Skip to content

Commit

Permalink
kde5.kcoreaddons: fix HTML injection CVE-2016-7966
Browse files Browse the repository at this point in the history 
See https://www.kde.org/info/security/advisory-20161006-1.txt for more
information.
  • Loading branch information
@ttuegel
ttuegel committed Oct 12, 2016
1 parent 259dcac commit 8b7f04c
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion pkgs/development/libraries/kde-frameworks/kcoreaddons.nix
View file
@@ -1,8 +1,15 @@
{ kdeFramework, lib, ecm, shared_mime_info }:
{ kdeFramework, lib, fetchurl, ecm, shared_mime_info }:

kdeFramework {
name = "kcoreaddons";
meta = { maintainers = [ lib.maintainers.ttuegel ]; };
patches = [
(fetchurl {
url = "https://packaging.neon.kde.org/frameworks/kcoreaddons.git/plain/debian/patches/0001-Fix-very-old-bug-when-we-remove-space-in-url-as-foo-.patch?id=ab7258dd8a87668ba63c585a69f41f291254aa43";
sha256 = "0svdqbikmslc0n2gdwwlbdyi61m5qgy0lxxv9iglbs3ja09xqs0p";
name = "kcoreaddons-CVE-2016-7966.patch";
})
];
nativeBuildInputs = [ ecm ];
propagatedBuildInputs = [ shared_mime_info ];
}

0 comments on commit 8b7f04c

Please sign in to comment.