libgrss: add patch for CVE-2016-20011

This commit is contained in:
Robert Scott 2021-07-25 14:23:36 +01:00
parent 4d62c8942f
commit b50d7d0683

View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, pkg-config, vala, gobject-introspection, gtk-doc, docbook_xsl, docbook_xml_dtd_412, glib, libxml2, libsoup, gnome }:
{ lib, stdenv, fetchurl, fetchpatch, pkg-config, vala, gobject-introspection, gtk-doc, docbook_xsl, docbook_xml_dtd_412, glib, libxml2, libsoup, gnome }:
let
version = "0.7.0";
@ -14,6 +14,15 @@ stdenv.mkDerivation {
sha256 = "1nalslgyglvhpva3px06fj6lv5zgfg0qmj0sbxyyl5d963vc02b7";
};
patches = [
(fetchpatch {
name = "CVE-2016-20011.patch";
# https://gitlab.gnome.org/GNOME/libgrss/-/merge_requests/7, not yet merged!
url = "https://gitlab.gnome.org/GNOME/libgrss/-/commit/2c6ea642663e2a44efc8583fae7c54b7b98f72b3.patch";
sha256 = "1ijvq2jl97vphcvrbrqxvszdmv6yyjfygdca9vyaijpafwyzzb18";
})
];
nativeBuildInputs = [ pkg-config vala gobject-introspection gtk-doc docbook_xsl docbook_xml_dtd_412 ];
buildInputs = [ glib libxml2 libsoup ];