libcroco: Fixes for CVE-2017-7960 & CVE-2017-7961

This commit is contained in:
adisbladis 2018-01-07 04:46:45 +08:00
parent 1aca02b51e
commit 3de02449cf
No known key found for this signature in database
GPG Key ID: ED58F95069B004F5

View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgconfig, libxml2, glib }:
{ stdenv, fetchurl, pkgconfig, libxml2, glib, fetchpatch }:
stdenv.mkDerivation rec {
name = "libcroco-0.6.12";
@ -8,6 +8,19 @@ stdenv.mkDerivation rec {
sha256 = "0q7qhi7z64i26zabg9dbs5706fa8pmzp1qhpa052id4zdiabbi6x";
};
patches = [
(fetchpatch {
name = "CVE-2017-7960.patch";
url = "https://git.gnome.org/browse/libcroco/patch/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394";
sha256 = "1xjwdqijxf4b7mhdp3kkgnb6c14y0bn3b3gg79kyrm82x696d94l";
})
(fetchpatch {
name = "CVE-2017-7961.patch";
url = "https://git.gnome.org/browse/libcroco/patch/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7";
sha256 = "0zakd72ynzjgzskwyvqglqiznsb93j1bkvc1lgyrzgv9rwrbwv9s";
})
];
outputs = [ "out" "dev" ];
outputBin = "dev";