From ad2ae842bb452785247ba3801bd8d33b685205c6 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Mon, 2 Oct 2017 17:42:54 +0200 Subject: [PATCH] vlc: add patch to fix CVE-2017-9300 --- pkgs/applications/video/vlc/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/applications/video/vlc/default.nix b/pkgs/applications/video/vlc/default.nix index b806ff65ddb2..b465379c50ed 100644 --- a/pkgs/applications/video/vlc/default.nix +++ b/pkgs/applications/video/vlc/default.nix @@ -11,6 +11,7 @@ , qt4 ? null , withQt5 ? false, qtbase ? null, qtx11extras ? null , jackSupport ? false +, fetchpatch }: with stdenv.lib; @@ -27,6 +28,14 @@ stdenv.mkDerivation rec { sha256 = "1a22b913p2227ljz89c4fgjlyln5gcz8z58w32r0wh4srnnd60y4"; }; + patches = [ + (fetchpatch { + name = "CVE-2017-9300.patch"; + url = "https://git.videolan.org/?p=vlc/vlc-2.2.git;a=patch;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3;hp=dbe888f9ca9c3b102478b4a16a3d1d985c267899"; + sha256 = "0l0fwqkn31lggwc5dkhb58gkv8pc6ng51y0izjigqvfqvhwdnzxn"; + }) + ]; + # Comment-out the Qt 5.5 version check, as we do apply the relevant patch. # https://trac.videolan.org/vlc/ticket/16497 postPatch = if (!withQt5) then null else