about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/libxslt/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/libxslt/default.nix')
-rw-r--r--nixpkgs/pkgs/development/libraries/libxslt/default.nix10
1 files changed, 9 insertions, 1 deletions
diff --git a/nixpkgs/pkgs/development/libraries/libxslt/default.nix b/nixpkgs/pkgs/development/libraries/libxslt/default.nix
index ce79b2ac5ff9..41633d91f3bd 100644
--- a/nixpkgs/pkgs/development/libraries/libxslt/default.nix
+++ b/nixpkgs/pkgs/development/libraries/libxslt/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, libxml2, findXMLCatalogs, python2, libgcrypt
+{ stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs, python2, libgcrypt
 , cryptoSupport ? false
 , pythonSupport ? stdenv.buildPlatform == stdenv.hostPlatform
 }:
@@ -18,6 +18,14 @@ stdenv.mkDerivation rec {
     sha256 = "1j1q1swnsy8jgi9x7mclvkrqhfgn09886gdlr9wzk7a08i8n0dlf";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2019-11068.patch";
+      url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch";
+      sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8";
+    })
+  ];
+
   outputs = [ "bin" "dev" "out" "man" "doc" ] ++ stdenv.lib.optional pythonSupport "py";
 
   buildInputs = [ libxml2.dev ]
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-09 11:59:59 +0000