diff options
| author | Vladimír Čunát <v@cunat.cz> | 2023-12-20 10:22:11 +0100 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2023-12-20 10:22:11 +0100 |
| commit | 1dcc2020e19fea7f038945dece8c86d41c337c4b (patch) | |
| tree | 3dc33e5df762129c226254debf95de74dc359c5f /pkgs/development/libraries | |
| parent | bd76199fa9afccffbaae00bbd86d00a26cc0ad56 (diff) | |
| parent | 328542368f1a39b1725a4af0e1b348770ee23b5f (diff) | |
Merge #274726: libsass: add security patches
...into staging
Diffstat (limited to 'pkgs/development/libraries')
| -rw-r--r-- | pkgs/development/libraries/libsass/default.nix | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/pkgs/development/libraries/libsass/default.nix b/pkgs/development/libraries/libsass/default.nix index 92f3853b5f71..57e58adb8c7e 100644 --- a/pkgs/development/libraries/libsass/default.nix +++ b/pkgs/development/libraries/libsass/default.nix @@ -1,5 +1,14 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, autoreconfHook , testers + +# for passthru.tests +, gtk3 +, gtk4 +, sassc }: stdenv.mkDerivation (finalAttrs: { @@ -18,13 +27,24 @@ stdenv.mkDerivation (finalAttrs: { ''; }; + patches = [ + (fetchpatch { + name = "CVE-2022-26592.CVE-2022-43357.CVE-2022-43358.patch"; + url = "https://github.com/sass/libsass/pull/3184/commits/5bb0ea0c4b2ebebe542933f788ffacba459a717a.patch"; + hash = "sha256-DR6pKFWL70uJt//drzq34LeTzT8rUqgUTpgfUHpD2s4="; + }) + ]; + preConfigure = '' export LIBSASS_VERSION=${finalAttrs.version} ''; nativeBuildInputs = [ autoreconfHook ]; - passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; + passthru.tests = { + inherit gtk3 gtk4 sassc; + pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; + }; meta = with lib; { description = "A C/C++ implementation of a Sass compiler"; |