From a4700aa526c2de1e4dc234215fdee5bc3c8ea4e5 Mon Sep 17 00:00:00 2001 From: Periklis Tsirakidis Date: Tue, 27 Nov 2018 10:50:31 +0100 Subject: [PATCH] openjpeg: fix for CVE-2018-18088 --- pkgs/development/libraries/openjpeg/2.x.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/development/libraries/openjpeg/2.x.nix b/pkgs/development/libraries/openjpeg/2.x.nix index 77d9e5829a1..fd9c7eea8c2 100644 --- a/pkgs/development/libraries/openjpeg/2.x.nix +++ b/pkgs/development/libraries/openjpeg/2.x.nix @@ -12,5 +12,10 @@ callPackage ./generic.nix (args // rec { url = "https://github.com/uclouvain/openjpeg/commit/cc3824767bde397fedb8a1ae4786a222ba860c8d.patch"; sha256 = "1j5nxmlgyfkxldk2f1ij6h850xw45q3b5brxqa04dxsfsv8cdj5j"; }) + (fetchpatch { + name = "CVE-2017-17480+CVE-2018-18088.patch"; + url = "https://github.com/uclouvain/openjpeg/commit/92023cd6c377e0384a7725949b25655d4d94dced.patch"; + sha256 = "0rrxxqcp3vjkmvywxj9ac766m3fppy0x0nszrkf8irrqy1gnp38k"; + }) ]; })