libde265: fix CVE-2022-1253 (#172536)

Closes #172496
2 years ago · 710dfd7955
parent a7ee915179
commit 710dfd7955
1 changed files with 9 additions and 2 deletions
--- a/pkgs/development/libraries/libde265/default.nix
+++ b/pkgs/development/libraries/libde265/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkg-config }:

 stdenv.mkDerivation rec {
  version = "1.0.8";
@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
    sha256 = "1dzflqbk248lz5ws0ni5acmf32b3rmnq5gsfaz7691qqjxkl1zml";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2022-1253.patch";
+      url = "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8.patch";
+      sha256 = "sha256-F1BOWFx9oXR2trM22atyD3AJ5x6vVfURQ/PTlYP2Ibg=";
+    })
+  ];
+
  nativeBuildInputs = [ autoreconfHook pkg-config ];

  enableParallelBuilding = true;
@ -22,5 +30,4 @@ stdenv.mkDerivation rec {
    platforms = lib.platforms.unix;
    maintainers = with lib.maintainers; [ gebner ];
  };
-
 }