ark: add security patch for CVE-2017-5330 (#22007)

NixOS · Jan 21, 2017 · ca03c9f · ca03c9f
1 parent a5de88d
commit ca03c9f
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/pkgs/desktops/kde-5/applications/ark/default.nix b/pkgs/desktops/kde-5/applications/ark/default.nix
@@ -7,7 +7,10 @@
   kservice, kpty, kwidgetsaddons, libarchive,
 
   # Archive tools
-  p7zip, unrar, unzipNLS, zip
+  p7zip, unrar, unzipNLS, zip,
+
+  # CVE fixe
+  fetchpatch
 }:
 
 let
@@ -21,6 +24,12 @@ let
         khtml ki18n kio karchive kconfig kcrash kdbusaddons kiconthemes kservice
         kpty kwidgetsaddons libarchive
       ];
+      patches = [
+        (fetchpatch { # CVE-2017-5330
+          url = "https://github.com/KDE/ark/commit/49ce94df19607e234525afda5ad4190ce35300c3.patch";
+          sha256 = "06yvdn6m6fniyc798wbdyc9bzma230xafylx39bz9mhzfnypvfj8";
+        })
+      ];
       postInstall =
         let
           PATH = lib.makeBinPath [