about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/libwebp
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/libwebp')
-rw-r--r--nixpkgs/pkgs/development/libraries/libwebp/default.nix14
1 files changed, 11 insertions, 3 deletions
diff --git a/nixpkgs/pkgs/development/libraries/libwebp/default.nix b/nixpkgs/pkgs/development/libraries/libwebp/default.nix
index e96f442e64cd..65fa55a787e1 100644
--- a/nixpkgs/pkgs/development/libraries/libwebp/default.nix
+++ b/nixpkgs/pkgs/development/libraries/libwebp/default.nix
@@ -1,4 +1,5 @@
 { lib, stdenv, fetchFromGitHub, autoreconfHook, libtool
+, fetchpatch
 , threadingSupport ? true # multi-threading
 , openglSupport ? false, freeglut, libGL, libGLU # OpenGL (required for vwebp)
 , pngSupport ? true, libpng # PNG image format
@@ -27,16 +28,23 @@
 
 stdenv.mkDerivation rec {
   pname = "libwebp";
-  version = "1.2.3";
+  version = "1.3.0";
 
   src = fetchFromGitHub {
     owner  = "webmproject";
     repo   = pname;
     rev    = "v${version}";
-    hash   = "sha256-t27d+eJR4iTHSLlI3J7RqHgsWACThjsI9O6R2Zb9F1g=";
+    hash   = "sha256-nhXkq+qKpaa75YQB/W/cRozslTIFPdXeqj1y6emQeHk=";
   };
 
-  prePatch = "patchShebangs .";
+  patches = [
+    # https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#MFSA-TMP-2023-0001
+    (fetchpatch {
+      url = "https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129.patch";
+      name = "fix-msfa-tmp-2023-0001.patch";
+      hash = "sha256-TRKXpNkYVzftBw09mX+WeQRhRoOzBgXFTNZBzSdCKvc=";
+    })
+  ];
 
   configureFlags = [
     (lib.enableFeature threadingSupport "threading")
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-01 06:12:22 +0000