Merge pull request #199726 from LeSuisse/timg-CVE-2022-43151

timg: apply patch for CVE-2022-43151
2024-09-23 05:35:50 +02:00 · 2022-11-05 16:45:37 -03:00 · 2022-11-05 16:45:37 -03:00 · c8153ee8ed
parent c4b49b957b bbb8622275
commit c8153ee8ed
1 changed files with 9 additions and 1 deletions
--- a/pkgs/tools/graphics/timg/default.nix
+++ b/pkgs/tools/graphics/timg/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, graphicsmagick, libjpeg
+{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, pkg-config, graphicsmagick, libjpeg
 , ffmpeg, zlib, libexif, openslide }:

 stdenv.mkDerivation rec {
@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
    sha256 = "1gdwg15fywya6k6pajkx86kv2d8k85pmisnq53b02br5i01y4k41";
  };

+  patches = [
+    (fetchpatch {
+      url = "https://github.com/hzeller/timg/commit/e9667ea2c811aa9eb399b631aef9bba0d3711834.patch";
+      sha256 = "sha256-xvbOcnKqX52wYZlzm4Be9dz8Rq+n3s2kKPFr0Y0igAU=";
+      name = "CVE-2022-43151.patch";
+    })
+  ];
+
  buildInputs = [ graphicsmagick ffmpeg libexif libjpeg openslide zlib ];

  nativeBuildInputs = [ cmake pkg-config ];