mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-21 05:04:00 +00:00
a0d335ff39
Many memory issues remain unfixed or partially fixed: CVE-2018-18873 CVE-2018-19539 CVE-2018-19540 CVE-2018-19541 CVE-2018-9252 CVE-2018-19542 CVE-2018-19543 CVE-2018-20570 CVE-2018-20584 CVE-2018-20622 CVE-2018-9252 Debian/Ubuntu, OpenSuSE and Gentoo removed it entirely. See: https://github.com/mdadams/jasper/issues/208
52 lines
1.3 KiB
Nix
52 lines
1.3 KiB
Nix
{ stdenv, fetchFromGitHub, fetchpatch, libjpeg, cmake }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "jasper";
|
|
version = "2.0.16";
|
|
|
|
src = fetchFromGitHub {
|
|
repo = "jasper";
|
|
owner = "mdadams";
|
|
rev = "version-${version}";
|
|
sha256 = "05l75yd1zsxwv25ykwwwjs8961szv7iywf16nc6vc6qpby27ckv6";
|
|
};
|
|
|
|
patches = [
|
|
(fetchpatch {
|
|
name = "CVE-2018-9055.patch";
|
|
url = "http://paste.opensuse.org/view/raw/330751ce";
|
|
sha256 = "0m798m6c4v9yyhql7x684j5kppcm6884n1rrb9ljz8p9aqq2jqnm";
|
|
})
|
|
];
|
|
|
|
|
|
# newer reconf to recognize a multiout flag
|
|
nativeBuildInputs = [ cmake ];
|
|
propagatedBuildInputs = [ libjpeg ];
|
|
|
|
configureFlags = [ "--enable-shared" ];
|
|
|
|
outputs = [ "bin" "dev" "out" "man" ];
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
doCheck = false; # fails
|
|
|
|
postInstall = ''
|
|
moveToOutput bin "$bin"
|
|
'';
|
|
|
|
meta = with stdenv.lib; {
|
|
homepage = https://www.ece.uvic.ca/~frodo/jasper/;
|
|
description = "JPEG2000 Library";
|
|
platforms = platforms.unix;
|
|
license = licenses.jasper;
|
|
maintainers = with maintainers; [ pSub ];
|
|
knownVulnerabilities = [
|
|
"Numerous CVE unsolved upstream"
|
|
"See: https://github.com/NixOS/nixpkgs/pull/57681#issuecomment-475857499"
|
|
"See: https://github.com/mdadams/jasper/issues/208"
|
|
];
|
|
};
|
|
}
|