Skip to content

Commit

Permalink
libjpeg(-turbo): patch CVE-2020-13790
Browse files Browse the repository at this point in the history 
Fixes #90864 on 20.03 (roundup issue).
(cherry picked from commit d5fd2ed)
  • Loading branch information
@vcunat
vcunat committed Jun 18, 2020
1 parent 4e48231 commit 0ba0883
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion pkgs/development/libraries/libjpeg-turbo/default.nix
View file
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, cmake, nasm, enableStatic ? false }:
{ stdenv, fetchurl, fetchpatch, cmake, nasm, enableStatic ? false }:

stdenv.mkDerivation rec {

Expand All @@ -11,6 +11,13 @@ stdenv.mkDerivation rec {
};

patches =
[
(fetchpatch {
name = "cve-2020-13790.patch";
url = "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d.diff";
sha256 = "0hm5i6qir5w3zxb0xvqdh4jyvbfg7xnd28arhyfsaclfz9wdb0pb";
})
] ++
stdenv.lib.optional (stdenv.hostPlatform.libc or null == "msvcrt")
./mingw-boolean.patch;

Expand Down

0 comments on commit 0ba0883

Please sign in to comment.