libsass: add patch for CVE-2018-19827 (PR #61673)

vcunat switched to upstream commit that's reachable from master.
author: Robert Scott <code@humanleg.org.uk> 2019-05-18 12:30:30 +0100
committer: Vladimír Čunát <v@cunat.cz> 2019-05-18 14:17:10 +0200
commit: f9f3d6b210f0ca946ed202d3b7f89ec78988c130 (patch)
tree: 8298daf59ca59f7beafbd7f903c299f3c9411313 /pkgs/development/libraries/libsass
parent: 1377b98bd25d1f7cae8cb76c9da8e4900de0c740 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libsass/default.nix b/pkgs/development/libraries/libsass/default.nix
index 54108e1a007b..ce43ed734324 100644
--- a/pkgs/development/libraries/libsass/default.nix
+++ b/pkgs/development/libraries/libsass/default.nix
@@ -9,6 +9,14 @@ stdenv.mkDerivation rec {
     sha256 = "0w6v1xa00jvfyk4b29ir7dfkhiq72anz015gg580bi7x3n7saz28";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2018-19827.patch";
+      url = "https://github.com/sass/libsass/commit/b21fb9f84096d9927780b86fa90629a096af358d.patch";
+      sha256 = "0ix12x9plmpgs3xda2fjdcykca687h16qfwqr57i5qphjr9vp33l";
+    })
+  ];
+
   preConfigure = ''
     export LIBSASS_VERSION=${version}
   '';
author	Robert Scott <code@humanleg.org.uk>	2019-05-18 12:30:30 +0100
committer	Vladimír Čunát <v@cunat.cz>	2019-05-18 14:17:10 +0200
commit	f9f3d6b210f0ca946ed202d3b7f89ec78988c130 (patch)
tree	8298daf59ca59f7beafbd7f903c299f3c9411313 /pkgs/development/libraries/libsass
parent	1377b98bd25d1f7cae8cb76c9da8e4900de0c740 (diff)