diff options
author | Robert Scott <code@humanleg.org.uk> | 2023-01-07 13:48:16 +0000 |
---|---|---|
committer | Robert Scott <code@humanleg.org.uk> | 2023-01-07 13:48:16 +0000 |
commit | 764a1d3752ee90998eaa01d42be3f4e6c68beb6e (patch) | |
tree | 7ab6c4d74d7008cce1ca6d2b5999482c924f5b9f | |
parent | ac7445e754463cfcf3942c537dc31425bf9b26b6 (diff) | |
download | nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.tar nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.tar.gz nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.tar.bz2 nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.tar.lz nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.tar.xz nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.tar.zst nixpkgs-764a1d3752ee90998eaa01d42be3f4e6c68beb6e.zip |
libconfuse: add patch for CVE-2022-40320
-rw-r--r-- | pkgs/development/libraries/libconfuse/default.nix | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libconfuse/default.nix b/pkgs/development/libraries/libconfuse/default.nix index 7545fe9617c..91a5a2f26f8 100644 --- a/pkgs/development/libraries/libconfuse/default.nix +++ b/pkgs/development/libraries/libconfuse/default.nix @@ -1,4 +1,10 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, flex }: +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, autoreconfHook +, flex +}: stdenv.mkDerivation rec { pname = "libconfuse"; @@ -11,6 +17,18 @@ stdenv.mkDerivation rec { owner = "martinh"; }; + patches = [ + (fetchpatch { + name = "CVE-2022-40320.patch"; + urls = [ + "https://sources.debian.org/data/main/libc/libconfuse/3.3-3/debian/patches/CVE-2022-40320.patch" + # files on sources.debian.org can disappear + "https://web.archive.org/web/20230107133212/https://sources.debian.org/data/main/libc/libconfuse/3.3-3/debian/patches/CVE-2022-40320.patch" + ]; + sha256 = "sha256-ftfE9JFz4nyRSOb2xHb9BAtgWn5Yv2WLm4RegDLtiBw="; + }) + ]; + postPatch = '' substituteInPlace tests/Makefile.am \ --replace 'TESTS += empty_string' "" \ |