dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

libvorbis: document that patch for CVE-2017-14160 also fixes CVE-2018-10393.

Browse Source 
Fixes #57159.

Signed-off-by: David Anderson <dave@natulte.net>
This commit is contained in:
David Anderson 2020-03-14 00:34:13 -07:00
parent 4a8a014be4
commit b5f90159af
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/development/libraries/libvorbis/default.nix
View File

@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
(fetchpatch {
url = "https://gitlab.xiph.org/xiph/vorbis/uploads/a68cf70fa10c8081a633f77b5c6576b7/0001-CVE-2017-14160-make-sure-we-don-t-overflow.patch";
sha256 = "0v21p59cb3z77ch1v6q5dcrd733h91f3m8ifnd7kkkr8gzn17d5x";
name = "CVE-2017-14160";
name = "CVE-2017-14160+CVE-2018-10393.patch";
})
(fetchpatch {
url = "https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaa.diff";