diff options
| author | Vladimír Čunát <v@cunat.cz> | 2019-03-10 09:52:14 +0100 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2019-03-10 09:52:14 +0100 |
| commit | 5767c18d99a035aa642286d1390698ff40d5d231 (patch) | |
| tree | 127462d6068246c1a941ec4a62f0a0fd5d84c4d9 | |
| parent | 2206a3ebadbea29de6f1760687ff6cb6f77b66fc (diff) | |
| download | nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.tar nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.tar.gz nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.tar.bz2 nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.tar.lz nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.tar.xz nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.tar.zst nixpkgs-5767c18d99a035aa642286d1390698ff40d5d231.zip | |
libarchive: apply upstream CVE patches
Fixes #57150.
| -rw-r--r-- | pkgs/development/libraries/libarchive/default.nix | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libarchive/default.nix b/pkgs/development/libraries/libarchive/default.nix index 029be971ac1..f2a1c500a8b 100644 --- a/pkgs/development/libraries/libarchive/default.nix +++ b/pkgs/development/libraries/libarchive/default.nix @@ -17,6 +17,21 @@ stdenv.mkDerivation rec { sha256 = "0bhfncid058p7n1n8v29l6wxm3mhdqfassscihbsxfwz3iwb2zms"; }; + patches = [ + (fetchpatch { + # details: https://github.com/libarchive/libarchive/pull/1105 + name = "cve-2018-1000877.diff"; # CVE-2018-1000877..80 + url = "https://github.com/libarchive/libarchive/pull/1105.diff"; + sha256 = "0mxcawfdy9m40mykzwhkl39a6vnh4ypgy0ipcz74qm4bi72x0gyf"; + }) + (fetchpatch { + # details: https://github.com/libarchive/libarchive/pull/1120 + name = "cve-2019-1000019_cve-2019-1000020.diff"; + url = "https://github.com/libarchive/libarchive/pull/1120.diff"; + sha256 = "1mgx92v8hm7hw9j34nbfriqfkxshh3cy25rhavr7kl7lz4x5a6g4"; + }) + ]; + outputs = [ "out" "lib" "dev" ]; nativeBuildInputs = [ pkgconfig ]; |