Merge #33539: libcroco: upstream security patches

CVE-2017-7960 & CVE-2017-7961
2024-09-22 13:29:00 +02:00 · 2018-01-07 09:25:40 +01:00 · 2018-01-07 09:25:40 +01:00 · 8154fe90fe
parent cde9585b97 3de02449cf
commit 8154fe90fe
1 changed files with 14 additions and 1 deletions
--- a/pkgs/desktops/gnome-3/core/libcroco/default.nix
+++ b/pkgs/desktops/gnome-3/core/libcroco/default.nix
@ -1,4 +1,4 @@
-{ stdenv, fetchurl, pkgconfig, libxml2, glib }:
+{ stdenv, fetchurl, pkgconfig, libxml2, glib, fetchpatch }:

 stdenv.mkDerivation rec {
  name = "libcroco-0.6.12";
@ -8,6 +8,19 @@ stdenv.mkDerivation rec {
    sha256 = "0q7qhi7z64i26zabg9dbs5706fa8pmzp1qhpa052id4zdiabbi6x";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2017-7960.patch";
+      url = "https://git.gnome.org/browse/libcroco/patch/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394";
+      sha256 = "1xjwdqijxf4b7mhdp3kkgnb6c14y0bn3b3gg79kyrm82x696d94l";
+    })
+    (fetchpatch {
+      name = "CVE-2017-7961.patch";
+      url = "https://git.gnome.org/browse/libcroco/patch/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7";
+      sha256 = "0zakd72ynzjgzskwyvqglqiznsb93j1bkvc1lgyrzgv9rwrbwv9s";
+    })
+  ];
+
  outputs = [ "out" "dev" ];
  outputBin = "dev";