From 67d593a330ebf918b44d0e108e7bd818a6e00553 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Wed, 22 Sep 2021 14:28:33 +0000
Subject: [PATCH] ffmpeg: patch CVE-2021-38171 and CVE-2021-38291

https://nvd.nist.gov/vuln/detail/CVE-2021-38171
https://nvd.nist.gov/vuln/detail/CVE-2021-38291
(cherry picked from commit b1f41c918452b0b6a8d7afb14a04063ff56556df)
---
 pkgs/development/libraries/ffmpeg/4.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix
index f3758ca5392..14405f40f67 100644
--- a/pkgs/development/libraries/ffmpeg/4.nix
+++ b/pkgs/development/libraries/ffmpeg/4.nix
@@ -23,6 +23,16 @@ callPackage ./generic.nix (rec {
       url = "https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1.patch";
       sha256 = "0gwkc7v1wsh4j0am2nnskhsca1b5aqzhcfd41sd9mh2swsdyf27i";
     })
+    (fetchpatch {
+      name = "CVE-2021-38171.patch";
+      url = "https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6.patch";
+      sha256 = "0b8hsb45izw7w1vb2b94k9f6kvn2shxrap5ip1krdxg6hs7an0x8";
+    })
+    (fetchpatch {
+      name = "CVE-2021-38291.patch";
+      url = "https://github.com/FFmpeg/FFmpeg/commit/e01d306c647b5827102260b885faa223b646d2d1.patch";
+      sha256 = "0p2p8gcnb5j469xa3czfssm09w3jk08kz8rnl8wi2l9aj9l08my9";
+    })
     # Fix incorrect segment length in HLS child playlist with fmp4 segment format
     # FIXME remove in version 4.5
     # https://trac.ffmpeg.org/ticket/9193