pango: 1.43.0, backport CVE-2019-1010238 fix

There was a previous fix for this in https://github.com/NixOS/nixpkgs/pull/71571 But some things, most notably pygtk, still rely on deprecated pango APIs that are not available past 1.43, this backports the CVE fix to this version.
2019-10-22 17:35:20 +02:00
parent 2695914175
commit 9524bf3034
1 changed files with 5 additions and 0 deletions
--- a/pkgs/development/libraries/pango/default.nix
+++ b/pkgs/development/libraries/pango/default.nix
@@ -42,6 +42,11 @@ in stdenv.mkDerivation rec {
      url = "https://gitlab.gnome.org/GNOME/pango/commit/546f4c242d6f4fe312de3b7c918a848e5172e18d.patch";
      sha256 = "1cqhy4xbwx3ad7z5d1ks7smf038b9as8c6qy84rml44h0fgiq4m2";
    })
+    (fetchpatch {
+      # Fixes CVE-2019-1010238
+      url = "https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54.diff";
+      sha256 = "001g3anvwghdrn3yfgi8cp64j0n3l0zwgiphc1izqg7zr76s87fk";
+    })
  ];

  mesonFlags = [