libwebp: fix MFSA-TMP-2023-0001

see https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#MFSA-TMP-2023-0001 no CVE id or other identifier has been assigned
2023-04-11 23:51:04 +02:00 · 2023-04-11 23:51:04 +02:00 · 3d8710643d
parent 6c5e8bcc15
commit 3d8710643d
1 changed files with 10 additions and 0 deletions
--- a/pkgs/development/libraries/libwebp/default.nix
+++ b/pkgs/development/libraries/libwebp/default.nix
@ -1,4 +1,5 @@
 { lib, stdenv, fetchFromGitHub, autoreconfHook, libtool
+, fetchpatch
 , threadingSupport ? true # multi-threading
 , openglSupport ? false, freeglut, libGL, libGLU # OpenGL (required for vwebp)
 , pngSupport ? true, libpng # PNG image format
@ -36,6 +37,15 @@ stdenv.mkDerivation rec {
    hash   = "sha256-nhXkq+qKpaa75YQB/W/cRozslTIFPdXeqj1y6emQeHk=";
  };

+  patches = [
+    # https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#MFSA-TMP-2023-0001
+    (fetchpatch {
+      url = "https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129.patch";
+      name = "fix-msfa-tmp-2023-0001.patch";
+      hash = "sha256-TRKXpNkYVzftBw09mX+WeQRhRoOzBgXFTNZBzSdCKvc=";
+    })
+  ];
+
  configureFlags = [
    (lib.enableFeature threadingSupport "threading")
    (lib.enableFeature openglSupport "gl")