Merge #83013: exiv2: patch CVE-2019-20421

This commit is contained in:
Vladimír Čunát 2020-03-29 09:40:53 +02:00
commit 6d28c1893d
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA

View File

@ -1,5 +1,6 @@
{ stdenv
, fetchFromGitHub
, fetchpatch
, zlib
, expat
, cmake
@ -23,6 +24,16 @@ stdenv.mkDerivation rec {
sha256 = "0n8il52yzbmvbkryrl8waz7hd9a2fdkw8zsrmhyh63jlvmmc31gf";
};
patches = [
# included in next release
(fetchpatch {
name = "cve-2019-20421.patch";
url = "https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8.patch";
sha256 = "16r19qb9l5j43ixm5jqid9sdv5brlkk1wq0w79rm5agxq4kblfyc";
excludes = [ "tests/bugfixes/github/test_issue_1011.py" "test/data/Jp2Image_readMetadata_loop.poc" ];
})
];
cmakeFlags = [
"-DEXIV2_BUILD_PO=ON"
"-DEXIV2_BUILD_DOC=ON"