|
|
|
@ -1,4 +1,4 @@ |
|
|
|
|
{ lib, stdenv, fetchurl |
|
|
|
|
{ lib, stdenv, fetchurl, fetchpatch |
|
|
|
|
, pkg-config |
|
|
|
|
, libxml2, findXMLCatalogs, gettext, python, libgcrypt |
|
|
|
|
, cryptoSupport ? false |
|
|
|
@ -14,6 +14,15 @@ stdenv.mkDerivation rec { |
|
|
|
|
sha256 = "0zrzz6kjdyavspzik6fbkpvfpbd25r2qg6py5nnjaabrsr3bvccq"; |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
patches = [ |
|
|
|
|
(fetchpatch { |
|
|
|
|
# Fixes use-after-free in xsltApplyTemplates |
|
|
|
|
name = "CVE-2021-30560.patch"; |
|
|
|
|
url = "https://gitlab.gnome.org/GNOME/libxslt/-/commit/50f9c9cd3b7dfe9b3c8c795247752d1fdcadcac8.patch"; |
|
|
|
|
hash = "sha256-XJD9SBo8xzztQQ6g13h4IzID7HV7u3xWSQdb2rVCJBQ="; |
|
|
|
|
}) |
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
outputs = [ "bin" "dev" "out" "man" "doc" ] ++ lib.optional pythonSupport "py"; |
|
|
|
|
|
|
|
|
|
nativeBuildInputs = [ |
|
|
|
|