From 64902aebb0dbc839a3bfd52f65a024b4e7a77e6c Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Wed, 2 Nov 2016 20:43:24 +0100
Subject: [PATCH] libxml2: add patch to fix CVE-2016-4658

cc #20078
---
 pkgs/development/libraries/libxml2/default.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix
index 577006f9014..4831f150f45 100644
--- a/pkgs/development/libraries/libxml2/default.nix
+++ b/pkgs/development/libraries/libxml2/default.nix
@@ -12,6 +12,14 @@ in stdenv.mkDerivation rec {
     sha256 = "0g336cr0bw6dax1q48bblphmchgihx9p1pjmxdnrd6sh3qci3fgz";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2016-4658.patch";
+      url = "https://git.gnome.org/browse/libxml2/patch/?id=c1d1f7121194036608bf555f08d3062a36fd344b";
+      sha256 = "0q7i5qgwgzp2x4r820mqq3nx69bgkd7n0v00j28wa6hndbfaaxmb";
+    })
+  ];
+
   # https://bugzilla.gnome.org/show_bug.cgi?id=766834#c5
   postPatch = "patch -R < " + fetchpatch {
     name = "schemas-validity.patch";