From 306c46577303b1da62dc799a61816c988779e03c Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Sat, 27 Mar 2021 17:42:10 +0000
Subject: [PATCH] python2Packages.pygments: add patch for CVE-2021-27291

---
 pkgs/development/python-modules/Pygments/2_5.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkgs/development/python-modules/Pygments/2_5.nix b/pkgs/development/python-modules/Pygments/2_5.nix
index a0c40550c9a9..aa59c370d2e7 100644
--- a/pkgs/development/python-modules/Pygments/2_5.nix
+++ b/pkgs/development/python-modules/Pygments/2_5.nix
@@ -1,6 +1,7 @@
 { lib
 , buildPythonPackage
 , fetchPypi
+, fetchpatch
 , docutils
 }:
 
@@ -13,6 +14,15 @@ buildPythonPackage rec {
     sha256 = "98c8aa5a9f778fcd1026a17361ddaf7330d1b7c62ae97c3bb0ae73e0b9b6b0fe";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-27291.patch";
+      url = "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14.patch";
+      sha256 = "0ap7jgkmvkkzijabsgnfrwl376cjsxa4jmzvqysrkwpjq3q4rxpa";
+      excludes = ["CHANGES"];
+    })
+  ];
+
   propagatedBuildInputs = [ docutils ];
 
   # Circular dependency with sphinx