/
default.nix
56 lines (45 loc) · 1.61 KB
/
default.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
{ stdenv
, fetchurl
, pkgconfig
, zlib
, libjpeg
, xz
}:
stdenv.mkDerivation rec {
version = "4.0.10";
pname = "libtiff";
src = fetchurl {
url = "https://download.osgeo.org/libtiff/tiff-${version}.tar.gz";
sha256 = "1r4np635gr6zlc0bic38dzvxia6iqzcrary4n1ylarzpr8fd2lic";
};
patches = [
(fetchurl {
url = "https://gitlab.com/libtiff/libtiff/commit/0c74a9f49b8d7a36b17b54a7428b3526d20f88a8.patch";
name = "CVE-2019-6128.patch";
sha256 = "03yvsfq6dxjd3v8ypfwz6cpz2iymqwcbawqqlmkh40dayi7fgizr";
})
(fetchurl {
url = "https://gitlab.com/libtiff/libtiff/commit/802d3cbf3043be5dce5317e140ccb1c17a6a2d39.patch";
name = "CVE-2019-7663.patch";
sha256 = "01nq5z1l55clasy4aqr0r2rgiaxay1108vni2nzd8lx4qc5q09hx";
})
# Manual backport of https://gitlab.com/libtiff/libtiff/commit/1b5e3b6a23827c33acf19ad50ce5ce78f12b3773.patch
./CVE-2019-14973.patch
(fetchurl {
url = "https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145.patch";
name = "CVE-2019-17546.patch";
sha256 = "1pv4zimjfv6nbvr1m4vj79267zr3f3bwza5mjyarhvm0pp7q02xx";
})
];
outputs = [ "bin" "dev" "out" "man" "doc" ];
nativeBuildInputs = [ pkgconfig ];
propagatedBuildInputs = [ zlib libjpeg xz ]; #TODO: opengl support (bogus configure detection)
enableParallelBuilding = true;
doCheck = true; # not cross;
meta = with stdenv.lib; {
description = "Library and utilities for working with the TIFF image file format";
homepage = http://download.osgeo.org/libtiff;
license = licenses.libtiff;
platforms = platforms.unix;
};
}