Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: e199c174c69f
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 55b8860aa209
Choose a head ref
  • 5 commits
  • 3 files changed
  • 3 contributors

Commits on Jul 20, 2019

  1. libxslt: CVE-2019-13117 #64661 

    (cherry picked from commit 3aefa76)
    @mmahut @vcunat
    mmahut authored and vcunat committed Jul 20, 2019
    Copy the full SHA
    64079b9 View commit details

  2. libxslt: CVE-2019-13118 #64661 

    (cherry picked from commit 9a6bd59)
    @mmahut @vcunat
    mmahut authored and vcunat committed Jul 20, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    veprbl Dmitry Kalinkin
    GPG key ID: 5157B3EC8B2CA333
    Verified
    Learn about vigilant mode
    Copy the full SHA
    d7ab443 View commit details

  3. openjpeg: CVE-2019-12973 #64182 

    (cherry picked from commit 0596ac9)
    @mmahut @vcunat
    mmahut authored and vcunat committed Jul 20, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    veprbl Dmitry Kalinkin
    GPG key ID: 5157B3EC8B2CA333
    Verified
    Learn about vigilant mode
    Copy the full SHA
    938c15b View commit details

  4. imlib: apply patch for CVE-2007-3568 

    While it probably doesn't have much impact it also doesn't really hurt
fixing this…

(cherry picked from commit fc83a1c)
    @andir
    andir committed Jul 20, 2019
    Copy the full SHA
    6291c0c View commit details

  5. Merge branch 'staging-19.03' into release-19.03

    @vcunat
    vcunat committed Jul 20, 2019
    Copy the full SHA
    55b8860 View commit details
Showing with 29 additions and 1 deletion.
  1. +9 −1 pkgs/development/libraries/imlib/default.nix
  2. +10 −0 pkgs/development/libraries/libxslt/default.nix
  3. +10 −0 pkgs/development/libraries/openjpeg/2.x.nix
10 changes: 9 additions & 1 deletion pkgs/development/libraries/imlib/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{stdenv, fetchurl, libX11, libXext, xorgproto, libjpeg, libungif, libtiff, libpng}:
{stdenv, fetchurl, fetchpatch, libX11, libXext, xorgproto, libjpeg, libungif, libtiff, libpng}:

stdenv.mkDerivation {
name = "imlib-1.9.15";
@@ -7,6 +7,14 @@ stdenv.mkDerivation {
sha256 = "0ggjxyvgp4pxc0b88v40xj9daz90518ydnycw7qax011gxpr12d3";
};

patches = [
(fetchpatch {
name = "CVE-2007-3568.patch";
url = https://gitweb.gentoo.org/repo/gentoo.git/plain/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch;
sha256 = "0lxfibi094gki39sq1w4p0hcx25xlk0875agbhjkjngzx862wvbg";
})
];

configureFlags = [
"--disable-shm"
"--x-includes=${libX11.dev}/include"
10 changes: 10 additions & 0 deletions pkgs/development/libraries/libxslt/default.nix
View file
Original file line number Diff line number Diff line change
@@ -24,6 +24,16 @@ stdenv.mkDerivation rec {
url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch";
sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8";
})
(fetchpatch {
url = "https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1.patch";
name = "CVE-2019-13117.patch";
sha256 = "0ynfq8y5h623cypj1426iiz7796n3mqbjqa24ndvh2am6rl5lw15";
})
(fetchpatch {
url = "https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b.patch";
name = "CVE-2019-13118.patch";
sha256 = "0bglz9m9sh2vi50qxcm06iqrazw3h45ycgxnp15iankq95z283iq";
})
];

outputs = [ "bin" "dev" "out" "man" "doc" ] ++ stdenv.lib.optional pythonSupport "py";
10 changes: 10 additions & 0 deletions pkgs/development/libraries/openjpeg/2.x.nix
View file
Original file line number Diff line number Diff line change
@@ -13,5 +13,15 @@ callPackage ./generic.nix (args // rec {

patches = [
./fix-cmake-config-includedir.patch
(fetchpatch {
url = "https://github.com/uclouvain/openjpeg/commit/21399f6b7d318fcdf4406d5e88723c4922202aa3.patch";
name = "CVE-2019-12973-1.patch";
sha256 = "161yvnfbzy2016qqapm0ywfgglgs1v8ljnk6fj8d2bwdh1cxxz8f";
})
(fetchpatch {
url = "https://github.com/uclouvain/openjpeg/commit/3aef207f90e937d4931daf6d411e092f76d82e66.patch";
name = "CVE-2019-12973-2.patch";
sha256 = "1jkkfw13l7nx4hxdhc7z17f4vfgqcaf09zpl235kypbxx1ygc7vq";
})
];
})