Merge #221853: jpegoptim: apply patch for CVE-2023-27781

...into release-22.11
author: Vladimír Čunát <v@cunat.cz> 2023-03-26 16:14:57 +0200
committer: Vladimír Čunát <v@cunat.cz> 2023-03-26 16:14:57 +0200
commit: 3555c9c6b0bc4ca2405dc6512edf135ada8cc273 (patch)
tree: dc9458bcd39f6cfe07f8276f7d3cdfc1b0681591
parent: Merge #221850: nomad_1_4: 1.4.4 -> 1.4.6 (diff)
parent: jpegoptim: apply patch for CVE-2023-27781 (diff)
download: nixpkgs-3555c9c6b0bc4ca2405dc6512edf135ada8cc273.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/applications/graphics/jpegoptim/default.nix b/pkgs/applications/graphics/jpegoptim/default.nix
index d4582280079e..c1611a62cc4b 100644
--- a/pkgs/applications/graphics/jpegoptim/default.nix
+++ b/pkgs/applications/graphics/jpegoptim/default.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, libjpeg }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, libjpeg }:
 
 stdenv.mkDerivation rec {
   version = "1.5.0";
@@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-fTtNDjswxHv2kHU55RCzz9tdlXw+RUCSoe3qF4hQ7u4=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2023-27781.patch";
+      url = "https://github.com/tjko/jpegoptim/commit/29a073ad297a0954f5e865264e24755d0ffe53ed.patch";
+      hash = "sha256-YUjVg0cvElhzMG3b4t5bqcqnHAuzDoNvSqe0yvlgX4E=";
+    })
+  ];
+
   # There are no checks, it seems.
   doCheck = false;
author	Vladimír Čunát <v@cunat.cz>	2023-03-26 16:14:57 +0200
committer	Vladimír Čunát <v@cunat.cz>	2023-03-26 16:14:57 +0200
commit	3555c9c6b0bc4ca2405dc6512edf135ada8cc273 (patch)
tree	dc9458bcd39f6cfe07f8276f7d3cdfc1b0681591
parent	Merge #221850: nomad_1_4: 1.4.4 -> 1.4.6 (diff)
parent	jpegoptim: apply patch for CVE-2023-27781 (diff)
download	nixpkgs-3555c9c6b0bc4ca2405dc6512edf135ada8cc273.tar.gz