New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
graphviz: fix CVE-2018-10196 #47229
graphviz: fix CVE-2018-10196 #47229
Conversation
@GrahamcOfBorg build graphviz |
It's weird that there's been basically no reaction to the patch upstream for months. |
Timed out, unknown build status on x86_64-darwin (full log) Attempted: graphviz Partial log (click to expand)
|
Timed out, unknown build status on x86_64-linux (full log) Attempted: graphviz Partial log (click to expand)
|
Success on aarch64-linux (full log) Attempted: graphviz Partial log (click to expand)
|
PRs seem to get processed in the project, though. Not sure what is the most reasonable way to handle this… Asking the original submitter if it is OK to submit a PR with them as commit author? |
@GrahamcOfBorg build graphviz |
Large dependencies create a problem on ofBorg, but it succeeded in the past… |
Motivation for this change
#47122
please backport to staging-18.09
Also I replaced an occurrence of
overrideDerivation
as advised by https://nixos.org/nixpkgs/manual/#sec-pkg-overrideDerivationcc @bjornfor @7c6f434c as maintainers.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
) -> onlydot
andvimdot
nix path-info -S
before and after)