diff options
| author | Antoine Eiche <lewo@abesis.fr> | 2017-11-29 08:31:28 +0100 |
|---|---|---|
| committer | Antoine Eiche <lewo@abesis.fr> | 2017-11-29 11:19:50 +0100 |
| commit | 268d3656dbe04fe2eb0423440032dd74937ad427 (patch) | |
| tree | cc0a604d0288a1927b0022dde513197e8a7d27a8 | |
| parent | 0e6ca9e85d76ddb2757d05119f07f4b2fe32b689 (diff) | |
| download | nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.tar nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.tar.gz nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.tar.bz2 nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.tar.lz nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.tar.xz nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.tar.zst nixpkgs-268d3656dbe04fe2eb0423440032dd74937ad427.zip | |
qemu: fix CVE-2017-15118
See https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05045.html
| -rw-r--r-- | pkgs/applications/virtualization/qemu/default.nix | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix index 66e5928ca15..2488bb1ae10 100644 --- a/pkgs/applications/virtualization/qemu/default.nix +++ b/pkgs/applications/virtualization/qemu/default.nix @@ -62,7 +62,12 @@ stdenv.mkDerivation rec { patches = [ ./no-etc-install.patch ] ++ optional nixosTestRunner ./force-uid0-on-9p.patch - ++ optional pulseSupport ./fix-hda-recording.patch; + ++ optional pulseSupport ./fix-hda-recording.patch + ++ [ (fetchpatch { + name = "qemu-CVE-2017-15118.patch"; + url = "http://git.qemu.org/?p=qemu.git;a=patch;h=51ae4f8455c9e32c54770c4ebc25bf86a8128183"; + sha256 = "0f9i096dz3h1i8g92y99vak23rjs1shf7prlcxqizsz0fah7wx7h"; }) + ]; hardeningDisable = [ "stackprotector" ]; |