cgit: add patch fixing remote DoS

issue assigned MGASA-2019-0203 by mageia https://www.openwall.com/lists/oss-security/2019/05/19/3
author: Robert Scott <code@humanleg.org.uk> 2019-07-07 16:55:08 +0100
committer: Bjørn Forsman <bjorn.forsman@gmail.com> 2019-07-07 21:01:50 +0200
commit: 49283ed80255101786e7e97c680382c5f52ffde0 (patch)
tree: 221be486afaeb4b0a6fa0358eaa955d4570741cd /pkgs/applications/version-management/git-and-tools/cgit
parent: beff2f8d75ef2c65017fb25e251337c6bb2e950d (diff)
download: nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar
nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.gz
nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.bz2
nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.lz
nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.xz
nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.zst
nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/applications/version-management/git-and-tools/cgit/default.nix b/pkgs/applications/version-management/git-and-tools/cgit/default.nix
index b3941809fb4..6b25ef8518c 100644
--- a/pkgs/applications/version-management/git-and-tools/cgit/default.nix
+++ b/pkgs/applications/version-management/git-and-tools/cgit/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, openssl, zlib, asciidoc, libxml2, libxslt
+{ stdenv, fetchurl, fetchpatch, openssl, zlib, asciidoc, libxml2, libxslt
 , docbook_xsl, pkgconfig, luajit
 , coreutils, gnused, groff, docutils
 , gzip, bzip2, xz
@@ -22,6 +22,14 @@ stdenv.mkDerivation rec {
     sha256 = "14hfwfkrci829a9316hnvkglnqqw1p03cw9k56p4fcb078wbwh4b";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "prevent-dos-limit-path-length.patch";
+      url = "https://git.zx2c4.com/cgit/patch/?id=54c407a74a35d4ee9ffae94cc5bc9096c9f7f54a";
+      sha256 = "1qlbpqsc293lmc9hzwf1j4jr5qlv8cm1r249v3yij5s4wki1595j";
+    })
+  ];
+
   nativeBuildInputs = [ pkgconfig ] ++ [ python wrapPython ];
   buildInputs = [
     openssl zlib asciidoc libxml2 libxslt docbook_xsl luajit
author	Robert Scott <code@humanleg.org.uk>	2019-07-07 16:55:08 +0100
committer	Bjørn Forsman <bjorn.forsman@gmail.com>	2019-07-07 21:01:50 +0200
commit	49283ed80255101786e7e97c680382c5f52ffde0 (patch)
tree	221be486afaeb4b0a6fa0358eaa955d4570741cd /pkgs/applications/version-management/git-and-tools/cgit
parent	beff2f8d75ef2c65017fb25e251337c6bb2e950d (diff)
download	nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.gz nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.bz2 nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.lz nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.xz nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.tar.zst nixpkgs-49283ed80255101786e7e97c680382c5f52ffde0.zip