tika: apply patch for CVE-2025-54988

https://www.openwall.com/lists/oss-security/2025/08/20/3 (cherry picked from commit f707d8b65e)
2026-01-11 10:22:54 +08:00 · 2025-08-21 12:41:51 +02:00
parent 3261432fe3
commit dfbd1caeca
1 changed files with 9 additions and 0 deletions
--- a/pkgs/by-name/ti/tika/package.nix
+++ b/pkgs/by-name/ti/tika/package.nix
@@ -5,6 +5,7 @@
  jdk17,
  jre17_minimal,
  fetchFromGitHub,
+  fetchpatch,
  makeWrapper,
  mvnDepsHash ? null,
  enableGui ? true,
@@ -49,6 +50,14 @@ maven.buildMavenPackage rec {
    hash = "sha256-nuiE+MWJNA4PLprAC0vDBadk34TFsVEDBcCZct1XRxo=";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2025-54988.patch";
+      url = "https://github.com/apache/tika/commit/bfee6d5569fe9197c4ea947a96e212825184ca33.patch";
+      hash = "sha256-LHM2SafZ85f53mWWSbA4ZQ/QSiDeiwNnzAbLGqGQqPM=";
+    })
+  ];
+
  buildOffline = true;

  manualMvnArtifacts = [