diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2017-12-09 10:59:08 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2017-12-09 11:08:28 +0100 |
commit | cd9231a01a14bc783d1fc7e921730d2cc8523037 (patch) | |
tree | f9677c5c0ef40c09e784dba8ab211712a216ed5e /pkgs/development/libraries/ldns | |
parent | 1592d5a9e7c248af551c9e2b87fb845ff9428966 (diff) | |
download | nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.tar nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.tar.gz nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.tar.bz2 nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.tar.lz nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.tar.xz nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.tar.zst nixpkgs-cd9231a01a14bc783d1fc7e921730d2cc8523037.zip |
ldns: security patches from upstream, /cc #32459
Also use sha256 instead of sha1 for the source.
Diffstat (limited to 'pkgs/development/libraries/ldns')
-rw-r--r-- | pkgs/development/libraries/ldns/default.nix | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/pkgs/development/libraries/ldns/default.nix b/pkgs/development/libraries/ldns/default.nix index f465cf1cc44..6c2a8f84d23 100644 --- a/pkgs/development/libraries/ldns/default.nix +++ b/pkgs/development/libraries/ldns/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl, openssl, perl, dns-root-data}: +{ stdenv, fetchurl, fetchpatch, openssl, perl, dns-root-data }: stdenv.mkDerivation rec { pname = "ldns"; @@ -8,10 +8,25 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://www.nlnetlabs.nl/downloads/ldns/${name}.tar.gz"; - sha1 = "ceeeccf8a27e61a854762737f6ee02f44662c1b8"; + sha256 = "1k56jw4hz8njspfxcfw0czf1smg0n48ylia89ziwyx5k9wdmp7y1"; }; - patchPhase = '' + patches = [ + (fetchpatch { + name = "CVE-2017-1000231.patch"; + url = "https://git.nlnetlabs.nl/ldns/patch/?id=c8391790"; + sha256 = "1rprfh0y1c28dqiy3vgwvwdhn7b5rsylfzzblx5xdhwfqgdw8vn0"; + excludes = [ "Changelog" ]; + }) + (fetchpatch { + name = "CVE-2017-1000232.patch"; + url = "https://git.nlnetlabs.nl/ldns/patch/?id=3bdeed02"; + sha256 = "0bv0s5jjp0sswfg8da47d346iwp9yjhj9w7fa3bxh174br0zj07r"; + excludes = [ "Changelog" ]; + }) + ]; + + postPatch = '' patchShebangs doc/doxyparse.pl ''; |