diff options
author | Pierre Bourdon <delroth@gmail.com> | 2019-03-26 02:44:16 +0100 |
---|---|---|
committer | Pierre Bourdon <delroth@gmail.com> | 2019-03-26 02:46:57 +0100 |
commit | 91c46d17d5c8b3a69cbae62d91290e53168fe9d2 (patch) | |
tree | 1036f6ac5622da2c1749157b81fe8ce4ad18897c /pkgs/misc/ghostscript | |
parent | 749c0a9c16e4ab6cee82884e949eb9fac93f6261 (diff) |
ghostscript: add patch for CVE-2019-6116
This is tagged as version 9.26a in the ghostpdl repo, but unfortunately
there are no tarballs released with that version number so far. We'll
continue calling this version 9.26 for now for simplicity's sake (and we
can switch to 9.26a and remove the patch when it's properly released).
Fixes #58262
Fixes #58089
Diffstat (limited to 'pkgs/misc/ghostscript')
-rw-r--r-- | pkgs/misc/ghostscript/default.nix | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index 10481c217851..a12d7d7d5acd 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -1,6 +1,6 @@ { config, stdenv, lib, fetchurl, pkgconfig, zlib, expat, openssl, autoconf , libjpeg, libpng, libtiff, freetype, fontconfig, libpaper, jbig2dec -, libiconv, ijs, lcms2 +, libiconv, ijs, lcms2, fetchpatch , cupsSupport ? config.ghostscript.cups or (!stdenv.isDarwin), cups ? null , x11Support ? cupsSupport, xlibsWrapper ? null # with CUPS, X11 only adds very little }: @@ -46,6 +46,11 @@ stdenv.mkDerivation rec { patches = [ ./urw-font-files.patch ./doc-no-ref.diff + (fetchpatch { + name = "CVE-2019-6116"; + url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=d3537a54740d78c5895ec83694a07b3e4f616f61"; + sha256 = "1hr8bpi87bbg1kvv28kflmfh1dhzxw66p9q0ddvbrj72qd86p3kx"; + }) ]; outputs = [ "out" "man" "doc" ]; |