b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

jhead: patches for CVE-2022-41751

Browse source 
See https://nvd.nist.gov/vuln/detail/CVE-2022-41751
Also relevant: https://github.com/Matthias-Wandel/jhead/issues/60
This commit is contained in:
Maximilian Bosch 2022-11-11 13:47:16 +01:00 committed by Robert Helgesson
parent fcde71fdb3
commit 8e840beaa2
1 changed files with 33 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
pkgs/tools/graphics/jhead/default.nix
View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, libjpeg }:
{ lib, stdenv, fetchFromGitHub, libjpeg, fetchpatch }:
stdenv.mkDerivation rec {
pname = "jhead";
@ -11,6 +11,38 @@ stdenv.mkDerivation rec {
sha256 = "0zgh36486cpcnf7xg6dwf7rhz2h4gpayqvdk8hmrx6y418b2pfyf";
};
patches = [
# Just a spelling/whitespace change, but makes it easier to apply the rest.
(fetchpatch {
url = "https://github.com/Matthias-Wandel/jhead/commit/8384c6fd2ebfb8eb8bd96616343e73af0e575131.patch";
sha256 = "sha256-f3FOIqgFr5QPAsBjvUVAOf1CAqw8pNAVx+pZZuMjq3c=";
includes = [ "jhead.c" ];
})
(fetchpatch {
url = "https://github.com/Matthias-Wandel/jhead/commit/63aff8e9bd8c970fedf87f0ec3a1f3368bf2421e.patch";
sha256 = "sha256-jyhGdWuwd/eP5uuS8uLYiTJZJdxxLYdsvl0jnQC+Y5c=";
includes = [ "jhead.c" ];
})
# Fixes around CVE-2022-41751
(fetchpatch {
url = "https://github.com/Matthias-Wandel/jhead/commit/6985da52c9ad4f5f6c247269cb5508fae34a971c.patch";
sha256 = "sha256-8Uw0Udr9aZEMrD/0zS498MVw+rJqpFukvjb7FgzjgT4=";
})
(fetchpatch {
url = "https://github.com/Matthias-Wandel/jhead/commit/3fe905cf674f8dbac8a89e58cee1b4850abf9530.patch";
sha256 = "sha256-5995EV/pOktZc45c7fLl+oQqyutRDQJl3eNutR1JGJo=";
})
(fetchpatch {
url = "https://github.com/joachim-reichel/jhead/commit/ec67262b8e5a4b05d8ad6898a09f1dc3fc032062.patch";
sha256 = "sha256-a3KogIV45cRNthJSPygIRw1m2KBJZJSIGSWfsr7FWs4=";
})
(fetchpatch {
url = "https://github.com/joachim-reichel/jhead/commit/65de38cb68747c6f8397608b56b58ce15271a1fe.patch";
sha256 = "sha256-xf0d2hxW4rVZwffrYJVVFQ3cDMOcPoGbCdrrQKxf16M=";
})
];
buildInputs = [ libjpeg ];
makeFlags = [ "CPPFLAGS=" "CFLAGS=-O3" "LDFLAGS=" ];