pulseaudio: fix CVE-2014-3970 by upstream patch

This commit is contained in:
Vladimír Čunát 2014-08-18 17:54:33 +02:00
parent c5dca72abe
commit 99b0271712

View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgconfig, gnum4, gdbm, libtool, glib, dbus, avahi
{ stdenv, fetchurl, fetchpatch, pkgconfig, gnum4, gdbm, libtool, glib, dbus, avahi
, gconf, gtk, intltool, gettext, alsaLib, libsamplerate, libsndfile, speex
, bluez, sbc, udev, libcap, json_c
, jackaudioSupport ? false, jack2 ? null
@ -15,6 +15,13 @@ stdenv.mkDerivation rec {
sha256 = "0fgrr8v7yfh0byhzdv4c87v9lkj8g7gpjm8r9xrbvpa92a5kmhcr";
};
patches = [(fetchpatch {
name = "CVE-2014-3970.patch";
url = "http://cgit.freedesktop.org/pulseaudio/pulseaudio/patch/"
+ "?id=26b9d22dd24c17eb118d0205bf7b02b75d435e3c";
sha256 = "13vxp6520djgfrfxkzy5qvabl94sga3yl5pj93xawbkgwzqymdyq";
})];
# Since `libpulse*.la' contain `-lgdbm' and `-lcap', it must be propagated.
propagatedBuildInputs
= [ gdbm ] ++ stdenv.lib.optionals stdenv.isLinux [ libcap ];