pango: 1.43.0, backport CVE-2019-1010238 fix

There was a previous fix for this in #71571 But some things, most notably pygtk, still rely on deprecated pango APIs that are not available past 1.43, this backports the CVE fix to this version. (cherry picked from commit 9524bf3)
NixOS · Oct 29, 2019 · 9b1ecb4 · 9b1ecb4
1 parent 561636e
commit 9b1ecb4
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/pkgs/development/libraries/pango/default.nix b/pkgs/development/libraries/pango/default.nix
@@ -42,6 +42,11 @@ in stdenv.mkDerivation rec {
       url = "https://gitlab.gnome.org/GNOME/pango/commit/546f4c242d6f4fe312de3b7c918a848e5172e18d.patch";
       sha256 = "1cqhy4xbwx3ad7z5d1ks7smf038b9as8c6qy84rml44h0fgiq4m2";
     })
+    (fetchpatch {
+      # Fixes CVE-2019-1010238
+      url = "https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54.diff";
+      sha256 = "001g3anvwghdrn3yfgi8cp64j0n3l0zwgiphc1izqg7zr76s87fk";
+    })
   ];
 
   mesonFlags = [