mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-27 17:33:09 +00:00
mupdf: import upstream patches for CVEs: 2017-17858, 2018-1000051, 2018-6187, 2018-6192
This commit is contained in:
parent
679580be35
commit
f2f7b0579b
@ -39,6 +39,48 @@ in stdenv.mkDerivation rec {
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=26527eef77b3e51c2258c8e40845bfbc015e405d;hp=ab98356f959c7a6e94b1ec10f78dd2c33ed3f3e7";
|
||||
sha256 = "1brcc029s5zmd6ya0d9qk3mh9qwx5g6vhsf1j8h879092sya5627";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bugs 698804/698810/698811, 698819: Keep PDF object numbers below limit.
|
||||
name = "CVE-2017-17858.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731";
|
||||
sha256 = "1bf683d59i5009cv1hhmwmrp2rsb75cbf98qd44dk39cpvq8ydwv";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bug 698825: Do not drop borrowed colorspaces.
|
||||
name = "CVE-2018-1000051.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=321ba1de287016b0036bf4a56ce774ad11763384";
|
||||
sha256 = "0jbcc9j565q5y305pi888qzlp83zww6nhkqbsmkk91gim958zikm";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bug 698908 preprecondition: Add portable pseudo-random number generator based on the lrand48 family.
|
||||
name = "CVE-2018-6187.0.1.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=2d5b4683e912d6e6e1f1e2ca5aa0297beb3e6807";
|
||||
sha256 = "028bxinbjs5gg9myjr3vs366qxg9l2iyba2j3pxkxsh1851hj728";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bug 698908 precondition: Fix "being able to search for redacted text" bug.
|
||||
name = "CVE-2018-6187.0.2.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=25593f4f9df0c4a9b9adaa84aaa33fe2a89087f6";
|
||||
sha256 = "195y69c3f8yqxcsa0bxrmxbdc3fx1dzvz8v66i56064mjj0mx04s";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bug 698908: Resize object use and renumbering lists after repair.
|
||||
name = "CVE-2018-6187.1.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=3e30fbb7bf5efd88df431e366492356e7eb969ec";
|
||||
sha256 = "0wzbqj750h06q1wa6vxbpv5a5q9pfg0cxjdv88yggkrjb3vrkd9j";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bug 698908: Plug PDF object leaks when decimating pages in pdfposter.
|
||||
name = "CVE-2018-6187.2.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=a71e7c85a9f2313cde20d4479cd727a5f5518ed2";
|
||||
sha256 = "1pcjkq8lg6l2m0186rl79lilg79crgdvz9hrmm3w60gy2gxkgksc";
|
||||
})
|
||||
(fetchpatch {
|
||||
# Bug 698916: Indirect object numbers must be in range.
|
||||
name = "CVE-2018-6192.patch";
|
||||
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=5e411a99604ff6be5db9e273ee84737204113299";
|
||||
sha256 = "134zc07fp0p1mwqa8xrkq3drg4crajzf1hjf4mdwmcy1jfj2pfhj";
|
||||
})
|
||||
]
|
||||
|
||||
# Use shared libraries to decrease size
|
||||
|
Loading…
Reference in New Issue
Block a user