openimageio: add patch for CVE-2024-40630

2024-11-22 23:13:19 +00:00 · 2024-08-26 18:27:44 +01:00 · 2024-08-26 18:27:44 +01:00 · 4daef60456
commit 4daef60456
parent 8031304124
1 changed files with 9 additions and 0 deletions
--- a/pkgs/development/libraries/openimageio/default.nix
+++ b/pkgs/development/libraries/openimageio/default.nix
@ -1,5 +1,6 @@
 { lib, stdenv
 , fetchFromGitHub
+, fetchpatch
 , boost
 , cmake
 , giflib
@ -24,6 +25,14 @@ stdenv.mkDerivation rec {
    hash = "sha256-FtUZqk1m9ahdnwhrBeMFkUbV0dangMY/w9ShevCASfo=";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2024-40630.patch";
+      url = "https://github.com/AcademySoftwareFoundation/OpenImageIO/commit/0a2dcb4cf2c3fd4825a146cd3ad929d9d8305ce3.patch";
+      hash = "sha256-zwKcXRVjf8oq3MO6twfjbY9oM1M7GtV7usrXCT5cwWo=";
+    })
+  ];
+
  # Workaround broken zlib version detecion in CMake < 3.37.
  postPatch = ''
    substituteInPlace ./src/cmake/Config.cmake.in \