Merge security fixes adapted from #31437
This commit is contained in:
Vladimír Čunát
@@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, gettext }:
|
||||
{ stdenv, fetchurl, fetchpatch, gettext }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libexif-0.6.21";
|
||||
@@ -8,6 +8,15 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "06nlsibr3ylfwp28w8f5466l6drgrnydgxrm4jmxzrmk5svaxk8n";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2017-7544.patch";
|
||||
url = https://sourceforge.net/p/libexif/bugs/_discuss/thread/fc394c4b/489a/attachment/xx.pat;
|
||||
sha256 = "1qgk8hgnxr8d63jsc4vljxz9yg33mbml280dq4a6050rmk9wq4la";
|
||||
})
|
||||
];
|
||||
patchFlags = "-p0";
|
||||
|
||||
buildInputs = [ gettext ];
|
||||
|
||||
meta = {
|
||||
|
||||
@@ -7,11 +7,11 @@ assert gtkSupport -> glib != null && gtk3 != null;
|
||||
assert videoSupport -> ffmpeg != null && libmpeg2 != null;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libextractor-1.4";
|
||||
name = "libextractor-1.6";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/libextractor/${name}.tar.gz";
|
||||
sha256 = "0v7ns5jhsyp1wzvbaydfgxnva5zd63gkzm9djhckmam9liq824l4";
|
||||
sha256 = "17gnpgspdhfgcr27j8sn9105vb4lw22yqdrhic62l79q5v5avm16";
|
||||
};
|
||||
|
||||
preConfigure =
|
||||
|
||||
@@ -1,18 +1,18 @@
|
||||
{ stdenv, fetchurl, pcre, zlib, perl }:
|
||||
{ stdenv, fetchurl, libjpeg, zlib, perl }:
|
||||
|
||||
let version = "6.0.0";
|
||||
let version = "7.0.0";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
name = "qpdf-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/qpdf/qpdf/${version}/${name}.tar.gz";
|
||||
sha256 = "0csj2p2gkxrc0rk8ykymlsdgfas96vzf1dip3y1x7z1q9plwgzd9";
|
||||
sha256 = "0py6p27fx4qrwq9mvcybna42b0bdi359x38lzmggxl5a9khqvl7y";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ perl ];
|
||||
|
||||
buildInputs = [ pcre zlib ];
|
||||
buildInputs = [ zlib libjpeg ];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs qpdf/fix-qdf
|
||||
@@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://qpdf.sourceforge.net/;
|
||||
description = "A C++ library and set of programs that inspect and manipulate the structure of PDF files";
|
||||
license = licenses.artistic2;
|
||||
license = licenses.asl20; # as of 7.0.0, people may stay at artistic2
|
||||
maintainers = with maintainers; [ abbradar ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{stdenv, fetchFromGitHub, fetchurl, pkgconfig, libusb, readline, libewf, perl, zlib, openssl,
|
||||
{stdenv, fetchFromGitHub, fetchurl, fetchpatch, pkgconfig, libusb, readline, libewf, perl, zlib, openssl,
|
||||
gtk2 ? null, vte ? null, gtkdialog ? null,
|
||||
python ? null,
|
||||
ruby ? null,
|
||||
@@ -13,16 +13,24 @@ let
|
||||
inherit (stdenv.lib) optional;
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
version = "2.0.0";
|
||||
version = "2.0.1";
|
||||
name = "radare2-${version}";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "radare";
|
||||
repo = "radare2";
|
||||
rev = version;
|
||||
sha256 = "1ahai9x6jc15wjzdbdkri3rc88ark2i5s8nv2pxcp0wwldvawlzi";
|
||||
sha256 = "031ndvinsypagpkdszxjq0hj91ijq9zx4dzk53sz7il7s3zn65c7";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2017-15385.patch";
|
||||
url = https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4.patch;
|
||||
sha256 = "19qg5j9yr5r62nrq2b6mscxsz0wyyfah2z5jz8dvj9kqxq186d43";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = let
|
||||
cs_ver = "3.0.4"; # version from $sourceRoot/shlr/Makefile
|
||||
capstone = fetchurl {
|
||||
|
||||
Reference in New Issue
Block a user