diff options
| author | Matthew Bauer <mjbauer95@gmail.com> | 2021-05-03 10:30:14 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-03 10:30:14 -0500 |
| commit | 1db42b7fe3878f3f5f7a4f2dc210772fd080e205 (patch) | |
| tree | 03745e23255b2ff1877a1c52ecbd75a468896970 | |
| parent | pythonPackages.hetzner: 0.8.2 -> 0.8.3 (diff) | |
| parent | perlPackages.ImageExifTool: apply fix for CVE-2021-22204 (diff) | |
| download | nixpkgs-1db42b7fe3878f3f5f7a4f2dc210772fd080e205.tar.gz | |
Merge pull request #121569 from midchildan/backport/20.03/exiftoolorigin/nixpkgs-20.03-darwinorigin/nixos-20.03-smallorigin/nixos-20.03
[20.03] perlPackages.ImageExifTool: apply fix for CVE-2021-22204
| -rw-r--r-- | pkgs/top-level/perl-packages.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index fc352630cd01..5b21f564e57b 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -9531,6 +9531,16 @@ let sha256 = "1z0s0zvga24m9dzp1lnrsvwv9qmvn21ifd9in520sd54ld774ifp"; }; + patches = [ + # Unfortunately, not every release is uploaded to CPAN so security fixes + # would need to be cherry-picked from releases + (fetchpatch { + name = "CVE-2021-22204.patch"; + url = "https://salsa.debian.org/perl-team/modules/packages/libimage-exiftool-perl/-/raw/0347501fda93cb8366d6451aedcf258b34fb4a2b/debian/patches/CVE-2021-22204.patch"; + sha256 = "1fxw32zcssillnv764wsd05lyswn8bbrc90q5cy9aknx0ncgsrxj"; + }) + ]; + nativeBuildInputs = stdenv.lib.optional stdenv.isDarwin shortenPerlShebang; postInstall = stdenv.lib.optionalString stdenv.isDarwin '' shortenPerlShebang $out/bin/exiftool |