ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-19 02:44:17 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #99220 from mweinelt/lilypond

Browse Source 
lilypond: add patch to restrict embedded-{ps,svg} when -dsafe is used
This commit is contained in:
Martin Weinelt 2020-10-03 16:58:13 +02:00 committed by GitHub
commit 22dd0914a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/misc/lilypond/default.nix
View File

@ -16,7 +16,14 @@ stdenv.mkDerivation rec {
sha256 = "0qd6pd4siss016ffmcyw5qc6pr2wihnvrgd4kh1x725w7wr02nar";
};
patches = [ ./findlib.patch ];
patches = [
./findlib.patch
(fetchurl {
name = "CVE-2020-17353.patch";
url = "https://git.savannah.gnu.org/gitweb/?p=lilypond.git;a=commitdiff_plain;h=b84ea4740f3279516905c5db05f4074e777c16ff;hp=b97bd35ac99efd68569327f62f3c8a19511ebe43";
sha256 = "1i79gy3if070rdgj7j6inw532j0f6ya5qc6kgcnlkbx02rqrhr7v";
})
];
postInstall = ''
for f in "$out/bin/"*; do