/openexr/issues/232
# https://github.com/openexr/openexr/issues/238
name = "CVE-2017-12596.patch";
url = "https://github.com/openexr/openexr/commit/f09f5f26c1924.patch";
sha256 = "1d014da7c8cgbak5rgr4mq6wzm7kwznb921pr7nlb52vlfvqp4rs";
stripLen = 1;
})
];
outputs = [ "bin" "dev" "out" "doc" ];
preConfigure = ''
@ -20,8 +32,6 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
patches = [ ./bootstrap.patch ];
meta = with stdenv.lib; {
homepage = http://www.openexr.com/;
license = licenses.bsd3;