diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2018-08-04 19:38:22 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2018-08-04 19:38:22 +0200 |
commit | 0274e724813e4f9ff7b3db9f3238b7ac757f4788 (patch) | |
tree | 5932c6c612e9d2c04b91fc983f20df0c57e8f9d8 | |
parent | 1258e6dd3a19e24e3dd4c08bca516abfa3d997aa (diff) | |
download | nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.tar nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.tar.gz nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.tar.bz2 nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.tar.lz nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.tar.xz nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.tar.zst nixlib-0274e724813e4f9ff7b3db9f3238b7ac757f4788.zip |
exiv2: bugfix updates
- use upstream branch with backports - backport two fixes missing from it yet
-rw-r--r-- | pkgs/development/libraries/exiv2/default.nix | 40 |
1 files changed, 27 insertions, 13 deletions
diff --git a/pkgs/development/libraries/exiv2/default.nix b/pkgs/development/libraries/exiv2/default.nix index 7f5f19035179..b549c74540c2 100644 --- a/pkgs/development/libraries/exiv2/default.nix +++ b/pkgs/development/libraries/exiv2/default.nix @@ -1,11 +1,15 @@ -{ stdenv, fetchurl, fetchpatch, zlib, expat, gettext }: +{ stdenv, fetchurl, fetchFromGitHub, fetchpatch, zlib, expat, gettext +, autoconf }: stdenv.mkDerivation rec { - name = "exiv2-0.26"; + name = "exiv2-0.26.2018.06.09"; - src = fetchurl { - url = "http://www.exiv2.org/builds/${name}-trunk.tar.gz"; - sha256 = "1yza317qxd8yshvqnay164imm0ks7cvij8y8j86p1gqi1153qpn7"; + #url = "http://www.exiv2.org/builds/${name}-trunk.tar.gz"; + src = fetchFromGitHub rec { + owner = "exiv2"; + repo = "exiv2"; + rev = "4aa57ad"; + sha256 = "1kblpxbi4wlb0l57xmr7g23zn9adjmfswhs6kcwmd7skwi2yivcd"; }; patches = [ @@ -16,20 +20,30 @@ stdenv.mkDerivation rec { + "/sha512/${sha512}/${patchname}"; sha512 = "3f9242dbd4bfa9dcdf8c9820243b13dc14990373a800c4ebb6cf7eac5653cfef" + "e6f2c47a94fbee4ed24f0d8c2842729d721f6100a2b215e0f663c89bfefe9e32"; - }) - (fetchpatch { - # many CVEs - see https://github.com/Exiv2/exiv2/pull/120 - url = "https://patch-diff.githubusercontent.com/raw/Exiv2/exiv2/pull/120.patch"; - sha256 = "1szl22xmh12hibzaqf2zi8zl377x841m52x4jm5lziw6j8g81sj8"; - excludes = [ "test/bugfixes-test.sh" ]; - }) + }) + # Two backports from master, submitted as https://github.com/Exiv2/exiv2/pull/398 + (fetchpatch { + name = "CVE-2018-12264.diff"; + url = "https://github.com/vcunat/exiv2/commit/fd18e853.diff"; + sha256 = "0y7ahh45lpaiazjnfllndfaa5pyixh6z4kcn2ywp7qy4ra7qpwdr"; + }) + (fetchpatch { + name = "CVE-2018-12265.diff"; + url = "https://github.com/vcunat/exiv2/commit/9ed1671bd4.diff"; + sha256 = "1cn446pfcgsh1bn9vxikkkcy1cqq7ghz2w291h1094ydqg6w7q6w"; + }) ]; postPatch = "patchShebangs ./src/svn_version.sh"; + preConfigure = "make config"; # needed because not using tarball + outputs = [ "out" "dev" ]; - nativeBuildInputs = [ gettext ]; + nativeBuildInputs = [ + gettext + autoconf # needed because not using tarball + ]; propagatedBuildInputs = [ zlib expat ]; meta = { |