diff options
| author | Thomas Gerbet <thomas@gerbet.me> | 2024-12-29 11:46:14 +0100 |
|---|---|---|
| committer | github-actions[bot] <github-actions[bot]@users.noreply.github.com> | 2025-01-30 22:46:04 +0000 |
| commit | 355653c68fbc67cf929ba9b667a309a93a24f486 (patch) | |
| tree | 5c8b7daf74b875d7948999b48257cd5908ed4485 | |
| parent | [Backport release-24.11] audiobookshelf: 2.17.7 -> 2.18.1 (#376925) (diff) | |
| download | nixpkgs-origin/backport-369072-to-release-24.11.tar.gz | |
libxls: 1.6.2 -> 1.6.3origin/backport-369072-to-release-24.11
Buffer overflows (CVE-2023-38851, CVE-2023-38852, CVE-2023-38853,
CVE-2023-38854, CVE-2023-38855) have been fixed.
Changes:
https://github.com/libxls/libxls/releases/tag/v1.6.3
(cherry picked from commit e2c6cba2e715d20608212c945516e1784f55941f)
| -rw-r--r-- | pkgs/by-name/li/libxls/package.nix | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/pkgs/by-name/li/libxls/package.nix b/pkgs/by-name/li/libxls/package.nix index 5a5dee9255d3..29f575863fbe 100644 --- a/pkgs/by-name/li/libxls/package.nix +++ b/pkgs/by-name/li/libxls/package.nix @@ -9,23 +9,15 @@ stdenv.mkDerivation rec { pname = "libxls"; - version = "1.6.2"; + version = "1.6.3"; src = fetchFromGitHub { owner = "libxls"; repo = pname; rev = "v${version}"; - sha256 = "sha256-vjmYByk+IDBon8xGR1+oNaEQTiJK+IVpDXsG1IyVNoY="; + hash = "sha256-KbITHQ9s2RUeo8zR53R9s4WUM6z8zzddz1k47So0Mlw="; }; - patches = [ - # Fix cross-compilation - (fetchpatch { - url = "https://github.com/libxls/libxls/commit/007e63c1f5e19bc73292f267c85d7dd14e9ecb38.patch"; - sha256 = "sha256-PjPHuXth4Yaq9nVfk5MYJMRo5B0R6YA1KEqgwfjF3PM="; - }) - ]; - nativeBuildInputs = [ autoreconfHook autoconf-archive @@ -40,13 +32,5 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ abbradar ]; mainProgram = "xls2csv"; platforms = platforms.unix; - knownVulnerabilities = [ - "CVE-2023-38851" - "CVE-2023-38852" - "CVE-2023-38853" - "CVE-2023-38854" - "CVE-2023-38855" - "CVE-2023-38856" - ]; }; } |