public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

librdf_raptor2: add patch for CVE-2017-18926

Browse Source 
Fixes two heap overflows in the raptor2 rdf parsing library.

https://www.openwall.com/lists/oss-security/2017/06/07/1
This commit is contained in:
Martin Weinelt 2020-11-08 14:29:58 +01:00 committed by erictapen
parent 8c823b46d6
commit 22140b27f2
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/development/libraries/librdf/raptor2.nix
View File

@ -1,13 +1,22 @@
{ stdenv, fetchurl, libxml2, libxslt }: { stdenv, fetchurl, libxml2, libxslt }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "raptor2-2.0.15"; pname = "raptor2";
version = "2.0.15";
src = fetchurl { src = fetchurl {
url = "http://download.librdf.org/source/${name}.tar.gz"; url = "http://download.librdf.org/source/${pname}-${version}.tar.gz";
sha256 = "ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed"; sha256 = "ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed";
}; };
patches = [
(fetchurl {
name = "CVE-2017-18926.patch";
url = "https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f.patch";
sha256 = "1qlpb5rm3j2yi0x6zgdi5apymg5zlvwq3g1zl417gkjrlvxmndgp";
})
];
buildInputs = [ libxml2 libxslt ]; buildInputs = [ libxml2 libxslt ];
postInstall = "rm -rvf $out/share/gtk-doc"; postInstall = "rm -rvf $out/share/gtk-doc";