advancecomp: fix CVE-2019-9210

(cherry picked from commit f23627cb12cef703ace198544920a90fdea376c4)

1 files changed, 15 insertions, 2 deletions

diff --git a/pkgs/tools/compression/advancecomp/default.nix b/pkgs/tools/compression/advancecomp/default.nix
index 8bee8059fe27..46c8f4338c69 100644
--- a/pkgs/tools/compression/advancecomp/default.nix
+++ b/pkgs/tools/compression/advancecomp/default.nix
@@ -1,5 +1,9 @@
-{ stdenv, fetchFromGitHub
-, autoreconfHook, zlib }:
+{ stdenv
+, fetchFromGitHub
+, fetchpatch
+, autoreconfHook
+, zlib
+}:
 
 stdenv.mkDerivation rec {
   pname = "advancecomp";
@@ -15,6 +19,15 @@ stdenv.mkDerivation rec {
   nativeBuildInputs = [ autoreconfHook ];
   buildInputs = [ zlib ];
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2019-9210.patch";
+      url = "https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02.patch";
+      sha256 = "0cdv9g87c1y8zwhqkd9ba2zjw4slcvg7yzcqv43idvnwb5fl29n7";
+      excludes = [ "doc/history.d" ];
+    })
+  ];
+
   meta = with stdenv.lib; {
     description = ''A set of tools to optimize deflate-compressed files'';
     license = licenses.gpl3 ;