libcue: apply patch for CVE-2023-43641

https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/
This commit is contained in:
Thomas Gerbet 2023-10-10 12:44:27 +02:00
parent 147d12908d
commit 6335cf6cdf

View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, cmake, bison, flex }:
{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, bison, flex }:
stdenv.mkDerivation rec {
pname = "libcue";
@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
sha256 = "1iqw4n01rv2jyk9lksagyxj8ml0kcfwk67n79zy1r6zv1xfp5ywm";
};
patches = [
(fetchpatch {
name = "CVE-2023-43641.patch";
url = "https://github.com/lipnitsk/libcue/commit/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch";
hash = "sha256-NjnSMUfman/SwLFWDIhtz2jCOLfpXGGGjO3QwRGURNg=";
})
];
nativeBuildInputs = [ cmake bison flex ];
doCheck = false; # fails all the tests (ctest)