Merge pull request #75724 from andir/19.09/advancecomp

[19.09] advancecomp: fix CVE-2019-9210
author: Michael Raskin <7c6f434c@mail.ru> 2019-12-15 22:54:36 +0000
committer: GitHub <noreply@github.com> 2019-12-15 22:54:36 +0000
commit: cdd5a99515d9425b3583623cdd8d6ecb4df7dac0 (patch)
tree: 38b6f36ebabe58c75b122877859e15a06653f17b
parent: Merge pull request #75716 from andir/19.09/ansible (diff)
parent: advancecomp: fix CVE-2019-9210 (diff)
download: nixpkgs-cdd5a99515d9425b3583623cdd8d6ecb4df7dac0.tar.gz
1 files changed, 15 insertions, 2 deletions
diff --git a/pkgs/tools/compression/advancecomp/default.nix b/pkgs/tools/compression/advancecomp/default.nix
index 8bee8059fe27..46c8f4338c69 100644
--- a/pkgs/tools/compression/advancecomp/default.nix
+++ b/pkgs/tools/compression/advancecomp/default.nix
@@ -1,5 +1,9 @@
-{ stdenv, fetchFromGitHub
-, autoreconfHook, zlib }:
+{ stdenv
+, fetchFromGitHub
+, fetchpatch
+, autoreconfHook
+, zlib
+}:
 
 stdenv.mkDerivation rec {
   pname = "advancecomp";
@@ -15,6 +19,15 @@ stdenv.mkDerivation rec {
   nativeBuildInputs = [ autoreconfHook ];
   buildInputs = [ zlib ];
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2019-9210.patch";
+      url = "https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02.patch";
+      sha256 = "0cdv9g87c1y8zwhqkd9ba2zjw4slcvg7yzcqv43idvnwb5fl29n7";
+      excludes = [ "doc/history.d" ];
+    })
+  ];
+
   meta = with stdenv.lib; {
     description = ''A set of tools to optimize deflate-compressed files'';
     license = licenses.gpl3 ;
author	Michael Raskin <7c6f434c@mail.ru>	2019-12-15 22:54:36 +0000
committer	GitHub <noreply@github.com>	2019-12-15 22:54:36 +0000
commit	cdd5a99515d9425b3583623cdd8d6ecb4df7dac0 (patch)
tree	38b6f36ebabe58c75b122877859e15a06653f17b
parent	Merge pull request #75716 from andir/19.09/ansible (diff)
parent	advancecomp: fix CVE-2019-9210 (diff)
download	nixpkgs-cdd5a99515d9425b3583623cdd8d6ecb4df7dac0.tar.gz