cups: apply patches for CVE-2024-47175

Based on the information provided in https://www.openwall.com/lists/oss-security/2024/09/27/3 GHSA-7xfx-47qg-grp6 (cherry picked from commit 053e3fe)
NixOS · Sep 28, 2024 · 247ca23 · 247ca23
1 parent 643e102
commit 247ca23
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/pkgs/misc/cups/default.nix b/pkgs/misc/cups/default.nix
@@ -56,6 +56,31 @@ stdenv.mkDerivation rec {
       includes = [ "scheduler/conf.c" ];
       hash = "sha256-2jQFHUFav8XDfqA/PVKNvbUnZI34na8Wbuu4XRy3uqc=";
     })
+    (fetchpatch {
+      name = "CVE-2024-47175_0.patch";
+      url = "https://github.com/OpenPrinting/cups/commit/9939a70b750edd9d05270060cc5cf62ca98cfbe5.patch";
+      hash = "sha256-Nt6/JwoaHkzFxCl1BuXOQRfki8Oquk2rIwvw7qekTQI=";
+    })
+    (fetchpatch {
+      name = "CVE-2024-47175_1.patch";
+      url = "https://github.com/OpenPrinting/cups/commit/04bb2af4521b56c1699a2c2431c56c05a7102e69.patch";
+      hash = "sha256-ZyvVAv96pK6ldSQf5IOiIXk8xYeNJOWNHX0S5pyn6pw=";
+    })
+    (fetchpatch {
+      name = "CVE-2024-47175_2.patch";
+      url = "https://github.com/OpenPrinting/cups/commit/e0630cd18f76340d302000f2bf6516e99602b844.patch";
+      hash = "sha256-uDUOIwkRGZo+XXheDt+HGsXujtEJ3b4o5yNWdnz5uIY=";
+    })
+    (fetchpatch {
+      name = "CVE-2024-47175_3.patch";
+      url = "https://github.com/OpenPrinting/cups/commit/1e6ca5913eceee906038bc04cc7ccfbe2923bdfd.patch";
+      hash = "sha256-SiYUsa+DUNPua0/r/rvzzRAYra2AP49ImbyWG5RnCI0=";
+    })
+    (fetchpatch {
+      name = "CVE-2024-47175_4.patch";
+      url = "https://github.com/OpenPrinting/cups/commit/2abe1ba8a66864aa82cd9836b37e57103b8e1a3b.patch";
+      hash = "sha256-oeZ3nNmPMkusxZhmmKOCcD/AD+QzkVE8acNXapGK/Ew=";
+    })
   ];
 
   postPatch = ''