Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 2c6c8efb1a24
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 0704d51da96c
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Nov 9, 2019

  1. gst-plugins-base: apply patch for CVE-2019-9928 

    (cherry-picked from a92c42d and 832f46a)
Fixes #70097, closes PR #70284.
    @delroth @vcunat
    delroth authored and vcunat committed Nov 9, 2019
    Copy the full SHA
    0704d51 View commit details
Showing with 11 additions and 4 deletions.
  1. +11 −4 pkgs/development/libraries/gstreamer/legacy/gst-plugins-base/default.nix
15 changes: 11 additions & 4 deletions pkgs/development/libraries/gstreamer/legacy/gst-plugins-base/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ fetchurl, stdenv, pkgconfig, gstreamer, xorg, alsaLib, cdparanoia
{ fetchurl, fetchpatch, stdenv, pkgconfig, gstreamer, xorg, alsaLib, cdparanoia
, libogg, libtheora, libvorbis, freetype, pango, liboil, glib, cairo, orc
, libintl
, ApplicationServices
@@ -18,11 +18,18 @@ stdenv.mkDerivation rec {
sha256 = "0jp6hjlra98cnkal4n6bdmr577q8mcyp3c08s3a02c4hjhw5rr0z";
};

patchPhase = ''
patches = [
./gcc-4.9.patch
(fetchpatch {
url = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/commit/f672277509705c4034bc92a141eefee4524d15aa.patch";
name = "CVE-2019-9928.patch";
sha256 = "1dlamsmyr7chrb6vqqmwikqvvqcx5l7k72p98448qm6k59ndnimc";
})
];

postPatch = ''
sed -i 's@/bin/echo@echo@g' configure
sed -i -e 's/^ /\t/' docs/{libs,plugins}/Makefile.in
patch -p1 < ${./gcc-4.9.patch}
'';

outputs = [ "out" "dev" ];