libsndfile: add patches for multiple CVEs

Fixes the patches names for security tools to parse CVEs.

Adds patch to fix CVE-2017-14634.

cc #30959
This commit is contained in:
Franz Pletz 2017-11-19 18:51:22 +01:00
parent a6044ad793
commit 58218d4d8e
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4

View File

@ -11,26 +11,31 @@ stdenv.mkDerivation rec {
}; };
patches = [ patches = [
# CVE-2017-12562
(fetchurl { (fetchurl {
name = "CVE-2017-12562.patch";
url = "https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8.patch"; url = "https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8.patch";
sha256 = "1jg3wq30wdn9nv52mcyv6jyi4d80h4r1h9p96czcria7l91yh4sy"; sha256 = "1jg3wq30wdn9nv52mcyv6jyi4d80h4r1h9p96czcria7l91yh4sy";
}) })
# CVE-2017-6892
(fetchurl { (fetchurl {
name = "CVE-2017-6892.patch";
url = "https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748.patch"; url = "https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748.patch";
sha256 = "05xkmz2ihc1zcj73sbmj1ikrv9qlcym2bkp1v6ak7w53ky619mwq"; sha256 = "05xkmz2ihc1zcj73sbmj1ikrv9qlcym2bkp1v6ak7w53ky619mwq";
}) })
# CVE-2017-8361, CVE-2017-8363, CVE-2017-8363
(fetchurl { (fetchurl {
name = "CVE-2017-8361+CVE-2017-8363+CVE-2017-8365.patch";
url = "https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3.patch"; url = "https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3.patch";
sha256 = "0ccndnvjzx5fw18zvy03vnb29rr81h5vsh1m16msqbxk8ibndln2"; sha256 = "0ccndnvjzx5fw18zvy03vnb29rr81h5vsh1m16msqbxk8ibndln2";
}) })
# CVE-2017-8362
(fetchurl { (fetchurl {
name = "CVE-2017-8362.patch";
url = "https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808.patch"; url = "https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808.patch";
sha256 = "1xyv30ga71cpy4wx5f76sc4dma91la2lcc6s9f3pk9rndyi7gj9x"; sha256 = "1xyv30ga71cpy4wx5f76sc4dma91la2lcc6s9f3pk9rndyi7gj9x";
}) })
(fetchurl {
name = "CVE-2017-14634.patch";
url = "https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788.patch";
sha256 = "0kc7vp22qsxidhvmlc6nfamw7k92n0hcfpmwhb3gaksjamwhb2df";
})
]; ];
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];