public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libxslt: fix CVE-2015-7995 by upstream patch

This commit is contained in:
Vladimír Čunát 2016-02-06 13:21:18 +01:00
parent 96cbdc70f2
commit e4728dd05f
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/development/libraries/libxslt/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, libxml2, findXMLCatalogs }: { stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "libxslt-1.1.28"; name = "libxslt-1.1.28";
@ -8,14 +8,21 @@ stdenv.mkDerivation rec {
sha256 = "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz"; sha256 = "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz";
}; };
patches = stdenv.lib.optional stdenv.isSunOS ./patch-ah.patch
++ [
(fetchpatch {
name = "CVE-2015-7995.patch";
url = "http://git.gnome.org/browse/libxslt/patch/?id=7ca19df892ca22";
sha256 = "1xzg0q94dzbih9nvqp7g9ihz0a3qb0w23l1158m360z9smbi8zbd";
})
];
outputs = [ "out" "doc" ]; outputs = [ "out" "doc" ];
buildInputs = [ libxml2 ]; buildInputs = [ libxml2 ];
propagatedBuildInputs = [ findXMLCatalogs ]; propagatedBuildInputs = [ findXMLCatalogs ];
patches = stdenv.lib.optionals stdenv.isSunOS [ ./patch-ah.patch ];
configureFlags = [ configureFlags = [
"--with-libxml-prefix=${libxml2}" "--with-libxml-prefix=${libxml2}"
"--without-python" "--without-python"