public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

aspell: fix buffer overflow in objstack 

Fixes: CVE-2019-25051
(cherry picked from commit 000fe8c92ccbf44c91d48235bd5ecb9773b223ed)
This commit is contained in:
Martin Weinelt 2021-07-26 22:18:23 +02:00 committed by github-actions[bot]
parent 5010d50240
commit abc2a76cb5
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/development/libraries/aspell/default.nix
View File

@ -23,7 +23,14 @@ stdenv.mkDerivation rec {
sha256 = "1wi60ankalmh8ds7nplz434jd7j94gdvbahdwsr539rlad8pxdzr";
};
patches = lib.optional searchNixProfiles ./data-dirs-from-nix-profiles.patch;
patches = [
(fetchpatch {
# objstack: assert that the alloc size will fit within a chunk
name = "CVE-2019-25051.patch";
url = "https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a.patch";
sha256 = "03z259xrk41x3j190gaprf3mqysyfgh3a04rjmch3h625vj95x39";
})
] ++ lib.optional searchNixProfiles ./data-dirs-from-nix-profiles.patch;
postPatch = ''
patch interfaces/cc/aspell.h < ${./clang.patch}