colin
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

texlive.bin.core: patch ttfdump buffer overflow, CVE 2024-25262 (#298721)

This commit is contained in:
Vincenzo Mantova 2024-03-24 21:04:58 +00:00 committed by GitHub
parent 2e4d042d91
commit 83a2696de8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/tools/typesetting/tex/texlive/bin.nix
View File

@ -123,6 +123,15 @@ core = stdenv.mkDerivation rec {
inherit (common) binToOutput src prePatch;
patches = [
(fetchpatch {
name = "ttfdump-CVE-2024-25262.patch";
url = "https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/libttf/hdmx.c?r1=57915&r2=69520&view=patch";
stripLen = 2;
hash = "sha256-WH2kioqFAs3jaFmu4DdEUdrTf6eiymtiWTZi3vWwU7k=";
})
];
outputs = [ "out" "dev" "man" "info" ]
++ (builtins.map (builtins.replaceStrings [ "-" ] [ "_" ]) corePackages);