tinyxml: apply patches for CVE-2023-34194 and CVE-2021-42260

This commit is contained in:
Thomas Gerbet 2024-02-11 18:09:11 +01:00
parent 417fdb06d7
commit 830cfc27d9

View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, unzip }:
{ lib, stdenv, fetchurl, fetchpatch, unzip }:
let
version = "2.6.2";
@ -21,6 +21,17 @@ in stdenv.mkDerivation {
# Use CC, CXX, and LD from environment
./2.6.2-cxx.patch
(fetchpatch {
name = "CVE-2023-34194.patch";
url = "https://salsa.debian.org/debian/tinyxml/-/raw/2366e1f23d059d4c20c43c54176b6bd78d6a83fc/debian/patches/CVE-2023-34194.patch";
hash = "sha256-ow4LmLQV24SAU6M1J8PXpW5c95+el3t8weM9JK5xJfg=";
})
(fetchpatch {
name = "CVE-2021-42260.patch";
url = "https://salsa.debian.org/debian/tinyxml/-/raw/dc332a9f4e05496c8342b778c14b256083beb1ee/debian/patches/CVE-2021-42260.patch";
hash = "sha256-pIM0uOnUQOW93w/PEPuW3yKq1mdvNT/ClCYVc2hLoY8=";
})
];
preConfigure = "export LD=${stdenv.cc.targetPrefix}c++";