Merge pull request #213209 from LeSuisse/gpac-2.2.0

gpac: 2.0.0 -> 2.2.0
This commit is contained in:
Weijia Wang 2023-01-28 21:22:15 +01:00 committed by GitHub
commit 10ababba02
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,19 +1,23 @@
{ lib, stdenv, fetchFromGitHub, pkg-config, zlib }:
{ lib, stdenv, fetchFromGitHub, fetchpatch, pkg-config, zlib }:
stdenv.mkDerivation rec {
version = "2.0.0";
version = "2.2.0";
pname = "gpac";
src = fetchFromGitHub {
owner = "gpac";
repo = "gpac";
rev = "v${version}";
sha256 = "sha256-MIX32lSqf/lrz9240h4wMIQp/heUmwvDJz8WN08yf6c=";
sha256 = "sha256-m2qXTXLGgAyU9y6GEk4Hp/7Al57IPRSqImJatIcwswQ=";
};
postPatch = ''
substituteInPlace Makefile --replace 'dh_link' 'ln -s'
'';
patches = [
(fetchpatch {
name = "CVE-2023-0358.patch";
url = "https://github.com/gpac/gpac/commit/9971fb125cf91cefd081a080c417b90bbe4a467b.patch";
sha256 = "sha256-0PDQXahbJCOo1JJAC0T0N1u2mqmwAkdm87wXMJnBicM=";
})
];
# this is the bare minimum configuration, as I'm only interested in MP4Box
# For most other functionality, this should probably be extended
@ -41,14 +45,5 @@ stdenv.mkDerivation rec {
license = licenses.lgpl21;
maintainers = with maintainers; [ bluescreen303 mgdelacroix ];
platforms = platforms.linux;
knownVulnerabilities = [
"CVE-2022-1035"
"CVE-2022-1172"
"CVE-2022-1222"
"CVE-2022-1795"
"CVE-2022-2453"
"CVE-2022-2454"
"CVE-2022-2549"
];
};
}