diff options
-rw-r--r-- | pkgs/applications/networking/mailreaders/claws-mail/default.nix | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/pkgs/applications/networking/mailreaders/claws-mail/default.nix b/pkgs/applications/networking/mailreaders/claws-mail/default.nix index a000cad4708..08acda3adb7 100644 --- a/pkgs/applications/networking/mailreaders/claws-mail/default.nix +++ b/pkgs/applications/networking/mailreaders/claws-mail/default.nix @@ -1,4 +1,4 @@ -{ config, fetchurl, stdenv, wrapGAppsHook, autoreconfHook +{ config, fetchurl, fetchpatch, stdenv, wrapGAppsHook, autoreconfHook , curl, dbus, dbus-glib, enchant, gtk2, gnutls, gnupg, gpgme , libarchive, libcanberra-gtk2, libetpan, libnotify, libsoup, libxml2, networkmanager , openldap, perl, pkgconfig, poppler, python, shared-mime-info @@ -39,7 +39,17 @@ stdenv.mkDerivation rec { outputs = [ "out" "dev" ]; - patches = [ ./mime.patch ]; + patches = [ + ./mime.patch + + # Backports a mitigation to the "mailto vulnerability". This patch is + # included in the next release and must therefore be removed. + (fetchpatch { + name = "fix-4373-4374.patch"; + url = "https://git.claws-mail.org/?p=claws.git;a=patch;h=4c9d15b4b37cdc57edfa16df550a0a881a156153"; + sha256 = "0sp0vxr6pk2fv5ydpcakb50rmn2w2nma98apgfsgcgan82qmwk7n"; + }) + ]; preConfigure = '' # autotools check tries to dlopen libpython as a requirement for the python plugin |