Merge pull request #72794 from petabyteboy/feature/qtwebengine-cve-2019-13720

qtwebengine: add patch for CVE-2019-13720
2019-11-09 15:08:51 +01:00 · 2019-11-09 15:08:51 +01:00 · cdf9b626c4
commit cdf9b626c4
parent 07b407743d 00ac18cdea
1 changed files with 9 additions and 0 deletions
--- a/pkgs/development/libraries/qt-5/5.12/default.nix
+++ b/pkgs/development/libraries/qt-5/5.12/default.nix
@ -79,6 +79,15 @@ let
        url = "https://git.archlinux.org/svntogit/packages.git/plain/trunk/qtbug-77037-workaround.patch?h=packages/qt5-webengine&id=fc77d6b3d5ec74e421b58f199efceb2593cbf951";
        sha256 = "1gv733qfdn9746nbqqxzyjx4ijjqkkb7zb71nxax49nna5bri3am";
      })
+      # patch for CVE-2019-13720, can be removed when it is included in the next upstream release
+      # https://bugreports.qt.io/browse/QTBUG-1019226
+      (fetchpatch {
+        name = "qtwebengine-CVE-2019-13720.patch";
+        url = "https://code.qt.io/cgit/qt/qtwebengine-chromium.git/patch/?id=d6e5fc10";
+        sha256 = "0ywc12m196pr6xn7l5xbascihygkjj4pbcgcn9wxvi5ssdr6z46z";
+        extraPrefix = "src/3rdparty/";
+        stripLen = 1;
+      })
    ]
      ++ optional stdenv.isDarwin ./qtwebengine-darwin-no-platform-check.patch;
    qtwebkit = [ ./qtwebkit.patch ]