From 58acdb18ded4df20ab2267e804d625e9bc994fff Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Fri, 15 Mar 2024 22:01:36 +0000
Subject: [PATCH] libdicom: add patch for CVE-2024-24793 & CVE-2024-24794

---
 pkgs/development/libraries/libdicom/default.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkgs/development/libraries/libdicom/default.nix b/pkgs/development/libraries/libdicom/default.nix
index cb4d68121ef5..94dfaf81298d 100644
--- a/pkgs/development/libraries/libdicom/default.nix
+++ b/pkgs/development/libraries/libdicom/default.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchFromGitHub
+, fetchpatch
 , uthash
 , meson
 , ninja
@@ -19,6 +20,15 @@ stdenv.mkDerivation (finalAttrs: {
     sha256 = "sha256-9n0Gp9+fmTM/shgWC8zpwt1pic9BrvDubOt7f+ZDMeE=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2024-24793.CVE-2024-24794.patch";
+      url = "https://github.com/ImagingDataCommons/libdicom/commit/3661aa4cdbe9c39f67d38ae87520f9e3ed50ab16.patch";
+      excludes = [ "CHANGELOG.md" ];
+      hash = "sha256-/KTp0nKYk6jX4phNHY+nzjEptUBHKM2JkOftS5vHsEw=";
+    })
+  ];
+
   buildInputs = [ uthash ];
 
   nativeBuildInputs = [ meson ninja pkg-config ]