Merge pull request #71046 from risicle/ris-poppler-CVE-2019-9959

poppler: add patch for CVE-2019-9959
This commit is contained in:
Thomas Tuegel 2019-10-13 13:44:14 -05:00 committed by GitHub
commit df372a05f9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,4 +1,4 @@
{ stdenv, lib, fetchurl, cmake, ninja, pkgconfig, libiconv, libintl
{ stdenv, lib, fetchurl, fetchpatch, cmake, ninja, pkgconfig, libiconv, libintl
, zlib, curl, cairo, freetype, fontconfig, lcms, libjpeg, openjpeg
, withData ? true, poppler_data
, qt5Support ? false, qtbase ? null
@ -21,6 +21,14 @@ stdenv.mkDerivation rec {
outputs = [ "out" "dev" ];
patches = [
(fetchpatch {
name = "CVE-2019-9959.patch";
url = "https://gitlab.freedesktop.org/poppler/poppler/commit/68ef84e5968a4249c2162b839ca6d7975048a557.patch";
sha256 = "17a3qs74fnnrhjys23f4aw5y7yfsk5d507jcj4hh1bndqv6dpwg1";
})
];
buildInputs = [ libiconv libintl ] ++ lib.optional withData poppler_data;
# TODO: reduce propagation to necessary libs