From 2ab5e39d22dd9698c33a7a6ed8d5266f596f68e0 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Wed, 7 Oct 2015 22:37:17 -0400
Subject: [PATCH] gnu: libvpx: Set size limit to avoid CVE-2015-1258.

* gnu/packages/video.scm (libvpx)[arguments]: Add "--size-limit"
  argument to configure.
---
 gnu/packages/video.scm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 5ec225eb2fb..45c10998f53 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -777,6 +777,8 @@ (define-public libvpx
                      (zero? (system* "./configure"
                                      "--enable-shared"
                                      "--as=yasm"
+                                     ;; Limit size to avoid CVE-2015-1258
+                                     "--size-limit=16384x16384"
                                      (string-append "--prefix=" out)))))
                  %standard-phases)
        #:tests? #f)) ; no check target
-- 
GitLab