public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #130155 from LeSuisse/kimages-CVE-2021-36083-21.05 

[21.05] libsForQt5.kimageformats: fix CVE-2021-36083
This commit is contained in:
Thomas Tuegel 2021-07-21 09:49:04 -05:00 committed by GitHub
parent 5aefc30fb8 07b2b092be
commit 7e3eed28fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
pkgs/development/libraries/kde-frameworks/kimageformats.nix
View File

@ -1,5 +1,5 @@
{
mkDerivation, lib,
mkDerivation, lib, fetchpatch,
extra-cmake-modules,
ilmbase, karchive, openexr, qtbase
}:
@ -8,8 +8,21 @@ let inherit (lib) getDev; in
mkDerivation {
name = "kimageformats";
patches = [
(fetchpatch { # included in kimageformats >= 5.82
name = "CVE-2021-36083.patch";
url = "https://invent.kde.org/frameworks/kimageformats/-/commit/297ed9a2fe339bfe36916b9fce628c3242e5be0f.diff";
sha256 = "16axaljgaar0j5796x1mjps93y92393x8zywh3nzw7rm9w2qxzml";
})
];
nativeBuildInputs = [ extra-cmake-modules ];
buildInputs = [ karchive openexr qtbase ];
outputs = [ "out" ]; # plugins only
CXXFLAGS = "-I${getDev ilmbase}/include/OpenEXR";
meta = with lib; {
broken = versionOlder qtbase.version "5.14";
};
}