zziplib: patch CVE-2018-17828

Fixes https://github.com/NixOS/nixpkgs/issues/61961
Close https://github.com/NixOS/nixpkgs/pull/63189
vcunat amended some nitpicks into the original commit.
This commit is contained in:
Marek Mahut 2019-06-16 12:14:08 +02:00 committed by Vladimír Čunát
parent 9e480c5dfa
commit 3aa8f9448c
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA

View File

@ -1,4 +1,4 @@
{ docbook_xml_dtd_412, fetchurl, stdenv, perl, python2, zip, xmlto, zlib }:
{ docbook_xml_dtd_412, fetchurl, stdenv, perl, python2, zip, xmlto, zlib, fetchpatch }:
stdenv.mkDerivation rec {
name = "zziplib-${version}";
@ -9,6 +9,13 @@ stdenv.mkDerivation rec {
sha256 = "0i052a7shww0fzsxrdp3rd7g4mbzx7324a8ysbc0br7frpblcql4";
};
patches = [
(fetchpatch {
name = "CVE-2018-17828.patch";
url = "https://github.com/gdraheim/zziplib/commit/f609ae8971f3c0ce6.diff";
sha256 = "0jhiz4fgr93wzh6q03avn95b2nsf6402jaki6hxirxyhs5v9ahry";
})
];
postPatch = ''
sed -i -e s,--export-dynamic,, configure
'';