gupnp: apply the patch for CVE-2021-33516

Fixes CVE-2021-33516. https://discourse.gnome.org/t/security-relevant-releases-for-gupnp-issue-cve-2021-33516/6536
2021-06-03 23:25:14 +02:00 · 2021-06-03 23:25:14 +02:00 · 78d2a14bb8
commit 78d2a14bb8
parent 1e5e12d735
1 changed files with 9 additions and 0 deletions
--- a/pkgs/development/libraries/gupnp/default.nix
+++ b/pkgs/development/libraries/gupnp/default.nix
@ -1,5 +1,6 @@
 { lib, stdenv
 , fetchurl
+, fetchpatch
 , meson
 , ninja
 , pkg-config
@ -28,6 +29,14 @@ stdenv.mkDerivation rec {
    sha256 = "sha256-96AwfqUfXkTRuDL0k92QRURKOk4hHvhd/Zql3W6up9E=";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-33516.patch";
+      url = "https://gitlab.gnome.org/GNOME/gupnp/-/commit/ca6ec9dcb26fd7a2a630eb6a68118659b589afac.patch";
+      sha256 = "sha256-G7e/xNQB7Kp2fPzqVeD/cH3h1co9hZXh55QOUBnAnvU=";
+    })
+  ];
+
  nativeBuildInputs = [
    meson
    ninja