libvncserver: add CVE-2018-7225 patch

(cherry picked from commit 03fddb139eff8d83ad279c073029872ecf4cede4)
author: Mario Rodas <marsam@users.noreply.github.com> 2018-12-16 19:37:12 -0500
committer: Franz Pletz <fpletz@fnordicwalking.de> 2018-12-17 02:04:59 +0100
commit: 600c6c66eca9adf01eb561225e046d70af29808a (patch)
tree: f10105b5e9984bfa2b377557579018b3dbc5836b
parent: prosody: 0.10.2 -> 0.10.3 (diff)
download: nixpkgs-600c6c66eca9adf01eb561225e046d70af29808a.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libvncserver/default.nix b/pkgs/development/libraries/libvncserver/default.nix
index b325c9b246c2..0a7819743e03 100644
--- a/pkgs/development/libraries/libvncserver/default.nix
+++ b/pkgs/development/libraries/libvncserver/default.nix
@@ -1,4 +1,4 @@
-{stdenv, fetchurl,
+{stdenv, fetchurl, fetchpatch,
  libtool, libjpeg, openssl, zlib, libgcrypt, autoreconfHook, pkgconfig, libpng,
  systemd
 }:
@@ -18,6 +18,13 @@ stdenv.mkDerivation {
   src = fetchurl {
     inherit (s) url sha256;
   };
+  patches = [
+    # CVE-2018-7225. Remove with the next release
+    (fetchpatch {
+      url = https://salsa.debian.org/debian/libvncserver/raw/master/debian/patches/CVE-2018-7225.patch;
+      sha256 = "1hj1lzxsrdmzzl061vg0ncdpvfmvvkrpk8q12mp70qvszcqa7ja3";
+    })
+  ];
   preConfigure = ''
     sed -e 's@/usr/include/linux@${stdenv.cc.libc}/include/linux@g' -i configure
   '';
author	Mario Rodas <marsam@users.noreply.github.com>	2018-12-16 19:37:12 -0500
committer	Franz Pletz <fpletz@fnordicwalking.de>	2018-12-17 02:04:59 +0100
commit	600c6c66eca9adf01eb561225e046d70af29808a (patch)
tree	f10105b5e9984bfa2b377557579018b3dbc5836b
parent	prosody: 0.10.2 -> 0.10.3 (diff)
download	nixpkgs-600c6c66eca9adf01eb561225e046d70af29808a.tar.gz