From 11914108aa7cd855a52f94c4d30e931572ba0655 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vcunat@gmail.com>
Date: Thu, 6 Feb 2014 20:09:49 +0100
Subject: [PATCH] gnash: fix CVE-2012-1175 by upstream patch

---
 pkgs/applications/video/gnash/default.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/pkgs/applications/video/gnash/default.nix b/pkgs/applications/video/gnash/default.nix
index 4f2addcc99b0..0291e7593ea7 100644
--- a/pkgs/applications/video/gnash/default.nix
+++ b/pkgs/applications/video/gnash/default.nix
@@ -10,7 +10,13 @@
 
 assert stdenv ? glibc;
 
-let version = "0.8.10"; in
+let version = "0.8.10";
+    patch_CVE = fetchurl {
+      url = "http://git.savannah.gnu.org/cgit/gnash.git/patch/?id=bb4dc77eecb6ed1b967e3ecbce3dac6c5e6f1527";
+      sha256 = "1g7ymbq9vxi0mwcgs2dpyd2sf30gaam7blza0ywiwj32f5wk62v1";
+      name = "CVE-2012-1175.patch";
+    };
+in
 
 stdenv.mkDerivation rec {
   name = "gnash-${version}";
@@ -21,6 +27,8 @@ stdenv.mkDerivation rec {
   };
 
   patchPhase = ''
+    patch -p1 < ${patch_CVE}
+
     # Add all libs to `macros/libslist', a list of library search paths.
     for lib in ${lib.concatStringsSep " "
                                       (map (lib: "\"${lib}\"/lib")