From 78d2a14bb8ee82f7f7d227ab473646460d874159 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Thu, 3 Jun 2021 23:25:14 +0200
Subject: [PATCH] gupnp: apply the patch for CVE-2021-33516

Fixes CVE-2021-33516.
https://discourse.gnome.org/t/security-relevant-releases-for-gupnp-issue-cve-2021-33516/6536
---
 pkgs/development/libraries/gupnp/default.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/pkgs/development/libraries/gupnp/default.nix b/pkgs/development/libraries/gupnp/default.nix
index bd8151d603e..c91d25123f6 100644
--- a/pkgs/development/libraries/gupnp/default.nix
+++ b/pkgs/development/libraries/gupnp/default.nix
@@ -1,5 +1,6 @@
 { lib, stdenv
 , fetchurl
+, fetchpatch
 , meson
 , ninja
 , pkg-config
@@ -28,6 +29,14 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-96AwfqUfXkTRuDL0k92QRURKOk4hHvhd/Zql3W6up9E=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-33516.patch";
+      url = "https://gitlab.gnome.org/GNOME/gupnp/-/commit/ca6ec9dcb26fd7a2a630eb6a68118659b589afac.patch";
+      sha256 = "sha256-G7e/xNQB7Kp2fPzqVeD/cH3h1co9hZXh55QOUBnAnvU=";
+    })
+  ];
+
   nativeBuildInputs = [
     meson
     ninja