···

       
60
       
60
       
 
       
    # libc++abi 11 has an `#include <version>`, this picks up files name

     

       
61
       
61
       
 
       
    # `version` in the project's include paths

     

       
62
       
62
       
 
       
    ./rename-version.patch

     

       
63
       
63
       
+
       
    (fetchpatch {

     

       
64
       
64
       
+
       
      name = "CVE-2024-13978_1.patch";

     

       
65
       
65
       
+
       
      url = "https://gitlab.com/libtiff/libtiff/-/commit/7be20ccaab97455f192de0ac561ceda7cd9e12d1.patch";

     

       
66
       
66
       
+
       
      hash = "sha256-cpsQyIvyP6LkGeQTlLX73iNd1AcPkvZ6Xqfns7G3JBc=";

     

       
67
       
67
       
+
       
    })

     

       
68
       
68
       
+
       
    (fetchpatch {

     

       
69
       
69
       
+
       
      name = "CVE-2024-13978_2.patch";

     

       
70
       
70
       
+
       
      url = "https://gitlab.com/libtiff/libtiff/-/commit/2ebfffb0e8836bfb1cd7d85c059cd285c59761a4.patch";

     

       
71
       
71
       
+
       
      hash = "sha256-cZlLTeB7/nvylf5SLzKF7g91aBERhZxpV5fmWEJVrX4=";

     

       
72
       
72
       
+
       
    })

     

       
73
       
73
       
+
       
    (fetchpatch {

     

       
74
       
74
       
+
       
      name = "CVE-2025-9165.patch";

     

       
75
       
75
       
+
       
      url = "https://gitlab.com/libtiff/libtiff/-/commit/ed141286a37f6e5ddafb5069347ff5d587e7a4e0.patch";

     

       
76
       
76
       
+
       
      hash = "sha256-DIsk8trbHMMTrj6jP5Ae8ciRjHV4CPHdWCN+VbeFnFo=";

     

       
77
       
77
       
+
       
    })

     

       
63
       
78
       
 
       
  ];

     

       
64
       
79
       
 
       


     

       
65
       
80
       
 
       
  postPatch = ''