mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-30 23:34:12 +03:00
mpv: fix CVE-2018-6460
Upstream has fixed this in a series of commits ontop of 0.28.0. Debian has backported the fixes to 0.27.0. Upstream issue: https://github.com/mpv-player/mpv/issues/5456 Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888654#8
This commit is contained in:
parent
8ff7ac4859
commit
95f4d6ba1c
@ -95,6 +95,11 @@ in stdenv.mkDerivation rec {
|
|||||||
url = "https://github.com/mpv-player/mpv/commit/2ecf240b1cd20875991a5b18efafbe799864ff7f.patch";
|
url = "https://github.com/mpv-player/mpv/commit/2ecf240b1cd20875991a5b18efafbe799864ff7f.patch";
|
||||||
sha256 = "1sr0770rvhsgz8d7ysr9qqp4g9gwdhgj8g3rgnz90wl49lgrykhb";
|
sha256 = "1sr0770rvhsgz8d7ysr9qqp4g9gwdhgj8g3rgnz90wl49lgrykhb";
|
||||||
})
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
name = "CVE-2018-6360.patch";
|
||||||
|
url = https://salsa.debian.org/multimedia-team/mpv/raw/ddface85a1adfdfe02ffb25b5ac7fac715213b97/debian/patches/09_ytdl-hook-whitelist-protocols.patch;
|
||||||
|
sha256 = "1gb1lkjbr8rv4v9ji6w5z97kbxbi16dbwk2255ajbvngjrc7vivv";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
Loading…
Reference in New Issue
Block a user