librdf_raptor2: add patch for CVE-2017-18926

Fixes two heap overflows in the raptor2 rdf parsing library. https://www.openwall.com/lists/oss-security/2017/06/07/1
author: Martin Weinelt <hexa@darmstadt.ccc.de> 2020-11-08 14:29:58 +0100
committer: erictapen <justin.humm@posteo.de> 2020-11-13 15:00:55 +0100
commit: 22140b27f2d38dc9c52ffd7d0a7e8da932f0d67c (patch)
tree: a556d794581a32da1f9a28bc6facaabdca07448c /pkgs/development/libraries/librdf
parent: 8c823b46d65cba4f00f5ebbe79a15caaf9824e76 (diff)
1 files changed, 11 insertions, 2 deletions
diff --git a/pkgs/development/libraries/librdf/raptor2.nix b/pkgs/development/libraries/librdf/raptor2.nix
index b4141d4ff079..4645b5ea0d83 100644
--- a/pkgs/development/libraries/librdf/raptor2.nix
+++ b/pkgs/development/libraries/librdf/raptor2.nix
@@ -1,13 +1,22 @@
 { stdenv, fetchurl, libxml2, libxslt }:
 
 stdenv.mkDerivation rec {
-  name = "raptor2-2.0.15";
+  pname = "raptor2";
+  version = "2.0.15";
 
   src = fetchurl {
-    url = "http://download.librdf.org/source/${name}.tar.gz";
+    url = "http://download.librdf.org/source/${pname}-${version}.tar.gz";
     sha256 = "ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed";
   };
 
+  patches = [
+    (fetchurl {
+      name = "CVE-2017-18926.patch";
+      url = "https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f.patch";
+      sha256 = "1qlpb5rm3j2yi0x6zgdi5apymg5zlvwq3g1zl417gkjrlvxmndgp";
+    })
+  ];
+
   buildInputs = [ libxml2 libxslt ];
 
   postInstall = "rm -rvf $out/share/gtk-doc";
author	Martin Weinelt <hexa@darmstadt.ccc.de>	2020-11-08 14:29:58 +0100
committer	erictapen <justin.humm@posteo.de>	2020-11-13 15:00:55 +0100
commit	22140b27f2d38dc9c52ffd7d0a7e8da932f0d67c (patch)
tree	a556d794581a32da1f9a28bc6facaabdca07448c /pkgs/development/libraries/librdf
parent	8c823b46d65cba4f00f5ebbe79a15caaf9824e76 (diff)