colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #288114 from LeSuisse/tinyxml-CVE-2023-34194-CVE-2021-42260

Browse Source 
tinyxml: apply patches for CVE-2023-34194 and CVE-2021-42260
This commit is contained in:
Robert Scott 2024-02-17 00:04:00 +00:00 committed by GitHub
commit 276ae1146d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/development/libraries/tinyxml/2.6.2.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, unzip }:
{ lib, stdenv, fetchurl, fetchpatch, unzip }:
let
version = "2.6.2";
@ -21,6 +21,17 @@ in stdenv.mkDerivation {
# Use CC, CXX, and LD from environment
./2.6.2-cxx.patch
(fetchpatch {
name = "CVE-2023-34194.patch";
url = "https://salsa.debian.org/debian/tinyxml/-/raw/2366e1f23d059d4c20c43c54176b6bd78d6a83fc/debian/patches/CVE-2023-34194.patch";
hash = "sha256-ow4LmLQV24SAU6M1J8PXpW5c95+el3t8weM9JK5xJfg=";
})
(fetchpatch {
name = "CVE-2021-42260.patch";
url = "https://salsa.debian.org/debian/tinyxml/-/raw/dc332a9f4e05496c8342b778c14b256083beb1ee/debian/patches/CVE-2021-42260.patch";
hash = "sha256-pIM0uOnUQOW93w/PEPuW3yKq1mdvNT/ClCYVc2hLoY8=";
})
];
preConfigure = "export LD=${stdenv.cc.targetPrefix}c++";