p7zip: patch for CVE-2016-9296

8 years ago · 0683c1a35c
parent e0b850147d
commit 0683c1a35c
1 changed files with 8 additions and 1 deletions
--- a/pkgs/tools/archivers/p7zip/default.nix
+++ b/pkgs/tools/archivers/p7zip/default.nix
@ -1,4 +1,4 @@
-{ stdenv, fetchurl }:
+{ stdenv, fetchurl, fetchpatch }:

 stdenv.mkDerivation rec {
  name = "p7zip-${version}";
@ -9,6 +9,13 @@ stdenv.mkDerivation rec {
    sha256 = "5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f";
  };

+  patches = [
+    (fetchpatch {
+      url = "https://sources.debian.net/data/main/p/p7zip/16.02+dfsg-2/debian/patches/12-CVE-2016-9296.patch";
+      sha256 = "0inblicg24gcbaq84n0mr6w4yc5ak65mh9wxml96wlhdf7ph2i3m";
+    })
+  ];
+
  preConfigure = ''
    makeFlagsArray=(DEST_HOME=$out)
    buildFlags=all3