libsass: 3.6.1 -> 3.6.3

Contains fix for CVE-2019-18798 and CVE-2019-18799.

Fixes #54804, #53571, #57155, #58266, #73660.
This commit is contained in:
David Anderson 2020-03-11 19:37:01 -07:00 committed by Frederik Rietdijk
parent e895cacd9b
commit 92ffd641c8

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "libsass";
version = "3.6.1";
version = "3.6.3";
src = fetchFromGitHub {
owner = "sass";
repo = pname;
rev = version;
sha256 = "1599j2lbsygy3883x9si7rbad1pkjhl6y72aimaapcv90ga5kxkm";
sha256 = "1q6lvd8sj5k5an32qir918pa5khhcb8h08dzrg1bcxmw7a23j514";
# Remove unicode file names which leads to different checksums on HFS+
# vs. other filesystems because of unicode normalisation.
extraPostFetch = ''