libsndfile: add patches for multiple CVEs

Fixes the patches names for security tools to parse CVEs. Adds patch to fix CVE-2017-14634. cc #30959 (cherry picked from commit 58218d4)
NixOS · Nov 19, 2017 · c4ff51e · c4ff51e
1 parent 03cc78b
commit c4ff51e
Showing 1 changed file with 17 additions and 12 deletions.
diff --git a/pkgs/development/libraries/libsndfile/default.nix b/pkgs/development/libraries/libsndfile/default.nix
@@ -11,25 +11,30 @@ stdenv.mkDerivation rec {
   };
 
   patches = [
-    # CVE-2017-12562
     (fetchurl {
-       url = "https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8.patch";
-       sha256 = "1jg3wq30wdn9nv52mcyv6jyi4d80h4r1h9p96czcria7l91yh4sy";
+      name = "CVE-2017-12562.patch";
+      url = "https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8.patch";
+      sha256 = "1jg3wq30wdn9nv52mcyv6jyi4d80h4r1h9p96czcria7l91yh4sy";
     })
-    # CVE-2017-6892
     (fetchurl {
-       url = "https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748.patch";
-       sha256 = "05xkmz2ihc1zcj73sbmj1ikrv9qlcym2bkp1v6ak7w53ky619mwq";
+      name = "CVE-2017-6892.patch";
+      url = "https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748.patch";
+      sha256 = "05xkmz2ihc1zcj73sbmj1ikrv9qlcym2bkp1v6ak7w53ky619mwq";
     })
-    # CVE-2017-8361, CVE-2017-8363, CVE-2017-8363
     (fetchurl {
-       url = "https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3.patch";
-       sha256 = "0ccndnvjzx5fw18zvy03vnb29rr81h5vsh1m16msqbxk8ibndln2";
+      name = "CVE-2017-8361+CVE-2017-8363+CVE-2017-8365.patch";
+      url = "https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3.patch";
+      sha256 = "0ccndnvjzx5fw18zvy03vnb29rr81h5vsh1m16msqbxk8ibndln2";
     })
-    # CVE-2017-8362
     (fetchurl {
-       url = "https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808.patch";
-       sha256 = "1xyv30ga71cpy4wx5f76sc4dma91la2lcc6s9f3pk9rndyi7gj9x";
+      name = "CVE-2017-8362.patch";
+      url = "https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808.patch";
+      sha256 = "1xyv30ga71cpy4wx5f76sc4dma91la2lcc6s9f3pk9rndyi7gj9x";
+    })
+    (fetchurl {
+      name = "CVE-2017-14634.patch";
+      url = "https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788.patch";
+      sha256 = "0kc7vp22qsxidhvmlc6nfamw7k92n0hcfpmwhb3gaksjamwhb2df";
     })
   ];