New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Patch kdelibs for CVE-2019-14744 #70264
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please don't. I still use and maintain it. You may mark it as broken instead.
maintained yet broken? We can mark it as insecure, but really, it's a very old package. I think at this point you better use it from an older Nixpkgs version. |
This reverts commit a3ad16b.
pykde4 is not used in Nixpkgs, so it is not appropriate to build on Hydra.
(fetchpatch { | ||
url = "https://cgit.kde.org/kdelibs.git/patch/?id=2c3762feddf7e66cf6b64d9058f625a715694a00"; | ||
sha256 = "1wbzywh8lcc66n6y3pxs18h7cwkq6g216faz27san33jpl8ra1i9"; | ||
name = "kdelibs-D22989.patch"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CVE-2019-14744.patch (see #70102 (comment))
See also: https://phabricator.kde.org/D22989 See also: NixOS#70102
b0e2ff7
to
9a06742
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Motivation for this change
See also: #70102
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
cc @