diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2021-02-21 18:04:39 +0100 |
---|---|---|
committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2021-02-21 18:24:23 +0100 |
commit | c3b54877209fd9a7a61b62f64daf2254213bf6bd (patch) | |
tree | b785a6477c1522858b032325209c2f929093425f | |
parent | 2f96b9a7b4c083edf79374ceb9d61b5816648276 (diff) | |
download | nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.tar nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.tar.gz nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.tar.bz2 nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.tar.lz nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.tar.xz nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.tar.zst nixpkgs-c3b54877209fd9a7a61b62f64daf2254213bf6bd.zip |
screen: apply patch for CVE-2021-26937
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. Fixes: CVE-2021-26937
-rw-r--r-- | pkgs/tools/misc/screen/default.nix | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/pkgs/tools/misc/screen/default.nix b/pkgs/tools/misc/screen/default.nix index 0443deae077..70a95957855 100644 --- a/pkgs/tools/misc/screen/default.nix +++ b/pkgs/tools/misc/screen/default.nix @@ -16,7 +16,14 @@ stdenv.mkDerivation rec { "--enable-colors256" ]; - patches = lib.optional stdenv.hostPlatform.isMusl + patches = [ + (fetchpatch { + # Fixes denial of services in encoding.c, remove > 4.8.0 + name = "CVE-2021-26937.patch"; + url = "https://salsa.debian.org/debian/screen/-/raw/master/debian/patches/99_CVE-2021-26937.patch"; + sha256 = "05f3p1c7s83nccwkhmavjzgaysxnvq41c7jffs31ra65kcpabqy0"; + }) + ] ++ lib.optional stdenv.hostPlatform.isMusl (fetchpatch { url = "https://gist.githubusercontent.com/yujinakayama/4608863/raw/76b9f89af5e5a2e97d9a0f36aac989fb56cf1447/gistfile1.diff"; sha256 = "0f9bf83p8zdxaa1pr75jyf5g8xr3r8kv7cyzzbpraa1q4j15ss1p"; |