mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-25 04:12:44 +03:00
mp3gain: Fix vulnerabilities
This commit fetches a patch for CVE-2019-18359 from Gentoo's repository [1]. Previously openSuSE[2] was used, but that did not work well with `fetchpatch` and having copies of patches is discouraged. This commit should also close https://github.com/NixOS/nixpkgs/issues/90893 [1]: https://gitweb.gentoo.org/repo/gentoo.git/commit/media-sound/mp3gain?id=36f8689f7903548f5d89827a6e7bdf70a9882cee [2]: https://build.opensuse.org/package/view_file/openSUSE:Factory/mp3gain/0001-fix-security-bugs.patch
This commit is contained in:
parent
7955668c3a
commit
487fb291d9
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, unzip, mpg123 }:
|
||||
{ stdenv, fetchurl, fetchpatch, unzip, mpg123 }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "mp3gain-1.6.2";
|
||||
@ -11,17 +11,25 @@ stdenv.mkDerivation {
|
||||
|
||||
sourceRoot = ".";
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "0001-fix-security-bugs.patch";
|
||||
url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch?id=36f8689f7903548f5d89827a6e7bdf70a9882cee";
|
||||
sha256 = "10n53wm0xynlcxqlnaqfgamjzcpfz41q1jlg0bhw4kq1kzhs4yyw";
|
||||
})
|
||||
];
|
||||
|
||||
buildFlags = [ "OSTYPE=linux" ];
|
||||
|
||||
installPhase = ''
|
||||
install -vD mp3gain "$out/bin/mp3gain"
|
||||
'';
|
||||
|
||||
meta = {
|
||||
meta = with stdenv.lib; {
|
||||
description = "Lossless mp3 normalizer with statistical analysis";
|
||||
homepage = "http://mp3gain.sourceforge.net/";
|
||||
license = stdenv.lib.licenses.lgpl21;
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
maintainers = [ stdenv.lib.maintainers.devhell ];
|
||||
license = licenses.lgpl21;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ devhell ];
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user