From f9f3d6b210f0ca946ed202d3b7f89ec78988c130 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sat, 18 May 2019 12:30:30 +0100 Subject: [PATCH] libsass: add patch for CVE-2018-19827 (PR #61673) vcunat switched to upstream commit that's reachable from master. --- pkgs/development/libraries/libsass/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkgs/development/libraries/libsass/default.nix b/pkgs/development/libraries/libsass/default.nix index 54108e1a007b..ce43ed734324 100644 --- a/pkgs/development/libraries/libsass/default.nix +++ b/pkgs/development/libraries/libsass/default.nix @@ -9,6 +9,14 @@ stdenv.mkDerivation rec { sha256 = "0w6v1xa00jvfyk4b29ir7dfkhiq72anz015gg580bi7x3n7saz28"; }; + patches = [ + (fetchpatch { + name = "CVE-2018-19827.patch"; + url = "https://github.com/sass/libsass/commit/b21fb9f84096d9927780b86fa90629a096af358d.patch"; + sha256 = "0ix12x9plmpgs3xda2fjdcykca687h16qfwqr57i5qphjr9vp33l"; + }) + ]; + preConfigure = '' export LIBSASS_VERSION=${version} '';