diff --git a/pkgs/development/libraries/qt-5/5.9/default.nix b/pkgs/development/libraries/qt-5/5.9/default.nix index 4acc6a6393f..68c6745bcb5 100644 --- a/pkgs/development/libraries/qt-5/5.9/default.nix +++ b/pkgs/development/libraries/qt-5/5.9/default.nix @@ -17,7 +17,7 @@ top-level attribute to `top-level/all-packages.nix`. { newScope, - stdenv, fetchurl, makeSetupHook, + stdenv, fetchurl, fetchpatch, makeSetupHook, bison, cups ? null, harfbuzz, libGL, perl, gstreamer, gst-plugins-base, gtk3, dconf, cf-private, @@ -44,6 +44,25 @@ let qtserialport = [ ./qtserialport.patch ]; qttools = [ ./qttools.patch ]; qtwebkit = [ ./qtwebkit.patch ]; + qtvirtualkeyboard = [ + (fetchpatch { + name = "CVE-2018-19865-A.patch"; + url = "https://codereview.qt-project.org/gitweb?p=qt/qtvirtualkeyboard.git;a=patch;h=61780a113f02b3c62fb14516fe8ea47d91f9ed9a"; + sha256 = "0jd4nzaz9ndm9ryvrkav7kjs437l661288diklhbmgh249f8gki0"; + }) + (fetchpatch { + name = "CVE-2018-19865-B.patch"; + url = "https://codereview.qt-project.org/gitweb?p=qt/qtvirtualkeyboard.git;a=patch;h=c0ac7a4c684e2fed60a72ceee53da89eea3f95a7"; + sha256 = "0yvxrx5vx6845vgnq8ml3q93y61py5j0bvhqj7nqvpbmyj1wy1p3"; + + }) + (fetchpatch { + name = "CVE-2018-19865-C.patch"; + url = "https://codereview.qt-project.org/gitweb?p=qt/qtvirtualkeyboard.git;a=patch;h=a2e7b8412f56841e12ed20a39f4a38e32d3c1e30"; + sha256 = "1yijysa9gy5xbxndx5ri0dkfrjqja0d1bsx52qz4mhzi4pkbib02"; + }) + ]; + }; mkDerivation = diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8970828f43c..ec95c8b20a4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12080,7 +12080,7 @@ in qt59 = recurseIntoAttrs (makeOverridable (import ../development/libraries/qt-5/5.9) { inherit newScope; - inherit stdenv fetchurl makeSetupHook; + inherit stdenv fetchurl fetchpatch makeSetupHook; bison = bison2; # error: too few arguments to function 'int yylex(... inherit cups; harfbuzz = harfbuzzFull;