summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Scott <code@humanleg.org.uk>2022-08-30 19:57:55 +0100
committergithub-actions[bot] <github-actions[bot]@users.noreply.github.com>2022-08-31 20:44:37 +0000
commit96a0d7f6384a2652d2882cf9b42cb48a8035b6d9 (patch)
treeff10827f4efe40b0ac4b0eb93434a509d9222f1b
parentMerge pull request #187718 from NixOS/backport-182355-to-release-22.05 (diff)
downloadnixpkgs-96a0d7f6384a2652d2882cf9b42cb48a8035b6d9.tar.gz
openscad: add patches for CVE-2022-0496 & CVE-2022-0497
(cherry picked from commit 3bfe6bfca2fbe5f7f6c9d640172d482bfdcec815)
Diffstat
-rw-r--r--pkgs/applications/graphics/openscad/default.nix14
1 files changed, 14 insertions, 0 deletions
diff --git a/pkgs/applications/graphics/openscad/default.nix b/pkgs/applications/graphics/openscad/default.nix
index 2379962bb55f..b196bbe231ce 100644
--- a/pkgs/applications/graphics/openscad/default.nix
+++ b/pkgs/applications/graphics/openscad/default.nix
@@ -1,5 +1,6 @@
{ lib, stdenv
, fetchFromGitHub
+, fetchpatch
, qtbase
, qtmultimedia
, qscintilla
@@ -39,6 +40,19 @@ mkDerivation rec {
sha256 = "sha256-2tOLqpFt5klFPxHNONnHVzBKEFWn4+ufx/MU+eYbliA=";
};
+ patches = [
+ (fetchpatch {
+ name = "CVE-2022-0496.patch";
+ url = "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41.patch";
+ sha256 = "sha256-q3SLj2b5aM/IQ8vIDj4iVcwCajgyJ5juNV/KN35uxfI=";
+ })
+ (fetchpatch {
+ name = "CVE-2022-0497.patch";
+ url = "https://github.com/openscad/openscad/commit/84addf3c1efbd51d8ff424b7da276400bbfa1a4b.patch";
+ sha256 = "sha256-KNEVu10E2d4G2x+FJcuHo2tjD8ygMRuhUcW9NbN98bM=";
+ })
+ ];
+
nativeBuildInputs = [ bison flex pkg-config gettext qmake ];
buildInputs = [
generated by cgit v1.2.3 (git 2.52.0) at 2026-01-17 06:13:23 +0000