about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/qt-6/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/qt-6/default.nix')
-rw-r--r--nixpkgs/pkgs/development/libraries/qt-6/default.nix10
1 files changed, 10 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/libraries/qt-6/default.nix b/nixpkgs/pkgs/development/libraries/qt-6/default.nix
index 6c71f4b42a55..2610c8463b2e 100644
--- a/nixpkgs/pkgs/development/libraries/qt-6/default.nix
+++ b/nixpkgs/pkgs/development/libraries/qt-6/default.nix
@@ -66,6 +66,16 @@ let
             revert = true;
             hash = "sha256-cjB2sC4cvZn0UEc+sm6ZpjyC78ssqB1Kb5nlZQ15M4A=";
           })
+          # CVE-2023-51714: Potential Integer Overflow in Qt's HTTP2 implementation
+          # https://www.qt.io/blog/security-advisory-potential-integer-overflow-in-qts-http2-implementation
+          (fetchpatch2 {
+            url = "https://download.qt.io/official_releases/qt/6.5/0001-CVE-2023-51714-qtbase-6.5.diff";
+            hash = "sha256-0Xnolq9dWkKUrmLUlv15uQ9nkZXrY3AsmvChaLX8P2I=";
+          })
+          (fetchpatch2 {
+            url = "https://download.qt.io/official_releases/qt/6.6/0002-CVE-2023-51714-qtbase-6.6.diff";
+            hash = "sha256-+/u3vy5Ci6Z4jy00L07iYAnqHvVdqUzqVnT9uVIqs60=";
+          })
         ];
       };
       env = callPackage ./qt-env.nix { };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 03:15:40 +0000