diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-02-24 01:09:00 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-02-24 01:09:00 +0000 |
commit | 072c01a28f865e9487df09aed7ddff328252fb36 (patch) | |
tree | 6df6e652915940255f294ed8998cce1c4c7c2d40 /nixpkgs/pkgs/development/libraries/cairo | |
parent | 024b46ff20027c15322e5d868ecec42632556d4b (diff) | |
parent | 969cff2691a02b3d7e5468beda26c482d8986644 (diff) | |
download | nixlib-072c01a28f865e9487df09aed7ddff328252fb36.tar nixlib-072c01a28f865e9487df09aed7ddff328252fb36.tar.gz nixlib-072c01a28f865e9487df09aed7ddff328252fb36.tar.bz2 nixlib-072c01a28f865e9487df09aed7ddff328252fb36.tar.lz nixlib-072c01a28f865e9487df09aed7ddff328252fb36.tar.xz nixlib-072c01a28f865e9487df09aed7ddff328252fb36.tar.zst nixlib-072c01a28f865e9487df09aed7ddff328252fb36.zip |
Merge commit '969cff2691a02b3d7e5468beda26c482d8986644'
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/cairo')
-rw-r--r-- | nixpkgs/pkgs/development/libraries/cairo/default.nix | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/nixpkgs/pkgs/development/libraries/cairo/default.nix b/nixpkgs/pkgs/development/libraries/cairo/default.nix index 8f7a04cbb68f..845b09053ad4 100644 --- a/nixpkgs/pkgs/development/libraries/cairo/default.nix +++ b/nixpkgs/pkgs/development/libraries/cairo/default.nix @@ -1,8 +1,10 @@ -{ stdenv, fetchurl, pkgconfig, libiconv +{ config, stdenv, fetchurl, fetchpatch, pkgconfig, libiconv , libintl, expat, zlib, libpng, pixman, fontconfig, freetype, xorg , gobjectSupport ? true, glib , xcbSupport ? true # no longer experimental since 1.12 -, glSupport ? true, libGL ? null # libGLU_combined is no longer a big dependency +, libGLSupported +, glSupport ? config.cairo.gl or (libGLSupported && stdenv.isLinux && !stdenv.isAarch32 && !stdenv.isMips) +, libGL ? null # libGLU_combined is no longer a big dependency , pdfSupport ? true , darwin }: @@ -20,6 +22,19 @@ in stdenv.mkDerivation rec { sha256 = "0c930mk5xr2bshbdljv005j3j8zr47gqmkry3q6qgvqky6rjjysy"; }; + patches = [ + # Fixes CVE-2018-19876; see Nixpkgs issue #55384 + # CVE information: https://nvd.nist.gov/vuln/detail/CVE-2018-19876 + # Upstream PR: https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 + # + # This patch is the merged commit from the above PR. + (fetchpatch { + name = "CVE-2018-19876.patch"; + url = "https://gitlab.freedesktop.org/cairo/cairo/commit/6edf572ebb27b00d3c371ba5ae267e39d27d5b6d.patch"; + sha256 = "112hgrrsmcwxh1r52brhi5lksq4pvrz4xhkzcf2iqp55jl2pb7n1"; + }) + ]; + outputs = [ "out" "dev" "devdoc" ]; outputBin = "dev"; # very small |