public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

graphicsmagick: apply patches to fix security issues 

Fixes CVE-2016-7996, CVE-2016-7996, CVE-2016-7800.

cc #19481
This commit is contained in:
Franz Pletz 2016-10-13 23:53:43 +02:00
parent c766c7f095
commit 4771ccd896
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
pkgs/applications/graphics/graphicsmagick/default.nix
View File

@ -1,6 +1,6 @@
{stdenv, fetchurl, bzip2, freetype, graphviz, ghostscript
, libjpeg, libpng, libtiff, libxml2, zlib, libtool, xz
, libX11, libwebp, quantumdepth ? 8}:
{ stdenv, fetchurl, fetchpatch, bzip2, freetype, graphviz, ghostscript
, libjpeg, libpng, libtiff, libxml2, zlib, libtool, xz, libX11
, libwebp, quantumdepth ? 8 }:
let version = "1.3.25"; in
@ -12,7 +12,21 @@ stdenv.mkDerivation {
sha256 = "17xcc7pfcmiwpfr1g8ys5a7bdnvqzka53vg3kkzhwwz0s99gljyn";
};
patches = [ ./disable-popen.patch ];
patches = [
./disable-popen.patch
(fetchpatch {
url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-4/debian/patches/CVE-2016-7996_CVE-2016-7997.patch";
sha256 = "0xsby2z8n7cnnln7szjznq7iaabq323wymvdjra59yb41aix74r2";
})
(fetchpatch {
url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-4/debian/patches/CVE-2016-7800_part1.patch";
sha256 = "02s0x9bkbnm5wrd0d2x9ld4d9z5xqpfk310lyylyr5zlnhqxmwgn";
})
(fetchpatch {
url = "https://sources.debian.net/data/main/g/graphicsmagick/1.3.25-4/debian/patches/CVE-2016-7800_part2.patch";
sha256 = "1h4xv3i1aq5avsd584rwa5sa7ca8f7w9ggmh7j2llqq5kymwsv5f";
})
];
configureFlags = [
"--enable-shared"