File tree 3 files changed +15
-10
lines changed
pkgs/applications/editors/vim
3 files changed +15
-10
lines changed Original file line number Diff line number Diff line change @@ -13,19 +13,24 @@ rec {
1313
1414 hardeningDisable = [ "fortify" ] ;
1515
16+ patches = [
17+ ( fetchpatch {
18+ name = "CVE-2016-1248.diff" ;
19+ url = https://github.com/vim/vim/commit/d0b5138b.diff ;
20+ sha256 = "057kg95ipjdirbkr082wbwrbz5l79mwxir8ymkxhma6l6wbxidif" ;
21+ } )
22+ ( fetchpatch {
23+ name = "CVE-2017-5953.patch" ;
24+ url = https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d.patch ;
25+ sha256 = "19i2m27czkm9di999nbf5mrvb9dx8w5r5169pakmljg4zzbc61g5" ;
26+ } )
27+ ] ;
28+
1629 postPatch =
1730 # Use man from $PATH; escape sequences are still problematic.
1831 ''
1932 substituteInPlace runtime/ftplugin/man.vim \
2033 --replace "/usr/bin/man " "man "
21-
22- patch -p1 < '${
23- fetchpatch {
24- name = "cve-2016-1248.diff" ;
25- url = "https://github.com/vim/vim/commit/d0b5138b.diff" ;
26- sha256 = "057kg95ipjdirbkr082wbwrbz5l79mwxir8ymkxhma6l6wbxidif" ;
27- }
28- } '
2934 '' ;
3035
3136 meta = with lib ; {
Original file line number Diff line number Diff line change @@ -61,7 +61,7 @@ composableDerivation {
6161 } . src ;
6262 } ;
6363
64- patches = [ ./cflags-prune.diff ] ;
64+ patches = common . patches ++ [ ./cflags-prune.diff ] ;
6565
6666 configureFlags
6767 = [ "--enable-gui=${ args . gui } " "--with-features=${ args . features } " ] ;
Original file line number Diff line number Diff line change 1414stdenv . mkDerivation rec {
1515 name = "vim-${ version } " ;
1616
17- inherit ( common ) version src postPatch hardeningDisable enableParallelBuilding meta ;
17+ inherit ( common ) version src patches postPatch hardeningDisable enableParallelBuilding meta ;
1818
1919 buildInputs = [ ncurses pkgconfig ]
2020 ++ stdenv . lib . optionals stdenv . isDarwin [ Carbon Cocoa ] ;
You can’t perform that action at this time.
0 commit comments