Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 6c60c6ec3b1f
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: fac570a71d9c
Choose a head ref
  • 2 commits
  • 1 file changed
  • 2 contributors

Commits on Nov 28, 2017

  1. ffmpeg-full-3.4: apply patch for CVE-2017-16840

    @andir
    andir committed Nov 28, 2017

    Verified

    This commit was signed with the committer’s verified signature.
    archen Kevin Glavin
    SSH Key Fingerprint: FaA1EStLaN7M1RSyE3RHkLpXDBPWN/yftVyvHCBnGVQ
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fe1f228 View commit details

  2. Re-merge #32126: ffmpeg-3.4: fix CVE CVE-2017-16840 

    I'm sorry, I merged older version of the PR by accident.
    @vcunat
    vcunat committed Nov 28, 2017

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fac570a View commit details
Showing with 9 additions and 8 deletions.
  1. +9 −8 pkgs/development/libraries/ffmpeg-full/default.nix
17 changes: 9 additions & 8 deletions pkgs/development/libraries/ffmpeg-full/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgconfig, perl, texinfo, yasm
{ stdenv, fetchurl, fetchpatch, pkgconfig, perl, texinfo, yasm
, hostPlatform
/*
* Licensing options (yes some are listed twice, filters and such are not listed)
@@ -238,15 +238,16 @@ stdenv.mkDerivation rec {
sha256 = "1vzvpx8ixy8m44f8qwp833hv253hpghybgzbc4n8b3div3j0dvmf";
};

patchPhase = let
cve_2017_16840_patch = (fetchurl{
patches = [
(fetchurl {
name = "CVE-2017-16840.patch";
url = "http://git.videolan.org/?p=ffmpeg.git;a=patch;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74";
sha256 = "1rjr9lc71cyy43wsa2zxb9ygya292h9jflvr5wk61nf0vp97gjg3";
});
in
'' patch -p1 < ${cve_2017_16840_patch}
patchShebangs .
sha256 = "0zx0vh110hrykk7j863j04bx6igm2q8dlkv25mf5g4rbxafpqig3";
})
];

prePatch = ''
patchShebangs .
'' + stdenv.lib.optionalString stdenv.isDarwin ''
sed -i 's/#ifndef __MAC_10_11/#if 1/' ./libavcodec/audiotoolboxdec.c
'' + stdenv.lib.optionalString (frei0r != null) ''