Commit 57804578 authored by sempiternal-aurora's avatar sempiternal-aurora
Browse files

calibre: apply fix for CVE-2026-25635 

CVE: https://nvd.nist.gov/vuln/detail/CVE-2026-25635
Upstream advisory: GHSA-32vh-whvh-9fxr
Nix security tracking issue: https://tracker.security.nixos.org/issues/NIXPKGS-2026-0156

Fixes #488046
parent 2c4dbe7e

pkgs/by-name/ca/calibre/package.nix

+9 −0
Original line number Diff line number Diff line
@@ -61,6 +61,15 @@ stdenv.mkDerivation (finalAttrs: { 
        url = "https://github.com/debian-calibre/calibre/raw/refs/tags/debian/${finalAttrs.version}+${debian-source}/debian/patches/hardening/0007-Hardening-Qt-code.patch";

        hash = "sha256-lKp/omNicSBiQUIK+6OOc8ysM6LImn5GxWhpXr4iX+U=";

      })

      # Fix CVE-2026-25635

      # http://tracker.security.nixos.org/issues/NIXPKGS-2026-0156

      # https://github.com/NixOS/nixpkgs/issues/488046

      # Fixed upstream in 9.2.0.

      (fetchpatch {

        name = "CVE-2026-25635.patch";

        url = "https://github.com/kovidgoyal/calibre/commit/9739232fcb029ac15dfe52ccd4fdb4a07ebb6ce9.patch";

        hash = "sha256-fzotxhfMF/DCMvpIfMSOGY8iVOybsYymRQvhXf7jQyc=";

      })

      # Fix CVE-2026-25636

      # http://tracker.security.nixos.org/issues/NIXPKGS-2026-0160

      # https://github.com/NixOS/nixpkgs/issues/488052