public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vlc: 2.2.4 -> 2.2.5.1

Browse Source 
Fixes a nasty vulnerability caused by broken subtitle handling:

http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
This commit is contained in:
Peter Hoeg 2017-05-24 13:07:28 +08:00
parent a43e104ada
commit 4e2b190d52
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/applications/video/vlc/default.nix
View File

@ -20,19 +20,13 @@ assert (!withQt5 -> qt4 != null);
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "vlc-${version}"; name = "vlc-${version}";
version = "2.2.4"; version = "2.2.5.1";
src = fetchurl { src = fetchurl {
url = "http://get.videolan.org/vlc/${version}/${name}.tar.xz"; url = "http://get.videolan.org/vlc/${version}/${name}.tar.xz";
sha256 = "1gjkrwlg8ab3skzl67cxb9qzg4187ifckd1z9kpy11q058fyjchn"; sha256 = "1k51vm6piqlrnld7sxyg0s4kdkd3lan97lmy3v5wdh3qyll8m2xj";
}; };
patches = optional withQt5 (fetchurl {
name = "Fix-build-using-old-GCC-intrinsics.patch";
url = "https://patches.videolan.org/patch/14061/raw/";
sha256 = "16v4k7378a590diz11bdvdaqi9cpf6333hp5wr6v5sfrsma8qvpx";
});
# Comment-out the Qt 5.5 version check, as we do apply the relevant patch. # Comment-out the Qt 5.5 version check, as we do apply the relevant patch.
# https://trac.videolan.org/vlc/ticket/16497 # https://trac.videolan.org/vlc/ticket/16497
postPatch = if (!withQt5) then null else postPatch = if (!withQt5) then null else