json_c: add patch for CVE-2020-12762

Fixes: https://nvd.nist.gov/vuln/detail/CVE-2020-12762
This commit is contained in:
Martin Milata 2020-06-17 22:06:05 +02:00
parent 010679d8f0
commit d3e1b77ac3

View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, autoconf }:
{ stdenv, fetchurl, fetchpatch, autoconf }:
stdenv.mkDerivation rec {
name = "json-c-0.13.1";
@ -7,6 +7,15 @@ stdenv.mkDerivation rec {
sha256 = "0ch1v18wk703bpbyzj7h1mkwvsw4rw4qdwvgykscypvqq10678ll";
};
patches = [
# https://nvd.nist.gov/vuln/detail/CVE-2020-12762
(fetchpatch {
name = "CVE-2020-12762.patch";
url = "https://github.com/json-c/json-c/commit/865b5a65199973bb63dff8e47a2f57e04fec9736.patch";
sha256 = "1g5afk4khhm1sb70xrva1pyznshcw3ipzp1g5z60dpzxy303pp6h";
})
];
outputs = [ "out" "dev" ];
nativeBuildInputs = [ autoconf ]; # for autoheader