Skip to content

Commit f40c84b

Browse files
risiclerisicle
committed
libraw: add patch for CVE-2023-1729 
1 parent 9f039b9 commit f40c84b

1 file changed

Lines changed: 16 additions & 1 deletion

File tree

pkgs/development/libraries/libraw/default.nix

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,11 @@
1-
{ lib, stdenv, fetchFromGitHub, autoreconfHook, lcms2, pkg-config }:
1+
{ lib
2+
, stdenv
3+
, fetchFromGitHub
4+
, fetchpatch
5+
, autoreconfHook
6+
, lcms2
7+
, pkg-config
8+
}:
29

310
stdenv.mkDerivation rec {
411
pname = "libraw";
@@ -11,6 +18,14 @@ stdenv.mkDerivation rec {
1118
sha256 = "sha256-K9mULf6V/TCl5Vu4iuIdSGF9HzQlgNQLRFHIpNbmAlY";
1219
};
1320

21+
patches = [
22+
(fetchpatch {
23+
name = "CVE-2023-1729.patch";
24+
url = "https://github.com/LibRaw/LibRaw/commit/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch";
25+
hash = "sha256-OAyqphxvtSM15NI77HwtGTmTmP9YNu3xhZ6D1CceJ7I=";
26+
})
27+
];
28+
1429
outputs = [ "out" "lib" "dev" "doc" ];
1530

1631
propagatedBuildInputs = [ lcms2 ];

0 commit comments

Comments
 (0)